Have KCS.installCaCertificate() return the cert's alias
This CL adds a return value to KeyChainService.installCaCertificate()
that allows the caller (DevicePolicyManagerService in this case) to
keep track of the cert it just installed.
Bug: 32692748
Test: DPMS unit tests and CTS CtsDevicePolicyManagerTestCases
Change-Id: I591b8528fdb2a4a77d099f23535e5ff64f46787a
diff --git a/src/com/android/keychain/KeyChainService.java b/src/com/android/keychain/KeyChainService.java
index c5add9c..6351cd0 100644
--- a/src/com/android/keychain/KeyChainService.java
+++ b/src/com/android/keychain/KeyChainService.java
@@ -141,11 +141,14 @@
}
}
- @Override public void installCaCertificate(byte[] caCertificate) {
+ @Override public String installCaCertificate(byte[] caCertificate) {
checkCertInstallerOrSystemCaller();
+ final String alias;
try {
+ final X509Certificate cert = parseCertificate(caCertificate);
synchronized (mTrustedCertificateStore) {
- mTrustedCertificateStore.installCertificate(parseCertificate(caCertificate));
+ mTrustedCertificateStore.installCertificate(cert);
+ alias = mTrustedCertificateStore.getCertificateAlias(cert);
}
} catch (IOException e) {
throw new IllegalStateException(e);
@@ -154,6 +157,7 @@
}
broadcastLegacyStorageChange();
broadcastTrustStoreChange();
+ return alias;
}
/**