From a8d59c0183f4f3c63440283664b78eebc0aa06f1 Mon Sep 17 00:00:00 2001 From: Benedict Wong Date: Fri, 10 May 2019 12:41:42 -0700 Subject: [PATCH 1/2] Convert IPsec tests to JUnit4 This patch fixes an incompatibility where some tests in the same hierarchy were using Junit3, and other Junit4 No functional test changes made Bug: 72950854 Test: Ran on devices, working Change-Id: I79d231e202ba25ad5f57b44b387bebd7f012aa95 Merged-In: I79d231e202ba25ad5f57b44b387bebd7f012aa95 (cherry picked from commit 0d08e91fe7c2112f44bc12c4d0d00b386e9bebd7) --- .../src/android/net/cts/IpSecBaseTest.java | 21 ++++- .../src/android/net/cts/IpSecManagerTest.java | 81 ++++++++++++++++++- .../net/cts/IpSecManagerTunnelTest.java | 2 + 3 files changed, 99 insertions(+), 5 deletions(-) diff --git a/tests/cts/net/src/android/net/cts/IpSecBaseTest.java b/tests/cts/net/src/android/net/cts/IpSecBaseTest.java index 7fd623c076..26049cc174 100644 --- a/tests/cts/net/src/android/net/cts/IpSecBaseTest.java +++ b/tests/cts/net/src/android/net/cts/IpSecBaseTest.java @@ -26,10 +26,10 @@ import android.net.IpSecTransform; import android.platform.test.annotations.AppModeFull; import android.system.Os; import android.system.OsConstants; -import android.test.AndroidTestCase; import android.util.Log; import androidx.test.InstrumentationRegistry; +import androidx.test.runner.AndroidJUnit4; import java.io.FileDescriptor; import java.io.IOException; @@ -44,7 +44,12 @@ import java.net.SocketException; import java.util.Arrays; import java.util.concurrent.atomic.AtomicInteger; -public class IpSecBaseTest extends AndroidTestCase { +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; + +@RunWith(AndroidJUnit4.class) +public class IpSecBaseTest { private static final String TAG = IpSecBaseTest.class.getSimpleName(); @@ -71,9 +76,11 @@ public class IpSecBaseTest extends AndroidTestCase { protected ConnectivityManager mCM; protected IpSecManager mISM; + protected Context mContext; - protected void setUp() throws Exception { - super.setUp(); + @Before + public void setUp() throws Exception { + mContext = InstrumentationRegistry.getContext(); mISM = (IpSecManager) InstrumentationRegistry.getContext() @@ -472,6 +479,7 @@ public class IpSecBaseTest extends AndroidTestCase { } } + @Test @AppModeFull(reason = "Socket cannot bind in instant app mode") public void testJavaTcpSocketPair() throws Exception { for (String addr : LOOPBACK_ADDRS) { @@ -483,6 +491,7 @@ public class IpSecBaseTest extends AndroidTestCase { } } + @Test @AppModeFull(reason = "Socket cannot bind in instant app mode") public void testJavaUdpSocketPair() throws Exception { for (String addr : LOOPBACK_ADDRS) { @@ -495,6 +504,7 @@ public class IpSecBaseTest extends AndroidTestCase { } } + @Test @AppModeFull(reason = "Socket cannot bind in instant app mode") public void testJavaUdpSocketPairUnconnected() throws Exception { for (String addr : LOOPBACK_ADDRS) { @@ -507,6 +517,7 @@ public class IpSecBaseTest extends AndroidTestCase { } } + @Test @AppModeFull(reason = "Socket cannot bind in instant app mode") public void testNativeTcpSocketPair() throws Exception { for (String addr : LOOPBACK_ADDRS) { @@ -519,6 +530,7 @@ public class IpSecBaseTest extends AndroidTestCase { } } + @Test @AppModeFull(reason = "Socket cannot bind in instant app mode") public void testNativeUdpSocketPair() throws Exception { for (String addr : LOOPBACK_ADDRS) { @@ -531,6 +543,7 @@ public class IpSecBaseTest extends AndroidTestCase { } } + @Test @AppModeFull(reason = "Socket cannot bind in instant app mode") public void testNativeUdpSocketPairUnconnected() throws Exception { for (String addr : LOOPBACK_ADDRS) { diff --git a/tests/cts/net/src/android/net/cts/IpSecManagerTest.java b/tests/cts/net/src/android/net/cts/IpSecManagerTest.java index 75bd2fba07..1241785a17 100644 --- a/tests/cts/net/src/android/net/cts/IpSecManagerTest.java +++ b/tests/cts/net/src/android/net/cts/IpSecManagerTest.java @@ -28,7 +28,9 @@ import static android.system.OsConstants.IPPROTO_TCP; import static android.system.OsConstants.IPPROTO_UDP; import static org.junit.Assert.assertArrayEquals; +import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; import android.net.IpSecAlgorithm; import android.net.IpSecManager; @@ -39,6 +41,8 @@ import android.system.ErrnoException; import android.system.Os; import android.system.OsConstants; +import androidx.test.runner.AndroidJUnit4; + import java.io.FileDescriptor; import java.io.IOException; import java.net.DatagramPacket; @@ -47,6 +51,11 @@ import java.net.Inet6Address; import java.net.InetAddress; import java.util.Arrays; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; + +@RunWith(AndroidJUnit4.class) @AppModeFull(reason = "Socket cannot bind in instant app mode") public class IpSecManagerTest extends IpSecBaseTest { @@ -64,7 +73,9 @@ public class IpSecManagerTest extends IpSecBaseTest { private static final byte[] AEAD_KEY = getKey(288); - protected void setUp() throws Exception { + @Before + @Override + public void setUp() throws Exception { super.setUp(); } @@ -74,6 +85,7 @@ public class IpSecManagerTest extends IpSecBaseTest { * Realloc the same SPI that was specifically created (expect SpiUnavailable) * Close SPIs */ + @Test public void testAllocSpi() throws Exception { for (InetAddress addr : GOOGLE_DNS_LIST) { IpSecManager.SecurityParameterIndex randomSpi = null, droidSpi = null; @@ -225,6 +237,7 @@ public class IpSecManagerTest extends IpSecBaseTest { * release transform * send data (expect exception) */ + @Test public void testCreateTransform() throws Exception { InetAddress localAddr = InetAddress.getByName(IPV4_LOOPBACK); IpSecManager.SecurityParameterIndex spi = @@ -594,6 +607,7 @@ public class IpSecManagerTest extends IpSecBaseTest { } } + @Test public void testIkeOverUdpEncapSocket() throws Exception { // IPv6 not supported for UDP-encap-ESP InetAddress local = InetAddress.getByName(IPV4_LOOPBACK); @@ -652,24 +666,28 @@ public class IpSecManagerTest extends IpSecBaseTest { // checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, true, 1000); // } + @Test public void testInterfaceCountersUdp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, false, 1000, false); } + @Test public void testInterfaceCountersUdp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, crypt, auth, null, false, 1000, false); } + @Test public void testInterfaceCountersUdp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, true, 1000, false); } + @Test public void testAesCbcHmacMd5Tcp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); @@ -677,6 +695,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacMd5Tcp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); @@ -684,6 +703,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacMd5Udp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); @@ -691,6 +711,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacMd5Udp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); @@ -698,6 +719,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha1Tcp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA1, getKey(160), 96); @@ -705,6 +727,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha1Tcp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA1, getKey(160), 96); @@ -712,6 +735,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha1Udp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA1, getKey(160), 96); @@ -719,6 +743,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha1Udp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA1, getKey(160), 96); @@ -726,6 +751,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha256Tcp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); @@ -733,6 +759,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha256Tcp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); @@ -740,6 +767,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha256Udp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); @@ -747,6 +775,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha256Udp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); @@ -754,6 +783,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha384Tcp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA384, getKey(384), 192); @@ -761,6 +791,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha384Tcp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA384, getKey(384), 192); @@ -768,6 +799,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha384Udp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA384, getKey(384), 192); @@ -775,6 +807,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha384Udp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA384, getKey(384), 192); @@ -782,6 +815,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha512Tcp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA512, getKey(512), 256); @@ -789,6 +823,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha512Tcp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA512, getKey(512), 256); @@ -796,6 +831,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha512Udp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA512, getKey(512), 256); @@ -803,6 +839,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesCbcHmacSha512Udp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA512, getKey(512), 256); @@ -810,6 +847,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, crypt, auth, null, false, 1, true); } + @Test public void testAesGcm64Tcp4() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 64); @@ -817,6 +855,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm64Tcp6() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 64); @@ -824,6 +863,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm64Udp4() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 64); @@ -831,6 +871,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm64Udp6() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 64); @@ -838,6 +879,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm96Tcp4() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 96); @@ -845,6 +887,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm96Tcp6() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 96); @@ -852,6 +895,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm96Udp4() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 96); @@ -859,6 +903,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm96Udp6() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 96); @@ -866,6 +911,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm128Tcp4() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 128); @@ -873,6 +919,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm128Tcp6() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 128); @@ -880,6 +927,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm128Udp4() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 128); @@ -887,6 +935,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesGcm128Udp6() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 128); @@ -894,6 +943,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, null, null, authCrypt, false, 1, true); } + @Test public void testAesCbcHmacMd5Tcp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); @@ -901,6 +951,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacMd5Udp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_MD5, getKey(128), 96); @@ -908,6 +959,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacSha1Tcp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA1, getKey(160), 96); @@ -915,6 +967,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacSha1Udp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA1, getKey(160), 96); @@ -922,6 +975,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacSha256Tcp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); @@ -929,6 +983,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacSha256Udp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); @@ -936,6 +991,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacSha384Tcp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA384, getKey(384), 192); @@ -943,6 +999,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacSha384Udp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA384, getKey(384), 192); @@ -950,6 +1007,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacSha512Tcp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA512, getKey(512), 256); @@ -957,6 +1015,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesCbcHmacSha512Udp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA512, getKey(512), 256); @@ -964,6 +1023,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, auth, null, true, 1, true); } + @Test public void testAesGcm64Tcp4UdpEncap() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 64); @@ -971,6 +1031,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, null, authCrypt, true, 1, true); } + @Test public void testAesGcm64Udp4UdpEncap() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 64); @@ -978,6 +1039,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, null, authCrypt, true, 1, true); } + @Test public void testAesGcm96Tcp4UdpEncap() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 96); @@ -985,6 +1047,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, null, authCrypt, true, 1, true); } + @Test public void testAesGcm96Udp4UdpEncap() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 96); @@ -992,6 +1055,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, null, authCrypt, true, 1, true); } + @Test public void testAesGcm128Tcp4UdpEncap() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 128); @@ -999,6 +1063,7 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, null, authCrypt, true, 1, true); } + @Test public void testAesGcm128Udp4UdpEncap() throws Exception { IpSecAlgorithm authCrypt = new IpSecAlgorithm(IpSecAlgorithm.AUTH_CRYPT_AES_GCM, AEAD_KEY, 128); @@ -1006,78 +1071,91 @@ public class IpSecManagerTest extends IpSecBaseTest { checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, null, authCrypt, true, 1, true); } + @Test public void testCryptUdp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, null, null, false, 1, false); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, null, null, false, 1, true); } + @Test public void testAuthUdp4() throws Exception { IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, auth, null, false, 1, false); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, auth, null, false, 1, true); } + @Test public void testCryptUdp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, crypt, null, null, false, 1, false); checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, crypt, null, null, false, 1, true); } + @Test public void testAuthUdp6() throws Exception { IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, null, auth, null, false, 1, false); checkTransform(IPPROTO_UDP, IPV6_LOOPBACK, null, auth, null, false, 1, true); } + @Test public void testCryptTcp4() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, null, null, false, 1, false); checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, null, null, false, 1, true); } + @Test public void testAuthTcp4() throws Exception { IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, auth, null, false, 1, false); checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, auth, null, false, 1, true); } + @Test public void testCryptTcp6() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, crypt, null, null, false, 1, false); checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, crypt, null, null, false, 1, true); } + @Test public void testAuthTcp6() throws Exception { IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, null, auth, null, false, 1, false); checkTransform(IPPROTO_TCP, IPV6_LOOPBACK, null, auth, null, false, 1, true); } + @Test public void testCryptUdp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, null, null, true, 1, false); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, crypt, null, null, true, 1, true); } + @Test public void testAuthUdp4UdpEncap() throws Exception { IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, auth, null, true, 1, false); checkTransform(IPPROTO_UDP, IPV4_LOOPBACK, null, auth, null, true, 1, true); } + @Test public void testCryptTcp4UdpEncap() throws Exception { IpSecAlgorithm crypt = new IpSecAlgorithm(IpSecAlgorithm.CRYPT_AES_CBC, CRYPT_KEY); checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, null, null, true, 1, false); checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, crypt, null, null, true, 1, true); } + @Test public void testAuthTcp4UdpEncap() throws Exception { IpSecAlgorithm auth = new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA256, getKey(256), 128); checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, auth, null, true, 1, false); checkTransform(IPPROTO_TCP, IPV4_LOOPBACK, null, auth, null, true, 1, true); } + @Test public void testOpenUdpEncapSocketSpecificPort() throws Exception { IpSecManager.UdpEncapsulationSocket encapSocket = null; int port = -1; @@ -1106,6 +1184,7 @@ public class IpSecManagerTest extends IpSecBaseTest { assertTrue("Returned invalid port", encapSocket.getPort() == port); } + @Test public void testOpenUdpEncapSocketRandomPort() throws Exception { try (IpSecManager.UdpEncapsulationSocket encapSocket = mISM.openUdpEncapsulationSocket()) { assertTrue("Returned invalid port", encapSocket.getPort() != 0); diff --git a/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java b/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java index 6e96682b68..66141960c8 100644 --- a/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java +++ b/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java @@ -40,6 +40,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; import android.app.AppOpsManager; import android.content.Context; @@ -144,6 +145,7 @@ public class IpSecManagerTunnelTest extends IpSecBaseTest { } @Before + @Override public void setUp() throws Exception { super.setUp(); From 5c79356068f7c9946b7d61e92ec7875e4759e164 Mon Sep 17 00:00:00 2001 From: Benedict Wong Date: Wed, 15 May 2019 00:26:09 -0700 Subject: [PATCH 2/2] Fix IPsec CTS tests for interface address checking Fixes two potentially device/kernel specific, or flaky bugs: 1. Java interface checking by name seems to cache the lookup, resulting in interface address checks occasionally failing (on delete). 2. Link-local addresses appear to be added on all links for some set of kernels and devices. This patch addresses both by only checking that the requested address was added via a address-based NetworkInterface lookup. Bug: 72950854 Test: Ran on sargo-eng on qt-dev/HEAD Test: Manually verified that the addresses are indeed added/removed Change-Id: I3babc72dfe72337c4d68facb1695aec15e504c90 Merged-In: I3babc72dfe72337c4d68facb1695aec15e504c90 (cherry picked from commit 4af108aacfe7977484d844cefce83a75ac1cafc9) --- .../net/cts/IpSecManagerTunnelTest.java | 21 +++++++------------ 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java b/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java index 66141960c8..93638ac3b5 100644 --- a/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java +++ b/tests/cts/net/src/android/net/cts/IpSecManagerTunnelTest.java @@ -39,7 +39,6 @@ import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import android.app.AppOpsManager; @@ -69,9 +68,7 @@ import com.android.compatibility.common.util.SystemUtil; import java.net.Inet4Address; import java.net.Inet6Address; import java.net.InetAddress; -import java.net.InterfaceAddress; import java.net.NetworkInterface; -import java.util.List; import java.util.concurrent.CompletableFuture; import java.util.concurrent.TimeUnit; @@ -512,11 +509,10 @@ public class IpSecManagerTunnelTest extends IpSecBaseTest { NetworkInterface netIntf = NetworkInterface.getByName(tunnelIntf.getInterfaceName()); assertNotNull(netIntf); - // Check addresses - List intfAddrs = netIntf.getInterfaceAddresses(); - assertEquals(1, intfAddrs.size()); - assertEquals(localInner, intfAddrs.get(0).getAddress()); - assertEquals(innerPrefixLen, intfAddrs.get(0).getNetworkPrefixLength()); + // Verify address was added + netIntf = NetworkInterface.getByInetAddress(localInner); + assertNotNull(netIntf); + assertEquals(tunnelIntf.getInterfaceName(), netIntf.getDisplayName()); // Configure Transform parameters IpSecTransform.Builder transformBuilder = new IpSecTransform.Builder(sContext); @@ -544,15 +540,14 @@ public class IpSecManagerTunnelTest extends IpSecBaseTest { // Teardown the test network sTNM.teardownTestNetwork(testNetwork); - // Remove addresses and check + // Remove addresses and check that interface is still present, but fails lookup-by-addr tunnelIntf.removeAddress(localInner, innerPrefixLen); - netIntf = NetworkInterface.getByName(tunnelIntf.getInterfaceName()); - assertTrue(netIntf.getInterfaceAddresses().isEmpty()); + assertNotNull(NetworkInterface.getByName(tunnelIntf.getInterfaceName())); + assertNull(NetworkInterface.getByInetAddress(localInner)); // Check interface was cleaned up tunnelIntf.close(); - netIntf = NetworkInterface.getByName(tunnelIntf.getInterfaceName()); - assertNull(netIntf); + assertNull(NetworkInterface.getByName(tunnelIntf.getInterfaceName())); } finally { if (testNetworkCb != null) { sCM.unregisterNetworkCallback(testNetworkCb);