diff options
Diffstat (limited to 'service/java/com/android/server/wifi/util/TelephonyUtil.java')
| -rw-r--r-- | service/java/com/android/server/wifi/util/TelephonyUtil.java | 83 |
1 files changed, 16 insertions, 67 deletions
diff --git a/service/java/com/android/server/wifi/util/TelephonyUtil.java b/service/java/com/android/server/wifi/util/TelephonyUtil.java index 1d19c9f5e..4af40ddf2 100644 --- a/service/java/com/android/server/wifi/util/TelephonyUtil.java +++ b/service/java/com/android/server/wifi/util/TelephonyUtil.java @@ -16,10 +16,6 @@ package com.android.server.wifi.util; -import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0; -import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6; -import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0; - import android.annotation.NonNull; import android.net.wifi.WifiConfiguration; import android.net.wifi.WifiEnterpriseConfig; @@ -130,23 +126,12 @@ public class TelephonyUtil { return Pair.create(identity, ""); } - int base64EncodingFlag = carrierNetworkConfig.getBase64EncodingFlag(); - - String encryptedIdentity = null; - int eapSequence = carrierNetworkConfig.getEapIdentitySequence(); - if (eapSequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6) { - encryptedIdentity = buildEncryptedIdentityV1_6(telephonyUtil, identity, - imsiEncryptionInfo, base64EncodingFlag); - } else if (eapSequence == IDENTITY_SEQUENCE_IMSI_V1_0 - || eapSequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0) { - encryptedIdentity = buildEncryptedIdentityV1_0(telephonyUtil, - getSimMethodForConfig(config), imsi, mccMnc, imsiEncryptionInfo, - base64EncodingFlag); - } + String encryptedIdentity = buildEncryptedIdentity(telephonyUtil, identity, + imsiEncryptionInfo); // In case of failure for encryption, abort current EAP authentication. if (encryptedIdentity == null) { - Log.e(TAG, "failed to encrypt the identity, eapIdentitySequence: " + eapSequence); + Log.e(TAG, "failed to encrypt the identity"); return null; } return Pair.create(identity, encryptedIdentity); @@ -209,65 +194,21 @@ public class TelephonyUtil { } /** - * Create the encrypted identity for V1.0. + * Create the encrypted identity. * * Prefix value: * "0" - EAP-AKA Identity * "1" - EAP-SIM Identity * "6" - EAP-AKA' Identity - * Encrypted Identity format for V1.0: prefix|IMSI - * @param eapMethod EAP authentication method: EAP-SIM, EAP-AKA, EAP-AKA' - * @param imsi The IMSI retrieved from the SIM - * @param mccMnc The MCC MNC identifier retrieved from the SIM - * @param imsiEncryptionInfo The IMSI encryption info retrieved from the SIM - * @param base64EncodingFlag base64 encoding flag - * @return "\0" + encryptedIdentity@<NAIRealm> + "{, Key Identifier AVP}" - */ - private static String buildEncryptedIdentityV1_0(TelephonyUtil telephonyUtil, int eapMethod, - String imsi, String mccMnc, - ImsiEncryptionInfo imsiEncryptionInfo, int base64EncodingFlag) { - if (imsiEncryptionInfo == null) { - return null; - } - - String prefix = EAP_METHOD_PREFIX.get(eapMethod); - if (prefix == null) { - return null; - } - imsi = prefix + imsi; - - // Build and return the encrypted identity. - String encryptedImsi = telephonyUtil.encryptDataUsingPublicKey( - imsiEncryptionInfo.getPublicKey(), imsi.getBytes(), base64EncodingFlag); - if (encryptedImsi == null) { - Log.e(TAG, "Failed to encrypt IMSI"); - return null; - } - String encryptedIdentity = buildIdentity(eapMethod, encryptedImsi, mccMnc, true); - if (imsiEncryptionInfo.getKeyIdentifier() != null) { - // Include key identifier AVP (Attribute Value Pair). - encryptedIdentity = encryptedIdentity + "," + imsiEncryptionInfo.getKeyIdentifier(); - } - return encryptedIdentity; - } - - /** - * Create the encrypted identity for V1.6. - * - * Prefix value: - * "0" - EAP-AKA Identity - * "1" - EAP-SIM Identity - * "6" - EAP-AKA' Identity - * Encrypted identity format for V1.6: prefix|IMSI@<NAIRealm> + * Encrypted identity format: prefix|IMSI@<NAIRealm> * @param telephonyUtil TelephonyUtil instance * @param identity permanent identity with format based on section 4.1.1.6 of RFC 4187 * and 4.2.1.6 of RFC 4186. * @param imsiEncryptionInfo The IMSI encryption info retrieved from the SIM - * @param base64EncodingFlag base64 encoding flag * @return "\0" + encryptedIdentity + "{, Key Identifier AVP}" */ - private static String buildEncryptedIdentityV1_6(TelephonyUtil telephonyUtil, String identity, - ImsiEncryptionInfo imsiEncryptionInfo, int base64EncodingFlag) { + private static String buildEncryptedIdentity(TelephonyUtil telephonyUtil, String identity, + ImsiEncryptionInfo imsiEncryptionInfo) { if (imsiEncryptionInfo == null) { Log.e(TAG, "imsiEncryptionInfo is not valid"); return null; @@ -279,7 +220,7 @@ public class TelephonyUtil { // Build and return the encrypted identity. String encryptedIdentity = telephonyUtil.encryptDataUsingPublicKey( - imsiEncryptionInfo.getPublicKey(), identity.getBytes(), base64EncodingFlag); + imsiEncryptionInfo.getPublicKey(), identity.getBytes(), Base64.NO_WRAP); if (encryptedIdentity == null) { Log.e(TAG, "Failed to encrypt IMSI"); return null; @@ -392,6 +333,14 @@ public class TelephonyUtil { } /** + * Returns true if {@code identity} contains an anonymous@realm identity, false otherwise. + */ + public static boolean isAnonymousAtRealmIdentity(String identity) { + if (identity == null) return false; + return identity.startsWith(TelephonyUtil.ANONYMOUS_IDENTITY + "@"); + } + + /** * Checks if the EAP outer method is SIM related. * * @param eapMethod WifiEnterpriseConfig Eap method. |