[Enterprise] Fix hasEnterpriseConfigChanged method

Updated the hasEnterpriseConfigChanged method to look at additional fields related to the credential: CA and Client certificate aliases, Subject alternate match and OCSP setting. Bug: 162985598 Test: atest WifiConfigurationUtilTest Change-Id: I6fe2ccf27b71072b06de92128e5c1bf429efe251 Merged-In: I6fe2ccf27b71072b06de92128e5c1bf429efe251 (cherry picked from commit 2828d29df8f91a98cd24cfb2e6f226ac402f330c)
author: Hai Shalom <haishalom@google.com> 2020-08-26 15:04:21 -0700
committer: Hai Shalom <haishalom@google.com> 2020-08-27 15:18:21 +0000
commit: 2ac7bbd85d016d5baf582cd6f04dda6f434a3c9f (patch)
tree: f2c80474023fb9523e1f29a8023b3f99187473d0 /tests
parent: 7035dae5d18d1b2d3666e66d9ed81f907f269cd1 (diff)
1 files changed, 81 insertions, 0 deletions
diff --git a/tests/wifitests/src/com/android/server/wifi/WifiConfigurationUtilTest.java b/tests/wifitests/src/com/android/server/wifi/WifiConfigurationUtilTest.java
index 8d7f5c6e6..0dd5b1214 100644
--- a/tests/wifitests/src/com/android/server/wifi/WifiConfigurationUtilTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/WifiConfigurationUtilTest.java
@@ -16,6 +16,9 @@
 
 package com.android.server.wifi;
 
+import static android.net.wifi.WifiEnterpriseConfig.OCSP_NONE;
+import static android.net.wifi.WifiEnterpriseConfig.OCSP_REQUIRE_CERT_STATUS;
+
 import static org.junit.Assert.*;
 
 import android.content.pm.UserInfo;
@@ -980,4 +983,82 @@ public class WifiConfigurationUtilTest extends WifiBaseTest {
             return this;
         }
     }
+
+    /**
+     * Verify WifiEnterpriseConfig CA Certificate alias changes are detected.
+     */
+    @Test
+    public void testCaCertificateAliasChangesDetected() {
+        EnterpriseConfig eapConfig1 = new EnterpriseConfig(WifiEnterpriseConfig.Eap.TTLS)
+                .setPhase2(WifiEnterpriseConfig.Phase2.MSCHAPV2)
+                .setIdentity("username", "password");
+        eapConfig1.enterpriseConfig.setCaCertificateAlias("ALIAS_1");
+
+        EnterpriseConfig eapConfig2 = new EnterpriseConfig(WifiEnterpriseConfig.Eap.TTLS)
+                .setPhase2(WifiEnterpriseConfig.Phase2.MSCHAPV2)
+                .setIdentity("username", "password");
+        eapConfig2.enterpriseConfig.setCaCertificateAlias("ALIAS_2");
+
+        assertTrue(WifiConfigurationUtil.hasEnterpriseConfigChanged(eapConfig1.enterpriseConfig,
+                eapConfig2.enterpriseConfig));
+    }
+
+    /**
+     * Verify WifiEnterpriseConfig Client Certificate alias changes are detected.
+     */
+    @Test
+    public void testClientCertificateAliasChangesDetected() {
+        EnterpriseConfig eapConfig1 = new EnterpriseConfig(WifiEnterpriseConfig.Eap.TLS);
+        eapConfig1.enterpriseConfig.setCaCertificateAlias("ALIAS_1");
+        eapConfig1.enterpriseConfig.setClientCertificateAlias("CLIENT_ALIAS_1");
+
+        EnterpriseConfig eapConfig2 = new EnterpriseConfig(WifiEnterpriseConfig.Eap.TTLS);
+        eapConfig2.enterpriseConfig.setCaCertificateAlias("ALIAS_1");
+        eapConfig2.enterpriseConfig.setClientCertificateAlias("CLIENT_ALIAS_2");
+
+        assertTrue(WifiConfigurationUtil.hasEnterpriseConfigChanged(eapConfig1.enterpriseConfig,
+                eapConfig2.enterpriseConfig));
+    }
+
+    /**
+     * Verify WifiEnterpriseConfig OCSP changes are detected.
+     */
+    @Test
+    public void testOcspChangesDetected() {
+        EnterpriseConfig eapConfig1 = new EnterpriseConfig(WifiEnterpriseConfig.Eap.TTLS)
+                .setPhase2(WifiEnterpriseConfig.Phase2.MSCHAPV2)
+                .setIdentity("username", "password")
+                .setCaCerts(new X509Certificate[]{FakeKeys.CA_CERT0});
+        eapConfig1.enterpriseConfig.setOcsp(OCSP_NONE);
+
+        EnterpriseConfig eapConfig2 = new EnterpriseConfig(WifiEnterpriseConfig.Eap.TTLS)
+                .setPhase2(WifiEnterpriseConfig.Phase2.MSCHAPV2)
+                .setIdentity("username", "password")
+                .setCaCerts(new X509Certificate[]{FakeKeys.CA_CERT0});
+        eapConfig2.enterpriseConfig.setOcsp(OCSP_REQUIRE_CERT_STATUS);
+
+        assertTrue(WifiConfigurationUtil.hasEnterpriseConfigChanged(eapConfig1.enterpriseConfig,
+                eapConfig2.enterpriseConfig));
+    }
+
+    /**
+     * Verify WifiEnterpriseConfig subject match changes are detected.
+     */
+    @Test
+    public void testSubjectMatchChangesDetected() {
+        EnterpriseConfig eapConfig1 = new EnterpriseConfig(WifiEnterpriseConfig.Eap.TTLS)
+                .setPhase2(WifiEnterpriseConfig.Phase2.MSCHAPV2)
+                .setIdentity("username", "password")
+                .setCaCerts(new X509Certificate[]{FakeKeys.CA_CERT0});
+        eapConfig1.enterpriseConfig.setAltSubjectMatch("domain1.com");
+
+        EnterpriseConfig eapConfig2 = new EnterpriseConfig(WifiEnterpriseConfig.Eap.TTLS)
+                .setPhase2(WifiEnterpriseConfig.Phase2.MSCHAPV2)
+                .setIdentity("username", "password")
+                .setCaCerts(new X509Certificate[]{FakeKeys.CA_CERT0});
+        eapConfig1.enterpriseConfig.setAltSubjectMatch("domain2.com");
+
+        assertTrue(WifiConfigurationUtil.hasEnterpriseConfigChanged(eapConfig1.enterpriseConfig,
+                eapConfig2.enterpriseConfig));
+    }
 }
author	Hai Shalom <haishalom@google.com>	2020-08-26 15:04:21 -0700
committer	Hai Shalom <haishalom@google.com>	2020-08-27 15:18:21 +0000
commit	2ac7bbd85d016d5baf582cd6f04dda6f434a3c9f (patch)
tree	f2c80474023fb9523e1f29a8023b3f99187473d0 /tests
parent	7035dae5d18d1b2d3666e66d9ed81f907f269cd1 (diff)