From 73cc14cbc4a4c79248fd3c989f30a06d2a77978b Mon Sep 17 00:00:00 2001
From: Simon Rozsival <simon@rozsival.com>
Date: Tue, 26 Aug 2025 15:38:48 +0200
Subject: [PATCH] Fix detection of supported TLS versions on Android

---
 .../TestUtilities/System/PlatformDetection.cs | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs b/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs
index 0ad0457ff3a3f4..5e92d4c17aafcb 100644
--- a/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs
+++ b/src/libraries/Common/tests/TestUtilities/System/PlatformDetection.cs
@@ -569,12 +569,18 @@ private static bool AndroidGetSslProtocolSupport(SslProtocols protocol)
 #pragma warning disable SYSLIB0039 // TLS versions 1.0 and 1.1 have known vulnerabilities
         private static bool GetTls10Support()
         {
-            // on macOS and Android TLS 1.0 is supported.
-            if ((IsApplePlatform && !IsNetworkFrameworkEnabled()) || IsAndroid)
+            // on macOS TLS 1.0 is supported.
+            if (IsApplePlatform && !IsNetworkFrameworkEnabled())
             {
                 return true;
             }
 
+            // on Android TLS 1.0 support depends on API level
+            if (IsAndroid)
+            {
+                return AndroidGetSslProtocolSupport(SslProtocols.Tls);
+            }
+
             // Windows depend on registry, enabled by default on all supported versions.
             if (IsWindows)
             {
@@ -597,11 +603,16 @@ private static bool GetTls11Support()
                 // It is enabled on other versions unless explicitly disabled.
                 return GetProtocolSupportFromWindowsRegistry(SslProtocols.Tls11, defaultProtocolSupport: true) && !IsWindows10Version20348OrGreater;
             }
-            // on macOS and Android TLS 1.1 is supported.
-            else if ((IsApplePlatform && !IsNetworkFrameworkEnabled()) || IsAndroid)
+            // on macOS TLS 1.1 is supported.
+            else if (IsApplePlatform && !IsNetworkFrameworkEnabled())
             {
                 return true;
             }
+            // on Android TLS 1.1 support depends on API level
+            else if (IsAndroid)
+            {
+                return AndroidGetSslProtocolSupport(SslProtocols.Tls11);
+            }
 
             return IsOpenSslSupported && OpenSslGetTlsSupport(SslProtocols.Tls11);
         }