Search in sources :

Example 1 with Credential

use of com.android.hotspot2.pps.Credential in project platform_frameworks_base by android.

the class MOManager method buildHomeSP.

private static HomeSP buildHomeSP(OMANode ppsRoot, int updateIdentifier) throws OMAException {
    OMANode spRoot = ppsRoot.getChild(TAG_HomeSP);
    String fqdn = spRoot.getScalarValue(Arrays.asList(TAG_FQDN).iterator());
    String friendlyName = spRoot.getScalarValue(Arrays.asList(TAG_FriendlyName).iterator());
    String iconURL = spRoot.getScalarValue(Arrays.asList(TAG_IconURL).iterator());
    HashSet<Long> roamingConsortiums = new HashSet<>();
    String oiString = spRoot.getScalarValue(Arrays.asList(TAG_RoamingConsortiumOI).iterator());
    if (oiString != null) {
        for (String oi : oiString.split(",")) {
            roamingConsortiums.add(Long.parseLong(oi.trim(), 16));
        }
    }
    Map<String, Long> ssids = new HashMap<>();
    OMANode ssidListNode = spRoot.getListValue(Arrays.asList(TAG_NetworkID).iterator());
    if (ssidListNode != null) {
        for (OMANode ssidRoot : ssidListNode.getChildren()) {
            OMANode hessidNode = ssidRoot.getChild(TAG_HESSID);
            ssids.put(ssidRoot.getChild(TAG_SSID).getValue(), getMac(hessidNode));
        }
    }
    Set<Long> matchAnyOIs = new HashSet<>();
    List<Long> matchAllOIs = new ArrayList<>();
    OMANode homeOIListNode = spRoot.getListValue(Arrays.asList(TAG_HomeOIList).iterator());
    if (homeOIListNode != null) {
        for (OMANode homeOIRoot : homeOIListNode.getChildren()) {
            String homeOI = homeOIRoot.getChild(TAG_HomeOI).getValue();
            if (Boolean.parseBoolean(homeOIRoot.getChild(TAG_HomeOIRequired).getValue())) {
                matchAllOIs.add(Long.parseLong(homeOI, 16));
            } else {
                matchAnyOIs.add(Long.parseLong(homeOI, 16));
            }
        }
    }
    Set<String> otherHomePartners = new HashSet<>();
    OMANode otherListNode = spRoot.getListValue(Arrays.asList(TAG_OtherHomePartners).iterator());
    if (otherListNode != null) {
        for (OMANode fqdnNode : otherListNode.getChildren()) {
            otherHomePartners.add(fqdnNode.getChild(TAG_FQDN).getValue());
        }
    }
    Credential credential = buildCredential(ppsRoot.getChild(TAG_Credential));
    OMANode policyNode = ppsRoot.getChild(TAG_Policy);
    Policy policy = policyNode != null ? new Policy(policyNode) : null;
    Map<String, String> aaaTrustRoots;
    OMANode aaaRootNode = ppsRoot.getChild(TAG_AAAServerTrustRoot);
    if (aaaRootNode == null) {
        aaaTrustRoots = null;
    } else {
        aaaTrustRoots = new HashMap<>(aaaRootNode.getChildren().size());
        for (OMANode child : aaaRootNode.getChildren()) {
            aaaTrustRoots.put(getString(child, TAG_CertURL), getString(child, TAG_CertSHA256Fingerprint));
        }
    }
    OMANode updateNode = ppsRoot.getChild(TAG_SubscriptionUpdate);
    UpdateInfo subscriptionUpdate = updateNode != null ? new UpdateInfo(updateNode) : null;
    OMANode subNode = ppsRoot.getChild(TAG_SubscriptionParameters);
    SubscriptionParameters subscriptionParameters = subNode != null ? new SubscriptionParameters(subNode) : null;
    return new HomeSP(ssids, fqdn, roamingConsortiums, otherHomePartners, matchAnyOIs, matchAllOIs, friendlyName, iconURL, credential, policy, getInteger(ppsRoot.getChild(TAG_CredentialPriority), 0), aaaTrustRoots, subscriptionUpdate, subscriptionParameters, updateIdentifier);
}
Also used : Policy(com.android.hotspot2.pps.Policy) Credential(com.android.hotspot2.pps.Credential) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) HomeSP(com.android.hotspot2.pps.HomeSP) SubscriptionParameters(com.android.hotspot2.pps.SubscriptionParameters) UpdateInfo(com.android.hotspot2.pps.UpdateInfo) HashSet(java.util.HashSet)

Example 2 with Credential

use of com.android.hotspot2.pps.Credential in project platform_frameworks_base by android.

the class MOManager method modifySP.

public HomeSP modifySP(HomeSP homeSP, Collection<MOData> mods, OSUManager osuManager) throws IOException {
    Log.d(OSUManager.TAG, "modifying SP: " + mods);
    MOTree moTree;
    int ppsMods = 0;
    int updateIdentifier = 0;
    try (BufferedInputStream in = new BufferedInputStream(new FileInputStream(mPpsFile))) {
        moTree = MOTree.unmarshal(in);
        // moTree is PPS/?/provider-data
        OMAConstructed targetTree = findTargetTree(moTree, homeSP.getFQDN());
        if (targetTree == null) {
            throw new IOException("Failed to find PPS tree for " + homeSP.getFQDN());
        }
        OMAConstructed instance = getInstanceNode(targetTree);
        for (MOData mod : mods) {
            LinkedList<String> tailPath = getTailPath(mod.getBaseURI(), TAG_PerProviderSubscription);
            OMAConstructed modRoot = mod.getMOTree().getRoot();
            if (tailPath.getFirst().equals(TAG_UpdateIdentifier)) {
                updateIdentifier = getInteger(modRoot.getChildren().iterator().next());
                OMANode oldUdi = targetTree.getChild(TAG_UpdateIdentifier);
                if (getInteger(oldUdi) != updateIdentifier) {
                    ppsMods++;
                }
                if (oldUdi != null) {
                    targetTree.replaceNode(oldUdi, modRoot.getChild(TAG_UpdateIdentifier));
                } else {
                    targetTree.addChild(modRoot.getChild(TAG_UpdateIdentifier));
                }
            } else {
                // Drop the instance
                tailPath.removeFirst();
                OMANode current = instance.getListValue(tailPath.iterator());
                if (current == null) {
                    throw new IOException("No previous node for " + tailPath + " in " + homeSP.getFQDN());
                }
                for (OMANode newNode : modRoot.getChildren()) {
                    // newNode is something like Credential
                    // current is the same existing node
                    OMANode old = current.getParent().replaceNode(current, newNode);
                    ppsMods++;
                }
            }
        }
    }
    writeMO(moTree, mPpsFile, osuManager);
    if (ppsMods == 0) {
        // HomeSP not modified.
        return null;
    }
    // Return a new rebuilt HomeSP
    List<HomeSP> sps = buildSPs(moTree);
    if (sps != null) {
        for (HomeSP sp : sps) {
            if (sp.getFQDN().equals(homeSP.getFQDN())) {
                return sp;
            }
        }
    } else {
        throw new OMAException("Failed to build HomeSP");
    }
    return null;
}
Also used : IOException(java.io.IOException) FileInputStream(java.io.FileInputStream) HomeSP(com.android.hotspot2.pps.HomeSP) MOData(com.android.hotspot2.osu.commands.MOData) BufferedInputStream(java.io.BufferedInputStream)

Example 3 with Credential

use of com.android.hotspot2.pps.Credential in project platform_frameworks_base by android.

the class MOManager method buildHomeSPTree.

private static OMANode buildHomeSPTree(HomeSP homeSP, OMAConstructed root, int instanceID) throws IOException {
    OMANode providerSubNode = root.addChild(getInstanceString(instanceID), null, null, null);
    // The HomeSP:
    OMANode homeSpNode = providerSubNode.addChild(TAG_HomeSP, null, null, null);
    if (!homeSP.getSSIDs().isEmpty()) {
        OMAConstructed nwkIDNode = (OMAConstructed) homeSpNode.addChild(TAG_NetworkID, null, null, null);
        int instance = 0;
        for (Map.Entry<String, Long> entry : homeSP.getSSIDs().entrySet()) {
            OMAConstructed inode = (OMAConstructed) nwkIDNode.addChild(getInstanceString(instance++), null, null, null);
            inode.addChild(TAG_SSID, null, entry.getKey(), null);
            if (entry.getValue() != null) {
                inode.addChild(TAG_HESSID, null, String.format("%012x", entry.getValue()), null);
            }
        }
    }
    homeSpNode.addChild(TAG_FriendlyName, null, homeSP.getFriendlyName(), null);
    if (homeSP.getIconURL() != null) {
        homeSpNode.addChild(TAG_IconURL, null, homeSP.getIconURL(), null);
    }
    homeSpNode.addChild(TAG_FQDN, null, homeSP.getFQDN(), null);
    if (!homeSP.getMatchAllOIs().isEmpty() || !homeSP.getMatchAnyOIs().isEmpty()) {
        OMAConstructed homeOIList = (OMAConstructed) homeSpNode.addChild(TAG_HomeOIList, null, null, null);
        int instance = 0;
        for (Long oi : homeSP.getMatchAllOIs()) {
            OMAConstructed inode = (OMAConstructed) homeOIList.addChild(getInstanceString(instance++), null, null, null);
            inode.addChild(TAG_HomeOI, null, String.format("%x", oi), null);
            inode.addChild(TAG_HomeOIRequired, null, "TRUE", null);
        }
        for (Long oi : homeSP.getMatchAnyOIs()) {
            OMAConstructed inode = (OMAConstructed) homeOIList.addChild(getInstanceString(instance++), null, null, null);
            inode.addChild(TAG_HomeOI, null, String.format("%x", oi), null);
            inode.addChild(TAG_HomeOIRequired, null, "FALSE", null);
        }
    }
    if (!homeSP.getOtherHomePartners().isEmpty()) {
        OMAConstructed otherPartners = (OMAConstructed) homeSpNode.addChild(TAG_OtherHomePartners, null, null, null);
        int instance = 0;
        for (String fqdn : homeSP.getOtherHomePartners()) {
            OMAConstructed inode = (OMAConstructed) otherPartners.addChild(getInstanceString(instance++), null, null, null);
            inode.addChild(TAG_FQDN, null, fqdn, null);
        }
    }
    if (!homeSP.getRoamingConsortiums().isEmpty()) {
        homeSpNode.addChild(TAG_RoamingConsortiumOI, null, getRCList(homeSP.getRoamingConsortiums()), null);
    }
    // The Credential:
    OMANode credentialNode = providerSubNode.addChild(TAG_Credential, null, null, null);
    Credential cred = homeSP.getCredential();
    EAPMethod method = cred.getEAPMethod();
    if (cred.getCtime() > 0) {
        credentialNode.addChild(TAG_CreationDate, null, DTFormat.format(new Date(cred.getCtime())), null);
    }
    if (cred.getExpTime() > 0) {
        credentialNode.addChild(TAG_ExpirationDate, null, DTFormat.format(new Date(cred.getExpTime())), null);
    }
    if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_SIM || method.getEAPMethodID() == EAP.EAPMethodID.EAP_AKA || method.getEAPMethodID() == EAP.EAPMethodID.EAP_AKAPrim) {
        OMANode simNode = credentialNode.addChild(TAG_SIM, null, null, null);
        simNode.addChild(TAG_IMSI, null, cred.getImsi().toString(), null);
        simNode.addChild(TAG_EAPType, null, Integer.toString(EAP.mapEAPMethod(method.getEAPMethodID())), null);
    } else if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_TTLS) {
        OMANode unpNode = credentialNode.addChild(TAG_UsernamePassword, null, null, null);
        unpNode.addChild(TAG_Username, null, cred.getUserName(), null);
        unpNode.addChild(TAG_Password, null, Base64.encodeToString(cred.getPassword().getBytes(StandardCharsets.UTF_8), Base64.DEFAULT), null);
        OMANode eapNode = unpNode.addChild(TAG_EAPMethod, null, null, null);
        eapNode.addChild(TAG_EAPType, null, Integer.toString(EAP.mapEAPMethod(method.getEAPMethodID())), null);
        eapNode.addChild(TAG_InnerMethod, null, ((NonEAPInnerAuth) method.getAuthParam()).getOMAtype(), null);
    } else if (method.getEAPMethodID() == EAP.EAPMethodID.EAP_TLS) {
        OMANode certNode = credentialNode.addChild(TAG_DigitalCertificate, null, null, null);
        certNode.addChild(TAG_CertificateType, null, Credential.CertTypeX509, null);
        certNode.addChild(TAG_CertSHA256Fingerprint, null, Utils.toHex(cred.getFingerPrint()), null);
    } else {
        throw new OMAException("Invalid credential on " + homeSP.getFQDN());
    }
    credentialNode.addChild(TAG_Realm, null, cred.getRealm(), null);
    //credentialNode.addChild(TAG_CheckAAAServerCertStatus, null, "TRUE", null);
    return providerSubNode;
}
Also used : Credential(com.android.hotspot2.pps.Credential) HashMap(java.util.HashMap) Map(java.util.Map) ExpandedEAPMethod(com.android.anqp.eap.ExpandedEAPMethod) EAPMethod(com.android.anqp.eap.EAPMethod) Date(java.util.Date) NonEAPInnerAuth(com.android.anqp.eap.NonEAPInnerAuth)

Example 4 with Credential

use of com.android.hotspot2.pps.Credential in project platform_frameworks_base by android.

the class ConfigBuilder method buildTTLSConfig.

// Retain for debugging purposes
/*
    private static void xIterateCerts(KeyStore ks, X509Certificate caCert)
            throws GeneralSecurityException {
        Enumeration<String> aliases = ks.aliases();
        while (aliases.hasMoreElements()) {
            String alias = aliases.nextElement();
            Certificate cert = ks.getCertificate(alias);
            Log.d("HS2J", "Checking " + alias);
            if (cert instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) cert;
                boolean sm = x509Certificate.getSubjectX500Principal().equals(
                        caCert.getSubjectX500Principal());
                boolean eq = false;
                if (sm) {
                    eq = Arrays.equals(x509Certificate.getEncoded(), caCert.getEncoded());
                }
                Log.d("HS2J", "Subject: " + x509Certificate.getSubjectX500Principal() +
                        ": " + sm + "/" + eq);
            }
        }
    }
    */
private static WifiConfiguration buildTTLSConfig(HomeSP homeSP) throws IOException {
    Credential credential = homeSP.getCredential();
    if (credential.getUserName() == null || credential.getPassword() == null) {
        throw new IOException("EAP-TTLS provisioned without user name or password");
    }
    EAPMethod eapMethod = credential.getEAPMethod();
    AuthParam authParam = eapMethod.getAuthParam();
    if (authParam == null || authParam.getAuthInfoID() != EAP.AuthInfoID.NonEAPInnerAuthType) {
        throw new IOException("Bad auth parameter for EAP-TTLS: " + authParam);
    }
    WifiConfiguration config = buildBaseConfiguration(homeSP);
    NonEAPInnerAuth ttlsParam = (NonEAPInnerAuth) authParam;
    WifiEnterpriseConfig enterpriseConfig = config.enterpriseConfig;
    enterpriseConfig.setPhase2Method(remapInnerMethod(ttlsParam.getType()));
    enterpriseConfig.setIdentity(credential.getUserName());
    enterpriseConfig.setPassword(credential.getPassword());
    return config;
}
Also used : WifiEnterpriseConfig(android.net.wifi.WifiEnterpriseConfig) Credential(com.android.hotspot2.pps.Credential) WifiConfiguration(android.net.wifi.WifiConfiguration) IOException(java.io.IOException) AuthParam(com.android.anqp.eap.AuthParam) EAPMethod(com.android.anqp.eap.EAPMethod) NonEAPInnerAuth(com.android.anqp.eap.NonEAPInnerAuth)

Example 5 with Credential

use of com.android.hotspot2.pps.Credential in project platform_frameworks_base by android.

the class ConfigParserTest method generateConfigurationFromProfile.

/**
     * Generate a {@link PasspointConfiguration} that matches the configuration specified in the
     * XML file {@link #PASSPOINT_INSTALLATION_FILE_WITH_CA_CERT}.
     *
     * @return {@link PasspointConfiguration}
     */
private PasspointConfiguration generateConfigurationFromProfile() {
    PasspointConfiguration config = new PasspointConfiguration();
    // HomeSP configuration.
    HomeSp homeSp = new HomeSp();
    homeSp.setFriendlyName("Century House");
    homeSp.setFqdn("mi6.co.uk");
    homeSp.setRoamingConsortiumOis(new long[] { 0x112233L, 0x445566L });
    config.setHomeSp(homeSp);
    // Credential configuration.
    Credential credential = new Credential();
    credential.setRealm("shaken.stirred.com");
    Credential.UserCredential userCredential = new Credential.UserCredential();
    userCredential.setUsername("james");
    userCredential.setPassword("Ym9uZDAwNw==");
    userCredential.setEapType(21);
    userCredential.setNonEapInnerMethod("MS-CHAP-V2");
    credential.setUserCredential(userCredential);
    Credential.CertificateCredential certCredential = new Credential.CertificateCredential();
    certCredential.setCertType("x509v3");
    byte[] certSha256Fingerprint = new byte[32];
    Arrays.fill(certSha256Fingerprint, (byte) 0x1f);
    certCredential.setCertSha256Fingerprint(certSha256Fingerprint);
    credential.setCertCredential(certCredential);
    Credential.SimCredential simCredential = new Credential.SimCredential();
    simCredential.setImsi("imsi");
    simCredential.setEapType(24);
    credential.setSimCredential(simCredential);
    credential.setCaCertificate(FakeKeys.CA_CERT0);
    config.setCredential(credential);
    return config;
}
Also used : HomeSp(android.net.wifi.hotspot2.pps.HomeSp) Credential(android.net.wifi.hotspot2.pps.Credential)

Aggregations

Credential (com.android.hotspot2.pps.Credential)40 IOException (java.io.IOException)30 WifiConfiguration (android.net.wifi.WifiConfiguration)20 WifiEnterpriseConfig (android.net.wifi.WifiEnterpriseConfig)15 EAPMethod (com.android.anqp.eap.EAPMethod)15 NonEAPInnerAuth (com.android.anqp.eap.NonEAPInnerAuth)15 HashMap (java.util.HashMap)11 EAP (com.android.anqp.eap.EAP)10 ExpandedEAPMethod (com.android.anqp.eap.ExpandedEAPMethod)10 IMSIParameter (com.android.hotspot2.IMSIParameter)10 HomeSP (com.android.hotspot2.pps.HomeSP)10 UpdateInfo (com.android.hotspot2.pps.UpdateInfo)10 ArrayList (java.util.ArrayList)6 AuthParam (com.android.anqp.eap.AuthParam)5 InnerAuthEAP (com.android.anqp.eap.InnerAuthEAP)5 MOData (com.android.hotspot2.osu.commands.MOData)5 Policy (com.android.hotspot2.pps.Policy)5 SubscriptionParameters (com.android.hotspot2.pps.SubscriptionParameters)5 BufferedInputStream (java.io.BufferedInputStream)5 FileInputStream (java.io.FileInputStream)5