Hotspot 2.0 試行錯誤その1 (Androidクライアントからの接続)

OdyssysのHotspot 2.0にAndroid 7.1.1の端末でサインアップしようとすると、passpoint.config が落ちてくるがこのファイルの構造はどうなっているのか

passpoint.config (blog用に一部修正)

Q29udGVudC1UeXBlOiBtdWx0aXBhcnQvbWl4ZWQ7IGJvdW5kYXJ5PXtib3VuZGFyeX0KQ29udGVu
dC1UcmFuc2Zlci1FbmNvZGluZzogYmFzZTY0CgotLXtib3VuZGFyeX0KQ29udGVudC1UeXBlOiBh
cHBsaWNhdGlvbi94LXBhc3Nwb2ludC1wcm9maWxlCkNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6
IGJhc2U2NAoKUEUxbmJYUlVjbVZsSUhodGJHNXpQU0p6ZVc1amJXdzZaRzFrWkdZeExqSWlQZ29n
SUR4V1pYSkVWRVErTVM0eVBDOVdaWEpFVkVRKwpDaUFnUEU1dlpHVStDaUFnSUNBOFRtOWtaVTVo
YldVK1VHVnlVSEp2ZG1sa1pYSlRkV0p6WTNKcGNIUnBiMjQ4TDA1dlpHVk9ZVzFsClBnb2dJQ0Fn
UEZKVVVISnZjR1Z5ZEdsbGN6NEtJQ0FnSUNBZ1BGUjVjR1UrQ2lBZ0lDQWdJQ0FnUEVSRVJrNWhi
V1UrZFhKdU9uZG0KWVRwdGJ6cG9iM1J6Y0c5ME1tUnZkREF0Y0dWeWNISnZkbWxrWlhKemRXSnpZ
M0pwY0hScGIyNDZNUzR3UEM5RVJFWk9ZVzFsUGdvZwpJQ0FnSUNBOEwxUjVjR1UrQ2lBZ0lDQThM
MUpVVUhKdmNHVnlkR2xsY3o0S0lDQWdJRHhPYjJSbFBnb2dJQ0FnSUNBOFRtOWtaVTVoCmJXVStX
REU4TDA1dlpHVk9ZVzFsUGdvZ0lDQWdJQ0E4VG05a1pUNEtJQ0FnSUNBZ0lDQThUbTlrWlU1aGJX
VStRM0psWkdWdWRHbGgKYkR3dlRtOWtaVTVoYldVK0NpQWdJQ0FnSUNBZ1BFNXZaR1UrQ2lBZ0lD
QWdJQ0FnSUNBOFRtOWtaVTVoYldVK1EzSmxZWFJwYjI1RQpZWFJsUEM5T2IyUmxUbUZ0WlQ0S0lD
QWdJQ0FnSUNBZ0lEeFdZV3gxWlQ0eU1ERTNMVEF5TFRFMlZERTBPakl4T2pNMldqd3ZWbUZzCmRX
VStDaUFnSUNBZ0lDQWdQQzlPYjJSbFBnb2dJQ0FnSUNBZ0lEeE9iMlJsUGdvZ0lDQWdJQ0FnSUNB
Z1BFNXZaR1ZPWVcxbFBsVnoKWlhKdVlXMWxVR0Z6YzNkdmNtUThMMDV2WkdWT1lXMWxQZ29nSUNB
Z0lDQWdJQ0FnUEU1dlpHVStDaUFnSUNBZ0lDQWdJQ0FnSUR4TwpiMlJsVG1GdFpUNU5ZV05vYVc1
bFRXRnVZV2RsWkR3dlRtOWtaVTVoYldVK0NpQWdJQ0FnSUNBZ0lDQWdJRHhXWVd4MVpUNTBjblZs
ClBDOVdZV3gxWlQ0S0lDQWdJQ0FnSUNBZ0lEd3ZUbTlrWlQ0S0lDQWdJQ0FnSUNBZ0lEeE9iMlJs
UGdvZ0lDQWdJQ0FnSUNBZ0lDQTgKVG05a1pVNWhiV1UrUlVGUVRXVjBhRzlrUEM5T2IyUmxUbUZ0
WlQ0S0lDQWdJQ0FnSUNBZ0lDQWdQRTV2WkdVK0NpQWdJQ0FnSUNBZwpJQ0FnSUNBZ1BFNXZaR1ZP
WVcxbFBrVkJVRlI1Y0dVOEwwNXZaR1ZPWVcxbFBnb2dJQ0FnSUNBZ0lDQWdJQ0FnSUR4V1lXeDFa
VDR5Ck1Ud3ZWbUZzZFdVK0NpQWdJQ0FnSUNBZ0lDQWdJRHd2VG05a1pUNEtJQ0FnSUNBZ0lDQWdJ
Q0FnUEU1dlpHVStDaUFnSUNBZ0lDQWcKSUNBZ0lDQWdQRTV2WkdWT1lXMWxQa2x1Ym1WeVRXVjBh
RzlrUEM5T2IyUmxUbUZ0WlQ0S0lDQWdJQ0FnSUNBZ0lDQWdJQ0E4Vm1GcwpkV1UrVFZNdFEwaEJV
QzFXTWp3dlZtRnNkV1UrQ2lBZ0lDQWdJQ0FnSUNBZ0lEd3ZUbTlrWlQ0S0lDQWdJQ0FnSUNBZ0lE
d3ZUbTlrClpUNEtJQ0FnSUNBZ0lDQWdJRHhPYjJSbFBnb2dJQ0FnSUNBZ0lDQWdJQ0E4VG05a1pV
NWhiV1UrVlhObGNtNWhiV1U4TDA1dlpHVk8KWVcxbFBnb2dJQ0FnSUNBZ0lDQWdJQ0E4Vm1Gc2RX
VSthRzluWlVCbGVHRnRjR3hsTG01bGREd3ZWbUZzZFdVK0NpQWdJQ0FnSUNBZwpJQ0E4TDA1dlpH
VStDaUFnSUNBZ0lDQWdJQ0E4VG05a1pUNEtJQ0FnSUNBZ0lDQWdJQ0FnUEU1dlpHVk9ZVzFsUGxC
aGMzTjNiM0prClBDOU9iMlJsVG1GdFpUNEtJQ0FnSUNBZ0lDQWdJQ0FnUEZaaGJIVmxQbWh2WjJW
d1lYTnpQQzlXWVd4MVpUNEtJQ0FnSUNBZ0lDQWcKSUR3dlRtOWtaVDRLSUNBZ0lDQWdJQ0E4TDA1
dlpHVStDaUFnSUNBZ0lDQWdQRTV2WkdVK0NpQWdJQ0FnSUNBZ0lDQThUbTlrWlU1aApiV1UrVW1W
aGJHMDhMMDV2WkdWT1lXMWxQZ29nSUNBZ0lDQWdJQ0FnUEZaaGJIVmxQbTlrZVhOemVYTXVibVYw
UEM5V1lXeDFaVDRLCklDQWdJQ0FnSUNBOEwwNXZaR1UrQ2lBZ0lDQWdJRHd2VG05a1pUNEtJQ0Fn
SUNBZ1BFNXZaR1UrQ2lBZ0lDQWdJQ0FnUEU1dlpHVk8KWVcxbFBraHZiV1ZUVUR3dlRtOWtaVTVo
YldVK0NpQWdJQ0FnSUNBZ1BFNXZaR1UrQ2lBZ0lDQWdJQ0FnSUNBOFRtOWtaVTVoYldVKwpSbkpw
Wlc1a2JIbE9ZVzFsUEM5T2IyUmxUbUZ0WlQ0S0lDQWdJQ0FnSUNBZ0lEeFdZV3gxWlQ1WGFVWnBJ
RkJ2ZDJWeVpXUWdZbmtnClQyUjVjM041YytLRW9qd3ZWbUZzZFdVK0NpQWdJQ0FnSUNBZ1BDOU9i
MlJsUGdvZ0lDQWdJQ0FnSUR4T2IyUmxQZ29nSUNBZ0lDQWcKSUNBZ1BFNXZaR1ZPWVcxbFBrWlJS
RTQ4TDA1dlpHVk9ZVzFsUGdvZ0lDQWdJQ0FnSUNBZ1BGWmhiSFZsUG05a2VYTnplWE11Ym1WMApQ
QzlXWVd4MVpUNEtJQ0FnSUNBZ0lDQThMMDV2WkdVK0NpQWdJQ0FnSUR3dlRtOWtaVDRLSUNBZ0lE
d3ZUbTlrWlQ0S0lDQThMMDV2ClpHVStDand2VFdkdGRGUnlaV1UrQ2c9PQotLXtib3VuZGFyeX0K
Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi94LXg1MDktY2EtY2VydApDb250ZW50LVRyYW5zZmVy
LUVuY29kaW5nOiBiYXNlNjQKCk1JSURkVENDQWwyZ0F3SUJBZ0lMQkFBQUFBQUJGVXRhdzVRd0RR
WUpLb1pJaHZjTkFRRUZCUUF3VnpFTE1Ba0dBMVVFQmhNQ1FrVXgKR1RBWEJnTlZCQW9URUVkc2Iy
SmhiRk5wWjI0Z2JuWXRjMkV4RURBT0JnTlZCQXNUQjFKdmIzUWdRMEV4R3pBWkJnTlZCQU1URWtk
cwpiMkpoYkZOcFoyNGdVbTl2ZENCRFFUQWVGdzA1T0RBNU1ERXhNakF3TURCYUZ3MHlPREF4TWpn
eE1qQXdNREJhTUZjeEN6QUpCZ05WCkJBWVRBa0pGTVJrd0Z3WURWUVFLRXhCSGJHOWlZV3hUYVdk
dUlHNTJMWE5oTVJBd0RnWURWUVFMRXdkU2IyOTBJRU5CTVJzd0dRWUQKVlFRREV4SkhiRzlpWVd4
VGFXZHVJRkp2YjNRZ1EwRXdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lC
QVFEYQpEdWFaamM2ajQwK0tmdnZ4aTRNbGErcElIL0Vxc0xtVkVRUzk4R1BSNG1kbXp4emR6eHRJ
Sys2TmlZNmFyeW1BWmF2cHh5MFN5NnNjClRIQUhvVDBLTU0wVmpVLzQzZFNNVUJVYzcxRHV4Qzcz
L09sUzhwRjk0RzNWTlRDT1hrTno4a0hwMVdyanNvazZWams0YndZOGlHbGIKS2szRnAxUzRiSW5N
bS9rOHl1WDlpZlVTUEpKNGx0YmNkRzZUUkdIUmpjZEdzblVPaHVnWml0VnRiTlY0RnBXaTZjZ0tP
T3Z5SkJOUApjMVNURTRVNkc3d2VOTFdMQll5NWQ0dXgyeDhna2FzSlUyNlF6bnMzZExsd1I1RWlV
V01XZWE2eHJrRW1DTWdaSzlGR3FraldaQ3JYCmd6VC9MQ3JCYkJsRFNnZUY1OU44OWlGbzcrcnlV
cDkvazVEUEFnTUJBQUdqUWpCQU1BNEdBMVVkRHdFQi93UUVBd0lCQmpBUEJnTlYKSFJNQkFmOEVC
VEFEQVFIL01CMEdBMVVkRGdRV0JCUmdlMllhUlEyWHlvbFFMMzBFelRTby8vejlTekFOQmdrcWhr
aUc5dzBCQVFVRgpBQU9DQVFFQTFuUG5mRTkyMEkyLzdMcWl2alRGS0RLMWZQeHNuQ3dydlFtZVU3
OXJYcW9SU0xibENLT3p5ajFoVGROR0NiTSt3NkRqClkxVWI4cnJ2clRuaFE3azRvK1l2aWlZNzc2
QlFWdm5HQ3YwNHpjUUxjRkdVbDVnRTM4TmZsTlVWeVJSQm5NUmRkV1FWRGY5Vk1PeUcKai84Tjd5
eTVZMGIycXZ6ZnZHbjlMaEpJWkpyZ2xmQ203eW1QQWJFVnRRd2RwZjVwTEdra2VCNnpweHh4WXU3
S3lKZXNGMTJLd3ZoSApobTRxeEZZeGxkQm5pWVVyK1d5bVhVYWRES3FDNUpsUjNYQzMyMVk5WWVS
cTRWelc5djQ5M2tITUI2NWpVcjlUVS9RcjZjZjl0dmVDClg0WFNRUmpiZ2JNRUhNVWZwSUJ2RlNE
SjNneUlDaDNXWmxYaS9FakpLU1pwNEE9PQotLXtib3VuZGFyeX0tLQoK

結論から言えば、これはBASE64エンコードされたファイルである。
デコードしてみる。

$ base64 -d passpoint.config

Content-Type: multipart/mixed; boundary={boundary}
Content-Transfer-Encoding: base64

--{boundary}
Content-Type: application/x-passpoint-profile
Content-Transfer-Encoding: base64

PE1nbXRUcmVlIHhtbG5zPSJzeW5jbWw6ZG1kZGYxLjIiPgogIDxWZXJEVEQ+MS4yPC9WZXJEVEQ+
CiAgPE5vZGU+CiAgICA8Tm9kZU5hbWU+UGVyUHJvdmlkZXJTdWJzY3JpcHRpb248L05vZGVOYW1l
PgogICAgPFJUUHJvcGVydGllcz4KICAgICAgPFR5cGU+CiAgICAgICAgPERERk5hbWU+dXJuOndm
YTptbzpob3RzcG90MmRvdDAtcGVycHJvdmlkZXJzdWJzY3JpcHRpb246MS4wPC9EREZOYW1lPgog
ICAgICA8L1R5cGU+CiAgICA8L1JUUHJvcGVydGllcz4KICAgIDxOb2RlPgogICAgICA8Tm9kZU5h
bWU+WDE8L05vZGVOYW1lPgogICAgICA8Tm9kZT4KICAgICAgICA8Tm9kZU5hbWU+Q3JlZGVudGlh
bDwvTm9kZU5hbWU+CiAgICAgICAgPE5vZGU+CiAgICAgICAgICA8Tm9kZU5hbWU+Q3JlYXRpb25E
YXRlPC9Ob2RlTmFtZT4KICAgICAgICAgIDxWYWx1ZT4yMDE3LTAyLTE2VDE0OjIxOjM2WjwvVmFs
dWU+CiAgICAgICAgPC9Ob2RlPgogICAgICAgIDxOb2RlPgogICAgICAgICAgPE5vZGVOYW1lPlVz
ZXJuYW1lUGFzc3dvcmQ8L05vZGVOYW1lPgogICAgICAgICAgPE5vZGU+CiAgICAgICAgICAgIDxO
b2RlTmFtZT5NYWNoaW5lTWFuYWdlZDwvTm9kZU5hbWU+CiAgICAgICAgICAgIDxWYWx1ZT50cnVl
PC9WYWx1ZT4KICAgICAgICAgIDwvTm9kZT4KICAgICAgICAgIDxOb2RlPgogICAgICAgICAgICA8
Tm9kZU5hbWU+RUFQTWV0aG9kPC9Ob2RlTmFtZT4KICAgICAgICAgICAgPE5vZGU+CiAgICAgICAg
ICAgICAgPE5vZGVOYW1lPkVBUFR5cGU8L05vZGVOYW1lPgogICAgICAgICAgICAgIDxWYWx1ZT4y
MTwvVmFsdWU+CiAgICAgICAgICAgIDwvTm9kZT4KICAgICAgICAgICAgPE5vZGU+CiAgICAgICAg
ICAgICAgPE5vZGVOYW1lPklubmVyTWV0aG9kPC9Ob2RlTmFtZT4KICAgICAgICAgICAgICA8VmFs
dWU+TVMtQ0hBUC1WMjwvVmFsdWU+CiAgICAgICAgICAgIDwvTm9kZT4KICAgICAgICAgIDwvTm9k
ZT4KICAgICAgICAgIDxOb2RlPgogICAgICAgICAgICA8Tm9kZU5hbWU+VXNlcm5hbWU8L05vZGVO
YW1lPgogICAgICAgICAgICA8VmFsdWU+aG9nZUBleGFtcGxlLm5ldDwvVmFsdWU+CiAgICAgICAg
ICA8L05vZGU+CiAgICAgICAgICA8Tm9kZT4KICAgICAgICAgICAgPE5vZGVOYW1lPlBhc3N3b3Jk
PC9Ob2RlTmFtZT4KICAgICAgICAgICAgPFZhbHVlPmhvZ2VwYXNzPC9WYWx1ZT4KICAgICAgICAg
IDwvTm9kZT4KICAgICAgICA8L05vZGU+CiAgICAgICAgPE5vZGU+CiAgICAgICAgICA8Tm9kZU5h
bWU+UmVhbG08L05vZGVOYW1lPgogICAgICAgICAgPFZhbHVlPm9keXNzeXMubmV0PC9WYWx1ZT4K
ICAgICAgICA8L05vZGU+CiAgICAgIDwvTm9kZT4KICAgICAgPE5vZGU+CiAgICAgICAgPE5vZGVO
YW1lPkhvbWVTUDwvTm9kZU5hbWU+CiAgICAgICAgPE5vZGU+CiAgICAgICAgICA8Tm9kZU5hbWU+
RnJpZW5kbHlOYW1lPC9Ob2RlTmFtZT4KICAgICAgICAgIDxWYWx1ZT5XaUZpIFBvd2VyZWQgYnkg
T2R5c3N5c+KEojwvVmFsdWU+CiAgICAgICAgPC9Ob2RlPgogICAgICAgIDxOb2RlPgogICAgICAg
ICAgPE5vZGVOYW1lPkZRRE48L05vZGVOYW1lPgogICAgICAgICAgPFZhbHVlPm9keXNzeXMubmV0
PC9WYWx1ZT4KICAgICAgICA8L05vZGU+CiAgICAgIDwvTm9kZT4KICAgIDwvTm9kZT4KICA8L05v
ZGU+CjwvTWdtdFRyZWU+Cg==
--{boundary}
Content-Type: application/x-x509-ca-cert
Content-Transfer-Encoding: base64

MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUx
GTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkds
b2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNV
BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYD
VQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa
DuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6sc
THAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlb
Kk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNP
c1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrX
gzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUF
AAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6Dj
Y1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyG
j/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhH
hm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveC
X4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
--{boundary}--

こうなった。
更に、x-passpoint-profile部分を抜き出してデコードしてみる。

<MgmtTree xmlns="syncml:dmddf1.2">
  <VerDTD>1.2</VerDTD>
  <Node>
    <NodeName>PerProviderSubscription</NodeName>
    <RTProperties>
      <Type>
        <DDFName>urn:wfa:mo:hotspot2dot0-perprovidersubscription:1.0</DDFName>
      </Type>
    </RTProperties>
    <Node>
      <NodeName>X1</NodeName>
      <Node>
        <NodeName>Credential</NodeName>
        <Node>
          <NodeName>CreationDate</NodeName>
          <Value>2017-02-16T14:21:36Z</Value>
        </Node>
        <Node>
          <NodeName>UsernamePassword</NodeName>
          <Node>
            <NodeName>MachineManaged</NodeName>
            <Value>true</Value>
          </Node>
          <Node>
            <NodeName>EAPMethod</NodeName>
            <Node>
              <NodeName>EAPType</NodeName>
              <Value>21</Value>
            </Node>
            <Node>
              <NodeName>InnerMethod</NodeName>
              <Value>MS-CHAP-V2</Value>
            </Node>
          </Node>
          <Node>
            <NodeName>Username</NodeName>
            <Value>hoge@example.net</Value>
          </Node>
          <Node>
            <NodeName>Password</NodeName>
            <Value>パスワードがBase64でデコードされたやつ</Value>
          </Node>
        </Node>
        <Node>
          <NodeName>Realm</NodeName>
          <Value>odyssys.net</Value>
        </Node>
      </Node>
      <Node>
        <NodeName>HomeSP</NodeName>
        <Node>
          <NodeName>FriendlyName</NodeName>
          <Value>WiFi Powered by Odyssys&#8482;</Value>
        </Node>
        <Node>
          <NodeName>FQDN</NodeName>
          <Value>odyssys.net</Value>
        </Node>
      </Node>
    </Node>
  </Node>
</MgmtTree>

なるほど。