Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 45ca906e authored by Victor Chang's avatar Victor Chang
Browse files

Trust the certificate after unlocking screenlock 

When trust button is clicked, if ConfirmCredential (CC) is shown,
and user successfully unlock CC, trust the cert immediately

Bug: 28752364
Change-Id: Ied4aeda59a668a9dd2bf079a385b1fecd8eabb9e
parent ffe930ec

src/com/android/settings/TrustedCredentialsDialogBuilder.java

+13 −2
Original line number Diff line number Diff line
@@ -38,12 +38,14 @@ import com.android.settings.TrustedCredentialsSettings.CertHolder; 
import java.security.cert.X509Certificate;

import java.util.ArrayList;

import java.util.List;

import java.util.function.IntConsumer;



class TrustedCredentialsDialogBuilder extends AlertDialog.Builder {

    public interface DelegateInterface {

        List<X509Certificate> getX509CertsFromCertHolder(CertHolder certHolder);

        void removeOrInstallCert(CertHolder certHolder);

        boolean startConfirmCredentialIfNotConfirmed(int userId);

        boolean startConfirmCredentialIfNotConfirmed(int userId,

                IntConsumer onCredentialConfirmedListener);

    }



    private final DialogEventHandler mDialogEventHandler;
@@ -145,7 +147,8 @@ class TrustedCredentialsDialogBuilder extends AlertDialog.Builder { 


        private void onClickTrust() {

            CertHolder certHolder = getCurrentCertInfo();

            if (!mDelegate.startConfirmCredentialIfNotConfirmed(certHolder.getUserId())) {

            if (!mDelegate.startConfirmCredentialIfNotConfirmed(certHolder.getUserId(),

                    this::onCredentialConfirmed)) {

                mDpm.approveCaCert(certHolder.getAlias(), certHolder.getUserId(), true);

                nextOrDismiss();

            }
@@ -168,6 +171,14 @@ class TrustedCredentialsDialogBuilder extends AlertDialog.Builder { 
                    .show();

        }



        private void onCredentialConfirmed(int userId) {

            if (mDialog.isShowing() && mNeedsApproval && getCurrentCertInfo() != null

                    && getCurrentCertInfo().getUserId() == userId) {

                // Treat it as user just clicks "trust" for this cert

                onClickTrust();

            }

        }



        private CertHolder getCurrentCertInfo() {

            return mCurrentCertIndex < mCertHolders.length ? mCertHolders[mCurrentCertIndex] : null;

        }

src/com/android/settings/TrustedCredentialsSettings.java

+22 −4
Original line number Diff line number Diff line
@@ -68,6 +68,7 @@ import java.util.ArrayList; 
import java.util.Collections;

import java.util.List;

import java.util.Set;

import java.util.function.IntConsumer;



public class TrustedCredentialsSettings extends OptionsMenuFragment

        implements TrustedCredentialsDialogBuilder.DelegateInterface {
@@ -159,6 +160,7 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment 
    private AliasOperation mAliasOperation;

    private ArraySet<Integer> mConfirmedCredentialUsers;

    private int mConfirmingCredentialUser;

    private IntConsumer mConfirmingCredentialListener;

    private Set<AdapterData.AliasLoader> mAliasLoaders = new ArraySet<AdapterData.AliasLoader>(2);

    private final SparseArray<KeyChainConnection>

            mKeyChainConnectionByProfileId = new SparseArray<KeyChainConnection>();
@@ -199,6 +201,8 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment 
            }

        }



        mConfirmingCredentialListener = null;



        IntentFilter filter = new IntentFilter();

        filter.addAction(Intent.ACTION_MANAGED_PROFILE_AVAILABLE);

        filter.addAction(Intent.ACTION_MANAGED_PROFILE_UNAVAILABLE);
@@ -246,10 +250,18 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment 
    @Override

    public void onActivityResult(int requestCode, int resultCode, Intent data) {

        if (requestCode == REQUEST_CONFIRM_CREDENTIALS) {

            int userId = mConfirmingCredentialUser;

            IntConsumer listener = mConfirmingCredentialListener;

            // reset them before calling the listener because the listener may call back to start

            // activity again. (though it should never happen.)

            mConfirmingCredentialUser = UserHandle.USER_NULL;

            mConfirmingCredentialListener = null;

            if (resultCode == Activity.RESULT_OK) {

                mConfirmedCredentialUsers.add(mConfirmingCredentialUser);

                mConfirmedCredentialUsers.add(userId);

                if (listener != null) {

                    listener.accept(userId);

                }

            }

            mConfirmingCredentialUser = UserHandle.USER_NULL;

        }

    }
@@ -942,12 +954,18 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment 
    }



    @Override

    public boolean startConfirmCredentialIfNotConfirmed(int userId) {

    public boolean startConfirmCredentialIfNotConfirmed(int userId,

            IntConsumer onCredentialConfirmedListener) {

        if (mConfirmedCredentialUsers.contains(userId)) {

            // Credential has been confirmed. Don't start activity.

            return false;

        }

        return startConfirmCredential(userId);



        boolean result = startConfirmCredential(userId);

        if (result) {

            mConfirmingCredentialListener = onCredentialConfirmedListener;

        }

        return result;

    }



    private class AliasOperation extends AsyncTask<Void, Void, Boolean> {