Examples with WorkerThread android.annotation.WorkerThread used on opensource projects

Example 6 with WorkerThread

use of android.annotation.WorkerThread in project android_frameworks_base by AOSPA.

the class KeyChain method getCertificateChain.

/**
     * Returns the {@code X509Certificate} chain for the requested
     * alias, or null if there is no result.
     * <p>
     * <strong>Note:</strong> If a certificate chain was explicitly specified when the alias was
     * installed, this method will return that chain. If only the client certificate was specified
     * at the installation time, this method will try to build a certificate chain using all
     * available trust anchors (preinstalled and user-added).
     *
     * <p> This method may block while waiting for a connection to another process, and must never
     * be called from the main thread.
     * <p> As {@link Activity} and {@link Service} contexts are short-lived and can be destroyed
     * at any time from the main thread, it is safer to rely on a long-lived context such as one
     * returned from {@link Context#getApplicationContext()}.
     *
     * @param alias The alias of the desired certificate chain, typically
     * returned via {@link KeyChainAliasCallback#alias}.
     * @throws KeyChainException if the alias was valid but there was some problem accessing it.
     * @throws IllegalStateException if called from the main thread.
     */
@Nullable
@WorkerThread
public static X509Certificate[] getCertificateChain(@NonNull Context context, @NonNull String alias) throws KeyChainException, InterruptedException {
    if (alias == null) {
        throw new NullPointerException("alias == null");
    }
    KeyChainConnection keyChainConnection = bind(context.getApplicationContext());
    try {
        IKeyChainService keyChainService = keyChainConnection.getService();
        final byte[] certificateBytes = keyChainService.getCertificate(alias);
        if (certificateBytes == null) {
            return null;
        }
        X509Certificate leafCert = toCertificate(certificateBytes);
        final byte[] certChainBytes = keyChainService.getCaCertificates(alias);
        // DevicePolicyManager.installKeyPair or CertInstaller, return that chain.
        if (certChainBytes != null && certChainBytes.length != 0) {
            Collection<X509Certificate> chain = toCertificates(certChainBytes);
            ArrayList<X509Certificate> fullChain = new ArrayList<>(chain.size() + 1);
            fullChain.add(leafCert);
            fullChain.addAll(chain);
            return fullChain.toArray(new X509Certificate[fullChain.size()]);
        } else {
            // If there isn't a certificate chain, either due to a pre-existing keypair
            // installed before N, or no chain is explicitly installed under the new logic,
            // fall back to old behavior of constructing the chain from trusted credentials.
            //
            // This logic exists to maintain old behaviour for already installed keypair, at
            // the cost of potentially returning extra certificate chain for new clients who
            // explicitly installed only the client certificate without a chain. The latter
            // case is actually no different from pre-N behaviour of getCertificateChain(),
            // in that sense this change introduces no regression. Besides the returned chain
            // is still valid so the consumer of the chain should have no problem verifying it.
            TrustedCertificateStore store = new TrustedCertificateStore();
            List<X509Certificate> chain = store.getCertificateChain(leafCert);
            return chain.toArray(new X509Certificate[chain.size()]);
        }
    } catch (CertificateException e) {
        throw new KeyChainException(e);
    } catch (RemoteException e) {
        throw new KeyChainException(e);
    } catch (RuntimeException e) {
        // only certain RuntimeExceptions can be propagated across the IKeyChainService call
        throw new KeyChainException(e);
    } finally {
        keyChainConnection.close();
    }
}

Example 7 with WorkerThread

use of android.annotation.WorkerThread in project platform_frameworks_base by android.

the class KeyChain method getCertificateChain.

/**
     * Returns the {@code X509Certificate} chain for the requested
     * alias, or null if there is no result.
     * <p>
     * <strong>Note:</strong> If a certificate chain was explicitly specified when the alias was
     * installed, this method will return that chain. If only the client certificate was specified
     * at the installation time, this method will try to build a certificate chain using all
     * available trust anchors (preinstalled and user-added).
     *
     * <p> This method may block while waiting for a connection to another process, and must never
     * be called from the main thread.
     * <p> As {@link Activity} and {@link Service} contexts are short-lived and can be destroyed
     * at any time from the main thread, it is safer to rely on a long-lived context such as one
     * returned from {@link Context#getApplicationContext()}.
     *
     * @param alias The alias of the desired certificate chain, typically
     * returned via {@link KeyChainAliasCallback#alias}.
     * @throws KeyChainException if the alias was valid but there was some problem accessing it.
     * @throws IllegalStateException if called from the main thread.
     */
@Nullable
@WorkerThread
public static X509Certificate[] getCertificateChain(@NonNull Context context, @NonNull String alias) throws KeyChainException, InterruptedException {
    if (alias == null) {
        throw new NullPointerException("alias == null");
    }
    KeyChainConnection keyChainConnection = bind(context.getApplicationContext());
    try {
        IKeyChainService keyChainService = keyChainConnection.getService();
        final byte[] certificateBytes = keyChainService.getCertificate(alias);
        if (certificateBytes == null) {
            return null;
        }
        X509Certificate leafCert = toCertificate(certificateBytes);
        final byte[] certChainBytes = keyChainService.getCaCertificates(alias);
        // DevicePolicyManager.installKeyPair or CertInstaller, return that chain.
        if (certChainBytes != null && certChainBytes.length != 0) {
            Collection<X509Certificate> chain = toCertificates(certChainBytes);
            ArrayList<X509Certificate> fullChain = new ArrayList<>(chain.size() + 1);
            fullChain.add(leafCert);
            fullChain.addAll(chain);
            return fullChain.toArray(new X509Certificate[fullChain.size()]);
        } else {
            // If there isn't a certificate chain, either due to a pre-existing keypair
            // installed before N, or no chain is explicitly installed under the new logic,
            // fall back to old behavior of constructing the chain from trusted credentials.
            //
            // This logic exists to maintain old behaviour for already installed keypair, at
            // the cost of potentially returning extra certificate chain for new clients who
            // explicitly installed only the client certificate without a chain. The latter
            // case is actually no different from pre-N behaviour of getCertificateChain(),
            // in that sense this change introduces no regression. Besides the returned chain
            // is still valid so the consumer of the chain should have no problem verifying it.
            TrustedCertificateStore store = new TrustedCertificateStore();
            List<X509Certificate> chain = store.getCertificateChain(leafCert);
            return chain.toArray(new X509Certificate[chain.size()]);
        }
    } catch (CertificateException e) {
        throw new KeyChainException(e);
    } catch (RemoteException e) {
        throw new KeyChainException(e);
    } catch (RuntimeException e) {
        // only certain RuntimeExceptions can be propagated across the IKeyChainService call
        throw new KeyChainException(e);
    } finally {
        keyChainConnection.close();
    }
}

Example 8 with WorkerThread

use of android.annotation.WorkerThread in project android_frameworks_base by DirtyUnicorns.

the class KeyChain method bindAsUser.

/**
     * @hide
     */
@WorkerThread
public static KeyChainConnection bindAsUser(@NonNull Context context, UserHandle user) throws InterruptedException {
    if (context == null) {
        throw new NullPointerException("context == null");
    }
    ensureNotOnMainThread(context);
    final BlockingQueue<IKeyChainService> q = new LinkedBlockingQueue<IKeyChainService>(1);
    ServiceConnection keyChainServiceConnection = new ServiceConnection() {

        volatile boolean mConnectedAtLeastOnce = false;

        @Override
        public void onServiceConnected(ComponentName name, IBinder service) {
            if (!mConnectedAtLeastOnce) {
                mConnectedAtLeastOnce = true;
                try {
                    q.put(IKeyChainService.Stub.asInterface(service));
                } catch (InterruptedException e) {
                // will never happen, since the queue starts with one available slot
                }
            }
        }

        @Override
        public void onServiceDisconnected(ComponentName name) {
        }
    };
    Intent intent = new Intent(IKeyChainService.class.getName());
    ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0);
    intent.setComponent(comp);
    if (comp == null || !context.bindServiceAsUser(intent, keyChainServiceConnection, Context.BIND_AUTO_CREATE, user)) {
        throw new AssertionError("could not bind to KeyChainService");
    }
    return new KeyChainConnection(context, keyChainServiceConnection, q.take());
}

Example 9 with WorkerThread

use of android.annotation.WorkerThread in project android_frameworks_base by AOSPA.

the class KeyChain method bindAsUser.

/**
     * @hide
     */
@WorkerThread
public static KeyChainConnection bindAsUser(@NonNull Context context, UserHandle user) throws InterruptedException {
    if (context == null) {
        throw new NullPointerException("context == null");
    }
    ensureNotOnMainThread(context);
    final BlockingQueue<IKeyChainService> q = new LinkedBlockingQueue<IKeyChainService>(1);
    ServiceConnection keyChainServiceConnection = new ServiceConnection() {

        volatile boolean mConnectedAtLeastOnce = false;

        @Override
        public void onServiceConnected(ComponentName name, IBinder service) {
            if (!mConnectedAtLeastOnce) {
                mConnectedAtLeastOnce = true;
                try {
                    q.put(IKeyChainService.Stub.asInterface(service));
                } catch (InterruptedException e) {
                // will never happen, since the queue starts with one available slot
                }
            }
        }

        @Override
        public void onServiceDisconnected(ComponentName name) {
        }
    };
    Intent intent = new Intent(IKeyChainService.class.getName());
    ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0);
    intent.setComponent(comp);
    if (comp == null || !context.bindServiceAsUser(intent, keyChainServiceConnection, Context.BIND_AUTO_CREATE, user)) {
        throw new AssertionError("could not bind to KeyChainService");
    }
    return new KeyChainConnection(context, keyChainServiceConnection, q.take());
}

Example 10 with WorkerThread

use of android.annotation.WorkerThread in project Resurrection_packages_apps_Settings by ResurrectionRemix.

the class VpnSettings method getAlwaysOnAppVpnInfos.

@WorkerThread
private Set<AppVpnInfo> getAlwaysOnAppVpnInfos() {
    Set<AppVpnInfo> result = new ArraySet<>();
    for (UserHandle profile : mUserManager.getUserProfiles()) {
        final int profileId = profile.getIdentifier();
        final String packageName = mConnectivityManager.getAlwaysOnVpnPackageForUser(profileId);
        if (packageName != null) {
            result.add(new AppVpnInfo(profileId, packageName));
        }
    }
    return result;
}