commit d6d4c1681a4c64f33254514248aa671d9b3707f5
author TreeHugger Robot <treehugger-gerrit@google.com> Tue Sep 04 20:28:26 2018 +0000
committer Android (Google) Code Review <android-gerrit@google.com> Tue Sep 04 20:28:26 2018 +0000
tree 0c403a9839f1a8590404f0a93801a73062291fe2
parent c4a378f473d67d70e1e16b7cbef54006e44d4307
parent 1613c712482e35ecb790d386e25fe0ec99bcf135

Merge "Fix keyguard checking when installing user certs."

src/com/android/settings/CredentialStorage.java

diff --git a/src/com/android/settings/CredentialStorage.java b/src/com/android/settings/CredentialStorage.java
index c553e34..319d599 100644
--- a/src/com/android/settings/CredentialStorage.java
+++ b/src/com/android/settings/CredentialStorage.java
@@ -106,6 +106,7 @@
     private static final int CONFIRM_CLEAR_SYSTEM_CREDENTIAL_REQUEST = 2;
 
     private final KeyStore mKeyStore = KeyStore.getInstance();
+    private LockPatternUtils mUtils;
 
     /**
      * When non-null, the bundle containing credentials to install.
@@ -113,6 +114,12 @@
     private Bundle mInstallBundle;
 
     @Override
+    protected void onCreate(Bundle savedState) {
+        super.onCreate(savedState);
+        mUtils = new LockPatternUtils(this);
+    }
+
+    @Override
     protected void onResume() {
         super.onResume();
 
@@ -160,7 +167,7 @@
                 return;
             }
             case UNLOCKED: {
-                if (isActivePasswordQualityInsufficient()) {
+                if (!mUtils.isSecure(UserHandle.myUserId())) {
                     final ConfigureKeyGuardDialog dialog = new ConfigureKeyGuardDialog();
                     dialog.show(getSupportFragmentManager(), ConfigureKeyGuardDialog.TAG);
                     return;
@@ -179,7 +186,7 @@
      * case after unlocking with an old-style password).
      */
     private void ensureKeyGuard() {
-        if (isActivePasswordQualityInsufficient()) {
+        if (!mUtils.isSecure(UserHandle.myUserId())) {
             // key guard not setup, doing so will initialize keystore
             final ConfigureKeyGuardDialog dialog = new ConfigureKeyGuardDialog();
             dialog.show(getSupportFragmentManager(), ConfigureKeyGuardDialog.TAG);
@@ -194,16 +201,6 @@
         finish();
     }
 
-    /**
-     * Returns true if the currently set key guard violates our minimum quality requirements.
-     */
-    private boolean isActivePasswordQualityInsufficient() {
-        final int credentialOwner =
-                UserManager.get(this).getCredentialOwnerProfile(UserHandle.myUserId());
-        final int quality = new LockPatternUtils(this).getActivePasswordQuality(credentialOwner);
-        return (quality >= MIN_PASSWORD_QUALITY);
-    }
-
     private boolean isHardwareBackedKey(byte[] keyData) {
         try {
             final ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(keyData));
@@ -350,7 +347,7 @@
         protected Boolean doInBackground(Void... unused) {
 
             // Clear all the users credentials could have been installed in for this user.
-            new LockPatternUtils(CredentialStorage.this).resetKeyStore(UserHandle.myUserId());
+            mUtils.resetKeyStore(UserHandle.myUserId());
 
             try {
                 final KeyChainConnection keyChainConnection = KeyChain.bind(CredentialStorage.this);