diff --git a/telephony/java/android/telephony/CarrierConfigManager.java b/telephony/java/android/telephony/CarrierConfigManager.java
index 03d354b9097c921a1f804511efd552ff32e1fba9..82353f72045db441d0882824a2a5d70ef6afc9b9 100644
--- a/telephony/java/android/telephony/CarrierConfigManager.java
+++ b/telephony/java/android/telephony/CarrierConfigManager.java
@@ -3999,8 +3999,9 @@ public class CarrierConfigManager {
"mmi_two_digit_number_pattern_string_array";
/**
- * Holds the list of carrier certificate hashes.
- * Note that each carrier has its own certificates.
+ * Holds the list of carrier certificate hashes, followed by optional package names.
+ * Format: "sha1/256" or "sha1/256:package1,package2,package3..."
+ * Note that each carrier has its own hashes.
*/
public static final String KEY_CARRIER_CERTIFICATE_STRING_ARRAY =
"carrier_certificate_string_array";
diff --git a/telephony/java/android/telephony/UiccAccessRule.java b/telephony/java/android/telephony/UiccAccessRule.java
index 12bb36647f8f747ce9300f2766d7354e1e12bd16..2765349f3bf3a4678149748f651d60080c74ad18 100644
--- a/telephony/java/android/telephony/UiccAccessRule.java
+++ b/telephony/java/android/telephony/UiccAccessRule.java
@@ -35,6 +35,7 @@ import java.io.DataOutputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
@@ -52,6 +53,16 @@ public final class UiccAccessRule implements Parcelable {
private static final int ENCODING_VERSION = 1;
+ /**
+ * Delimiter used to decode {@link CarrierConfigManager#KEY_CARRIER_CERTIFICATE_STRING_ARRAY}.
+ */
+ private static final String DELIMITER_CERTIFICATE_HASH_PACKAGE_NAMES = ":";
+
+ /**
+ * Delimiter used to decode {@link CarrierConfigManager#KEY_CARRIER_CERTIFICATE_STRING_ARRAY}.
+ */
+ private static final String DELIMITER_INDIVIDUAL_PACKAGE_NAMES = ",";
+
public static final @android.annotation.NonNull Creator<UiccAccessRule> CREATOR = new Creator<UiccAccessRule>() {
@Override
public UiccAccessRule createFromParcel(Parcel in) {
@@ -97,6 +108,36 @@ public final class UiccAccessRule implements Parcelable {
}
}
+ /**
+ * Decodes {@link CarrierConfigManager#KEY_CARRIER_CERTIFICATE_STRING_ARRAY} values.
+ * @hide
+ */
+ @Nullable
+ public static UiccAccessRule[] decodeRulesFromCarrierConfig(@Nullable String[] certs) {
+ if (certs == null) {
+ return null;
+ }
+ List<UiccAccessRule> carrierConfigAccessRulesArray = new ArrayList();
+ for (String cert : certs) {
+ String[] splitStr = cert.split(DELIMITER_CERTIFICATE_HASH_PACKAGE_NAMES);
+ byte[] certificateHash = IccUtils.hexStringToBytes(splitStr[0]);
+ if (splitStr.length == 1) {
+ // The value is a certificate hash, without any package name
+ carrierConfigAccessRulesArray.add(new UiccAccessRule(certificateHash, null, 0));
+ } else {
+ // The value is composed of the certificate hash followed by at least one
+ // package name
+ String[] packageNames = splitStr[1].split(DELIMITER_INDIVIDUAL_PACKAGE_NAMES);
+ for (String packageName : packageNames) {
+ carrierConfigAccessRulesArray.add(
+ new UiccAccessRule(certificateHash, packageName, 0));
+ }
+ }
+ }
+ return carrierConfigAccessRulesArray.toArray(
+ new UiccAccessRule[carrierConfigAccessRulesArray.size()]);
+ }
+
/**
* Decodes a byte array generated with {@link #encodeRules}.
* @hide
@@ -214,6 +255,14 @@ public final class UiccAccessRule implements Parcelable {
return TelephonyManager.CARRIER_PRIVILEGE_STATUS_NO_ACCESS;
}
+ /**
+ * Returns true if the given certificate and package name match this rule's values.
+ * @hide
+ */
+ public boolean matches(@Nullable String certHash, @Nullable String packageName) {
+ return matches(IccUtils.hexStringToBytes(certHash), packageName);
+ }
+
private boolean matches(byte[] certHash, String packageName) {
return certHash != null && Arrays.equals(this.mCertificateHash, certHash) &&
(TextUtils.isEmpty(this.mPackageName) || this.mPackageName.equals(packageName));