Add WifiKeystore to allow Wifi framework access legacykeystore
Add the WifiKeystore API for Wifi framework in mainline module,
to access the legacy keystore for Wifi private key blobs.
Bug: 205764502
Test: adb shell cmd wifi keystore
Change-Id: Ibe3f3d5611c8de26c2aa37b3b9dee49351cbe3c5
diff --git a/core/api/module-lib-current.txt b/core/api/module-lib-current.txt
index 3efb0c6..6358f3c 100644
--- a/core/api/module-lib-current.txt
+++ b/core/api/module-lib-current.txt
@@ -296,6 +296,17 @@
}
+package android.net.wifi {
+
+ public final class WifiKeystore {
+ method @NonNull public static byte[] get(@NonNull String);
+ method @NonNull public static String[] list(@NonNull String);
+ method public static boolean put(@NonNull String, @NonNull byte[]);
+ method public static boolean remove(@NonNull String);
+ }
+
+}
+
package android.os {
public class ArtModuleServiceManager {
diff --git a/wifi/java/src/android/net/wifi/WifiKeystore.java b/wifi/java/src/android/net/wifi/WifiKeystore.java
new file mode 100644
index 0000000..ca86dde
--- /dev/null
+++ b/wifi/java/src/android/net/wifi/WifiKeystore.java
@@ -0,0 +1,126 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.net.wifi;
+
+import android.annotation.NonNull;
+import android.annotation.SystemApi;
+import android.os.Process;
+import android.os.ServiceManager;
+import android.os.ServiceSpecificException;
+import android.security.legacykeystore.ILegacyKeystore;
+import android.util.Log;
+
+/**
+ * @hide This class allows wifi framework to store and access wifi certificate blobs.
+ */
+@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
+public final class WifiKeystore {
+ private static final String TAG = "WifiKeystore";
+ private static final String LEGACY_KEYSTORE_SERVICE_NAME = "android.security.legacykeystore";
+
+ private static ILegacyKeystore getService() {
+ return ILegacyKeystore.Stub.asInterface(
+ ServiceManager.checkService(LEGACY_KEYSTORE_SERVICE_NAME));
+ }
+
+ /** @hide */
+ WifiKeystore() {
+ }
+
+ /**
+ * Stores the blob under the alias in the keystore database. Existing blobs by the
+ * same name will be replaced.
+ * @param alias The name of the blob
+ * @param blob The blob.
+ * @return true if the blob was successfully added. False otherwise.
+ * @hide
+ */
+ @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
+ public static boolean put(@NonNull String alias, @NonNull byte[] blob) {
+ try {
+ Log.i(TAG, "put blob. alias " + alias);
+ getService().put(alias, Process.WIFI_UID, blob);
+ return true;
+ } catch (Exception e) {
+ Log.e(TAG, "Failed to put blob.", e);
+ return false;
+ }
+ }
+
+ /**
+ * Retrieves a blob by the name alias from the blob database.
+ * @param alias Name of the blob to retrieve.
+ * @return The unstructured blob, that is the blob that was stored using
+ * {@link android.net.wifi.WifiKeystore#put}.
+ * Returns null if no blob was found.
+ * @hide
+ */
+ @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
+ public static @NonNull byte[] get(@NonNull String alias) {
+ try {
+ Log.i(TAG, "get blob. alias " + alias);
+ return getService().get(alias, Process.WIFI_UID);
+ } catch (ServiceSpecificException e) {
+ if (e.errorCode != ILegacyKeystore.ERROR_ENTRY_NOT_FOUND) {
+ Log.e(TAG, "Failed to get blob.", e);
+ }
+ } catch (Exception e) {
+ Log.e(TAG, "Failed to get blob.", e);
+ }
+ return null;
+ }
+
+ /**
+ * Removes a blob by the name alias from the database.
+ * @param alias Name of the blob to be removed.
+ * @return True if a blob was removed. False if no such blob was found.
+ * @hide
+ */
+ @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
+ public static boolean remove(@NonNull String alias) {
+ try {
+ getService().remove(alias, Process.WIFI_UID);
+ return true;
+ } catch (ServiceSpecificException e) {
+ if (e.errorCode != ILegacyKeystore.ERROR_ENTRY_NOT_FOUND) {
+ Log.e(TAG, "Failed to remove blob.", e);
+ }
+ } catch (Exception e) {
+ Log.e(TAG, "Failed to remove blob.", e);
+ }
+ return false;
+ }
+
+ /**
+ * Lists the blobs stored in the database.
+ * @return An array of strings representing the aliases stored in the database.
+ * The return value may be empty but never null.
+ * @hide
+ */
+ @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
+ public static @NonNull String[] list(@NonNull String prefix) {
+ try {
+ final String[] aliases = getService().list(prefix, Process.WIFI_UID);
+ for (int i = 0; i < aliases.length; ++i) {
+ aliases[i] = aliases[i].substring(prefix.length());
+ }
+ return aliases;
+ } catch (Exception e) {
+ Log.e(TAG, "Failed to list blobs.", e);
+ }
+ return new String[0];
+ }
+}
\ No newline at end of file