Merge "Unify manual and programmatic key installation flows"
diff --git a/src/com/android/certinstaller/CertInstaller.java b/src/com/android/certinstaller/CertInstaller.java
index 8b381cb..061ba77 100644
--- a/src/com/android/certinstaller/CertInstaller.java
+++ b/src/com/android/certinstaller/CertInstaller.java
@@ -189,11 +189,6 @@
Toast.makeText(this, getString(R.string.cert_is_added, mCredentials.getName()),
Toast.LENGTH_LONG).show();
- if (mCredentials.includesVpnAndAppsTrustAnchors()) {
- // more work to do, don't finish just yet
- new InstallVpnAndAppsTrustAnchorsTask().execute();
- return;
- }
setResult(RESULT_OK);
finish();
break;
@@ -355,7 +350,7 @@
switch ((int) id) {
case USAGE_TYPE_SYSTEM:
ca_capabilities_warning.setVisibility(
- mCredentials.includesVpnAndAppsTrustAnchors() ?
+ mCredentials.hasOnlyVpnAndAppsTrustAnchors() ?
View.VISIBLE : View.GONE);
mCredentials.setInstallAsUid(KeyStore.UID_SELF);
break;
@@ -389,6 +384,14 @@
removeDialog(NAME_CREDENTIAL_DIALOG);
mCredentials.setName(name);
+ // If there's only a CA certificate to install, then it's going to be used
+ // as a trust anchor. Install it and skip importing to Keystore.
+ if (mCredentials.hasOnlyVpnAndAppsTrustAnchors()) {
+ // more work to do, don't finish just yet
+ new InstallVpnAndAppsTrustAnchorsTask().execute();
+ return;
+ }
+
// install everything to system keystore
try {
startActivityForResult(
diff --git a/src/com/android/certinstaller/CredentialHelper.java b/src/com/android/certinstaller/CredentialHelper.java
index 5560ef3..7c8607d 100644
--- a/src/com/android/certinstaller/CredentialHelper.java
+++ b/src/com/android/certinstaller/CredentialHelper.java
@@ -281,22 +281,17 @@
intent.setComponent(ComponentName.unflattenFromString(
context.getString(R.string.config_system_install_component)));
intent.putExtra(Credentials.EXTRA_INSTALL_AS_UID, mUid);
+ intent.putExtra(Credentials.EXTRA_USER_KEY_ALIAS, mName);
try {
if (mUserKey != null) {
- intent.putExtra(Credentials.EXTRA_USER_PRIVATE_KEY_NAME,
- Credentials.USER_PRIVATE_KEY + mName);
intent.putExtra(Credentials.EXTRA_USER_PRIVATE_KEY_DATA,
mUserKey.getEncoded());
}
if (mUserCert != null) {
- intent.putExtra(Credentials.EXTRA_USER_CERTIFICATE_NAME,
- Credentials.USER_CERTIFICATE + mName);
intent.putExtra(Credentials.EXTRA_USER_CERTIFICATE_DATA,
Credentials.convertToPem(mUserCert));
}
if (!mCaCerts.isEmpty()) {
- intent.putExtra(Credentials.EXTRA_CA_CERTIFICATES_NAME,
- Credentials.CA_CERTIFICATE + mName);
X509Certificate[] caCerts
= mCaCerts.toArray(new X509Certificate[mCaCerts.size()]);
intent.putExtra(Credentials.EXTRA_CA_CERTIFICATES_DATA,
@@ -428,10 +423,10 @@
}
/**
- * Returns whether this credential contains CA certificates to be used as trust anchors
+ * Returns true if this credential contains _only_ CA certificates to be used as trust anchors
* for VPN and apps.
*/
- public boolean includesVpnAndAppsTrustAnchors() {
+ public boolean hasOnlyVpnAndAppsTrustAnchors() {
if (!hasCaCerts()) {
return false;
}