Merge "Unify manual and programmatic key installation flows"
diff --git a/res/values/config.xml b/res/values/config.xml
index 062c1ce..25f6905 100644
--- a/res/values/config.xml
+++ b/res/values/config.xml
@@ -15,8 +15,6 @@
-->
<resources>
- <bool name="config_auto_cert_approval">true</bool>
-
<string name="config_system_install_component" translatable="false">com.android.settings/com.android.settings.security.CredentialStorage</string>
</resources>
diff --git a/src/com/android/certinstaller/CredentialHelper.java b/src/com/android/certinstaller/CredentialHelper.java
index 229ba3e..7c8607d 100644
--- a/src/com/android/certinstaller/CredentialHelper.java
+++ b/src/com/android/certinstaller/CredentialHelper.java
@@ -335,12 +335,8 @@
}
private void maybeApproveCaCert(Context context, String alias) {
- // Some CTS verifier test asks testers to reset auto approved CA cert by removing
- // lock sreen, but it's not possible if we don't have Android lock screen. (e.g.
- // Android is running in the container). In this case, disable auto cert approval.
final KeyguardManager keyguardManager = context.getSystemService(KeyguardManager.class);
- if (keyguardManager.isDeviceSecure(UserHandle.myUserId())
- && context.getResources().getBoolean(R.bool.config_auto_cert_approval)) {
+ if (keyguardManager.isDeviceSecure(UserHandle.myUserId())) {
// Since the cert is installed by real user, the cert is approved by the user
final DevicePolicyManager dpm = context.getSystemService(DevicePolicyManager.class);
dpm.approveCaCert(alias, UserHandle.myUserId(), true);