Make LockSettingsService enforce basic requirements for new credentials
Currently all LSKF requirements are enforced by
PasswordMetrics#validateCredential(). The standard minimum length of 4
is also checked again in LockPatternUtils#setLockCredential().
These are both at the caller's option, though. These requirements could
be circumvented by calling ILockSettings#setLockCredential() directly.
Therefore, to provide higher assurance that at least the standard
requirements are met, this CL moves the standard length check into
LockSettingsService and also adds the invalid chars check alongside it.
Bug: 219511761
Bug: 232900169
Bug: 243881358
Test: atest LockscreenCredentialTest
Test: atest com.android.server.locksettings
Change-Id: Icc48a0d6caac0884bf3e3a9181828e8dfffff7e4
6 files changed
