Merge changes from topics "wifi-dpm-grant", "wifi-keychain" into sc-dev

    method @NonNull public android.os.Bundle getUserRestrictions(@NonNull android.content.ComponentName);

    method @Nullable public String getWifiMacAddress(@NonNull android.content.ComponentName);

    method public boolean grantKeyPairToApp(@Nullable android.content.ComponentName, @NonNull String, @NonNull String);

    method public boolean grantKeyPairToWifiAuth(@NonNull String);

    method public boolean hasCaCertInstalled(@Nullable android.content.ComponentName, byte[]);

    method public boolean hasGrantedPolicy(@NonNull android.content.ComponentName, int);

    method public boolean hasKeyPair(@NonNull String);

    method public boolean isDeviceIdAttestationSupported();

    method public boolean isDeviceOwnerApp(String);

    method public boolean isEphemeralUser(@NonNull android.content.ComponentName);

    method public boolean isKeyPairGrantedToWifiAuth(@NonNull String);

    method public boolean isLockTaskPermitted(String);

    method public boolean isLogoutEnabled();

    method public boolean isManagedProfile(@NonNull android.content.ComponentName);

    method @Nullable public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrievePreRebootSecurityLogs(@NonNull android.content.ComponentName);

    method @Nullable public java.util.List<android.app.admin.SecurityLog.SecurityEvent> retrieveSecurityLogs(@NonNull android.content.ComponentName);

    method public boolean revokeKeyPairFromApp(@Nullable android.content.ComponentName, @NonNull String, @NonNull String);

    method public boolean revokeKeyPairFromWifiAuth(@NonNull String);

    method public void setAccountManagementDisabled(@NonNull android.content.ComponentName, String, boolean);

    method public void setAffiliationIds(@NonNull android.content.ComponentName, @NonNull java.util.Set<java.lang.String>);

    method public void setAlwaysOnVpnPackage(@NonNull android.content.ComponentName, @Nullable String, boolean) throws android.content.pm.PackageManager.NameNotFoundException;

}

package android.security {

  public final class KeyChain {

    method @Nullable @WorkerThread public static String getWifiKeyGrantAsUser(@NonNull android.content.Context, @NonNull android.os.UserHandle, @NonNull String);

    method @WorkerThread public static boolean hasWifiKeyGrantAsUser(@NonNull android.content.Context, @NonNull android.os.UserHandle, @NonNull String);

  }

}

package android.security.keystore {

  public class AndroidKeyStoreProvider extends java.security.Provider {

        return false;

    }

    /**

     * Called by a device or profile owner, or delegated certificate chooser (an app that has been

     * delegated the {@link #DELEGATION_CERT_SELECTION} privilege), to allow using a KeyChain key

     * pair for authentication to Wifi networks. The key can then be used in configurations passed

     * to {@link android.net.wifi.WifiManager#addNetwork}.

     *

     * @param alias The alias of the key pair.

     * @return {@code true} if the operation was set successfully, {@code false} otherwise.

     *

     * @throws SecurityException if the caller is not a device owner, a profile owner or

     *         delegated certificate chooser.

     * @see #revokeKeyPairFromWifiAuth

     */

    public boolean grantKeyPairToWifiAuth(@NonNull String alias) {

        throwIfParentInstance("grantKeyPairToWifiAuth");

        try {

            return mService.setKeyGrantToWifiAuth(mContext.getPackageName(), alias, true);

        } catch (RemoteException e) {

            e.rethrowFromSystemServer();

        }

        return false;

    }

    /**

     * Called by a device or profile owner, or delegated certificate chooser (an app that has been

     * delegated the {@link #DELEGATION_CERT_SELECTION} privilege), to deny using a KeyChain key

     * pair for authentication to Wifi networks. Configured networks using this key won't be able to

     * authenticate.

     *

     * @param alias The alias of the key pair.

     * @return {@code true} if the operation was set successfully, {@code false} otherwise.

     *

     * @throws SecurityException if the caller is not a device owner, a profile owner or

     *         delegated certificate chooser.

     * @see #grantKeyPairToWifiAuth

     */

    public boolean revokeKeyPairFromWifiAuth(@NonNull String alias) {

        throwIfParentInstance("revokeKeyPairFromWifiAuth");

        try {

            return mService.setKeyGrantToWifiAuth(mContext.getPackageName(), alias, false);

        } catch (RemoteException e) {

            e.rethrowFromSystemServer();

        }

        return false;

    }

    /**

     * Called by a device or profile owner, or delegated certificate chooser (an app that has been

     * delegated the {@link #DELEGATION_CERT_SELECTION} privilege), to query whether a KeyChain key

     * pair can be used for authentication to Wifi networks.

     *

     * @param alias The alias of the key pair.

     * @return {@code true} if the key pair can be used, {@code false} otherwise.

     *

     * @throws SecurityException if the caller is not a device owner, a profile owner or

     *         delegated certificate chooser.

     * @see #grantKeyPairToWifiAuth

     */

    public boolean isKeyPairGrantedToWifiAuth(@NonNull String alias) {

        throwIfParentInstance("isKeyPairGrantedToWifiAuth");

        try {

            return mService.isKeyPairGrantedToWifiAuth(mContext.getPackageName(), alias);

        } catch (RemoteException e) {

            e.rethrowFromSystemServer();

        }

        return false;

    }

    /**

     * Returns {@code true} if the device supports attestation of device identifiers in addition

     * to key attestation. See

    boolean setKeyGrantForApp(in ComponentName admin, String callerPackage, String alias, String packageName, boolean hasGrant);

    List<String> getKeyPairGrants(in String callerPackage, in String alias);

    boolean setKeyGrantToWifiAuth(String callerPackage, String alias, boolean hasGrant);

    boolean isKeyPairGrantedToWifiAuth(String callerPackage, String alias);

    void setUserControlDisabledPackages(in ComponentName admin, in List<String> packages);

    // APIs used by KeyChainActivity

    void setGrant(int uid, String alias, boolean value);

    boolean hasGrant(int uid, String alias);

    // API used by Wifi

    String getWifiKeyGrantAsUser(String alias);

}