171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistpackage com.android.server.wifi.hotspot2.pps; 271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 303e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpandeimport android.net.wifi.WifiEnterpriseConfig; 4a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvistimport android.security.Credentials; 5a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvistimport android.security.KeyStore; 6d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpandeimport android.text.TextUtils; 771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport android.util.Base64; 8af955ffa0082189fb688429732427c333f2491ceVinit Deshpandeimport android.util.Log; 971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 1007f11f6f2ee7ec17cb08180035dfb5002aaaf5dfJan Nordqvistimport com.android.server.wifi.IMSIParameter; 1103e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpandeimport com.android.server.wifi.anqp.eap.EAP; 1271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport com.android.server.wifi.anqp.eap.EAPMethod; 13a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvistimport com.android.server.wifi.anqp.eap.NonEAPInnerAuth; 1471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport com.android.server.wifi.hotspot2.Utils; 1571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport com.android.server.wifi.hotspot2.omadm.OMAException; 1671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 17a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvistimport java.io.IOException; 1871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport java.nio.charset.StandardCharsets; 19a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvistimport java.security.GeneralSecurityException; 20a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvistimport java.security.MessageDigest; 2105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvistimport java.util.Arrays; 2271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 2371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistpublic class Credential { 2471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public enum CertType {IEEE, x509v3} 2571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 26a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist public static final String CertTypeX509 = "x509v3"; 27a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist public static final String CertTypeIEEE = "802.1ar"; 28a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist 2971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final long mCtime; 3071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final long mExpTime; 3171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mRealm; 3271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final boolean mCheckAAACert; 3371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 3471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mUserName; 3571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mPassword; 36820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist private final boolean mDisregardPassword; 3771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final boolean mMachineManaged; 3871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mSTokenApp; 3971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final boolean mShare; 4071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final EAPMethod mEAPMethod; 4171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 4271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final CertType mCertType; 4371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final byte[] mFingerPrint; 4471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 4507f11f6f2ee7ec17cb08180035dfb5002aaaf5dfJan Nordqvist private final IMSIParameter mImsi; 4671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 4771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public Credential(long ctime, long expTime, String realm, boolean checkAAACert, 4871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist EAPMethod eapMethod, String userName, String password, 4971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist boolean machineManaged, String stApp, boolean share) { 5071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCtime = ctime; 5171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mExpTime = expTime; 5271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mRealm = realm; 5371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCheckAAACert = checkAAACert; 5471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mEAPMethod = eapMethod; 5571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mUserName = userName; 56d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande 57a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist if (!TextUtils.isEmpty(password)) { 58d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande byte[] pwOctets = Base64.decode(password, Base64.DEFAULT); 59d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande mPassword = new String(pwOctets, StandardCharsets.UTF_8); 60d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande } else { 61d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande mPassword = null; 62d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande } 63820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = false; 64d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande 6571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mMachineManaged = machineManaged; 6671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mSTokenApp = stApp; 6771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mShare = share; 6871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 6971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCertType = null; 7071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mFingerPrint = null; 7171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 7271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mImsi = null; 7371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 7471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 7571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public Credential(long ctime, long expTime, String realm, boolean checkAAACert, 7671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist EAPMethod eapMethod, Credential.CertType certType, byte[] fingerPrint) { 7771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCtime = ctime; 7871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mExpTime = expTime; 7971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mRealm = realm; 8071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCheckAAACert = checkAAACert; 8171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mEAPMethod = eapMethod; 8271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCertType = certType; 8371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mFingerPrint = fingerPrint; 8471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 8571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mUserName = null; 8671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mPassword = null; 87820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = false; 8871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mMachineManaged = false; 8971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mSTokenApp = null; 9071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mShare = false; 9171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 9271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mImsi = null; 9371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 9471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 9571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public Credential(long ctime, long expTime, String realm, boolean checkAAACert, 9607f11f6f2ee7ec17cb08180035dfb5002aaaf5dfJan Nordqvist EAPMethod eapMethod, IMSIParameter imsi) { 9771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCtime = ctime; 9871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mExpTime = expTime; 9971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mRealm = realm; 10071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCheckAAACert = checkAAACert; 10171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mEAPMethod = eapMethod; 10271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mImsi = imsi; 10371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 10471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCertType = null; 10571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mFingerPrint = null; 10671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 10771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mUserName = null; 10871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mPassword = null; 109820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = false; 11071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mMachineManaged = false; 11171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mSTokenApp = null; 11271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mShare = false; 11371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 11471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 115820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public Credential(Credential other, String password) { 116820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mCtime = other.mCtime; 117820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mExpTime = other.mExpTime; 118820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mRealm = other.mRealm; 119820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mCheckAAACert = other.mCheckAAACert; 120820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mUserName = other.mUserName; 121820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mPassword = password; 122820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = other.mDisregardPassword; 123820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mMachineManaged = other.mMachineManaged; 124820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mSTokenApp = other.mSTokenApp; 125820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mShare = other.mShare; 126820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mEAPMethod = other.mEAPMethod; 127820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mCertType = other.mCertType; 128820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mFingerPrint = other.mFingerPrint; 129820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mImsi = other.mImsi; 130820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 131820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 132820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public Credential(WifiEnterpriseConfig enterpriseConfig, KeyStore keyStore, boolean update) 133820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist throws IOException { 1342070c02cdd4fc765747121c9b02caf1b1bab89fbJan Nordqvist mCtime = Utils.UNSET_TIME; 1352070c02cdd4fc765747121c9b02caf1b1bab89fbJan Nordqvist mExpTime = Utils.UNSET_TIME; 13603e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mRealm = enterpriseConfig.getRealm(); 1372070c02cdd4fc765747121c9b02caf1b1bab89fbJan Nordqvist mCheckAAACert = false; 13803e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mEAPMethod = mapEapMethod(enterpriseConfig.getEapMethod(), 13903e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande enterpriseConfig.getPhase2Method()); 140a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist mCertType = mEAPMethod.getEAPMethodID() == EAP.EAPMethodID.EAP_TLS ? CertType.x509v3 : null; 141a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist byte[] fingerPrint; 142a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist 143a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist if (enterpriseConfig.getClientCertificate() != null) { 144a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist // !!! Not sure this will be true in any practical instances: 145a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist try { 146a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist MessageDigest digester = MessageDigest.getInstance("SHA-256"); 147a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist fingerPrint = digester.digest(enterpriseConfig.getClientCertificate().getEncoded()); 14805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } catch (GeneralSecurityException gse) { 1491c03d75c73b9f5fa24a795a0d546f4f56b82ab9bJan Nordqvist Log.e(Utils.hs2LogTag(getClass()), 1501c03d75c73b9f5fa24a795a0d546f4f56b82ab9bJan Nordqvist "Failed to generate certificate fingerprint: " + gse); 151a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist fingerPrint = null; 152a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist } 15305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } else if (enterpriseConfig.getClientCertificateAlias() != null) { 154a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist String alias = enterpriseConfig.getClientCertificateAlias(); 1554e940bb499f65b4305dbeb2e01237c43c2b0b42dJan Nordqvist byte[] octets = keyStore.get(Credentials.USER_CERTIFICATE + alias); 156a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist if (octets != null) { 157a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist try { 158a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist MessageDigest digester = MessageDigest.getInstance("SHA-256"); 159a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist fingerPrint = digester.digest(octets); 16005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } catch (GeneralSecurityException gse) { 1611c03d75c73b9f5fa24a795a0d546f4f56b82ab9bJan Nordqvist Log.e(Utils.hs2LogTag(getClass()), "Failed to construct digest: " + gse); 162a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist fingerPrint = null; 163a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } 16405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } else // !!! The current alias is *not* derived from the fingerprint... 165a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist { 166a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist try { 167a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist fingerPrint = Base64.decode(enterpriseConfig.getClientCertificateAlias(), 168a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist Base64.DEFAULT); 169a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } catch (IllegalArgumentException ie) { 1701c03d75c73b9f5fa24a795a0d546f4f56b82ab9bJan Nordqvist Log.e(Utils.hs2LogTag(getClass()), "Bad base 64 alias"); 171a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist fingerPrint = null; 172a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } 173a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } 17405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } else { 175a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist fingerPrint = null; 176d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande } 177a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist mFingerPrint = fingerPrint; 17807f11f6f2ee7ec17cb08180035dfb5002aaaf5dfJan Nordqvist String imsi = enterpriseConfig.getPlmn(); 17907f11f6f2ee7ec17cb08180035dfb5002aaaf5dfJan Nordqvist mImsi = imsi == null || imsi.length() == 0 ? null : new IMSIParameter(imsi); 180d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande mUserName = enterpriseConfig.getIdentity(); 181d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande mPassword = enterpriseConfig.getPassword(); 182820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = update && mPassword.length() < 2; 18303e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mMachineManaged = false; 18403e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mSTokenApp = null; 18503e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mShare = false; 18603e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande } 18703e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande 18871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public static CertType mapCertType(String certType) throws OMAException { 189a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist if (certType.equalsIgnoreCase(CertTypeX509)) { 19071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return CertType.x509v3; 191a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } else if (certType.equalsIgnoreCase(CertTypeIEEE)) { 19271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return CertType.IEEE; 19371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } else { 19471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist throw new OMAException("Invalid cert type: '" + certType + "'"); 19571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 19671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 19771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 198a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist private static EAPMethod mapEapMethod(int eapMethod, int phase2Method) throws IOException { 19905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist switch (eapMethod) { 20005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.TLS: 20105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_TLS, null); 20205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.TTLS: 20303e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande /* keep this table in sync with WifiEnterpriseConfig.Phase2 enum */ 20405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist NonEAPInnerAuth inner; 20505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist switch (phase2Method) { 20605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Phase2.PAP: 20705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist inner = new NonEAPInnerAuth(NonEAPInnerAuth.NonEAPType.PAP); 20805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist break; 20905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Phase2.MSCHAP: 21005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist inner = new NonEAPInnerAuth(NonEAPInnerAuth.NonEAPType.MSCHAP); 21105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist break; 21205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Phase2.MSCHAPV2: 21305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist inner = new NonEAPInnerAuth(NonEAPInnerAuth.NonEAPType.MSCHAPv2); 21405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist break; 21505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist default: 21605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist throw new IOException("TTLS phase2 method " + 21705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist phase2Method + " not valid for Passpoint"); 21805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } 21905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_TTLS, inner); 22005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.SIM: 22105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_SIM, null); 22205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.AKA: 22305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_AKA, null); 22405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.AKA_PRIME: 22505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_AKAPrim, null); 22605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist default: 22705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist String methodName; 22805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (eapMethod >= 0 && eapMethod < WifiEnterpriseConfig.Eap.strings.length) { 22905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist methodName = WifiEnterpriseConfig.Eap.strings[eapMethod]; 23005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } else { 23105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist methodName = Integer.toString(eapMethod); 23205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } 23305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist throw new IOException("EAP method id " + methodName + " is not valid for Passpoint"); 23403e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande } 23503e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande } 23603e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande 23771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public EAPMethod getEAPMethod() { 23871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return mEAPMethod; 23971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 24071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 24171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public String getRealm() { 24271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return mRealm; 24371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 24471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 24507f11f6f2ee7ec17cb08180035dfb5002aaaf5dfJan Nordqvist public IMSIParameter getImsi() { 24671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return mImsi; 24771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 24871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 24977f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist public String getUserName() { 25077f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist return mUserName; 25177f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist } 25277f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist 25377f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist public String getPassword() { 25477f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist return mPassword; 25577f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist } 25677f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist 257820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public boolean hasDisregardPassword() { 258820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return mDisregardPassword; 259820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 260820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 261a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist public CertType getCertType() { 262a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist return mCertType; 263a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist } 264a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist 265a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist public byte[] getFingerPrint() { 266a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist return mFingerPrint; 267a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist } 268a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist 269820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public long getCtime() { 270820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return mCtime; 271820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 272820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 273820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public long getExpTime() { 274820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return mExpTime; 275820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 276820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 27771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist @Override 27805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist public boolean equals(Object o) { 27905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (this == o) return true; 28005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (o == null || getClass() != o.getClass()) return false; 28105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 28205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist Credential that = (Credential) o; 28305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 28405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mCheckAAACert != that.mCheckAAACert) return false; 28505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mCtime != that.mCtime) return false; 28605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mExpTime != that.mExpTime) return false; 28705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mMachineManaged != that.mMachineManaged) return false; 28805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mShare != that.mShare) return false; 28905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mCertType != that.mCertType) return false; 29005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (!mEAPMethod.equals(that.mEAPMethod)) return false; 29105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (!Arrays.equals(mFingerPrint, that.mFingerPrint)) return false; 292820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (!safeEquals(mImsi, that.mImsi)) { 29305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return false; 294820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 295820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 296820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (!mDisregardPassword && !safeEquals(mPassword, that.mPassword)) { 297820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return false; 298820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 299820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 30005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (!mRealm.equals(that.mRealm)) return false; 301820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (!safeEquals(mSTokenApp, that.mSTokenApp)) { 30205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return false; 303820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 304820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (!safeEquals(mUserName, that.mUserName)) { 30505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return false; 306820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 30705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 30805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return true; 30905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } 31005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 31107f11f6f2ee7ec17cb08180035dfb5002aaaf5dfJan Nordqvist private static boolean safeEquals(Object s1, Object s2) { 312820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (s1 == null) { 313820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return s2 == null; 314820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 315820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist else { 316820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return s2 != null && s1.equals(s2); 317820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 318820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 319820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 32005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist @Override 32105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist public int hashCode() { 32205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist int result = (int) (mCtime ^ (mCtime >>> 32)); 32305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (int) (mExpTime ^ (mExpTime >>> 32)); 32405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + mRealm.hashCode(); 32505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mCheckAAACert ? 1 : 0); 32605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mUserName != null ? mUserName.hashCode() : 0); 32705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mPassword != null ? mPassword.hashCode() : 0); 32805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mMachineManaged ? 1 : 0); 32905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mSTokenApp != null ? mSTokenApp.hashCode() : 0); 33005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mShare ? 1 : 0); 33105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + mEAPMethod.hashCode(); 33205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mCertType != null ? mCertType.hashCode() : 0); 33305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mFingerPrint != null ? Arrays.hashCode(mFingerPrint) : 0); 33405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mImsi != null ? mImsi.hashCode() : 0); 33505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return result; 33605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } 33705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 33805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist @Override 33971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public String toString() { 34071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return "Credential{" + 34171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist "mCtime=" + Utils.toUTCString(mCtime) + 34271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mExpTime=" + Utils.toUTCString(mExpTime) + 34371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mRealm='" + mRealm + '\'' + 34471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mCheckAAACert=" + mCheckAAACert + 34571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mUserName='" + mUserName + '\'' + 34671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mPassword='" + mPassword + '\'' + 347820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist ", mDisregardPassword=" + mDisregardPassword + 34871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mMachineManaged=" + mMachineManaged + 34971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mSTokenApp='" + mSTokenApp + '\'' + 35071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mShare=" + mShare + 35171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mEAPMethod=" + mEAPMethod + 35271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mCertType=" + mCertType + 35371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mFingerPrint=" + Utils.toHexString(mFingerPrint) + 35471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mImsi='" + mImsi + '\'' + 35571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist '}'; 35671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 35771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist} 358