diff options
| author | Etan Cohen <etancohen@google.com> | 2019-05-30 10:59:49 -0700 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2019-05-30 10:59:49 -0700 |
| commit | 7a8ed9a4c2760316e4b6f546b35b5df778dcaa5d (patch) | |
| tree | a64e8b898437d952a80052bf1cd1656d3163c37a | |
| parent | 8806d34f90448277156f4907cabdc7596eb93bfa (diff) | |
| parent | 8fcc04c02b7dec0f6fa806944a21ed7a2074ca2b (diff) | |
Modify Encrypted IMSI, remove deprecated protocols
am: 8fcc04c02b
Change-Id: Icafd8a7c14906fb82a611e79e1905353c559d50e
10 files changed, 26 insertions, 353 deletions
diff --git a/service/java/com/android/server/wifi/CarrierNetworkConfig.java b/service/java/com/android/server/wifi/CarrierNetworkConfig.java index 20aac5bc1..4c92d6b39 100644 --- a/service/java/com/android/server/wifi/CarrierNetworkConfig.java +++ b/service/java/com/android/server/wifi/CarrierNetworkConfig.java @@ -60,31 +60,8 @@ public class CarrierNetworkConfig { private final Map<String, NetworkInfo> mCarrierNetworkMap; private boolean mIsCarrierImsiEncryptionInfoAvailable = false; - private int mBase64EncodingMethod = Base64.DEFAULT; - private int mEapIdentitySequence = IDENTITY_SEQUENCE_IMSI_V1_0; private ImsiEncryptionInfo mLastImsiEncryptionInfo = null; // used for dumpsys only - // RFC2045: adds Line Feed at each 76 chars and encode it. - public static final int ENCODING_METHOD_RFC_2045 = 2045; - - // RFC4648: encodes whole data into one string. - public static final int ENCODING_METHOD_RFC_4648 = 4648; - - // Send encrypted IMSI with the format of V1.0 - // V1.0 format: "\0"|<encrypted IMSI>|@NAIRealm - // <encrypted IMSI>: Base64{RSA Public Key Encryption{<permanent ID>}} - // <permanent ID>: One char ("0" for AKA, "1" for SIM, "6" for AKA')|IMSI - public static final int IDENTITY_SEQUENCE_IMSI_V1_0 = 1; - - // Send anonymous identity and encrypted IMSI identity with the format of V1.0 - public static final int IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0 = 2; - - // Send anonymous identity and encrypted IMSI identity with the format of V1.6 - // V1.6 format: "\0"|<encrypted identity> - // <encrypted identity>: Base64{RSA Public Key Encryption{<permanent ID>}}. - // <permanent ID>: One char ("0" for AKA, "1" for SIM, "6" for AKA')|IMSI|@NAIRealm - public static final int IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6 = 3; - /** * Enable/disable verbose logging. */ @@ -142,29 +119,6 @@ public class CarrierNetworkConfig { } /** - * @return the base64 encoding flag for current carrier. - */ - public int getBase64EncodingFlag() { - return mBase64EncodingMethod; - } - - /** - * @return the sequence of sending EAP-IDENTITY during EAP SIM/AKA authentication. - */ - public int getEapIdentitySequence() { - return mEapIdentitySequence; - } - - /** - * @return {@code true} if current carrier wifi network supports anonymous identity, {@code - * false} otherwise. - */ - public boolean isSupportAnonymousIdentity() { - return mEapIdentitySequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0 - || mEapIdentitySequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6; - } - - /** * @return True if carrier IMSI encryption info is available, False otherwise. */ public boolean isCarrierEncryptionInfoAvailable() { @@ -281,27 +235,6 @@ public class CarrierNetworkConfig { return; } - int encodeMethod = carrierConfig.getInt( - CarrierConfigManager.KEY_IMSI_ENCODING_METHOD_INT, ENCODING_METHOD_RFC_2045); - if (encodeMethod != ENCODING_METHOD_RFC_2045 && encodeMethod != ENCODING_METHOD_RFC_4648) { - Log.e(TAG, "Invalid encoding method type: " + encodeMethod); - return; - } - mBase64EncodingMethod = Base64.DEFAULT; - if (encodeMethod == ENCODING_METHOD_RFC_4648) { - mBase64EncodingMethod = Base64.NO_WRAP; - } - - int sequence = carrierConfig.getInt(CarrierConfigManager.KEY_EAP_IDENTITY_SEQUENCE_INT, - IDENTITY_SEQUENCE_IMSI_V1_0); - if (sequence != IDENTITY_SEQUENCE_IMSI_V1_0 - && sequence != IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0 - && sequence != IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6) { - Log.e(TAG, "Invalid eap identity sequence: " + sequence); - return; - } - mEapIdentitySequence = sequence; - for (String networkConfig : networkConfigs) { String[] configArr = networkConfig.split(NETWORK_CONFIG_SEPARATOR); if (configArr.length != CONFIG_ELEMENT_SIZE) { @@ -311,7 +244,7 @@ public class CarrierNetworkConfig { try { String ssid = new String(Base64.decode( - configArr[ENCODED_SSID_INDEX], mBase64EncodingMethod)); + configArr[ENCODED_SSID_INDEX], Base64.NO_WRAP)); int eapType = parseEapType(Integer.parseInt(configArr[EAP_TYPE_INDEX])); // Verify EAP type, must be a SIM based EAP type. @@ -355,8 +288,6 @@ public class CarrierNetworkConfig { pw.println("mCarrierNetworkMap=" + mCarrierNetworkMap); pw.println("mIsCarrierImsiEncryptionInfoAvailable=" + mIsCarrierImsiEncryptionInfoAvailable); - pw.println("mBase64EncodingMethod=" + mBase64EncodingMethod); - pw.println("mEapIdentitySequence=" + mEapIdentitySequence); pw.println("mLastImsiEncryptionInfo=" + mLastImsiEncryptionInfo); } } diff --git a/service/java/com/android/server/wifi/CarrierNetworkEvaluator.java b/service/java/com/android/server/wifi/CarrierNetworkEvaluator.java index 3b19eaff8..f042e796c 100644 --- a/service/java/com/android/server/wifi/CarrierNetworkEvaluator.java +++ b/service/java/com/android/server/wifi/CarrierNetworkEvaluator.java @@ -159,12 +159,9 @@ public class CarrierNetworkEvaluator implements NetworkEvaluator { if (config != null) { nss = config.getNetworkSelectionStatus(); - // In case of a carrier supporting anonymous identity, we need - // to send anonymous@realm as EAP-IDENTITY response. - if (mCarrierNetworkConfig.isSupportAnonymousIdentity()) { - config.enterpriseConfig.setAnonymousIdentity( - TelephonyUtil.getAnonymousIdentityWith3GppRealm(getTelephonyManager())); - } + // Send anonymous@realm as EAP-IDENTITY response. + config.enterpriseConfig.setAnonymousIdentity( + TelephonyUtil.getAnonymousIdentityWith3GppRealm(getTelephonyManager())); } if (nss == null) { mLocalLog.log(TAG + ": null network selection status for: " + config); diff --git a/service/java/com/android/server/wifi/ClientModeImpl.java b/service/java/com/android/server/wifi/ClientModeImpl.java index 4adf27ff0..2b39ea164 100644 --- a/service/java/com/android/server/wifi/ClientModeImpl.java +++ b/service/java/com/android/server/wifi/ClientModeImpl.java @@ -4441,11 +4441,8 @@ public class ClientModeImpl extends StateMachine { } else { CarrierNetworkConfig carrierNetworkConfig = mWifiInjector.getCarrierNetworkConfig(); - if (carrierNetworkConfig.isCarrierEncryptionInfoAvailable() - && carrierNetworkConfig.isSupportAnonymousIdentity()) { - // In case of a carrier supporting encrypted IMSI and - // anonymous identity, we need to send anonymous@realm as - // EAP-IDENTITY response. + if (carrierNetworkConfig.isCarrierEncryptionInfoAvailable()) { + // Send anonymous@realm as EAP-IDENTITY response. config.enterpriseConfig.setAnonymousIdentity( TelephonyUtil.getAnonymousIdentityWith3GppRealm( getTelephonyManager())); diff --git a/service/java/com/android/server/wifi/hotspot2/PasspointNetworkEvaluator.java b/service/java/com/android/server/wifi/hotspot2/PasspointNetworkEvaluator.java index 5629ec573..a2838b5fd 100644 --- a/service/java/com/android/server/wifi/hotspot2/PasspointNetworkEvaluator.java +++ b/service/java/com/android/server/wifi/hotspot2/PasspointNetworkEvaluator.java @@ -222,10 +222,8 @@ public class PasspointNetworkEvaluator implements WifiNetworkSelector.NetworkEva private WifiConfiguration createWifiConfigForProvider(PasspointNetworkCandidate networkInfo) { WifiConfiguration config = networkInfo.mProvider.getWifiConfig(); if (TelephonyUtil.isSimEapMethod(config.enterpriseConfig.getEapMethod()) - && mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable() - && mCarrierNetworkConfig.isSupportAnonymousIdentity()) { - // In case of a carrier supporting encrypted IMSI and anonymous identity, we need - // to send anonymous@realm as EAP-IDENTITY response. + && mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()) { + // Send anonymous@realm as EAP-IDENTITY response. config.enterpriseConfig.setAnonymousIdentity( TelephonyUtil.getAnonymousIdentityWith3GppRealm( getTelephonyManager())); diff --git a/service/java/com/android/server/wifi/util/TelephonyUtil.java b/service/java/com/android/server/wifi/util/TelephonyUtil.java index 1d19c9f5e..16d75e38f 100644 --- a/service/java/com/android/server/wifi/util/TelephonyUtil.java +++ b/service/java/com/android/server/wifi/util/TelephonyUtil.java @@ -16,10 +16,6 @@ package com.android.server.wifi.util; -import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0; -import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6; -import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0; - import android.annotation.NonNull; import android.net.wifi.WifiConfiguration; import android.net.wifi.WifiEnterpriseConfig; @@ -130,23 +126,12 @@ public class TelephonyUtil { return Pair.create(identity, ""); } - int base64EncodingFlag = carrierNetworkConfig.getBase64EncodingFlag(); - - String encryptedIdentity = null; - int eapSequence = carrierNetworkConfig.getEapIdentitySequence(); - if (eapSequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6) { - encryptedIdentity = buildEncryptedIdentityV1_6(telephonyUtil, identity, - imsiEncryptionInfo, base64EncodingFlag); - } else if (eapSequence == IDENTITY_SEQUENCE_IMSI_V1_0 - || eapSequence == IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0) { - encryptedIdentity = buildEncryptedIdentityV1_0(telephonyUtil, - getSimMethodForConfig(config), imsi, mccMnc, imsiEncryptionInfo, - base64EncodingFlag); - } + String encryptedIdentity = buildEncryptedIdentity(telephonyUtil, identity, + imsiEncryptionInfo); // In case of failure for encryption, abort current EAP authentication. if (encryptedIdentity == null) { - Log.e(TAG, "failed to encrypt the identity, eapIdentitySequence: " + eapSequence); + Log.e(TAG, "failed to encrypt the identity"); return null; } return Pair.create(identity, encryptedIdentity); @@ -209,65 +194,21 @@ public class TelephonyUtil { } /** - * Create the encrypted identity for V1.0. - * - * Prefix value: - * "0" - EAP-AKA Identity - * "1" - EAP-SIM Identity - * "6" - EAP-AKA' Identity - * Encrypted Identity format for V1.0: prefix|IMSI - * @param eapMethod EAP authentication method: EAP-SIM, EAP-AKA, EAP-AKA' - * @param imsi The IMSI retrieved from the SIM - * @param mccMnc The MCC MNC identifier retrieved from the SIM - * @param imsiEncryptionInfo The IMSI encryption info retrieved from the SIM - * @param base64EncodingFlag base64 encoding flag - * @return "\0" + encryptedIdentity@<NAIRealm> + "{, Key Identifier AVP}" - */ - private static String buildEncryptedIdentityV1_0(TelephonyUtil telephonyUtil, int eapMethod, - String imsi, String mccMnc, - ImsiEncryptionInfo imsiEncryptionInfo, int base64EncodingFlag) { - if (imsiEncryptionInfo == null) { - return null; - } - - String prefix = EAP_METHOD_PREFIX.get(eapMethod); - if (prefix == null) { - return null; - } - imsi = prefix + imsi; - - // Build and return the encrypted identity. - String encryptedImsi = telephonyUtil.encryptDataUsingPublicKey( - imsiEncryptionInfo.getPublicKey(), imsi.getBytes(), base64EncodingFlag); - if (encryptedImsi == null) { - Log.e(TAG, "Failed to encrypt IMSI"); - return null; - } - String encryptedIdentity = buildIdentity(eapMethod, encryptedImsi, mccMnc, true); - if (imsiEncryptionInfo.getKeyIdentifier() != null) { - // Include key identifier AVP (Attribute Value Pair). - encryptedIdentity = encryptedIdentity + "," + imsiEncryptionInfo.getKeyIdentifier(); - } - return encryptedIdentity; - } - - /** - * Create the encrypted identity for V1.6. + * Create the encrypted identity. * * Prefix value: * "0" - EAP-AKA Identity * "1" - EAP-SIM Identity * "6" - EAP-AKA' Identity - * Encrypted identity format for V1.6: prefix|IMSI@<NAIRealm> + * Encrypted identity format: prefix|IMSI@<NAIRealm> * @param telephonyUtil TelephonyUtil instance * @param identity permanent identity with format based on section 4.1.1.6 of RFC 4187 * and 4.2.1.6 of RFC 4186. * @param imsiEncryptionInfo The IMSI encryption info retrieved from the SIM - * @param base64EncodingFlag base64 encoding flag * @return "\0" + encryptedIdentity + "{, Key Identifier AVP}" */ - private static String buildEncryptedIdentityV1_6(TelephonyUtil telephonyUtil, String identity, - ImsiEncryptionInfo imsiEncryptionInfo, int base64EncodingFlag) { + private static String buildEncryptedIdentity(TelephonyUtil telephonyUtil, String identity, + ImsiEncryptionInfo imsiEncryptionInfo) { if (imsiEncryptionInfo == null) { Log.e(TAG, "imsiEncryptionInfo is not valid"); return null; @@ -279,7 +220,7 @@ public class TelephonyUtil { // Build and return the encrypted identity. String encryptedIdentity = telephonyUtil.encryptDataUsingPublicKey( - imsiEncryptionInfo.getPublicKey(), identity.getBytes(), base64EncodingFlag); + imsiEncryptionInfo.getPublicKey(), identity.getBytes(), Base64.NO_WRAP); if (encryptedIdentity == null) { Log.e(TAG, "Failed to encrypt IMSI"); return null; diff --git a/tests/wifitests/src/com/android/server/wifi/CarrierNetworkConfigTest.java b/tests/wifitests/src/com/android/server/wifi/CarrierNetworkConfigTest.java index 9ff5be97d..d89358df0 100644 --- a/tests/wifitests/src/com/android/server/wifi/CarrierNetworkConfigTest.java +++ b/tests/wifitests/src/com/android/server/wifi/CarrierNetworkConfigTest.java @@ -82,19 +82,14 @@ public class CarrierNetworkConfigTest { * * @param ssid The SSID of the carrier network * @param eapType The EAP type of the carrier network - * @param encodingMethod base64 encoding method - * @param eapIdentitySequence eap identity sequence * @return {@link PersistableBundle} containing carrier config */ - private PersistableBundle generateTestConfig(String ssid, int eapType, int encodingMethod, - int eapIdentitySequence) { + private PersistableBundle generateTestConfig(String ssid, int eapType) { PersistableBundle bundle = new PersistableBundle(); String networkConfig = new String(Base64.encode(ssid.getBytes(), Base64.DEFAULT)) + "," + eapType; bundle.putStringArray(CarrierConfigManager.KEY_CARRIER_WIFI_STRING_ARRAY, new String[]{networkConfig}); - bundle.putInt(CarrierConfigManager.KEY_IMSI_ENCODING_METHOD_INT, encodingMethod); - bundle.putInt(CarrierConfigManager.KEY_EAP_IDENTITY_SEQUENCE_INT, eapIdentitySequence); return bundle; } @@ -111,9 +106,7 @@ public class CarrierNetworkConfigTest { when(mContext.getSystemService(Context.TELEPHONY_SERVICE)).thenReturn(mTelephonyManager); when(mTelephonyManager.createForSubscriptionId(anyInt())).thenReturn(mDataTelephonyManager); when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID)) - .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE, - CarrierNetworkConfig.ENCODING_METHOD_RFC_2045, - CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0)); + .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE)); when(mSubscriptionManager.getActiveSubscriptionInfoList()) .thenReturn(Arrays.asList(new SubscriptionInfo[] {TEST_SUBSCRIPTION_INFO})); when(mDataTelephonyManager.getCarrierInfoForImsiEncryption(TelephonyManager.KEY_TYPE_WLAN)) @@ -145,9 +138,6 @@ public class CarrierNetworkConfigTest { assertTrue(mCarrierNetworkConfig.isCarrierNetwork(TEST_SSID)); assertEquals(TEST_INTERNAL_EAP_TYPE, mCarrierNetworkConfig.getNetworkEapType(TEST_SSID)); assertEquals(TEST_CARRIER_NAME, mCarrierNetworkConfig.getCarrierName(TEST_SSID)); - assertEquals(Base64.DEFAULT, mCarrierNetworkConfig.getBase64EncodingFlag()); - assertEquals(CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0, - mCarrierNetworkConfig.getEapIdentitySequence()); } /** @@ -157,9 +147,7 @@ public class CarrierNetworkConfigTest { @Test public void getExistingCarrierNetworkInfo_nullDisplayName_shouldNotThrowNpe() { when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID)) - .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE, - CarrierNetworkConfig.ENCODING_METHOD_RFC_2045, - CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0)); + .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE)); SubscriptionInfo testSubscriptionInfoNullDisplayName = new SubscriptionInfo( TEST_SUBSCRIPTION_ID, null, 0, null, null, 0, 0, null, 0, null, "0", "0", null, false, null, null); @@ -233,9 +221,7 @@ public class CarrierNetworkConfigTest { when(mSubscriptionManager.getActiveSubscriptionInfoList()) .thenReturn(Arrays.asList(new SubscriptionInfo[] {updatedSubscriptionInfo})); when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID)) - .thenReturn(generateTestConfig(updatedSsid, updatedStandardEapType, - CarrierNetworkConfig.ENCODING_METHOD_RFC_2045, - CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0)); + .thenReturn(generateTestConfig(updatedSsid, updatedStandardEapType)); mBroadcastReceiver.onReceive(mContext, new Intent(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED)); @@ -243,17 +229,11 @@ public class CarrierNetworkConfigTest { assertFalse(mCarrierNetworkConfig.isCarrierNetwork(TEST_SSID)); assertEquals(-1, mCarrierNetworkConfig.getNetworkEapType(TEST_SSID)); assertEquals(null, mCarrierNetworkConfig.getCarrierName(TEST_SSID)); - assertEquals(Base64.DEFAULT, mCarrierNetworkConfig.getBase64EncodingFlag()); - assertEquals(CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0, - mCarrierNetworkConfig.getEapIdentitySequence()); // Verify that updated SSID is associated with a carrier network. assertTrue(mCarrierNetworkConfig.isCarrierNetwork(updatedSsid)); assertEquals(updatedInternalEapType, mCarrierNetworkConfig.getNetworkEapType(updatedSsid)); assertEquals(updatedCarrierName, mCarrierNetworkConfig.getCarrierName(updatedSsid)); - assertEquals(Base64.DEFAULT, mCarrierNetworkConfig.getBase64EncodingFlag()); - assertEquals(CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0, - mCarrierNetworkConfig.getEapIdentitySequence()); } /** @@ -285,55 +265,4 @@ public class CarrierNetworkConfigTest { mContentObserver.onChange(false); assertTrue(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()); } - - /** - * Verify that base64Encoding type should be {@link Base64#NO_WRAP} when carrier configuration - * defines RFC4648 for encoding method. - */ - @Test - public void verifyBase64EncodingTypeWithRfc4648() { - when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID)) - .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE, - CarrierNetworkConfig.ENCODING_METHOD_RFC_4648, - CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0)); - mBroadcastReceiver.onReceive(mContext, - new Intent(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED)); - assertEquals(Base64.NO_WRAP, mCarrierNetworkConfig.getBase64EncodingFlag()); - } - - /** - * Verify that carrier network config is not generated when carrier configuration defines - * unsupported encoding method. - */ - @Test - public void verifyBase64EncodingTypeWithUnsupportedEncodingMethod() { - String ssid = "invalid carrier AP"; - when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID)) - .thenReturn(generateTestConfig(ssid, TEST_STANDARD_EAP_TYPE, 123, - CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0)); - mBroadcastReceiver.onReceive(mContext, - new Intent(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED)); - - assertFalse(mCarrierNetworkConfig.isCarrierNetwork(ssid)); - assertEquals(-1, mCarrierNetworkConfig.getNetworkEapType(ssid)); - assertEquals(null, mCarrierNetworkConfig.getCarrierName(ssid)); - assertEquals(Base64.DEFAULT, mCarrierNetworkConfig.getBase64EncodingFlag()); - } - - /** - * Verify that anonymous identity should be supported when carrier configuration is configured - * to support anonymous followed by encrypted IMSI for eap identity. - */ - @Test - public void verifyEapIdentitySequenceWithAnonymous() { - when(mCarrierConfigManager.getConfigForSubId(TEST_SUBSCRIPTION_ID)) - .thenReturn(generateTestConfig(TEST_SSID, TEST_STANDARD_EAP_TYPE, - CarrierNetworkConfig.ENCODING_METHOD_RFC_2045, - CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0)); - mBroadcastReceiver.onReceive(mContext, - new Intent(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED)); - - assertEquals(CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_0, - mCarrierNetworkConfig.getEapIdentitySequence()); - } } diff --git a/tests/wifitests/src/com/android/server/wifi/CarrierNetworkEvaluatorTest.java b/tests/wifitests/src/com/android/server/wifi/CarrierNetworkEvaluatorTest.java index 650b9ee8b..963156dc8 100644 --- a/tests/wifitests/src/com/android/server/wifi/CarrierNetworkEvaluatorTest.java +++ b/tests/wifitests/src/com/android/server/wifi/CarrierNetworkEvaluatorTest.java @@ -53,6 +53,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; + /** * Unit tests for CarrierNeteworkEvaluator */ @@ -160,8 +161,6 @@ public class CarrierNetworkEvaluatorTest { when(mDataTelephonyManager.getSimOperator()).thenReturn(TEST_MCC_MNC); when(mDataTelephonyManager.getSimState()).thenReturn(TelephonyManager.SIM_STATE_READY); when(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()).thenReturn(true); - when(mCarrierNetworkConfig.getEapIdentitySequence()).thenReturn( - CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0); when(mCarrierNetworkConfig.isCarrierNetwork(eq(CARRIER1_SSID.replace("\"", "")))) .thenReturn(true); @@ -259,7 +258,8 @@ public class CarrierNetworkEvaluatorTest { assertTrue(config4.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.WPA_EAP)); assertEquals(config2.configKey(), selected.configKey()); // SSID2 has the highest RSSI - assertEquals("", selected.enterpriseConfig.getAnonymousIdentity()); + assertEquals("anonymous@wlan.mnc456.mcc123.3gppnetwork.org", + selected.enterpriseConfig.getAnonymousIdentity()); } /** @@ -398,7 +398,6 @@ public class CarrierNetworkEvaluatorTest { int[] levels = {10}; String expectedAnonymousIdentity = "anonymous@wlan.mnc456.mcc123.3gppnetwork.org"; when(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()).thenReturn(true); - when(mCarrierNetworkConfig.isSupportAnonymousIdentity()).thenReturn(true); List<ScanDetail> scanDetails = WifiNetworkSelectorTestUtil.buildScanDetails(ssids, bssids, freqs, caps, levels, mClock); WifiConfiguration carrierConfig = configureNewSsid(CARRIER1_NET_ID, scanDetails.get(0), diff --git a/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java b/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java index 0fd040c7e..1837acb7d 100644 --- a/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java +++ b/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java @@ -1027,7 +1027,6 @@ public class ClientModeImplTest { triggerConnect(); when(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()).thenReturn(true); - when(mCarrierNetworkConfig.isSupportAnonymousIdentity()).thenReturn(true); when(mWifiConfigManager.getScanDetailCacheForNetwork(FRAMEWORK_NETWORK_ID)) .thenReturn(mScanDetailCache); diff --git a/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointNetworkEvaluatorTest.java b/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointNetworkEvaluatorTest.java index 3048abae0..ef019b416 100644 --- a/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointNetworkEvaluatorTest.java +++ b/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointNetworkEvaluatorTest.java @@ -421,7 +421,6 @@ public class PasspointNetworkEvaluatorTest { // SIM is present when(mSubscriptionManager.getActiveSubscriptionIdList()).thenReturn(new int[1]); when(mCarrierNetworkConfig.isCarrierEncryptionInfoAvailable()).thenReturn(true); - when(mCarrierNetworkConfig.isSupportAnonymousIdentity()).thenReturn(true); when(mWifiConfigManager.addOrUpdateNetwork(any(WifiConfiguration.class), anyInt())) .thenReturn(new NetworkUpdateResult(TEST_NETWORK_ID)); when(mWifiConfigManager.getConfiguredNetwork(TEST_NETWORK_ID)).thenReturn(config); diff --git a/tests/wifitests/src/com/android/server/wifi/util/TelephonyUtilTest.java b/tests/wifitests/src/com/android/server/wifi/util/TelephonyUtilTest.java index 490cdfef2..531673f0e 100644 --- a/tests/wifitests/src/com/android/server/wifi/util/TelephonyUtilTest.java +++ b/tests/wifitests/src/com/android/server/wifi/util/TelephonyUtilTest.java @@ -16,8 +16,6 @@ package com.android.server.wifi.util; -import static com.android.server.wifi.CarrierNetworkConfig.IDENTITY_SEQUENCE_IMSI_V1_0; - import static org.junit.Assert.*; import static org.mockito.Mockito.*; @@ -64,9 +62,6 @@ public class TelephonyUtilTest { @Before public void setUp() throws Exception { MockitoAnnotations.initMocks(this); - when(mCarrierNetworkConfig.getBase64EncodingFlag()).thenReturn(Base64.DEFAULT); - when(mCarrierNetworkConfig.getEapIdentitySequence()).thenReturn( - IDENTITY_SEQUENCE_IMSI_V1_0); mTelephonyUtil = new TelephonyUtil(); when(mTelephonyManager.createForSubscriptionId(anyInt())).thenReturn(mDataTelephonyManager); } @@ -133,59 +128,17 @@ public class TelephonyUtilTest { } /** - * Verify that an expected identity is returned when using the encrypted identity for V1.0 - * encoded by RFC4648. - */ - @Test - public void getEncryptedIdentity_V_1_0_WithRfc4648() throws Exception { - Cipher cipher = mock(Cipher.class); - PublicKey key = null; - int flag = Base64.NO_WRAP; - String imsi = "3214561234567890"; - String encryptedImsi = Base64.encodeToString(imsi.getBytes(), 0, imsi.getBytes().length, - flag); - String encryptedIdentity = "\0" + encryptedImsi + "@wlan.mnc456.mcc321.3gppnetwork.org"; - final Pair<String, String> expectedIdentity = Pair.create( - "03214561234567890@wlan.mnc456.mcc321.3gppnetwork.org", encryptedIdentity); - - // static mocking - MockitoSession session = ExtendedMockito.mockitoSession().mockStatic( - Cipher.class).startMocking(); - try { - when(Cipher.getInstance(anyString())).thenReturn(cipher); - when(cipher.doFinal(any(byte[].class))).thenReturn(imsi.getBytes()); - when(mDataTelephonyManager.getSubscriberId()).thenReturn(imsi); - when(mDataTelephonyManager.getSimState()).thenReturn(TelephonyManager.SIM_STATE_READY); - when(mDataTelephonyManager.getSimOperator()).thenReturn("321456"); - ImsiEncryptionInfo info = new ImsiEncryptionInfo("321", "456", - TelephonyManager.KEY_TYPE_WLAN, null, key, null); - when(mDataTelephonyManager.getCarrierInfoForImsiEncryption( - eq(TelephonyManager.KEY_TYPE_WLAN))) - .thenReturn(info); - when(mCarrierNetworkConfig.getBase64EncodingFlag()).thenReturn(flag); - - assertEquals(expectedIdentity, - TelephonyUtil.getSimIdentity(mTelephonyManager, mTelephonyUtil, - WifiConfigurationTestUtil.createEapNetwork(WifiEnterpriseConfig.Eap.AKA, - WifiEnterpriseConfig.Phase2.NONE), mCarrierNetworkConfig)); - } finally { - session.finishMocking(); - } - } - - /** - * Verify that an expected identity is returned when using the encrypted identity for V1.6 + * Verify that an expected identity is returned when using the encrypted identity * encoded by RFC4648. */ @Test - public void getEncryptedIdentity_V_1_6_WithRfc4648() throws Exception { + public void getEncryptedIdentity_WithRfc4648() throws Exception { Cipher cipher = mock(Cipher.class); PublicKey key = null; - int flag = Base64.NO_WRAP; String imsi = "3214561234567890"; String permanentIdentity = "03214561234567890@wlan.mnc456.mcc321.3gppnetwork.org"; String encryptedImsi = Base64.encodeToString(permanentIdentity.getBytes(), 0, - permanentIdentity.getBytes().length, flag); + permanentIdentity.getBytes().length, Base64.NO_WRAP); String encryptedIdentity = "\0" + encryptedImsi; final Pair<String, String> expectedIdentity = Pair.create(permanentIdentity, encryptedIdentity); @@ -204,52 +157,6 @@ public class TelephonyUtilTest { when(mDataTelephonyManager.getCarrierInfoForImsiEncryption( eq(TelephonyManager.KEY_TYPE_WLAN))) .thenReturn(info); - when(mCarrierNetworkConfig.getBase64EncodingFlag()).thenReturn(flag); - when(mCarrierNetworkConfig.getEapIdentitySequence()).thenReturn( - CarrierNetworkConfig.IDENTITY_SEQUENCE_ANONYMOUS_THEN_IMSI_V1_6); - - assertEquals(expectedIdentity, - TelephonyUtil.getSimIdentity(mTelephonyManager, mTelephonyUtil, - WifiConfigurationTestUtil.createEapNetwork(WifiEnterpriseConfig.Eap.AKA, - WifiEnterpriseConfig.Phase2.NONE), mCarrierNetworkConfig)); - } finally { - session.finishMocking(); - } - } - - /** - * Verify that an expected identity is returned when using the encrypted IMSI encoded by RFC2045 - * with key identifier. - */ - @Test - public void getEncryptedIdentityKeyIdentifierWithRfc2045() throws Exception { - Cipher cipher = mock(Cipher.class); - int flag = Base64.DEFAULT; - PublicKey key = null; - String keyIdentifier = "key=testKey"; - String imsi = "3214561234567890"; - String encryptedImsi = Base64.encodeToString(imsi.getBytes(), 0, imsi.getBytes().length, - flag); - String encryptedIdentity = "\0" + encryptedImsi + "@wlan.mnc456.mcc321.3gppnetwork.org," - + keyIdentifier; - final Pair<String, String> expectedIdentity = Pair.create( - "03214561234567890@wlan.mnc456.mcc321.3gppnetwork.org", encryptedIdentity); - - // static mocking - MockitoSession session = ExtendedMockito.mockitoSession().mockStatic( - Cipher.class).startMocking(); - try { - when(Cipher.getInstance(anyString())).thenReturn(cipher); - when(cipher.doFinal(any(byte[].class))).thenReturn(imsi.getBytes()); - when(mDataTelephonyManager.getSubscriberId()).thenReturn(imsi); - when(mDataTelephonyManager.getSimState()).thenReturn(TelephonyManager.SIM_STATE_READY); - when(mDataTelephonyManager.getSimOperator()).thenReturn("321456"); - ImsiEncryptionInfo info = new ImsiEncryptionInfo("321", "456", - TelephonyManager.KEY_TYPE_WLAN, keyIdentifier, key, null); - when(mDataTelephonyManager.getCarrierInfoForImsiEncryption( - eq(TelephonyManager.KEY_TYPE_WLAN))) - .thenReturn(info); - when(mCarrierNetworkConfig.getBase64EncodingFlag()).thenReturn(flag); assertEquals(expectedIdentity, TelephonyUtil.getSimIdentity(mTelephonyManager, mTelephonyUtil, @@ -293,30 +200,6 @@ public class TelephonyUtilTest { } } - /** - * Verify that {@code null} will be returned when IMSI encryption failed because - * the sequence of EAP identity is not valid. - */ - @Test - public void getEncryptedIdentityFailedWithInvalidEapIdentitySequence() throws Exception { - final Pair<String, String> expectedIdentity = Pair.create( - "03214561234567890@wlan.mnc456.mcc321.3gppnetwork.org", ""); - - when(mDataTelephonyManager.getSubscriberId()).thenReturn("3214561234567890"); - when(mDataTelephonyManager.getSimState()).thenReturn(TelephonyManager.SIM_STATE_READY); - when(mDataTelephonyManager.getSimOperator()).thenReturn("321456"); - ImsiEncryptionInfo info = new ImsiEncryptionInfo("321", "456", - TelephonyManager.KEY_TYPE_WLAN, null, (PublicKey) null, null); - when(mDataTelephonyManager.getCarrierInfoForImsiEncryption( - eq(TelephonyManager.KEY_TYPE_WLAN))) - .thenReturn(info); - when(mCarrierNetworkConfig.getEapIdentitySequence()).thenReturn(-1); - - assertNull(TelephonyUtil.getSimIdentity(mTelephonyManager, mTelephonyUtil, - WifiConfigurationTestUtil.createEapNetwork(WifiEnterpriseConfig.Eap.AKA, - WifiEnterpriseConfig.Phase2.NONE), mCarrierNetworkConfig)); - } - @Test public void getSimIdentity2DigitMnc() { final Pair<String, String> expectedIdentity = Pair.create( |