DevicePolicyManager: Make installed keys user-selectable by default.
After Change-Id: Ibaba2ddd4f94fced1a2a7bfcfb91189302ec7f3a was merged,
KeyChain, by default, made keys installed in it not user-selectable,
which means users could not choose those keys in the Certificate
Selection prompt.
This is the correct behaviour (secure by default), but means the
DevicePolicyManager has to explicitly set keys as user-selectable
to be compatible with the previous behaviour.
This CL does the following:
* Adding an installKeyPair variant to the DevicePolicyManager to
allow specifying user-selectability of the key.
* Make old installKeyPair variants delegate to the new variant,
with the default of setting installed keys user-selectable.
* Modify the DevicePolicyManager service definition and service to
take the extra user-selectability parameter and set the value
in KeyChain.
Note that the reason the CTS test started failing is not related to
this change but a CTS Verifier test should catch the problem this
CL is solving.
Part of the fix for b/69337278
Bug: 69337278
Test: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement
Change-Id: Ifc240ed4a20a9d00bc6140dfb45bd1140e1f8260
6 files changed