diff options
| author | 2025-03-20 22:26:44 -0700 | |
|---|---|---|
| committer | 2025-03-20 22:26:44 -0700 | |
| commit | f0dba4d92dce95c5db6a8d03890da3c1237d4734 (patch) | |
| tree | 6c00f80e1d7d424939bd66363d20e1921793d993 | |
| parent | d9155dc8da4c4d57c6f6050ab6bf528a402529a4 (diff) | |
Fix parsing of CIPHER and AKM for secure ranging
The capability string, found in scan results, includes encodings
for supported AKMs and CIPHERs by the AP. Building secure
ranging responder configuration process requires parsing these
encodings to populate the PASN configuration with the available
AKMs and CIPHERs. Later the best AKM and CIPHER is selected
based on the device capability.
Also make the CIPHER string for CCMP and GCMP explicitly as
CCMP-128 and GCMP-128.
Bug: 356734952
Test: atest FrameworksWifiTests
Flag: EXEMPT bug fix
Change-Id: I47329fe3b81535ac2a8cf4b70f9d4c89cf6aae75
5 files changed, 56 insertions, 53 deletions
diff --git a/framework/java/android/net/wifi/rtt/PasnConfig.java b/framework/java/android/net/wifi/rtt/PasnConfig.java index 547d94bb67..291a963f5b 100644 --- a/framework/java/android/net/wifi/rtt/PasnConfig.java +++ b/framework/java/android/net/wifi/rtt/PasnConfig.java @@ -120,17 +120,14 @@ public final class PasnConfig implements Parcelable { static { sStringToAkm.put("None", AKM_NONE); - sStringToAkm.put("PASN-", AKM_PASN); - // Transition mode. e.g. "[RSN-SAE+SAE_EXT_KEY-CCMP]" - sStringToAkm.put("SAE+", AKM_SAE); - // SAE mode only. e.g. "[RSN-PSK+SAE-CCMP]" - sStringToAkm.put("SAE-", AKM_SAE); - sStringToAkm.put("EAP-FILS-SHA256-", AKM_FILS_EAP_SHA256); - sStringToAkm.put("EAP-FILS-SHA384-", AKM_FILS_EAP_SHA384); - sStringToAkm.put("FT/EAP-", AKM_FT_EAP_SHA256); - sStringToAkm.put("FT/PSK-", AKM_FT_PSK_SHA256); - sStringToAkm.put("EAP-FT-SHA384-", AKM_FT_EAP_SHA384); - sStringToAkm.put("FT/PSK-SHA384-", AKM_FT_PSK_SHA384); + sStringToAkm.put("PASN", AKM_PASN); + sStringToAkm.put("SAE", AKM_SAE); + sStringToAkm.put("EAP-FILS-SHA256", AKM_FILS_EAP_SHA256); + sStringToAkm.put("EAP-FILS-SHA384", AKM_FILS_EAP_SHA384); + sStringToAkm.put("FT/EAP", AKM_FT_EAP_SHA256); + sStringToAkm.put("FT/PSK", AKM_FT_PSK_SHA256); + sStringToAkm.put("EAP-FT-SHA384", AKM_FT_EAP_SHA384); + sStringToAkm.put("FT/PSK-SHA384", AKM_FT_PSK_SHA384); } /** @@ -174,10 +171,10 @@ public final class PasnConfig implements Parcelable { static { sStringToCipher.put("None", CIPHER_NONE); - sStringToCipher.put("-CCMP]", CIPHER_CCMP_128); - sStringToCipher.put("-CCMP-256]", CIPHER_CCMP_256); - sStringToCipher.put("-GCMP]", CIPHER_GCMP_128); - sStringToCipher.put("-GCMP-256]", CIPHER_GCMP_256); + sStringToCipher.put("CCMP-128", CIPHER_CCMP_128); + sStringToCipher.put("CCMP-256", CIPHER_CCMP_256); + sStringToCipher.put("GCMP-128", CIPHER_GCMP_128); + sStringToCipher.put("GCMP-256", CIPHER_GCMP_256); } @AkmType diff --git a/framework/tests/src/android/net/wifi/rtt/PasnConfigTest.java b/framework/tests/src/android/net/wifi/rtt/PasnConfigTest.java index a5e4798cad..d6a52be8c8 100644 --- a/framework/tests/src/android/net/wifi/rtt/PasnConfigTest.java +++ b/framework/tests/src/android/net/wifi/rtt/PasnConfigTest.java @@ -184,11 +184,13 @@ public class PasnConfigTest { assertEquals(PasnConfig.AKM_NONE, PasnConfig.getBaseAkmsFromCapabilities(null)); assertEquals(PasnConfig.AKM_NONE, PasnConfig.getBaseAkmsFromCapabilities("")); assertEquals(PasnConfig.AKM_SAE, - PasnConfig.getBaseAkmsFromCapabilities("[RSN-SAE+SAE_EXT_KEY-CCMP]")); + PasnConfig.getBaseAkmsFromCapabilities("[RSN-SAE+SAE_EXT_KEY-CCMP-128]")); assertEquals(PasnConfig.AKM_SAE, - PasnConfig.getBaseAkmsFromCapabilities("[RSN-PSK+SAE-CCMP]")); + PasnConfig.getBaseAkmsFromCapabilities("[RSN-PSK+SAE-CCMP-128]")); assertEquals(PasnConfig.AKM_FT_PSK_SHA256, - PasnConfig.getBaseAkmsFromCapabilities("[RSN-FT/PSK-CCMP]")); + PasnConfig.getBaseAkmsFromCapabilities("[RSN-FT/PSK-CCMP-128]")); + assertEquals(PasnConfig.AKM_SAE | PasnConfig.AKM_PASN, + PasnConfig.getBaseAkmsFromCapabilities("[RSN-PSK+SAE+PASN-CCMP-128]")); } /** @@ -199,13 +201,15 @@ public class PasnConfigTest { assertEquals(PasnConfig.CIPHER_NONE, PasnConfig.getCiphersFromCapabilities(null)); assertEquals(PasnConfig.CIPHER_NONE, PasnConfig.getCiphersFromCapabilities("")); assertEquals(PasnConfig.CIPHER_CCMP_128, - PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-CCMP]")); + PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-CCMP-128]")); assertEquals(PasnConfig.CIPHER_CCMP_256, PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-CCMP-256]")); assertEquals(PasnConfig.CIPHER_GCMP_128, - PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-GCMP]")); + PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-GCMP-128]")); assertEquals(PasnConfig.CIPHER_GCMP_256, PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-GCMP-256]")); + assertEquals(PasnConfig.CIPHER_GCMP_256 | PasnConfig.CIPHER_CCMP_128, + PasnConfig.getCiphersFromCapabilities("[RSN-SAE+SAE_EXT_KEY-GCMP-256+CCMP-128]")); } /** diff --git a/framework/tests/src/android/net/wifi/rtt/WifiRttManagerTest.java b/framework/tests/src/android/net/wifi/rtt/WifiRttManagerTest.java index 3426b76800..08d5f40385 100644 --- a/framework/tests/src/android/net/wifi/rtt/WifiRttManagerTest.java +++ b/framework/tests/src/android/net/wifi/rtt/WifiRttManagerTest.java @@ -864,7 +864,7 @@ public class WifiRttManagerTest { scanResult.setFlag( ScanResult.FLAG_80211az_NTB_RESPONDER | ScanResult.FLAG_SECURE_HE_LTF_SUPPORTED); scanResult.informationElements = ie; - scanResult.capabilities = "[RSN-PASN-SAE+SAE_EXT_KEY-GCMP]"; + scanResult.capabilities = "[RSN-PASN-SAE+SAE_EXT_KEY-GCMP-128]"; scanResult.setWifiSsid(WifiSsid.fromString("\"TEST_SSID\"")); RangingRequest.Builder builder = new RangingRequest.Builder(); diff --git a/service/java/com/android/server/wifi/util/InformationElementUtil.java b/service/java/com/android/server/wifi/util/InformationElementUtil.java index f4fd25c168..9ac19d6283 100644 --- a/service/java/com/android/server/wifi/util/InformationElementUtil.java +++ b/service/java/com/android/server/wifi/util/InformationElementUtil.java @@ -2492,11 +2492,11 @@ public class InformationElementUtil { case ScanResult.CIPHER_NONE: return "None"; case ScanResult.CIPHER_CCMP: - return "CCMP"; + return "CCMP-128"; case ScanResult.CIPHER_CCMP_256: return "CCMP-256"; case ScanResult.CIPHER_GCMP_128: - return "GCMP"; + return "GCMP-128"; case ScanResult.CIPHER_GCMP_256: return "GCMP-256"; case ScanResult.CIPHER_TKIP: diff --git a/service/tests/wifitests/src/com/android/server/wifi/util/InformationElementUtilTest.java b/service/tests/wifitests/src/com/android/server/wifi/util/InformationElementUtilTest.java index e45b9dbf0c..0c6dfe15ce 100644 --- a/service/tests/wifitests/src/com/android/server/wifi/util/InformationElementUtilTest.java +++ b/service/tests/wifitests/src/com/android/server/wifi/util/InformationElementUtilTest.java @@ -515,7 +515,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x02, (byte) 0x00, (byte) 0x00 }; verifyCapabilityStringFromIeWithoutOweSupported(ie, - "[WPA2-PSK-CCMP+TKIP][RSN-PSK-CCMP+TKIP]"); + "[WPA2-PSK-CCMP-128+TKIP][RSN-PSK-CCMP-128+TKIP]"); } /** @@ -537,7 +537,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x00 // RSN capabilities }; verifyCapabilityStringFromIeWithoutOweSupported(ie, - "[RSN-?-CCMP+TKIP]"); + "[RSN-?-CCMP-128+TKIP]"); } /** @@ -576,7 +576,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x0c, }; verifyCapabilityStringFromIeWithoutOweSupported(ie, - "[WPA2-EAP/SHA1-CCMP+TKIP][RSN-EAP/SHA1-CCMP+TKIP][MFPR]"); + "[WPA2-EAP/SHA1-CCMP-128+TKIP][RSN-EAP/SHA1-CCMP-128+TKIP][MFPR]"); } /** @@ -608,8 +608,8 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x0c, }; verifyCapabilityStringFromIeWithoutOweSupported(ie, - "[WPA2-EAP/SHA256-CCMP]" - + "[RSN-EAP/SHA256-CCMP][MFPR][MFPC]"); + "[WPA2-EAP/SHA256-CCMP-128]" + + "[RSN-EAP/SHA256-CCMP-128][MFPR][MFPC]"); } /** @@ -637,8 +637,8 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0xc0, (byte) 0x00, }; verifyCapabilityStringFromIeWithoutOweSupported(ie, - "[WPA2-EAP/SHA256-CCMP]" - + "[RSN-EAP/SHA256-CCMP][MFPR][MFPC]"); + "[WPA2-EAP/SHA256-CCMP-128]" + + "[RSN-EAP/SHA256-CCMP-128][MFPR][MFPC]"); } /** @@ -672,8 +672,8 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x0c, }; verifyCapabilityStringFromIeWithoutOweSupported(ie, - "[WPA2-EAP/SHA1+EAP/SHA256-CCMP]" - + "[RSN-EAP/SHA1+EAP/SHA256-CCMP][MFPC]"); + "[WPA2-EAP/SHA1+EAP/SHA256-CCMP-128]" + + "[RSN-EAP/SHA1+EAP/SHA256-CCMP-128][MFPC]"); } /** @@ -703,7 +703,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x40, (byte) 0x00, }; verifyCapabilityStringFromIeWithoutOweSupported(ie, - "[WPA2-EAP/SHA1-CCMP+TKIP][RSN-EAP/SHA1-CCMP+TKIP][MFPR]"); + "[WPA2-EAP/SHA1-CCMP-128+TKIP][RSN-EAP/SHA1-CCMP-128+TKIP][MFPR]"); } /** @@ -736,7 +736,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x50, (byte) 0xF2, (byte) 0x02, (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x50, (byte) 0xF2, (byte) 0x02, (byte) 0x00, (byte) 0x00 }; - verifyCapabilityStringFromIeWithoutOweSupported(ie, "[WPA-PSK-CCMP+TKIP]"); + verifyCapabilityStringFromIeWithoutOweSupported(ie, "[WPA-PSK-CCMP-128+TKIP]"); } /** @@ -757,7 +757,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x01, (byte) 0x00, // AKM count (byte) 0x00, (byte) 0x50, (byte) 0x99, (byte) 0x99, // Unknown AKM (byte) 0x00, (byte) 0x00}; - verifyCapabilityStringFromIeWithoutOweSupported(ie, "[WPA-?-CCMP+TKIP]"); + verifyCapabilityStringFromIeWithoutOweSupported(ie, "[WPA-?-CCMP-128+TKIP]"); } /** @@ -805,7 +805,7 @@ public class InformationElementUtilTest extends WifiBaseTest { 0x1 << 4, false, false, - "[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][RSN-PSK-CCMP+TKIP]", + "[WPA-PSK-CCMP-128+TKIP][WPA2-PSK-CCMP-128+TKIP][RSN-PSK-CCMP-128+TKIP]", null); } @@ -835,7 +835,7 @@ public class InformationElementUtilTest extends WifiBaseTest { // Padding (byte) 0x00, (byte) 0x00 }; verifyCapabilityStringFromIeWithOweSupported( - ieRsn, "[WPA2-PSK-CCMP][RSN-PSK+SAE-CCMP]", null); + ieRsn, "[WPA2-PSK-CCMP-128][RSN-PSK+SAE-CCMP-128]", null); } /** @@ -863,7 +863,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x09, // Padding (byte) 0x00, (byte) 0x00 }; - verifyCapabilityStringFromIeWithOweSupported(ieRsn, "[RSN-SAE+FT/SAE-CCMP]", null); + verifyCapabilityStringFromIeWithOweSupported(ieRsn, "[RSN-SAE+FT/SAE-CCMP-128]", null); } /** @@ -891,7 +891,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x18, // Padding (byte) 0x00, (byte) 0x00 }; - verifyCapabilityStringFromIeWithOweSupported(ieRsn, "[RSN-SAE+SAE_EXT_KEY-CCMP]", null); + verifyCapabilityStringFromIeWithOweSupported(ieRsn, "[RSN-SAE+SAE_EXT_KEY-CCMP-128]", null); } /** @@ -921,7 +921,7 @@ public class InformationElementUtilTest extends WifiBaseTest { // Padding (byte) 0x00, (byte) 0x00 }; verifyCapabilityStringFromIeWithOweSupported( - ieRsn, "[RSN-SAE_EXT_KEY+FT/SAE_EXT_KEY-CCMP]", null); + ieRsn, "[RSN-SAE_EXT_KEY+FT/SAE_EXT_KEY-CCMP-128]", null); } /** @@ -947,7 +947,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x12, // Padding (byte) 0x00, (byte) 0x00 }; - verifyCapabilityStringFromIeWithOweSupported(ieRsn, "[RSN-OWE-CCMP]", null); + verifyCapabilityStringFromIeWithOweSupported(ieRsn, "[RSN-OWE-CCMP-128]", null); } /** @@ -963,7 +963,8 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x50, (byte) 0x6F, (byte) 0x9A, (byte) 0x1C, // OWE IE contains BSSID, SSID and channel of other BSS, but we don't parse it. (byte) 0x00, (byte) 0x000, (byte) 0x00, (byte) 0x00 }; - verifyCapabilityStringFromIe(ieOwe, 0x1 << 0, true, "[RSN-OWE_TRANSITION-CCMP][ESS]", null); + verifyCapabilityStringFromIe(ieOwe, 0x1 << 0, true, "[RSN-OWE_TRANSITION-CCMP-128][ESS]", + null); } /** @@ -1043,7 +1044,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x0F, (byte) 0xAC, (byte) 0x0c, }; verifyCapabilityStringFromIeWithoutOweSupported(ieRsn, - "[RSN-EAP_SUITE_B_192-GCMP][MFPR]"); + "[RSN-EAP_SUITE_B_192-GCMP-128][MFPR]"); } /** @@ -1076,8 +1077,8 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x00 }; verifyCapabilityStringFromIeWithOweSupported( ieRsn, - "[WPA2-EAP/SHA1+EAP/SHA256+EAP-FILS-SHA256-CCMP]" - + "[RSN-EAP/SHA1+EAP/SHA256+EAP-FILS-SHA256-CCMP]", + "[WPA2-EAP/SHA1+EAP/SHA256+EAP-FILS-SHA256-CCMP-128]" + + "[RSN-EAP/SHA1+EAP/SHA256+EAP-FILS-SHA256-CCMP-128]", null); } @@ -1111,8 +1112,8 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00, (byte) 0x00 }; verifyCapabilityStringFromIeWithOweSupported( ieRsn, - "[WPA2-EAP/SHA1+EAP/SHA256+EAP-FILS-SHA384-CCMP]" - + "[RSN-EAP/SHA1+EAP/SHA256+EAP-FILS-SHA384-CCMP]", + "[WPA2-EAP/SHA1+EAP/SHA256+EAP-FILS-SHA384-CCMP-128]" + + "[RSN-EAP/SHA1+EAP/SHA256+EAP-FILS-SHA384-CCMP-128]", null); } @@ -1162,7 +1163,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x00 }; verifyCapabilityStringFromIeWithOweSupported( - ieRsn, "[RSN-SAE_EXT_KEY-CCMP]", unknownAkmMap); + ieRsn, "[RSN-SAE_EXT_KEY-CCMP-128]", unknownAkmMap); } /** @@ -1244,7 +1245,8 @@ public class InformationElementUtilTest extends WifiBaseTest { 0x1 << 4, true, true, - "[WPA2-PSK-CCMP][RSN-PSK-CCMP][RSN-SAE-CCMP][RSN-SAE_EXT_KEY-GCMP-256][MFPC][RSNO]", + "[WPA2-PSK-CCMP-128][RSN-PSK-CCMP-128][RSN-SAE-CCMP-128][RSN-SAE_EXT_KEY-GCMP-256" + + "][MFPC][RSNO]", null); } @@ -1306,7 +1308,7 @@ public class InformationElementUtilTest extends WifiBaseTest { 0x1 << 4, true, true, - "[RSN-SAE-CCMP][RSN-SAE_EXT_KEY-GCMP-256][MFPR][MFPC][RSNO]", + "[RSN-SAE-CCMP-128][RSN-SAE_EXT_KEY-GCMP-256][MFPR][MFPC][RSNO]", null); } @@ -1365,7 +1367,7 @@ public class InformationElementUtilTest extends WifiBaseTest { 0x1 << 4, true, false, - "[WPA2-PSK-CCMP][RSN-PSK-CCMP]", + "[WPA2-PSK-CCMP-128][RSN-PSK-CCMP-128]", null); } @@ -1412,7 +1414,7 @@ public class InformationElementUtilTest extends WifiBaseTest { ieWps.bytes = new byte[] { (byte) 0x00, (byte) 0x50, (byte) 0xF2, (byte) 0x04 }; InformationElement[] ies = new InformationElement[] { ieWpa, ieWps }; - verifyCapabilityStringFromIes(ies, 0x1 << 4, false, false, "[WPA-PSK-CCMP+TKIP][WPS]", + verifyCapabilityStringFromIes(ies, 0x1 << 4, false, false, "[WPA-PSK-CCMP-128+TKIP][WPS]", null); } @@ -2893,7 +2895,7 @@ public class InformationElementUtilTest extends WifiBaseTest { (byte) 0x40, (byte) 0x00, }; verifyCapabilityStringFromIeWithoutOweSupported(ie, - "[RSN-PASN+SAE-CCMP+GCMP-256][MFPR]"); + "[RSN-PASN+SAE-CCMP-128+GCMP-256][MFPR]"); } /** |