Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4bbf0653 authored by Ricky Wai's avatar Ricky Wai
Browse files

Keymaster init for work profile 

Changes:
(1) When unified work challenge is enabled and screen lock is secure
  - Store work profile secure key in primary profile
  - When primary user keystore unlocked, unlock work profile keystore
  - When primary user change lock to none, remove work secure key
(2) When unified work challenge is enabled but screen lock is not secure
  - When screen lock changes to secure, store work secure key in primary
(3) When user changes work challenge from unified to separated
  - Remove work secure key in primary
(4) When user changes work challenge from separate to unified
  - Do (1) and (2)

Bug: 27460698

Change-Id: Id7464c178e6ea7b561643477e7cd84f963048c87
parent 1dea763d

src/com/android/settings/ChooseLockGeneric.java

+6 −2
Original line number Diff line number Diff line
@@ -206,7 +206,11 @@ public class ChooseLockGeneric extends SettingsActivity { 
            } else if (!mWaitingForConfirmation) {

                ChooseLockSettingsHelper helper =

                        new ChooseLockSettingsHelper(this.getActivity(), this);

                if (!helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST,

                boolean managedProfileWithUnifiedLock = Utils

                        .isManagedProfile(UserManager.get(getActivity()), mUserId)

                        && !mLockPatternUtils.isSeparateProfileChallengeEnabled(mUserId);

                if (managedProfileWithUnifiedLock

                        || !helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST,

                        getString(R.string.unlock_set_unlock_launch_picker_title), true, mUserId)) {

                    mPasswordConfirmed = true; // no password set, so no need to confirm

                    updatePreferencesOrFinish();
@@ -592,7 +596,7 @@ public class ChooseLockGeneric extends SettingsActivity { 
            }



            if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {

                mLockPatternUtils.setSeparateProfileChallengeEnabled(mUserId, true);

                mLockPatternUtils.setSeparateProfileChallengeEnabled(mUserId, true, mUserPassword);

                mChooseLockSettingsHelper.utils().clearLock(mUserId);

                mChooseLockSettingsHelper.utils().setLockScreenDisabled(disabled, mUserId);

                removeAllFingerprintTemplatesAndFinish();

src/com/android/settings/SaveChosenLockWorkerBase.java

+0 −1
Original line number Diff line number Diff line
@@ -68,7 +68,6 @@ abstract class SaveChosenLockWorkerBase extends Fragment { 
        mHasChallenge = hasChallenge;

        mChallenge = challenge;

        // This will be a no-op for non managed profiles.

        mUtils.setSeparateProfileChallengeEnabled(mUserId, true);

        mWasSecureBefore = mUtils.isSecure(mUserId);



        Context context = getContext();

src/com/android/settings/SecuritySettings.java

+4 −5
Original line number Diff line number Diff line
@@ -697,8 +697,8 @@ public class SecuritySettings extends SettingsPreferenceFragment 
    private void unifyLocks() {

        int profileQuality =

                mLockPatternUtils.getKeyguardStoredPasswordQuality(mProfileChallengeUserId);

        mLockPatternUtils.clearLock(mProfileChallengeUserId);

        mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, false);

        mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, false,

                mCurrentProfilePassword);

        if (profileQuality == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) {

            mLockPatternUtils.saveLockPattern(

                    LockPatternUtils.stringToPattern(mCurrentProfilePassword),
@@ -716,14 +716,13 @@ public class SecuritySettings extends SettingsPreferenceFragment 
    }



    private void unifyUncompliantLocks() {

        mLockPatternUtils.clearLock(mProfileChallengeUserId);

        mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, false);

        mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, false,

                mCurrentProfilePassword);

        startFragment(this, "com.android.settings.ChooseLockGeneric$ChooseLockGenericFragment",

                R.string.lock_settings_picker_title, SET_OR_CHANGE_LOCK_METHOD_REQUEST, null);

    }



    private void ununifyLocks() {

        mLockPatternUtils.setSeparateProfileChallengeEnabled(mProfileChallengeUserId, true);

        Bundle extras = new Bundle();

        extras.putInt(Intent.EXTRA_USER_ID, mProfileChallengeUserId);

        startFragment(this,