Don't put credentials in results from externally accessible activities
ConfirmLockPattern and ConfirmLockPassword return an intent that contains the
password, and as such are dangerous. Create internal versions that are locked
down, and don't put this info in the externally accessible versions.
Bug: 13741939
Change-Id: I0df4d1e720b3c33d2c9ca086636dc54f17b19bf0
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 30be255..55736f4 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -1007,6 +1007,15 @@
<activity android:name="ConfirmLockPassword"
android:windowSoftInputMode="stateVisible|adjustResize"/>
+ <!-- Note this must not be exported since it returns the password in the intent -->
+ <activity android:name="ConfirmLockPattern$InternalActivity"
+ android:exported="false"/>
+
+ <!-- Note this must not be exported since it returns the password in the intent -->
+ <activity android:name="ConfirmLockPassword$InternalActivity"
+ android:exported="false"
+ android:windowSoftInputMode="stateVisible|adjustResize"/>
+
<activity android:name="ChooseLockGeneric"
android:label="@string/lockpassword_choose_lock_generic_header"
android:excludeFromRecents="true" >
diff --git a/src/com/android/settings/ChooseLockSettingsHelper.java b/src/com/android/settings/ChooseLockSettingsHelper.java
index d59fefb..5aa511a 100644
--- a/src/com/android/settings/ChooseLockSettingsHelper.java
+++ b/src/com/android/settings/ChooseLockSettingsHelper.java
@@ -54,10 +54,24 @@
* @see #onActivityResult(int, int, android.content.Intent)
*/
boolean launchConfirmationActivity(int request, CharSequence message, CharSequence details) {
+ return launchConfirmationActivity(request, message, details, false);
+ }
+
+ /**
+ * If a pattern, password or PIN exists, prompt the user before allowing them to change it.
+ * @param message optional message to display about the action about to be done
+ * @param details optional detail message to display
+ * @param returnCredentials if true, put credentials into intent. Note that if this is true,
+ this can only be called internally.
+ * @return true if one exists and we launched an activity to confirm it
+ * @see #onActivityResult(int, int, android.content.Intent)
+ */
+ boolean launchConfirmationActivity(int request, CharSequence message, CharSequence details,
+ boolean returnCredentials) {
boolean launched = false;
switch (mLockPatternUtils.getKeyguardStoredPasswordQuality()) {
case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING:
- launched = confirmPattern(request, message, details);
+ launched = confirmPattern(request, message, details, returnCredentials);
break;
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC:
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX:
@@ -65,7 +79,7 @@
case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC:
case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX:
// TODO: update UI layout for ConfirmPassword to show message and details
- launched = confirmPassword(request);
+ launched = confirmPassword(request, returnCredentials);
break;
}
return launched;
@@ -75,10 +89,12 @@
* Launch screen to confirm the existing lock pattern.
* @param message shown in header of ConfirmLockPattern if not null
* @param details shown in footer of ConfirmLockPattern if not null
+ * @param returnCredentials if true, put credentials into intent.
* @see #onActivityResult(int, int, android.content.Intent)
* @return true if we launched an activity to confirm pattern
*/
- private boolean confirmPattern(int request, CharSequence message, CharSequence details) {
+ private boolean confirmPattern(int request, CharSequence message,
+ CharSequence details, boolean returnCredentials) {
if (!mLockPatternUtils.isLockPatternEnabled() || !mLockPatternUtils.savedPatternExists()) {
return false;
}
@@ -86,7 +102,10 @@
// supply header and footer text in the intent
intent.putExtra(ConfirmLockPattern.HEADER_TEXT, message);
intent.putExtra(ConfirmLockPattern.FOOTER_TEXT, details);
- intent.setClassName("com.android.settings", "com.android.settings.ConfirmLockPattern");
+ intent.setClassName("com.android.settings",
+ returnCredentials
+ ? ConfirmLockPattern.InternalActivity.class.getName()
+ : ConfirmLockPattern.class.getName());
if (mFragment != null) {
mFragment.startActivityForResult(intent, request);
} else {
@@ -97,13 +116,17 @@
/**
* Launch screen to confirm the existing lock password.
+ * @param returnCredentials if true, put credentials into intent.
* @see #onActivityResult(int, int, android.content.Intent)
* @return true if we launched an activity to confirm password
*/
- private boolean confirmPassword(int request) {
+ private boolean confirmPassword(int request, boolean returnCredentials) {
if (!mLockPatternUtils.isLockPasswordEnabled()) return false;
final Intent intent = new Intent();
- intent.setClassName("com.android.settings", "com.android.settings.ConfirmLockPassword");
+ intent.setClassName("com.android.settings",
+ returnCredentials
+ ? ConfirmLockPassword.InternalActivity.class.getName()
+ : ConfirmLockPassword.class.getName());
if (mFragment != null) {
mFragment.startActivityForResult(intent, request);
} else {
diff --git a/src/com/android/settings/ConfirmLockPassword.java b/src/com/android/settings/ConfirmLockPassword.java
index 52aa1d9..54acf73 100644
--- a/src/com/android/settings/ConfirmLockPassword.java
+++ b/src/com/android/settings/ConfirmLockPassword.java
@@ -44,6 +44,9 @@
public class ConfirmLockPassword extends SettingsActivity {
+ public static class InternalActivity extends ConfirmLockPassword {
+ }
+
@Override
public Intent getIntent() {
Intent modIntent = new Intent(super.getIntent());
@@ -168,10 +171,12 @@
if (mLockPatternUtils.checkPassword(pin)) {
Intent intent = new Intent();
- intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_TYPE,
- mIsAlpha ? StorageManager.CRYPT_TYPE_PASSWORD
- : StorageManager.CRYPT_TYPE_PIN);
- intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_PASSWORD, pin);
+ if (getActivity() instanceof ConfirmLockPassword.InternalActivity) {
+ intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_TYPE,
+ mIsAlpha ? StorageManager.CRYPT_TYPE_PASSWORD
+ : StorageManager.CRYPT_TYPE_PIN);
+ intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_PASSWORD, pin);
+ }
getActivity().setResult(RESULT_OK, intent);
getActivity().finish();
diff --git a/src/com/android/settings/ConfirmLockPattern.java b/src/com/android/settings/ConfirmLockPattern.java
index 9405f6d..caf691d 100644
--- a/src/com/android/settings/ConfirmLockPattern.java
+++ b/src/com/android/settings/ConfirmLockPattern.java
@@ -43,6 +43,9 @@
*/
public class ConfirmLockPattern extends SettingsActivity {
+ public static class InternalActivity extends ConfirmLockPattern {
+ }
+
/**
* Names of {@link CharSequence} fields within the originating {@link Intent}
* that are used to configure the keyguard confirmation view's labeling.
@@ -266,10 +269,12 @@
if (mLockPatternUtils.checkPattern(pattern)) {
Intent intent = new Intent();
- intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_TYPE,
- StorageManager.CRYPT_TYPE_PATTERN);
- intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_PASSWORD,
- LockPatternUtils.patternToString(pattern));
+ if (getActivity() instanceof ConfirmLockPattern.InternalActivity) {
+ intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_TYPE,
+ StorageManager.CRYPT_TYPE_PATTERN);
+ intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_PASSWORD,
+ LockPatternUtils.patternToString(pattern));
+ }
getActivity().setResult(Activity.RESULT_OK, intent);
getActivity().finish();
diff --git a/src/com/android/settings/CredentialStorage.java b/src/com/android/settings/CredentialStorage.java
index f515b36..57b5384 100644
--- a/src/com/android/settings/CredentialStorage.java
+++ b/src/com/android/settings/CredentialStorage.java
@@ -378,7 +378,8 @@
boolean launched = new ChooseLockSettingsHelper(this)
.launchConfirmationActivity(CONFIRM_KEY_GUARD_REQUEST,
res.getText(R.string.credentials_install_gesture_prompt),
- res.getText(R.string.credentials_install_gesture_explanation));
+ res.getText(R.string.credentials_install_gesture_explanation),
+ true);
return launched;
}
diff --git a/src/com/android/settings/CryptKeeperSettings.java b/src/com/android/settings/CryptKeeperSettings.java
index 7f7a675..45df8ba 100644
--- a/src/com/android/settings/CryptKeeperSettings.java
+++ b/src/com/android/settings/CryptKeeperSettings.java
@@ -164,7 +164,8 @@
return helper.launchConfirmationActivity(request,
res.getText(R.string.master_clear_gesture_prompt),
- res.getText(R.string.master_clear_gesture_explanation));
+ res.getText(R.string.master_clear_gesture_explanation),
+ true);
}
@Override