Keymaster init for work profile

Changes: (1) When unified work challenge is enabled and screen lock is secure - Store work profile secure key in primary profile - When primary user keystore unlocked, unlock work profile keystore - When primary user change lock to none, remove work secure key (2) When unified work challenge is enabled but screen lock is not secure - When screen lock changes to secure, store work secure key in primary (3) When user changes work challenge from unified to separated - Remove work secure key in primary (4) When user changes work challenge from separate to unified - Do (1) and (2) Bug: 27460698 Change-Id: Id7464c178e6ea7b561643477e7cd84f963048c87
2016-04-01 16:31:56 +01:00
parent 1dea763d05
commit 4bbf0653c0
3 changed files with 10 additions and 8 deletions
--- a/src/com/android/settings/ChooseLockGeneric.java
+++ b/src/com/android/settings/ChooseLockGeneric.java
@@ -206,7 +206,11 @@ public class ChooseLockGeneric extends SettingsActivity {
            } else if (!mWaitingForConfirmation) {
                ChooseLockSettingsHelper helper =
                        new ChooseLockSettingsHelper(this.getActivity(), this);
-                if (!helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST,
+                boolean managedProfileWithUnifiedLock = Utils
+                        .isManagedProfile(UserManager.get(getActivity()), mUserId)
+                        && !mLockPatternUtils.isSeparateProfileChallengeEnabled(mUserId);
+                if (managedProfileWithUnifiedLock
+                        || !helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST,
                        getString(R.string.unlock_set_unlock_launch_picker_title), true, mUserId)) {
                    mPasswordConfirmed = true; // no password set, so no need to confirm
                    updatePreferencesOrFinish();
@@ -592,7 +596,7 @@ public class ChooseLockGeneric extends SettingsActivity {
            }

            if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
-                mLockPatternUtils.setSeparateProfileChallengeEnabled(mUserId, true);
+                mLockPatternUtils.setSeparateProfileChallengeEnabled(mUserId, true, mUserPassword);
                mChooseLockSettingsHelper.utils().clearLock(mUserId);
                mChooseLockSettingsHelper.utils().setLockScreenDisabled(disabled, mUserId);
                removeAllFingerprintTemplatesAndFinish();