[Wi-Fi] Remove unsupported EAP methods for WPA3-Enterprise 192-bit
am: bde8c0a64d
Change-Id: I82e94257097ab902a72a0dc7d64ff50241938e24
This commit is contained in:
Arc Wang
android-build-merger
@@ -138,8 +138,7 @@
|
||||
android:layout_width="match_parent"
|
||||
android:layout_height="wrap_content"
|
||||
style="@style/wifi_item_spinner"
|
||||
android:prompt="@string/wifi_eap_method"
|
||||
android:entries="@array/wifi_eap_method" />
|
||||
android:prompt="@string/wifi_eap_method" />
|
||||
</LinearLayout>
|
||||
|
||||
<LinearLayout android:id="@+id/l_phase2"
|
||||
|
||||
@@ -179,7 +179,9 @@ public class WifiConfigController implements TextWatcher,
|
||||
private TextView mSsidView;
|
||||
|
||||
private Context mContext;
|
||||
private Integer mSecurityInPosition[];
|
||||
|
||||
@VisibleForTesting
|
||||
Integer mSecurityInPosition[];
|
||||
|
||||
private final WifiManager mWifiManager;
|
||||
|
||||
@@ -325,7 +327,7 @@ public class WifiConfigController implements TextWatcher,
|
||||
if ((!mAccessPoint.isSaved() && !mAccessPoint.isActive()
|
||||
&& !mAccessPoint.isPasspointConfig())
|
||||
|| mMode != WifiConfigUiBase.MODE_VIEW) {
|
||||
showSecurityFields();
|
||||
showSecurityFields(true /* refreshEapMethods */, true /* refreshCertificates */);
|
||||
showIpConfigFields();
|
||||
showProxyFields();
|
||||
final CheckBox advancedTogglebox =
|
||||
@@ -956,7 +958,7 @@ public class WifiConfigController implements TextWatcher,
|
||||
return 0;
|
||||
}
|
||||
|
||||
private void showSecurityFields() {
|
||||
private void showSecurityFields(boolean refreshEapMethods, boolean refreshCertificates) {
|
||||
if (mAccessPointSecurity == AccessPoint.SECURITY_NONE ||
|
||||
mAccessPointSecurity == AccessPoint.SECURITY_OWE ||
|
||||
mAccessPointSecurity == AccessPoint.SECURITY_OWE_TRANSITION) {
|
||||
@@ -988,16 +990,6 @@ public class WifiConfigController implements TextWatcher,
|
||||
if (mEapMethodSpinner == null) {
|
||||
mEapMethodSpinner = (Spinner) mView.findViewById(R.id.method);
|
||||
mEapMethodSpinner.setOnItemSelectedListener(this);
|
||||
if (Utils.isWifiOnly(mContext) || !mContext.getResources().getBoolean(
|
||||
com.android.internal.R.bool.config_eap_sim_based_auth_supported)) {
|
||||
String[] eapMethods = mContext.getResources().getStringArray(
|
||||
R.array.eap_method_without_sim_auth);
|
||||
ArrayAdapter<String> spinnerAdapter = new ArrayAdapter<String>(mContext,
|
||||
android.R.layout.simple_spinner_item, eapMethods);
|
||||
spinnerAdapter.setDropDownViewResource(
|
||||
android.R.layout.simple_spinner_dropdown_item);
|
||||
mEapMethodSpinner.setAdapter(spinnerAdapter);
|
||||
}
|
||||
mPhase2Spinner = (Spinner) mView.findViewById(R.id.phase2);
|
||||
mPhase2Spinner.setOnItemSelectedListener(this);
|
||||
mEapCaCertSpinner = (Spinner) mView.findViewById(R.id.ca_cert);
|
||||
@@ -1008,11 +1000,36 @@ public class WifiConfigController implements TextWatcher,
|
||||
mEapUserCertSpinner.setOnItemSelectedListener(this);
|
||||
mEapIdentityView = (TextView) mView.findViewById(R.id.identity);
|
||||
mEapAnonymousView = (TextView) mView.findViewById(R.id.anonymous);
|
||||
}
|
||||
|
||||
if (mAccessPoint != null && mAccessPoint.isCarrierAp()) {
|
||||
mEapMethodSpinner.setSelection(mAccessPoint.getCarrierApEapType());
|
||||
if (refreshEapMethods) {
|
||||
ArrayAdapter<CharSequence> eapMethodSpinnerAdapter;
|
||||
if (mAccessPointSecurity == AccessPoint.SECURITY_EAP_SUITE_B) {
|
||||
eapMethodSpinnerAdapter = getSpinnerAdapter(R.array.wifi_eap_method);
|
||||
mEapMethodSpinner.setAdapter(eapMethodSpinnerAdapter);
|
||||
// WAP3-Enterprise 192-bit only allows EAP method TLS
|
||||
mEapMethodSpinner.setSelection(Eap.TLS);
|
||||
mEapMethodSpinner.setEnabled(false);
|
||||
} else if (Utils.isWifiOnly(mContext) || !mContext.getResources().getBoolean(
|
||||
com.android.internal.R.bool.config_eap_sim_based_auth_supported)) {
|
||||
eapMethodSpinnerAdapter = getSpinnerAdapter(
|
||||
R.array.eap_method_without_sim_auth);
|
||||
mEapMethodSpinner.setAdapter(eapMethodSpinnerAdapter);
|
||||
mEapMethodSpinner.setEnabled(true);
|
||||
} else {
|
||||
eapMethodSpinnerAdapter = getSpinnerAdapter(R.array.wifi_eap_method);
|
||||
mEapMethodSpinner.setAdapter(eapMethodSpinnerAdapter);
|
||||
mEapMethodSpinner.setEnabled(true);
|
||||
}
|
||||
}
|
||||
|
||||
if (mAccessPointSecurity != AccessPoint.SECURITY_EAP_SUITE_B
|
||||
&& mAccessPoint != null
|
||||
&& mAccessPoint.isCarrierAp()) {
|
||||
mEapMethodSpinner.setSelection(mAccessPoint.getCarrierApEapType());
|
||||
}
|
||||
|
||||
if (refreshCertificates) {
|
||||
loadCertificates(
|
||||
mEapCaCertSpinner,
|
||||
Credentials.CA_CERTIFICATE,
|
||||
@@ -1025,76 +1042,73 @@ public class WifiConfigController implements TextWatcher,
|
||||
mDoNotProvideEapUserCertString,
|
||||
false,
|
||||
false);
|
||||
}
|
||||
|
||||
// Modifying an existing network
|
||||
if (mAccessPoint != null && mAccessPoint.isSaved()) {
|
||||
WifiEnterpriseConfig enterpriseConfig = mAccessPoint.getConfig().enterpriseConfig;
|
||||
int eapMethod = enterpriseConfig.getEapMethod();
|
||||
int phase2Method = enterpriseConfig.getPhase2Method();
|
||||
mEapMethodSpinner.setSelection(eapMethod);
|
||||
showEapFieldsByMethod(eapMethod);
|
||||
switch (eapMethod) {
|
||||
case Eap.PEAP:
|
||||
switch (phase2Method) {
|
||||
case Phase2.NONE:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_NONE);
|
||||
break;
|
||||
case Phase2.MSCHAPV2:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_MSCHAPV2);
|
||||
break;
|
||||
case Phase2.GTC:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_GTC);
|
||||
break;
|
||||
case Phase2.SIM:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_SIM);
|
||||
break;
|
||||
case Phase2.AKA:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_AKA);
|
||||
break;
|
||||
case Phase2.AKA_PRIME:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_AKA_PRIME);
|
||||
break;
|
||||
default:
|
||||
Log.e(TAG, "Invalid phase 2 method " + phase2Method);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
mPhase2Spinner.setSelection(phase2Method);
|
||||
break;
|
||||
}
|
||||
if (!TextUtils.isEmpty(enterpriseConfig.getCaPath())) {
|
||||
setSelection(mEapCaCertSpinner, mUseSystemCertsString);
|
||||
} else {
|
||||
String[] caCerts = enterpriseConfig.getCaCertificateAliases();
|
||||
if (caCerts == null) {
|
||||
setSelection(mEapCaCertSpinner, mDoNotValidateEapServerString);
|
||||
} else if (caCerts.length == 1) {
|
||||
setSelection(mEapCaCertSpinner, caCerts[0]);
|
||||
} else {
|
||||
// Reload the cert spinner with an extra "multiple certificates added" item.
|
||||
loadCertificates(
|
||||
mEapCaCertSpinner,
|
||||
Credentials.CA_CERTIFICATE,
|
||||
mDoNotValidateEapServerString,
|
||||
true,
|
||||
true);
|
||||
setSelection(mEapCaCertSpinner, mMultipleCertSetString);
|
||||
// Modifying an existing network
|
||||
if (mAccessPoint != null && mAccessPoint.isSaved()) {
|
||||
final WifiEnterpriseConfig enterpriseConfig = mAccessPoint.getConfig().enterpriseConfig;
|
||||
final int eapMethod = enterpriseConfig.getEapMethod();
|
||||
final int phase2Method = enterpriseConfig.getPhase2Method();
|
||||
mEapMethodSpinner.setSelection(eapMethod);
|
||||
showEapFieldsByMethod(eapMethod);
|
||||
switch (eapMethod) {
|
||||
case Eap.PEAP:
|
||||
switch (phase2Method) {
|
||||
case Phase2.NONE:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_NONE);
|
||||
break;
|
||||
case Phase2.MSCHAPV2:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_MSCHAPV2);
|
||||
break;
|
||||
case Phase2.GTC:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_GTC);
|
||||
break;
|
||||
case Phase2.SIM:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_SIM);
|
||||
break;
|
||||
case Phase2.AKA:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_AKA);
|
||||
break;
|
||||
case Phase2.AKA_PRIME:
|
||||
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_AKA_PRIME);
|
||||
break;
|
||||
default:
|
||||
Log.e(TAG, "Invalid phase 2 method " + phase2Method);
|
||||
break;
|
||||
}
|
||||
}
|
||||
mEapDomainView.setText(enterpriseConfig.getDomainSuffixMatch());
|
||||
String userCert = enterpriseConfig.getClientCertificateAlias();
|
||||
if (TextUtils.isEmpty(userCert)) {
|
||||
setSelection(mEapUserCertSpinner, mDoNotProvideEapUserCertString);
|
||||
} else {
|
||||
setSelection(mEapUserCertSpinner, userCert);
|
||||
}
|
||||
mEapIdentityView.setText(enterpriseConfig.getIdentity());
|
||||
mEapAnonymousView.setText(enterpriseConfig.getAnonymousIdentity());
|
||||
} else {
|
||||
mPhase2Spinner = (Spinner) mView.findViewById(R.id.phase2);
|
||||
showEapFieldsByMethod(mEapMethodSpinner.getSelectedItemPosition());
|
||||
break;
|
||||
default:
|
||||
mPhase2Spinner.setSelection(phase2Method);
|
||||
break;
|
||||
}
|
||||
if (!TextUtils.isEmpty(enterpriseConfig.getCaPath())) {
|
||||
setSelection(mEapCaCertSpinner, mUseSystemCertsString);
|
||||
} else {
|
||||
final String[] caCerts = enterpriseConfig.getCaCertificateAliases();
|
||||
if (caCerts == null) {
|
||||
setSelection(mEapCaCertSpinner, mDoNotValidateEapServerString);
|
||||
} else if (caCerts.length == 1) {
|
||||
setSelection(mEapCaCertSpinner, caCerts[0]);
|
||||
} else {
|
||||
// Reload the cert spinner with an extra "multiple certificates added" item.
|
||||
loadCertificates(
|
||||
mEapCaCertSpinner,
|
||||
Credentials.CA_CERTIFICATE,
|
||||
mDoNotValidateEapServerString,
|
||||
true,
|
||||
true);
|
||||
setSelection(mEapCaCertSpinner, mMultipleCertSetString);
|
||||
}
|
||||
}
|
||||
mEapDomainView.setText(enterpriseConfig.getDomainSuffixMatch());
|
||||
final String userCert = enterpriseConfig.getClientCertificateAlias();
|
||||
if (TextUtils.isEmpty(userCert)) {
|
||||
setSelection(mEapUserCertSpinner, mDoNotProvideEapUserCertString);
|
||||
} else {
|
||||
setSelection(mEapUserCertSpinner, userCert);
|
||||
}
|
||||
mEapIdentityView.setText(enterpriseConfig.getIdentity());
|
||||
mEapAnonymousView.setText(enterpriseConfig.getAnonymousIdentity());
|
||||
} else {
|
||||
showEapFieldsByMethod(mEapMethodSpinner.getSelectedItemPosition());
|
||||
}
|
||||
@@ -1389,7 +1403,18 @@ public class WifiConfigController implements TextWatcher,
|
||||
} catch (Exception e) {
|
||||
Log.e(TAG, "can't get the certificate list from KeyStore");
|
||||
}
|
||||
certs.add(noCertificateString);
|
||||
|
||||
if (mAccessPointSecurity != AccessPoint.SECURITY_EAP_SUITE_B) {
|
||||
certs.add(noCertificateString);
|
||||
}
|
||||
|
||||
// If there are only mUnspecifiedCertString and one item to select, only shows the item
|
||||
if (certs.size() == 2) {
|
||||
certs.remove(mUnspecifiedCertString);
|
||||
spinner.setEnabled(false);
|
||||
} else {
|
||||
spinner.setEnabled(true);
|
||||
}
|
||||
|
||||
final ArrayAdapter<String> adapter = new ArrayAdapter<String>(
|
||||
context, android.R.layout.simple_spinner_item,
|
||||
@@ -1486,15 +1511,17 @@ public class WifiConfigController implements TextWatcher,
|
||||
if (parent == mSecuritySpinner) {
|
||||
// Convert menu position to actual Wi-Fi security type
|
||||
mAccessPointSecurity = mSecurityInPosition[position];
|
||||
showSecurityFields();
|
||||
showSecurityFields(true /* refreshEapMethods */, true /* refreshCertificates */);
|
||||
|
||||
if (WifiDppUtils.isSupportEnrolleeQrCodeScanner(mContext, mAccessPointSecurity)) {
|
||||
mSsidScanButton.setVisibility(View.VISIBLE);
|
||||
} else {
|
||||
mSsidScanButton.setVisibility(View.GONE);
|
||||
}
|
||||
} else if (parent == mEapMethodSpinner || parent == mEapCaCertSpinner) {
|
||||
showSecurityFields();
|
||||
} else if (parent == mEapMethodSpinner) {
|
||||
showSecurityFields(false /* refreshEapMethods */, true /* refreshCertificates */);
|
||||
} else if (parent == mEapCaCertSpinner) {
|
||||
showSecurityFields(false /* refreshEapMethods */, false /* refreshCertificates */);
|
||||
} else if (parent == mPhase2Spinner
|
||||
&& mEapMethodSpinner.getSelectedItemPosition() == WIFI_EAP_METHOD_PEAP) {
|
||||
showPeapFields();
|
||||
@@ -1585,4 +1612,15 @@ public class WifiConfigController implements TextWatcher,
|
||||
((CheckBox) mView.findViewById(R.id.wifi_advanced_togglebox))
|
||||
.setOnCheckedChangeListener(this);
|
||||
}
|
||||
|
||||
private ArrayAdapter<CharSequence> getSpinnerAdapter(
|
||||
int contentStringArrayResId) {
|
||||
final String[] eapMethods = mContext.getResources().getStringArray(
|
||||
contentStringArrayResId);
|
||||
final ArrayAdapter<CharSequence> spinnerAdapter = new ArrayAdapter<>(mContext,
|
||||
android.R.layout.simple_spinner_item, eapMethods);
|
||||
spinnerAdapter.setDropDownViewResource(
|
||||
android.R.layout.simple_spinner_dropdown_item);
|
||||
return spinnerAdapter;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -445,4 +445,28 @@ public class WifiConfigControllerTest {
|
||||
WifiConfiguration config = mController.getConfig();
|
||||
assertThat(config.macRandomizationSetting).isEqualTo(WifiConfiguration.RANDOMIZATION_NONE);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void selectSecurity_wpa3Eap192bit_eapMethodTls() {
|
||||
final WifiManager wifiManager = mock(WifiManager.class);
|
||||
when(wifiManager.isWpa3SuiteBSupported()).thenReturn(true);
|
||||
mController = new TestWifiConfigController(mConfigUiBase, mView, null /* accessPoint */,
|
||||
WifiConfigUiBase.MODE_MODIFY, wifiManager);
|
||||
final Spinner securitySpinner = mView.findViewById(R.id.security);
|
||||
final Spinner eapMethodSpinner = mView.findViewById(R.id.method);
|
||||
int wpa3Eap192bitPosition = -1;
|
||||
final int securityCount = mController.mSecurityInPosition.length;
|
||||
for (int i = 0; i < securityCount; i++) {
|
||||
if (mController.mSecurityInPosition[i] != null &&
|
||||
mController.mSecurityInPosition[i] == AccessPoint.SECURITY_EAP_SUITE_B) {
|
||||
wpa3Eap192bitPosition = i;
|
||||
}
|
||||
}
|
||||
|
||||
mController.onItemSelected(securitySpinner, null /* view */, wpa3Eap192bitPosition,
|
||||
0 /* id */);
|
||||
|
||||
final int selectedItemPosition = eapMethodSpinner.getSelectedItemPosition();
|
||||
assertThat(eapMethodSpinner.getSelectedItem().toString()).isEqualTo("TLS");
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user