From 3f8b46ebf8e92722098b700c27656d39dbba7069 Mon Sep 17 00:00:00 2001 From: Jimmy Chen Date: Fri, 11 Dec 2020 18:37:17 +0800 Subject: [PATCH] wifi: create security type for Passpoint R1/R2 and R3 Bug: 162685856 Test: atest FrameworksWifiApiTests Change-Id: I5cda53edd286787c97dfb09d047d582c97e8684b --- .../java/android/net/wifi/SecurityParams.java | 42 ++++++++++++++--- .../android/net/wifi/WifiConfiguration.java | 32 +++++++++++-- .../android/net/wifi/SecurityParamsTest.java | 47 +++++++++++++++---- 3 files changed, 102 insertions(+), 19 deletions(-) diff --git a/wifi/java/android/net/wifi/SecurityParams.java b/wifi/java/android/net/wifi/SecurityParams.java index 157d1c5748d07..0ab6f572fba32 100644 --- a/wifi/java/android/net/wifi/SecurityParams.java +++ b/wifi/java/android/net/wifi/SecurityParams.java @@ -16,6 +16,7 @@ package android.net.wifi; +import android.annotation.IntDef; import android.annotation.NonNull; import android.net.wifi.WifiConfiguration.AuthAlgorithm; import android.net.wifi.WifiConfiguration.GroupCipher; @@ -27,6 +28,8 @@ import android.net.wifi.WifiConfiguration.SecurityType; import android.net.wifi.WifiConfiguration.SuiteBCipher; import android.os.Parcel; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; import java.util.BitSet; import java.util.Objects; @@ -37,6 +40,23 @@ import java.util.Objects; public class SecurityParams { private static final String TAG = "SecurityParams"; + /** Passpoint Release 1 */ + public static final int PASSPOINT_R1 = 1; + + /** Passpoint Release 2 */ + public static final int PASSPOINT_R2 = 2; + + /** Passpoint Release 3 */ + public static final int PASSPOINT_R3 = 3; + + @IntDef(prefix = { "PASSPOINT_" }, value = { + PASSPOINT_R1, + PASSPOINT_R2, + PASSPOINT_R3, + }) + @Retention(RetentionPolicy.SOURCE) + public @interface PasspointRelease {} + private @SecurityType int mSecurityType = WifiConfiguration.SECURITY_TYPE_PSK; /** @@ -99,6 +119,8 @@ public class SecurityParams { */ private boolean mRequirePmf = false; + private @PasspointRelease int mPasspointRelease = PASSPOINT_R2; + /** Indicate that this SAE security type only accepts H2E (Hash-to-Element) mode. */ private boolean mIsSaeH2eOnlyMode = false; @@ -562,11 +584,22 @@ public class SecurityParams { } /** - * Create EAP security params for Passpoint. + * Create Passpoint security params. */ - public static @NonNull SecurityParams createPasspointParams(boolean requirePmf) { + public static @NonNull SecurityParams createPasspointParams(@PasspointRelease int release) { SecurityParams params = new SecurityParams(); - params.mSecurityType = WifiConfiguration.SECURITY_TYPE_EAP; + switch (release) { + case PASSPOINT_R1: + case PASSPOINT_R2: + params.mSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R1_R2; + break; + case PASSPOINT_R3: + params.mSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R3; + params.mRequirePmf = true; + break; + default: + throw new IllegalArgumentException("invalid passpoint release " + release); + } params.mAllowedKeyManagement.set(KeyMgmt.WPA_EAP); params.mAllowedKeyManagement.set(KeyMgmt.IEEE8021X); @@ -574,12 +607,9 @@ public class SecurityParams { params.mAllowedProtocols.set(Protocol.RSN); params.mAllowedPairwiseCiphers.set(PairwiseCipher.CCMP); - params.mAllowedPairwiseCiphers.set(PairwiseCipher.TKIP); params.mAllowedGroupCiphers.set(GroupCipher.CCMP); - params.mAllowedGroupCiphers.set(GroupCipher.TKIP); - params.mRequirePmf = requirePmf; return params; } diff --git a/wifi/java/android/net/wifi/WifiConfiguration.java b/wifi/java/android/net/wifi/WifiConfiguration.java index f8b824ca01bd4..2a98977fc08ef 100644 --- a/wifi/java/android/net/wifi/WifiConfiguration.java +++ b/wifi/java/android/net/wifi/WifiConfiguration.java @@ -502,6 +502,20 @@ public class WifiConfiguration implements Parcelable { * @hide */ public static final int SECURITY_TYPE_OSEN = 10; + /** + * Security type for a Passpoint R1/R2 network. + * Passpoint R1/R2 uses Enterprise security, where TKIP and WEP are not allowed. + * @hide + */ + public static final int SECURITY_TYPE_PASSPOINT_R1_R2 = 11; + + /** + * Security type for a Passpoint R3 network. + * Passpoint R3 uses Enterprise security, where TKIP and WEP are not allowed, + * and PMF must be set to Required. + * @hide + */ + public static final int SECURITY_TYPE_PASSPOINT_R3 = 12; /** * Security types we support. @@ -520,6 +534,8 @@ public class WifiConfiguration implements Parcelable { SECURITY_TYPE_WAPI_CERT, SECURITY_TYPE_EAP_WPA3_ENTERPRISE, SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT, + SECURITY_TYPE_PASSPOINT_R1_R2, + SECURITY_TYPE_PASSPOINT_R3, }) public @interface SecurityType {} @@ -546,7 +562,7 @@ public class WifiConfiguration implements Parcelable { * {@link #SECURITY_TYPE_WAPI_PSK}, * {@link #SECURITY_TYPE_WAPI_CERT}, * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE}, - * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT} + * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}, */ public void setSecurityParams(@SecurityType int securityType) { // Clear existing data. @@ -580,7 +596,7 @@ public class WifiConfiguration implements Parcelable { * {@link #SECURITY_TYPE_WAPI_PSK}, * {@link #SECURITY_TYPE_WAPI_CERT}, * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE}, - * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT} + * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}, * * @hide */ @@ -627,6 +643,12 @@ public class WifiConfiguration implements Parcelable { case SECURITY_TYPE_OSEN: params = SecurityParams.createOsenParams(); break; + case SECURITY_TYPE_PASSPOINT_R1_R2: + params = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R2); + break; + case SECURITY_TYPE_PASSPOINT_R3: + params = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R3); + break; default: throw new IllegalArgumentException("unknown security type " + securityType); } @@ -719,7 +741,7 @@ public class WifiConfiguration implements Parcelable { * {@link #SECURITY_TYPE_WAPI_PSK}, * {@link #SECURITY_TYPE_WAPI_CERT}, * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE}, - * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT} + * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}, * * @hide */ @@ -743,7 +765,7 @@ public class WifiConfiguration implements Parcelable { * {@link #SECURITY_TYPE_WAPI_PSK}, * {@link #SECURITY_TYPE_WAPI_CERT}, * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE}, - * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT} + * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}, * * @return the copy of specific security params if found; otherwise null. * @hide @@ -769,7 +791,7 @@ public class WifiConfiguration implements Parcelable { * {@link #SECURITY_TYPE_WAPI_PSK}, * {@link #SECURITY_TYPE_WAPI_CERT}, * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE}, - * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT} + * {@link #SECURITY_TYPE_EAP_WPA3_ENTERPRISE_192_BIT}, * * @return true if there is a security params matches the type. * @hide diff --git a/wifi/tests/src/android/net/wifi/SecurityParamsTest.java b/wifi/tests/src/android/net/wifi/SecurityParamsTest.java index e581b77c14ad0..2f6b7245795fe 100644 --- a/wifi/tests/src/android/net/wifi/SecurityParamsTest.java +++ b/wifi/tests/src/android/net/wifi/SecurityParamsTest.java @@ -85,11 +85,11 @@ public class SecurityParamsTest { expectedAllowedGroupCiphers, expectedRequirePmf); } - /** Verify EAP Passpoint params creator. */ + /** Verify Passpoint R1 params creator. */ @Test - public void testEapPasspointCreator() throws Exception { - SecurityParams p = SecurityParams.createPasspointParams(false); - int expectedSecurityType = WifiConfiguration.SECURITY_TYPE_EAP; + public void testEapPasspointR1Creator() throws Exception { + SecurityParams p = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R1); + int expectedSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R1_R2; int[] expectedAllowedKeyManagement = new int[] {KeyMgmt.WPA_EAP, KeyMgmt.IEEE8021X}; int[] expectedAllowedProtocols = new int[] {}; int[] expectedAllowedAuthAlgorithms = new int[] {}; @@ -100,9 +100,36 @@ public class SecurityParamsTest { expectedAllowedKeyManagement, expectedAllowedProtocols, expectedAllowedAuthAlgorithms, expectedAllowedPairwiseCiphers, expectedAllowedGroupCiphers, expectedRequirePmf); + } - p = SecurityParams.createPasspointParams(true); - expectedRequirePmf = true; + /** Verify Passpoint R2 params creator. */ + @Test + public void testEapPasspointR2Creator() throws Exception { + SecurityParams p = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R2); + int expectedSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R1_R2; + int[] expectedAllowedKeyManagement = new int[] {KeyMgmt.WPA_EAP, KeyMgmt.IEEE8021X}; + int[] expectedAllowedProtocols = new int[] {}; + int[] expectedAllowedAuthAlgorithms = new int[] {}; + int[] expectedAllowedPairwiseCiphers = new int[] {}; + int[] expectedAllowedGroupCiphers = new int[] {}; + boolean expectedRequirePmf = false; + verifySecurityParams(p, expectedSecurityType, + expectedAllowedKeyManagement, expectedAllowedProtocols, + expectedAllowedAuthAlgorithms, expectedAllowedPairwiseCiphers, + expectedAllowedGroupCiphers, expectedRequirePmf); + } + + /** Verify Passpoint R3 params creator. */ + @Test + public void testEapPasspointR3Creator() throws Exception { + SecurityParams p = SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R3); + int expectedSecurityType = WifiConfiguration.SECURITY_TYPE_PASSPOINT_R3; + int[] expectedAllowedKeyManagement = new int[] {KeyMgmt.WPA_EAP, KeyMgmt.IEEE8021X}; + int[] expectedAllowedProtocols = new int[] {}; + int[] expectedAllowedAuthAlgorithms = new int[] {}; + int[] expectedAllowedPairwiseCiphers = new int[] {}; + int[] expectedAllowedGroupCiphers = new int[] {}; + boolean expectedRequirePmf = true; verifySecurityParams(p, expectedSecurityType, expectedAllowedKeyManagement, expectedAllowedProtocols, expectedAllowedAuthAlgorithms, expectedAllowedPairwiseCiphers, @@ -408,7 +435,9 @@ public class SecurityParamsTest { SecurityParams[] nonOpenSecurityParams = new SecurityParams[] { SecurityParams.createWpaWpa2EnterpriseParams(), - SecurityParams.createPasspointParams(false), + SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R1), + SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R2), + SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R3), SecurityParams.createOsenParams(), SecurityParams.createWapiCertParams(), SecurityParams.createWapiPskParams(), @@ -428,7 +457,9 @@ public class SecurityParamsTest { public void testIsEnterpriseNetwork() { SecurityParams[] enterpriseSecurityParams = new SecurityParams[] { SecurityParams.createWpaWpa2EnterpriseParams(), - SecurityParams.createPasspointParams(false), + SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R1), + SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R2), + SecurityParams.createPasspointParams(SecurityParams.PASSPOINT_R3), SecurityParams.createWapiCertParams(), SecurityParams.createWpa3Enterprise192BitParams(), SecurityParams.createWpa3EnterpriseParams(),