[DO NOT MERGE] Rollup changes from R related to CertInstaller and KeyChain am: ac51bf8a40 (294cbeed) · Commits · e / os / android_frameworks_base

api/current.txt

+1 −0

Original line number	Diff line number	Diff line
		@@ -41088,6 +41088,7 @@ package android.security {
		field public static final String EXTRA_KEY_ALIAS = "android.security.extra.KEY_ALIAS";
		field public static final String EXTRA_NAME = "name";
		field public static final String EXTRA_PKCS12 = "PKCS12";
		field public static final String KEY_ALIAS_SELECTION_DENIED = "android:alias-selection-denied";
		}

		public interface KeyChainAliasCallback {

core/java/android/app/admin/DelegatedAdminReceiver.java

+4 −0

Original line number	Diff line number	Diff line
		@@ -63,6 +63,10 @@ public class DelegatedAdminReceiver extends BroadcastReceiver {
		* Allows this receiver to select the alias for a private key and certificate pair for
		* authentication. If this method returns null, the default {@link android.app.Activity} will
		* be shown that lets the user pick a private key and certificate pair.
		* If this method returns {@link KeyChain#KEY_ALIAS_SELECTION_DENIED},
		* the default {@link android.app.Activity} will not be shown and the user will not be allowed
		* to pick anything. And the app, that called {@link KeyChain#choosePrivateKeyAlias}, will
		* receive {@code null} back.
		*
		* <p> This callback is only applicable if the delegated app has
		* {@link DevicePolicyManager#DELEGATION_CERT_SELECTION} capability. Additionally, it must

core/java/android/app/admin/DeviceAdminReceiver.java

+4 −0

Original line number	Diff line number	Diff line
		@@ -791,6 +791,10 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
		* Allows this receiver to select the alias for a private key and certificate pair for
		* authentication. If this method returns null, the default {@link android.app.Activity} will be
		* shown that lets the user pick a private key and certificate pair.
		* If this method returns {@link KeyChain#KEY_ALIAS_SELECTION_DENIED},
		* the default {@link android.app.Activity} will not be shown and the user will not be allowed
		* to pick anything. And the app, that called {@link KeyChain#choosePrivateKeyAlias}, will
		* receive {@code null} back.
		*
		* @param context The running context as per {@link #onReceive}.
		* @param intent The received intent as per {@link #onReceive}.

core/proto/android/app/settings_enums.proto

+5 −0

Original line number	Diff line number	Diff line
		@@ -2422,6 +2422,11 @@ enum PageId {
		// OS: Q
		SETTINGS_GESTURE_TAP = 1751;

		// OPEN: Settings > Security & screen lock -> Encryption & credentials > Install a certificate
		// CATEGORY: SETTINGS
		// OS: R
		INSTALL_CERTIFICATE_FROM_STORAGE = 1803;

		// OPEN: Settings > Developer Options > Platform Compat
		// CATEGORY: SETTINGS
		// OS: R

keystore/java/android/security/Credentials.java

+15 −11

Original line number	Diff line number	Diff line
		@@ -74,6 +74,15 @@ public class Credentials {
		/** Key containing suffix of lockdown VPN profile. */
		public static final String LOCKDOWN_VPN = "LOCKDOWN_VPN";

		/** Name of CA certificate usage. */
		public static final String CERTIFICATE_USAGE_CA = "ca";

		/** Name of User certificate usage. */
		public static final String CERTIFICATE_USAGE_USER = "user";

		/** Name of WIFI certificate usage. */
		public static final String CERTIFICATE_USAGE_WIFI = "wifi";

		/** Data type for public keys. */
		public static final String EXTRA_PUBLIC_KEY = "KEY";

		@@ -94,30 +103,25 @@ public class Credentials {
		public static final String EXTRA_INSTALL_AS_UID = "install_as_uid";

		/**
		* Intent extra: name for the user's private key.
		* Intent extra: type of the certificate to install
		*/
		public static final String EXTRA_USER_PRIVATE_KEY_NAME = "user_private_key_name";
		public static final String EXTRA_CERTIFICATE_USAGE = "certificate_install_usage";

		/**
		* Intent extra: data for the user's private key in PEM-encoded PKCS#8.
		* Intent extra: name for the user's key pair.
		*/
		public static final String EXTRA_USER_PRIVATE_KEY_DATA = "user_private_key_data";
		public static final String EXTRA_USER_KEY_ALIAS = "user_key_pair_name";

		/**
		* Intent extra: name for the user's certificate.
		* Intent extra: data for the user's private key in PEM-encoded PKCS#8.
		*/
		public static final String EXTRA_USER_CERTIFICATE_NAME = "user_certificate_name";
		public static final String EXTRA_USER_PRIVATE_KEY_DATA = "user_private_key_data";

		/**
		* Intent extra: data for the user's certificate in PEM-encoded X.509.
		*/
		public static final String EXTRA_USER_CERTIFICATE_DATA = "user_certificate_data";

		/**
		* Intent extra: name for CA certificate chain
		*/
		public static final String EXTRA_CA_CERTIFICATES_NAME = "ca_certificates_name";

		/**
		* Intent extra: data for CA certificate chain in PEM-encoded X.509.
		*/