DPMS isCredentialManagementApp add null check

* Check if policy is null before checking if
  an alias is contained in the policy

Bug: 174666058
Test: atest android.admin.cts.DevicePolicyManagerTest#testGenerateKeyPair_failIfNotProfileOwner
      atest android.admin.cts.DevicePolicyManagerTest#testSetKeyPairCertificate_failIfNotProfileOwner
Change-Id: I2e1e0d550cc5131c6042c0aa628b00abe7f04077

1 files changed, 5 insertions, 1 deletions

diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 02894b16c079..f2c99e63644c 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -5839,7 +5839,11 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
         // Should include alias in authentication policy
         try (KeyChainConnection connection = KeyChain.bindAsUser(mContext,
                 caller.getUserHandle())) {
-            if (!containsAlias(connection.getService().getCredentialManagementAppPolicy(), alias)) {
+            // The policy will be null if there is no credential management app
+            AppUriAuthenticationPolicy policy =
+                    connection.getService().getCredentialManagementAppPolicy();
+            if (policy == null || policy.getAppAndUriMappings().isEmpty()
+                    || !containsAlias(policy, alias)) {
                 return false;
             }
         } catch (RemoteException | InterruptedException e) {