# Print output for @column tags ?>
public
class
WifiEnterpriseConfig
extends Object
implements
Parcelable
java.lang.Object | |
↳ | android.net.wifi.WifiEnterpriseConfig |
Enterprise configuration details for Wi-Fi. Stores details about the EAP method and any associated credentials.
Nested classes | |
---|---|
class |
WifiEnterpriseConfig.Eap
The Extensible Authentication Protocol method used |
class |
WifiEnterpriseConfig.Phase2
The inner authentication method used |
Constants | |
---|---|
String |
EXTRA_WAPI_AS_CERTIFICATE_DATA
Intent extra: data for WAPI AS certificates |
String |
EXTRA_WAPI_AS_CERTIFICATE_NAME
Intent extra: name for WAPI AS certificates |
String |
EXTRA_WAPI_USER_CERTIFICATE_DATA
Intent extra: data for WAPI USER certificates |
String |
EXTRA_WAPI_USER_CERTIFICATE_NAME
Intent extra: name for WAPI USER certificates |
String |
WAPI_AS_CERTIFICATE
Key prefix for WAPI AS certificates. |
String |
WAPI_USER_CERTIFICATE
Key prefix for WAPI user certificates. |
Inherited constants |
---|
Fields | |
---|---|
public
static
final
Creator<WifiEnterpriseConfig> |
CREATOR
|
Public constructors | |
---|---|
WifiEnterpriseConfig()
|
|
WifiEnterpriseConfig(WifiEnterpriseConfig source)
Copy constructor. |
Public methods | |
---|---|
int
|
describeContents()
Describe the kinds of special objects contained in this Parcelable instance's marshaled representation. |
String
|
getAltSubjectMatch()
Get alternate subject match |
String
|
getAnonymousIdentity()
Get the anonymous identity |
X509Certificate
|
getCaCertificate()
Get CA certificate. |
X509Certificate[]
|
getCaCertificates()
Get CA certificates. |
X509Certificate
|
getClientCertificate()
Get client certificate |
X509Certificate[]
|
getClientCertificateChain()
Get the complete client certificate chain in the same order as it was last supplied. |
PrivateKey
|
getClientPrivateKey()
Get the client private key as supplied in |
String
|
getDomainSuffixMatch()
Get the domain_suffix_match value. |
int
|
getEapMethod()
Get the eap method. |
String
|
getIdentity()
Get the identity |
String
|
getPassword()
Get the password. |
int
|
getPhase2Method()
Get the phase 2 authentication method. |
String
|
getPlmn()
Get plmn (Public Land Mobile Network) for Passpoint credential; see |
String
|
getRealm()
Get realm for Passpoint credential; see |
String
|
getSubjectMatch()
This method is deprecated. in favor of altSubjectMatch |
boolean
|
isAuthenticationSimBased()
Utility method to determine whether the configuration's authentication method is SIM-based. |
void
|
setAltSubjectMatch(String altSubjectMatch)
Set alternate subject match. |
void
|
setAnonymousIdentity(String anonymousIdentity)
Set anonymous identity. |
void
|
setCaCertificate(X509Certificate cert)
Specify a X.509 certificate that identifies the server. |
void
|
setCaCertificates(X509Certificate[] certs)
Specify a list of X.509 certificates that identifies the server. |
void
|
setClientKeyEntry(PrivateKey privateKey, X509Certificate clientCertificate)
Specify a private key and client certificate for client authorization. |
void
|
setClientKeyEntryWithCertificateChain(PrivateKey privateKey, X509Certificate[] clientCertificateChain)
Specify a private key and client certificate chain for client authorization. |
void
|
setDomainSuffixMatch(String domain)
Set the domain_suffix_match directive on wpa_supplicant. |
void
|
setEapMethod(int eapMethod)
Set the EAP authentication method. |
void
|
setIdentity(String identity)
Set the identity |
void
|
setPassword(String password)
Set the password. |
void
|
setPhase2Method(int phase2Method)
Set Phase 2 authentication method. |
void
|
setPlmn(String plmn)
Set plmn (Public Land Mobile Network) of the provider of Passpoint credential |
void
|
setRealm(String realm)
Set realm for Passpoint credential; realm identifies a set of networks where your Passpoint credential can be used |
void
|
setSubjectMatch(String subjectMatch)
This method is deprecated. in favor of altSubjectMatch |
String
|
toString()
Returns a string representation of the object. |
void
|
writeToParcel(Parcel dest, int flags)
Flatten this object in to a Parcel. |
Inherited methods | |
---|---|
public static final String EXTRA_WAPI_AS_CERTIFICATE_DATA
Intent extra: data for WAPI AS certificates
Constant Value: "android.net.wifi.extra.WAPI_AS_CERTIFICATE_DATA"
public static final String EXTRA_WAPI_AS_CERTIFICATE_NAME
Intent extra: name for WAPI AS certificates
Constant Value: "android.net.wifi.extra.WAPI_AS_CERTIFICATE_NAME"
public static final String EXTRA_WAPI_USER_CERTIFICATE_DATA
Intent extra: data for WAPI USER certificates
Constant Value: "android.net.wifi.extra.WAPI_USER_CERTIFICATE_DATA"
public static final String EXTRA_WAPI_USER_CERTIFICATE_NAME
Intent extra: name for WAPI USER certificates
Constant Value: "android.net.wifi.extra.WAPI_USER_CERTIFICATE_NAME"
public static final String WAPI_AS_CERTIFICATE
Key prefix for WAPI AS certificates.
Constant Value: "WAPIAS_"
public static final String WAPI_USER_CERTIFICATE
Key prefix for WAPI user certificates.
Constant Value: "WAPIUSR_"
public WifiEnterpriseConfig ()
public WifiEnterpriseConfig (WifiEnterpriseConfig source)
Copy constructor. This copies over all the fields verbatim (does not ignore masked password fields).
Parameters | |
---|---|
source |
WifiEnterpriseConfig : Source WifiEnterpriseConfig object. |
public int describeContents ()
Describe the kinds of special objects contained in this Parcelable
instance's marshaled representation. For example, if the object will
include a file descriptor in the output of writeToParcel(android.os.Parcel, int)
,
the return value of this method must include the
CONTENTS_FILE_DESCRIPTOR
bit.
Returns | |
---|---|
int |
a bitmask indicating the set of special object types marshaled
by this Parcelable object instance.
Value is either 0 or CONTENTS_FILE_DESCRIPTOR |
public String getAltSubjectMatch ()
Get alternate subject match
Returns | |
---|---|
String |
the alternate subject match string |
public String getAnonymousIdentity ()
Get the anonymous identity
Returns | |
---|---|
String |
anonymous identity |
public X509Certificate getCaCertificate ()
Get CA certificate. If multiple CA certificates are configured previously, return the first one.
Returns | |
---|---|
X509Certificate |
X.509 CA certificate
This value may be null . |
public X509Certificate[] getCaCertificates ()
Get CA certificates.
Returns | |
---|---|
X509Certificate[] |
This value may be null . |
public X509Certificate getClientCertificate ()
Get client certificate
Returns | |
---|---|
X509Certificate |
X.509 client certificate |
public X509Certificate[] getClientCertificateChain ()
Get the complete client certificate chain in the same order as it was last supplied.
If the chain was last supplied by a call to
setClientKeyEntry(java.security.PrivateKey, java.security.cert.X509Certificate)
with a non-null * certificate instance, a single-element array containing the certificate
will be * returned. If setClientKeyEntryWithCertificateChain(java.security.PrivateKey, java.security.cert.X509Certificate[])
was last called with a
non-empty array, this array will be returned in the same order as it was supplied.
Otherwise, null
will be returned.
Returns | |
---|---|
X509Certificate[] |
X.509 client certificates |
public PrivateKey getClientPrivateKey ()
Get the client private key as supplied in setClientKeyEntryWithCertificateChain(PrivateKey, X509Certificate[])
, or
null if unset.
Returns | |
---|---|
PrivateKey |
public String getDomainSuffixMatch ()
Get the domain_suffix_match value. See setDomSuffixMatch.
Returns | |
---|---|
String |
The domain value. |
public int getEapMethod ()
Get the eap method.
Returns | |
---|---|
int |
eap method configured |
public String getPassword ()
Get the password. Returns locally set password value. For networks fetched from framework, returns "*".
Returns | |
---|---|
String |
public int getPhase2Method ()
Get the phase 2 authentication method.
Returns | |
---|---|
int |
a phase 2 method defined at Phase2 |
public String getPlmn ()
Get plmn (Public Land Mobile Network) for Passpoint credential; see (java.lang.String)
for more information
Returns | |
---|---|
String |
the plmn |
public String getRealm ()
Get realm for Passpoint credential; see setRealm(java.lang.String)
for more information
Returns | |
---|---|
String |
the realm |
public String getSubjectMatch ()
This method is deprecated.
in favor of altSubjectMatch
Get subject match (deprecated)
Returns | |
---|---|
String |
the subject match string |
public boolean isAuthenticationSimBased ()
Utility method to determine whether the configuration's authentication method is SIM-based.
Returns | |
---|---|
boolean |
true if the credential information requires SIM card for current authentication method, otherwise it returns false. |
public void setAltSubjectMatch (String altSubjectMatch)
Set alternate subject match. This is the substring to be matched against the
alternate subject of the authentication server certificate.
Note: If no alternate subject is set for an Enterprise configuration, either by not calling
this API, or by calling it with null, or not setting domain suffix match using the
setDomainSuffixMatch(java.lang.String)
, then the server certificate validation is incomplete -
which means that the connection is not secure.
Parameters | |
---|---|
altSubjectMatch |
String : substring to be matched, for example
DNS:server.example.com;EMAIL:server@example.com |
public void setAnonymousIdentity (String anonymousIdentity)
Set anonymous identity. This is used as the unencrypted identity with certain EAP types
Parameters | |
---|---|
anonymousIdentity |
String : the anonymous identity |
public void setCaCertificate (X509Certificate cert)
Specify a X.509 certificate that identifies the server.
A default name is automatically assigned to the certificate and used
with this configuration. The framework takes care of installing the
certificate when the config is saved and removing the certificate when
the config is removed.
Note: If no certificate is set for an Enterprise configuration, either by not calling this
API (or the setCaCertificates(java.security.cert.X509Certificate[])
, or by calling it with null, then
the server certificate validation is skipped - which means that the connection is not secure.
Parameters | |
---|---|
cert |
X509Certificate : X.509 CA certificate
This value may be null . |
Throws | |
---|---|
IllegalArgumentException |
if not a CA certificate |
public void setCaCertificates (X509Certificate[] certs)
Specify a list of X.509 certificates that identifies the server. The validation passes if the CA of server certificate matches one of the given certificates.
Default names are automatically assigned to the certificates and used
with this configuration. The framework takes care of installing the
certificates when the config is saved and removing the certificates when
the config is removed.
Note: If no certificates are set for an Enterprise configuration, either by not calling this
API (or the setCaCertificate(java.security.cert.X509Certificate)
, or by calling it with null, then the
server certificate validation is skipped - which means that the
connection is not secure.
Parameters | |
---|---|
certs |
X509Certificate : X.509 CA certificates
This value may be null . |
Throws | |
---|---|
IllegalArgumentException |
if any of the provided certificates is not a CA certificate |
public void setClientKeyEntry (PrivateKey privateKey, X509Certificate clientCertificate)
Specify a private key and client certificate for client authorization.
A default name is automatically assigned to the key entry and used with this configuration. The framework takes care of installing the key entry when the config is saved and removing the key entry when the config is removed.
Parameters | |
---|---|
privateKey |
PrivateKey : a PrivateKey instance for the end certificate. |
clientCertificate |
X509Certificate : an X509Certificate representing the end certificate. |
Throws | |
---|---|
IllegalArgumentException |
for an invalid key or certificate. |
public void setClientKeyEntryWithCertificateChain (PrivateKey privateKey, X509Certificate[] clientCertificateChain)
Specify a private key and client certificate chain for client authorization.
A default name is automatically assigned to the key entry and used with this configuration. The framework takes care of installing the key entry when the config is saved and removing the key entry when the config is removed.
Parameters | |
---|---|
privateKey |
PrivateKey : a PrivateKey instance for the end certificate. |
clientCertificateChain |
X509Certificate : an array of X509Certificate instances which starts with
end certificate and continues with additional CA certificates necessary to
link the end certificate with some root certificate known by the authenticator. |
Throws | |
---|---|
IllegalArgumentException |
for an invalid key or certificate. |
public void setDomainSuffixMatch (String domain)
Set the domain_suffix_match directive on wpa_supplicant. This is the parameter to use for Hotspot 2.0 defined matching of AAA server certs per WFA HS2.0 spec, section 7.3.3.2, second paragraph.
From wpa_supplicant documentation:
Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for the AAAserver certificate in SubjectAltName dNSName element(s). If a matching dNSName is found, this constraint is met.
Suffix match here means that the host/domain name is compared one label at a time starting from the top-level domain and all the labels in domain_suffix_match shall be included in the certificate. The certificate may include additional sub-level labels in addition to the required labels.
More than one match string can be provided by using semicolons to separate the strings (e.g., example.org;example.com). When multiple strings are specified, a match with any one of the values is considered a sufficient match for the certificate, i.e., the conditions are ORed ogether.
For example, domain_suffix_match=example.com would match test.example.com but would not
match test-example.com.
Note: If no domain suffix is set for an Enterprise configuration, either by not calling this
API, or by calling it with null, or not setting alternate subject match using the
setAltSubjectMatch(java.lang.String)
, then the server certificate
validation is incomplete - which means that the connection is not secure.
Parameters | |
---|---|
domain |
String : The domain value |
public void setEapMethod (int eapMethod)
Set the EAP authentication method.
Parameters | |
---|---|
eapMethod |
int : is one Eap#PEAP , Eap#TLS , Eap#TTLS or
Eap#PWD |
Throws | |
---|---|
IllegalArgumentException |
on an invalid eap method |
public void setPassword (String password)
Set the password.
Parameters | |
---|---|
password |
String : the password |
public void setPhase2Method (int phase2Method)
Set Phase 2 authentication method. Sets the inner authentication method to be used in phase 2 after setting up a secure channel
Parameters | |
---|---|
phase2Method |
int : is the inner authentication method and can be one of Phase2#NONE ,
Phase2#PAP , Phase2#MSCHAP , Phase2#MSCHAPV2 ,
Phase2#GTC |
Throws | |
---|---|
IllegalArgumentException |
on an invalid phase2 method |
public void setPlmn (String plmn)
Set plmn (Public Land Mobile Network) of the provider of Passpoint credential
Parameters | |
---|---|
plmn |
String : the plmn value derived from mcc (mobile country code) & mnc (mobile network code) |
public void setRealm (String realm)
Set realm for Passpoint credential; realm identifies a set of networks where your Passpoint credential can be used
Parameters | |
---|---|
realm |
String : the realm |
public void setSubjectMatch (String subjectMatch)
This method is deprecated.
in favor of altSubjectMatch
Set subject match (deprecated). This is the substring to be matched against the subject of the authentication server certificate.
Parameters | |
---|---|
subjectMatch |
String : substring to be matched |
public String toString ()
Returns a string representation of the object. In general, the
toString
method returns a string that
"textually represents" this object. The result should
be a concise but informative representation that is easy for a
person to read.
It is recommended that all subclasses override this method.
The toString
method for class Object
returns a string consisting of the name of the class of which the
object is an instance, the at-sign character `@
', and
the unsigned hexadecimal representation of the hash code of the
object. In other words, this method returns a string equal to the
value of:
getClass().getName() + '@' + Integer.toHexString(hashCode())
Returns | |
---|---|
String |
a string representation of the object. |
public void writeToParcel (Parcel dest, int flags)
Flatten this object in to a Parcel.
Parameters | |
---|---|
dest |
Parcel : The Parcel in which the object should be written. |
flags |
int : Additional flags about how the object should be written.
May be 0 or Parcelable.PARCELABLE_WRITE_RETURN_VALUE .
Value is either 0 or a combination of Parcelable.PARCELABLE_WRITE_RETURN_VALUE , and android.os.Parcelable.PARCELABLE_ELIDE_DUPLICATES |