Earlier the finish of the chooser was happening before the pattern/pin chooser
was started, resulting in two transitions.
This change defers the finish to after returning from the other activity. There
is still sometimes a very small glitch on the way back, but much smaller than
the current problem.
Bug: 7342594
Change-Id: I5f4f4393b841ce31dc7236074381283155ebddbd
This fixes a bug where orientation changes caused the system to
ask for the pin/pattern/password multiple times.
It also fixes a minor issue where we were showing buttons
on the pattern confirmation screen (bug 6218057)
Change-Id: I0894f37bb697baa4cc17917aaeb466440279b092
We need to allow FaceUnlock if the backup lock supports encryption (PIN).
This requires changing the way the minimum encryption quality is enforced
to allow FaceUnlock as long as the backup lock is a PIN, as FaceUnlock
is considered a lower security than the minimum for encrypted drives.
This change adds some complexity to upgradeQualityForEncryption because it's
used in two places: once to grey out selections that aren't sufficient
security level, and second to force the user to use a higher security level.
This still increases the minimum security level,
but makes an exception for FaceUnlock if it's allowed without encryption.
This uses a MutableBoolean to provide a mutable boolean capability.
We could instead write a custom one or use some other type of mutable
boolean if it exists.
In CryptKeeperSettings, using getKeyguardStoredPasswordQuality directly instead
of getActivePasswordQuality is simpler, but this uses a more complex approach
with a minor tweak as jaggies suggested it and it is clear about the
biometric exception being made.
Change-Id: Ia2645d6bd98857c79c6a9be45eda98087bfe517a
Adding an option which will launch a version of setup where faces
can be added to the current gallery. It requires the user to first
confirm their password before launching addToSetup.
Patch 3 - Updated for renaming of FackLockTutorial to SetupIntro.
Now it is called every time regardless of it it's showing the tutorial
and a flag is passed in to determine whether or not SetupIntro shows
the tutorial.
Patch 4 - Removed 'Setup Complete' toast at the end of screen lock
setups since it was primarily for Face Unlock and the congratulations
screen removes the need for it.
Change-Id: Idc5f960809d992ec7bbce59ef1e13b95ef7cce45
Removed summary line from the screen lock picker and displaying
the about screen for face unlock every time instead of just the
first time
Change-Id: Iac572d2366acf28d32e632e8dcdde63475641e39
Moved isBiometricSensorAvailable functionality into
isBiometricWeakInstalled (formerly called isBiometricEnabled). Settings
now only shows biometric weak if it's installed, if it's not installed
and the lock type is currently set to biometric weak, the backup lock
is shown as being set instead.
Change-Id: Icfe326a6598df33ee60d5fdc024273d94f115983
This is done when the backup lock is complete or canceled.
If successful, the permanent gallery is replaced with the new one.
The temporary gallery is always deleted
Also deletes the main gallery if the lock type is changed from facial recognition
Change-Id: Id7b066fd852c7ba188d6e46b47391a362cbab40f
-Changed main header to show backup lock text
-Reworded normal header
-Changed instances of FacePass to FaceLock
Change-Id: I66cbd3ada87df30b6b7ceb1a784d365ba60a8f41
This changes the security picker when selecting a backup lock for facelock
such that it says back up lock and gives a brief description of why it's needed.
This is currently a temporary way to display the info and will need to be changed
for the final release.
Change-Id: I6373f97caec088482d36c65bd210c79238c623cf
This adds a simple biometric sensor (face lock) to the security choices.
Updated to disable biometric sensor by default.
Change-Id: I088e5e99cf5f8c7a06a1a992a9257940eb2cc07f
Summary:
frameworks/base
keystore rewrite
keyguard integration with keystore on keyguard entry or keyguard change
KeyStore API simplification
packages/apps/Settings
Removed com.android.credentials.SET_PASSWORD intent support
Added keyguard requirement for keystore use
packages/apps/CertInstaller
Tracking KeyStore API changes
Fix for NPE in CertInstaller when certificate lacks basic constraints
packages/apps/KeyChain
Tracking KeyStore API changes
Details:
frameworks/base
Move keystore from C to C++ while rewriting password
implementation. Removed global variables. Added many comments.
cmds/keystore/Android.mk
cmds/keystore/keystore.h
cmds/keystore/keystore.c => cmds/keystore/keystore.cpp
cmds/keystore/keystore_cli.c => cmds/keystore/keystore_cli.cpp
Changed saveLockPattern and saveLockPassword to notify the keystore
on changes so that the keystore master key can be reencrypted when
the keyguard changes.
core/java/com/android/internal/widget/LockPatternUtils.java
Changed unlock screens to pass values for keystore unlock or initialization
policy/src/com/android/internal/policy/impl/PasswordUnlockScreen.java
policy/src/com/android/internal/policy/impl/PatternUnlockScreen.java
KeyStore API changes
- renamed test() to state(), which now return a State enum
- made APIs with byte[] key arguments private
- added new KeyStore.isEmpty used to determine if a keyguard is required
keystore/java/android/security/KeyStore.java
In addition to tracking KeyStore API changes, added new testIsEmpty
and improved some existing tests to validate expect values.
keystore/tests/src/android/security/KeyStoreTest.java
packages/apps/Settings
Removing com.android.credentials.SET_PASSWORD intent with the
removal of the ability to set an explicit keystore password now
that the keyguard value is used. Changed to ensure keyguard is
enabled for keystore install or unlock. Cleaned up interwoven
dialog handing into discrete dialog helper classes.
AndroidManifest.xml
src/com/android/settings/CredentialStorage.java
Remove layout for entering new password
res/layout/credentials_dialog.xml
Remove enable credentials checkbox
res/xml/security_settings_misc.xml
src/com/android/settings/SecuritySettings.java
Added ability to specify minimum quality key to ChooseLockGeneric
Activity. Used by CredentialStorage, but could also be used by
CryptKeeperSettings. Changed ChooseLockGeneric to understand
minimum quality for keystore in addition to DPM and device
encryption.
src/com/android/settings/ChooseLockGeneric.java
Changed to use getActivePasswordQuality from
getKeyguardStoredPasswordQuality based on experience in
CredentialStorage. Removed bogus class javadoc.
src/com/android/settings/CryptKeeperSettings.java
Tracking KeyStore API changes
src/com/android/settings/vpn/VpnSettings.java
src/com/android/settings/wifi/WifiSettings.java
Removing now unused string resources
res/values-af/strings.xml
res/values-am/strings.xml
res/values-ar/strings.xml
res/values-bg/strings.xml
res/values-ca/strings.xml
res/values-cs/strings.xml
res/values-da/strings.xml
res/values-de/strings.xml
res/values-el/strings.xml
res/values-en-rGB/strings.xml
res/values-es-rUS/strings.xml
res/values-es/strings.xml
res/values-fa/strings.xml
res/values-fi/strings.xml
res/values-fr/strings.xml
res/values-hr/strings.xml
res/values-hu/strings.xml
res/values-in/strings.xml
res/values-it/strings.xml
res/values-iw/strings.xml
res/values-ja/strings.xml
res/values-ko/strings.xml
res/values-lt/strings.xml
res/values-lv/strings.xml
res/values-ms/strings.xml
res/values-nb/strings.xml
res/values-nl/strings.xml
res/values-pl/strings.xml
res/values-pt-rPT/strings.xml
res/values-pt/strings.xml
res/values-rm/strings.xml
res/values-ro/strings.xml
res/values-ru/strings.xml
res/values-sk/strings.xml
res/values-sl/strings.xml
res/values-sr/strings.xml
res/values-sv/strings.xml
res/values-sw/strings.xml
res/values-th/strings.xml
res/values-tl/strings.xml
res/values-tr/strings.xml
res/values-uk/strings.xml
res/values-vi/strings.xml
res/values-zh-rCN/strings.xml
res/values-zh-rTW/strings.xml
res/values-zu/strings.xml
res/values/strings.xml
packages/apps/CertInstaller
Tracking KeyStore API changes
src/com/android/certinstaller/CertInstaller.java
Fix for NPE in CertInstaller when certificate lacks basic constraints
src/com/android/certinstaller/CredentialHelper.java
packages/apps/KeyChain
Tracking KeyStore API changes
src/com/android/keychain/KeyChainActivity.java
src/com/android/keychain/KeyChainService.java
support/src/com/android/keychain/tests/support/IKeyChainServiceTestSupport.aidl
support/src/com/android/keychain/tests/support/KeyChainServiceTestSupport.java
tests/src/com/android/keychain/tests/KeyChainServiceTest.java
Change-Id: I80533bf8986a92b0b99cd5fb1c4943e0f23fc1c8
This converts most of the existing activities to fragments and wraps
them in PreferenceActivities so they can be launched as before
(e.g. by a DevicePolicyManager)
Upload after sync/rebase.
Change-Id: I4f351b75d9fca0498bcb04b4e11ff3b70765a4ba
This allows the user to tell the device to not show lock screen
at all as long as the DevicePolicyManager allows it.
Change-Id: Id46002500b47fc955565be197ac78b7b13b6757d
This fixes a bug where user was allowed to factory reset the device
without entering their PIN/Password.
It also fixes the same issue with MediaFormat (Settings->SD Card->Format).
Change-Id: I0677a50aa771ad8663513fd7ec398a70953dcde2
This changes the organization of lock screen security settings
to make choosing an alternate unlock method more discoverable.
Instead of having to disable the old lock method to use a new
one, the user now just has one set/change option in lock settings,
with a list of method-specific setting below it.
In addition, we ask the user to confirm their old credentials
before prompting them to choose a new one, which eliminates one
source of confusion.
Also, ChooseLockGeneric now shows a UI if quality isn't specified.
Any unlock method less secure than minimum specified by
DevicePolicyManager (if active) is greyed out.
Change-Id: Iecc6f64d4d3368a583f06f8d5fe9655cc3d5bd3b
This introduces a new activity for changing the password, which takes
care of launching the correct password activity based on the caller's
request and active policy. The security settings activity now uses
this, and it implements the API action for launching the password UI.
