diff options
author | Meng Wang <mewan@google.com> | 2021-02-17 12:04:07 -0800 |
---|---|---|
committer | Meng Wang <mewan@google.com> | 2021-02-18 12:48:48 -0800 |
commit | 1e4ed2d9605b3b3e77f3bc140e13c1f24f8654de (patch) | |
tree | ecb1acd7c230cbc8a29fd9861c05c034b5675547 /java/com/android | |
parent | b7c355416b105a93ee6b7f0f1ae83248184b08cb (diff) | |
download | service_entitlement-1e4ed2d9605b3b3e77f3bc140e13c1f24f8654de.tar.gz |
Expose EapAkaHelper
Some utility methods used in EAP-AKA authentication as an implementation
details could be helpful to other apps. Expose them in new class to
avoid directly exposing implementation details.
Bug: 178431041
Test: atest
Change-Id: I3227276cd3f02a167ee278d042febf7438186b95
Diffstat (limited to 'java/com/android')
3 files changed, 87 insertions, 2 deletions
diff --git a/java/com/android/libraries/entitlement/EapAkaHelper.java b/java/com/android/libraries/entitlement/EapAkaHelper.java new file mode 100644 index 0000000..86e3149 --- /dev/null +++ b/java/com/android/libraries/entitlement/EapAkaHelper.java @@ -0,0 +1,85 @@ +/* + * Copyright (C) 2021 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.libraries.entitlement; + +import android.content.Context; +import android.telephony.TelephonyManager; + +import androidx.annotation.Nullable; + +import com.android.libraries.entitlement.eapaka.EapAkaApi; +import com.android.libraries.entitlement.eapaka.EapAkaResponse; + +/** + * Some utility methods used in EAP-AKA authentication in service entitlement, and could be + * helpful to other apps. + */ +public class EapAkaHelper { + private final Context mContext; + private final int mSimSubscriptionId; + + EapAkaHelper(Context context, int simSubscriptionId) { + mContext = context; + mSimSubscriptionId = simSubscriptionId; + } + + /** + * Factory method. + * + * @param context context of application + * @param simSubscriptionId the subscroption ID of the carrier's SIM on device. This indicates + * which SIM to retrieve IMEI/IMSI from and perform EAP-AKA + * authentication with. See + * {@link android.telephony.SubscriptionManager} + * for how to get the subscroption ID. + */ + public static EapAkaHelper getInstance(Context context, int simSubscriptionId) { + return new EapAkaHelper(context, simSubscriptionId); + } + + /** + * Returns the root NAI for EAP-AKA authentication as per 3GPP TS 23.003 19.3.2, or + * {@code null} if failed. The result will be in the form: + * + * <p>{@code 0<IMSI>@nai.epc.mnc<MNC>.mcc<MCC>.3gppnetwork.org} + */ + @Nullable + public String getEapAkaRootNai() { + TelephonyManager telephonyManager = + mContext.getSystemService(TelephonyManager.class) + .createForSubscriptionId(mSimSubscriptionId); + return EapAkaApi.getImsiEap( + telephonyManager.getSimOperator(), telephonyManager.getSubscriberId()); + } + + /** + * Returns the EAP-AKA challenge response to the given EAP-AKA {@code challenge}, or + * {@code null} if failed. + * + * <p>Both the challange and response are base-64 encoded EAP-AKA message: refer to + * RFC 4187 Section 8.1 Message Format/RFC 3748 Session 4 EAP Packet Format. + */ + @Nullable + public String getEapAkaChallengeResponse(String challenge) { + try { + return new EapAkaResponse(challenge) + .getEapAkaChallengeResponse(mContext, mSimSubscriptionId); + } catch (ServiceEntitlementException e) { + return null; + } + } +} diff --git a/java/com/android/libraries/entitlement/eapaka/EapAkaApi.java b/java/com/android/libraries/entitlement/eapaka/EapAkaApi.java index 4ad0332..42cdfd3 100644 --- a/java/com/android/libraries/entitlement/eapaka/EapAkaApi.java +++ b/java/com/android/libraries/entitlement/eapaka/EapAkaApi.java @@ -253,7 +253,7 @@ public class EapAkaApi { * <p>{@code 0<IMSI>@nai.epc.mnc<MNC>.mcc<MCC>.3gppnetwork.org} */ @Nullable - static String getImsiEap(@Nullable String mccmnc, @Nullable String imsi) { + public static String getImsiEap(@Nullable String mccmnc, @Nullable String imsi) { if (mccmnc == null || mccmnc.length() < 5 || imsi == null) { return null; } diff --git a/java/com/android/libraries/entitlement/eapaka/EapAkaResponse.java b/java/com/android/libraries/entitlement/eapaka/EapAkaResponse.java index 617c181..81b8046 100644 --- a/java/com/android/libraries/entitlement/eapaka/EapAkaResponse.java +++ b/java/com/android/libraries/entitlement/eapaka/EapAkaResponse.java @@ -40,7 +40,7 @@ import javax.crypto.spec.SecretKeySpec; * Generate the response of EAP-AKA token challenge. Refer to RFC 4187 Section 8.1 Message * Format/RFC 3748 Session 4 EAP Packet Format. */ -class EapAkaResponse { +public class EapAkaResponse { private static final String TAG = "ServiceEntitlement"; private static final int EAP_AKA_HEADER_LENGTH = 8; |