diff options
| author | Alex Johnston <acjohnston@google.com> | 2020-11-28 11:57:08 +0000 |
|---|---|---|
| committer | Alex Johnston <acjohnston@google.com> | 2020-12-01 20:04:04 +0000 |
| commit | e17727ebe44f33976e3f035719265bd19e48c871 (patch) | |
| tree | 155c5c67cb58e7987e4fbc17786e74778ce617ca /keystore/java/android/security/AppUriAuthenticationPolicy.java | |
| parent | aec5558bc326b11f3c886536e261619269043564 (diff) | |
Add KeyChainService credential management app APIs
Background
* This is part of the work to support
a credential management app on
unmanaged devices.
Changes
* Add KeyChainService API methods to
modify the stored credential management app.
Manual Testing
* Install TestDPC
* Request to manage credentials (fire intent).
Add policy mapping: 'com.android.chrome' ->
'client.badssl.com:443' -> 'testAlias'
* Install badssl user certificate as credential
management app (TestDPC). Set alias to 'testAlias'
* Check certificate is installed in Settings
* Go to chrome > client.badssl.com
* Verify no certificate selection prompt is
displayed. User is automatically authenticated.
* Remove credential management app from Settings
Security > Encryption and credentials >
Certificate management app
* Verify credential management app is removed and
'testAlias' is uninstalled.
Bug: 165641221
Test: Manual Testing
atest com.android.keychain.KeyChainServiceRoboTest
Change-Id: I00b7df27a92f6ee4f74546f892c83290fead1112
Diffstat (limited to 'keystore/java/android/security/AppUriAuthenticationPolicy.java')
| -rw-r--r-- | keystore/java/android/security/AppUriAuthenticationPolicy.java | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/keystore/java/android/security/AppUriAuthenticationPolicy.java b/keystore/java/android/security/AppUriAuthenticationPolicy.java index 30f5a94ca0c8..0244ce97c0d4 100644 --- a/keystore/java/android/security/AppUriAuthenticationPolicy.java +++ b/keystore/java/android/security/AppUriAuthenticationPolicy.java @@ -28,8 +28,10 @@ import org.xmlpull.v1.XmlSerializer; import java.io.IOException; import java.util.HashMap; +import java.util.HashSet; import java.util.Map; import java.util.Objects; +import java.util.Set; /** * The app-URI authentication policy is set by the credential management app. This policy determines @@ -223,4 +225,17 @@ public final class AppUriAuthenticationPolicy implements Parcelable { } } + /** + * Get the set of aliases found in the policy. + * + * @hide + */ + public Set<String> getAliases() { + Set<String> aliases = new HashSet<>(); + for (UrisToAliases appsToUris : mAppToUris.values()) { + aliases.addAll(appsToUris.getUrisToAliases().values()); + } + return aliases; + } + } |