Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 14b245d3 authored by Automerger Merge Worker's avatar Automerger Merge Worker
Browse files

Merge "Merge "Use installed keystore alias to check if enterprise config is... 

Merge "Merge "Use installed keystore alias to check if enterprise config is insure" into rvc-dev am: 0a327227 am: c7ae85f4" into rvc-d1-dev-plus-aosp am: 854bf943

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/11936921

Change-Id: I94b2cb2f75f3760e466e951044915b74832fc112
parents 2eedd156 854bf943

wifi/java/android/net/wifi/WifiEnterpriseConfig.java

+12 −3
Original line number Diff line number Diff line
@@ -1425,10 +1425,19 @@ public class WifiEnterpriseConfig implements Parcelable { 
        if (mEapMethod != Eap.PEAP && mEapMethod != Eap.TLS && mEapMethod != Eap.TTLS) {

            return false;

        }

        if (!mIsAppInstalledCaCert && TextUtils.isEmpty(getCaPath())) {

        if (TextUtils.isEmpty(getAltSubjectMatch())

                && TextUtils.isEmpty(getDomainSuffixMatch())) {

            // Both subject and domain match are not set, it's insecure.

            return true;

        }

        return TextUtils.isEmpty(getAltSubjectMatch()) && TextUtils.isEmpty(

                getDomainSuffixMatch());

        if (mIsAppInstalledCaCert) {

            // CA certificate is installed by App, it's secure.

            return false;

        }

        if (getCaCertificateAliases() != null) {

            // CA certificate alias from keyStore is set, it's secure.

            return false;

        }

        return TextUtils.isEmpty(getCaPath());

    }

}

wifi/tests/src/android/net/wifi/WifiEnterpriseConfigTest.java

+7 −0
Original line number Diff line number Diff line
@@ -565,6 +565,13 @@ public class WifiEnterpriseConfigTest { 
        secureConfig.setCaCertificate(FakeKeys.CA_CERT0);

        secureConfig.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        assertFalse(secureConfig.isInsecure());



        WifiEnterpriseConfig secureConfigWithCaAlias = new WifiEnterpriseConfig();

        secureConfigWithCaAlias.setEapMethod(Eap.PEAP);

        secureConfigWithCaAlias.setPhase2Method(Phase2.MSCHAPV2);

        secureConfigWithCaAlias.setCaCertificateAliases(new String[]{"alias1", "alisa2"});

        secureConfigWithCaAlias.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        assertFalse(secureConfigWithCaAlias.isInsecure());

    }



}