Loading services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java +3 −0 Original line number Diff line number Diff line Loading @@ -385,6 +385,9 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { String packageName = getPackageNameNormalized(packageAndCert[0]); String cert = packageAndCert[1]; packageCertMap.put(packageName, cert); } else if (packageAndCert.length == 1 && packageAndCert[0].equals(ADB_INSTALLER)) { packageCertMap.put(ADB_INSTALLER, INSTALLER_CERT_NOT_APPLICABLE); } } } Loading services/tests/servicestests/AndroidTest.xml +5 −0 Original line number Diff line number Diff line Loading @@ -26,6 +26,11 @@ <option name="test-file-name" value="SimpleServiceTestApp.apk" /> </target_preparer> <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer"> <option name="cleanup" value="true" /> <option name="push" value="AppIntegrityManagerServiceTestApp.apk->/data/local/tmp/AppIntegrityManagerServiceTestApp.apk" /> </target_preparer> <option name="test-tag" value="FrameworksServicesTests" /> <test class="com.android.tradefed.testtype.AndroidJUnitTest" > <option name="package" value="com.android.frameworks.servicestests" /> Loading services/tests/servicestests/assets/AppIntegrityManagerServiceImplTest/test.apkdeleted 100644 → 0 −1.3 MiB File deleted. View file services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java +34 −19 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.doThrow; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.never; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; Loading Loading @@ -64,7 +65,6 @@ import com.android.server.integrity.engine.RuleEvaluationEngine; import com.android.server.integrity.model.IntegrityCheckResult; import com.android.server.testutils.TestUtils; import org.junit.After; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; Loading @@ -75,9 +75,6 @@ import org.mockito.junit.MockitoRule; import java.io.File; import java.io.IOException; import java.io.InputStream; import java.nio.file.Files; import java.nio.file.StandardCopyOption; import java.util.Arrays; import java.util.HashMap; import java.util.List; Loading @@ -86,7 +83,8 @@ import java.util.Map; /** Unit test for {@link com.android.server.integrity.AppIntegrityManagerServiceImpl} */ @RunWith(AndroidJUnit4.class) public class AppIntegrityManagerServiceImplTest { private static final String TEST_DIR = "AppIntegrityManagerServiceImplTest"; private static final String TEST_APP_PATH = "/data/local/tmp/AppIntegrityManagerServiceTestApp.apk"; private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive"; private static final String VERSION = "version"; Loading @@ -97,13 +95,19 @@ public class AppIntegrityManagerServiceImplTest { private static final String INSTALLER = TEST_FRAMEWORK_PACKAGE; // These are obtained by running the test and checking logcat. private static final String APP_CERT = "949ADC6CB92FF09E3784D6E9504F26F9BEAC06E60D881D55A6A81160F9CD6FD1"; "301AA3CB081134501C45F1422ABC66C24224FD5DED5FDC8F17E697176FD866AA"; private static final String INSTALLER_CERT = "301AA3CB081134501C45F1422ABC66C24224FD5DED5FDC8F17E697176FD866AA"; // We use SHA256 for package names longer than 32 characters. private static final String INSTALLER_SHA256 = "786933C28839603EB48C50B2A688DC6BE52C833627CB2731FF8466A2AE9F94CD"; private static final String PLAY_STORE_PKG = "com.android.vending"; private static final String ADB_INSTALLER = "adb"; private static final String PLAY_STORE_CERT = "play_store_cert"; private static final String ADB_CERT = ""; @org.junit.Rule public MockitoRule mMockitoRule = MockitoJUnit.rule(); @Mock PackageManagerInternal mPackageManagerInternal; Loading @@ -122,11 +126,7 @@ public class AppIntegrityManagerServiceImplTest { @Before public void setup() throws Exception { mTestApk = File.createTempFile("TestApk", /* suffix= */ null); mTestApk.deleteOnExit(); try (InputStream inputStream = mRealContext.getAssets().open(TEST_DIR + "/test.apk")) { Files.copy(inputStream, mTestApk.toPath(), StandardCopyOption.REPLACE_EXISTING); } mTestApk = new File(TEST_APP_PATH); mService = new AppIntegrityManagerServiceImpl( Loading @@ -141,11 +141,7 @@ public class AppIntegrityManagerServiceImplTest { when(mMockContext.getPackageManager()).thenReturn(mSpyPackageManager); when(mMockContext.getResources()).thenReturn(mMockResources); when(mMockResources.getStringArray(anyInt())).thenReturn(new String[] {}); } @After public void tearDown() throws Exception { mTestApk.delete(); when(mIntegrityFileManager.initialized()).thenReturn(true); } // This is not a test of the class, but more of a safeguard that we don't block any install in Loading Loading @@ -310,10 +306,10 @@ public class AppIntegrityManagerServiceImplTest { assertEquals(INSTALLER_CERT, appInstallMetadata.getInstallerCertificate()); assertEquals(VERSION_CODE, appInstallMetadata.getVersionCode()); assertFalse(appInstallMetadata.isPreInstalled()); // These are hardcoded in the test apk // These are hardcoded in the test apk android manifest assertEquals(2, allowedInstallers.size()); assertEquals("cert_1", allowedInstallers.get("store_1")); assertEquals("cert_2", allowedInstallers.get("store_2")); assertEquals(PLAY_STORE_CERT, allowedInstallers.get(PLAY_STORE_PKG)); assertEquals(ADB_CERT, allowedInstallers.get(ADB_INSTALLER)); } @Test Loading Loading @@ -356,6 +352,25 @@ public class AppIntegrityManagerServiceImplTest { 1, PackageManagerInternal.INTEGRITY_VERIFICATION_REJECT); } @Test public void handleBroadcast_notInitialized() throws Exception { when(mIntegrityFileManager.initialized()).thenReturn(false); ArgumentCaptor<BroadcastReceiver> broadcastReceiverCaptor = ArgumentCaptor.forClass(BroadcastReceiver.class); verify(mMockContext) .registerReceiver(broadcastReceiverCaptor.capture(), any(), any(), any()); Intent intent = makeVerificationIntent(); when(mRuleEvaluationEngine.evaluate(any(), any())).thenReturn(IntegrityCheckResult.allow()); broadcastReceiverCaptor.getValue().onReceive(mMockContext, intent); runJobInHandler(); verify(mPackageManagerInternal) .setIntegrityVerificationResult( 1, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); verify(mSpyPackageManager, never()).getPackageArchiveInfo(any(), anyInt()); } private void whitelistUsAsRuleProvider() { Resources mockResources = mock(Resources.class); when(mockResources.getStringArray(R.array.config_integrityRuleProviderPackages)) Loading services/tests/servicestests/test-apps/AppIntegrityManagerServiceTestApp/Android.bp 0 → 100644 +21 −0 Original line number Diff line number Diff line // Copyright (C) 2017 The Android Open Source Project // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. android_test_helper_app { name: "AppIntegrityManagerServiceTestApp", test_suites: ["device-tests"], certificate: "platform", } Loading
services/core/java/com/android/server/integrity/AppIntegrityManagerServiceImpl.java +3 −0 Original line number Diff line number Diff line Loading @@ -385,6 +385,9 @@ public class AppIntegrityManagerServiceImpl extends IAppIntegrityManager.Stub { String packageName = getPackageNameNormalized(packageAndCert[0]); String cert = packageAndCert[1]; packageCertMap.put(packageName, cert); } else if (packageAndCert.length == 1 && packageAndCert[0].equals(ADB_INSTALLER)) { packageCertMap.put(ADB_INSTALLER, INSTALLER_CERT_NOT_APPLICABLE); } } } Loading
services/tests/servicestests/AndroidTest.xml +5 −0 Original line number Diff line number Diff line Loading @@ -26,6 +26,11 @@ <option name="test-file-name" value="SimpleServiceTestApp.apk" /> </target_preparer> <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer"> <option name="cleanup" value="true" /> <option name="push" value="AppIntegrityManagerServiceTestApp.apk->/data/local/tmp/AppIntegrityManagerServiceTestApp.apk" /> </target_preparer> <option name="test-tag" value="FrameworksServicesTests" /> <test class="com.android.tradefed.testtype.AndroidJUnitTest" > <option name="package" value="com.android.frameworks.servicestests" /> Loading
services/tests/servicestests/assets/AppIntegrityManagerServiceImplTest/test.apkdeleted 100644 → 0 −1.3 MiB File deleted. View file
services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java +34 −19 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.doThrow; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.never; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; Loading Loading @@ -64,7 +65,6 @@ import com.android.server.integrity.engine.RuleEvaluationEngine; import com.android.server.integrity.model.IntegrityCheckResult; import com.android.server.testutils.TestUtils; import org.junit.After; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; Loading @@ -75,9 +75,6 @@ import org.mockito.junit.MockitoRule; import java.io.File; import java.io.IOException; import java.io.InputStream; import java.nio.file.Files; import java.nio.file.StandardCopyOption; import java.util.Arrays; import java.util.HashMap; import java.util.List; Loading @@ -86,7 +83,8 @@ import java.util.Map; /** Unit test for {@link com.android.server.integrity.AppIntegrityManagerServiceImpl} */ @RunWith(AndroidJUnit4.class) public class AppIntegrityManagerServiceImplTest { private static final String TEST_DIR = "AppIntegrityManagerServiceImplTest"; private static final String TEST_APP_PATH = "/data/local/tmp/AppIntegrityManagerServiceTestApp.apk"; private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive"; private static final String VERSION = "version"; Loading @@ -97,13 +95,19 @@ public class AppIntegrityManagerServiceImplTest { private static final String INSTALLER = TEST_FRAMEWORK_PACKAGE; // These are obtained by running the test and checking logcat. private static final String APP_CERT = "949ADC6CB92FF09E3784D6E9504F26F9BEAC06E60D881D55A6A81160F9CD6FD1"; "301AA3CB081134501C45F1422ABC66C24224FD5DED5FDC8F17E697176FD866AA"; private static final String INSTALLER_CERT = "301AA3CB081134501C45F1422ABC66C24224FD5DED5FDC8F17E697176FD866AA"; // We use SHA256 for package names longer than 32 characters. private static final String INSTALLER_SHA256 = "786933C28839603EB48C50B2A688DC6BE52C833627CB2731FF8466A2AE9F94CD"; private static final String PLAY_STORE_PKG = "com.android.vending"; private static final String ADB_INSTALLER = "adb"; private static final String PLAY_STORE_CERT = "play_store_cert"; private static final String ADB_CERT = ""; @org.junit.Rule public MockitoRule mMockitoRule = MockitoJUnit.rule(); @Mock PackageManagerInternal mPackageManagerInternal; Loading @@ -122,11 +126,7 @@ public class AppIntegrityManagerServiceImplTest { @Before public void setup() throws Exception { mTestApk = File.createTempFile("TestApk", /* suffix= */ null); mTestApk.deleteOnExit(); try (InputStream inputStream = mRealContext.getAssets().open(TEST_DIR + "/test.apk")) { Files.copy(inputStream, mTestApk.toPath(), StandardCopyOption.REPLACE_EXISTING); } mTestApk = new File(TEST_APP_PATH); mService = new AppIntegrityManagerServiceImpl( Loading @@ -141,11 +141,7 @@ public class AppIntegrityManagerServiceImplTest { when(mMockContext.getPackageManager()).thenReturn(mSpyPackageManager); when(mMockContext.getResources()).thenReturn(mMockResources); when(mMockResources.getStringArray(anyInt())).thenReturn(new String[] {}); } @After public void tearDown() throws Exception { mTestApk.delete(); when(mIntegrityFileManager.initialized()).thenReturn(true); } // This is not a test of the class, but more of a safeguard that we don't block any install in Loading Loading @@ -310,10 +306,10 @@ public class AppIntegrityManagerServiceImplTest { assertEquals(INSTALLER_CERT, appInstallMetadata.getInstallerCertificate()); assertEquals(VERSION_CODE, appInstallMetadata.getVersionCode()); assertFalse(appInstallMetadata.isPreInstalled()); // These are hardcoded in the test apk // These are hardcoded in the test apk android manifest assertEquals(2, allowedInstallers.size()); assertEquals("cert_1", allowedInstallers.get("store_1")); assertEquals("cert_2", allowedInstallers.get("store_2")); assertEquals(PLAY_STORE_CERT, allowedInstallers.get(PLAY_STORE_PKG)); assertEquals(ADB_CERT, allowedInstallers.get(ADB_INSTALLER)); } @Test Loading Loading @@ -356,6 +352,25 @@ public class AppIntegrityManagerServiceImplTest { 1, PackageManagerInternal.INTEGRITY_VERIFICATION_REJECT); } @Test public void handleBroadcast_notInitialized() throws Exception { when(mIntegrityFileManager.initialized()).thenReturn(false); ArgumentCaptor<BroadcastReceiver> broadcastReceiverCaptor = ArgumentCaptor.forClass(BroadcastReceiver.class); verify(mMockContext) .registerReceiver(broadcastReceiverCaptor.capture(), any(), any(), any()); Intent intent = makeVerificationIntent(); when(mRuleEvaluationEngine.evaluate(any(), any())).thenReturn(IntegrityCheckResult.allow()); broadcastReceiverCaptor.getValue().onReceive(mMockContext, intent); runJobInHandler(); verify(mPackageManagerInternal) .setIntegrityVerificationResult( 1, PackageManagerInternal.INTEGRITY_VERIFICATION_ALLOW); verify(mSpyPackageManager, never()).getPackageArchiveInfo(any(), anyInt()); } private void whitelistUsAsRuleProvider() { Resources mockResources = mock(Resources.class); when(mockResources.getStringArray(R.array.config_integrityRuleProviderPackages)) Loading
services/tests/servicestests/test-apps/AppIntegrityManagerServiceTestApp/Android.bp 0 → 100644 +21 −0 Original line number Diff line number Diff line // Copyright (C) 2017 The Android Open Source Project // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. android_test_helper_app { name: "AppIntegrityManagerServiceTestApp", test_suites: ["device-tests"], certificate: "platform", }
