Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Expose IMSI encryption info APIs as system API"

Browse Source
This commit is contained in:
Meng Wang
2019-11-01 04:37:37 +00:00
committed by Android (Google) Code Review
parent 2e63cedc0e 178267d26b
commit 977bd75f35
3 changed files with 82 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
api/system-current.txt
View File

@@ -7917,6 +7917,14 @@ package android.telephony {
field public static final int WIFI_LOST = 59; // 0x3b
}
public final class ImsiEncryptionInfo implements android.os.Parcelable {
method public int describeContents();
method @Nullable public String getKeyIdentifier();
method @Nullable public java.security.PublicKey getPublicKey();
method public void writeToParcel(@NonNull android.os.Parcel, int);
field @NonNull public static final android.os.Parcelable.Creator<android.telephony.ImsiEncryptionInfo> CREATOR;
}
public final class LteVopsSupportInfo implements android.os.Parcelable {
ctor public LteVopsSupportInfo(int, int);
method public int describeContents();
@@ -8401,6 +8409,7 @@ package android.telephony {
method @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) public void factoryReset(int);
method @Nullable @RequiresPermission(android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE) public String getAidForAppType(int);
method @Deprecated @RequiresPermission(android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE) public java.util.List<android.service.carrier.CarrierIdentifier> getAllowedCarriers(int);
method @Nullable @RequiresPermission(android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE) public android.telephony.ImsiEncryptionInfo getCarrierInfoForImsiEncryption(int);
method public java.util.List<java.lang.String> getCarrierPackageNamesForIntent(android.content.Intent);
method public java.util.List<java.lang.String> getCarrierPackageNamesForIntentAndPhone(android.content.Intent, int);
method @Nullable @RequiresPermission(android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE) public android.telephony.CarrierRestrictionRules getCarrierRestrictionRules();
@@ -8454,6 +8463,7 @@ package android.telephony {
method @RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE) public boolean rebootRadio();
method @RequiresPermission(allOf={android.Manifest.permission.ACCESS_FINE_LOCATION, android.Manifest.permission.MODIFY_PHONE_STATE}) public void requestCellInfoUpdate(@NonNull android.os.WorkSource, @NonNull java.util.concurrent.Executor, @NonNull android.telephony.TelephonyManager.CellInfoCallback);
method @RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE) public void requestNumberVerification(@NonNull android.telephony.PhoneNumberRange, long, @NonNull java.util.concurrent.Executor, @NonNull android.telephony.NumberVerificationCallback);
method @RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE) public void resetCarrierKeysForImsiEncryption();
method @RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE) public boolean resetRadioConfig();
method @Deprecated @RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE) public int setAllowedCarriers(int, java.util.List<android.service.carrier.CarrierIdentifier>);
method @RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE) public void setCarrierDataEnabled(boolean);
@@ -8490,6 +8500,8 @@ package android.telephony {
field public static final String EXTRA_SIM_STATE = "android.telephony.extra.SIM_STATE";
field public static final String EXTRA_VISUAL_VOICEMAIL_ENABLED_BY_USER_BOOL = "android.telephony.extra.VISUAL_VOICEMAIL_ENABLED_BY_USER_BOOL";
field public static final String EXTRA_VOICEMAIL_SCRAMBLED_PIN_STRING = "android.telephony.extra.VOICEMAIL_SCRAMBLED_PIN_STRING";
field public static final int KEY_TYPE_EPDG = 1; // 0x1
field public static final int KEY_TYPE_WLAN = 2; // 0x2
field public static final long NETWORK_TYPE_BITMASK_1xRTT = 64L; // 0x40L
field public static final long NETWORK_TYPE_BITMASK_CDMA = 8L; // 0x8L
field public static final long NETWORK_TYPE_BITMASK_EDGE = 2L; // 0x2L

29
telephony/java/android/telephony/ImsiEncryptionInfo.java
View File

@@ -15,9 +15,11 @@
*/
package android.telephony;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.annotation.SystemApi;
import android.os.Parcel;
import android.os.Parcelable;
import java.util.Date;
import android.util.Log;
import java.security.KeyFactory;
@@ -25,18 +27,18 @@ import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
/**
* Class to represent information sent by the carrier, which will be used to encrypt
* the IMSI + IMPI. The ecryption is being done by WLAN, and the modem.
*
* @hide
*/
@SystemApi
public final class ImsiEncryptionInfo implements Parcelable {
private static final String LOG_TAG = "ImsiEncryptionInfo";
private final String mcc;
private final String mnc;
private final PublicKey publicKey;
@@ -45,11 +47,13 @@ public final class ImsiEncryptionInfo implements Parcelable {
//Date-Time in UTC when the key will expire.
private final Date expirationTime;
/** @hide */
public ImsiEncryptionInfo(String mcc, String mnc, int keyType, String keyIdentifier,
byte[] key, Date expirationTime) {
this(mcc, mnc, keyType, keyIdentifier, makeKeyObject(key), expirationTime);
}
/** @hide */
public ImsiEncryptionInfo(String mcc, String mnc, int keyType, String keyIdentifier,
PublicKey publicKey, Date expirationTime) {
// todo need to validate that ImsiEncryptionInfo is being created with the correct params.
@@ -63,6 +67,7 @@ public final class ImsiEncryptionInfo implements Parcelable {
this.expirationTime = expirationTime;
}
/** @hide */
public ImsiEncryptionInfo(Parcel in) {
int length = in.readInt();
byte b[] = new byte[length];
@@ -75,26 +80,40 @@ public final class ImsiEncryptionInfo implements Parcelable {
expirationTime = new Date(in.readLong());
}
/** @hide */
public String getMnc() {
return this.mnc;
}
/** @hide */
public String getMcc() {
return this.mcc;
}
/**
* Returns key identifier, a string that helps the authentication server to locate the
* private key to decrypt the permanent identity, or {@code null} when uavailable.
*/
@Nullable
public String getKeyIdentifier() {
return this.keyIdentifier;
}
/** @hide */
public int getKeyType() {
return this.keyType;
}
/**
* Returns the carrier public key that is used for the IMSI encryption,
* or {@code null} when uavailable.
*/
@Nullable
public PublicKey getPublicKey() {
return this.publicKey;
}
/** @hide */
public Date getExpirationTime() {
return this.expirationTime;
}
@@ -115,7 +134,7 @@ public final class ImsiEncryptionInfo implements Parcelable {
return 0;
}
public static final @android.annotation.NonNull Parcelable.Creator<ImsiEncryptionInfo> CREATOR =
public static final @NonNull Parcelable.Creator<ImsiEncryptionInfo> CREATOR =
new Parcelable.Creator<ImsiEncryptionInfo>() {
@Override
public ImsiEncryptionInfo createFromParcel(Parcel in) {
@@ -129,7 +148,7 @@ public final class ImsiEncryptionInfo implements Parcelable {
};
@Override
public void writeToParcel(Parcel dest, int flags) {
public void writeToParcel(@NonNull Parcel dest, int flags) {
byte[] b = publicKey.getEncoded();
dest.writeInt(b.length);
dest.writeByteArray(b);

66
telephony/java/android/telephony/TelephonyManager.java
View File

@@ -197,12 +197,29 @@ public class TelephonyManager {
/** @hide */
static public final int OTASP_SIM_UNPROVISIONED = 5;
/** @hide */
/**
* Used in carrier Wi-Fi for IMSI + IMPI encryption, this indicates a public key that's
* available for use in ePDG links.
*
* @hide
*/
@SystemApi
static public final int KEY_TYPE_EPDG = 1;
/** @hide */
/**
* Used in carrier Wi-Fi for IMSI + IMPI encryption, this indicates a public key that's
* available for use in WLAN links.
*
* @hide
*/
@SystemApi
static public final int KEY_TYPE_WLAN = 2;
/** @hide */
@Retention(RetentionPolicy.SOURCE)
@IntDef(prefix = {"KEY_TYPE_"}, value = {KEY_TYPE_EPDG, KEY_TYPE_WLAN})
public @interface KeyType {}
/**
* No Single Radio Voice Call Continuity (SRVCC) handover is active.
* See TS 23.216 for more information.
@@ -3874,25 +3891,27 @@ public class TelephonyManager {
}
/**
* Returns Carrier specific information that will be used to encrypt the IMSI and IMPI.
* This includes the public key and the key identifier. For multi-sim devices, if no subId
* has been specified, we will return the value for the dafault data sim.
* Return null if it is unavailable.
* Returns carrier specific information that will be used to encrypt the IMSI and IMPI,
* including the public key and the key identifier; or {@code null} if not available.
* <p>
* Requires Permission:
* {@link android.Manifest.permission#READ_PHONE_STATE READ_PHONE_STATE}
* @param keyType whether the key is being used for wlan or epdg. Valid key types are
* {@link TelephonyManager#KEY_TYPE_EPDG} or
* {@link TelephonyManager#KEY_TYPE_WLAN}.
* For a multi-sim device, the dafault data sim is used if not specified.
* <p>
* Requires Permission: READ_PRIVILEGED_PHONE_STATE.
*
* @param keyType whether the key is being used for EPDG or WLAN. Valid values are
* {@link #KEY_TYPE_EPDG} or {@link #KEY_TYPE_WLAN}.
* @return ImsiEncryptionInfo Carrier specific information that will be used to encrypt the
* IMSI and IMPI. This includes the public key and the key identifier. This information
* will be stored in the device keystore. The system will return a null when no key was
* found, and the carrier does not require a key. The system will throw
* IllegalArgumentException when an invalid key is sent or when key is required but
* will be stored in the device keystore. {@code null} will be returned when no key is
* found, and the carrier does not require a key.
* @throws IllegalArgumentException when an invalid key is found or when key is required but
* not found.
* @hide
*/
public ImsiEncryptionInfo getCarrierInfoForImsiEncryption(int keyType) {
@RequiresPermission(android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE)
@SystemApi
@Nullable
public ImsiEncryptionInfo getCarrierInfoForImsiEncryption(@KeyType int keyType) {
try {
IPhoneSubInfo info = getSubscriberInfo();
if (info == null) {
@@ -3920,14 +3939,21 @@ public class TelephonyManager {
}
/**
* Resets the Carrier Keys in the database. This involves 2 steps:
* Resets the carrier keys used to encrypt the IMSI and IMPI.
* <p>
* This involves 2 steps:
* 1. Delete the keys from the database.
* 2. Send an intent to download new Certificates.
* <p>
* Requires Permission:
* {@link android.Manifest.permission#MODIFY_PHONE_STATE MODIFY_PHONE_STATE}
* For a multi-sim device, the dafault data sim is used if not specified.
* <p>
* Requires Permission: MODIFY_PHONE_STATE.
*
* @see #getCarrierInfoForImsiEncryption
* @hide
*/
@RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE)
@SystemApi
public void resetCarrierKeysForImsiEncryption() {
try {
IPhoneSubInfo info = getSubscriberInfo();
@@ -3954,7 +3980,7 @@ public class TelephonyManager {
* @return true if the digit at position keyType is 1, else false.
* @hide
*/
private static boolean isKeyEnabled(int keyAvailability, int keyType) {
private static boolean isKeyEnabled(int keyAvailability, @KeyType int keyType) {
int returnValue = (keyAvailability >> (keyType - 1)) & 1;
return (returnValue == 1) ? true : false;
}
@@ -3963,7 +3989,7 @@ public class TelephonyManager {
* If Carrier requires Imsi to be encrypted.
* @hide
*/
private boolean isImsiEncryptionRequired(int subId, int keyType) {
private boolean isImsiEncryptionRequired(int subId, @KeyType int keyType) {
CarrierConfigManager configManager =
(CarrierConfigManager) mContext.getSystemService(Context.CARRIER_CONFIG_SERVICE);
if (configManager == null) {