From 93face0e06dbaa648af6a6681290658e989c2e53 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Fri, 28 Sep 2012 17:12:27 +0300
Subject: [PATCH] Interworking: Support Android JB keystore with EAP-TLS

If the keystore:// prefix is used in the private_key entry, convert that
to the OpenSSL engine style configuration used for Android JB keystore.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
---
 wpa_supplicant/interworking.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/wpa_supplicant/interworking.c b/wpa_supplicant/interworking.c
index 22f709f81..8e870f6ee 100644
--- a/wpa_supplicant/interworking.c
+++ b/wpa_supplicant/interworking.c
@@ -1046,6 +1046,17 @@ static int interworking_set_eap_params(struct wpa_ssid *ssid,
 	    wpa_config_set_quoted(ssid, "client_cert", cred->client_cert) < 0)
 		return -1;
 
+#ifdef ANDROID
+	if (cred->private_key &&
+	    os_strncmp(cred->private_key, "keystore://", 11) == 0) {
+		/* Use OpenSSL engine configuration for Android keystore */
+		if (wpa_config_set_quoted(ssid, "engine_id", "keystore") < 0 ||
+		    wpa_config_set_quoted(ssid, "key_id",
+					  cred->private_key + 11) < 0 ||
+		    wpa_config_set(ssid, "engine", "1", 0) < 0)
+			return -1;
+	} else
+#endif /* ANDROID */
 	if (cred->private_key && cred->private_key[0] &&
 	    wpa_config_set_quoted(ssid, "private_key", cred->private_key) < 0)
 		return -1;