Extract key generation logic for EAP-AKA.

am: c3e1500c8a Change-Id: Ibba0fc2759c3a8d68401053039dba3d794216f1b
author: Cody Kesting <ckesting@google.com> 2019-10-30 13:20:14 -0700
committer: android-build-merger <android-build-merger@google.com> 2019-10-30 13:20:14 -0700
commit: bbe13298e9b3dc638c9d12db1b74538a47ae9799 (patch)
tree: 144f3317c0d3daa8f67ccfa50afc3438f7918b53
parent: eedd8d2f6549ec2dee1dfcfbf0a7f96243db4c18 (diff)
parent: c3e1500c8a8fd7a77a16de3258cc8e6d00caacac (diff)
download: ike-bbe13298e9b3dc638c9d12db1b74538a47ae9799.tar.gz
2 files changed, 24 insertions, 17 deletions
diff --git a/src/java/com/android/ike/eap/statemachine/EapAkaMethodStateMachine.java b/src/java/com/android/ike/eap/statemachine/EapAkaMethodStateMachine.java
index 909a0d3a..81681014 100644
--- a/src/java/com/android/ike/eap/statemachine/EapAkaMethodStateMachine.java
+++ b/src/java/com/android/ike/eap/statemachine/EapAkaMethodStateMachine.java
@@ -36,6 +36,7 @@ import static com.android.ike.eap.message.simaka.EapSimAkaAttribute.EAP_AT_MAC;
 import static com.android.ike.eap.message.simaka.EapSimAkaAttribute.EAP_AT_PERMANENT_ID_REQ;
 import static com.android.ike.eap.message.simaka.EapSimAkaAttribute.EAP_AT_RAND;
 
+import android.annotation.Nullable;
 import android.content.Context;
 import android.telephony.TelephonyManager;
 
@@ -374,9 +375,7 @@ class EapAkaMethodStateMachine extends EapSimAkaMethodStateMachine {
             } catch (EapSimAkaInvalidLengthException | BufferUnderflowException ex) {
                 LOG.e(mTAG, "Invalid response returned from SIM", ex);
                 return buildClientErrorResponse(
-                        message.eapIdentifier,
-                        EAP_TYPE_AKA,
-                        AtClientErrorCode.UNABLE_TO_PROCESS);
+                        message.eapIdentifier, getEapMethod(), AtClientErrorCode.UNABLE_TO_PROCESS);
             } catch (EapSimAkaAuthenticationFailureException ex) {
                 // Return EAP-Response/AKA-Authentication-Reject when the AUTN is rejected
                 // (RFC 4187#6.3.1)
@@ -386,7 +385,7 @@ class EapAkaMethodStateMachine extends EapSimAkaMethodStateMachine {
             if (!result.isSuccessfulResult()) {
                 try {
                     return buildResponseMessage(
-                            EAP_TYPE_AKA,
+                            getEapMethod(),
                             EAP_AKA_SYNCHRONIZATION_FAILURE,
                             message.eapIdentifier,
                             Arrays.asList(new AtAuts(result.auts)));
@@ -396,14 +395,10 @@ class EapAkaMethodStateMachine extends EapSimAkaMethodStateMachine {
                 }
             }
 
-            try {
-                MessageDigest sha1 = MessageDigest.getInstance(MASTER_KEY_GENERATION_ALG);
-                byte[] mkInputData = getMkInputData(result);
-                generateAndPersistKeys(mTAG, sha1, new Fips186_2Prf(), mkInputData);
-            } catch (NoSuchAlgorithmException | BufferUnderflowException ex) {
-                LOG.e(mTAG, "Error while creating keys", ex);
-                return buildClientErrorResponse(
-                        message.eapIdentifier, EAP_TYPE_AKA, AtClientErrorCode.UNABLE_TO_PROCESS);
+            EapResult eapResult =
+                    generateAndPersistEapAkaKeys(result, message.eapIdentifier, eapAkaTypeData);
+            if (eapResult != null) {
+                return eapResult;
             }
 
             try {
@@ -555,6 +550,21 @@ class EapAkaMethodStateMachine extends EapSimAkaMethodStateMachine {
                     new ArrayList<>());
         }
 
+        @Nullable
+        protected EapResult generateAndPersistEapAkaKeys(
+                RandChallengeResult result, int eapIdentifier, EapAkaTypeData eapAkaTypeData) {
+            try {
+                MessageDigest sha1 = MessageDigest.getInstance(MASTER_KEY_GENERATION_ALG);
+                byte[] mkInputData = getMkInputData(result);
+                generateAndPersistKeys(mTAG, sha1, new Fips186_2Prf(), mkInputData);
+                return null;
+            } catch (NoSuchAlgorithmException | BufferUnderflowException ex) {
+                LOG.e(mTAG, "Error while creating keys", ex);
+                return buildClientErrorResponse(
+                        eapIdentifier, EAP_TYPE_AKA, AtClientErrorCode.UNABLE_TO_PROCESS);
+            }
+        }
+
         private byte[] getMkInputData(RandChallengeResult result) {
             int numInputBytes = mIdentity.length + result.ik.length + result.ck.length;
             ByteBuffer buffer = ByteBuffer.allocate(numInputBytes);
diff --git a/src/java/com/android/ike/eap/statemachine/EapSimAkaMethodStateMachine.java b/src/java/com/android/ike/eap/statemachine/EapSimAkaMethodStateMachine.java
index e792033a..38bd31a2 100644
--- a/src/java/com/android/ike/eap/statemachine/EapSimAkaMethodStateMachine.java
+++ b/src/java/com/android/ike/eap/statemachine/EapSimAkaMethodStateMachine.java
@@ -146,11 +146,8 @@ public abstract class EapSimAkaMethodStateMachine extends EapMethodStateMachine
     }
 
     @VisibleForTesting
-    void generateAndPersistKeys(
-            String tag,
-            MessageDigest sha1,
-            Fips186_2Prf prf,
-            byte[] mkInput) {
+    protected void generateAndPersistKeys(
+            String tag, MessageDigest sha1, Fips186_2Prf prf, byte[] mkInput) {
         byte[] mk = sha1.digest(mkInput);
 
         // run mk through FIPS 186-2
author	Cody Kesting <ckesting@google.com>	2019-10-30 13:20:14 -0700
committer	android-build-merger <android-build-merger@google.com>	2019-10-30 13:20:14 -0700
commit	bbe13298e9b3dc638c9d12db1b74538a47ae9799 (patch)
tree	144f3317c0d3daa8f67ccfa50afc3438f7918b53
parent	eedd8d2f6549ec2dee1dfcfbf0a7f96243db4c18 (diff)
parent	c3e1500c8a8fd7a77a16de3258cc8e6d00caacac (diff)
download	ike-bbe13298e9b3dc638c9d12db1b74538a47ae9799.tar.gz