Merge "wifi: WifiEnterpriseConfig: use ParcelUtil to parcelize key and certificates"
This commit is contained in:
Treehugger Robot
@@ -183,48 +183,14 @@ public class WifiEnterpriseConfig implements Parcelable {
|
||||
|
||||
dest.writeInt(mEapMethod);
|
||||
dest.writeInt(mPhase2Method);
|
||||
writeCertificates(dest, mCaCerts);
|
||||
|
||||
if (mClientPrivateKey != null) {
|
||||
String algorithm = mClientPrivateKey.getAlgorithm();
|
||||
byte[] userKeyBytes = mClientPrivateKey.getEncoded();
|
||||
dest.writeInt(userKeyBytes.length);
|
||||
dest.writeByteArray(userKeyBytes);
|
||||
dest.writeString(algorithm);
|
||||
} else {
|
||||
dest.writeInt(0);
|
||||
}
|
||||
|
||||
writeCertificate(dest, mClientCertificate);
|
||||
}
|
||||
|
||||
private void writeCertificates(Parcel dest, X509Certificate[] cert) {
|
||||
if (cert != null && cert.length != 0) {
|
||||
dest.writeInt(cert.length);
|
||||
for (int i = 0; i < cert.length; i++) {
|
||||
writeCertificate(dest, cert[i]);
|
||||
}
|
||||
} else {
|
||||
dest.writeInt(0);
|
||||
}
|
||||
}
|
||||
|
||||
private void writeCertificate(Parcel dest, X509Certificate cert) {
|
||||
if (cert != null) {
|
||||
try {
|
||||
byte[] certBytes = cert.getEncoded();
|
||||
dest.writeInt(certBytes.length);
|
||||
dest.writeByteArray(certBytes);
|
||||
} catch (CertificateEncodingException e) {
|
||||
dest.writeInt(0);
|
||||
}
|
||||
} else {
|
||||
dest.writeInt(0);
|
||||
}
|
||||
ParcelUtil.writeCertificates(dest, mCaCerts);
|
||||
ParcelUtil.writePrivateKey(dest, mClientPrivateKey);
|
||||
ParcelUtil.writeCertificate(dest, mClientCertificate);
|
||||
}
|
||||
|
||||
public static final Creator<WifiEnterpriseConfig> CREATOR =
|
||||
new Creator<WifiEnterpriseConfig>() {
|
||||
@Override
|
||||
public WifiEnterpriseConfig createFromParcel(Parcel in) {
|
||||
WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();
|
||||
int count = in.readInt();
|
||||
@@ -236,58 +202,13 @@ public class WifiEnterpriseConfig implements Parcelable {
|
||||
|
||||
enterpriseConfig.mEapMethod = in.readInt();
|
||||
enterpriseConfig.mPhase2Method = in.readInt();
|
||||
enterpriseConfig.mCaCerts = readCertificates(in);
|
||||
|
||||
PrivateKey userKey = null;
|
||||
int len = in.readInt();
|
||||
if (len > 0) {
|
||||
try {
|
||||
byte[] bytes = new byte[len];
|
||||
in.readByteArray(bytes);
|
||||
String algorithm = in.readString();
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
|
||||
userKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes));
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
userKey = null;
|
||||
} catch (InvalidKeySpecException e) {
|
||||
userKey = null;
|
||||
}
|
||||
}
|
||||
|
||||
enterpriseConfig.mClientPrivateKey = userKey;
|
||||
enterpriseConfig.mClientCertificate = readCertificate(in);
|
||||
enterpriseConfig.mCaCerts = ParcelUtil.readCertificates(in);
|
||||
enterpriseConfig.mClientPrivateKey = ParcelUtil.readPrivateKey(in);
|
||||
enterpriseConfig.mClientCertificate = ParcelUtil.readCertificate(in);
|
||||
return enterpriseConfig;
|
||||
}
|
||||
|
||||
private X509Certificate[] readCertificates(Parcel in) {
|
||||
X509Certificate[] certs = null;
|
||||
int len = in.readInt();
|
||||
if (len > 0) {
|
||||
certs = new X509Certificate[len];
|
||||
for (int i = 0; i < len; i++) {
|
||||
certs[i] = readCertificate(in);
|
||||
}
|
||||
}
|
||||
return certs;
|
||||
}
|
||||
|
||||
private X509Certificate readCertificate(Parcel in) {
|
||||
X509Certificate cert = null;
|
||||
int len = in.readInt();
|
||||
if (len > 0) {
|
||||
try {
|
||||
byte[] bytes = new byte[len];
|
||||
in.readByteArray(bytes);
|
||||
CertificateFactory cFactory = CertificateFactory.getInstance("X.509");
|
||||
cert = (X509Certificate) cFactory
|
||||
.generateCertificate(new ByteArrayInputStream(bytes));
|
||||
} catch (CertificateException e) {
|
||||
cert = null;
|
||||
}
|
||||
}
|
||||
return cert;
|
||||
}
|
||||
|
||||
@Override
|
||||
public WifiEnterpriseConfig[] newArray(int size) {
|
||||
return new WifiEnterpriseConfig[size];
|
||||
}
|
||||
|
||||
@@ -73,6 +73,37 @@ public class FakeKeys {
|
||||
"-----END CERTIFICATE-----\n";
|
||||
public static final X509Certificate CA_CERT1 = loadCertificate(CA_CERT1_STRING);
|
||||
|
||||
private static final String CLIENT_CERT_STR = "-----BEGIN CERTIFICATE-----\n" +
|
||||
"MIIE/DCCAuQCAQEwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMxCzAJBgNV\n" +
|
||||
"BAgMAkNBMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAwDgYDVQQKDAdUZXN0aW5n\n" +
|
||||
"MB4XDTE2MDkzMDIwNTQyOFoXDTE3MDkzMDIwNTQyOFowRDELMAkGA1UEBhMCVVMx\n" +
|
||||
"CzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAwDgYDVQQKDAdU\n" +
|
||||
"ZXN0aW5nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnpmcbuaeHfnJ\n" +
|
||||
"k+2QNvxmdVFTawyFMNk0USCq5sexscwmxbewG/Rb8YnixwJWS44v2XkSujB67z5C\n" +
|
||||
"s2qudFEhRXKdEuC6idbAuA97KjipHh0AAniWMsyv61fvbgsUC0b0canx3LiDq81p\n" +
|
||||
"y28NNGmAvoazLZUZ4AhBRiwYZY6FKk723gmZoGbEIeG7J1dlXPusc1662rIjz4eU\n" +
|
||||
"zlmmlvqyHfNqnNk8L14Vug6Xh+lOEGN85xhu1YHAEKGrS89kZxs5rum/cZU8KH2V\n" +
|
||||
"v6eKnY03kxjiVLQtnLpm/7VUEoCMGHyruRj+p3my4+DgqMsmsH52RZCBsjyGlpbU\n" +
|
||||
"NOwOTIX6xh+Rqloduz4AnrMYYIiIw2s8g+2zJM7VbcVKx0fGS26BKdrxgrXWfmNE\n" +
|
||||
"nR0/REQ5AxDGw0jfTUvtdTkXAf+K4MDjcNLEZ+MA4rHfAfQWZtUR5BkHCQYxNpJk\n" +
|
||||
"pA0gyk+BpKdC4WdzI14NSWsu5sRCmBCFqH6BTOSEq/V1cNorBxNwLSSTwFFqUDqx\n" +
|
||||
"Y5nQLXygkJf9WHZWtSKeSjtOYgilz7UKzC2s3CsjmIyGFe+SwpuHJnuE4Uc8Z5Cb\n" +
|
||||
"bjNGHPzqL6XnmzZHJp7RF8kBdKdjGC7dCUltzOfICZeKlzOOq+Kw42T/nXjuXvpb\n" +
|
||||
"nkXNxg741Nwd6RecykXJbseFwm3EYxkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEA\n" +
|
||||
"Ga1mGwI9aXkL2fTPXO9YkAPzoGeX8aeuVYSQaSkNq+5vnogYCyAt3YDHjRG+ewTT\n" +
|
||||
"WbnPA991xRAPac+biJeXWmwvgGj0YuT7e79phAiGkTTnbAjFHGfYnBy/tI/v7btO\n" +
|
||||
"hRNElA5yTJ1m2fVbBEKXzMR83jrT9iyI+YLRN86zUZIaC86xxSbqnrdWN2jOK6MX\n" +
|
||||
"dS8Arp9tPQjC/4gW+2Ilxv68jiYh+5auWHQZVjppWVY//iu4mAbkq1pTwQEhZ8F8\n" +
|
||||
"Zrmh9DHh60hLFcfSuhIAwf/NMzppwdkjy1ruKVrpijhGKGp4OWu8nvOUgHSzxc7F\n" +
|
||||
"PwpVZ5N2Ku4L8MLO6BG2VasRJK7l17TzDXlfLZHJjkuryOFxVaQKt8ZNFgTOaCXS\n" +
|
||||
"E+gpTLksKU7riYckoiP4+H1sn9qcis0e8s4o/uf1UVc8GSdDw61ReGM5oZEDm1u8\n" +
|
||||
"H9x20QU6igLqzyBpqvCKv7JNgU1uB2PAODHH78zJiUfnKd1y+o+J1iWzaGj3EFji\n" +
|
||||
"T8AXksbTP733FeFXfggXju2dyBH+Z1S5BBTEOd1brWgXlHSAZGm97MKZ94r6/tkX\n" +
|
||||
"qfv3fCos0DKz0oV7qBxYS8wiYhzrRVxG6ITAoH8uuUVVQaZF+G4nJ2jEqNbfuKyX\n" +
|
||||
"ATQsVNjNNlDA0J33GobPMjT326wa4YAWMx8PI5PJZ3g=\n" +
|
||||
"-----END CERTIFICATE-----\n";
|
||||
public static final X509Certificate CLIENT_CERT = loadCertificate(CLIENT_CERT_STR);
|
||||
|
||||
private static final byte[] FAKE_RSA_KEY_1 = new byte[] {
|
||||
(byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x78, (byte) 0x02, (byte) 0x01,
|
||||
(byte) 0x00, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a,
|
||||
|
||||
@@ -16,10 +16,12 @@
|
||||
|
||||
package android.net.wifi;
|
||||
|
||||
import static org.junit.Assert.assertArrayEquals;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import android.net.wifi.WifiEnterpriseConfig.Eap;
|
||||
import android.net.wifi.WifiEnterpriseConfig.Phase2;
|
||||
@@ -30,6 +32,7 @@ import android.test.suitebuilder.annotation.SmallTest;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.X509Certificate;
|
||||
|
||||
|
||||
@@ -259,6 +262,45 @@ public class WifiEnterpriseConfigTest {
|
||||
assertEquals("\"autheap=GTC\"", getSupplicantPhase2Method());
|
||||
}
|
||||
|
||||
/**
|
||||
* Verifies that parceling a WifiEnterpriseConfig preserves the key
|
||||
* and certificates information.
|
||||
*/
|
||||
@Test
|
||||
public void parcelConfigWithKeyAndCerts() throws Exception {
|
||||
WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();
|
||||
PrivateKey clientKey = FakeKeys.RSA_KEY1;
|
||||
X509Certificate clientCert = FakeKeys.CLIENT_CERT;
|
||||
X509Certificate[] caCerts = new X509Certificate[] {FakeKeys.CA_CERT0, FakeKeys.CA_CERT1};
|
||||
enterpriseConfig.setClientKeyEntry(clientKey, clientCert);
|
||||
enterpriseConfig.setCaCertificates(caCerts);
|
||||
Parcel parcel = Parcel.obtain();
|
||||
enterpriseConfig.writeToParcel(parcel, 0);
|
||||
|
||||
parcel.setDataPosition(0); // Allow parcel to be read from the beginning.
|
||||
mEnterpriseConfig = WifiEnterpriseConfig.CREATOR.createFromParcel(parcel);
|
||||
PrivateKey actualClientKey = mEnterpriseConfig.getClientPrivateKey();
|
||||
X509Certificate actualClientCert = mEnterpriseConfig.getClientCertificate();
|
||||
X509Certificate[] actualCaCerts = mEnterpriseConfig.getCaCertificates();
|
||||
|
||||
/* Verify client private key. */
|
||||
assertNotNull(actualClientKey);
|
||||
assertEquals(clientKey.getAlgorithm(), actualClientKey.getAlgorithm());
|
||||
assertArrayEquals(clientKey.getEncoded(), actualClientKey.getEncoded());
|
||||
|
||||
/* Verify client certificate. */
|
||||
assertNotNull(actualClientCert);
|
||||
assertArrayEquals(clientCert.getEncoded(), actualClientCert.getEncoded());
|
||||
|
||||
/* Verify CA certificates. */
|
||||
assertNotNull(actualCaCerts);
|
||||
assertEquals(caCerts.length, actualCaCerts.length);
|
||||
for (int i = 0; i < caCerts.length; i++) {
|
||||
assertNotNull(actualCaCerts[i]);
|
||||
assertArrayEquals(caCerts[i].getEncoded(), actualCaCerts[i].getEncoded());
|
||||
}
|
||||
}
|
||||
|
||||
/** Verifies proper operation of the getKeyId() method. */
|
||||
@Test
|
||||
public void getKeyId() {
|
||||
|
||||
Reference in New Issue
Block a user