Allow CredentialStorageActivity to start as user 0
This means that we can use it as a proxy to install the appropriate
certificate for keystore
Bug: 167108868
Test: CtsVerifier - KeyChain Storage Test
Change-Id: I992cb1fa203d99c5e46e3c14bf9c3c8cc16562fe
Merged-In: Icd9c2fcae80b1876c346b06e0bf51f90103da013
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 1b6aa2c..c4d89d7 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -344,6 +344,7 @@
<activity android:name=".security.CredentialStorageActivity"
android:theme="@style/ActionDialogTheme"
android:launchMode="singleTop"
+ android:showForAllUsers="true"
android:configChanges="orientation|keyboardHidden|screenSize">
<intent-filter android:priority="1">
<action android:name="com.android.credentials.INSTALL" />
diff --git a/src/com/android/car/settings/security/CredentialStorageActivity.java b/src/com/android/car/settings/security/CredentialStorageActivity.java
index e9d49d7..2b69efe 100644
--- a/src/com/android/car/settings/security/CredentialStorageActivity.java
+++ b/src/com/android/car/settings/security/CredentialStorageActivity.java
@@ -17,6 +17,7 @@
package com.android.car.settings.security;
import android.app.Activity;
+import android.app.ActivityManager;
import android.car.userlib.CarUserManagerHelper;
import android.content.Context;
import android.content.Intent;
@@ -63,12 +64,14 @@
private final KeyStore mKeyStore = KeyStore.getInstance();
private CarUserManagerHelper mCarUserManagerHelper;
+ private UserManager mUserManager;
private LockPatternUtils mUtils;
@Override
protected void onCreate(@Nullable Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
mCarUserManagerHelper = new CarUserManagerHelper(this);
+ mUserManager = UserManager.get(this);
mUtils = new LockPatternUtils(this);
}
@@ -263,11 +266,12 @@
return false;
}
- credentialStorage.mUtils.resetKeyStore(
- credentialStorage.mCarUserManagerHelper.getCurrentProcessUserId());
+ UserHandle user = getUserHandleToUse(credentialStorage.mUserManager);
+ credentialStorage.mUtils.resetKeyStore(user.getIdentifier());
try {
- KeyChain.KeyChainConnection keyChainConnection = KeyChain.bind(credentialStorage);
+ KeyChain.KeyChainConnection keyChainConnection = KeyChain.bindAsUser(
+ credentialStorage, user);
try {
return keyChainConnection.getService().reset();
} catch (RemoteException e) {
@@ -322,8 +326,8 @@
|| credentialStorage.isDestroyed()) {
return false;
}
- try (KeyChain.KeyChainConnection keyChainConnection = KeyChain.bind(
- credentialStorage)) {
+ try (KeyChain.KeyChainConnection keyChainConnection = KeyChain.bindAsUser(
+ credentialStorage, getUserHandleToUse(credentialStorage.mUserManager))) {
keyChainConnection.getService().setUserSelectable(mAlias, true);
return true;
} catch (RemoteException e) {
@@ -347,4 +351,9 @@
credentialStorage.finish();
}
}
+
+ private static UserHandle getUserHandleToUse(UserManager userManager) {
+ return userManager.isHeadlessSystemUserMode()
+ ? UserHandle.SYSTEM : UserHandle.of(ActivityManager.getCurrentUser());
+ }
}