Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e78228f6 authored by Nate Jiang's avatar Nate Jiang Committed by Automerger Merge Worker
Browse files

Merge "Use installed keystore alias to check if enterprise config is insure"... 

Merge "Use installed keystore alias to check if enterprise config is insure" into rvc-dev am: 0a327227 am: c7ae85f4 am: ede7a007 am: cc69dcfd

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/11936921

Change-Id: I58c5a85fcbca9f7ded960bad73a2193fd2641d2a
parents 081e9f43 cc69dcfd

wifi/java/android/net/wifi/WifiEnterpriseConfig.java

+12 −3
Original line number Diff line number Diff line
@@ -1425,10 +1425,19 @@ public class WifiEnterpriseConfig implements Parcelable { 
        if (mEapMethod != Eap.PEAP && mEapMethod != Eap.TLS && mEapMethod != Eap.TTLS) {

            return false;

        }

        if (!mIsAppInstalledCaCert && TextUtils.isEmpty(getCaPath())) {

        if (TextUtils.isEmpty(getAltSubjectMatch())

                && TextUtils.isEmpty(getDomainSuffixMatch())) {

            // Both subject and domain match are not set, it's insecure.

            return true;

        }

        return TextUtils.isEmpty(getAltSubjectMatch()) && TextUtils.isEmpty(

                getDomainSuffixMatch());

        if (mIsAppInstalledCaCert) {

            // CA certificate is installed by App, it's secure.

            return false;

        }

        if (getCaCertificateAliases() != null) {

            // CA certificate alias from keyStore is set, it's secure.

            return false;

        }

        return TextUtils.isEmpty(getCaPath());

    }

}

wifi/tests/src/android/net/wifi/WifiEnterpriseConfigTest.java

+7 −0
Original line number Diff line number Diff line
@@ -565,6 +565,13 @@ public class WifiEnterpriseConfigTest { 
        secureConfig.setCaCertificate(FakeKeys.CA_CERT0);

        secureConfig.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        assertFalse(secureConfig.isInsecure());



        WifiEnterpriseConfig secureConfigWithCaAlias = new WifiEnterpriseConfig();

        secureConfigWithCaAlias.setEapMethod(Eap.PEAP);

        secureConfigWithCaAlias.setPhase2Method(Phase2.MSCHAPV2);

        secureConfigWithCaAlias.setCaCertificateAliases(new String[]{"alias1", "alisa2"});

        secureConfigWithCaAlias.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        assertFalse(secureConfigWithCaAlias.isInsecure());

    }



}