diff options
Diffstat (limited to 'keystore')
-rw-r--r-- | keystore/java/android/security/KeyChain.java | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/keystore/java/android/security/KeyChain.java b/keystore/java/android/security/KeyChain.java index 49ae583..6229331 100644 --- a/keystore/java/android/security/KeyChain.java +++ b/keystore/java/android/security/KeyChain.java @@ -45,8 +45,12 @@ import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; +import java.util.ArrayList; +import java.util.List; import java.util.concurrent.BlockingQueue; import java.util.concurrent.LinkedBlockingQueue; +import libcore.util.Objects; +import org.apache.harmony.xnet.provider.jsse.TrustedCertificateStore; /** * The {@code KeyChain} class provides access to private keys and @@ -384,7 +388,21 @@ public final class KeyChain { } IKeyChainService keyChainService = keyChainConnection.getService(); byte[] certificateBytes = keyChainService.getCertificate(alias, authToken); - return new X509Certificate[] { toCertificate(certificateBytes) }; + List<X509Certificate> chain = new ArrayList<X509Certificate>(); + chain.add(toCertificate(certificateBytes)); + TrustedCertificateStore store = new TrustedCertificateStore(); + for (int i = 0; true; i++) { + X509Certificate cert = chain.get(i); + if (Objects.equal(cert.getSubjectX500Principal(), cert.getIssuerX500Principal())) { + break; + } + X509Certificate issuer = store.findIssuer(cert); + if (issuer == null) { + break; + } + chain.add(issuer); + } + return chain.toArray(new X509Certificate[chain.size()]); } catch (RemoteException e) { throw new KeyChainException(e); } catch (RuntimeException e) { |