From ff63e322ad9416cc9497b8b65f0b6b046131db75 Mon Sep 17 00:00:00 2001 From: Hai Shalom Date: Mon, 27 Jan 2020 11:26:02 -0800 Subject: [Passpoint] Use correct API for TLS private key Install TLS private key using the correct KeyStore API. Bug: 147596024 Test: Install a profile, confirm it is installed correctly. Test: Connect to Passpoint using EAP-TLS Change-Id: I049a73ae9c002cf429433b865e62fbe75156b6ab --- service/java/com/android/server/wifi/WifiKeyStore.java | 6 +++--- .../java/com/android/server/wifi/hotspot2/PasspointProvider.java | 7 ++++--- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/service/java/com/android/server/wifi/WifiKeyStore.java b/service/java/com/android/server/wifi/WifiKeyStore.java index 5444c4dab..e3bbfd5f5 100644 --- a/service/java/com/android/server/wifi/WifiKeyStore.java +++ b/service/java/com/android/server/wifi/WifiKeyStore.java @@ -157,7 +157,7 @@ public class WifiKeyStore { mKeyStore.setCertificateEntry(alias, cert); return true; } catch (KeyStoreException e) { - Log.e(TAG, "Failed to put CA certificate in keystore"); + Log.e(TAG, "Failed to put CA certificate in keystore: " + e.getMessage()); return false; } } @@ -172,10 +172,10 @@ public class WifiKeyStore { */ public boolean putUserPrivKeyAndCertsInKeyStore(String alias, Key key, Certificate[] certs) { try { - mKeyStore.setKeyEntry(alias, key.getEncoded(), certs); + mKeyStore.setKeyEntry(alias, key, null, certs); return true; } catch (KeyStoreException e) { - Log.e(TAG, "Failed to put CA certificate in keystore"); + Log.e(TAG, "Failed to put private key or certificate in keystore: " + e.getMessage()); return false; } } diff --git a/service/java/com/android/server/wifi/hotspot2/PasspointProvider.java b/service/java/com/android/server/wifi/hotspot2/PasspointProvider.java index d18c51fa4..7fe8fdbd2 100644 --- a/service/java/com/android/server/wifi/hotspot2/PasspointProvider.java +++ b/service/java/com/android/server/wifi/hotspot2/PasspointProvider.java @@ -261,7 +261,7 @@ public class PasspointProvider { for (int i = 0; i < x509Certificates.length; i++) { String alias = String.format("%s%s_%d", ALIAS_HS_TYPE, mProviderId, i); if (!mKeyStore.putCaCertInKeyStore(alias, x509Certificates[i])) { - Log.e(TAG, "Failed to install CA Certificate"); + Log.e(TAG, "Failed to install CA Certificate " + alias); uninstallCertsAndKeys(); return false; } else { @@ -285,7 +285,7 @@ public class PasspointProvider { } if (!mKeyStore.putUserPrivKeyAndCertsInKeyStore( keyName, clientKey, new Certificate[] {clientCert})) { - Log.e(TAG, "Failed to install client private key & certificate"); + Log.e(TAG, "Failed to install client private key or certificate"); uninstallCertsAndKeys(); return false; } @@ -561,7 +561,8 @@ public class PasspointProvider { EAPConstants.EAP_AKA_PRIME, wifiConfig.enterpriseConfig)); break; default: - Log.e(TAG, "Unsupport EAP method: " + wifiConfig.enterpriseConfig.getEapMethod()); + Log.e(TAG, "Unsupported EAP method: " + + wifiConfig.enterpriseConfig.getEapMethod()); return null; } if (credential.getUserCredential() == null && credential.getCertCredential() == null -- cgit v1.2.3