Example 11 with Credential
use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by DirtyUnicorns.
the class OSUClient method createHandler.
private HTTPHandler createHandler(Network network, HomeSP homeSP, KeyManager km, int flowType) throws GeneralSecurityException, IOException {
Credential credential = homeSP.getCredential();
Log.d(TAG, "Credential method " + credential.getEAPMethod().getEAPMethodID());
switch(credential.getEAPMethod().getEAPMethodID()) {
case EAP_TTLS:
String user;
byte[] password;
UpdateInfo subscriptionUpdate;
if (flowType == OSUManager.FLOW_POLICY) {
subscriptionUpdate = homeSP.getPolicy() != null ? homeSP.getPolicy().getPolicyUpdate() : null;
} else {
subscriptionUpdate = homeSP.getSubscriptionUpdate();
}
if (subscriptionUpdate != null && subscriptionUpdate.getUsername() != null) {
user = subscriptionUpdate.getUsername();
password = subscriptionUpdate.getPassword() != null ? subscriptionUpdate.getPassword().getBytes(StandardCharsets.UTF_8) : new byte[0];
} else {
user = credential.getUserName();
password = credential.getPassword().getBytes(StandardCharsets.UTF_8);
}
return new HTTPHandler(StandardCharsets.UTF_8, OSUSocketFactory.getSocketFactory(mKeyStore, homeSP, flowType, network, mURL, km, true), user, password);
case EAP_TLS:
return new HTTPHandler(StandardCharsets.UTF_8, OSUSocketFactory.getSocketFactory(mKeyStore, homeSP, flowType, network, mURL, km, true));
default:
throw new IOException("Cannot remediate account with " + credential.getEAPMethod().getEAPMethodID());
}
}
Also used :
Credential(com.android.hotspot2.pps.Credential)
IOException(java.io.IOException)
UpdateInfo(com.android.hotspot2.pps.UpdateInfo)
Example 12 with Credential
use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by DirtyUnicorns.
the class MOManager method buildHomeSPTree.
private static OMANode buildHomeSPTree(HomeSP homeSP, OMAConstructed root, int instanceID) throws IOException {
OMANode providerSubNode = root.addChild(getInstanceString(instanceID), null, null, null);
// The HomeSP:
OMANode homeSpNode = providerSubNode.addChild(TAG_HomeSP, null, null, null);
if (!homeSP.getSSIDs().isEmpty()) {
OMAConstructed nwkIDNode = (OMAConstructed) homeSpNode.addChild(TAG_NetworkID, null, null, null);
int instance = 0;
for (Map.Entry<String, Long> entry : homeSP.getSSIDs().entrySet()) {
OMAConstructed inode = (OMAConstructed) nwkIDNode.addChild(getInstanceString(instance++), null, null, null);
inode.addChild(TAG_SSID, null, entry.getKey(), null);
if (entry.getValue() != null) {
inode.addChild(TAG_HESSID, null, String.format("%012x", entry.getValue()), null);
}
}
}
homeSpNode.addChild(TAG_FriendlyName, null, homeSP.getFriendlyName(), null);
if (homeSP.getIconURL() != null) {
homeSpNode.addChild(TAG_IconURL, null, homeSP.getIconURL(), null);
}
homeSpNode.addChild(TAG_FQDN, null, homeSP.getFQDN(), null);
if (!homeSP.getMatchAllOIs().isEmpty() || !homeSP.getMatchAnyOIs().isEmpty()) {
OMAConstructed homeOIList = (OMAConstructed) homeSpNode.addChild(TAG_HomeOIList, null, null, null);
int instance = 0;
for (Long oi : homeSP.getMatchAllOIs()) {
OMAConstructed inode = (OMAConstructed) homeOIList.addChild(getInstanceString(instance++), null, null, null);
inode.addChild(TAG_HomeOI, null, String.format("%x", oi), null);
inode.addChild(TAG_HomeOIRequired, null, "TRUE", null);
}
for (Long oi : homeSP.getMatchAnyOIs()) {
OMAConstructed inode = (OMAConstructed) homeOIList.addChild(getInstanceString(instance++), null, null, null);
inode.addChild(TAG_HomeOI, null, String.format("%x", oi), null);
inode.addChild(TAG_HomeOIRequired, null, "FALSE", null);
}
}
if (!homeSP.getOtherHomePartners().isEmpty()) {
OMAConstructed otherPartners = (OMAConstructed) homeSpNode.addChild(TAG_OtherHomePartners, null, null, null);
int instance = 0;
for (String fqdn : homeSP.getOtherHomePartners()) {
OMAConstructed inode = (OMAConstructed) otherPartners.addChild(getInstanceString(instance++), null, null, null);
inode.addChild(TAG_FQDN, null, fqdn, null);
}
}
if (!homeSP.getRoamingConsortiums().isEmpty()) {
homeSpNode.addChild(TAG_RoamingConsortiumOI, null, getRCList(homeSP.getRoamingConsortiums()), null);
}
// The Credential:
OMANode credentialNode = providerSubNode.addChild(TAG_Credential, null, null, null);
Credential cred = homeSP.getCredential();
EAPMethod method = cred.getEAPMethod();
if (cred.getCtime() > 0) {
credentialNode.addChild(TAG_CreationDate, null, DTFormat.format(new Date(cred.getCtime())), null);
}
if (cred.getExpTime() > 0) {
credentialNode.addChild(TAG_ExpirationDate, null, DTFormat.format(new Date(cred.getExpTime())), null);
}
if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_SIM || method.getEAPMethodID() == EAP.EAPMethodID.EAP_AKA || method.getEAPMethodID() == EAP.EAPMethodID.EAP_AKAPrim) {
OMANode simNode = credentialNode.addChild(TAG_SIM, null, null, null);
simNode.addChild(TAG_IMSI, null, cred.getImsi().toString(), null);
simNode.addChild(TAG_EAPType, null, Integer.toString(EAP.mapEAPMethod(method.getEAPMethodID())), null);
} else if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_TTLS) {
OMANode unpNode = credentialNode.addChild(TAG_UsernamePassword, null, null, null);
unpNode.addChild(TAG_Username, null, cred.getUserName(), null);
unpNode.addChild(TAG_Password, null, Base64.encodeToString(cred.getPassword().getBytes(StandardCharsets.UTF_8), Base64.DEFAULT), null);
OMANode eapNode = unpNode.addChild(TAG_EAPMethod, null, null, null);
eapNode.addChild(TAG_EAPType, null, Integer.toString(EAP.mapEAPMethod(method.getEAPMethodID())), null);
eapNode.addChild(TAG_InnerMethod, null, ((NonEAPInnerAuth) method.getAuthParam()).getOMAtype(), null);
} else if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_TLS) {
OMANode certNode = credentialNode.addChild(TAG_DigitalCertificate, null, null, null);
certNode.addChild(TAG_CertificateType, null, Credential.CertTypeX509, null);
certNode.addChild(TAG_CertSHA256Fingerprint, null, Utils.toHex(cred.getFingerPrint()), null);
} else {
throw new OMAException("Invalid credential on " + homeSP.getFQDN());
}
credentialNode.addChild(TAG_Realm, null, cred.getRealm(), null);
//credentialNode.addChild(TAG_CheckAAAServerCertStatus, null, "TRUE", null);
return providerSubNode;
}
Also used :
Credential(com.android.hotspot2.pps.Credential)
HashMap(java.util.HashMap)
Map(java.util.Map)
ExpandedEAPMethod(com.android.anqp.eap.ExpandedEAPMethod)
EAPMethod(com.android.anqp.eap.EAPMethod)
Date(java.util.Date)
NonEAPInnerAuth(com.android.anqp.eap.NonEAPInnerAuth)
Example 13 with Credential
use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by AOSPA.
the class MOManager method buildCredential.
private static Credential buildCredential(OMANode credNode) throws OMAException {
long ctime = getTime(credNode.getChild(TAG_CreationDate));
long expTime = getTime(credNode.getChild(TAG_ExpirationDate));
String realm = getString(credNode.getChild(TAG_Realm));
boolean checkAAACert = getBoolean(credNode.getChild(TAG_CheckAAAServerCertStatus));
OMANode unNode = credNode.getChild(TAG_UsernamePassword);
OMANode certNode = credNode.getChild(TAG_DigitalCertificate);
OMANode simNode = credNode.getChild(TAG_SIM);
int alternatives = 0;
alternatives += unNode != null ? 1 : 0;
alternatives += certNode != null ? 1 : 0;
alternatives += simNode != null ? 1 : 0;
if (alternatives != 1) {
throw new OMAException("Expected exactly one credential type, got " + alternatives);
}
if (unNode != null) {
String userName = getString(unNode.getChild(TAG_Username));
String password = getString(unNode.getChild(TAG_Password));
boolean machineManaged = getBoolean(unNode.getChild(TAG_MachineManaged));
String softTokenApp = getString(unNode.getChild(TAG_SoftTokenApp));
boolean ableToShare = getBoolean(unNode.getChild(TAG_AbleToShare));
OMANode eapMethodNode = unNode.getChild(TAG_EAPMethod);
int eapID = getInteger(eapMethodNode.getChild(TAG_EAPType));
EAP.EAPMethodID eapMethodID = EAP.mapEAPMethod(eapID);
if (eapMethodID == null) {
throw new OMAException("Unknown EAP method: " + eapID);
}
Long vid = getOptionalInteger(eapMethodNode.getChild(TAG_VendorId));
Long vtype = getOptionalInteger(eapMethodNode.getChild(TAG_VendorType));
Long innerEAPType = getOptionalInteger(eapMethodNode.getChild(TAG_InnerEAPType));
EAP.EAPMethodID innerEAPMethod = null;
if (innerEAPType != null) {
innerEAPMethod = EAP.mapEAPMethod(innerEAPType.intValue());
if (innerEAPMethod == null) {
throw new OMAException("Bad inner EAP method: " + innerEAPType);
}
}
Long innerVid = getOptionalInteger(eapMethodNode.getChild(TAG_InnerVendorID));
Long innerVtype = getOptionalInteger(eapMethodNode.getChild(TAG_InnerVendorType));
String innerNonEAPMethod = getString(eapMethodNode.getChild(TAG_InnerMethod));
EAPMethod eapMethod;
if (innerEAPMethod != null) {
eapMethod = new EAPMethod(eapMethodID, new InnerAuthEAP(innerEAPMethod));
} else if (vid != null) {
eapMethod = new EAPMethod(eapMethodID, new ExpandedEAPMethod(EAP.AuthInfoID.ExpandedEAPMethod, vid.intValue(), vtype));
} else if (innerVid != null) {
eapMethod = new EAPMethod(eapMethodID, new ExpandedEAPMethod(EAP.AuthInfoID.ExpandedInnerEAPMethod, innerVid.intValue(), innerVtype));
} else if (innerNonEAPMethod != null) {
eapMethod = new EAPMethod(eapMethodID, new NonEAPInnerAuth(innerNonEAPMethod));
} else {
throw new OMAException("Incomplete set of EAP parameters");
}
return new Credential(ctime, expTime, realm, checkAAACert, eapMethod, userName, password, machineManaged, softTokenApp, ableToShare);
}
if (certNode != null) {
try {
String certTypeString = getString(certNode.getChild(TAG_CertificateType));
byte[] fingerPrint = getOctets(certNode.getChild(TAG_CertSHA256Fingerprint));
EAPMethod eapMethod = new EAPMethod(EAP.EAPMethodID.EAP_TLS, null);
return new Credential(ctime, expTime, realm, checkAAACert, eapMethod, Credential.mapCertType(certTypeString), fingerPrint);
} catch (NumberFormatException nfe) {
throw new OMAException("Bad hex string: " + nfe.toString());
}
}
if (simNode != null) {
try {
IMSIParameter imsi = new IMSIParameter(getString(simNode.getChild(TAG_IMSI)));
EAPMethod eapMethod = new EAPMethod(EAP.mapEAPMethod(getInteger(simNode.getChild(TAG_EAPType))), null);
return new Credential(ctime, expTime, realm, checkAAACert, eapMethod, imsi);
} catch (IOException ioe) {
throw new OMAException("Failed to parse IMSI: " + ioe);
}
}
throw new OMAException("Missing credential parameters");
}
Also used :
Credential(com.android.hotspot2.pps.Credential)
InnerAuthEAP(com.android.anqp.eap.InnerAuthEAP)
IOException(java.io.IOException)
ExpandedEAPMethod(com.android.anqp.eap.ExpandedEAPMethod)
EAPMethod(com.android.anqp.eap.EAPMethod)
ExpandedEAPMethod(com.android.anqp.eap.ExpandedEAPMethod)
InnerAuthEAP(com.android.anqp.eap.InnerAuthEAP)
EAP(com.android.anqp.eap.EAP)
IMSIParameter(com.android.hotspot2.IMSIParameter)
NonEAPInnerAuth(com.android.anqp.eap.NonEAPInnerAuth)
Example 14 with Credential
use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by crdroidandroid.
the class MOManager method buildHomeSPTree.
private static OMANode buildHomeSPTree(HomeSP homeSP, OMAConstructed root, int instanceID) throws IOException {
OMANode providerSubNode = root.addChild(getInstanceString(instanceID), null, null, null);
// The HomeSP:
OMANode homeSpNode = providerSubNode.addChild(TAG_HomeSP, null, null, null);
if (!homeSP.getSSIDs().isEmpty()) {
OMAConstructed nwkIDNode = (OMAConstructed) homeSpNode.addChild(TAG_NetworkID, null, null, null);
int instance = 0;
for (Map.Entry<String, Long> entry : homeSP.getSSIDs().entrySet()) {
OMAConstructed inode = (OMAConstructed) nwkIDNode.addChild(getInstanceString(instance++), null, null, null);
inode.addChild(TAG_SSID, null, entry.getKey(), null);
if (entry.getValue() != null) {
inode.addChild(TAG_HESSID, null, String.format("%012x", entry.getValue()), null);
}
}
}
homeSpNode.addChild(TAG_FriendlyName, null, homeSP.getFriendlyName(), null);
if (homeSP.getIconURL() != null) {
homeSpNode.addChild(TAG_IconURL, null, homeSP.getIconURL(), null);
}
homeSpNode.addChild(TAG_FQDN, null, homeSP.getFQDN(), null);
if (!homeSP.getMatchAllOIs().isEmpty() || !homeSP.getMatchAnyOIs().isEmpty()) {
OMAConstructed homeOIList = (OMAConstructed) homeSpNode.addChild(TAG_HomeOIList, null, null, null);
int instance = 0;
for (Long oi : homeSP.getMatchAllOIs()) {
OMAConstructed inode = (OMAConstructed) homeOIList.addChild(getInstanceString(instance++), null, null, null);
inode.addChild(TAG_HomeOI, null, String.format("%x", oi), null);
inode.addChild(TAG_HomeOIRequired, null, "TRUE", null);
}
for (Long oi : homeSP.getMatchAnyOIs()) {
OMAConstructed inode = (OMAConstructed) homeOIList.addChild(getInstanceString(instance++), null, null, null);
inode.addChild(TAG_HomeOI, null, String.format("%x", oi), null);
inode.addChild(TAG_HomeOIRequired, null, "FALSE", null);
}
}
if (!homeSP.getOtherHomePartners().isEmpty()) {
OMAConstructed otherPartners = (OMAConstructed) homeSpNode.addChild(TAG_OtherHomePartners, null, null, null);
int instance = 0;
for (String fqdn : homeSP.getOtherHomePartners()) {
OMAConstructed inode = (OMAConstructed) otherPartners.addChild(getInstanceString(instance++), null, null, null);
inode.addChild(TAG_FQDN, null, fqdn, null);
}
}
if (!homeSP.getRoamingConsortiums().isEmpty()) {
homeSpNode.addChild(TAG_RoamingConsortiumOI, null, getRCList(homeSP.getRoamingConsortiums()), null);
}
// The Credential:
OMANode credentialNode = providerSubNode.addChild(TAG_Credential, null, null, null);
Credential cred = homeSP.getCredential();
EAPMethod method = cred.getEAPMethod();
if (cred.getCtime() > 0) {
credentialNode.addChild(TAG_CreationDate, null, DTFormat.format(new Date(cred.getCtime())), null);
}
if (cred.getExpTime() > 0) {
credentialNode.addChild(TAG_ExpirationDate, null, DTFormat.format(new Date(cred.getExpTime())), null);
}
if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_SIM || method.getEAPMethodID() == EAP.EAPMethodID.EAP_AKA || method.getEAPMethodID() == EAP.EAPMethodID.EAP_AKAPrim) {
OMANode simNode = credentialNode.addChild(TAG_SIM, null, null, null);
simNode.addChild(TAG_IMSI, null, cred.getImsi().toString(), null);
simNode.addChild(TAG_EAPType, null, Integer.toString(EAP.mapEAPMethod(method.getEAPMethodID())), null);
} else if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_TTLS) {
OMANode unpNode = credentialNode.addChild(TAG_UsernamePassword, null, null, null);
unpNode.addChild(TAG_Username, null, cred.getUserName(), null);
unpNode.addChild(TAG_Password, null, Base64.encodeToString(cred.getPassword().getBytes(StandardCharsets.UTF_8), Base64.DEFAULT), null);
OMANode eapNode = unpNode.addChild(TAG_EAPMethod, null, null, null);
eapNode.addChild(TAG_EAPType, null, Integer.toString(EAP.mapEAPMethod(method.getEAPMethodID())), null);
eapNode.addChild(TAG_InnerMethod, null, ((NonEAPInnerAuth) method.getAuthParam()).getOMAtype(), null);
} else if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_TLS) {
OMANode certNode = credentialNode.addChild(TAG_DigitalCertificate, null, null, null);
certNode.addChild(TAG_CertificateType, null, Credential.CertTypeX509, null);
certNode.addChild(TAG_CertSHA256Fingerprint, null, Utils.toHex(cred.getFingerPrint()), null);
} else {
throw new OMAException("Invalid credential on " + homeSP.getFQDN());
}
credentialNode.addChild(TAG_Realm, null, cred.getRealm(), null);
//credentialNode.addChild(TAG_CheckAAAServerCertStatus, null, "TRUE", null);
return providerSubNode;
}
Also used :
Credential(com.android.hotspot2.pps.Credential)
HashMap(java.util.HashMap)
Map(java.util.Map)
ExpandedEAPMethod(com.android.anqp.eap.ExpandedEAPMethod)
EAPMethod(com.android.anqp.eap.EAPMethod)
Date(java.util.Date)
NonEAPInnerAuth(com.android.anqp.eap.NonEAPInnerAuth)
Example 15 with Credential
use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by crdroidandroid.
the class ConfigBuilder method buildSIMConfig.
private static WifiConfiguration buildSIMConfig(HomeSP homeSP) throws IOException {
Credential credential = homeSP.getCredential();
IMSIParameter credImsi = credential.getImsi();
/*
* Uncomment to enforce strict IMSI matching with currently installed SIM cards.
*
TelephonyManager tm = TelephonyManager.from(context);
SubscriptionManager sub = SubscriptionManager.from(context);
boolean match = false;
for (int subId : sub.getActiveSubscriptionIdList()) {
String imsi = tm.getSubscriberId(subId);
if (credImsi.matches(imsi)) {
match = true;
break;
}
}
if (!match) {
throw new IOException("Supplied IMSI does not match any SIM card");
}
*/
WifiConfiguration config = buildBaseConfiguration(homeSP);
config.enterpriseConfig.setPlmn(credImsi.toString());
return config;
}
Also used :
Credential(com.android.hotspot2.pps.Credential)
WifiConfiguration(android.net.wifi.WifiConfiguration)
IMSIParameter(com.android.hotspot2.IMSIParameter)
Aggregations
Credential (com.android.hotspot2.pps.Credential)40
IOException (java.io.IOException)25
WifiConfiguration (android.net.wifi.WifiConfiguration)20
WifiEnterpriseConfig (android.net.wifi.WifiEnterpriseConfig)15
EAPMethod (com.android.anqp.eap.EAPMethod)15
NonEAPInnerAuth (com.android.anqp.eap.NonEAPInnerAuth)15
HashMap (java.util.HashMap)11
EAP (com.android.anqp.eap.EAP)10
ExpandedEAPMethod (com.android.anqp.eap.ExpandedEAPMethod)10
IMSIParameter (com.android.hotspot2.IMSIParameter)10
UpdateInfo (com.android.hotspot2.pps.UpdateInfo)10
ArrayList (java.util.ArrayList)6
AuthParam (com.android.anqp.eap.AuthParam)5
InnerAuthEAP (com.android.anqp.eap.InnerAuthEAP)5
HomeSP (com.android.hotspot2.pps.HomeSP)5
Policy (com.android.hotspot2.pps.Policy)5
SubscriptionParameters (com.android.hotspot2.pps.SubscriptionParameters)5
MessageDigest (java.security.MessageDigest)5
X509Certificate (java.security.cert.X509Certificate)5
Date (java.util.Date)5
