diff options
4 files changed, 63 insertions, 4 deletions
diff --git a/wifi/java/android/net/wifi/hotspot2/pps/Credential.java b/wifi/java/android/net/wifi/hotspot2/pps/Credential.java index 59a7290eb8a9..28165e1565dc 100644 --- a/wifi/java/android/net/wifi/hotspot2/pps/Credential.java +++ b/wifi/java/android/net/wifi/hotspot2/pps/Credential.java @@ -1216,7 +1216,15 @@ public final class Credential implements Parcelable { Arrays.equals(key1.getEncoded(), key2.getEncoded()); } - private static boolean isX509CertificateEquals(X509Certificate cert1, X509Certificate cert2) { + /** + * Verify two X.509 certificates are identical. + * + * @param cert1 a certificate to compare + * @param cert2 a certificate to compare + * @return {@code true} if given certificates are the same each other, {@code false} otherwise. + * @hide + */ + public static boolean isX509CertificateEquals(X509Certificate cert1, X509Certificate cert2) { if (cert1 == null && cert2 == null) { return true; } diff --git a/wifi/java/android/net/wifi/hotspot2/pps/UpdateParameter.java b/wifi/java/android/net/wifi/hotspot2/pps/UpdateParameter.java index 9eb6314b1fa0..8d30ff18f8fc 100644 --- a/wifi/java/android/net/wifi/hotspot2/pps/UpdateParameter.java +++ b/wifi/java/android/net/wifi/hotspot2/pps/UpdateParameter.java @@ -16,6 +16,7 @@ package android.net.wifi.hotspot2.pps; +import android.net.wifi.ParcelUtil; import android.os.Parcel; import android.os.Parcelable; import android.text.TextUtils; @@ -23,6 +24,7 @@ import android.util.Base64; import android.util.Log; import java.nio.charset.StandardCharsets; +import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.Objects; @@ -167,7 +169,7 @@ public final class UpdateParameter implements Parcelable { } /** - * SHA-256 fingerprint of the certificate located at {@link #trustRootCertUrl} + * SHA-256 fingerprint of the certificate located at {@code mTrustRootCertUrl} */ private byte[] mTrustRootCertSha256Fingerprint = null; public void setTrustRootCertSha256Fingerprint(byte[] fingerprint) { @@ -178,6 +180,31 @@ public final class UpdateParameter implements Parcelable { } /** + * CA (Certificate Authority) X509 certificates. + */ + private X509Certificate mCaCertificate; + + /** + * Set the CA (Certification Authority) certificate associated with Policy/Subscription update. + * + * @param caCertificate The CA certificate to set + * @hide + */ + public void setCaCertificate(X509Certificate caCertificate) { + mCaCertificate = caCertificate; + } + + /** + * Get the CA (Certification Authority) certificate associated with Policy/Subscription update. + * + * @return CA certificate associated and {@code null} if certificate is not set. + * @hide + */ + public X509Certificate getCaCertificate() { + return mCaCertificate; + } + + /** * Constructor for creating Policy with default values. */ public UpdateParameter() {} @@ -202,6 +229,7 @@ public final class UpdateParameter implements Parcelable { mTrustRootCertSha256Fingerprint = Arrays.copyOf(source.mTrustRootCertSha256Fingerprint, source.mTrustRootCertSha256Fingerprint.length); } + mCaCertificate = source.mCaCertificate; } @Override @@ -219,6 +247,7 @@ public final class UpdateParameter implements Parcelable { dest.writeString(mBase64EncodedPassword); dest.writeString(mTrustRootCertUrl); dest.writeByteArray(mTrustRootCertSha256Fingerprint); + ParcelUtil.writeCertificate(dest, mCaCertificate); } @Override @@ -239,14 +268,15 @@ public final class UpdateParameter implements Parcelable { && TextUtils.equals(mBase64EncodedPassword, that.mBase64EncodedPassword) && TextUtils.equals(mTrustRootCertUrl, that.mTrustRootCertUrl) && Arrays.equals(mTrustRootCertSha256Fingerprint, - that.mTrustRootCertSha256Fingerprint); + that.mTrustRootCertSha256Fingerprint) + && Credential.isX509CertificateEquals(mCaCertificate, that.mCaCertificate); } @Override public int hashCode() { return Objects.hash(mUpdateIntervalInMinutes, mUpdateMethod, mRestriction, mServerUri, mUsername, mBase64EncodedPassword, mTrustRootCertUrl, - mTrustRootCertSha256Fingerprint); + Arrays.hashCode(mTrustRootCertSha256Fingerprint), mCaCertificate); } @Override @@ -361,6 +391,7 @@ public final class UpdateParameter implements Parcelable { updateParam.setBase64EncodedPassword(in.readString()); updateParam.setTrustRootCertUrl(in.readString()); updateParam.setTrustRootCertSha256Fingerprint(in.createByteArray()); + updateParam.setCaCertificate(ParcelUtil.readCertificate(in)); return updateParam; } diff --git a/wifi/tests/src/android/net/wifi/hotspot2/pps/CredentialTest.java b/wifi/tests/src/android/net/wifi/hotspot2/pps/CredentialTest.java index 1ecc3fecf7c3..0a3e989d18f0 100644 --- a/wifi/tests/src/android/net/wifi/hotspot2/pps/CredentialTest.java +++ b/wifi/tests/src/android/net/wifi/hotspot2/pps/CredentialTest.java @@ -541,4 +541,20 @@ public class CredentialTest { Credential copyCred = new Credential(sourceCred); assertTrue(copyCred.equals(sourceCred)); } + + /** + * Verify that two certificates are identical. + */ + @Test + public void validateTwoCertificateIdentical() { + assertTrue(Credential.isX509CertificateEquals(FakeKeys.CA_CERT1, FakeKeys.CA_CERT1)); + } + + /** + * Verify that two certificates are different. + */ + @Test + public void validateTwoCertificateDifferent() { + assertFalse(Credential.isX509CertificateEquals(FakeKeys.CA_CERT0, FakeKeys.CA_CERT1)); + } } diff --git a/wifi/tests/src/android/net/wifi/hotspot2/pps/UpdateParameterTest.java b/wifi/tests/src/android/net/wifi/hotspot2/pps/UpdateParameterTest.java index 0b8cd3d63c77..07cb151499ae 100644 --- a/wifi/tests/src/android/net/wifi/hotspot2/pps/UpdateParameterTest.java +++ b/wifi/tests/src/android/net/wifi/hotspot2/pps/UpdateParameterTest.java @@ -16,9 +16,11 @@ package android.net.wifi.hotspot2.pps; +import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import android.net.wifi.FakeKeys; import android.os.Parcel; import android.util.Base64; @@ -56,6 +58,7 @@ public class UpdateParameterTest { Base64.encodeToString("password".getBytes(), Base64.DEFAULT)); updateParam.setTrustRootCertUrl("trust.cert.com"); updateParam.setTrustRootCertSha256Fingerprint(new byte[32]); + updateParam.setCaCertificate(FakeKeys.CA_CERT0); return updateParam; } @@ -71,6 +74,7 @@ public class UpdateParameterTest { parcel.setDataPosition(0); // Rewind data position back to the beginning for read. UpdateParameter paramFromRead = UpdateParameter.CREATOR.createFromParcel(parcel); assertTrue(paramFromRead.equals(paramToWrite)); + assertEquals(paramToWrite.hashCode(), paramFromRead.hashCode()); } /** |