Hide work profile key in user credentials screen Bug: 28878708 Change-Id: Ib250fae2388b061430d93b7d65133002ce664993

commit: d398244513c62c9ea14a0f1c6ffef832e803c16f [log] [tgz]
author: Ricky Wai <rickywai@google.com> Tue May 24 19:27:08 2016 +0100
committer: Ricky Wai <rickywai@google.com> Wed May 25 13:11:09 2016 +0000
tree: cd1e5955d2b44cceb4e789c89876e31350f21c51
parent: 977ade26dd8bc6a442be2db2470459058246844f [diff]
diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
index a5485da..70941b6 100644
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java

@@ -141,6 +141,9 @@
     // consider it a complex PIN/password.
     public static final int MAX_ALLOWED_SEQUENCE = 3;
 
+    public static final String PROFILE_KEY_NAME_ENCRYPT = "profile_key_name_encrypt_";
+    public static final String PROFILE_KEY_NAME_DECRYPT = "profile_key_name_decrypt_";
+
     private final Context mContext;
     private final ContentResolver mContentResolver;
     private DevicePolicyManager mDevicePolicyManager;

diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java
index 8d413799..1d8bb6b 100644
--- a/services/core/java/com/android/server/LockSettingsService.java
+++ b/services/core/java/com/android/server/LockSettingsService.java

@@ -112,8 +112,6 @@
     private static final int FBE_ENCRYPTED_NOTIFICATION = 0;
     private static final boolean DEBUG = false;
 
-    private static final String PROFILE_KEY_NAME_ENCRYPT = "profile_key_name_encrypt_";
-    private static final String PROFILE_KEY_NAME_DECRYPT = "profile_key_name_decrypt_";
     private static final int PROFILE_KEY_IV_SIZE = 12;
     private static final String SEPARATE_PROFILE_CHALLENGE_KEY = "lockscreen.profilechallenge";
     private final Object mSeparateChallengeLock = new Object();
@@ -700,7 +698,7 @@
         java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore");
         keyStore.load(null);
         SecretKey decryptionKey = (SecretKey) keyStore.getKey(
-                PROFILE_KEY_NAME_DECRYPT + userId, null);
+                LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + userId, null);
 
         Cipher cipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
                 + KeyProperties.BLOCK_MODE_GCM + "/" + KeyProperties.ENCRYPTION_PADDING_NONE);
@@ -982,14 +980,14 @@
             java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore");
             keyStore.load(null);
             keyStore.setEntry(
-                    PROFILE_KEY_NAME_ENCRYPT + userId,
+                    LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + userId,
                     new java.security.KeyStore.SecretKeyEntry(secretKey),
                     new KeyProtection.Builder(KeyProperties.PURPOSE_ENCRYPT)
                             .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
                             .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
                             .build());
             keyStore.setEntry(
-                    PROFILE_KEY_NAME_DECRYPT + userId,
+                    LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + userId,
                     new java.security.KeyStore.SecretKeyEntry(secretKey),
                     new KeyProtection.Builder(KeyProperties.PURPOSE_DECRYPT)
                             .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
@@ -1000,7 +998,7 @@
 
             // Key imported, obtain a reference to it.
             SecretKey keyStoreEncryptionKey = (SecretKey) keyStore.getKey(
-                    PROFILE_KEY_NAME_ENCRYPT + userId, null);
+                    LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + userId, null);
             // The original key can now be discarded.
 
             Cipher cipher = Cipher.getInstance(
@@ -1399,8 +1397,8 @@
         try {
             java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore");
             keyStore.load(null);
-            keyStore.deleteEntry(PROFILE_KEY_NAME_ENCRYPT + targetUserId);
-            keyStore.deleteEntry(PROFILE_KEY_NAME_DECRYPT + targetUserId);
+            keyStore.deleteEntry(LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + targetUserId);
+            keyStore.deleteEntry(LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + targetUserId);
         } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException
                 | IOException e) {
             // We have tried our best to remove all keys
commit	d398244513c62c9ea14a0f1c6ffef832e803c16f	[log] [tgz]
author	Ricky Wai <rickywai@google.com>	Tue May 24 19:27:08 2016 +0100
committer	Ricky Wai <rickywai@google.com>	Wed May 25 13:11:09 2016 +0000
tree	cd1e5955d2b44cceb4e789c89876e31350f21c51
parent	977ade26dd8bc6a442be2db2470459058246844f [diff]