diff options
| author | Jan Nordqvist <jannq@google.com> | 2015-04-17 12:19:17 -0700 |
|---|---|---|
| committer | Vinit Deshpande <vinitd@google.com> | 2015-04-17 21:22:37 +0000 |
| commit | c91bc62f2bdca18c0ed96a740cbaa0383ea2860a (patch) | |
| tree | 82b9be285fa464dde299fe5b8f84f0ac1d7aa356 /wifi | |
| parent | 6593256e785df3f16e57097d529fcb26f92b55e3 (diff) | |
| download | frameworks_base-c91bc62f2bdca18c0ed96a740cbaa0383ea2860a.zip frameworks_base-c91bc62f2bdca18c0ed96a740cbaa0383ea2860a.tar.gz frameworks_base-c91bc62f2bdca18c0ed96a740cbaa0383ea2860a.tar.bz2 | |
Added setDomSuffixMatch for AAA cert suffix matching.
Change-Id: I112399d2ce3d940ccf4451477b3b4edb93010b42
Diffstat (limited to 'wifi')
| -rw-r--r-- | wifi/java/android/net/wifi/WifiEnterpriseConfig.java | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/wifi/java/android/net/wifi/WifiEnterpriseConfig.java b/wifi/java/android/net/wifi/WifiEnterpriseConfig.java index 6917971..bee07ab 100644 --- a/wifi/java/android/net/wifi/WifiEnterpriseConfig.java +++ b/wifi/java/android/net/wifi/WifiEnterpriseConfig.java @@ -56,6 +56,8 @@ public class WifiEnterpriseConfig implements Parcelable { /** @hide */ public static final String ALTSUBJECT_MATCH_KEY = "altsubject_match"; /** @hide */ + public static final String DOM_SUFFIX_MATCH_KEY = "domain_suffix_match"; + /** @hide */ public static final String OPP_KEY_CACHING = "proactive_key_caching"; /** * String representing the keystore OpenSSL ENGINE's ID. @@ -577,6 +579,36 @@ public class WifiEnterpriseConfig implements Parcelable { } /** + * Set the domain_suffix_match directive on wpa_supplicant. This is the parameter to use + * for Hotspot 2.0 defined matching of AAA server certs per WFA HS2.0 spec, section 7.3.3.2, + * second paragraph. + * + * From wpa_supplicant documentation: + * Constraint for server domain name. If set, this FQDN is used as a suffix match requirement + * for the AAAserver certificate in SubjectAltName dNSName element(s). If a matching dNSName is + * found, this constraint is met. If no dNSName values are present, this constraint is matched + * against SubjectName CN using same suffix match comparison. + * Suffix match here means that the host/domain name is compared one label at a time starting + * from the top-level domain and all the labels in domain_suffix_match shall be included in the + * certificate. The certificate may include additional sub-level labels in addition to the + * required labels. + * For example, domain_suffix_match=example.com would match test.example.com but would not + * match test-example.com. + * @param domain The domain value + */ + public void setDomSuffixMatch(String domain) { + setFieldValue(DOM_SUFFIX_MATCH_KEY, domain); + } + + /** + * Get the domain_suffix_match value. See setDomSuffixMatch. + * @return The domain value. + */ + public String getDomSubjectMatch() { + return getFieldValue(DOM_SUFFIX_MATCH_KEY, ""); + } + + /** * Set realm for passpoint credential * @param realm the realm */ |