Modify Encrypted IMSI, remove deprecated protocols

Bug: 133431451 Test: atest com.android.server.wifi Test: live test with Carrer <XX> test network Change-Id: I71a9df1e60934b798057ca8e7bbaa2a3ccc3c58f
author: Etan Cohen <etancohen@google.com> 2019-05-22 14:57:17 -0700
committer: David Su <dysu@google.com> 2019-05-24 18:36:17 -0700
commit: 8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b (patch)
tree: fc28de5ed681b2efc9d680c6633d79df0248989f
parent: 080083b69d931a22bba4d26c85c05cab22e8d71a (diff)
download: android_frameworks_opt_net_wifi-8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b.tar.gz
android_frameworks_opt_net_wifi-8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b.tar.bz2
android_frameworks_opt_net_wifi-8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b.zip
10 files changed, 26 insertions, 353 deletions
diff --git a/service/java/com/android/server/wifi/CarrierNetworkConfig.java b/service/java/com/android/server/wifi/CarrierNetworkConfig.java
index 20aac5bc1..4c92d6b39 100644
--- a/service/java/com/android/server/wifi/CarrierNetworkConfig.java
+++ b/service/java/com/android/server/wifi/CarrierNetworkConfig.java
@@ -60,31 +60,8 @@ public class CarrierNetworkConfig {
 
     private final Map<String, NetworkInfo> mCarrierNetworkMap;
     private boolean mIsCarrierImsiEncryptionInfoAvailable = false;
-    private int mBase64EncodingMethod = Base64.DEFAULT;
-    private int mEapIdentitySequence = IDENTITY_SEQUENCE_IMSI_V1_0;
     private ImsiEncryptionInfo mLastImsiEncryptionInfo = null; // used for dumpsys only
 
-    // RFC2045: adds Line Feed at each 76 chars and encode it.
-    public static final int ENCODING_METHOD_RFC_2045 = 2045;
-
-    // RFC4648: encodes whole data into one string.
-    public static final int ENCODING_METHOD_RFC_4648 = 4648;
-
-    // Send encrypted IMSI with the format of V1.0
-    // V1.0 format: "\0"|<encrypted IMSI>|@NAIRealm
-    // <encrypted IMSI>: Base64{RSA Public Key Encryption{<permanent ID>}}
-    // <permanent ID>: One char ("0" for AKA, "1" for SIM, "6" for AKA')|IMSI
-    public static final int IDENTITY_SEQUENCE_IMSI_V1_0 = 1;
-
-    // Send anonymous identity and encrypted IMSI identity with the format of V1.0
-    public static final int IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0 = 2;
-
-    // Send anonymous identity and encrypted IMSI identity with the format of V1.6
-    // V1.6 format: "\0"|<encrypted identity>
-    // <encrypted identity>: Base64{RSA Public Key Encryption{<permanent ID>}}.
-    // <permanent ID>: One char ("0" for AKA, "1" for SIM, "6" for AKA')|IMSI|@NAIRealm
-    public static final int IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6 = 3;
-
     /**
      * Enable/disable verbose logging.
      */
@@ -142,29 +119,6 @@ public class CarrierNetworkConfig {
     }
 
     /**
-     * @return the base64 encoding flag for current carrier.
-     */
-    public int getBase64EncodingFlag() {
-        return mBase64EncodingMethod;
-    }
-
-    /**
-     * @return the sequence of sending EAP-IDENTITY during EAP SIM/AKA authentication.
-     */
-    public int getEapIdentitySequence() {
-        return mEapIdentitySequence;
-    }
-
-    /**
-     * @return {@code true} if current carrier wifi network supports anonymous identity, {@code
-     * false} otherwise.
-     */
-    public boolean isSupportAnonymousIdentity() {
-        return mEapIdentitySequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0
-                || mEapIdentitySequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6;
-    }
-
-    /**
      * @return True if carrier IMSI encryption info is available, False otherwise.
      */
     public boolean isCarrierEncryptionInfoAvailable() {
@@ -281,27 +235,6 @@ public class CarrierNetworkConfig {
             return;
         }
 
-        int encodeMethod = carrierConfig.getInt(
-                CarrierConfigManager.KEY_IMSI_ENCODING_METHOD_INT, ENCODING_METHOD_RFC_2045);
-        if (encodeMethod != ENCODING_METHOD_RFC_2045 && encodeMethod != ENCODING_METHOD_RFC_4648) {
-            Log.e(TAG, "Invalid encoding method type: " + encodeMethod);
-            return;
-        }
-        mBase64EncodingMethod = Base64.DEFAULT;
-        if (encodeMethod == ENCODING_METHOD_RFC_4648) {
-            mBase64EncodingMethod = Base64.NO_WRAP;
-        }
-
-        int sequence = carrierConfig.getInt(CarrierConfigManager.KEY_EAP_IDENTITY_SEQUENCE_INT,
-                IDENTITY_SEQUENCE_IMSI_V1_0);
-        if (sequence != IDENTITY_SEQUENCE_IMSI_V1_0
-                && sequence != IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0
-                && sequence != IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6) {
-            Log.e(TAG, "Invalid eap identity sequence: " + sequence);
-            return;
-        }
-        mEapIdentitySequence = sequence;
-
         for (String networkConfig : networkConfigs) {
             String[] configArr = networkConfig.split(NETWORK_CONFIG_SEPARATOR);
             if (configArr.length != CONFIG_ELEMENT_SIZE) {
@@ -311,7 +244,7 @@ public class CarrierNetworkConfig {
             try {
 
                 String ssid = new String(Base64.decode(
-                        configArr[ENCODED_SSID_INDEX], mBase64EncodingMethod));
+                        configArr[ENCODED_SSID_INDEX], Base64.NO_WRAP));
                 int eapType = parseEapType(Integer.parseInt(configArr[EAP_TYPE_INDEX]));
 
                 // Verify EAP type, must be a SIM based EAP type.
@@ -355,8 +288,6 @@ public class CarrierNetworkConfig {
         pw.println("mCarrierNetworkMap=" + mCarrierNetworkMap);
         pw.println("mIsCarrierImsiEncryptionInfoAvailable="
                 + mIsCarrierImsiEncryptionInfoAvailable);
-        pw.println("mBase64EncodingMethod=" + mBase64EncodingMethod);
-        pw.println("mEapIdentitySequence=" + mEapIdentitySequence);
         pw.println("mLastImsiEncryptionInfo=" + mLastImsiEncryptionInfo);
     }
 }
diff --git a/service/java/com/android/server/wifi/CarrierNetworkEvaluator.java b/service/java/com/android/server/wifi/CarrierNetworkEvaluator.java
index 3b19eaff8..f042e796c 100644
--- a/service/java/com/android/server/wifi/CarrierNetworkEvaluator.java
+++ b/service/java/com/android/server/wifi/CarrierNetworkEvaluator.java
@@ -159,12 +159,9 @@ public class CarrierNetworkEvaluator implements NetworkEvaluator {
             if (config != null) {
                 nss = config.getNetworkSelectionStatus();
 
-                // In case of a carrier supporting anonymous identity, we need
-                // to send anonymous@realm as EAP-IDENTITY response.
-                if (mCarrierNetworkConfig.isSupportAnonymousIdentity()) {
-                    config.enterpriseConfig.setAnonymousIdentity(
-                            TelephonyUtil.getAnonymousIdentityWith3GppRealm(getTelephonyManager()));
-                }
+                // Send anonymous@realm as EAP-IDENTITY response.
+                config.enterpriseConfig.setAnonymousIdentity(
+                        TelephonyUtil.getAnonymousIdentityWith3GppRealm(getTelephonyManager()));
             }
             if (nss == null) {
                 mLocalLog.log(TAG + ": null network selection status for: " + config);
diff --git a/service/java/com/android/server/wifi/ClientModeImpl.java b/service/java/com/android/server/wifi/ClientModeImpl.java
index 4adf27ff0..2b39ea164 100644
--- a/service/java/com/android/server/wifi/ClientModeImpl.java
+++ b/service/java/com/android/server/wifi/ClientModeImpl.java
@@ -4441,11 +4441,8 @@ public class ClientModeImpl extends StateMachine {
                             } else {
                                 CarrierNetworkConfig carrierNetworkConfig =
                                         mWifiInjector.getCarrierNetworkConfig();
-                                if (carrierNetworkConfig.isCarrierEncryptionInfoAvailable()
-                                        && carrierNetworkConfig.isSupportAnonymousIdentity()) {
-                                    // In case of a carrier supporting encrypted IMSI and
-                                    // anonymous identity, we need to send anonymous@realm as
-                                    // EAP-IDENTITY response.
+                                if (carrierNetworkConfig.isCarrierEncryptionInfoAvailable()) {
+                                    // Send anonymous@realm as EAP-IDENTITY response.
                                     config.enterpriseConfig.setAnonymousIdentity(
                                             TelephonyUtil.getAnonymousIdentityWith3GppRealm(
                                                     getTelephonyManager()));
diff --git a/service/java/com/android/server/wifi/hotspot2/PasspointNetworkEvaluator.java b/service/java/com/android/server/wifi/hotspot2/PasspointNetworkEvaluator.java
index 5629ec573..a2838b5fd 100644
--- a/service/java/com/android/server/wifi/hotspot2/PasspointNetworkEvaluator.java
+++ b/service/java/com/android/server/wifi/hotspot2/PasspointNetworkEvaluator.java
@@ -222,10 +222,8 @@ public class PasspointNetworkEvaluator implements WifiNetworkSelector.NetworkEva
     private WifiConfiguration createWifiConfigForProvider(PasspointNetworkCandidate networkInfo) {
         WifiConfiguration config = networkInfo.mProvider.getWifiConfig();
         if (TelephonyUtil.isSimEapMethod(config.enterpriseConfig.getEapMethod())
-                && mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()
-                && mCarrierNetworkConfig.isSupportAnonymousIdentity()) {
-            // In case of a carrier supporting encrypted IMSI and anonymous identity, we need
-            // to send anonymous@realm as EAP-IDENTITY response.
+                && mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()) {
+            // Send anonymous@realm as EAP-IDENTITY response.
             config.enterpriseConfig.setAnonymousIdentity(
                     TelephonyUtil.getAnonymousIdentityWith3GppRealm(
                             getTelephonyManager()));
diff --git a/service/java/com/android/server/wifi/util/TelephonyUtil.java b/service/java/com/android/server/wifi/util/TelephonyUtil.java
index 1d19c9f5e..16d75e38f 100644
--- a/service/java/com/android/server/wifi/util/TelephonyUtil.java
+++ b/service/java/com/android/server/wifi/util/TelephonyUtil.java
@@ -16,10 +16,6 @@
 
 package com.android.server.wifi.util;
 
-import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0;
-import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6;
-import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0;
-
 import android.annotation.NonNull;
 import android.net.wifi.WifiConfiguration;
 import android.net.wifi.WifiEnterpriseConfig;
@@ -130,23 +126,12 @@ public class TelephonyUtil {
             return Pair.create(identity, "");
         }
 
-        int base64EncodingFlag = carrierNetworkConfig.getBase64EncodingFlag();
-
-        String encryptedIdentity = null;
-        int eapSequence = carrierNetworkConfig.getEapIdentitySequence();
-        if (eapSequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6) {
-            encryptedIdentity = buildEncryptedIdentityV1_6(telephonyUtil, identity,
-                    imsiEncryptionInfo, base64EncodingFlag);
-        } else if (eapSequence == IDENTITY_SEQUENCE_IMSI_V1_0
-                || eapSequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0) {
-            encryptedIdentity = buildEncryptedIdentityV1_0(telephonyUtil,
-                    getSimMethodForConfig(config), imsi, mccMnc, imsiEncryptionInfo,
-                    base64EncodingFlag);
-        }
+        String encryptedIdentity = buildEncryptedIdentity(telephonyUtil, identity,
+                    imsiEncryptionInfo);
 
         // In case of failure for encryption, abort current EAP authentication.
         if (encryptedIdentity == null) {
-            Log.e(TAG, "failed to encrypt the identity, eapIdentitySequence: " + eapSequence);
+            Log.e(TAG, "failed to encrypt the identity");
             return null;
         }
         return Pair.create(identity, encryptedIdentity);
@@ -209,65 +194,21 @@ public class TelephonyUtil {
     }
 
     /**
-     * Create the encrypted identity for V1.0.
-     *
-     * Prefix value:
-     * "0" - EAP-AKA Identity
-     * "1" - EAP-SIM Identity
-     * "6" - EAP-AKA' Identity
-     * Encrypted Identity format for V1.0: prefix|IMSI
-     * @param eapMethod EAP authentication method: EAP-SIM, EAP-AKA, EAP-AKA'
-     * @param imsi The IMSI retrieved from the SIM
-     * @param mccMnc The MCC MNC identifier retrieved from the SIM
-     * @param imsiEncryptionInfo The IMSI encryption info retrieved from the SIM
-     * @param base64EncodingFlag base64 encoding flag
-     * @return "\0" + encryptedIdentity@<NAIRealm> + "{, Key Identifier AVP}"
-     */
-    private static String buildEncryptedIdentityV1_0(TelephonyUtil telephonyUtil, int eapMethod,
-            String imsi, String mccMnc,
-            ImsiEncryptionInfo imsiEncryptionInfo, int base64EncodingFlag) {
-        if (imsiEncryptionInfo == null) {
-            return null;
-        }
-
-        String prefix = EAP_METHOD_PREFIX.get(eapMethod);
-        if (prefix == null) {
-            return null;
-        }
-        imsi = prefix + imsi;
-
-        // Build and return the encrypted identity.
-        String encryptedImsi = telephonyUtil.encryptDataUsingPublicKey(
-                imsiEncryptionInfo.getPublicKey(), imsi.getBytes(), base64EncodingFlag);
-        if (encryptedImsi == null) {
-            Log.e(TAG, "Failed to encrypt IMSI");
-            return null;
-        }
-        String encryptedIdentity = buildIdentity(eapMethod, encryptedImsi, mccMnc, true);
-        if (imsiEncryptionInfo.getKeyIdentifier() != null) {
-            // Include key identifier AVP (Attribute Value Pair).
-            encryptedIdentity = encryptedIdentity + "," + imsiEncryptionInfo.getKeyIdentifier();
-        }
-        return encryptedIdentity;
-    }
-
-    /**
-     * Create the encrypted identity for V1.6.
+     * Create the encrypted identity.
      *
      * Prefix value:
      * "0" - EAP-AKA Identity
      * "1" - EAP-SIM Identity
      * "6" - EAP-AKA' Identity
-     * Encrypted identity format for V1.6: prefix|IMSI@<NAIRealm>
+     * Encrypted identity format: prefix|IMSI@<NAIRealm>
      * @param telephonyUtil      TelephonyUtil instance
      * @param identity           permanent identity with format based on section 4.1.1.6 of RFC 4187
      *                           and 4.2.1.6 of RFC 4186.
      * @param imsiEncryptionInfo The IMSI encryption info retrieved from the SIM
-     * @param base64EncodingFlag base64 encoding flag
      * @return "\0" + encryptedIdentity + "{, Key Identifier AVP}"
      */
-    private static String buildEncryptedIdentityV1_6(TelephonyUtil telephonyUtil, String identity,
-            ImsiEncryptionInfo imsiEncryptionInfo, int base64EncodingFlag) {
+    private static String buildEncryptedIdentity(TelephonyUtil telephonyUtil, String identity,
+            ImsiEncryptionInfo imsiEncryptionInfo) {
         if (imsiEncryptionInfo == null) {
             Log.e(TAG, "imsiEncryptionInfo is not valid");
             return null;
@@ -279,7 +220,7 @@ public class TelephonyUtil {
 
         // Build and return the encrypted identity.
         String encryptedIdentity = telephonyUtil.encryptDataUsingPublicKey(
-                imsiEncryptionInfo.getPublicKey(), identity.getBytes(), base64EncodingFlag);
+                imsiEncryptionInfo.getPublicKey(), identity.getBytes(), Base64.NO_WRAP);
         if (encryptedIdentity == null) {
             Log.e(TAG, "Failed to encrypt IMSI");
             return null;
diff --git a/tests/wifitests/src/com/android/server/wifi/CarrierNetworkConfigTest.java b/tests/wifitests/src/com/android/server/wifi/CarrierNetworkConfigTest.java
index 9ff5be97d..d89358df0 100644
--- a/tests/wifitests/src/com/android/server/wifi/CarrierNetworkConfigTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/CarrierNetworkConfigTest.java
@@ -82,19 +82,14 @@ public class CarrierNetworkConfigTest {
      *
      * @param ssid The SSID of the carrier network
      * @param eapType The EAP type of the carrier network
-     * @param encodingMethod base64 encoding method
-     * @param eapIdentitySequence eap identity sequence
      * @return {@link PersistableBundle} containing carrier config
      */
-    private PersistableBundle generateTestConfig(String ssid, int eapType, int encodingMethod,
-            int eapIdentitySequence) {
+    private PersistableBundle generateTestConfig(String ssid, int eapType) {
         PersistableBundle bundle = new PersistableBundle();
         String networkConfig =
                 new String(Base64.encode(ssid.getBytes(), Base64.DEFAULT)) + "," + eapType;
         bundle.putStringArray(CarrierConfigManager.KEY_CARRIER_WIFI_STRING_ARRAY,
                 new String[]{networkConfig});
-        bundle.putInt(CarrierConfigManager.KEY_IMSI_ENCODING_METHOD_INT, encodingMethod);
-        bundle.putInt(CarrierConfigManager.KEY_EAP_IDENTITY_SEQUENCE_INT, eapIdentitySequence);
         return bundle;
     }
 
@@ -111,9 +106,7 @@ public class CarrierNetworkConfigTest {
         when(mContext.getSystemService(Context.TELEPHONY_SERVICE)).thenReturn(mTelephonyManager);
         when(mTelephonyManager.createForSubscriptionId(anyInt())).thenReturn(mDataTelephonyManager);
         when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID))
-                .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE,
-                        CarrierNetworkConfig.ENCODING_METHOD_RFC_2045,
-                        CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0));
+                .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE));
         when(mSubscriptionManager.getActiveSubscriptionInfoList())
                 .thenReturn(Arrays.asList(new SubscriptionInfo[] {TEST_SUBSCRIPTION_INFO}));
         when(mDataTelephonyManager.getCarrierInfoForImsiEncryption(TelephonyManager.KEY_TYPE_WLAN))
@@ -145,9 +138,6 @@ public class CarrierNetworkConfigTest {
         assertTrue(mCarrierNetworkConfig.isCarrierNetwork(TEST_SSID));
         assertEquals(TEST_INTERNAL_EAP_TYPE, mCarrierNetworkConfig.getNetworkEapType(TEST_SSID));
         assertEquals(TEST_CARRIER_NAME, mCarrierNetworkConfig.getCarrierName(TEST_SSID));
-        assertEquals(Base64.DEFAULT, mCarrierNetworkConfig.getBase64EncodingFlag());
-        assertEquals(CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0,
-                mCarrierNetworkConfig.getEapIdentitySequence());
     }
 
     /**
@@ -157,9 +147,7 @@ public class CarrierNetworkConfigTest {
     @Test
     public void getExistingCarrierNetworkInfo_nullDisplayName_shouldNotThrowNpe() {
         when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID))
-                .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE,
-                        CarrierNetworkConfig.ENCODING_METHOD_RFC_2045,
-                        CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0));
+                .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE));
         SubscriptionInfo testSubscriptionInfoNullDisplayName = new SubscriptionInfo(
                 TEST_SUBSCRIPTION_ID, null, 0, null, null, 0, 0,
                 null, 0, null, "0", "0", null, false, null, null);
@@ -233,9 +221,7 @@ public class CarrierNetworkConfigTest {
         when(mSubscriptionManager.getActiveSubscriptionInfoList())
                 .thenReturn(Arrays.asList(new SubscriptionInfo[] {updatedSubscriptionInfo}));
         when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID))
-                .thenReturn(generateTestConfig(updatedSsid, updatedStandardEapType,
-                        CarrierNetworkConfig.ENCODING_METHOD_RFC_2045,
-                        CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0));
+                .thenReturn(generateTestConfig(updatedSsid, updatedStandardEapType));
         mBroadcastReceiver.onReceive(mContext,
                 new Intent(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED));
 
@@ -243,17 +229,11 @@ public class CarrierNetworkConfigTest {
         assertFalse(mCarrierNetworkConfig.isCarrierNetwork(TEST_SSID));
         assertEquals(-1, mCarrierNetworkConfig.getNetworkEapType(TEST_SSID));
         assertEquals(null, mCarrierNetworkConfig.getCarrierName(TEST_SSID));
-        assertEquals(Base64.DEFAULT, mCarrierNetworkConfig.getBase64EncodingFlag());
-        assertEquals(CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0,
-                mCarrierNetworkConfig.getEapIdentitySequence());
 
         // Verify that updated SSID is associated with a carrier network.
         assertTrue(mCarrierNetworkConfig.isCarrierNetwork(updatedSsid));
         assertEquals(updatedInternalEapType, mCarrierNetworkConfig.getNetworkEapType(updatedSsid));
         assertEquals(updatedCarrierName, mCarrierNetworkConfig.getCarrierName(updatedSsid));
-        assertEquals(Base64.DEFAULT, mCarrierNetworkConfig.getBase64EncodingFlag());
-        assertEquals(CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0,
-                mCarrierNetworkConfig.getEapIdentitySequence());
     }
 
     /**
@@ -285,55 +265,4 @@ public class CarrierNetworkConfigTest {
         mContentObserver.onChange(false);
         assertTrue(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable());
     }
-
-    /**
-     * Verify that base64Encoding type should be {@link Base64#NO_WRAP} when carrier configuration
-     * defines RFC4648 for encoding method.
-     */
-    @Test
-    public void verifyBase64EncodingTypeWithRfc4648() {
-        when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID))
-                .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE,
-                        CarrierNetworkConfig.ENCODING_METHOD_RFC_4648,
-                        CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0));
-        mBroadcastReceiver.onReceive(mContext,
-                new Intent(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED));
-        assertEquals(Base64.NO_WRAP, mCarrierNetworkConfig.getBase64EncodingFlag());
-    }
-
-    /**
-     * Verify that carrier network config is not generated when carrier configuration defines
-     * unsupported encoding method.
-     */
-    @Test
-    public void verifyBase64EncodingTypeWithUnsupportedEncodingMethod() {
-        String ssid = "invalid carrier AP";
-        when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID))
-                .thenReturn(generateTestConfig(ssid, TEST_STANDARD_EAP_TYPE, 123,
-                        CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0));
-        mBroadcastReceiver.onReceive(mContext,
-                new Intent(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED));
-
-        assertFalse(mCarrierNetworkConfig.isCarrierNetwork(ssid));
-        assertEquals(-1, mCarrierNetworkConfig.getNetworkEapType(ssid));
-        assertEquals(null, mCarrierNetworkConfig.getCarrierName(ssid));
-        assertEquals(Base64.DEFAULT, mCarrierNetworkConfig.getBase64EncodingFlag());
-    }
-
-    /**
-     * Verify that anonymous identity should be supported when carrier configuration is configured
-     * to support anonymous followed by encrypted IMSI for eap identity.
-     */
-    @Test
-    public void verifyEapIdentitySequenceWithAnonymous() {
-        when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID))
-                .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE,
-                        CarrierNetworkConfig.ENCODING_METHOD_RFC_2045,
-                        CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0));
-        mBroadcastReceiver.onReceive(mContext,
-                new Intent(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED));
-
-        assertEquals(CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0,
-                mCarrierNetworkConfig.getEapIdentitySequence());
-    }
 }
diff --git a/tests/wifitests/src/com/android/server/wifi/CarrierNetworkEvaluatorTest.java b/tests/wifitests/src/com/android/server/wifi/CarrierNetworkEvaluatorTest.java
index 650b9ee8b..963156dc8 100644
--- a/tests/wifitests/src/com/android/server/wifi/CarrierNetworkEvaluatorTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/CarrierNetworkEvaluatorTest.java
@@ -53,6 +53,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+
 /**
  * Unit tests for CarrierNeteworkEvaluator
  */
@@ -160,8 +161,6 @@ public class CarrierNetworkEvaluatorTest {
         when(mDataTelephonyManager.getSimOperator()).thenReturn(TEST_MCC_MNC);
         when(mDataTelephonyManager.getSimState()).thenReturn(TelephonyManager.SIM_STATE_READY);
         when(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()).thenReturn(true);
-        when(mCarrierNetworkConfig.getEapIdentitySequence()).thenReturn(
-                CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0);
 
         when(mCarrierNetworkConfig.isCarrierNetwork(eq(CARRIER1_SSID.replace("\"", ""))))
                 .thenReturn(true);
@@ -259,7 +258,8 @@ public class CarrierNetworkEvaluatorTest {
         assertTrue(config4.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.WPA_EAP));
 
         assertEquals(config2.configKey(), selected.configKey()); // SSID2 has the highest RSSI
-        assertEquals("", selected.enterpriseConfig.getAnonymousIdentity());
+        assertEquals("anonymous@wlan.mnc456.mcc123.3gppnetwork.org",
+                selected.enterpriseConfig.getAnonymousIdentity());
     }
 
     /**
@@ -398,7 +398,6 @@ public class CarrierNetworkEvaluatorTest {
         int[] levels = {10};
         String expectedAnonymousIdentity = "anonymous@wlan.mnc456.mcc123.3gppnetwork.org";
         when(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()).thenReturn(true);
-        when(mCarrierNetworkConfig.isSupportAnonymousIdentity()).thenReturn(true);
         List<ScanDetail> scanDetails = WifiNetworkSelectorTestUtil.buildScanDetails(ssids, bssids,
                 freqs, caps, levels, mClock);
         WifiConfiguration carrierConfig = configureNewSsid(CARRIER1_NET_ID, scanDetails.get(0),
diff --git a/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java b/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java
index 0fd040c7e..1837acb7d 100644
--- a/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java
@@ -1027,7 +1027,6 @@ public class ClientModeImplTest {
         triggerConnect();
 
         when(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()).thenReturn(true);
-        when(mCarrierNetworkConfig.isSupportAnonymousIdentity()).thenReturn(true);
         when(mWifiConfigManager.getScanDetailCacheForNetwork(FRAMEWORK_NETWORK_ID))
                 .thenReturn(mScanDetailCache);
 
diff --git a/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointNetworkEvaluatorTest.java b/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointNetworkEvaluatorTest.java
index 3048abae0..ef019b416 100644
--- a/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointNetworkEvaluatorTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointNetworkEvaluatorTest.java
@@ -421,7 +421,6 @@ public class PasspointNetworkEvaluatorTest {
         // SIM is present
         when(mSubscriptionManager.getActiveSubscriptionIdList()).thenReturn(new int[1]);
         when(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()).thenReturn(true);
-        when(mCarrierNetworkConfig.isSupportAnonymousIdentity()).thenReturn(true);
         when(mWifiConfigManager.addOrUpdateNetwork(any(WifiConfiguration.class), anyInt()))
                 .thenReturn(new NetworkUpdateResult(TEST_NETWORK_ID));
         when(mWifiConfigManager.getConfiguredNetwork(TEST_NETWORK_ID)).thenReturn(config);
diff --git a/tests/wifitests/src/com/android/server/wifi/util/TelephonyUtilTest.java b/tests/wifitests/src/com/android/server/wifi/util/TelephonyUtilTest.java
index 490cdfef2..531673f0e 100644
--- a/tests/wifitests/src/com/android/server/wifi/util/TelephonyUtilTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/util/TelephonyUtilTest.java
@@ -16,8 +16,6 @@
 
 package com.android.server.wifi.util;
 
-import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0;
-
 import static org.junit.Assert.*;
 import static org.mockito.Mockito.*;
 
@@ -64,9 +62,6 @@ public class TelephonyUtilTest {
     @Before
     public void setUp() throws Exception {
         MockitoAnnotations.initMocks(this);
-        when(mCarrierNetworkConfig.getBase64EncodingFlag()).thenReturn(Base64.DEFAULT);
-        when(mCarrierNetworkConfig.getEapIdentitySequence()).thenReturn(
-                IDENTITY_SEQUENCE_IMSI_V1_0);
         mTelephonyUtil = new TelephonyUtil();
         when(mTelephonyManager.createForSubscriptionId(anyInt())).thenReturn(mDataTelephonyManager);
     }
@@ -133,59 +128,17 @@ public class TelephonyUtilTest {
     }
 
     /**
-     * Verify that an expected identity is returned when using the encrypted identity for V1.0
-     * encoded by RFC4648.
-     */
-    @Test
-    public void getEncryptedIdentity_V_1_0_WithRfc4648() throws Exception {
-        Cipher cipher = mock(Cipher.class);
-        PublicKey key = null;
-        int flag = Base64.NO_WRAP;
-        String imsi = "3214561234567890";
-        String encryptedImsi = Base64.encodeToString(imsi.getBytes(), 0, imsi.getBytes().length,
-                flag);
-        String encryptedIdentity = "\0" + encryptedImsi + "@wlan.mnc456.mcc321.3gppnetwork.org";
-        final Pair<String, String> expectedIdentity = Pair.create(
-                "03214561234567890@wlan.mnc456.mcc321.3gppnetwork.org", encryptedIdentity);
-
-        // static mocking
-        MockitoSession session = ExtendedMockito.mockitoSession().mockStatic(
-                Cipher.class).startMocking();
-        try {
-            when(Cipher.getInstance(anyString())).thenReturn(cipher);
-            when(cipher.doFinal(any(byte[].class))).thenReturn(imsi.getBytes());
-            when(mDataTelephonyManager.getSubscriberId()).thenReturn(imsi);
-            when(mDataTelephonyManager.getSimState()).thenReturn(TelephonyManager.SIM_STATE_READY);
-            when(mDataTelephonyManager.getSimOperator()).thenReturn("321456");
-            ImsiEncryptionInfo info = new ImsiEncryptionInfo("321", "456",
-                    TelephonyManager.KEY_TYPE_WLAN, null, key, null);
-            when(mDataTelephonyManager.getCarrierInfoForImsiEncryption(
-                    eq(TelephonyManager.KEY_TYPE_WLAN)))
-                    .thenReturn(info);
-            when(mCarrierNetworkConfig.getBase64EncodingFlag()).thenReturn(flag);
-
-            assertEquals(expectedIdentity,
-                    TelephonyUtil.getSimIdentity(mTelephonyManager, mTelephonyUtil,
-                            WifiConfigurationTestUtil.createEapNetwork(WifiEnterpriseConfig.Eap.AKA,
-                                    WifiEnterpriseConfig.Phase2.NONE), mCarrierNetworkConfig));
-        } finally {
-            session.finishMocking();
-        }
-    }
-
-    /**
-     * Verify that an expected identity is returned when using the encrypted identity for V1.6
+     * Verify that an expected identity is returned when using the encrypted identity
      * encoded by RFC4648.
      */
     @Test
-    public void getEncryptedIdentity_V_1_6_WithRfc4648() throws Exception {
+    public void getEncryptedIdentity_WithRfc4648() throws Exception {
         Cipher cipher = mock(Cipher.class);
         PublicKey key = null;
-        int flag = Base64.NO_WRAP;
         String imsi = "3214561234567890";
         String permanentIdentity = "03214561234567890@wlan.mnc456.mcc321.3gppnetwork.org";
         String encryptedImsi = Base64.encodeToString(permanentIdentity.getBytes(), 0,
-                permanentIdentity.getBytes().length, flag);
+                permanentIdentity.getBytes().length, Base64.NO_WRAP);
         String encryptedIdentity = "\0" + encryptedImsi;
         final Pair<String, String> expectedIdentity = Pair.create(permanentIdentity,
                 encryptedIdentity);
@@ -204,52 +157,6 @@ public class TelephonyUtilTest {
             when(mDataTelephonyManager.getCarrierInfoForImsiEncryption(
                     eq(TelephonyManager.KEY_TYPE_WLAN)))
                     .thenReturn(info);
-            when(mCarrierNetworkConfig.getBase64EncodingFlag()).thenReturn(flag);
-            when(mCarrierNetworkConfig.getEapIdentitySequence()).thenReturn(
-                    CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6);
-
-            assertEquals(expectedIdentity,
-                    TelephonyUtil.getSimIdentity(mTelephonyManager, mTelephonyUtil,
-                            WifiConfigurationTestUtil.createEapNetwork(WifiEnterpriseConfig.Eap.AKA,
-                                    WifiEnterpriseConfig.Phase2.NONE), mCarrierNetworkConfig));
-        } finally {
-            session.finishMocking();
-        }
-    }
-
-    /**
-     * Verify that an expected identity is returned when using the encrypted IMSI encoded by RFC2045
-     * with key identifier.
-     */
-    @Test
-    public void getEncryptedIdentityKeyIdentifierWithRfc2045() throws Exception {
-        Cipher cipher = mock(Cipher.class);
-        int flag = Base64.DEFAULT;
-        PublicKey key = null;
-        String keyIdentifier = "key=testKey";
-        String imsi = "3214561234567890";
-        String encryptedImsi = Base64.encodeToString(imsi.getBytes(), 0, imsi.getBytes().length,
-                flag);
-        String encryptedIdentity = "\0" + encryptedImsi + "@wlan.mnc456.mcc321.3gppnetwork.org,"
-                + keyIdentifier;
-        final Pair<String, String> expectedIdentity = Pair.create(
-                "03214561234567890@wlan.mnc456.mcc321.3gppnetwork.org", encryptedIdentity);
-
-        // static mocking
-        MockitoSession session = ExtendedMockito.mockitoSession().mockStatic(
-                Cipher.class).startMocking();
-        try {
-            when(Cipher.getInstance(anyString())).thenReturn(cipher);
-            when(cipher.doFinal(any(byte[].class))).thenReturn(imsi.getBytes());
-            when(mDataTelephonyManager.getSubscriberId()).thenReturn(imsi);
-            when(mDataTelephonyManager.getSimState()).thenReturn(TelephonyManager.SIM_STATE_READY);
-            when(mDataTelephonyManager.getSimOperator()).thenReturn("321456");
-            ImsiEncryptionInfo info = new ImsiEncryptionInfo("321", "456",
-                    TelephonyManager.KEY_TYPE_WLAN, keyIdentifier, key, null);
-            when(mDataTelephonyManager.getCarrierInfoForImsiEncryption(
-                    eq(TelephonyManager.KEY_TYPE_WLAN)))
-                    .thenReturn(info);
-            when(mCarrierNetworkConfig.getBase64EncodingFlag()).thenReturn(flag);
 
             assertEquals(expectedIdentity,
                     TelephonyUtil.getSimIdentity(mTelephonyManager, mTelephonyUtil,
@@ -293,30 +200,6 @@ public class TelephonyUtilTest {
         }
     }
 
-    /**
-     * Verify that {@code null} will be returned when IMSI encryption failed because
-     * the sequence of EAP identity is not valid.
-     */
-    @Test
-    public void getEncryptedIdentityFailedWithInvalidEapIdentitySequence() throws Exception {
-        final Pair<String, String> expectedIdentity = Pair.create(
-                "03214561234567890@wlan.mnc456.mcc321.3gppnetwork.org", "");
-
-        when(mDataTelephonyManager.getSubscriberId()).thenReturn("3214561234567890");
-        when(mDataTelephonyManager.getSimState()).thenReturn(TelephonyManager.SIM_STATE_READY);
-        when(mDataTelephonyManager.getSimOperator()).thenReturn("321456");
-        ImsiEncryptionInfo info = new ImsiEncryptionInfo("321", "456",
-                TelephonyManager.KEY_TYPE_WLAN, null, (PublicKey) null, null);
-        when(mDataTelephonyManager.getCarrierInfoForImsiEncryption(
-                eq(TelephonyManager.KEY_TYPE_WLAN)))
-                .thenReturn(info);
-        when(mCarrierNetworkConfig.getEapIdentitySequence()).thenReturn(-1);
-
-        assertNull(TelephonyUtil.getSimIdentity(mTelephonyManager, mTelephonyUtil,
-                WifiConfigurationTestUtil.createEapNetwork(WifiEnterpriseConfig.Eap.AKA,
-                        WifiEnterpriseConfig.Phase2.NONE), mCarrierNetworkConfig));
-    }
-
     @Test
     public void getSimIdentity2DigitMnc() {
         final Pair<String, String> expectedIdentity = Pair.create(
author	Etan Cohen <etancohen@google.com>	2019-05-22 14:57:17 -0700
committer	David Su <dysu@google.com>	2019-05-24 18:36:17 -0700
commit	8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b (patch)
tree	fc28de5ed681b2efc9d680c6633d79df0248989f
parent	080083b69d931a22bba4d26c85c05cab22e8d71a (diff)
download	android_frameworks_opt_net_wifi-8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b.tar.gz android_frameworks_opt_net_wifi-8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b.tar.bz2 android_frameworks_opt_net_wifi-8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b.zip