Use TrustedCertificateStore for chain building

Move chain building to TrustedCertificateStore since it has more information about the certificates. Change-Id: I3030e94eb1abb8a2047a4151bdaad9922706dd0f
author: Kenny Root <kroot@google.com> 2012-08-07 10:04:26 -0700
committer: Kenny Root <kroot@google.com> 2012-08-07 11:41:16 -0700
commit: 54e03afcfe34e9875efa56650c1af3ebc8f58a89 (patch)
tree: 25390fe3fb2d9846e94974fb7f6cb63f04f16ef3 /keystore
parent: bec1d13da2ef3c8c2c4cc4f740474d095068bd8b (diff)
download: frameworks_base-54e03afcfe34e9875efa56650c1af3ebc8f58a89.zip
frameworks_base-54e03afcfe34e9875efa56650c1af3ebc8f58a89.tar.gz
frameworks_base-54e03afcfe34e9875efa56650c1af3ebc8f58a89.tar.bz2
1 files changed, 2 insertions, 17 deletions
diff --git a/keystore/java/android/security/KeyChain.java b/keystore/java/android/security/KeyChain.java
index 483ccb2..31c38d5 100644
--- a/keystore/java/android/security/KeyChain.java
+++ b/keystore/java/android/security/KeyChain.java
@@ -26,20 +26,16 @@ import android.os.Looper;
 import android.os.RemoteException;
 import java.io.ByteArrayInputStream;
 import java.io.Closeable;
-import java.io.IOException;
 import java.security.InvalidKeyException;
-import java.security.KeyPair;
 import java.security.Principal;
 import java.security.PrivateKey;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.LinkedBlockingQueue;
-import libcore.util.Objects;
 
 import org.apache.harmony.xnet.provider.jsse.OpenSSLEngine;
 import org.apache.harmony.xnet.provider.jsse.TrustedCertificateStore;
@@ -341,20 +337,9 @@ public final class KeyChain {
         try {
             IKeyChainService keyChainService = keyChainConnection.getService();
             byte[] certificateBytes = keyChainService.getCertificate(alias);
-            List<X509Certificate> chain = new ArrayList<X509Certificate>();
-            chain.add(toCertificate(certificateBytes));
             TrustedCertificateStore store = new TrustedCertificateStore();
-            for (int i = 0; true; i++) {
-                X509Certificate cert = chain.get(i);
-                if (Objects.equal(cert.getSubjectX500Principal(), cert.getIssuerX500Principal())) {
-                    break;
-                }
-                X509Certificate issuer = store.findIssuer(cert);
-                if (issuer == null) {
-                    break;
-                }
-                chain.add(issuer);
-            }
+            List<X509Certificate> chain = store
+                    .getCertificateChain(toCertificate(certificateBytes));
             return chain.toArray(new X509Certificate[chain.size()]);
         } catch (RemoteException e) {
             throw new KeyChainException(e);
author	Kenny Root <kroot@google.com>	2012-08-07 10:04:26 -0700
committer	Kenny Root <kroot@google.com>	2012-08-07 11:41:16 -0700
commit	54e03afcfe34e9875efa56650c1af3ebc8f58a89 (patch)
tree	25390fe3fb2d9846e94974fb7f6cb63f04f16ef3 /keystore
parent	bec1d13da2ef3c8c2c4cc4f740474d095068bd8b (diff)
download	frameworks_base-54e03afcfe34e9875efa56650c1af3ebc8f58a89.zip frameworks_base-54e03afcfe34e9875efa56650c1af3ebc8f58a89.tar.gz frameworks_base-54e03afcfe34e9875efa56650c1af3ebc8f58a89.tar.bz2