Support installation of the new app source certificate

The new certificate can be installed from Settings ("Install a certificate > App Source certificate"). The installation flow includes a warning with user authorization to proceed, then a prompt for reboot (now or later). Installed certificate can be managed in "User credentials". The name is currently a hash of hex numbers. Upon deletion, there will also be a promot for reboot (now or later). Test: Only see the new setting entry if feature is enabled Test: Install from Settings, see the expected file name in /data/misc/keysetore/user_0. Reboot also works. Test: Able to see the certificate in Settings after installed Test: Able to delete the certificate, which triggers confirmation dialog to reboot. Reboot works. Test: add certificate, see dialog, "not now" / tapping elsewhere does nothing Test: atest RestrictedEncryptionPreferenceControllerTest Bug: 112038744 Change-Id: I7a4494ea0f243730df2212076588074d8774ae23
2019-10-30 15:35:19 -07:00
parent 9f5fc3c6da
commit c8a1960cf4
14 changed files with 373 additions and 15 deletions
--- a/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
+++ b/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
@@ -37,6 +37,9 @@ import org.robolectric.annotation.Config;
@Config(shadows = ShadowUserManager.class)
 public class RestrictedEncryptionPreferenceControllerTest {

+    private static final String APK_VERITY_PROPERTY = "ro.apk_verity.mode";
+    private static final int APK_VERITY_MODE_ENABLED = 2;
+
    private Context mContext;
    private ShadowUserManager mUserManager;
    private CredentialStoragePreferenceController mCredentialStoragePreferenceController;
@@ -46,6 +49,8 @@ public class RestrictedEncryptionPreferenceControllerTest {
    private InstallCaCertificatePreferenceController mInstallCaCertificatePreferenceController;
    private InstallUserCertificatePreferenceController mInstallUserCertificatePreferenceController;
    private InstallWifiCertificatePreferenceController mInstallWifiCertificatePreferenceController;
+    private InstallAppSourceCertificatePreferenceController
+            mInstallAppSourceCertificatePreferenceController;
    private Lifecycle mLifecycle;
    private LifecycleOwner mLifecycleOwner;

@@ -64,6 +69,9 @@ public class RestrictedEncryptionPreferenceControllerTest {
                new UserCredentialsPreferenceController(mContext);
        mInstallCaCertificatePreferenceController =
                new InstallCaCertificatePreferenceController(mContext);
+        mInstallAppSourceCertificatePreferenceController =
+                new InstallAppSourceCertificatePreferenceController(
+                        mContext, "install_app_src_certificate");
        mInstallUserCertificatePreferenceController =
                new InstallUserCertificatePreferenceController(mContext);
        mInstallWifiCertificatePreferenceController =
@@ -80,6 +88,8 @@ public class RestrictedEncryptionPreferenceControllerTest {
        assertThat(mInstallCaCertificatePreferenceController.isAvailable()).isTrue();
        assertThat(mInstallUserCertificatePreferenceController.isAvailable()).isTrue();
        assertThat(mInstallWifiCertificatePreferenceController.isAvailable()).isTrue();
+        assertThat(mInstallAppSourceCertificatePreferenceController.isAvailable())
+                .isEqualTo(InstallAppSourceCertificatePreferenceController.isApkVerityEnabled());
    }

    @Test