[Suggestion] block setting insecure enterprise config

If App set insecure enterprise config to suggestion builder, an exception will be raised. Bug: 157822251 Test: atest android.net.wifi Change-Id: I2e7a2421be2c1574801b853a1dddaff1d115a1b2
author: Nate Jiang <qiangjiang@google.com> 2020-06-03 15:17:39 -0700
committer: Nate Jiang <qiangjiang@google.com> 2020-06-05 17:36:49 -0700
commit: 94268fd2ab6488fea4aee73b7d71d903427671b0 (patch)
tree: 6b9db72235262a897731618f8a7b87f89aa5b04b /wifi/java
parent: 83e9ba45a4f874ecd81aeda3a4ff7964b1eba3ba (diff)
2 files changed, 34 insertions, 2 deletions
diff --git a/wifi/java/android/net/wifi/WifiEnterpriseConfig.java b/wifi/java/android/net/wifi/WifiEnterpriseConfig.java
index 2e4e7f541ac2..7b86b084baab 100644
--- a/wifi/java/android/net/wifi/WifiEnterpriseConfig.java
+++ b/wifi/java/android/net/wifi/WifiEnterpriseConfig.java
@@ -1381,4 +1381,26 @@ public class WifiEnterpriseConfig implements Parcelable {
     public String getWapiCertSuite() {
         return getFieldValue(WAPI_CERT_SUITE_KEY);
     }
+
+    /**
+     * Method determines whether the Enterprise configuration is insecure. An insecure
+     * configuration is one where EAP method requires a CA certification, i.e. PEAP, TLS, or
+     * TTLS, and any of the following conditions are met:
+     * - Both certificate and CA path are not configured.
+     * - Both alternative subject match and domain suffix match are not set.
+     *
+     * Note: this method does not exhaustively check security of the configuration - i.e. a return
+     * value of {@code false} is not a guarantee that the configuration is secure.
+     * @hide
+     */
+    public boolean isInsecure() {
+        if (mEapMethod != Eap.PEAP && mEapMethod != Eap.TLS && mEapMethod != Eap.TTLS) {
+            return false;
+        }
+        if (!mIsAppInstalledCaCert && TextUtils.isEmpty(getCaPath())) {
+            return true;
+        }
+        return TextUtils.isEmpty(getAltSubjectMatch()) && TextUtils.isEmpty(
+                getDomainSuffixMatch());
+    }
 }
diff --git a/wifi/java/android/net/wifi/WifiNetworkSuggestion.java b/wifi/java/android/net/wifi/WifiNetworkSuggestion.java
index 8c494943200f..4d3a2c02c686 100644
--- a/wifi/java/android/net/wifi/WifiNetworkSuggestion.java
+++ b/wifi/java/android/net/wifi/WifiNetworkSuggestion.java
@@ -257,28 +257,38 @@ public final class WifiNetworkSuggestion implements Parcelable {
 
         /**
          * Set the associated enterprise configuration for this network. Needed for authenticating
-         * to WPA2-EAP networks. See {@link WifiEnterpriseConfig} for description.
+         * to WPA2 enterprise networks. See {@link WifiEnterpriseConfig} for description.
          *
          * @param enterpriseConfig Instance of {@link WifiEnterpriseConfig}.
          * @return Instance of {@link Builder} to enable chaining of the builder method.
+         * @throws IllegalArgumentException if configuration CA certificate or
+         *                                  AltSubjectMatch/DomainSuffixMatch is not set.
          */
         public @NonNull Builder setWpa2EnterpriseConfig(
                 @NonNull WifiEnterpriseConfig enterpriseConfig) {
             checkNotNull(enterpriseConfig);
+            if (enterpriseConfig.isInsecure()) {
+                throw new IllegalArgumentException("Enterprise configuration is insecure");
+            }
             mWpa2EnterpriseConfig = new WifiEnterpriseConfig(enterpriseConfig);
             return this;
         }
 
         /**
          * Set the associated enterprise configuration for this network. Needed for authenticating
-         * to WPA3-SuiteB networks. See {@link WifiEnterpriseConfig} for description.
+         * to WPA3 enterprise networks. See {@link WifiEnterpriseConfig} for description.
          *
          * @param enterpriseConfig Instance of {@link WifiEnterpriseConfig}.
          * @return Instance of {@link Builder} to enable chaining of the builder method.
+         * @throws IllegalArgumentException if configuration CA certificate or
+         *                                  AltSubjectMatch/DomainSuffixMatch is not set.
          */
         public @NonNull Builder setWpa3EnterpriseConfig(
                 @NonNull WifiEnterpriseConfig enterpriseConfig) {
             checkNotNull(enterpriseConfig);
+            if (enterpriseConfig.isInsecure()) {
+                throw new IllegalArgumentException("Enterprise configuration is insecure");
+            }
             mWpa3EnterpriseConfig = new WifiEnterpriseConfig(enterpriseConfig);
             return this;
         }
author	Nate Jiang <qiangjiang@google.com>	2020-06-03 15:17:39 -0700
committer	Nate Jiang <qiangjiang@google.com>	2020-06-05 17:36:49 -0700
commit	94268fd2ab6488fea4aee73b7d71d903427671b0 (patch)
tree	6b9db72235262a897731618f8a7b87f89aa5b04b /wifi/java
parent	83e9ba45a4f874ecd81aeda3a4ff7964b1eba3ba (diff)