Merge "Track core platform API change"
diff --git a/res/values/strings.xml b/res/values/strings.xml
index dd8eee2..9a7271d 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -5887,10 +5887,8 @@
<!-- Title of preference group for credential storage settings [CHAR LIMIT=30] -->
<string name="credentials_title">Credential storage</string>
- <!-- Title of preference to install certificates from SD card [CHAR LIMIT=30] -->
- <string name="credentials_install" product="nosdcard">Install from storage</string>
- <!-- Title of preference to install certificates from SD card [CHAR LIMIT=30] -->
- <string name="credentials_install" product="default">Install from SD card</string>
+ <!-- Title of preference to install certificates [CHAR LIMIT=30] -->
+ <string name="credentials_install">Install a certificate</string>
<!-- Summary of preference to install certificates from SD card [CHAR LIMIT=NONE] -->
<string name="credentials_install_summary" product="nosdcard">Install certificates from storage</string>
<!-- Summary of preference to install certificates from SD card [CHAR LIMIT=NONE] -->
@@ -5929,6 +5927,22 @@
<string name="credentials_not_erased">Credential storage couldn\u2019t be erased.</string>
<!-- Title of Usage Access preference item [CHAR LIMIT=30] -->
<string name="usage_access_title">Apps with usage access</string>
+ <!-- Title of CA certificate [CHAR LIMIT=30] -->
+ <string name="ca_certificate">CA certificate</string>
+ <!-- Title of User certificate [CHAR LIMIT=30] -->
+ <string name="user_certificate">VPN & app user certificate</string>
+ <!-- Title of Wi-Fi certificate [CHAR LIMIT=30] -->
+ <string name="wifi_certificate">Wi\u2011Fi certificate</string>
+ <!-- Title of warning shown to the user before they can install a CA certificate [CHAR LIMIT=NONE] -->
+ <string name="ca_certificate_warning_title">Your data won\u2019t be private</string>
+ <!-- Description of warning shown to the user before they can install a CA certificate [CHAR LIMIT=NONE] -->
+ <string name="ca_certificate_warning_description">CA certificates are used by websites, apps, and VPNs for encryption. Only install CA certificates from organizations you trust. \n\n If you install a CA certificate, the certificate owner could access your data, such as passwords or credit card details, from websites you visit or apps you use – even if your data is encrypted.</string>
+ <!-- Label for button to not install a certificate [CHAR_LIMIT=50] -->
+ <string name="certificate_warning_dont_install">Don\u2019t install</string>
+ <!-- Label for button to continue installing a certificate [CHAR_LIMIT=50] -->
+ <string name="certificate_warning_install_anyway">Install anyway</string>
+ <!-- Toast message that a certificate was not installed -->
+ <string name="cert_not_installed">Certificate not installed</string>
<!-- Sound settings screen, setting check box label -->
<string name="emergency_tone_title">Emergency dialing signal</string>
@@ -6890,6 +6904,8 @@
<string name="help_url_security" translatable="false"></string>
<!-- Help URL, Encryption settings [DO NOT TRANSLATE] -->
<string name="help_url_encryption" translatable="false"></string>
+ <!-- Help URL, Install certificate settings [DO NOT TRANSLATE] -->
+ <string name="help_url_install_certificate" translatable="false"></string>
<!-- Help URL, Tap & pay [DO NOT TRANSLATE] -->
<string name="help_url_nfc_payment" translatable="false"></string>
<!-- Help URL, Remote display [DO NOT TRANSLATE] -->
diff --git a/res/xml/encryption_and_credential.xml b/res/xml/encryption_and_credential.xml
index f9d9679..f7e7184 100644
--- a/res/xml/encryption_and_credential.xml
+++ b/res/xml/encryption_and_credential.xml
@@ -58,17 +58,11 @@
settings:userRestriction="no_config_credentials" />
<com.android.settingslib.RestrictedPreference
- android:key="credentials_install"
+ android:key="install_certificate"
android:title="@string/credentials_install"
android:summary="@string/credentials_install_summary"
- settings:userRestriction="no_config_credentials">
-
- <intent
- android:action="android.credentials.INSTALL"
- android:targetPackage="com.android.certinstaller"
- android:targetClass="com.android.certinstaller.CertInstallerMain" />
-
- </com.android.settingslib.RestrictedPreference>
+ android:fragment="com.android.settings.security.InstallCertificateFromStorage"
+ settings:userRestriction="no_config_credentials" />
<com.android.settingslib.RestrictedPreference
android:key="credentials_reset"
diff --git a/res/xml/install_certificate_from_storage.xml b/res/xml/install_certificate_from_storage.xml
new file mode 100644
index 0000000..0116713
--- /dev/null
+++ b/res/xml/install_certificate_from_storage.xml
@@ -0,0 +1,70 @@
+<!--
+ ~ Copyright (C) 2019 The Android Open Source Project
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<PreferenceScreen
+ xmlns:android="http://schemas.android.com/apk/res/android"
+ xmlns:settings="http://schemas.android.com/apk/res-auto"
+ android:title="@string/credentials_install"
+ android:key="install_certificate_from_storage">
+
+ <PreferenceCategory
+ android:key="certificate_types">
+
+ <Preference
+ android:key="install_ca_certificate"
+ android:title="@string/ca_certificate">
+
+ <intent
+ android:action="android.credentials.INSTALL"
+ android:targetPackage="com.android.certinstaller"
+ android:targetClass="com.android.certinstaller.CertInstallerMain">
+ <!-- Same value as CERTIFICATE_USAGE_CA in keystore/java/android/security/Credentials.java -->
+ <extra android:name="certificate_install_usage" android:value="ca"/>
+ </intent>
+
+ </Preference>
+
+ <Preference
+ android:key="install_user_certificate"
+ android:title="@string/user_certificate">
+
+ <intent
+ android:action="android.credentials.INSTALL"
+ android:targetPackage="com.android.certinstaller"
+ android:targetClass="com.android.certinstaller.CertInstallerMain">
+ <!-- Same value as CERTIFICATE_USAGE_USER in keystore/java/android/security/Credentials.java -->
+ <extra android:name="certificate_install_usage" android:value="user"/>
+ </intent>
+
+ </Preference>
+
+ <Preference
+ android:key="install_wifi_certificate"
+ android:title="@string/wifi_certificate">
+
+ <intent
+ android:action="android.credentials.INSTALL"
+ android:targetPackage="com.android.certinstaller"
+ android:targetClass="com.android.certinstaller.CertInstallerMain">
+ <!-- Same value as CERTIFICATE_USAGE_WIFI in keystore/java/android/security/Credentials.java -->
+ <extra android:name="certificate_install_usage" android:value="wifi"/>
+ </intent>
+
+ </Preference>
+
+ </PreferenceCategory>
+
+</PreferenceScreen>
\ No newline at end of file
diff --git a/res/xml/wifi_configure_settings.xml b/res/xml/wifi_configure_settings.xml
index c621466..0300b80 100644
--- a/res/xml/wifi_configure_settings.xml
+++ b/res/xml/wifi_configure_settings.xml
@@ -48,10 +48,12 @@
<Preference
android:key="install_credentials"
android:title="@string/wifi_install_credentials">
- <intent android:action="android.credentials.INSTALL_AS_USER"
- android:targetPackage="com.android.certinstaller"
- android:targetClass="com.android.certinstaller.CertInstallerMain">
- <extra android:name="install_as_uid" android:value="1010" />
+ <intent
+ android:action="android.credentials.INSTALL"
+ android:targetPackage="com.android.certinstaller"
+ android:targetClass="com.android.certinstaller.CertInstallerMain">
+ <!-- Same value as CERTIFICATE_USAGE_WIFI in keystore/java/android/security/Credentials.java -->
+ <extra android:name="certificate_install_usage" android:value="wifi"/>
</intent>
</Preference>
diff --git a/src/com/android/settings/deviceinfo/simstatus/SimStatusDialogController.java b/src/com/android/settings/deviceinfo/simstatus/SimStatusDialogController.java
index efeb8a0..85ec799 100644
--- a/src/com/android/settings/deviceinfo/simstatus/SimStatusDialogController.java
+++ b/src/com/android/settings/deviceinfo/simstatus/SimStatusDialogController.java
@@ -489,7 +489,6 @@
if (overrideNetworkType == TelephonyDisplayInfo.OVERRIDE_NETWORK_TYPE_NR_NSA_MMWAVE
|| overrideNetworkType == TelephonyDisplayInfo.OVERRIDE_NETWORK_TYPE_NR_NSA) {
dataNetworkTypeName = "NR NSA";
- voiceNetworkTypeName = "NR NSA";
}
boolean show4GForLTE = false;
diff --git a/src/com/android/settings/security/CredentialStorage.java b/src/com/android/settings/security/CredentialStorage.java
index 0ea37b5..5e64723 100644
--- a/src/com/android/settings/security/CredentialStorage.java
+++ b/src/com/android/settings/security/CredentialStorage.java
@@ -31,6 +31,7 @@
import android.os.UserHandle;
import android.os.UserManager;
import android.security.Credentials;
+import android.security.IKeyChainService;
import android.security.KeyChain;
import android.security.KeyChain.KeyChainConnection;
import android.security.KeyStore;
@@ -42,18 +43,10 @@
import androidx.fragment.app.FragmentActivity;
import com.android.internal.widget.LockPatternUtils;
-import com.android.org.bouncycastle.asn1.ASN1InputStream;
-import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import com.android.settings.R;
import com.android.settings.password.ChooseLockSettingsHelper;
import com.android.settings.vpn2.VpnUtils;
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import sun.security.util.ObjectIdentifier;
-import sun.security.x509.AlgorithmId;
-
/**
* CredentialStorage handles resetting and installing keys into KeyStore.
*/
@@ -118,20 +111,6 @@
}
}
- private boolean isHardwareBackedKey(byte[] keyData) {
- try {
- final ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(keyData));
- final PrivateKeyInfo pki = PrivateKeyInfo.getInstance(bIn.readObject());
- final String algOid = pki.getPrivateKeyAlgorithm().getAlgorithm().getId();
- final String algName = new AlgorithmId(new ObjectIdentifier(algOid)).getName();
-
- return KeyChain.isBoundKeyAlgorithm(algName);
- } catch (IOException e) {
- Log.e(TAG, "Failed to parse key data");
- return false;
- }
- }
-
/**
* Install credentials if available, otherwise do nothing.
*
@@ -165,56 +144,18 @@
return true;
}
- boolean shouldFinish = true;
- if (bundle.containsKey(Credentials.EXTRA_USER_PRIVATE_KEY_NAME)) {
- final String key = bundle.getString(Credentials.EXTRA_USER_PRIVATE_KEY_NAME);
- final byte[] value = bundle.getByteArray(Credentials.EXTRA_USER_PRIVATE_KEY_DATA);
-
- if (!mKeyStore.importKey(key, value, uid, KeyStore.FLAG_NONE)) {
- Log.e(TAG, "Failed to install " + key + " as uid " + uid);
- return true;
- }
- // The key was prepended USER_PRIVATE_KEY by the CredentialHelper. However,
- // KeyChain internally uses the raw alias name and only prepends USER_PRIVATE_KEY
- // to the key name when interfacing with KeyStore.
- // This is generally a symptom of CredentialStorage and CredentialHelper relying
- // on internal implementation details of KeyChain and imitating its functionality
- // rather than delegating to KeyChain for the certificate installation.
- if (uid == Process.SYSTEM_UID || uid == KeyStore.UID_SELF) {
- new MarkKeyAsUserSelectable(
- key.replaceFirst("^" + Credentials.USER_PRIVATE_KEY, "")).execute();
- shouldFinish = false;
- }
+ String alias = bundle.getString(Credentials.EXTRA_USER_KEY_ALIAS, null);
+ if (TextUtils.isEmpty(alias)) {
+ Log.e(TAG, "Cannot install key without an alias");
+ return true;
}
- final int flags = KeyStore.FLAG_NONE;
+ final byte[] privateKeyData = bundle.getByteArray(Credentials.EXTRA_USER_PRIVATE_KEY_DATA);
+ final byte[] certData = bundle.getByteArray(Credentials.EXTRA_USER_CERTIFICATE_DATA);
+ final byte[] caListData = bundle.getByteArray(Credentials.EXTRA_CA_CERTIFICATES_DATA);
+ new InstallKeyInKeyChain(alias, privateKeyData, certData, caListData, uid).execute();
- if (bundle.containsKey(Credentials.EXTRA_USER_CERTIFICATE_NAME)) {
- final String certName = bundle.getString(Credentials.EXTRA_USER_CERTIFICATE_NAME);
- final byte[] certData = bundle.getByteArray(Credentials.EXTRA_USER_CERTIFICATE_DATA);
-
- if (!mKeyStore.put(certName, certData, uid, flags)) {
- Log.e(TAG, "Failed to install " + certName + " as uid " + uid);
- return shouldFinish;
- }
- }
-
- if (bundle.containsKey(Credentials.EXTRA_CA_CERTIFICATES_NAME)) {
- final String caListName = bundle.getString(Credentials.EXTRA_CA_CERTIFICATES_NAME);
- final byte[] caListData = bundle.getByteArray(Credentials.EXTRA_CA_CERTIFICATES_DATA);
-
- if (!mKeyStore.put(caListName, caListData, uid, flags)) {
- Log.e(TAG, "Failed to install " + caListName + " as uid " + uid);
- return shouldFinish;
- }
- }
-
- // Send the broadcast.
- final Intent broadcast = new Intent(KeyChain.ACTION_KEYCHAIN_CHANGED);
- sendBroadcast(broadcast);
-
- setResult(RESULT_OK);
- return shouldFinish;
+ return false;
}
/**
@@ -308,26 +249,45 @@
}
/**
- * Background task to mark a given key alias as user-selectable, so that
- * it can be selected by users from the Certificate Selection prompt.
+ * Background task to install a certificate into KeyChain or the WiFi Keystore.
*/
- private class MarkKeyAsUserSelectable extends AsyncTask<Void, Void, Boolean> {
+ private class InstallKeyInKeyChain extends AsyncTask<Void, Void, Boolean> {
final String mAlias;
+ private final byte[] mKeyData;
+ private final byte[] mCertData;
+ private final byte[] mCaListData;
+ private final int mUid;
- MarkKeyAsUserSelectable(String alias) {
+ InstallKeyInKeyChain(String alias, byte[] keyData, byte[] certData, byte[] caListData,
+ int uid) {
mAlias = alias;
+ mKeyData = keyData;
+ mCertData = certData;
+ mCaListData = caListData;
+ mUid = uid;
}
@Override
protected Boolean doInBackground(Void... unused) {
try (KeyChainConnection keyChainConnection = KeyChain.bind(CredentialStorage.this)) {
- keyChainConnection.getService().setUserSelectable(mAlias, true);
+ IKeyChainService service = keyChainConnection.getService();
+ if (!service.installKeyPair(mKeyData, mCertData, mCaListData, mAlias, mUid)) {
+ Log.w(TAG, String.format("Failed installing key %s", mAlias));
+ return false;
+ }
+
+ // If this is not a WiFi key, mark it as user-selectable, so that it can be
+ // selected by users from the Certificate Selection prompt.
+ if (mUid == Process.SYSTEM_UID || mUid == KeyStore.UID_SELF) {
+ service.setUserSelectable(mAlias, true);
+ }
+
return true;
} catch (RemoteException e) {
- Log.w(TAG, "Failed to mark key " + mAlias + " as user-selectable.");
+ Log.w(TAG, String.format("Failed to install key %s to uid %d", mAlias, mUid), e);
return false;
} catch (InterruptedException e) {
- Log.w(TAG, "Failed to mark key " + mAlias + " as user-selectable.");
+ Log.w(TAG, String.format("Interrupted while installing key %s", mAlias), e);
Thread.currentThread().interrupt();
return false;
}
@@ -335,12 +295,28 @@
@Override
protected void onPostExecute(Boolean result) {
- Log.i(TAG, String.format("Marked alias %s as selectable, success? %s",
- mAlias, result));
- CredentialStorage.this.finish();
+ CredentialStorage.this.onKeyInstalled(mAlias, mUid, result);
}
}
+ private void onKeyInstalled(String alias, int uid, boolean result) {
+ if (!result) {
+ Log.w(TAG, String.format("Error installing alias %s for uid %d", alias, uid));
+ finish();
+ return;
+ }
+
+ Log.i(TAG, String.format("Successfully installed alias %s to uid %d.",
+ alias, uid));
+
+ // Send the broadcast.
+ final Intent broadcast = new Intent(KeyChain.ACTION_KEYCHAIN_CHANGED);
+ sendBroadcast(broadcast);
+ setResult(RESULT_OK);
+
+ finish();
+ }
+
/**
* Check that the caller is either certinstaller or Settings running in a profile of this user.
*/
diff --git a/src/com/android/settings/security/EncryptionAndCredential.java b/src/com/android/settings/security/EncryptionAndCredential.java
index a6d2a0a..e5f82f5 100644
--- a/src/com/android/settings/security/EncryptionAndCredential.java
+++ b/src/com/android/settings/security/EncryptionAndCredential.java
@@ -76,7 +76,7 @@
controllers.add(new CredentialStoragePreferenceController(context));
controllers.add(new UserCredentialsPreferenceController(context));
controllers.add(new ResetCredentialsPreferenceController(context, lifecycle));
- controllers.add(new InstallCredentialsPreferenceController(context));
+ controllers.add(new InstallCertificatePreferenceController(context));
return controllers;
}
diff --git a/src/com/android/settings/security/InstallCredentialsPreferenceController.java b/src/com/android/settings/security/InstallCaCertificatePreferenceController.java
similarity index 61%
copy from src/com/android/settings/security/InstallCredentialsPreferenceController.java
copy to src/com/android/settings/security/InstallCaCertificatePreferenceController.java
index ca9ed26..b2ded85 100644
--- a/src/com/android/settings/security/InstallCredentialsPreferenceController.java
+++ b/src/com/android/settings/security/InstallCaCertificatePreferenceController.java
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2017 The Android Open Source Project
+ * Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -19,17 +19,24 @@
import android.content.Context;
import android.os.UserManager;
-public class InstallCredentialsPreferenceController extends
- RestrictedEncryptionPreferenceController {
+import com.android.settings.core.BasePreferenceController;
- private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
+public class InstallCaCertificatePreferenceController extends
+ BasePreferenceController {
- public InstallCredentialsPreferenceController(Context context) {
+ private static final String KEY_INSTALL_CA_CERTIFICATE = "install_ca_certificate";
+
+ public InstallCaCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
+ public int getAvailabilityStatus() {
+ return AVAILABLE;
+ }
+
+ @Override
public String getPreferenceKey() {
- return KEY_CREDENTIALS_INSTALL;
+ return KEY_INSTALL_CA_CERTIFICATE;
}
}
diff --git a/src/com/android/settings/security/InstallCertificateFromStorage.java b/src/com/android/settings/security/InstallCertificateFromStorage.java
new file mode 100644
index 0000000..43ac381
--- /dev/null
+++ b/src/com/android/settings/security/InstallCertificateFromStorage.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security;
+
+import android.app.settings.SettingsEnums;
+import android.content.Context;
+import android.os.UserManager;
+
+import com.android.settings.R;
+import com.android.settings.dashboard.DashboardFragment;
+import com.android.settings.search.BaseSearchIndexProvider;
+import com.android.settingslib.core.AbstractPreferenceController;
+import com.android.settingslib.core.lifecycle.Lifecycle;
+import com.android.settingslib.search.SearchIndexable;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Install certificate from storage settings.
+ */
+@SearchIndexable
+public class InstallCertificateFromStorage extends DashboardFragment {
+
+ private static final String TAG = "InstallCertificateFromStorage";
+
+ @Override
+ public int getMetricsCategory() {
+ return SettingsEnums.INSTALL_CERTIFICATE_FROM_STORAGE;
+ }
+
+ @Override
+ protected int getPreferenceScreenResId() {
+ return R.xml.install_certificate_from_storage;
+ }
+
+ @Override
+ protected String getLogTag() {
+ return TAG;
+ }
+
+ @Override
+ protected List<AbstractPreferenceController> createPreferenceControllers(Context context) {
+ return new ArrayList<AbstractPreferenceController>();
+ }
+
+ private static List<AbstractPreferenceController> buildPreferenceControllers(Context context,
+ Lifecycle lifecycle) {
+ final List<AbstractPreferenceController> controllers = new ArrayList<>();
+ controllers.add(new InstallCaCertificatePreferenceController(context));
+ controllers.add(new InstallUserCertificatePreferenceController(context));
+ controllers.add(new InstallWifiCertificatePreferenceController(context));
+ return controllers;
+ }
+
+ @Override
+ public int getHelpResource() {
+ return R.string.help_url_install_certificate;
+ }
+
+ /**
+ * For Search. Please keep it in sync when updating "createPreferenceHierarchy()"
+ */
+ public static final BaseSearchIndexProvider SEARCH_INDEX_DATA_PROVIDER =
+ new BaseSearchIndexProvider() {
+ @Override
+ public List<AbstractPreferenceController> createPreferenceControllers(
+ Context context) {
+ return buildPreferenceControllers(context, null /* lifecycle */);
+ }
+
+ @Override
+ protected boolean isPageSearchEnabled(Context context) {
+ final UserManager um = (UserManager) context.getSystemService(
+ Context.USER_SERVICE);
+ return um.isAdminUser();
+ }
+ };
+}
diff --git a/src/com/android/settings/security/InstallCredentialsPreferenceController.java b/src/com/android/settings/security/InstallCertificatePreferenceController.java
similarity index 78%
rename from src/com/android/settings/security/InstallCredentialsPreferenceController.java
rename to src/com/android/settings/security/InstallCertificatePreferenceController.java
index ca9ed26..2133069 100644
--- a/src/com/android/settings/security/InstallCredentialsPreferenceController.java
+++ b/src/com/android/settings/security/InstallCertificatePreferenceController.java
@@ -19,17 +19,17 @@
import android.content.Context;
import android.os.UserManager;
-public class InstallCredentialsPreferenceController extends
+public class InstallCertificatePreferenceController extends
RestrictedEncryptionPreferenceController {
- private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
+ private static final String KEY_INSTALL_CERTIFICATE = "install_certificate";
- public InstallCredentialsPreferenceController(Context context) {
+ public InstallCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
public String getPreferenceKey() {
- return KEY_CREDENTIALS_INSTALL;
+ return KEY_INSTALL_CERTIFICATE;
}
}
diff --git a/src/com/android/settings/security/InstallCredentialsPreferenceController.java b/src/com/android/settings/security/InstallUserCertificatePreferenceController.java
similarity index 61%
copy from src/com/android/settings/security/InstallCredentialsPreferenceController.java
copy to src/com/android/settings/security/InstallUserCertificatePreferenceController.java
index ca9ed26..ad2a606 100644
--- a/src/com/android/settings/security/InstallCredentialsPreferenceController.java
+++ b/src/com/android/settings/security/InstallUserCertificatePreferenceController.java
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2017 The Android Open Source Project
+ * Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -19,17 +19,24 @@
import android.content.Context;
import android.os.UserManager;
-public class InstallCredentialsPreferenceController extends
- RestrictedEncryptionPreferenceController {
+import com.android.settings.core.BasePreferenceController;
- private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
+public class InstallUserCertificatePreferenceController extends
+ BasePreferenceController {
- public InstallCredentialsPreferenceController(Context context) {
+ private static final String KEY_INSTALL_USER_CERTIFICATE = "install_user_certificate";
+
+ public InstallUserCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
+ public int getAvailabilityStatus() {
+ return AVAILABLE;
+ }
+
+ @Override
public String getPreferenceKey() {
- return KEY_CREDENTIALS_INSTALL;
+ return KEY_INSTALL_USER_CERTIFICATE;
}
}
diff --git a/src/com/android/settings/security/InstallCredentialsPreferenceController.java b/src/com/android/settings/security/InstallWifiCertificatePreferenceController.java
similarity index 61%
copy from src/com/android/settings/security/InstallCredentialsPreferenceController.java
copy to src/com/android/settings/security/InstallWifiCertificatePreferenceController.java
index ca9ed26..c7df34e 100644
--- a/src/com/android/settings/security/InstallCredentialsPreferenceController.java
+++ b/src/com/android/settings/security/InstallWifiCertificatePreferenceController.java
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2017 The Android Open Source Project
+ * Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -19,17 +19,24 @@
import android.content.Context;
import android.os.UserManager;
-public class InstallCredentialsPreferenceController extends
- RestrictedEncryptionPreferenceController {
+import com.android.settings.core.BasePreferenceController;
- private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
+public class InstallWifiCertificatePreferenceController extends
+ BasePreferenceController {
- public InstallCredentialsPreferenceController(Context context) {
+ private static final String KEY_INSTALL_WIFI_CERTIFICATE = "install_wifi_certificate";
+
+ public InstallWifiCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
+ public int getAvailabilityStatus() {
+ return AVAILABLE;
+ }
+
+ @Override
public String getPreferenceKey() {
- return KEY_CREDENTIALS_INSTALL;
+ return KEY_INSTALL_WIFI_CERTIFICATE;
}
}
diff --git a/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java b/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java
new file mode 100644
index 0000000..61c39fc
--- /dev/null
+++ b/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security;
+
+import static com.android.settings.security.InstallCertificateFromStorage.SEARCH_INDEX_DATA_PROVIDER;
+
+import static com.google.common.truth.Truth.assertThat;
+
+import android.app.admin.DevicePolicyManager;
+import android.app.settings.SettingsEnums;
+import android.content.Context;
+import android.os.UserManager;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+import org.robolectric.RobolectricTestRunner;
+import org.robolectric.RuntimeEnvironment;
+import org.robolectric.shadows.ShadowApplication;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@RunWith(RobolectricTestRunner.class)
+public class InstallCertificateFromStorageTest {
+
+ @Mock
+ private UserManager mUserManager;
+
+ @Mock
+ private DevicePolicyManager mDevicePolicyManager;
+
+ private Context mContext;
+
+ private List<String> mTestKeys;
+
+ @Before
+ public void setUp() {
+ MockitoAnnotations.initMocks(this);
+ ShadowApplication application = ShadowApplication.getInstance();
+ application.setSystemService(Context.DEVICE_POLICY_SERVICE, mDevicePolicyManager);
+ application.setSystemService(Context.USER_SERVICE, mUserManager);
+ mContext = RuntimeEnvironment.application;
+ setUpTestKeys();
+ }
+
+ private void setUpTestKeys() {
+ mTestKeys = new ArrayList<>();
+ mTestKeys.add("install_certificate_from_storage");
+ mTestKeys.add("certificate_types");
+ mTestKeys.add("install_ca_certificate");
+ mTestKeys.add("install_user_certificate");
+ mTestKeys.add("install_wifi_certificate");
+ }
+
+ @Test
+ public void getMetricsCategory_shouldReturnInstallCertificateFromStorage() {
+ InstallCertificateFromStorage fragment = new InstallCertificateFromStorage();
+ assertThat(fragment.getMetricsCategory()).isEqualTo(
+ SettingsEnums.INSTALL_CERTIFICATE_FROM_STORAGE);
+ }
+
+ @Test
+ public void getNonIndexableKeys_existInXmlLayout() {
+ final List<String> nonIndexableKeys =
+ SEARCH_INDEX_DATA_PROVIDER.getNonIndexableKeys(mContext);
+
+ assertThat(nonIndexableKeys).containsAllIn(mTestKeys);
+ }
+
+}
diff --git a/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java b/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
index 79ece90..672d317 100644
--- a/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
+++ b/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
@@ -40,9 +40,12 @@
private Context mContext;
private ShadowUserManager mUserManager;
private CredentialStoragePreferenceController mCredentialStoragePreferenceController;
- private InstallCredentialsPreferenceController mInstallCredentialsPreferenceController;
+ private InstallCertificatePreferenceController mInstallCertificatePreferenceController;
private ResetCredentialsPreferenceController mResetCredentialsPreferenceController;
private UserCredentialsPreferenceController mUserCredentialsPreferenceController;
+ private InstallCaCertificatePreferenceController mInstallCaCertificatePreferenceController;
+ private InstallUserCertificatePreferenceController mInstallUserCertificatePreferenceController;
+ private InstallWifiCertificatePreferenceController mInstallWifiCertificatePreferenceController;
private Lifecycle mLifecycle;
private LifecycleOwner mLifecycleOwner;
@@ -53,21 +56,30 @@
mLifecycle = new Lifecycle(mLifecycleOwner);
mCredentialStoragePreferenceController =
new CredentialStoragePreferenceController(mContext);
- mInstallCredentialsPreferenceController =
- new InstallCredentialsPreferenceController(mContext);
+ mInstallCertificatePreferenceController =
+ new InstallCertificatePreferenceController(mContext);
mResetCredentialsPreferenceController =
new ResetCredentialsPreferenceController(mContext, mLifecycle);
mUserCredentialsPreferenceController =
new UserCredentialsPreferenceController(mContext);
+ mInstallCaCertificatePreferenceController =
+ new InstallCaCertificatePreferenceController(mContext);
+ mInstallUserCertificatePreferenceController =
+ new InstallUserCertificatePreferenceController(mContext);
+ mInstallWifiCertificatePreferenceController =
+ new InstallWifiCertificatePreferenceController(mContext);
mUserManager = ShadowUserManager.getShadow();
}
@Test
public void isAvailable_noRestriction_shouldReturnTrue() {
assertThat(mCredentialStoragePreferenceController.isAvailable()).isTrue();
- assertThat(mInstallCredentialsPreferenceController.isAvailable()).isTrue();
+ assertThat(mInstallCertificatePreferenceController.isAvailable()).isTrue();
assertThat(mResetCredentialsPreferenceController.isAvailable()).isTrue();
assertThat(mUserCredentialsPreferenceController.isAvailable()).isTrue();
+ assertThat(mInstallCaCertificatePreferenceController.isAvailable()).isTrue();
+ assertThat(mInstallUserCertificatePreferenceController.isAvailable()).isTrue();
+ assertThat(mInstallWifiCertificatePreferenceController.isAvailable()).isTrue();
}
@Test
@@ -75,8 +87,11 @@
mUserManager.addBaseUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS);
assertThat(mCredentialStoragePreferenceController.isAvailable()).isFalse();
- assertThat(mInstallCredentialsPreferenceController.isAvailable()).isFalse();
+ assertThat(mInstallCertificatePreferenceController.isAvailable()).isFalse();
assertThat(mResetCredentialsPreferenceController.isAvailable()).isFalse();
assertThat(mUserCredentialsPreferenceController.isAvailable()).isFalse();
+ assertThat(mInstallCaCertificatePreferenceController.isAvailable()).isFalse();
+ assertThat(mInstallUserCertificatePreferenceController.isAvailable()).isFalse();
+ assertThat(mInstallWifiCertificatePreferenceController.isAvailable()).isFalse();
}
}
\ No newline at end of file