diff options
Diffstat (limited to 'tests')
4 files changed, 63 insertions, 79 deletions
diff --git a/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java b/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java index f26cf939d..2b3491b31 100644 --- a/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java +++ b/tests/wifitests/src/com/android/server/wifi/ClientModeImplTest.java @@ -77,7 +77,6 @@ import android.os.Process; import android.os.UserManager; import android.os.test.TestLooper; import android.provider.Settings; -import android.security.KeyStore; import android.telephony.SubscriptionInfo; import android.telephony.SubscriptionManager; import android.telephony.TelephonyManager; @@ -421,7 +420,6 @@ public class ClientModeImplTest extends WifiBaseTest { when(mWifiInjector.getWifiLastResortWatchdog()).thenReturn(mWifiLastResortWatchdog); when(mWifiInjector.getPropertyService()).thenReturn(mPropertyService); when(mWifiInjector.getBuildProperties()).thenReturn(mBuildProperties); - when(mWifiInjector.getKeyStore()).thenReturn(mock(KeyStore.class)); when(mWifiInjector.getWifiBackupRestore()).thenReturn(mock(WifiBackupRestore.class)); when(mWifiInjector.getWifiDiagnostics()).thenReturn(mWifiDiagnostics); when(mWifiInjector.getWifiConfigManager()).thenReturn(mWifiConfigManager); diff --git a/tests/wifitests/src/com/android/server/wifi/WifiKeyStoreTest.java b/tests/wifitests/src/com/android/server/wifi/WifiKeyStoreTest.java index 1cb432ef8..42eb52613 100644 --- a/tests/wifitests/src/com/android/server/wifi/WifiKeyStoreTest.java +++ b/tests/wifitests/src/com/android/server/wifi/WifiKeyStoreTest.java @@ -22,9 +22,6 @@ import static org.mockito.Mockito.verifyNoMoreInteractions; import static org.mockito.Mockito.when; import android.net.wifi.WifiEnterpriseConfig; -import android.os.Process; -import android.security.Credentials; -import android.security.KeyStore; import androidx.test.filters.SmallTest; @@ -34,6 +31,8 @@ import org.junit.Test; import org.mockito.Mock; import org.mockito.MockitoAnnotations; +import java.security.KeyStore; + /** * Unit tests for {@link com.android.server.wifi.WifiConfigManager}. */ @@ -71,18 +70,15 @@ public class WifiKeyStoreTest extends WifiBaseTest { * Verifies that keys and certs are removed when they were installed by an app. */ @Test - public void testRemoveKeysForAppInstalledCerts() { + public void testRemoveKeysForAppInstalledCerts() throws Exception { when(mWifiEnterpriseConfig.isAppInstalledDeviceKeyAndCert()).thenReturn(true); when(mWifiEnterpriseConfig.isAppInstalledCaCert()).thenReturn(true); mWifiKeyStore.removeKeys(mWifiEnterpriseConfig); // Method calls the KeyStore#delete method 4 times, user key, user cert, and 2 CA cert - verify(mKeyStore).delete(Credentials.USER_PRIVATE_KEY + USER_CERT_ALIAS, Process.WIFI_UID); - verify(mKeyStore).delete(Credentials.USER_CERTIFICATE + USER_CERT_ALIAS, Process.WIFI_UID); - verify(mKeyStore).delete(Credentials.CA_CERTIFICATE + USER_CA_CERT_ALIAS[0], - Process.WIFI_UID); - verify(mKeyStore).delete(Credentials.CA_CERTIFICATE + USER_CA_CERT_ALIAS[1], - Process.WIFI_UID); + verify(mKeyStore).deleteEntry(USER_CERT_ALIAS); + verify(mKeyStore).deleteEntry(USER_CA_CERT_ALIAS[0]); + verify(mKeyStore).deleteEntry(USER_CA_CERT_ALIAS[1]); } /** @@ -90,14 +86,13 @@ public class WifiKeyStoreTest extends WifiBaseTest { * when CA certs are installed by the user. */ @Test - public void testRemoveKeysForMixedInstalledCerts1() { + public void testRemoveKeysForMixedInstalledCerts1() throws Exception { when(mWifiEnterpriseConfig.isAppInstalledDeviceKeyAndCert()).thenReturn(true); when(mWifiEnterpriseConfig.isAppInstalledCaCert()).thenReturn(false); mWifiKeyStore.removeKeys(mWifiEnterpriseConfig); - // Method calls the KeyStore#delete method 2 times: user key and user cert - verify(mKeyStore).delete(Credentials.USER_PRIVATE_KEY + USER_CERT_ALIAS, Process.WIFI_UID); - verify(mKeyStore).delete(Credentials.USER_CERTIFICATE + USER_CERT_ALIAS, Process.WIFI_UID); + // Method calls the KeyStore#deleteEntry method: user key and user cert + verify(mKeyStore).deleteEntry(USER_CERT_ALIAS); verifyNoMoreInteractions(mKeyStore); } @@ -106,16 +101,14 @@ public class WifiKeyStoreTest extends WifiBaseTest { * removed when CA certs are installed by the app. */ @Test - public void testRemoveKeysForMixedInstalledCerts2() { + public void testRemoveKeysForMixedInstalledCerts2() throws Exception { when(mWifiEnterpriseConfig.isAppInstalledDeviceKeyAndCert()).thenReturn(false); when(mWifiEnterpriseConfig.isAppInstalledCaCert()).thenReturn(true); mWifiKeyStore.removeKeys(mWifiEnterpriseConfig); // Method calls the KeyStore#delete method 2 times: 2 CA certs - verify(mKeyStore).delete(Credentials.CA_CERTIFICATE + USER_CA_CERT_ALIAS[0], - Process.WIFI_UID); - verify(mKeyStore).delete(Credentials.CA_CERTIFICATE + USER_CA_CERT_ALIAS[1], - Process.WIFI_UID); + verify(mKeyStore).deleteEntry(USER_CA_CERT_ALIAS[0]); + verify(mKeyStore).deleteEntry(USER_CA_CERT_ALIAS[1]); verifyNoMoreInteractions(mKeyStore); } diff --git a/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointConfigUserStoreDataTest.java b/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointConfigUserStoreDataTest.java index 563731965..5a30d7164 100644 --- a/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointConfigUserStoreDataTest.java +++ b/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointConfigUserStoreDataTest.java @@ -61,8 +61,7 @@ import java.util.Map; public class PasspointConfigUserStoreDataTest extends WifiBaseTest { private static final String TEST_CA_CERTIFICATE_ALIAS = "CaCert"; private static final String TEST_CA_CERTIFICATE_ALIAS_2 = "CaCert_2"; - private static final String TEST_CLIENT_CERTIFICATE_ALIAS = "ClientCert"; - private static final String TEST_CLIENT_PRIVATE_KEY_ALIAS = "ClientPrivateKey"; + private static final String TEST_CLIENT_PRIVATE_KEY_AND_CERT_ALIAS = "ClientPrivateKeyAndCert"; private static final String TEST_REMEDIATION_CA_CERTIFICATE_ALIAS = "CaCert_3"; private static final String TEST_CREATOR_PACKAGE = "com.android.test"; private static final long TEST_PROVIDER_ID = 1; @@ -247,13 +246,13 @@ public class PasspointConfigUserStoreDataTest extends WifiBaseTest { List<PasspointProvider> providerList = new ArrayList<>(); providerList.add(new PasspointProvider(createFullPasspointConfiguration(), mKeyStore, mSimAccessor, TEST_PROVIDER_ID, TEST_CREATOR_UID, TEST_CREATOR_PACKAGE, - false, Arrays.asList(TEST_CA_CERTIFICATE_ALIAS), TEST_CLIENT_CERTIFICATE_ALIAS, - TEST_CLIENT_PRIVATE_KEY_ALIAS, null, TEST_HAS_EVER_CONNECTED, TEST_SHARED)); + false, Arrays.asList(TEST_CA_CERTIFICATE_ALIAS), + TEST_CLIENT_PRIVATE_KEY_AND_CERT_ALIAS, null, + TEST_HAS_EVER_CONNECTED, TEST_SHARED)); providerList.add(new PasspointProvider(createFullPasspointConfiguration(), mKeyStore, mSimAccessor, TEST_PROVIDER_ID_2, TEST_CREATOR_UID, TEST_CREATOR_PACKAGE, true, Arrays.asList(TEST_CA_CERTIFICATE_ALIAS, TEST_CA_CERTIFICATE_ALIAS_2), - TEST_CLIENT_CERTIFICATE_ALIAS, - TEST_CLIENT_PRIVATE_KEY_ALIAS, TEST_REMEDIATION_CA_CERTIFICATE_ALIAS, + TEST_CLIENT_PRIVATE_KEY_AND_CERT_ALIAS, TEST_REMEDIATION_CA_CERTIFICATE_ALIAS, TEST_HAS_EVER_CONNECTED, TEST_SHARED)); // Serialize data for user store. diff --git a/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointProviderTest.java b/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointProviderTest.java index ec0533214..beddb2199 100644 --- a/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointProviderTest.java +++ b/tests/wifitests/src/com/android/server/wifi/hotspot2/PasspointProviderTest.java @@ -62,6 +62,7 @@ import org.mockito.Mock; import java.nio.charset.StandardCharsets; import java.security.MessageDigest; +import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.BitSet; @@ -80,15 +81,10 @@ public class PasspointProviderTest extends WifiBaseTest { private static final long PROVIDER_ID = 12L; private static final int CREATOR_UID = 1234; private static final String CREATOR_PACKAGE = "com.android.test"; - private static final String CA_CERTIFICATE_NAME = "CACERT_HS2_12_0"; - private static final String CA_CERTIFICATE_NAME_2 = "CACERT_HS2_12_1"; - private static final String CLIENT_CERTIFICATE_NAME = "USRCERT_HS2_12"; - private static final String CLIENT_PRIVATE_KEY_NAME = "USRPKEY_HS2_12"; - private static final String REMEDIATION_CA_CERTIFICATE_NAME = "CACERT_HS2_REMEDIATION_12"; private static final String CA_CERTIFICATE_ALIAS = "HS2_12_0"; private static final String CA_CERTIFICATE_ALIAS_2 = "HS2_12_1"; private static final String CLIENT_CERTIFICATE_ALIAS = "HS2_12"; - private static final String CLIENT_PRIVATE_KEY_ALIAS = "HS2_12"; + private static final String CLIENT_PRIVATE_KEY_AND_CERT_ALIAS = "HS2_12"; private static final String REMEDIATION_CA_CERTIFICATE_ALIAS = "HS2_REMEDIATION_12"; private static final String SYSTEM_CA_STORE_PATH = "/system/etc/security/cacerts"; @@ -377,8 +373,6 @@ public class PasspointProviderTest extends WifiBaseTest { assertEquals("anonymous@" + credential.getRealm(), wifiEnterpriseConfig.getAnonymousIdentity()); assertEquals(WifiEnterpriseConfig.Eap.TLS, wifiEnterpriseConfig.getEapMethod()); - assertEquals(CLIENT_CERTIFICATE_ALIAS, - wifiEnterpriseConfig.getClientCertificateAlias()); assertEquals(WifiConfiguration.METERED_OVERRIDE_METERED, wifiConfig.meteredOverride); // Domain suffix match if (ArrayUtils.isEmpty(passpointConfig.getAaaServerTrustedNames())) { @@ -488,15 +482,15 @@ public class PasspointProviderTest extends WifiBaseTest { mProvider = createProvider(config); // Install client certificate and key to the keystore successfully. - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME_2, FakeKeys.CA_CERT1)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS_2, FakeKeys.CA_CERT1)) .thenReturn(true); - when(mKeyStore.putKeyInKeyStore(CLIENT_PRIVATE_KEY_NAME, FakeKeys.RSA_KEY1)) + when(mKeyStore.putUserPrivKeyAndCertsInKeyStore( + CLIENT_PRIVATE_KEY_AND_CERT_ALIAS, FakeKeys.RSA_KEY1, + new Certificate[] {FakeKeys.CLIENT_CERT})) .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CLIENT_CERTIFICATE_NAME, FakeKeys.CLIENT_CERT)) - .thenReturn(true); - when(mKeyStore.putCertInKeyStore(REMEDIATION_CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) + when(mKeyStore.putCaCertInKeyStore(REMEDIATION_CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); assertTrue(mProvider.installCertsAndKeys()); @@ -511,8 +505,10 @@ public class PasspointProviderTest extends WifiBaseTest { } assertTrue(mProvider.getCaCertificateAliases().equals( Arrays.asList(CA_CERTIFICATE_ALIAS, CA_CERTIFICATE_ALIAS_2))); - assertTrue(mProvider.getClientPrivateKeyAlias().equals(CLIENT_PRIVATE_KEY_ALIAS)); - assertTrue(mProvider.getClientCertificateAlias().equals(CLIENT_CERTIFICATE_ALIAS)); + assertTrue(mProvider.getClientPrivateKeyAndCertificateAlias() + .equals(CLIENT_PRIVATE_KEY_AND_CERT_ALIAS)); + assertTrue(mProvider.getClientPrivateKeyAndCertificateAlias() + .equals(CLIENT_PRIVATE_KEY_AND_CERT_ALIAS)); assertTrue(TextUtils.equals(mProvider.getRemediationCaCertificateAlias(), mExpectedResult)); } @@ -535,15 +531,15 @@ public class PasspointProviderTest extends WifiBaseTest { mProvider = createProvider(config); // Failed to install client certificate to the keystore. - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME_2, FakeKeys.CA_CERT1)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS_2, FakeKeys.CA_CERT1)) .thenReturn(false); - when(mKeyStore.putKeyInKeyStore(CLIENT_PRIVATE_KEY_NAME, FakeKeys.RSA_KEY1)) - .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CLIENT_CERTIFICATE_NAME, FakeKeys.CLIENT_CERT)) + when(mKeyStore.putUserPrivKeyAndCertsInKeyStore( + CLIENT_PRIVATE_KEY_AND_CERT_ALIAS, FakeKeys.RSA_KEY1, + new Certificate[] {FakeKeys.CLIENT_CERT})) .thenReturn(true); - when(mKeyStore.putCertInKeyStore(REMEDIATION_CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) + when(mKeyStore.putCaCertInKeyStore(REMEDIATION_CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); assertFalse(mProvider.installCertsAndKeys()); @@ -557,8 +553,7 @@ public class PasspointProviderTest extends WifiBaseTest { assertTrue(curConfig.getSubscriptionUpdate().getCaCertificate() != null); } assertTrue(mProvider.getCaCertificateAliases() == null); - assertTrue(mProvider.getClientPrivateKeyAlias() == null); - assertTrue(mProvider.getClientCertificateAlias() == null); + assertTrue(mProvider.getClientPrivateKeyAndCertificateAlias() == null); assertTrue(mProvider.getRemediationCaCertificateAlias() == null); } @@ -582,36 +577,35 @@ public class PasspointProviderTest extends WifiBaseTest { mProvider = createProvider(config); // Install client certificate and key to the keystore successfully. - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) - .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME_2, FakeKeys.CA_CERT1)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); - when(mKeyStore.putKeyInKeyStore(CLIENT_PRIVATE_KEY_NAME, FakeKeys.RSA_KEY1)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS_2, FakeKeys.CA_CERT1)) .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CLIENT_CERTIFICATE_NAME, FakeKeys.CLIENT_CERT)) + when(mKeyStore.putUserPrivKeyAndCertsInKeyStore( + CLIENT_PRIVATE_KEY_AND_CERT_ALIAS, FakeKeys.RSA_KEY1, + new Certificate[] {FakeKeys.CLIENT_CERT})) .thenReturn(true); - when(mKeyStore.putCertInKeyStore(REMEDIATION_CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) + when(mKeyStore.putCaCertInKeyStore(REMEDIATION_CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); assertTrue(mProvider.installCertsAndKeys()); assertTrue(mProvider.getCaCertificateAliases().equals( Arrays.asList(CA_CERTIFICATE_ALIAS, CA_CERTIFICATE_ALIAS_2))); - assertTrue(mProvider.getClientPrivateKeyAlias().equals(CLIENT_PRIVATE_KEY_ALIAS)); - assertTrue(mProvider.getClientCertificateAlias().equals(CLIENT_CERTIFICATE_ALIAS)); + assertTrue(mProvider.getClientPrivateKeyAndCertificateAlias() + .equals(CLIENT_PRIVATE_KEY_AND_CERT_ALIAS)); assertTrue(TextUtils.equals(mProvider.getRemediationCaCertificateAlias(), mExpectedResult)); // Uninstall certificates and key from the keystore. mProvider.uninstallCertsAndKeys(); - verify(mKeyStore).removeEntryFromKeyStore(CA_CERTIFICATE_NAME); - verify(mKeyStore).removeEntryFromKeyStore(CA_CERTIFICATE_NAME_2); - verify(mKeyStore).removeEntryFromKeyStore(CLIENT_CERTIFICATE_NAME); - verify(mKeyStore).removeEntryFromKeyStore(CLIENT_PRIVATE_KEY_NAME); + verify(mKeyStore).removeEntryFromKeyStore(CA_CERTIFICATE_ALIAS); + verify(mKeyStore).removeEntryFromKeyStore(CA_CERTIFICATE_ALIAS_2); + verify(mKeyStore).removeEntryFromKeyStore(CLIENT_CERTIFICATE_ALIAS); + verify(mKeyStore).removeEntryFromKeyStore(CLIENT_PRIVATE_KEY_AND_CERT_ALIAS); if (mRemediationCaCertificate != null) { - verify(mKeyStore).removeEntryFromKeyStore(REMEDIATION_CA_CERTIFICATE_NAME); + verify(mKeyStore).removeEntryFromKeyStore(REMEDIATION_CA_CERTIFICATE_ALIAS); } assertTrue(mProvider.getCaCertificateAliases() == null); - assertTrue(mProvider.getClientPrivateKeyAlias() == null); - assertTrue(mProvider.getClientCertificateAlias() == null); + assertTrue(mProvider.getClientPrivateKeyAndCertificateAlias() == null); assertTrue(mProvider.getRemediationCaCertificateAlias() == null); } @@ -1009,7 +1003,7 @@ public class PasspointProviderTest extends WifiBaseTest { mProvider = createProvider(config); // Install certificate. - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); assertTrue(mProvider.installCertsAndKeys()); @@ -1042,7 +1036,7 @@ public class PasspointProviderTest extends WifiBaseTest { mProvider = createProvider(config); // Install certificate. - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); assertTrue(mProvider.installCertsAndKeys()); @@ -1090,11 +1084,11 @@ public class PasspointProviderTest extends WifiBaseTest { mProvider = createProvider(config); // Install certificate. - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); - when(mKeyStore.putKeyInKeyStore(CLIENT_PRIVATE_KEY_NAME, FakeKeys.RSA_KEY1)) - .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CLIENT_CERTIFICATE_NAME, FakeKeys.CLIENT_CERT)) + when(mKeyStore.putUserPrivKeyAndCertsInKeyStore( + CLIENT_PRIVATE_KEY_AND_CERT_ALIAS, FakeKeys.RSA_KEY1, + new Certificate[] {FakeKeys.CLIENT_CERT})) .thenReturn(true); assertTrue(mProvider.installCertsAndKeys()); @@ -1118,11 +1112,11 @@ public class PasspointProviderTest extends WifiBaseTest { mProvider = createProvider(config); // Install certificate. - when(mKeyStore.putCertInKeyStore(CA_CERTIFICATE_NAME, FakeKeys.CA_CERT0)) - .thenReturn(true); - when(mKeyStore.putKeyInKeyStore(CLIENT_PRIVATE_KEY_NAME, FakeKeys.RSA_KEY1)) + when(mKeyStore.putCaCertInKeyStore(CA_CERTIFICATE_ALIAS, FakeKeys.CA_CERT0)) .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CLIENT_CERTIFICATE_NAME, FakeKeys.CLIENT_CERT)) + when(mKeyStore.putUserPrivKeyAndCertsInKeyStore( + CLIENT_PRIVATE_KEY_AND_CERT_ALIAS, FakeKeys.RSA_KEY1, + new Certificate[] {FakeKeys.CLIENT_CERT})) .thenReturn(true); assertTrue(mProvider.installCertsAndKeys()); @@ -1146,9 +1140,9 @@ public class PasspointProviderTest extends WifiBaseTest { mProvider = createProvider(config); // Install certificate. - when(mKeyStore.putKeyInKeyStore(CLIENT_PRIVATE_KEY_NAME, FakeKeys.RSA_KEY1)) - .thenReturn(true); - when(mKeyStore.putCertInKeyStore(CLIENT_CERTIFICATE_NAME, FakeKeys.CLIENT_CERT)) + when(mKeyStore.putUserPrivKeyAndCertsInKeyStore( + CLIENT_PRIVATE_KEY_AND_CERT_ALIAS, FakeKeys.RSA_KEY1, + new Certificate[] {FakeKeys.CLIENT_CERT})) .thenReturn(true); assertTrue(mProvider.installCertsAndKeys()); |