Example 6 with Policy
use of com.android.hotspot2.pps.Policy in project android_frameworks_base by crdroidandroid.
the class MOManager method buildHomeSP.
private static HomeSP buildHomeSP(OMANode ppsRoot, int updateIdentifier) throws OMAException {
OMANode spRoot = ppsRoot.getChild(TAG_HomeSP);
String fqdn = spRoot.getScalarValue(Arrays.asList(TAG_FQDN).iterator());
String friendlyName = spRoot.getScalarValue(Arrays.asList(TAG_FriendlyName).iterator());
String iconURL = spRoot.getScalarValue(Arrays.asList(TAG_IconURL).iterator());
HashSet<Long> roamingConsortiums = new HashSet<>();
String oiString = spRoot.getScalarValue(Arrays.asList(TAG_RoamingConsortiumOI).iterator());
if (oiString != null) {
for (String oi : oiString.split(",")) {
roamingConsortiums.add(Long.parseLong(oi.trim(), 16));
}
}
Map<String, Long> ssids = new HashMap<>();
OMANode ssidListNode = spRoot.getListValue(Arrays.asList(TAG_NetworkID).iterator());
if (ssidListNode != null) {
for (OMANode ssidRoot : ssidListNode.getChildren()) {
OMANode hessidNode = ssidRoot.getChild(TAG_HESSID);
ssids.put(ssidRoot.getChild(TAG_SSID).getValue(), getMac(hessidNode));
}
}
Set<Long> matchAnyOIs = new HashSet<>();
List<Long> matchAllOIs = new ArrayList<>();
OMANode homeOIListNode = spRoot.getListValue(Arrays.asList(TAG_HomeOIList).iterator());
if (homeOIListNode != null) {
for (OMANode homeOIRoot : homeOIListNode.getChildren()) {
String homeOI = homeOIRoot.getChild(TAG_HomeOI).getValue();
if (Boolean.parseBoolean(homeOIRoot.getChild(TAG_HomeOIRequired).getValue())) {
matchAllOIs.add(Long.parseLong(homeOI, 16));
} else {
matchAnyOIs.add(Long.parseLong(homeOI, 16));
}
}
}
Set<String> otherHomePartners = new HashSet<>();
OMANode otherListNode = spRoot.getListValue(Arrays.asList(TAG_OtherHomePartners).iterator());
if (otherListNode != null) {
for (OMANode fqdnNode : otherListNode.getChildren()) {
otherHomePartners.add(fqdnNode.getChild(TAG_FQDN).getValue());
}
}
Credential credential = buildCredential(ppsRoot.getChild(TAG_Credential));
OMANode policyNode = ppsRoot.getChild(TAG_Policy);
Policy policy = policyNode != null ? new Policy(policyNode) : null;
Map<String, String> aaaTrustRoots;
OMANode aaaRootNode = ppsRoot.getChild(TAG_AAAServerTrustRoot);
if (aaaRootNode == null) {
aaaTrustRoots = null;
} else {
aaaTrustRoots = new HashMap<>(aaaRootNode.getChildren().size());
for (OMANode child : aaaRootNode.getChildren()) {
aaaTrustRoots.put(getString(child, TAG_CertURL), getString(child, TAG_CertSHA256Fingerprint));
}
}
OMANode updateNode = ppsRoot.getChild(TAG_SubscriptionUpdate);
UpdateInfo subscriptionUpdate = updateNode != null ? new UpdateInfo(updateNode) : null;
OMANode subNode = ppsRoot.getChild(TAG_SubscriptionParameters);
SubscriptionParameters subscriptionParameters = subNode != null ? new SubscriptionParameters(subNode) : null;
return new HomeSP(ssids, fqdn, roamingConsortiums, otherHomePartners, matchAnyOIs, matchAllOIs, friendlyName, iconURL, credential, policy, getInteger(ppsRoot.getChild(TAG_CredentialPriority), 0), aaaTrustRoots, subscriptionUpdate, subscriptionParameters, updateIdentifier);
}
Also used :
Policy(com.android.hotspot2.pps.Policy)
Credential(com.android.hotspot2.pps.Credential)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
HomeSP(com.android.hotspot2.pps.HomeSP)
SubscriptionParameters(com.android.hotspot2.pps.SubscriptionParameters)
UpdateInfo(com.android.hotspot2.pps.UpdateInfo)
HashSet(java.util.HashSet)
Example 7 with Policy
use of com.android.hotspot2.pps.Policy in project platform_frameworks_base by android.
the class PpsMoParserTest method generateConfigurationFromPPSMOTree.
/**
* Generate a {@link PasspointConfiguration} that matches the configuration specified in the
* XML file {@link #VALID_PPS_MO_XML_FILE}.
*
* @return {@link PasspointConfiguration}
*/
private PasspointConfiguration generateConfigurationFromPPSMOTree() throws Exception {
DateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
byte[] certFingerprint = new byte[32];
Arrays.fill(certFingerprint, (byte) 0x1f);
PasspointConfiguration config = new PasspointConfiguration();
config.setUpdateIdentifier(12);
config.setCredentialPriority(99);
// AAA Server trust root.
Map<String, byte[]> trustRootCertList = new HashMap<>();
trustRootCertList.put("server1.trust.root.com", certFingerprint);
config.setTrustRootCertList(trustRootCertList);
// Subscription update.
UpdateParameter subscriptionUpdate = new UpdateParameter();
subscriptionUpdate.setUpdateIntervalInMinutes(120);
subscriptionUpdate.setUpdateMethod(UpdateParameter.UPDATE_METHOD_SSP);
subscriptionUpdate.setRestriction(UpdateParameter.UPDATE_RESTRICTION_ROAMING_PARTNER);
subscriptionUpdate.setServerUri("subscription.update.com");
subscriptionUpdate.setUsername("subscriptionUser");
subscriptionUpdate.setBase64EncodedPassword("subscriptionPass");
subscriptionUpdate.setTrustRootCertUrl("subscription.update.cert.com");
subscriptionUpdate.setTrustRootCertSha256Fingerprint(certFingerprint);
config.setSubscriptionUpdate(subscriptionUpdate);
// Subscription parameters.
config.setSubscriptionCreationTimeInMs(format.parse("2016-02-01T10:00:00Z").getTime());
config.setSubscriptionExpirationTimeInMs(format.parse("2016-03-01T10:00:00Z").getTime());
config.setSubscriptionType("Gold");
config.setUsageLimitDataLimit(921890);
config.setUsageLimitStartTimeInMs(format.parse("2016-12-01T10:00:00Z").getTime());
config.setUsageLimitTimeLimitInMinutes(120);
config.setUsageLimitUsageTimePeriodInMinutes(99910);
// HomeSP configuration.
HomeSp homeSp = new HomeSp();
homeSp.setFriendlyName("Century House");
homeSp.setFqdn("mi6.co.uk");
homeSp.setRoamingConsortiumOis(new long[] { 0x112233L, 0x445566L });
homeSp.setIconUrl("icon.test.com");
Map<String, Long> homeNetworkIds = new HashMap<>();
homeNetworkIds.put("TestSSID", 0x12345678L);
homeNetworkIds.put("NullHESSID", null);
homeSp.setHomeNetworkIds(homeNetworkIds);
homeSp.setMatchAllOis(new long[] { 0x11223344 });
homeSp.setMatchAnyOis(new long[] { 0x55667788 });
homeSp.setOtherHomePartners(new String[] { "other.fqdn.com" });
config.setHomeSp(homeSp);
// Credential configuration.
Credential credential = new Credential();
credential.setCreationTimeInMs(format.parse("2016-01-01T10:00:00Z").getTime());
credential.setExpirationTimeInMs(format.parse("2016-02-01T10:00:00Z").getTime());
credential.setRealm("shaken.stirred.com");
credential.setCheckAaaServerCertStatus(true);
Credential.UserCredential userCredential = new Credential.UserCredential();
userCredential.setUsername("james");
userCredential.setPassword("Ym9uZDAwNw==");
userCredential.setMachineManaged(true);
userCredential.setSoftTokenApp("TestApp");
userCredential.setAbleToShare(true);
userCredential.setEapType(21);
userCredential.setNonEapInnerMethod("MS-CHAP-V2");
credential.setUserCredential(userCredential);
Credential.CertificateCredential certCredential = new Credential.CertificateCredential();
certCredential.setCertType("x509v3");
certCredential.setCertSha256Fingerprint(certFingerprint);
credential.setCertCredential(certCredential);
Credential.SimCredential simCredential = new Credential.SimCredential();
simCredential.setImsi("imsi");
simCredential.setEapType(24);
credential.setSimCredential(simCredential);
config.setCredential(credential);
// Policy configuration.
Policy policy = new Policy();
List<Policy.RoamingPartner> preferredRoamingPartnerList = new ArrayList<>();
Policy.RoamingPartner partner1 = new Policy.RoamingPartner();
partner1.setFqdn("test1.fqdn.com");
partner1.setFqdnExactMatch(true);
partner1.setPriority(127);
partner1.setCountries("us,fr");
Policy.RoamingPartner partner2 = new Policy.RoamingPartner();
partner2.setFqdn("test2.fqdn.com");
partner2.setFqdnExactMatch(false);
partner2.setPriority(200);
partner2.setCountries("*");
preferredRoamingPartnerList.add(partner1);
preferredRoamingPartnerList.add(partner2);
policy.setPreferredRoamingPartnerList(preferredRoamingPartnerList);
policy.setMinHomeDownlinkBandwidth(23412);
policy.setMinHomeUplinkBandwidth(9823);
policy.setMinRoamingDownlinkBandwidth(9271);
policy.setMinRoamingUplinkBandwidth(2315);
policy.setExcludedSsidList(new String[] { "excludeSSID" });
Map<Integer, String> requiredProtoPortMap = new HashMap<>();
requiredProtoPortMap.put(12, "34,92,234");
policy.setRequiredProtoPortMap(requiredProtoPortMap);
policy.setMaximumBssLoadValue(23);
UpdateParameter policyUpdate = new UpdateParameter();
policyUpdate.setUpdateIntervalInMinutes(120);
policyUpdate.setUpdateMethod(UpdateParameter.UPDATE_METHOD_OMADM);
policyUpdate.setRestriction(UpdateParameter.UPDATE_RESTRICTION_HOMESP);
policyUpdate.setServerUri("policy.update.com");
policyUpdate.setUsername("updateUser");
policyUpdate.setBase64EncodedPassword("updatePass");
policyUpdate.setTrustRootCertUrl("update.cert.com");
policyUpdate.setTrustRootCertSha256Fingerprint(certFingerprint);
policy.setPolicyUpdate(policyUpdate);
config.setPolicy(policy);
return config;
}
Also used :
Policy(android.net.wifi.hotspot2.pps.Policy)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
HomeSp(android.net.wifi.hotspot2.pps.HomeSp)
PasspointConfiguration(android.net.wifi.hotspot2.PasspointConfiguration)
Credential(android.net.wifi.hotspot2.pps.Credential)
UpdateParameter(android.net.wifi.hotspot2.pps.UpdateParameter)
SimpleDateFormat(java.text.SimpleDateFormat)
DateFormat(java.text.DateFormat)
SimpleDateFormat(java.text.SimpleDateFormat)
Example 8 with Policy
use of com.android.hotspot2.pps.Policy in project platform_frameworks_base by android.
the class OSUClient method remediate.
public void remediate(OSUManager osuManager, Network network, KeyManager km, HomeSP homeSP, int flowType) throws IOException, GeneralSecurityException {
try (HTTPHandler httpHandler = createHandler(network, homeSP, km, flowType)) {
URL redirectURL = osuManager.prepareUserInput(homeSP.getFriendlyName());
OMADMAdapter omadmAdapter = osuManager.getOMADMAdapter();
String regRequest = SOAPBuilder.buildPostDevDataResponse(RequestReason.SubRemediation, null, redirectURL.toString(), omadmAdapter.getMO(OMAConstants.DevInfoURN), omadmAdapter.getMO(OMAConstants.DevDetailURN));
OSUResponse serverResponse = httpHandler.exchangeSOAP(mURL, regRequest);
if (serverResponse.getMessageType() != OSUMessageType.PostDevData) {
throw new IOException("Expected a PostDevDataResponse");
}
String sessionID = serverResponse.getSessionID();
PostDevDataResponse pddResponse = (PostDevDataResponse) serverResponse;
Log.d(TAG, "Remediation response: " + pddResponse);
Map<OSUCertType, List<X509Certificate>> certs = null;
PrivateKey clientKey = null;
if (pddResponse.getStatus() != OSUStatus.RemediationComplete) {
if (pddResponse.getExecCommand() == ExecCommand.UploadMO) {
String ulMessage = SOAPBuilder.buildPostDevDataResponse(RequestReason.MOUpload, null, redirectURL.toString(), omadmAdapter.getMO(OMAConstants.DevInfoURN), omadmAdapter.getMO(OMAConstants.DevDetailURN), osuManager.getMOTree(homeSP));
Log.d(TAG, "Upload MO: " + ulMessage);
OSUResponse ulResponse = httpHandler.exchangeSOAP(mURL, ulMessage);
if (ulResponse.getMessageType() != OSUMessageType.PostDevData) {
throw new IOException("Expected a PostDevDataResponse to MOUpload");
}
pddResponse = (PostDevDataResponse) ulResponse;
}
if (pddResponse.getExecCommand() == ExecCommand.Browser) {
if (flowType == OSUManager.FLOW_POLICY) {
throw new IOException("Browser launch requested in policy flow");
}
String webURL = ((BrowserURI) pddResponse.getCommandData()).getURI();
if (webURL == null) {
throw new IOException("No web-url");
} else if (!webURL.contains(sessionID)) {
throw new IOException("Bad or missing session ID in webURL");
}
if (!osuManager.startUserInput(new URL(webURL), network)) {
throw new IOException("User session failed");
}
Log.d(TAG, " -- Sending user input complete:");
String userComplete = SOAPBuilder.buildPostDevDataResponse(RequestReason.InputComplete, sessionID, null, omadmAdapter.getMO(OMAConstants.DevInfoURN), omadmAdapter.getMO(OMAConstants.DevDetailURN));
OSUResponse udResponse = httpHandler.exchangeSOAP(mURL, userComplete);
if (udResponse.getMessageType() != OSUMessageType.PostDevData) {
throw new IOException("Bad user input complete response: " + udResponse);
}
pddResponse = (PostDevDataResponse) udResponse;
} else if (pddResponse.getExecCommand() == ExecCommand.GetCert) {
certs = new HashMap<>();
try (ESTHandler estHandler = new ESTHandler((GetCertData) pddResponse.getCommandData(), network, osuManager.getOMADMAdapter(), km, mKeyStore, homeSP, flowType)) {
estHandler.execute(true);
certs.put(OSUCertType.CA, estHandler.getCACerts());
certs.put(OSUCertType.Client, estHandler.getClientCerts());
clientKey = estHandler.getClientKey();
}
if (httpHandler.isHTTPAuthPerformed()) {
// 8.4.3.6
httpHandler.renegotiate(certs, clientKey);
}
Log.d(TAG, " -- Sending remediation cert enrollment complete:");
// 8.4.3.5 in the spec actually prescribes that an update URI is sent here,
// but there is no remediation flow that defines user interaction after EST
// so for now a null is passed.
String certComplete = SOAPBuilder.buildPostDevDataResponse(RequestReason.CertEnrollmentComplete, sessionID, null, omadmAdapter.getMO(OMAConstants.DevInfoURN), omadmAdapter.getMO(OMAConstants.DevDetailURN));
OSUResponse ceResponse = httpHandler.exchangeSOAP(mURL, certComplete);
if (ceResponse.getMessageType() != OSUMessageType.PostDevData) {
throw new IOException("Bad cert enrollment complete response: " + ceResponse);
}
pddResponse = (PostDevDataResponse) ceResponse;
} else {
throw new IOException("Unexpected command: " + pddResponse.getExecCommand());
}
}
if (pddResponse.getStatus() != OSUStatus.RemediationComplete) {
throw new IOException("Expected a PostDevDataResponse to MOUpload");
}
Log.d(TAG, "Remediation response: " + pddResponse);
List<MOData> mods = new ArrayList<>();
for (OSUCommand command : pddResponse.getCommands()) {
if (command.getOSUCommand() == OSUCommandID.UpdateNode) {
mods.add((MOData) command.getCommandData());
} else if (command.getOSUCommand() != OSUCommandID.NoMOUpdate) {
throw new IOException("Unexpected OSU response: " + command);
}
}
// 1. Machine remediation: Remediation complete + replace node
// 2a. User remediation with upload: ExecCommand.UploadMO
// 2b. User remediation without upload: ExecCommand.Browser
// 3. User remediation only: -> sppPostDevData user input complete
//
// 4. Update node
// 5. -> Update response
// 6. Exchange complete
OSUError error = null;
String updateResponse = SOAPBuilder.buildUpdateResponse(sessionID, error);
Log.d(TAG, " -- Sending updateResponse:");
OSUResponse exComplete = httpHandler.exchangeSOAP(mURL, updateResponse);
Log.d(TAG, "exComplete response: " + exComplete);
if (exComplete.getMessageType() != OSUMessageType.ExchangeComplete) {
throw new IOException("Expected ExchangeComplete: " + exComplete);
} else if (exComplete.getStatus() != OSUStatus.ExchangeComplete) {
throw new IOException("Bad ExchangeComplete status: " + exComplete);
}
// the network is lost and the remediation flow fails.
try {
osuManager.remediationComplete(homeSP, mods, certs, clientKey);
} catch (IOException | GeneralSecurityException e) {
osuManager.provisioningFailed(homeSP.getFriendlyName(), e.getMessage(), homeSP, OSUManager.FLOW_REMEDIATION);
error = OSUError.CommandFailed;
}
}
}
Also used :
PrivateKey(java.security.PrivateKey)
HashMap(java.util.HashMap)
ESTHandler(com.android.hotspot2.est.ESTHandler)
GeneralSecurityException(java.security.GeneralSecurityException)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
OMADMAdapter(com.android.hotspot2.OMADMAdapter)
URL(java.net.URL)
MOData(com.android.hotspot2.osu.commands.MOData)
BrowserURI(com.android.hotspot2.osu.commands.BrowserURI)
ArrayList(java.util.ArrayList)
List(java.util.List)
GetCertData(com.android.hotspot2.osu.commands.GetCertData)
Example 9 with Policy
use of com.android.hotspot2.pps.Policy in project android_frameworks_base by AOSPA.
the class MOManager method buildHomeSP.
private static HomeSP buildHomeSP(OMANode ppsRoot, int updateIdentifier) throws OMAException {
OMANode spRoot = ppsRoot.getChild(TAG_HomeSP);
String fqdn = spRoot.getScalarValue(Arrays.asList(TAG_FQDN).iterator());
String friendlyName = spRoot.getScalarValue(Arrays.asList(TAG_FriendlyName).iterator());
String iconURL = spRoot.getScalarValue(Arrays.asList(TAG_IconURL).iterator());
HashSet<Long> roamingConsortiums = new HashSet<>();
String oiString = spRoot.getScalarValue(Arrays.asList(TAG_RoamingConsortiumOI).iterator());
if (oiString != null) {
for (String oi : oiString.split(",")) {
roamingConsortiums.add(Long.parseLong(oi.trim(), 16));
}
}
Map<String, Long> ssids = new HashMap<>();
OMANode ssidListNode = spRoot.getListValue(Arrays.asList(TAG_NetworkID).iterator());
if (ssidListNode != null) {
for (OMANode ssidRoot : ssidListNode.getChildren()) {
OMANode hessidNode = ssidRoot.getChild(TAG_HESSID);
ssids.put(ssidRoot.getChild(TAG_SSID).getValue(), getMac(hessidNode));
}
}
Set<Long> matchAnyOIs = new HashSet<>();
List<Long> matchAllOIs = new ArrayList<>();
OMANode homeOIListNode = spRoot.getListValue(Arrays.asList(TAG_HomeOIList).iterator());
if (homeOIListNode != null) {
for (OMANode homeOIRoot : homeOIListNode.getChildren()) {
String homeOI = homeOIRoot.getChild(TAG_HomeOI).getValue();
if (Boolean.parseBoolean(homeOIRoot.getChild(TAG_HomeOIRequired).getValue())) {
matchAllOIs.add(Long.parseLong(homeOI, 16));
} else {
matchAnyOIs.add(Long.parseLong(homeOI, 16));
}
}
}
Set<String> otherHomePartners = new HashSet<>();
OMANode otherListNode = spRoot.getListValue(Arrays.asList(TAG_OtherHomePartners).iterator());
if (otherListNode != null) {
for (OMANode fqdnNode : otherListNode.getChildren()) {
otherHomePartners.add(fqdnNode.getChild(TAG_FQDN).getValue());
}
}
Credential credential = buildCredential(ppsRoot.getChild(TAG_Credential));
OMANode policyNode = ppsRoot.getChild(TAG_Policy);
Policy policy = policyNode != null ? new Policy(policyNode) : null;
Map<String, String> aaaTrustRoots;
OMANode aaaRootNode = ppsRoot.getChild(TAG_AAAServerTrustRoot);
if (aaaRootNode == null) {
aaaTrustRoots = null;
} else {
aaaTrustRoots = new HashMap<>(aaaRootNode.getChildren().size());
for (OMANode child : aaaRootNode.getChildren()) {
aaaTrustRoots.put(getString(child, TAG_CertURL), getString(child, TAG_CertSHA256Fingerprint));
}
}
OMANode updateNode = ppsRoot.getChild(TAG_SubscriptionUpdate);
UpdateInfo subscriptionUpdate = updateNode != null ? new UpdateInfo(updateNode) : null;
OMANode subNode = ppsRoot.getChild(TAG_SubscriptionParameters);
SubscriptionParameters subscriptionParameters = subNode != null ? new SubscriptionParameters(subNode) : null;
return new HomeSP(ssids, fqdn, roamingConsortiums, otherHomePartners, matchAnyOIs, matchAllOIs, friendlyName, iconURL, credential, policy, getInteger(ppsRoot.getChild(TAG_CredentialPriority), 0), aaaTrustRoots, subscriptionUpdate, subscriptionParameters, updateIdentifier);
}
Also used :
Policy(com.android.hotspot2.pps.Policy)
Credential(com.android.hotspot2.pps.Credential)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
HomeSP(com.android.hotspot2.pps.HomeSP)
SubscriptionParameters(com.android.hotspot2.pps.SubscriptionParameters)
UpdateInfo(com.android.hotspot2.pps.UpdateInfo)
HashSet(java.util.HashSet)
Example 10 with Policy
use of com.android.hotspot2.pps.Policy in project android_frameworks_base by DirtyUnicorns.
the class OSUClient method remediate.
public void remediate(OSUManager osuManager, Network network, KeyManager km, HomeSP homeSP, int flowType) throws IOException, GeneralSecurityException {
try (HTTPHandler httpHandler = createHandler(network, homeSP, km, flowType)) {
URL redirectURL = osuManager.prepareUserInput(homeSP.getFriendlyName());
OMADMAdapter omadmAdapter = osuManager.getOMADMAdapter();
String regRequest = SOAPBuilder.buildPostDevDataResponse(RequestReason.SubRemediation, null, redirectURL.toString(), omadmAdapter.getMO(OMAConstants.DevInfoURN), omadmAdapter.getMO(OMAConstants.DevDetailURN));
OSUResponse serverResponse = httpHandler.exchangeSOAP(mURL, regRequest);
if (serverResponse.getMessageType() != OSUMessageType.PostDevData) {
throw new IOException("Expected a PostDevDataResponse");
}
String sessionID = serverResponse.getSessionID();
PostDevDataResponse pddResponse = (PostDevDataResponse) serverResponse;
Log.d(TAG, "Remediation response: " + pddResponse);
Map<OSUCertType, List<X509Certificate>> certs = null;
PrivateKey clientKey = null;
if (pddResponse.getStatus() != OSUStatus.RemediationComplete) {
if (pddResponse.getExecCommand() == ExecCommand.UploadMO) {
String ulMessage = SOAPBuilder.buildPostDevDataResponse(RequestReason.MOUpload, null, redirectURL.toString(), omadmAdapter.getMO(OMAConstants.DevInfoURN), omadmAdapter.getMO(OMAConstants.DevDetailURN), osuManager.getMOTree(homeSP));
Log.d(TAG, "Upload MO: " + ulMessage);
OSUResponse ulResponse = httpHandler.exchangeSOAP(mURL, ulMessage);
if (ulResponse.getMessageType() != OSUMessageType.PostDevData) {
throw new IOException("Expected a PostDevDataResponse to MOUpload");
}
pddResponse = (PostDevDataResponse) ulResponse;
}
if (pddResponse.getExecCommand() == ExecCommand.Browser) {
if (flowType == OSUManager.FLOW_POLICY) {
throw new IOException("Browser launch requested in policy flow");
}
String webURL = ((BrowserURI) pddResponse.getCommandData()).getURI();
if (webURL == null) {
throw new IOException("No web-url");
} else if (!webURL.contains(sessionID)) {
throw new IOException("Bad or missing session ID in webURL");
}
if (!osuManager.startUserInput(new URL(webURL), network)) {
throw new IOException("User session failed");
}
Log.d(TAG, " -- Sending user input complete:");
String userComplete = SOAPBuilder.buildPostDevDataResponse(RequestReason.InputComplete, sessionID, null, omadmAdapter.getMO(OMAConstants.DevInfoURN), omadmAdapter.getMO(OMAConstants.DevDetailURN));
OSUResponse udResponse = httpHandler.exchangeSOAP(mURL, userComplete);
if (udResponse.getMessageType() != OSUMessageType.PostDevData) {
throw new IOException("Bad user input complete response: " + udResponse);
}
pddResponse = (PostDevDataResponse) udResponse;
} else if (pddResponse.getExecCommand() == ExecCommand.GetCert) {
certs = new HashMap<>();
try (ESTHandler estHandler = new ESTHandler((GetCertData) pddResponse.getCommandData(), network, osuManager.getOMADMAdapter(), km, mKeyStore, homeSP, flowType)) {
estHandler.execute(true);
certs.put(OSUCertType.CA, estHandler.getCACerts());
certs.put(OSUCertType.Client, estHandler.getClientCerts());
clientKey = estHandler.getClientKey();
}
if (httpHandler.isHTTPAuthPerformed()) {
// 8.4.3.6
httpHandler.renegotiate(certs, clientKey);
}
Log.d(TAG, " -- Sending remediation cert enrollment complete:");
// 8.4.3.5 in the spec actually prescribes that an update URI is sent here,
// but there is no remediation flow that defines user interaction after EST
// so for now a null is passed.
String certComplete = SOAPBuilder.buildPostDevDataResponse(RequestReason.CertEnrollmentComplete, sessionID, null, omadmAdapter.getMO(OMAConstants.DevInfoURN), omadmAdapter.getMO(OMAConstants.DevDetailURN));
OSUResponse ceResponse = httpHandler.exchangeSOAP(mURL, certComplete);
if (ceResponse.getMessageType() != OSUMessageType.PostDevData) {
throw new IOException("Bad cert enrollment complete response: " + ceResponse);
}
pddResponse = (PostDevDataResponse) ceResponse;
} else {
throw new IOException("Unexpected command: " + pddResponse.getExecCommand());
}
}
if (pddResponse.getStatus() != OSUStatus.RemediationComplete) {
throw new IOException("Expected a PostDevDataResponse to MOUpload");
}
Log.d(TAG, "Remediation response: " + pddResponse);
List<MOData> mods = new ArrayList<>();
for (OSUCommand command : pddResponse.getCommands()) {
if (command.getOSUCommand() == OSUCommandID.UpdateNode) {
mods.add((MOData) command.getCommandData());
} else if (command.getOSUCommand() != OSUCommandID.NoMOUpdate) {
throw new IOException("Unexpected OSU response: " + command);
}
}
// 1. Machine remediation: Remediation complete + replace node
// 2a. User remediation with upload: ExecCommand.UploadMO
// 2b. User remediation without upload: ExecCommand.Browser
// 3. User remediation only: -> sppPostDevData user input complete
//
// 4. Update node
// 5. -> Update response
// 6. Exchange complete
OSUError error = null;
String updateResponse = SOAPBuilder.buildUpdateResponse(sessionID, error);
Log.d(TAG, " -- Sending updateResponse:");
OSUResponse exComplete = httpHandler.exchangeSOAP(mURL, updateResponse);
Log.d(TAG, "exComplete response: " + exComplete);
if (exComplete.getMessageType() != OSUMessageType.ExchangeComplete) {
throw new IOException("Expected ExchangeComplete: " + exComplete);
} else if (exComplete.getStatus() != OSUStatus.ExchangeComplete) {
throw new IOException("Bad ExchangeComplete status: " + exComplete);
}
// the network is lost and the remediation flow fails.
try {
osuManager.remediationComplete(homeSP, mods, certs, clientKey);
} catch (IOException | GeneralSecurityException e) {
osuManager.provisioningFailed(homeSP.getFriendlyName(), e.getMessage(), homeSP, OSUManager.FLOW_REMEDIATION);
error = OSUError.CommandFailed;
}
}
}
Also used :
PrivateKey(java.security.PrivateKey)
HashMap(java.util.HashMap)
ESTHandler(com.android.hotspot2.est.ESTHandler)
GeneralSecurityException(java.security.GeneralSecurityException)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
OMADMAdapter(com.android.hotspot2.OMADMAdapter)
URL(java.net.URL)
MOData(com.android.hotspot2.osu.commands.MOData)
BrowserURI(com.android.hotspot2.osu.commands.BrowserURI)
ArrayList(java.util.ArrayList)
List(java.util.List)
GetCertData(com.android.hotspot2.osu.commands.GetCertData)
Aggregations
ArrayList (java.util.ArrayList)12
HashMap (java.util.HashMap)12
OMADMAdapter (com.android.hotspot2.OMADMAdapter)5
ESTHandler (com.android.hotspot2.est.ESTHandler)5
BrowserURI (com.android.hotspot2.osu.commands.BrowserURI)5
GetCertData (com.android.hotspot2.osu.commands.GetCertData)5
MOData (com.android.hotspot2.osu.commands.MOData)5
Credential (com.android.hotspot2.pps.Credential)5
HomeSP (com.android.hotspot2.pps.HomeSP)5
Policy (com.android.hotspot2.pps.Policy)5
SubscriptionParameters (com.android.hotspot2.pps.SubscriptionParameters)5
UpdateInfo (com.android.hotspot2.pps.UpdateInfo)5
IOException (java.io.IOException)5
URL (java.net.URL)5
GeneralSecurityException (java.security.GeneralSecurityException)5
PrivateKey (java.security.PrivateKey)5
HashSet (java.util.HashSet)5
List (java.util.List)5
Policy (android.net.wifi.hotspot2.pps.Policy)2
UpdateParameter (android.net.wifi.hotspot2.pps.UpdateParameter)2
