Search in sources :

Example 26 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project platform_frameworks_base by android.

the class OSUClient method createHandler.

private HTTPHandler createHandler(Network network, HomeSP homeSP, KeyManager km, int flowType) throws GeneralSecurityException, IOException {
    Credential credential = homeSP.getCredential();
    Log.d(TAG, "Credential method " + credential.getEAPMethod().getEAPMethodID());
    switch(credential.getEAPMethod().getEAPMethodID()) {
        case EAP_TTLS:
            String user;
            byte[] password;
            UpdateInfo subscriptionUpdate;
            if (flowType == OSUManager.FLOW_POLICY) {
                subscriptionUpdate = homeSP.getPolicy() != null ? homeSP.getPolicy().getPolicyUpdate() : null;
            } else {
                subscriptionUpdate = homeSP.getSubscriptionUpdate();
            }
            if (subscriptionUpdate != null && subscriptionUpdate.getUsername() != null) {
                user = subscriptionUpdate.getUsername();
                password = subscriptionUpdate.getPassword() != null ? subscriptionUpdate.getPassword().getBytes(StandardCharsets.UTF_8) : new byte[0];
            } else {
                user = credential.getUserName();
                password = credential.getPassword().getBytes(StandardCharsets.UTF_8);
            }
            return new HTTPHandler(StandardCharsets.UTF_8, OSUSocketFactory.getSocketFactory(mKeyStore, homeSP, flowType, network, mURL, km, true), user, password);
        case EAP_TLS:
            return new HTTPHandler(StandardCharsets.UTF_8, OSUSocketFactory.getSocketFactory(mKeyStore, homeSP, flowType, network, mURL, km, true));
        default:
            throw new IOException("Cannot remediate account with " + credential.getEAPMethod().getEAPMethodID());
    }
}
Also used : Credential(com.android.hotspot2.pps.Credential) IOException(java.io.IOException) UpdateInfo(com.android.hotspot2.pps.UpdateInfo)

Example 27 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by AOSPA.

the class MOManager method buildHomeSPTree.

private static OMANode buildHomeSPTree(HomeSP homeSP, OMAConstructed root, int instanceID) throws IOException {
    OMANode providerSubNode = root.addChild(getInstanceString(instanceID), null, null, null);
    // The HomeSP:
    OMANode homeSpNode = providerSubNode.addChild(TAG_HomeSP, null, null, null);
    if (!homeSP.getSSIDs().isEmpty()) {
        OMAConstructed nwkIDNode = (OMAConstructed) homeSpNode.addChild(TAG_NetworkID, null, null, null);
        int instance = 0;
        for (Map.Entry<String, Long> entry : homeSP.getSSIDs().entrySet()) {
            OMAConstructed inode = (OMAConstructed) nwkIDNode.addChild(getInstanceString(instance++), null, null, null);
            inode.addChild(TAG_SSID, null, entry.getKey(), null);
            if (entry.getValue() != null) {
                inode.addChild(TAG_HESSID, null, String.format("%012x", entry.getValue()), null);
            }
        }
    }
    homeSpNode.addChild(TAG_FriendlyName, null, homeSP.getFriendlyName(), null);
    if (homeSP.getIconURL() != null) {
        homeSpNode.addChild(TAG_IconURL, null, homeSP.getIconURL(), null);
    }
    homeSpNode.addChild(TAG_FQDN, null, homeSP.getFQDN(), null);
    if (!homeSP.getMatchAllOIs().isEmpty() || !homeSP.getMatchAnyOIs().isEmpty()) {
        OMAConstructed homeOIList = (OMAConstructed) homeSpNode.addChild(TAG_HomeOIList, null, null, null);
        int instance = 0;
        for (Long oi : homeSP.getMatchAllOIs()) {
            OMAConstructed inode = (OMAConstructed) homeOIList.addChild(getInstanceString(instance++), null, null, null);
            inode.addChild(TAG_HomeOI, null, String.format("%x", oi), null);
            inode.addChild(TAG_HomeOIRequired, null, "TRUE", null);
        }
        for (Long oi : homeSP.getMatchAnyOIs()) {
            OMAConstructed inode = (OMAConstructed) homeOIList.addChild(getInstanceString(instance++), null, null, null);
            inode.addChild(TAG_HomeOI, null, String.format("%x", oi), null);
            inode.addChild(TAG_HomeOIRequired, null, "FALSE", null);
        }
    }
    if (!homeSP.getOtherHomePartners().isEmpty()) {
        OMAConstructed otherPartners = (OMAConstructed) homeSpNode.addChild(TAG_OtherHomePartners, null, null, null);
        int instance = 0;
        for (String fqdn : homeSP.getOtherHomePartners()) {
            OMAConstructed inode = (OMAConstructed) otherPartners.addChild(getInstanceString(instance++), null, null, null);
            inode.addChild(TAG_FQDN, null, fqdn, null);
        }
    }
    if (!homeSP.getRoamingConsortiums().isEmpty()) {
        homeSpNode.addChild(TAG_RoamingConsortiumOI, null, getRCList(homeSP.getRoamingConsortiums()), null);
    }
    // The Credential:
    OMANode credentialNode = providerSubNode.addChild(TAG_Credential, null, null, null);
    Credential cred = homeSP.getCredential();
    EAPMethod method = cred.getEAPMethod();
    if (cred.getCtime() > 0) {
        credentialNode.addChild(TAG_CreationDate, null, DTFormat.format(new Date(cred.getCtime())), null);
    }
    if (cred.getExpTime() > 0) {
        credentialNode.addChild(TAG_ExpirationDate, null, DTFormat.format(new Date(cred.getExpTime())), null);
    }
    if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_SIM || method.getEAPMethodID() == EAP.EAPMethodID.EAP_AKA || method.getEAPMethodID() == EAP.EAPMethodID.EAP_AKAPrim) {
        OMANode simNode = credentialNode.addChild(TAG_SIM, null, null, null);
        simNode.addChild(TAG_IMSI, null, cred.getImsi().toString(), null);
        simNode.addChild(TAG_EAPType, null, Integer.toString(EAP.mapEAPMethod(method.getEAPMethodID())), null);
    } else if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_TTLS) {
        OMANode unpNode = credentialNode.addChild(TAG_UsernamePassword, null, null, null);
        unpNode.addChild(TAG_Username, null, cred.getUserName(), null);
        unpNode.addChild(TAG_Password, null, Base64.encodeToString(cred.getPassword().getBytes(StandardCharsets.UTF_8), Base64.DEFAULT), null);
        OMANode eapNode = unpNode.addChild(TAG_EAPMethod, null, null, null);
        eapNode.addChild(TAG_EAPType, null, Integer.toString(EAP.mapEAPMethod(method.getEAPMethodID())), null);
        eapNode.addChild(TAG_InnerMethod, null, ((NonEAPInnerAuth) method.getAuthParam()).getOMAtype(), null);
    } else if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_TLS) {
        OMANode certNode = credentialNode.addChild(TAG_DigitalCertificate, null, null, null);
        certNode.addChild(TAG_CertificateType, null, Credential.CertTypeX509, null);
        certNode.addChild(TAG_CertSHA256Fingerprint, null, Utils.toHex(cred.getFingerPrint()), null);
    } else {
        throw new OMAException("Invalid credential on " + homeSP.getFQDN());
    }
    credentialNode.addChild(TAG_Realm, null, cred.getRealm(), null);
    //credentialNode.addChild(TAG_CheckAAAServerCertStatus, null, "TRUE", null);
    return providerSubNode;
}
Also used : Credential(com.android.hotspot2.pps.Credential) HashMap(java.util.HashMap) Map(java.util.Map) ExpandedEAPMethod(com.android.anqp.eap.ExpandedEAPMethod) EAPMethod(com.android.anqp.eap.EAPMethod) Date(java.util.Date) NonEAPInnerAuth(com.android.anqp.eap.NonEAPInnerAuth)

Example 28 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by AOSPA.

the class OSUClient method createHandler.

private HTTPHandler createHandler(Network network, HomeSP homeSP, KeyManager km, int flowType) throws GeneralSecurityException, IOException {
    Credential credential = homeSP.getCredential();
    Log.d(TAG, "Credential method " + credential.getEAPMethod().getEAPMethodID());
    switch(credential.getEAPMethod().getEAPMethodID()) {
        case EAP_TTLS:
            String user;
            byte[] password;
            UpdateInfo subscriptionUpdate;
            if (flowType == OSUManager.FLOW_POLICY) {
                subscriptionUpdate = homeSP.getPolicy() != null ? homeSP.getPolicy().getPolicyUpdate() : null;
            } else {
                subscriptionUpdate = homeSP.getSubscriptionUpdate();
            }
            if (subscriptionUpdate != null && subscriptionUpdate.getUsername() != null) {
                user = subscriptionUpdate.getUsername();
                password = subscriptionUpdate.getPassword() != null ? subscriptionUpdate.getPassword().getBytes(StandardCharsets.UTF_8) : new byte[0];
            } else {
                user = credential.getUserName();
                password = credential.getPassword().getBytes(StandardCharsets.UTF_8);
            }
            return new HTTPHandler(StandardCharsets.UTF_8, OSUSocketFactory.getSocketFactory(mKeyStore, homeSP, flowType, network, mURL, km, true), user, password);
        case EAP_TLS:
            return new HTTPHandler(StandardCharsets.UTF_8, OSUSocketFactory.getSocketFactory(mKeyStore, homeSP, flowType, network, mURL, km, true));
        default:
            throw new IOException("Cannot remediate account with " + credential.getEAPMethod().getEAPMethodID());
    }
}
Also used : Credential(com.android.hotspot2.pps.Credential) IOException(java.io.IOException) UpdateInfo(com.android.hotspot2.pps.UpdateInfo)

Example 29 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by AOSPA.

the class MOManager method buildHomeSP.

private static HomeSP buildHomeSP(OMANode ppsRoot, int updateIdentifier) throws OMAException {
    OMANode spRoot = ppsRoot.getChild(TAG_HomeSP);
    String fqdn = spRoot.getScalarValue(Arrays.asList(TAG_FQDN).iterator());
    String friendlyName = spRoot.getScalarValue(Arrays.asList(TAG_FriendlyName).iterator());
    String iconURL = spRoot.getScalarValue(Arrays.asList(TAG_IconURL).iterator());
    HashSet<Long> roamingConsortiums = new HashSet<>();
    String oiString = spRoot.getScalarValue(Arrays.asList(TAG_RoamingConsortiumOI).iterator());
    if (oiString != null) {
        for (String oi : oiString.split(",")) {
            roamingConsortiums.add(Long.parseLong(oi.trim(), 16));
        }
    }
    Map<String, Long> ssids = new HashMap<>();
    OMANode ssidListNode = spRoot.getListValue(Arrays.asList(TAG_NetworkID).iterator());
    if (ssidListNode != null) {
        for (OMANode ssidRoot : ssidListNode.getChildren()) {
            OMANode hessidNode = ssidRoot.getChild(TAG_HESSID);
            ssids.put(ssidRoot.getChild(TAG_SSID).getValue(), getMac(hessidNode));
        }
    }
    Set<Long> matchAnyOIs = new HashSet<>();
    List<Long> matchAllOIs = new ArrayList<>();
    OMANode homeOIListNode = spRoot.getListValue(Arrays.asList(TAG_HomeOIList).iterator());
    if (homeOIListNode != null) {
        for (OMANode homeOIRoot : homeOIListNode.getChildren()) {
            String homeOI = homeOIRoot.getChild(TAG_HomeOI).getValue();
            if (Boolean.parseBoolean(homeOIRoot.getChild(TAG_HomeOIRequired).getValue())) {
                matchAllOIs.add(Long.parseLong(homeOI, 16));
            } else {
                matchAnyOIs.add(Long.parseLong(homeOI, 16));
            }
        }
    }
    Set<String> otherHomePartners = new HashSet<>();
    OMANode otherListNode = spRoot.getListValue(Arrays.asList(TAG_OtherHomePartners).iterator());
    if (otherListNode != null) {
        for (OMANode fqdnNode : otherListNode.getChildren()) {
            otherHomePartners.add(fqdnNode.getChild(TAG_FQDN).getValue());
        }
    }
    Credential credential = buildCredential(ppsRoot.getChild(TAG_Credential));
    OMANode policyNode = ppsRoot.getChild(TAG_Policy);
    Policy policy = policyNode != null ? new Policy(policyNode) : null;
    Map<String, String> aaaTrustRoots;
    OMANode aaaRootNode = ppsRoot.getChild(TAG_AAAServerTrustRoot);
    if (aaaRootNode == null) {
        aaaTrustRoots = null;
    } else {
        aaaTrustRoots = new HashMap<>(aaaRootNode.getChildren().size());
        for (OMANode child : aaaRootNode.getChildren()) {
            aaaTrustRoots.put(getString(child, TAG_CertURL), getString(child, TAG_CertSHA256Fingerprint));
        }
    }
    OMANode updateNode = ppsRoot.getChild(TAG_SubscriptionUpdate);
    UpdateInfo subscriptionUpdate = updateNode != null ? new UpdateInfo(updateNode) : null;
    OMANode subNode = ppsRoot.getChild(TAG_SubscriptionParameters);
    SubscriptionParameters subscriptionParameters = subNode != null ? new SubscriptionParameters(subNode) : null;
    return new HomeSP(ssids, fqdn, roamingConsortiums, otherHomePartners, matchAnyOIs, matchAllOIs, friendlyName, iconURL, credential, policy, getInteger(ppsRoot.getChild(TAG_CredentialPriority), 0), aaaTrustRoots, subscriptionUpdate, subscriptionParameters, updateIdentifier);
}
Also used : Policy(com.android.hotspot2.pps.Policy) Credential(com.android.hotspot2.pps.Credential) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) HomeSP(com.android.hotspot2.pps.HomeSP) SubscriptionParameters(com.android.hotspot2.pps.SubscriptionParameters) UpdateInfo(com.android.hotspot2.pps.UpdateInfo) HashSet(java.util.HashSet)

Example 30 with Credential

use of android.net.wifi.hotspot2.pps.Credential in project android_frameworks_base by AOSPA.

the class ConfigBuilder method buildTTLSConfig.

// Retain for debugging purposes
/*
    private static void xIterateCerts(KeyStore ks, X509Certificate caCert)
            throws GeneralSecurityException {
        Enumeration<String> aliases = ks.aliases();
        while (aliases.hasMoreElements()) {
            String alias = aliases.nextElement();
            Certificate cert = ks.getCertificate(alias);
            Log.d("HS2J", "Checking " + alias);
            if (cert instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) cert;
                boolean sm = x509Certificate.getSubjectX500Principal().equals(
                        caCert.getSubjectX500Principal());
                boolean eq = false;
                if (sm) {
                    eq = Arrays.equals(x509Certificate.getEncoded(), caCert.getEncoded());
                }
                Log.d("HS2J", "Subject: " + x509Certificate.getSubjectX500Principal() +
                        ": " + sm + "/" + eq);
            }
        }
    }
    */
private static WifiConfiguration buildTTLSConfig(HomeSP homeSP) throws IOException {
    Credential credential = homeSP.getCredential();
    if (credential.getUserName() == null || credential.getPassword() == null) {
        throw new IOException("EAP-TTLS provisioned without user name or password");
    }
    EAPMethod eapMethod = credential.getEAPMethod();
    AuthParam authParam = eapMethod.getAuthParam();
    if (authParam == null || authParam.getAuthInfoID() != EAP.AuthInfoID.NonEAPInnerAuthType) {
        throw new IOException("Bad auth parameter for EAP-TTLS: " + authParam);
    }
    WifiConfiguration config = buildBaseConfiguration(homeSP);
    NonEAPInnerAuth ttlsParam = (NonEAPInnerAuth) authParam;
    WifiEnterpriseConfig enterpriseConfig = config.enterpriseConfig;
    enterpriseConfig.setPhase2Method(remapInnerMethod(ttlsParam.getType()));
    enterpriseConfig.setIdentity(credential.getUserName());
    enterpriseConfig.setPassword(credential.getPassword());
    return config;
}
Also used : WifiEnterpriseConfig(android.net.wifi.WifiEnterpriseConfig) Credential(com.android.hotspot2.pps.Credential) WifiConfiguration(android.net.wifi.WifiConfiguration) IOException(java.io.IOException) AuthParam(com.android.anqp.eap.AuthParam) EAPMethod(com.android.anqp.eap.EAPMethod) NonEAPInnerAuth(com.android.anqp.eap.NonEAPInnerAuth)

Aggregations

Credential (com.android.hotspot2.pps.Credential)40 IOException (java.io.IOException)25 WifiConfiguration (android.net.wifi.WifiConfiguration)20 WifiEnterpriseConfig (android.net.wifi.WifiEnterpriseConfig)15 EAPMethod (com.android.anqp.eap.EAPMethod)15 NonEAPInnerAuth (com.android.anqp.eap.NonEAPInnerAuth)15 HashMap (java.util.HashMap)11 EAP (com.android.anqp.eap.EAP)10 ExpandedEAPMethod (com.android.anqp.eap.ExpandedEAPMethod)10 IMSIParameter (com.android.hotspot2.IMSIParameter)10 UpdateInfo (com.android.hotspot2.pps.UpdateInfo)10 ArrayList (java.util.ArrayList)6 AuthParam (com.android.anqp.eap.AuthParam)5 InnerAuthEAP (com.android.anqp.eap.InnerAuthEAP)5 HomeSP (com.android.hotspot2.pps.HomeSP)5 Policy (com.android.hotspot2.pps.Policy)5 SubscriptionParameters (com.android.hotspot2.pps.SubscriptionParameters)5 MessageDigest (java.security.MessageDigest)5 X509Certificate (java.security.cert.X509Certificate)5 Date (java.util.Date)5