Merge "Fix the cipher usage for PASN" into main

author: Mahesh KKV <maheshkkv@google.com> 2025-03-14 18:46:15 -0700
committer: Android (Google) Code Review <android-gerrit@google.com> 2025-03-14 18:46:15 -0700
commit: a3b21c326cb5efb483bd32d07b617dc988719cf8 (patch)
tree: 8fcdc295b6e66169bc467108437b768eb7bd00d7
parent: 5d83e0c385fc4989895a2d4b2deb1bad85b56ff3 (diff)
parent: 452e0ea4c4d5331907fecbaf97299f45ce7c32ec (diff)
6 files changed, 82 insertions, 3 deletions
diff --git a/framework/java/android/net/wifi/ScanResult.java b/framework/java/android/net/wifi/ScanResult.java
index 6954590ae9..e4c91c4c75 100644
--- a/framework/java/android/net/wifi/ScanResult.java
+++ b/framework/java/android/net/wifi/ScanResult.java
@@ -442,6 +442,12 @@ public final class ScanResult implements Parcelable {
      */
     @SystemApi
     public static final int CIPHER_BIP_CMAC_256 = 9;
+    /**
+     * @hide
+     * Cipher suite: CCMP_256
+     */
+    public static final int CIPHER_CCMP_256 = 10;
+
 
     /**
      * The detected signal level in dBm, also known as the RSSI.
diff --git a/framework/java/android/net/wifi/rtt/PasnConfig.java b/framework/java/android/net/wifi/rtt/PasnConfig.java
index 898e521aa7..550fa6f5ea 100644
--- a/framework/java/android/net/wifi/rtt/PasnConfig.java
+++ b/framework/java/android/net/wifi/rtt/PasnConfig.java
@@ -176,7 +176,7 @@ public final class PasnConfig implements Parcelable {
         sStringToCipher.put("None", CIPHER_NONE);
         sStringToCipher.put("-CCMP]", CIPHER_CCMP_128);
         sStringToCipher.put("-CCMP-256]", CIPHER_CCMP_256);
-        sStringToCipher.put("-GCMP-128]", CIPHER_GCMP_128);
+        sStringToCipher.put("-GCMP]", CIPHER_GCMP_128);
         sStringToCipher.put("-GCMP-256]", CIPHER_GCMP_256);
     }
 
diff --git a/framework/tests/src/android/net/wifi/rtt/PasnConfigTest.java b/framework/tests/src/android/net/wifi/rtt/PasnConfigTest.java
index 748b7d60db..a5e4798cad 100644
--- a/framework/tests/src/android/net/wifi/rtt/PasnConfigTest.java
+++ b/framework/tests/src/android/net/wifi/rtt/PasnConfigTest.java
@@ -200,8 +200,12 @@ public class PasnConfigTest {
         assertEquals(PasnConfig.CIPHER_NONE, PasnConfig.getCiphersFromCapabilities(""));
         assertEquals(PasnConfig.CIPHER_CCMP_128,
                 PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-CCMP]"));
+        assertEquals(PasnConfig.CIPHER_CCMP_256,
+                PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-CCMP-256]"));
         assertEquals(PasnConfig.CIPHER_GCMP_128,
-                PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-GCMP-128]"));
+                PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-GCMP]"));
+        assertEquals(PasnConfig.CIPHER_GCMP_256,
+                PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-GCMP-256]"));
     }
 
     /**
diff --git a/framework/tests/src/android/net/wifi/rtt/WifiRttManagerTest.java b/framework/tests/src/android/net/wifi/rtt/WifiRttManagerTest.java
index 08d5f40385..3426b76800 100644
--- a/framework/tests/src/android/net/wifi/rtt/WifiRttManagerTest.java
+++ b/framework/tests/src/android/net/wifi/rtt/WifiRttManagerTest.java
@@ -864,7 +864,7 @@ public class WifiRttManagerTest {
         scanResult.setFlag(
                 ScanResult.FLAG_80211az_NTB_RESPONDER | ScanResult.FLAG_SECURE_HE_LTF_SUPPORTED);
         scanResult.informationElements = ie;
-        scanResult.capabilities = "[RSN-PASN-SAE+SAE_EXT_KEY-GCMP-128]";
+        scanResult.capabilities = "[RSN-PASN-SAE+SAE_EXT_KEY-GCMP]";
         scanResult.setWifiSsid(WifiSsid.fromString("\"TEST_SSID\""));
 
         RangingRequest.Builder builder = new RangingRequest.Builder();
diff --git a/service/java/com/android/server/wifi/util/InformationElementUtil.java b/service/java/com/android/server/wifi/util/InformationElementUtil.java
index 37a07a5ca8..f4fd25c168 100644
--- a/service/java/com/android/server/wifi/util/InformationElementUtil.java
+++ b/service/java/com/android/server/wifi/util/InformationElementUtil.java
@@ -1895,6 +1895,7 @@ public class InformationElementUtil {
         private static final int RSN_CIPHER_CCMP = 0x04ac0f00;
         private static final int RSN_CIPHER_NO_GROUP_ADDRESSED = 0x07ac0f00;
         private static final int RSN_CIPHER_GCMP_256 = 0x09ac0f00;
+        private static final int RSN_CIPHER_CCMP_256 = 0x0aac0f00;
         private static final int RSN_CIPHER_GCMP_128 = 0x08ac0f00;
         private static final int RSN_CIPHER_BIP_GMAC_128 = 0x0bac0f00;
         private static final int RSN_CIPHER_BIP_GMAC_256 = 0x0cac0f00;
@@ -2129,6 +2130,8 @@ public class InformationElementUtil {
                     return ScanResult.CIPHER_TKIP;
                 case RSN_CIPHER_CCMP:
                     return ScanResult.CIPHER_CCMP;
+                case RSN_CIPHER_CCMP_256:
+                    return ScanResult.CIPHER_CCMP_256;
                 case RSN_CIPHER_GCMP_256:
                     return ScanResult.CIPHER_GCMP_256;
                 case RSN_CIPHER_NO_GROUP_ADDRESSED:
@@ -2490,6 +2493,10 @@ public class InformationElementUtil {
                     return "None";
                 case ScanResult.CIPHER_CCMP:
                     return "CCMP";
+                case ScanResult.CIPHER_CCMP_256:
+                    return "CCMP-256";
+                case ScanResult.CIPHER_GCMP_128:
+                    return "GCMP";
                 case ScanResult.CIPHER_GCMP_256:
                     return "GCMP-256";
                 case ScanResult.CIPHER_TKIP:
diff --git a/service/tests/wifitests/src/com/android/server/wifi/util/InformationElementUtilTest.java b/service/tests/wifitests/src/com/android/server/wifi/util/InformationElementUtilTest.java
index eb9083acd3..e45b9dbf0c 100644
--- a/service/tests/wifitests/src/com/android/server/wifi/util/InformationElementUtilTest.java
+++ b/service/tests/wifitests/src/com/android/server/wifi/util/InformationElementUtilTest.java
@@ -1015,6 +1015,38 @@ public class InformationElementUtilTest extends WifiBaseTest {
     }
 
     /**
+     * Test Capabilities.generateCapabilitiesString() with RSN IE, GCMP-128 and SUITE_B_192.
+     * Expect the function to return a string with the proper security information.
+     */
+    @Test
+    public void buildCapabilities_rsnSuiteB192ElementWithGcmp128() {
+        InformationElement ieRsn = new InformationElement();
+        ieRsn.id = InformationElement.EID_RSN;
+        ieRsn.bytes = new byte[] {
+                // RSNE Version (0x0001)
+                (byte) 0x01, (byte) 0x00,
+                // Group cipher suite: GCMP-128
+                (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x09,
+                // Number of cipher suites (1)
+                (byte) 0x01, (byte) 0x00,
+                // Cipher suite: GCMP-256
+                (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x08,
+                // Number of AKMs (1)
+                (byte) 0x01, (byte) 0x00,
+                // SUITE_B_192 AKM
+                (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x0C,
+                // RSN capabilities
+                (byte) 0x40, (byte) 0x00,
+                // PMKID count
+                (byte) 0x00, (byte) 0x00,
+                // Group mgmt cipher suite: BIP_GMAC_256
+                (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x0c,
+        };
+        verifyCapabilityStringFromIeWithoutOweSupported(ieRsn,
+                "[RSN-EAP_SUITE_B_192-GCMP][MFPR]");
+    }
+
+    /**
      * Test Capabilities.generateCapabilitiesString() with RSN IE,
      * CCMP and FILS SHA256. Expect the function to return a string
      * with the proper security information.
@@ -2865,6 +2897,36 @@ public class InformationElementUtilTest extends WifiBaseTest {
     }
 
     /**
+     * Test Capabilities.generateCapabilitiesString() with a RSN IE.
+     * Expect the function to return a string with the proper security information.
+     */
+    @Test
+    public void buildCapabilities_rsnElementWithPasnSaeAndCcmp256() {
+        InformationElement ie = new InformationElement();
+        ie.id = InformationElement.EID_RSN;
+        ie.bytes = new byte[] {
+                // Version
+                (byte) 0x01, (byte) 0x00,
+                // Group cipher suite: TKIP
+                (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x02,
+                // Pairwise cipher count
+                (byte) 0x01, (byte) 0x00,
+                // Pairwise cipher suite: CCMP-256
+                (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x0A,
+                // AKM count
+                (byte) 0x02, (byte) 0x00,
+                // AMK suite: PASN
+                (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x15,
+                // AKM suite: SAE
+                (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x08,
+                // RSN capabilities
+                (byte) 0x40, (byte) 0x00,
+        };
+        verifyCapabilityStringFromIeWithoutOweSupported(ie,
+                "[RSN-PASN+SAE-CCMP-256][MFPR]");
+    }
+
+    /**
      * Test RSNXE capabilities for IEEE 802.11az secure ranging support.
      * <ul>
      *     <li> Bit 8 : Secure HE-LTF Support
author	Mahesh KKV <maheshkkv@google.com>	2025-03-14 18:46:15 -0700
committer	Android (Google) Code Review <android-gerrit@google.com>	2025-03-14 18:46:15 -0700
commit	a3b21c326cb5efb483bd32d07b617dc988719cf8 (patch)
tree	8fcdc295b6e66169bc467108437b768eb7bd00d7
parent	5d83e0c385fc4989895a2d4b2deb1bad85b56ff3 (diff)
parent	452e0ea4c4d5331907fecbaf97299f45ce7c32ec (diff)