From d11e41a3221a29b22b91b783f5c55af55d6d1a05 Mon Sep 17 00:00:00 2001 From: Peter Qiu Date: Wed, 3 May 2017 14:50:02 -0700 Subject: [PATCH] wifi: hotspot2: remove usage of hidden Passpoint APIs The APIs for Release 2 configuration are now hidden, so remove the usage of those APIs. Also use a trusted public certificate instead of a fake one for testing Release 1 configuration, since it will be verified by WifiService when adding a Release 1 configuration. Bug: 37907977 Test: cts-tradefed run cts-dev --module CtsNetTestCases --test android.net.wifi.cts Change-Id: Ie1056b97da1597ff1cdc979e9c2a57f19f58e0a3 --- .../net/assets/PerProviderSubscription.xml | 319 ------------------ .../src/android/net/wifi/cts/FakeKeys.java | 20 ++ .../android/net/wifi/cts/PpsMoParserTest.java | 146 -------- .../android/net/wifi/cts/WifiManagerTest.java | 9 +- 4 files changed, 23 insertions(+), 471 deletions(-) diff --git a/tests/cts/net/assets/PerProviderSubscription.xml b/tests/cts/net/assets/PerProviderSubscription.xml index 7f2d95de95..de6c0c6dd2 100644 --- a/tests/cts/net/assets/PerProviderSubscription.xml +++ b/tests/cts/net/assets/PerProviderSubscription.xml @@ -7,10 +7,6 @@ urn:wfa:mo:hotspot2dot0-perprovidersubscription:1.0 - - UpdateIdentifier - 12 - i001 @@ -27,85 +23,13 @@ RoamingConsortiumOI 112233,445566 - - IconURL - icon.test.com - - - NetworkID - - n001 - - SSID - TestSSID - - - HESSID - 12345678 - - - - n002 - - SSID - NullHESSID - - - - - HomeOIList - - h001 - - HomeOI - 11223344 - - - HomeOIRequired - true - - - - h002 - - HomeOI - 55667788 - - - HomeOIRequired - false - - - - - OtherHomePartners - - o001 - - FQDN - other.fqdn.com - - - Credential - - CreationDate - 2016-01-01T10:00:00Z - - - ExpirationDate - 2016-02-01T10:00:00Z - Realm shaken.stirred.com - - CheckAAAServerCertStatus - true - UsernamePassword @@ -116,18 +40,6 @@ Password Ym9uZDAwNw== - - MachineManaged - true - - - SoftTokenApp - TestApp - - - AbleToShare - true - EAPMethod @@ -163,237 +75,6 @@ - - Policy - - PreferredRoamingPartnerList - - p001 - - FQDN_Match - test1.fqdn.com,exactMatch - - - Priority - 127 - - - Country - us,fr - - - - p002 - - FQDN_Match - test2.fqdn.com,includeSubdomains - - - Priority - 200 - - - Country - * - - - - - MinBackhaulThreshold - - m001 - - NetworkType - home - - - DLBandwidth - 23412 - - - ULBandwidth - 9823 - - - - m002 - - NetworkType - roaming - - - DLBandwidth - 9271 - - - ULBandwidth - 2315 - - - - - PolicyUpdate - - UpdateInterval - 120 - - - UpdateMethod - OMA-DM-ClientInitiated - - - Restriction - HomeSP - - - URI - policy.update.com - - - UsernamePassword - - Username - updateUser - - - Password - updatePass - - - - TrustRoot - - CertURL - update.cert.com - - - CertSHA256Fingerprint - 1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f - - - - - SPExclusionList - - s001 - - SSID - excludeSSID - - - - - RequiredProtoPortTuple - - r001 - - IPProtocol - 12 - - - PortNumber - 34,92,234 - - - - - MaximumBSSLoadValue - 23 - - - - CredentialPriority - 99 - - - AAAServerTrustRoot - - a001 - - CertURL - server1.trust.root.com - - - CertSHA256Fingerprint - 1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f - - - - - SubscriptionUpdate - - UpdateInterval - 120 - - - UpdateMethod - SSP-ClientInitiated - - - Restriction - RoamingPartner - - - URI - subscription.update.com - - - UsernamePassword - - Username - subscriptionUser - - - Password - subscriptionPass - - - - TrustRoot - - CertURL - subscription.update.cert.com - - - CertSHA256Fingerprint - 1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f1f - - - - - SubscriptionParameter - - CreationDate - 2016-02-01T10:00:00Z - - - ExpirationDate - 2016-03-01T10:00:00Z - - - TypeOfSubscription - Gold - - - UsageLimits - - DataLimit - 921890 - - - StartDate - 2016-12-01T10:00:00Z - - - TimeLimit - 120 - - - UsageTimePeriod - 99910 - - - diff --git a/tests/cts/net/src/android/net/wifi/cts/FakeKeys.java b/tests/cts/net/src/android/net/wifi/cts/FakeKeys.java index f422c2f0fa..f8753017db 100644 --- a/tests/cts/net/src/android/net/wifi/cts/FakeKeys.java +++ b/tests/cts/net/src/android/net/wifi/cts/FakeKeys.java @@ -73,6 +73,26 @@ public class FakeKeys { "-----END CERTIFICATE-----\n"; public static final X509Certificate CA_CERT1 = loadCertificate(CA_CERT1_STRING); + private static final String CA_PUBLIC_CERT_STRING = "-----BEGIN CERTIFICATE-----\n" + + "MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUx\n" + + "GTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkds\n" + + "b2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNV\n" + + "BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYD\n" + + "VQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa\n" + + "DuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6sc\n" + + "THAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlb\n" + + "Kk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNP\n" + + "c1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrX\n" + + "gzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\n" + + "HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUF\n" + + "AAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6Dj\n" + + "Y1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyG\n" + + "j/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhH\n" + + "hm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveC\n" + + "X4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n" + + "-----END CERTIFICATE-----\n"; + public static final X509Certificate CA_PUBLIC_CERT = loadCertificate(CA_PUBLIC_CERT_STRING); + private static final String CLIENT_CERT_STR = "-----BEGIN CERTIFICATE-----\n" + "MIIE/DCCAuQCAQEwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMxCzAJBgNV\n" + "BAgMAkNBMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAwDgYDVQQKDAdUZXN0aW5n\n" + diff --git a/tests/cts/net/src/android/net/wifi/cts/PpsMoParserTest.java b/tests/cts/net/src/android/net/wifi/cts/PpsMoParserTest.java index 0304fda463..feafd434a7 100644 --- a/tests/cts/net/src/android/net/wifi/cts/PpsMoParserTest.java +++ b/tests/cts/net/src/android/net/wifi/cts/PpsMoParserTest.java @@ -20,8 +20,6 @@ import android.net.wifi.hotspot2.PasspointConfiguration; import android.net.wifi.hotspot2.omadm.PpsMoParser; import android.net.wifi.hotspot2.pps.Credential; import android.net.wifi.hotspot2.pps.HomeSp; -import android.net.wifi.hotspot2.pps.Policy; -import android.net.wifi.hotspot2.pps.UpdateParameter; import android.test.AndroidTestCase; import java.io.BufferedReader; @@ -72,58 +70,6 @@ public class PpsMoParserTest extends AndroidTestCase { Arrays.fill(certFingerprint, (byte) 0x1f); PasspointConfiguration config = new PasspointConfiguration(); - config.setUpdateIdentifier(12); - assertEquals(12, config.getUpdateIdentifier()); - config.setCredentialPriority(99); - assertEquals(99, config.getCredentialPriority()); - - // AAA Server trust root. - Map trustRootCertList = new HashMap<>(); - trustRootCertList.put("server1.trust.root.com", certFingerprint); - config.setTrustRootCertList(trustRootCertList); - assertEquals(trustRootCertList, config.getTrustRootCertList()); - - // Subscription update. - UpdateParameter subscriptionUpdate = new UpdateParameter(); - subscriptionUpdate.setUpdateIntervalInMinutes(120); - assertEquals(120, subscriptionUpdate.getUpdateIntervalInMinutes()); - subscriptionUpdate.setUpdateMethod(UpdateParameter.UPDATE_METHOD_SSP); - assertEquals(UpdateParameter.UPDATE_METHOD_SSP, subscriptionUpdate.getUpdateMethod()); - subscriptionUpdate.setRestriction(UpdateParameter.UPDATE_RESTRICTION_ROAMING_PARTNER); - assertEquals(UpdateParameter.UPDATE_RESTRICTION_ROAMING_PARTNER, - subscriptionUpdate.getRestriction()); - subscriptionUpdate.setServerUri("subscription.update.com"); - assertEquals("subscription.update.com", subscriptionUpdate.getServerUri()); - subscriptionUpdate.setUsername("subscriptionUser"); - assertEquals("subscriptionUser", subscriptionUpdate.getUsername()); - subscriptionUpdate.setBase64EncodedPassword("subscriptionPass"); - assertEquals("subscriptionPass", subscriptionUpdate.getBase64EncodedPassword()); - subscriptionUpdate.setTrustRootCertUrl("subscription.update.cert.com"); - assertEquals("subscription.update.cert.com", subscriptionUpdate.getTrustRootCertUrl()); - subscriptionUpdate.setTrustRootCertSha256Fingerprint(certFingerprint); - assertTrue(Arrays.equals(certFingerprint, - subscriptionUpdate.getTrustRootCertSha256Fingerprint())); - config.setSubscriptionUpdate(subscriptionUpdate); - assertEquals(subscriptionUpdate, config.getSubscriptionUpdate()); - - // Subscription parameters. - config.setSubscriptionCreationTimeInMillis(format.parse("2016-02-01T10:00:00Z").getTime()); - assertEquals(format.parse("2016-02-01T10:00:00Z").getTime(), - config.getSubscriptionCreationTimeInMillis()); - config.setSubscriptionExpirationTimeInMillis(format.parse("2016-03-01T10:00:00Z").getTime()); - assertEquals(format.parse("2016-03-01T10:00:00Z").getTime(), - config.getSubscriptionExpirationTimeInMillis()); - config.setSubscriptionType("Gold"); - assertEquals("Gold", config.getSubscriptionType()); - config.setUsageLimitDataLimit(921890); - assertEquals(921890, config.getUsageLimitDataLimit()); - config.setUsageLimitStartTimeInMillis(format.parse("2016-12-01T10:00:00Z").getTime()); - assertEquals(format.parse("2016-12-01T10:00:00Z").getTime(), - config.getUsageLimitStartTimeInMillis()); - config.setUsageLimitTimeLimitInMinutes(120); - assertEquals(120, config.getUsageLimitTimeLimitInMinutes()); - config.setUsageLimitUsageTimePeriodInMinutes(99910); - assertEquals(99910, config.getUsageLimitUsageTimePeriodInMinutes()); // HomeSP configuration. HomeSp homeSp = new HomeSp(); @@ -134,46 +80,18 @@ public class PpsMoParserTest extends AndroidTestCase { homeSp.setRoamingConsortiumOis(new long[] {0x112233L, 0x445566L}); assertTrue(Arrays.equals(new long[] {0x112233L, 0x445566L}, homeSp.getRoamingConsortiumOis())); - homeSp.setIconUrl("icon.test.com"); - assertEquals("icon.test.com", homeSp.getIconUrl()); - Map homeNetworkIds = new HashMap<>(); - homeNetworkIds.put("TestSSID", 0x12345678L); - homeNetworkIds.put("NullHESSID", null); - homeSp.setHomeNetworkIds(homeNetworkIds); - assertEquals(homeNetworkIds, homeSp.getHomeNetworkIds()); - homeSp.setMatchAllOis(new long[] {0x11223344}); - assertTrue(Arrays.equals(new long[] {0x11223344}, homeSp.getMatchAllOis())); - homeSp.setMatchAnyOis(new long[] {0x55667788}); - assertTrue(Arrays.equals(new long[] {0x55667788}, homeSp.getMatchAnyOis())); - homeSp.setOtherHomePartners(new String[] {"other.fqdn.com"}); - assertTrue(Arrays.equals(new String[] {"other.fqdn.com"}, - homeSp.getOtherHomePartners())); config.setHomeSp(homeSp); assertEquals(homeSp, config.getHomeSp()); // Credential configuration. Credential credential = new Credential(); - credential.setCreationTimeInMillis(format.parse("2016-01-01T10:00:00Z").getTime()); - assertEquals(format.parse("2016-01-01T10:00:00Z").getTime(), - credential.getCreationTimeInMillis()); - credential.setExpirationTimeInMillis(format.parse("2016-02-01T10:00:00Z").getTime()); - assertEquals(format.parse("2016-02-01T10:00:00Z").getTime(), - credential.getExpirationTimeInMillis()); credential.setRealm("shaken.stirred.com"); assertEquals("shaken.stirred.com", credential.getRealm()); - credential.setCheckAaaServerCertStatus(true); - assertTrue(credential.getCheckAaaServerCertStatus()); Credential.UserCredential userCredential = new Credential.UserCredential(); userCredential.setUsername("james"); assertEquals("james", userCredential.getUsername()); userCredential.setPassword("Ym9uZDAwNw=="); assertEquals("Ym9uZDAwNw==", userCredential.getPassword()); - userCredential.setMachineManaged(true); - assertTrue(userCredential.getMachineManaged()); - userCredential.setSoftTokenApp("TestApp"); - assertEquals("TestApp", userCredential.getSoftTokenApp()); - userCredential.setAbleToShare(true); - assertTrue(userCredential.getAbleToShare()); userCredential.setEapType(21); assertEquals(21, userCredential.getEapType()); userCredential.setNonEapInnerMethod("MS-CHAP-V2"); @@ -196,70 +114,6 @@ public class PpsMoParserTest extends AndroidTestCase { assertEquals(simCredential, credential.getSimCredential()); config.setCredential(credential); assertEquals(credential, config.getCredential()); - - // Policy configuration. - Policy policy = new Policy(); - List preferredRoamingPartnerList = new ArrayList<>(); - Policy.RoamingPartner partner1 = new Policy.RoamingPartner(); - partner1.setFqdn("test1.fqdn.com"); - assertEquals("test1.fqdn.com", partner1.getFqdn()); - partner1.setFqdnExactMatch(true); - assertTrue(partner1.getFqdnExactMatch()); - partner1.setPriority(127); - assertEquals(127, partner1.getPriority()); - partner1.setCountries("us,fr"); - assertEquals("us,fr", partner1.getCountries()); - Policy.RoamingPartner partner2 = new Policy.RoamingPartner(); - partner2.setFqdn("test2.fqdn.com"); - assertEquals("test2.fqdn.com", partner2.getFqdn()); - partner2.setFqdnExactMatch(false); - assertFalse(partner2.getFqdnExactMatch()); - partner2.setPriority(200); - assertEquals(200, partner2.getPriority()); - partner2.setCountries("*"); - assertEquals("*", partner2.getCountries()); - preferredRoamingPartnerList.add(partner1); - preferredRoamingPartnerList.add(partner2); - policy.setPreferredRoamingPartnerList(preferredRoamingPartnerList); - assertEquals(preferredRoamingPartnerList, policy.getPreferredRoamingPartnerList()); - policy.setMinHomeDownlinkBandwidth(23412); - assertEquals(23412, policy.getMinHomeDownlinkBandwidth()); - policy.setMinHomeUplinkBandwidth(9823); - assertEquals(9823, policy.getMinHomeUplinkBandwidth()); - policy.setMinRoamingDownlinkBandwidth(9271); - assertEquals(9271, policy.getMinRoamingDownlinkBandwidth()); - policy.setMinRoamingUplinkBandwidth(2315); - assertEquals(2315, policy.getMinRoamingUplinkBandwidth()); - policy.setExcludedSsidList(new String[] {"excludeSSID"}); - assertTrue(Arrays.equals(new String[] {"excludeSSID"}, policy.getExcludedSsidList())); - Map requiredProtoPortMap = new HashMap<>(); - requiredProtoPortMap.put(12, "34,92,234"); - policy.setRequiredProtoPortMap(requiredProtoPortMap); - assertEquals(requiredProtoPortMap, policy.getRequiredProtoPortMap()); - policy.setMaximumBssLoadValue(23); - assertEquals(23, policy.getMaximumBssLoadValue()); - UpdateParameter policyUpdate = new UpdateParameter(); - policyUpdate.setUpdateIntervalInMinutes(120); - assertEquals(120, policyUpdate.getUpdateIntervalInMinutes()); - policyUpdate.setUpdateMethod(UpdateParameter.UPDATE_METHOD_OMADM); - assertEquals(UpdateParameter.UPDATE_METHOD_OMADM, policyUpdate.getUpdateMethod()); - policyUpdate.setRestriction(UpdateParameter.UPDATE_RESTRICTION_HOMESP); - assertEquals(UpdateParameter.UPDATE_RESTRICTION_HOMESP, policyUpdate.getRestriction()); - policyUpdate.setServerUri("policy.update.com"); - assertEquals("policy.update.com", policyUpdate.getServerUri()); - policyUpdate.setUsername("updateUser"); - assertEquals("updateUser", policyUpdate.getUsername()); - policyUpdate.setBase64EncodedPassword("updatePass"); - assertEquals("updatePass", policyUpdate.getBase64EncodedPassword()); - policyUpdate.setTrustRootCertUrl("update.cert.com"); - assertEquals("update.cert.com", policyUpdate.getTrustRootCertUrl()); - policyUpdate.setTrustRootCertSha256Fingerprint(certFingerprint); - assertTrue(Arrays.equals(certFingerprint, - policyUpdate.getTrustRootCertSha256Fingerprint())); - policy.setPolicyUpdate(policyUpdate); - assertEquals(policyUpdate, policy.getPolicyUpdate()); - config.setPolicy(policy); - assertEquals(policy, config.getPolicy()); return config; } diff --git a/tests/cts/net/src/android/net/wifi/cts/WifiManagerTest.java b/tests/cts/net/src/android/net/wifi/cts/WifiManagerTest.java index 14ae1b450a..c8a76515ff 100644 --- a/tests/cts/net/src/android/net/wifi/cts/WifiManagerTest.java +++ b/tests/cts/net/src/android/net/wifi/cts/WifiManagerTest.java @@ -587,15 +587,12 @@ public class WifiManagerTest extends AndroidTestCase { private PasspointConfiguration generatePasspointConfig(Credential credential) { PasspointConfiguration config = new PasspointConfiguration(); config.setCredential(credential); - // Setting update identifier to indicate R2 configuration, to avoid CA - // certificate being verified, since we're using a fake CA certificate - // for testing. - config.setUpdateIdentifier(1); // Setup HomeSp. HomeSp homeSp = new HomeSp(); homeSp.setFqdn("Test.com"); homeSp.setFriendlyName("Test Provider"); + homeSp.setRoamingConsortiumOis(new long[] {0x11223344}); config.setHomeSp(homeSp); return config; @@ -615,7 +612,7 @@ public class WifiManagerTest extends AndroidTestCase { userCred.setPassword("password"); userCred.setNonEapInnerMethod("PAP"); credential.setUserCredential(userCred); - credential.setCaCertificate(FakeKeys.CA_CERT0); + credential.setCaCertificate(FakeKeys.CA_PUBLIC_CERT); return credential; } @@ -632,7 +629,7 @@ public class WifiManagerTest extends AndroidTestCase { certCredential.setCertSha256Fingerprint( MessageDigest.getInstance("SHA-256").digest(FakeKeys.CLIENT_CERT.getEncoded())); credential.setCertCredential(certCredential); - credential.setCaCertificate(FakeKeys.CA_CERT0); + credential.setCaCertificate(FakeKeys.CA_PUBLIC_CERT); credential.setClientCertificateChain(new X509Certificate[] {FakeKeys.CLIENT_CERT}); credential.setClientPrivateKey(FakeKeys.RSA_KEY1); return credential;