From 39087b1cec6a54e96ab9eafe8317952720790533 Mon Sep 17 00:00:00 2001 From: Robin Lee Date: Tue, 5 May 2015 15:57:17 +0100 Subject: Replace String host:port/url args with Uri arg Uri provides a stronger guarantee of well-formedness and lets apps do nice extra things like specifying scheme etc. without twisting any expectations. Bug: 20820034 Change-Id: Ia6bbedb74765444920b667d643fb7e1eb6a7292b --- api/current.txt | 4 +-- api/system-current.txt | 4 +-- .../android/app/admin/DeviceAdminReceiver.java | 24 +++++---------- .../android/app/admin/IDevicePolicyManager.aidl | 3 +- keystore/java/android/security/KeyChain.java | 35 ++++++++-------------- .../devicepolicy/DevicePolicyManagerService.java | 8 ++--- 6 files changed, 28 insertions(+), 50 deletions(-) diff --git a/api/current.txt b/api/current.txt index 95d8f1e..e81652d 100644 --- a/api/current.txt +++ b/api/current.txt @@ -5633,7 +5633,7 @@ package android.app.admin { ctor public DeviceAdminReceiver(); method public android.app.admin.DevicePolicyManager getManager(android.content.Context); method public android.content.ComponentName getWho(android.content.Context); - method public java.lang.String onChoosePrivateKeyAlias(android.content.Context, android.content.Intent, int, java.lang.String, int, java.lang.String, java.lang.String); + method public java.lang.String onChoosePrivateKeyAlias(android.content.Context, android.content.Intent, int, android.net.Uri, java.lang.String); method public java.lang.CharSequence onDisableRequested(android.content.Context, android.content.Intent); method public void onDisabled(android.content.Context, android.content.Intent); method public void onEnabled(android.content.Context, android.content.Intent); @@ -28337,7 +28337,7 @@ package android.security { public final class KeyChain { ctor public KeyChain(); method public static void choosePrivateKeyAlias(android.app.Activity, android.security.KeyChainAliasCallback, java.lang.String[], java.security.Principal[], java.lang.String, int, java.lang.String); - method public static void choosePrivateKeyAlias(android.app.Activity, android.security.KeyChainAliasCallback, java.lang.String[], java.security.Principal[], java.lang.String, int, java.lang.String, java.lang.String); + method public static void choosePrivateKeyAlias(android.app.Activity, android.security.KeyChainAliasCallback, java.lang.String[], java.security.Principal[], android.net.Uri, java.lang.String); method public static android.content.Intent createInstallIntent(); method public static java.security.cert.X509Certificate[] getCertificateChain(android.content.Context, java.lang.String) throws java.lang.InterruptedException, android.security.KeyChainException; method public static java.security.PrivateKey getPrivateKey(android.content.Context, java.lang.String) throws java.lang.InterruptedException, android.security.KeyChainException; diff --git a/api/system-current.txt b/api/system-current.txt index 5d11b25..6cbd7d0 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -5731,7 +5731,7 @@ package android.app.admin { ctor public DeviceAdminReceiver(); method public android.app.admin.DevicePolicyManager getManager(android.content.Context); method public android.content.ComponentName getWho(android.content.Context); - method public java.lang.String onChoosePrivateKeyAlias(android.content.Context, android.content.Intent, int, java.lang.String, int, java.lang.String, java.lang.String); + method public java.lang.String onChoosePrivateKeyAlias(android.content.Context, android.content.Intent, int, android.net.Uri, java.lang.String); method public java.lang.CharSequence onDisableRequested(android.content.Context, android.content.Intent); method public void onDisabled(android.content.Context, android.content.Intent); method public void onEnabled(android.content.Context, android.content.Intent); @@ -30365,7 +30365,7 @@ package android.security { public final class KeyChain { ctor public KeyChain(); method public static void choosePrivateKeyAlias(android.app.Activity, android.security.KeyChainAliasCallback, java.lang.String[], java.security.Principal[], java.lang.String, int, java.lang.String); - method public static void choosePrivateKeyAlias(android.app.Activity, android.security.KeyChainAliasCallback, java.lang.String[], java.security.Principal[], java.lang.String, int, java.lang.String, java.lang.String); + method public static void choosePrivateKeyAlias(android.app.Activity, android.security.KeyChainAliasCallback, java.lang.String[], java.security.Principal[], android.net.Uri, java.lang.String); method public static android.content.Intent createInstallIntent(); method public static java.security.cert.X509Certificate[] getCertificateChain(android.content.Context, java.lang.String) throws java.lang.InterruptedException, android.security.KeyChainException; method public static java.security.PrivateKey getPrivateKey(android.content.Context, java.lang.String) throws java.lang.InterruptedException, android.security.KeyChainException; diff --git a/core/java/android/app/admin/DeviceAdminReceiver.java b/core/java/android/app/admin/DeviceAdminReceiver.java index 470804d..87e2f9a 100644 --- a/core/java/android/app/admin/DeviceAdminReceiver.java +++ b/core/java/android/app/admin/DeviceAdminReceiver.java @@ -24,6 +24,7 @@ import android.content.BroadcastReceiver; import android.content.ComponentName; import android.content.Context; import android.content.Intent; +import android.net.Uri; import android.os.Bundle; import android.security.KeyChain; @@ -249,13 +250,7 @@ public class DeviceAdminReceiver extends BroadcastReceiver { public static final String EXTRA_CHOOSE_PRIVATE_KEY_SENDER_UID = "android.app.extra.CHOOSE_PRIVATE_KEY_SENDER_UID"; /** @hide */ - public static final String EXTRA_CHOOSE_PRIVATE_KEY_HOST = "android.app.extra.CHOOSE_PRIVATE_KEY_HOST"; - - /** @hide */ - public static final String EXTRA_CHOOSE_PRIVATE_KEY_PORT = "android.app.extra.CHOOSE_PRIVATE_KEY_PORT"; - - /** @hide */ - public static final String EXTRA_CHOOSE_PRIVATE_KEY_URL = "android.app.extra.CHOOSE_PRIVATE_KEY_URL"; + public static final String EXTRA_CHOOSE_PRIVATE_KEY_URI = "android.app.extra.CHOOSE_PRIVATE_KEY_URI"; /** @hide */ public static final String EXTRA_CHOOSE_PRIVATE_KEY_ALIAS = "android.app.extra.CHOOSE_PRIVATE_KEY_ALIAS"; @@ -487,15 +482,13 @@ public class DeviceAdminReceiver extends BroadcastReceiver { * @param context The running context as per {@link #onReceive}. * @param intent The received intent as per {@link #onReceive}. * @param uid The uid asking for the private key and certificate pair. - * @param host The authentication host, may be null. - * @param port The authentication port, or -1. - * @param url The URL to authenticate, may be null. + * @param uri The URI to authenticate, may be null. * @param alias The alias preselected by the client, or null. * @return The private key alias to return and grant access to. * @see KeyChain#choosePrivateKeyAlias */ - public String onChoosePrivateKeyAlias(Context context, Intent intent, int uid, String host, - int port, String url, String alias) { + public String onChoosePrivateKeyAlias(Context context, Intent intent, int uid, Uri uri, + String alias) { return null; } @@ -546,12 +539,9 @@ public class DeviceAdminReceiver extends BroadcastReceiver { onProfileProvisioningComplete(context, intent); } else if (ACTION_CHOOSE_PRIVATE_KEY_ALIAS.equals(action)) { int uid = intent.getIntExtra(EXTRA_CHOOSE_PRIVATE_KEY_SENDER_UID, -1); - String host = intent.getStringExtra(EXTRA_CHOOSE_PRIVATE_KEY_HOST); - int port = intent.getIntExtra(EXTRA_CHOOSE_PRIVATE_KEY_PORT, -1); - String url = intent.getStringExtra(EXTRA_CHOOSE_PRIVATE_KEY_URL); + Uri uri = intent.getParcelableExtra(EXTRA_CHOOSE_PRIVATE_KEY_URI); String alias = intent.getStringExtra(EXTRA_CHOOSE_PRIVATE_KEY_ALIAS); - String chosenAlias = onChoosePrivateKeyAlias(context, intent, uid, host, port, url, - alias); + String chosenAlias = onChoosePrivateKeyAlias(context, intent, uid, uri, alias); setResultData(chosenAlias); } else if (ACTION_LOCK_TASK_ENTERING.equals(action)) { String pkg = intent.getStringExtra(EXTRA_LOCK_TASK_PACKAGE); diff --git a/core/java/android/app/admin/IDevicePolicyManager.aidl b/core/java/android/app/admin/IDevicePolicyManager.aidl index 71d044e..24ef604 100644 --- a/core/java/android/app/admin/IDevicePolicyManager.aidl +++ b/core/java/android/app/admin/IDevicePolicyManager.aidl @@ -23,6 +23,7 @@ import android.content.Intent; import android.content.IntentFilter; import android.graphics.Bitmap; import android.net.ProxyInfo; +import android.net.Uri; import android.os.Bundle; import android.os.PersistableBundle; import android.os.RemoteCallback; @@ -131,7 +132,7 @@ interface IDevicePolicyManager { void enforceCanManageCaCerts(in ComponentName admin); boolean installKeyPair(in ComponentName who, in byte[] privKeyBuffer, in byte[] certBuffer, String alias); - void choosePrivateKeyAlias(int uid, in String host, int port, in String url, in String alias, IBinder aliasCallback); + void choosePrivateKeyAlias(int uid, in Uri uri, in String alias, IBinder aliasCallback); void setCertInstallerPackage(in ComponentName who, String installerPackage); String getCertInstallerPackage(in ComponentName who); diff --git a/keystore/java/android/security/KeyChain.java b/keystore/java/android/security/KeyChain.java index 19b62a6..817b7c9 100644 --- a/keystore/java/android/security/KeyChain.java +++ b/keystore/java/android/security/KeyChain.java @@ -23,6 +23,7 @@ import android.content.ComponentName; import android.content.Context; import android.content.Intent; import android.content.ServiceConnection; +import android.net.Uri; import android.os.IBinder; import android.os.Looper; import android.os.Process; @@ -119,19 +120,7 @@ public final class KeyChain { * Extra for use with {@link #ACTION_CHOOSER} * @hide Also used by KeyChainActivity implementation */ - public static final String EXTRA_HOST = "host"; - - /** - * Extra for use with {@link #ACTION_CHOOSER} - * @hide Also used by KeyChainActivity implementation - */ - public static final String EXTRA_PORT = "port"; - - /** - * Extra for use with {@link #ACTION_CHOOSER} - * @hide Also used by KeyChainActivity implementation - */ - public static final String EXTRA_URL = "url"; + public static final String EXTRA_URI = "uri"; /** * Extra for use with {@link #ACTION_CHOOSER} @@ -270,7 +259,13 @@ public final class KeyChain { @NonNull KeyChainAliasCallback response, @KeyProperties.KeyAlgorithmEnum String[] keyTypes, Principal[] issuers, @Nullable String host, int port, @Nullable String alias) { - choosePrivateKeyAlias(activity, response, keyTypes, issuers, host, port, null, alias); + Uri uri = null; + if (host != null) { + uri = new Uri.Builder() + .authority(host + (port != -1 ? ":" + port : "")) + .build(); + } + choosePrivateKeyAlias(activity, response, keyTypes, issuers, uri, alias); } /** @@ -303,11 +298,7 @@ public final class KeyChain { * "EC" or "RSA", or a null array. * @param issuers The acceptable certificate issuers for the * certificate matching the private key, or null. - * @param host The host name of the server requesting the - * certificate, or null if unavailable. - * @param port The port number of the server requesting the - * certificate, or -1 if unavailable. - * @param url The full url the server is requesting the certificate + * @param uri The full URI the server is requesting the certificate * for, or null if unavailable. * @param alias The alias to preselect if available, or null if * unavailable. @@ -315,7 +306,7 @@ public final class KeyChain { public static void choosePrivateKeyAlias(@NonNull Activity activity, @NonNull KeyChainAliasCallback response, @KeyProperties.KeyAlgorithmEnum String[] keyTypes, Principal[] issuers, - @Nullable String host, int port, @Nullable String url, @Nullable String alias) { + @Nullable Uri uri, @Nullable String alias) { /* * TODO currently keyTypes, issuers are unused. They are meant * to follow the semantics and purpose of X509KeyManager @@ -341,9 +332,7 @@ public final class KeyChain { Intent intent = new Intent(ACTION_CHOOSER); intent.setPackage(KEYCHAIN_PACKAGE); intent.putExtra(EXTRA_RESPONSE, new AliasResponse(response)); - intent.putExtra(EXTRA_HOST, host); - intent.putExtra(EXTRA_PORT, port); - intent.putExtra(EXTRA_URL, url); + intent.putExtra(EXTRA_URI, uri); intent.putExtra(EXTRA_ALIAS, alias); // the PendingIntent is used to get calling package name intent.putExtra(EXTRA_SENDER, PendingIntent.getActivity(activity, 0, new Intent(), 0)); diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index 8e4bc50..69e5f74 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -3198,8 +3198,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } @Override - public void choosePrivateKeyAlias(final int uid, final String host, int port, final String url, - final String alias, final IBinder response) { + public void choosePrivateKeyAlias(final int uid, final Uri uri, final String alias, + final IBinder response) { // Caller UID needs to be trusted, so we restrict this method to SYSTEM_UID callers. if (UserHandle.getAppId(Binder.getCallingUid()) != Process.SYSTEM_UID) { return; @@ -3216,9 +3216,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { Intent intent = new Intent(DeviceAdminReceiver.ACTION_CHOOSE_PRIVATE_KEY_ALIAS); intent.setComponent(profileOwner); intent.putExtra(DeviceAdminReceiver.EXTRA_CHOOSE_PRIVATE_KEY_SENDER_UID, uid); - intent.putExtra(DeviceAdminReceiver.EXTRA_CHOOSE_PRIVATE_KEY_HOST, host); - intent.putExtra(DeviceAdminReceiver.EXTRA_CHOOSE_PRIVATE_KEY_PORT, port); - intent.putExtra(DeviceAdminReceiver.EXTRA_CHOOSE_PRIVATE_KEY_URL, url); + intent.putExtra(DeviceAdminReceiver.EXTRA_CHOOSE_PRIVATE_KEY_URI, uri); intent.putExtra(DeviceAdminReceiver.EXTRA_CHOOSE_PRIVATE_KEY_ALIAS, alias); intent.putExtra(DeviceAdminReceiver.EXTRA_CHOOSE_PRIVATE_KEY_RESPONSE, response); -- cgit v1.1