1abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// 2abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// Copyright (C) 2015 The Android Open Source Project 3abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// 4abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// Licensed under the Apache License, Version 2.0 (the "License"); 5abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// you may not use this file except in compliance with the License. 6abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// You may obtain a copy of the License at 7abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// 8abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// http://www.apache.org/licenses/LICENSE-2.0 9abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// 10abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// Unless required by applicable law or agreed to in writing, software 11abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// distributed under the License is distributed on an "AS IS" BASIS, 12abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// See the License for the specific language governing permissions and 14abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// limitations under the License. 15abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// 16abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 17abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius#include <base/logging.h> 18abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius#include <base/strings/stringprintf.h> 19abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius#include <service_constants.h> 20abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 21abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius#include "proxy_rpc_security_types.h" 22abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius#include "proxy_util.h" 23abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 24abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius// Autotest Server test encodes the object type in this key. 25abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusstatic const char kXmlRpcStructTypeKey[] = "xmlrpc_struct_type_key"; 26abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char SecurityConfig::kDefaultSecurity[] = "none"; 27abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst int WPAConfig::kMaxPskSize = 64; 28abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char EAPConfig::kDefaultEapUsers[] = "* TLS"; 29abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char EAPConfig::kDefaultEAPIdentity[] = "brillo"; 30abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusint EAPConfig::last_tmp_id = 8800; 31abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst int DynamicWEPConfig::kDefaultKeyPeriod = 20; 32abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kTTLSPrefix[] = "TTLS-"; 33abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kLayer1TypePEAP[] = "PEAP"; 34abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kLayer1TypeTTLS[] = "TTLS"; 35abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kLayer2TypeGTC[] = "GTC"; 36abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kLayer2TypeMSCHAPV2[] = "MSCHAPV2"; 37abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kLayer2TypeMD5[] = "MD5"; 38abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kLayer2TypeTTLSMSCHAPV2[] = "TTLS-MSCHAPV2"; 39abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kLayer2TypeTTLSMSCHAP[] = "TTLS-MSCHAP"; 40abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusconst char Tunneled1xConfig::kLayer2TypeTTLSPAP[] = "TTLS-PAP"; 41abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 42abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusstd::unique_ptr<SecurityConfig> SecurityConfig::CreateSecurityConfigObject( 43abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius XmlRpc::XmlRpcValue* xml_rpc_value_in) { 44abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius const std::string& security_type = (*xml_rpc_value_in)[kXmlRpcStructTypeKey]; 45abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius if (security_type == "SecurityConfig") { 46abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius return std::unique_ptr<SecurityConfig>(new SecurityConfig(xml_rpc_value_in)); 47abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius } 48abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius if (security_type == "WEPConfig") { 49abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius return std::unique_ptr<SecurityConfig>(new WEPConfig(xml_rpc_value_in)); 50abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius } 51abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius if (security_type == "WPAConfig") { 52abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius return std::unique_ptr<SecurityConfig>(new WPAConfig(xml_rpc_value_in)); 53abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius } 54abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius LOG(FATAL) << "Unexpected object received. Received: " << security_type; 55abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius return nullptr; 56abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius} 57abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 58abb515e84150d7a3189f96630907ab1190d75ea4Roshan PiusSecurityConfig::SecurityConfig( 59abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius XmlRpc::XmlRpcValue* xml_rpc_value_in) { 60abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetStringValueFromXmlRpcValueStructMember( 61abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "security", kDefaultSecurity, &security_); 62abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius} 63abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 64abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusvoid SecurityConfig::GetServiceProperties(brillo::VariantDictionary* properties) { 65abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius // The base class represents a connection with no security. So, no security 66abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius // properties to be sent to Shill. 67abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius} 68abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 69abb515e84150d7a3189f96630907ab1190d75ea4Roshan PiusWEPConfig::WEPConfig(XmlRpc::XmlRpcValue* xml_rpc_value_in) 70abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius : SecurityConfig::SecurityConfig(xml_rpc_value_in) { 71abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetStringVectorFromXmlRpcValueStructMember( 72abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "wep_keys", std::vector<std::string>(), &wep_keys_); 73abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetIntValueFromXmlRpcValueStructMember( 74abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "wep_default_key", 0, &wep_default_key_index_); 75abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetIntValueFromXmlRpcValueStructMember( 76abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "auth_algorithm", (int)kAuthAlgorithmTypeDefault, 77abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius &auth_algorithm_); 78abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius if (wep_default_key_index_ > static_cast<int>(wep_keys_.size())) { 79abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius LOG(FATAL) << "Error in received wep_default_key: " 80abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius << wep_default_key_index_; 81abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius } 82abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius} 83abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 84abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusvoid WEPConfig::GetServiceProperties(brillo::VariantDictionary* properties) { 85abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius std::string passphrase = base::StringPrintf( 86abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius "%d:%s", wep_default_key_index_, 87abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius wep_keys_[wep_default_key_index_].c_str()); 88abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius (*properties)[shill::kPassphraseProperty] = passphrase; 89abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius} 90abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 91abb515e84150d7a3189f96630907ab1190d75ea4Roshan PiusWPAConfig::WPAConfig(XmlRpc::XmlRpcValue* xml_rpc_value_in) 92abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius : SecurityConfig::SecurityConfig(xml_rpc_value_in) { 93abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetStringValueFromXmlRpcValueStructMember( 94abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "psk", std::string(), &psk_); 95abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetIntValueFromXmlRpcValueStructMember( 96abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "wpa_mode", kWpaModeDefault, &wpa_mode_); 97abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetStringVectorFromXmlRpcValueStructMember( 98abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "wpa_ciphers", std::vector<std::string>(), 99abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius &wpa_ciphers_); 100abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetStringVectorFromXmlRpcValueStructMember( 101abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "wpa2_ciphers", std::vector<std::string>(), 102abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius &wpa2_ciphers_); 103abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetIntValueFromXmlRpcValueStructMember( 104abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "wpa_ptk_rekey_period", 0, 105abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius &wpa_ptk_rekey_period_seconds_); 106abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetIntValueFromXmlRpcValueStructMember( 107abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "wpa_gtk_rekey_period", 0, 108abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius &wpa_gtk_rekey_period_seconds_); 109abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetIntValueFromXmlRpcValueStructMember( 110abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "wpa_gmk_rekey_period", 0, 111abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius &wpa_gmk_rekey_period_seconds_); 112abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius GetBoolValueFromXmlRpcValueStructMember( 113abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius xml_rpc_value_in, "use_strict_rekey", 0, &use_strict_rekey_); 114abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 115abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius if (psk_.size() > kMaxPskSize) { 116abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius LOG(FATAL) << "WPA passphrases can be no longer than 63 characters" 117abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius "(or 64 hex digits). PSK: " << psk_; 118abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius } 119abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius if ((psk_.size() == kMaxPskSize) && 120abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius (psk_.find_first_not_of("0123456789abcdef") != std::string::npos)) { 121abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius LOG(FATAL) << "Invalid PSK: " << psk_; 122abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius } 123abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius} 124abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius 125abb515e84150d7a3189f96630907ab1190d75ea4Roshan Piusvoid WPAConfig::GetServiceProperties(brillo::VariantDictionary* properties) { 126abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius (*properties)[shill::kPassphraseProperty] = psk_; 127abb515e84150d7a3189f96630907ab1190d75ea4Roshan Pius} 128