summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorIrfan Sheriff <isheriff@google.com>2013-03-29 17:32:44 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>2013-03-29 17:32:44 +0000
commit964a6a7e209b0db262c827721ae5fde3f98ca763 (patch)
treead982613f17950d1eb50b5acda3c8f3ba712d1b1
parent76a407442e0567e6c658cab546c32efc92711dc0 (diff)
parent8b643c13f97c0f304a45039b9d1fe6900940499e (diff)
downloadframeworks_base-964a6a7e209b0db262c827721ae5fde3f98ca763.zip
frameworks_base-964a6a7e209b0db262c827721ae5fde3f98ca763.tar.gz
frameworks_base-964a6a7e209b0db262c827721ae5fde3f98ca763.tar.bz2
Merge "Scope certs for wifi UID and handle migration" into jb-mr2-dev
-rw-r--r--wifi/java/android/net/wifi/WifiConfigStore.java2
-rw-r--r--wifi/java/android/net/wifi/WifiEnterpriseConfig.java41
2 files changed, 34 insertions, 9 deletions
diff --git a/wifi/java/android/net/wifi/WifiConfigStore.java b/wifi/java/android/net/wifi/WifiConfigStore.java
index 2385c24..47f1fbf 100644
--- a/wifi/java/android/net/wifi/WifiConfigStore.java
+++ b/wifi/java/android/net/wifi/WifiConfigStore.java
@@ -1468,6 +1468,8 @@ class WifiConfigStore {
if (config.enterpriseConfig.migrateOldEapTlsNative(mWifiNative, netId)) {
saveConfig();
}
+
+ config.enterpriseConfig.migrateCerts(mKeyStore);
}
private String removeDoubleQuotes(String string) {
diff --git a/wifi/java/android/net/wifi/WifiEnterpriseConfig.java b/wifi/java/android/net/wifi/WifiEnterpriseConfig.java
index 95ffb1c..f73a13c 100644
--- a/wifi/java/android/net/wifi/WifiEnterpriseConfig.java
+++ b/wifi/java/android/net/wifi/WifiEnterpriseConfig.java
@@ -17,9 +17,9 @@ package android.net.wifi;
import android.os.Parcel;
import android.os.Parcelable;
+import android.os.Process;
import android.security.Credentials;
import android.text.TextUtils;
-import android.util.Log;
import com.android.org.bouncycastle.asn1.ASN1InputStream;
import com.android.org.bouncycastle.asn1.ASN1Sequence;
@@ -481,7 +481,7 @@ public class WifiEnterpriseConfig implements Parcelable {
String caCertName = Credentials.CA_CERTIFICATE + name;
if (mClientCertificate != null) {
byte[] privKeyData = mClientPrivateKey.getEncoded();
- ret = keyStore.importKey(privKeyName, privKeyData);
+ ret = keyStore.importKey(privKeyName, privKeyData, Process.WIFI_UID);
if (ret == false) {
return ret;
}
@@ -489,7 +489,7 @@ public class WifiEnterpriseConfig implements Parcelable {
ret = putCertInKeyStore(keyStore, userCertName, mClientCertificate);
if (ret == false) {
// Remove private key installed
- keyStore.delKey(privKeyName);
+ keyStore.delKey(privKeyName, Process.WIFI_UID);
return ret;
}
}
@@ -499,8 +499,8 @@ public class WifiEnterpriseConfig implements Parcelable {
if (ret == false) {
if (mClientCertificate != null) {
// Remove client key+cert
- keyStore.delKey(privKeyName);
- keyStore.delete(userCertName);
+ keyStore.delKey(privKeyName, Process.WIFI_UID);
+ keyStore.delete(userCertName, Process.WIFI_UID);
}
return ret;
}
@@ -525,7 +525,7 @@ public class WifiEnterpriseConfig implements Parcelable {
Certificate cert) {
try {
byte[] certData = Credentials.convertToPem(cert);
- return keyStore.put(name, certData);
+ return keyStore.put(name, certData, Process.WIFI_UID);
} catch (IOException e1) {
return false;
} catch (CertificateException e2) {
@@ -537,14 +537,14 @@ public class WifiEnterpriseConfig implements Parcelable {
String client = getFieldValue(CLIENT_CERT_KEY, CLIENT_CERT_PREFIX);
// a valid client certificate is configured
if (!TextUtils.isEmpty(client)) {
- keyStore.delKey(Credentials.USER_PRIVATE_KEY + client);
- keyStore.delete(Credentials.USER_CERTIFICATE + client);
+ keyStore.delKey(Credentials.USER_PRIVATE_KEY + client, Process.WIFI_UID);
+ keyStore.delete(Credentials.USER_CERTIFICATE + client, Process.WIFI_UID);
}
String ca = getFieldValue(CA_CERT_KEY, CA_CERT_PREFIX);
// a valid ca certificate is configured
if (!TextUtils.isEmpty(ca)) {
- keyStore.delete(Credentials.CA_CERTIFICATE + ca);
+ keyStore.delete(Credentials.CA_CERTIFICATE + ca, Process.WIFI_UID);
}
}
@@ -625,6 +625,29 @@ public class WifiEnterpriseConfig implements Parcelable {
return true;
}
+ /** Migrate certs from global pool to wifi UID if not already done */
+ void migrateCerts(android.security.KeyStore keyStore) {
+ String client = getFieldValue(CLIENT_CERT_KEY, CLIENT_CERT_PREFIX);
+ // a valid client certificate is configured
+ if (!TextUtils.isEmpty(client)) {
+ if (!keyStore.contains(Credentials.USER_PRIVATE_KEY + client, Process.WIFI_UID)) {
+ keyStore.duplicate(Credentials.USER_PRIVATE_KEY + client, -1,
+ Credentials.USER_PRIVATE_KEY + client, Process.WIFI_UID);
+ keyStore.duplicate(Credentials.USER_CERTIFICATE + client, -1,
+ Credentials.USER_CERTIFICATE + client, Process.WIFI_UID);
+ }
+ }
+
+ String ca = getFieldValue(CA_CERT_KEY, CA_CERT_PREFIX);
+ // a valid ca certificate is configured
+ if (!TextUtils.isEmpty(ca)) {
+ if (!keyStore.contains(Credentials.CA_CERTIFICATE + ca, Process.WIFI_UID)) {
+ keyStore.duplicate(Credentials.CA_CERTIFICATE + ca, -1,
+ Credentials.CA_CERTIFICATE + ca, Process.WIFI_UID);
+ }
+ }
+ }
+
private String removeDoubleQuotes(String string) {
int length = string.length();
if ((length > 1) && (string.charAt(0) == '"')