@@ -105,6 +105,49 @@ static BIO * BIO_from_keystore(const char *key)
free(value);
return bio;
}
+
+static int tls_add_ca_from_keystore(X509_STORE *ctx, const char *key_alias)
+{
+ BIO *bio = BIO_from_keystore(key_alias);
+ STACK_OF(X509_INFO) *stack = NULL;
+ stack_index_t i;
+
+ if (bio) {
+ stack = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL);
+ BIO_free(bio);
+ }
+ if (!stack)
+ return -1;
+
+ for (i = 0; i < sk_X509_INFO_num(stack); ++i) {
+ X509_INFO *info = sk_X509_INFO_value(stack, i);
+ if (info->x509) {
+ X509_STORE_add_cert(ctx,
+ info->x509);
+ }
+ if (info->crl) {
+ X509_STORE_add_crl(ctx,
+ info->crl);
+ }
+ }
+ sk_X509_INFO_pop_free(stack, X509_INFO_free);
+ return 0;
+}
+
+static int tls_add_ca_from_keystore_encoded(X509_STORE *ctx, const char
*encoded_key_alias)
+{
+ int rc = -1;
+ int len = os_strlen(encoded_key_alias);
+ if (len & 1)
+ return rc;
+ unsigned char* decoded_alias = malloc(len / 2 + 1);
+ if (!hexstr2bin(encoded_key_alias, decoded_alias, len / 2)) {
+ decoded_alias[len / 2] = '\0';
+ rc = tls_add_ca_from_keystore(ctx, (char*) decoded_alias);
+ free(decoded_alias);
+ }
+ return rc;
+}
#endif /* ANDROID */