Merge "Replace KeyChainActivity placeholder UI with more polished dialog (1 of 5)" (c18e7e73) · Commits · e / os / android_frameworks_base

api/current.txt

+1 −1

Original line number	Diff line number	Diff line
		@@ -17494,7 +17494,7 @@ package android.security {

		public final class KeyChain {
		ctor public KeyChain();
		method public static void choosePrivateKeyAlias(android.app.Activity, android.security.KeyChainAliasCallback, java.lang.String[], java.security.Principal[], java.lang.String, int);
		method public static void choosePrivateKeyAlias(android.app.Activity, android.security.KeyChainAliasCallback, java.lang.String[], java.security.Principal[], java.lang.String, int, java.lang.String);
		method public static java.security.cert.X509Certificate[] getCertificateChain(android.content.Context, java.lang.String) throws java.lang.InterruptedException, android.security.KeyChainException;
		method public static java.security.PrivateKey getPrivateKey(android.content.Context, java.lang.String) throws java.lang.InterruptedException, android.security.KeyChainException;
		}

keystore/java/android/security/Credentials.java

+16 −0

Original line number	Diff line number	Diff line
		@@ -71,6 +71,13 @@ public class Credentials {
		/** Data type for PKCS12. */
		public static final String PKCS12 = "PKCS12";

		// historically used by Android
		public static final String EXTENSION_CRT = ".crt";
		public static final String EXTENSION_P12 = ".p12";
		// commonly used on Windows
		public static final String EXTENSION_CER = ".cer";
		public static final String EXTENSION_PFX = ".pfx";

		/**
		* Convert objects to a PEM format, which is used for
		* CA_CERTIFICATE, USER_CERTIFICATE, and USER_PRIVATE_KEY
		@@ -130,6 +137,15 @@ public class Credentials {
		return intent;
		}

		public void install(Context context) {
		try {
		Intent intent = createInstallIntent();
		context.startActivity(intent);
		} catch (ActivityNotFoundException e) {
		Log.w(LOGTAG, e.toString());
		}
		}

		public void install(Context context, KeyPair pair) {
		try {
		Intent intent = createInstallIntent();

keystore/java/android/security/KeyChain.java

+36 −9

Original line number	Diff line number	Diff line
		@@ -22,6 +22,7 @@ import android.accounts.AccountManagerFuture;
		import android.accounts.AuthenticatorException;
		import android.accounts.OperationCanceledException;
		import android.app.Activity;
		import android.app.PendingIntent;
		import android.content.ComponentName;
		import android.content.Context;
		import android.content.Intent;
		@@ -92,6 +93,26 @@ public final class KeyChain {
		*/
		public static final String EXTRA_RESPONSE = "response";

		/**
		* @hide Also used by KeyChainActivity implementation
		*/
		public static final String EXTRA_HOST = "host";

		/**
		* @hide Also used by KeyChainActivity implementation
		*/
		public static final String EXTRA_PORT = "port";

		/**
		* @hide Also used by KeyChainActivity implementation
		*/
		public static final String EXTRA_ALIAS = "alias";

		/**
		* @hide Also used by KeyChainActivity implementation
		*/
		public static final String EXTRA_SENDER = "sender";

		/**
		* Launches an {@code Activity} for the user to select the alias
		* for a private key and certificate pair for authentication. The
		@@ -106,6 +127,9 @@ public final class KeyChain {
		* <p>{@code host} and {@code port} may be used to give the user
		* more context about the server requesting the credentials.
		*
		* <p>{@code alias} allows the chooser to preselect an existing
		* alias which will still be subject to user confirmation.
		*
		* <p>This method requires the caller to hold the permission
		* {@link android.Manifest.permission#USE_CREDENTIALS}.
		*
		@@ -123,14 +147,17 @@ public final class KeyChain {
		* certificate, or null if unavailable.
		* @param port The port number of the server requesting the
		* certificate, or -1 if unavailable.
		* @param alias The alias to preselect if available, or null if
		* unavailable.
		*/
		public static void choosePrivateKeyAlias(Activity activity, KeyChainAliasCallback response,
		String[] keyTypes, Principal[] issuers,
		String host, int port) {
		String host, int port,
		String alias) {
		/*
		* TODO currently keyTypes, issuers, host, and port are
		* unused. They are meant to follow the semantics and purpose
		* of X509KeyManager method arguments.
		* TODO currently keyTypes, issuers are unused. They are meant
		* to follow the semantics and purpose of X509KeyManager
		* method arguments.
		*
		* keyTypes would allow the list to be filtered and typically
		* will be set correctly by the server. In practice today,
		@@ -142,11 +169,6 @@ public final class KeyChain {
		* server. Others will send none. If this is used, if there
		* are no matches after applying the constraint, it should be
		* ignored.
		*
		* host and port may be shown to the user if available, but it
		* should be clear that they are not validated values, perhaps
		* shown along with requesting application identity to clarify
		* the source of the request.
		*/
		if (activity == null) {
		throw new NullPointerException("activity == null");
		@@ -156,6 +178,11 @@ public final class KeyChain {
		}
		Intent intent = new Intent("com.android.keychain.CHOOSER");
		intent.putExtra(EXTRA_RESPONSE, new AliasResponse(activity, response));
		intent.putExtra(EXTRA_HOST, host);
		intent.putExtra(EXTRA_PORT, port);
		intent.putExtra(EXTRA_ALIAS, alias);
		// the PendingIntent is used to get calling package name
		intent.putExtra(EXTRA_SENDER, PendingIntent.getActivity(activity, 0, new Intent(), 0));
		activity.startActivity(intent);
		}