Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Unlock Keystore/Keymaster separately for Work Challenge" into nyc-dev

Browse Source 
am: 30f0ff2a1c

* commit '30f0ff2a1cb31a08df278e7f6b41d4f302a93dd4':
  Unlock Keystore/Keymaster separately for Work Challenge
This commit is contained in:
Clara Bayarri
2016-03-01 01:11:05 +00:00
committed by android-build-merger
parent cfdfb09c4f 30f0ff2a1c
commit 8547d7dc07
1 changed files with 34 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
services/core/java/com/android/server/LockSettingsService.java
View File

@@ -545,9 +545,23 @@ public class LockSettingsService extends ILockSettings.Stub {
final UserManager um = (UserManager) mContext.getSystemService(USER_SERVICE);
final KeyStore ks = KeyStore.getInstance();
final List<UserInfo> profiles = um.getProfiles(userHandle);
for (UserInfo pi : profiles) {
ks.onUserPasswordChanged(pi.id, password);
if (um.getUserInfo(userHandle).isManagedProfile()) {
if (mLockPatternUtils.isSeparateProfileChallengeEnabled(userHandle)) {
ks.onUserPasswordChanged(userHandle, password);
} else {
throw new RuntimeException("Can't set keystore password on a profile that "
+ "doesn't have a profile challenge.");
}
} else {
final List<UserInfo> profiles = um.getProfiles(userHandle);
for (UserInfo pi : profiles) {
// Change password on the given user and all its profiles that don't have
// their own profile challenge enabled.
if (pi.id == userHandle || (pi.isManagedProfile()
&& !mLockPatternUtils.isSeparateProfileChallengeEnabled(pi.id))) {
ks.onUserPasswordChanged(pi.id, password);
}
}
}
}
@@ -555,9 +569,23 @@ public class LockSettingsService extends ILockSettings.Stub {
final UserManager um = (UserManager) mContext.getSystemService(USER_SERVICE);
final KeyStore ks = KeyStore.getInstance();
final List<UserInfo> profiles = um.getProfiles(userHandle);
for (UserInfo pi : profiles) {
ks.unlock(pi.id, password);
if (um.getUserInfo(userHandle).isManagedProfile()) {
if (mLockPatternUtils.isSeparateProfileChallengeEnabled(userHandle)) {
ks.unlock(userHandle, password);
} else {
throw new RuntimeException("Can't unlock a profile explicitly if it "
+ "doesn't have a profile challenge.");
}
} else {
final List<UserInfo> profiles = um.getProfiles(userHandle);
for (UserInfo pi : profiles) {
// Unlock the given user and all its profiles that don't have
// their own profile challenge enabled.
if (pi.id == userHandle || (pi.isManagedProfile()
&& !mLockPatternUtils.isSeparateProfileChallengeEnabled(pi.id))) {
ks.unlock(pi.id, password);
}
}
}
}