Examples with Credential android.net.wifi.hotspot2.pps.Credential used on opensource projects

Example 16 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by crdroidandroid.

the class MOManager method buildHomeSP.

private static HomeSP buildHomeSP(OMANode ppsRoot, int updateIdentifier) throws OMAException {
    OMANode spRoot = ppsRoot.getChild(TAG_HomeSP);
    String fqdn = spRoot.getScalarValue(Arrays.asList(TAG_FQDN).iterator());
    String friendlyName = spRoot.getScalarValue(Arrays.asList(TAG_FriendlyName).iterator());
    String iconURL = spRoot.getScalarValue(Arrays.asList(TAG_IconURL).iterator());
    HashSet<Long> roamingConsortiums = new HashSet<>();
    String oiString = spRoot.getScalarValue(Arrays.asList(TAG_RoamingConsortiumOI).iterator());
    if (oiString != null) {
        for (String oi : oiString.split(",")) {
            roamingConsortiums.add(Long.parseLong(oi.trim(), 16));
        }
    }
    Map<String, Long> ssids = new HashMap<>();
    OMANode ssidListNode = spRoot.getListValue(Arrays.asList(TAG_NetworkID).iterator());
    if (ssidListNode != null) {
        for (OMANode ssidRoot : ssidListNode.getChildren()) {
            OMANode hessidNode = ssidRoot.getChild(TAG_HESSID);
            ssids.put(ssidRoot.getChild(TAG_SSID).getValue(), getMac(hessidNode));
        }
    }
    Set<Long> matchAnyOIs = new HashSet<>();
    List<Long> matchAllOIs = new ArrayList<>();
    OMANode homeOIListNode = spRoot.getListValue(Arrays.asList(TAG_HomeOIList).iterator());
    if (homeOIListNode != null) {
        for (OMANode homeOIRoot : homeOIListNode.getChildren()) {
            String homeOI = homeOIRoot.getChild(TAG_HomeOI).getValue();
            if (Boolean.parseBoolean(homeOIRoot.getChild(TAG_HomeOIRequired).getValue())) {
                matchAllOIs.add(Long.parseLong(homeOI, 16));
            } else {
                matchAnyOIs.add(Long.parseLong(homeOI, 16));
            }
        }
    }
    Set<String> otherHomePartners = new HashSet<>();
    OMANode otherListNode = spRoot.getListValue(Arrays.asList(TAG_OtherHomePartners).iterator());
    if (otherListNode != null) {
        for (OMANode fqdnNode : otherListNode.getChildren()) {
            otherHomePartners.add(fqdnNode.getChild(TAG_FQDN).getValue());
        }
    }
    Credential credential = buildCredential(ppsRoot.getChild(TAG_Credential));
    OMANode policyNode = ppsRoot.getChild(TAG_Policy);
    Policy policy = policyNode != null ? new Policy(policyNode) : null;
    Map<String, String> aaaTrustRoots;
    OMANode aaaRootNode = ppsRoot.getChild(TAG_AAAServerTrustRoot);
    if (aaaRootNode == null) {
        aaaTrustRoots = null;
    } else {
        aaaTrustRoots = new HashMap<>(aaaRootNode.getChildren().size());
        for (OMANode child : aaaRootNode.getChildren()) {
            aaaTrustRoots.put(getString(child, TAG_CertURL), getString(child, TAG_CertSHA256Fingerprint));
        }
    }
    OMANode updateNode = ppsRoot.getChild(TAG_SubscriptionUpdate);
    UpdateInfo subscriptionUpdate = updateNode != null ? new UpdateInfo(updateNode) : null;
    OMANode subNode = ppsRoot.getChild(TAG_SubscriptionParameters);
    SubscriptionParameters subscriptionParameters = subNode != null ? new SubscriptionParameters(subNode) : null;
    return new HomeSP(ssids, fqdn, roamingConsortiums, otherHomePartners, matchAnyOIs, matchAllOIs, friendlyName, iconURL, credential, policy, getInteger(ppsRoot.getChild(TAG_CredentialPriority), 0), aaaTrustRoots, subscriptionUpdate, subscriptionParameters, updateIdentifier);
}

Example 17 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by crdroidandroid.

the class MOManager method buildCredential.

private static Credential buildCredential(OMANode credNode) throws OMAException {
    long ctime = getTime(credNode.getChild(TAG_CreationDate));
    long expTime = getTime(credNode.getChild(TAG_ExpirationDate));
    String realm = getString(credNode.getChild(TAG_Realm));
    boolean checkAAACert = getBoolean(credNode.getChild(TAG_CheckAAAServerCertStatus));
    OMANode unNode = credNode.getChild(TAG_UsernamePassword);
    OMANode certNode = credNode.getChild(TAG_DigitalCertificate);
    OMANode simNode = credNode.getChild(TAG_SIM);
    int alternatives = 0;
    alternatives += unNode != null ? 1 : 0;
    alternatives += certNode != null ? 1 : 0;
    alternatives += simNode != null ? 1 : 0;
    if (alternatives != 1) {
        throw new OMAException("Expected exactly one credential type, got " + alternatives);
    }
    if (unNode != null) {
        String userName = getString(unNode.getChild(TAG_Username));
        String password = getString(unNode.getChild(TAG_Password));
        boolean machineManaged = getBoolean(unNode.getChild(TAG_MachineManaged));
        String softTokenApp = getString(unNode.getChild(TAG_SoftTokenApp));
        boolean ableToShare = getBoolean(unNode.getChild(TAG_AbleToShare));
        OMANode eapMethodNode = unNode.getChild(TAG_EAPMethod);
        int eapID = getInteger(eapMethodNode.getChild(TAG_EAPType));
        EAP.EAPMethodID eapMethodID = EAP.mapEAPMethod(eapID);
        if (eapMethodID == null) {
            throw new OMAException("Unknown EAP method: " + eapID);
        }
        Long vid = getOptionalInteger(eapMethodNode.getChild(TAG_VendorId));
        Long vtype = getOptionalInteger(eapMethodNode.getChild(TAG_VendorType));
        Long innerEAPType = getOptionalInteger(eapMethodNode.getChild(TAG_InnerEAPType));
        EAP.EAPMethodID innerEAPMethod = null;
        if (innerEAPType != null) {
            innerEAPMethod = EAP.mapEAPMethod(innerEAPType.intValue());
            if (innerEAPMethod == null) {
                throw new OMAException("Bad inner EAP method: " + innerEAPType);
            }
        }
        Long innerVid = getOptionalInteger(eapMethodNode.getChild(TAG_InnerVendorID));
        Long innerVtype = getOptionalInteger(eapMethodNode.getChild(TAG_InnerVendorType));
        String innerNonEAPMethod = getString(eapMethodNode.getChild(TAG_InnerMethod));
        EAPMethod eapMethod;
        if (innerEAPMethod != null) {
            eapMethod = new EAPMethod(eapMethodID, new InnerAuthEAP(innerEAPMethod));
        } else if (vid != null) {
            eapMethod = new EAPMethod(eapMethodID, new ExpandedEAPMethod(EAP.AuthInfoID.ExpandedEAPMethod, vid.intValue(), vtype));
        } else if (innerVid != null) {
            eapMethod = new EAPMethod(eapMethodID, new ExpandedEAPMethod(EAP.AuthInfoID.ExpandedInnerEAPMethod, innerVid.intValue(), innerVtype));
        } else if (innerNonEAPMethod != null) {
            eapMethod = new EAPMethod(eapMethodID, new NonEAPInnerAuth(innerNonEAPMethod));
        } else {
            throw new OMAException("Incomplete set of EAP parameters");
        }
        return new Credential(ctime, expTime, realm, checkAAACert, eapMethod, userName, password, machineManaged, softTokenApp, ableToShare);
    }
    if (certNode != null) {
        try {
            String certTypeString = getString(certNode.getChild(TAG_CertificateType));
            byte[] fingerPrint = getOctets(certNode.getChild(TAG_CertSHA256Fingerprint));
            EAPMethod eapMethod = new EAPMethod(EAP.EAPMethodID.EAP_TLS, null);
            return new Credential(ctime, expTime, realm, checkAAACert, eapMethod, Credential.mapCertType(certTypeString), fingerPrint);
        } catch (NumberFormatException nfe) {
            throw new OMAException("Bad hex string: " + nfe.toString());
        }
    }
    if (simNode != null) {
        try {
            IMSIParameter imsi = new IMSIParameter(getString(simNode.getChild(TAG_IMSI)));
            EAPMethod eapMethod = new EAPMethod(EAP.mapEAPMethod(getInteger(simNode.getChild(TAG_EAPType))), null);
            return new Credential(ctime, expTime, realm, checkAAACert, eapMethod, imsi);
        } catch (IOException ioe) {
            throw new OMAException("Failed to parse IMSI: " + ioe);
        }
    }
    throw new OMAException("Missing credential parameters");
}

Example 18 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by AOSPA.

the class ConfigBuilder method buildConfig.

public static WifiConfiguration buildConfig(HomeSP homeSP, X509Certificate caCert, List<X509Certificate> clientChain, PrivateKey key) throws IOException, GeneralSecurityException {
    Credential credential = homeSP.getCredential();
    WifiConfiguration config;
    EAP.EAPMethodID eapMethodID = credential.getEAPMethod().getEAPMethodID();
    switch(eapMethodID) {
        case EAP_TTLS:
            if (key != null || clientChain != null) {
                Log.w(TAG, "Client cert and/or key included with EAP-TTLS profile");
            }
            config = buildTTLSConfig(homeSP);
            break;
        case EAP_TLS:
            config = buildTLSConfig(homeSP, clientChain, key);
            break;
        case EAP_AKA:
        case EAP_AKAPrim:
        case EAP_SIM:
            if (key != null || clientChain != null || caCert != null) {
                Log.i(TAG, "Client/CA cert and/or key included with " + eapMethodID + " profile");
            }
            config = buildSIMConfig(homeSP);
            break;
        default:
            throw new IOException("Unsupported EAP Method: " + eapMethodID);
    }
    WifiEnterpriseConfig enterpriseConfig = config.enterpriseConfig;
    enterpriseConfig.setCaCertificate(caCert);
    enterpriseConfig.setAnonymousIdentity("anonymous@" + credential.getRealm());
    return config;
}

Example 19 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by AOSPA.

the class ConfigBuilder method buildSIMConfig.

private static WifiConfiguration buildSIMConfig(HomeSP homeSP) throws IOException {
    Credential credential = homeSP.getCredential();
    IMSIParameter credImsi = credential.getImsi();
    /*
         * Uncomment to enforce strict IMSI matching with currently installed SIM cards.
         *
        TelephonyManager tm = TelephonyManager.from(context);
        SubscriptionManager sub = SubscriptionManager.from(context);
        boolean match = false;

        for (int subId : sub.getActiveSubscriptionIdList()) {
            String imsi = tm.getSubscriberId(subId);
            if (credImsi.matches(imsi)) {
                match = true;
                break;
            }
        }
        if (!match) {
            throw new IOException("Supplied IMSI does not match any SIM card");
        }
        */
    WifiConfiguration config = buildBaseConfiguration(homeSP);
    config.enterpriseConfig.setPlmn(credImsi.toString());
    return config;
}

Example 20 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project platform_frameworks_base by android.

the class PpsMoParserTest method generateConfigurationFromPPSMOTree.

/**
     * Generate a {@link PasspointConfiguration} that matches the configuration specified in the
     * XML file {@link #VALID_PPS_MO_XML_FILE}.
     *
     * @return {@link PasspointConfiguration}
     */
private PasspointConfiguration generateConfigurationFromPPSMOTree() throws Exception {
    DateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
    byte[] certFingerprint = new byte[32];
    Arrays.fill(certFingerprint, (byte) 0x1f);
    PasspointConfiguration config = new PasspointConfiguration();
    config.setUpdateIdentifier(12);
    config.setCredentialPriority(99);
    // AAA Server trust root.
    Map<String, byte[]> trustRootCertList = new HashMap<>();
    trustRootCertList.put("server1.trust.root.com", certFingerprint);
    config.setTrustRootCertList(trustRootCertList);
    // Subscription update.
    UpdateParameter subscriptionUpdate = new UpdateParameter();
    subscriptionUpdate.setUpdateIntervalInMinutes(120);
    subscriptionUpdate.setUpdateMethod(UpdateParameter.UPDATE_METHOD_SSP);
    subscriptionUpdate.setRestriction(UpdateParameter.UPDATE_RESTRICTION_ROAMING_PARTNER);
    subscriptionUpdate.setServerUri("subscription.update.com");
    subscriptionUpdate.setUsername("subscriptionUser");
    subscriptionUpdate.setBase64EncodedPassword("subscriptionPass");
    subscriptionUpdate.setTrustRootCertUrl("subscription.update.cert.com");
    subscriptionUpdate.setTrustRootCertSha256Fingerprint(certFingerprint);
    config.setSubscriptionUpdate(subscriptionUpdate);
    // Subscription parameters.
    config.setSubscriptionCreationTimeInMs(format.parse("2016-02-01T10:00:00Z").getTime());
    config.setSubscriptionExpirationTimeInMs(format.parse("2016-03-01T10:00:00Z").getTime());
    config.setSubscriptionType("Gold");
    config.setUsageLimitDataLimit(921890);
    config.setUsageLimitStartTimeInMs(format.parse("2016-12-01T10:00:00Z").getTime());
    config.setUsageLimitTimeLimitInMinutes(120);
    config.setUsageLimitUsageTimePeriodInMinutes(99910);
    // HomeSP configuration.
    HomeSp homeSp = new HomeSp();
    homeSp.setFriendlyName("Century House");
    homeSp.setFqdn("mi6.co.uk");
    homeSp.setRoamingConsortiumOis(new long[] { 0x112233L, 0x445566L });
    homeSp.setIconUrl("icon.test.com");
    Map<String, Long> homeNetworkIds = new HashMap<>();
    homeNetworkIds.put("TestSSID", 0x12345678L);
    homeNetworkIds.put("NullHESSID", null);
    homeSp.setHomeNetworkIds(homeNetworkIds);
    homeSp.setMatchAllOis(new long[] { 0x11223344 });
    homeSp.setMatchAnyOis(new long[] { 0x55667788 });
    homeSp.setOtherHomePartners(new String[] { "other.fqdn.com" });
    config.setHomeSp(homeSp);
    // Credential configuration.
    Credential credential = new Credential();
    credential.setCreationTimeInMs(format.parse("2016-01-01T10:00:00Z").getTime());
    credential.setExpirationTimeInMs(format.parse("2016-02-01T10:00:00Z").getTime());
    credential.setRealm("shaken.stirred.com");
    credential.setCheckAaaServerCertStatus(true);
    Credential.UserCredential userCredential = new Credential.UserCredential();
    userCredential.setUsername("james");
    userCredential.setPassword("Ym9uZDAwNw==");
    userCredential.setMachineManaged(true);
    userCredential.setSoftTokenApp("TestApp");
    userCredential.setAbleToShare(true);
    userCredential.setEapType(21);
    userCredential.setNonEapInnerMethod("MS-CHAP-V2");
    credential.setUserCredential(userCredential);
    Credential.CertificateCredential certCredential = new Credential.CertificateCredential();
    certCredential.setCertType("x509v3");
    certCredential.setCertSha256Fingerprint(certFingerprint);
    credential.setCertCredential(certCredential);
    Credential.SimCredential simCredential = new Credential.SimCredential();
    simCredential.setImsi("imsi");
    simCredential.setEapType(24);
    credential.setSimCredential(simCredential);
    config.setCredential(credential);
    // Policy configuration.
    Policy policy = new Policy();
    List<Policy.RoamingPartner> preferredRoamingPartnerList = new ArrayList<>();
    Policy.RoamingPartner partner1 = new Policy.RoamingPartner();
    partner1.setFqdn("test1.fqdn.com");
    partner1.setFqdnExactMatch(true);
    partner1.setPriority(127);
    partner1.setCountries("us,fr");
    Policy.RoamingPartner partner2 = new Policy.RoamingPartner();
    partner2.setFqdn("test2.fqdn.com");
    partner2.setFqdnExactMatch(false);
    partner2.setPriority(200);
    partner2.setCountries("*");
    preferredRoamingPartnerList.add(partner1);
    preferredRoamingPartnerList.add(partner2);
    policy.setPreferredRoamingPartnerList(preferredRoamingPartnerList);
    policy.setMinHomeDownlinkBandwidth(23412);
    policy.setMinHomeUplinkBandwidth(9823);
    policy.setMinRoamingDownlinkBandwidth(9271);
    policy.setMinRoamingUplinkBandwidth(2315);
    policy.setExcludedSsidList(new String[] { "excludeSSID" });
    Map<Integer, String> requiredProtoPortMap = new HashMap<>();
    requiredProtoPortMap.put(12, "34,92,234");
    policy.setRequiredProtoPortMap(requiredProtoPortMap);
    policy.setMaximumBssLoadValue(23);
    UpdateParameter policyUpdate = new UpdateParameter();
    policyUpdate.setUpdateIntervalInMinutes(120);
    policyUpdate.setUpdateMethod(UpdateParameter.UPDATE_METHOD_OMADM);
    policyUpdate.setRestriction(UpdateParameter.UPDATE_RESTRICTION_HOMESP);
    policyUpdate.setServerUri("policy.update.com");
    policyUpdate.setUsername("updateUser");
    policyUpdate.setBase64EncodedPassword("updatePass");
    policyUpdate.setTrustRootCertUrl("update.cert.com");
    policyUpdate.setTrustRootCertSha256Fingerprint(certFingerprint);
    policy.setPolicyUpdate(policyUpdate);
    config.setPolicy(policy);
    return config;
}