CTA 认证 android平台 彩信/ MMS 受控原理

文章目录

背景

CTA:China Type Approval,即工信部的入网认证测试

彩信受控

Android 平台中 彩信受控的原理是对经过彩信网关的数据包进行丢包操作
基本原理是netd 控制iptables 过滤彩信网关数据包

彩信网关

“10.0.0.172”  # 中国移动, 中国联通 彩信网关
“10.0.0.200” # 中国电信 彩信网关

App端控制

    private static void enableApps(String funName, String uids) {
        Log.i(L.DATA_TAG, "uid:" + uids);
        synchronized (mConn) {
            if (!mConnected) {
                connectToSocket();
            }
            String cmdString = makeCommand("bandwidth", funName, uids);
            byte[] buf = new byte[BUF_SIZE];
            try {
                mOutStream.write(cmdString.getBytes());
                mOutStream.flush();
                int length = mInStream.read(buf, 0, BUF_SIZE);
                if (length > 0) {
                    final String inMsg = new String(buf, 0, length, StandardCharsets.UTF_8);
                    Log.i(L.DATA_TAG, "input:" + inMsg);
                } else {
                    Log.e(L.DATA_TAG, "input length :" + length);
                }
            } catch (IOException ex) {
                Log.e(L.DATA_TAG, "exception when write to socket");
            } finally {
                if (mOutStream != null) {
                    try {
                        mOutStream.close();
                    } catch (IOException e) {
                        Log.e(L.DATA_TAG, "closing OutStream error: " + e);
                    }
                    mOutStream = null;
                    if (mInStream != null) {
                        try {
                            mInStream.close();
                        } catch (IOException e) {
                            Log.e(L.DATA_TAG, "closing InStream error: " + e);
                        }
                        mInStream = null;
                    }
                }
                closeSocket();
            }
        }
    }

netd 控制

const char *DataCtl::IPTABLES_PATH = "/system/bin/iptables";
const char *DataCtl::IP6TABLES_PATH = "/system/bin/ip6tables";

bool DataCtl::enableMms(char *blackListUids) {
	ALOGI("%s: start with ", __FUNCTION__);
	std::string name = "blacklist-mms";
	if (blackListUids == NULL) {
		ALOGE("enableMms NULL point exit!");
		return false;
	}

	int res = prepare(name);
	if (!res) {
		ALOGE("enableMms res: %d, prepare failed exit!", res);
		return false;
	}
	char *outer_ptr = NULL;
	char *s = strtok_r(blackListUids, "|", &outer_ptr);
	std::string iptCmd = "";
	while (s) {
		ALOGE("current uid is :%s", s);
		iptCmd = "-A " + name + " -m owner --uid-owner " + std::string(s)
				+ " -d 10.0.0.200 -j DROP";
		res = runIptablesCmd(iptCmd.c_str(), IptIpV4);
		if (res) {
			ALOGE("enableMms res: %d, 200 exit!", res);
			return false;
		}

		iptCmd = "-A " + name + " -m owner --uid-owner " + std::string(s)
				+ " -d 10.0.0.172 -j DROP";
		res = runIptablesCmd(iptCmd.c_str(), IptIpV4);
		if (res) {
			ALOGE("enableMms res: %d, 172 exit!", res);
			return false;
		}
		s = strtok_r(NULL, "|", &outer_ptr);
	}

	return 0;
}

简单讲解

以上为Android 10 之前 高通的工作原理。app通过socket与framework的netd服务进行通信
在Android 10之后 netd 的工作原理发生了变化. 需要根据android 平台定义的新协议进行交互
Android 10中netd 服务也采用了通用的binder与app进行通信

# android
Logo
华为云开发者联盟

为开发者提供学习成长、分享交流、生态实践、资源工具等服务,帮助开发者快速成长。

更多推荐

cover

【重磅】华为云盘古大模型5.0,正式发布!

avatar 华为云开发者联盟
cover

中图科信携手华为云打造“思瓜LUFFA AI”首次亮相华为开发者大会

avatar 华为云开发者联盟
cover

盘古媒体大模型,重塑媒体产业生产力

avatar 华为云开发者联盟