path: root/hs20
Commit message (Collapse)AuthorAgeFilesLines
* HS 2.0R2: Keep backward compatibility with old icuDmitry Shmidt2014-07-201-0/+4
| | | | | | | This allows hs20-osu-client to be build with additional Android versions. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* HS 2.0 R2: Clear hs20-osu-client configuration keys explicitlyJouni Malinen2014-07-021-2/+2
| | | | | | | | | Use an explicit memset call to clear any hs20-osu-client configuration parameter that contains private information like keys or identity. This brings in an additional layer of protection by reducing the length of time this type of private data is kept in memory. Signed-off-by: Jouni Malinen <j@w1.fi>
* HS 2.0 SPP server: Fix aaa_trust_root_cert_url example to use DERJouni Malinen2014-04-111-1/+1
| | | | | | The trust roots in the PPS MO point to a DER encoded X.509 certificate. Signed-off-by: Jouni Malinen <j@w1.fi>
* OSU server: Add example scripts for Hotspot 2.0 PKIJouni Malinen2014-03-3112-0/+515
| | | | | | | These can be used to generate certificates for developer testing of the OSU protocol. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Add example OSU SPP server implementationJouni Malinen2014-03-3119-0/+3760
| | | | | | | | This is meant mainly for testing purposes and as a reference implementation showing how OSU SPP server could be implemented. This is not suitable for any real production use in its current form. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Clean up debug log during exit pathJouni Malinen2014-03-171-1/+1
| | | | | | | deinit_ctx() may print debug information, so do not call wpa_debug_close_file() before deinit_ctx(). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Do not mandate OCSP response for EST operationsJouni Malinen2014-03-172-0/+12
| | | | | | | | OCSP validation is required only for the OSU operations and since the EST server may use a different server certificate, it may not necessarily support OCSP. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Do not use OSU cert validation for ESTJouni Malinen2014-03-173-5/+16
| | | | | | | | There is no requirement for the EST server to use an OSU server certificate, so do not require friendly name and icon hash matches for EST cases. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Configure OSU client trust root more consistentlyJouni Malinen2014-03-174-75/+61
| | | | | | | | | Some of the code paths could have ended up ignoring CA file name from command line due to overly complex way of setting ctx->ca_fname. Configure this more consistently in osu_client.c as soon as the CA file name has been determined. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Add parse_cert command for debugging purposesJouni Malinen2014-03-111-0/+10
| | | | | | | | This hs20-osu-client client command can be used to parse a DER encoded X.509v3 certificate with the logotype extensions and id-wfa-hotspot-friendlyName values shown in detail. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Add OSU client implementationJouni Malinen2014-03-119-0/+6603
This adds a reference implementation of Hotspot 2.0 Release 2 OSU client. While this implements all of the required functionality, it is likely that a significant extensions would be used to integrate this with user interfaces and operating system configuration components. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>