Home | History | Annotate | Download | only in managedprovisioning 
      1 /*
      2  * Copyright (C) 2017 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 package com.android.cts.verifier.managedprovisioning;
     18 
     19 import android.app.Activity;
     20 import android.app.admin.DevicePolicyManager;
     21 import android.content.ComponentName;
     22 import android.content.Context;
     23 import android.os.Bundle;
     24 import android.util.Log;
     25 
     26 /**
     27  * A helper activity that executes commands sent from CtsVerifier in the primary user to the managed
     28  * profile in COMP mode.
     29  *
     30  * Note: We have to use a dummy activity because cross-profile intents only work for activities.
     31  */
     32 public class CompHelperActivity extends Activity {
     33 
     34     public static final String TAG = "CompHelperActivity";
     35 
     36     // Set always-on VPN.
     37     public static final String ACTION_SET_ALWAYS_ON_VPN
     38             = "com.android.cts.verifier.managedprovisioning.COMP_SET_ALWAYS_ON_VPN";
     39     // Install trusted CA cert.
     40     public static final String ACTION_INSTALL_CA_CERT
     41             = "com.android.cts.verifier.managedprovisioning.COMP_INSTALL_CA_CERT";
     42     // Set the number of login failures after which the managed profile is wiped.
     43     public static final String ACTION_SET_MAXIMUM_PASSWORD_ATTEMPTS
     44             = "com.android.cts.verifier.managedprovisioning.COMP_SET_MAXIMUM_PASSWORD_ATTEMPTS";
     45 
     46     /*
     47      * The CA cert below is the content of cacert.pem as generated by:
     48      *
     49      * openssl req -new -x509 -days 3650 -extensions v3_ca -keyout cakey.pem -out cacert.pem
     50      */
     51     private static final String TEST_CA =
     52             "-----BEGIN CERTIFICATE-----\n" +
     53             "MIIDXTCCAkWgAwIBAgIJAK9Tl/F9V8kSMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n" +
     54             "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n" +
     55             "aWRnaXRzIFB0eSBMdGQwHhcNMTUwMzA2MTczMjExWhcNMjUwMzAzMTczMjExWjBF\n" +
     56             "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n" +
     57             "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" +
     58             "CgKCAQEAvItOutsE75WBTgTyNAHt4JXQ3JoseaGqcC3WQij6vhrleWi5KJ0jh1/M\n" +
     59             "Rpry7Fajtwwb4t8VZa0NuM2h2YALv52w1xivql88zce/HU1y7XzbXhxis9o6SCI+\n" +
     60             "oVQSbPeXRgBPppFzBEh3ZqYTVhAqw451XhwdA4Aqs3wts7ddjwlUzyMdU44osCUg\n" +
     61             "kVg7lfPf9sTm5IoHVcfLSCWH5n6Nr9sH3o2ksyTwxuOAvsN11F/a0mmUoPciYPp+\n" +
     62             "q7DzQzdi7akRG601DZ4YVOwo6UITGvDyuAAdxl5isovUXqe6Jmz2/myTSpAKxGFs\n" +
     63             "jk9oRoG6WXWB1kni490GIPjJ1OceyQIDAQABo1AwTjAdBgNVHQ4EFgQUH1QIlPKL\n" +
     64             "p2OQ/AoLOjKvBW4zK3AwHwYDVR0jBBgwFoAUH1QIlPKLp2OQ/AoLOjKvBW4zK3Aw\n" +
     65             "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAcMi4voMMJHeQLjtq8Oky\n" +
     66             "Azpyk8moDwgCd4llcGj7izOkIIFqq/lyqKdtykVKUWz2bSHO5cLrtaOCiBWVlaCV\n" +
     67             "DYAnnVLM8aqaA6hJDIfaGs4zmwz0dY8hVMFCuCBiLWuPfiYtbEmjHGSmpQTG6Qxn\n" +
     68             "ZJlaK5CZyt5pgh5EdNdvQmDEbKGmu0wpCq9qjZImwdyAul1t/B0DrsWApZMgZpeI\n" +
     69             "d2od0VBrCICB1K4p+C51D93xyQiva7xQcCne+TAnGNy9+gjQ/MyR8MRpwRLv5ikD\n" +
     70             "u0anJCN8pXo6IMglfMAsoton1J6o5/ae5uhC6caQU8bNUsCK570gpNfjkzo6rbP0\n" +
     71             "wQ==\n" +
     72             "-----END CERTIFICATE-----";
     73 
     74     @Override
     75     protected void onCreate(Bundle savedInstanceState) {
     76         super.onCreate(savedInstanceState);
     77 
     78         final ComponentName admin = CompDeviceAdminTestReceiver.getReceiverComponentName();
     79         final DevicePolicyManager dpm = (DevicePolicyManager) getSystemService(
     80                 Context.DEVICE_POLICY_SERVICE);
     81 
     82         final String action = getIntent().getAction();
     83         if (ACTION_SET_ALWAYS_ON_VPN.equals(action)) {
     84             try {
     85                 dpm.setAlwaysOnVpnPackage(admin, getPackageName(), false /* lockdownEnabled */);
     86             } catch (Exception e) {
     87                 Log.e(TAG, "Unable to set always-on VPN", e);
     88             }
     89         } else if (ACTION_INSTALL_CA_CERT.equals(action)) {
     90             dpm.installCaCert(admin, TEST_CA.getBytes());
     91         } else if (ACTION_SET_MAXIMUM_PASSWORD_ATTEMPTS.equals(action)) {
     92             dpm.setMaximumFailedPasswordsForWipe(admin, 100);
     93         }
     94         finish();
     95     }
     96 }
     97