5f1d894252
Support for Full Disk Encryption was removed in Android 13, since now
File Based Encryption is always used instead. It turns out that I
missed a fairly large chunk of obsolete code: EncryptionInterstitial,
which is the screen that asks whether the device will require the
primary user's lockscreen credential when it starts up. This used to be
shown when setting the primary user's lockscreen credential, to
determine whether the full-disk encryption key would be tied to that
lockscreen credential or not. But now it's unused code.
This CL removes all this unused code.
This should not change any behavior, with one very minor exception:
Settings will no longer explicitly set the REQUIRE_PASSWORD_TO_DECRYPT
setting to 0 whenever the primary user's lockscreen credential is
changed. (This happened in SaveChosenLockWorkerBase.) This setting is
a @SystemApi, but it no longer has any meaning, since it is never set to
1 anymore. If there is a reason to keep it explicitly set to 0, instead
of unset, we should make LockSettingsService in system_server set it.
Test: Went through SUW, set a PIN, cleared the PIN, set a PIN again (all
using the UI). Nothing unusual seen.
Bug: 208476087
Change-Id: I039cc7a284e3f43e1e284970a5869958c909d1b7
143 lines
4.6 KiB
Java
143 lines
4.6 KiB
Java
/*
|
|
* Copyright (C) 2015 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
package com.android.settings.password;
|
|
|
|
import android.content.Intent;
|
|
import android.os.AsyncTask;
|
|
import android.os.Bundle;
|
|
import android.os.UserHandle;
|
|
import android.util.Pair;
|
|
import android.widget.Toast;
|
|
|
|
import androidx.fragment.app.Fragment;
|
|
|
|
import com.android.internal.widget.LockPatternUtils;
|
|
import com.android.internal.widget.LockscreenCredential;
|
|
import com.android.settings.R;
|
|
import com.android.settings.safetycenter.LockScreenSafetySource;
|
|
|
|
/**
|
|
* An invisible retained worker fragment to track the AsyncWork that saves (and optionally
|
|
* verifies if a challenge is given) the chosen lock credential (pattern/pin/password).
|
|
*/
|
|
abstract class SaveChosenLockWorkerBase extends Fragment {
|
|
|
|
private Listener mListener;
|
|
private boolean mFinished;
|
|
private Intent mResultData;
|
|
|
|
protected LockPatternUtils mUtils;
|
|
protected boolean mRequestGatekeeperPassword;
|
|
protected boolean mWasSecureBefore;
|
|
protected int mUserId;
|
|
protected int mUnificationProfileId = UserHandle.USER_NULL;
|
|
protected LockscreenCredential mUnificationProfileCredential;
|
|
|
|
private boolean mBlocking;
|
|
|
|
@Override
|
|
public void onCreate(Bundle savedInstanceState) {
|
|
super.onCreate(savedInstanceState);
|
|
setRetainInstance(true);
|
|
}
|
|
|
|
public void setListener(Listener listener) {
|
|
if (mListener == listener) {
|
|
return;
|
|
}
|
|
|
|
mListener = listener;
|
|
if (mFinished && mListener != null) {
|
|
mListener.onChosenLockSaveFinished(mWasSecureBefore, mResultData);
|
|
}
|
|
}
|
|
|
|
protected void prepare(LockPatternUtils utils, boolean requestGatekeeperPassword, int userId) {
|
|
mUtils = utils;
|
|
mUserId = userId;
|
|
mRequestGatekeeperPassword = requestGatekeeperPassword;
|
|
// This will be a no-op for non managed profiles.
|
|
mWasSecureBefore = mUtils.isSecure(mUserId);
|
|
mFinished = false;
|
|
mResultData = null;
|
|
}
|
|
|
|
protected void start() {
|
|
if (mBlocking) {
|
|
finish(saveAndVerifyInBackground().second);
|
|
} else {
|
|
new Task().execute();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Executes the save and verify work in background.
|
|
* @return pair where the first is a boolean confirming whether the change was successful or not
|
|
* and second is the Intent which has the challenge token or is null.
|
|
*/
|
|
protected abstract Pair<Boolean, Intent> saveAndVerifyInBackground();
|
|
|
|
protected void finish(Intent resultData) {
|
|
mFinished = true;
|
|
mResultData = resultData;
|
|
if (mListener != null) {
|
|
mListener.onChosenLockSaveFinished(mWasSecureBefore, mResultData);
|
|
}
|
|
if (mUnificationProfileCredential != null) {
|
|
mUnificationProfileCredential.zeroize();
|
|
}
|
|
LockScreenSafetySource.onLockScreenChange(getContext());
|
|
}
|
|
|
|
public void setBlocking(boolean blocking) {
|
|
mBlocking = blocking;
|
|
}
|
|
|
|
public void setProfileToUnify(int profileId, LockscreenCredential credential) {
|
|
mUnificationProfileId = profileId;
|
|
mUnificationProfileCredential = credential.duplicate();
|
|
}
|
|
|
|
protected void unifyProfileCredentialIfRequested() {
|
|
if (mUnificationProfileId != UserHandle.USER_NULL) {
|
|
mUtils.setSeparateProfileChallengeEnabled(mUnificationProfileId, false,
|
|
mUnificationProfileCredential);
|
|
}
|
|
}
|
|
|
|
private class Task extends AsyncTask<Void, Void, Pair<Boolean, Intent>> {
|
|
|
|
@Override
|
|
protected Pair<Boolean, Intent> doInBackground(Void... params){
|
|
return saveAndVerifyInBackground();
|
|
}
|
|
|
|
@Override
|
|
protected void onPostExecute(Pair<Boolean, Intent> resultData) {
|
|
if (!resultData.first) {
|
|
Toast.makeText(getContext(), R.string.lockpassword_credential_changed,
|
|
Toast.LENGTH_LONG).show();
|
|
}
|
|
finish(resultData.second);
|
|
}
|
|
}
|
|
|
|
interface Listener {
|
|
void onChosenLockSaveFinished(boolean wasSecureBefore, Intent resultData);
|
|
}
|
|
}
|