Merge "Support encryption in EAS provisioning" into honeycomb

2011-01-13 16:51:51 -08:00 · 2011-01-13 16:51:51 -08:00 · 96497dc60e
commit 96497dc60e
parent 1daf876693 4fa12e52fc
1 changed files with 16 additions and 2 deletions
--- a/src/com/android/exchange/adapter/ProvisionParser.java
+++ b/src/com/android/exchange/adapter/ProvisionParser.java
@ -68,6 +68,7 @@ public class ProvisionParser extends Parser {
        int passwordExpirationDays = 0;
        int passwordHistory = 0;
        int passwordComplexChars = 0;
+        boolean encryptionRequired = false;

        while (nextTag(Tags.PROVISION_EAS_PROVISION_DOC) != END) {
            boolean tagIsSupported = true;
@ -129,10 +130,18 @@ public class ProvisionParser extends Parser {
                        tagIsSupported = false;
                    }
                    break;
+                // We may now support device (internal) encryption; we'll check this capability
+                // below with the call to SecurityPolicy.isSupported()
+                case Tags.PROVISION_REQUIRE_DEVICE_ENCRYPTION:
+                    if (getValueInt() == 1) {
+                        encryptionRequired = true;
+                    }
+                    break;
                // The following policies, if true, can't be supported at the moment
+                // Note that DEVICE_ENCRYPTION_ENABLED refers to SD card encryption, which we do
+                // not yet support.
                case Tags.PROVISION_DEVICE_ENCRYPTION_ENABLED:
                case Tags.PROVISION_PASSWORD_RECOVERY_ENABLED:
-                case Tags.PROVISION_REQUIRE_DEVICE_ENCRYPTION:
                case Tags.PROVISION_REQUIRE_SIGNED_SMIME_MESSAGES:
                case Tags.PROVISION_REQUIRE_ENCRYPTED_SMIME_MESSAGES:
                case Tags.PROVISION_REQUIRE_SIGNED_SMIME_ALGORITHM:
@ -196,7 +205,12 @@ public class ProvisionParser extends Parser {

        mPolicySet = new SecurityPolicy.PolicySet(minPasswordLength, passwordMode,
                maxPasswordFails, maxScreenLockTime, true, passwordExpirationDays, passwordHistory,
-                passwordComplexChars, false);
+                passwordComplexChars, encryptionRequired);
+        // We can only determine whether encryption is supported on device by using isSupported here
+        if (!SecurityPolicy.getInstance(mService.mContext).isSupported(mPolicySet)) {
+            log("SecurityPolicy reports PolicySet not supported.");
+            mIsSupportable = false;
+        }
    }

    /**