Loading res/layout/wifi_network_config.xml +18 −0 Original line number Diff line number Diff line Loading @@ -187,6 +187,24 @@ android:prompt="@string/wifi_eap_ca_cert"/> </LinearLayout> <LinearLayout android:id="@+id/l_min_tls_ver" android:layout_width="match_parent" android:layout_height="wrap_content" android:visibility="gone" style="@style/wifi_item"> <TextView android:layout_width="wrap_content" android:layout_height="wrap_content" style="@style/wifi_item_label" android:text="@string/wifi_eap_min_tls_ver"/> <Spinner android:id="@+id/min_tls_ver" android:layout_width="match_parent" android:layout_height="wrap_content" style="@style/wifi_item_spinner" android:prompt="@string/wifi_eap_min_tls_ver"/> </LinearLayout> <LinearLayout android:id="@+id/l_ocsp" android:layout_width="match_parent" android:layout_height="wrap_content" Loading res/values/arrays.xml +9 −0 Original line number Diff line number Diff line Loading @@ -211,6 +211,15 @@ <item>Require certificate status</item> </string-array> <!-- Match this with the integer value of WifiEnterpriseConfig.TlsVersion --> <!-- Type of TlsVersion --> <string-array name="wifi_eap_tls_ver" translatable="false"> <item>TLS v1.0</item> <item>TLS v1.1</item> <item>TLS v1.2</item> <item>TLS v1.3</item> </string-array> <!-- Wi-Fi AP band settings. Either 2.4GHz or 5GHz prefer. --> <!-- Note that adding/removing/moving the items will need wifi settings code change. --> <string-array translatable="false" name="wifi_ap_band"> Loading res/values/strings.xml +2 −0 Original line number Diff line number Diff line Loading @@ -1545,6 +1545,8 @@ <string name="please_select_phase2">Phase 2 authentication</string> <!-- Label for the EAP CA certificate of the network --> <string name="wifi_eap_ca_cert">CA certificate</string> <!-- Label for the EAP minimum TLS version of the network --> <string name="wifi_eap_min_tls_ver">Minimum TLS version</string> <!-- Label for the OCSP type of the network. [CHAR LIMIT=32] --> <string name="wifi_eap_ocsp">Online Certificate Status</string> <!-- Label for the domain name that the EAP CA certificate(s) can be used to validate. --> Loading src/com/android/settings/wifi/WifiConfigController2.java +34 −1 Original line number Diff line number Diff line Loading @@ -179,6 +179,7 @@ public class WifiConfigController2 implements TextWatcher, private int mLastShownEapMethod; @VisibleForTesting Spinner mEapSimSpinner; // For EAP-SIM, EAP-AKA and EAP-AKA-PRIME. @VisibleForTesting Spinner mEapCaCertSpinner; private Spinner mEapMinTlsVerSpinner; private Spinner mEapOcspSpinner; private TextView mEapDomainView; private Spinner mPhase2Spinner; Loading Loading @@ -744,11 +745,14 @@ public class WifiConfigController2 implements TextWatcher, + ") should not both be non-null"); } // Only set OCSP option if there is a valid CA certificate. // Only set certificate option if there is a valid CA certificate. if (caCert.equals(mUnspecifiedCertString)) { config.enterpriseConfig.setOcsp(WifiEnterpriseConfig.OCSP_NONE); config.enterpriseConfig.setMinimumTlsVersion(WifiEnterpriseConfig.TLS_V1_0); } else { config.enterpriseConfig.setOcsp(mEapOcspSpinner.getSelectedItemPosition()); config.enterpriseConfig.setMinimumTlsVersion( mEapMinTlsVerSpinner.getSelectedItemPosition()); } String clientCert = (String) mEapUserCertSpinner.getSelectedItem(); Loading Loading @@ -1005,6 +1009,8 @@ public class WifiConfigController2 implements TextWatcher, mPhase2Spinner.setOnItemSelectedListener(this); mEapCaCertSpinner = (Spinner) mView.findViewById(R.id.ca_cert); mEapCaCertSpinner.setOnItemSelectedListener(this); mEapMinTlsVerSpinner = getEapMinTlsVerSpinner(mWifiManager.isTlsV13Supported()); mEapOcspSpinner = (Spinner) mView.findViewById(R.id.ocsp); mEapDomainView = (TextView) mView.findViewById(R.id.domain); mEapDomainView.addTextChangedListener(this); Loading Loading @@ -1148,6 +1154,7 @@ public class WifiConfigController2 implements TextWatcher, setSelection(mEapCaCertSpinner, mMultipleCertSetString); } } mEapMinTlsVerSpinner.setSelection(enterpriseConfig.getMinimumTlsVersion()); mEapOcspSpinner.setSelection(enterpriseConfig.getOcsp()); mEapDomainView.setText(enterpriseConfig.getDomainSuffixMatch()); String userCert = enterpriseConfig.getClientCertificateAlias(); Loading Loading @@ -1179,6 +1186,7 @@ public class WifiConfigController2 implements TextWatcher, mEapMethodSpinner.setAccessibilityDelegate(selectedEventBlocker); mPhase2Spinner.setAccessibilityDelegate(selectedEventBlocker); mEapCaCertSpinner.setAccessibilityDelegate(selectedEventBlocker); mEapMinTlsVerSpinner.setAccessibilityDelegate(selectedEventBlocker); mEapOcspSpinner.setAccessibilityDelegate(selectedEventBlocker); mEapUserCertSpinner.setAccessibilityDelegate(selectedEventBlocker); } Loading Loading @@ -1214,6 +1222,9 @@ public class WifiConfigController2 implements TextWatcher, // Defaults for most of the EAP methods and over-riden by // by certain EAP methods mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); if (mWifiManager.isTlsMinimumVersionSupported()) { mView.findViewById(R.id.l_min_tls_ver).setVisibility(View.VISIBLE); } mView.findViewById(R.id.l_ocsp).setVisibility(View.VISIBLE); mView.findViewById(R.id.password_layout).setVisibility(View.VISIBLE); mView.findViewById(R.id.show_password_layout).setVisibility(View.VISIBLE); Loading @@ -1224,6 +1235,7 @@ public class WifiConfigController2 implements TextWatcher, case WIFI_EAP_METHOD_PWD: setPhase2Invisible(); setCaCertInvisible(); setMinTlsVerInvisible(); setOcspInvisible(); setDomainInvisible(); setAnonymousIdentInvisible(); Loading Loading @@ -1265,6 +1277,7 @@ public class WifiConfigController2 implements TextWatcher, setPhase2Invisible(); setAnonymousIdentInvisible(); setCaCertInvisible(); setMinTlsVerInvisible(); setOcspInvisible(); setDomainInvisible(); setUserCertInvisible(); Loading @@ -1278,6 +1291,7 @@ public class WifiConfigController2 implements TextWatcher, if (eapCertSelection.equals(mUnspecifiedCertString) || (mIsTrustOnFirstUseSupported && eapCertSelection.equals(mTrustOnFirstUse))) { setMinTlsVerInvisible(); // Domain suffix matching is not relevant if the user hasn't chosen a CA // certificate yet, or chooses not to validate the EAP server. setDomainInvisible(); Loading Loading @@ -1319,6 +1333,11 @@ public class WifiConfigController2 implements TextWatcher, setSelection(mEapCaCertSpinner, mUnspecifiedCertString); } private void setMinTlsVerInvisible() { mView.findViewById(R.id.l_min_tls_ver).setVisibility(View.GONE); mEapMinTlsVerSpinner.setSelection(WifiEnterpriseConfig.TLS_V1_0); } private void setOcspInvisible() { mView.findViewById(R.id.l_ocsp).setVisibility(View.GONE); mEapOcspSpinner.setSelection(WifiEnterpriseConfig.OCSP_NONE); Loading Loading @@ -1920,4 +1939,18 @@ public class WifiConfigController2 implements TextWatcher, } }); } @VisibleForTesting Spinner getEapMinTlsVerSpinner(boolean isTlsV13Supported) { Spinner spinner = mView.findViewById(R.id.min_tls_ver); String[] stringArray = mContext.getResources().getStringArray(R.array.wifi_eap_tls_ver); if (!isTlsV13Supported) { Log.w(TAG, "Wi-Fi Enterprise TLS v1.3 is not supported on this device"); List<String> list = new ArrayList<>(Arrays.asList(stringArray)); list.remove(WifiEnterpriseConfig.TLS_V1_3); stringArray = list.toArray(new String[0]); } spinner.setAdapter(getSpinnerAdapter(stringArray)); return spinner; } } tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java +25 −0 Original line number Diff line number Diff line Loading @@ -73,11 +73,16 @@ import org.robolectric.shadows.ShadowInputMethodManager; import org.robolectric.shadows.ShadowSubscriptionManager; import java.util.Arrays; import java.util.List; import java.util.stream.Collectors; import java.util.stream.IntStream; @RunWith(RobolectricTestRunner.class) @Config(shadows = ShadowConnectivityManager.class) public class WifiConfigController2Test { static final String WIFI_EAP_TLS_V1_3 = "TLS v1.3"; @Mock private WifiConfigUiBase2 mConfigUiBase; @Mock Loading Loading @@ -938,6 +943,26 @@ public class WifiConfigController2Test { assertThat(mEapUserCertSpinner.getSelectedItem()).isEqualTo(SAVED_USER_CERT); } @Test public void getEapMinTlsVerSpinner_isTlsV13Supported_containsTlsV13() { Spinner spinner = mController.getEapMinTlsVerSpinner(true /* isTlsV13Supported */); List<Object> list = IntStream.range(0, spinner.getAdapter().getCount()) .mapToObj(spinner.getAdapter()::getItem) .collect(Collectors.toList()); assertThat(list).contains(WIFI_EAP_TLS_V1_3); } @Test public void getEapMinTlsVerSpinner_isNotTlsV13Supported_doesNotContainTlsV13() { Spinner spinner = mController.getEapMinTlsVerSpinner(false /* isTlsV13Supported */); List<Object> list = IntStream.range(0, spinner.getAdapter().getCount()) .mapToObj(spinner.getAdapter()::getItem) .collect(Collectors.toList()); assertThat(list).doesNotContain(WIFI_EAP_TLS_V1_3); } private void setUpModifyingSavedCertificateConfigController(String savedCaCertificate, String savedUserCertificate) { final WifiConfiguration mockWifiConfig = mock(WifiConfiguration.class); Loading Loading
res/layout/wifi_network_config.xml +18 −0 Original line number Diff line number Diff line Loading @@ -187,6 +187,24 @@ android:prompt="@string/wifi_eap_ca_cert"/> </LinearLayout> <LinearLayout android:id="@+id/l_min_tls_ver" android:layout_width="match_parent" android:layout_height="wrap_content" android:visibility="gone" style="@style/wifi_item"> <TextView android:layout_width="wrap_content" android:layout_height="wrap_content" style="@style/wifi_item_label" android:text="@string/wifi_eap_min_tls_ver"/> <Spinner android:id="@+id/min_tls_ver" android:layout_width="match_parent" android:layout_height="wrap_content" style="@style/wifi_item_spinner" android:prompt="@string/wifi_eap_min_tls_ver"/> </LinearLayout> <LinearLayout android:id="@+id/l_ocsp" android:layout_width="match_parent" android:layout_height="wrap_content" Loading
res/values/arrays.xml +9 −0 Original line number Diff line number Diff line Loading @@ -211,6 +211,15 @@ <item>Require certificate status</item> </string-array> <!-- Match this with the integer value of WifiEnterpriseConfig.TlsVersion --> <!-- Type of TlsVersion --> <string-array name="wifi_eap_tls_ver" translatable="false"> <item>TLS v1.0</item> <item>TLS v1.1</item> <item>TLS v1.2</item> <item>TLS v1.3</item> </string-array> <!-- Wi-Fi AP band settings. Either 2.4GHz or 5GHz prefer. --> <!-- Note that adding/removing/moving the items will need wifi settings code change. --> <string-array translatable="false" name="wifi_ap_band"> Loading
res/values/strings.xml +2 −0 Original line number Diff line number Diff line Loading @@ -1545,6 +1545,8 @@ <string name="please_select_phase2">Phase 2 authentication</string> <!-- Label for the EAP CA certificate of the network --> <string name="wifi_eap_ca_cert">CA certificate</string> <!-- Label for the EAP minimum TLS version of the network --> <string name="wifi_eap_min_tls_ver">Minimum TLS version</string> <!-- Label for the OCSP type of the network. [CHAR LIMIT=32] --> <string name="wifi_eap_ocsp">Online Certificate Status</string> <!-- Label for the domain name that the EAP CA certificate(s) can be used to validate. --> Loading
src/com/android/settings/wifi/WifiConfigController2.java +34 −1 Original line number Diff line number Diff line Loading @@ -179,6 +179,7 @@ public class WifiConfigController2 implements TextWatcher, private int mLastShownEapMethod; @VisibleForTesting Spinner mEapSimSpinner; // For EAP-SIM, EAP-AKA and EAP-AKA-PRIME. @VisibleForTesting Spinner mEapCaCertSpinner; private Spinner mEapMinTlsVerSpinner; private Spinner mEapOcspSpinner; private TextView mEapDomainView; private Spinner mPhase2Spinner; Loading Loading @@ -744,11 +745,14 @@ public class WifiConfigController2 implements TextWatcher, + ") should not both be non-null"); } // Only set OCSP option if there is a valid CA certificate. // Only set certificate option if there is a valid CA certificate. if (caCert.equals(mUnspecifiedCertString)) { config.enterpriseConfig.setOcsp(WifiEnterpriseConfig.OCSP_NONE); config.enterpriseConfig.setMinimumTlsVersion(WifiEnterpriseConfig.TLS_V1_0); } else { config.enterpriseConfig.setOcsp(mEapOcspSpinner.getSelectedItemPosition()); config.enterpriseConfig.setMinimumTlsVersion( mEapMinTlsVerSpinner.getSelectedItemPosition()); } String clientCert = (String) mEapUserCertSpinner.getSelectedItem(); Loading Loading @@ -1005,6 +1009,8 @@ public class WifiConfigController2 implements TextWatcher, mPhase2Spinner.setOnItemSelectedListener(this); mEapCaCertSpinner = (Spinner) mView.findViewById(R.id.ca_cert); mEapCaCertSpinner.setOnItemSelectedListener(this); mEapMinTlsVerSpinner = getEapMinTlsVerSpinner(mWifiManager.isTlsV13Supported()); mEapOcspSpinner = (Spinner) mView.findViewById(R.id.ocsp); mEapDomainView = (TextView) mView.findViewById(R.id.domain); mEapDomainView.addTextChangedListener(this); Loading Loading @@ -1148,6 +1154,7 @@ public class WifiConfigController2 implements TextWatcher, setSelection(mEapCaCertSpinner, mMultipleCertSetString); } } mEapMinTlsVerSpinner.setSelection(enterpriseConfig.getMinimumTlsVersion()); mEapOcspSpinner.setSelection(enterpriseConfig.getOcsp()); mEapDomainView.setText(enterpriseConfig.getDomainSuffixMatch()); String userCert = enterpriseConfig.getClientCertificateAlias(); Loading Loading @@ -1179,6 +1186,7 @@ public class WifiConfigController2 implements TextWatcher, mEapMethodSpinner.setAccessibilityDelegate(selectedEventBlocker); mPhase2Spinner.setAccessibilityDelegate(selectedEventBlocker); mEapCaCertSpinner.setAccessibilityDelegate(selectedEventBlocker); mEapMinTlsVerSpinner.setAccessibilityDelegate(selectedEventBlocker); mEapOcspSpinner.setAccessibilityDelegate(selectedEventBlocker); mEapUserCertSpinner.setAccessibilityDelegate(selectedEventBlocker); } Loading Loading @@ -1214,6 +1222,9 @@ public class WifiConfigController2 implements TextWatcher, // Defaults for most of the EAP methods and over-riden by // by certain EAP methods mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE); if (mWifiManager.isTlsMinimumVersionSupported()) { mView.findViewById(R.id.l_min_tls_ver).setVisibility(View.VISIBLE); } mView.findViewById(R.id.l_ocsp).setVisibility(View.VISIBLE); mView.findViewById(R.id.password_layout).setVisibility(View.VISIBLE); mView.findViewById(R.id.show_password_layout).setVisibility(View.VISIBLE); Loading @@ -1224,6 +1235,7 @@ public class WifiConfigController2 implements TextWatcher, case WIFI_EAP_METHOD_PWD: setPhase2Invisible(); setCaCertInvisible(); setMinTlsVerInvisible(); setOcspInvisible(); setDomainInvisible(); setAnonymousIdentInvisible(); Loading Loading @@ -1265,6 +1277,7 @@ public class WifiConfigController2 implements TextWatcher, setPhase2Invisible(); setAnonymousIdentInvisible(); setCaCertInvisible(); setMinTlsVerInvisible(); setOcspInvisible(); setDomainInvisible(); setUserCertInvisible(); Loading @@ -1278,6 +1291,7 @@ public class WifiConfigController2 implements TextWatcher, if (eapCertSelection.equals(mUnspecifiedCertString) || (mIsTrustOnFirstUseSupported && eapCertSelection.equals(mTrustOnFirstUse))) { setMinTlsVerInvisible(); // Domain suffix matching is not relevant if the user hasn't chosen a CA // certificate yet, or chooses not to validate the EAP server. setDomainInvisible(); Loading Loading @@ -1319,6 +1333,11 @@ public class WifiConfigController2 implements TextWatcher, setSelection(mEapCaCertSpinner, mUnspecifiedCertString); } private void setMinTlsVerInvisible() { mView.findViewById(R.id.l_min_tls_ver).setVisibility(View.GONE); mEapMinTlsVerSpinner.setSelection(WifiEnterpriseConfig.TLS_V1_0); } private void setOcspInvisible() { mView.findViewById(R.id.l_ocsp).setVisibility(View.GONE); mEapOcspSpinner.setSelection(WifiEnterpriseConfig.OCSP_NONE); Loading Loading @@ -1920,4 +1939,18 @@ public class WifiConfigController2 implements TextWatcher, } }); } @VisibleForTesting Spinner getEapMinTlsVerSpinner(boolean isTlsV13Supported) { Spinner spinner = mView.findViewById(R.id.min_tls_ver); String[] stringArray = mContext.getResources().getStringArray(R.array.wifi_eap_tls_ver); if (!isTlsV13Supported) { Log.w(TAG, "Wi-Fi Enterprise TLS v1.3 is not supported on this device"); List<String> list = new ArrayList<>(Arrays.asList(stringArray)); list.remove(WifiEnterpriseConfig.TLS_V1_3); stringArray = list.toArray(new String[0]); } spinner.setAdapter(getSpinnerAdapter(stringArray)); return spinner; } }
tests/robotests/src/com/android/settings/wifi/WifiConfigController2Test.java +25 −0 Original line number Diff line number Diff line Loading @@ -73,11 +73,16 @@ import org.robolectric.shadows.ShadowInputMethodManager; import org.robolectric.shadows.ShadowSubscriptionManager; import java.util.Arrays; import java.util.List; import java.util.stream.Collectors; import java.util.stream.IntStream; @RunWith(RobolectricTestRunner.class) @Config(shadows = ShadowConnectivityManager.class) public class WifiConfigController2Test { static final String WIFI_EAP_TLS_V1_3 = "TLS v1.3"; @Mock private WifiConfigUiBase2 mConfigUiBase; @Mock Loading Loading @@ -938,6 +943,26 @@ public class WifiConfigController2Test { assertThat(mEapUserCertSpinner.getSelectedItem()).isEqualTo(SAVED_USER_CERT); } @Test public void getEapMinTlsVerSpinner_isTlsV13Supported_containsTlsV13() { Spinner spinner = mController.getEapMinTlsVerSpinner(true /* isTlsV13Supported */); List<Object> list = IntStream.range(0, spinner.getAdapter().getCount()) .mapToObj(spinner.getAdapter()::getItem) .collect(Collectors.toList()); assertThat(list).contains(WIFI_EAP_TLS_V1_3); } @Test public void getEapMinTlsVerSpinner_isNotTlsV13Supported_doesNotContainTlsV13() { Spinner spinner = mController.getEapMinTlsVerSpinner(false /* isTlsV13Supported */); List<Object> list = IntStream.range(0, spinner.getAdapter().getCount()) .mapToObj(spinner.getAdapter()::getItem) .collect(Collectors.toList()); assertThat(list).doesNotContain(WIFI_EAP_TLS_V1_3); } private void setUpModifyingSavedCertificateConfigController(String savedCaCertificate, String savedUserCertificate) { final WifiConfiguration mockWifiConfig = mock(WifiConfiguration.class); Loading
