diff --git a/src/com/android/settings/UserCredentialsSettings.java b/src/com/android/settings/UserCredentialsSettings.java index 495065023e4..210543ff07f 100644 --- a/src/com/android/settings/UserCredentialsSettings.java +++ b/src/com/android/settings/UserCredentialsSettings.java @@ -291,23 +291,23 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment // Certificates can be installed into SYSTEM_UID or WIFI_UID through CertInstaller. final int myUserId = UserHandle.myUserId(); final int systemUid = UserHandle.getUid(myUserId, Process.SYSTEM_UID); - final int wifiUid = UserHandle.getUid(myUserId, Process.WIFI_UID); - try { KeyStore processKeystore = KeyStore.getInstance(KEYSTORE_PROVIDER); processKeystore.load(null); KeyStore wifiKeystore = null; - if (myUserId == 0) { - wifiKeystore = KeyStore.getInstance(KEYSTORE_PROVIDER); - wifiKeystore.load(new AndroidKeyStoreLoadStoreParameter( - KeyProperties.NAMESPACE_WIFI)); - } List credentials = new ArrayList<>(); credentials.addAll(getCredentialsForUid(processKeystore, systemUid).values()); - if (wifiKeystore != null) { - credentials.addAll(getCredentialsForUid(wifiKeystore, wifiUid).values()); + + UserManager userManager = getContext().getSystemService(UserManager.class); + if (userManager.isAdminUser()) { + wifiKeystore = KeyStore.getInstance(KEYSTORE_PROVIDER); + wifiKeystore.load( + new AndroidKeyStoreLoadStoreParameter(KeyProperties.NAMESPACE_WIFI)); + credentials.addAll( + getCredentialsForUid(wifiKeystore, Process.WIFI_UID).values()); } + return credentials; } catch (Exception e) { throw new RuntimeException("Failed to load credentials from Keystore.", e); diff --git a/src/com/android/settings/security/CredentialStorage.java b/src/com/android/settings/security/CredentialStorage.java index b62aeae9382..b1c65a7c3c0 100644 --- a/src/com/android/settings/security/CredentialStorage.java +++ b/src/com/android/settings/security/CredentialStorage.java @@ -128,22 +128,12 @@ public final class CredentialStorage extends FragmentActivity { final int uid = bundle.getInt(Credentials.EXTRA_INSTALL_AS_UID, KeyProperties.UID_SELF); - if (uid != KeyProperties.UID_SELF && !UserHandle.isSameUser(uid, Process.myUid())) { - final int dstUserId = UserHandle.getUserId(uid); - - // Restrict install target to the wifi uid. - if (uid != Process.WIFI_UID) { + if (uid != KeyProperties.UID_SELF && uid != Process.WIFI_UID) { + if (!UserHandle.isSameUser(uid, Process.myUid())) { Log.e(TAG, "Failed to install credentials as uid " + uid + ": cross-user installs" + " may only target wifi uids"); return true; } - - final Intent installIntent = new Intent(ACTION_INSTALL) - .setPackage(getPackageName()) - .setFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT) - .putExtras(bundle); - startActivityAsUser(installIntent, new UserHandle(dstUserId)); - return true; } String alias = bundle.getString(Credentials.EXTRA_USER_KEY_ALIAS, null);