/* * Copyright (C) 2020 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.telephony.gba; import android.annotation.NonNull; import android.annotation.SystemApi; import android.app.Service; import android.content.Intent; import android.net.Uri; import android.os.Build; import android.os.Handler; import android.os.HandlerThread; import android.os.IBinder; import android.os.Looper; import android.os.Message; import android.os.RemoteException; import android.telephony.Annotation.UiccAppTypeExt; import android.telephony.IBootstrapAuthenticationCallback; import android.telephony.TelephonyManager; import android.telephony.TelephonyManager.AuthenticationFailureReason; import android.util.Log; import android.util.SparseArray; /** * Base class for GBA Service. Any implementation which wants to provide * GBA service must extend this class. * *

Note that the application to implement the service must declare to use * the permission {@link android.Manifest.permission#BIND_GBA_SERVICE}, * and filter the intent of {@link #SERVICE_INTERFACE}. * The manifest of the service must follow the format below: * *

... * * ... * * * * * ... * *

The service should also be file-based encryption (FBE) aware. * {@hide} */ @SystemApi public class GbaService extends Service { private static final boolean DBG = Build.IS_DEBUGGABLE; private static final String TAG = "GbaService"; /** * The intent must be defined as an intent-filter in the * AndroidManifest of the GbaService. */ public static final String SERVICE_INTERFACE = "android.telephony.gba.GbaService"; private static final int EVENT_GBA_AUTH_REQUEST = 1; private final HandlerThread mHandlerThread; private final GbaServiceHandler mHandler; private final SparseArray mCallbacks = new SparseArray<>(); private final IGbaServiceWrapper mBinder = new IGbaServiceWrapper(); /** * Default constructor. */ public GbaService() { mHandlerThread = new HandlerThread(TAG); mHandlerThread.start(); mHandler = new GbaServiceHandler(mHandlerThread.getLooper()); Log.d(TAG, "GBA service created"); } private class GbaServiceHandler extends Handler { GbaServiceHandler(Looper looper) { super(looper); } @Override public void handleMessage(Message msg) { switch (msg.what) { case EVENT_GBA_AUTH_REQUEST: GbaAuthRequest req = (GbaAuthRequest) msg.obj; synchronized (mCallbacks) { mCallbacks.put(req.getToken(), req.getCallback()); } onAuthenticationRequest(req.getSubId(), req.getToken(), req.getAppType(), req.getNafUrl(), req.getSecurityProtocol(), req.isForceBootStrapping()); break; default: break; } } } /** * Called by the platform when a GBA authentication request is received from * {@link TelephonyManager#bootstrapAuthenticationRequest} to get the KsNAF for * a particular NAF. * * @param subscriptionId the ICC card to be used for the bootstrapping authentication. * @param token the identification of the authentication request. * @param appType icc application type, like {@link #APPTYPE_USIM} or {@link * #APPTYPE_ISIM} or {@link#APPTYPE_UNKNOWN} * @param nafUrl Network Application Function(NAF) fully qualified domain name and * the selected GBA mode. It shall contain two parts delimited by "@" sign. The first * part is the constant string "3GPP-bootstrapping" (GBA_ME), * "3GPP-bootstrapping-uicc" (GBA_ U), or "3GPP-bootstrapping-digest" (GBA_Digest), * and the latter part shall be the FQDN of the NAF (e.g. * "3GPP-bootstrapping@naf1.operator.com" or "3GPP-bootstrapping-uicc@naf1.operator.com", * or "3GPP-bootstrapping-digest@naf1.operator.com"). * @param securityProtocol Security protocol identifier between UE and NAF.  See * 3GPP TS 33.220 Annex H. Application can use    * {@link UaSecurityProtocolIdentifier#createDefaultUaSpId}, * {@link UaSecurityProtocolIdentifier#create3GppUaSpId}, * to create the ua security protocol identifier as needed   * @param forceBootStrapping true=force bootstrapping, false=do not force   * bootstrapping. Bootstrapping shouldn't be forced unless the application sees   * authentication errors from the server. * Response is returned via {@link TelephonyManager#BootstrapAuthenticationCallback} * along with the token to identify the request. * *

Note that this is not called in the main thread. */ public void onAuthenticationRequest(int subscriptionId, int token, @UiccAppTypeExt int appType, @NonNull Uri nafUrl, @NonNull byte[] securityProtocol, boolean forceBootStrapping) { //Default implementation should be overridden by vendor Gba Service. Vendor Gba Service //should handle the gba bootstrap authentication request, and call reportKeysAvailable or //reportAuthenticationFailure to notify the caller accordingly. reportAuthenticationFailure( token, TelephonyManager.GBA_FAILURE_REASON_FEATURE_NOT_SUPPORTED); } /** * Called by {@link GbaService} when the previously requested GBA keys are available * (@see onAuthenticationRequest()) * * @param token unique identifier of the request. * @param gbaKey KsNaf Response. * @param transactionId Bootstrapping Transaction ID. * @throws RuntimeException when there is remote failure of callback. */ public final void reportKeysAvailable(int token, @NonNull byte[] gbaKey, @NonNull String transactionId) throws RuntimeException { IBootstrapAuthenticationCallback cb = null; synchronized (mCallbacks) { cb = mCallbacks.get(token); mCallbacks.remove(token); } if (cb != null) { try { cb.onKeysAvailable(token, gbaKey, transactionId); } catch (RemoteException exception) { throw exception.rethrowAsRuntimeException(); } } } /** * Invoked when the previously requested GBA key authentication failed * (@see onAuthenticationRequest()) * * @param token unique identifier of the request. * @param reason The reason for the authentication failure. * @throws RuntimeException when there is remote failure of callback. */ public final void reportAuthenticationFailure(int token, @AuthenticationFailureReason int reason) throws RuntimeException { IBootstrapAuthenticationCallback cb = null; synchronized (mCallbacks) { cb = mCallbacks.get(token); mCallbacks.remove(token); } if (cb != null) { try { cb.onAuthenticationFailure(token, reason); } catch (RemoteException exception) { throw exception.rethrowAsRuntimeException(); } } } /** @hide */ @Override public IBinder onBind(Intent intent) { if (SERVICE_INTERFACE.equals(intent.getAction())) { Log.d(TAG, "GbaService Bound."); return mBinder; } return null; } /** @hide */ @Override public void onDestroy() { mHandlerThread.quit(); super.onDestroy(); } private class IGbaServiceWrapper extends IGbaService.Stub { @Override public void authenticationRequest(GbaAuthRequest request) { if (DBG) Log.d(TAG, "receive request: " + request); mHandler.obtainMessage(EVENT_GBA_AUTH_REQUEST, request).sendToTarget(); } } }