Use LockPatternUtils.resetKeyStore() to clear keystore

Bug: 28878708
Change-Id: I6730b6947ea917772809bb045470bdf5e95d86ba

src/com/android/settings/CredentialStorage.java

@@ -103,15 +103,10 @@ public final class CredentialStorage extends Activity {
     static final int MIN_PASSWORD_QUALITY = DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
 
     private static final int CONFIRM_KEY_GUARD_REQUEST = 1;
+    private static final int CONFIRM_CLEAR_SYSTEM_CREDENTIAL_REQUEST = 2;
 
     private final KeyStore mKeyStore = KeyStore.getInstance();
 
-    /**
-     * The UIDs that are used for system credential storage in keystore.
-     */
-    private static final int[] SYSTEM_CREDENTIAL_UIDS = {Process.WIFI_UID, Process.VPN_UID,
-        Process.ROOT_UID, Process.SYSTEM_UID};
-
     /**
      * When non-null, the bundle containing credentials to install.
      */
@@ -197,7 +192,7 @@ public final class CredentialStorage extends Activity {
             return;
         }
         // force key guard confirmation
-        if (confirmKeyGuard()) {
+        if (confirmKeyGuard(CONFIRM_KEY_GUARD_REQUEST)) {
             // will return password value via onActivityResult
             return;
         }
@@ -328,8 +323,10 @@ public final class CredentialStorage extends Activity {
         @Override public void onDismiss(DialogInterface dialog) {
             if (mResetConfirmed) {
                 mResetConfirmed = false;
-                new ResetKeyStoreAndKeyChain().execute();
+                if (confirmKeyGuard(CONFIRM_CLEAR_SYSTEM_CREDENTIAL_REQUEST)) {
-                return;
+                    // will return password value via onActivityResult
+                    return;
+                }
             }
             finish();
         }
@@ -343,12 +340,7 @@ public final class CredentialStorage extends Activity {
         @Override protected Boolean doInBackground(Void... unused) {
 
             // Clear all the users credentials could have been installed in for this user.
-            final UserManager um = (UserManager) getSystemService(USER_SERVICE);
+            new LockPatternUtils(CredentialStorage.this).resetKeyStore(UserHandle.myUserId());
-            for (int userId : um.getProfileIdsWithDisabled(UserHandle.myUserId())) {
-                for (int uid : SYSTEM_CREDENTIAL_UIDS) {
-                    mKeyStore.clearUid(UserHandle.getUid(userId, uid));
-                }
-            }
 
             try {
                 KeyChainConnection keyChainConnection = KeyChain.bind(CredentialStorage.this);
@@ -454,10 +446,10 @@ public final class CredentialStorage extends Activity {
     /**
      * Confirm existing key guard, returning password via onActivityResult.
      */
-    private boolean confirmKeyGuard() {
+    private boolean confirmKeyGuard(int requestCode) {
         Resources res = getResources();
         boolean launched = new ChooseLockSettingsHelper(this)
-                .launchConfirmationActivity(CONFIRM_KEY_GUARD_REQUEST,
+                .launchConfirmationActivity(requestCode,
                         res.getText(R.string.credentials_title), true);
         return launched;
     }
@@ -481,6 +473,13 @@ public final class CredentialStorage extends Activity {
             }
             // failed confirmation, bail
             finish();
+        } else if (requestCode == CONFIRM_CLEAR_SYSTEM_CREDENTIAL_REQUEST) {
+            if (resultCode == Activity.RESULT_OK) {
+                new ResetKeyStoreAndKeyChain().execute();
+                return;
+            }
+            // failed confirmation, bail
+            finish();
         }
     }