Hide work profile key in user credentials screen
Bug: 28878708
Change-Id: Ib250fae2388b061430d93b7d65133002ce664993
diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
index a5485da..70941b6 100644
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -141,6 +141,9 @@
// consider it a complex PIN/password.
public static final int MAX_ALLOWED_SEQUENCE = 3;
+ public static final String PROFILE_KEY_NAME_ENCRYPT = "profile_key_name_encrypt_";
+ public static final String PROFILE_KEY_NAME_DECRYPT = "profile_key_name_decrypt_";
+
private final Context mContext;
private final ContentResolver mContentResolver;
private DevicePolicyManager mDevicePolicyManager;
diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java
index 8d413799..1d8bb6b 100644
--- a/services/core/java/com/android/server/LockSettingsService.java
+++ b/services/core/java/com/android/server/LockSettingsService.java
@@ -112,8 +112,6 @@
private static final int FBE_ENCRYPTED_NOTIFICATION = 0;
private static final boolean DEBUG = false;
- private static final String PROFILE_KEY_NAME_ENCRYPT = "profile_key_name_encrypt_";
- private static final String PROFILE_KEY_NAME_DECRYPT = "profile_key_name_decrypt_";
private static final int PROFILE_KEY_IV_SIZE = 12;
private static final String SEPARATE_PROFILE_CHALLENGE_KEY = "lockscreen.profilechallenge";
private final Object mSeparateChallengeLock = new Object();
@@ -700,7 +698,7 @@
java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
SecretKey decryptionKey = (SecretKey) keyStore.getKey(
- PROFILE_KEY_NAME_DECRYPT + userId, null);
+ LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + userId, null);
Cipher cipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
+ KeyProperties.BLOCK_MODE_GCM + "/" + KeyProperties.ENCRYPTION_PADDING_NONE);
@@ -982,14 +980,14 @@
java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
keyStore.setEntry(
- PROFILE_KEY_NAME_ENCRYPT + userId,
+ LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + userId,
new java.security.KeyStore.SecretKeyEntry(secretKey),
new KeyProtection.Builder(KeyProperties.PURPOSE_ENCRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
.build());
keyStore.setEntry(
- PROFILE_KEY_NAME_DECRYPT + userId,
+ LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + userId,
new java.security.KeyStore.SecretKeyEntry(secretKey),
new KeyProtection.Builder(KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
@@ -1000,7 +998,7 @@
// Key imported, obtain a reference to it.
SecretKey keyStoreEncryptionKey = (SecretKey) keyStore.getKey(
- PROFILE_KEY_NAME_ENCRYPT + userId, null);
+ LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + userId, null);
// The original key can now be discarded.
Cipher cipher = Cipher.getInstance(
@@ -1399,8 +1397,8 @@
try {
java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
- keyStore.deleteEntry(PROFILE_KEY_NAME_ENCRYPT + targetUserId);
- keyStore.deleteEntry(PROFILE_KEY_NAME_DECRYPT + targetUserId);
+ keyStore.deleteEntry(LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + targetUserId);
+ keyStore.deleteEntry(LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + targetUserId);
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException
| IOException e) {
// We have tried our best to remove all keys