Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 81e2476c authored by Ludovic Barman's avatar Ludovic Barman Committed by Android (Google) Code Review
Browse files

Merge "Migrate NetworkSecurityConfigTest to JUnit 4" into main

parents 0ca2c59b 6630c443
Loading
Loading
Loading
Loading
+7 −2
Original line number Original line Diff line number Diff line
@@ -12,9 +12,14 @@ android_test {
    certificate: "platform",
    certificate: "platform",
    libs: [
    libs: [
        "android.test.base.stubs.system",
        "android.test.base.stubs.system",
        "android.test.runner.stubs.system",
    ],
    ],
    static_libs: ["junit"],
    static_libs: [
        "androidx.test.ext.junit",
        "androidx.test.runner",
        "flag-junit",
        "junit",
        "platform-compat-test-rules",
    ],
    // Include all test java files.
    // Include all test java files.
    srcs: ["src/**/*.java"],
    srcs: ["src/**/*.java"],
    platform_apis: true,
    platform_apis: true,
+1 −1
Original line number Original line Diff line number Diff line
@@ -22,7 +22,7 @@
        <uses-library android:name="android.test.runner" />
        <uses-library android:name="android.test.runner" />
    </application>
    </application>


    <instrumentation android:name="android.test.InstrumentationTestRunner"
    <instrumentation android:name="androidx.test.runner.AndroidJUnitRunner"
        android:targetPackage="android.security.net.config"
        android:targetPackage="android.security.net.config"
        android:label="ANSC Tests">
        android:label="ANSC Tests">
    </instrumentation>
    </instrumentation>
+13 −0
Original line number Original line Diff line number Diff line
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (C) 2025 The Android Open Source Project -->

<configuration description="Config for NetworkSecurityConfigTests">
    <option name="test-suite-tag" value="apct" />
    <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller">
        <option name="cleanup-apks" value="true" />
        <option name="test-file-name" value="NetworkSecurityConfigTests.apk" />
    </target_preparer>
    <test class="com.android.tradefed.testtype.AndroidJUnitTest" >
        <option name="package" value="android.security.net.config" />
    </test>
</configuration>
 No newline at end of file
+21 −8
Original line number Original line Diff line number Diff line
@@ -16,13 +16,16 @@


package android.security.net.config;
package android.security.net.config;


import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;

import android.app.Activity;
import android.app.Activity;
import android.content.pm.ApplicationInfo;
import android.content.pm.ApplicationInfo;
import android.os.Build;
import android.os.Build;
import android.test.ActivityUnitTestCase;
import android.util.ArraySet;
import android.util.ArraySet;
import android.util.Pair;
import android.util.Pair;

import androidx.test.ext.junit.runners.AndroidJUnit4;
import com.android.org.conscrypt.TrustedCertificateStore;
import com.android.org.conscrypt.TrustedCertificateStore;


import java.io.ByteArrayInputStream;
import java.io.ByteArrayInputStream;
@@ -33,12 +36,11 @@ import java.util.HashSet;
import java.util.Set;
import java.util.Set;


import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLContext;
import org.junit.Test;
import org.junit.runner.RunWith;


public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
@RunWith(AndroidJUnit4.class)

public class NetworkSecurityConfigTests {
    public NetworkSecurityConfigTests() {
        super(Activity.class);
    }


    // SHA-256 of the GTS intermediate CA (CN = WR2) for android.com (as of 01/2025).
    // SHA-256 of the GTS intermediate CA (CN = WR2) for android.com (as of 01/2025).
    private static final byte[] GTS_INTERMEDIATE_SPKI_SHA256 =
    private static final byte[] GTS_INTERMEDIATE_SPKI_SHA256 =
@@ -116,6 +118,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
                .build();
                .build();
    }
    }


    @Test
    public void testEmptyConfig() throws Exception {
    public void testEmptyConfig() throws Exception {
        ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap
        ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap
                = new ArraySet<Pair<Domain, NetworkSecurityConfig>>();
                = new ArraySet<Pair<Domain, NetworkSecurityConfig>>();
@@ -125,6 +128,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        TestUtils.assertConnectionFails(context, "android.com", 443);
        TestUtils.assertConnectionFails(context, "android.com", 443);
    }
    }


    @Test
    public void testEmptyPerNetworkSecurityConfig() throws Exception {
    public void testEmptyPerNetworkSecurityConfig() throws Exception {
        ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap
        ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap
                = new ArraySet<Pair<Domain, NetworkSecurityConfig>>();
                = new ArraySet<Pair<Domain, NetworkSecurityConfig>>();
@@ -136,6 +140,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        TestUtils.assertConnectionSucceeds(context, "google.com", 443);
        TestUtils.assertConnectionSucceeds(context, "google.com", 443);
    }
    }


    @Test
    public void testBadPin() throws Exception {
    public void testBadPin() throws Exception {
        ArraySet<Pin> pins = new ArraySet<Pin>();
        ArraySet<Pin> pins = new ArraySet<Pin>();
        pins.add(new Pin("SHA-256", new byte[0]));
        pins.add(new Pin("SHA-256", new byte[0]));
@@ -155,6 +160,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        TestUtils.assertConnectionSucceeds(context, "google.com", 443);
        TestUtils.assertConnectionSucceeds(context, "google.com", 443);
    }
    }


    @Test
    public void testGoodPin() throws Exception {
    public void testGoodPin() throws Exception {
        ArraySet<Pin> pins = new ArraySet<Pin>();
        ArraySet<Pin> pins = new ArraySet<Pin>();
        pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256));
        pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256));
@@ -174,6 +180,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443);
        TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443);
    }
    }


    @Test
    public void testOverridePins() throws Exception {
    public void testOverridePins() throws Exception {
        // Use a bad pin + granting the system CA store the ability to override pins.
        // Use a bad pin + granting the system CA store the ability to override pins.
        ArraySet<Pin> pins = new ArraySet<Pin>();
        ArraySet<Pin> pins = new ArraySet<Pin>();
@@ -193,6 +200,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        TestUtils.assertConnectionSucceeds(context, "android.com", 443);
        TestUtils.assertConnectionSucceeds(context, "android.com", 443);
    }
    }


    @Test
    public void testMostSpecificNetworkSecurityConfig() throws Exception {
    public void testMostSpecificNetworkSecurityConfig() throws Exception {
        ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap
        ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap
                = new ArraySet<Pair<Domain, NetworkSecurityConfig>>();
                = new ArraySet<Pair<Domain, NetworkSecurityConfig>>();
@@ -206,6 +214,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443);
        TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443);
    }
    }


    @Test
    public void testSubdomainIncluded() throws Exception {
    public void testSubdomainIncluded() throws Exception {
        // First try connecting to a subdomain of a domain entry that includes subdomains.
        // First try connecting to a subdomain of a domain entry that includes subdomains.
        ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap
        ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap
@@ -223,15 +232,17 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        TestUtils.assertConnectionFails(context, "developer.android.com", 443);
        TestUtils.assertConnectionFails(context, "developer.android.com", 443);
    }
    }


    @Test
    public void testConfigBuilderUsesParents() throws Exception {
    public void testConfigBuilderUsesParents() throws Exception {
        // Check that a builder with a parent uses the parent's values when non is set.
        // Check that a builder with a parent uses the parent's values when non is set.
        NetworkSecurityConfig config = new NetworkSecurityConfig.Builder()
        NetworkSecurityConfig config = new NetworkSecurityConfig.Builder()
                .setParent(NetworkSecurityConfig
                .setParent(NetworkSecurityConfig
                        .getDefaultBuilder(TestUtils.makeApplicationInfo()))
                        .getDefaultBuilder(TestUtils.makeApplicationInfo()))
                .build();
                .build();
        assert(!config.getTrustAnchors().isEmpty());
        assertFalse(config.getTrustAnchors().isEmpty());
    }
    }


    @Test
    public void testConfigBuilderParentLoop() throws Exception {
    public void testConfigBuilderParentLoop() throws Exception {
        NetworkSecurityConfig.Builder config1 = new NetworkSecurityConfig.Builder();
        NetworkSecurityConfig.Builder config1 = new NetworkSecurityConfig.Builder();
        NetworkSecurityConfig.Builder config2 = new NetworkSecurityConfig.Builder();
        NetworkSecurityConfig.Builder config2 = new NetworkSecurityConfig.Builder();
@@ -243,6 +254,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        }
        }
    }
    }


    @Test
    public void testWithUrlConnection() throws Exception {
    public void testWithUrlConnection() throws Exception {
        ArraySet<Pin> pins = new ArraySet<Pin>();
        ArraySet<Pin> pins = new ArraySet<Pin>();
        pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256));
        pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256));
@@ -263,6 +275,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> {
        TestUtils.assertUrlConnectionFails(context, "google.com", 443);
        TestUtils.assertUrlConnectionFails(context, "google.com", 443);
    }
    }


    @Test
    public void testUserAddedCaOptIn() throws Exception {
    public void testUserAddedCaOptIn() throws Exception {
        TrustedCertificateStore store = new TrustedCertificateStore();
        TrustedCertificateStore store = new TrustedCertificateStore();
        try {
        try {
+98 −50

File changed.

Preview size limit exceeded, changes collapsed.