Loading core/java/com/android/internal/widget/LockPatternUtils.java +12 −6 Original line number Diff line number Diff line Loading @@ -1934,15 +1934,21 @@ public class LockPatternUtils { } /** * Unlocks the credential-encrypted storage for the given user if the user is not secured, i.e. * doesn't have an LSKF. * If the user is not secured, ie doesn't have an LSKF, then decrypt the user's synthetic * password and use it to unlock various cryptographic keys associated with the user. This * primarily includes unlocking the user's credential-encrypted (CE) storage. It also includes * deriving or decrypting the vendor auth secret and sending it to the AuthSecret HAL. * <p> * These tasks would normally be done when the LSKF is verified. This method is where these * tasks are done when the user doesn't have an LSKF. It's called when the user is started. * <p> * Except on permission denied, this method doesn't throw an exception on failure. However, the * last thing that it does is unlock CE storage, and whether CE storage has been successfully * unlocked can be determined by {@link StorageManager#isCeStorageUnlocked()}. * <p> * Whether the storage has been unlocked can be determined by * {@link StorageManager#isUserKeyUnlocked()}. * * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. * * @param userId the ID of the user whose storage to unlock * @param userId the ID of the user whose keys to unlock */ public void unlockUserKeyIfUnsecured(@UserIdInt int userId) { try { Loading Loading
core/java/com/android/internal/widget/LockPatternUtils.java +12 −6 Original line number Diff line number Diff line Loading @@ -1934,15 +1934,21 @@ public class LockPatternUtils { } /** * Unlocks the credential-encrypted storage for the given user if the user is not secured, i.e. * doesn't have an LSKF. * If the user is not secured, ie doesn't have an LSKF, then decrypt the user's synthetic * password and use it to unlock various cryptographic keys associated with the user. This * primarily includes unlocking the user's credential-encrypted (CE) storage. It also includes * deriving or decrypting the vendor auth secret and sending it to the AuthSecret HAL. * <p> * These tasks would normally be done when the LSKF is verified. This method is where these * tasks are done when the user doesn't have an LSKF. It's called when the user is started. * <p> * Except on permission denied, this method doesn't throw an exception on failure. However, the * last thing that it does is unlock CE storage, and whether CE storage has been successfully * unlocked can be determined by {@link StorageManager#isCeStorageUnlocked()}. * <p> * Whether the storage has been unlocked can be determined by * {@link StorageManager#isUserKeyUnlocked()}. * * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. * * @param userId the ID of the user whose storage to unlock * @param userId the ID of the user whose keys to unlock */ public void unlockUserKeyIfUnsecured(@UserIdInt int userId) { try { Loading
