Verify creation and deletion of IpSecTransform pair

- Verify that inbound and outbound IpSecTransforms are created when a Child Session is created - Verify that when Child Session is deleted, the IpSecTransform pair is deleted Bug: 148689509 Test: atest CtsIkeTestCases Change-Id: If142b3fb2ac791322921beeab1bc8d43db255317 Merged-In: If142b3fb2ac791322921beeab1bc8d43db255317 (cherry picked from commit a91fc43cbdfc6e58347493506fa5079a4280dca8)
2020-05-26 23:43:09 +00:00
parent 994edc463e
commit f50119bbe4
2 changed files with 69 additions and 11 deletions
--- a/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionPskTest.java
+++ b/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionPskTest.java
@@ -165,8 +165,11 @@ public class IkeSessionPskTest extends IkeSessionTestBase {
        assertTrue(firstChildConfig.getInternalDnsServers().isEmpty());
        assertTrue(firstChildConfig.getInternalDhcpServers().isEmpty());

-        assertNotNull(mFirstChildSessionCallback.awaitNextCreatedIpSecTransform());
-        assertNotNull(mFirstChildSessionCallback.awaitNextCreatedIpSecTransform());
+        IpSecTransformCallRecord firstTransformRecordA =
+                mFirstChildSessionCallback.awaitNextCreatedIpSecTransform();
+        IpSecTransformCallRecord firstTransformRecordB =
+                mFirstChildSessionCallback.awaitNextCreatedIpSecTransform();
+        verifyCreateIpSecTransformPair(firstTransformRecordA, firstTransformRecordB);

        // Open additional Child Session
        TestChildSessionCallback additionalChildCb = new TestChildSessionCallback();
@@ -188,8 +191,11 @@ public class IkeSessionPskTest extends IkeSessionTestBase {
        assertTrue(additionalChildConfig.getInternalDnsServers().isEmpty());
        assertTrue(additionalChildConfig.getInternalDhcpServers().isEmpty());

-        assertNotNull(additionalChildCb.awaitNextCreatedIpSecTransform());
-        assertNotNull(additionalChildCb.awaitNextCreatedIpSecTransform());
+        IpSecTransformCallRecord additionalTransformRecordA =
+                additionalChildCb.awaitNextCreatedIpSecTransform();
+        IpSecTransformCallRecord additionalTransformRecordB =
+                additionalChildCb.awaitNextCreatedIpSecTransform();
+        verifyCreateIpSecTransformPair(additionalTransformRecordA, additionalTransformRecordB);

        // Close additional Child Session
        ikeSession.closeChildSession(additionalChildCb);
@@ -199,8 +205,8 @@ public class IkeSessionPskTest extends IkeSessionTestBase {
                true /* expectedUseEncap */,
                hexStringToByteArray(SUCCESS_DELETE_CHILD_RESP));

-        assertNotNull(additionalChildCb.awaitNextDeletedIpSecTransform());
-        assertNotNull(additionalChildCb.awaitNextDeletedIpSecTransform());
+        verifyDeleteIpSecTransformPair(
+                additionalChildCb, additionalTransformRecordA, additionalTransformRecordB);
        additionalChildCb.awaitOnClosed();

        // Close IKE Session
@@ -211,12 +217,10 @@ public class IkeSessionPskTest extends IkeSessionTestBase {
                true /* expectedUseEncap */,
                hexStringToByteArray(SUCCESS_DELETE_IKE_RESP));

-        assertNotNull(mFirstChildSessionCallback.awaitNextDeletedIpSecTransform());
-        assertNotNull(mFirstChildSessionCallback.awaitNextDeletedIpSecTransform());
+        verifyDeleteIpSecTransformPair(
+                mFirstChildSessionCallback, firstTransformRecordA, firstTransformRecordB);
        mFirstChildSessionCallback.awaitOnClosed();
        mIkeSessionCallback.awaitOnClosed();
-
-        // TODO: verify created and deleted IpSecTransform pair and their directions
    }

    @Test
@@ -245,7 +249,7 @@ public class IkeSessionPskTest extends IkeSessionTestBase {

    @Test
    public void testIkeInitFail() throws Exception {
-        String ikeInitFailRespHex =
+        final String ikeInitFailRespHex =
                "46B8ECA1E0D72A180000000000000000292022200000000000000024000000080000000E";

        // Open IKE Session
--- a/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionTestBase.java
+++ b/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionTestBase.java
@@ -17,12 +17,16 @@ package android.net.ipsec.ike.cts;

 import static android.app.AppOpsManager.OP_MANAGE_IPSEC_TUNNELS;

+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
 import android.annotation.NonNull;
 import android.app.AppOpsManager;
 import android.content.Context;
 import android.content.pm.PackageManager;
 import android.net.ConnectivityManager;
 import android.net.InetAddresses;
+import android.net.IpSecManager;
 import android.net.IpSecTransform;
 import android.net.LinkAddress;
 import android.net.Network;
@@ -55,6 +59,9 @@ import org.junit.runner.RunWith;

 import java.net.Inet4Address;
 import java.net.InetAddress;
+import java.util.HashSet;
+import java.util.Objects;
+import java.util.Set;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.Executor;
 import java.util.concurrent.Executors;
@@ -370,6 +377,53 @@ abstract class IkeSessionTestBase extends IkeTestBase {
            this.ipSecTransform = ipSecTransform;
            this.direction = direction;
        }
+
+        @Override
+        public int hashCode() {
+            return Objects.hash(ipSecTransform, direction);
+        }
+
+        @Override
+        public boolean equals(Object o) {
+            if (!(o instanceof IpSecTransformCallRecord)) return false;
+
+            IpSecTransformCallRecord record = (IpSecTransformCallRecord) o;
+            return ipSecTransform.equals(record.ipSecTransform) && direction == record.direction;
+        }
+    }
+
+    static void verifyCreateIpSecTransformPair(
+            IpSecTransformCallRecord transformRecordA, IpSecTransformCallRecord transformRecordB) {
+        IpSecTransform transformA = transformRecordA.ipSecTransform;
+        IpSecTransform transformB = transformRecordB.ipSecTransform;
+
+        assertNotNull(transformA);
+        assertNotNull(transformB);
+
+        Set<Integer> expectedDirections = new HashSet<>();
+        expectedDirections.add(IpSecManager.DIRECTION_IN);
+        expectedDirections.add(IpSecManager.DIRECTION_OUT);
+
+        Set<Integer> resultDirections = new HashSet<>();
+        resultDirections.add(transformRecordA.direction);
+        resultDirections.add(transformRecordB.direction);
+
+        assertEquals(expectedDirections, resultDirections);
+    }
+
+    static void verifyDeleteIpSecTransformPair(
+            TestChildSessionCallback childCb,
+            IpSecTransformCallRecord expectedTransformRecordA,
+            IpSecTransformCallRecord expectedTransformRecordB) {
+        Set<IpSecTransformCallRecord> expectedTransforms = new HashSet<>();
+        expectedTransforms.add(expectedTransformRecordA);
+        expectedTransforms.add(expectedTransformRecordB);
+
+        Set<IpSecTransformCallRecord> resultTransforms = new HashSet<>();
+        resultTransforms.add(childCb.awaitNextDeletedIpSecTransform());
+        resultTransforms.add(childCb.awaitNextDeletedIpSecTransform());
+
+        assertEquals(expectedTransforms, resultTransforms);
    }

    /** Package private method to check if device has IPsec tunnels feature */