From b50b15cdbed31e35c2c7f3cbaa7ce06a3feb3a6f Mon Sep 17 00:00:00 2001
From: Kenny Root <kroot@google.com>
Date: Wed, 21 Mar 2012 14:57:29 -0700
Subject: [PATCH] Convert to new KeyStore format

keystore no longer stores private key material in the clear. It needs to
use an opaque handle for the private key material and then keystore will
sign the data on the requester's behalf instead of returning the key
material.

Change-Id: I836749769a8519cfc21bfdc2a3b3c8c1a01d8f05
---
 .../android/settings/CredentialStorage.java   | 32 +++++++++++++++++--
 1 file changed, 29 insertions(+), 3 deletions(-)

diff --git a/src/com/android/settings/CredentialStorage.java b/src/com/android/settings/CredentialStorage.java
index e246fce3c53..b9a43a1a0f7 100644
--- a/src/com/android/settings/CredentialStorage.java
+++ b/src/com/android/settings/CredentialStorage.java
@@ -25,6 +25,7 @@ import android.content.res.Resources;
 import android.os.AsyncTask;
 import android.os.Bundle;
 import android.os.RemoteException;
+import android.security.Credentials;
 import android.security.KeyChain.KeyChainConnection;
 import android.security.KeyChain;
 import android.security.KeyStore;
@@ -187,13 +188,38 @@ public final class CredentialStorage extends Activity {
         if (mInstallBundle != null && !mInstallBundle.isEmpty()) {
             Bundle bundle = mInstallBundle;
             mInstallBundle = null;
-            for (String key : bundle.keySet()) {
-                byte[] value = bundle.getByteArray(key);
-                if (value != null && !mKeyStore.put(key, value)) {
+
+            if (bundle.containsKey(Credentials.EXTRA_USER_PRIVATE_KEY_NAME)) {
+                String key = bundle.getString(Credentials.EXTRA_USER_PRIVATE_KEY_NAME);
+                byte[] value = bundle.getByteArray(Credentials.EXTRA_USER_PRIVATE_KEY_DATA);
+
+                if (!mKeyStore.importKey(key, value)) {
                     Log.e(TAG, "Failed to install " + key);
                     return;
                 }
             }
+
+            if (bundle.containsKey(Credentials.EXTRA_USER_CERTIFICATE_NAME)) {
+                String certName = bundle.getString(Credentials.EXTRA_USER_CERTIFICATE_NAME);
+                byte[] certData = bundle.getByteArray(Credentials.EXTRA_USER_CERTIFICATE_DATA);
+
+                if (!mKeyStore.put(certName, certData)) {
+                    Log.e(TAG, "Failed to install " + certName);
+                    return;
+                }
+            }
+
+            if (bundle.containsKey(Credentials.EXTRA_CA_CERTIFICATES_NAME)) {
+                String caListName = bundle.getString(Credentials.EXTRA_CA_CERTIFICATES_NAME);
+                byte[] caListData = bundle.getByteArray(Credentials.EXTRA_CA_CERTIFICATES_DATA);
+
+                if (!mKeyStore.put(caListName, caListData)) {
+                    Log.e(TAG, "Failed to install " + caListName);
+                    return;
+                }
+
+            }
+
             setResult(RESULT_OK);
         }
     }