Replace call into Wifi Keystore with a
call into the new get_certificate method.
Bug: 205764502
Test: Manual test - connect to a WPA Enterprise network.
Tests that KS2 path is still working.
Manual test - store a key-value pair to
legacy Keystore. Check that we can retrieve
the value in supplicant. Tests the legacy
keystore path.
Manual test - try to retrieve a non-existing
value from legacy keystore. Check that the
get_certificate method returns -1
Change-Id: I5b595b6592ca9298a2cb667bc38edd4bd2d1e8e6
diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
index a7dee37..15664df 100644
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@@ -2196,6 +2196,14 @@
os_free(hash_hex);
}
+ssize_t tls_certificate_callback(void* ctx, const char* alias, uint8_t** value) {
+ if (alias == NULL || ctx == NULL || value == NULL) return -1;
+ struct eap_sm *sm = (struct eap_sm*) ctx;
+ if (sm->eapol_cb && sm->eapol_cb->get_certificate) {
+ return sm->eapol_cb->get_certificate(sm->eapol_ctx, alias, value);
+ }
+ return -1;
+}
/**
* eap_peer_sm_init - Allocate and initialize EAP peer state machine
@@ -2239,6 +2247,7 @@
tlsconf.event_cb = eap_peer_sm_tls_event;
tlsconf.cb_ctx = sm;
tlsconf.cert_in_cb = conf->cert_in_cb;
+ tls_register_cert_callback(&tls_certificate_callback);
sm->ssl_ctx = tls_init(&tlsconf);
if (sm->ssl_ctx == NULL) {
wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "