Credential.java revision 1c03d75c73b9f5fa24a795a0d546f4f56b82ab9b
171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistpackage com.android.server.wifi.hotspot2.pps; 271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 303e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpandeimport android.net.wifi.WifiEnterpriseConfig; 4a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvistimport android.security.Credentials; 5a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvistimport android.security.KeyStore; 6d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpandeimport android.text.TextUtils; 771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport android.util.Base64; 8af955ffa0082189fb688429732427c333f2491ceVinit Deshpandeimport android.util.Log; 971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 1003e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpandeimport com.android.server.wifi.anqp.eap.EAP; 1171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport com.android.server.wifi.anqp.eap.EAPMethod; 12a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvistimport com.android.server.wifi.anqp.eap.NonEAPInnerAuth; 1371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport com.android.server.wifi.hotspot2.Utils; 1471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport com.android.server.wifi.hotspot2.omadm.OMAException; 1571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 16a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvistimport java.io.IOException; 1771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistimport java.nio.charset.StandardCharsets; 18a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvistimport java.security.GeneralSecurityException; 19a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvistimport java.security.MessageDigest; 2005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvistimport java.util.Arrays; 2171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 2271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvistpublic class Credential { 2371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public enum CertType {IEEE, x509v3} 2471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 25a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist public static final String CertTypeX509 = "x509v3"; 26a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist public static final String CertTypeIEEE = "802.1ar"; 27a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist 2871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final long mCtime; 2971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final long mExpTime; 3071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mRealm; 3171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final boolean mCheckAAACert; 3271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 3371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mUserName; 3471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mPassword; 35820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist private final boolean mDisregardPassword; 3671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final boolean mMachineManaged; 3771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mSTokenApp; 3871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final boolean mShare; 3971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final EAPMethod mEAPMethod; 4071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 4171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final CertType mCertType; 4271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final byte[] mFingerPrint; 4371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 4471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist private final String mImsi; 4571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 4671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public Credential(long ctime, long expTime, String realm, boolean checkAAACert, 4771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist EAPMethod eapMethod, String userName, String password, 4871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist boolean machineManaged, String stApp, boolean share) { 4971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCtime = ctime; 5071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mExpTime = expTime; 5171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mRealm = realm; 5271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCheckAAACert = checkAAACert; 5371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mEAPMethod = eapMethod; 5471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mUserName = userName; 55d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande 56a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist if (!TextUtils.isEmpty(password)) { 57d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande byte[] pwOctets = Base64.decode(password, Base64.DEFAULT); 58d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande mPassword = new String(pwOctets, StandardCharsets.UTF_8); 59d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande } else { 60d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande mPassword = null; 61d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande } 62820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = false; 63d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande 6471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mMachineManaged = machineManaged; 6571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mSTokenApp = stApp; 6671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mShare = share; 6771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 6871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCertType = null; 6971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mFingerPrint = null; 7071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 7171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mImsi = null; 7271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 7371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 7471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public Credential(long ctime, long expTime, String realm, boolean checkAAACert, 7571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist EAPMethod eapMethod, Credential.CertType certType, byte[] fingerPrint) { 7671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCtime = ctime; 7771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mExpTime = expTime; 7871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mRealm = realm; 7971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCheckAAACert = checkAAACert; 8071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mEAPMethod = eapMethod; 8171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCertType = certType; 8271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mFingerPrint = fingerPrint; 8371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 8471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mUserName = null; 8571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mPassword = null; 86820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = false; 8771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mMachineManaged = false; 8871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mSTokenApp = null; 8971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mShare = false; 9071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 9171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mImsi = null; 9271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 9371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 9471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public Credential(long ctime, long expTime, String realm, boolean checkAAACert, 9571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist EAPMethod eapMethod, String imsi) { 9671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCtime = ctime; 9771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mExpTime = expTime; 9871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mRealm = realm; 9971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCheckAAACert = checkAAACert; 10071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mEAPMethod = eapMethod; 10171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mImsi = imsi; 10271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 10371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mCertType = null; 10471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mFingerPrint = null; 10571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 10671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mUserName = null; 10771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mPassword = null; 108820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = false; 10971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mMachineManaged = false; 11071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mSTokenApp = null; 11171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist mShare = false; 11271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 11371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 114820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public Credential(Credential other, String password) { 115820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mCtime = other.mCtime; 116820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mExpTime = other.mExpTime; 117820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mRealm = other.mRealm; 118820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mCheckAAACert = other.mCheckAAACert; 119820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mUserName = other.mUserName; 120820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mPassword = password; 121820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = other.mDisregardPassword; 122820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mMachineManaged = other.mMachineManaged; 123820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mSTokenApp = other.mSTokenApp; 124820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mShare = other.mShare; 125820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mEAPMethod = other.mEAPMethod; 126820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mCertType = other.mCertType; 127820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mFingerPrint = other.mFingerPrint; 128820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mImsi = other.mImsi; 129820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 130820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 131820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public Credential(WifiEnterpriseConfig enterpriseConfig, KeyStore keyStore, boolean update) 132820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist throws IOException { 1332070c02cdd4fc765747121c9b02caf1b1bab89fbJan Nordqvist mCtime = Utils.UNSET_TIME; 1342070c02cdd4fc765747121c9b02caf1b1bab89fbJan Nordqvist mExpTime = Utils.UNSET_TIME; 13503e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mRealm = enterpriseConfig.getRealm(); 1362070c02cdd4fc765747121c9b02caf1b1bab89fbJan Nordqvist mCheckAAACert = false; 13703e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mEAPMethod = mapEapMethod(enterpriseConfig.getEapMethod(), 13803e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande enterpriseConfig.getPhase2Method()); 139a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist mCertType = mEAPMethod.getEAPMethodID() == EAP.EAPMethodID.EAP_TLS ? CertType.x509v3 : null; 140a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist byte[] fingerPrint; 141a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist 142a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist if (enterpriseConfig.getClientCertificate() != null) { 143a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist // !!! Not sure this will be true in any practical instances: 144a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist try { 145a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist MessageDigest digester = MessageDigest.getInstance("SHA-256"); 146a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist fingerPrint = digester.digest(enterpriseConfig.getClientCertificate().getEncoded()); 14705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } catch (GeneralSecurityException gse) { 1481c03d75c73b9f5fa24a795a0d546f4f56b82ab9bJan Nordqvist Log.e(Utils.hs2LogTag(getClass()), 1491c03d75c73b9f5fa24a795a0d546f4f56b82ab9bJan Nordqvist "Failed to generate certificate fingerprint: " + gse); 150a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist fingerPrint = null; 151a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist } 15205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } else if (enterpriseConfig.getClientCertificateAlias() != null) { 153a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist String alias = enterpriseConfig.getClientCertificateAlias(); 1544e940bb499f65b4305dbeb2e01237c43c2b0b42dJan Nordqvist byte[] octets = keyStore.get(Credentials.USER_CERTIFICATE + alias); 155a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist if (octets != null) { 156a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist try { 157a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist MessageDigest digester = MessageDigest.getInstance("SHA-256"); 158a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist fingerPrint = digester.digest(octets); 15905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } catch (GeneralSecurityException gse) { 1601c03d75c73b9f5fa24a795a0d546f4f56b82ab9bJan Nordqvist Log.e(Utils.hs2LogTag(getClass()), "Failed to construct digest: " + gse); 161a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist fingerPrint = null; 162a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } 16305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } else // !!! The current alias is *not* derived from the fingerprint... 164a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist { 165a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist try { 166a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist fingerPrint = Base64.decode(enterpriseConfig.getClientCertificateAlias(), 167a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist Base64.DEFAULT); 168a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } catch (IllegalArgumentException ie) { 1691c03d75c73b9f5fa24a795a0d546f4f56b82ab9bJan Nordqvist Log.e(Utils.hs2LogTag(getClass()), "Bad base 64 alias"); 170a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist fingerPrint = null; 171a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } 172a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } 17305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } else { 174a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist fingerPrint = null; 175d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande } 176a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist mFingerPrint = fingerPrint; 17703e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mImsi = enterpriseConfig.getPlmn(); 178d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande mUserName = enterpriseConfig.getIdentity(); 179d3fb9cbb12d013dd70e672ace5c41ab18a3679a0Vinit Deshpande mPassword = enterpriseConfig.getPassword(); 180820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist mDisregardPassword = update && mPassword.length() < 2; 18103e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mMachineManaged = false; 18203e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mSTokenApp = null; 18303e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande mShare = false; 18403e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande } 18503e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande 18671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public static CertType mapCertType(String certType) throws OMAException { 187a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist if (certType.equalsIgnoreCase(CertTypeX509)) { 18871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return CertType.x509v3; 189a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist } else if (certType.equalsIgnoreCase(CertTypeIEEE)) { 19071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return CertType.IEEE; 19171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } else { 19271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist throw new OMAException("Invalid cert type: '" + certType + "'"); 19371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 19471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 19571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 196a7ead3d4be45cb69bb5851f1a6f9673e93607fc2Jan Nordqvist private static EAPMethod mapEapMethod(int eapMethod, int phase2Method) throws IOException { 19705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist switch (eapMethod) { 19805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.TLS: 19905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_TLS, null); 20005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.TTLS: 20103e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande /* keep this table in sync with WifiEnterpriseConfig.Phase2 enum */ 20205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist NonEAPInnerAuth inner; 20305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist switch (phase2Method) { 20405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Phase2.PAP: 20505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist inner = new NonEAPInnerAuth(NonEAPInnerAuth.NonEAPType.PAP); 20605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist break; 20705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Phase2.MSCHAP: 20805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist inner = new NonEAPInnerAuth(NonEAPInnerAuth.NonEAPType.MSCHAP); 20905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist break; 21005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Phase2.MSCHAPV2: 21105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist inner = new NonEAPInnerAuth(NonEAPInnerAuth.NonEAPType.MSCHAPv2); 21205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist break; 21305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist default: 21405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist throw new IOException("TTLS phase2 method " + 21505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist phase2Method + " not valid for Passpoint"); 21605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } 21705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_TTLS, inner); 21805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.SIM: 21905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_SIM, null); 22005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.AKA: 22105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_AKA, null); 22205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist case WifiEnterpriseConfig.Eap.AKA_PRIME: 22305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return new EAPMethod(EAP.EAPMethodID.EAP_AKAPrim, null); 22405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist default: 22505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist String methodName; 22605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (eapMethod >= 0 && eapMethod < WifiEnterpriseConfig.Eap.strings.length) { 22705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist methodName = WifiEnterpriseConfig.Eap.strings[eapMethod]; 22805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } else { 22905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist methodName = Integer.toString(eapMethod); 23005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } 23105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist throw new IOException("EAP method id " + methodName + " is not valid for Passpoint"); 23203e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande } 23303e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande } 23403e92b925a595a1a467290a2d54ca2602cce9b9eVinit Deshpande 23571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public EAPMethod getEAPMethod() { 23671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return mEAPMethod; 23771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 23871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 23971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public String getRealm() { 24071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return mRealm; 24171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 24271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 24371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public String getImsi() { 24471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return mImsi; 24571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 24671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist 24777f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist public String getUserName() { 24877f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist return mUserName; 24977f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist } 25077f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist 25177f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist public String getPassword() { 25277f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist return mPassword; 25377f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist } 25477f2b82a2e80af8da52c22d69a76def6d4209757Jan Nordqvist 255820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public boolean hasDisregardPassword() { 256820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return mDisregardPassword; 257820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 258820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 259a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist public CertType getCertType() { 260a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist return mCertType; 261a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist } 262a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist 263a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist public byte[] getFingerPrint() { 264a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist return mFingerPrint; 265a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist } 266a1edc185d46d85e04930a5e12b465de9fea64afeJan Nordqvist 267820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public long getCtime() { 268820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return mCtime; 269820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 270820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 271820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist public long getExpTime() { 272820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return mExpTime; 273820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 274820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 27571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist @Override 27605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist public boolean equals(Object o) { 27705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (this == o) return true; 27805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (o == null || getClass() != o.getClass()) return false; 27905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 28005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist Credential that = (Credential) o; 28105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 28205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mCheckAAACert != that.mCheckAAACert) return false; 28305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mCtime != that.mCtime) return false; 28405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mExpTime != that.mExpTime) return false; 28505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mMachineManaged != that.mMachineManaged) return false; 28605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mShare != that.mShare) return false; 28705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (mCertType != that.mCertType) return false; 28805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (!mEAPMethod.equals(that.mEAPMethod)) return false; 28905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (!Arrays.equals(mFingerPrint, that.mFingerPrint)) return false; 290820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (!safeEquals(mImsi, that.mImsi)) { 29105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return false; 292820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 293820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 294820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (!mDisregardPassword && !safeEquals(mPassword, that.mPassword)) { 295820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return false; 296820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 297820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 29805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist if (!mRealm.equals(that.mRealm)) return false; 299820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (!safeEquals(mSTokenApp, that.mSTokenApp)) { 30005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return false; 301820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 302820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (!safeEquals(mUserName, that.mUserName)) { 30305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return false; 304820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 30505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 30605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return true; 30705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } 30805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 309820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist private static boolean safeEquals(String s1, String s2) { 310820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist if (s1 == null) { 311820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return s2 == null; 312820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 313820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist else { 314820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist return s2 != null && s1.equals(s2); 315820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 316820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist } 317820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist 31805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist @Override 31905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist public int hashCode() { 32005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist int result = (int) (mCtime ^ (mCtime >>> 32)); 32105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (int) (mExpTime ^ (mExpTime >>> 32)); 32205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + mRealm.hashCode(); 32305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mCheckAAACert ? 1 : 0); 32405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mUserName != null ? mUserName.hashCode() : 0); 32505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mPassword != null ? mPassword.hashCode() : 0); 32605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mMachineManaged ? 1 : 0); 32705d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mSTokenApp != null ? mSTokenApp.hashCode() : 0); 32805d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mShare ? 1 : 0); 32905d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + mEAPMethod.hashCode(); 33005d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mCertType != null ? mCertType.hashCode() : 0); 33105d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mFingerPrint != null ? Arrays.hashCode(mFingerPrint) : 0); 33205d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist result = 31 * result + (mImsi != null ? mImsi.hashCode() : 0); 33305d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist return result; 33405d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist } 33505d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist 33605d2f4e6f26834a94b53187e6121379a16749088Jan Nordqvist @Override 33771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist public String toString() { 33871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist return "Credential{" + 33971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist "mCtime=" + Utils.toUTCString(mCtime) + 34071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mExpTime=" + Utils.toUTCString(mExpTime) + 34171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mRealm='" + mRealm + '\'' + 34271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mCheckAAACert=" + mCheckAAACert + 34371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mUserName='" + mUserName + '\'' + 34471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mPassword='" + mPassword + '\'' + 345820d73615f338d6c71f2d75aba0ad8410e9eed3eJan Nordqvist ", mDisregardPassword=" + mDisregardPassword + 34671a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mMachineManaged=" + mMachineManaged + 34771a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mSTokenApp='" + mSTokenApp + '\'' + 34871a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mShare=" + mShare + 34971a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mEAPMethod=" + mEAPMethod + 35071a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mCertType=" + mCertType + 35171a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mFingerPrint=" + Utils.toHexString(mFingerPrint) + 35271a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist ", mImsi='" + mImsi + '\'' + 35371a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist '}'; 35471a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist } 35571a988c8e9859244b83cd55bb6b6ee913fcaf95cJan Nordqvist} 356