diff options
4 files changed, 25 insertions, 9 deletions
diff --git a/service/java/com/android/server/wifi/NetworkListStoreData.java b/service/java/com/android/server/wifi/NetworkListStoreData.java index c35a523c1..4c2bf7782 100644 --- a/service/java/com/android/server/wifi/NetworkListStoreData.java +++ b/service/java/com/android/server/wifi/NetworkListStoreData.java @@ -297,7 +297,7 @@ public abstract class NetworkListStoreData implements WifiConfigStore.StoreData WifiConfiguration configuration = parsedConfig.second; if (configuration.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.SAE)) { - removeLegacySecurityFromSaeNetwork(configuration); + fixSaeNetworkSecurityBits(configuration); } String configKeyCalculated = configuration.getKey(); @@ -329,7 +329,7 @@ public abstract class NetworkListStoreData implements WifiConfigStore.StoreData return configuration; } - private void removeLegacySecurityFromSaeNetwork(WifiConfiguration saeNetwork) { + private void fixSaeNetworkSecurityBits(WifiConfiguration saeNetwork) { // SAE saved networks Auth Algorithm set to OPEN need to be have this field cleared. if (saeNetwork.allowedAuthAlgorithms.get(WifiConfiguration.AuthAlgorithm.OPEN)) { saeNetwork.allowedAuthAlgorithms.clear(); @@ -354,6 +354,8 @@ public abstract class NetworkListStoreData implements WifiConfigStore.StoreData if (saeNetwork.allowedGroupCiphers.get(WifiConfiguration.GroupCipher.TKIP)) { saeNetwork.allowedGroupCiphers.clear(WifiConfiguration.GroupCipher.TKIP); } + saeNetwork.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.GCMP_256); + saeNetwork.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.GCMP_256); } } diff --git a/service/java/com/android/server/wifi/WifiConfigManager.java b/service/java/com/android/server/wifi/WifiConfigManager.java index fdc950a74..91612fe77 100644 --- a/service/java/com/android/server/wifi/WifiConfigManager.java +++ b/service/java/com/android/server/wifi/WifiConfigManager.java @@ -1071,14 +1071,19 @@ public class WifiConfigManager { configuration.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_PSK); configuration.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_EAP); + configuration.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.GCMP_256); configuration.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.CCMP); configuration.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.TKIP); + configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.GCMP_256); configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.CCMP); configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.TKIP); configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.WEP40); configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.WEP104); + configuration.allowedGroupManagementCiphers + .set(WifiConfiguration.GroupMgmtCipher.BIP_GMAC_256); + configuration.setIpAssignment(IpConfiguration.IpAssignment.DHCP); configuration.setProxySettings(IpConfiguration.ProxySettings.NONE); diff --git a/tests/wifitests/src/com/android/server/wifi/NetworkListStoreDataTest.java b/tests/wifitests/src/com/android/server/wifi/NetworkListStoreDataTest.java index 64680794b..8f8800f75 100644 --- a/tests/wifitests/src/com/android/server/wifi/NetworkListStoreDataTest.java +++ b/tests/wifitests/src/com/android/server/wifi/NetworkListStoreDataTest.java @@ -209,8 +209,8 @@ public class NetworkListStoreDataTest extends WifiBaseTest { + "<byte-array name=\"AllowedKeyMgmt\" num=\"2\">0001</byte-array>\n" + "<byte-array name=\"AllowedProtocols\" num=\"1\">02</byte-array>\n" + "<byte-array name=\"AllowedAuthAlgos\" num=\"0\"></byte-array>\n" - + "<byte-array name=\"AllowedGroupCiphers\" num=\"1\">08</byte-array>\n" - + "<byte-array name=\"AllowedPairwiseCiphers\" num=\"1\">04</byte-array>\n" + + "<byte-array name=\"AllowedGroupCiphers\" num=\"1\">28</byte-array>\n" + + "<byte-array name=\"AllowedPairwiseCiphers\" num=\"1\">0c</byte-array>\n" + "<byte-array name=\"AllowedGroupMgmtCiphers\" num=\"0\"></byte-array>\n" + "<byte-array name=\"AllowedSuiteBCiphers\" num=\"0\"></byte-array>\n" + "<boolean name=\"Shared\" value=\"%s\" />\n" @@ -326,9 +326,7 @@ public class NetworkListStoreDataTest extends WifiBaseTest { saeNetwork.setIpConfiguration( WifiConfigurationTestUtil.createDHCPIpConfigurationWithNoProxy()); saeNetwork.setRandomizedMacAddress(TEST_RANDOMIZED_MAC); - saeNetwork.allowedProtocols.set(WifiConfiguration.Protocol.RSN); - saeNetwork.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.CCMP); - saeNetwork.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.CCMP); + saeNetwork.setSecurityParams(WifiConfiguration.SECURITY_TYPE_SAE); List<WifiConfiguration> networkList = new ArrayList<>(); networkList.add(openNetwork); networkList.add(eapNetwork); @@ -673,11 +671,11 @@ public class NetworkListStoreDataTest extends WifiBaseTest { "name=\"AllowedProtocols\" num=\"1\">03</byte-array>"); saeNetworkWithOpenAuthXml.replaceAll( - "name=\"AllowedGroupCiphers\" num=\"1\">08</byte-array>", + "name=\"AllowedGroupCiphers\" num=\"1\">28</byte-array>", "name=\"AllowedGroupCiphers\" num=\"1\">0f</byte-array>"); saeNetworkWithOpenAuthXml.replaceAll( - "name=\"AllowedPairwiseCiphers\" num=\"1\">04</byte-array>", + "name=\"AllowedPairwiseCiphers\" num=\"1\">0c</byte-array>", "name=\"AllowedPairwiseCiphers\" num=\"1\">06</byte-array>"); List<WifiConfiguration> retrievedNetworkList = @@ -687,6 +685,11 @@ public class NetworkListStoreDataTest extends WifiBaseTest { assertFalse(retrievedNetworkList.get(0).allowedAuthAlgorithms .get(WifiConfiguration.AuthAlgorithm.OPEN)); + + assertTrue(retrievedNetworkList.get(0).allowedPairwiseCiphers + .get(WifiConfiguration.PairwiseCipher.GCMP_256)); + assertTrue(retrievedNetworkList.get(0).allowedGroupCiphers + .get(WifiConfiguration.GroupCipher.GCMP_256)); } /** diff --git a/tests/wifitests/src/com/android/server/wifi/WifiConfigManagerTest.java b/tests/wifitests/src/com/android/server/wifi/WifiConfigManagerTest.java index 88bf786e6..d72e1c168 100644 --- a/tests/wifitests/src/com/android/server/wifi/WifiConfigManagerTest.java +++ b/tests/wifitests/src/com/android/server/wifi/WifiConfigManagerTest.java @@ -4774,15 +4774,21 @@ public class WifiConfigManagerTest extends WifiBaseTest { configuration.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_EAP); } if (configuration.allowedPairwiseCiphers.isEmpty()) { + configuration.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.GCMP_256); configuration.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.CCMP); configuration.allowedPairwiseCiphers.set(WifiConfiguration.PairwiseCipher.TKIP); } if (configuration.allowedGroupCiphers.isEmpty()) { + configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.GCMP_256); configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.CCMP); configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.TKIP); configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.WEP40); configuration.allowedGroupCiphers.set(WifiConfiguration.GroupCipher.WEP104); } + if (configuration.allowedGroupManagementCiphers.isEmpty()) { + configuration.allowedGroupManagementCiphers + .set(WifiConfiguration.GroupMgmtCipher.BIP_GMAC_256); + } if (configuration.getIpAssignment() == IpConfiguration.IpAssignment.UNASSIGNED) { configuration.setIpAssignment(IpConfiguration.IpAssignment.DHCP); } |