1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.settings; 18 19 import android.app.Activity; 20 import android.app.StatusBarManager; 21 import android.content.ComponentName; 22 import android.content.Context; 23 import android.content.Intent; 24 import android.content.pm.ActivityInfo; 25 import android.content.pm.PackageManager; 26 import android.content.res.Resources.NotFoundException; 27 import android.media.AudioManager; 28 import android.os.AsyncTask; 29 import android.os.Bundle; 30 import android.os.Handler; 31 import android.os.IBinder; 32 import android.os.Message; 33 import android.os.PowerManager; 34 import android.os.RemoteException; 35 import android.os.ServiceManager; 36 import android.os.UserHandle; 37 import android.os.storage.IStorageManager; 38 import android.os.storage.StorageManager; 39 import android.provider.Settings; 40 import android.sysprop.VoldProperties; 41 import android.telecom.TelecomManager; 42 import android.telephony.TelephonyManager; 43 import android.text.Editable; 44 import android.text.TextUtils; 45 import android.text.TextWatcher; 46 import android.text.format.DateUtils; 47 import android.util.Log; 48 import android.view.KeyEvent; 49 import android.view.MotionEvent; 50 import android.view.View; 51 import android.view.View.OnClickListener; 52 import android.view.View.OnKeyListener; 53 import android.view.View.OnTouchListener; 54 import android.view.WindowManager; 55 import android.view.inputmethod.EditorInfo; 56 import android.view.inputmethod.InputMethodInfo; 57 import android.view.inputmethod.InputMethodManager; 58 import android.view.inputmethod.InputMethodSubtype; 59 import android.widget.Button; 60 import android.widget.ProgressBar; 61 import android.widget.TextView; 62 63 import com.android.internal.widget.LockPatternUtils; 64 import com.android.internal.widget.LockPatternView; 65 import com.android.internal.widget.LockPatternView.Cell; 66 import com.android.internal.widget.LockPatternView.DisplayMode; 67 import com.android.settings.widget.ImeAwareEditText; 68 69 import java.util.List; 70 71 /** 72 * Settings screens to show the UI flows for encrypting/decrypting the device. 73 * 74 * This may be started via adb for debugging the UI layout, without having to go through 75 * encryption flows everytime. It should be noted that starting the activity in this manner 76 * is only useful for verifying UI-correctness - the behavior will not be identical. 77 * <pre> 78 * $ adb shell pm enable com.android.settings/.CryptKeeper 79 * $ adb shell am start \ 80 * -e "com.android.settings.CryptKeeper.DEBUG_FORCE_VIEW" "progress" \ 81 * -n com.android.settings/.CryptKeeper 82 * </pre> 83 */ 84 public class CryptKeeper extends Activity implements TextView.OnEditorActionListener, 85 OnKeyListener, OnTouchListener, TextWatcher { 86 private static final String TAG = "CryptKeeper"; 87 88 private static final String DECRYPT_STATE = "trigger_restart_framework"; 89 90 /** Message sent to us to indicate encryption update progress. */ 91 private static final int MESSAGE_UPDATE_PROGRESS = 1; 92 /** Message sent to us to indicate alerting the user that we are waiting for password entry */ 93 private static final int MESSAGE_NOTIFY = 2; 94 95 // Constants used to control policy. 96 private static final int MAX_FAILED_ATTEMPTS = 30; 97 private static final int COOL_DOWN_ATTEMPTS = 10; 98 99 // Intent action for launching the Emergency Dialer activity. 100 static final String ACTION_EMERGENCY_DIAL = "com.android.phone.EmergencyDialer.DIAL"; 101 102 // Debug Intent extras so that this Activity may be started via adb for debugging UI layouts 103 private static final String EXTRA_FORCE_VIEW = 104 "com.android.settings.CryptKeeper.DEBUG_FORCE_VIEW"; 105 private static final String FORCE_VIEW_PROGRESS = "progress"; 106 private static final String FORCE_VIEW_ERROR = "error"; 107 private static final String FORCE_VIEW_PASSWORD = "password"; 108 109 private static final String STATE_COOLDOWN = "cooldown"; 110 111 /** When encryption is detected, this flag indicates whether or not we've checked for errors. */ 112 private boolean mValidationComplete; 113 private boolean mValidationRequested; 114 /** A flag to indicate that the volume is in a bad state (e.g. partially encrypted). */ 115 private boolean mEncryptionGoneBad; 116 /** If gone bad, should we show encryption failed (false) or corrupt (true)*/ 117 private boolean mCorrupt; 118 /** A flag to indicate when the back event should be ignored */ 119 /** When set, blocks unlocking. Set every COOL_DOWN_ATTEMPTS attempts, only cleared 120 by power cycling phone. */ 121 private boolean mCooldown = false; 122 123 PowerManager.WakeLock mWakeLock; 124 private ImeAwareEditText mPasswordEntry; 125 private LockPatternView mLockPatternView; 126 /** Number of calls to {@link #notifyUser()} to ignore before notifying. */ 127 private int mNotificationCountdown = 0; 128 /** Number of calls to {@link #notifyUser()} before we release the wakelock */ 129 private int mReleaseWakeLockCountdown = 0; 130 private int mStatusString = R.string.enter_password; 131 132 // how long we wait to clear a wrong pattern 133 private static final int WRONG_PATTERN_CLEAR_TIMEOUT_MS = 1500; 134 135 // how long we wait to clear a right pattern 136 private static final int RIGHT_PATTERN_CLEAR_TIMEOUT_MS = 500; 137 138 // When the user enters a short pin/password, run this to show an error, 139 // but don't count it against attempts. 140 private final Runnable mFakeUnlockAttemptRunnable = new Runnable() { 141 @Override 142 public void run() { 143 handleBadAttempt(1 /* failedAttempt */); 144 } 145 }; 146 147 // TODO: this should be tuned to match minimum decryption timeout 148 private static final int FAKE_ATTEMPT_DELAY = 1000; 149 150 private final Runnable mClearPatternRunnable = new Runnable() { 151 @Override 152 public void run() { 153 mLockPatternView.clearPattern(); 154 } 155 }; 156 157 /** 158 * Used to propagate state through configuration changes (e.g. screen rotation) 159 */ 160 private static class NonConfigurationInstanceState { 161 final PowerManager.WakeLock wakelock; 162 NonConfigurationInstanceState(PowerManager.WakeLock _wakelock)163 NonConfigurationInstanceState(PowerManager.WakeLock _wakelock) { 164 wakelock = _wakelock; 165 } 166 } 167 168 private class DecryptTask extends AsyncTask<String, Void, Integer> { hide(int id)169 private void hide(int id) { 170 View view = findViewById(id); 171 if (view != null) { 172 view.setVisibility(View.GONE); 173 } 174 } 175 176 @Override onPreExecute()177 protected void onPreExecute() { 178 super.onPreExecute(); 179 beginAttempt(); 180 } 181 182 @Override doInBackground(String... params)183 protected Integer doInBackground(String... params) { 184 final IStorageManager service = getStorageManager(); 185 try { 186 return service.decryptStorage(params[0]); 187 } catch (Exception e) { 188 Log.e(TAG, "Error while decrypting...", e); 189 return -1; 190 } 191 } 192 193 @Override onPostExecute(Integer failedAttempts)194 protected void onPostExecute(Integer failedAttempts) { 195 if (failedAttempts == 0) { 196 // The password was entered successfully. Simply do nothing 197 // and wait for the service restart to switch to surfacefligner 198 if (mLockPatternView != null) { 199 mLockPatternView.removeCallbacks(mClearPatternRunnable); 200 mLockPatternView.postDelayed(mClearPatternRunnable, RIGHT_PATTERN_CLEAR_TIMEOUT_MS); 201 } 202 final TextView status = (TextView) findViewById(R.id.status); 203 status.setText(R.string.starting_android); 204 hide(R.id.passwordEntry); 205 hide(R.id.switch_ime_button); 206 hide(R.id.lockPattern); 207 hide(R.id.owner_info); 208 hide(R.id.emergencyCallButton); 209 } else if (failedAttempts == MAX_FAILED_ATTEMPTS) { 210 // Factory reset the device. 211 Intent intent = new Intent(Intent.ACTION_FACTORY_RESET); 212 intent.setPackage("android"); 213 intent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND); 214 intent.putExtra(Intent.EXTRA_REASON, "CryptKeeper.MAX_FAILED_ATTEMPTS"); 215 sendBroadcast(intent); 216 } else if (failedAttempts == -1) { 217 // Right password, but decryption failed. Tell user bad news ... 218 setContentView(R.layout.crypt_keeper_progress); 219 showFactoryReset(true); 220 return; 221 } else { 222 handleBadAttempt(failedAttempts); 223 } 224 } 225 } 226 beginAttempt()227 private void beginAttempt() { 228 final TextView status = (TextView) findViewById(R.id.status); 229 status.setText(R.string.checking_decryption); 230 } 231 handleBadAttempt(Integer failedAttempts)232 private void handleBadAttempt(Integer failedAttempts) { 233 // Wrong entry. Handle pattern case. 234 if (mLockPatternView != null) { 235 mLockPatternView.setDisplayMode(DisplayMode.Wrong); 236 mLockPatternView.removeCallbacks(mClearPatternRunnable); 237 mLockPatternView.postDelayed(mClearPatternRunnable, WRONG_PATTERN_CLEAR_TIMEOUT_MS); 238 } 239 if ((failedAttempts % COOL_DOWN_ATTEMPTS) == 0) { 240 mCooldown = true; 241 // No need to setBackFunctionality(false) - it's already done 242 // at this point. 243 cooldown(); 244 } else { 245 final TextView status = (TextView) findViewById(R.id.status); 246 247 int remainingAttempts = MAX_FAILED_ATTEMPTS - failedAttempts; 248 if (remainingAttempts < COOL_DOWN_ATTEMPTS) { 249 CharSequence warningTemplate = getText(R.string.crypt_keeper_warn_wipe); 250 CharSequence warning = TextUtils.expandTemplate(warningTemplate, 251 Integer.toString(remainingAttempts)); 252 status.setText(warning); 253 } else { 254 int passwordType = StorageManager.CRYPT_TYPE_PASSWORD; 255 try { 256 final IStorageManager service = getStorageManager(); 257 passwordType = service.getPasswordType(); 258 } catch (Exception e) { 259 Log.e(TAG, "Error calling mount service " + e); 260 } 261 262 if (passwordType == StorageManager.CRYPT_TYPE_PIN) { 263 status.setText(R.string.cryptkeeper_wrong_pin); 264 } else if (passwordType == StorageManager.CRYPT_TYPE_PATTERN) { 265 status.setText(R.string.cryptkeeper_wrong_pattern); 266 } else { 267 status.setText(R.string.cryptkeeper_wrong_password); 268 } 269 } 270 271 if (mLockPatternView != null) { 272 mLockPatternView.setDisplayMode(DisplayMode.Wrong); 273 mLockPatternView.setEnabled(true); 274 } 275 276 // Reenable the password entry 277 if (mPasswordEntry != null) { 278 mPasswordEntry.setEnabled(true); 279 mPasswordEntry.scheduleShowSoftInput(); 280 setBackFunctionality(true); 281 } 282 } 283 } 284 285 private class ValidationTask extends AsyncTask<Void, Void, Boolean> { 286 int state; 287 288 @Override doInBackground(Void... params)289 protected Boolean doInBackground(Void... params) { 290 final IStorageManager service = getStorageManager(); 291 try { 292 Log.d(TAG, "Validating encryption state."); 293 state = service.getEncryptionState(); 294 if (state == StorageManager.ENCRYPTION_STATE_NONE) { 295 Log.w(TAG, "Unexpectedly in CryptKeeper even though there is no encryption."); 296 return true; // Unexpected, but fine, I guess... 297 } 298 return state == StorageManager.ENCRYPTION_STATE_OK; 299 } catch (RemoteException e) { 300 Log.w(TAG, "Unable to get encryption state properly"); 301 return true; 302 } 303 } 304 305 @Override onPostExecute(Boolean result)306 protected void onPostExecute(Boolean result) { 307 mValidationComplete = true; 308 if (Boolean.FALSE.equals(result)) { 309 Log.w(TAG, "Incomplete, or corrupted encryption detected. Prompting user to wipe."); 310 mEncryptionGoneBad = true; 311 mCorrupt = state == StorageManager.ENCRYPTION_STATE_ERROR_CORRUPT; 312 } else { 313 Log.d(TAG, "Encryption state validated. Proceeding to configure UI"); 314 } 315 setupUi(); 316 } 317 } 318 319 private final Handler mHandler = new Handler() { 320 @Override 321 public void handleMessage(Message msg) { 322 switch (msg.what) { 323 case MESSAGE_UPDATE_PROGRESS: 324 updateProgress(); 325 break; 326 327 case MESSAGE_NOTIFY: 328 notifyUser(); 329 break; 330 } 331 } 332 }; 333 334 private AudioManager mAudioManager; 335 /** The status bar where back/home/recent buttons are shown. */ 336 private StatusBarManager mStatusBar; 337 338 /** All the widgets to disable in the status bar */ 339 final private static int sWidgetsToDisable = StatusBarManager.DISABLE_EXPAND 340 | StatusBarManager.DISABLE_NOTIFICATION_ICONS 341 | StatusBarManager.DISABLE_NOTIFICATION_ALERTS 342 | StatusBarManager.DISABLE_HOME 343 | StatusBarManager.DISABLE_SEARCH 344 | StatusBarManager.DISABLE_RECENT; 345 346 protected static final int MIN_LENGTH_BEFORE_REPORT = LockPatternUtils.MIN_LOCK_PATTERN_SIZE; 347 348 /** @return whether or not this Activity was started for debugging the UI only. */ isDebugView()349 private boolean isDebugView() { 350 return getIntent().hasExtra(EXTRA_FORCE_VIEW); 351 } 352 353 /** @return whether or not this Activity was started for debugging the specific UI view only. */ isDebugView(String viewType )354 private boolean isDebugView(String viewType /* non-nullable */) { 355 return viewType.equals(getIntent().getStringExtra(EXTRA_FORCE_VIEW)); 356 } 357 358 /** 359 * Notify the user that we are awaiting input. Currently this sends an audio alert. 360 */ notifyUser()361 private void notifyUser() { 362 if (mNotificationCountdown > 0) { 363 --mNotificationCountdown; 364 } else if (mAudioManager != null) { 365 try { 366 // Play the standard keypress sound at full volume. This should be available on 367 // every device. We cannot play a ringtone here because media services aren't 368 // available yet. A DTMF-style tone is too soft to be noticed, and might not exist 369 // on tablet devices. The idea is to alert the user that something is needed: this 370 // does not have to be pleasing. 371 mAudioManager.playSoundEffect(AudioManager.FX_KEYPRESS_STANDARD, 100); 372 } catch (Exception e) { 373 Log.w(TAG, "notifyUser: Exception while playing sound: " + e); 374 } 375 } 376 // Notify the user again in 5 seconds. 377 mHandler.removeMessages(MESSAGE_NOTIFY); 378 mHandler.sendEmptyMessageDelayed(MESSAGE_NOTIFY, 5 * 1000); 379 380 if (mWakeLock.isHeld()) { 381 if (mReleaseWakeLockCountdown > 0) { 382 --mReleaseWakeLockCountdown; 383 } else { 384 mWakeLock.release(); 385 } 386 } 387 } 388 389 /** 390 * Ignore back events from this activity always - there's nowhere to go back 391 * to 392 */ 393 @Override onBackPressed()394 public void onBackPressed() { 395 } 396 397 @Override onCreate(Bundle savedInstanceState)398 public void onCreate(Bundle savedInstanceState) { 399 super.onCreate(savedInstanceState); 400 401 // If we are not encrypted or encrypting, get out quickly. 402 final String state = VoldProperties.decrypt().orElse(""); 403 if (!isDebugView() && ("".equals(state) || DECRYPT_STATE.equals(state))) { 404 disableCryptKeeperComponent(this); 405 // Typically CryptKeeper is launched as the home app. We didn't 406 // want to be running, so need to finish this activity. We can count 407 // on the activity manager re-launching the new home app upon finishing 408 // this one, since this will leave the activity stack empty. 409 // NOTE: This is really grungy. I think it would be better for the 410 // activity manager to explicitly launch the crypt keeper instead of 411 // home in the situation where we need to decrypt the device 412 finish(); 413 return; 414 } 415 416 try { 417 if (getResources().getBoolean(R.bool.crypt_keeper_allow_rotation)) { 418 setRequestedOrientation(ActivityInfo.SCREEN_ORIENTATION_UNSPECIFIED); 419 } 420 } catch (NotFoundException e) { 421 } 422 423 // Disable the status bar, but do NOT disable back because the user needs a way to go 424 // from keyboard settings and back to the password screen. 425 mStatusBar = (StatusBarManager) getSystemService(Context.STATUS_BAR_SERVICE); 426 mStatusBar.disable(sWidgetsToDisable); 427 428 if (savedInstanceState != null) { 429 mCooldown = savedInstanceState.getBoolean(STATE_COOLDOWN); 430 } 431 432 setAirplaneModeIfNecessary(); 433 mAudioManager = (AudioManager) getSystemService(Context.AUDIO_SERVICE); 434 // Check for (and recover) retained instance data 435 final Object lastInstance = getLastNonConfigurationInstance(); 436 if (lastInstance instanceof NonConfigurationInstanceState) { 437 NonConfigurationInstanceState retained = (NonConfigurationInstanceState) lastInstance; 438 mWakeLock = retained.wakelock; 439 Log.d(TAG, "Restoring wakelock from NonConfigurationInstanceState"); 440 } 441 } 442 443 @Override onSaveInstanceState(Bundle savedInstanceState)444 public void onSaveInstanceState(Bundle savedInstanceState) { 445 savedInstanceState.putBoolean(STATE_COOLDOWN, mCooldown); 446 } 447 448 /** 449 * Note, we defer the state check and screen setup to onStart() because this will be 450 * re-run if the user clicks the power button (sleeping/waking the screen), and this is 451 * especially important if we were to lose the wakelock for any reason. 452 */ 453 @Override onStart()454 public void onStart() { 455 super.onStart(); 456 setupUi(); 457 } 458 459 /** 460 * Initializes the UI based on the current state of encryption. 461 * This is idempotent - calling repeatedly will simply re-initialize the UI. 462 */ setupUi()463 private void setupUi() { 464 if (mEncryptionGoneBad || isDebugView(FORCE_VIEW_ERROR)) { 465 setContentView(R.layout.crypt_keeper_progress); 466 showFactoryReset(mCorrupt); 467 return; 468 } 469 470 final String progress = VoldProperties.encrypt_progress().orElse(""); 471 if (!"".equals(progress) || isDebugView(FORCE_VIEW_PROGRESS)) { 472 setContentView(R.layout.crypt_keeper_progress); 473 encryptionProgressInit(); 474 } else if (mValidationComplete || isDebugView(FORCE_VIEW_PASSWORD)) { 475 new AsyncTask<Void, Void, Void>() { 476 int passwordType = StorageManager.CRYPT_TYPE_PASSWORD; 477 String owner_info; 478 boolean pattern_visible; 479 boolean password_visible; 480 481 @Override 482 public Void doInBackground(Void... v) { 483 try { 484 final IStorageManager service = getStorageManager(); 485 passwordType = service.getPasswordType(); 486 owner_info = service.getField(StorageManager.OWNER_INFO_KEY); 487 pattern_visible = !("0".equals(service.getField(StorageManager.PATTERN_VISIBLE_KEY))); 488 password_visible = !("0".equals(service.getField(StorageManager.PASSWORD_VISIBLE_KEY))); 489 } catch (Exception e) { 490 Log.e(TAG, "Error calling mount service " + e); 491 } 492 493 return null; 494 } 495 496 @Override 497 public void onPostExecute(java.lang.Void v) { 498 Settings.System.putInt(getContentResolver(), Settings.System.TEXT_SHOW_PASSWORD, 499 password_visible ? 1 : 0); 500 501 if (passwordType == StorageManager.CRYPT_TYPE_PIN) { 502 setContentView(R.layout.crypt_keeper_pin_entry); 503 mStatusString = R.string.enter_pin; 504 } else if (passwordType == StorageManager.CRYPT_TYPE_PATTERN) { 505 setContentView(R.layout.crypt_keeper_pattern_entry); 506 setBackFunctionality(false); 507 mStatusString = R.string.enter_pattern; 508 } else { 509 setContentView(R.layout.crypt_keeper_password_entry); 510 mStatusString = R.string.enter_password; 511 } 512 final TextView status = (TextView) findViewById(R.id.status); 513 status.setText(mStatusString); 514 515 final TextView ownerInfo = (TextView) findViewById(R.id.owner_info); 516 ownerInfo.setText(owner_info); 517 ownerInfo.setSelected(true); // Required for marquee'ing to work 518 519 passwordEntryInit(); 520 521 findViewById(android.R.id.content).setSystemUiVisibility(View.STATUS_BAR_DISABLE_BACK); 522 523 if (mLockPatternView != null) { 524 mLockPatternView.setInStealthMode(!pattern_visible); 525 } 526 if (mCooldown) { 527 // in case we are cooling down and coming back from emergency dialler 528 setBackFunctionality(false); 529 cooldown(); 530 } 531 532 } 533 }.execute(); 534 } else if (!mValidationRequested) { 535 // We're supposed to be encrypted, but no validation has been done. 536 new ValidationTask().execute((Void[]) null); 537 mValidationRequested = true; 538 } 539 } 540 541 @Override onStop()542 public void onStop() { 543 super.onStop(); 544 mHandler.removeMessages(MESSAGE_UPDATE_PROGRESS); 545 mHandler.removeMessages(MESSAGE_NOTIFY); 546 } 547 548 /** 549 * Reconfiguring, so propagate the wakelock to the next instance. This runs between onStop() 550 * and onDestroy() and only if we are changing configuration (e.g. rotation). Also clears 551 * mWakeLock so the subsequent call to onDestroy does not release it. 552 */ 553 @Override onRetainNonConfigurationInstance()554 public Object onRetainNonConfigurationInstance() { 555 NonConfigurationInstanceState state = new NonConfigurationInstanceState(mWakeLock); 556 Log.d(TAG, "Handing wakelock off to NonConfigurationInstanceState"); 557 mWakeLock = null; 558 return state; 559 } 560 561 @Override onDestroy()562 public void onDestroy() { 563 super.onDestroy(); 564 565 if (mWakeLock != null) { 566 Log.d(TAG, "Releasing and destroying wakelock"); 567 mWakeLock.release(); 568 mWakeLock = null; 569 } 570 } 571 572 /** 573 * Start encrypting the device. 574 */ encryptionProgressInit()575 private void encryptionProgressInit() { 576 // Accquire a partial wakelock to prevent the device from sleeping. Note 577 // we never release this wakelock as we will be restarted after the device 578 // is encrypted. 579 Log.d(TAG, "Encryption progress screen initializing."); 580 if (mWakeLock == null) { 581 Log.d(TAG, "Acquiring wakelock."); 582 PowerManager pm = (PowerManager) getSystemService(Context.POWER_SERVICE); 583 mWakeLock = pm.newWakeLock(PowerManager.FULL_WAKE_LOCK, TAG); 584 mWakeLock.acquire(); 585 } 586 587 ((ProgressBar) findViewById(R.id.progress_bar)).setIndeterminate(true); 588 // Ignore all back presses from now, both hard and soft keys. 589 setBackFunctionality(false); 590 // Start the first run of progress manually. This method sets up messages to occur at 591 // repeated intervals. 592 updateProgress(); 593 } 594 595 /** 596 * Show factory reset screen allowing the user to reset their phone when 597 * there is nothing else we can do 598 * @param corrupt true if userdata is corrupt, false if encryption failed 599 * partway through 600 */ showFactoryReset(final boolean corrupt)601 private void showFactoryReset(final boolean corrupt) { 602 // Hide the encryption-bot to make room for the "factory reset" button 603 findViewById(R.id.encroid).setVisibility(View.GONE); 604 605 // Show the reset button, failure text, and a divider 606 final Button button = (Button) findViewById(R.id.factory_reset); 607 button.setVisibility(View.VISIBLE); 608 button.setOnClickListener(new OnClickListener() { 609 @Override 610 public void onClick(View v) { 611 // Factory reset the device. 612 Intent intent = new Intent(Intent.ACTION_FACTORY_RESET); 613 intent.setPackage("android"); 614 intent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND); 615 intent.putExtra(Intent.EXTRA_REASON, 616 "CryptKeeper.showFactoryReset() corrupt=" + corrupt); 617 sendBroadcast(intent); 618 } 619 }); 620 621 // Alert the user of the failure. 622 if (corrupt) { 623 ((TextView) findViewById(R.id.title)).setText(R.string.crypt_keeper_data_corrupt_title); 624 ((TextView) findViewById(R.id.status)).setText(R.string.crypt_keeper_data_corrupt_summary); 625 } else { 626 ((TextView) findViewById(R.id.title)).setText(R.string.crypt_keeper_failed_title); 627 ((TextView) findViewById(R.id.status)).setText(R.string.crypt_keeper_failed_summary); 628 } 629 630 final View view = findViewById(R.id.bottom_divider); 631 // TODO(viki): Why would the bottom divider be missing in certain layouts? Investigate. 632 if (view != null) { 633 view.setVisibility(View.VISIBLE); 634 } 635 } 636 updateProgress()637 private void updateProgress() { 638 final String state = VoldProperties.encrypt_progress().orElse(""); 639 640 if ("error_partially_encrypted".equals(state)) { 641 showFactoryReset(false); 642 return; 643 } 644 645 // Get status as percentage first 646 CharSequence status = getText(R.string.crypt_keeper_setup_description); 647 int percent = 0; 648 try { 649 // Force a 50% progress state when debugging the view. 650 percent = isDebugView() ? 50 : Integer.parseInt(state); 651 } catch (Exception e) { 652 Log.w(TAG, "Error parsing progress: " + e.toString()); 653 } 654 String progress = Integer.toString(percent); 655 656 // Now try to get status as time remaining and replace as appropriate 657 Log.v(TAG, "Encryption progress: " + progress); 658 try { 659 int time = VoldProperties.encrypt_time_remaining().get(); 660 if (time >= 0) { 661 // Round up to multiple of 10 - this way display is less jerky 662 time = (time + 9) / 10 * 10; 663 progress = DateUtils.formatElapsedTime(time); 664 status = getText(R.string.crypt_keeper_setup_time_remaining); 665 } 666 } catch (Exception e) { 667 // Will happen if no time etc - show percentage 668 } 669 670 final TextView tv = (TextView) findViewById(R.id.status); 671 if (tv != null) { 672 tv.setText(TextUtils.expandTemplate(status, progress)); 673 } 674 675 // Check the progress every 1 seconds 676 mHandler.removeMessages(MESSAGE_UPDATE_PROGRESS); 677 mHandler.sendEmptyMessageDelayed(MESSAGE_UPDATE_PROGRESS, 1000); 678 } 679 680 /** Insist on a power cycle to force the user to waste time between retries. 681 * 682 * Call setBackFunctionality(false) before calling this. */ cooldown()683 private void cooldown() { 684 // Disable the password entry. 685 if (mPasswordEntry != null) { 686 mPasswordEntry.setEnabled(false); 687 } 688 if (mLockPatternView != null) { 689 mLockPatternView.setEnabled(false); 690 } 691 692 final TextView status = (TextView) findViewById(R.id.status); 693 status.setText(R.string.crypt_keeper_force_power_cycle); 694 } 695 696 /** 697 * Sets the back status: enabled or disabled according to the parameter. 698 * @param isEnabled true if back is enabled, false otherwise. 699 */ setBackFunctionality(boolean isEnabled)700 private final void setBackFunctionality(boolean isEnabled) { 701 if (isEnabled) { 702 mStatusBar.disable(sWidgetsToDisable); 703 } else { 704 mStatusBar.disable(sWidgetsToDisable | StatusBarManager.DISABLE_BACK); 705 } 706 } 707 fakeUnlockAttempt(View postingView)708 private void fakeUnlockAttempt(View postingView) { 709 beginAttempt(); 710 postingView.postDelayed(mFakeUnlockAttemptRunnable, FAKE_ATTEMPT_DELAY); 711 } 712 713 protected LockPatternView.OnPatternListener mChooseNewLockPatternListener = 714 new LockPatternView.OnPatternListener() { 715 716 @Override 717 public void onPatternStart() { 718 mLockPatternView.removeCallbacks(mClearPatternRunnable); 719 } 720 721 @Override 722 public void onPatternCleared() { 723 } 724 725 @Override 726 public void onPatternDetected(List<LockPatternView.Cell> pattern) { 727 mLockPatternView.setEnabled(false); 728 if (pattern.size() >= MIN_LENGTH_BEFORE_REPORT) { 729 new DecryptTask().execute(LockPatternUtils.patternToString(pattern)); 730 } else { 731 // Allow user to make as many of these as they want. 732 fakeUnlockAttempt(mLockPatternView); 733 } 734 } 735 736 @Override 737 public void onPatternCellAdded(List<Cell> pattern) { 738 } 739 }; 740 passwordEntryInit()741 private void passwordEntryInit() { 742 // Password/pin case 743 mPasswordEntry = (ImeAwareEditText) findViewById(R.id.passwordEntry); 744 if (mPasswordEntry != null){ 745 mPasswordEntry.setOnEditorActionListener(this); 746 mPasswordEntry.requestFocus(); 747 // Become quiet when the user interacts with the Edit text screen. 748 mPasswordEntry.setOnKeyListener(this); 749 mPasswordEntry.setOnTouchListener(this); 750 mPasswordEntry.addTextChangedListener(this); 751 } 752 753 // Pattern case 754 mLockPatternView = (LockPatternView) findViewById(R.id.lockPattern); 755 if (mLockPatternView != null) { 756 mLockPatternView.setOnPatternListener(mChooseNewLockPatternListener); 757 } 758 759 // Disable the Emergency call button if the device has no voice telephone capability 760 if (!getTelephonyManager().isVoiceCapable()) { 761 final View emergencyCall = findViewById(R.id.emergencyCallButton); 762 if (emergencyCall != null) { 763 Log.d(TAG, "Removing the emergency Call button"); 764 emergencyCall.setVisibility(View.GONE); 765 } 766 } 767 768 final View imeSwitcher = findViewById(R.id.switch_ime_button); 769 final InputMethodManager imm = (InputMethodManager) getSystemService( 770 Context.INPUT_METHOD_SERVICE); 771 if (imeSwitcher != null && hasMultipleEnabledIMEsOrSubtypes(imm, false)) { 772 imeSwitcher.setVisibility(View.VISIBLE); 773 imeSwitcher.setOnClickListener(new OnClickListener() { 774 @Override 775 public void onClick(View v) { 776 imm.showInputMethodPickerFromSystem(false /* showAuxiliarySubtypes */, 777 v.getDisplay().getDisplayId()); 778 } 779 }); 780 } 781 782 // We want to keep the screen on while waiting for input. In minimal boot mode, the device 783 // is completely non-functional, and we want the user to notice the device and enter a 784 // password. 785 if (mWakeLock == null) { 786 Log.d(TAG, "Acquiring wakelock."); 787 final PowerManager pm = (PowerManager) getSystemService(Context.POWER_SERVICE); 788 if (pm != null) { 789 mWakeLock = pm.newWakeLock(PowerManager.FULL_WAKE_LOCK, TAG); 790 mWakeLock.acquire(); 791 // Keep awake for 10 minutes - if the user hasn't been alerted by then 792 // best not to just drain their battery 793 mReleaseWakeLockCountdown = 96; // 96 * 5 secs per click + 120 secs before we show this = 600 794 } 795 } 796 797 // Make sure that the IME is shown when everything becomes ready. 798 if (mLockPatternView == null && !mCooldown) { 799 getWindow().setSoftInputMode( 800 WindowManager.LayoutParams.SOFT_INPUT_STATE_ALWAYS_VISIBLE); 801 if (mPasswordEntry != null) { 802 mPasswordEntry.scheduleShowSoftInput(); 803 } 804 } 805 806 updateEmergencyCallButtonState(); 807 // Notify the user in 120 seconds that we are waiting for him to enter the password. 808 mHandler.removeMessages(MESSAGE_NOTIFY); 809 mHandler.sendEmptyMessageDelayed(MESSAGE_NOTIFY, 120 * 1000); 810 811 // Dismiss secure & non-secure keyguards while this screen is showing. 812 getWindow().addFlags(WindowManager.LayoutParams.FLAG_DISMISS_KEYGUARD 813 | WindowManager.LayoutParams.FLAG_SHOW_WHEN_LOCKED); 814 } 815 816 /** 817 * Method adapted from com.android.inputmethod.latin.Utils 818 * 819 * @param imm The input method manager 820 * @param shouldIncludeAuxiliarySubtypes 821 * @return true if we have multiple IMEs to choose from 822 */ hasMultipleEnabledIMEsOrSubtypes(InputMethodManager imm, final boolean shouldIncludeAuxiliarySubtypes)823 private boolean hasMultipleEnabledIMEsOrSubtypes(InputMethodManager imm, 824 final boolean shouldIncludeAuxiliarySubtypes) { 825 final List<InputMethodInfo> enabledImis = imm.getEnabledInputMethodList(); 826 827 // Number of the filtered IMEs 828 int filteredImisCount = 0; 829 830 for (InputMethodInfo imi : enabledImis) { 831 // We can return true immediately after we find two or more filtered IMEs. 832 if (filteredImisCount > 1) return true; 833 final List<InputMethodSubtype> subtypes = 834 imm.getEnabledInputMethodSubtypeList(imi, true); 835 // IMEs that have no subtypes should be counted. 836 if (subtypes.isEmpty()) { 837 ++filteredImisCount; 838 continue; 839 } 840 841 int auxCount = 0; 842 for (InputMethodSubtype subtype : subtypes) { 843 if (subtype.isAuxiliary()) { 844 ++auxCount; 845 } 846 } 847 final int nonAuxCount = subtypes.size() - auxCount; 848 849 // IMEs that have one or more non-auxiliary subtypes should be counted. 850 // If shouldIncludeAuxiliarySubtypes is true, IMEs that have two or more auxiliary 851 // subtypes should be counted as well. 852 if (nonAuxCount > 0 || (shouldIncludeAuxiliarySubtypes && auxCount > 1)) { 853 ++filteredImisCount; 854 continue; 855 } 856 } 857 858 return filteredImisCount > 1 859 // imm.getEnabledInputMethodSubtypeList(null, false) will return the current IME's enabled 860 // input method subtype (The current IME should be LatinIME.) 861 || imm.getEnabledInputMethodSubtypeList(null, false).size() > 1; 862 } 863 getStorageManager()864 private IStorageManager getStorageManager() { 865 final IBinder service = ServiceManager.getService("mount"); 866 if (service != null) { 867 return IStorageManager.Stub.asInterface(service); 868 } 869 return null; 870 } 871 872 @Override onEditorAction(TextView v, int actionId, KeyEvent event)873 public boolean onEditorAction(TextView v, int actionId, KeyEvent event) { 874 if (actionId == EditorInfo.IME_NULL || actionId == EditorInfo.IME_ACTION_DONE) { 875 // Get the password 876 final String password = v.getText().toString(); 877 878 if (TextUtils.isEmpty(password)) { 879 return true; 880 } 881 882 // Now that we have the password clear the password field. 883 v.setText(null); 884 885 // Disable the password entry and back keypress while checking the password. These 886 // we either be re-enabled if the password was wrong or after the cooldown period. 887 mPasswordEntry.setEnabled(false); 888 setBackFunctionality(false); 889 890 if (password.length() >= LockPatternUtils.MIN_LOCK_PASSWORD_SIZE) { 891 new DecryptTask().execute(password); 892 } else { 893 // Allow user to make as many of these as they want. 894 fakeUnlockAttempt(mPasswordEntry); 895 } 896 897 return true; 898 } 899 return false; 900 } 901 902 /** 903 * Set airplane mode on the device if it isn't an LTE device. 904 * Full story: In minimal boot mode, we cannot save any state. In particular, we cannot save 905 * any incoming SMS's. So SMSs that are received here will be silently dropped to the floor. 906 * That is bad. Also, we cannot receive any telephone calls in this state. So to avoid 907 * both these problems, we turn the radio off. However, on certain networks turning on and 908 * off the radio takes a long time. In such cases, we are better off leaving the radio 909 * running so the latency of an E911 call is short. 910 * The behavior after this is: 911 * 1. Emergency dialing: the emergency dialer has logic to force the device out of 912 * airplane mode and restart the radio. 913 * 2. Full boot: we read the persistent settings from the previous boot and restore the 914 * radio to whatever it was before it restarted. This also happens when rebooting a 915 * phone that has no encryption. 916 */ setAirplaneModeIfNecessary()917 private final void setAirplaneModeIfNecessary() { 918 if (!getTelephonyManager().isLteCdmaEvdoGsmWcdmaEnabled()) { 919 Log.d(TAG, "Going into airplane mode."); 920 Settings.Global.putInt(getContentResolver(), Settings.Global.AIRPLANE_MODE_ON, 1); 921 final Intent intent = new Intent(Intent.ACTION_AIRPLANE_MODE_CHANGED); 922 intent.putExtra("state", true); 923 sendBroadcastAsUser(intent, UserHandle.ALL); 924 } 925 } 926 927 /** 928 * Code to update the state of, and handle clicks from, the "Emergency call" button. 929 * 930 * This code is mostly duplicated from the corresponding code in 931 * LockPatternUtils and LockPatternKeyguardView under frameworks/base. 932 */ updateEmergencyCallButtonState()933 private void updateEmergencyCallButtonState() { 934 final Button emergencyCall = (Button) findViewById(R.id.emergencyCallButton); 935 // The button isn't present at all in some configurations. 936 if (emergencyCall == null) 937 return; 938 939 if (isEmergencyCallCapable()) { 940 emergencyCall.setVisibility(View.VISIBLE); 941 emergencyCall.setOnClickListener(new View.OnClickListener() { 942 @Override 943 944 public void onClick(View v) { 945 takeEmergencyCallAction(); 946 } 947 }); 948 } else { 949 emergencyCall.setVisibility(View.GONE); 950 return; 951 } 952 953 int textId; 954 if (getTelecomManager().isInCall()) { 955 // Show "return to call" 956 textId = R.string.cryptkeeper_return_to_call; 957 } else { 958 textId = R.string.cryptkeeper_emergency_call; 959 } 960 emergencyCall.setText(textId); 961 } 962 isEmergencyCallCapable()963 private boolean isEmergencyCallCapable() { 964 return getTelephonyManager().isVoiceCapable(); 965 } 966 takeEmergencyCallAction()967 private void takeEmergencyCallAction() { 968 TelecomManager telecomManager = getTelecomManager(); 969 if (telecomManager.isInCall()) { 970 telecomManager.showInCallScreen(false /* showDialpad */); 971 } else { 972 launchEmergencyDialer(); 973 } 974 } 975 976 launchEmergencyDialer()977 private void launchEmergencyDialer() { 978 final Intent intent = new Intent(ACTION_EMERGENCY_DIAL); 979 intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK 980 | Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS); 981 setBackFunctionality(true); 982 startActivity(intent); 983 } 984 getTelephonyManager()985 private TelephonyManager getTelephonyManager() { 986 return (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE); 987 } 988 getTelecomManager()989 private TelecomManager getTelecomManager() { 990 return (TelecomManager) getSystemService(Context.TELECOM_SERVICE); 991 } 992 993 /** 994 * Listen to key events so we can disable sounds when we get a keyinput in EditText. 995 */ delayAudioNotification()996 private void delayAudioNotification() { 997 mNotificationCountdown = 20; 998 } 999 1000 @Override onKey(View v, int keyCode, KeyEvent event)1001 public boolean onKey(View v, int keyCode, KeyEvent event) { 1002 delayAudioNotification(); 1003 return false; 1004 } 1005 1006 @Override onTouch(View v, MotionEvent event)1007 public boolean onTouch(View v, MotionEvent event) { 1008 delayAudioNotification(); 1009 return false; 1010 } 1011 1012 @Override beforeTextChanged(CharSequence s, int start, int count, int after)1013 public void beforeTextChanged(CharSequence s, int start, int count, int after) { 1014 return; 1015 } 1016 1017 @Override onTextChanged(CharSequence s, int start, int before, int count)1018 public void onTextChanged(CharSequence s, int start, int before, int count) { 1019 delayAudioNotification(); 1020 } 1021 1022 @Override afterTextChanged(Editable s)1023 public void afterTextChanged(Editable s) { 1024 return; 1025 } 1026 disableCryptKeeperComponent(Context context)1027 private static void disableCryptKeeperComponent(Context context) { 1028 PackageManager pm = context.getPackageManager(); 1029 ComponentName name = new ComponentName(context, CryptKeeper.class); 1030 Log.d(TAG, "Disabling component " + name); 1031 pm.setComponentEnabledSetting(name, PackageManager.COMPONENT_ENABLED_STATE_DISABLED, 1032 PackageManager.DONT_KILL_APP); 1033 } 1034 } 1035