Wifi: omit PMK cache for WPA PSK networks

PMK caching has a security vulnerability for WPA/WPA2-PSK networks and hence we should disable PMK caching for WPA/WPA2-PSK networks. Bug: 152931766 Test: atest FrameworksWifiTests Change-Id: Ic84a3413b573baf6176bcea8ea7ae22068a54d8b
author: Jimmy Chen <jimmycmchen@google.com> 2020-04-21 16:08:56 +0800
committer: Jimmy Chen <jimmycmchen@google.com> 2020-04-21 18:36:29 +0800
commit: 4d80bc745f6fdbd2bfd52bc8a18ba5330c4b5e4f (patch)
tree: d2fcb6178a87001ced5bcc66ae01d62e1952a887 /tests
parent: e67124ed6522986876872ad83e1ade954dad06f9 (diff)
1 files changed, 33 insertions, 3 deletions
diff --git a/tests/wifitests/src/com/android/server/wifi/SupplicantStaIfaceHalTest.java b/tests/wifitests/src/com/android/server/wifi/SupplicantStaIfaceHalTest.java
index ad2eac8a8..843a63c17 100644
--- a/tests/wifitests/src/com/android/server/wifi/SupplicantStaIfaceHalTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/SupplicantStaIfaceHalTest.java
@@ -1736,7 +1736,7 @@ public class SupplicantStaIfaceHalTest extends WifiBaseTest {
         long testStartSeconds = PMK_CACHE_EXPIRATION_IN_SEC / 2;
         WifiConfiguration config = new WifiConfiguration();
         config.networkId = testFrameworkNetworkId;
-        config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_PSK);
+        config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_EAP);
         PmkCacheStoreData pmkCacheData =
                 new PmkCacheStoreData(PMK_CACHE_EXPIRATION_IN_SEC, new ArrayList<Byte>());
         mDut.mPmkCacheEntries.put(testFrameworkNetworkId, pmkCacheData);
@@ -1770,7 +1770,37 @@ public class SupplicantStaIfaceHalTest extends WifiBaseTest {
         long testStartSeconds = PMK_CACHE_EXPIRATION_IN_SEC / 2;
         WifiConfiguration config = new WifiConfiguration();
         config.networkId = testFrameworkNetworkId;
+        config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_EAP);
+        when(mClock.getElapsedSinceBootMillis()).thenReturn(testStartSeconds * 1000L);
+
+        setupMocksForHalV1_3();
+        setupMocksForPmkCache();
+        setupMocksForConnectSequence(false);
+        executeAndValidateInitializationSequenceV1_3();
+        assertTrue(mDut.connectToNetwork(WLAN0_IFACE_NAME, config));
+
+        verify(mSupplicantStaNetworkMock, never()).setPmkCache(any(ArrayList.class));
+        verify(mISupplicantStaIfaceCallbackV13, never()).onPmkCacheAdded(
+                anyLong(), any(ArrayList.class));
+        verify(mHandler, never()).postDelayed(
+                /* private listener */ any(),
+                eq(SupplicantStaIfaceHal.PMK_CACHE_EXPIRATION_ALARM_TAG),
+                anyLong());
+    }
+
+    /**
+     * Test adding PMK cache entry returns faliure if this is a psk network.
+     */
+    @Test
+    public void testAddPmkEntryIsOmittedWithPskNetwork() throws Exception {
+        int testFrameworkNetworkId = 9;
+        long testStartSeconds = PMK_CACHE_EXPIRATION_IN_SEC / 2;
+        WifiConfiguration config = new WifiConfiguration();
+        config.networkId = testFrameworkNetworkId;
         config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_PSK);
+        PmkCacheStoreData pmkCacheData =
+                new PmkCacheStoreData(PMK_CACHE_EXPIRATION_IN_SEC, new ArrayList<Byte>());
+        mDut.mPmkCacheEntries.put(testFrameworkNetworkId, pmkCacheData);
         when(mClock.getElapsedSinceBootMillis()).thenReturn(testStartSeconds * 1000L);
 
         setupMocksForHalV1_3();
@@ -1797,7 +1827,7 @@ public class SupplicantStaIfaceHalTest extends WifiBaseTest {
         long testStartSeconds = PMK_CACHE_EXPIRATION_IN_SEC / 2;
         WifiConfiguration config = new WifiConfiguration();
         config.networkId = testFrameworkNetworkId;
-        config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_PSK);
+        config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_EAP);
         PmkCacheStoreData pmkCacheData =
                 new PmkCacheStoreData(PMK_CACHE_EXPIRATION_IN_SEC, new ArrayList<Byte>());
         mDut.mPmkCacheEntries.put(testFrameworkNetworkId, pmkCacheData);
@@ -1824,7 +1854,7 @@ public class SupplicantStaIfaceHalTest extends WifiBaseTest {
         long testStartSeconds = PMK_CACHE_EXPIRATION_IN_SEC / 2;
         WifiConfiguration config = new WifiConfiguration();
         config.networkId = testFrameworkNetworkId;
-        config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_PSK);
+        config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_EAP);
         PmkCacheStoreData pmkCacheData =
                 new PmkCacheStoreData(PMK_CACHE_EXPIRATION_IN_SEC, new ArrayList<Byte>());
         mDut.mPmkCacheEntries.put(testFrameworkNetworkId, pmkCacheData);
author	Jimmy Chen <jimmycmchen@google.com>	2020-04-21 16:08:56 +0800
committer	Jimmy Chen <jimmycmchen@google.com>	2020-04-21 18:36:29 +0800
commit	4d80bc745f6fdbd2bfd52bc8a18ba5330c4b5e4f (patch)
tree	d2fcb6178a87001ced5bcc66ae01d62e1952a887 /tests
parent	e67124ed6522986876872ad83e1ade954dad06f9 (diff)