VpnSettings: add support for server certificates.

Bug: 5714397 Change-Id: I5ce13e244fba554bec31c4935571b09127b9270a
2011-12-06 17:51:01 -08:00
parent 9ef669a65d
commit f5317a151b
5 changed files with 34 additions and 11 deletions
--- a/src/com/android/settings/vpn2/VpnSettings.java
+++ b/src/com/android/settings/vpn2/VpnSettings.java
@@ -354,6 +354,7 @@ public class VpnSettings extends SettingsPreferenceFragment implements
        String privateKey = "";
        String userCert = "";
        String caCert = "";
+        String serverCert = "";
        if (!profile.ipsecUserCert.isEmpty()) {
            byte[] value = mKeyStore.get(Credentials.USER_PRIVATE_KEY + profile.ipsecUserCert);
            privateKey = (value == null) ? null : new String(value, Charsets.UTF_8);
@@ -364,7 +365,11 @@ public class VpnSettings extends SettingsPreferenceFragment implements
            byte[] value = mKeyStore.get(Credentials.CA_CERTIFICATE + profile.ipsecCaCert);
            caCert = (value == null) ? null : new String(value, Charsets.UTF_8);
        }
-        if (privateKey == null || userCert == null || caCert == null) {
+        if (!profile.ipsecServerCert.isEmpty()) {
+            byte[] value = mKeyStore.get(Credentials.USER_CERTIFICATE + profile.ipsecServerCert);
+            serverCert = (value == null) ? null : new String(value, Charsets.UTF_8);
+        }
+        if (privateKey == null || userCert == null || caCert == null || serverCert == null) {
            // TODO: find out a proper way to handle this. Delete these keys?
            throw new IllegalStateException("Cannot load credentials");
        }
@@ -380,7 +385,8 @@ public class VpnSettings extends SettingsPreferenceFragment implements
                break;
            case VpnProfile.TYPE_L2TP_IPSEC_RSA:
                racoon = new String[] {
-                    interfaze, profile.server, "udprsa", privateKey, userCert, caCert, "1701",
+                    interfaze, profile.server, "udprsa", privateKey, userCert,
+                    caCert, serverCert, "1701",
                };
                break;
            case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
@@ -391,14 +397,14 @@ public class VpnSettings extends SettingsPreferenceFragment implements
                break;
            case VpnProfile.TYPE_IPSEC_XAUTH_RSA:
                racoon = new String[] {
-                    interfaze, profile.server, "xauthrsa", privateKey, userCert, caCert,
-                    profile.username, profile.password, "", gateway,
+                    interfaze, profile.server, "xauthrsa", privateKey, userCert,
+                    caCert, serverCert, profile.username, profile.password, "", gateway,
                };
                break;
            case VpnProfile.TYPE_IPSEC_HYBRID_RSA:
                racoon = new String[] {
-                    interfaze, profile.server, "hybridrsa", caCert,
-                    profile.username, profile.password, "", gateway,
+                    interfaze, profile.server, "hybridrsa",
+                    caCert, serverCert, profile.username, profile.password, "", gateway,
                };
                break;
        }