packages/apps/Settings: Add logic and strings to support WPA3 and OWE
Add and update Wi-Fi security strings, and add logic to enable WPA3 and OWE. Modified WPA2-PSK to WPA2-Personal, and added WPA3-Personal, Enhanced Open and WPA3-Enterprise. Bug: 112195778 Test: Basic functional tests Change-Id: Ia97761a7f0a9e2fee768dfaf3578a2f1090d29c6
This commit is contained in:
Hai Shalom
@@ -215,10 +215,12 @@
|
|||||||
<string-array name="wifi_security">
|
<string-array name="wifi_security">
|
||||||
<!-- The Wi-Fi network does not have any security. -->
|
<!-- The Wi-Fi network does not have any security. -->
|
||||||
<item>@string/wifi_security_none</item>
|
<item>@string/wifi_security_none</item>
|
||||||
|
<item translatable="false">@string/wifi_security_owe</item>
|
||||||
<item translatable="false">@string/wifi_security_wep</item>
|
<item translatable="false">@string/wifi_security_wep</item>
|
||||||
<item translatable="false">@string/wifi_security_psk_generic</item>
|
<item translatable="false">@string/wifi_security_psk_generic</item>
|
||||||
|
<item translatable="false">@string/wifi_security_sae</item>
|
||||||
<item translatable="false">@string/wifi_security_eap</item>
|
<item translatable="false">@string/wifi_security_eap</item>
|
||||||
|
<item translatable="false">@string/wifi_security_eap_suiteb</item>
|
||||||
</string-array>
|
</string-array>
|
||||||
|
|
||||||
<!-- Match this with the constants in AccessPoint. --> <skip />
|
<!-- Match this with the constants in AccessPoint. --> <skip />
|
||||||
@@ -228,6 +230,7 @@
|
|||||||
<item>@string/wifi_security_none</item>
|
<item>@string/wifi_security_none</item>
|
||||||
<item translatable="false">@string/wifi_security_wep</item>
|
<item translatable="false">@string/wifi_security_wep</item>
|
||||||
<item translatable="false">@string/wifi_security_psk_generic</item>
|
<item translatable="false">@string/wifi_security_psk_generic</item>
|
||||||
|
<item translatable="false">@string/wifi_security_sae</item>
|
||||||
</string-array>
|
</string-array>
|
||||||
|
|
||||||
<!-- Security types for wireless tether -->
|
<!-- Security types for wireless tether -->
|
||||||
|
|||||||
@@ -454,6 +454,13 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
boolean isValidSaePassword(String password) {
|
||||||
|
if (password.length() >= 1 && password.length() <= 63) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
boolean isSubmittable() {
|
boolean isSubmittable() {
|
||||||
boolean enabled = false;
|
boolean enabled = false;
|
||||||
boolean passwordInvalid = false;
|
boolean passwordInvalid = false;
|
||||||
@@ -461,7 +468,9 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
&& ((mAccessPointSecurity == AccessPoint.SECURITY_WEP
|
&& ((mAccessPointSecurity == AccessPoint.SECURITY_WEP
|
||||||
&& mPasswordView.length() == 0)
|
&& mPasswordView.length() == 0)
|
||||||
|| (mAccessPointSecurity == AccessPoint.SECURITY_PSK
|
|| (mAccessPointSecurity == AccessPoint.SECURITY_PSK
|
||||||
&& !isValidPsk(mPasswordView.getText().toString())))) {
|
&& !isValidPsk(mPasswordView.getText().toString()))
|
||||||
|
|| (mAccessPointSecurity == AccessPoint.SECURITY_SAE
|
||||||
|
&& !isValidSaePassword(mPasswordView.getText().toString())))) {
|
||||||
passwordInvalid = true;
|
passwordInvalid = true;
|
||||||
}
|
}
|
||||||
if ((mSsidView != null && mSsidView.length() == 0)
|
if ((mSsidView != null && mSsidView.length() == 0)
|
||||||
@@ -475,7 +484,9 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
} else {
|
} else {
|
||||||
enabled = ipAndProxyFieldsAreValid();
|
enabled = ipAndProxyFieldsAreValid();
|
||||||
}
|
}
|
||||||
if (mAccessPointSecurity == AccessPoint.SECURITY_EAP && mEapCaCertSpinner != null
|
if ((mAccessPointSecurity == AccessPoint.SECURITY_EAP ||
|
||||||
|
mAccessPointSecurity == AccessPoint.SECURITY_EAP_SUITE_B)
|
||||||
|
&& mEapCaCertSpinner != null
|
||||||
&& mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
&& mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
||||||
String caCertSelection = (String) mEapCaCertSpinner.getSelectedItem();
|
String caCertSelection = (String) mEapCaCertSpinner.getSelectedItem();
|
||||||
if (caCertSelection.equals(mUnspecifiedCertString)) {
|
if (caCertSelection.equals(mUnspecifiedCertString)) {
|
||||||
@@ -492,7 +503,9 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
enabled = false;
|
enabled = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (mAccessPointSecurity == AccessPoint.SECURITY_EAP && mEapUserCertSpinner != null
|
if ((mAccessPointSecurity == AccessPoint.SECURITY_EAP ||
|
||||||
|
mAccessPointSecurity == AccessPoint.SECURITY_EAP_SUITE_B)
|
||||||
|
&& mEapUserCertSpinner != null
|
||||||
&& mView.findViewById(R.id.l_user_cert).getVisibility() != View.GONE
|
&& mView.findViewById(R.id.l_user_cert).getVisibility() != View.GONE
|
||||||
&& mEapUserCertSpinner.getSelectedItem().equals(mUnspecifiedCertString)) {
|
&& mEapUserCertSpinner.getSelectedItem().equals(mUnspecifiedCertString)) {
|
||||||
// Disallow submit if the user has not selected a user certificate for an EAP network
|
// Disallow submit if the user has not selected a user certificate for an EAP network
|
||||||
@@ -590,8 +603,18 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case AccessPoint.SECURITY_EAP:
|
case AccessPoint.SECURITY_EAP:
|
||||||
|
case AccessPoint.SECURITY_EAP_SUITE_B:
|
||||||
config.allowedKeyManagement.set(KeyMgmt.WPA_EAP);
|
config.allowedKeyManagement.set(KeyMgmt.WPA_EAP);
|
||||||
config.allowedKeyManagement.set(KeyMgmt.IEEE8021X);
|
config.allowedKeyManagement.set(KeyMgmt.IEEE8021X);
|
||||||
|
if (mAccessPointSecurity == AccessPoint.SECURITY_EAP_SUITE_B) {
|
||||||
|
config.allowedKeyManagement.set(KeyMgmt.SUITE_B_192);
|
||||||
|
config.requirePMF = true;
|
||||||
|
config.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.GCMP_256);
|
||||||
|
config.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.GCMP_256);
|
||||||
|
config.allowedGroupMgmtCiphers.set(WifiConfiguration.GroupMgmtCipher
|
||||||
|
.BIP_GMAC_256);
|
||||||
|
config.allowedSuiteBCiphers.set(WifiConfiguration.SuiteBCipher.ECDHE_RSA);
|
||||||
|
}
|
||||||
config.enterpriseConfig = new WifiEnterpriseConfig();
|
config.enterpriseConfig = new WifiEnterpriseConfig();
|
||||||
int eapMethod = mEapMethodSpinner.getSelectedItemPosition();
|
int eapMethod = mEapMethodSpinner.getSelectedItemPosition();
|
||||||
int phase2Method = mPhase2Spinner.getSelectedItemPosition();
|
int phase2Method = mPhase2Spinner.getSelectedItemPosition();
|
||||||
@@ -700,6 +723,20 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
config.enterpriseConfig.setPassword(mPasswordView.getText().toString());
|
config.enterpriseConfig.setPassword(mPasswordView.getText().toString());
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
case AccessPoint.SECURITY_SAE:
|
||||||
|
config.allowedKeyManagement.set(KeyMgmt.SAE);
|
||||||
|
config.requirePMF = true;
|
||||||
|
if (mPasswordView.length() != 0) {
|
||||||
|
String password = mPasswordView.getText().toString();
|
||||||
|
config.preSharedKey = '"' + password + '"';
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
|
||||||
|
case AccessPoint.SECURITY_OWE:
|
||||||
|
config.allowedKeyManagement.set(KeyMgmt.OWE);
|
||||||
|
config.requirePMF = true;
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
@@ -851,7 +888,8 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
}
|
}
|
||||||
|
|
||||||
private void showSecurityFields() {
|
private void showSecurityFields() {
|
||||||
if (mAccessPointSecurity == AccessPoint.SECURITY_NONE) {
|
if (mAccessPointSecurity == AccessPoint.SECURITY_NONE ||
|
||||||
|
mAccessPointSecurity == AccessPoint.SECURITY_OWE) {
|
||||||
mView.findViewById(R.id.security_fields).setVisibility(View.GONE);
|
mView.findViewById(R.id.security_fields).setVisibility(View.GONE);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -870,7 +908,8 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (mAccessPointSecurity != AccessPoint.SECURITY_EAP) {
|
if (mAccessPointSecurity != AccessPoint.SECURITY_EAP &&
|
||||||
|
mAccessPointSecurity != AccessPoint.SECURITY_EAP_SUITE_B) {
|
||||||
mView.findViewById(R.id.eap).setVisibility(View.GONE);
|
mView.findViewById(R.id.eap).setVisibility(View.GONE);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -488,7 +488,8 @@ public class WifiSettings extends RestrictedSettingsFragment
|
|||||||
menu.add(Menu.NONE, MENU_ID_MODIFY, 0, R.string.wifi_menu_modify);
|
menu.add(Menu.NONE, MENU_ID_MODIFY, 0, R.string.wifi_menu_modify);
|
||||||
NfcAdapter nfcAdapter = NfcAdapter.getDefaultAdapter(getActivity());
|
NfcAdapter nfcAdapter = NfcAdapter.getDefaultAdapter(getActivity());
|
||||||
if (nfcAdapter != null && nfcAdapter.isEnabled() &&
|
if (nfcAdapter != null && nfcAdapter.isEnabled() &&
|
||||||
mSelectedAccessPoint.getSecurity() != AccessPoint.SECURITY_NONE) {
|
(!(mSelectedAccessPoint.getSecurity() == AccessPoint.SECURITY_NONE) ||
|
||||||
|
(mSelectedAccessPoint.getSecurity() == AccessPoint.SECURITY_OWE))) {
|
||||||
// Only allow writing of NFC tags for password-protected networks.
|
// Only allow writing of NFC tags for password-protected networks.
|
||||||
menu.add(Menu.NONE, MENU_ID_WRITE_NFC, 0, R.string.wifi_menu_write_to_nfc);
|
menu.add(Menu.NONE, MENU_ID_WRITE_NFC, 0, R.string.wifi_menu_write_to_nfc);
|
||||||
}
|
}
|
||||||
@@ -506,7 +507,8 @@ public class WifiSettings extends RestrictedSettingsFragment
|
|||||||
boolean isSavedNetwork = mSelectedAccessPoint.isSaved();
|
boolean isSavedNetwork = mSelectedAccessPoint.isSaved();
|
||||||
if (isSavedNetwork) {
|
if (isSavedNetwork) {
|
||||||
connect(mSelectedAccessPoint.getConfig(), isSavedNetwork);
|
connect(mSelectedAccessPoint.getConfig(), isSavedNetwork);
|
||||||
} else if (mSelectedAccessPoint.getSecurity() == AccessPoint.SECURITY_NONE) {
|
} else if ((mSelectedAccessPoint.getSecurity() == AccessPoint.SECURITY_NONE) ||
|
||||||
|
(mSelectedAccessPoint.getSecurity() == AccessPoint.SECURITY_OWE)) {
|
||||||
/** Bypass dialog for unsecured networks */
|
/** Bypass dialog for unsecured networks */
|
||||||
mSelectedAccessPoint.generateOpenNetworkConfig();
|
mSelectedAccessPoint.generateOpenNetworkConfig();
|
||||||
connect(mSelectedAccessPoint.getConfig(), isSavedNetwork);
|
connect(mSelectedAccessPoint.getConfig(), isSavedNetwork);
|
||||||
@@ -552,7 +554,8 @@ public class WifiSettings extends RestrictedSettingsFragment
|
|||||||
* networks, or Passpoint provided networks.
|
* networks, or Passpoint provided networks.
|
||||||
*/
|
*/
|
||||||
WifiConfiguration config = mSelectedAccessPoint.getConfig();
|
WifiConfiguration config = mSelectedAccessPoint.getConfig();
|
||||||
if (mSelectedAccessPoint.getSecurity() == AccessPoint.SECURITY_NONE) {
|
if ((mSelectedAccessPoint.getSecurity() == AccessPoint.SECURITY_NONE) ||
|
||||||
|
(mSelectedAccessPoint.getSecurity() == AccessPoint.SECURITY_OWE)) {
|
||||||
mSelectedAccessPoint.generateOpenNetworkConfig();
|
mSelectedAccessPoint.generateOpenNetworkConfig();
|
||||||
connect(mSelectedAccessPoint.getConfig(), mSelectedAccessPoint.isSaved());
|
connect(mSelectedAccessPoint.getConfig(), mSelectedAccessPoint.isSaved());
|
||||||
} else if (mSelectedAccessPoint.isSaved() && config != null
|
} else if (mSelectedAccessPoint.isSaved() && config != null
|
||||||
@@ -772,7 +775,8 @@ public class WifiSettings extends RestrictedSettingsFragment
|
|||||||
preference.setKey(key);
|
preference.setKey(key);
|
||||||
preference.setOrder(index);
|
preference.setOrder(index);
|
||||||
if (mOpenSsid != null && mOpenSsid.equals(accessPoint.getSsidStr())
|
if (mOpenSsid != null && mOpenSsid.equals(accessPoint.getSsidStr())
|
||||||
&& accessPoint.getSecurity() != AccessPoint.SECURITY_NONE) {
|
&& (accessPoint.getSecurity() != AccessPoint.SECURITY_NONE &&
|
||||||
|
accessPoint.getSecurity() != AccessPoint.SECURITY_OWE)) {
|
||||||
if (!accessPoint.isSaved() || isDisabledByWrongPassword(accessPoint)) {
|
if (!accessPoint.isSaved() || isDisabledByWrongPassword(accessPoint)) {
|
||||||
onPreferenceTreeClick(preference);
|
onPreferenceTreeClick(preference);
|
||||||
mOpenSsid = null;
|
mOpenSsid = null;
|
||||||
|
|||||||
@@ -66,7 +66,7 @@ public class WifiTetherSecurityPreferenceControllerTest {
|
|||||||
public void onPreferenceChange_securityValueUpdated() {
|
public void onPreferenceChange_securityValueUpdated() {
|
||||||
mController.onPreferenceChange(mPreference, WPA2_PSK);
|
mController.onPreferenceChange(mPreference, WPA2_PSK);
|
||||||
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.WPA2_PSK);
|
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.WPA2_PSK);
|
||||||
assertThat(mPreference.getSummary()).isEqualTo("WPA2 PSK");
|
assertThat(mPreference.getSummary()).isEqualTo("WPA2-Personal");
|
||||||
|
|
||||||
mController.onPreferenceChange(mPreference, NONE);
|
mController.onPreferenceChange(mPreference, NONE);
|
||||||
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.NONE);
|
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.NONE);
|
||||||
@@ -75,11 +75,11 @@ public class WifiTetherSecurityPreferenceControllerTest {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void updateDisplay_preferenceUpdated() {
|
public void updateDisplay_preferenceUpdated() {
|
||||||
// test defaulting to WPA2 PSK on new config
|
// test defaulting to WPA2-Personal on new config
|
||||||
when(mWifiManager.getWifiApConfiguration()).thenReturn(null);
|
when(mWifiManager.getWifiApConfiguration()).thenReturn(null);
|
||||||
mController.updateDisplay();
|
mController.updateDisplay();
|
||||||
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.WPA2_PSK);
|
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.WPA2_PSK);
|
||||||
assertThat(mPreference.getSummary()).isEqualTo("WPA2 PSK");
|
assertThat(mPreference.getSummary()).isEqualTo("WPA2-Personal");
|
||||||
|
|
||||||
// test open tether network
|
// test open tether network
|
||||||
when(mWifiManager.getWifiApConfiguration()).thenReturn(mConfig);
|
when(mWifiManager.getWifiApConfiguration()).thenReturn(mConfig);
|
||||||
@@ -89,11 +89,11 @@ public class WifiTetherSecurityPreferenceControllerTest {
|
|||||||
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.NONE);
|
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.NONE);
|
||||||
assertThat(mPreference.getSummary()).isEqualTo("None");
|
assertThat(mPreference.getSummary()).isEqualTo("None");
|
||||||
|
|
||||||
// test WPA2 PSK tether network
|
// test WPA2-Personal tether network
|
||||||
mConfig.allowedKeyManagement.clear();
|
mConfig.allowedKeyManagement.clear();
|
||||||
mConfig.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA2_PSK);
|
mConfig.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA2_PSK);
|
||||||
mController.updateDisplay();
|
mController.updateDisplay();
|
||||||
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.WPA2_PSK);
|
assertThat(mController.getSecurityType()).isEqualTo(WifiConfiguration.KeyMgmt.WPA2_PSK);
|
||||||
assertThat(mPreference.getSummary()).isEqualTo("WPA2 PSK");
|
assertThat(mPreference.getSummary()).isEqualTo("WPA2-Personal");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user