1 /* 2 * Copyright (C) 2013 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package android.net.wifi; 17 18 import android.os.Parcel; 19 import android.os.Parcelable; 20 import android.security.Credentials; 21 import android.text.TextUtils; 22 23 import java.io.ByteArrayInputStream; 24 import java.security.KeyFactory; 25 import java.security.NoSuchAlgorithmException; 26 import java.security.PrivateKey; 27 import java.security.cert.CertificateEncodingException; 28 import java.security.cert.CertificateException; 29 import java.security.cert.CertificateFactory; 30 import java.security.cert.X509Certificate; 31 import java.security.spec.InvalidKeySpecException; 32 import java.security.spec.PKCS8EncodedKeySpec; 33 import java.util.HashMap; 34 import java.util.Map; 35 36 /** 37 * Enterprise configuration details for Wi-Fi. Stores details about the EAP method 38 * and any associated credentials. 39 */ 40 public class WifiEnterpriseConfig implements Parcelable { 41 42 /** @hide */ 43 public static final String EMPTY_VALUE = "NULL"; 44 /** @hide */ 45 public static final String EAP_KEY = "eap"; 46 /** @hide */ 47 public static final String PHASE2_KEY = "phase2"; 48 /** @hide */ 49 public static final String IDENTITY_KEY = "identity"; 50 /** @hide */ 51 public static final String ANON_IDENTITY_KEY = "anonymous_identity"; 52 /** @hide */ 53 public static final String PASSWORD_KEY = "password"; 54 /** @hide */ 55 public static final String SUBJECT_MATCH_KEY = "subject_match"; 56 /** @hide */ 57 public static final String ALTSUBJECT_MATCH_KEY = "altsubject_match"; 58 /** @hide */ 59 public static final String DOM_SUFFIX_MATCH_KEY = "domain_suffix_match"; 60 /** @hide */ 61 public static final String OPP_KEY_CACHING = "proactive_key_caching"; 62 /** 63 * String representing the keystore OpenSSL ENGINE's ID. 64 * @hide 65 */ 66 public static final String ENGINE_ID_KEYSTORE = "keystore"; 67 68 /** 69 * String representing the keystore URI used for wpa_supplicant. 70 * @hide 71 */ 72 public static final String KEYSTORE_URI = "keystore://"; 73 74 /** 75 * String to set the engine value to when it should be enabled. 76 * @hide 77 */ 78 public static final String ENGINE_ENABLE = "1"; 79 80 /** 81 * String to set the engine value to when it should be disabled. 82 * @hide 83 */ 84 public static final String ENGINE_DISABLE = "0"; 85 86 /** @hide */ 87 public static final String CA_CERT_PREFIX = KEYSTORE_URI + Credentials.CA_CERTIFICATE; 88 /** @hide */ 89 public static final String CLIENT_CERT_PREFIX = KEYSTORE_URI + Credentials.USER_CERTIFICATE; 90 /** @hide */ 91 public static final String CLIENT_CERT_KEY = "client_cert"; 92 /** @hide */ 93 public static final String CA_CERT_KEY = "ca_cert"; 94 /** @hide */ 95 public static final String ENGINE_KEY = "engine"; 96 /** @hide */ 97 public static final String ENGINE_ID_KEY = "engine_id"; 98 /** @hide */ 99 public static final String PRIVATE_KEY_ID_KEY = "key_id"; 100 /** @hide */ 101 public static final String REALM_KEY = "realm"; 102 /** @hide */ 103 public static final String PLMN_KEY = "plmn"; 104 105 106 private HashMap<String, String> mFields = new HashMap<String, String>(); 107 private X509Certificate mCaCert; 108 private PrivateKey mClientPrivateKey; 109 private X509Certificate mClientCertificate; 110 111 public WifiEnterpriseConfig() { 112 // Do not set defaults so that the enterprise fields that are not changed 113 // by API are not changed underneath 114 // This is essential because an app may not have all fields like password 115 // available. It allows modification of subset of fields. 116 117 } 118 119 /** Copy constructor */ 120 public WifiEnterpriseConfig(WifiEnterpriseConfig source) { 121 for (String key : source.mFields.keySet()) { 122 mFields.put(key, source.mFields.get(key)); 123 } 124 } 125 126 @Override 127 public int describeContents() { 128 return 0; 129 } 130 131 @Override 132 public void writeToParcel(Parcel dest, int flags) { 133 dest.writeInt(mFields.size()); 134 for (Map.Entry<String, String> entry : mFields.entrySet()) { 135 dest.writeString(entry.getKey()); 136 dest.writeString(entry.getValue()); 137 } 138 139 writeCertificate(dest, mCaCert); 140 141 if (mClientPrivateKey != null) { 142 String algorithm = mClientPrivateKey.getAlgorithm(); 143 byte[] userKeyBytes = mClientPrivateKey.getEncoded(); 144 dest.writeInt(userKeyBytes.length); 145 dest.writeByteArray(userKeyBytes); 146 dest.writeString(algorithm); 147 } else { 148 dest.writeInt(0); 149 } 150 151 writeCertificate(dest, mClientCertificate); 152 } 153 154 private void writeCertificate(Parcel dest, X509Certificate cert) { 155 if (cert != null) { 156 try { 157 byte[] certBytes = cert.getEncoded(); 158 dest.writeInt(certBytes.length); 159 dest.writeByteArray(certBytes); 160 } catch (CertificateEncodingException e) { 161 dest.writeInt(0); 162 } 163 } else { 164 dest.writeInt(0); 165 } 166 } 167 168 public static final Creator<WifiEnterpriseConfig> CREATOR = 169 new Creator<WifiEnterpriseConfig>() { 170 public WifiEnterpriseConfig createFromParcel(Parcel in) { 171 WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig(); 172 int count = in.readInt(); 173 for (int i = 0; i < count; i++) { 174 String key = in.readString(); 175 String value = in.readString(); 176 enterpriseConfig.mFields.put(key, value); 177 } 178 179 enterpriseConfig.mCaCert = readCertificate(in); 180 181 PrivateKey userKey = null; 182 int len = in.readInt(); 183 if (len > 0) { 184 try { 185 byte[] bytes = new byte[len]; 186 in.readByteArray(bytes); 187 String algorithm = in.readString(); 188 KeyFactory keyFactory = KeyFactory.getInstance(algorithm); 189 userKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes)); 190 } catch (NoSuchAlgorithmException e) { 191 userKey = null; 192 } catch (InvalidKeySpecException e) { 193 userKey = null; 194 } 195 } 196 197 enterpriseConfig.mClientPrivateKey = userKey; 198 enterpriseConfig.mClientCertificate = readCertificate(in); 199 return enterpriseConfig; 200 } 201 202 private X509Certificate readCertificate(Parcel in) { 203 X509Certificate cert = null; 204 int len = in.readInt(); 205 if (len > 0) { 206 try { 207 byte[] bytes = new byte[len]; 208 in.readByteArray(bytes); 209 CertificateFactory cFactory = CertificateFactory.getInstance("X.509"); 210 cert = (X509Certificate) cFactory 211 .generateCertificate(new ByteArrayInputStream(bytes)); 212 } catch (CertificateException e) { 213 cert = null; 214 } 215 } 216 return cert; 217 } 218 219 public WifiEnterpriseConfig[] newArray(int size) { 220 return new WifiEnterpriseConfig[size]; 221 } 222 }; 223 224 /** The Extensible Authentication Protocol method used */ 225 public static final class Eap { 226 /** No EAP method used. Represents an empty config */ 227 public static final int NONE = -1; 228 /** Protected EAP */ 229 public static final int PEAP = 0; 230 /** EAP-Transport Layer Security */ 231 public static final int TLS = 1; 232 /** EAP-Tunneled Transport Layer Security */ 233 public static final int TTLS = 2; 234 /** EAP-Password */ 235 public static final int PWD = 3; 236 /** EAP-Subscriber Identity Module */ 237 public static final int SIM = 4; 238 /** EAP-Authentication and Key Agreement */ 239 public static final int AKA = 5; 240 /** EAP-Authentication and Key Agreement Prime */ 241 public static final int AKA_PRIME = 6; 242 /** @hide */ 243 public static final String[] strings = { "PEAP", "TLS", "TTLS", "PWD", "SIM", "AKA", "AKA'" }; 244 245 /** Prevent initialization */ 246 private Eap() {} 247 } 248 249 /** The inner authentication method used */ 250 public static final class Phase2 { 251 public static final int NONE = 0; 252 /** Password Authentication Protocol */ 253 public static final int PAP = 1; 254 /** Microsoft Challenge Handshake Authentication Protocol */ 255 public static final int MSCHAP = 2; 256 /** Microsoft Challenge Handshake Authentication Protocol v2 */ 257 public static final int MSCHAPV2 = 3; 258 /** Generic Token Card */ 259 public static final int GTC = 4; 260 private static final String PREFIX = "auth="; 261 /** @hide */ 262 public static final String[] strings = {EMPTY_VALUE, "PAP", "MSCHAP", 263 "MSCHAPV2", "GTC" }; 264 265 /** Prevent initialization */ 266 private Phase2() {} 267 } 268 269 /** Internal use only 270 * @hide 271 */ 272 public HashMap<String, String> getFields() { 273 return mFields; 274 } 275 276 /** 277 * Set the EAP authentication method. 278 * @param eapMethod is one {@link Eap#PEAP}, {@link Eap#TLS}, {@link Eap#TTLS} or 279 * {@link Eap#PWD} 280 * @throws IllegalArgumentException on an invalid eap method 281 */ 282 public void setEapMethod(int eapMethod) { 283 switch (eapMethod) { 284 /** Valid methods */ 285 case Eap.TLS: 286 setPhase2Method(Phase2.NONE); 287 /* fall through */ 288 case Eap.PEAP: 289 case Eap.PWD: 290 case Eap.TTLS: 291 case Eap.SIM: 292 case Eap.AKA: 293 case Eap.AKA_PRIME: 294 mFields.put(EAP_KEY, Eap.strings[eapMethod]); 295 mFields.put(OPP_KEY_CACHING, "1"); 296 break; 297 default: 298 throw new IllegalArgumentException("Unknown EAP method"); 299 } 300 } 301 302 /** 303 * Get the eap method. 304 * @return eap method configured 305 */ 306 public int getEapMethod() { 307 String eapMethod = mFields.get(EAP_KEY); 308 return getStringIndex(Eap.strings, eapMethod, Eap.NONE); 309 } 310 311 /** 312 * Set Phase 2 authentication method. Sets the inner authentication method to be used in 313 * phase 2 after setting up a secure channel 314 * @param phase2Method is the inner authentication method and can be one of {@link Phase2#NONE}, 315 * {@link Phase2#PAP}, {@link Phase2#MSCHAP}, {@link Phase2#MSCHAPV2}, 316 * {@link Phase2#GTC} 317 * @throws IllegalArgumentException on an invalid phase2 method 318 * 319 */ 320 public void setPhase2Method(int phase2Method) { 321 switch (phase2Method) { 322 case Phase2.NONE: 323 mFields.put(PHASE2_KEY, EMPTY_VALUE); 324 break; 325 /** Valid methods */ 326 case Phase2.PAP: 327 case Phase2.MSCHAP: 328 case Phase2.MSCHAPV2: 329 case Phase2.GTC: 330 mFields.put(PHASE2_KEY, convertToQuotedString( 331 Phase2.PREFIX + Phase2.strings[phase2Method])); 332 break; 333 default: 334 throw new IllegalArgumentException("Unknown Phase 2 method"); 335 } 336 } 337 338 /** 339 * Get the phase 2 authentication method. 340 * @return a phase 2 method defined at {@link Phase2} 341 * */ 342 public int getPhase2Method() { 343 String phase2Method = removeDoubleQuotes(mFields.get(PHASE2_KEY)); 344 // Remove auth= prefix 345 if (phase2Method.startsWith(Phase2.PREFIX)) { 346 phase2Method = phase2Method.substring(Phase2.PREFIX.length()); 347 } 348 return getStringIndex(Phase2.strings, phase2Method, Phase2.NONE); 349 } 350 351 /** 352 * Set the identity 353 * @param identity 354 */ 355 public void setIdentity(String identity) { 356 setFieldValue(IDENTITY_KEY, identity, ""); 357 } 358 359 /** 360 * Get the identity 361 * @return the identity 362 */ 363 public String getIdentity() { 364 return getFieldValue(IDENTITY_KEY, ""); 365 } 366 367 /** 368 * Set anonymous identity. This is used as the unencrypted identity with 369 * certain EAP types 370 * @param anonymousIdentity the anonymous identity 371 */ 372 public void setAnonymousIdentity(String anonymousIdentity) { 373 setFieldValue(ANON_IDENTITY_KEY, anonymousIdentity, ""); 374 } 375 376 /** Get the anonymous identity 377 * @return anonymous identity 378 */ 379 public String getAnonymousIdentity() { 380 return getFieldValue(ANON_IDENTITY_KEY, ""); 381 } 382 383 /** 384 * Set the password. 385 * @param password the password 386 */ 387 public void setPassword(String password) { 388 setFieldValue(PASSWORD_KEY, password, ""); 389 } 390 391 /** 392 * Get the password. 393 * 394 * Returns locally set password value. For networks fetched from 395 * framework, returns "*". 396 */ 397 public String getPassword() { 398 return getFieldValue(PASSWORD_KEY, ""); 399 } 400 401 /** 402 * Set CA certificate alias. 403 * 404 * <p> See the {@link android.security.KeyChain} for details on installing or choosing 405 * a certificate 406 * </p> 407 * @param alias identifies the certificate 408 * @hide 409 */ 410 public void setCaCertificateAlias(String alias) { 411 setFieldValue(CA_CERT_KEY, alias, CA_CERT_PREFIX); 412 } 413 414 /** 415 * Get CA certificate alias 416 * @return alias to the CA certificate 417 * @hide 418 */ 419 public String getCaCertificateAlias() { 420 return getFieldValue(CA_CERT_KEY, CA_CERT_PREFIX); 421 } 422 423 /** 424 * Specify a X.509 certificate that identifies the server. 425 * 426 * <p>A default name is automatically assigned to the certificate and used 427 * with this configuration. The framework takes care of installing the 428 * certificate when the config is saved and removing the certificate when 429 * the config is removed. 430 * 431 * @param cert X.509 CA certificate 432 * @throws IllegalArgumentException if not a CA certificate 433 */ 434 public void setCaCertificate(X509Certificate cert) { 435 if (cert != null) { 436 if (cert.getBasicConstraints() >= 0) { 437 mCaCert = cert; 438 } else { 439 throw new IllegalArgumentException("Not a CA certificate"); 440 } 441 } else { 442 mCaCert = null; 443 } 444 } 445 446 /** 447 * Get CA certificate 448 * @return X.509 CA certificate 449 */ 450 public X509Certificate getCaCertificate() { 451 return mCaCert; 452 } 453 454 /** 455 * @hide 456 */ 457 public void resetCaCertificate() { 458 mCaCert = null; 459 } 460 461 /** Set Client certificate alias. 462 * 463 * <p> See the {@link android.security.KeyChain} for details on installing or choosing 464 * a certificate 465 * </p> 466 * @param alias identifies the certificate 467 * @hide 468 */ 469 public void setClientCertificateAlias(String alias) { 470 setFieldValue(CLIENT_CERT_KEY, alias, CLIENT_CERT_PREFIX); 471 setFieldValue(PRIVATE_KEY_ID_KEY, alias, Credentials.USER_PRIVATE_KEY); 472 // Also, set engine parameters 473 if (TextUtils.isEmpty(alias)) { 474 mFields.put(ENGINE_KEY, ENGINE_DISABLE); 475 mFields.put(ENGINE_ID_KEY, EMPTY_VALUE); 476 } else { 477 mFields.put(ENGINE_KEY, ENGINE_ENABLE); 478 mFields.put(ENGINE_ID_KEY, convertToQuotedString(ENGINE_ID_KEYSTORE)); 479 } 480 } 481 482 /** 483 * Get client certificate alias 484 * @return alias to the client certificate 485 * @hide 486 */ 487 public String getClientCertificateAlias() { 488 return getFieldValue(CLIENT_CERT_KEY, CLIENT_CERT_PREFIX); 489 } 490 491 /** 492 * Specify a private key and client certificate for client authorization. 493 * 494 * <p>A default name is automatically assigned to the key entry and used 495 * with this configuration. The framework takes care of installing the 496 * key entry when the config is saved and removing the key entry when 497 * the config is removed. 498 499 * @param privateKey 500 * @param clientCertificate 501 * @throws IllegalArgumentException for an invalid key or certificate. 502 */ 503 public void setClientKeyEntry(PrivateKey privateKey, X509Certificate clientCertificate) { 504 if (clientCertificate != null) { 505 if (clientCertificate.getBasicConstraints() != -1) { 506 throw new IllegalArgumentException("Cannot be a CA certificate"); 507 } 508 if (privateKey == null) { 509 throw new IllegalArgumentException("Client cert without a private key"); 510 } 511 if (privateKey.getEncoded() == null) { 512 throw new IllegalArgumentException("Private key cannot be encoded"); 513 } 514 } 515 516 mClientPrivateKey = privateKey; 517 mClientCertificate = clientCertificate; 518 } 519 520 /** 521 * Get client certificate 522 * 523 * @return X.509 client certificate 524 */ 525 public X509Certificate getClientCertificate() { 526 return mClientCertificate; 527 } 528 529 /** 530 * @hide 531 */ 532 public void resetClientKeyEntry() { 533 mClientPrivateKey = null; 534 mClientCertificate = null; 535 } 536 537 /** 538 * @hide 539 */ 540 public PrivateKey getClientPrivateKey() { 541 return mClientPrivateKey; 542 } 543 544 /** 545 * Set subject match (deprecated). This is the substring to be matched against the subject of 546 * the authentication server certificate. 547 * @param subjectMatch substring to be matched 548 * @deprecated in favor of altSubjectMatch 549 */ 550 public void setSubjectMatch(String subjectMatch) { 551 setFieldValue(SUBJECT_MATCH_KEY, subjectMatch, ""); 552 } 553 554 /** 555 * Get subject match (deprecated) 556 * @return the subject match string 557 * @deprecated in favor of altSubjectMatch 558 */ 559 public String getSubjectMatch() { 560 return getFieldValue(SUBJECT_MATCH_KEY, ""); 561 } 562 563 /** 564 * Set alternate subject match. This is the substring to be matched against the 565 * alternate subject of the authentication server certificate. 566 * @param altSubjectMatch substring to be matched, for example 567 * DNS:server.example.com;EMAIL:server (at) example.com 568 */ 569 public void setAltSubjectMatch(String altSubjectMatch) { 570 setFieldValue(ALTSUBJECT_MATCH_KEY, altSubjectMatch, ""); 571 } 572 573 /** 574 * Get alternate subject match 575 * @return the alternate subject match string 576 */ 577 public String getAltSubjectMatch() { 578 return getFieldValue(ALTSUBJECT_MATCH_KEY, ""); 579 } 580 581 /** 582 * Set the domain_suffix_match directive on wpa_supplicant. This is the parameter to use 583 * for Hotspot 2.0 defined matching of AAA server certs per WFA HS2.0 spec, section 7.3.3.2, 584 * second paragraph. 585 * 586 * From wpa_supplicant documentation: 587 * Constraint for server domain name. If set, this FQDN is used as a suffix match requirement 588 * for the AAAserver certificate in SubjectAltName dNSName element(s). If a matching dNSName is 589 * found, this constraint is met. If no dNSName values are present, this constraint is matched 590 * against SubjectName CN using same suffix match comparison. 591 * Suffix match here means that the host/domain name is compared one label at a time starting 592 * from the top-level domain and all the labels in domain_suffix_match shall be included in the 593 * certificate. The certificate may include additional sub-level labels in addition to the 594 * required labels. 595 * For example, domain_suffix_match=example.com would match test.example.com but would not 596 * match test-example.com. 597 * @param domain The domain value 598 */ 599 public void setDomainSuffixMatch(String domain) { 600 setFieldValue(DOM_SUFFIX_MATCH_KEY, domain); 601 } 602 603 /** 604 * Get the domain_suffix_match value. See setDomSuffixMatch. 605 * @return The domain value. 606 */ 607 public String getDomainSuffixMatch() { 608 return getFieldValue(DOM_SUFFIX_MATCH_KEY, ""); 609 } 610 611 /** 612 * Set realm for passpoint credential; realm identifies a set of networks where your 613 * passpoint credential can be used 614 * @param realm the realm 615 */ 616 public void setRealm(String realm) { 617 setFieldValue(REALM_KEY, realm, ""); 618 } 619 620 /** 621 * Get realm for passpoint credential; see {@link #setRealm(String)} for more information 622 * @return the realm 623 */ 624 public String getRealm() { 625 return getFieldValue(REALM_KEY, ""); 626 } 627 628 /** 629 * Set plmn (Public Land Mobile Network) of the provider of passpoint credential 630 * @param plmn the plmn value derived from mcc (mobile country code) & mnc (mobile network code) 631 */ 632 public void setPlmn(String plmn) { 633 setFieldValue(PLMN_KEY, plmn, ""); 634 } 635 636 /** 637 * Get plmn (Public Land Mobile Network) for passpoint credential; see {@link #setPlmn 638 * (String)} for more information 639 * @return the plmn 640 */ 641 public String getPlmn() { 642 return getFieldValue(PLMN_KEY, ""); 643 } 644 645 /** See {@link WifiConfiguration#getKeyIdForCredentials} @hide */ 646 String getKeyId(WifiEnterpriseConfig current) { 647 String eap = mFields.get(EAP_KEY); 648 String phase2 = mFields.get(PHASE2_KEY); 649 650 // If either eap or phase2 are not initialized, use current config details 651 if (TextUtils.isEmpty((eap))) { 652 eap = current.mFields.get(EAP_KEY); 653 } 654 if (TextUtils.isEmpty(phase2)) { 655 phase2 = current.mFields.get(PHASE2_KEY); 656 } 657 return eap + "_" + phase2; 658 } 659 660 private String removeDoubleQuotes(String string) { 661 if (TextUtils.isEmpty(string)) return ""; 662 int length = string.length(); 663 if ((length > 1) && (string.charAt(0) == '"') 664 && (string.charAt(length - 1) == '"')) { 665 return string.substring(1, length - 1); 666 } 667 return string; 668 } 669 670 private String convertToQuotedString(String string) { 671 return "\"" + string + "\""; 672 } 673 674 /** Returns the index at which the toBeFound string is found in the array. 675 * @param arr array of strings 676 * @param toBeFound string to be found 677 * @param defaultIndex default index to be returned when string is not found 678 * @return the index into array 679 */ 680 private int getStringIndex(String arr[], String toBeFound, int defaultIndex) { 681 if (TextUtils.isEmpty(toBeFound)) return defaultIndex; 682 for (int i = 0; i < arr.length; i++) { 683 if (toBeFound.equals(arr[i])) return i; 684 } 685 return defaultIndex; 686 } 687 688 /** Returns the field value for the key. 689 * @param key into the hash 690 * @param prefix is the prefix that the value may have 691 * @return value 692 * @hide 693 */ 694 public String getFieldValue(String key, String prefix) { 695 String value = mFields.get(key); 696 // Uninitialized or known to be empty after reading from supplicant 697 if (TextUtils.isEmpty(value) || EMPTY_VALUE.equals(value)) return ""; 698 699 value = removeDoubleQuotes(value); 700 if (value.startsWith(prefix)) { 701 return value.substring(prefix.length()); 702 } else { 703 return value; 704 } 705 } 706 707 /** Set a value with an optional prefix at key 708 * @param key into the hash 709 * @param value to be set 710 * @param prefix an optional value to be prefixed to actual value 711 * @hide 712 */ 713 public void setFieldValue(String key, String value, String prefix) { 714 if (TextUtils.isEmpty(value)) { 715 mFields.put(key, EMPTY_VALUE); 716 } else { 717 mFields.put(key, convertToQuotedString(prefix + value)); 718 } 719 } 720 721 722 /** Set a value with an optional prefix at key 723 * @param key into the hash 724 * @param value to be set 725 * @param prefix an optional value to be prefixed to actual value 726 * @hide 727 */ 728 public void setFieldValue(String key, String value) { 729 if (TextUtils.isEmpty(value)) { 730 mFields.put(key, EMPTY_VALUE); 731 } else { 732 mFields.put(key, convertToQuotedString(value)); 733 } 734 } 735 736 @Override 737 public String toString() { 738 StringBuffer sb = new StringBuffer(); 739 for (String key : mFields.keySet()) { 740 sb.append(key).append(" ").append(mFields.get(key)).append("\n"); 741 } 742 return sb.toString(); 743 } 744 } 745