Example 1 with WorkerThread
use of android.annotation.WorkerThread in project android_frameworks_base by ResurrectionRemix.
the class KeyChain method bindAsUser.
/**
* @hide
*/
@WorkerThread
public static KeyChainConnection bindAsUser(@NonNull Context context, UserHandle user) throws InterruptedException {
if (context == null) {
throw new NullPointerException("context == null");
}
ensureNotOnMainThread(context);
final BlockingQueue<IKeyChainService> q = new LinkedBlockingQueue<IKeyChainService>(1);
ServiceConnection keyChainServiceConnection = new ServiceConnection() {
volatile boolean mConnectedAtLeastOnce = false;
@Override
public void onServiceConnected(ComponentName name, IBinder service) {
if (!mConnectedAtLeastOnce) {
mConnectedAtLeastOnce = true;
try {
q.put(IKeyChainService.Stub.asInterface(service));
} catch (InterruptedException e) {
// will never happen, since the queue starts with one available slot
}
}
}
@Override
public void onServiceDisconnected(ComponentName name) {
}
};
Intent intent = new Intent(IKeyChainService.class.getName());
ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0);
intent.setComponent(comp);
if (comp == null || !context.bindServiceAsUser(intent, keyChainServiceConnection, Context.BIND_AUTO_CREATE, user)) {
throw new AssertionError("could not bind to KeyChainService");
}
return new KeyChainConnection(context, keyChainServiceConnection, q.take());
}
Also used :
ServiceConnection(android.content.ServiceConnection)
IBinder(android.os.IBinder)
ComponentName(android.content.ComponentName)
Intent(android.content.Intent)
PendingIntent(android.app.PendingIntent)
LinkedBlockingQueue(java.util.concurrent.LinkedBlockingQueue)
WorkerThread(android.annotation.WorkerThread)
Example 2 with WorkerThread
use of android.annotation.WorkerThread in project android_frameworks_base by ResurrectionRemix.
the class KeyChain method getCertificateChain.
/**
* Returns the {@code X509Certificate} chain for the requested
* alias, or null if there is no result.
* <p>
* <strong>Note:</strong> If a certificate chain was explicitly specified when the alias was
* installed, this method will return that chain. If only the client certificate was specified
* at the installation time, this method will try to build a certificate chain using all
* available trust anchors (preinstalled and user-added).
*
* <p> This method may block while waiting for a connection to another process, and must never
* be called from the main thread.
* <p> As {@link Activity} and {@link Service} contexts are short-lived and can be destroyed
* at any time from the main thread, it is safer to rely on a long-lived context such as one
* returned from {@link Context#getApplicationContext()}.
*
* @param alias The alias of the desired certificate chain, typically
* returned via {@link KeyChainAliasCallback#alias}.
* @throws KeyChainException if the alias was valid but there was some problem accessing it.
* @throws IllegalStateException if called from the main thread.
*/
@Nullable
@WorkerThread
public static X509Certificate[] getCertificateChain(@NonNull Context context, @NonNull String alias) throws KeyChainException, InterruptedException {
if (alias == null) {
throw new NullPointerException("alias == null");
}
KeyChainConnection keyChainConnection = bind(context.getApplicationContext());
try {
IKeyChainService keyChainService = keyChainConnection.getService();
final byte[] certificateBytes = keyChainService.getCertificate(alias);
if (certificateBytes == null) {
return null;
}
X509Certificate leafCert = toCertificate(certificateBytes);
final byte[] certChainBytes = keyChainService.getCaCertificates(alias);
// DevicePolicyManager.installKeyPair or CertInstaller, return that chain.
if (certChainBytes != null && certChainBytes.length != 0) {
Collection<X509Certificate> chain = toCertificates(certChainBytes);
ArrayList<X509Certificate> fullChain = new ArrayList<>(chain.size() + 1);
fullChain.add(leafCert);
fullChain.addAll(chain);
return fullChain.toArray(new X509Certificate[fullChain.size()]);
} else {
// If there isn't a certificate chain, either due to a pre-existing keypair
// installed before N, or no chain is explicitly installed under the new logic,
// fall back to old behavior of constructing the chain from trusted credentials.
//
// This logic exists to maintain old behaviour for already installed keypair, at
// the cost of potentially returning extra certificate chain for new clients who
// explicitly installed only the client certificate without a chain. The latter
// case is actually no different from pre-N behaviour of getCertificateChain(),
// in that sense this change introduces no regression. Besides the returned chain
// is still valid so the consumer of the chain should have no problem verifying it.
TrustedCertificateStore store = new TrustedCertificateStore();
List<X509Certificate> chain = store.getCertificateChain(leafCert);
return chain.toArray(new X509Certificate[chain.size()]);
}
} catch (CertificateException e) {
throw new KeyChainException(e);
} catch (RemoteException e) {
throw new KeyChainException(e);
} catch (RuntimeException e) {
// only certain RuntimeExceptions can be propagated across the IKeyChainService call
throw new KeyChainException(e);
} finally {
keyChainConnection.close();
}
}
Also used :
TrustedCertificateStore(com.android.org.conscrypt.TrustedCertificateStore)
ArrayList(java.util.ArrayList)
CertificateException(java.security.cert.CertificateException)
X509Certificate(java.security.cert.X509Certificate)
RemoteException(android.os.RemoteException)
WorkerThread(android.annotation.WorkerThread)
Nullable(android.annotation.Nullable)
Example 3 with WorkerThread
use of android.annotation.WorkerThread in project android_frameworks_base by DirtyUnicorns.
the class KeyChain method getCertificateChain.
/**
* Returns the {@code X509Certificate} chain for the requested
* alias, or null if there is no result.
* <p>
* <strong>Note:</strong> If a certificate chain was explicitly specified when the alias was
* installed, this method will return that chain. If only the client certificate was specified
* at the installation time, this method will try to build a certificate chain using all
* available trust anchors (preinstalled and user-added).
*
* <p> This method may block while waiting for a connection to another process, and must never
* be called from the main thread.
* <p> As {@link Activity} and {@link Service} contexts are short-lived and can be destroyed
* at any time from the main thread, it is safer to rely on a long-lived context such as one
* returned from {@link Context#getApplicationContext()}.
*
* @param alias The alias of the desired certificate chain, typically
* returned via {@link KeyChainAliasCallback#alias}.
* @throws KeyChainException if the alias was valid but there was some problem accessing it.
* @throws IllegalStateException if called from the main thread.
*/
@Nullable
@WorkerThread
public static X509Certificate[] getCertificateChain(@NonNull Context context, @NonNull String alias) throws KeyChainException, InterruptedException {
if (alias == null) {
throw new NullPointerException("alias == null");
}
KeyChainConnection keyChainConnection = bind(context.getApplicationContext());
try {
IKeyChainService keyChainService = keyChainConnection.getService();
final byte[] certificateBytes = keyChainService.getCertificate(alias);
if (certificateBytes == null) {
return null;
}
X509Certificate leafCert = toCertificate(certificateBytes);
final byte[] certChainBytes = keyChainService.getCaCertificates(alias);
// DevicePolicyManager.installKeyPair or CertInstaller, return that chain.
if (certChainBytes != null && certChainBytes.length != 0) {
Collection<X509Certificate> chain = toCertificates(certChainBytes);
ArrayList<X509Certificate> fullChain = new ArrayList<>(chain.size() + 1);
fullChain.add(leafCert);
fullChain.addAll(chain);
return fullChain.toArray(new X509Certificate[fullChain.size()]);
} else {
// If there isn't a certificate chain, either due to a pre-existing keypair
// installed before N, or no chain is explicitly installed under the new logic,
// fall back to old behavior of constructing the chain from trusted credentials.
//
// This logic exists to maintain old behaviour for already installed keypair, at
// the cost of potentially returning extra certificate chain for new clients who
// explicitly installed only the client certificate without a chain. The latter
// case is actually no different from pre-N behaviour of getCertificateChain(),
// in that sense this change introduces no regression. Besides the returned chain
// is still valid so the consumer of the chain should have no problem verifying it.
TrustedCertificateStore store = new TrustedCertificateStore();
List<X509Certificate> chain = store.getCertificateChain(leafCert);
return chain.toArray(new X509Certificate[chain.size()]);
}
} catch (CertificateException e) {
throw new KeyChainException(e);
} catch (RemoteException e) {
throw new KeyChainException(e);
} catch (RuntimeException e) {
// only certain RuntimeExceptions can be propagated across the IKeyChainService call
throw new KeyChainException(e);
} finally {
keyChainConnection.close();
}
}
Also used :
TrustedCertificateStore(com.android.org.conscrypt.TrustedCertificateStore)
ArrayList(java.util.ArrayList)
CertificateException(java.security.cert.CertificateException)
X509Certificate(java.security.cert.X509Certificate)
RemoteException(android.os.RemoteException)
WorkerThread(android.annotation.WorkerThread)
Nullable(android.annotation.Nullable)
Example 4 with WorkerThread
use of android.annotation.WorkerThread in project platform_frameworks_base by android.
the class KeyChain method bindAsUser.
/**
* @hide
*/
@WorkerThread
public static KeyChainConnection bindAsUser(@NonNull Context context, UserHandle user) throws InterruptedException {
if (context == null) {
throw new NullPointerException("context == null");
}
ensureNotOnMainThread(context);
final BlockingQueue<IKeyChainService> q = new LinkedBlockingQueue<IKeyChainService>(1);
ServiceConnection keyChainServiceConnection = new ServiceConnection() {
volatile boolean mConnectedAtLeastOnce = false;
@Override
public void onServiceConnected(ComponentName name, IBinder service) {
if (!mConnectedAtLeastOnce) {
mConnectedAtLeastOnce = true;
try {
q.put(IKeyChainService.Stub.asInterface(service));
} catch (InterruptedException e) {
// will never happen, since the queue starts with one available slot
}
}
}
@Override
public void onServiceDisconnected(ComponentName name) {
}
};
Intent intent = new Intent(IKeyChainService.class.getName());
ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0);
intent.setComponent(comp);
if (comp == null || !context.bindServiceAsUser(intent, keyChainServiceConnection, Context.BIND_AUTO_CREATE, user)) {
throw new AssertionError("could not bind to KeyChainService");
}
return new KeyChainConnection(context, keyChainServiceConnection, q.take());
}
Also used :
ServiceConnection(android.content.ServiceConnection)
IBinder(android.os.IBinder)
ComponentName(android.content.ComponentName)
Intent(android.content.Intent)
PendingIntent(android.app.PendingIntent)
LinkedBlockingQueue(java.util.concurrent.LinkedBlockingQueue)
WorkerThread(android.annotation.WorkerThread)
Example 5 with WorkerThread
use of android.annotation.WorkerThread in project android_frameworks_base by crdroidandroid.
the class KeyChain method bindAsUser.
/**
* @hide
*/
@WorkerThread
public static KeyChainConnection bindAsUser(@NonNull Context context, UserHandle user) throws InterruptedException {
if (context == null) {
throw new NullPointerException("context == null");
}
ensureNotOnMainThread(context);
final BlockingQueue<IKeyChainService> q = new LinkedBlockingQueue<IKeyChainService>(1);
ServiceConnection keyChainServiceConnection = new ServiceConnection() {
volatile boolean mConnectedAtLeastOnce = false;
@Override
public void onServiceConnected(ComponentName name, IBinder service) {
if (!mConnectedAtLeastOnce) {
mConnectedAtLeastOnce = true;
try {
q.put(IKeyChainService.Stub.asInterface(service));
} catch (InterruptedException e) {
// will never happen, since the queue starts with one available slot
}
}
}
@Override
public void onServiceDisconnected(ComponentName name) {
}
};
Intent intent = new Intent(IKeyChainService.class.getName());
ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0);
intent.setComponent(comp);
if (comp == null || !context.bindServiceAsUser(intent, keyChainServiceConnection, Context.BIND_AUTO_CREATE, user)) {
throw new AssertionError("could not bind to KeyChainService");
}
return new KeyChainConnection(context, keyChainServiceConnection, q.take());
}
Also used :
ServiceConnection(android.content.ServiceConnection)
IBinder(android.os.IBinder)
ComponentName(android.content.ComponentName)
Intent(android.content.Intent)
PendingIntent(android.app.PendingIntent)
LinkedBlockingQueue(java.util.concurrent.LinkedBlockingQueue)
WorkerThread(android.annotation.WorkerThread)
Aggregations
WorkerThread (android.annotation.WorkerThread)24
Activity (android.app.Activity)7
Context (android.content.Context)7
UserHandle (android.os.UserHandle)7
ArraySet (android.util.ArraySet)7
LegacyVpnInfo (com.android.internal.net.LegacyVpnInfo)7
VpnProfile (com.android.internal.net.VpnProfile)7
Nullable (android.annotation.Nullable)5
PendingIntent (android.app.PendingIntent)5
ComponentName (android.content.ComponentName)5
Intent (android.content.Intent)5
ServiceConnection (android.content.ServiceConnection)5
IBinder (android.os.IBinder)5
RemoteException (android.os.RemoteException)5
TrustedCertificateStore (com.android.org.conscrypt.TrustedCertificateStore)5
CertificateException (java.security.cert.CertificateException)5
X509Certificate (java.security.cert.X509Certificate)5
ArrayList (java.util.ArrayList)5
LinkedBlockingQueue (java.util.concurrent.LinkedBlockingQueue)5
