From 1e9dd72b641c4e1e5a0118e31c6de8aa0c848288 Mon Sep 17 00:00:00 2001 From: Peter Qiu Date: Fri, 30 Sep 2016 14:19:34 -0700 Subject: [PATCH] wifi: WifiEnterpriseConfig: use ParcelUtil to parcelize key and certificates Bug: 31834143 Test: frameworks/base/wifi/tests/runtest.sh Change-Id: Ie013c0637e66fb970746ad8f80bca03515b72443 --- .../net/wifi/WifiEnterpriseConfig.java | 95 ++----------------- wifi/tests/src/android/net/wifi/FakeKeys.java | 31 ++++++ .../net/wifi/WifiEnterpriseConfigTest.java | 44 ++++++++- 3 files changed, 82 insertions(+), 88 deletions(-) diff --git a/wifi/java/android/net/wifi/WifiEnterpriseConfig.java b/wifi/java/android/net/wifi/WifiEnterpriseConfig.java index c0e8bc200f63e..e410a9cf917eb 100644 --- a/wifi/java/android/net/wifi/WifiEnterpriseConfig.java +++ b/wifi/java/android/net/wifi/WifiEnterpriseConfig.java @@ -183,48 +183,14 @@ public class WifiEnterpriseConfig implements Parcelable { dest.writeInt(mEapMethod); dest.writeInt(mPhase2Method); - writeCertificates(dest, mCaCerts); - - if (mClientPrivateKey != null) { - String algorithm = mClientPrivateKey.getAlgorithm(); - byte[] userKeyBytes = mClientPrivateKey.getEncoded(); - dest.writeInt(userKeyBytes.length); - dest.writeByteArray(userKeyBytes); - dest.writeString(algorithm); - } else { - dest.writeInt(0); - } - - writeCertificate(dest, mClientCertificate); - } - - private void writeCertificates(Parcel dest, X509Certificate[] cert) { - if (cert != null && cert.length != 0) { - dest.writeInt(cert.length); - for (int i = 0; i < cert.length; i++) { - writeCertificate(dest, cert[i]); - } - } else { - dest.writeInt(0); - } - } - - private void writeCertificate(Parcel dest, X509Certificate cert) { - if (cert != null) { - try { - byte[] certBytes = cert.getEncoded(); - dest.writeInt(certBytes.length); - dest.writeByteArray(certBytes); - } catch (CertificateEncodingException e) { - dest.writeInt(0); - } - } else { - dest.writeInt(0); - } + ParcelUtil.writeCertificates(dest, mCaCerts); + ParcelUtil.writePrivateKey(dest, mClientPrivateKey); + ParcelUtil.writeCertificate(dest, mClientCertificate); } public static final Creator CREATOR = new Creator() { + @Override public WifiEnterpriseConfig createFromParcel(Parcel in) { WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig(); int count = in.readInt(); @@ -236,58 +202,13 @@ public class WifiEnterpriseConfig implements Parcelable { enterpriseConfig.mEapMethod = in.readInt(); enterpriseConfig.mPhase2Method = in.readInt(); - enterpriseConfig.mCaCerts = readCertificates(in); - - PrivateKey userKey = null; - int len = in.readInt(); - if (len > 0) { - try { - byte[] bytes = new byte[len]; - in.readByteArray(bytes); - String algorithm = in.readString(); - KeyFactory keyFactory = KeyFactory.getInstance(algorithm); - userKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes)); - } catch (NoSuchAlgorithmException e) { - userKey = null; - } catch (InvalidKeySpecException e) { - userKey = null; - } - } - - enterpriseConfig.mClientPrivateKey = userKey; - enterpriseConfig.mClientCertificate = readCertificate(in); + enterpriseConfig.mCaCerts = ParcelUtil.readCertificates(in); + enterpriseConfig.mClientPrivateKey = ParcelUtil.readPrivateKey(in); + enterpriseConfig.mClientCertificate = ParcelUtil.readCertificate(in); return enterpriseConfig; } - private X509Certificate[] readCertificates(Parcel in) { - X509Certificate[] certs = null; - int len = in.readInt(); - if (len > 0) { - certs = new X509Certificate[len]; - for (int i = 0; i < len; i++) { - certs[i] = readCertificate(in); - } - } - return certs; - } - - private X509Certificate readCertificate(Parcel in) { - X509Certificate cert = null; - int len = in.readInt(); - if (len > 0) { - try { - byte[] bytes = new byte[len]; - in.readByteArray(bytes); - CertificateFactory cFactory = CertificateFactory.getInstance("X.509"); - cert = (X509Certificate) cFactory - .generateCertificate(new ByteArrayInputStream(bytes)); - } catch (CertificateException e) { - cert = null; - } - } - return cert; - } - + @Override public WifiEnterpriseConfig[] newArray(int size) { return new WifiEnterpriseConfig[size]; } diff --git a/wifi/tests/src/android/net/wifi/FakeKeys.java b/wifi/tests/src/android/net/wifi/FakeKeys.java index 4c3829dcb3d32..c0d60c33f99ca 100644 --- a/wifi/tests/src/android/net/wifi/FakeKeys.java +++ b/wifi/tests/src/android/net/wifi/FakeKeys.java @@ -73,6 +73,37 @@ public class FakeKeys { "-----END CERTIFICATE-----\n"; public static final X509Certificate CA_CERT1 = loadCertificate(CA_CERT1_STRING); + private static final String CLIENT_CERT_STR = "-----BEGIN CERTIFICATE-----\n" + + "MIIE/DCCAuQCAQEwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMxCzAJBgNV\n" + + "BAgMAkNBMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAwDgYDVQQKDAdUZXN0aW5n\n" + + "MB4XDTE2MDkzMDIwNTQyOFoXDTE3MDkzMDIwNTQyOFowRDELMAkGA1UEBhMCVVMx\n" + + "CzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAwDgYDVQQKDAdU\n" + + "ZXN0aW5nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnpmcbuaeHfnJ\n" + + "k+2QNvxmdVFTawyFMNk0USCq5sexscwmxbewG/Rb8YnixwJWS44v2XkSujB67z5C\n" + + "s2qudFEhRXKdEuC6idbAuA97KjipHh0AAniWMsyv61fvbgsUC0b0canx3LiDq81p\n" + + "y28NNGmAvoazLZUZ4AhBRiwYZY6FKk723gmZoGbEIeG7J1dlXPusc1662rIjz4eU\n" + + "zlmmlvqyHfNqnNk8L14Vug6Xh+lOEGN85xhu1YHAEKGrS89kZxs5rum/cZU8KH2V\n" + + "v6eKnY03kxjiVLQtnLpm/7VUEoCMGHyruRj+p3my4+DgqMsmsH52RZCBsjyGlpbU\n" + + "NOwOTIX6xh+Rqloduz4AnrMYYIiIw2s8g+2zJM7VbcVKx0fGS26BKdrxgrXWfmNE\n" + + "nR0/REQ5AxDGw0jfTUvtdTkXAf+K4MDjcNLEZ+MA4rHfAfQWZtUR5BkHCQYxNpJk\n" + + "pA0gyk+BpKdC4WdzI14NSWsu5sRCmBCFqH6BTOSEq/V1cNorBxNwLSSTwFFqUDqx\n" + + "Y5nQLXygkJf9WHZWtSKeSjtOYgilz7UKzC2s3CsjmIyGFe+SwpuHJnuE4Uc8Z5Cb\n" + + "bjNGHPzqL6XnmzZHJp7RF8kBdKdjGC7dCUltzOfICZeKlzOOq+Kw42T/nXjuXvpb\n" + + "nkXNxg741Nwd6RecykXJbseFwm3EYxkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEA\n" + + "Ga1mGwI9aXkL2fTPXO9YkAPzoGeX8aeuVYSQaSkNq+5vnogYCyAt3YDHjRG+ewTT\n" + + "WbnPA991xRAPac+biJeXWmwvgGj0YuT7e79phAiGkTTnbAjFHGfYnBy/tI/v7btO\n" + + "hRNElA5yTJ1m2fVbBEKXzMR83jrT9iyI+YLRN86zUZIaC86xxSbqnrdWN2jOK6MX\n" + + "dS8Arp9tPQjC/4gW+2Ilxv68jiYh+5auWHQZVjppWVY//iu4mAbkq1pTwQEhZ8F8\n" + + "Zrmh9DHh60hLFcfSuhIAwf/NMzppwdkjy1ruKVrpijhGKGp4OWu8nvOUgHSzxc7F\n" + + "PwpVZ5N2Ku4L8MLO6BG2VasRJK7l17TzDXlfLZHJjkuryOFxVaQKt8ZNFgTOaCXS\n" + + "E+gpTLksKU7riYckoiP4+H1sn9qcis0e8s4o/uf1UVc8GSdDw61ReGM5oZEDm1u8\n" + + "H9x20QU6igLqzyBpqvCKv7JNgU1uB2PAODHH78zJiUfnKd1y+o+J1iWzaGj3EFji\n" + + "T8AXksbTP733FeFXfggXju2dyBH+Z1S5BBTEOd1brWgXlHSAZGm97MKZ94r6/tkX\n" + + "qfv3fCos0DKz0oV7qBxYS8wiYhzrRVxG6ITAoH8uuUVVQaZF+G4nJ2jEqNbfuKyX\n" + + "ATQsVNjNNlDA0J33GobPMjT326wa4YAWMx8PI5PJZ3g=\n" + + "-----END CERTIFICATE-----\n"; + public static final X509Certificate CLIENT_CERT = loadCertificate(CLIENT_CERT_STR); + private static final byte[] FAKE_RSA_KEY_1 = new byte[] { (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x78, (byte) 0x02, (byte) 0x01, (byte) 0x00, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, diff --git a/wifi/tests/src/android/net/wifi/WifiEnterpriseConfigTest.java b/wifi/tests/src/android/net/wifi/WifiEnterpriseConfigTest.java index 0d964b7c92d7f..0e503d5e71390 100644 --- a/wifi/tests/src/android/net/wifi/WifiEnterpriseConfigTest.java +++ b/wifi/tests/src/android/net/wifi/WifiEnterpriseConfigTest.java @@ -16,10 +16,12 @@ package android.net.wifi; +import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; import android.net.wifi.WifiEnterpriseConfig.Eap; import android.net.wifi.WifiEnterpriseConfig.Phase2; @@ -30,6 +32,7 @@ import android.test.suitebuilder.annotation.SmallTest; import org.junit.Before; import org.junit.Test; +import java.security.PrivateKey; import java.security.cert.X509Certificate; @@ -259,6 +262,45 @@ public class WifiEnterpriseConfigTest { assertEquals("\"autheap=GTC\"", getSupplicantPhase2Method()); } + /** + * Verifies that parceling a WifiEnterpriseConfig preserves the key + * and certificates information. + */ + @Test + public void parcelConfigWithKeyAndCerts() throws Exception { + WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig(); + PrivateKey clientKey = FakeKeys.RSA_KEY1; + X509Certificate clientCert = FakeKeys.CLIENT_CERT; + X509Certificate[] caCerts = new X509Certificate[] {FakeKeys.CA_CERT0, FakeKeys.CA_CERT1}; + enterpriseConfig.setClientKeyEntry(clientKey, clientCert); + enterpriseConfig.setCaCertificates(caCerts); + Parcel parcel = Parcel.obtain(); + enterpriseConfig.writeToParcel(parcel, 0); + + parcel.setDataPosition(0); // Allow parcel to be read from the beginning. + mEnterpriseConfig = WifiEnterpriseConfig.CREATOR.createFromParcel(parcel); + PrivateKey actualClientKey = mEnterpriseConfig.getClientPrivateKey(); + X509Certificate actualClientCert = mEnterpriseConfig.getClientCertificate(); + X509Certificate[] actualCaCerts = mEnterpriseConfig.getCaCertificates(); + + /* Verify client private key. */ + assertNotNull(actualClientKey); + assertEquals(clientKey.getAlgorithm(), actualClientKey.getAlgorithm()); + assertArrayEquals(clientKey.getEncoded(), actualClientKey.getEncoded()); + + /* Verify client certificate. */ + assertNotNull(actualClientCert); + assertArrayEquals(clientCert.getEncoded(), actualClientCert.getEncoded()); + + /* Verify CA certificates. */ + assertNotNull(actualCaCerts); + assertEquals(caCerts.length, actualCaCerts.length); + for (int i = 0; i < caCerts.length; i++) { + assertNotNull(actualCaCerts[i]); + assertArrayEquals(caCerts[i].getEncoded(), actualCaCerts[i].getEncoded()); + } + } + /** Verifies proper operation of the getKeyId() method. */ @Test public void getKeyId() {