Merge "Apply client chain when installing enterprise credentials"

author: Treehugger Robot <treehugger-gerrit@google.com> 2017-01-28 01:38:30 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2017-01-28 01:38:31 +0000
commit: 7e78e525b7000d46707f1e96041d4b3f1324ead0 (patch)
tree: 4200b7110932890e48de989281c521ddd1d0ea50 /service
parent: ef75dd759a44224c55d2a15878474c84f257f807 (diff)
parent: a969fe6659ebfa8f1882743f09eb22f7ee4ca913 (diff)
1 files changed, 19 insertions, 4 deletions
diff --git a/service/java/com/android/server/wifi/WifiKeyStore.java b/service/java/com/android/server/wifi/WifiKeyStore.java
index b667fd4c9..e36c50188 100644
--- a/service/java/com/android/server/wifi/WifiKeyStore.java
+++ b/service/java/com/android/server/wifi/WifiKeyStore.java
@@ -85,7 +85,8 @@ public class WifiKeyStore {
         boolean ret = true;
         String privKeyName = Credentials.USER_PRIVATE_KEY + name;
         String userCertName = Credentials.USER_CERTIFICATE + name;
-        if (config.getClientCertificate() != null) {
+        Certificate[] clientCertificateChain = config.getClientCertificateChain();
+        if (clientCertificateChain != null && clientCertificateChain.length != 0) {
             byte[] privKeyData = config.getClientPrivateKey().getEncoded();
             if (mVerboseLoggingEnabled) {
                 if (isHardwareBackedKey(config.getClientPrivateKey())) {
@@ -101,7 +102,7 @@ public class WifiKeyStore {
                 return ret;
             }
 
-            ret = putCertInKeyStore(userCertName, config.getClientCertificate());
+            ret = putCertsInKeyStore(userCertName, clientCertificateChain);
             if (!ret) {
                 // Remove private key installed
                 mKeyStore.delete(privKeyName, Process.WIFI_UID);
@@ -166,9 +167,23 @@ public class WifiKeyStore {
      * @return true on success
      */
     public boolean putCertInKeyStore(String name, Certificate cert) {
+        return putCertsInKeyStore(name, new Certificate[] {cert});
+    }
+
+    /**
+     * Install a client certificate chain into the keystore.
+     *
+     * @param name The alias name of the certificate to be installed
+     * @param certs The certificate chain to be installed
+     * @return true on success
+     */
+    public boolean putCertsInKeyStore(String name, Certificate[] certs) {
         try {
-            byte[] certData = Credentials.convertToPem(cert);
-            if (mVerboseLoggingEnabled) Log.d(TAG, "putting certificate " + name + " in keystore");
+            byte[] certData = Credentials.convertToPem(certs);
+            if (mVerboseLoggingEnabled) {
+                Log.d(TAG, "putting " + certs.length + " certificate(s) "
+                        + name + " in keystore");
+            }
             return mKeyStore.put(name, certData, Process.WIFI_UID, KeyStore.FLAG_NONE);
         } catch (IOException e1) {
             return false;
author	Treehugger Robot <treehugger-gerrit@google.com>	2017-01-28 01:38:30 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2017-01-28 01:38:31 +0000
commit	7e78e525b7000d46707f1e96041d4b3f1324ead0 (patch)
tree	4200b7110932890e48de989281c521ddd1d0ea50 /service
parent	ef75dd759a44224c55d2a15878474c84f257f807 (diff)
parent	a969fe6659ebfa8f1882743f09eb22f7ee4ca913 (diff)