Merge "Key installation/generation in unmanaged mode" into ub-testdpc-qt

Author: eranmes

app/src/main/java/com/afwsamples/testdpc/policy/PolicyManagementFragment.java

@@ -1286,16 +1286,22 @@ private void setStatusBarDisabled(boolean disable) {
     @TargetApi(28)
     private boolean installKeyPair(final PrivateKey key, final Certificate cert, final String alias,
                                    boolean isUserSelectable) {
-        if (BuildCompat.isAtLeastP()) {
-            return mDevicePolicyManager.installKeyPair(
-                    mAdminComponentName, key, new Certificate[]{cert}, alias,
-                    isUserSelectable ? DevicePolicyManager.INSTALLKEY_SET_USER_SELECTABLE : 0);
-        } else {
-            if (!isUserSelectable) {
-                throw new IllegalArgumentException(
-                        "Cannot set key as non-user-selectable prior to P");
+        try {
+            if (BuildCompat.isAtLeastP()) {
+
+                return mDevicePolicyManager.installKeyPair(
+                        mAdminComponentName, key, new Certificate[]{cert}, alias,
+                        isUserSelectable ? DevicePolicyManager.INSTALLKEY_SET_USER_SELECTABLE : 0);
+            } else {
+                if (!isUserSelectable) {
+                    throw new IllegalArgumentException(
+                            "Cannot set key as non-user-selectable prior to P");
+                }
+                return mDevicePolicyManager.installKeyPair(mAdminComponentName, key, cert, alias);
             }
-            return mDevicePolicyManager.installKeyPair(mAdminComponentName, key, cert, alias);
+        } catch (SecurityException e) {
+            Log.w(TAG, "Not allowed to install keys", e);
+            return false;
         }
     }
 

app/src/main/java/com/afwsamples/testdpc/policy/keymanagement/GenerateKeyAndCertificateTask.java

@@ -127,6 +127,8 @@ protected AttestedKeyPair doInBackground(Void... voids) {
             Log.e(TAG, "Failed to create certificate", e);
         } catch (StrongBoxUnavailableException e) {
             Log.e(TAG, "StrongBox unavailable", e);
+        } catch (SecurityException e) {
+            Log.e(TAG, "Not permitted to generate key", e);
         }
 
         return null;
@@ -150,7 +152,7 @@ private void showToast(int msgId, String extra) {
         Toast.makeText(
                 mActivity,
                 mActivity.getResources().getString(msgId) + " " + extra,
-                Toast.LENGTH_SHORT);
+                Toast.LENGTH_SHORT).show();
     }
 
     @TargetApi(28)

app/src/main/res/xml/device_policy_header.xml

@@ -225,12 +225,13 @@
             android:key="install_key_certificate"
             android:title="@string/install_key_certificate"
             testdpc:minSdkVersion="L"
+            testdpc:admin="any"
             testdpc:delegation="delegation-cert-install" />
         <com.afwsamples.testdpc.common.preference.DpcPreference
             android:key="remove_key_certificate"
             android:title="@string/remove_key_certificate"
             testdpc:minSdkVersion="N"
-            testdpc:delegation="delegation-cert-install" />
+            testdpc:admin="any" />
         <com.afwsamples.testdpc.common.preference.DpcEditTextPreference
             android:key="override_key_selection"
             android:title="@string/key_override_alias"
@@ -239,7 +240,7 @@
             android:key="generate_key_and_certificate"
             android:title="@string/generate_key_and_certificate"
             testdpc:minSdkVersion="P"
-            testdpc:delegation="delegation-cert-install" />
+            testdpc:admin="any" />
         <com.afwsamples.testdpc.common.preference.DpcPreference
             android:key="test_key_usability"
             android:title="@string/test_key_usage"