Android11 WAPI证书安装流程 |
您所在的位置:网站首页 › sd卡安装证书下载官网 › Android11 WAPI证书安装流程 |
|
最近遇到几个WAPI证书安装的问题,看了几天WAPI的相关代码,这里总结一下。 user证书是以"-----BEGIN CERTIFICATE-----“和”-----BEGIN EC PRIVATE KEY-----“开头,ca证书只有”-----BEGIN CERTIFICATE-----",没有"-----BEGIN EC PRIVATE KEY-----" private static final String CERT_BEGIN = "-----BEGIN CERTIFICATE-----"; private static final String CERT_END = "-----END CERTIFICATE-----"; private static final String PRIKEY_BEGIN = "-----BEGIN EC PRIVATE KEY-----"; private static final String PRIKEY_END = "-----END EC PRIVATE KEY-----"; indexCertBegin = certContent.indexOf(CERT_BEGIN); indexCertEnd = certContent.indexOf(CERT_END); indexPriKeyBegin = certContent.indexOf(PRIKEY_BEGIN); indexPriKeyEnd = certContent.indexOf(PRIKEY_END); if(indexCertBegin >= 0 && indexCertEnd > 0) { if(indexPriKeyBegin > 0 && indexPriKeyEnd > 0) { Log.d(TAG, "user cert file"); return 1; } else if(indexPriKeyBegin setLayout->onReferenceViews->setUserCertSpinnerAdapterprotected void onCreate(Bundle savedInstanceState) { onLayout(); super.onCreate(savedInstanceState); }setUserCertSpinnerAdapter就是遍历SD卡并将其中的user证书、ca证书和p12证书分别放到一个list中。最后再设置一下选择器。 private void setUserCertSpinnerAdapter() { Context context = getContext(); File certificateList []; int i = 0; mUserCertArray.clear(); mIssuerCertArray.clear(); //File certificatePath = WapiCertUtil.getSdCardCertificateFile(null); File certificatePath = Environment.getExternalStorageDirectory(); try{ if (certificatePath != null) { certificateList = certificatePath.listFiles(); for (i = 0; i < certificateList.length; i++) { //Log.v(TAG, "certificateList[i].getAbsoluteFile().toString():"+certificateList[i].getAbsoluteFile().toString()); if (WapiCertUtil.isTheSuffix(certificateList[i].getAbsoluteFile().toString(), ".cer")) { Log.v(TAG, "certificateList[" + i + "]: " +certificateList[i].getAbsoluteFile().toString()); if (!certificateList[i].isDirectory() && //isUserCertificate(certificateList[i])) (WapiCertUtil.getCertificateType(certificateList[i]) == 1)) { Log.d(TAG, "add user cert"); mUserCertArray.add(certificateList[i].getName()); } else if(!certificateList[i].isDirectory() && //isUserCertificate(certificateList[i])) (WapiCertUtil.getCertificateType(certificateList[i]) == 2)) { Log.d(TAG, "add ca cert"); mIssuerCertArray.add(certificateList[i].getName()); } } else if(WapiCertUtil.isTheSuffix(certificateList[i].getAbsoluteFile().toString(), ".p12")) { Log.v(TAG, "find a p12 cert "); //if(certificateList[i].lengthGetByteArrayElements ( env , userCert , 0 ); int userCertLen = (*env)->GetArrayLength ( env , userCert ); unsigned char *bytePriKey = (unsigned char *) (*env)->GetByteArrayElements ( env , priKey , 0 ); int priKeyLen = (*env)->GetArrayLength ( env , priKey ); unsigned char *byteCaCert = (unsigned char *) (*env)->GetByteArrayElements ( env , caCert , 0 ); int caCertLen = (*env)->GetArrayLength ( env , caCert ); int ret = Check_Asue_Asu_Cert ( byteUserCert , userCertLen , bytePriKey , priKeyLen , byteCaCert , caCertLen ); if ( ret != 0 ) { ALOGD("in '%s':'%d' Get UsrCert Or Prikey error\n" , __func__ , __LINE__ ); return -1; } return 0; }external/wpa_supplicant_8/wpa_supplicant/wapi/libwapi_cert/wapi_cert.c int Check_Asue_Asu_Cert ( const unsigned char *user_cert , int user_cert_len , const unsigned char *pri_key , int pri_key_len , const unsigned char *as_cert , int as_cert_len ) { unsigned short unpackcert_len = user_cert_len; unsigned short prikey_outlen = pri_key_len; int asu_outlen = as_cert_len; unsigned char *unpack_cert = malloc ( unpackcert_len ); unsigned char *prikey_out = malloc ( prikey_outlen ); unsigned char *asucert_out = malloc ( asu_outlen ); int ret; ret = Unpack_AsueCert ( user_cert , user_cert_len , unpack_cert , &unpackcert_len ); if ( ret != 0 ) { goto error; } ret = Unpack_AsuePrikey ( pri_key , pri_key_len , prikey_out , &prikey_outlen ); if ( ret != 0 ) { goto error; } ret = Unpack_AsuCert ( as_cert , as_cert_len , asucert_out , &asu_outlen ); if ( ret != 0 ) { goto error; } if ( IWN_Check_UserCert_by_CACert ( unpack_cert , unpackcert_len , asucert_out , asu_outlen , ECC_P192 ) != 1 ) { goto error; } if ( IWN_Match_Pub_Pri_key ( unpack_cert , unpackcert_len , prikey_out , prikey_outlen , ECC_P192 ) != 1 ) { goto error; } free ( asucert_out ); free ( prikey_out ); free ( unpack_cert ); return 0; error: free ( asucert_out ); free ( prikey_out ); free ( unpack_cert ); return -1; }再后面就是通过加密算法验证user证书和ca证书了,如果匹配成功则安装证书,安装成功。 |
今日新闻 |
推荐新闻 |
| CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |