Add methods for managing CAs to DevicePolicyManager(Service) Guard install/uninstall by enforcing that the caller have the new system-only permission MANAGE_CA_CERTIFICATES. Also include API methods for asking whether there are any User CA certs installed, or if one by a particular name is installed in the keystore. CA certs will be installed via KeyChain into the TrustedCertificateStore. Bug: 8232670 Change-Id: I17b47a452e72eb4fe556dc6db823a46c6e854be8

commit: da51e68e582ffa017543982297c831680d201a91 [log] [tgz]
author: Maggie Benthall <mbenthall@google.com> Thu Aug 08 22:35:44 2013 -0400
committer: Maggie Benthall <mbenthall@google.com> Tue Aug 20 14:30:36 2013 -0400
tree: 569121a5f1c7d504a6f499f6249de09e016b7d8e
parent: 0a94b9ce277ef2ec79902e3c576a50ab438dca97 [diff] [blame]
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 1363e3c..12e33d5 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml

@@ -1617,6 +1617,14 @@
         android:label="@string/permlab_anyCodecForPlayback"
         android:description="@string/permdesc_anyCodecForPlayback" />
 
+    <!-- Allows an application to install and/or uninstall CA certificates on
+         behalf of the user.
+         @hide -->
+    <permission android:name="android.permission.MANAGE_CA_CERTIFICATES"
+        android:protectionLevel="signature|system"
+        android:label="@string/permlab_manageCaCertificates"
+        android:description="@string/permdesc_manageCaCertificates" />
+
     <!-- ========================================= -->
     <!-- Permissions for special development tools -->
     <!-- ========================================= -->
commit	da51e68e582ffa017543982297c831680d201a91	[log] [tgz]
author	Maggie Benthall <mbenthall@google.com>	Thu Aug 08 22:35:44 2013 -0400
committer	Maggie Benthall <mbenthall@google.com>	Tue Aug 20 14:30:36 2013 -0400
tree	569121a5f1c7d504a6f499f6249de09e016b7d8e
parent	0a94b9ce277ef2ec79902e3c576a50ab438dca97 [diff] [blame]