Loading api/current.txt +2 −2 Original line number Diff line number Diff line Loading @@ -5424,7 +5424,7 @@ package android.app.admin { method public boolean getCrossProfileCallerIdDisabled(android.content.ComponentName); method public java.util.List<java.lang.String> getCrossProfileWidgetProviders(android.content.ComponentName); method public int getCurrentFailedPasswordAttempts(); method public java.util.List<byte[]> getInstalledCaCerts(); method public java.util.List<byte[]> getInstalledCaCerts(android.content.ComponentName); method public int getKeyguardDisabledFeatures(android.content.ComponentName); method public int getMaximumFailedPasswordsForWipe(android.content.ComponentName); method public long getMaximumTimeToLock(android.content.ComponentName); Loading @@ -5445,7 +5445,7 @@ package android.app.admin { method public boolean getScreenCaptureDisabled(android.content.ComponentName); method public boolean getStorageEncryption(android.content.ComponentName); method public int getStorageEncryptionStatus(); method public boolean hasCaCertInstalled(byte[]); method public boolean hasCaCertInstalled(android.content.ComponentName, byte[]); method public boolean hasGrantedPolicy(android.content.ComponentName, int); method public boolean installCaCert(android.content.ComponentName, byte[]); method public boolean isActivePasswordSufficient(); core/java/android/app/admin/DevicePolicyManager.java +25 −11 Original line number Diff line number Diff line Loading @@ -1786,11 +1786,15 @@ public class DevicePolicyManager { * If a user has installed any certificates by other means than device policy these will be * included too. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @return a List of byte[] arrays, each encoding one user CA certificate. */ public List<byte[]> getInstalledCaCerts() { final TrustedCertificateStore certStore = new TrustedCertificateStore(); public List<byte[]> getInstalledCaCerts(ComponentName admin) { List<byte[]> certs = new ArrayList<byte[]>(); if (mService != null) { try { mService.enforceCanManageCaCerts(admin); final TrustedCertificateStore certStore = new TrustedCertificateStore(); for (String alias : certStore.userAliases()) { try { certs.add(certStore.getCertificate(alias).getEncoded()); Loading @@ -1798,6 +1802,10 @@ public class DevicePolicyManager { Log.w(TAG, "Could not encode certificate: " + alias, ce); } } } catch (RemoteException re) { Log.w(TAG, "Failed talking with device policy service", re); } } return certs; } Loading @@ -1822,14 +1830,20 @@ public class DevicePolicyManager { /** * Returns whether this certificate is installed as a trusted CA. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param certBuffer encoded form of the certificate to look up. */ public boolean hasCaCertInstalled(byte[] certBuffer) { public boolean hasCaCertInstalled(ComponentName admin, byte[] certBuffer) { if (mService != null) { try { mService.enforceCanManageCaCerts(admin); return getCaCertAlias(certBuffer) != null; } catch (RemoteException re) { Log.w(TAG, "Failed talking with device policy service", re); } catch (CertificateException ce) { Log.w(TAG, "Could not parse certificate", ce); } } return false; } Loading core/java/android/app/admin/IDevicePolicyManager.aidl +1 −0 Original line number Diff line number Diff line Loading @@ -124,6 +124,7 @@ interface IDevicePolicyManager { boolean installCaCert(in ComponentName admin, in byte[] certBuffer); void uninstallCaCert(in ComponentName admin, in String alias); void enforceCanManageCaCerts(in ComponentName admin); void addPersistentPreferredActivity(in ComponentName admin, in IntentFilter filter, in ComponentName activity); void clearPackagePersistentPreferredActivities(in ComponentName admin, String packageName); Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +11 −13 Original line number Diff line number Diff line Loading @@ -40,7 +40,6 @@ import android.content.Intent; import android.content.IntentFilter; import android.content.pm.ApplicationInfo; import android.content.pm.IPackageManager; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ResolveInfo; Loading Loading @@ -70,7 +69,6 @@ import android.os.UserHandle; import android.os.UserManager; import android.provider.Settings; import android.security.Credentials; import android.security.IKeyChainService; import android.security.KeyChain; import android.security.KeyChain.KeyChainConnection; import android.util.Log; Loading Loading @@ -2749,7 +2747,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return !"".equals(state); } public boolean installCaCert(ComponentName who, byte[] certBuffer) throws RemoteException { @Override public void enforceCanManageCaCerts(ComponentName who) { if (who == null) { mContext.enforceCallingOrSelfPermission(MANAGE_CA_CERTIFICATES, null); } else { Loading @@ -2757,6 +2756,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); } } } @Override public boolean installCaCert(ComponentName admin, byte[] certBuffer) throws RemoteException { enforceCanManageCaCerts(admin); byte[] pemCert; try { Loading Loading @@ -2791,21 +2795,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return false; } private static X509Certificate parseCert(byte[] certBuffer) throws CertificateException, IOException { private static X509Certificate parseCert(byte[] certBuffer) throws CertificateException { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); return (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream( certBuffer)); } public void uninstallCaCert(ComponentName who, String alias) { if (who == null) { mContext.enforceCallingOrSelfPermission(MANAGE_CA_CERTIFICATES, null); } else { synchronized (this) { getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); } } @Override public void uninstallCaCert(ComponentName admin, String alias) { enforceCanManageCaCerts(admin); final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId()); final long id = Binder.clearCallingIdentity(); Loading Loading
api/current.txt +2 −2 Original line number Diff line number Diff line Loading @@ -5424,7 +5424,7 @@ package android.app.admin { method public boolean getCrossProfileCallerIdDisabled(android.content.ComponentName); method public java.util.List<java.lang.String> getCrossProfileWidgetProviders(android.content.ComponentName); method public int getCurrentFailedPasswordAttempts(); method public java.util.List<byte[]> getInstalledCaCerts(); method public java.util.List<byte[]> getInstalledCaCerts(android.content.ComponentName); method public int getKeyguardDisabledFeatures(android.content.ComponentName); method public int getMaximumFailedPasswordsForWipe(android.content.ComponentName); method public long getMaximumTimeToLock(android.content.ComponentName); Loading @@ -5445,7 +5445,7 @@ package android.app.admin { method public boolean getScreenCaptureDisabled(android.content.ComponentName); method public boolean getStorageEncryption(android.content.ComponentName); method public int getStorageEncryptionStatus(); method public boolean hasCaCertInstalled(byte[]); method public boolean hasCaCertInstalled(android.content.ComponentName, byte[]); method public boolean hasGrantedPolicy(android.content.ComponentName, int); method public boolean installCaCert(android.content.ComponentName, byte[]); method public boolean isActivePasswordSufficient();
core/java/android/app/admin/DevicePolicyManager.java +25 −11 Original line number Diff line number Diff line Loading @@ -1786,11 +1786,15 @@ public class DevicePolicyManager { * If a user has installed any certificates by other means than device policy these will be * included too. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @return a List of byte[] arrays, each encoding one user CA certificate. */ public List<byte[]> getInstalledCaCerts() { final TrustedCertificateStore certStore = new TrustedCertificateStore(); public List<byte[]> getInstalledCaCerts(ComponentName admin) { List<byte[]> certs = new ArrayList<byte[]>(); if (mService != null) { try { mService.enforceCanManageCaCerts(admin); final TrustedCertificateStore certStore = new TrustedCertificateStore(); for (String alias : certStore.userAliases()) { try { certs.add(certStore.getCertificate(alias).getEncoded()); Loading @@ -1798,6 +1802,10 @@ public class DevicePolicyManager { Log.w(TAG, "Could not encode certificate: " + alias, ce); } } } catch (RemoteException re) { Log.w(TAG, "Failed talking with device policy service", re); } } return certs; } Loading @@ -1822,14 +1830,20 @@ public class DevicePolicyManager { /** * Returns whether this certificate is installed as a trusted CA. * * @param admin Which {@link DeviceAdminReceiver} this request is associated with. * @param certBuffer encoded form of the certificate to look up. */ public boolean hasCaCertInstalled(byte[] certBuffer) { public boolean hasCaCertInstalled(ComponentName admin, byte[] certBuffer) { if (mService != null) { try { mService.enforceCanManageCaCerts(admin); return getCaCertAlias(certBuffer) != null; } catch (RemoteException re) { Log.w(TAG, "Failed talking with device policy service", re); } catch (CertificateException ce) { Log.w(TAG, "Could not parse certificate", ce); } } return false; } Loading
core/java/android/app/admin/IDevicePolicyManager.aidl +1 −0 Original line number Diff line number Diff line Loading @@ -124,6 +124,7 @@ interface IDevicePolicyManager { boolean installCaCert(in ComponentName admin, in byte[] certBuffer); void uninstallCaCert(in ComponentName admin, in String alias); void enforceCanManageCaCerts(in ComponentName admin); void addPersistentPreferredActivity(in ComponentName admin, in IntentFilter filter, in ComponentName activity); void clearPackagePersistentPreferredActivities(in ComponentName admin, String packageName); Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +11 −13 Original line number Diff line number Diff line Loading @@ -40,7 +40,6 @@ import android.content.Intent; import android.content.IntentFilter; import android.content.pm.ApplicationInfo; import android.content.pm.IPackageManager; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ResolveInfo; Loading Loading @@ -70,7 +69,6 @@ import android.os.UserHandle; import android.os.UserManager; import android.provider.Settings; import android.security.Credentials; import android.security.IKeyChainService; import android.security.KeyChain; import android.security.KeyChain.KeyChainConnection; import android.util.Log; Loading Loading @@ -2749,7 +2747,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return !"".equals(state); } public boolean installCaCert(ComponentName who, byte[] certBuffer) throws RemoteException { @Override public void enforceCanManageCaCerts(ComponentName who) { if (who == null) { mContext.enforceCallingOrSelfPermission(MANAGE_CA_CERTIFICATES, null); } else { Loading @@ -2757,6 +2756,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); } } } @Override public boolean installCaCert(ComponentName admin, byte[] certBuffer) throws RemoteException { enforceCanManageCaCerts(admin); byte[] pemCert; try { Loading Loading @@ -2791,21 +2795,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return false; } private static X509Certificate parseCert(byte[] certBuffer) throws CertificateException, IOException { private static X509Certificate parseCert(byte[] certBuffer) throws CertificateException { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); return (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream( certBuffer)); } public void uninstallCaCert(ComponentName who, String alias) { if (who == null) { mContext.enforceCallingOrSelfPermission(MANAGE_CA_CERTIFICATES, null); } else { synchronized (this) { getActiveAdminForCallerLocked(who, DeviceAdminInfo.USES_POLICY_PROFILE_OWNER); } } @Override public void uninstallCaCert(ComponentName admin, String alias) { enforceCanManageCaCerts(admin); final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId()); final long id = Binder.clearCallingIdentity(); Loading
