PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[Wi-Fi] Remove unsupported EAP methods for WPA3-Enterprise 192-bit

Browse Source 
am: bde8c0a64d

Change-Id: I82e94257097ab902a72a0dc7d64ff50241938e24
This commit is contained in:
Arc Wang
2019-08-08 01:21:32 -07:00
committed by android-build-merger
parent 4f05fc52bf bde8c0a64d
commit 3e64c28534
3 changed files with 149 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
res/layout/wifi_dialog.xml
View File

@@ -138,8 +138,7 @@
android:layout_width="match_parent" android:layout_width="match_parent"
android:layout_height="wrap_content" android:layout_height="wrap_content"
style="@style/wifi_item_spinner" style="@style/wifi_item_spinner"
android:prompt="@string/wifi_eap_method" android:prompt="@string/wifi_eap_method" />
android:entries="@array/wifi_eap_method" />
</LinearLayout> </LinearLayout>
<LinearLayout android:id="@+id/l_phase2" <LinearLayout android:id="@+id/l_phase2"

210
src/com/android/settings/wifi/WifiConfigController.java
View File

@@ -179,7 +179,9 @@ public class WifiConfigController implements TextWatcher,
private TextView mSsidView; private TextView mSsidView;
private Context mContext; private Context mContext;
private Integer mSecurityInPosition[];
@VisibleForTesting
Integer mSecurityInPosition[];
private final WifiManager mWifiManager; private final WifiManager mWifiManager;
@@ -325,7 +327,7 @@ public class WifiConfigController implements TextWatcher,
if ((!mAccessPoint.isSaved() && !mAccessPoint.isActive() if ((!mAccessPoint.isSaved() && !mAccessPoint.isActive()
&& !mAccessPoint.isPasspointConfig()) && !mAccessPoint.isPasspointConfig())
|| mMode != WifiConfigUiBase.MODE_VIEW) { || mMode != WifiConfigUiBase.MODE_VIEW) {
showSecurityFields(); showSecurityFields(true /* refreshEapMethods */, true /* refreshCertificates */);
showIpConfigFields(); showIpConfigFields();
showProxyFields(); showProxyFields();
final CheckBox advancedTogglebox = final CheckBox advancedTogglebox =
@@ -956,7 +958,7 @@ public class WifiConfigController implements TextWatcher,
return 0; return 0;
} }
private void showSecurityFields() { private void showSecurityFields(boolean refreshEapMethods, boolean refreshCertificates) {
if (mAccessPointSecurity == AccessPoint.SECURITY_NONE || if (mAccessPointSecurity == AccessPoint.SECURITY_NONE ||
mAccessPointSecurity == AccessPoint.SECURITY_OWE || mAccessPointSecurity == AccessPoint.SECURITY_OWE ||
mAccessPointSecurity == AccessPoint.SECURITY_OWE_TRANSITION) { mAccessPointSecurity == AccessPoint.SECURITY_OWE_TRANSITION) {
@@ -988,16 +990,6 @@ public class WifiConfigController implements TextWatcher,
if (mEapMethodSpinner == null) { if (mEapMethodSpinner == null) {
mEapMethodSpinner = (Spinner) mView.findViewById(R.id.method); mEapMethodSpinner = (Spinner) mView.findViewById(R.id.method);
mEapMethodSpinner.setOnItemSelectedListener(this); mEapMethodSpinner.setOnItemSelectedListener(this);
if (Utils.isWifiOnly(mContext) || !mContext.getResources().getBoolean(
com.android.internal.R.bool.config_eap_sim_based_auth_supported)) {
String[] eapMethods = mContext.getResources().getStringArray(
R.array.eap_method_without_sim_auth);
ArrayAdapter<String> spinnerAdapter = new ArrayAdapter<String>(mContext,
android.R.layout.simple_spinner_item, eapMethods);
spinnerAdapter.setDropDownViewResource(
android.R.layout.simple_spinner_dropdown_item);
mEapMethodSpinner.setAdapter(spinnerAdapter);
}
mPhase2Spinner = (Spinner) mView.findViewById(R.id.phase2); mPhase2Spinner = (Spinner) mView.findViewById(R.id.phase2);
mPhase2Spinner.setOnItemSelectedListener(this); mPhase2Spinner.setOnItemSelectedListener(this);
mEapCaCertSpinner = (Spinner) mView.findViewById(R.id.ca_cert); mEapCaCertSpinner = (Spinner) mView.findViewById(R.id.ca_cert);
@@ -1008,11 +1000,36 @@ public class WifiConfigController implements TextWatcher,
mEapUserCertSpinner.setOnItemSelectedListener(this); mEapUserCertSpinner.setOnItemSelectedListener(this);
mEapIdentityView = (TextView) mView.findViewById(R.id.identity); mEapIdentityView = (TextView) mView.findViewById(R.id.identity);
mEapAnonymousView = (TextView) mView.findViewById(R.id.anonymous); mEapAnonymousView = (TextView) mView.findViewById(R.id.anonymous);
}
if (mAccessPoint != null && mAccessPoint.isCarrierAp()) { if (refreshEapMethods) {
mEapMethodSpinner.setSelection(mAccessPoint.getCarrierApEapType()); ArrayAdapter<CharSequence> eapMethodSpinnerAdapter;
if (mAccessPointSecurity == AccessPoint.SECURITY_EAP_SUITE_B) {
eapMethodSpinnerAdapter = getSpinnerAdapter(R.array.wifi_eap_method);
mEapMethodSpinner.setAdapter(eapMethodSpinnerAdapter);
// WAP3-Enterprise 192-bit only allows EAP method TLS
mEapMethodSpinner.setSelection(Eap.TLS);
mEapMethodSpinner.setEnabled(false);
} else if (Utils.isWifiOnly(mContext) || !mContext.getResources().getBoolean(
com.android.internal.R.bool.config_eap_sim_based_auth_supported)) {
eapMethodSpinnerAdapter = getSpinnerAdapter(
R.array.eap_method_without_sim_auth);
mEapMethodSpinner.setAdapter(eapMethodSpinnerAdapter);
mEapMethodSpinner.setEnabled(true);
} else {
eapMethodSpinnerAdapter = getSpinnerAdapter(R.array.wifi_eap_method);
mEapMethodSpinner.setAdapter(eapMethodSpinnerAdapter);
mEapMethodSpinner.setEnabled(true);
} }
}
if (mAccessPointSecurity != AccessPoint.SECURITY_EAP_SUITE_B
&& mAccessPoint != null
&& mAccessPoint.isCarrierAp()) {
mEapMethodSpinner.setSelection(mAccessPoint.getCarrierApEapType());
}
if (refreshCertificates) {
loadCertificates( loadCertificates(
mEapCaCertSpinner, mEapCaCertSpinner,
Credentials.CA_CERTIFICATE, Credentials.CA_CERTIFICATE,
@@ -1025,76 +1042,73 @@ public class WifiConfigController implements TextWatcher,
mDoNotProvideEapUserCertString, mDoNotProvideEapUserCertString,
false, false,
false); false);
}
// Modifying an existing network // Modifying an existing network
if (mAccessPoint != null && mAccessPoint.isSaved()) { if (mAccessPoint != null && mAccessPoint.isSaved()) {
WifiEnterpriseConfig enterpriseConfig = mAccessPoint.getConfig().enterpriseConfig; final WifiEnterpriseConfig enterpriseConfig = mAccessPoint.getConfig().enterpriseConfig;
int eapMethod = enterpriseConfig.getEapMethod(); final int eapMethod = enterpriseConfig.getEapMethod();
int phase2Method = enterpriseConfig.getPhase2Method(); final int phase2Method = enterpriseConfig.getPhase2Method();
mEapMethodSpinner.setSelection(eapMethod); mEapMethodSpinner.setSelection(eapMethod);
showEapFieldsByMethod(eapMethod); showEapFieldsByMethod(eapMethod);
switch (eapMethod) { switch (eapMethod) {
case Eap.PEAP: case Eap.PEAP:
switch (phase2Method) { switch (phase2Method) {
case Phase2.NONE: case Phase2.NONE:
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_NONE); mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_NONE);
break; break;
case Phase2.MSCHAPV2: case Phase2.MSCHAPV2:
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_MSCHAPV2); mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_MSCHAPV2);
break; break;
case Phase2.GTC: case Phase2.GTC:
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_GTC); mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_GTC);
break; break;
case Phase2.SIM: case Phase2.SIM:
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_SIM); mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_SIM);
break; break;
case Phase2.AKA: case Phase2.AKA:
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_AKA); mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_AKA);
break; break;
case Phase2.AKA_PRIME: case Phase2.AKA_PRIME:
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_AKA_PRIME); mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_AKA_PRIME);
break; break;
default: default:
Log.e(TAG, "Invalid phase 2 method " + phase2Method); Log.e(TAG, "Invalid phase 2 method " + phase2Method);
break; break;
}
break;
default:
mPhase2Spinner.setSelection(phase2Method);
break;
}
if (!TextUtils.isEmpty(enterpriseConfig.getCaPath())) {
setSelection(mEapCaCertSpinner, mUseSystemCertsString);
} else {
String[] caCerts = enterpriseConfig.getCaCertificateAliases();
if (caCerts == null) {
setSelection(mEapCaCertSpinner, mDoNotValidateEapServerString);
} else if (caCerts.length == 1) {
setSelection(mEapCaCertSpinner, caCerts[0]);
} else {
// Reload the cert spinner with an extra "multiple certificates added" item.
loadCertificates(
mEapCaCertSpinner,
Credentials.CA_CERTIFICATE,
mDoNotValidateEapServerString,
true,
true);
setSelection(mEapCaCertSpinner, mMultipleCertSetString);
} }
} break;
mEapDomainView.setText(enterpriseConfig.getDomainSuffixMatch()); default:
String userCert = enterpriseConfig.getClientCertificateAlias(); mPhase2Spinner.setSelection(phase2Method);
if (TextUtils.isEmpty(userCert)) { break;
setSelection(mEapUserCertSpinner, mDoNotProvideEapUserCertString);
} else {
setSelection(mEapUserCertSpinner, userCert);
}
mEapIdentityView.setText(enterpriseConfig.getIdentity());
mEapAnonymousView.setText(enterpriseConfig.getAnonymousIdentity());
} else {
mPhase2Spinner = (Spinner) mView.findViewById(R.id.phase2);
showEapFieldsByMethod(mEapMethodSpinner.getSelectedItemPosition());
} }
if (!TextUtils.isEmpty(enterpriseConfig.getCaPath())) {
setSelection(mEapCaCertSpinner, mUseSystemCertsString);
} else {
final String[] caCerts = enterpriseConfig.getCaCertificateAliases();
if (caCerts == null) {
setSelection(mEapCaCertSpinner, mDoNotValidateEapServerString);
} else if (caCerts.length == 1) {
setSelection(mEapCaCertSpinner, caCerts[0]);
} else {
// Reload the cert spinner with an extra "multiple certificates added" item.
loadCertificates(
mEapCaCertSpinner,
Credentials.CA_CERTIFICATE,
mDoNotValidateEapServerString,
true,
true);
setSelection(mEapCaCertSpinner, mMultipleCertSetString);
}
}
mEapDomainView.setText(enterpriseConfig.getDomainSuffixMatch());
final String userCert = enterpriseConfig.getClientCertificateAlias();
if (TextUtils.isEmpty(userCert)) {
setSelection(mEapUserCertSpinner, mDoNotProvideEapUserCertString);
} else {
setSelection(mEapUserCertSpinner, userCert);
}
mEapIdentityView.setText(enterpriseConfig.getIdentity());
mEapAnonymousView.setText(enterpriseConfig.getAnonymousIdentity());
} else { } else {
showEapFieldsByMethod(mEapMethodSpinner.getSelectedItemPosition()); showEapFieldsByMethod(mEapMethodSpinner.getSelectedItemPosition());
} }
@@ -1389,7 +1403,18 @@ public class WifiConfigController implements TextWatcher,
} catch (Exception e) { } catch (Exception e) {
Log.e(TAG, "can't get the certificate list from KeyStore"); Log.e(TAG, "can't get the certificate list from KeyStore");
} }
certs.add(noCertificateString);
if (mAccessPointSecurity != AccessPoint.SECURITY_EAP_SUITE_B) {
certs.add(noCertificateString);
}
// If there are only mUnspecifiedCertString and one item to select, only shows the item
if (certs.size() == 2) {
certs.remove(mUnspecifiedCertString);
spinner.setEnabled(false);
} else {
spinner.setEnabled(true);
}
final ArrayAdapter<String> adapter = new ArrayAdapter<String>( final ArrayAdapter<String> adapter = new ArrayAdapter<String>(
context, android.R.layout.simple_spinner_item, context, android.R.layout.simple_spinner_item,
@@ -1486,15 +1511,17 @@ public class WifiConfigController implements TextWatcher,
if (parent == mSecuritySpinner) { if (parent == mSecuritySpinner) {
// Convert menu position to actual Wi-Fi security type // Convert menu position to actual Wi-Fi security type
mAccessPointSecurity = mSecurityInPosition[position]; mAccessPointSecurity = mSecurityInPosition[position];
showSecurityFields(); showSecurityFields(true /* refreshEapMethods */, true /* refreshCertificates */);
if (WifiDppUtils.isSupportEnrolleeQrCodeScanner(mContext, mAccessPointSecurity)) { if (WifiDppUtils.isSupportEnrolleeQrCodeScanner(mContext, mAccessPointSecurity)) {
mSsidScanButton.setVisibility(View.VISIBLE); mSsidScanButton.setVisibility(View.VISIBLE);
} else { } else {
mSsidScanButton.setVisibility(View.GONE); mSsidScanButton.setVisibility(View.GONE);
} }
} else if (parent == mEapMethodSpinner || parent == mEapCaCertSpinner) { } else if (parent == mEapMethodSpinner) {
showSecurityFields(); showSecurityFields(false /* refreshEapMethods */, true /* refreshCertificates */);
} else if (parent == mEapCaCertSpinner) {
showSecurityFields(false /* refreshEapMethods */, false /* refreshCertificates */);
} else if (parent == mPhase2Spinner } else if (parent == mPhase2Spinner
&& mEapMethodSpinner.getSelectedItemPosition() == WIFI_EAP_METHOD_PEAP) { && mEapMethodSpinner.getSelectedItemPosition() == WIFI_EAP_METHOD_PEAP) {
showPeapFields(); showPeapFields();
@@ -1585,4 +1612,15 @@ public class WifiConfigController implements TextWatcher,
((CheckBox) mView.findViewById(R.id.wifi_advanced_togglebox)) ((CheckBox) mView.findViewById(R.id.wifi_advanced_togglebox))
.setOnCheckedChangeListener(this); .setOnCheckedChangeListener(this);
} }
private ArrayAdapter<CharSequence> getSpinnerAdapter(
int contentStringArrayResId) {
final String[] eapMethods = mContext.getResources().getStringArray(
contentStringArrayResId);
final ArrayAdapter<CharSequence> spinnerAdapter = new ArrayAdapter<>(mContext,
android.R.layout.simple_spinner_item, eapMethods);
spinnerAdapter.setDropDownViewResource(
android.R.layout.simple_spinner_dropdown_item);
return spinnerAdapter;
}
} }

24
tests/robotests/src/com/android/settings/wifi/WifiConfigControllerTest.java
View File

@@ -445,4 +445,28 @@ public class WifiConfigControllerTest {
WifiConfiguration config = mController.getConfig(); WifiConfiguration config = mController.getConfig();
assertThat(config.macRandomizationSetting).isEqualTo(WifiConfiguration.RANDOMIZATION_NONE); assertThat(config.macRandomizationSetting).isEqualTo(WifiConfiguration.RANDOMIZATION_NONE);
} }
@Test
public void selectSecurity_wpa3Eap192bit_eapMethodTls() {
final WifiManager wifiManager = mock(WifiManager.class);
when(wifiManager.isWpa3SuiteBSupported()).thenReturn(true);
mController = new TestWifiConfigController(mConfigUiBase, mView, null /* accessPoint */,
WifiConfigUiBase.MODE_MODIFY, wifiManager);
final Spinner securitySpinner = mView.findViewById(R.id.security);
final Spinner eapMethodSpinner = mView.findViewById(R.id.method);
int wpa3Eap192bitPosition = -1;
final int securityCount = mController.mSecurityInPosition.length;
for (int i = 0; i < securityCount; i++) {
if (mController.mSecurityInPosition[i] != null &&
mController.mSecurityInPosition[i] == AccessPoint.SECURITY_EAP_SUITE_B) {
wpa3Eap192bitPosition = i;
}
}
mController.onItemSelected(securitySpinner, null /* view */, wpa3Eap192bitPosition,
0 /* id */);
final int selectedItemPosition = eapMethodSpinner.getSelectedItemPosition();
assertThat(eapMethodSpinner.getSelectedItem().toString()).isEqualTo("TLS");
}
} }