diff options
| author | 2018-10-16 14:30:14 -0700 | |
|---|---|---|
| committer | 2018-11-06 10:11:07 -0800 | |
| commit | 6adbc58858045608d34b98938d7ff7aaa76827e8 (patch) | |
| tree | 6a275e7f3fffbef3bf6f1d9cfbe741a0b92b1400 | |
| parent | 67dd91e6a301c9dd15f4f95ac715064534296a53 (diff) | |
[WPA3] Add new types for WPA3/OWE and device capabilities API
Add new types for WPA3: SAE and Suite-B-192, and Enhanced open: OWE.
Added a new API to get the device key management capabilities, because
not all devices using latest HAL have WPA3/OWE support. Updated
current.txt and system-current.txt accordingly.
Bug: 112195778
Test: atest com.android.server.wifi
Change-Id: Idceb28dd8663349013243f69b8f20c0c8606581c
| -rwxr-xr-x | api/current.txt | 13 | ||||
| -rw-r--r-- | api/system-current.txt | 3 | ||||
| -rw-r--r-- | wifi/java/android/net/wifi/ScanResult.java | 25 | ||||
| -rw-r--r-- | wifi/java/android/net/wifi/WifiConfiguration.java | 147 | ||||
| -rw-r--r-- | wifi/java/android/net/wifi/WifiManager.java | 34 |
5 files changed, 211 insertions, 11 deletions
diff --git a/api/current.txt b/api/current.txt index dd4c781b6e7b..c3e2d848f236 100755 --- a/api/current.txt +++ b/api/current.txt @@ -28702,9 +28702,11 @@ package android.net.wifi { field public java.lang.String SSID; field public java.util.BitSet allowedAuthAlgorithms; field public java.util.BitSet allowedGroupCiphers; + field public java.util.BitSet allowedGroupMgmtCiphers; field public java.util.BitSet allowedKeyManagement; field public java.util.BitSet allowedPairwiseCiphers; field public java.util.BitSet allowedProtocols; + field public java.util.BitSet allowedSuiteBCiphers; field public android.net.wifi.WifiEnterpriseConfig enterpriseConfig; field public boolean hiddenSSID; field public boolean isHomeProviderNetwork; @@ -28728,6 +28730,7 @@ package android.net.wifi { public static class WifiConfiguration.GroupCipher { field public static final int CCMP = 3; // 0x3 + field public static final int GCMP_256 = 5; // 0x5 field public static final int TKIP = 2; // 0x2 field public static final deprecated int WEP104 = 1; // 0x1 field public static final deprecated int WEP40 = 0; // 0x0 @@ -28735,9 +28738,18 @@ package android.net.wifi { field public static final java.lang.String varName = "group"; } + public static class WifiConfiguration.GroupMgmtCipher { + field public static final int BIP_CMAC_256 = 0; // 0x0 + field public static final int BIP_GMAC_128 = 1; // 0x1 + field public static final int BIP_GMAC_256 = 2; // 0x2 + } + public static class WifiConfiguration.KeyMgmt { field public static final int IEEE8021X = 3; // 0x3 field public static final int NONE = 0; // 0x0 + field public static final int OWE = 9; // 0x9 + field public static final int SAE = 8; // 0x8 + field public static final int SUITE_B_192 = 10; // 0xa field public static final int WPA_EAP = 2; // 0x2 field public static final int WPA_PSK = 1; // 0x1 field public static final java.lang.String[] strings; @@ -28746,6 +28758,7 @@ package android.net.wifi { public static class WifiConfiguration.PairwiseCipher { field public static final int CCMP = 2; // 0x2 + field public static final int GCMP_256 = 3; // 0x3 field public static final int NONE = 0; // 0x0 field public static final deprecated int TKIP = 1; // 0x1 field public static final java.lang.String[] strings; diff --git a/api/system-current.txt b/api/system-current.txt index d8da475e3eec..e877150b413c 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -3641,10 +3641,13 @@ package android.net.wifi { method public int getWifiApState(); method public boolean isDeviceToApRttSupported(); method public boolean isDeviceToDeviceRttSupported(); + method public boolean isOweSupported(); method public boolean isPortableHotspotSupported(); method public boolean isWifiApEnabled(); method public boolean isWifiScannerSupported(); method public void registerNetworkRequestMatchCallback(android.net.wifi.WifiManager.NetworkRequestMatchCallback, android.os.Handler); + method public boolean isWpa3SaeSupported(); + method public boolean isWpa3SuiteBSupported(); method public boolean setWifiApConfiguration(android.net.wifi.WifiConfiguration); method public boolean startScan(android.os.WorkSource); method public void unregisterNetworkRequestMatchCallback(android.net.wifi.WifiManager.NetworkRequestMatchCallback); diff --git a/wifi/java/android/net/wifi/ScanResult.java b/wifi/java/android/net/wifi/ScanResult.java index 3a4e88b49daf..9b9247dba17c 100644 --- a/wifi/java/android/net/wifi/ScanResult.java +++ b/wifi/java/android/net/wifi/ScanResult.java @@ -86,9 +86,9 @@ public class ScanResult implements Parcelable { public static final int PROTOCOL_WPA = 1; /** * @hide - * Security protocol type: WPA version 2, also called RSN. + * Security protocol type: RSN, for WPA version 2, and version 3. */ - public static final int PROTOCOL_WPA2 = 2; + public static final int PROTOCOL_RSN = 2; /** * @hide * Security protocol type: @@ -138,7 +138,21 @@ public class ScanResult implements Parcelable { * Used for Hotspot 2.0. */ public static final int KEY_MGMT_OSEN = 7; - + /** + * @hide + * Security key management scheme: SAE. + */ + public static final int KEY_MGMT_SAE = 8; + /** + * @hide + * Security key management scheme: OWE. + */ + public static final int KEY_MGMT_OWE = 9; + /** + * @hide + * Security key management scheme: SUITE_B_192. + */ + public static final int KEY_MGMT_EAP_SUITE_B_192 = 10; /** * @hide * No cipher suite. @@ -159,6 +173,11 @@ public class ScanResult implements Parcelable { * Cipher suite: CCMP */ public static final int CIPHER_CCMP = 3; + /** + * @hide + * Cipher suite: GCMP + */ + public static final int CIPHER_GCMP_256 = 4; /** * The detected signal level in dBm, also known as the RSSI. diff --git a/wifi/java/android/net/wifi/WifiConfiguration.java b/wifi/java/android/net/wifi/WifiConfiguration.java index 05747163550e..eb85d93113c1 100644 --- a/wifi/java/android/net/wifi/WifiConfiguration.java +++ b/wifi/java/android/net/wifi/WifiConfiguration.java @@ -129,10 +129,26 @@ public class WifiConfiguration implements Parcelable { */ public static final int FT_EAP = 7; + /** + * Simultaneous Authentication of Equals + */ + public static final int SAE = 8; + + /** + * Opportunististic Wireless Encryption + */ + public static final int OWE = 9; + + /** + * SUITE_B_192 192 bit level + */ + public static final int SUITE_B_192 = 10; + public static final String varName = "key_mgmt"; public static final String[] strings = { "NONE", "WPA_PSK", "WPA_EAP", - "IEEE8021X", "WPA2_PSK", "OSEN", "FT_PSK", "FT_EAP" }; + "IEEE8021X", "WPA2_PSK", "OSEN", "FT_PSK", "FT_EAP", + "SAE", "OWE", "SUITE_B_192"}; } /** @@ -146,7 +162,7 @@ public class WifiConfiguration implements Parcelable { * is discouraged. WPA-2 (RSN) should be used instead. */ @Deprecated public static final int WPA = 0; - /** WPA2/IEEE 802.11i */ + /** RSN WPA2/WPA3/IEEE 802.11i */ public static final int RSN = 1; /** HS2.0 r2 OSEN * @hide @@ -194,10 +210,14 @@ public class WifiConfiguration implements Parcelable { public static final int TKIP = 1; /** AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] */ public static final int CCMP = 2; + /** + * AES in Galois/Counter Mode + */ + public static final int GCMP_256 = 3; public static final String varName = "pairwise"; - public static final String[] strings = { "NONE", "TKIP", "CCMP" }; + public static final String[] strings = { "NONE", "TKIP", "CCMP", "GCMP_256" }; } /** @@ -207,6 +227,7 @@ public class WifiConfiguration implements Parcelable { * TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] * WEP104 = WEP (Wired Equivalent Privacy) with 104-bit key * WEP40 = WEP (Wired Equivalent Privacy) with 40-bit key (original 802.11) + * GCMP_256 = AES in Galois/Counter Mode * </pre> */ public static class GroupCipher { @@ -230,12 +251,64 @@ public class WifiConfiguration implements Parcelable { * @hide */ public static final int GTK_NOT_USED = 4; + /** + * AES in Galois/Counter Mode + */ + public static final int GCMP_256 = 5; public static final String varName = "group"; public static final String[] strings = { /* deprecated */ "WEP40", /* deprecated */ "WEP104", - "TKIP", "CCMP", "GTK_NOT_USED" }; + "TKIP", "CCMP", "GTK_NOT_USED", "GCMP_256" }; + } + + /** + * Recognized group management ciphers. + * <pre> + * BIP_CMAC_256 = Cipher-based Message Authentication Code 256 bits + * BIP_GMAC_128 = Galois Message Authentication Code 128 bits + * BIP_GMAC_256 = Galois Message Authentication Code 256 bits + * </pre> + */ + public static class GroupMgmtCipher { + private GroupMgmtCipher() { } + + /** CMAC-256 = Cipher-based Message Authentication Code */ + public static final int BIP_CMAC_256 = 0; + + /** GMAC-128 = Galois Message Authentication Code */ + public static final int BIP_GMAC_128 = 1; + + /** GMAC-256 = Galois Message Authentication Code */ + public static final int BIP_GMAC_256 = 2; + + private static final String varName = "groupMgmt"; + + private static final String[] strings = { "BIP_CMAC_256", + "BIP_GMAC_128", "BIP_GMAC_256"}; + } + + /** + * Recognized suiteB ciphers. + * <pre> + * ECDHE_ECDSA + * ECDHE_RSA + * </pre> + * @hide + */ + public static class SuiteBCipher { + private SuiteBCipher() { } + + /** Diffie-Hellman with Elliptic Curve_ECDSA signature */ + public static final int ECDHE_ECDSA = 0; + + /** Diffie-Hellman with_RSA signature */ + public static final int ECDHE_RSA = 1; + + private static final String varName = "SuiteB"; + + private static final String[] strings = { "ECDHE_ECDSA", "ECDHE_RSA" }; } /** Possible status of a network configuration. */ @@ -413,6 +486,17 @@ public class WifiConfiguration implements Parcelable { */ public BitSet allowedGroupCiphers; /** + * The set of group management ciphers supported by this configuration. + * See {@link GroupMgmtCipher} for descriptions of the values. + */ + public BitSet allowedGroupMgmtCiphers; + /** + * The set of SuiteB ciphers supported by this configuration. + * To be used for WPA3-Enterprise mode. + * See {@link SuiteBCipher} for descriptions of the values. + */ + public BitSet allowedSuiteBCiphers; + /** * The enterprise configuration details specifying the EAP method, * certificates and other settings associated with the EAP. */ @@ -737,7 +821,8 @@ public class WifiConfiguration implements Parcelable { public boolean isOpenNetwork() { final int cardinality = allowedKeyManagement.cardinality(); final boolean hasNoKeyMgmt = cardinality == 0 - || (cardinality == 1 && allowedKeyManagement.get(KeyMgmt.NONE)); + || (cardinality == 1 && (allowedKeyManagement.get(KeyMgmt.NONE) + || allowedKeyManagement.get(KeyMgmt.OWE))); boolean hasNoWepKeys = true; if (wepKeys != null) { @@ -1542,6 +1627,8 @@ public class WifiConfiguration implements Parcelable { allowedAuthAlgorithms = new BitSet(); allowedPairwiseCiphers = new BitSet(); allowedGroupCiphers = new BitSet(); + allowedGroupMgmtCiphers = new BitSet(); + allowedSuiteBCiphers = new BitSet(); wepKeys = new String[4]; for (int i = 0; i < wepKeys.length; i++) { wepKeys[i] = null; @@ -1595,7 +1682,8 @@ public class WifiConfiguration implements Parcelable { @UnsupportedAppUsage public boolean isEnterprise() { return (allowedKeyManagement.get(KeyMgmt.WPA_EAP) - || allowedKeyManagement.get(KeyMgmt.IEEE8021X)) + || allowedKeyManagement.get(KeyMgmt.IEEE8021X) + || allowedKeyManagement.get(KeyMgmt.SUITE_B_192)) && enterpriseConfig != null && enterpriseConfig.getEapMethod() != WifiEnterpriseConfig.Eap.NONE; } @@ -1613,6 +1701,7 @@ public class WifiConfiguration implements Parcelable { append(" BSSID: ").append(this.BSSID).append(" FQDN: ").append(this.FQDN) .append(" PRIO: ").append(this.priority) .append(" HIDDEN: ").append(this.hiddenSSID) + .append(" PMF: ").append(this.requirePMF) .append('\n'); @@ -1725,10 +1814,35 @@ public class WifiConfiguration implements Parcelable { } } } - sbuf.append('\n').append(" PSK: "); + sbuf.append('\n'); + sbuf.append(" GroupMgmtCiphers:"); + for (int gmc = 0; gmc < this.allowedGroupMgmtCiphers.size(); gmc++) { + if (this.allowedGroupMgmtCiphers.get(gmc)) { + sbuf.append(" "); + if (gmc < GroupMgmtCipher.strings.length) { + sbuf.append(GroupMgmtCipher.strings[gmc]); + } else { + sbuf.append("??"); + } + } + } + sbuf.append('\n'); + sbuf.append(" SuiteBCiphers:"); + for (int sbc = 0; sbc < this.allowedSuiteBCiphers.size(); sbc++) { + if (this.allowedSuiteBCiphers.get(sbc)) { + sbuf.append(" "); + if (sbc < SuiteBCipher.strings.length) { + sbuf.append(SuiteBCipher.strings[sbc]); + } else { + sbuf.append("??"); + } + } + } + sbuf.append('\n').append(" PSK/SAE: "); if (this.preSharedKey != null) { sbuf.append('*'); } + sbuf.append("\nEnterprise config:\n"); sbuf.append(enterpriseConfig); @@ -1891,6 +2005,12 @@ public class WifiConfiguration implements Parcelable { return KeyMgmt.WPA_EAP; } else if (allowedKeyManagement.get(KeyMgmt.IEEE8021X)) { return KeyMgmt.IEEE8021X; + } else if (allowedKeyManagement.get(KeyMgmt.SAE)) { + return KeyMgmt.SAE; + } else if (allowedKeyManagement.get(KeyMgmt.OWE)) { + return KeyMgmt.OWE; + } else if (allowedKeyManagement.get(KeyMgmt.SUITE_B_192)) { + return KeyMgmt.SUITE_B_192; } return KeyMgmt.NONE; } @@ -1922,6 +2042,12 @@ public class WifiConfiguration implements Parcelable { key = SSID + KeyMgmt.strings[KeyMgmt.WPA_EAP]; } else if (wepKeys[0] != null) { key = SSID + "WEP"; + } else if (allowedKeyManagement.get(KeyMgmt.OWE)) { + key = SSID + KeyMgmt.strings[KeyMgmt.OWE]; + } else if (allowedKeyManagement.get(KeyMgmt.SAE)) { + key = SSID + KeyMgmt.strings[KeyMgmt.SAE]; + } else if (allowedKeyManagement.get(KeyMgmt.SUITE_B_192)) { + key = SSID + KeyMgmt.strings[KeyMgmt.SUITE_B_192]; } else { key = SSID + KeyMgmt.strings[KeyMgmt.NONE]; } @@ -2090,6 +2216,8 @@ public class WifiConfiguration implements Parcelable { allowedAuthAlgorithms = (BitSet) source.allowedAuthAlgorithms.clone(); allowedPairwiseCiphers = (BitSet) source.allowedPairwiseCiphers.clone(); allowedGroupCiphers = (BitSet) source.allowedGroupCiphers.clone(); + allowedGroupMgmtCiphers = (BitSet) source.allowedGroupMgmtCiphers.clone(); + allowedSuiteBCiphers = (BitSet) source.allowedSuiteBCiphers.clone(); enterpriseConfig = new WifiEnterpriseConfig(source.enterpriseConfig); defaultGwMacAddress = source.defaultGwMacAddress; @@ -2132,6 +2260,7 @@ public class WifiConfiguration implements Parcelable { recentFailure.setAssociationStatus(source.recentFailure.getAssociationStatus()); mRandomizedMacAddress = source.mRandomizedMacAddress; macRandomizationSetting = source.macRandomizationSetting; + requirePMF = source.requirePMF; } } @@ -2167,6 +2296,8 @@ public class WifiConfiguration implements Parcelable { writeBitSet(dest, allowedAuthAlgorithms); writeBitSet(dest, allowedPairwiseCiphers); writeBitSet(dest, allowedGroupCiphers); + writeBitSet(dest, allowedGroupMgmtCiphers); + writeBitSet(dest, allowedSuiteBCiphers); dest.writeParcelable(enterpriseConfig, flags); @@ -2235,6 +2366,8 @@ public class WifiConfiguration implements Parcelable { config.allowedAuthAlgorithms = readBitSet(in); config.allowedPairwiseCiphers = readBitSet(in); config.allowedGroupCiphers = readBitSet(in); + config.allowedGroupMgmtCiphers = readBitSet(in); + config.allowedSuiteBCiphers = readBitSet(in); config.enterpriseConfig = in.readParcelable(null); config.setIpConfiguration(in.readParcelable(null)); diff --git a/wifi/java/android/net/wifi/WifiManager.java b/wifi/java/android/net/wifi/WifiManager.java index 9ce548601f23..453d722823ea 100644 --- a/wifi/java/android/net/wifi/WifiManager.java +++ b/wifi/java/android/net/wifi/WifiManager.java @@ -1856,7 +1856,12 @@ public class WifiManager { public static final int WIFI_FEATURE_SCAN_RAND = 0x2000000; // Random MAC & Probe seq /** @hide */ public static final int WIFI_FEATURE_TX_POWER_LIMIT = 0x4000000; // Set Tx power limit - + /** @hide */ + public static final int WIFI_FEATURE_WPA3_SAE = 0x8000000; // WPA3-Personal SAE + /** @hide */ + public static final int WIFI_FEATURE_WPA3_SUITE_B = 0x10000000; // WPA3-Enterprise Suite-B + /** @hide */ + public static final int WIFI_FEATURE_OWE = 0x20000000; // Enhanced Open private int getSupportedFeatures() { try { @@ -4246,4 +4251,31 @@ public class WifiManager { private void updateVerboseLoggingEnabledFromService() { mVerboseLoggingEnabled = getVerboseLoggingLevel() > 0; } + + /** + * @return true if this device supports WPA3-Personal SAE + * @hide + */ + @SystemApi + public boolean isWpa3SaeSupported() { + return isFeatureSupported(WIFI_FEATURE_WPA3_SAE); + } + + /** + * @return true if this device supports WPA3-Enterprise Suite-B-192 + * @hide + */ + @SystemApi + public boolean isWpa3SuiteBSupported() { + return isFeatureSupported(WIFI_FEATURE_WPA3_SUITE_B); + } + + /** + * @return true if this device supports Wi-Fi Enhanced Open (OWE) + * @hide + */ + @SystemApi + public boolean isOweSupported() { + return isFeatureSupported(WIFI_FEATURE_OWE); + } } |