diff options
| author | Chung-yih Wang <cywang@google.com> | 2009-09-01 16:45:13 +0800 |
|---|---|---|
| committer | Chung-yih Wang <cywang@google.com> | 2009-09-01 16:45:13 +0800 |
| commit | 09960230bf3d46ec1e7cbcfd8b07dfe007b9fa96 (patch) | |
| tree | 0cdb96cc728125bcae41709a027811cbd6beee2b /keystore | |
| parent | c98d68cd56338ec57695b3c35114fbde88d4bde8 (diff) | |
| download | frameworks_base-09960230bf3d46ec1e7cbcfd8b07dfe007b9fa96.zip frameworks_base-09960230bf3d46ec1e7cbcfd8b07dfe007b9fa96.tar.gz frameworks_base-09960230bf3d46ec1e7cbcfd8b07dfe007b9fa96.tar.bz2 | |
Store CA certificate chain into one single key entry with PEM format.
Extract all CA certificates in a PKCS12 keystore into a single entry in keystore with multiple PEMs.
Diffstat (limited to 'keystore')
| -rw-r--r-- | keystore/java/android/security/CertTool.java | 12 | ||||
| -rw-r--r-- | keystore/jni/cert.c | 22 |
2 files changed, 17 insertions, 17 deletions
diff --git a/keystore/java/android/security/CertTool.java b/keystore/java/android/security/CertTool.java index d1174ad..6caeb3e 100644 --- a/keystore/java/android/security/CertTool.java +++ b/keystore/java/android/security/CertTool.java @@ -163,15 +163,9 @@ public class CertTool { return ret; } } - while ((pemData = this.popPkcs12CertificateStack(handle)) != null) { - if (i++ > 0) { - if ((ret = sKeystore.put(CA_CERTIFICATE, keyname + i, pemData)) != 0) { - return ret; - } - } else { - if ((ret = sKeystore.put(CA_CERTIFICATE, keyname, pemData)) != 0) { - return ret; - } + if ((pemData = this.popPkcs12CertificateStack(handle)) != null) { + if ((ret = sKeystore.put(CA_CERTIFICATE, keyname, pemData)) != 0) { + return ret; } } return 0; diff --git a/keystore/jni/cert.c b/keystore/jni/cert.c index 006a0a3..d5d57f7 100644 --- a/keystore/jni/cert.c +++ b/keystore/jni/cert.c @@ -212,13 +212,14 @@ static int convert_to_pem(void *data, int is_cert, char *buf, int size) } err: if (bio) BIO_free(bio); - return (len == 0) ? -1 : 0; + return len; } int get_pkcs12_certificate(PKCS12_KEYSTORE *p12store, char *buf, int size) { if ((p12store != NULL) && (p12store->cert != NULL)) { - return convert_to_pem((void*)p12store->cert, 1, buf, size); + int len = convert_to_pem((void*)p12store->cert, 1, buf, size); + return (len == 0) ? -1 : 0; } return -1; } @@ -226,7 +227,8 @@ int get_pkcs12_certificate(PKCS12_KEYSTORE *p12store, char *buf, int size) int get_pkcs12_private_key(PKCS12_KEYSTORE *p12store, char *buf, int size) { if ((p12store != NULL) && (p12store->pkey != NULL)) { - return convert_to_pem((void*)p12store->pkey, 0, buf, size); + int len = convert_to_pem((void*)p12store->pkey, 0, buf, size); + return (len == 0) ? -1 : 0; } return -1; } @@ -234,12 +236,16 @@ int get_pkcs12_private_key(PKCS12_KEYSTORE *p12store, char *buf, int size) int pop_pkcs12_certs_stack(PKCS12_KEYSTORE *p12store, char *buf, int size) { X509 *cert = NULL; + int len = 0; - if ((p12store != NULL) && (p12store->certs != NULL) && - ((cert = sk_X509_pop(p12store->certs)) != NULL)) { - int ret = convert_to_pem((void*)cert, 1, buf, size); - X509_free(cert); - return ret; + if ((p12store != NULL) && (p12store->certs != NULL)) { + while (((cert = sk_X509_pop(p12store->certs)) != NULL) && (len < size)) { + int s = convert_to_pem((void*)cert, 1, buf + len, size - len); + if (s == 0) return -1; + len += s; + X509_free(cert); + } + return (len == 0) ? -1 : 0; } return -1; } |