1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
|
/*
* Copyright (C) 2013 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.net.wifi;
import android.os.Parcel;
import android.os.Parcelable;
import android.security.Credentials;
import android.text.TextUtils;
import java.io.ByteArrayInputStream;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
/**
* Enterprise configuration details for Wi-Fi. Stores details about the EAP method
* and any associated credentials.
*/
public class WifiEnterpriseConfig implements Parcelable {
/** @hide */
public static final String EMPTY_VALUE = "NULL";
/** @hide */
public static final String EAP_KEY = "eap";
/** @hide */
public static final String PHASE2_KEY = "phase2";
/** @hide */
public static final String IDENTITY_KEY = "identity";
/** @hide */
public static final String ANON_IDENTITY_KEY = "anonymous_identity";
/** @hide */
public static final String PASSWORD_KEY = "password";
/** @hide */
public static final String SUBJECT_MATCH_KEY = "subject_match";
/** @hide */
public static final String ALTSUBJECT_MATCH_KEY = "altsubject_match";
/** @hide */
public static final String DOM_SUFFIX_MATCH_KEY = "domain_suffix_match";
/** @hide */
public static final String OPP_KEY_CACHING = "proactive_key_caching";
/**
* String representing the keystore OpenSSL ENGINE's ID.
* @hide
*/
public static final String ENGINE_ID_KEYSTORE = "keystore";
/**
* String representing the keystore URI used for wpa_supplicant.
* @hide
*/
public static final String KEYSTORE_URI = "keystore://";
/**
* String to set the engine value to when it should be enabled.
* @hide
*/
public static final String ENGINE_ENABLE = "1";
/**
* String to set the engine value to when it should be disabled.
* @hide
*/
public static final String ENGINE_DISABLE = "0";
/** @hide */
public static final String CA_CERT_PREFIX = KEYSTORE_URI + Credentials.CA_CERTIFICATE;
/** @hide */
public static final String CLIENT_CERT_PREFIX = KEYSTORE_URI + Credentials.USER_CERTIFICATE;
/** @hide */
public static final String CLIENT_CERT_KEY = "client_cert";
/** @hide */
public static final String CA_CERT_KEY = "ca_cert";
/** @hide */
public static final String ENGINE_KEY = "engine";
/** @hide */
public static final String ENGINE_ID_KEY = "engine_id";
/** @hide */
public static final String PRIVATE_KEY_ID_KEY = "key_id";
/** @hide */
public static final String REALM_KEY = "realm";
/** @hide */
public static final String PLMN_KEY = "plmn";
/** @hide */
public static final String PHASE1_KEY = "phase1";
/** {@hide} */
public static final String ENABLE_TLS_1_2 = "\"tls_disable_tlsv1_2=0\"";
/** {@hide} */
public static final String DISABLE_TLS_1_2 = "\"tls_disable_tlsv1_2=1\"";
private HashMap<String, String> mFields = new HashMap<String, String>();
//By default, we enable TLS1.2. However, due to a known bug on some radius, we may disable it to
// fall back to TLS 1.1.
private boolean mTls12Enable = true;
private X509Certificate mCaCert;
private PrivateKey mClientPrivateKey;
private X509Certificate mClientCertificate;
public WifiEnterpriseConfig() {
// Do not set defaults so that the enterprise fields that are not changed
// by API are not changed underneath
// This is essential because an app may not have all fields like password
// available. It allows modification of subset of fields.
}
/** Copy constructor */
public WifiEnterpriseConfig(WifiEnterpriseConfig source) {
for (String key : source.mFields.keySet()) {
mFields.put(key, source.mFields.get(key));
}
}
@Override
public int describeContents() {
return 0;
}
@Override
public void writeToParcel(Parcel dest, int flags) {
dest.writeInt(mFields.size());
for (Map.Entry<String, String> entry : mFields.entrySet()) {
dest.writeString(entry.getKey());
dest.writeString(entry.getValue());
}
writeCertificate(dest, mCaCert);
if (mClientPrivateKey != null) {
String algorithm = mClientPrivateKey.getAlgorithm();
byte[] userKeyBytes = mClientPrivateKey.getEncoded();
dest.writeInt(userKeyBytes.length);
dest.writeByteArray(userKeyBytes);
dest.writeString(algorithm);
} else {
dest.writeInt(0);
}
writeCertificate(dest, mClientCertificate);
dest.writeInt(mTls12Enable ? 1: 0);
}
private void writeCertificate(Parcel dest, X509Certificate cert) {
if (cert != null) {
try {
byte[] certBytes = cert.getEncoded();
dest.writeInt(certBytes.length);
dest.writeByteArray(certBytes);
} catch (CertificateEncodingException e) {
dest.writeInt(0);
}
} else {
dest.writeInt(0);
}
}
public static final Creator<WifiEnterpriseConfig> CREATOR =
new Creator<WifiEnterpriseConfig>() {
public WifiEnterpriseConfig createFromParcel(Parcel in) {
WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();
int count = in.readInt();
for (int i = 0; i < count; i++) {
String key = in.readString();
String value = in.readString();
enterpriseConfig.mFields.put(key, value);
}
enterpriseConfig.mCaCert = readCertificate(in);
PrivateKey userKey = null;
int len = in.readInt();
if (len > 0) {
try {
byte[] bytes = new byte[len];
in.readByteArray(bytes);
String algorithm = in.readString();
KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
userKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes));
} catch (NoSuchAlgorithmException e) {
userKey = null;
} catch (InvalidKeySpecException e) {
userKey = null;
}
}
enterpriseConfig.mClientPrivateKey = userKey;
enterpriseConfig.mClientCertificate = readCertificate(in);
enterpriseConfig.mTls12Enable = (in.readInt() == 1);
return enterpriseConfig;
}
private X509Certificate readCertificate(Parcel in) {
X509Certificate cert = null;
int len = in.readInt();
if (len > 0) {
try {
byte[] bytes = new byte[len];
in.readByteArray(bytes);
CertificateFactory cFactory = CertificateFactory.getInstance("X.509");
cert = (X509Certificate) cFactory
.generateCertificate(new ByteArrayInputStream(bytes));
} catch (CertificateException e) {
cert = null;
}
}
return cert;
}
public WifiEnterpriseConfig[] newArray(int size) {
return new WifiEnterpriseConfig[size];
}
};
/** The Extensible Authentication Protocol method used */
public static final class Eap {
/** No EAP method used. Represents an empty config */
public static final int NONE = -1;
/** Protected EAP */
public static final int PEAP = 0;
/** EAP-Transport Layer Security */
public static final int TLS = 1;
/** EAP-Tunneled Transport Layer Security */
public static final int TTLS = 2;
/** EAP-Password */
public static final int PWD = 3;
/** EAP-Subscriber Identity Module */
public static final int SIM = 4;
/** EAP-Authentication and Key Agreement */
public static final int AKA = 5;
/** EAP-Authentication and Key Agreement Prime */
public static final int AKA_PRIME = 6;
/** @hide */
public static final String[] strings = { "PEAP", "TLS", "TTLS", "PWD", "SIM", "AKA", "AKA'" };
/** Prevent initialization */
private Eap() {}
}
/** The inner authentication method used */
public static final class Phase2 {
public static final int NONE = 0;
/** Password Authentication Protocol */
public static final int PAP = 1;
/** Microsoft Challenge Handshake Authentication Protocol */
public static final int MSCHAP = 2;
/** Microsoft Challenge Handshake Authentication Protocol v2 */
public static final int MSCHAPV2 = 3;
/** Generic Token Card */
public static final int GTC = 4;
private static final String PREFIX = "auth=";
/** @hide */
public static final String[] strings = {EMPTY_VALUE, "PAP", "MSCHAP",
"MSCHAPV2", "GTC" };
/** Prevent initialization */
private Phase2() {}
}
/** Internal use only
* @hide
*/
public HashMap<String, String> getFields() {
return mFields;
}
/**
* Set the EAP authentication method.
* @param eapMethod is one {@link Eap#PEAP}, {@link Eap#TLS}, {@link Eap#TTLS} or
* {@link Eap#PWD}
* @throws IllegalArgumentException on an invalid eap method
*/
public void setEapMethod(int eapMethod) {
switch (eapMethod) {
/** Valid methods */
case Eap.TLS:
setPhase2Method(Phase2.NONE);
/* fall through */
case Eap.PEAP:
case Eap.PWD:
case Eap.TTLS:
case Eap.SIM:
case Eap.AKA:
case Eap.AKA_PRIME:
mFields.put(EAP_KEY, Eap.strings[eapMethod]);
mFields.put(OPP_KEY_CACHING, "1");
break;
default:
throw new IllegalArgumentException("Unknown EAP method");
}
}
/**
* Set the TLS version
* @param enable: true -- enable TLS1.2 false -- disable TLS1.2
* @hide
*/
public void setTls12Enable(boolean enable) {
mTls12Enable = enable;
mFields.put(PHASE1_KEY,
enable ? ENABLE_TLS_1_2 : DISABLE_TLS_1_2);
}
/**
* Get the TLS1.2 enabled or not
* @return eap method configured
* @hide
*/
public boolean getTls12Enable() {
return mTls12Enable;
}
/**
* Get the eap method.
* @return eap method configured
*/
public int getEapMethod() {
String eapMethod = mFields.get(EAP_KEY);
return getStringIndex(Eap.strings, eapMethod, Eap.NONE);
}
/**
* Set Phase 2 authentication method. Sets the inner authentication method to be used in
* phase 2 after setting up a secure channel
* @param phase2Method is the inner authentication method and can be one of {@link Phase2#NONE},
* {@link Phase2#PAP}, {@link Phase2#MSCHAP}, {@link Phase2#MSCHAPV2},
* {@link Phase2#GTC}
* @throws IllegalArgumentException on an invalid phase2 method
*
*/
public void setPhase2Method(int phase2Method) {
switch (phase2Method) {
case Phase2.NONE:
mFields.put(PHASE2_KEY, EMPTY_VALUE);
break;
/** Valid methods */
case Phase2.PAP:
case Phase2.MSCHAP:
case Phase2.MSCHAPV2:
case Phase2.GTC:
mFields.put(PHASE2_KEY, convertToQuotedString(
Phase2.PREFIX + Phase2.strings[phase2Method]));
break;
default:
throw new IllegalArgumentException("Unknown Phase 2 method");
}
}
/**
* Get the phase 2 authentication method.
* @return a phase 2 method defined at {@link Phase2}
* */
public int getPhase2Method() {
String phase2Method = removeDoubleQuotes(mFields.get(PHASE2_KEY));
// Remove auth= prefix
if (phase2Method.startsWith(Phase2.PREFIX)) {
phase2Method = phase2Method.substring(Phase2.PREFIX.length());
}
return getStringIndex(Phase2.strings, phase2Method, Phase2.NONE);
}
/**
* Set the identity
* @param identity
*/
public void setIdentity(String identity) {
setFieldValue(IDENTITY_KEY, identity, "");
}
/**
* Get the identity
* @return the identity
*/
public String getIdentity() {
return getFieldValue(IDENTITY_KEY, "");
}
/**
* Set anonymous identity. This is used as the unencrypted identity with
* certain EAP types
* @param anonymousIdentity the anonymous identity
*/
public void setAnonymousIdentity(String anonymousIdentity) {
setFieldValue(ANON_IDENTITY_KEY, anonymousIdentity, "");
}
/** Get the anonymous identity
* @return anonymous identity
*/
public String getAnonymousIdentity() {
return getFieldValue(ANON_IDENTITY_KEY, "");
}
/**
* Set the password.
* @param password the password
*/
public void setPassword(String password) {
setFieldValue(PASSWORD_KEY, password, "");
}
/**
* Get the password.
*
* Returns locally set password value. For networks fetched from
* framework, returns "*".
*/
public String getPassword() {
return getFieldValue(PASSWORD_KEY, "");
}
/**
* Set CA certificate alias.
*
* <p> See the {@link android.security.KeyChain} for details on installing or choosing
* a certificate
* </p>
* @param alias identifies the certificate
* @hide
*/
public void setCaCertificateAlias(String alias) {
setFieldValue(CA_CERT_KEY, alias, CA_CERT_PREFIX);
}
/**
* Get CA certificate alias
* @return alias to the CA certificate
* @hide
*/
public String getCaCertificateAlias() {
return getFieldValue(CA_CERT_KEY, CA_CERT_PREFIX);
}
/**
* Specify a X.509 certificate that identifies the server.
*
* <p>A default name is automatically assigned to the certificate and used
* with this configuration. The framework takes care of installing the
* certificate when the config is saved and removing the certificate when
* the config is removed.
*
* @param cert X.509 CA certificate
* @throws IllegalArgumentException if not a CA certificate
*/
public void setCaCertificate(X509Certificate cert) {
if (cert != null) {
if (cert.getBasicConstraints() >= 0) {
mCaCert = cert;
} else {
throw new IllegalArgumentException("Not a CA certificate");
}
} else {
mCaCert = null;
}
}
/**
* Get CA certificate
* @return X.509 CA certificate
*/
public X509Certificate getCaCertificate() {
return mCaCert;
}
/**
* @hide
*/
public void resetCaCertificate() {
mCaCert = null;
}
/** Set Client certificate alias.
*
* <p> See the {@link android.security.KeyChain} for details on installing or choosing
* a certificate
* </p>
* @param alias identifies the certificate
* @hide
*/
public void setClientCertificateAlias(String alias) {
setFieldValue(CLIENT_CERT_KEY, alias, CLIENT_CERT_PREFIX);
setFieldValue(PRIVATE_KEY_ID_KEY, alias, Credentials.USER_PRIVATE_KEY);
// Also, set engine parameters
if (TextUtils.isEmpty(alias)) {
mFields.put(ENGINE_KEY, ENGINE_DISABLE);
mFields.put(ENGINE_ID_KEY, EMPTY_VALUE);
} else {
mFields.put(ENGINE_KEY, ENGINE_ENABLE);
mFields.put(ENGINE_ID_KEY, convertToQuotedString(ENGINE_ID_KEYSTORE));
}
}
/**
* Get client certificate alias
* @return alias to the client certificate
* @hide
*/
public String getClientCertificateAlias() {
return getFieldValue(CLIENT_CERT_KEY, CLIENT_CERT_PREFIX);
}
/**
* Specify a private key and client certificate for client authorization.
*
* <p>A default name is automatically assigned to the key entry and used
* with this configuration. The framework takes care of installing the
* key entry when the config is saved and removing the key entry when
* the config is removed.
* @param privateKey
* @param clientCertificate
* @throws IllegalArgumentException for an invalid key or certificate.
*/
public void setClientKeyEntry(PrivateKey privateKey, X509Certificate clientCertificate) {
if (clientCertificate != null) {
if (clientCertificate.getBasicConstraints() != -1) {
throw new IllegalArgumentException("Cannot be a CA certificate");
}
if (privateKey == null) {
throw new IllegalArgumentException("Client cert without a private key");
}
if (privateKey.getEncoded() == null) {
throw new IllegalArgumentException("Private key cannot be encoded");
}
}
mClientPrivateKey = privateKey;
mClientCertificate = clientCertificate;
}
/**
* Get client certificate
*
* @return X.509 client certificate
*/
public X509Certificate getClientCertificate() {
return mClientCertificate;
}
/**
* @hide
*/
public void resetClientKeyEntry() {
mClientPrivateKey = null;
mClientCertificate = null;
}
/**
* @hide
*/
public PrivateKey getClientPrivateKey() {
return mClientPrivateKey;
}
/**
* Set subject match (deprecated). This is the substring to be matched against the subject of
* the authentication server certificate.
* @param subjectMatch substring to be matched
* @deprecated in favor of altSubjectMatch
*/
public void setSubjectMatch(String subjectMatch) {
setFieldValue(SUBJECT_MATCH_KEY, subjectMatch, "");
}
/**
* Get subject match (deprecated)
* @return the subject match string
* @deprecated in favor of altSubjectMatch
*/
public String getSubjectMatch() {
return getFieldValue(SUBJECT_MATCH_KEY, "");
}
/**
* Set alternate subject match. This is the substring to be matched against the
* alternate subject of the authentication server certificate.
* @param altSubjectMatch substring to be matched, for example
* DNS:server.example.com;EMAIL:server@example.com
*/
public void setAltSubjectMatch(String altSubjectMatch) {
setFieldValue(ALTSUBJECT_MATCH_KEY, altSubjectMatch, "");
}
/**
* Get alternate subject match
* @return the alternate subject match string
*/
public String getAltSubjectMatch() {
return getFieldValue(ALTSUBJECT_MATCH_KEY, "");
}
/**
* Set the domain_suffix_match directive on wpa_supplicant. This is the parameter to use
* for Hotspot 2.0 defined matching of AAA server certs per WFA HS2.0 spec, section 7.3.3.2,
* second paragraph.
*
* From wpa_supplicant documentation:
* Constraint for server domain name. If set, this FQDN is used as a suffix match requirement
* for the AAAserver certificate in SubjectAltName dNSName element(s). If a matching dNSName is
* found, this constraint is met. If no dNSName values are present, this constraint is matched
* against SubjectName CN using same suffix match comparison.
* Suffix match here means that the host/domain name is compared one label at a time starting
* from the top-level domain and all the labels in domain_suffix_match shall be included in the
* certificate. The certificate may include additional sub-level labels in addition to the
* required labels.
* For example, domain_suffix_match=example.com would match test.example.com but would not
* match test-example.com.
* @param domain The domain value
*/
public void setDomainSuffixMatch(String domain) {
setFieldValue(DOM_SUFFIX_MATCH_KEY, domain);
}
/**
* Get the domain_suffix_match value. See setDomSuffixMatch.
* @return The domain value.
*/
public String getDomainSuffixMatch() {
return getFieldValue(DOM_SUFFIX_MATCH_KEY, "");
}
/**
* Set realm for passpoint credential; realm identifies a set of networks where your
* passpoint credential can be used
* @param realm the realm
*/
public void setRealm(String realm) {
setFieldValue(REALM_KEY, realm, "");
}
/**
* Get realm for passpoint credential; see {@link #setRealm(String)} for more information
* @return the realm
*/
public String getRealm() {
return getFieldValue(REALM_KEY, "");
}
/**
* Set plmn (Public Land Mobile Network) of the provider of passpoint credential
* @param plmn the plmn value derived from mcc (mobile country code) & mnc (mobile network code)
*/
public void setPlmn(String plmn) {
setFieldValue(PLMN_KEY, plmn, "");
}
/**
* Get plmn (Public Land Mobile Network) for passpoint credential; see {@link #setPlmn
* (String)} for more information
* @return the plmn
*/
public String getPlmn() {
return getFieldValue(PLMN_KEY, "");
}
/** See {@link WifiConfiguration#getKeyIdForCredentials} @hide */
String getKeyId(WifiEnterpriseConfig current) {
String eap = mFields.get(EAP_KEY);
String phase2 = mFields.get(PHASE2_KEY);
// If either eap or phase2 are not initialized, use current config details
if (TextUtils.isEmpty((eap))) {
eap = current.mFields.get(EAP_KEY);
}
if (TextUtils.isEmpty(phase2)) {
phase2 = current.mFields.get(PHASE2_KEY);
}
return eap + "_" + phase2;
}
private String removeDoubleQuotes(String string) {
if (TextUtils.isEmpty(string)) return "";
int length = string.length();
if ((length > 1) && (string.charAt(0) == '"')
&& (string.charAt(length - 1) == '"')) {
return string.substring(1, length - 1);
}
return string;
}
private String convertToQuotedString(String string) {
return "\"" + string + "\"";
}
/** Returns the index at which the toBeFound string is found in the array.
* @param arr array of strings
* @param toBeFound string to be found
* @param defaultIndex default index to be returned when string is not found
* @return the index into array
*/
private int getStringIndex(String arr[], String toBeFound, int defaultIndex) {
if (TextUtils.isEmpty(toBeFound)) return defaultIndex;
for (int i = 0; i < arr.length; i++) {
if (toBeFound.equals(arr[i])) return i;
}
return defaultIndex;
}
/** Returns the field value for the key.
* @param key into the hash
* @param prefix is the prefix that the value may have
* @return value
* @hide
*/
public String getFieldValue(String key, String prefix) {
String value = mFields.get(key);
// Uninitialized or known to be empty after reading from supplicant
if (TextUtils.isEmpty(value) || EMPTY_VALUE.equals(value)) return "";
value = removeDoubleQuotes(value);
if (value.startsWith(prefix)) {
return value.substring(prefix.length());
} else {
return value;
}
}
/** Set a value with an optional prefix at key
* @param key into the hash
* @param value to be set
* @param prefix an optional value to be prefixed to actual value
* @hide
*/
public void setFieldValue(String key, String value, String prefix) {
if (TextUtils.isEmpty(value)) {
mFields.put(key, EMPTY_VALUE);
} else {
mFields.put(key, convertToQuotedString(prefix + value));
}
}
/** Set a value with an optional prefix at key
* @param key into the hash
* @param value to be set
* @param prefix an optional value to be prefixed to actual value
* @hide
*/
public void setFieldValue(String key, String value) {
if (TextUtils.isEmpty(value)) {
mFields.put(key, EMPTY_VALUE);
} else {
mFields.put(key, convertToQuotedString(value));
}
}
@Override
public String toString() {
StringBuffer sb = new StringBuffer();
for (String key : mFields.keySet()) {
// Don't display password in toString().
String value = PASSWORD_KEY.equals(key) ? "<removed>" : mFields.get(key);
sb.append(key).append(" ").append(value).append("\n");
}
return sb.toString();
}
}
|
