diff options
author | Brian Carlstrom <bdc@google.com> | 2011-06-24 02:13:23 -0700 |
---|---|---|
committer | Brian Carlstrom <bdc@google.com> | 2011-06-25 16:48:25 -0700 |
commit | 67c30dfe8e4bff11a4660ac23e8679b5deb59457 (patch) | |
tree | bf4811e6fbf0bcd12bb90f3a02824be69cfb3b9f /keystore | |
parent | dde052f4ba57d74af25a513853bacc035368240e (diff) | |
download | frameworks_base-67c30dfe8e4bff11a4660ac23e8679b5deb59457.zip frameworks_base-67c30dfe8e4bff11a4660ac23e8679b5deb59457.tar.gz frameworks_base-67c30dfe8e4bff11a4660ac23e8679b5deb59457.tar.bz2 |
Replace KeyChainActivity placeholder UI with more polished dialog (1 of 5)
frameworks/base
Extended KeyChain.chooserPrivateKeyAlias to allow caller to supply
preferred choice to be selected in chooser. This allows Email
settings to highlight the current choice when allowing user to
change settings.
keystore/java/android/security/KeyChain.java
api/current.txt
Implemented KeyChain functionality to pass host and port
information to KeyChainActivity for display.
keystore/java/android/security/KeyChain.java
KeyChain now sends a PendingIntent as part of the Intent it sends
to the KeyChainActivity which can be used to identify the caller
in reliable way.
keystore/java/android/security/KeyChain.java
Moved .pfx/.p12/.cer/.crt constants to Credentials for reuse.
Added Credentials.install variant with no value for use from KeyChainActivity
keystore/java/android/security/Credentials.java
packages/apps/CertInstaller
Source of extension constants now in Credentials
src/com/android/certinstaller/CertFile.java
packages/apps/Browser
Have browser supply host and port information to KeyChain.choosePrivateKeyAlias
Tracking KeyChain.choosePrivateKeyAlias API change
src/com/android/browser/Tab.java
packages/apps/Email
Tracking KeyChain.choosePrivateKeyAlias API change
src/com/android/email/view/CertificateSelector.java
packages/apps/KeyChain
KeyChain now depends on bouncycastle X509Name for formatting
X500Principals, since the 4 X500Principal formatting options could
not format emailAddress attributes in a human readable way and its
the most important attribute to display for client certificates in
most cases.
Android.mk
Changing the UI to a dialog, make the activity style transparent.
AndroidManifest.xml
res/values/styles.xml
Layout for chooser dialog
res/layout/cert_chooser.xml
Layout for list items in chooser
res/layout/cert_item.xml
New resources for dialog including comments for translators.
res/values/strings.xml
New dialog based KeyChainActivity. Now also shows requesting app
and requesting server. Now can preselect a specified alias. New
link directly to CertInstaller.
src/com/android/keychain/KeyChainActivity.java
Fix KeyChainTestActivity to work with TestKeyStore changes that
were causing network activity on the UI to look up the name of
localhost. Also track KeyChain.choosePrivateKeyAlias API change.
tests/src/com/android/keychain/tests/KeyChainTestActivity.java
Change-Id: I07128fba8750f9a6bcb9c6be5da04df992403d69
Diffstat (limited to 'keystore')
-rw-r--r-- | keystore/java/android/security/Credentials.java | 16 | ||||
-rw-r--r-- | keystore/java/android/security/KeyChain.java | 45 |
2 files changed, 52 insertions, 9 deletions
diff --git a/keystore/java/android/security/Credentials.java b/keystore/java/android/security/Credentials.java index fd6c22c..ab4b9e0 100644 --- a/keystore/java/android/security/Credentials.java +++ b/keystore/java/android/security/Credentials.java @@ -71,6 +71,13 @@ public class Credentials { /** Data type for PKCS12. */ public static final String PKCS12 = "PKCS12"; + // historically used by Android + public static final String EXTENSION_CRT = ".crt"; + public static final String EXTENSION_P12 = ".p12"; + // commonly used on Windows + public static final String EXTENSION_CER = ".cer"; + public static final String EXTENSION_PFX = ".pfx"; + /** * Convert objects to a PEM format, which is used for * CA_CERTIFICATE, USER_CERTIFICATE, and USER_PRIVATE_KEY @@ -130,6 +137,15 @@ public class Credentials { return intent; } + public void install(Context context) { + try { + Intent intent = createInstallIntent(); + context.startActivity(intent); + } catch (ActivityNotFoundException e) { + Log.w(LOGTAG, e.toString()); + } + } + public void install(Context context, KeyPair pair) { try { Intent intent = createInstallIntent(); diff --git a/keystore/java/android/security/KeyChain.java b/keystore/java/android/security/KeyChain.java index 4f1596d..18011e6 100644 --- a/keystore/java/android/security/KeyChain.java +++ b/keystore/java/android/security/KeyChain.java @@ -22,6 +22,7 @@ import android.accounts.AccountManagerFuture; import android.accounts.AuthenticatorException; import android.accounts.OperationCanceledException; import android.app.Activity; +import android.app.PendingIntent; import android.content.ComponentName; import android.content.Context; import android.content.Intent; @@ -93,6 +94,26 @@ public final class KeyChain { public static final String EXTRA_RESPONSE = "response"; /** + * @hide Also used by KeyChainActivity implementation + */ + public static final String EXTRA_HOST = "host"; + + /** + * @hide Also used by KeyChainActivity implementation + */ + public static final String EXTRA_PORT = "port"; + + /** + * @hide Also used by KeyChainActivity implementation + */ + public static final String EXTRA_ALIAS = "alias"; + + /** + * @hide Also used by KeyChainActivity implementation + */ + public static final String EXTRA_SENDER = "sender"; + + /** * Launches an {@code Activity} for the user to select the alias * for a private key and certificate pair for authentication. The * selected alias or null will be returned via the @@ -106,6 +127,9 @@ public final class KeyChain { * <p>{@code host} and {@code port} may be used to give the user * more context about the server requesting the credentials. * + * <p>{@code alias} allows the chooser to preselect an existing + * alias which will still be subject to user confirmation. + * * <p>This method requires the caller to hold the permission * {@link android.Manifest.permission#USE_CREDENTIALS}. * @@ -123,14 +147,17 @@ public final class KeyChain { * certificate, or null if unavailable. * @param port The port number of the server requesting the * certificate, or -1 if unavailable. + * @param alias The alias to preselect if available, or null if + * unavailable. */ public static void choosePrivateKeyAlias(Activity activity, KeyChainAliasCallback response, String[] keyTypes, Principal[] issuers, - String host, int port) { + String host, int port, + String alias) { /* - * TODO currently keyTypes, issuers, host, and port are - * unused. They are meant to follow the semantics and purpose - * of X509KeyManager method arguments. + * TODO currently keyTypes, issuers are unused. They are meant + * to follow the semantics and purpose of X509KeyManager + * method arguments. * * keyTypes would allow the list to be filtered and typically * will be set correctly by the server. In practice today, @@ -142,11 +169,6 @@ public final class KeyChain { * server. Others will send none. If this is used, if there * are no matches after applying the constraint, it should be * ignored. - * - * host and port may be shown to the user if available, but it - * should be clear that they are not validated values, perhaps - * shown along with requesting application identity to clarify - * the source of the request. */ if (activity == null) { throw new NullPointerException("activity == null"); @@ -156,6 +178,11 @@ public final class KeyChain { } Intent intent = new Intent("com.android.keychain.CHOOSER"); intent.putExtra(EXTRA_RESPONSE, new AliasResponse(activity, response)); + intent.putExtra(EXTRA_HOST, host); + intent.putExtra(EXTRA_PORT, port); + intent.putExtra(EXTRA_ALIAS, alias); + // the PendingIntent is used to get calling package name + intent.putExtra(EXTRA_SENDER, PendingIntent.getActivity(activity, 0, new Intent(), 0)); activity.startActivity(intent); } |