Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 933982327f6642e718f974cc1a14abe92823f42a^! / .
commit933982327f6642e718f974cc1a14abe92823f42a[log] [tgz]
authorGabriel Biren <gbiren@google.com>Thu Dec 15 19:18:28 2022 +0000
committerGabriel Biren <gbiren@google.com>Tue Dec 20 01:01:27 2022 +0000
treeb17a05e4c4521c77f0dbb8ab12d347ced6a83872
parent6b4e82707bd232d4452bb81256217b40324a314d [diff]
Add callback path from wpa_supplicant core to
AidlManager::getCertificate.

Order of calls is:
1. eapol_sm_get_certificate (eapol_supp_sm.c)
2. wpa_supplicant_get_certificate_cb (wpas_glue.c)
3. wpas_get_certificate (notify.c)
4. wpas_aidl_get_certificate (aidl.cpp)
5. getCertificate (aidl_manager.cpp)

Bug: 205764502
Test: Manual test - store a key-value pair to
      legacy Keystore. Check that we can retrieve
      the value in supplicant using the new callbacks.
Change-Id: Ibe1fc5a2c50b818101c194bf739632d4c2a302a4

diff --git a/src/eap_peer/eap.h b/src/eap_peer/eap.h
index 8f83d0b..b98e878 100644
--- a/src/eap_peer/eap.h
+++ b/src/eap_peer/eap.h

@@ -304,6 +304,16 @@
 	 * @reason_string: Information to log about the event
 	 */
 	void (*notify_open_ssl_failure)(void *ctx, const char* reason_string);
+
+	/**
+	 * get_certificate - Retrieve a certificate from the certificate store
+	 * @ctx: eapol_ctx from eap_peer_sm_init() call
+	 * @alias: key into the certificate key-value store
+	 * @value: pointer reference - pointer to the retrieved certificate will
+	 *         be stored here on success
+	 * Returns: size of the retrieved certificate or -1 on error
+	 */
+	ssize_t (*get_certificate)(void* ctx, const char* alias, uint8_t** value);
 };
 
 /**

diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c
index a0bc6ab..a8ac6fd 100644
--- a/src/eapol_supp/eapol_supp_sm.c
+++ b/src/eapol_supp/eapol_supp_sm.c

@@ -2112,6 +2112,17 @@
 		sm->ctx->open_ssl_failure_cb(sm->ctx->ctx, reason_string);
 }
 
+static ssize_t
+eapol_sm_get_certificate(void *ctx, const char* alias, uint8_t** value)
+{
+	struct eapol_sm *sm = ctx;
+
+	if (sm->ctx->get_certificate_cb) {
+		return sm->ctx->get_certificate_cb(alias, value);
+	}
+	return -1;
+}
+
 static const struct eapol_callbacks eapol_cb =
 {
 	eapol_sm_get_config,
@@ -2135,7 +2146,8 @@
 #endif /* CONFIG_EAP_PROXY */
 	eapol_sm_set_anon_id,
 	eapol_sm_notify_eap_method_selected,
-	eapol_sm_notify_open_ssl_failure
+	eapol_sm_notify_open_ssl_failure,
+	eapol_sm_get_certificate
 };
 
 

diff --git a/src/eapol_supp/eapol_supp_sm.h b/src/eapol_supp/eapol_supp_sm.h
index ad94cf5..fe34ec9 100644
--- a/src/eapol_supp/eapol_supp_sm.h
+++ b/src/eapol_supp/eapol_supp_sm.h

@@ -336,6 +336,15 @@
 	 * Returns: Whether the current session requires encryption
 	 */
 	bool (*encryption_required)(void *ctx);
+
+	/**
+	 * get_certificate_cb - Retrieve a certificate from the certificate store
+	 * @alias: key into the certificate key-value store
+	 * @value: pointer reference - pointer to the retrieved certificate will
+	 *         be stored here on success
+	 * Returns: size of the retrieved certificate or -1 on error
+	 */
+	ssize_t (*get_certificate_cb)(const char* alias, uint8_t** value);
 };
 
 

diff --git a/wpa_supplicant/aidl/aidl.cpp b/wpa_supplicant/aidl/aidl.cpp
index 6bc13ad..75050c1 100644
--- a/wpa_supplicant/aidl/aidl.cpp
+++ b/wpa_supplicant/aidl/aidl.cpp

@@ -1063,3 +1063,11 @@
 	aidl_manager->notifyQosPolicyRequest(wpa_s, policies, num_policies);
 }
 
+ssize_t wpas_aidl_get_certificate(const char* alias, uint8_t** value)
+{
+	AidlManager *aidl_manager = AidlManager::getInstance();
+	if (!aidl_manager)
+		return -1;
+
+	return aidl_manager->getCertificate(alias, value);
+}

diff --git a/wpa_supplicant/aidl/aidl.h b/wpa_supplicant/aidl/aidl.h
index 40eb860..f0470e2 100644
--- a/wpa_supplicant/aidl/aidl.h
+++ b/wpa_supplicant/aidl/aidl.h

@@ -145,6 +145,7 @@
 	void wpas_aidl_notify_qos_policy_reset(struct wpa_supplicant *wpa_s);
 	void wpas_aidl_notify_qos_policy_request(struct wpa_supplicant *wpa_s,
 		struct dscp_policy_data *policies, int num_policies);
+	ssize_t wpas_aidl_get_certificate(const char* alias, uint8_t** value);
 #else   // CONFIG_CTRL_IFACE_AIDL
 static inline int wpas_aidl_register_interface(struct wpa_supplicant *wpa_s)
 {
@@ -322,6 +323,8 @@
 						struct dscp_policy_data *policies,
 						int num_policies)
 {}
+ssize_t wpas_aidl_get_certificate(const char* alias, uint8_t** value)
+{}
 #endif  // CONFIG_CTRL_IFACE_AIDL
 
 #ifdef _cplusplus

diff --git a/wpa_supplicant/notify.c b/wpa_supplicant/notify.c
index 7e6d042..7ec0f0d 100644
--- a/wpa_supplicant/notify.c
+++ b/wpa_supplicant/notify.c

@@ -1352,3 +1352,8 @@
 
 	wpas_aidl_notify_frequency_changed(wpa_s, frequency);
 }
+
+ssize_t wpas_get_certificate(const char *alias, uint8_t** value)
+{
+	return wpas_aidl_get_certificate(alias, value);
+}

diff --git a/wpa_supplicant/notify.h b/wpa_supplicant/notify.h
index e1b9f17..9a818ef 100644
--- a/wpa_supplicant/notify.h
+++ b/wpa_supplicant/notify.h

@@ -221,5 +221,6 @@
 void wpas_notify_qos_policy_request(struct wpa_supplicant *wpa_s,
 		struct dscp_policy_data *policies, int num_policies);
 void wpas_notify_frequency_changed(struct wpa_supplicant *wpa_s, int frequency);
+ssize_t wpas_get_certificate(const char *alias, uint8_t** value);
 
 #endif /* NOTIFY_H */

diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index a733ae3..28faa94 100644
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c

@@ -1203,6 +1203,12 @@
 		wpa_sm_pmf_enabled(wpa_s->wpa);
 }
 
+static ssize_t wpa_supplicant_get_certificate_cb(
+						const char* alias, uint8_t** value)
+{
+	return wpas_get_certificate(alias, value);
+}
+
 #endif /* IEEE8021X_EAPOL */
 
 
@@ -1252,6 +1258,7 @@
 	ctx->set_anon_id = wpa_supplicant_set_anon_id;
 	ctx->eap_method_selected_cb = wpa_supplicant_eap_method_selected_cb;
 	ctx->open_ssl_failure_cb = wpa_supplicant_open_ssl_failure_cb;
+	ctx->get_certificate_cb = wpa_supplicant_get_certificate_cb;
 	ctx->encryption_required = wpas_encryption_required;
 	ctx->cb_ctx = wpa_s;
 	wpa_s->eapol = eapol_sm_init(ctx);