Merge "Allow certificates to be stored in the carrier app whitelist"

author: Gil O'Neil <goneil@google.com> 2018-02-23 21:18:40 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2018-02-23 21:18:40 +0000
commit: 183a553273ccbec7b32bfb5611dd88d9c524ab9f (patch)
tree: 99c06051e0f79bf1285a59f3d74377b44063adc9
parent: c9b2722cb8055e23a2ef903fe29244498a4b4255 (diff)
parent: 6db18a9badeaf76ccfdbf745fa356f2fe024df87 (diff)
4 files changed, 25 insertions, 11 deletions
diff --git a/api/system-current.txt b/api/system-current.txt
index d24a3138d7e6..2d3569c6d666 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -4176,6 +4176,7 @@ package android.provider {
     method public static boolean putString(android.content.ContentResolver, java.lang.String, java.lang.String, java.lang.String, boolean);
     method public static void resetToDefaults(android.content.ContentResolver, java.lang.String);
     field public static final java.lang.String AUTOFILL_COMPAT_ALLOWED_PACKAGES = "autofill_compat_allowed_packages";
+    field public static final java.lang.String CARRIER_APP_WHITELIST = "carrier_app_whitelist";
     field public static final java.lang.String DEFAULT_SM_DP_PLUS = "default_sm_dp_plus";
     field public static final java.lang.String INSTALL_CARRIER_APP_NOTIFICATION_PERSISTENT = "install_carrier_app_notification_persistent";
     field public static final java.lang.String INSTALL_CARRIER_APP_NOTIFICATION_SLEEP_MILLIS = "install_carrier_app_notification_sleep_millis";
@@ -5220,6 +5221,7 @@ package android.telephony {
     method public int describeContents();
     method public int getCarrierPrivilegeStatus(android.content.pm.PackageInfo);
     method public int getCarrierPrivilegeStatus(android.content.pm.Signature, java.lang.String);
+    method public java.lang.String getCertificateHexString();
     method public java.lang.String getPackageName();
     method public void writeToParcel(android.os.Parcel, int);
     field public static final android.os.Parcelable.Creator<android.telephony.UiccAccessRule> CREATOR;
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 1ae0bc4c60eb..09f637ecf4d5 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -9085,14 +9085,18 @@ public final class Settings {
          */
         public static final String TETHER_OFFLOAD_DISABLED = "tether_offload_disabled";
 
-       /**
-        * List of carrier apps which are whitelisted to prompt the user for install when
-        * a sim card with matching uicc carrier privilege rules is inserted.
-        *
-        * The value is "package1;package2;..."
-        * @hide
-        */
-       public static final String CARRIER_APP_WHITELIST = "carrier_app_whitelist";
+        /**
+         * List of certificate (hex string representation of the application's certificate - SHA-1
+         * or SHA-256) and carrier app package pairs which are whitelisted to prompt the user for
+         * install when a sim card with matching UICC carrier privilege rules is inserted.  The
+         * certificate is used as a key, so the certificate encoding here must be the same as the
+         * certificate encoding used on the SIM.
+         *
+         * The value is "cert1:package1;cert2:package2;..."
+         * @hide
+         */
+        @SystemApi
+        public static final String CARRIER_APP_WHITELIST = "carrier_app_whitelist";
 
        /**
         * USB Mass Storage Enabled
diff --git a/core/proto/android/providers/settings.proto b/core/proto/android/providers/settings.proto
index c35b2ece6070..3ea08793aad0 100644
--- a/core/proto/android/providers/settings.proto
+++ b/core/proto/android/providers/settings.proto
@@ -179,8 +179,9 @@ message GlobalSettingsProto {
     optional SettingProto tether_dun_required = 114 [ (android.privacy).dest = DEST_AUTOMATIC ];
     optional SettingProto tether_dun_apn = 115;
     optional SettingProto tether_offload_disabled = 301 [ (android.privacy).dest = DEST_AUTOMATIC ];
-    // List of carrier apps which are whitelisted to prompt the user for install
-    // when a SIM card with marchin UICC carrier privilege rules is inserted.
+    // List of carrier app certificate mapped to carrier app package id which are whitelisted to
+    // prompt the user for install when a SIM card with matching UICC carrier privilege rules is
+    // inserted.
     optional SettingProto carrier_app_whitelist = 116 [ (android.privacy).dest = DEST_AUTOMATIC ];
     optional SettingProto usb_mass_storage_enabled = 117 [ (android.privacy).dest = DEST_AUTOMATIC ];
     optional SettingProto use_google_mail = 118 [ (android.privacy).dest = DEST_AUTOMATIC ];
@@ -433,7 +434,7 @@ message GlobalSettingsProto {
 
     // Please insert fields in the same order as in
     // frameworks/base/core/java/android/provider/Settings.java.
-    // Next tag = 356;
+    // Next tag = 358;
 }
 
 message SecureSettingsProto {
diff --git a/telephony/java/android/telephony/UiccAccessRule.java b/telephony/java/android/telephony/UiccAccessRule.java
index c3f8a1930409..526733d357f6 100644
--- a/telephony/java/android/telephony/UiccAccessRule.java
+++ b/telephony/java/android/telephony/UiccAccessRule.java
@@ -157,6 +157,13 @@ public final class UiccAccessRule implements Parcelable {
     }
 
     /**
+     * Returns the hex string of the certificate hash.
+     */
+    public String getCertificateHexString() {
+        return IccUtils.bytesToHexString(mCertificateHash);
+    }
+
+    /**
      * Returns the carrier privilege status associated with the given package.
      *
      * @param packageInfo package info fetched from
author	Gil O'Neil <goneil@google.com>	2018-02-23 21:18:40 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2018-02-23 21:18:40 +0000
commit	183a553273ccbec7b32bfb5611dd88d9c524ab9f (patch)
tree	99c06051e0f79bf1285a59f3d74377b44063adc9
parent	c9b2722cb8055e23a2ef903fe29244498a4b4255 (diff)
parent	6db18a9badeaf76ccfdbf745fa356f2fe024df87 (diff)