Summary:
frameworks/base
keystore rewrite
keyguard integration with keystore on keyguard entry or keyguard change
KeyStore API simplification
packages/apps/Settings
Removed com.android.credentials.SET_PASSWORD intent support
Added keyguard requirement for keystore use
packages/apps/CertInstaller
Tracking KeyStore API changes
Fix for NPE in CertInstaller when certificate lacks basic constraints
packages/apps/KeyChain
Tracking KeyStore API changes
Details:
frameworks/base
Move keystore from C to C++ while rewriting password
implementation. Removed global variables. Added many comments.
cmds/keystore/Android.mk
cmds/keystore/keystore.h
cmds/keystore/keystore.c => cmds/keystore/keystore.cpp
cmds/keystore/keystore_cli.c => cmds/keystore/keystore_cli.cpp
Changed saveLockPattern and saveLockPassword to notify the keystore
on changes so that the keystore master key can be reencrypted when
the keyguard changes.
core/java/com/android/internal/widget/LockPatternUtils.java
Changed unlock screens to pass values for keystore unlock or initialization
policy/src/com/android/internal/policy/impl/PasswordUnlockScreen.java
policy/src/com/android/internal/policy/impl/PatternUnlockScreen.java
KeyStore API changes
- renamed test() to state(), which now return a State enum
- made APIs with byte[] key arguments private
- added new KeyStore.isEmpty used to determine if a keyguard is required
keystore/java/android/security/KeyStore.java
In addition to tracking KeyStore API changes, added new testIsEmpty
and improved some existing tests to validate expect values.
keystore/tests/src/android/security/KeyStoreTest.java
packages/apps/Settings
Removing com.android.credentials.SET_PASSWORD intent with the
removal of the ability to set an explicit keystore password now
that the keyguard value is used. Changed to ensure keyguard is
enabled for keystore install or unlock. Cleaned up interwoven
dialog handing into discrete dialog helper classes.
AndroidManifest.xml
src/com/android/settings/CredentialStorage.java
Remove layout for entering new password
res/layout/credentials_dialog.xml
Remove enable credentials checkbox
res/xml/security_settings_misc.xml
src/com/android/settings/SecuritySettings.java
Added ability to specify minimum quality key to ChooseLockGeneric
Activity. Used by CredentialStorage, but could also be used by
CryptKeeperSettings. Changed ChooseLockGeneric to understand
minimum quality for keystore in addition to DPM and device
encryption.
src/com/android/settings/ChooseLockGeneric.java
Changed to use getActivePasswordQuality from
getKeyguardStoredPasswordQuality based on experience in
CredentialStorage. Removed bogus class javadoc.
src/com/android/settings/CryptKeeperSettings.java
Tracking KeyStore API changes
src/com/android/settings/vpn/VpnSettings.java
src/com/android/settings/wifi/WifiSettings.java
Removing now unused string resources
res/values-af/strings.xml
res/values-am/strings.xml
res/values-ar/strings.xml
res/values-bg/strings.xml
res/values-ca/strings.xml
res/values-cs/strings.xml
res/values-da/strings.xml
res/values-de/strings.xml
res/values-el/strings.xml
res/values-en-rGB/strings.xml
res/values-es-rUS/strings.xml
res/values-es/strings.xml
res/values-fa/strings.xml
res/values-fi/strings.xml
res/values-fr/strings.xml
res/values-hr/strings.xml
res/values-hu/strings.xml
res/values-in/strings.xml
res/values-it/strings.xml
res/values-iw/strings.xml
res/values-ja/strings.xml
res/values-ko/strings.xml
res/values-lt/strings.xml
res/values-lv/strings.xml
res/values-ms/strings.xml
res/values-nb/strings.xml
res/values-nl/strings.xml
res/values-pl/strings.xml
res/values-pt-rPT/strings.xml
res/values-pt/strings.xml
res/values-rm/strings.xml
res/values-ro/strings.xml
res/values-ru/strings.xml
res/values-sk/strings.xml
res/values-sl/strings.xml
res/values-sr/strings.xml
res/values-sv/strings.xml
res/values-sw/strings.xml
res/values-th/strings.xml
res/values-tl/strings.xml
res/values-tr/strings.xml
res/values-uk/strings.xml
res/values-vi/strings.xml
res/values-zh-rCN/strings.xml
res/values-zh-rTW/strings.xml
res/values-zu/strings.xml
res/values/strings.xml
packages/apps/CertInstaller
Tracking KeyStore API changes
src/com/android/certinstaller/CertInstaller.java
Fix for NPE in CertInstaller when certificate lacks basic constraints
src/com/android/certinstaller/CredentialHelper.java
packages/apps/KeyChain
Tracking KeyStore API changes
src/com/android/keychain/KeyChainActivity.java
src/com/android/keychain/KeyChainService.java
support/src/com/android/keychain/tests/support/IKeyChainServiceTestSupport.aidl
support/src/com/android/keychain/tests/support/KeyChainServiceTestSupport.java
tests/src/com/android/keychain/tests/KeyChainServiceTest.java
Change-Id: I80533bf8986a92b0b99cd5fb1c4943e0f23fc1c8
To preserve proper behavior now that getPhoneType can return
PHONE_TYPE_NONE use getCurrentPhoneType.
bug: 3198435
Change-Id: I39d385b17d746f3c7cdbc3e1869efa5d4e89230c
* Use the DPM to determine if we are encrypted.
* Fix misspelling (Comfirm -> Confirm).
* Animate to black when enabling encryption.
* Add holo droid background.
* Change the progress bar to indterminate.
* Display the percentage complete in the status line.
* Fixed bug 3388097. You will no longer have to unplug your device to start encryption. This line is intentionally long. I could make it shorter but I am proving a point: <magic>overflow: auto;</magic>.
* Actually hold onto the wakelock to prvent the device from sleeping.
* Implement onStop() as a orientation change can happen at boot. This will start the activity twice and there will be multiple handlers with messages.
Change-Id: Ia752d106c39e0d81431e856f8f500182e8ec1abd
* You can no longer try to encrypt the device when it is encrypted.
* Moved the encryption section below the lock screen section. It will be more common to change the lock screen settings.
* If the device doesn't support encryption don't display the encryption section.
Bug: 3384074
Change-Id: I172f5894a3cea57b1b8d03a84f1ecf0ee500c1f3
Since now SecuritySettings is a fragment, not an activity, reacting
to intents is not easier anymore. The new activity is transparent,
and it works just like a dialog. This change also refactor'ed
SecuritySettings by moving some preference construction into
security_settings_misc.xml.
Bug: 3120992
Bug: 2117436
Change-Id: I8bd3fc7faa2a31d100b8d67310f9266260cfc31d
This converts most of the existing activities to fragments and wraps
them in PreferenceActivities so they can be launched as before
(e.g. by a DevicePolicyManager)
Upload after sync/rebase.
Change-Id: I4f351b75d9fca0498bcb04b4e11ff3b70765a4ba
This moves OwnerInfo into Location&Security and adds the
necessary logic to only show it in modes that make sense-
Lock (when not disabled) and Unlock (pattern, pin, password).
Change-Id: I3549dc4d956406aea3d63cd06d37bcea27a5b555
This interfaces to GSF to actually change the setting as Settings doesn't
have the permissions to do it directly. When GSF is not present on the device,
the setting will be hidden.
Depending on change: Ib3809571fe22f40ba34468d39fedfff70f0742ef
Bug: 3093036
Change-Id: I98596cce118f0fa5ebae45a7f8ab9c9f8a3bf2bc
This change adds a second timeout to the SecuritySettings page
separate from the standard display timeout.
Change-Id: I033a3578d876148bd723dee5d1a2531be5d6b51d
Added a base class SettingsPreferenceFragment from which the settings activities should
be derived so that they can behave like fragments. It contains some commonly called
utility methods and dialog conversion to DialogFragment.
Some of the top-level activities can be launched directly without the left pane.
Settings.java acts as a proxy activity that contains just that settings fragment without
the left pane.
There are still a lot of second and third level activities that need to be fragmentized.
This is just the first pass to test the 2-pane layout.
This changes the organization of lock screen security settings
to make choosing an alternate unlock method more discoverable.
Instead of having to disable the old lock method to use a new
one, the user now just has one set/change option in lock settings,
with a list of method-specific setting below it.
In addition, we ask the user to confirm their old credentials
before prompting them to choose a new one, which eliminates one
source of confusion.
Also, ChooseLockGeneric now shows a UI if quality isn't specified.
Any unlock method less secure than minimum specified by
DevicePolicyManager (if active) is greyed out.
Change-Id: Iecc6f64d4d3368a583f06f8d5fe9655cc3d5bd3b
This has been moved to GoogleSettingsProvider
as part of unbundling.
Part of http://b/issue?id=2383870
Change-Id: Ia8e5725b1749fa95436fade0ea23061eb2ca4822
This introduces a new activity for changing the password, which takes
care of launching the correct password activity based on the caller's
request and active policy. The security settings activity now uses
this, and it implements the API action for launching the password UI.
