1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package com.googlecode.android_scripting.facade;
18 
19 import java.util.ArrayList;
20 import java.util.List;
21 
22 import org.json.JSONObject;
23 
24 import com.android.internal.net.LegacyVpnInfo;
25 import com.android.internal.net.VpnConfig;
26 import com.android.internal.net.VpnProfile;
27 import com.android.internal.util.ArrayUtils;
28 import com.google.android.collect.Lists;
29 import com.googlecode.android_scripting.jsonrpc.RpcReceiver;
30 import com.googlecode.android_scripting.rpc.Rpc;
31 import com.googlecode.android_scripting.rpc.RpcParameter;
32 
33 import android.app.Service;
34 import android.content.Context;
35 import android.net.IConnectivityManager;
36 import android.os.RemoteException;
37 import android.os.ServiceManager;
38 import android.security.Credentials;
39 import android.security.KeyStore;
40 
41 /**
42  * Access NFC functions.
43  */
44 public class VpnFacade extends RpcReceiver {
45 
46     private final Service mService;
47     private final IConnectivityManager mConService;
48     private CertInstallerHelper mCertHelper;
49 
VpnFacade(FacadeManager manager)50     public VpnFacade(FacadeManager manager) {
51         super(manager);
52         mService = manager.getService();
53         mCertHelper = new CertInstallerHelper();
54         mConService = IConnectivityManager.Stub
55                 .asInterface(ServiceManager.getService(Context.CONNECTIVITY_SERVICE));
56     }
57 
loadVpnProfiles(KeyStore keyStore, int... excludeTypes)58     static List<VpnProfile> loadVpnProfiles(KeyStore keyStore, int... excludeTypes) {
59         final ArrayList<VpnProfile> result = Lists.newArrayList();
60 
61         for (String key : keyStore.list(Credentials.VPN)) {
62             final VpnProfile profile = VpnProfile.decode(key, keyStore.get(Credentials.VPN + key));
63             if (profile != null && !ArrayUtils.contains(excludeTypes, profile.type)) {
64                 result.add(profile);
65             }
66         }
67         return result;
68     }
69 
genLegacyVpnProfile(JSONObject vpnProfileJson)70     private VpnProfile genLegacyVpnProfile(JSONObject vpnProfileJson) {
71         VpnProfile vp = new VpnProfile(vpnProfileJson.optString("key", ""));
72         vp.name = vpnProfileJson.optString("name", "");
73         vp.type = vpnProfileJson.optInt("type", VpnProfile.TYPE_PPTP);
74         vp.server = vpnProfileJson.optString("server", "");
75         vp.username = vpnProfileJson.optString("username", "");
76         vp.password = vpnProfileJson.optString("password", "");
77         vp.dnsServers = vpnProfileJson.optString("dnsServers", "");
78         vp.searchDomains = vpnProfileJson.optString("searchDomains", "");
79         vp.routes = vpnProfileJson.optString("routes", "");
80         vp.mppe = vpnProfileJson.optBoolean("mppe", true);
81         vp.l2tpSecret = vpnProfileJson.optString("l2tpSecret", "");
82         vp.ipsecIdentifier = vpnProfileJson.optString("ipsecIdentifier", "");
83         vp.ipsecSecret = vpnProfileJson.optString("ipsecSecret", "");
84         vp.ipsecUserCert = vpnProfileJson.optString("ipsecUserCert", "");
85         vp.ipsecCaCert = vpnProfileJson.optString("ipsecCaCert", "");
86         vp.ipsecServerCert = vpnProfileJson.optString("ipsecServerCert", "");
87         vp.saveLogin = vpnProfileJson.optBoolean("saveLogin", false);
88         return vp;
89     }
90 
91     @Rpc(description = "Start legacy VPN with a profile.")
vpnStartLegacyVpn(@pcParametername = "vpnProfile") JSONObject vpnProfile)92     public void vpnStartLegacyVpn(@RpcParameter(name = "vpnProfile") JSONObject vpnProfile)
93             throws RemoteException {
94         VpnProfile profile = genLegacyVpnProfile(vpnProfile);
95         mConService.startLegacyVpn(profile);
96     }
97 
98     @Rpc(description = "Stop the current legacy VPN connection.")
vpnStopLegacyVpn()99     public void vpnStopLegacyVpn() throws RemoteException {
100         mConService.prepareVpn(VpnConfig.LEGACY_VPN, VpnConfig.LEGACY_VPN, mService.getUserId());
101     }
102 
103     @Rpc(description = "Get the info object of the currently active legacy VPN connection.")
vpnGetLegacyVpnInfo()104     public LegacyVpnInfo vpnGetLegacyVpnInfo() throws RemoteException {
105         return mConService.getLegacyVpnInfo(mService.getUserId());
106     }
107 
108     @Override
shutdown()109     public void shutdown() {
110     }
111 
112     @Rpc(description = "Install certificate for RSA VPNs.")
installCertificate(@pcParametername = "vpnProfile") JSONObject vpnProfile, @RpcParameter(name = "certFile") String certFile, @RpcParameter(name = "password") String password)113     public void installCertificate(@RpcParameter(name = "vpnProfile") JSONObject vpnProfile,
114                                    @RpcParameter(name = "certFile") String certFile,
115                                    @RpcParameter(name = "password") String password)
116             throws RemoteException {
117         VpnProfile profile = genLegacyVpnProfile(vpnProfile);
118         mCertHelper.installCertificate(profile, certFile, password);
119     }
120 }
121