WifiEnterpriseConfig.java revision a0e3d62162e71fcf701edac84fddbf219bbaa45d
19b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff/* 29b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Copyright (C) 2013 The Android Open Source Project 39b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * 49b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Licensed under the Apache License, Version 2.0 (the "License"); 59b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * you may not use this file except in compliance with the License. 69b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * You may obtain a copy of the License at 79b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * 89b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * http://www.apache.org/licenses/LICENSE-2.0 99b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * 109b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Unless required by applicable law or agreed to in writing, software 119b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * distributed under the License is distributed on an "AS IS" BASIS, 129b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 139b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * See the License for the specific language governing permissions and 149b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * limitations under the License. 159b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 169b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriffpackage android.net.wifi; 179b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 18a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xuimport android.annotation.Nullable; 199b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriffimport android.os.Parcel; 209b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriffimport android.os.Parcelable; 219b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriffimport android.security.Credentials; 229b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriffimport android.text.TextUtils; 2326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 2426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.io.ByteArrayInputStream; 25a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xuimport java.nio.charset.StandardCharsets; 2626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.KeyFactory; 2726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.NoSuchAlgorithmException; 2826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.PrivateKey; 2926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.cert.CertificateEncodingException; 3026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.cert.CertificateException; 3126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.cert.CertificateFactory; 3226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.cert.X509Certificate; 3326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.spec.InvalidKeySpecException; 3426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriffimport java.security.spec.PKCS8EncodedKeySpec; 359b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriffimport java.util.HashMap; 369b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriffimport java.util.Map; 379b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 38ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde/** 39fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * Enterprise configuration details for Wi-Fi. Stores details about the EAP method 40fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * and any associated credentials. 41fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff */ 429b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriffpublic class WifiEnterpriseConfig implements Parcelable { 439b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 44ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 45ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String EMPTY_VALUE = "NULL"; 46ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 47ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String EAP_KEY = "eap"; 48ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 49ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String PHASE2_KEY = "phase2"; 50ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 51ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String IDENTITY_KEY = "identity"; 52ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 53ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String ANON_IDENTITY_KEY = "anonymous_identity"; 54ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 55ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String PASSWORD_KEY = "password"; 56ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 57ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String SUBJECT_MATCH_KEY = "subject_match"; 58ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 59b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public static final String ALTSUBJECT_MATCH_KEY = "altsubject_match"; 60b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** @hide */ 61c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist public static final String DOM_SUFFIX_MATCH_KEY = "domain_suffix_match"; 62c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist /** @hide */ 63ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String OPP_KEY_CACHING = "proactive_key_caching"; 64ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** 65ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * String representing the keystore OpenSSL ENGINE's ID. 66ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * @hide 67ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde */ 68ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String ENGINE_ID_KEYSTORE = "keystore"; 69ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde 70ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** 71ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * String representing the keystore URI used for wpa_supplicant. 72ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * @hide 73ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde */ 74ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String KEYSTORE_URI = "keystore://"; 75ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde 76ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** 77a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * String representing the keystore URI used for wpa_supplicant, 78a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * Unlike #KEYSTORE_URI, this supports a list of space-delimited aliases 79a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @hide 80a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu */ 81a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu public static final String KEYSTORES_URI = "keystores://"; 82a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 83a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu /** 84ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * String to set the engine value to when it should be enabled. 85ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * @hide 86ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde */ 87ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String ENGINE_ENABLE = "1"; 88ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde 89ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** 90ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * String to set the engine value to when it should be disabled. 91ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * @hide 92ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde */ 93ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String ENGINE_DISABLE = "0"; 94ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde 95ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 96ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String CA_CERT_PREFIX = KEYSTORE_URI + Credentials.CA_CERTIFICATE; 97ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 98ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String CLIENT_CERT_PREFIX = KEYSTORE_URI + Credentials.USER_CERTIFICATE; 99ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 100ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String CLIENT_CERT_KEY = "client_cert"; 101ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 102ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String CA_CERT_KEY = "ca_cert"; 103ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 104ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String ENGINE_KEY = "engine"; 105ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 106ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String ENGINE_ID_KEY = "engine_id"; 107ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** @hide */ 108ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String PRIVATE_KEY_ID_KEY = "key_id"; 109b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** @hide */ 110b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public static final String REALM_KEY = "realm"; 111b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** @hide */ 112b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public static final String PLMN_KEY = "plmn"; 1132452e54de65312163b1073fc699a432e2dd2a704xinhe /** @hide */ 1142452e54de65312163b1073fc699a432e2dd2a704xinhe public static final String PHASE1_KEY = "phase1"; 115a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu /** @hide */ 116a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu public static final String CA_CERT_ALIAS_DELIMITER = " "; 117b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande 1182452e54de65312163b1073fc699a432e2dd2a704xinhe /** {@hide} */ 1192452e54de65312163b1073fc699a432e2dd2a704xinhe public static final String ENABLE_TLS_1_2 = "\"tls_disable_tlsv1_2=0\""; 1202452e54de65312163b1073fc699a432e2dd2a704xinhe /** {@hide} */ 1212452e54de65312163b1073fc699a432e2dd2a704xinhe public static final String DISABLE_TLS_1_2 = "\"tls_disable_tlsv1_2=1\""; 122ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde 1239b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff private HashMap<String, String> mFields = new HashMap<String, String>(); 1242452e54de65312163b1073fc699a432e2dd2a704xinhe //By default, we enable TLS1.2. However, due to a known bug on some radius, we may disable it to 1252452e54de65312163b1073fc699a432e2dd2a704xinhe // fall back to TLS 1.1. 1262452e54de65312163b1073fc699a432e2dd2a704xinhe private boolean mTls12Enable = true; 127a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu private X509Certificate[] mCaCerts; 12826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff private PrivateKey mClientPrivateKey; 12926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff private X509Certificate mClientCertificate; 1309b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 1319b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public WifiEnterpriseConfig() { 132e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff // Do not set defaults so that the enterprise fields that are not changed 133e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff // by API are not changed underneath 134e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff // This is essential because an app may not have all fields like password 135e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff // available. It allows modification of subset of fields. 136e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff 1379b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 1389b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 1399b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** Copy constructor */ 1409b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public WifiEnterpriseConfig(WifiEnterpriseConfig source) { 1419b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff for (String key : source.mFields.keySet()) { 1429b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff mFields.put(key, source.mFields.get(key)); 1439b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 1449b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 1459b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 1469b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff @Override 1479b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public int describeContents() { 1489b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return 0; 1499b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 1509b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 15186ee9640ee6d6bd9bb655af830eea5515400f25bIrfan Sheriff @Override 1529b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public void writeToParcel(Parcel dest, int flags) { 1539b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff dest.writeInt(mFields.size()); 1549b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff for (Map.Entry<String, String> entry : mFields.entrySet()) { 1559b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff dest.writeString(entry.getKey()); 1569b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff dest.writeString(entry.getValue()); 1579b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 15826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 159a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu writeCertificates(dest, mCaCerts); 16026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 16126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (mClientPrivateKey != null) { 16226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff String algorithm = mClientPrivateKey.getAlgorithm(); 16326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff byte[] userKeyBytes = mClientPrivateKey.getEncoded(); 16426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff dest.writeInt(userKeyBytes.length); 16526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff dest.writeByteArray(userKeyBytes); 16626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff dest.writeString(algorithm); 16726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } else { 16826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff dest.writeInt(0); 16926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 17026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 17126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff writeCertificate(dest, mClientCertificate); 1722452e54de65312163b1073fc699a432e2dd2a704xinhe dest.writeInt(mTls12Enable ? 1: 0); 17326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 17426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 175a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu private void writeCertificates(Parcel dest, X509Certificate[] cert) { 176a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (cert != null && cert.length != 0) { 177a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu dest.writeInt(cert.length); 178a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu for (int i = 0; i < cert.length; i++) { 179a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu writeCertificate(dest, cert[i]); 180a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 181a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else { 182a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu dest.writeInt(0); 183a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 184a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 185a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 18626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff private void writeCertificate(Parcel dest, X509Certificate cert) { 18726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (cert != null) { 18826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff try { 18926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff byte[] certBytes = cert.getEncoded(); 19026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff dest.writeInt(certBytes.length); 19126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff dest.writeByteArray(certBytes); 19226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } catch (CertificateEncodingException e) { 19326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff dest.writeInt(0); 19426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 19526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } else { 19626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff dest.writeInt(0); 19726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 1989b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 1999b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 2009b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final Creator<WifiEnterpriseConfig> CREATOR = 2019b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff new Creator<WifiEnterpriseConfig>() { 2029b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public WifiEnterpriseConfig createFromParcel(Parcel in) { 2039b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig(); 2049b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff int count = in.readInt(); 2059b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff for (int i = 0; i < count; i++) { 2069b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff String key = in.readString(); 2079b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff String value = in.readString(); 2089b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff enterpriseConfig.mFields.put(key, value); 2099b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 21026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 211a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu enterpriseConfig.mCaCerts = readCertificates(in); 21226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 21326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff PrivateKey userKey = null; 21426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff int len = in.readInt(); 21526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (len > 0) { 21626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff try { 21726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff byte[] bytes = new byte[len]; 21826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff in.readByteArray(bytes); 21926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff String algorithm = in.readString(); 22026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff KeyFactory keyFactory = KeyFactory.getInstance(algorithm); 22126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff userKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes)); 22226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } catch (NoSuchAlgorithmException e) { 22326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff userKey = null; 22426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } catch (InvalidKeySpecException e) { 22526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff userKey = null; 22626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 22726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 22826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 22926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff enterpriseConfig.mClientPrivateKey = userKey; 23026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff enterpriseConfig.mClientCertificate = readCertificate(in); 2312452e54de65312163b1073fc699a432e2dd2a704xinhe enterpriseConfig.mTls12Enable = (in.readInt() == 1); 2329b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return enterpriseConfig; 2339b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 2349b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 235a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu private X509Certificate[] readCertificates(Parcel in) { 236a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu X509Certificate[] certs = null; 237a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu int len = in.readInt(); 238a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (len > 0) { 239a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu certs = new X509Certificate[len]; 240a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu for (int i = 0; i < len; i++) { 241a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu certs[i] = readCertificate(in); 242a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 243a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 244a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return certs; 245a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 246a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 24726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff private X509Certificate readCertificate(Parcel in) { 24826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff X509Certificate cert = null; 24926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff int len = in.readInt(); 25026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (len > 0) { 25126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff try { 25226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff byte[] bytes = new byte[len]; 25326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff in.readByteArray(bytes); 25426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff CertificateFactory cFactory = CertificateFactory.getInstance("X.509"); 25526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff cert = (X509Certificate) cFactory 25626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff .generateCertificate(new ByteArrayInputStream(bytes)); 25726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } catch (CertificateException e) { 25826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff cert = null; 25926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 26026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 26126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff return cert; 26226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 26326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 2649b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public WifiEnterpriseConfig[] newArray(int size) { 2659b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return new WifiEnterpriseConfig[size]; 2669b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 2679b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff }; 2689b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 269fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** The Extensible Authentication Protocol method used */ 2709b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final class Eap { 271fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** No EAP method used. Represents an empty config */ 272e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff public static final int NONE = -1; 273fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** Protected EAP */ 2749b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int PEAP = 0; 275fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** EAP-Transport Layer Security */ 2769b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int TLS = 1; 277fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** EAP-Tunneled Transport Layer Security */ 2789b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int TTLS = 2; 279fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** EAP-Password */ 2809b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int PWD = 3; 281c8505931420dd9a76acf940a56b31354cd0105b0Vinit Deshpande /** EAP-Subscriber Identity Module */ 2827fee7232ee2ae45fb3cd4fcce314e8f1101ae8dbRoger Chang public static final int SIM = 4; 283c8505931420dd9a76acf940a56b31354cd0105b0Vinit Deshpande /** EAP-Authentication and Key Agreement */ 2847fee7232ee2ae45fb3cd4fcce314e8f1101ae8dbRoger Chang public static final int AKA = 5; 285adf9e95ecc5d0867adf1dc2d7adcac958457b98eJean-Michel Bachot /** EAP-Authentication and Key Agreement Prime */ 286adf9e95ecc5d0867adf1dc2d7adcac958457b98eJean-Michel Bachot public static final int AKA_PRIME = 6; 2879b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** @hide */ 288adf9e95ecc5d0867adf1dc2d7adcac958457b98eJean-Michel Bachot public static final String[] strings = { "PEAP", "TLS", "TTLS", "PWD", "SIM", "AKA", "AKA'" }; 28940843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff 29040843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff /** Prevent initialization */ 29140843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff private Eap() {} 2929b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 2939b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 294fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** The inner authentication method used */ 2959b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final class Phase2 { 2969b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int NONE = 0; 297fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** Password Authentication Protocol */ 2989b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int PAP = 1; 299fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** Microsoft Challenge Handshake Authentication Protocol */ 3009b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int MSCHAP = 2; 301fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** Microsoft Challenge Handshake Authentication Protocol v2 */ 3029b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int MSCHAPV2 = 3; 303fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff /** Generic Token Card */ 3049b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public static final int GTC = 4; 3059b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff private static final String PREFIX = "auth="; 3069b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** @hide */ 307ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public static final String[] strings = {EMPTY_VALUE, "PAP", "MSCHAP", 308ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde "MSCHAPV2", "GTC" }; 30940843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff 31040843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff /** Prevent initialization */ 31140843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff private Phase2() {} 3129b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 3139b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 314ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** Internal use only 315ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * @hide 316ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde */ 317ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public HashMap<String, String> getFields() { 3189b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return mFields; 3199b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 3209b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 3219b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 3229b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Set the EAP authentication method. 3239b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param eapMethod is one {@link Eap#PEAP}, {@link Eap#TLS}, {@link Eap#TTLS} or 3249b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * {@link Eap#PWD} 325fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * @throws IllegalArgumentException on an invalid eap method 3269b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 3279b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public void setEapMethod(int eapMethod) { 3289b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff switch (eapMethod) { 3299b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** Valid methods */ 33026a98001ad3ec626f18fd57165ccc404f80d4e51Vinit Deshpande case Eap.TLS: 33126a98001ad3ec626f18fd57165ccc404f80d4e51Vinit Deshpande setPhase2Method(Phase2.NONE); 33226a98001ad3ec626f18fd57165ccc404f80d4e51Vinit Deshpande /* fall through */ 3339b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff case Eap.PEAP: 3349b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff case Eap.PWD: 3359b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff case Eap.TTLS: 3367fee7232ee2ae45fb3cd4fcce314e8f1101ae8dbRoger Chang case Eap.SIM: 3377fee7232ee2ae45fb3cd4fcce314e8f1101ae8dbRoger Chang case Eap.AKA: 338adf9e95ecc5d0867adf1dc2d7adcac958457b98eJean-Michel Bachot case Eap.AKA_PRIME: 339ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(EAP_KEY, Eap.strings[eapMethod]); 340ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(OPP_KEY_CACHING, "1"); 3419b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff break; 3429b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff default: 3439b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff throw new IllegalArgumentException("Unknown EAP method"); 3449b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 3459b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 3469b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 3479b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 3482452e54de65312163b1073fc699a432e2dd2a704xinhe * Set the TLS version 3492452e54de65312163b1073fc699a432e2dd2a704xinhe * @param enable: true -- enable TLS1.2 false -- disable TLS1.2 3502452e54de65312163b1073fc699a432e2dd2a704xinhe * @hide 3512452e54de65312163b1073fc699a432e2dd2a704xinhe */ 3522452e54de65312163b1073fc699a432e2dd2a704xinhe public void setTls12Enable(boolean enable) { 3532452e54de65312163b1073fc699a432e2dd2a704xinhe mTls12Enable = enable; 3542452e54de65312163b1073fc699a432e2dd2a704xinhe mFields.put(PHASE1_KEY, 3552452e54de65312163b1073fc699a432e2dd2a704xinhe enable ? ENABLE_TLS_1_2 : DISABLE_TLS_1_2); 3562452e54de65312163b1073fc699a432e2dd2a704xinhe } 3572452e54de65312163b1073fc699a432e2dd2a704xinhe 3582452e54de65312163b1073fc699a432e2dd2a704xinhe /** 3592452e54de65312163b1073fc699a432e2dd2a704xinhe * Get the TLS1.2 enabled or not 3602452e54de65312163b1073fc699a432e2dd2a704xinhe * @return eap method configured 3612452e54de65312163b1073fc699a432e2dd2a704xinhe * @hide 3622452e54de65312163b1073fc699a432e2dd2a704xinhe */ 3632452e54de65312163b1073fc699a432e2dd2a704xinhe public boolean getTls12Enable() { 3642452e54de65312163b1073fc699a432e2dd2a704xinhe return mTls12Enable; 3652452e54de65312163b1073fc699a432e2dd2a704xinhe } 3662452e54de65312163b1073fc699a432e2dd2a704xinhe 3672452e54de65312163b1073fc699a432e2dd2a704xinhe /** 3689b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Get the eap method. 3699b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return eap method configured 3709b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 3719b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public int getEapMethod() { 372ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde String eapMethod = mFields.get(EAP_KEY); 373e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff return getStringIndex(Eap.strings, eapMethod, Eap.NONE); 3749b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 3759b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 3769b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 3779b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Set Phase 2 authentication method. Sets the inner authentication method to be used in 3789b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * phase 2 after setting up a secure channel 3799b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param phase2Method is the inner authentication method and can be one of {@link Phase2#NONE}, 3809b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * {@link Phase2#PAP}, {@link Phase2#MSCHAP}, {@link Phase2#MSCHAPV2}, 3819b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * {@link Phase2#GTC} 382fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * @throws IllegalArgumentException on an invalid phase2 method 3839b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * 3849b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 3859b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public void setPhase2Method(int phase2Method) { 3869b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff switch (phase2Method) { 3879b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff case Phase2.NONE: 388ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(PHASE2_KEY, EMPTY_VALUE); 3899b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff break; 3909b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** Valid methods */ 3919b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff case Phase2.PAP: 3929b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff case Phase2.MSCHAP: 3939b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff case Phase2.MSCHAPV2: 3949b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff case Phase2.GTC: 395ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(PHASE2_KEY, convertToQuotedString( 3969b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff Phase2.PREFIX + Phase2.strings[phase2Method])); 3979b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff break; 3989b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff default: 3999b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff throw new IllegalArgumentException("Unknown Phase 2 method"); 4009b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 4019b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 4029b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 4039b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 4049b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Get the phase 2 authentication method. 4059b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return a phase 2 method defined at {@link Phase2} 4069b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * */ 4079b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public int getPhase2Method() { 408ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde String phase2Method = removeDoubleQuotes(mFields.get(PHASE2_KEY)); 409e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff // Remove auth= prefix 410e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff if (phase2Method.startsWith(Phase2.PREFIX)) { 411e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff phase2Method = phase2Method.substring(Phase2.PREFIX.length()); 412e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff } 4139b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return getStringIndex(Phase2.strings, phase2Method, Phase2.NONE); 4149b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 4159b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 4169b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 4179b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Set the identity 4189b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param identity 4199b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 4209b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public void setIdentity(String identity) { 421ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde setFieldValue(IDENTITY_KEY, identity, ""); 4229b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 4239b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 4249b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 4259b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Get the identity 4269b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return the identity 4279b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 4289b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public String getIdentity() { 429ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde return getFieldValue(IDENTITY_KEY, ""); 4309b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 4319b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 4329b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 4339b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Set anonymous identity. This is used as the unencrypted identity with 4349b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * certain EAP types 4359b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param anonymousIdentity the anonymous identity 4369b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 4379b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public void setAnonymousIdentity(String anonymousIdentity) { 438ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde setFieldValue(ANON_IDENTITY_KEY, anonymousIdentity, ""); 4399b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 4409b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 4419b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** Get the anonymous identity 4429b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return anonymous identity 4439b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 4449b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public String getAnonymousIdentity() { 445ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde return getFieldValue(ANON_IDENTITY_KEY, ""); 4469b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 4479b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 4489b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 4499b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Set the password. 4509b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param password the password 4519b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 4529b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public void setPassword(String password) { 453ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde setFieldValue(PASSWORD_KEY, password, ""); 4549b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 4559b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 4569b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 45740843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff * Get the password. 45840843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff * 45940843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff * Returns locally set password value. For networks fetched from 46040843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff * framework, returns "*". 46140843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff */ 46240843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff public String getPassword() { 463ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde return getFieldValue(PASSWORD_KEY, ""); 46440843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff } 46540843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff 46640843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff /** 467a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * Encode a CA certificate alias so it does not contain illegal character. 468a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @hide 469a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu */ 470a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu public static String encodeCaCertificateAlias(String alias) { 471a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu byte[] bytes = alias.getBytes(StandardCharsets.UTF_8); 472a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu StringBuilder sb = new StringBuilder(bytes.length * 2); 473a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu for (byte o : bytes) { 474a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu sb.append(String.format("%02x", o & 0xFF)); 475a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 476a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return sb.toString(); 477a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 478a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 479a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu /** 480a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * Decode a previously-encoded CA certificate alias. 481a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @hide 482a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu */ 483a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu public static String decodeCaCertificateAlias(String alias) { 484a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu byte[] data = new byte[alias.length() >> 1]; 485a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu for (int n = 0, position = 0; n < alias.length(); n += 2, position++) { 486a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu data[position] = (byte) Integer.parseInt(alias.substring(n, n + 2), 16); 487a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 488a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu try { 489a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return new String(data, StandardCharsets.UTF_8); 490a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } catch (NumberFormatException e) { 491a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu e.printStackTrace(); 492a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return alias; 493a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 494a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 495a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 496a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu /** 4979b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Set CA certificate alias. 4989b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * 4999b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * <p> See the {@link android.security.KeyChain} for details on installing or choosing 5009b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * a certificate 5019b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * </p> 5029b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param alias identifies the certificate 50326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * @hide 5049b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 50526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff public void setCaCertificateAlias(String alias) { 506ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde setFieldValue(CA_CERT_KEY, alias, CA_CERT_PREFIX); 5079b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 5089b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 5099b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 510a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * Set CA certificate aliases. When creating installing the corresponding certificate to 511a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * the keystore, please use alias encoded by {@link #encodeCaCertificateAlias(String)}. 512a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * 513a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * <p> See the {@link android.security.KeyChain} for details on installing or choosing 514a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * a certificate. 515a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * </p> 516a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @param aliases identifies the certificate 517a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @hide 518a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu */ 519a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu public void setCaCertificateAliases(@Nullable String[] aliases) { 520a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (aliases == null) { 521a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu setFieldValue(CA_CERT_KEY, null, CA_CERT_PREFIX); 522a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else if (aliases.length == 1) { 523a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu // Backwards compatibility: use the original cert prefix if setting only one alias. 524a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu setCaCertificateAlias(aliases[0]); 525a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else { 526a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu // Use KEYSTORES_URI which supports multiple aliases. 527a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu StringBuilder sb = new StringBuilder(); 528a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu for (int i = 0; i < aliases.length; i++) { 529a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (i > 0) { 530a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu sb.append(CA_CERT_ALIAS_DELIMITER); 531a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 532a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu sb.append(encodeCaCertificateAlias(Credentials.CA_CERTIFICATE + aliases[i])); 533a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 534a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu setFieldValue(CA_CERT_KEY, sb.toString(), KEYSTORES_URI); 535a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 536a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 537a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 538a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu /** 5399b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Get CA certificate alias 5409b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return alias to the CA certificate 54126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * @hide 5429b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 54326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff public String getCaCertificateAlias() { 544ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde return getFieldValue(CA_CERT_KEY, CA_CERT_PREFIX); 5459b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 5469b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 5479b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 548a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * Get CA certificate aliases 549a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @return alias to the CA certificate 550a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @hide 551a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu */ 552a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu @Nullable public String[] getCaCertificateAliases() { 553a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu String value = getFieldValue(CA_CERT_KEY, ""); 554a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (value.startsWith(CA_CERT_PREFIX)) { 555a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu // Backwards compatibility: parse the original alias prefix. 556a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return new String[] {getFieldValue(CA_CERT_KEY, CA_CERT_PREFIX)}; 557a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else if (value.startsWith(KEYSTORES_URI)) { 558a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu String values = value.substring(KEYSTORES_URI.length()); 559a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 560a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu String[] aliases = TextUtils.split(values, CA_CERT_ALIAS_DELIMITER); 561a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu for (int i = 0; i < aliases.length; i++) { 562a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu aliases[i] = decodeCaCertificateAlias(aliases[i]); 563a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (aliases[i].startsWith(Credentials.CA_CERTIFICATE)) { 564a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu aliases[i] = aliases[i].substring(Credentials.CA_CERTIFICATE.length()); 565a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 566a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 567a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return aliases.length != 0 ? aliases : null; 568a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else { 569a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return TextUtils.isEmpty(value) ? null : new String[] {value}; 570a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 571a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 572a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 573a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu /** 57426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * Specify a X.509 certificate that identifies the server. 57526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * 57626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * <p>A default name is automatically assigned to the certificate and used 577fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * with this configuration. The framework takes care of installing the 578fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * certificate when the config is saved and removing the certificate when 579fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * the config is removed. 580fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * 58126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * @param cert X.509 CA certificate 58226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * @throws IllegalArgumentException if not a CA certificate 58326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff */ 584a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu public void setCaCertificate(@Nullable X509Certificate cert) { 5850b4732c2248fa2b92a44f045dfcadb3547076ef4Irfan Sheriff if (cert != null) { 5860b4732c2248fa2b92a44f045dfcadb3547076ef4Irfan Sheriff if (cert.getBasicConstraints() >= 0) { 587a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu mCaCerts = new X509Certificate[] {cert}; 5880b4732c2248fa2b92a44f045dfcadb3547076ef4Irfan Sheriff } else { 5890b4732c2248fa2b92a44f045dfcadb3547076ef4Irfan Sheriff throw new IllegalArgumentException("Not a CA certificate"); 5900b4732c2248fa2b92a44f045dfcadb3547076ef4Irfan Sheriff } 59126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } else { 592a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu mCaCerts = null; 59326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 59426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 59526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 59626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff /** 597a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * Get CA certificate. If multiple CA certificates are configured previously, 598a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * return the first one. 59940843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff * @return X.509 CA certificate 60040843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff */ 601a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu @Nullable public X509Certificate getCaCertificate() { 602a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (mCaCerts != null && mCaCerts.length > 0) { 603a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return mCaCerts[0]; 604a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else { 605a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return null; 606a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 607a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 608a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 609a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu /** 610a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * Specify a list of X.509 certificates that identifies the server. The validation 611a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * passes if the CA of server certificate matches one of the given certificates. 612a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 613a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * <p>Default names are automatically assigned to the certificates and used 614a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * with this configuration. The framework takes care of installing the 615a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * certificates when the config is saved and removing the certificates when 616a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * the config is removed. 617a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * 618a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @param certs X.509 CA certificates 619a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * @throws IllegalArgumentException if any of the provided certificates is 620a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * not a CA certificate 621a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu */ 622a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu public void setCaCertificates(@Nullable X509Certificate[] certs) { 623a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (certs != null) { 624a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu X509Certificate[] newCerts = new X509Certificate[certs.length]; 625a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu for (int i = 0; i < certs.length; i++) { 626a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (certs[i].getBasicConstraints() >= 0) { 627a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu newCerts[i] = certs[i]; 628a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else { 629a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu throw new IllegalArgumentException("Not a CA certificate"); 630a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 631a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 632a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu mCaCerts = newCerts; 633a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else { 634a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu mCaCerts = null; 635a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 636a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 637a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu 638a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu /** 639a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu * Get CA certificates. 640a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu */ 641a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu @Nullable public X509Certificate[] getCaCertificates() { 642a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu if (mCaCerts != null || mCaCerts.length > 0) { 643a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return mCaCerts; 644a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } else { 645a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu return null; 646a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu } 64740843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff } 64840843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff 64940843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff /** 650ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde * @hide 651ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde */ 652ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde public void resetCaCertificate() { 653a0e3d62162e71fcf701edac84fddbf219bbaa45dRubin Xu mCaCerts = null; 654ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde } 655ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde 656ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde /** Set Client certificate alias. 6579b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * 6589b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * <p> See the {@link android.security.KeyChain} for details on installing or choosing 6599b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * a certificate 6609b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * </p> 6619b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param alias identifies the certificate 66226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * @hide 6639b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 66426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff public void setClientCertificateAlias(String alias) { 665ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde setFieldValue(CLIENT_CERT_KEY, alias, CLIENT_CERT_PREFIX); 666ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde setFieldValue(PRIVATE_KEY_ID_KEY, alias, Credentials.USER_PRIVATE_KEY); 6679b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff // Also, set engine parameters 6689b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff if (TextUtils.isEmpty(alias)) { 669ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(ENGINE_KEY, ENGINE_DISABLE); 670ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(ENGINE_ID_KEY, EMPTY_VALUE); 6719b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } else { 672ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(ENGINE_KEY, ENGINE_ENABLE); 673ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(ENGINE_ID_KEY, convertToQuotedString(ENGINE_ID_KEYSTORE)); 6749b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 6759b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 6769b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 6779b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 6789b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * Get client certificate alias 6799b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return alias to the client certificate 68026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * @hide 6819b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 68226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff public String getClientCertificateAlias() { 683ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde return getFieldValue(CLIENT_CERT_KEY, CLIENT_CERT_PREFIX); 6849b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 6859b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 6869b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 68726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * Specify a private key and client certificate for client authorization. 68826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * 68926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * <p>A default name is automatically assigned to the key entry and used 690fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * with this configuration. The framework takes care of installing the 691fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * key entry when the config is saved and removing the key entry when 692fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * the config is removed. 693fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff 69426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * @param privateKey 69526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff * @param clientCertificate 696fdc028383a01eaaa9bf93cb5d3ce50bd744eab52Irfan Sheriff * @throws IllegalArgumentException for an invalid key or certificate. 69726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff */ 69826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff public void setClientKeyEntry(PrivateKey privateKey, X509Certificate clientCertificate) { 69926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (clientCertificate != null) { 70026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (clientCertificate.getBasicConstraints() != -1) { 70126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff throw new IllegalArgumentException("Cannot be a CA certificate"); 70226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 70326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (privateKey == null) { 70426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff throw new IllegalArgumentException("Client cert without a private key"); 70526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 70626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (privateKey.getEncoded() == null) { 70726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff throw new IllegalArgumentException("Private key cannot be encoded"); 70826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 70926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 71026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 71126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff mClientPrivateKey = privateKey; 71226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff mClientCertificate = clientCertificate; 71326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 71426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 71540843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff /** 71640843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff * Get client certificate 71740843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff * 71840843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff * @return X.509 client certificate 71940843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff */ 72040843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff public X509Certificate getClientCertificate() { 72140843589c46164c90fde29ad1c58291f17d4d9e6Irfan Sheriff return mClientCertificate; 72226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 72326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 724ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde /** 725ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde * @hide 726ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde */ 727ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde public void resetClientKeyEntry() { 728ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde mClientPrivateKey = null; 729ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde mClientCertificate = null; 73026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 73126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 732ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde /** 733ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde * @hide 734ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde */ 735ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde public PrivateKey getClientPrivateKey() { 736ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde return mClientPrivateKey; 73726d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 73826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 73926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff /** 740b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * Set subject match (deprecated). This is the substring to be matched against the subject of 741b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * the authentication server certificate. 7429b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param subjectMatch substring to be matched 743b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * @deprecated in favor of altSubjectMatch 7449b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 7459b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public void setSubjectMatch(String subjectMatch) { 746ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde setFieldValue(SUBJECT_MATCH_KEY, subjectMatch, ""); 7479b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 7489b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 7499b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** 750b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * Get subject match (deprecated) 7519b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return the subject match string 752b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * @deprecated in favor of altSubjectMatch 7539b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 7549b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public String getSubjectMatch() { 755ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde return getFieldValue(SUBJECT_MATCH_KEY, ""); 7569b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 7579b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 758b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** 759b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * Set alternate subject match. This is the substring to be matched against the 760b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * alternate subject of the authentication server certificate. 761b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * @param altSubjectMatch substring to be matched, for example 762b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * DNS:server.example.com;EMAIL:server@example.com 763b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande */ 764b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public void setAltSubjectMatch(String altSubjectMatch) { 765b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande setFieldValue(ALTSUBJECT_MATCH_KEY, altSubjectMatch, ""); 766b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande } 767b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande 768b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** 769b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * Get alternate subject match 770b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * @return the alternate subject match string 771b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande */ 772b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public String getAltSubjectMatch() { 773b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande return getFieldValue(ALTSUBJECT_MATCH_KEY, ""); 774c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist } 775c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist 776c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist /** 777c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * Set the domain_suffix_match directive on wpa_supplicant. This is the parameter to use 778c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * for Hotspot 2.0 defined matching of AAA server certs per WFA HS2.0 spec, section 7.3.3.2, 779c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * second paragraph. 780c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * 781c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * From wpa_supplicant documentation: 782c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * Constraint for server domain name. If set, this FQDN is used as a suffix match requirement 783c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * for the AAAserver certificate in SubjectAltName dNSName element(s). If a matching dNSName is 784c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * found, this constraint is met. If no dNSName values are present, this constraint is matched 785c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * against SubjectName CN using same suffix match comparison. 786c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * Suffix match here means that the host/domain name is compared one label at a time starting 787c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * from the top-level domain and all the labels in domain_suffix_match shall be included in the 788c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * certificate. The certificate may include additional sub-level labels in addition to the 789c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * required labels. 790c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * For example, domain_suffix_match=example.com would match test.example.com but would not 791c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * match test-example.com. 792c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * @param domain The domain value 793c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist */ 79437f0820d6c23aa92a2b591327a734916131cb69aJan Nordqvist public void setDomainSuffixMatch(String domain) { 795c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist setFieldValue(DOM_SUFFIX_MATCH_KEY, domain); 796c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist } 797c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist 798c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist /** 799c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * Get the domain_suffix_match value. See setDomSuffixMatch. 800c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist * @return The domain value. 801c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist */ 802a0d929e505432a8c84f3899696c910db16bd73bfVinit Deshpande public String getDomainSuffixMatch() { 803c91bc62f2bdca18c0ed96a740cbaa0383ea2860aJan Nordqvist return getFieldValue(DOM_SUFFIX_MATCH_KEY, ""); 804b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande } 805b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande 806b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** 807a0d929e505432a8c84f3899696c910db16bd73bfVinit Deshpande * Set realm for passpoint credential; realm identifies a set of networks where your 808a0d929e505432a8c84f3899696c910db16bd73bfVinit Deshpande * passpoint credential can be used 809b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * @param realm the realm 810b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande */ 811b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public void setRealm(String realm) { 812b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande setFieldValue(REALM_KEY, realm, ""); 813b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande } 814b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande 815b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** 816a0d929e505432a8c84f3899696c910db16bd73bfVinit Deshpande * Get realm for passpoint credential; see {@link #setRealm(String)} for more information 817b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * @return the realm 818b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande */ 819b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public String getRealm() { 820b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande return getFieldValue(REALM_KEY, ""); 821b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande } 822b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande 823b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** 824a0d929e505432a8c84f3899696c910db16bd73bfVinit Deshpande * Set plmn (Public Land Mobile Network) of the provider of passpoint credential 825a0d929e505432a8c84f3899696c910db16bd73bfVinit Deshpande * @param plmn the plmn value derived from mcc (mobile country code) & mnc (mobile network code) 826b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande */ 827b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public void setPlmn(String plmn) { 828b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande setFieldValue(PLMN_KEY, plmn, ""); 829b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande } 830b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande 831b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande /** 832a0d929e505432a8c84f3899696c910db16bd73bfVinit Deshpande * Get plmn (Public Land Mobile Network) for passpoint credential; see {@link #setPlmn 833a0d929e505432a8c84f3899696c910db16bd73bfVinit Deshpande * (String)} for more information 834b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande * @return the plmn 835b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande */ 836b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande public String getPlmn() { 837b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande return getFieldValue(PLMN_KEY, ""); 838b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande } 839b21d2489c1bd330e39f4489c7f221ebb4dffc283Vinit Deshpande 84026d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff /** See {@link WifiConfiguration#getKeyIdForCredentials} @hide */ 84126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff String getKeyId(WifiEnterpriseConfig current) { 842ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde String eap = mFields.get(EAP_KEY); 843ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde String phase2 = mFields.get(PHASE2_KEY); 84426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 84526d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff // If either eap or phase2 are not initialized, use current config details 84626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (TextUtils.isEmpty((eap))) { 847ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde eap = current.mFields.get(EAP_KEY); 84826d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 84926d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (TextUtils.isEmpty(phase2)) { 850ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde phase2 = current.mFields.get(PHASE2_KEY); 85126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 85226d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff return eap + "_" + phase2; 85326d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff } 85426d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff 8559b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff private String removeDoubleQuotes(String string) { 8560b4732c2248fa2b92a44f045dfcadb3547076ef4Irfan Sheriff if (TextUtils.isEmpty(string)) return ""; 8579b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff int length = string.length(); 8589b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff if ((length > 1) && (string.charAt(0) == '"') 8599b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff && (string.charAt(length - 1) == '"')) { 8609b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return string.substring(1, length - 1); 8619b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 8629b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return string; 8639b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 8649b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 8659b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff private String convertToQuotedString(String string) { 8669b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return "\"" + string + "\""; 8679b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 8689b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 8699b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** Returns the index at which the toBeFound string is found in the array. 8709b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param arr array of strings 8719b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param toBeFound string to be found 8729b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param defaultIndex default index to be returned when string is not found 8739b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return the index into array 8749b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 8759b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff private int getStringIndex(String arr[], String toBeFound, int defaultIndex) { 87626d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff if (TextUtils.isEmpty(toBeFound)) return defaultIndex; 8779b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff for (int i = 0; i < arr.length; i++) { 878e095675c872f40f630aa3f9189eb5c02f3cfee6dIrfan Sheriff if (toBeFound.equals(arr[i])) return i; 8799b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 8809b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return defaultIndex; 8819b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 8829b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 8839b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** Returns the field value for the key. 8849b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param key into the hash 8859b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param prefix is the prefix that the value may have 8869b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @return value 887ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde * @hide 8889b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 889ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public String getFieldValue(String key, String prefix) { 8909b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff String value = mFields.get(key); 89126d0076f0dbb021c4e5cc1b37b632b2223fd9278Irfan Sheriff // Uninitialized or known to be empty after reading from supplicant 892ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde if (TextUtils.isEmpty(value) || EMPTY_VALUE.equals(value)) return ""; 893dda5a7152fd6e5933503aba8e8badbbba0631839Vinit Deshapnde 894dda5a7152fd6e5933503aba8e8badbbba0631839Vinit Deshapnde value = removeDoubleQuotes(value); 895dda5a7152fd6e5933503aba8e8badbbba0631839Vinit Deshapnde if (value.startsWith(prefix)) { 896dda5a7152fd6e5933503aba8e8badbbba0631839Vinit Deshapnde return value.substring(prefix.length()); 897dda5a7152fd6e5933503aba8e8badbbba0631839Vinit Deshapnde } else { 898dda5a7152fd6e5933503aba8e8badbbba0631839Vinit Deshapnde return value; 899dda5a7152fd6e5933503aba8e8badbbba0631839Vinit Deshapnde } 9009b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 9019b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 9029b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff /** Set a value with an optional prefix at key 9039b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param key into the hash 9049b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param value to be set 9059b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff * @param prefix an optional value to be prefixed to actual value 906ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde * @hide 9079b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff */ 908ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde public void setFieldValue(String key, String value, String prefix) { 9099b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff if (TextUtils.isEmpty(value)) { 910ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(key, EMPTY_VALUE); 9119b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } else { 9129b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff mFields.put(key, convertToQuotedString(prefix + value)); 9139b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 9149b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 9159b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff 916ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde 917ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde /** Set a value with an optional prefix at key 918ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde * @param key into the hash 919ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde * @param value to be set 920ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde * @param prefix an optional value to be prefixed to actual value 921ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde * @hide 922ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde */ 923ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde public void setFieldValue(String key, String value) { 924ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde if (TextUtils.isEmpty(value)) { 925ffadfb9ffdced62db215319d3edc7717802088fbVinit Deshapnde mFields.put(key, EMPTY_VALUE); 926ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde } else { 927ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde mFields.put(key, convertToQuotedString(value)); 928ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde } 929ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde } 930ade8de3c4a021d6b0e753d77be148236af5f39efVinit Deshapnde 9319b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff @Override 9329b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff public String toString() { 9339b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff StringBuffer sb = new StringBuffer(); 9349b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff for (String key : mFields.keySet()) { 9359b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff sb.append(key).append(" ").append(mFields.get(key)).append("\n"); 9369b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 9379b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff return sb.toString(); 9389b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff } 9399b81319002634cf7118055f7aafaa26c27d4e5e8Irfan Sheriff} 940