diff --git a/res/values/strings.xml b/res/values/strings.xml
index dd8eee2066b..9a7271d5aab 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -5887,10 +5887,8 @@
Credential storage
-
- Install from storage
-
- Install from SD card
+
+ Install a certificate
Install certificates from storage
@@ -5929,6 +5927,22 @@
Credential storage couldn\u2019t be erased.
Apps with usage access
+
+ CA certificate
+
+ VPN & app user certificate
+
+ Wi\u2011Fi certificate
+
+ Your data won\u2019t be private
+
+ CA certificates are used by websites, apps, and VPNs for encryption. Only install CA certificates from organizations you trust. \n\n If you install a CA certificate, the certificate owner could access your data, such as passwords or credit card details, from websites you visit or apps you use – even if your data is encrypted.
+
+ Don\u2019t install
+
+ Install anyway
+
+ Certificate not installed
Emergency dialing signal
@@ -6890,6 +6904,8 @@
+
+
diff --git a/res/xml/encryption_and_credential.xml b/res/xml/encryption_and_credential.xml
index f9d967964eb..f7e7184036c 100644
--- a/res/xml/encryption_and_credential.xml
+++ b/res/xml/encryption_and_credential.xml
@@ -58,17 +58,11 @@
settings:userRestriction="no_config_credentials" />
-
-
-
-
+ android:fragment="com.android.settings.security.InstallCertificateFromStorage"
+ settings:userRestriction="no_config_credentials" />
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/res/xml/wifi_configure_settings.xml b/res/xml/wifi_configure_settings.xml
index c6214662d35..0300b806460 100644
--- a/res/xml/wifi_configure_settings.xml
+++ b/res/xml/wifi_configure_settings.xml
@@ -48,10 +48,12 @@
-
-
+
+
+
diff --git a/src/com/android/settings/security/CredentialStorage.java b/src/com/android/settings/security/CredentialStorage.java
index 0ea37b5bc7f..5e647230852 100644
--- a/src/com/android/settings/security/CredentialStorage.java
+++ b/src/com/android/settings/security/CredentialStorage.java
@@ -31,6 +31,7 @@ import android.os.RemoteException;
import android.os.UserHandle;
import android.os.UserManager;
import android.security.Credentials;
+import android.security.IKeyChainService;
import android.security.KeyChain;
import android.security.KeyChain.KeyChainConnection;
import android.security.KeyStore;
@@ -42,18 +43,10 @@ import androidx.appcompat.app.AlertDialog;
import androidx.fragment.app.FragmentActivity;
import com.android.internal.widget.LockPatternUtils;
-import com.android.org.bouncycastle.asn1.ASN1InputStream;
-import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import com.android.settings.R;
import com.android.settings.password.ChooseLockSettingsHelper;
import com.android.settings.vpn2.VpnUtils;
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import sun.security.util.ObjectIdentifier;
-import sun.security.x509.AlgorithmId;
-
/**
* CredentialStorage handles resetting and installing keys into KeyStore.
*/
@@ -118,20 +111,6 @@ public final class CredentialStorage extends FragmentActivity {
}
}
- private boolean isHardwareBackedKey(byte[] keyData) {
- try {
- final ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(keyData));
- final PrivateKeyInfo pki = PrivateKeyInfo.getInstance(bIn.readObject());
- final String algOid = pki.getPrivateKeyAlgorithm().getAlgorithm().getId();
- final String algName = new AlgorithmId(new ObjectIdentifier(algOid)).getName();
-
- return KeyChain.isBoundKeyAlgorithm(algName);
- } catch (IOException e) {
- Log.e(TAG, "Failed to parse key data");
- return false;
- }
- }
-
/**
* Install credentials if available, otherwise do nothing.
*
@@ -165,56 +144,18 @@ public final class CredentialStorage extends FragmentActivity {
return true;
}
- boolean shouldFinish = true;
- if (bundle.containsKey(Credentials.EXTRA_USER_PRIVATE_KEY_NAME)) {
- final String key = bundle.getString(Credentials.EXTRA_USER_PRIVATE_KEY_NAME);
- final byte[] value = bundle.getByteArray(Credentials.EXTRA_USER_PRIVATE_KEY_DATA);
-
- if (!mKeyStore.importKey(key, value, uid, KeyStore.FLAG_NONE)) {
- Log.e(TAG, "Failed to install " + key + " as uid " + uid);
- return true;
- }
- // The key was prepended USER_PRIVATE_KEY by the CredentialHelper. However,
- // KeyChain internally uses the raw alias name and only prepends USER_PRIVATE_KEY
- // to the key name when interfacing with KeyStore.
- // This is generally a symptom of CredentialStorage and CredentialHelper relying
- // on internal implementation details of KeyChain and imitating its functionality
- // rather than delegating to KeyChain for the certificate installation.
- if (uid == Process.SYSTEM_UID || uid == KeyStore.UID_SELF) {
- new MarkKeyAsUserSelectable(
- key.replaceFirst("^" + Credentials.USER_PRIVATE_KEY, "")).execute();
- shouldFinish = false;
- }
+ String alias = bundle.getString(Credentials.EXTRA_USER_KEY_ALIAS, null);
+ if (TextUtils.isEmpty(alias)) {
+ Log.e(TAG, "Cannot install key without an alias");
+ return true;
}
- final int flags = KeyStore.FLAG_NONE;
+ final byte[] privateKeyData = bundle.getByteArray(Credentials.EXTRA_USER_PRIVATE_KEY_DATA);
+ final byte[] certData = bundle.getByteArray(Credentials.EXTRA_USER_CERTIFICATE_DATA);
+ final byte[] caListData = bundle.getByteArray(Credentials.EXTRA_CA_CERTIFICATES_DATA);
+ new InstallKeyInKeyChain(alias, privateKeyData, certData, caListData, uid).execute();
- if (bundle.containsKey(Credentials.EXTRA_USER_CERTIFICATE_NAME)) {
- final String certName = bundle.getString(Credentials.EXTRA_USER_CERTIFICATE_NAME);
- final byte[] certData = bundle.getByteArray(Credentials.EXTRA_USER_CERTIFICATE_DATA);
-
- if (!mKeyStore.put(certName, certData, uid, flags)) {
- Log.e(TAG, "Failed to install " + certName + " as uid " + uid);
- return shouldFinish;
- }
- }
-
- if (bundle.containsKey(Credentials.EXTRA_CA_CERTIFICATES_NAME)) {
- final String caListName = bundle.getString(Credentials.EXTRA_CA_CERTIFICATES_NAME);
- final byte[] caListData = bundle.getByteArray(Credentials.EXTRA_CA_CERTIFICATES_DATA);
-
- if (!mKeyStore.put(caListName, caListData, uid, flags)) {
- Log.e(TAG, "Failed to install " + caListName + " as uid " + uid);
- return shouldFinish;
- }
- }
-
- // Send the broadcast.
- final Intent broadcast = new Intent(KeyChain.ACTION_KEYCHAIN_CHANGED);
- sendBroadcast(broadcast);
-
- setResult(RESULT_OK);
- return shouldFinish;
+ return false;
}
/**
@@ -308,26 +249,45 @@ public final class CredentialStorage extends FragmentActivity {
}
/**
- * Background task to mark a given key alias as user-selectable, so that
- * it can be selected by users from the Certificate Selection prompt.
+ * Background task to install a certificate into KeyChain or the WiFi Keystore.
*/
- private class MarkKeyAsUserSelectable extends AsyncTask {
+ private class InstallKeyInKeyChain extends AsyncTask {
final String mAlias;
+ private final byte[] mKeyData;
+ private final byte[] mCertData;
+ private final byte[] mCaListData;
+ private final int mUid;
- MarkKeyAsUserSelectable(String alias) {
+ InstallKeyInKeyChain(String alias, byte[] keyData, byte[] certData, byte[] caListData,
+ int uid) {
mAlias = alias;
+ mKeyData = keyData;
+ mCertData = certData;
+ mCaListData = caListData;
+ mUid = uid;
}
@Override
protected Boolean doInBackground(Void... unused) {
try (KeyChainConnection keyChainConnection = KeyChain.bind(CredentialStorage.this)) {
- keyChainConnection.getService().setUserSelectable(mAlias, true);
+ IKeyChainService service = keyChainConnection.getService();
+ if (!service.installKeyPair(mKeyData, mCertData, mCaListData, mAlias, mUid)) {
+ Log.w(TAG, String.format("Failed installing key %s", mAlias));
+ return false;
+ }
+
+ // If this is not a WiFi key, mark it as user-selectable, so that it can be
+ // selected by users from the Certificate Selection prompt.
+ if (mUid == Process.SYSTEM_UID || mUid == KeyStore.UID_SELF) {
+ service.setUserSelectable(mAlias, true);
+ }
+
return true;
} catch (RemoteException e) {
- Log.w(TAG, "Failed to mark key " + mAlias + " as user-selectable.");
+ Log.w(TAG, String.format("Failed to install key %s to uid %d", mAlias, mUid), e);
return false;
} catch (InterruptedException e) {
- Log.w(TAG, "Failed to mark key " + mAlias + " as user-selectable.");
+ Log.w(TAG, String.format("Interrupted while installing key %s", mAlias), e);
Thread.currentThread().interrupt();
return false;
}
@@ -335,12 +295,28 @@ public final class CredentialStorage extends FragmentActivity {
@Override
protected void onPostExecute(Boolean result) {
- Log.i(TAG, String.format("Marked alias %s as selectable, success? %s",
- mAlias, result));
- CredentialStorage.this.finish();
+ CredentialStorage.this.onKeyInstalled(mAlias, mUid, result);
}
}
+ private void onKeyInstalled(String alias, int uid, boolean result) {
+ if (!result) {
+ Log.w(TAG, String.format("Error installing alias %s for uid %d", alias, uid));
+ finish();
+ return;
+ }
+
+ Log.i(TAG, String.format("Successfully installed alias %s to uid %d.",
+ alias, uid));
+
+ // Send the broadcast.
+ final Intent broadcast = new Intent(KeyChain.ACTION_KEYCHAIN_CHANGED);
+ sendBroadcast(broadcast);
+ setResult(RESULT_OK);
+
+ finish();
+ }
+
/**
* Check that the caller is either certinstaller or Settings running in a profile of this user.
*/
diff --git a/src/com/android/settings/security/EncryptionAndCredential.java b/src/com/android/settings/security/EncryptionAndCredential.java
index a6d2a0ab838..e5f82f53f52 100644
--- a/src/com/android/settings/security/EncryptionAndCredential.java
+++ b/src/com/android/settings/security/EncryptionAndCredential.java
@@ -76,7 +76,7 @@ public class EncryptionAndCredential extends DashboardFragment {
controllers.add(new CredentialStoragePreferenceController(context));
controllers.add(new UserCredentialsPreferenceController(context));
controllers.add(new ResetCredentialsPreferenceController(context, lifecycle));
- controllers.add(new InstallCredentialsPreferenceController(context));
+ controllers.add(new InstallCertificatePreferenceController(context));
return controllers;
}
diff --git a/src/com/android/settings/security/InstallCaCertificatePreferenceController.java b/src/com/android/settings/security/InstallCaCertificatePreferenceController.java
new file mode 100644
index 00000000000..b2ded85b2c2
--- /dev/null
+++ b/src/com/android/settings/security/InstallCaCertificatePreferenceController.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security;
+
+import android.content.Context;
+import android.os.UserManager;
+
+import com.android.settings.core.BasePreferenceController;
+
+public class InstallCaCertificatePreferenceController extends
+ BasePreferenceController {
+
+ private static final String KEY_INSTALL_CA_CERTIFICATE = "install_ca_certificate";
+
+ public InstallCaCertificatePreferenceController(Context context) {
+ super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
+ }
+
+ @Override
+ public int getAvailabilityStatus() {
+ return AVAILABLE;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return KEY_INSTALL_CA_CERTIFICATE;
+ }
+}
diff --git a/src/com/android/settings/security/InstallCertificateFromStorage.java b/src/com/android/settings/security/InstallCertificateFromStorage.java
new file mode 100644
index 00000000000..43ac381787a
--- /dev/null
+++ b/src/com/android/settings/security/InstallCertificateFromStorage.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security;
+
+import android.app.settings.SettingsEnums;
+import android.content.Context;
+import android.os.UserManager;
+
+import com.android.settings.R;
+import com.android.settings.dashboard.DashboardFragment;
+import com.android.settings.search.BaseSearchIndexProvider;
+import com.android.settingslib.core.AbstractPreferenceController;
+import com.android.settingslib.core.lifecycle.Lifecycle;
+import com.android.settingslib.search.SearchIndexable;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Install certificate from storage settings.
+ */
+@SearchIndexable
+public class InstallCertificateFromStorage extends DashboardFragment {
+
+ private static final String TAG = "InstallCertificateFromStorage";
+
+ @Override
+ public int getMetricsCategory() {
+ return SettingsEnums.INSTALL_CERTIFICATE_FROM_STORAGE;
+ }
+
+ @Override
+ protected int getPreferenceScreenResId() {
+ return R.xml.install_certificate_from_storage;
+ }
+
+ @Override
+ protected String getLogTag() {
+ return TAG;
+ }
+
+ @Override
+ protected List createPreferenceControllers(Context context) {
+ return new ArrayList();
+ }
+
+ private static List buildPreferenceControllers(Context context,
+ Lifecycle lifecycle) {
+ final List controllers = new ArrayList<>();
+ controllers.add(new InstallCaCertificatePreferenceController(context));
+ controllers.add(new InstallUserCertificatePreferenceController(context));
+ controllers.add(new InstallWifiCertificatePreferenceController(context));
+ return controllers;
+ }
+
+ @Override
+ public int getHelpResource() {
+ return R.string.help_url_install_certificate;
+ }
+
+ /**
+ * For Search. Please keep it in sync when updating "createPreferenceHierarchy()"
+ */
+ public static final BaseSearchIndexProvider SEARCH_INDEX_DATA_PROVIDER =
+ new BaseSearchIndexProvider() {
+ @Override
+ public List createPreferenceControllers(
+ Context context) {
+ return buildPreferenceControllers(context, null /* lifecycle */);
+ }
+
+ @Override
+ protected boolean isPageSearchEnabled(Context context) {
+ final UserManager um = (UserManager) context.getSystemService(
+ Context.USER_SERVICE);
+ return um.isAdminUser();
+ }
+ };
+}
diff --git a/src/com/android/settings/security/InstallCredentialsPreferenceController.java b/src/com/android/settings/security/InstallCertificatePreferenceController.java
similarity index 78%
rename from src/com/android/settings/security/InstallCredentialsPreferenceController.java
rename to src/com/android/settings/security/InstallCertificatePreferenceController.java
index ca9ed2657a5..2133069c94d 100644
--- a/src/com/android/settings/security/InstallCredentialsPreferenceController.java
+++ b/src/com/android/settings/security/InstallCertificatePreferenceController.java
@@ -19,17 +19,17 @@ package com.android.settings.security;
import android.content.Context;
import android.os.UserManager;
-public class InstallCredentialsPreferenceController extends
+public class InstallCertificatePreferenceController extends
RestrictedEncryptionPreferenceController {
- private static final String KEY_CREDENTIALS_INSTALL = "credentials_install";
+ private static final String KEY_INSTALL_CERTIFICATE = "install_certificate";
- public InstallCredentialsPreferenceController(Context context) {
+ public InstallCertificatePreferenceController(Context context) {
super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
}
@Override
public String getPreferenceKey() {
- return KEY_CREDENTIALS_INSTALL;
+ return KEY_INSTALL_CERTIFICATE;
}
}
diff --git a/src/com/android/settings/security/InstallUserCertificatePreferenceController.java b/src/com/android/settings/security/InstallUserCertificatePreferenceController.java
new file mode 100644
index 00000000000..ad2a6068d64
--- /dev/null
+++ b/src/com/android/settings/security/InstallUserCertificatePreferenceController.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security;
+
+import android.content.Context;
+import android.os.UserManager;
+
+import com.android.settings.core.BasePreferenceController;
+
+public class InstallUserCertificatePreferenceController extends
+ BasePreferenceController {
+
+ private static final String KEY_INSTALL_USER_CERTIFICATE = "install_user_certificate";
+
+ public InstallUserCertificatePreferenceController(Context context) {
+ super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
+ }
+
+ @Override
+ public int getAvailabilityStatus() {
+ return AVAILABLE;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return KEY_INSTALL_USER_CERTIFICATE;
+ }
+}
diff --git a/src/com/android/settings/security/InstallWifiCertificatePreferenceController.java b/src/com/android/settings/security/InstallWifiCertificatePreferenceController.java
new file mode 100644
index 00000000000..c7df34efd0c
--- /dev/null
+++ b/src/com/android/settings/security/InstallWifiCertificatePreferenceController.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security;
+
+import android.content.Context;
+import android.os.UserManager;
+
+import com.android.settings.core.BasePreferenceController;
+
+public class InstallWifiCertificatePreferenceController extends
+ BasePreferenceController {
+
+ private static final String KEY_INSTALL_WIFI_CERTIFICATE = "install_wifi_certificate";
+
+ public InstallWifiCertificatePreferenceController(Context context) {
+ super(context, UserManager.DISALLOW_CONFIG_CREDENTIALS);
+ }
+
+ @Override
+ public int getAvailabilityStatus() {
+ return AVAILABLE;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return KEY_INSTALL_WIFI_CERTIFICATE;
+ }
+}
diff --git a/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java b/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java
new file mode 100644
index 00000000000..61c39fca933
--- /dev/null
+++ b/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.security;
+
+import static com.android.settings.security.InstallCertificateFromStorage.SEARCH_INDEX_DATA_PROVIDER;
+
+import static com.google.common.truth.Truth.assertThat;
+
+import android.app.admin.DevicePolicyManager;
+import android.app.settings.SettingsEnums;
+import android.content.Context;
+import android.os.UserManager;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+import org.robolectric.RobolectricTestRunner;
+import org.robolectric.RuntimeEnvironment;
+import org.robolectric.shadows.ShadowApplication;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@RunWith(RobolectricTestRunner.class)
+public class InstallCertificateFromStorageTest {
+
+ @Mock
+ private UserManager mUserManager;
+
+ @Mock
+ private DevicePolicyManager mDevicePolicyManager;
+
+ private Context mContext;
+
+ private List mTestKeys;
+
+ @Before
+ public void setUp() {
+ MockitoAnnotations.initMocks(this);
+ ShadowApplication application = ShadowApplication.getInstance();
+ application.setSystemService(Context.DEVICE_POLICY_SERVICE, mDevicePolicyManager);
+ application.setSystemService(Context.USER_SERVICE, mUserManager);
+ mContext = RuntimeEnvironment.application;
+ setUpTestKeys();
+ }
+
+ private void setUpTestKeys() {
+ mTestKeys = new ArrayList<>();
+ mTestKeys.add("install_certificate_from_storage");
+ mTestKeys.add("certificate_types");
+ mTestKeys.add("install_ca_certificate");
+ mTestKeys.add("install_user_certificate");
+ mTestKeys.add("install_wifi_certificate");
+ }
+
+ @Test
+ public void getMetricsCategory_shouldReturnInstallCertificateFromStorage() {
+ InstallCertificateFromStorage fragment = new InstallCertificateFromStorage();
+ assertThat(fragment.getMetricsCategory()).isEqualTo(
+ SettingsEnums.INSTALL_CERTIFICATE_FROM_STORAGE);
+ }
+
+ @Test
+ public void getNonIndexableKeys_existInXmlLayout() {
+ final List nonIndexableKeys =
+ SEARCH_INDEX_DATA_PROVIDER.getNonIndexableKeys(mContext);
+
+ assertThat(nonIndexableKeys).containsAllIn(mTestKeys);
+ }
+
+}
diff --git a/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java b/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
index 79ece904dbb..672d31724d2 100644
--- a/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
+++ b/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
@@ -40,9 +40,12 @@ public class RestrictedEncryptionPreferenceControllerTest {
private Context mContext;
private ShadowUserManager mUserManager;
private CredentialStoragePreferenceController mCredentialStoragePreferenceController;
- private InstallCredentialsPreferenceController mInstallCredentialsPreferenceController;
+ private InstallCertificatePreferenceController mInstallCertificatePreferenceController;
private ResetCredentialsPreferenceController mResetCredentialsPreferenceController;
private UserCredentialsPreferenceController mUserCredentialsPreferenceController;
+ private InstallCaCertificatePreferenceController mInstallCaCertificatePreferenceController;
+ private InstallUserCertificatePreferenceController mInstallUserCertificatePreferenceController;
+ private InstallWifiCertificatePreferenceController mInstallWifiCertificatePreferenceController;
private Lifecycle mLifecycle;
private LifecycleOwner mLifecycleOwner;
@@ -53,21 +56,30 @@ public class RestrictedEncryptionPreferenceControllerTest {
mLifecycle = new Lifecycle(mLifecycleOwner);
mCredentialStoragePreferenceController =
new CredentialStoragePreferenceController(mContext);
- mInstallCredentialsPreferenceController =
- new InstallCredentialsPreferenceController(mContext);
+ mInstallCertificatePreferenceController =
+ new InstallCertificatePreferenceController(mContext);
mResetCredentialsPreferenceController =
new ResetCredentialsPreferenceController(mContext, mLifecycle);
mUserCredentialsPreferenceController =
new UserCredentialsPreferenceController(mContext);
+ mInstallCaCertificatePreferenceController =
+ new InstallCaCertificatePreferenceController(mContext);
+ mInstallUserCertificatePreferenceController =
+ new InstallUserCertificatePreferenceController(mContext);
+ mInstallWifiCertificatePreferenceController =
+ new InstallWifiCertificatePreferenceController(mContext);
mUserManager = ShadowUserManager.getShadow();
}
@Test
public void isAvailable_noRestriction_shouldReturnTrue() {
assertThat(mCredentialStoragePreferenceController.isAvailable()).isTrue();
- assertThat(mInstallCredentialsPreferenceController.isAvailable()).isTrue();
+ assertThat(mInstallCertificatePreferenceController.isAvailable()).isTrue();
assertThat(mResetCredentialsPreferenceController.isAvailable()).isTrue();
assertThat(mUserCredentialsPreferenceController.isAvailable()).isTrue();
+ assertThat(mInstallCaCertificatePreferenceController.isAvailable()).isTrue();
+ assertThat(mInstallUserCertificatePreferenceController.isAvailable()).isTrue();
+ assertThat(mInstallWifiCertificatePreferenceController.isAvailable()).isTrue();
}
@Test
@@ -75,8 +87,11 @@ public class RestrictedEncryptionPreferenceControllerTest {
mUserManager.addBaseUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS);
assertThat(mCredentialStoragePreferenceController.isAvailable()).isFalse();
- assertThat(mInstallCredentialsPreferenceController.isAvailable()).isFalse();
+ assertThat(mInstallCertificatePreferenceController.isAvailable()).isFalse();
assertThat(mResetCredentialsPreferenceController.isAvailable()).isFalse();
assertThat(mUserCredentialsPreferenceController.isAvailable()).isFalse();
+ assertThat(mInstallCaCertificatePreferenceController.isAvailable()).isFalse();
+ assertThat(mInstallUserCertificatePreferenceController.isAvailable()).isFalse();
+ assertThat(mInstallWifiCertificatePreferenceController.isAvailable()).isFalse();
}
}
\ No newline at end of file