LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Improve IKEv2/IPsec VPN by proposing more IPsec algorithms" am: 5cb9e37a55 am: 10f4456e79

Browse Source 
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1690265

Change-Id: I0e467627fdbf70d6ec704f1f2be58223df9642ed
This commit is contained in:
Yan Yan
2021-05-21 23:12:45 +00:00
committed by Automerger Merge Worker
parent a2e59b47ef 10f4456e79
commit 80ddfb47cd
2 changed files with 12 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tests/unit/java/android/net/Ikev2VpnProfileTest.java
View File

@@ -29,8 +29,8 @@ import androidx.test.filters.SmallTest;
import androidx.test.runner.AndroidJUnit4;
import com.android.internal.net.VpnProfile;
import com.android.net.module.util.ProxyUtils;
import com.android.internal.org.bouncycastle.x509.X509V1CertificateGenerator;
import com.android.net.module.util.ProxyUtils;
import org.junit.Before;
import org.junit.Test;
@@ -170,7 +170,10 @@ public class Ikev2VpnProfileTest {
final Ikev2VpnProfile.Builder builder = getBuilderWithDefaultOptions();
builder.setAuthPsk(PSK_BYTES);
List<String> allowedAlgorithms = Arrays.asList(IpSecAlgorithm.AUTH_CRYPT_AES_GCM);
List<String> allowedAlgorithms =
Arrays.asList(
IpSecAlgorithm.AUTH_CRYPT_AES_GCM,
IpSecAlgorithm.AUTH_CRYPT_CHACHA20_POLY1305);
builder.setAllowedAlgorithms(allowedAlgorithms);
final Ikev2VpnProfile profile = builder.build();
@@ -183,7 +186,12 @@ public class Ikev2VpnProfileTest {
builder.setAuthPsk(PSK_BYTES);
List<String> allowedAlgorithms =
Arrays.asList(IpSecAlgorithm.AUTH_HMAC_SHA512, IpSecAlgorithm.CRYPT_AES_CBC);
Arrays.asList(
IpSecAlgorithm.AUTH_HMAC_SHA512,
IpSecAlgorithm.AUTH_AES_XCBC,
IpSecAlgorithm.AUTH_AES_CMAC,
IpSecAlgorithm.CRYPT_AES_CBC,
IpSecAlgorithm.CRYPT_AES_CTR);
builder.setAllowedAlgorithms(allowedAlgorithms);
final Ikev2VpnProfile profile = builder.build();

26
tests/unit/java/com/android/internal/net/VpnProfileTest.java
View File

@@ -23,7 +23,6 @@ import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import android.net.IpSecAlgorithm;
@@ -97,6 +96,7 @@ public class VpnProfileTest {
p.setAllowedAlgorithms(
Arrays.asList(
IpSecAlgorithm.AUTH_CRYPT_AES_GCM,
IpSecAlgorithm.AUTH_CRYPT_CHACHA20_POLY1305,
IpSecAlgorithm.AUTH_HMAC_SHA512,
IpSecAlgorithm.CRYPT_AES_CBC));
p.isBypassable = true;
@@ -125,30 +125,6 @@ public class VpnProfileTest {
assertParcelSane(getSampleIkev2Profile(DUMMY_PROFILE_KEY), 23);
}
@Test
public void testSetInvalidAlgorithmValueDelimiter() {
final VpnProfile profile = getSampleIkev2Profile(DUMMY_PROFILE_KEY);
try {
profile.setAllowedAlgorithms(
Arrays.asList("test" + VpnProfile.VALUE_DELIMITER + "test"));
fail("Expected failure due to value separator in algorithm name");
} catch (IllegalArgumentException expected) {
}
}
@Test
public void testSetInvalidAlgorithmListDelimiter() {
final VpnProfile profile = getSampleIkev2Profile(DUMMY_PROFILE_KEY);
try {
profile.setAllowedAlgorithms(
Arrays.asList("test" + VpnProfile.LIST_DELIMITER + "test"));
fail("Expected failure due to value separator in algorithm name");
} catch (IllegalArgumentException expected) {
}
}
@Test
public void testEncodeDecode() {
final VpnProfile profile = getSampleIkev2Profile(DUMMY_PROFILE_KEY);