From 9b3163d05bae0168bdcbddf7fe20a172a9405ede Mon Sep 17 00:00:00 2001 From: Meng Wang Date: Wed, 19 May 2021 16:48:20 -0700 Subject: Support Synchronization-Failure handling Bug: 188614002 Test: atest Change-Id: Idd8d76d9b1ced3959a08554bd0c09f10420dd9b6 --- .../libraries/entitlement/EapAkaHelper.java | 63 ++++++++++++++++++++-- 1 file changed, 58 insertions(+), 5 deletions(-) (limited to 'java/com/android') diff --git a/java/com/android/libraries/entitlement/EapAkaHelper.java b/java/com/android/libraries/entitlement/EapAkaHelper.java index 05c3964..3db48e1 100644 --- a/java/com/android/libraries/entitlement/EapAkaHelper.java +++ b/java/com/android/libraries/entitlement/EapAkaHelper.java @@ -16,6 +16,8 @@ package com.android.libraries.entitlement; +import static com.android.libraries.entitlement.eapaka.EapAkaResponse.respondToEapAkaChallenge; + import android.content.Context; import android.telephony.TelephonyManager; @@ -23,7 +25,6 @@ import androidx.annotation.Nullable; import com.android.libraries.entitlement.eapaka.EapAkaApi; import com.android.libraries.entitlement.eapaka.EapAkaChallenge; -import com.android.libraries.entitlement.eapaka.EapAkaResponse; /** * Some utility methods used in EAP-AKA authentication in service entitlement, and could be @@ -73,17 +74,69 @@ public class EapAkaHelper { * *

Both the challange and response are base-64 encoded EAP-AKA message: refer to * RFC 4187 Section 8.1 Message Format/RFC 3748 Session 4 EAP Packet Format. + * + * @deprecated use {@link getEapAkaResponse(String)} which additionally supports + * Synchronization-Failure case. */ + @Deprecated @Nullable public String getEapAkaChallengeResponse(String challenge) { + EapAkaResponse eapAkaResponse = getEapAkaResponse(challenge); + return (eapAkaResponse == null) + ? null + : eapAkaResponse.response(); // Would be null on synchrinization failure + } + + /** + * Returns the {@link EapAkaResponse} to the given EAP-AKA {@code challenge}, or + * {@code null} if failed. + * + *

Both the challange and response are base-64 encoded EAP-AKA message: refer to + * RFC 4187 Section 8.1 Message Format/RFC 3748 Session 4 EAP Packet Format. + */ + @Nullable + public EapAkaResponse getEapAkaResponse(String challenge) { try { EapAkaChallenge eapAkaChallenge = EapAkaChallenge.parseEapAkaChallenge(challenge); - EapAkaResponse response = - EapAkaResponse.respondToEapAkaChallenge( - mContext, mSimSubscriptionId, eapAkaChallenge); - return response.response(); // Would be null on synchrinization failure + com.android.libraries.entitlement.eapaka.EapAkaResponse eapAkaResponse = + respondToEapAkaChallenge(mContext, mSimSubscriptionId, eapAkaChallenge); + return new EapAkaResponse( + eapAkaResponse.response(), eapAkaResponse.synchronizationFailureResponse()); } catch (ServiceEntitlementException e) { return null; } } + + // Similar to .eapaka.EapAkaResponse but with simplfied API surface for external usage. + /** EAP-AKA response */ + public static class EapAkaResponse { + // RFC 4187 Section 9.4 EAP-Response/AKA-Challenge + @Nullable private final String mResponse; + // RFC 4187 Section 9.6 EAP-Response/AKA-Synchronization-Failure + @Nullable private final String mSynchronizationFailureResponse; + + private EapAkaResponse( + @Nullable String response, @Nullable String synchronizationFailureResponse) { + mResponse = response; + mSynchronizationFailureResponse = synchronizationFailureResponse; + } + + /** + * Returns EAP-Response/AKA-Challenge, if authentication success. + * Otherwise {@code null}. + */ + @Nullable + public String response() { + return mResponse; + } + + /** + * Returns EAP-Response/AKA-Synchronization-Failure, if synchronization failure detected. + * Otherwise {@code null}. + */ + @Nullable + public String synchronizationFailureResponse() { + return mSynchronizationFailureResponse; + } + } } -- cgit v1.2.3