Use LockPatternUtils.resetKeyStore() to clear keystore

Bug: 28878708 Change-Id: I6730b6947ea917772809bb045470bdf5e95d86ba
2016-05-24 11:13:56 +01:00
parent 77ad3c2531
commit c0e5070cf2
1 changed files with 16 additions and 17 deletions
--- a/src/com/android/settings/CredentialStorage.java
+++ b/src/com/android/settings/CredentialStorage.java
@@ -103,15 +103,10 @@ public final class CredentialStorage extends Activity {
    static final int MIN_PASSWORD_QUALITY = DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;

    private static final int CONFIRM_KEY_GUARD_REQUEST = 1;
+    private static final int CONFIRM_CLEAR_SYSTEM_CREDENTIAL_REQUEST = 2;

    private final KeyStore mKeyStore = KeyStore.getInstance();

-    /**
-     * The UIDs that are used for system credential storage in keystore.
-     */
-    private static final int[] SYSTEM_CREDENTIAL_UIDS = {Process.WIFI_UID, Process.VPN_UID,
-        Process.ROOT_UID, Process.SYSTEM_UID};
-
    /**
     * When non-null, the bundle containing credentials to install.
     */
@@ -197,7 +192,7 @@ public final class CredentialStorage extends Activity {
            return;
        }
        // force key guard confirmation
-        if (confirmKeyGuard()) {
+        if (confirmKeyGuard(CONFIRM_KEY_GUARD_REQUEST)) {
            // will return password value via onActivityResult
            return;
        }
@@ -328,8 +323,10 @@ public final class CredentialStorage extends Activity {
        @Override public void onDismiss(DialogInterface dialog) {
            if (mResetConfirmed) {
                mResetConfirmed = false;
-                new ResetKeyStoreAndKeyChain().execute();
-                return;
+                if (confirmKeyGuard(CONFIRM_CLEAR_SYSTEM_CREDENTIAL_REQUEST)) {
+                    // will return password value via onActivityResult
+                    return;
+                }
            }
            finish();
        }
@@ -343,12 +340,7 @@ public final class CredentialStorage extends Activity {
        @Override protected Boolean doInBackground(Void... unused) {

            // Clear all the users credentials could have been installed in for this user.
-            final UserManager um = (UserManager) getSystemService(USER_SERVICE);
-            for (int userId : um.getProfileIdsWithDisabled(UserHandle.myUserId())) {
-                for (int uid : SYSTEM_CREDENTIAL_UIDS) {
-                    mKeyStore.clearUid(UserHandle.getUid(userId, uid));
-                }
-            }
+            new LockPatternUtils(CredentialStorage.this).resetKeyStore(UserHandle.myUserId());

            try {
                KeyChainConnection keyChainConnection = KeyChain.bind(CredentialStorage.this);
@@ -454,10 +446,10 @@ public final class CredentialStorage extends Activity {
    /**
     * Confirm existing key guard, returning password via onActivityResult.
     */
-    private boolean confirmKeyGuard() {
+    private boolean confirmKeyGuard(int requestCode) {
        Resources res = getResources();
        boolean launched = new ChooseLockSettingsHelper(this)
-                .launchConfirmationActivity(CONFIRM_KEY_GUARD_REQUEST,
+                .launchConfirmationActivity(requestCode,
                        res.getText(R.string.credentials_title), true);
        return launched;
    }
@@ -481,6 +473,13 @@ public final class CredentialStorage extends Activity {
            }
            // failed confirmation, bail
            finish();
+        } else if (requestCode == CONFIRM_CLEAR_SYSTEM_CREDENTIAL_REQUEST) {
+            if (resultCode == Activity.RESULT_OK) {
+                new ResetKeyStoreAndKeyChain().execute();
+                return;
+            }
+            // failed confirmation, bail
+            finish();
        }
    }