From 048e2485374935b0b07882bc829ccf8a41ec3b5a Mon Sep 17 00:00:00 2001 From: Benedict Wong Date: Tue, 5 Nov 2019 12:53:27 -0800 Subject: Add new Credential prefix for platform VPNs Platform VPN profiles keyed by apps must use a different key prefix to prevent the Settings app from seeing them (and thus exposing potentially sensitive credential information). Thus, the profiles will be partitioned as follows: Custom (Settings-app) based profiles continues using VPN_* prefix App provisioned profiles will use the new PLATFORM_VPN_* prefix Bug: 144245359 Test: Compiles, FrameworksNetTests passing Change-Id: If8762e468c6cbbeb80738f14b066ebbad5cc665f --- keystore/java/android/security/Credentials.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'keystore/java/android/security/Credentials.java') diff --git a/keystore/java/android/security/Credentials.java b/keystore/java/android/security/Credentials.java index 08f417662523..fad7d8062a22 100644 --- a/keystore/java/android/security/Credentials.java +++ b/keystore/java/android/security/Credentials.java @@ -16,11 +16,12 @@ package android.security; +import android.annotation.UnsupportedAppUsage; + import com.android.org.bouncycastle.util.io.pem.PemObject; import com.android.org.bouncycastle.util.io.pem.PemReader; import com.android.org.bouncycastle.util.io.pem.PemWriter; -import android.annotation.UnsupportedAppUsage; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -64,6 +65,9 @@ public class Credentials { /** Key prefix for VPN. */ public static final String VPN = "VPN_"; + /** Key prefix for platform VPNs. */ + public static final String PLATFORM_VPN = "PLATFORM_VPN_"; + /** Key prefix for WIFI. */ public static final String WIFI = "WIFI_"; -- cgit v1.2.3