wifi: create security type for Passpoint R1/R2 and R3

Bug: 162685856 Test: atest FrameworksWifiApiTests Change-Id: I5cda53edd286787c97dfb09d047d582c97e8684b
2020-12-11 18:37:17 +08:00
parent fde0ff7dbe
commit 3f8b46ebf8
3 changed files with 102 additions and 19 deletions
--- a/wifi/java/android/net/wifi/SecurityParams.java
+++ b/wifi/java/android/net/wifi/SecurityParams.java
@@ -16,6 +16,7 @@

 package android.net.wifi;

+import android.annotation.IntDef;
 import android.annotation.NonNull;
 import android.net.wifi.WifiConfiguration.AuthAlgorithm;
 import android.net.wifi.WifiConfiguration.GroupCipher;
@@ -27,6 +28,8 @@ import android.net.wifi.WifiConfiguration.SecurityType;
 import android.net.wifi.WifiConfiguration.SuiteBCipher;
 import android.os.Parcel;

+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
 import java.util.BitSet;
 import java.util.Objects;

@@ -37,6 +40,23 @@ import java.util.Objects;
 public class SecurityParams {
    private static final String TAG = "SecurityParams";

+    /** Passpoint Release 1 */
+    public static final int PASSPOINT_R1 = 1;
+
+    /** Passpoint Release 2 */
+    public static final int PASSPOINT_R2 = 2;
+
+    /** Passpoint Release 3 */
+    public static final int PASSPOINT_R3 = 3;
+
+    @IntDef(prefix = { "PASSPOINT_" }, value = {
+        PASSPOINT_R1,
+        PASSPOINT_R2,
+        PASSPOINT_R3,
+    })
+    @Retention(RetentionPolicy.SOURCE)
+    public @interface PasspointRelease {}
+
    private @SecurityType int mSecurityType = WifiConfiguration.SECURITY_TYPE_PSK;

    /**
@@ -99,6 +119,8 @@ public class SecurityParams {
     */
    private boolean mRequirePmf = false;

+    private @PasspointRelease int mPasspointRelease = PASSPOINT_R2;
+
    /** Indicate that this SAE security type only accepts H2E (Hash-to-Element) mode. */
    private boolean mIsSaeH2eOnlyMode = false;

@@ -562,11 +584,22 @@ public class SecurityParams {
    }

    /**
-     * Create EAP security params for Passpoint.
+     * Create Passpoint security params.
     */
-    public static @NonNull SecurityParams createPasspointParams(boolean requirePmf) {
+    public static @NonNull SecurityParams createPasspointParams(@PasspointRelease int release) {
        SecurityParams params = new SecurityParams();
-        params.mSecurityType = WifiConfiguration.SECURITY_TYPE_EAP;
+        switch (release) {
+            case PASSPOINT_R1:
+            case PASSPOINT_R2:
+                params.mSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R1_R2;
+                break;
+            case PASSPOINT_R3:
+                params.mSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R3;
+                params.mRequirePmf = true;
+                break;
+            default:
+                throw new IllegalArgumentException("invalid passpoint release " + release);
+        }

        params.mAllowedKeyManagement.set(KeyMgmt.WPA_EAP);
        params.mAllowedKeyManagement.set(KeyMgmt.IEEE8021X);
@@ -574,12 +607,9 @@ public class SecurityParams {
        params.mAllowedProtocols.set(Protocol.RSN);

        params.mAllowedPairwiseCiphers.set(PairwiseCipher.CCMP);
-        params.mAllowedPairwiseCiphers.set(PairwiseCipher.TKIP);

        params.mAllowedGroupCiphers.set(GroupCipher.CCMP);
-        params.mAllowedGroupCiphers.set(GroupCipher.TKIP);

-        params.mRequirePmf = requirePmf;
        return params;
    }

--- a/wifi/java/android/net/wifi/WifiConfiguration.java
+++ b/wifi/java/android/net/wifi/WifiConfiguration.java
@@ -502,6 +502,20 @@ public class WifiConfiguration implements Parcelable {
     * @hide
     */
    public static final int SECURITY_TYPE_OSEN = 10;
+    /**
+     * Security type for a Passpoint R1/R2 network.
+     * Passpoint R1/R2 uses Enterprise security, where TKIP and WEP are not allowed.
+     * @hide
+     */
+    public static final int SECURITY_TYPE_PASSPOINT_R1_R2 = 11;
+
+    /**
+     * Security type for a Passpoint R3 network.
+     * Passpoint R3 uses Enterprise security, where TKIP and WEP are not allowed,
+     * and PMF must be set to Required.
+     * @hide
+     */
+    public static final int SECURITY_TYPE_PASSPOINT_R3 = 12;

    /**
     * Security types we support.
@@ -520,6 +534,8 @@ public class WifiConfiguration implements Parcelable {
            SECURITY_TYPE_WAPI_CERT,
            SECURITY_TYPE_EAP_WPA3_ENTERPRISE,
            SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT,
+            SECURITY_TYPE_PASSPOINT_R1_R2,
+            SECURITY_TYPE_PASSPOINT_R3,
    })
    public @interface SecurityType {}

@@ -546,7 +562,7 @@ public class WifiConfiguration implements Parcelable {
     * {@link #SECURITY_TYPE_WAPI_PSK},
     * {@link #SECURITY_TYPE_WAPI_CERT},
     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE},
-     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}
+     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT},
     */
    public void setSecurityParams(@SecurityType int securityType) {
        // Clear existing data.
@@ -580,7 +596,7 @@ public class WifiConfiguration implements Parcelable {
     * {@link #SECURITY_TYPE_WAPI_PSK},
     * {@link #SECURITY_TYPE_WAPI_CERT},
     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE},
-     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}
+     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT},
     *
     * @hide
     */
@@ -627,6 +643,12 @@ public class WifiConfiguration implements Parcelable {
            case SECURITY_TYPE_OSEN:
                params = SecurityParams.createOsenParams();
                break;
+            case SECURITY_TYPE_PASSPOINT_R1_R2:
+                params = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R2);
+                break;
+            case SECURITY_TYPE_PASSPOINT_R3:
+                params = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R3);
+                break;
            default:
                throw new IllegalArgumentException("unknown security type " + securityType);
        }
@@ -719,7 +741,7 @@ public class WifiConfiguration implements Parcelable {
     * {@link #SECURITY_TYPE_WAPI_PSK},
     * {@link #SECURITY_TYPE_WAPI_CERT},
     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE},
-     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}
+     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT},
     *
     * @hide
     */
@@ -743,7 +765,7 @@ public class WifiConfiguration implements Parcelable {
     * {@link #SECURITY_TYPE_WAPI_PSK},
     * {@link #SECURITY_TYPE_WAPI_CERT},
     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE},
-     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}
+     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT},
     *
     * @return the copy of specific security params if found; otherwise null.
     * @hide
@@ -769,7 +791,7 @@ public class WifiConfiguration implements Parcelable {
     * {@link #SECURITY_TYPE_WAPI_PSK},
     * {@link #SECURITY_TYPE_WAPI_CERT},
     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE},
-     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}
+     * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT},
     *
     * @return true if there is a security params matches the type.
     * @hide
--- a/wifi/tests/src/android/net/wifi/SecurityParamsTest.java
+++ b/wifi/tests/src/android/net/wifi/SecurityParamsTest.java
@@ -85,11 +85,11 @@ public class SecurityParamsTest {
                expectedAllowedGroupCiphers, expectedRequirePmf);
    }

-    /** Verify EAP Passpoint params creator. */
+    /** Verify Passpoint R1 params creator. */
    @Test
-    public void testEapPasspointCreator() throws Exception {
-        SecurityParams p = SecurityParams.createPasspointParams(false);
-        int expectedSecurityType = WifiConfiguration.SECURITY_TYPE_EAP;
+    public void testEapPasspointR1Creator() throws Exception {
+        SecurityParams p = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R1);
+        int expectedSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R1_R2;
        int[] expectedAllowedKeyManagement = new int[] {KeyMgmt.WPA_EAP, KeyMgmt.IEEE8021X};
        int[] expectedAllowedProtocols = new int[] {};
        int[] expectedAllowedAuthAlgorithms = new int[] {};
@@ -100,9 +100,36 @@ public class SecurityParamsTest {
                expectedAllowedKeyManagement, expectedAllowedProtocols,
                expectedAllowedAuthAlgorithms, expectedAllowedPairwiseCiphers,
                expectedAllowedGroupCiphers, expectedRequirePmf);
+    }

-        p = SecurityParams.createPasspointParams(true);
-        expectedRequirePmf = true;
+    /** Verify Passpoint R2 params creator. */
+    @Test
+    public void testEapPasspointR2Creator() throws Exception {
+        SecurityParams p = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R2);
+        int expectedSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R1_R2;
+        int[] expectedAllowedKeyManagement = new int[] {KeyMgmt.WPA_EAP, KeyMgmt.IEEE8021X};
+        int[] expectedAllowedProtocols = new int[] {};
+        int[] expectedAllowedAuthAlgorithms = new int[] {};
+        int[] expectedAllowedPairwiseCiphers = new int[] {};
+        int[] expectedAllowedGroupCiphers = new int[] {};
+        boolean expectedRequirePmf = false;
+        verifySecurityParams(p, expectedSecurityType,
+                expectedAllowedKeyManagement, expectedAllowedProtocols,
+                expectedAllowedAuthAlgorithms, expectedAllowedPairwiseCiphers,
+                expectedAllowedGroupCiphers, expectedRequirePmf);
+    }
+
+    /** Verify Passpoint R3 params creator. */
+    @Test
+    public void testEapPasspointR3Creator() throws Exception {
+        SecurityParams p = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R3);
+        int expectedSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R3;
+        int[] expectedAllowedKeyManagement = new int[] {KeyMgmt.WPA_EAP, KeyMgmt.IEEE8021X};
+        int[] expectedAllowedProtocols = new int[] {};
+        int[] expectedAllowedAuthAlgorithms = new int[] {};
+        int[] expectedAllowedPairwiseCiphers = new int[] {};
+        int[] expectedAllowedGroupCiphers = new int[] {};
+        boolean expectedRequirePmf = true;
        verifySecurityParams(p, expectedSecurityType,
                expectedAllowedKeyManagement, expectedAllowedProtocols,
                expectedAllowedAuthAlgorithms, expectedAllowedPairwiseCiphers,
@@ -408,7 +435,9 @@ public class SecurityParamsTest {

        SecurityParams[] nonOpenSecurityParams = new SecurityParams[] {
                SecurityParams.createWpaWpa2EnterpriseParams(),
-                SecurityParams.createPasspointParams(false),
+                SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R1),
+                SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R2),
+                SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R3),
                SecurityParams.createOsenParams(),
                SecurityParams.createWapiCertParams(),
                SecurityParams.createWapiPskParams(),
@@ -428,7 +457,9 @@ public class SecurityParamsTest {
    public void testIsEnterpriseNetwork() {
        SecurityParams[] enterpriseSecurityParams = new SecurityParams[] {
                SecurityParams.createWpaWpa2EnterpriseParams(),
-                SecurityParams.createPasspointParams(false),
+                SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R1),
+                SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R2),
+                SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R3),
                SecurityParams.createWapiCertParams(),
                SecurityParams.createWpa3Enterprise192BitParams(),
                SecurityParams.createWpa3EnterpriseParams(),