1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.net.config; 18 19 import android.os.Environment; 20 import android.os.UserHandle; 21 import java.io.File; 22 23 /** 24 * {@link CertificateSource} based on the system trusted CA store. 25 * @hide 26 */ 27 public final class SystemCertificateSource extends DirectoryCertificateSource { 28 private static class NoPreloadHolder { 29 private static final SystemCertificateSource INSTANCE = new SystemCertificateSource(); 30 } 31 32 private final File mUserRemovedCaDir; 33 SystemCertificateSource()34 private SystemCertificateSource() { 35 super(new File(System.getenv("ANDROID_ROOT") + "/etc/security/cacerts")); 36 File configDir = Environment.getUserConfigDirectory(UserHandle.myUserId()); 37 mUserRemovedCaDir = new File(configDir, "cacerts-removed"); 38 } 39 getInstance()40 public static SystemCertificateSource getInstance() { 41 return NoPreloadHolder.INSTANCE; 42 } 43 44 @Override isCertMarkedAsRemoved(String caFile)45 protected boolean isCertMarkedAsRemoved(String caFile) { 46 return new File(mUserRemovedCaDir, caFile).exists(); 47 } 48 } 49