PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Keymaster init for work profile

Browse Source 
Changes:
(1) When unified work challenge is enabled and screen lock is secure
  - Store work profile secure key in primary profile
  - When primary user keystore unlocked, unlock work profile keystore
  - When primary user change lock to none, remove work secure key
(2) When unified work challenge is enabled but screen lock is not secure
  - When screen lock changes to secure, store work secure key in primary
(3) When user changes work challenge from unified to separated
  - Remove work secure key in primary
(4) When user changes work challenge from separate to unified
  - Do (1) and (2)

Bug: 27460698

Change-Id: Id7464c178e6ea7b561643477e7cd84f963048c87
This commit is contained in:
Ricky Wai
2016-04-01 16:31:56 +01:00
parent 1dea763d05
commit 4bbf0653c0
3 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/com/android/settings/ChooseLockGeneric.java
View File

@@ -206,7 +206,11 @@ public class ChooseLockGeneric extends SettingsActivity {
} else if (!mWaitingForConfirmation) { } else if (!mWaitingForConfirmation) {
ChooseLockSettingsHelper helper = ChooseLockSettingsHelper helper =
new ChooseLockSettingsHelper(this.getActivity(), this); new ChooseLockSettingsHelper(this.getActivity(), this);
if (!helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST, boolean managedProfileWithUnifiedLock = Utils
.isManagedProfile(UserManager.get(getActivity()), mUserId)
&& !mLockPatternUtils.isSeparateProfileChallengeEnabled(mUserId);
if (managedProfileWithUnifiedLock
|| !helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST,
getString(R.string.unlock_set_unlock_launch_picker_title), true, mUserId)) { getString(R.string.unlock_set_unlock_launch_picker_title), true, mUserId)) {
mPasswordConfirmed = true; // no password set, so no need to confirm mPasswordConfirmed = true; // no password set, so no need to confirm
updatePreferencesOrFinish(); updatePreferencesOrFinish();
@@ -592,7 +596,7 @@ public class ChooseLockGeneric extends SettingsActivity {
} }
if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
mLockPatternUtils.setSeparateProfileChallengeEnabled(mUserId, true); mLockPatternUtils.setSeparateProfileChallengeEnabled(mUserId, true, mUserPassword);
mChooseLockSettingsHelper.utils().clearLock(mUserId); mChooseLockSettingsHelper.utils().clearLock(mUserId);
mChooseLockSettingsHelper.utils().setLockScreenDisabled(disabled, mUserId); mChooseLockSettingsHelper.utils().setLockScreenDisabled(disabled, mUserId);
removeAllFingerprintTemplatesAndFinish(); removeAllFingerprintTemplatesAndFinish();

1
src/com/android/settings/SaveChosenLockWorkerBase.java
View File

@@ -68,7 +68,6 @@ abstract class SaveChosenLockWorkerBase extends Fragment {
mHasChallenge = hasChallenge; mHasChallenge = hasChallenge;
mChallenge = challenge; mChallenge = challenge;
// This will be a no-op for non managed profiles. // This will be a no-op for non managed profiles.
mUtils.setSeparateProfileChallengeEnabled(mUserId, true);
mWasSecureBefore = mUtils.isSecure(mUserId); mWasSecureBefore = mUtils.isSecure(mUserId);
Context context = getContext(); Context context = getContext();

9
src/com/android/settings/SecuritySettings.java
View File

@@ -697,8 +697,8 @@ public class SecuritySettings extends SettingsPreferenceFragment
private void unifyLocks() { private void unifyLocks() {
int profileQuality = int profileQuality =
mLockPatternUtils.getKeyguardStoredPasswordQuality(mProfileChallengeUserId); mLockPatternUtils.getKeyguardStoredPasswordQuality(mProfileChallengeUserId);
mLockPatternUtils.clearLock(mProfileChallengeUserId); mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, false,
mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, false); mCurrentProfilePassword);
if (profileQuality == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) { if (profileQuality == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) {
mLockPatternUtils.saveLockPattern( mLockPatternUtils.saveLockPattern(
LockPatternUtils.stringToPattern(mCurrentProfilePassword), LockPatternUtils.stringToPattern(mCurrentProfilePassword),
@@ -716,14 +716,13 @@ public class SecuritySettings extends SettingsPreferenceFragment
} }
private void unifyUncompliantLocks() { private void unifyUncompliantLocks() {
mLockPatternUtils.clearLock(mProfileChallengeUserId); mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, false,
mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, false); mCurrentProfilePassword);
startFragment(this, "com.android.settings.ChooseLockGeneric$ChooseLockGenericFragment", startFragment(this, "com.android.settings.ChooseLockGeneric$ChooseLockGenericFragment",
R.string.lock_settings_picker_title, SET_OR_CHANGE_LOCK_METHOD_REQUEST, null); R.string.lock_settings_picker_title, SET_OR_CHANGE_LOCK_METHOD_REQUEST, null);
} }
private void ununifyLocks() { private void ununifyLocks() {
mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, true);
Bundle extras = new Bundle(); Bundle extras = new Bundle();
extras.putInt(Intent.EXTRA_USER_ID, mProfileChallengeUserId); extras.putInt(Intent.EXTRA_USER_ID, mProfileChallengeUserId);
startFragment(this, startFragment(this,