[EAP-SIM] Add NAI realm decoration to pseudonym

The framework stores the last pseudonym given by the server. However, in some cases, it does not contain @<NAI Realm> suffix which some servers require. Check if NAI realm exist, and add @<NAI Realm> to the pseudonym for subsequent connections if missing. Bug: 109795427 Test: atest ClientModeImplTest Test: Regression test in lab passed b/143503329 Merged-In: I74ef92e05e76290cbbf96297ed3329426e8b95a3 Change-Id: I74ef92e05e76290cbbf96297ed3329426e8b95a3 (cherry picked from commit 97447d4b970bf7e569d10dc6ca5829d99e9a4e44)
author: Hai Shalom <haishalom@google.com> 2019-09-23 14:36:13 -0700
committer: Etan Cohen <etancohen@google.com> 2019-11-11 02:35:12 +0000
commit: bc8fa0c163c40afa999ac71cc78687bb845131ab (patch)
tree: 1401a7acba2e907e3670da8f209a0fd743d00c1f /service
parent: d11a226fd95ae690746e1eef985fda6f9fc213b9 (diff)
2 files changed, 56 insertions, 5 deletions
diff --git a/service/java/com/android/server/wifi/ClientModeImpl.java b/service/java/com/android/server/wifi/ClientModeImpl.java
index 7e7f651de..119d6d0e8 100644
--- a/service/java/com/android/server/wifi/ClientModeImpl.java
+++ b/service/java/com/android/server/wifi/ClientModeImpl.java
@@ -4473,14 +4473,25 @@ public class ClientModeImpl extends StateMachine {
                                         config.enterpriseConfig.getEapMethod())) {
                             String anonymousIdentity =
                                     mWifiNative.getEapAnonymousIdentity(mInterfaceName);
-                            if (mVerboseLoggingEnabled) {
-                                log("EAP Pseudonym: " + anonymousIdentity);
-                            }
-                            if (!TelephonyUtil.isAnonymousAtRealmIdentity(anonymousIdentity)) {
+                            if (!TextUtils.isEmpty(anonymousIdentity)
+                                    && !TelephonyUtil
+                                    .isAnonymousAtRealmIdentity(anonymousIdentity)) {
+                                String decoratedPseudonym = TelephonyUtil
+                                        .decoratePseudonymWith3GppRealm(getTelephonyManager(),
+                                                anonymousIdentity);
+                                if (decoratedPseudonym != null) {
+                                    anonymousIdentity = decoratedPseudonym;
+                                }
+                                if (mVerboseLoggingEnabled) {
+                                    log("EAP Pseudonym: " + anonymousIdentity);
+                                }
                                 // Save the pseudonym only if it is a real one
                                 config.enterpriseConfig.setAnonymousIdentity(anonymousIdentity);
-                                mWifiConfigManager.addOrUpdateNetwork(config, Process.WIFI_UID);
+                            } else {
+                                // Clear any stored pseudonyms
+                                config.enterpriseConfig.setAnonymousIdentity(null);
                             }
+                            mWifiConfigManager.addOrUpdateNetwork(config, Process.WIFI_UID);
                         }
                         sendNetworkStateChangeBroadcast(mLastBssid);
                         transitionTo(mObtainingIpState);
diff --git a/service/java/com/android/server/wifi/util/TelephonyUtil.java b/service/java/com/android/server/wifi/util/TelephonyUtil.java
index 4af40ddf2..3154df978 100644
--- a/service/java/com/android/server/wifi/util/TelephonyUtil.java
+++ b/service/java/com/android/server/wifi/util/TelephonyUtil.java
@@ -22,6 +22,7 @@ import android.net.wifi.WifiEnterpriseConfig;
 import android.telephony.ImsiEncryptionInfo;
 import android.telephony.SubscriptionManager;
 import android.telephony.TelephonyManager;
+import android.text.TextUtils;
 import android.util.Base64;
 import android.util.Log;
 import android.util.Pair;
@@ -730,4 +731,43 @@ public class TelephonyUtil {
     public static boolean isSimPresent(@Nonnull SubscriptionManager sm) {
         return sm.getActiveSubscriptionIdList().length > 0;
     }
+
+    /**
+     * Decorates a pseudonym with the NAI realm, in case it wasn't provided by the server
+     *
+     * @param tm TelephonyManager instance
+     * @param pseudonym The pseudonym (temporary identity) provided by the server
+     * @return pseudonym@realm which is based on current MCC/MNC, {@code null} if SIM is
+     * not ready or absent.
+     */
+    public static String decoratePseudonymWith3GppRealm(@NonNull TelephonyManager tm,
+            String pseudonym) {
+        if (tm == null || TextUtils.isEmpty(pseudonym)) {
+            return null;
+        }
+        if (pseudonym.contains("@")) {
+            // Pseudonym is already decorated
+            return pseudonym;
+        }
+        TelephonyManager defaultDataTm = tm.createForSubscriptionId(
+                SubscriptionManager.getDefaultDataSubscriptionId());
+        if (defaultDataTm.getSimState() != TelephonyManager.SIM_STATE_READY) {
+            return null;
+        }
+        String mccMnc = defaultDataTm.getSimOperator();
+        if (mccMnc == null || mccMnc.isEmpty()) {
+            return null;
+        }
+
+        // Extract mcc & mnc from mccMnc
+        String mcc = mccMnc.substring(0, 3);
+        String mnc = mccMnc.substring(3);
+
+        if (mnc.length() == 2) {
+            mnc = "0" + mnc;
+        }
+
+        String realm = String.format(THREE_GPP_NAI_REALM_FORMAT, mnc, mcc);
+        return String.format("%s@%s", pseudonym, realm);
+    }
 }
author	Hai Shalom <haishalom@google.com>	2019-09-23 14:36:13 -0700
committer	Etan Cohen <etancohen@google.com>	2019-11-11 02:35:12 +0000
commit	bc8fa0c163c40afa999ac71cc78687bb845131ab (patch)
tree	1401a7acba2e907e3670da8f209a0fd743d00c1f /service
parent	d11a226fd95ae690746e1eef985fda6f9fc213b9 (diff)