From cef970cda441ba9e8087dad078ab2453bc261ec4 Mon Sep 17 00:00:00 2001
From: Victor Hsieh <victorhsieh@google.com>
Date: Fri, 14 Feb 2020 10:23:57 -0800
Subject: [PATCH] Revert "Support installation of the new app source
 certificate"

We decided to punt extra certificate to post-R.

This reverts commit c8a1960cf4aaab46f26dc3f872710a9aa64666d3.

Test: Treehugger
Bug: 112038744
Change-Id: Ic53e58944faebe7aa427975ebd77ce783bdddaf2
---
 AndroidManifest.xml                           |  5 --
 .../app_source_certificate_warning_dialog.xml | 56 -------------
 res/layout/user_credential.xml                |  9 --
 res/values/strings.xml                        | 24 +-----
 res/xml/install_certificate_from_storage.xml  | 14 +---
 src/com/android/settings/RebootDialog.java    | 64 --------------
 .../settings/UserCredentialsSettings.java     | 49 ++---------
 .../settings/security/CredentialStorage.java  | 17 +---
 ...SourceCertificatePreferenceController.java | 48 -----------
 .../InstallAppSourceCertificateWarning.java   | 83 -------------------
 .../InstallCertificateFromStorage.java        |  1 -
 .../InstallCertificateFromStorageTest.java    |  1 -
 ...tedEncryptionPreferenceControllerTest.java | 10 ---
 13 files changed, 10 insertions(+), 371 deletions(-)
 delete mode 100644 res/layout/app_source_certificate_warning_dialog.xml
 delete mode 100644 src/com/android/settings/RebootDialog.java
 delete mode 100644 src/com/android/settings/security/InstallAppSourceCertificatePreferenceController.java
 delete mode 100644 src/com/android/settings/security/InstallAppSourceCertificateWarning.java

diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 91bf93ac658..3bb846a4a91 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -1348,11 +1348,6 @@
                   android:exported="false">
         </activity>
 
-        <activity android:name=".security.InstallAppSourceCertificateWarning"
-                  android:theme="@style/GlifV3Theme.Light"
-                  android:exported="false">
-        </activity>
-
         <activity
             android:name="Settings$DeviceAdminSettingsActivity"
             android:label="@string/device_admin_settings_title">
diff --git a/res/layout/app_source_certificate_warning_dialog.xml b/res/layout/app_source_certificate_warning_dialog.xml
deleted file mode 100644
index f0902c7ccf5..00000000000
--- a/res/layout/app_source_certificate_warning_dialog.xml
+++ /dev/null
@@ -1,56 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!--
-  ~ Copyright (C) 2019 The Android Open Source Project
-  ~
-  ~ Licensed under the Apache License, Version 2.0 (the "License");
-  ~ you may not use this file except in compliance with the License.
-  ~ You may obtain a copy of the License at
-  ~
-  ~      http://www.apache.org/licenses/LICENSE-2.0
-  ~
-  ~ Unless required by applicable law or agreed to in writing, software
-  ~ distributed under the License is distributed on an "AS IS" BASIS,
-  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  ~ See the License for the specific language governing permissions and
-  ~ limitations under the License.
-  -->
-<com.google.android.setupdesign.GlifLayout
-    xmlns:android="http://schemas.android.com/apk/res/android"
-    android:id="@+id/setup_wizard_layout"
-    android:layout_width="match_parent"
-    android:layout_height="match_parent">
-
-    <LinearLayout
-        style="@style/SudContentFrame"
-        android:layout_width="match_parent"
-        android:layout_height="wrap_content"
-        android:orientation="vertical"
-        android:gravity="center_horizontal">
-
-        <ImageView
-            android:id="@+id/sud_layout_icon"
-            style="@style/SudGlifIcon"
-            android:layout_width="wrap_content"
-            android:layout_height="wrap_content"
-            android:gravity="center"
-            android:src="@drawable/ic_warning_googred_48dp"/>
-
-        <TextView
-            android:id="@+id/sud_layout_title"
-            style="@style/SudGlifHeaderTitle"
-            android:layout_width="match_parent"
-            android:layout_height="wrap_content"
-            android:gravity="center"
-            android:text="@string/app_src_certificate_warning_title"/>
-
-        <TextView
-            android:id="@+id/sud_layout_description"
-            style="@style/SudDescription.Glif"
-            android:layout_marginTop="16dp"
-            android:layout_width="match_parent"
-            android:layout_height="wrap_content"
-            android:text="@string/app_src_certificate_warning_description"/>
-
-    </LinearLayout>
-
-</com.google.android.setupdesign.GlifLayout>
diff --git a/res/layout/user_credential.xml b/res/layout/user_credential.xml
index 0ea46f23f4f..f441bdac825 100644
--- a/res/layout/user_credential.xml
+++ b/res/layout/user_credential.xml
@@ -73,14 +73,5 @@
             android:textAppearance="?android:attr/textAppearanceSmall"
             android:textColor="?android:attr/textColorTertiary"
             android:paddingStart="?android:attr/listPreferredItemPaddingStart"/>
-
-        <TextView
-            android:id="@+id/contents_appsrccrt"
-            android:text="@string/one_appsrccrt"
-            android:layout_width="wrap_content"
-            android:layout_height="wrap_content"
-            android:textAppearance="?android:attr/textAppearanceSmall"
-            android:textColor="?android:attr/textColorTertiary"
-            android:paddingStart="?android:attr/listPreferredItemPaddingStart"/>
     </LinearLayout>
 </LinearLayout>
diff --git a/res/values/strings.xml b/res/values/strings.xml
index ac77cc5fb1d..0590bcbf3be 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -6086,8 +6086,6 @@
     <string name="credential_for_vpn_and_apps">Installed for VPN and apps</string>
     <!-- Sub-heading for a user credential installed to be used as part of a Wi-Fi configuration. [CHAR LIMIT=NONE]. -->
     <string name="credential_for_wifi">Installed for Wi-Fi</string>
-    <!-- Sub-heading for a user credential installed to be used by kernel for fs-verity verification [CHAR LIMIT=NONE]. -->
-    <string name="credential_for_fsverity">Installed for app install source verification</string>
     <!-- Description of dialog to reset credential storage [CHAR LIMIT=NONE] -->
     <string name="credentials_reset_hint">Remove all the contents?</string>
     <!-- Toast message [CHAR LIMIT=30] -->
@@ -6102,8 +6100,6 @@
     <string name="user_certificate">VPN &amp; app user certificate</string>
     <!-- Title of Wi-Fi certificate [CHAR LIMIT=30] -->
     <string name="wifi_certificate">Wi\u2011Fi certificate</string>
-    <!-- Title of App Source certificate [CHAR LIMIT=40] -->
-    <string name="app_src_certificate">App Source certificate</string>
     <!-- Title of warning shown to the user before they can install a CA certificate [CHAR LIMIT=NONE] -->
     <string name="ca_certificate_warning_title">Your privacy is at risk</string>
     <!-- Description of warning shown to the user before they can install a CA certificate [CHAR LIMIT=NONE] -->
@@ -6112,10 +6108,6 @@
     <string name="certificate_warning_dont_install">Don\u2019t install</string>
     <!-- Label for button to continue installing a certificate [CHAR_LIMIT=50] -->
     <string name="certificate_warning_install_anyway">Install anyways</string>
-    <!-- Title of warning shown to the user before they can install an App Source certificate [CHAR LIMIT=60] -->
-    <string name="app_src_certificate_warning_title">Install this certificate at your own risk</string>
-    <!-- Description of warning shown to the user before they can install an App Source certificate [CHAR LIMIT=NONE] -->
-    <string name="app_src_certificate_warning_description">App source certificates verify that apps are safe for your device. Only install certificates from organizations you trust.</string>
     <!-- Toast message that a certificate was not installed -->
     <string name="cert_not_installed">Certificate not installed</string>
 
@@ -6747,28 +6739,14 @@
     <string name="one_usercrt">one user certificate</string>
     <!-- Item found in the PKCS12 keystore being investigated [CHAR LIMIT=NONE] -->
     <string name="one_cacrt">one CA certificate</string>
-    <!-- Item found in the PKCS12 keystore being investigated [CHAR LIMIT=NONE]-->
+    <!-- Item found in thee PKCS12 keystore being investigated [CHAR LIMIT=NONE]-->
     <string name="n_cacrts">%d CA certificates</string>
-    <!-- Item found in the PKCS12 keystore being investigated [CHAR LIMIT=NONE] -->
-    <string name="one_appsrccrt">one App Source certificate</string>
     <!-- Alert dialog when viewing a set of user credentials. -->
     <string name="user_credential_title">Credential details</string>
     <!-- Announcement to confirm a user credential being removed. [CHAR LIMIT=NONE] -->
     <string name="user_credential_removed">Removed credential: <xliff:g id="credential_name" example="signing key">%s</xliff:g></string>
     <!-- Placeholder for the list of installed user credentials (private keys) when the list is empty. [CHAR LIMIT=120] -->
     <string name="user_credential_none_installed">No user credentials installed</string>
-    <!-- Title of alert dialog after an app source certificate is installed. [CHAR LIMIT=50] -->
-    <string name="app_src_cert_reboot_dialog_install_title">Restart to use certificate</string>
-    <!-- Message of alert dialog after an app source certificate is installed. [CHAR LIMIT=NONE] -->
-    <string name="app_src_cert_reboot_dialog_install_message">To use this app source certificate, you need to restart your device</string>
-    <!-- Title of alert dialog after an app source certificate is deleted. [CHAR LIMIT=55] -->
-    <string name="app_src_cert_reboot_dialog_uninstall_title">Restart to finish uninstalling</string>
-    <!-- Message of alert dialog after an app source certificate is deleted. [CHAR LIMIT=NONE] -->
-    <string name="app_src_cert_reboot_dialog_uninstall_message">To uninstall this app source certificate, you need to restart your device</string>
-    <!-- Button to restart the device. [CHAR LIMIT=25] -->
-    <string name="app_src_cert_reboot_dialog_button_restart">Restart</string>
-    <!-- Button to skip restarting the device. [CHAR LIMIT=25] -->
-    <string name="app_src_cert_reboot_dialog_button_not_now">Not now</string>
 
     <!--  Title for spell checker settings -->
     <string name="spellcheckers_settings_title">Spell checker</string>
diff --git a/res/xml/install_certificate_from_storage.xml b/res/xml/install_certificate_from_storage.xml
index 8227ead4c50..f7e35af0d8b 100644
--- a/res/xml/install_certificate_from_storage.xml
+++ b/res/xml/install_certificate_from_storage.xml
@@ -61,18 +61,6 @@
 
         </Preference>
 
-        <Preference
-            android:key="install_app_src_certificate"
-            android:title="@string/app_src_certificate"
-            settings:controller="com.android.settings.security.InstallAppSourceCertificatePreferenceController">
-
-            <intent
-                android:targetPackage="com.android.settings"
-                android:targetClass="com.android.settings.security.InstallAppSourceCertificateWarning">
-            </intent>
-
-        </Preference>
-
     </PreferenceCategory>
 
-</PreferenceScreen>
+</PreferenceScreen>
\ No newline at end of file
diff --git a/src/com/android/settings/RebootDialog.java b/src/com/android/settings/RebootDialog.java
deleted file mode 100644
index 700d140065c..00000000000
--- a/src/com/android/settings/RebootDialog.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.settings;
-
-import android.annotation.StringRes;
-import android.app.Activity;
-import android.content.Context;
-import android.content.DialogInterface;
-import android.os.PowerManager;
-
-import androidx.appcompat.app.AlertDialog;
-
-/** Dialog to confirm a reboot immediately, or later. */
-public class RebootDialog implements DialogInterface.OnClickListener,
-        DialogInterface.OnDismissListener {
-    private final Activity mActivity;
-    private final AlertDialog mDialog;
-    private final String mRebootReason;
-
-    public RebootDialog(Activity activity, @StringRes int titleRes, @StringRes int messageRes,
-            String rebootReason) {
-        mActivity = activity;
-        mDialog = new AlertDialog.Builder(activity)
-                .setTitle(titleRes)
-                .setMessage(messageRes)
-                .setPositiveButton(R.string.app_src_cert_reboot_dialog_button_restart, this)
-                .setNegativeButton(R.string.app_src_cert_reboot_dialog_button_not_now, null)
-                .setOnDismissListener(this)
-                .create();
-        mRebootReason = rebootReason;
-    }
-
-    /** Shows the dialog. */
-    public void show() {
-        mDialog.show();
-    }
-
-    @Override
-    public void onClick(DialogInterface dialog, int button) {
-        if (button == DialogInterface.BUTTON_POSITIVE) {
-            PowerManager pm = (PowerManager) mActivity.getSystemService(Context.POWER_SERVICE);
-            pm.reboot(mRebootReason);
-        }
-    }
-
-    @Override
-    public void onDismiss(DialogInterface dialog) {
-        mActivity.finish();
-    }
-}
diff --git a/src/com/android/settings/UserCredentialsSettings.java b/src/com/android/settings/UserCredentialsSettings.java
index 4983a36ee1d..d322819ba98 100644
--- a/src/com/android/settings/UserCredentialsSettings.java
+++ b/src/com/android/settings/UserCredentialsSettings.java
@@ -193,8 +193,6 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
                 for (final Credential credential : credentials) {
                     if (credential.isSystem()) {
                         removeGrantsAndDelete(credential);
-                    } else if (credential.isFsverity()) {
-                        deleteAppSourceCredential(credential);
                     } else {
                         deleteWifiCredential(credential);
                     }
@@ -221,16 +219,6 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
                 }
             }
 
-            private void deleteAppSourceCredential(final Credential credential) {
-                final KeyStore keyStore = KeyStore.getInstance();
-                final EnumSet<Credential.Type> storedTypes = credential.getStoredTypes();
-
-                if (storedTypes.contains(Credential.Type.APP_SOURCE_CERTIFICATE)) {
-                    keyStore.delete(Credentials.APP_SOURCE_CERTIFICATE + credential.getAlias(),
-                            Process.FSVERITY_CERT_UID);
-                }
-            }
-
             private void removeGrantsAndDelete(final Credential credential) {
                 final KeyChainConnection conn;
                 try {
@@ -254,21 +242,10 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
             protected void onPostExecute(Credential... credentials) {
                 if (targetFragment instanceof UserCredentialsSettings && targetFragment.isAdded()) {
                     final UserCredentialsSettings target = (UserCredentialsSettings) targetFragment;
-                    boolean includeFsverity = false;
                     for (final Credential credential : credentials) {
                         target.announceRemoval(credential.alias);
-                        if (credential.isFsverity()) {
-                            includeFsverity = true;
-                        }
                     }
                     target.refreshItems();
-                    if (includeFsverity) {
-                        new RebootDialog(
-                                getActivity(),
-                                R.string.app_src_cert_reboot_dialog_uninstall_title,
-                                R.string.app_src_cert_reboot_dialog_uninstall_message,
-                                "Reboot to make new fsverity cert effective").show();
-                    }
                 }
             }
         }
@@ -295,12 +272,10 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
             final int myUserId = UserHandle.myUserId();
             final int systemUid = UserHandle.getUid(myUserId, Process.SYSTEM_UID);
             final int wifiUid = UserHandle.getUid(myUserId, Process.WIFI_UID);
-            final int fsverityUid = UserHandle.getUid(myUserId, Process.FSVERITY_CERT_UID);
 
             List<Credential> credentials = new ArrayList<>();
             credentials.addAll(getCredentialsForUid(keyStore, systemUid).values());
             credentials.addAll(getCredentialsForUid(keyStore, wifiUid).values());
-            credentials.addAll(getCredentialsForUid(keyStore, fsverityUid).values());
             return credentials;
         }
 
@@ -427,7 +402,6 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
         credentialViewTypes.put(R.id.contents_userkey, Credential.Type.USER_KEY);
         credentialViewTypes.put(R.id.contents_usercrt, Credential.Type.USER_CERTIFICATE);
         credentialViewTypes.put(R.id.contents_cacrt, Credential.Type.CA_CERTIFICATE);
-        credentialViewTypes.put(R.id.contents_appsrccrt, Credential.Type.APP_SOURCE_CERTIFICATE);
     }
 
     protected static View getCredentialView(Credential item, @LayoutRes int layoutResource,
@@ -437,15 +411,9 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
         }
 
         ((TextView) view.findViewById(R.id.alias)).setText(item.alias);
-        int purpose;
-        if (item.isSystem()) {
-            purpose = R.string.credential_for_vpn_and_apps;
-        } else if (item.isFsverity()) {
-            purpose = R.string.credential_for_fsverity;
-        } else {
-            purpose = R.string.credential_for_wifi;
-        }
-        ((TextView) view.findViewById(R.id.purpose)).setText(purpose);
+        ((TextView) view.findViewById(R.id.purpose)).setText(item.isSystem()
+                ? R.string.credential_for_vpn_and_apps
+                : R.string.credential_for_wifi);
 
         view.findViewById(R.id.contents).setVisibility(expanded ? View.VISIBLE : View.GONE);
         if (expanded) {
@@ -467,8 +435,7 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
         static enum Type {
             CA_CERTIFICATE (Credentials.CA_CERTIFICATE),
             USER_CERTIFICATE (Credentials.USER_CERTIFICATE),
-            USER_KEY(Credentials.USER_PRIVATE_KEY, Credentials.USER_SECRET_KEY),
-            APP_SOURCE_CERTIFICATE(Credentials.APP_SOURCE_CERTIFICATE);
+            USER_KEY(Credentials.USER_PRIVATE_KEY, Credentials.USER_SECRET_KEY);
 
             final String[] prefix;
 
@@ -485,8 +452,7 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
 
         /**
          * UID under which this credential is stored. Typically {@link Process#SYSTEM_UID} but can
-         * also be {@link Process#WIFI_UID} for credentials installed as wifi certificates, or
-         * {@link Process#FSVERITY_CERT_UID} for app source certificates.
+         * also be {@link Process#WIFI_UID} for credentials installed as wifi certificates.
          */
         final int uid;
 
@@ -496,7 +462,6 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
          *   <li>{@link Credentials.CA_CERTIFICATE}</li>
          *   <li>{@link Credentials.USER_CERTIFICATE}</li>
          *   <li>{@link Credentials.USER_KEY}</li>
-         *   <li>{@link Credentials.APP_SOURCE_CERTIFICATE}</li>
          * </ul>
          */
         final EnumSet<Type> storedTypes = EnumSet.noneOf(Type.class);
@@ -547,10 +512,6 @@ public class UserCredentialsSettings extends SettingsPreferenceFragment
             return UserHandle.getAppId(uid) == Process.SYSTEM_UID;
         }
 
-        public boolean isFsverity() {
-            return UserHandle.getAppId(uid) == Process.FSVERITY_CERT_UID;
-        }
-
         public String getAlias() { return alias; }
 
         public EnumSet<Type> getStoredTypes() {
diff --git a/src/com/android/settings/security/CredentialStorage.java b/src/com/android/settings/security/CredentialStorage.java
index 28d4f63bde1..5e647230852 100644
--- a/src/com/android/settings/security/CredentialStorage.java
+++ b/src/com/android/settings/security/CredentialStorage.java
@@ -44,7 +44,6 @@ import androidx.fragment.app.FragmentActivity;
 
 import com.android.internal.widget.LockPatternUtils;
 import com.android.settings.R;
-import com.android.settings.RebootDialog;
 import com.android.settings.password.ChooseLockSettingsHelper;
 import com.android.settings.vpn2.VpnUtils;
 
@@ -131,10 +130,10 @@ public final class CredentialStorage extends FragmentActivity {
         if (uid != KeyStore.UID_SELF && !UserHandle.isSameUser(uid, Process.myUid())) {
             final int dstUserId = UserHandle.getUserId(uid);
 
-            // Restrict install target to the known uid.
-            if (uid != Process.WIFI_UID && uid != Process.FSVERITY_CERT_UID) {
+            // Restrict install target to the wifi uid.
+            if (uid != Process.WIFI_UID) {
                 Log.e(TAG, "Failed to install credentials as uid " + uid + ": cross-user installs"
-                        + " may only target known uids");
+                        + " may only target wifi uids");
                 return true;
             }
 
@@ -310,16 +309,6 @@ public final class CredentialStorage extends FragmentActivity {
         Log.i(TAG, String.format("Successfully installed alias %s to uid %d.",
                 alias, uid));
 
-        if (uid == Process.FSVERITY_CERT_UID) {
-            new RebootDialog(
-                    this,
-                    R.string.app_src_cert_reboot_dialog_install_title,
-                    R.string.app_src_cert_reboot_dialog_install_message,
-                    "Reboot to make new fsverity cert effective").show();
-            setResult(RESULT_OK);
-            return;
-        }
-
         // Send the broadcast.
         final Intent broadcast = new Intent(KeyChain.ACTION_KEYCHAIN_CHANGED);
         sendBroadcast(broadcast);
diff --git a/src/com/android/settings/security/InstallAppSourceCertificatePreferenceController.java b/src/com/android/settings/security/InstallAppSourceCertificatePreferenceController.java
deleted file mode 100644
index 1b80ce71009..00000000000
--- a/src/com/android/settings/security/InstallAppSourceCertificatePreferenceController.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.settings.security;
-
-import android.content.Context;
-import android.os.SystemProperties;
-
-import com.android.internal.annotations.VisibleForTesting;
-import com.android.settings.core.BasePreferenceController;
-
-/**
- *  This controller decides the verification result of the installed app.
- */
-public class InstallAppSourceCertificatePreferenceController extends
-        BasePreferenceController {
-
-    private static final String APK_VERITY_PROPERTY = "ro.apk_verity.mode";
-    private static final int APK_VERITY_MODE_ENABLED = 2;
-
-    public InstallAppSourceCertificatePreferenceController(Context context, String key) {
-        super(context, key);
-    }
-
-    @Override
-    public int getAvailabilityStatus() {
-        return isApkVerityEnabled() ? AVAILABLE : UNSUPPORTED_ON_DEVICE;
-    }
-
-    @VisibleForTesting
-    static boolean isApkVerityEnabled() {
-        // TODO(victorhsieh): replace this with a new API in PackageManager once it is landed.
-        return SystemProperties.getInt(APK_VERITY_PROPERTY, 0) == APK_VERITY_MODE_ENABLED;
-    }
-}
diff --git a/src/com/android/settings/security/InstallAppSourceCertificateWarning.java b/src/com/android/settings/security/InstallAppSourceCertificateWarning.java
deleted file mode 100644
index 9ea1b0ea2a4..00000000000
--- a/src/com/android/settings/security/InstallAppSourceCertificateWarning.java
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.settings.security;
-
-import android.annotation.Nullable;
-import android.app.Activity;
-import android.content.Intent;
-import android.os.Bundle;
-import android.security.Credentials;
-import android.view.View;
-import android.widget.Toast;
-
-import com.android.settings.R;
-
-import com.google.android.setupcompat.template.FooterBarMixin;
-import com.google.android.setupcompat.template.FooterButton;
-import com.google.android.setupdesign.GlifLayout;
-
-/**
- * Creates a warning dialog explaining the consequences of installing a certificate
- * This is displayed before an app source certificate can be installed from Settings.
- */
-public class InstallAppSourceCertificateWarning extends Activity {
-    @Override
-    public void onCreate(@Nullable Bundle savedInstanceState) {
-        super.onCreate(savedInstanceState);
-
-        setContentView(R.layout.app_source_certificate_warning_dialog);
-        final GlifLayout layout = findViewById(R.id.setup_wizard_layout);
-
-        final FooterBarMixin mixin = layout.getMixin(FooterBarMixin.class);
-        mixin.setSecondaryButton(
-                new FooterButton.Builder(this)
-                        .setText(R.string.certificate_warning_install_anyway)
-                        .setListener(installCertificate())
-                        .setButtonType(FooterButton.ButtonType.OTHER)
-                        .setTheme(R.style.SudGlifButton_Secondary)
-                        .build()
-        );
-
-        mixin.setPrimaryButton(
-                new FooterButton.Builder(this)
-                        .setText(R.string.certificate_warning_dont_install)
-                        .setListener(returnToInstallCertificateFromStorage())
-                        .setButtonType(FooterButton.ButtonType.NEXT)
-                        .setTheme(R.style.SudGlifButton_Primary)
-                        .build()
-        );
-    }
-
-    private View.OnClickListener installCertificate() {
-        return v -> {
-            final Intent intent = new Intent();
-            intent.setAction(Credentials.INSTALL_ACTION);
-            intent.putExtra(Credentials.EXTRA_CERTIFICATE_USAGE,
-                    Credentials.CERTIFICATE_USAGE_APP_SOURCE);
-            startActivity(intent);
-            finish();
-        };
-    }
-
-    private View.OnClickListener returnToInstallCertificateFromStorage() {
-        return v -> {
-            Toast.makeText(this, R.string.cert_not_installed, Toast.LENGTH_SHORT).show();
-            finish();
-        };
-    }
-
-}
diff --git a/src/com/android/settings/security/InstallCertificateFromStorage.java b/src/com/android/settings/security/InstallCertificateFromStorage.java
index c5a93f076e7..3810531815a 100644
--- a/src/com/android/settings/security/InstallCertificateFromStorage.java
+++ b/src/com/android/settings/security/InstallCertificateFromStorage.java
@@ -60,7 +60,6 @@ public class InstallCertificateFromStorage extends DashboardFragment {
 
     private static List<AbstractPreferenceController> buildPreferenceControllers(Context context,
             Lifecycle lifecycle) {
-        // TODO(eranm,victorhsieh): use "settings:controller" in xml and remove the following.
         final List<AbstractPreferenceController> controllers = new ArrayList<>();
         controllers.add(new InstallCaCertificatePreferenceController(context));
         controllers.add(new InstallUserCertificatePreferenceController(context));
diff --git a/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java b/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java
index 8484ebf3656..2adad008886 100644
--- a/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java
+++ b/tests/robotests/src/com/android/settings/security/InstallCertificateFromStorageTest.java
@@ -66,7 +66,6 @@ public class InstallCertificateFromStorageTest {
         mTestKeys.add("install_ca_certificate");
         mTestKeys.add("install_user_certificate");
         mTestKeys.add("install_wifi_certificate");
-        mTestKeys.add("install_app_src_certificate");
     }
 
     @Test
diff --git a/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java b/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
index 7d3b1176fbb..78ad5e57510 100644
--- a/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
+++ b/tests/robotests/src/com/android/settings/security/RestrictedEncryptionPreferenceControllerTest.java
@@ -37,9 +37,6 @@ import org.robolectric.annotation.Config;
 @Config(shadows = ShadowUserManager.class)
 public class RestrictedEncryptionPreferenceControllerTest {
 
-    private static final String APK_VERITY_PROPERTY = "ro.apk_verity.mode";
-    private static final int APK_VERITY_MODE_ENABLED = 2;
-
     private Context mContext;
     private ShadowUserManager mUserManager;
     private CredentialStoragePreferenceController mCredentialStoragePreferenceController;
@@ -49,8 +46,6 @@ public class RestrictedEncryptionPreferenceControllerTest {
     private InstallCaCertificatePreferenceController mInstallCaCertificatePreferenceController;
     private InstallUserCertificatePreferenceController mInstallUserCertificatePreferenceController;
     private InstallWifiCertificatePreferenceController mInstallWifiCertificatePreferenceController;
-    private InstallAppSourceCertificatePreferenceController
-            mInstallAppSourceCertificatePreferenceController;
     private Lifecycle mLifecycle;
     private LifecycleOwner mLifecycleOwner;
 
@@ -69,9 +64,6 @@ public class RestrictedEncryptionPreferenceControllerTest {
                 new UserCredentialsPreferenceController(mContext);
         mInstallCaCertificatePreferenceController =
                 new InstallCaCertificatePreferenceController(mContext);
-        mInstallAppSourceCertificatePreferenceController =
-                new InstallAppSourceCertificatePreferenceController(
-                        mContext, "install_app_src_certificate");
         mInstallUserCertificatePreferenceController =
                 new InstallUserCertificatePreferenceController(mContext);
         mInstallWifiCertificatePreferenceController =
@@ -88,8 +80,6 @@ public class RestrictedEncryptionPreferenceControllerTest {
         assertThat(mInstallCaCertificatePreferenceController.isAvailable()).isTrue();
         assertThat(mInstallUserCertificatePreferenceController.isAvailable()).isTrue();
         assertThat(mInstallWifiCertificatePreferenceController.isAvailable()).isTrue();
-        assertThat(mInstallAppSourceCertificatePreferenceController.isAvailable())
-                .isEqualTo(InstallAppSourceCertificatePreferenceController.isApkVerityEnabled());
     }
 
     @Test