Keystore 2.0: Update Wifi settings to use mostly public keystore API.

Test: N/A Bug: 171305607 Bug: 171305388 Merged-In: Ib794c5f2d904c2b187d7d5fd00b81afc852d0052 Change-Id: Ib794c5f2d904c2b187d7d5fd00b81afc852d0052
2021-01-25 14:56:47 -08:00
parent 6b94f5ac81
commit e92bcb3287
5 changed files with 167 additions and 89 deletions
--- a/src/com/android/settings/wifi/WifiConfigController2.java
+++ b/src/com/android/settings/wifi/WifiConfigController2.java
@@ -33,8 +33,7 @@ import android.net.wifi.WifiEnterpriseConfig.Phase2;
 import android.net.wifi.WifiManager;
 import android.os.IBinder;
 import android.os.UserManager;
-import android.security.Credentials;
-import android.security.KeyStore;
+import android.security.keystore.KeyProperties;
 import android.telephony.SubscriptionInfo;
 import android.telephony.SubscriptionManager;
 import android.text.Editable;
@@ -71,6 +70,7 @@ import com.android.net.module.util.NetUtils;
 import com.android.net.module.util.ProxyUtils;
 import com.android.settings.ProxySelector;
 import com.android.settings.R;
+import com.android.settings.utils.AndroidKeystoreAliasLoader;
 import com.android.settings.wifi.details.WifiPrivacyPreferenceController;
 import com.android.settings.wifi.details2.WifiPrivacyPreferenceController2;
 import com.android.settings.wifi.dpp.WifiDppUtils;
@@ -83,7 +83,7 @@ import com.android.wifitrackerlib.WifiEntry.ConnectedInfo;
 import java.net.Inet4Address;
 import java.net.InetAddress;
 import java.util.ArrayList;
-import java.util.Arrays;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
@@ -1034,15 +1034,17 @@ public class WifiConfigController2 implements TextWatcher,
        if (refreshCertificates) {
            loadSims();

+            final AndroidKeystoreAliasLoader androidKeystoreAliasLoader =
+                    getAndroidKeystoreAliasLoader();
            loadCertificates(
                    mEapCaCertSpinner,
-                    Credentials.CA_CERTIFICATE,
+                    androidKeystoreAliasLoader.getCaCertAliases(),
                    null /* noCertificateString */,
                    false /* showMultipleCerts */,
                    true /* showUsePreinstalledCertOption */);
            loadCertificates(
                    mEapUserCertSpinner,
-                    Credentials.USER_PRIVATE_KEY,
+                    androidKeystoreAliasLoader.getKeyCertAliases(),
                    mDoNotProvideEapUserCertString,
                    false /* showMultipleCerts */,
                    false /* showUsePreinstalledCertOption */);
@@ -1127,9 +1129,11 @@ public class WifiConfigController2 implements TextWatcher,
                    setSelection(mEapCaCertSpinner, caCerts[0]);
                } else {
                    // Reload the cert spinner with an extra "multiple certificates added" item.
+                    final AndroidKeystoreAliasLoader androidKeystoreAliasLoader =
+                            getAndroidKeystoreAliasLoader();
                    loadCertificates(
                            mEapCaCertSpinner,
-                            Credentials.CA_CERTIFICATE,
+                            androidKeystoreAliasLoader.getCaCertAliases(),
                            null /* noCertificateString */,
                            true /* showMultipleCerts */,
                            true /* showUsePreinstalledCertOption */);
@@ -1448,8 +1452,8 @@ public class WifiConfigController2 implements TextWatcher,
    }

    @VisibleForTesting
-    KeyStore getKeyStore() {
-        return KeyStore.getInstance();
+    AndroidKeystoreAliasLoader getAndroidKeystoreAliasLoader() {
+        return new AndroidKeystoreAliasLoader(KeyProperties.NAMESPACE_WIFI);
    }

    @VisibleForTesting
@@ -1493,7 +1497,7 @@ public class WifiConfigController2 implements TextWatcher,
    @VisibleForTesting
    void loadCertificates(
            Spinner spinner,
-            String prefix,
+            Collection<String> choices,
            String noCertificateString,
            boolean showMultipleCerts,
            boolean showUsePreinstalledCertOption) {
@@ -1508,14 +1512,8 @@ public class WifiConfigController2 implements TextWatcher,
            certs.add(mUseSystemCertsString);
        }

-        String[] certificateNames = null;
-        try {
-            certificateNames = getKeyStore().list(prefix, android.os.Process.WIFI_UID);
-        } catch (Exception e) {
-            Log.e(TAG, "can't get the certificate list from KeyStore");
-        }
-        if (certificateNames != null && certificateNames.length != 0) {
-            certs.addAll(Arrays.stream(certificateNames)
+        if (choices != null && choices.size() != 0) {
+            certs.addAll(choices.stream()
                    .filter(certificateName -> {
                        for (String undesired : UNDESIRED_CERTIFICATES) {
                            if (certificateName.startsWith(undesired)) {