Build cert chain in KeyChain.getCertificateChain

Bug: 4970298 Change-Id: Id91391233528edc2a4da5ebe92ec85d381f170de
author: Brian Carlstrom <bdc@google.com> 2011-07-01 00:12:17 -0700
committer: Brian Carlstrom <bdc@google.com> 2011-07-01 14:41:56 -0700
commit: db93b78385d694402760ad63de0795f3902030d9 (patch)
tree: 0e43bd94879c2db988648b5c33b674e89625abe1 /keystore
parent: 748d9f2fe4db14d1f0f140a92ff7e6cc27dcd732 (diff)
download: frameworks_base-db93b78385d694402760ad63de0795f3902030d9.zip
frameworks_base-db93b78385d694402760ad63de0795f3902030d9.tar.gz
frameworks_base-db93b78385d694402760ad63de0795f3902030d9.tar.bz2
1 files changed, 19 insertions, 1 deletions
diff --git a/keystore/java/android/security/KeyChain.java b/keystore/java/android/security/KeyChain.java
index b567207..e91bcab 100644
--- a/keystore/java/android/security/KeyChain.java
+++ b/keystore/java/android/security/KeyChain.java
@@ -45,8 +45,12 @@ import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.PKCS8EncodedKeySpec;
+import java.util.ArrayList;
+import java.util.List;
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.LinkedBlockingQueue;
+import libcore.util.Objects;
+import org.apache.harmony.xnet.provider.jsse.TrustedCertificateStore;
 
 /**
  * The {@code KeyChain} class provides access to private keys and
@@ -385,7 +389,21 @@ public final class KeyChain {
             }
             IKeyChainService keyChainService = keyChainConnection.getService();
             byte[] certificateBytes = keyChainService.getCertificate(alias, authToken);
-            return new X509Certificate[] { toCertificate(certificateBytes) };
+            List<X509Certificate> chain = new ArrayList<X509Certificate>();
+            chain.add(toCertificate(certificateBytes));
+            TrustedCertificateStore store = new TrustedCertificateStore();
+            for (int i = 0; true; i++) {
+                X509Certificate cert = chain.get(i);
+                if (Objects.equal(cert.getSubjectX500Principal(), cert.getIssuerX500Principal())) {
+                    break;
+                }
+                X509Certificate issuer = store.findIssuer(cert);
+                if (issuer == null) {
+                    break;
+                }
+                chain.add(issuer);
+            }
+            return chain.toArray(new X509Certificate[chain.size()]);
         } catch (RemoteException e) {
             throw new KeyChainException(e);
         } catch (RuntimeException e) {
author	Brian Carlstrom <bdc@google.com>	2011-07-01 00:12:17 -0700
committer	Brian Carlstrom <bdc@google.com>	2011-07-01 14:41:56 -0700
commit	db93b78385d694402760ad63de0795f3902030d9 (patch)
tree	0e43bd94879c2db988648b5c33b674e89625abe1 /keystore
parent	748d9f2fe4db14d1f0f140a92ff7e6cc27dcd732 (diff)
download	frameworks_base-db93b78385d694402760ad63de0795f3902030d9.zip frameworks_base-db93b78385d694402760ad63de0795f3902030d9.tar.gz frameworks_base-db93b78385d694402760ad63de0795f3902030d9.tar.bz2