diff options
author | Esteban Talavera <etalavera@google.com> | 2014-09-03 17:22:39 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2014-09-03 17:22:41 +0000 |
commit | aa924b52e94ac5757ce0ae43f844684808387579 (patch) | |
tree | 679208bfa69e55b15226347c8bd461ee1737044f /core/java/android/app/admin | |
parent | a25d54ffb0a83fc1ac4517d98992a426948b7d53 (diff) | |
parent | 808f6ef2ac2127ea0ea14e71c9599355b631a617 (diff) | |
download | frameworks_base-aa924b52e94ac5757ce0ae43f844684808387579.zip frameworks_base-aa924b52e94ac5757ce0ae43f844684808387579.tar.gz frameworks_base-aa924b52e94ac5757ce0ae43f844684808387579.tar.bz2 |
Merge "Pass ComponentName to probing certificate methods" into lmp-dev
Diffstat (limited to 'core/java/android/app/admin')
-rw-r--r-- | core/java/android/app/admin/DevicePolicyManager.java | 36 | ||||
-rw-r--r-- | core/java/android/app/admin/IDevicePolicyManager.aidl | 1 |
2 files changed, 26 insertions, 11 deletions
diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index 12a94e9..282444a 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -1786,16 +1786,24 @@ public class DevicePolicyManager { * If a user has installed any certificates by other means than device policy these will be * included too. * + * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @return a List of byte[] arrays, each encoding one user CA certificate. */ - public List<byte[]> getInstalledCaCerts() { - final TrustedCertificateStore certStore = new TrustedCertificateStore(); + public List<byte[]> getInstalledCaCerts(ComponentName admin) { List<byte[]> certs = new ArrayList<byte[]>(); - for (String alias : certStore.userAliases()) { + if (mService != null) { try { - certs.add(certStore.getCertificate(alias).getEncoded()); - } catch (CertificateException ce) { - Log.w(TAG, "Could not encode certificate: " + alias, ce); + mService.enforceCanManageCaCerts(admin); + final TrustedCertificateStore certStore = new TrustedCertificateStore(); + for (String alias : certStore.userAliases()) { + try { + certs.add(certStore.getCertificate(alias).getEncoded()); + } catch (CertificateException ce) { + Log.w(TAG, "Could not encode certificate: " + alias, ce); + } + } + } catch (RemoteException re) { + Log.w(TAG, "Failed talking with device policy service", re); } } return certs; @@ -1822,13 +1830,19 @@ public class DevicePolicyManager { /** * Returns whether this certificate is installed as a trusted CA. * + * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param certBuffer encoded form of the certificate to look up. */ - public boolean hasCaCertInstalled(byte[] certBuffer) { - try { - return getCaCertAlias(certBuffer) != null; - } catch (CertificateException ce) { - Log.w(TAG, "Could not parse certificate", ce); + public boolean hasCaCertInstalled(ComponentName admin, byte[] certBuffer) { + if (mService != null) { + try { + mService.enforceCanManageCaCerts(admin); + return getCaCertAlias(certBuffer) != null; + } catch (RemoteException re) { + Log.w(TAG, "Failed talking with device policy service", re); + } catch (CertificateException ce) { + Log.w(TAG, "Could not parse certificate", ce); + } } return false; } diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl index c984cf9..57d8b95 100644 --- a/core/java/android/app/admin/IDevicePolicyManager.aidl +++ b/core/java/android/app/admin/IDevicePolicyManager.aidl @@ -124,6 +124,7 @@ interface IDevicePolicyManager { boolean installCaCert(in ComponentName admin, in byte[] certBuffer); void uninstallCaCert(in ComponentName admin, in String alias); + void enforceCanManageCaCerts(in ComponentName admin); void addPersistentPreferredActivity(in ComponentName admin, in IntentFilter filter, in ComponentName activity); void clearPackagePersistentPreferredActivities(in ComponentName admin, String packageName); |