Add conscrypt updatable certificates. (8b192b19) · Commits · e / os / android_frameworks_base

core/java/android/security/net/config/SystemCertificateSource.java

+11 −1

Original line number	Diff line number	Diff line
		@@ -18,6 +18,7 @@ package android.security.net.config;

		import android.os.Environment;
		import android.os.UserHandle;

		import java.io.File;

		/**
		@@ -32,11 +33,20 @@ public final class SystemCertificateSource extends DirectoryCertificateSource {
		private final File mUserRemovedCaDir;

		private SystemCertificateSource() {
		super(new File(System.getenv("ANDROID_ROOT") + "/etc/security/cacerts"));
		super(getDirectory());
		File configDir = Environment.getUserConfigDirectory(UserHandle.myUserId());
		mUserRemovedCaDir = new File(configDir, "cacerts-removed");
		}

		private static File getDirectory() {
		// TODO(miguelaranda): figure out correct code path.
		File updatable_dir = new File("/apex/com.android.conscrypt/cacerts");
		if (updatable_dir.exists()) {
		return updatable_dir;
		}
		return new File(System.getenv("ANDROID_ROOT") + "/etc/security/cacerts");
		}

		public static SystemCertificateSource getInstance() {
		return NoPreloadHolder.INSTANCE;
		}