PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "[DO NOT MERGE] Rollup Cert-related changes from R"

Browse Source
This commit is contained in:
Treehugger Robot
2020-07-17 08:28:38 +00:00
committed by Gerrit Code Review
parent 268371c44e f37c8cb4f7
commit 01ec6774e6
13 changed files with 485 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
res/values/strings.xml
View File

@@ -5887,10 +5887,8 @@
<!-- Title of preference group for credential storage settings [CHAR LIMIT=30] -->
<string name="credentials_title">Credential storage</string>
<!-- Title of preference to install certificates from SD card [CHAR LIMIT=30] -->
<string name="credentials_install" product="nosdcard">Install from storage</string>
<!-- Title of preference to install certificates from SD card [CHAR LIMIT=30] -->
<string name="credentials_install" product="default">Install from SD card</string>
<!-- Title of preference to install certificates [CHAR LIMIT=30] -->
<string name="credentials_install">Install a certificate</string>
<!-- Summary of preference to install certificates from SD card [CHAR LIMIT=NONE] -->
<string name="credentials_install_summary" product="nosdcard">Install certificates from storage</string>
<!-- Summary of preference to install certificates from SD card [CHAR LIMIT=NONE] -->
@@ -5929,6 +5927,22 @@
<string name="credentials_not_erased">Credential storage couldn\u2019t be erased.</string>
<!-- Title of Usage Access preference item [CHAR LIMIT=30] -->
<string name="usage_access_title">Apps with usage access</string>
<!-- Title of CA certificate [CHAR LIMIT=30] -->
<string name="ca_certificate">CA certificate</string>
<!-- Title of User certificate [CHAR LIMIT=30] -->
<string name="user_certificate">VPN &amp; app user certificate</string>
<!-- Title of Wi-Fi certificate [CHAR LIMIT=30] -->
<string name="wifi_certificate">Wi\u2011Fi certificate</string>
<!-- Title of warning shown to the user before they can install a CA certificate [CHAR LIMIT=NONE] -->
<string name="ca_certificate_warning_title">Your data won\u2019t be private</string>
<!-- Description of warning shown to the user before they can install a CA certificate [CHAR LIMIT=NONE] -->
<string name="ca_certificate_warning_description">CA certificates are used by websites, apps, and VPNs for encryption. Only install CA certificates from organizations you trust. \n\n If you install a CA certificate, the certificate owner could access your data, such as passwords or credit card details, from websites you visit or apps you use even if your data is encrypted.</string>
<!-- Label for button to not install a certificate [CHAR_LIMIT=50] -->
<string name="certificate_warning_dont_install">Don\u2019t install</string>
<!-- Label for button to continue installing a certificate [CHAR_LIMIT=50] -->
<string name="certificate_warning_install_anyway">Install anyway</string>
<!-- Toast message that a certificate was not installed -->
<string name="cert_not_installed">Certificate not installed</string>
<!-- Sound settings screen, setting check box label -->
<string name="emergency_tone_title">Emergency dialing signal</string>
@@ -6890,6 +6904,8 @@
<string name="help_url_security" translatable="false"></string>
<!-- Help URL, Encryption settings [DO NOT TRANSLATE] -->
<string name="help_url_encryption" translatable="false"></string>
<!-- Help URL, Install certificate settings [DO NOT TRANSLATE] -->
<string name="help_url_install_certificate" translatable="false"></string>
<!-- Help URL, Tap & pay [DO NOT TRANSLATE] -->
<string name="help_url_nfc_payment" translatable="false"></string>
<!-- Help URL, Remote display [DO NOT TRANSLATE] -->

12
res/xml/encryption_and_credential.xml
View File

@@ -58,17 +58,11 @@
settings:userRestriction="no_config_credentials" />
<com.android.settingslib.RestrictedPreference
android:key="credentials_install"
android:key="install_certificate"
android:title="@string/credentials_install"
android:summary="@string/credentials_install_summary"
settings:userRestriction="no_config_credentials">
<intent
android:action="android.credentials.INSTALL"
android:targetPackage="com.android.certinstaller"
android:targetClass="com.android.certinstaller.CertInstallerMain" />
</com.android.settingslib.RestrictedPreference>
android:fragment="com.android.settings.security.InstallCertificateFromStorage"
settings:userRestriction="no_config_credentials" />
<com.android.settingslib.RestrictedPreference
android:key="credentials_reset"

70
res/xml/install_certificate_from_storage.xml Normal file
View File

@@ -0,0 +1,70 @@
<!--
~ Copyright (C) 2019 The Android Open Source Project
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<PreferenceScreen
xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:settings="http://schemas.android.com/apk/res-auto"
android:title="@string/credentials_install"
android:key="install_certificate_from_storage">
<PreferenceCategory
android:key="certificate_types">
<Preference
android:key="install_ca_certificate"
android:title="@string/ca_certificate">
<intent
android:action="android.credentials.INSTALL"
android:targetPackage="com.android.certinstaller"
android:targetClass="com.android.certinstaller.CertInstallerMain">
<!-- Same value as CERTIFICATE_USAGE_CA in keystore/java/android/security/Credentials.java -->
<extra android:name="certificate_install_usage" android:value="ca"/>
</intent>
</Preference>
<Preference
android:key="install_user_certificate"
android:title="@string/user_certificate">
<intent
android:action="android.credentials.INSTALL"
android:targetPackage="com.android.certinstaller"
android:targetClass="com.android.certinstaller.CertInstallerMain">
<!-- Same value as CERTIFICATE_USAGE_USER in keystore/java/android/security/Credentials.java -->
<extra android:name="certificate_install_usage" android:value="user"/>
</intent>
</Preference>
<Preference
android:key="install_wifi_certificate"
android:title="@string/wifi_certificate">
<intent
android:action="android.credentials.INSTALL"
android:targetPackage="com.android.certinstaller"
android:targetClass="com.android.certinstaller.CertInstallerMain">
<!-- Same value as CERTIFICATE_USAGE_WIFI in keystore/java/android/security/Credentials.java -->
<extra android:name="certificate_install_usage" android:value="wifi"/>
</intent>
</Preference>
</PreferenceCategory>
</PreferenceScreen>

10
res/xml/wifi_configure_settings.xml
View File

@@ -48,10 +48,12 @@
<Preference
android:key="install_credentials"
android:title="@string/wifi_install_credentials">
<intent android:action="android.credentials.INSTALL_AS_USER"
android:targetPackage="com.android.certinstaller"
android:targetClass="com.android.certinstaller.CertInstallerMain">
<extra android:name="install_as_uid" android:value="1010" />
<intent
android:action="android.credentials.INSTALL"
android:targetPackage="com.android.certinstaller"
android:targetClass="com.android.certinstaller.CertInstallerMain">
<!-- Same value as CERTIFICATE_USAGE_WIFI in keystore/java/android/security/Credentials.java -->
<extra android:name="certificate_install_usage" android:value="wifi"/>
</intent>
</Preference>

134
src/com/android/settings/security/CredentialStorage.java
View File

@@ -31,6 +31,7 @@ import android.os.RemoteException;
import android.os.UserHandle;
import android.os.UserManager;
import android.security.Credentials;
import android.security.IKeyChainService;
import android.security.KeyChain;
import android.security.KeyChain.KeyChainConnection;
import android.security.KeyStore;
@@ -42,18 +43,10 @@ import androidx.appcompat.app.AlertDialog;
import androidx.fragment.app.FragmentActivity;
import com.android.internal.widget.LockPatternUtils;
import com.android.org.bouncycastle.asn1.ASN1InputStream;
import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import com.android.settings.R;
import com.android.settings.password.ChooseLockSettingsHelper;
import com.android.settings.vpn2.VpnUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
/**
* CredentialStorage handles resetting and installing keys into KeyStore.
*/
@@ -118,20 +111,6 @@ public final class CredentialStorage extends FragmentActivity {
}
}
private boolean isHardwareBackedKey(byte[] keyData) {
try {
final ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(keyData));
final PrivateKeyInfo pki = PrivateKeyInfo.getInstance(bIn.readObject());
final String algOid = pki.getPrivateKeyAlgorithm().getAlgorithm().getId();
final String algName = new AlgorithmId(new ObjectIdentifier(algOid)).getName();
return KeyChain.isBoundKeyAlgorithm(algName);
} catch (IOException e) {
Log.e(TAG, "Failed to parse key data");
return false;
}
}
/**
* Install credentials if available, otherwise do nothing.
*
@@ -165,56 +144,18 @@ public final class CredentialStorage extends FragmentActivity {
return true;
}
boolean shouldFinish = true;
if (bundle.containsKey(Credentials.EXTRA_USER_PRIVATE_KEY_NAME)) {
final String key = bundle.getString(Credentials.EXTRA_USER_PRIVATE_KEY_NAME);
final byte[] value = bundle.getByteArray(Credentials.EXTRA_USER_PRIVATE_KEY_DATA);
if (!mKeyStore.importKey(key, value, uid, KeyStore.FLAG_NONE)) {
Log.e(TAG, "Failed to install " + key + " as uid " + uid);
return true;
}
// The key was prepended USER_PRIVATE_KEY by the CredentialHelper. However,
// KeyChain internally uses the raw alias name and only prepends USER_PRIVATE_KEY
// to the key name when interfacing with KeyStore.
// This is generally a symptom of CredentialStorage and CredentialHelper relying
// on internal implementation details of KeyChain and imitating its functionality
// rather than delegating to KeyChain for the certificate installation.
if (uid == Process.SYSTEM_UID || uid == KeyStore.UID_SELF) {
new MarkKeyAsUserSelectable(
key.replaceFirst("^" + Credentials.USER_PRIVATE_KEY, "")).execute();
shouldFinish = false;
}
String alias = bundle.getString(Credentials.EXTRA_USER_KEY_ALIAS, null);
if (TextUtils.isEmpty(alias)) {
Log.e(TAG, "Cannot install key without an alias");
return true;
}
final int flags = KeyStore.FLAG_NONE;
final byte[] privateKeyData = bundle.getByteArray(Credentials.EXTRA_USER_PRIVATE_KEY_DATA);
final byte[] certData = bundle.getByteArray(Credentials.EXTRA_USER_CERTIFICATE_DATA);
final byte[] caListData = bundle.getByteArray(Credentials.EXTRA_CA_CERTIFICATES_DATA);
new InstallKeyInKeyChain(alias, privateKeyData, certData, caListData, uid).execute();
if (bundle.containsKey(Credentials.EXTRA_USER_CERTIFICATE_NAME)) {
final String certName = bundle.getString(Credentials.EXTRA_USER_CERTIFICATE_NAME);
final byte[] certData = bundle.getByteArray(Credentials.EXTRA_USER_CERTIFICATE_DATA);
if (!mKeyStore.put(certName, certData, uid, flags)) {
Log.e(TAG, "Failed to install " + certName + " as uid " + uid);
return shouldFinish;
}
}
if (bundle.containsKey(Credentials.EXTRA_CA_CERTIFICATES_NAME)) {
final String caListName = bundle.getString(Credentials.EXTRA_CA_CERTIFICATES_NAME);
final byte[] caListData = bundle.getByteArray(Credentials.EXTRA_CA_CERTIFICATES_DATA);
if (!mKeyStore.put(caListName, caListData, uid, flags)) {
Log.e(TAG, "Failed to install " + caListName + " as uid " + uid);
return shouldFinish;
}
}
// Send the broadcast.
final Intent broadcast = new Intent(KeyChain.ACTION_KEYCHAIN_CHANGED);
sendBroadcast(broadcast);
setResult(RESULT_OK);
return shouldFinish;
return false;
}
/**
@@ -308,26 +249,45 @@ public final class CredentialStorage extends FragmentActivity {
}
/**
* Background task to mark a given key alias as user-selectable, so that
* it can be selected by users from the Certificate Selection prompt.
* Background task to install a certificate into KeyChain or the WiFi Keystore.
*/
private class MarkKeyAsUserSelectable extends AsyncTask<Void, Void, Boolean> {
private class InstallKeyInKeyChain extends AsyncTask<Void, Void, Boolean> {
final String mAlias;
private final byte[] mKeyData;
private final byte[] mCertData;
private final byte[] mCaListData;
private final int mUid;
MarkKeyAsUserSelectable(String alias) {
InstallKeyInKeyChain(String alias, byte[] keyData, byte[] certData, byte[] caListData,
int uid) {
mAlias = alias;
mKeyData = keyData;
mCertData = certData;
mCaListData = caListData;
mUid = uid;
}
@Override
protected Boolean doInBackground(Void... unused) {
try (KeyChainConnection keyChainConnection = KeyChain.bind(CredentialStorage.this)) {
keyChainConnection.getService().setUserSelectable(mAlias, true);
IKeyChainService service = keyChainConnection.getService();
if (!service.installKeyPair(mKeyData, mCertData, mCaListData, mAlias, mUid)) {
Log.w(TAG, String.format("Failed installing key %s", mAlias));
return false;
}
// If this is not a WiFi key, mark it as user-selectable, so that it can be
// selected by users from the Certificate Selection prompt.
if (mUid == Process.SYSTEM_UID || mUid == KeyStore.UID_SELF) {
service.setUserSelectable(mAlias, true);
}
return true;
} catch (RemoteException e) {
Log.w(TAG, "Failed to mark key " + mAlias + " as user-selectable.");
Log.w(TAG, String.format("Failed to install key %s to uid %d", mAlias, mUid), e);
return false;
} catch (InterruptedException e) {
Log.w(TAG, "Failed to mark key " + mAlias + " as user-selectable.");
Log.w(TAG, String.format("Interrupted while installing key %s", mAlias), e);
Thread.currentThread().interrupt();
return false;
}
@@ -335,12 +295,28 @@ public final class CredentialStorage extends FragmentActivity {
@Override
protected void onPostExecute(Boolean result) {
Log.i(TAG, String.format("Marked alias %s as selectable, success? %s",
mAlias, result));
CredentialStorage.this.finish();
CredentialStorage.this.onKeyInstalled(mAlias, mUid, result);
}
}
private void onKeyInstalled(String alias, int uid, boolean result) {
if (!result) {
Log.w(TAG, String.format("Error installing alias %s for uid %d", alias, uid));
finish();
return;
}
Log.i(TAG, String.format("Successfully installed alias %s to uid %d.",
alias, uid));
// Send the broadcast.
final Intent broadcast = new Intent(KeyChain.ACTION_KEYCHAIN_CHANGED);
sendBroadcast(broadcast);
setResult(RESULT_OK);
finish();
}
/**
* Check that the caller is either certinstaller or Settings running in a profile of this user.
*/

2
src/com/android/settings/security/EncryptionAndCredential.java
View File

@@ -76,7 +76,7 @@ public class EncryptionAndCredential extends DashboardFragment {
controllers.add(new CredentialStoragePreferenceController(context));
controllers.add(new UserCredentialsPreferenceController(context));
controllers.add(new ResetCredentialsPreferenceController(context, lifecycle));
controllers.add(new InstallCredentialsPreferenceController(context));
controllers.add(new InstallCertificatePreferenceController(context));
return controllers;
}

42
src/com/android/settings/security/InstallCaCertificatePreferenceController.java Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.settings.security;
import android.content.Context;
import android.os.UserManager;
import com.android.settings.core.BasePreferenceController;
public class InstallCaCertificatePreferenceController extends
BasePreferenceController {
private static final String KEY_INSTALL_CA_CERTIFICATE = "install_ca_certificate";
public InstallCaCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
public int getAvailabilityStatus() {
return AVAILABLE;
}
@Override
public String getPreferenceKey() {
return KEY_INSTALL_CA_CERTIFICATE;
}
}

93
src/com/android/settings/security/InstallCertificateFromStorage.java Normal file
View File

@@ -0,0 +1,93 @@
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.settings.security;
import android.app.settings.SettingsEnums;
import android.content.Context;
import android.os.UserManager;
import com.android.settings.R;
import com.android.settings.dashboard.DashboardFragment;
import com.android.settings.search.BaseSearchIndexProvider;
import com.android.settingslib.core.AbstractPreferenceController;
import com.android.settingslib.core.lifecycle.Lifecycle;
import com.android.settingslib.search.SearchIndexable;
import java.util.ArrayList;
import java.util.List;
/**
* Install certificate from storage settings.
*/
@SearchIndexable
public class InstallCertificateFromStorage extends DashboardFragment {
private static final String TAG = "InstallCertificateFromStorage";
@Override
public int getMetricsCategory() {
return SettingsEnums.INSTALL_CERTIFICATE_FROM_STORAGE;
}
@Override
protected int getPreferenceScreenResId() {
return R.xml.install_certificate_from_storage;
}
@Override
protected String getLogTag() {
return TAG;
}
@Override
protected List<AbstractPreferenceController> createPreferenceControllers(Context context) {
return new ArrayList<AbstractPreferenceController>();
}
private static List<AbstractPreferenceController> buildPreferenceControllers(Context context,
Lifecycle lifecycle) {
final List<AbstractPreferenceController> controllers = new ArrayList<>();
controllers.add(new InstallCaCertificatePreferenceController(context));
controllers.add(new InstallUserCertificatePreferenceController(context));
controllers.add(new InstallWifiCertificatePreferenceController(context));
return controllers;
}
@Override
public int getHelpResource() {
return R.string.help_url_install_certificate;
}
/**
* For Search. Please keep it in sync when updating "createPreferenceHierarchy()"
*/
public static final BaseSearchIndexProvider SEARCH_INDEX_DATA_PROVIDER =
new BaseSearchIndexProvider() {
@Override
public List<AbstractPreferenceController> createPreferenceControllers(
Context context) {
return buildPreferenceControllers(context, null /* lifecycle */);
}
@Override
protected boolean isPageSearchEnabled(Context context) {
final UserManager um = (UserManager) context.getSystemService(
Context.USER_SERVICE);
return um.isAdminUser();
}
};
}

8
src/com/android/settings/security/InstallCredentialsPreferenceController.java → src/com/android/settings/security/InstallCertificatePreferenceController.java
View File

@@ -19,17 +19,17 @@ package com.android.settings.security;
import android.content.Context;
import android.os.UserManager;
public class InstallCredentialsPreferenceController extends
public class InstallCertificatePreferenceController extends
RestrictedEncryptionPreferenceController {
private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
private static final String KEY_INSTALL_CERTIFICATE = "install_certificate";
public InstallCredentialsPreferenceController(Context context) {
public InstallCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
public String getPreferenceKey() {
return KEY_CREDENTIALS_INSTALL;
return KEY_INSTALL_CERTIFICATE;
}
}

42
src/com/android/settings/security/InstallUserCertificatePreferenceController.java Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.settings.security;
import android.content.Context;
import android.os.UserManager;
import com.android.settings.core.BasePreferenceController;
public class InstallUserCertificatePreferenceController extends
BasePreferenceController {
private static final String KEY_INSTALL_USER_CERTIFICATE = "install_user_certificate";
public InstallUserCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
public int getAvailabilityStatus() {
return AVAILABLE;
}
@Override
public String getPreferenceKey() {
return KEY_INSTALL_USER_CERTIFICATE;
}
}

42
src/com/android/settings/security/InstallWifiCertificatePreferenceController.java Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.settings.security;
import android.content.Context;
import android.os.UserManager;
import com.android.settings.core.BasePreferenceController;
public class InstallWifiCertificatePreferenceController extends
BasePreferenceController {
private static final String KEY_INSTALL_WIFI_CERTIFICATE = "install_wifi_certificate";
public InstallWifiCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
public int getAvailabilityStatus() {
return AVAILABLE;
}
@Override
public String getPreferenceKey() {
return KEY_INSTALL_WIFI_CERTIFICATE;
}
}

87
tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java Normal file
View File

@@ -0,0 +1,87 @@
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.settings.security;
import static com.android.settings.security.InstallCertificateFromStorage.SEARCH_INDEX_DATA_PROVIDER;
import static com.google.common.truth.Truth.assertThat;
import android.app.admin.DevicePolicyManager;
import android.app.settings.SettingsEnums;
import android.content.Context;
import android.os.UserManager;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
import org.robolectric.RobolectricTestRunner;
import org.robolectric.RuntimeEnvironment;
import org.robolectric.shadows.ShadowApplication;
import java.util.ArrayList;
import java.util.List;
@RunWith(RobolectricTestRunner.class)
public class InstallCertificateFromStorageTest {
@Mock
private UserManager mUserManager;
@Mock
private DevicePolicyManager mDevicePolicyManager;
private Context mContext;
private List<String> mTestKeys;
@Before
public void setUp() {
MockitoAnnotations.initMocks(this);
ShadowApplication application = ShadowApplication.getInstance();
application.setSystemService(Context.DEVICE_POLICY_SERVICE, mDevicePolicyManager);
application.setSystemService(Context.USER_SERVICE, mUserManager);
mContext = RuntimeEnvironment.application;
setUpTestKeys();
}
private void setUpTestKeys() {
mTestKeys = new ArrayList<>();
mTestKeys.add("install_certificate_from_storage");
mTestKeys.add("certificate_types");
mTestKeys.add("install_ca_certificate");
mTestKeys.add("install_user_certificate");
mTestKeys.add("install_wifi_certificate");
}
@Test
public void getMetricsCategory_shouldReturnInstallCertificateFromStorage() {
InstallCertificateFromStorage fragment = new InstallCertificateFromStorage();
assertThat(fragment.getMetricsCategory()).isEqualTo(
SettingsEnums.INSTALL_CERTIFICATE_FROM_STORAGE);
}
@Test
public void getNonIndexableKeys_existInXmlLayout() {
final List<String> nonIndexableKeys =
SEARCH_INDEX_DATA_PROVIDER.getNonIndexableKeys(mContext);
assertThat(nonIndexableKeys).containsAllIn(mTestKeys);
}
}

25
tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
View File

@@ -40,9 +40,12 @@ public class RestrictedEncryptionPreferenceControllerTest {
private Context mContext;
private ShadowUserManager mUserManager;
private CredentialStoragePreferenceController mCredentialStoragePreferenceController;
private InstallCredentialsPreferenceController mInstallCredentialsPreferenceController;
private InstallCertificatePreferenceController mInstallCertificatePreferenceController;
private ResetCredentialsPreferenceController mResetCredentialsPreferenceController;
private UserCredentialsPreferenceController mUserCredentialsPreferenceController;
private InstallCaCertificatePreferenceController mInstallCaCertificatePreferenceController;
private InstallUserCertificatePreferenceController mInstallUserCertificatePreferenceController;
private InstallWifiCertificatePreferenceController mInstallWifiCertificatePreferenceController;
private Lifecycle mLifecycle;
private LifecycleOwner mLifecycleOwner;
@@ -53,21 +56,30 @@ public class RestrictedEncryptionPreferenceControllerTest {
mLifecycle = new Lifecycle(mLifecycleOwner);
mCredentialStoragePreferenceController =
new CredentialStoragePreferenceController(mContext);
mInstallCredentialsPreferenceController =
new InstallCredentialsPreferenceController(mContext);
mInstallCertificatePreferenceController =
new InstallCertificatePreferenceController(mContext);
mResetCredentialsPreferenceController =
new ResetCredentialsPreferenceController(mContext, mLifecycle);
mUserCredentialsPreferenceController =
new UserCredentialsPreferenceController(mContext);
mInstallCaCertificatePreferenceController =
new InstallCaCertificatePreferenceController(mContext);
mInstallUserCertificatePreferenceController =
new InstallUserCertificatePreferenceController(mContext);
mInstallWifiCertificatePreferenceController =
new InstallWifiCertificatePreferenceController(mContext);
mUserManager = ShadowUserManager.getShadow();
}
@Test
public void isAvailable_noRestriction_shouldReturnTrue() {
assertThat(mCredentialStoragePreferenceController.isAvailable()).isTrue();
assertThat(mInstallCredentialsPreferenceController.isAvailable()).isTrue();
assertThat(mInstallCertificatePreferenceController.isAvailable()).isTrue();
assertThat(mResetCredentialsPreferenceController.isAvailable()).isTrue();
assertThat(mUserCredentialsPreferenceController.isAvailable()).isTrue();
assertThat(mInstallCaCertificatePreferenceController.isAvailable()).isTrue();
assertThat(mInstallUserCertificatePreferenceController.isAvailable()).isTrue();
assertThat(mInstallWifiCertificatePreferenceController.isAvailable()).isTrue();
}
@Test
@@ -75,8 +87,11 @@ public class RestrictedEncryptionPreferenceControllerTest {
mUserManager.addBaseUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS);
assertThat(mCredentialStoragePreferenceController.isAvailable()).isFalse();
assertThat(mInstallCredentialsPreferenceController.isAvailable()).isFalse();
assertThat(mInstallCertificatePreferenceController.isAvailable()).isFalse();
assertThat(mResetCredentialsPreferenceController.isAvailable()).isFalse();
assertThat(mUserCredentialsPreferenceController.isAvailable()).isFalse();
assertThat(mInstallCaCertificatePreferenceController.isAvailable()).isFalse();
assertThat(mInstallUserCertificatePreferenceController.isAvailable()).isFalse();
assertThat(mInstallWifiCertificatePreferenceController.isAvailable()).isFalse();
}
}