diff options
4 files changed, 243 insertions, 0 deletions
diff --git a/telephony/java/android/telephony/ImsiEncryptionInfo.aidl b/telephony/java/android/telephony/ImsiEncryptionInfo.aidl new file mode 100644 index 000000000000..080e30a01071 --- /dev/null +++ b/telephony/java/android/telephony/ImsiEncryptionInfo.aidl @@ -0,0 +1,19 @@ +/* +* Copyright (C) 2017 The Android Open Source Project +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package android.telephony; + +parcelable ImsiEncryptionInfo; diff --git a/telephony/java/android/telephony/ImsiEncryptionInfo.java b/telephony/java/android/telephony/ImsiEncryptionInfo.java new file mode 100644 index 000000000000..ecb9d25f2745 --- /dev/null +++ b/telephony/java/android/telephony/ImsiEncryptionInfo.java @@ -0,0 +1,137 @@ +/* + * Copyright (C) 2017 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.telephony; + +import android.os.Parcel; +import android.os.Parcelable; +import android.util.Log; + +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.X509EncodedKeySpec; + +/** + * Class to represent information sent by the carrier, which will be used to encrypt + * the IMSI + IMPI. The ecryption is being done by WLAN, and the modem. + * + * @hide + */ +public final class ImsiEncryptionInfo implements Parcelable { + + private static final String LOG_TAG = "ImsiEncryptionInfo"; + private static final boolean DBG = false; + + + private final String mcc; + private final String mnc; + private final PublicKey publicKey; + private final String keyIdentifier; + private final int keyType; + + public ImsiEncryptionInfo(String mcc, String mnc, int keyType, String keyIdentifier, + PublicKey publicKey) { + this.mcc = mcc; + this.mnc = mnc; + this.keyType = keyType; + this.publicKey = publicKey; + this.keyIdentifier = keyIdentifier; + } + + public ImsiEncryptionInfo(Parcel in) { + int length = in.readInt(); + byte b[] = new byte[length]; + in.readByteArray(b); + publicKey = makeKeyObject(b); + mcc = in.readString(); + mnc = in.readString(); + keyIdentifier = in.readString(); + keyType = in.readInt(); + + } + + public String getMnc() { + return this.mnc; + } + + public String getMcc() { + return this.mcc; + } + + public String getKeyIdentifier() { + return this.keyIdentifier; + } + + public int getKeyType() { + return this.keyType; + } + + public PublicKey getPublicKey() { + return this.publicKey; + } + + private static PublicKey makeKeyObject(byte[] publicKeyBytes) { + try { + X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(publicKeyBytes); + return KeyFactory.getInstance("RSA").generatePublic(pubKeySpec); + } catch (InvalidKeySpecException | NoSuchAlgorithmException ex) { + Log.e(LOG_TAG, "Error makeKeyObject: unable to convert into PublicKey", ex); + } + return null; + } + + /** Implement the Parcelable interface */ + @Override + public int describeContents() { + return 0; + } + + public static final Parcelable.Creator<ImsiEncryptionInfo> CREATOR = + new Parcelable.Creator<ImsiEncryptionInfo>() { + @Override + public ImsiEncryptionInfo createFromParcel(Parcel in) { + return new ImsiEncryptionInfo(in); + } + + @Override + public ImsiEncryptionInfo[] newArray(int size) { + return new ImsiEncryptionInfo[size]; + } + }; + + @Override + public void writeToParcel(Parcel dest, int flags) { + byte[] b = publicKey.getEncoded(); + dest.writeInt(b.length); + dest.writeByteArray(b); + dest.writeString(mcc); + dest.writeString(mnc); + dest.writeString(keyIdentifier); + dest.writeInt(keyType); + } + + @Override + public String toString(){ + return "[ImsiEncryptionInfo " + + "mcc=" + mcc + + "mnc=" + mnc + + "publicKey=" + publicKey + + ", keyIdentifier=" + keyIdentifier + + ", keyType=" + keyType + + "]"; + } +} diff --git a/telephony/java/android/telephony/TelephonyManager.java b/telephony/java/android/telephony/TelephonyManager.java index e81c97e5fca8..add4f03cddb1 100644 --- a/telephony/java/android/telephony/TelephonyManager.java +++ b/telephony/java/android/telephony/TelephonyManager.java @@ -142,6 +142,12 @@ public class TelephonyManager { static public final int OTASP_SIM_UNPROVISIONED = 5; + /** @hide */ + static public final int KEY_TYPE_EPDDG = 1; + + /** @hide */ + static public final int KEY_TYPE_WLAN = 2; + private final Context mContext; private final int mSubId; private SubscriptionManager mSubscriptionManager; @@ -2339,6 +2345,73 @@ public class TelephonyManager { } /** + * Returns Carrier specific information that will be used to encrypt the IMSI and IMPI. + * This includes the public key and the key identifier. For multi-sim devices, if no subId + * has been specified, we will return the value for the dafault data sim. + * Return null if it is unavailable. + * <p> + * Requires Permission: + * {@link android.Manifest.permission#READ_PHONE_STATE READ_PHONE_STATE} + * @param keyType whether the key is being used for wlan or epdg. Valid key types are + * {@link TelephonyManager#KEY_TYPE_EPDDG} or + * {@link TelephonyManager#KEY_TYPE_WLAN}. + * @return ImsiEncryptionInfo Carrier specific information that will be used to encrypt the + * IMSI and IMPI. This includes the public key and the key identifier. This information + * will be stored in the device keystore. + * @hide + */ + public ImsiEncryptionInfo getCarrierInfoForImsiEncryption(int keyType) { + try { + IPhoneSubInfo info = getSubscriberInfo(); + if (info == null) return null; + int subId = getSubId(SubscriptionManager.getDefaultDataSubscriptionId()); + if (keyType != KEY_TYPE_EPDDG && keyType != KEY_TYPE_WLAN) { + throw new IllegalArgumentException("Invalid key type"); + } + return info.getCarrierInfoForImsiEncryption(subId, keyType, + mContext.getOpPackageName()); + } catch (RemoteException ex) { + Rlog.e(TAG, "getCarrierInfoForImsiEncryption RemoteException", ex); + return null; + } catch (NullPointerException ex) { + // This could happen before phone restarts due to crashing + Rlog.e(TAG, "getCarrierInfoForImsiEncryption NullPointerException", ex); + return null; + } + } + + /** + * Sets the Carrier specific information that will be used to encrypt the IMSI and IMPI. + * This includes the public key and the key identifier. This information will be stored in the + * device keystore. + * <p> + * Requires Permission: + * {@link android.Manifest.permission#READ_PHONE_STATE READ_PHONE_STATE} + * @param imsiEncryptionInfo which includes the Key Type, the Public Key + * (java.security.PublicKey) and the Key Identifier.and the Key Identifier. + * The keyIdentifier Attribute value pair that helps a server locate + * the private key to decrypt the permanent identity. This field is + * optional and if it is present then it’s always separated from encrypted + * permanent identity with “,”. Key identifier AVP is presented in ASCII string + * with “name=value” format. + * @hide + */ + public void setCarrierInfoForImsiEncryption(ImsiEncryptionInfo imsiEncryptionInfo) { + try { + IPhoneSubInfo info = getSubscriberInfo(); + if (info == null) return; + info.setCarrierInfoForImsiEncryption(mSubId, mContext.getOpPackageName(), + imsiEncryptionInfo); + } catch (NullPointerException ex) { + // This could happen before phone restarts due to crashing + return; + } catch (RemoteException ex) { + Rlog.e(TAG, "setCarrierInfoForImsiEncryption RemoteException", ex); + return; + } + } + + /** * Returns the Group Identifier Level1 for a GSM phone. * Return null if it is unavailable. * <p> diff --git a/telephony/java/com/android/internal/telephony/IPhoneSubInfo.aidl b/telephony/java/com/android/internal/telephony/IPhoneSubInfo.aidl index 02baa3454536..dbd8867b14c9 100644 --- a/telephony/java/com/android/internal/telephony/IPhoneSubInfo.aidl +++ b/telephony/java/com/android/internal/telephony/IPhoneSubInfo.aidl @@ -16,6 +16,8 @@ package com.android.internal.telephony; +import android.telephony.ImsiEncryptionInfo; + /** * Interface used to retrieve various phone-related subscriber information. * @@ -138,6 +140,18 @@ interface IPhoneSubInfo { String getCompleteVoiceMailNumberForSubscriber(int subId); /** + * Retrieves the Carrier information used to encrypt IMSI and IMPI. + */ + ImsiEncryptionInfo getCarrierInfoForImsiEncryption(int subId, int keyType, + String callingPackage); + + /** + * Stores the Carrier information used to encrypt IMSI and IMPI. + */ + void setCarrierInfoForImsiEncryption(int subId, String callingPackage, + in ImsiEncryptionInfo imsiEncryptionInfo); + + /** * Retrieves the alpha identifier associated with the voice mail number. */ String getVoiceMailAlphaTag(String callingPackage); |