xs-android13
/
packages
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
packages/modules/Wifi/service/java/com/android/server/wifi/MacAddressUtil.java

160 lines
6.5 KiB
Java
Raw Permalink Normal View History

android 13 from xiaosuan
2025-08-25 08:38:42 +08:00
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.server.wifi;
import android.net.MacAddress;
import android.security.keystore.AndroidKeyStoreProvider;
import android.security.keystore.BackendBusyException;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProperties;
import android.util.Log;
import com.android.modules.utils.build.SdkLevel;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.ProviderException;
import java.security.UnrecoverableKeyException;
import java.util.Arrays;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
/**
* Contains helper methods to support MAC randomization.
*/
public class MacAddressUtil {
private static final String TAG = "MacAddressUtil";
private static final String MAC_RANDOMIZATION_ALIAS = "MacRandSecret";
private static final String MAC_RANDOMIZATION_SAP_ALIAS = "MacRandSapSecret";
private static final long MAC_ADDRESS_VALID_LONG_MASK = (1L << 48) - 1;
private static final long MAC_ADDRESS_LOCALLY_ASSIGNED_MASK = 1L << 41;
private static final long MAC_ADDRESS_MULTICAST_MASK = 1L << 40;
/**
* Computes the persistent randomized MAC using the given key and hash function.
* @param key the key to compute MAC address for
* @param hashFunction the hash function that will perform the MAC address computation.
* @return The persistent randomized MAC address or null if inputs are invalid.
*/
public MacAddress calculatePersistentMac(String key, Mac hashFunction) {
if (key == null || hashFunction == null) {
return null;
}
byte[] hashedBytes;
try {
hashedBytes = hashFunction.doFinal(key.getBytes(StandardCharsets.UTF_8));
} catch (ProviderException | IllegalStateException e) {
Log.e(TAG, "Failure in calculatePersistentMac", e);
return null;
}
ByteBuffer bf = ByteBuffer.wrap(hashedBytes);
long longFromSsid = bf.getLong();
/**
* Masks the generated long so that it represents a valid randomized MAC address.
* Specifically, this sets the locally assigned bit to 1, multicast bit to 0
*/
longFromSsid &= MAC_ADDRESS_VALID_LONG_MASK;
longFromSsid |= MAC_ADDRESS_LOCALLY_ASSIGNED_MASK;
longFromSsid &= ~MAC_ADDRESS_MULTICAST_MASK;
bf.clear();
bf.putLong(0, longFromSsid);
// MacAddress.fromBytes requires input of length 6, which is obtained from the
// last 6 bytes from the generated long.
MacAddress macAddress = MacAddress.fromBytes(Arrays.copyOfRange(bf.array(), 2, 8));
return macAddress;
}
private Mac obtainMacRandHashFunctionInternal(int uid, String alias) {
try {
KeyStore keyStore = AndroidKeyStoreProvider.getKeyStoreForUid(uid);
// tries to retrieve the secret, and generate a new one if it's unavailable.
Key key = keyStore.getKey(alias, null);
if (key == null) {
key = generateAndPersistNewMacRandomizationSecret(uid, alias);
}
if (key == null) {
Log.e(TAG, "Failed to generate secret for " + alias);
return null;
}
Mac result = Mac.getInstance("HmacSHA256");
result.init(key);
return result;
} catch (KeyStoreException | NoSuchAlgorithmException | InvalidKeyException
| UnrecoverableKeyException | NoSuchProviderException e) {
Log.e(TAG, "Failure in obtainMacRandHashFunction", e);
return null;
} catch (Exception e) {
if (SdkLevel.isAtLeastS() && e instanceof BackendBusyException) {
Log.e(TAG, "Failure in obtainMacRandHashFunction", e);
return null;
}
Log.e(TAG, "Unexpected exception caught in obtainMacRandHashFunction", e);
throw e;
}
}
/**
* Retrieves a Hash function that could be used to calculate the persistent randomized MAC
* for a WifiConfiguration for client mode.
* @param uid the UID of the KeyStore to get the secret of the hash function from.
*/
public Mac obtainMacRandHashFunction(int uid) {
return obtainMacRandHashFunctionInternal(uid, MAC_RANDOMIZATION_ALIAS);
}
/**
* Retrieves a Hash function that could be used to calculate the persistent randomized MAC
* for a WifiConfiguration for Soft AP.
* @param uid the UID of the KeyStore to get the secret of the hash function from.
*/
public Mac obtainMacRandHashFunctionForSap(int uid) {
return obtainMacRandHashFunctionInternal(uid, MAC_RANDOMIZATION_SAP_ALIAS);
}
/**
* Generates and returns a secret key to use for Mac randomization.
* Will also persist the generated secret inside KeyStore, accessible in the
* future with KeyGenerator#getKey.
*/
private SecretKey generateAndPersistNewMacRandomizationSecret(int uid, String alias) {
try {
KeyGenerator keyGenerator = KeyGenerator.getInstance(
KeyProperties.KEY_ALGORITHM_HMAC_SHA256, "AndroidKeyStore");
keyGenerator.init(
new KeyGenParameterSpec.Builder(alias,
KeyProperties.PURPOSE_SIGN)
.setUid(uid)
.build());
return keyGenerator.generateKey();
} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
| NoSuchProviderException | ProviderException e) {
Log.e(TAG, "Failure in generateMacRandomizationSecret", e);
return null;
}
}
}