[PATCH 7/8] Switch keystore to binder

Kenny Root kroot
Thu Nov 7 15:06:59 PST 2013 

Signed-off-by: Dmitry Shmidt <dimitrysh at google.com>
---
 src/crypto/tls_openssl.c  | 35 +++++++++++++++++------------------
 wpa_supplicant/Android.mk |  2 +-
 2 files changed, 18 insertions(+), 19 deletions(-)

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 862eaf6..eed8aa6 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -24,11 +24,6 @@
 #include <openssl/engine.h>
 #endif /* OPENSSL_NO_ENGINE */
 
-#ifdef ANDROID
-#include <openssl/pem.h>
-#include "keystore_get.h"
-#endif /* ANDROID */
-
 #include "common.h"
 #include "crypto.h"
 #include "tls.h"
@@ -60,6 +55,23 @@
 #endif /* OPENSSL_NO_TLSEXT */
 #endif /* SSL_set_tlsext_status_type */
 
+#ifdef ANDROID
+#include <openssl/pem.h>
+#include <keystore/keystore_get.h>
+
+static BIO * BIO_from_keystore(const char *key)
+{
+    BIO *bio = NULL;
+    uint8_t *value = NULL;
+    int length = keystore_get(key, strlen(key), &value);
+    if (length != -1 && (bio = BIO_new(BIO_s_mem())) != NULL) {
+        BIO_write(bio, value, length);
+    }
+    free(value);
+    return bio;
+}
+#endif /* ANDROID */
+
 static int tls_openssl_ref_count = 0;
 
 struct tls_context {
@@ -1496,19 +1508,6 @@ static int tls_load_ca_der(void *_ssl_ctx, const char *ca_cert)
 #endif /* OPENSSL_NO_STDIO */
 
 
-#ifdef ANDROID
-static BIO * BIO_from_keystore(const char *key)
-{
-	BIO *bio = NULL;
-	char value[KEYSTORE_MESSAGE_SIZE];
-	int length = keystore_get(key, strlen(key), value);
-	if (length != -1 && (bio = BIO_new(BIO_s_mem())) != NULL)
-		BIO_write(bio, value, length);
-	return bio;
-}
-#endif /* ANDROID */
-
-
 static int tls_connection_ca_cert(void *_ssl_ctx, struct tls_connection *conn,
 				  const char *ca_cert, const u8 *ca_cert_blob,
 				  size_t ca_cert_blob_len, const char *ca_path)
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index 986c836..4f26db8 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -1540,7 +1540,7 @@ include $(LOCAL_PATH)/eap_proxy_$(CONFIG_EAP_PROXY).mk
 endif
 
 ifeq ($(CONFIG_TLS), openssl)
-LOCAL_SHARED_LIBRARIES += libcrypto libssl
+LOCAL_SHARED_LIBRARIES += libcrypto libssl libkeystore_binder
 endif
 ifdef CONFIG_DRIVER_NL80211
 LOCAL_STATIC_LIBRARIES += libnl_2
-- 
1.8.4.1

More information about the Hostap mailing list