如何在卸载应用程序时删除应用程序安装的受信任 CA 证书
我有一个应用程序提供安装 CA 证书的选项,它存储在 Trusted Credentials 的用户选项卡中,并且按预期工作.
I have an app that gives option to install CA cert and it gets stored in the user tab of Trusted Credentials and it works as expected.
仅供参考 (这是我安装证书的方式):
Intent installIntent = KeyChain.createInstallIntent();
javax.security.cert.X509Certificate x509 = javax.security.cert.X509Certificate.getInstance(caRootCertBytes);
installIntent.putExtra(KeyChain.EXTRA_CERTIFICATE, x509.getEncoded());
installIntent.putExtra(KeyChain.EXTRA_NAME,caRootCertName);
startActivity(installIntent);
如果应用已卸载,则证书仍保留在受信任的凭据中.
If the app is uninstalled the cert remains in the Trusted credentials.
我希望在卸载应用程序时卸载证书.
I would like the cert to be uninstalled when the application is uninstalled.
我想过使用 删除证书KeyStore 的 deleteEntry 方法.
I thought of removing the cert using deleteEntry method of KeyStore.
仅供参考 (虽然我还没有测试过.希望它应该可以工作.我会在测试后更新)
javax.security.cert.X509Certificate x509 = javax.security.cert.X509Certificate.getInstance(caRootCertBytes);
KeyStore ks = KeyStore.getInstance("AndroidCAStore")
if (ks != null)
{
ks.load(null, null);
Enumeration<String> aliases = ks.aliases();
while (aliases.hasMoreElements())
{
String alias = (String) aliases.nextElement();
java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias);
String name = x509.getIssuerDN().getName();
if (cert.getIssuerDN().getName().contains(name))
{
ks. deleteEntry(alias)
}
}
}
即使您认为上述代码有效,我也无法注册广播接收器以卸载我自己的应用程序.
Even though if you consider above code works AFAIK I can't register broadcast receiver for uninstallation of my own app.
我如何才能在卸载我的应用时删除我的应用安装的证书?
感谢任何帮助!
推荐答案
你无法为你自己的包获得卸载包的广播.这可能会导致系统不一致.看到这个答案
you cant get the broadcast of package getting uninstalled for your own package. this may lead to inconsistency in the system. see this answer
相关文章