Remove CryptKeeperSettings
FDE support has been removed in favor of FBE, so remove the FDE settings
from the "Encryption & credentials" page of the Settings app.
For now I didn't change the way the page appears on devices that don't
use FDE; as before, it still lists "Encrypt phone", followed by either
"Encrypted" or "Phone not encrypted" with no changeable settings. Note
that the strings used for this have "crypt_keeper" in their names but
aren't specific to FDE; the next CL will rename them.
Test: On Cuttlefish with and without encryption enabled, tested visiting
the "Encryption & credentials" settings.
Bug: 208476087
Change-Id: I3ce9894291ea1f1886f21980a86a92bfce38038a
(cherry picked from commit 36609c18d1)
Merged-In: I3ce9894291ea1f1886f21980a86a92bfce38038a
This commit is contained in:
Eric Biggers
@@ -1,176 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2011 The Android Open Source Project
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.android.settings;
|
||||
|
||||
import android.annotation.Nullable;
|
||||
import android.app.Activity;
|
||||
import android.app.StatusBarManager;
|
||||
import android.app.settings.SettingsEnums;
|
||||
import android.content.Context;
|
||||
import android.content.Intent;
|
||||
import android.os.Bundle;
|
||||
import android.os.Handler;
|
||||
import android.os.IBinder;
|
||||
import android.os.ServiceManager;
|
||||
import android.os.UserHandle;
|
||||
import android.os.storage.IStorageManager;
|
||||
import android.provider.Settings;
|
||||
import android.util.Log;
|
||||
import android.view.LayoutInflater;
|
||||
import android.view.View;
|
||||
import android.view.ViewGroup;
|
||||
import android.widget.Button;
|
||||
|
||||
import com.android.internal.widget.LockPatternUtils;
|
||||
import com.android.settings.core.InstrumentedFragment;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Locale;
|
||||
|
||||
public class CryptKeeperConfirm extends InstrumentedFragment {
|
||||
|
||||
private static final String TAG = "CryptKeeperConfirm";
|
||||
|
||||
@Override
|
||||
public int getMetricsCategory() {
|
||||
return SettingsEnums.CRYPT_KEEPER_CONFIRM;
|
||||
}
|
||||
|
||||
public static class Blank extends Activity {
|
||||
private Handler mHandler = new Handler();
|
||||
|
||||
@Override
|
||||
public void onCreate(Bundle savedInstanceState) {
|
||||
super.onCreate(savedInstanceState);
|
||||
|
||||
setContentView(R.layout.crypt_keeper_blank);
|
||||
|
||||
if (Utils.isMonkeyRunning()) {
|
||||
finish();
|
||||
}
|
||||
|
||||
StatusBarManager sbm = (StatusBarManager) getSystemService(Context.STATUS_BAR_SERVICE);
|
||||
sbm.disable(StatusBarManager.DISABLE_EXPAND
|
||||
| StatusBarManager.DISABLE_NOTIFICATION_ICONS
|
||||
| StatusBarManager.DISABLE_NOTIFICATION_ALERTS
|
||||
| StatusBarManager.DISABLE_SYSTEM_INFO
|
||||
| StatusBarManager.DISABLE_HOME
|
||||
| StatusBarManager.DISABLE_SEARCH
|
||||
| StatusBarManager.DISABLE_RECENT
|
||||
| StatusBarManager.DISABLE_BACK);
|
||||
|
||||
// Post a delayed message in 700 milliseconds to enable encryption.
|
||||
// NOTE: The animation on this activity is set for 500 milliseconds
|
||||
// I am giving it a little extra time to complete.
|
||||
mHandler.postDelayed(new Runnable() {
|
||||
public void run() {
|
||||
IBinder service = ServiceManager.getService("mount");
|
||||
if (service == null) {
|
||||
Log.e("CryptKeeper", "Failed to find the mount service");
|
||||
finish();
|
||||
return;
|
||||
}
|
||||
|
||||
IStorageManager storageManager = IStorageManager.Stub.asInterface(service);
|
||||
try {
|
||||
Bundle args = getIntent().getExtras();
|
||||
// TODO(b/120484642): Update vold to accept a password as a byte array
|
||||
byte[] passwordBytes = args.getByteArray("password");
|
||||
String password = passwordBytes != null ? new String(passwordBytes) : null;
|
||||
Arrays.fill(passwordBytes, (byte) 0);
|
||||
storageManager.encryptStorage(args.getInt("type", -1),
|
||||
password);
|
||||
} catch (Exception e) {
|
||||
Log.e("CryptKeeper", "Error while encrypting...", e);
|
||||
}
|
||||
}
|
||||
}, 700);
|
||||
}
|
||||
}
|
||||
|
||||
private View mContentView;
|
||||
private Button mFinalButton;
|
||||
private Button.OnClickListener mFinalClickListener = new Button.OnClickListener() {
|
||||
|
||||
public void onClick(View v) {
|
||||
if (Utils.isMonkeyRunning()) {
|
||||
return;
|
||||
}
|
||||
|
||||
/* WARNING - nasty hack!
|
||||
Settings for the lock screen are not available to the crypto
|
||||
screen (CryptKeeper) at boot. We duplicate the ones that
|
||||
CryptKeeper needs to the crypto key/value store when they are
|
||||
modified (see LockPatternUtils).
|
||||
However, prior to encryption, the crypto key/value store is not
|
||||
persisted across reboots, thus modified settings are lost to
|
||||
CryptKeeper.
|
||||
In order to make sure CryptKeeper had the correct settings after
|
||||
first encrypting, we thus need to rewrite them, which ensures the
|
||||
crypto key/value store is up to date. On encryption, this store
|
||||
is then persisted, and the settings will be there on future
|
||||
reboots.
|
||||
*/
|
||||
|
||||
// 1. The owner info.
|
||||
LockPatternUtils utils = new LockPatternUtils(getActivity());
|
||||
utils.setVisiblePatternEnabled(
|
||||
utils.isVisiblePatternEnabled(UserHandle.USER_SYSTEM),
|
||||
UserHandle.USER_SYSTEM);
|
||||
if (utils.isOwnerInfoEnabled(UserHandle.USER_SYSTEM)) {
|
||||
utils.setOwnerInfo(utils.getOwnerInfo(UserHandle.USER_SYSTEM),
|
||||
UserHandle.USER_SYSTEM);
|
||||
}
|
||||
int value = Settings.System.getInt(getContext().getContentResolver(),
|
||||
Settings.System.TEXT_SHOW_PASSWORD,
|
||||
1);
|
||||
utils.setVisiblePasswordEnabled(value != 0, UserHandle.USER_SYSTEM);
|
||||
|
||||
Intent intent = new Intent(getActivity(), Blank.class);
|
||||
intent.putExtras(getArguments());
|
||||
startActivity(intent);
|
||||
|
||||
// 2. The system locale.
|
||||
try {
|
||||
IBinder service = ServiceManager.getService("mount");
|
||||
IStorageManager storageManager = IStorageManager.Stub.asInterface(service);
|
||||
storageManager.setField("SystemLocale", Locale.getDefault().toLanguageTag());
|
||||
} catch (Exception e) {
|
||||
Log.e(TAG, "Error storing locale for decryption UI", e);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
private void establishFinalConfirmationState() {
|
||||
mFinalButton = (Button) mContentView.findViewById(R.id.execute_encrypt);
|
||||
mFinalButton.setOnClickListener(mFinalClickListener);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onCreate(@Nullable Bundle savedInstanceState) {
|
||||
super.onCreate(savedInstanceState);
|
||||
getActivity().setTitle(R.string.crypt_keeper_confirm_title);
|
||||
}
|
||||
|
||||
@Override
|
||||
public View onCreateView(LayoutInflater inflater, ViewGroup container,
|
||||
Bundle savedInstanceState) {
|
||||
mContentView = inflater.inflate(R.layout.crypt_keeper_confirm, null);
|
||||
establishFinalConfirmationState();
|
||||
return mContentView;
|
||||
}
|
||||
}
|
||||
@@ -199,7 +199,6 @@ public class Settings extends SettingsActivity {
|
||||
public static class BatterySaverScheduleSettingsActivity extends SettingsActivity { /* empty */ }
|
||||
public static class AccountSyncSettingsActivity extends SettingsActivity { /* empty */ }
|
||||
public static class AccountSyncSettingsInAddAccountActivity extends SettingsActivity { /* empty */ }
|
||||
public static class CryptKeeperSettingsActivity extends SettingsActivity { /* empty */ }
|
||||
public static class DeviceAdminSettingsActivity extends SettingsActivity { /* empty */ }
|
||||
public static class DataUsageSummaryActivity extends SettingsActivity { /* empty */ }
|
||||
public static class MobileDataUsageListActivity extends SettingsActivity { /* empty */ }
|
||||
|
||||
@@ -144,7 +144,6 @@ import com.android.settings.password.ChooseLockPattern;
|
||||
import com.android.settings.print.PrintJobSettingsFragment;
|
||||
import com.android.settings.print.PrintSettingsFragment;
|
||||
import com.android.settings.privacy.PrivacyDashboardFragment;
|
||||
import com.android.settings.security.CryptKeeperSettings;
|
||||
import com.android.settings.security.LockscreenDashboardFragment;
|
||||
import com.android.settings.security.SecuritySettings;
|
||||
import com.android.settings.shortcut.CreateShortcut;
|
||||
@@ -240,7 +239,6 @@ public class SettingsGateway {
|
||||
PickupGestureSettings.class.getName(),
|
||||
DoubleTwistGestureSettings.class.getName(),
|
||||
SystemNavigationGestureSettings.class.getName(),
|
||||
CryptKeeperSettings.class.getName(),
|
||||
DataUsageSummary.class.getName(),
|
||||
DreamSettings.class.getName(),
|
||||
UserSettings.class.getName(),
|
||||
|
||||
@@ -1,229 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 The Android Open Source Project
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.android.settings.security;
|
||||
|
||||
import android.app.Activity;
|
||||
import android.app.admin.DevicePolicyManager;
|
||||
import android.app.settings.SettingsEnums;
|
||||
import android.content.BroadcastReceiver;
|
||||
import android.content.Context;
|
||||
import android.content.Intent;
|
||||
import android.content.IntentFilter;
|
||||
import android.content.res.Resources;
|
||||
import android.os.BatteryManager;
|
||||
import android.os.Bundle;
|
||||
import android.os.UserHandle;
|
||||
import android.os.storage.StorageManager;
|
||||
import android.text.TextUtils;
|
||||
import android.view.LayoutInflater;
|
||||
import android.view.View;
|
||||
import android.view.ViewGroup;
|
||||
import android.widget.Button;
|
||||
|
||||
import androidx.appcompat.app.AlertDialog;
|
||||
import androidx.preference.Preference;
|
||||
|
||||
import com.android.internal.widget.LockPatternUtils;
|
||||
import com.android.internal.widget.LockscreenCredential;
|
||||
import com.android.settings.CryptKeeperConfirm;
|
||||
import com.android.settings.R;
|
||||
import com.android.settings.SettingsActivity;
|
||||
import com.android.settings.core.InstrumentedPreferenceFragment;
|
||||
import com.android.settings.password.ChooseLockSettingsHelper;
|
||||
import com.android.settings.password.ConfirmLockPattern;
|
||||
|
||||
public class CryptKeeperSettings extends InstrumentedPreferenceFragment {
|
||||
private static final String TAG = "CryptKeeper";
|
||||
private static final String TYPE = "type";
|
||||
private static final String PASSWORD = "password";
|
||||
|
||||
private static final int KEYGUARD_REQUEST = 55;
|
||||
|
||||
// Minimum battery charge level (in percent) to launch encryption. If the battery charge is
|
||||
// lower than this, encryption should not be activated.
|
||||
private static final int MIN_BATTERY_LEVEL = 80;
|
||||
|
||||
private View mContentView;
|
||||
private Button mInitiateButton;
|
||||
private View mPowerWarning;
|
||||
private View mBatteryWarning;
|
||||
private IntentFilter mIntentFilter;
|
||||
|
||||
private BroadcastReceiver mIntentReceiver = new BroadcastReceiver() {
|
||||
@Override
|
||||
public void onReceive(Context context, Intent intent) {
|
||||
String action = intent.getAction();
|
||||
if (action.equals(Intent.ACTION_BATTERY_CHANGED)) {
|
||||
final int level = intent.getIntExtra(BatteryManager.EXTRA_LEVEL, 0);
|
||||
final int plugged = intent.getIntExtra(BatteryManager.EXTRA_PLUGGED, 0);
|
||||
final int invalidCharger = intent.getIntExtra(
|
||||
BatteryManager.EXTRA_INVALID_CHARGER, 0);
|
||||
|
||||
final boolean levelOk = level >= MIN_BATTERY_LEVEL;
|
||||
final boolean pluggedOk =
|
||||
((plugged & BatteryManager.BATTERY_PLUGGED_ANY) != 0) &&
|
||||
invalidCharger == 0;
|
||||
|
||||
// Update UI elements based on power/battery status
|
||||
mInitiateButton.setEnabled(levelOk && pluggedOk);
|
||||
mPowerWarning.setVisibility(pluggedOk ? View.GONE : View.VISIBLE );
|
||||
mBatteryWarning.setVisibility(levelOk ? View.GONE : View.VISIBLE);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
* If the user clicks to begin the reset sequence, we next require a
|
||||
* keyguard confirmation if the user has currently enabled one. If there
|
||||
* is no keyguard available, we prompt the user to set a password.
|
||||
*/
|
||||
private Button.OnClickListener mInitiateListener = new Button.OnClickListener() {
|
||||
@Override
|
||||
public void onClick(View v) {
|
||||
if (!runKeyguardConfirmation(KEYGUARD_REQUEST)) {
|
||||
// TODO replace (or follow) this dialog with an explicit launch into password UI
|
||||
new AlertDialog.Builder(getActivity())
|
||||
.setTitle(R.string.crypt_keeper_dialog_need_password_title)
|
||||
.setMessage(R.string.crypt_keeper_dialog_need_password_message)
|
||||
.setPositiveButton(android.R.string.ok, null)
|
||||
.create()
|
||||
.show();
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
@Override
|
||||
public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedState) {
|
||||
mContentView = inflater.inflate(R.layout.crypt_keeper_settings, null);
|
||||
|
||||
mIntentFilter = new IntentFilter();
|
||||
mIntentFilter.addAction(Intent.ACTION_BATTERY_CHANGED);
|
||||
|
||||
mInitiateButton = (Button) mContentView.findViewById(R.id.initiate_encrypt);
|
||||
mInitiateButton.setOnClickListener(mInitiateListener);
|
||||
mInitiateButton.setEnabled(false);
|
||||
|
||||
mPowerWarning = mContentView.findViewById(R.id.warning_unplugged);
|
||||
mBatteryWarning = mContentView.findViewById(R.id.warning_low_charge);
|
||||
|
||||
return mContentView;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getMetricsCategory() {
|
||||
return SettingsEnums.CRYPT_KEEPER;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onResume() {
|
||||
super.onResume();
|
||||
getActivity().registerReceiver(mIntentReceiver, mIntentFilter);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onPause() {
|
||||
super.onPause();
|
||||
getActivity().unregisterReceiver(mIntentReceiver);
|
||||
}
|
||||
|
||||
/**
|
||||
* If encryption is already started, and this launched via a "start encryption" intent,
|
||||
* then exit immediately - it's already up and running, so there's no point in "starting" it.
|
||||
*/
|
||||
@Override
|
||||
public void onActivityCreated(Bundle savedInstanceState) {
|
||||
super.onActivityCreated(savedInstanceState);
|
||||
Activity activity = getActivity();
|
||||
Intent intent = activity.getIntent();
|
||||
if (DevicePolicyManager.ACTION_START_ENCRYPTION.equals(intent.getAction())) {
|
||||
DevicePolicyManager dpm = (DevicePolicyManager)
|
||||
activity.getSystemService(Context.DEVICE_POLICY_SERVICE);
|
||||
if (dpm != null) {
|
||||
int status = dpm.getStorageEncryptionStatus();
|
||||
if (status != DevicePolicyManager.ENCRYPTION_STATUS_INACTIVE) {
|
||||
// There is nothing to do here, so simply finish() (which returns to caller)
|
||||
activity.finish();
|
||||
}
|
||||
}
|
||||
}
|
||||
activity.setTitle(R.string.crypt_keeper_encrypt_title);
|
||||
}
|
||||
|
||||
/**
|
||||
* Keyguard validation is run using the standard {@link ConfirmLockPattern}
|
||||
* component as a subactivity
|
||||
* @param request the request code to be returned once confirmation finishes
|
||||
* @return true if confirmation launched
|
||||
*/
|
||||
private boolean runKeyguardConfirmation(int request) {
|
||||
final LockPatternUtils utils = new LockPatternUtils(getActivity());
|
||||
if (utils.getKeyguardStoredPasswordQuality(UserHandle.myUserId())
|
||||
== DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
|
||||
showFinalConfirmation(StorageManager.CRYPT_TYPE_DEFAULT, "".getBytes());
|
||||
return true;
|
||||
}
|
||||
|
||||
final Resources res = getActivity().getResources();
|
||||
final ChooseLockSettingsHelper.Builder builder =
|
||||
new ChooseLockSettingsHelper.Builder(getActivity(), this);
|
||||
return builder.setRequestCode(request)
|
||||
.setTitle(res.getText(R.string.crypt_keeper_encrypt_title))
|
||||
.setReturnCredentials(true)
|
||||
.show();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onActivityResult(int requestCode, int resultCode, Intent data) {
|
||||
super.onActivityResult(requestCode, resultCode, data);
|
||||
|
||||
if (requestCode != KEYGUARD_REQUEST) {
|
||||
return;
|
||||
}
|
||||
|
||||
// If the user entered a valid keyguard trace, present the final
|
||||
// confirmation prompt; otherwise, go back to the initial state.
|
||||
if (resultCode == Activity.RESULT_OK && data != null) {
|
||||
int type = data.getIntExtra(ChooseLockSettingsHelper.EXTRA_KEY_TYPE, -1);
|
||||
LockscreenCredential password = data.getParcelableExtra(
|
||||
ChooseLockSettingsHelper.EXTRA_KEY_PASSWORD);
|
||||
if (password != null && !password.isNone()) {
|
||||
showFinalConfirmation(type, password.getCredential());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void showFinalConfirmation(int type, byte[] password) {
|
||||
Preference preference = new Preference(getPreferenceManager().getContext());
|
||||
preference.setFragment(CryptKeeperConfirm.class.getName());
|
||||
preference.setTitle(R.string.crypt_keeper_confirm_title);
|
||||
addEncryptionInfoToPreference(preference, type, password);
|
||||
((SettingsActivity) getActivity()).onPreferenceStartFragment(null, preference);
|
||||
}
|
||||
|
||||
private void addEncryptionInfoToPreference(Preference preference, int type, byte[] password) {
|
||||
Activity activity = getActivity();
|
||||
DevicePolicyManager dpm = (DevicePolicyManager)
|
||||
activity.getSystemService(Context.DEVICE_POLICY_SERVICE);
|
||||
if (dpm.getDoNotAskCredentialsOnBoot()) {
|
||||
preference.getExtras().putInt(TYPE, StorageManager.CRYPT_TYPE_DEFAULT);
|
||||
preference.getExtras().putByteArray(PASSWORD, "".getBytes());
|
||||
} else {
|
||||
preference.getExtras().putInt(TYPE, type);
|
||||
preference.getExtras().putByteArray(PASSWORD, password);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -55,14 +55,8 @@ public class EncryptionStatusPreferenceController extends BasePreferenceControll
|
||||
public void updateState(Preference preference) {
|
||||
final boolean encryptionEnabled = LockPatternUtils.isDeviceEncryptionEnabled();
|
||||
if (encryptionEnabled) {
|
||||
if (TextUtils.equals(getPreferenceKey(), PREF_KEY_ENCRYPTION_DETAIL_PAGE)) {
|
||||
preference.setFragment(null);
|
||||
}
|
||||
preference.setSummary(R.string.crypt_keeper_encrypted_summary);
|
||||
} else {
|
||||
if (TextUtils.equals(getPreferenceKey(), PREF_KEY_ENCRYPTION_DETAIL_PAGE)) {
|
||||
preference.setFragment(CryptKeeperSettings.class.getName());
|
||||
}
|
||||
preference.setSummary(R.string.decryption_settings_summary);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user