PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Credential storage triggers unlock when keystore is locked.

Browse Source 
If the phone is in the unlocked state and keystore is locked, storing
credentials asks for a password that does not exist to the user. Replace
this workflow with a key guard confirmation, asking the user to unlock
the screen in the same way they would normally unlock their phone.

Bug: 68298609
Test: adb push sample_credentials.p12 /sdcard/
Test: adb shell su 1000 service call android.security.keystore 9 i32 0
Test: adb shell am start -a android.credentials.INSTALL --user 10
Test: adb shell su 1000 service call android.security.keystore 9 i32 10

Change-Id: I8a3068a5d7de508fb417016acdf41b1712a2e7cc
This commit is contained in:
Irina Dumitrescu
2018-05-10 18:06:53 +01:00
parent 8e060b42dd
commit efdfbeaff4
3 changed files with 12 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
res/values/strings.xml
View File

@@ -5613,27 +5613,12 @@
<string name="credential_for_vpn_and_apps">Installed for VPN and apps</string>
<!-- Sub-heading for a user credential installed to be used as part of a Wi-Fi configuration. [CHAR LIMIT=NONE]. -->
<string name="credential_for_wifi">Installed for Wi-Fi</string>
<!-- Title of dialog to enable credential storage [CHAR LIMIT=30] -->
<string name="credentials_unlock"></string>
<!-- Description of dialog to enable credential storage [CHAR LIMIT=NONE] -->
<string name="credentials_unlock_hint">Type the password for credential storage.</string>
<!-- Description of the input box for the old password [CHAR LIMIT=30] -->
<string name="credentials_old_password">Current password:</string>
<!-- Description of dialog to reset credential storage [CHAR LIMIT=NONE] -->
<string name="credentials_reset_hint">Remove all the contents?</string>
<!-- Error message [CHAR LIMIT=NONE] -->
<string name="credentials_wrong_password">Incorrect password.</string>
<!-- Error message [CHAR LIMIT=NONE] -->
<string name="credentials_reset_warning">Incorrect password. You have one more chance before credential storage is erased.</string>
<!-- Error message [CHAR LIMIT=NONE] -->
<string name="credentials_reset_warning_plural">Incorrect password. You have <xliff:g id="number" example="5">%1$d</xliff:g> more chances before credential storage is erased.</string>
<!-- Toast message [CHAR LIMIT=30] -->
<string name="credentials_erased">Credential storage is erased.</string>
<!-- Toast message [CHAR LIMIT=30] when credential storage containing private keys and certificates could not be erased (opposite of string credentials_erased) -->
<string name="credentials_not_erased">Credential storage couldn\u2019t be erased.</string>
<!-- Toast message [CHAR LIMIT=30] -->
<string name="credentials_enabled">Credential storage is enabled.</string>
<!-- This string is in a dialog, and the dialog shows up on a device that's managed by a user's company. It lets the user know that they need to have a secure lock screen (PIN, password, or pattern) before they can use credential storage [CHAR LIMIT=NONE] -->
<string name="credentials_configure_lock_screen_hint">Before you can use credential storage, your device need to have a secure lock screen</string>
<!-- This string is for the content of the button that leads user to lock screen settings [CHAR LIMIT=20] -->