1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.wifi.hotspot2; 18 19 import static com.android.server.wifi.hotspot2.Utils.isCarrierEapMethod; 20 21 import com.android.server.wifi.IMSIParameter; 22 import com.android.server.wifi.hotspot2.anqp.CellularNetwork; 23 import com.android.server.wifi.hotspot2.anqp.DomainNameElement; 24 import com.android.server.wifi.hotspot2.anqp.NAIRealmData; 25 import com.android.server.wifi.hotspot2.anqp.NAIRealmElement; 26 import com.android.server.wifi.hotspot2.anqp.RoamingConsortiumElement; 27 import com.android.server.wifi.hotspot2.anqp.ThreeGPPNetworkElement; 28 import com.android.server.wifi.hotspot2.anqp.eap.AuthParam; 29 import com.android.server.wifi.hotspot2.anqp.eap.EAPMethod; 30 31 import java.util.List; 32 import java.util.Map; 33 import java.util.Set; 34 35 /** 36 * Utility class for providing matching functions against ANQP elements. 37 */ 38 public class ANQPMatcher { 39 /** 40 * Match the domain names in the ANQP element against the provider's FQDN and SIM credential. 41 * The Domain Name ANQP element might contain domains for 3GPP network (e.g. 42 * wlan.mnc*.mcc*.3gppnetwork.org), so we should match that against the provider's SIM 43 * credential if one is provided. 44 * 45 * @param element The Domain Name ANQP element 46 * @param fqdn The FQDN to compare against 47 * @param imsiParam The IMSI parameter of the provider 48 * @param simImsiList The list of IMSI from the installed SIM cards that matched provider's 49 * IMSI parameter 50 * @return true if a match is found 51 */ matchDomainName(DomainNameElement element, String fqdn, IMSIParameter imsiParam, List<String> simImsiList)52 public static boolean matchDomainName(DomainNameElement element, String fqdn, 53 IMSIParameter imsiParam, List<String> simImsiList) { 54 if (element == null) { 55 return false; 56 } 57 58 for (String domain : element.getDomains()) { 59 if (DomainMatcher.arg2SubdomainOfArg1(fqdn, domain)) { 60 return true; 61 } 62 63 // Try to retrieve the MCC-MNC string from the domain (for 3GPP network domain) and 64 // match against the provider's SIM credential. 65 if (matchMccMnc(Utils.getMccMnc(Utils.splitDomain(domain)), imsiParam, simImsiList)) { 66 return true; 67 } 68 } 69 return false; 70 } 71 72 /** 73 * Match the roaming consortium OIs in the ANQP element against the roaming consortium OIs 74 * of a provider. 75 * 76 * @param element The Roaming Consortium ANQP element 77 * @param providerOIs The roaming consortium OIs of the provider 78 * @param matchAll Indicates if a match with all OIs must be done 79 * @return true if a match is found 80 */ matchRoamingConsortium(RoamingConsortiumElement element, long[] providerOIs, boolean matchAll)81 public static boolean matchRoamingConsortium(RoamingConsortiumElement element, 82 long[] providerOIs, boolean matchAll) { 83 if (element == null) { 84 return false; 85 } 86 if (providerOIs == null) { 87 return false; 88 } 89 List<Long> rcOIs = element.getOIs(); 90 for (long oi : providerOIs) { 91 if (rcOIs.contains(oi)) { 92 if (!matchAll) { 93 return true; 94 } 95 } else if (matchAll) { 96 return false; 97 } 98 } 99 return matchAll; 100 } 101 102 /** 103 * Match the NAI realm in the ANQP element against the realm and authentication method of 104 * a provider. 105 * 106 * @param element The NAI Realm ANQP element 107 * @param realm The realm of the provider's credential 108 * @return an integer indicating the match status 109 */ matchNAIRealm(NAIRealmElement element, String realm)110 public static boolean matchNAIRealm(NAIRealmElement element, String realm) { 111 if (element == null || element.getRealmDataList().isEmpty()) { 112 return false; 113 } 114 115 for (NAIRealmData realmData : element.getRealmDataList()) { 116 if (matchNAIRealmData(realmData, realm)) { 117 return true; 118 } 119 } 120 return false; 121 } 122 123 /** 124 * Get a EAP-Method from a corresponding NAI realm that has one of them (EAP-SIM/AKA/AKA)'. 125 * 126 * @param realm a realm of the provider's credential. 127 * @param element The NAI Realm ANQP element 128 * @return a EAP Method (EAP-SIM/AKA/AKA') from matching NAI realm, {@code -1} otherwise. 129 */ getCarrierEapMethodFromMatchingNAIRealm(String realm, NAIRealmElement element)130 public static int getCarrierEapMethodFromMatchingNAIRealm(String realm, 131 NAIRealmElement element) { 132 if (element == null || element.getRealmDataList().isEmpty()) { 133 return -1; 134 } 135 136 for (NAIRealmData realmData : element.getRealmDataList()) { 137 int eapMethodID = getEapMethodForNAIRealmWithCarrier(realm, realmData); 138 if (eapMethodID != -1) { 139 return eapMethodID; 140 } 141 } 142 return -1; 143 } 144 145 /** 146 * Match the 3GPP Network in the ANQP element against the SIM credential of a provider. 147 * 148 * @param element 3GPP Network ANQP element 149 * @param imsiParam The IMSI parameter of the provider's SIM credential 150 * @param simImsiList The list of IMSI from the installed SIM cards that matched provider's 151 * IMSI parameter 152 * @return true if a matched is found 153 */ matchThreeGPPNetwork(ThreeGPPNetworkElement element, IMSIParameter imsiParam, List<String> simImsiList)154 public static boolean matchThreeGPPNetwork(ThreeGPPNetworkElement element, 155 IMSIParameter imsiParam, List<String> simImsiList) { 156 if (element == null) { 157 return false; 158 } 159 for (CellularNetwork network : element.getNetworks()) { 160 if (matchCellularNetwork(network, imsiParam, simImsiList)) { 161 return true; 162 } 163 } 164 return false; 165 } 166 167 /** 168 * Match the given NAI Realm data against the realm and authentication method of a provider. 169 * 170 * @param realmData The NAI Realm data 171 * @param realm The realm of the provider's credential 172 * @return true if a match is found 173 */ matchNAIRealmData(NAIRealmData realmData, String realm)174 private static boolean matchNAIRealmData(NAIRealmData realmData, String realm) { 175 // Check for realm domain name match. 176 for (String realmStr : realmData.getRealms()) { 177 if (DomainMatcher.arg2SubdomainOfArg1(realm, realmStr)) { 178 return true; 179 } 180 } 181 return false; 182 } 183 getEapMethodForNAIRealmWithCarrier(String realm, NAIRealmData realmData)184 private static int getEapMethodForNAIRealmWithCarrier(String realm, 185 NAIRealmData realmData) { 186 int realmMatch = AuthMatch.NONE; 187 188 for (String realmStr : realmData.getRealms()) { 189 if (DomainMatcher.arg2SubdomainOfArg1(realm, realmStr)) { 190 realmMatch = AuthMatch.REALM; 191 break; 192 } 193 } 194 195 if (realmMatch == AuthMatch.NONE) { 196 return -1; 197 } 198 199 for (EAPMethod eapMethod : realmData.getEAPMethods()) { 200 if (isCarrierEapMethod(eapMethod.getEAPMethodID())) { 201 return eapMethod.getEAPMethodID(); 202 } 203 } 204 return -1; 205 } 206 207 /** 208 * Match the given EAPMethod against the authentication method of a provider. 209 * 210 * @param method The EAP Method 211 * @param eapMethodID The EAP Method ID of the provider's credential 212 * @param authParam The authentication parameter of the provider's credential 213 * @return an integer indicating the match status 214 */ matchEAPMethod(EAPMethod method, int eapMethodID, AuthParam authParam)215 private static int matchEAPMethod(EAPMethod method, int eapMethodID, AuthParam authParam) { 216 if (method.getEAPMethodID() != eapMethodID) { 217 return AuthMatch.NONE; 218 } 219 // Check for authentication parameter match. 220 if (authParam != null) { 221 Map<Integer, Set<AuthParam>> authParams = method.getAuthParams(); 222 if (authParams.isEmpty()) { 223 // no auth methods to match 224 return AuthMatch.METHOD; 225 } 226 Set<AuthParam> paramSet = authParams.get(authParam.getAuthTypeID()); 227 if (paramSet == null || !paramSet.contains(authParam)) { 228 return AuthMatch.NONE; 229 } 230 return AuthMatch.METHOD_PARAM; 231 } 232 return AuthMatch.METHOD; 233 } 234 235 /** 236 * Match a cellular network information in the 3GPP Network ANQP element against the SIM 237 * credential of a provider. 238 * 239 * @param network The cellular network that contained list of PLMNs 240 * @param imsiParam IMSI parameter of the provider 241 * @param simImsiList The list of IMSI from the installed SIM cards that matched provider's 242 * IMSI parameter 243 * @return true if a match is found 244 */ matchCellularNetwork(CellularNetwork network, IMSIParameter imsiParam, List<String> simImsiList)245 private static boolean matchCellularNetwork(CellularNetwork network, IMSIParameter imsiParam, 246 List<String> simImsiList) { 247 for (String plmn : network.getPlmns()) { 248 if (matchMccMnc(plmn, imsiParam, simImsiList)) { 249 return true; 250 } 251 } 252 return false; 253 } 254 255 /** 256 * Match a MCC-MNC against the SIM credential of a provider. 257 * 258 * @param mccMnc The string containing MCC-MNC 259 * @param imsiParam The IMSI parameter of the provider 260 * @param simImsiList The list of IMSI from the installed SIM cards that matched provider's 261 * IMSI parameter 262 * @return true if a match is found 263 */ matchMccMnc(String mccMnc, IMSIParameter imsiParam, List<String> simImsiList)264 private static boolean matchMccMnc(String mccMnc, IMSIParameter imsiParam, 265 List<String> simImsiList) { 266 if (imsiParam == null || simImsiList == null) { 267 return false; 268 } 269 // Match against the IMSI parameter in the provider. 270 if (!imsiParam.matchesMccMnc(mccMnc)) { 271 return false; 272 } 273 // Additional check for verifying the match with IMSIs from the SIM cards, since the IMSI 274 // parameter might not contain the full 6-digit MCC MNC (e.g. IMSI parameter is an IMSI 275 // prefix that contained less than 6-digit of numbers "12345*"). 276 for (String imsi : simImsiList) { 277 if (imsi.startsWith(mccMnc)) { 278 return true; 279 } 280 } 281 return false; 282 } 283 } 284