Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 49ed3232 authored by Eran Messeri's avatar Eran Messeri
Browse files

DPM: Add API for granting apps access to keys 

Add a DevicePolicyManager method for granting (or revoking) access to a
key for a specific package.

This prevents apps from having to call KeyChain.choosePrivateKeyAlias to
get a grant for the alias.
The motivation for this change is that apps that run as a background
service do not have an Activity to pass into
KeyChain.choosePrivateKeyAlias any more as they are not allowed to
interact with users.
That creates a situation where even though the Device Policy Client
would silently grant the requesting app access to a KeyChain key, the
app still has to provide an Activity.

With this change, the DPC can pre-grant the app access to a key such
that the app does not need to call KeyChain.choosePrivateKeyAlias and
can instead just call KeyChain.getPrivateKey

BUG: 137921026
Test: atest CtsDevicePolicyManagerTestCases:com.android.cts.devicepolicy.MixedDeviceOwnerTest#testSetKeyGrant
Change-Id: I37a75e1f802e223740eb41f055224baba9aa3b3a
parent 9f3eb4a1
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment