am e7c32555: Merge "Add a checkbox option to \'require password to decrypt\'" into lmp-dev

* commit 'e7c325559d961f13c6df96803bca4747f41b27a4': Add a checkbox option to 'require password to decrypt'
2014-10-15 18:26:59 +00:00
parent 01ddc75fc1 e7c325559d
commit 09ba0da87f
2 changed files with 50 additions and 12 deletions
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -6569,6 +6569,15 @@ public final class Settings {
         */
        public static final String NETWORK_SCORING_PROVISIONED = "network_scoring_provisioned";

+        /**
+         * Whether the user wants to be prompted for password to decrypt the device on boot.
+         * This only matters if the storage is encrypted.
+         * <p>
+         * Type: int (0 for false, 1 for true)
+         * @hide
+         */
+        public static final String REQUIRE_PASSWORD_TO_DECRYPT = "require_password_to_decrypt";
+
        /**
         * Settings to backup. This is here so that it's in the same place as the settings
         * keys and easy to update.
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -33,6 +33,7 @@ import android.os.IBinder;
 import android.os.RemoteException;
 import android.os.ServiceManager;
 import android.os.SystemClock;
+import android.os.SystemProperties;
 import android.os.UserHandle;
 import android.os.UserManager;
 import android.os.storage.IMountService;
@@ -556,11 +557,18 @@ public class LockPatternUtils {
            getLockSettings().setLockPattern(patternToString(pattern), userId);
            DevicePolicyManager dpm = getDevicePolicyManager();
            if (pattern != null) {
-
-                int userHandle = userId;
-                if (userHandle == UserHandle.USER_OWNER) {
-                    String stringPattern = patternToString(pattern);
-                    updateEncryptionPassword(StorageManager.CRYPT_TYPE_PATTERN, stringPattern);
+                // Update the device encryption password.
+                if (userId == UserHandle.USER_OWNER
+                        && LockPatternUtils.isDeviceEncryptionEnabled()) {
+                    final ContentResolver cr = mContext.getContentResolver();
+                    final boolean required = Settings.Global.getInt(cr,
+                            Settings.Global.REQUIRE_PASSWORD_TO_DECRYPT, 1) == 1 ? true : false;
+                    if (!required) {
+                        clearEncryptionPassword();
+                    } else {
+                        String stringPattern = patternToString(pattern);
+                        updateEncryptionPassword(StorageManager.CRYPT_TYPE_PATTERN, stringPattern);
+                    }
                }

                setBoolean(PATTERN_EVER_CHOSEN_KEY, true);
@@ -785,13 +793,23 @@ public class LockPatternUtils {
                getLockSettings().setLockPassword(password, userHandle);
                int computedQuality = computePasswordQuality(password);

-                if (userHandle == UserHandle.USER_OWNER) {
-                    // Update the encryption password.
-                    int type = computedQuality == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC
-                        || computedQuality == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX
-                        ? StorageManager.CRYPT_TYPE_PIN
-                        : StorageManager.CRYPT_TYPE_PASSWORD;
-                    updateEncryptionPassword(type, password);
+                // Update the device encryption password.
+                if (userHandle == UserHandle.USER_OWNER
+                        && LockPatternUtils.isDeviceEncryptionEnabled()) {
+                    final ContentResolver cr = mContext.getContentResolver();
+                    final boolean required = Settings.Global.getInt(cr,
+                            Settings.Global.REQUIRE_PASSWORD_TO_DECRYPT, 1) == 1 ? true : false;
+                    if (!required) {
+                        clearEncryptionPassword();
+                    } else {
+                        boolean numeric = computedQuality
+                                == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC;
+                        boolean numericComplex = computedQuality
+                                == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX;
+                        int type = numeric || numericComplex ? StorageManager.CRYPT_TYPE_PIN
+                                : StorageManager.CRYPT_TYPE_PASSWORD;
+                        updateEncryptionPassword(type, password);
+                    }
                }

                if (!isFallback) {
@@ -894,6 +912,17 @@ public class LockPatternUtils {
        return true;
    }

+    /**
+     * Determine if the device supports encryption, even if it's set to default. This
+     * differs from isDeviceEncrypted() in that it returns true even if the device is
+     * encrypted with the default password.
+     * @return true if device encryption is enabled
+     */
+    public static boolean isDeviceEncryptionEnabled() {
+        final String status = SystemProperties.get("ro.crypto.state", "unsupported");
+        return "encrypted".equalsIgnoreCase(status);
+    }
+
    /**
     * Clears the encryption password.
     */