Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2011 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.settings; |
| 18 | |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 19 | import static android.widget.LinearLayout.LayoutParams.MATCH_PARENT; |
| 20 | import static android.widget.LinearLayout.LayoutParams.WRAP_CONTENT; |
| 21 | |
| 22 | import android.animation.LayoutTransition; |
Doris Ling | 03a3b51 | 2017-10-18 14:25:01 -0700 | [diff] [blame] | 23 | import android.annotation.StringRes; |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 24 | import android.annotation.UiThread; |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 25 | import android.app.Activity; |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 26 | import android.app.KeyguardManager; |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 27 | import android.app.admin.DevicePolicyManager; |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 28 | import android.content.BroadcastReceiver; |
Geoffrey Borggaard | 6e1102d | 2013-08-07 14:57:43 -0400 | [diff] [blame] | 29 | import android.content.Context; |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 30 | import android.content.DialogInterface; |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 31 | import android.content.Intent; |
| 32 | import android.content.IntentFilter; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 33 | import android.content.pm.UserInfo; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 34 | import android.content.res.TypedArray; |
| 35 | import android.database.DataSetObserver; |
| 36 | import android.graphics.drawable.Drawable; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 37 | import android.net.http.SslCertificate; |
| 38 | import android.os.AsyncTask; |
| 39 | import android.os.Bundle; |
| 40 | import android.os.RemoteException; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 41 | import android.os.UserHandle; |
Geoffrey Borggaard | 6e1102d | 2013-08-07 14:57:43 -0400 | [diff] [blame] | 42 | import android.os.UserManager; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 43 | import android.security.IKeyChainService; |
| 44 | import android.security.KeyChain; |
| 45 | import android.security.KeyChain.KeyChainConnection; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 46 | import android.util.Log; |
Jason Monk | 39b4674 | 2015-09-10 15:52:51 -0400 | [diff] [blame] | 47 | import android.util.SparseArray; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 48 | import android.util.ArraySet; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 49 | import android.view.LayoutInflater; |
| 50 | import android.view.View; |
| 51 | import android.view.ViewGroup; |
| 52 | import android.widget.AdapterView; |
| 53 | import android.widget.BaseAdapter; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 54 | import android.widget.BaseExpandableListAdapter; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 55 | import android.widget.ExpandableListView; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 56 | import android.widget.FrameLayout; |
| 57 | import android.widget.ImageView; |
| 58 | import android.widget.LinearLayout; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 59 | import android.widget.ListView; |
Brian Carlstrom | 729c6d9 | 2011-07-06 13:15:03 -0700 | [diff] [blame] | 60 | import android.widget.ProgressBar; |
Fabrice Di Meglio | 44db45a | 2014-10-17 14:06:22 -0700 | [diff] [blame] | 61 | import android.widget.Switch; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 62 | import android.widget.TabHost; |
| 63 | import android.widget.TextView; |
Julia Reynolds | 565653c | 2014-06-12 11:49:12 -0400 | [diff] [blame] | 64 | |
daqi | be47df7 | 2017-09-05 09:53:05 +0800 | [diff] [blame] | 65 | import com.android.internal.annotations.GuardedBy; |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 66 | import com.android.internal.app.UnlaunchableAppActivity; |
Tamas Berghammer | 265d3c2 | 2016-06-22 15:34:45 +0100 | [diff] [blame] | 67 | import com.android.internal.logging.nano.MetricsProto.MetricsEvent; |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 68 | import com.android.internal.widget.LockPatternUtils; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 69 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 70 | import java.security.cert.CertificateEncodingException; |
| 71 | import java.security.cert.X509Certificate; |
| 72 | import java.util.ArrayList; |
| 73 | import java.util.Collections; |
Jason Monk | 39b4674 | 2015-09-10 15:52:51 -0400 | [diff] [blame] | 74 | import java.util.List; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 75 | import java.util.Set; |
Victor Chang | 45ca906 | 2016-05-23 19:47:38 +0100 | [diff] [blame] | 76 | import java.util.function.IntConsumer; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 77 | |
Victor Chang | d7d0e1b | 2016-04-05 20:01:24 +0100 | [diff] [blame] | 78 | public class TrustedCredentialsSettings extends OptionsMenuFragment |
| 79 | implements TrustedCredentialsDialogBuilder.DelegateInterface { |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 80 | |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 81 | public static final String ARG_SHOW_NEW_FOR_USER = "ARG_SHOW_NEW_FOR_USER"; |
| 82 | |
Brian Carlstrom | ac45fb4 | 2011-06-28 19:57:14 -0700 | [diff] [blame] | 83 | private static final String TAG = "TrustedCredentialsSettings"; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 84 | |
Geoffrey Borggaard | 6e1102d | 2013-08-07 14:57:43 -0400 | [diff] [blame] | 85 | private UserManager mUserManager; |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 86 | private KeyguardManager mKeyguardManager; |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 87 | private int mTrustAllCaUserId; |
| 88 | |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 89 | private static final String SAVED_CONFIRMED_CREDENTIAL_USERS = "ConfirmedCredentialUsers"; |
| 90 | private static final String SAVED_CONFIRMING_CREDENTIAL_USER = "ConfirmingCredentialUser"; |
Geoffrey Borggaard | fc6bc20 | 2013-08-09 11:44:42 -0400 | [diff] [blame] | 91 | private static final String USER_ACTION = "com.android.settings.TRUSTED_CREDENTIALS_USER"; |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 92 | private static final int REQUEST_CONFIRM_CREDENTIALS = 1; |
Geoffrey Borggaard | fc6bc20 | 2013-08-09 11:44:42 -0400 | [diff] [blame] | 93 | |
Chris Wren | 8a963ba | 2015-03-20 10:29:14 -0400 | [diff] [blame] | 94 | @Override |
Doris Ling | 03a3b51 | 2017-10-18 14:25:01 -0700 | [diff] [blame] | 95 | @StringRes |
| 96 | protected int getTitle() { |
| 97 | return R.string.trusted_credentials; |
| 98 | } |
| 99 | |
| 100 | @Override |
Fan Zhang | 6507613 | 2016-08-08 10:25:13 -0700 | [diff] [blame] | 101 | public int getMetricsCategory() { |
Chris Wren | 9d1bfd1 | 2016-01-26 18:04:01 -0500 | [diff] [blame] | 102 | return MetricsEvent.TRUSTED_CREDENTIALS; |
Chris Wren | 8a963ba | 2015-03-20 10:29:14 -0400 | [diff] [blame] | 103 | } |
| 104 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 105 | private enum Tab { |
| 106 | SYSTEM("system", |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 107 | R.string.trusted_credentials_system_tab, |
| 108 | R.id.system_tab, |
| 109 | R.id.system_progress, |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 110 | R.id.system_content, |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 111 | true), |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 112 | USER("user", |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 113 | R.string.trusted_credentials_user_tab, |
| 114 | R.id.user_tab, |
| 115 | R.id.user_progress, |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 116 | R.id.user_content, |
| 117 | false); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 118 | |
| 119 | private final String mTag; |
| 120 | private final int mLabel; |
| 121 | private final int mView; |
| 122 | private final int mProgress; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 123 | private final int mContentView; |
Fabrice Di Meglio | 44db45a | 2014-10-17 14:06:22 -0700 | [diff] [blame] | 124 | private final boolean mSwitch; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 125 | |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 126 | private Tab(String tag, int label, int view, int progress, int contentView, boolean withSwitch) { |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 127 | mTag = tag; |
| 128 | mLabel = label; |
| 129 | mView = view; |
| 130 | mProgress = progress; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 131 | mContentView = contentView; |
Fabrice Di Meglio | 44db45a | 2014-10-17 14:06:22 -0700 | [diff] [blame] | 132 | mSwitch = withSwitch; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 133 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 134 | |
Robin Lee | b50e681 | 2017-02-20 21:02:45 +0000 | [diff] [blame] | 135 | private List<String> getAliases(IKeyChainService service) throws RemoteException { |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 136 | switch (this) { |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 137 | case SYSTEM: { |
| 138 | return service.getSystemCaAliases().getList(); |
| 139 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 140 | case USER: |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 141 | return service.getUserCaAliases().getList(); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 142 | } |
| 143 | throw new AssertionError(); |
| 144 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 145 | private boolean deleted(IKeyChainService service, String alias) throws RemoteException { |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 146 | switch (this) { |
| 147 | case SYSTEM: |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 148 | return !service.containsCaAlias(alias); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 149 | case USER: |
| 150 | return false; |
| 151 | } |
| 152 | throw new AssertionError(); |
| 153 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 154 | } |
| 155 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 156 | private TabHost mTabHost; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 157 | private ArrayList<GroupAdapter> mGroupAdapters = new ArrayList<>(2); |
Zoltan Szatmary-Ban | cfe521e | 2014-10-15 13:01:05 +0100 | [diff] [blame] | 158 | private AliasOperation mAliasOperation; |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 159 | private ArraySet<Integer> mConfirmedCredentialUsers; |
| 160 | private int mConfirmingCredentialUser; |
Victor Chang | 45ca906 | 2016-05-23 19:47:38 +0100 | [diff] [blame] | 161 | private IntConsumer mConfirmingCredentialListener; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 162 | private Set<AdapterData.AliasLoader> mAliasLoaders = new ArraySet<AdapterData.AliasLoader>(2); |
daqi | be47df7 | 2017-09-05 09:53:05 +0800 | [diff] [blame] | 163 | @GuardedBy("mKeyChainConnectionByProfileId") |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 164 | private final SparseArray<KeyChainConnection> |
| 165 | mKeyChainConnectionByProfileId = new SparseArray<KeyChainConnection>(); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 166 | |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 167 | private BroadcastReceiver mWorkProfileChangedReceiver = new BroadcastReceiver() { |
| 168 | |
| 169 | @Override |
| 170 | public void onReceive(Context context, Intent intent) { |
| 171 | final String action = intent.getAction(); |
Rubin Xu | 819f78e | 2016-04-04 17:23:46 +0100 | [diff] [blame] | 172 | if (Intent.ACTION_MANAGED_PROFILE_AVAILABLE.equals(action) || |
| 173 | Intent.ACTION_MANAGED_PROFILE_UNAVAILABLE.equals(action) || |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 174 | Intent.ACTION_MANAGED_PROFILE_UNLOCKED.equals(action)) { |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 175 | for (GroupAdapter adapter : mGroupAdapters) { |
| 176 | adapter.load(); |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 177 | } |
| 178 | } |
| 179 | } |
| 180 | |
| 181 | }; |
| 182 | |
Geoffrey Borggaard | 6e1102d | 2013-08-07 14:57:43 -0400 | [diff] [blame] | 183 | @Override |
| 184 | public void onCreate(Bundle savedInstanceState) { |
| 185 | super.onCreate(savedInstanceState); |
| 186 | mUserManager = (UserManager) getActivity().getSystemService(Context.USER_SERVICE); |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 187 | mKeyguardManager = (KeyguardManager) getActivity() |
| 188 | .getSystemService(Context.KEYGUARD_SERVICE); |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 189 | mTrustAllCaUserId = getActivity().getIntent().getIntExtra(ARG_SHOW_NEW_FOR_USER, |
| 190 | UserHandle.USER_NULL); |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 191 | mConfirmedCredentialUsers = new ArraySet<>(2); |
| 192 | mConfirmingCredentialUser = UserHandle.USER_NULL; |
| 193 | if (savedInstanceState != null) { |
| 194 | mConfirmingCredentialUser = savedInstanceState.getInt(SAVED_CONFIRMING_CREDENTIAL_USER, |
| 195 | UserHandle.USER_NULL); |
| 196 | ArrayList<Integer> users = savedInstanceState.getIntegerArrayList( |
| 197 | SAVED_CONFIRMED_CREDENTIAL_USERS); |
| 198 | if (users != null) { |
| 199 | mConfirmedCredentialUsers.addAll(users); |
| 200 | } |
| 201 | } |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 202 | |
Victor Chang | 45ca906 | 2016-05-23 19:47:38 +0100 | [diff] [blame] | 203 | mConfirmingCredentialListener = null; |
| 204 | |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 205 | IntentFilter filter = new IntentFilter(); |
Rubin Xu | 819f78e | 2016-04-04 17:23:46 +0100 | [diff] [blame] | 206 | filter.addAction(Intent.ACTION_MANAGED_PROFILE_AVAILABLE); |
| 207 | filter.addAction(Intent.ACTION_MANAGED_PROFILE_UNAVAILABLE); |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 208 | filter.addAction(Intent.ACTION_MANAGED_PROFILE_UNLOCKED); |
| 209 | getActivity().registerReceiver(mWorkProfileChangedReceiver, filter); |
Geoffrey Borggaard | 6e1102d | 2013-08-07 14:57:43 -0400 | [diff] [blame] | 210 | } |
| 211 | |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 212 | @Override |
| 213 | public void onSaveInstanceState(Bundle outState) { |
| 214 | super.onSaveInstanceState(outState); |
| 215 | outState.putIntegerArrayList(SAVED_CONFIRMED_CREDENTIAL_USERS, new ArrayList<>( |
| 216 | mConfirmedCredentialUsers)); |
| 217 | outState.putInt(SAVED_CONFIRMING_CREDENTIAL_USER, mConfirmingCredentialUser); |
| 218 | } |
| 219 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 220 | @Override public View onCreateView( |
| 221 | LayoutInflater inflater, ViewGroup parent, Bundle savedInstanceState) { |
| 222 | mTabHost = (TabHost) inflater.inflate(R.layout.trusted_credentials, parent, false); |
| 223 | mTabHost.setup(); |
| 224 | addTab(Tab.SYSTEM); |
| 225 | // TODO add Install button on Tab.USER to go to CertInstaller like KeyChainActivity |
| 226 | addTab(Tab.USER); |
Geoffrey Borggaard | fc6bc20 | 2013-08-09 11:44:42 -0400 | [diff] [blame] | 227 | if (getActivity().getIntent() != null && |
| 228 | USER_ACTION.equals(getActivity().getIntent().getAction())) { |
| 229 | mTabHost.setCurrentTabByTag(Tab.USER.mTag); |
| 230 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 231 | return mTabHost; |
| 232 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 233 | @Override |
| 234 | public void onDestroy() { |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 235 | getActivity().unregisterReceiver(mWorkProfileChangedReceiver); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 236 | for (AdapterData.AliasLoader aliasLoader : mAliasLoaders) { |
Zoltan Szatmary-Ban | cfe521e | 2014-10-15 13:01:05 +0100 | [diff] [blame] | 237 | aliasLoader.cancel(true); |
| 238 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 239 | mAliasLoaders.clear(); |
| 240 | mGroupAdapters.clear(); |
Zoltan Szatmary-Ban | cfe521e | 2014-10-15 13:01:05 +0100 | [diff] [blame] | 241 | if (mAliasOperation != null) { |
| 242 | mAliasOperation.cancel(true); |
| 243 | mAliasOperation = null; |
| 244 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 245 | closeKeyChainConnections(); |
| 246 | super.onDestroy(); |
| 247 | } |
| 248 | |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 249 | @Override |
| 250 | public void onActivityResult(int requestCode, int resultCode, Intent data) { |
| 251 | if (requestCode == REQUEST_CONFIRM_CREDENTIALS) { |
Victor Chang | 45ca906 | 2016-05-23 19:47:38 +0100 | [diff] [blame] | 252 | int userId = mConfirmingCredentialUser; |
| 253 | IntConsumer listener = mConfirmingCredentialListener; |
| 254 | // reset them before calling the listener because the listener may call back to start |
| 255 | // activity again. (though it should never happen.) |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 256 | mConfirmingCredentialUser = UserHandle.USER_NULL; |
Victor Chang | 45ca906 | 2016-05-23 19:47:38 +0100 | [diff] [blame] | 257 | mConfirmingCredentialListener = null; |
| 258 | if (resultCode == Activity.RESULT_OK) { |
| 259 | mConfirmedCredentialUsers.add(userId); |
| 260 | if (listener != null) { |
| 261 | listener.accept(userId); |
| 262 | } |
| 263 | } |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 264 | } |
| 265 | } |
| 266 | |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 267 | private void closeKeyChainConnections() { |
daqi | be47df7 | 2017-09-05 09:53:05 +0800 | [diff] [blame] | 268 | synchronized (mKeyChainConnectionByProfileId) { |
| 269 | final int n = mKeyChainConnectionByProfileId.size(); |
| 270 | for (int i = 0; i < n; ++i) { |
| 271 | mKeyChainConnectionByProfileId.valueAt(i).close(); |
| 272 | } |
| 273 | mKeyChainConnectionByProfileId.clear(); |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 274 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 275 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 276 | |
| 277 | private void addTab(Tab tab) { |
| 278 | TabHost.TabSpec systemSpec = mTabHost.newTabSpec(tab.mTag) |
| 279 | .setIndicator(getActivity().getString(tab.mLabel)) |
| 280 | .setContent(tab.mView); |
| 281 | mTabHost.addTab(systemSpec); |
| 282 | |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 283 | final GroupAdapter groupAdapter = new GroupAdapter(tab); |
| 284 | mGroupAdapters.add(groupAdapter); |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 285 | final int profilesSize = groupAdapter.getGroupCount(); |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 286 | |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 287 | // Add a transition for non-visibility events like resizing the pane. |
| 288 | final ViewGroup contentView = (ViewGroup) mTabHost.findViewById(tab.mContentView); |
| 289 | contentView.getLayoutTransition().enableTransitionType(LayoutTransition.CHANGING); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 290 | |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 291 | final LayoutInflater inflater = LayoutInflater.from(getActivity()); |
| 292 | for (int i = 0; i < groupAdapter.getGroupCount(); i++) { |
| 293 | final boolean isWork = groupAdapter.getUserInfoByGroup(i).isManagedProfile(); |
| 294 | final ChildAdapter adapter = groupAdapter.getChildAdapter(i); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 295 | |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 296 | final LinearLayout containerView = (LinearLayout) inflater |
| 297 | .inflate(R.layout.trusted_credential_list_container, contentView, false); |
| 298 | adapter.setContainerView(containerView); |
| 299 | |
| 300 | adapter.showHeader(profilesSize > 1); |
| 301 | adapter.showDivider(isWork); |
| 302 | adapter.setExpandIfAvailable(profilesSize <= 2 ? true : !isWork); |
| 303 | if (isWork) { |
| 304 | contentView.addView(containerView); |
| 305 | } else { |
| 306 | contentView.addView(containerView, 0); |
| 307 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 308 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 309 | } |
| 310 | |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 311 | /** |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 312 | * Start work challenge activity. |
| 313 | * @return true if screenlock exists |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 314 | */ |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 315 | private boolean startConfirmCredential(int userId) { |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 316 | final Intent newIntent = mKeyguardManager.createConfirmDeviceCredentialIntent(null, null, |
| 317 | userId); |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 318 | if (newIntent == null) { |
| 319 | return false; |
| 320 | } |
| 321 | mConfirmingCredentialUser = userId; |
| 322 | startActivityForResult(newIntent, REQUEST_CONFIRM_CREDENTIALS); |
| 323 | return true; |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 324 | } |
| 325 | |
| 326 | /** |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 327 | * Adapter for expandable list view of certificates. Groups in the view correspond to profiles |
| 328 | * whereas children correspond to certificates. |
| 329 | */ |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 330 | private class GroupAdapter extends BaseExpandableListAdapter implements |
Robin Lee | bed8559 | 2016-09-01 18:35:00 +0100 | [diff] [blame] | 331 | ExpandableListView.OnGroupClickListener, ExpandableListView.OnChildClickListener, |
| 332 | View.OnClickListener { |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 333 | private final AdapterData mData; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 334 | |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 335 | private GroupAdapter(Tab tab) { |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 336 | mData = new AdapterData(tab, this); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 337 | load(); |
| 338 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 339 | |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 340 | @Override |
| 341 | public int getGroupCount() { |
| 342 | return mData.mCertHoldersByUserId.size(); |
| 343 | } |
| 344 | @Override |
| 345 | public int getChildrenCount(int groupPosition) { |
Zoltan Szatmary-Ban | 860e1e1 | 2014-09-10 12:22:36 +0100 | [diff] [blame] | 346 | List<CertHolder> certHolders = mData.mCertHoldersByUserId.valueAt(groupPosition); |
| 347 | if (certHolders != null) { |
| 348 | return certHolders.size(); |
| 349 | } |
| 350 | return 0; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 351 | } |
| 352 | @Override |
| 353 | public UserHandle getGroup(int groupPosition) { |
| 354 | return new UserHandle(mData.mCertHoldersByUserId.keyAt(groupPosition)); |
| 355 | } |
| 356 | @Override |
| 357 | public CertHolder getChild(int groupPosition, int childPosition) { |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 358 | return mData.mCertHoldersByUserId.get(getUserIdByGroup(groupPosition)).get( |
| 359 | childPosition); |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 360 | } |
| 361 | @Override |
| 362 | public long getGroupId(int groupPosition) { |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 363 | return getUserIdByGroup(groupPosition); |
| 364 | } |
| 365 | private int getUserIdByGroup(int groupPosition) { |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 366 | return mData.mCertHoldersByUserId.keyAt(groupPosition); |
| 367 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 368 | public UserInfo getUserInfoByGroup(int groupPosition) { |
| 369 | return mUserManager.getUserInfo(getUserIdByGroup(groupPosition)); |
| 370 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 371 | @Override |
| 372 | public long getChildId(int groupPosition, int childPosition) { |
| 373 | return childPosition; |
| 374 | } |
| 375 | @Override |
| 376 | public boolean hasStableIds() { |
| 377 | return false; |
| 378 | } |
| 379 | @Override |
| 380 | public View getGroupView(int groupPosition, boolean isExpanded, View convertView, |
| 381 | ViewGroup parent) { |
| 382 | if (convertView == null) { |
| 383 | LayoutInflater inflater = (LayoutInflater) getActivity() |
| 384 | .getSystemService(Context.LAYOUT_INFLATER_SERVICE); |
Zoltan Szatmary-Ban | 3af2e4c | 2014-12-19 17:17:23 +0000 | [diff] [blame] | 385 | convertView = Utils.inflateCategoryHeader(inflater, parent); |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 386 | } |
| 387 | |
| 388 | final TextView title = (TextView) convertView.findViewById(android.R.id.title); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 389 | if (getUserInfoByGroup(groupPosition).isManagedProfile()) { |
Zoltan Szatmary-Ban | af0f89f | 2014-09-30 16:30:07 +0100 | [diff] [blame] | 390 | title.setText(R.string.category_work); |
| 391 | } else { |
| 392 | title.setText(R.string.category_personal); |
| 393 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 394 | title.setTextAlignment(View.TEXT_ALIGNMENT_VIEW_END); |
| 395 | |
| 396 | return convertView; |
| 397 | } |
| 398 | @Override |
| 399 | public View getChildView(int groupPosition, int childPosition, boolean isLastChild, |
| 400 | View convertView, ViewGroup parent) { |
| 401 | return getViewForCertificate(getChild(groupPosition, childPosition), mData.mTab, |
| 402 | convertView, parent); |
| 403 | } |
| 404 | @Override |
| 405 | public boolean isChildSelectable(int groupPosition, int childPosition) { |
| 406 | return true; |
| 407 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 408 | |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 409 | @Override |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 410 | public boolean onChildClick(ExpandableListView expandableListView, View view, |
| 411 | int groupPosition, int childPosition, long id) { |
| 412 | showCertDialog(getChild(groupPosition, childPosition)); |
| 413 | return true; |
| 414 | } |
| 415 | |
Robin Lee | bed8559 | 2016-09-01 18:35:00 +0100 | [diff] [blame] | 416 | /** |
| 417 | * Called when the switch on a system certificate is clicked. This will toggle whether it |
| 418 | * is trusted as a credential. |
| 419 | */ |
| 420 | @Override |
| 421 | public void onClick(View view) { |
| 422 | CertHolder holder = (CertHolder) view.getTag(); |
| 423 | removeOrInstallCert(holder); |
| 424 | } |
| 425 | |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 426 | @Override |
| 427 | public boolean onGroupClick(ExpandableListView expandableListView, View view, |
| 428 | int groupPosition, long id) { |
| 429 | return !checkGroupExpandableAndStartWarningActivity(groupPosition); |
| 430 | } |
| 431 | |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 432 | public void load() { |
| 433 | mData.new AliasLoader().execute(); |
| 434 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 435 | |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 436 | public void remove(CertHolder certHolder) { |
| 437 | mData.remove(certHolder); |
| 438 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 439 | |
| 440 | public void setExpandableListView(ExpandableListView lv) { |
| 441 | lv.setAdapter(this); |
| 442 | lv.setOnGroupClickListener(this); |
| 443 | lv.setOnChildClickListener(this); |
| 444 | lv.setVisibility(View.VISIBLE); |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 445 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 446 | |
| 447 | public ChildAdapter getChildAdapter(int groupPosition) { |
| 448 | return new ChildAdapter(this, groupPosition); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 449 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 450 | |
| 451 | public boolean checkGroupExpandableAndStartWarningActivity(int groupPosition) { |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 452 | return checkGroupExpandableAndStartWarningActivity(groupPosition, true); |
| 453 | } |
| 454 | |
| 455 | public boolean checkGroupExpandableAndStartWarningActivity(int groupPosition, |
| 456 | boolean startActivity) { |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 457 | final UserHandle groupUser = getGroup(groupPosition); |
| 458 | final int groupUserId = groupUser.getIdentifier(); |
| 459 | if (mUserManager.isQuietModeEnabled(groupUser)) { |
| 460 | final Intent intent = UnlaunchableAppActivity.createInQuietModeDialogIntent( |
| 461 | groupUserId); |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 462 | if (startActivity) { |
| 463 | getActivity().startActivity(intent); |
| 464 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 465 | return false; |
| 466 | } else if (!mUserManager.isUserUnlocked(groupUser)) { |
| 467 | final LockPatternUtils lockPatternUtils = new LockPatternUtils( |
| 468 | getActivity()); |
| 469 | if (lockPatternUtils.isSeparateProfileChallengeEnabled(groupUserId)) { |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 470 | if (startActivity) { |
| 471 | startConfirmCredential(groupUserId); |
| 472 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 473 | return false; |
| 474 | } |
Zoltan Szatmary-Ban | 860e1e1 | 2014-09-10 12:22:36 +0100 | [diff] [blame] | 475 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 476 | return true; |
| 477 | } |
| 478 | |
| 479 | private View getViewForCertificate(CertHolder certHolder, Tab mTab, View convertView, |
| 480 | ViewGroup parent) { |
| 481 | ViewHolder holder; |
| 482 | if (convertView == null) { |
Robin Lee | bed8559 | 2016-09-01 18:35:00 +0100 | [diff] [blame] | 483 | holder = new ViewHolder(); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 484 | LayoutInflater inflater = LayoutInflater.from(getActivity()); |
| 485 | convertView = inflater.inflate(R.layout.trusted_credential, parent, false); |
Robin Lee | bed8559 | 2016-09-01 18:35:00 +0100 | [diff] [blame] | 486 | convertView.setTag(holder); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 487 | holder.mSubjectPrimaryView = (TextView) |
| 488 | convertView.findViewById(R.id.trusted_credential_subject_primary); |
| 489 | holder.mSubjectSecondaryView = (TextView) |
| 490 | convertView.findViewById(R.id.trusted_credential_subject_secondary); |
| 491 | holder.mSwitch = (Switch) convertView.findViewById( |
| 492 | R.id.trusted_credential_status); |
Robin Lee | bed8559 | 2016-09-01 18:35:00 +0100 | [diff] [blame] | 493 | holder.mSwitch.setOnClickListener(this); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 494 | } else { |
| 495 | holder = (ViewHolder) convertView.getTag(); |
| 496 | } |
| 497 | holder.mSubjectPrimaryView.setText(certHolder.mSubjectPrimary); |
| 498 | holder.mSubjectSecondaryView.setText(certHolder.mSubjectSecondary); |
| 499 | if (mTab.mSwitch) { |
| 500 | holder.mSwitch.setChecked(!certHolder.mDeleted); |
| 501 | holder.mSwitch.setEnabled(!mUserManager.hasUserRestriction( |
| 502 | UserManager.DISALLOW_CONFIG_CREDENTIALS, |
| 503 | new UserHandle(certHolder.mProfileId))); |
| 504 | holder.mSwitch.setVisibility(View.VISIBLE); |
Robin Lee | bed8559 | 2016-09-01 18:35:00 +0100 | [diff] [blame] | 505 | holder.mSwitch.setTag(certHolder); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 506 | } |
| 507 | return convertView; |
| 508 | } |
| 509 | |
| 510 | private class ViewHolder { |
| 511 | private TextView mSubjectPrimaryView; |
| 512 | private TextView mSubjectSecondaryView; |
| 513 | private Switch mSwitch; |
| 514 | } |
| 515 | } |
| 516 | |
| 517 | private class ChildAdapter extends BaseAdapter implements View.OnClickListener, |
| 518 | AdapterView.OnItemClickListener { |
| 519 | private final int[] GROUP_EXPANDED_STATE_SET = {com.android.internal.R.attr.state_expanded}; |
| 520 | private final int[] EMPTY_STATE_SET = {}; |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 521 | private final LinearLayout.LayoutParams HIDE_CONTAINER_LAYOUT_PARAMS = |
| 522 | new LinearLayout.LayoutParams(MATCH_PARENT, WRAP_CONTENT, 0f); |
| 523 | private final LinearLayout.LayoutParams HIDE_LIST_LAYOUT_PARAMS = |
| 524 | new LinearLayout.LayoutParams(MATCH_PARENT, 0); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 525 | private final LinearLayout.LayoutParams SHOW_LAYOUT_PARAMS = new LinearLayout.LayoutParams( |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 526 | LinearLayout.LayoutParams.MATCH_PARENT, MATCH_PARENT, 1f); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 527 | private final GroupAdapter mParent; |
| 528 | private final int mGroupPosition; |
| 529 | /* |
| 530 | * This class doesn't hold the actual data. Events should notify parent. |
| 531 | * When notifying DataSet events in this class, events should be forwarded to mParent. |
| 532 | * i.e. this.notifyDataSetChanged -> mParent.notifyDataSetChanged -> mObserver.onChanged |
| 533 | * -> outsideObservers.onChanged() (e.g. ListView) |
| 534 | */ |
| 535 | private final DataSetObserver mObserver = new DataSetObserver() { |
| 536 | @Override |
| 537 | public void onChanged() { |
| 538 | super.onChanged(); |
| 539 | ChildAdapter.super.notifyDataSetChanged(); |
| 540 | } |
| 541 | @Override |
| 542 | public void onInvalidated() { |
| 543 | super.onInvalidated(); |
| 544 | ChildAdapter.super.notifyDataSetInvalidated(); |
| 545 | } |
| 546 | }; |
| 547 | |
| 548 | private boolean mIsListExpanded = true; |
| 549 | private LinearLayout mContainerView; |
| 550 | private ViewGroup mHeaderView; |
| 551 | private ListView mListView; |
| 552 | private ImageView mIndicatorView; |
| 553 | |
| 554 | private ChildAdapter(GroupAdapter parent, int groupPosition) { |
| 555 | mParent = parent; |
| 556 | mGroupPosition = groupPosition; |
| 557 | mParent.registerDataSetObserver(mObserver); |
| 558 | } |
| 559 | |
| 560 | @Override public int getCount() { |
| 561 | return mParent.getChildrenCount(mGroupPosition); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 562 | } |
| 563 | @Override public CertHolder getItem(int position) { |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 564 | return mParent.getChild(mGroupPosition, position); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 565 | } |
| 566 | @Override public long getItemId(int position) { |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 567 | return mParent.getChildId(mGroupPosition, position); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 568 | } |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 569 | @Override public View getView(int position, View convertView, ViewGroup parent) { |
| 570 | return mParent.getChildView(mGroupPosition, position, false, convertView, parent); |
| 571 | } |
| 572 | // DataSet events |
| 573 | @Override |
| 574 | public void notifyDataSetChanged() { |
| 575 | // Don't call super as the parent will propagate this event back later in mObserver |
| 576 | mParent.notifyDataSetChanged(); |
| 577 | } |
| 578 | @Override |
| 579 | public void notifyDataSetInvalidated() { |
| 580 | // Don't call super as the parent will propagate this event back later in mObserver |
| 581 | mParent.notifyDataSetInvalidated(); |
| 582 | } |
| 583 | |
| 584 | // View related codes |
| 585 | @Override |
| 586 | public void onClick(View view) { |
| 587 | mIsListExpanded = checkGroupExpandableAndStartWarningActivity() && !mIsListExpanded; |
| 588 | refreshViews(); |
| 589 | } |
| 590 | |
| 591 | @Override |
| 592 | public void onItemClick(AdapterView<?> adapterView, View view, int pos, long id) { |
| 593 | showCertDialog(getItem(pos)); |
| 594 | } |
| 595 | |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 596 | public void setContainerView(LinearLayout containerView) { |
| 597 | mContainerView = containerView; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 598 | |
| 599 | mListView = (ListView) mContainerView.findViewById(R.id.cert_list); |
| 600 | mListView.setAdapter(this); |
| 601 | mListView.setOnItemClickListener(this); |
Robin Lee | bed8559 | 2016-09-01 18:35:00 +0100 | [diff] [blame] | 602 | mListView.setItemsCanFocus(true); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 603 | |
| 604 | mHeaderView = (ViewGroup) mContainerView.findViewById(R.id.header_view); |
| 605 | mHeaderView.setOnClickListener(this); |
| 606 | |
| 607 | mIndicatorView = (ImageView) mHeaderView.findViewById(R.id.group_indicator); |
| 608 | mIndicatorView.setImageDrawable(getGroupIndicator()); |
| 609 | |
| 610 | FrameLayout headerContentContainer = (FrameLayout) |
| 611 | mHeaderView.findViewById(R.id.header_content_container); |
| 612 | headerContentContainer.addView( |
| 613 | mParent.getGroupView(mGroupPosition, true /* parent ignores it */, null, |
| 614 | headerContentContainer)); |
| 615 | } |
| 616 | |
| 617 | public void showHeader(boolean showHeader) { |
| 618 | mHeaderView.setVisibility(showHeader ? View.VISIBLE : View.GONE); |
| 619 | } |
| 620 | |
| 621 | public void showDivider(boolean showDivider) { |
| 622 | View dividerView = mHeaderView.findViewById(R.id.header_divider); |
| 623 | dividerView.setVisibility(showDivider ? View.VISIBLE : View.GONE ); |
| 624 | } |
| 625 | |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 626 | public void setExpandIfAvailable(boolean expanded) { |
| 627 | mIsListExpanded = expanded && mParent.checkGroupExpandableAndStartWarningActivity( |
| 628 | mGroupPosition, false /* startActivity */); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 629 | refreshViews(); |
| 630 | } |
| 631 | |
| 632 | private boolean checkGroupExpandableAndStartWarningActivity() { |
| 633 | return mParent.checkGroupExpandableAndStartWarningActivity(mGroupPosition); |
| 634 | } |
| 635 | |
| 636 | private void refreshViews() { |
| 637 | mIndicatorView.setImageState(mIsListExpanded ? GROUP_EXPANDED_STATE_SET |
| 638 | : EMPTY_STATE_SET, false); |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 639 | mListView.setLayoutParams(mIsListExpanded ? SHOW_LAYOUT_PARAMS |
| 640 | : HIDE_LIST_LAYOUT_PARAMS); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 641 | mContainerView.setLayoutParams(mIsListExpanded ? SHOW_LAYOUT_PARAMS |
Robin Lee | 232f057 | 2016-08-02 10:52:22 +0100 | [diff] [blame] | 642 | : HIDE_CONTAINER_LAYOUT_PARAMS); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 643 | } |
| 644 | |
| 645 | // Get group indicator from styles of ExpandableListView |
| 646 | private Drawable getGroupIndicator() { |
| 647 | final TypedArray a = getActivity().obtainStyledAttributes(null, |
| 648 | com.android.internal.R.styleable.ExpandableListView, |
| 649 | com.android.internal.R.attr.expandableListViewStyle, 0); |
| 650 | Drawable groupIndicator = a.getDrawable( |
| 651 | com.android.internal.R.styleable.ExpandableListView_groupIndicator); |
| 652 | a.recycle(); |
| 653 | return groupIndicator; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 654 | } |
| 655 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 656 | |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 657 | private class AdapterData { |
| 658 | private final SparseArray<List<CertHolder>> mCertHoldersByUserId = |
| 659 | new SparseArray<List<CertHolder>>(); |
| 660 | private final Tab mTab; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 661 | private final GroupAdapter mAdapter; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 662 | |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 663 | private AdapterData(Tab tab, GroupAdapter adapter) { |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 664 | mAdapter = adapter; |
| 665 | mTab = tab; |
| 666 | } |
| 667 | |
| 668 | private class AliasLoader extends AsyncTask<Void, Integer, SparseArray<List<CertHolder>>> { |
| 669 | private ProgressBar mProgressBar; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 670 | private View mContentView; |
Zoltan Szatmary-Ban | cfe521e | 2014-10-15 13:01:05 +0100 | [diff] [blame] | 671 | private Context mContext; |
| 672 | |
| 673 | public AliasLoader() { |
| 674 | mContext = getActivity(); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 675 | mAliasLoaders.add(this); |
| 676 | List<UserHandle> profiles = mUserManager.getUserProfiles(); |
| 677 | for (UserHandle profile : profiles) { |
| 678 | mCertHoldersByUserId.put(profile.getIdentifier(), new ArrayList<CertHolder>()); |
| 679 | } |
Zoltan Szatmary-Ban | cfe521e | 2014-10-15 13:01:05 +0100 | [diff] [blame] | 680 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 681 | |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 682 | private boolean shouldSkipProfile(UserHandle userHandle) { |
| 683 | return mUserManager.isQuietModeEnabled(userHandle) |
| 684 | || !mUserManager.isUserUnlocked(userHandle.getIdentifier()); |
| 685 | } |
| 686 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 687 | @Override protected void onPreExecute() { |
| 688 | View content = mTabHost.getTabContentView(); |
Brian Carlstrom | 729c6d9 | 2011-07-06 13:15:03 -0700 | [diff] [blame] | 689 | mProgressBar = (ProgressBar) content.findViewById(mTab.mProgress); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 690 | mContentView = content.findViewById(mTab.mContentView); |
Brian Carlstrom | 729c6d9 | 2011-07-06 13:15:03 -0700 | [diff] [blame] | 691 | mProgressBar.setVisibility(View.VISIBLE); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 692 | mContentView.setVisibility(View.GONE); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 693 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 694 | @Override protected SparseArray<List<CertHolder>> doInBackground(Void... params) { |
| 695 | SparseArray<List<CertHolder>> certHoldersByProfile = |
| 696 | new SparseArray<List<CertHolder>>(); |
| 697 | try { |
daqi | be47df7 | 2017-09-05 09:53:05 +0800 | [diff] [blame] | 698 | synchronized(mKeyChainConnectionByProfileId) { |
| 699 | List<UserHandle> profiles = mUserManager.getUserProfiles(); |
| 700 | final int n = profiles.size(); |
| 701 | // First we get all aliases for all profiles in order to show progress |
| 702 | // correctly. Otherwise this could all be in a single loop. |
| 703 | SparseArray<List<String>> aliasesByProfileId = new SparseArray< |
| 704 | List<String>>(n); |
| 705 | int max = 0; |
| 706 | int progress = 0; |
| 707 | for (int i = 0; i < n; ++i) { |
| 708 | UserHandle profile = profiles.get(i); |
| 709 | int profileId = profile.getIdentifier(); |
| 710 | if (shouldSkipProfile(profile)) { |
| 711 | continue; |
| 712 | } |
| 713 | KeyChainConnection keyChainConnection = KeyChain.bindAsUser(mContext, |
| 714 | profile); |
| 715 | // Saving the connection for later use on the certificate dialog. |
| 716 | mKeyChainConnectionByProfileId.put(profileId, keyChainConnection); |
| 717 | IKeyChainService service = keyChainConnection.getService(); |
| 718 | List<String> aliases = mTab.getAliases(service); |
| 719 | if (isCancelled()) { |
| 720 | return new SparseArray<List<CertHolder>>(); |
| 721 | } |
| 722 | max += aliases.size(); |
| 723 | aliasesByProfileId.put(profileId, aliases); |
Ricky Wai | 78fb3d3 | 2016-03-11 07:09:24 +0000 | [diff] [blame] | 724 | } |
daqi | be47df7 | 2017-09-05 09:53:05 +0800 | [diff] [blame] | 725 | for (int i = 0; i < n; ++i) { |
| 726 | UserHandle profile = profiles.get(i); |
| 727 | int profileId = profile.getIdentifier(); |
| 728 | List<String> aliases = aliasesByProfileId.get(profileId); |
| 729 | if (isCancelled()) { |
| 730 | return new SparseArray<List<CertHolder>>(); |
| 731 | } |
| 732 | KeyChainConnection keyChainConnection = mKeyChainConnectionByProfileId.get( |
| 733 | profileId); |
| 734 | if (shouldSkipProfile(profile) || aliases == null |
| 735 | || keyChainConnection == null) { |
| 736 | certHoldersByProfile.put(profileId, new ArrayList<CertHolder>(0)); |
| 737 | continue; |
| 738 | } |
| 739 | IKeyChainService service = keyChainConnection.getService(); |
| 740 | List<CertHolder> certHolders = new ArrayList<CertHolder>(max); |
| 741 | final int aliasMax = aliases.size(); |
| 742 | for (int j = 0; j < aliasMax; ++j) { |
| 743 | String alias = aliases.get(j); |
| 744 | byte[] encodedCertificate = service.getEncodedCaCertificate(alias, |
| 745 | true); |
| 746 | X509Certificate cert = KeyChain.toCertificate(encodedCertificate); |
| 747 | certHolders.add(new CertHolder(service, mAdapter, |
| 748 | mTab, alias, cert, profileId)); |
| 749 | publishProgress(++progress, max); |
| 750 | } |
| 751 | Collections.sort(certHolders); |
| 752 | certHoldersByProfile.put(profileId, certHolders); |
Zoltan Szatmary-Ban | cfe521e | 2014-10-15 13:01:05 +0100 | [diff] [blame] | 753 | } |
daqi | be47df7 | 2017-09-05 09:53:05 +0800 | [diff] [blame] | 754 | return certHoldersByProfile; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 755 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 756 | } catch (RemoteException e) { |
| 757 | Log.e(TAG, "Remote exception while loading aliases.", e); |
| 758 | return new SparseArray<List<CertHolder>>(); |
| 759 | } catch (InterruptedException e) { |
| 760 | Log.e(TAG, "InterruptedException while loading aliases.", e); |
| 761 | return new SparseArray<List<CertHolder>>(); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 762 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 763 | } |
Brian Carlstrom | 729c6d9 | 2011-07-06 13:15:03 -0700 | [diff] [blame] | 764 | @Override protected void onProgressUpdate(Integer... progressAndMax) { |
| 765 | int progress = progressAndMax[0]; |
| 766 | int max = progressAndMax[1]; |
| 767 | if (max != mProgressBar.getMax()) { |
| 768 | mProgressBar.setMax(max); |
| 769 | } |
| 770 | mProgressBar.setProgress(progress); |
| 771 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 772 | @Override protected void onPostExecute(SparseArray<List<CertHolder>> certHolders) { |
| 773 | mCertHoldersByUserId.clear(); |
| 774 | final int n = certHolders.size(); |
| 775 | for (int i = 0; i < n; ++i) { |
| 776 | mCertHoldersByUserId.put(certHolders.keyAt(i), certHolders.valueAt(i)); |
| 777 | } |
| 778 | mAdapter.notifyDataSetChanged(); |
Brian Carlstrom | 945e383 | 2011-07-06 15:13:03 -0700 | [diff] [blame] | 779 | mProgressBar.setVisibility(View.GONE); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 780 | mContentView.setVisibility(View.VISIBLE); |
Brian Carlstrom | 945e383 | 2011-07-06 15:13:03 -0700 | [diff] [blame] | 781 | mProgressBar.setProgress(0); |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 782 | mAliasLoaders.remove(this); |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 783 | showTrustAllCaDialogIfNeeded(); |
| 784 | } |
| 785 | |
| 786 | private boolean isUserTabAndTrustAllCertMode() { |
| 787 | return isTrustAllCaCertModeInProgress() && mTab == Tab.USER; |
| 788 | } |
| 789 | |
| 790 | @UiThread |
| 791 | private void showTrustAllCaDialogIfNeeded() { |
| 792 | if (!isUserTabAndTrustAllCertMode()) { |
| 793 | return; |
| 794 | } |
| 795 | List<CertHolder> certHolders = mCertHoldersByUserId.get(mTrustAllCaUserId); |
| 796 | if (certHolders == null) { |
| 797 | return; |
| 798 | } |
| 799 | |
| 800 | List<CertHolder> unapprovedUserCertHolders = new ArrayList<>(); |
| 801 | final DevicePolicyManager dpm = mContext.getSystemService( |
| 802 | DevicePolicyManager.class); |
| 803 | for (CertHolder cert : certHolders) { |
| 804 | if (cert != null && !dpm.isCaCertApproved(cert.mAlias, mTrustAllCaUserId)) { |
| 805 | unapprovedUserCertHolders.add(cert); |
| 806 | } |
| 807 | } |
| 808 | |
| 809 | if (unapprovedUserCertHolders.size() == 0) { |
| 810 | Log.w(TAG, "no cert is pending approval for user " + mTrustAllCaUserId); |
| 811 | return; |
| 812 | } |
| 813 | showTrustAllCaDialog(unapprovedUserCertHolders); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 814 | } |
| 815 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 816 | |
| 817 | public void remove(CertHolder certHolder) { |
Zoltan Szatmary-Ban | 50263ef | 2014-10-09 13:00:32 +0100 | [diff] [blame] | 818 | if (mCertHoldersByUserId != null) { |
| 819 | final List<CertHolder> certs = mCertHoldersByUserId.get(certHolder.mProfileId); |
| 820 | if (certs != null) { |
| 821 | certs.remove(certHolder); |
| 822 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 823 | } |
| 824 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 825 | } |
| 826 | |
Victor Chang | d7d0e1b | 2016-04-05 20:01:24 +0100 | [diff] [blame] | 827 | /* package */ static class CertHolder implements Comparable<CertHolder> { |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 828 | public int mProfileId; |
| 829 | private final IKeyChainService mService; |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 830 | private final GroupAdapter mAdapter; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 831 | private final Tab mTab; |
| 832 | private final String mAlias; |
| 833 | private final X509Certificate mX509Cert; |
| 834 | |
| 835 | private final SslCertificate mSslCert; |
Brian Carlstrom | 10cc989 | 2011-07-05 23:51:39 -0700 | [diff] [blame] | 836 | private final String mSubjectPrimary; |
| 837 | private final String mSubjectSecondary; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 838 | private boolean mDeleted; |
| 839 | |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 840 | private CertHolder(IKeyChainService service, |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 841 | GroupAdapter adapter, |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 842 | Tab tab, |
| 843 | String alias, |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 844 | X509Certificate x509Cert, |
| 845 | int profileId) { |
| 846 | mProfileId = profileId; |
| 847 | mService = service; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 848 | mAdapter = adapter; |
| 849 | mTab = tab; |
| 850 | mAlias = alias; |
| 851 | mX509Cert = x509Cert; |
| 852 | |
| 853 | mSslCert = new SslCertificate(x509Cert); |
| 854 | |
| 855 | String cn = mSslCert.getIssuedTo().getCName(); |
| 856 | String o = mSslCert.getIssuedTo().getOName(); |
| 857 | String ou = mSslCert.getIssuedTo().getUName(); |
Brian Carlstrom | 10cc989 | 2011-07-05 23:51:39 -0700 | [diff] [blame] | 858 | // if we have a O, use O as primary subject, secondary prefer CN over OU |
| 859 | // if we don't have an O, use CN as primary, empty secondary |
| 860 | // if we don't have O or CN, use DName as primary, empty secondary |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 861 | if (!o.isEmpty()) { |
Brian Carlstrom | 10cc989 | 2011-07-05 23:51:39 -0700 | [diff] [blame] | 862 | if (!cn.isEmpty()) { |
| 863 | mSubjectPrimary = o; |
| 864 | mSubjectSecondary = cn; |
| 865 | } else { |
| 866 | mSubjectPrimary = o; |
| 867 | mSubjectSecondary = ou; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 868 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 869 | } else { |
Brian Carlstrom | 10cc989 | 2011-07-05 23:51:39 -0700 | [diff] [blame] | 870 | if (!cn.isEmpty()) { |
| 871 | mSubjectPrimary = cn; |
| 872 | mSubjectSecondary = ""; |
| 873 | } else { |
| 874 | mSubjectPrimary = mSslCert.getIssuedTo().getDName(); |
| 875 | mSubjectSecondary = ""; |
| 876 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 877 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 878 | try { |
| 879 | mDeleted = mTab.deleted(mService, mAlias); |
| 880 | } catch (RemoteException e) { |
| 881 | Log.e(TAG, "Remote exception while checking if alias " + mAlias + " is deleted.", |
| 882 | e); |
| 883 | mDeleted = false; |
| 884 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 885 | } |
| 886 | @Override public int compareTo(CertHolder o) { |
Brian Carlstrom | 10cc989 | 2011-07-05 23:51:39 -0700 | [diff] [blame] | 887 | int primary = this.mSubjectPrimary.compareToIgnoreCase(o.mSubjectPrimary); |
| 888 | if (primary != 0) { |
| 889 | return primary; |
| 890 | } |
| 891 | return this.mSubjectSecondary.compareToIgnoreCase(o.mSubjectSecondary); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 892 | } |
| 893 | @Override public boolean equals(Object o) { |
| 894 | if (!(o instanceof CertHolder)) { |
| 895 | return false; |
| 896 | } |
| 897 | CertHolder other = (CertHolder) o; |
| 898 | return mAlias.equals(other.mAlias); |
| 899 | } |
| 900 | @Override public int hashCode() { |
| 901 | return mAlias.hashCode(); |
| 902 | } |
Victor Chang | d7d0e1b | 2016-04-05 20:01:24 +0100 | [diff] [blame] | 903 | |
| 904 | public int getUserId() { |
| 905 | return mProfileId; |
| 906 | } |
| 907 | |
| 908 | public String getAlias() { |
| 909 | return mAlias; |
| 910 | } |
| 911 | |
| 912 | public boolean isSystemCert() { |
| 913 | return mTab == Tab.SYSTEM; |
| 914 | } |
| 915 | |
| 916 | public boolean isDeleted() { |
| 917 | return mDeleted; |
| 918 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 919 | } |
| 920 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 921 | |
Victor Chang | caa8877 | 2016-04-05 22:06:49 +0100 | [diff] [blame] | 922 | private boolean isTrustAllCaCertModeInProgress() { |
| 923 | return mTrustAllCaUserId != UserHandle.USER_NULL; |
| 924 | } |
| 925 | |
| 926 | private void showTrustAllCaDialog(List<CertHolder> unapprovedCertHolders) { |
| 927 | final CertHolder[] arr = unapprovedCertHolders.toArray( |
| 928 | new CertHolder[unapprovedCertHolders.size()]); |
| 929 | new TrustedCredentialsDialogBuilder(getActivity(), this) |
| 930 | .setCertHolders(arr) |
| 931 | .setOnDismissListener(new DialogInterface.OnDismissListener() { |
| 932 | @Override |
| 933 | public void onDismiss(DialogInterface dialogInterface) { |
| 934 | // Avoid starting dialog again after Activity restart. |
| 935 | getActivity().getIntent().removeExtra(ARG_SHOW_NEW_FOR_USER); |
| 936 | mTrustAllCaUserId = UserHandle.USER_NULL; |
| 937 | } |
| 938 | }) |
| 939 | .show(); |
| 940 | } |
| 941 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 942 | private void showCertDialog(final CertHolder certHolder) { |
Victor Chang | d7d0e1b | 2016-04-05 20:01:24 +0100 | [diff] [blame] | 943 | new TrustedCredentialsDialogBuilder(getActivity(), this) |
| 944 | .setCertHolder(certHolder) |
| 945 | .show(); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 946 | } |
| 947 | |
Victor Chang | d7d0e1b | 2016-04-05 20:01:24 +0100 | [diff] [blame] | 948 | @Override |
| 949 | public List<X509Certificate> getX509CertsFromCertHolder(CertHolder certHolder) { |
Selim Gurun | f64facc | 2013-12-27 18:05:26 -0800 | [diff] [blame] | 950 | List<X509Certificate> certificates = null; |
| 951 | try { |
daqi | be47df7 | 2017-09-05 09:53:05 +0800 | [diff] [blame] | 952 | synchronized (mKeyChainConnectionByProfileId) { |
| 953 | KeyChainConnection keyChainConnection = mKeyChainConnectionByProfileId.get( |
| 954 | certHolder.mProfileId); |
| 955 | IKeyChainService service = keyChainConnection.getService(); |
| 956 | List<String> chain = service.getCaCertificateChainAliases(certHolder.mAlias, true); |
| 957 | final int n = chain.size(); |
| 958 | certificates = new ArrayList<X509Certificate>(n); |
| 959 | for (int i = 0; i < n; ++i) { |
| 960 | byte[] encodedCertificate = service.getEncodedCaCertificate(chain.get(i), true); |
| 961 | X509Certificate certificate = KeyChain.toCertificate(encodedCertificate); |
| 962 | certificates.add(certificate); |
| 963 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 964 | } |
| 965 | } catch (RemoteException ex) { |
| 966 | Log.e(TAG, "RemoteException while retrieving certificate chain for root " |
| 967 | + certHolder.mAlias, ex); |
Selim Gurun | f64facc | 2013-12-27 18:05:26 -0800 | [diff] [blame] | 968 | } |
Victor Chang | d7d0e1b | 2016-04-05 20:01:24 +0100 | [diff] [blame] | 969 | return certificates; |
Selim Gurun | f64facc | 2013-12-27 18:05:26 -0800 | [diff] [blame] | 970 | } |
| 971 | |
Victor Chang | d7d0e1b | 2016-04-05 20:01:24 +0100 | [diff] [blame] | 972 | @Override |
| 973 | public void removeOrInstallCert(CertHolder certHolder) { |
| 974 | new AliasOperation(certHolder).execute(); |
Selim Gurun | f64facc | 2013-12-27 18:05:26 -0800 | [diff] [blame] | 975 | } |
| 976 | |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 977 | @Override |
Victor Chang | 45ca906 | 2016-05-23 19:47:38 +0100 | [diff] [blame] | 978 | public boolean startConfirmCredentialIfNotConfirmed(int userId, |
| 979 | IntConsumer onCredentialConfirmedListener) { |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 980 | if (mConfirmedCredentialUsers.contains(userId)) { |
| 981 | // Credential has been confirmed. Don't start activity. |
| 982 | return false; |
| 983 | } |
Victor Chang | 45ca906 | 2016-05-23 19:47:38 +0100 | [diff] [blame] | 984 | |
| 985 | boolean result = startConfirmCredential(userId); |
| 986 | if (result) { |
| 987 | mConfirmingCredentialListener = onCredentialConfirmedListener; |
| 988 | } |
| 989 | return result; |
Victor Chang | 01f4dbc | 2016-05-09 16:13:10 +0100 | [diff] [blame] | 990 | } |
| 991 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 992 | private class AliasOperation extends AsyncTask<Void, Void, Boolean> { |
| 993 | private final CertHolder mCertHolder; |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 994 | |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 995 | private AliasOperation(CertHolder certHolder) { |
| 996 | mCertHolder = certHolder; |
Zoltan Szatmary-Ban | cfe521e | 2014-10-15 13:01:05 +0100 | [diff] [blame] | 997 | mAliasOperation = this; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 998 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 999 | |
| 1000 | @Override |
| 1001 | protected Boolean doInBackground(Void... params) { |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 1002 | try { |
daqi | be47df7 | 2017-09-05 09:53:05 +0800 | [diff] [blame] | 1003 | synchronized (mKeyChainConnectionByProfileId) { |
| 1004 | KeyChainConnection keyChainConnection = mKeyChainConnectionByProfileId.get( |
| 1005 | mCertHolder.mProfileId); |
| 1006 | IKeyChainService service = keyChainConnection.getService(); |
| 1007 | if (mCertHolder.mDeleted) { |
| 1008 | byte[] bytes = mCertHolder.mX509Cert.getEncoded(); |
| 1009 | service.installCaCertificate(bytes); |
| 1010 | return true; |
| 1011 | } else { |
| 1012 | return service.deleteCaCertificate(mCertHolder.mAlias); |
| 1013 | } |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 1014 | } |
Zoltan Szatmary-Ban | fb1bdf0 | 2015-01-05 16:41:35 +0000 | [diff] [blame] | 1015 | } catch (CertificateEncodingException | SecurityException | IllegalStateException |
| 1016 | | RemoteException e) { |
Victor Chang | d7d0e1b | 2016-04-05 20:01:24 +0100 | [diff] [blame] | 1017 | Log.w(TAG, "Error while toggling alias " + mCertHolder.mAlias, e); |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 1018 | return false; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 1019 | } |
| 1020 | } |
Zoltan Szatmary-Ban | 1613cb0 | 2014-07-15 16:52:39 +0100 | [diff] [blame] | 1021 | |
| 1022 | @Override |
| 1023 | protected void onPostExecute(Boolean ok) { |
Victor Chang | 9583dce | 2016-04-14 22:51:38 +0100 | [diff] [blame] | 1024 | if (ok) { |
| 1025 | if (mCertHolder.mTab.mSwitch) { |
| 1026 | mCertHolder.mDeleted = !mCertHolder.mDeleted; |
| 1027 | } else { |
| 1028 | mCertHolder.mAdapter.remove(mCertHolder); |
| 1029 | } |
| 1030 | mCertHolder.mAdapter.notifyDataSetChanged(); |
| 1031 | } else { |
| 1032 | // bail, reload to reset to known state |
| 1033 | mCertHolder.mAdapter.load(); |
| 1034 | } |
Zoltan Szatmary-Ban | cfe521e | 2014-10-15 13:01:05 +0100 | [diff] [blame] | 1035 | mAliasOperation = null; |
Brian Carlstrom | f6f4e30 | 2011-06-26 16:05:21 -0700 | [diff] [blame] | 1036 | } |
| 1037 | } |
| 1038 | } |