Interworking: Support Android JB keystore with EAP-TLS

If the keystore:// prefix is used in the private_key entry, convert that
to the OpenSSL engine style configuration used for Android JB keystore.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/wpa_supplicant/interworking.c b/wpa_supplicant/interworking.c
index 22f709f81f060af34e0e089151078fc9c2c12b8e..8e870f6ee5cb79d339d7311aecf94042bb5b7809 100644 (file)
--- a/wpa_supplicant/interworking.c
+++ b/wpa_supplicant/interworking.c
@@ -1046,6 +1046,17 @@ static int interworking_set_eap_params(struct wpa_ssid *ssid,
            wpa_config_set_quoted(ssid, "client_cert", cred->client_cert) < 0)
                return -1;
 
+#ifdef ANDROID
+       if (cred->private_key &&
+           os_strncmp(cred->private_key, "keystore://", 11) == 0) {
+               /* Use OpenSSL engine configuration for Android keystore */
+               if (wpa_config_set_quoted(ssid, "engine_id", "keystore") < 0 ||
+                   wpa_config_set_quoted(ssid, "key_id",
+                                         cred->private_key + 11) < 0 ||
+                   wpa_config_set(ssid, "engine", "1", 0) < 0)
+                       return -1;
+       } else
+#endif /* ANDROID */
        if (cred->private_key && cred->private_key[0] &&
            wpa_config_set_quoted(ssid, "private_key", cred->private_key) < 0)
                return -1;