Loading tests/NetworkSecurityConfigTest/Android.bp +7 −2 Original line number Original line Diff line number Diff line Loading @@ -12,9 +12,14 @@ android_test { certificate: "platform", certificate: "platform", libs: [ libs: [ "android.test.base.stubs.system", "android.test.base.stubs.system", "android.test.runner.stubs.system", ], ], static_libs: ["junit"], static_libs: [ "androidx.test.ext.junit", "androidx.test.runner", "flag-junit", "junit", "platform-compat-test-rules", ], // Include all test java files. // Include all test java files. srcs: ["src/**/*.java"], srcs: ["src/**/*.java"], platform_apis: true, platform_apis: true, Loading tests/NetworkSecurityConfigTest/AndroidManifest.xml +1 −1 Original line number Original line Diff line number Diff line Loading @@ -22,7 +22,7 @@ <uses-library android:name="android.test.runner" /> <uses-library android:name="android.test.runner" /> </application> </application> <instrumentation android:name="android.test.InstrumentationTestRunner" <instrumentation android:name="androidx.test.runner.AndroidJUnitRunner" android:targetPackage="android.security.net.config" android:targetPackage="android.security.net.config" android:label="ANSC Tests"> android:label="ANSC Tests"> </instrumentation> </instrumentation> Loading tests/NetworkSecurityConfigTest/AndroidTest.xml 0 → 100644 +13 −0 Original line number Original line Diff line number Diff line <?xml version="1.0" encoding="utf-8"?> <!-- Copyright (C) 2025 The Android Open Source Project --> <configuration description="Config for NetworkSecurityConfigTests"> <option name="test-suite-tag" value="apct" /> <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller"> <option name="cleanup-apks" value="true" /> <option name="test-file-name" value="NetworkSecurityConfigTests.apk" /> </target_preparer> <test class="com.android.tradefed.testtype.AndroidJUnitTest" > <option name="package" value="android.security.net.config" /> </test> </configuration> No newline at end of file tests/NetworkSecurityConfigTest/src/android/security/net/config/NetworkSecurityConfigTests.java +21 −8 Original line number Original line Diff line number Diff line Loading @@ -16,13 +16,16 @@ package android.security.net.config; package android.security.net.config; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import android.app.Activity; import android.app.Activity; import android.content.pm.ApplicationInfo; import android.content.pm.ApplicationInfo; import android.os.Build; import android.os.Build; import android.test.ActivityUnitTestCase; import android.util.ArraySet; import android.util.ArraySet; import android.util.Pair; import android.util.Pair; import androidx.test.ext.junit.runners.AndroidJUnit4; import com.android.org.conscrypt.TrustedCertificateStore; import com.android.org.conscrypt.TrustedCertificateStore; import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream; Loading @@ -33,12 +36,11 @@ import java.util.HashSet; import java.util.Set; import java.util.Set; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext; import org.junit.Test; import org.junit.runner.RunWith; public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { @RunWith(AndroidJUnit4.class) public class NetworkSecurityConfigTests { public NetworkSecurityConfigTests() { super(Activity.class); } // SHA-256 of the GTS intermediate CA (CN = WR2) for android.com (as of 01/2025). // SHA-256 of the GTS intermediate CA (CN = WR2) for android.com (as of 01/2025). private static final byte[] GTS_INTERMEDIATE_SPKI_SHA256 = private static final byte[] GTS_INTERMEDIATE_SPKI_SHA256 = Loading Loading @@ -116,6 +118,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { .build(); .build(); } } @Test public void testEmptyConfig() throws Exception { public void testEmptyConfig() throws Exception { ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); Loading @@ -125,6 +128,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionFails(context, "android.com", 443); TestUtils.assertConnectionFails(context, "android.com", 443); } } @Test public void testEmptyPerNetworkSecurityConfig() throws Exception { public void testEmptyPerNetworkSecurityConfig() throws Exception { ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); Loading @@ -136,6 +140,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "google.com", 443); TestUtils.assertConnectionSucceeds(context, "google.com", 443); } } @Test public void testBadPin() throws Exception { public void testBadPin() throws Exception { ArraySet<Pin> pins = new ArraySet<Pin>(); ArraySet<Pin> pins = new ArraySet<Pin>(); pins.add(new Pin("SHA-256", new byte[0])); pins.add(new Pin("SHA-256", new byte[0])); Loading @@ -155,6 +160,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "google.com", 443); TestUtils.assertConnectionSucceeds(context, "google.com", 443); } } @Test public void testGoodPin() throws Exception { public void testGoodPin() throws Exception { ArraySet<Pin> pins = new ArraySet<Pin>(); ArraySet<Pin> pins = new ArraySet<Pin>(); pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256)); pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256)); Loading @@ -174,6 +180,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443); TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443); } } @Test public void testOverridePins() throws Exception { public void testOverridePins() throws Exception { // Use a bad pin + granting the system CA store the ability to override pins. // Use a bad pin + granting the system CA store the ability to override pins. ArraySet<Pin> pins = new ArraySet<Pin>(); ArraySet<Pin> pins = new ArraySet<Pin>(); Loading @@ -193,6 +200,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "android.com", 443); TestUtils.assertConnectionSucceeds(context, "android.com", 443); } } @Test public void testMostSpecificNetworkSecurityConfig() throws Exception { public void testMostSpecificNetworkSecurityConfig() throws Exception { ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); Loading @@ -206,6 +214,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443); TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443); } } @Test public void testSubdomainIncluded() throws Exception { public void testSubdomainIncluded() throws Exception { // First try connecting to a subdomain of a domain entry that includes subdomains. // First try connecting to a subdomain of a domain entry that includes subdomains. ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap Loading @@ -223,15 +232,17 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionFails(context, "developer.android.com", 443); TestUtils.assertConnectionFails(context, "developer.android.com", 443); } } @Test public void testConfigBuilderUsesParents() throws Exception { public void testConfigBuilderUsesParents() throws Exception { // Check that a builder with a parent uses the parent's values when non is set. // Check that a builder with a parent uses the parent's values when non is set. NetworkSecurityConfig config = new NetworkSecurityConfig.Builder() NetworkSecurityConfig config = new NetworkSecurityConfig.Builder() .setParent(NetworkSecurityConfig .setParent(NetworkSecurityConfig .getDefaultBuilder(TestUtils.makeApplicationInfo())) .getDefaultBuilder(TestUtils.makeApplicationInfo())) .build(); .build(); assert(!config.getTrustAnchors().isEmpty()); assertFalse(config.getTrustAnchors().isEmpty()); } } @Test public void testConfigBuilderParentLoop() throws Exception { public void testConfigBuilderParentLoop() throws Exception { NetworkSecurityConfig.Builder config1 = new NetworkSecurityConfig.Builder(); NetworkSecurityConfig.Builder config1 = new NetworkSecurityConfig.Builder(); NetworkSecurityConfig.Builder config2 = new NetworkSecurityConfig.Builder(); NetworkSecurityConfig.Builder config2 = new NetworkSecurityConfig.Builder(); Loading @@ -243,6 +254,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { } } } } @Test public void testWithUrlConnection() throws Exception { public void testWithUrlConnection() throws Exception { ArraySet<Pin> pins = new ArraySet<Pin>(); ArraySet<Pin> pins = new ArraySet<Pin>(); pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256)); pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256)); Loading @@ -263,6 +275,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertUrlConnectionFails(context, "google.com", 443); TestUtils.assertUrlConnectionFails(context, "google.com", 443); } } @Test public void testUserAddedCaOptIn() throws Exception { public void testUserAddedCaOptIn() throws Exception { TrustedCertificateStore store = new TrustedCertificateStore(); TrustedCertificateStore store = new TrustedCertificateStore(); try { try { Loading tests/NetworkSecurityConfigTest/src/android/security/net/config/XmlConfigTests.java +98 −50 File changed.Preview size limit exceeded, changes collapsed. Show changes Loading
tests/NetworkSecurityConfigTest/Android.bp +7 −2 Original line number Original line Diff line number Diff line Loading @@ -12,9 +12,14 @@ android_test { certificate: "platform", certificate: "platform", libs: [ libs: [ "android.test.base.stubs.system", "android.test.base.stubs.system", "android.test.runner.stubs.system", ], ], static_libs: ["junit"], static_libs: [ "androidx.test.ext.junit", "androidx.test.runner", "flag-junit", "junit", "platform-compat-test-rules", ], // Include all test java files. // Include all test java files. srcs: ["src/**/*.java"], srcs: ["src/**/*.java"], platform_apis: true, platform_apis: true, Loading
tests/NetworkSecurityConfigTest/AndroidManifest.xml +1 −1 Original line number Original line Diff line number Diff line Loading @@ -22,7 +22,7 @@ <uses-library android:name="android.test.runner" /> <uses-library android:name="android.test.runner" /> </application> </application> <instrumentation android:name="android.test.InstrumentationTestRunner" <instrumentation android:name="androidx.test.runner.AndroidJUnitRunner" android:targetPackage="android.security.net.config" android:targetPackage="android.security.net.config" android:label="ANSC Tests"> android:label="ANSC Tests"> </instrumentation> </instrumentation> Loading
tests/NetworkSecurityConfigTest/AndroidTest.xml 0 → 100644 +13 −0 Original line number Original line Diff line number Diff line <?xml version="1.0" encoding="utf-8"?> <!-- Copyright (C) 2025 The Android Open Source Project --> <configuration description="Config for NetworkSecurityConfigTests"> <option name="test-suite-tag" value="apct" /> <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller"> <option name="cleanup-apks" value="true" /> <option name="test-file-name" value="NetworkSecurityConfigTests.apk" /> </target_preparer> <test class="com.android.tradefed.testtype.AndroidJUnitTest" > <option name="package" value="android.security.net.config" /> </test> </configuration> No newline at end of file
tests/NetworkSecurityConfigTest/src/android/security/net/config/NetworkSecurityConfigTests.java +21 −8 Original line number Original line Diff line number Diff line Loading @@ -16,13 +16,16 @@ package android.security.net.config; package android.security.net.config; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import android.app.Activity; import android.app.Activity; import android.content.pm.ApplicationInfo; import android.content.pm.ApplicationInfo; import android.os.Build; import android.os.Build; import android.test.ActivityUnitTestCase; import android.util.ArraySet; import android.util.ArraySet; import android.util.Pair; import android.util.Pair; import androidx.test.ext.junit.runners.AndroidJUnit4; import com.android.org.conscrypt.TrustedCertificateStore; import com.android.org.conscrypt.TrustedCertificateStore; import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream; Loading @@ -33,12 +36,11 @@ import java.util.HashSet; import java.util.Set; import java.util.Set; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext; import org.junit.Test; import org.junit.runner.RunWith; public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { @RunWith(AndroidJUnit4.class) public class NetworkSecurityConfigTests { public NetworkSecurityConfigTests() { super(Activity.class); } // SHA-256 of the GTS intermediate CA (CN = WR2) for android.com (as of 01/2025). // SHA-256 of the GTS intermediate CA (CN = WR2) for android.com (as of 01/2025). private static final byte[] GTS_INTERMEDIATE_SPKI_SHA256 = private static final byte[] GTS_INTERMEDIATE_SPKI_SHA256 = Loading Loading @@ -116,6 +118,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { .build(); .build(); } } @Test public void testEmptyConfig() throws Exception { public void testEmptyConfig() throws Exception { ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); Loading @@ -125,6 +128,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionFails(context, "android.com", 443); TestUtils.assertConnectionFails(context, "android.com", 443); } } @Test public void testEmptyPerNetworkSecurityConfig() throws Exception { public void testEmptyPerNetworkSecurityConfig() throws Exception { ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); Loading @@ -136,6 +140,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "google.com", 443); TestUtils.assertConnectionSucceeds(context, "google.com", 443); } } @Test public void testBadPin() throws Exception { public void testBadPin() throws Exception { ArraySet<Pin> pins = new ArraySet<Pin>(); ArraySet<Pin> pins = new ArraySet<Pin>(); pins.add(new Pin("SHA-256", new byte[0])); pins.add(new Pin("SHA-256", new byte[0])); Loading @@ -155,6 +160,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "google.com", 443); TestUtils.assertConnectionSucceeds(context, "google.com", 443); } } @Test public void testGoodPin() throws Exception { public void testGoodPin() throws Exception { ArraySet<Pin> pins = new ArraySet<Pin>(); ArraySet<Pin> pins = new ArraySet<Pin>(); pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256)); pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256)); Loading @@ -174,6 +180,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443); TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443); } } @Test public void testOverridePins() throws Exception { public void testOverridePins() throws Exception { // Use a bad pin + granting the system CA store the ability to override pins. // Use a bad pin + granting the system CA store the ability to override pins. ArraySet<Pin> pins = new ArraySet<Pin>(); ArraySet<Pin> pins = new ArraySet<Pin>(); Loading @@ -193,6 +200,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "android.com", 443); TestUtils.assertConnectionSucceeds(context, "android.com", 443); } } @Test public void testMostSpecificNetworkSecurityConfig() throws Exception { public void testMostSpecificNetworkSecurityConfig() throws Exception { ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); = new ArraySet<Pair<Domain, NetworkSecurityConfig>>(); Loading @@ -206,6 +214,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443); TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443); } } @Test public void testSubdomainIncluded() throws Exception { public void testSubdomainIncluded() throws Exception { // First try connecting to a subdomain of a domain entry that includes subdomains. // First try connecting to a subdomain of a domain entry that includes subdomains. ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap ArraySet<Pair<Domain, NetworkSecurityConfig>> domainMap Loading @@ -223,15 +232,17 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertConnectionFails(context, "developer.android.com", 443); TestUtils.assertConnectionFails(context, "developer.android.com", 443); } } @Test public void testConfigBuilderUsesParents() throws Exception { public void testConfigBuilderUsesParents() throws Exception { // Check that a builder with a parent uses the parent's values when non is set. // Check that a builder with a parent uses the parent's values when non is set. NetworkSecurityConfig config = new NetworkSecurityConfig.Builder() NetworkSecurityConfig config = new NetworkSecurityConfig.Builder() .setParent(NetworkSecurityConfig .setParent(NetworkSecurityConfig .getDefaultBuilder(TestUtils.makeApplicationInfo())) .getDefaultBuilder(TestUtils.makeApplicationInfo())) .build(); .build(); assert(!config.getTrustAnchors().isEmpty()); assertFalse(config.getTrustAnchors().isEmpty()); } } @Test public void testConfigBuilderParentLoop() throws Exception { public void testConfigBuilderParentLoop() throws Exception { NetworkSecurityConfig.Builder config1 = new NetworkSecurityConfig.Builder(); NetworkSecurityConfig.Builder config1 = new NetworkSecurityConfig.Builder(); NetworkSecurityConfig.Builder config2 = new NetworkSecurityConfig.Builder(); NetworkSecurityConfig.Builder config2 = new NetworkSecurityConfig.Builder(); Loading @@ -243,6 +254,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { } } } } @Test public void testWithUrlConnection() throws Exception { public void testWithUrlConnection() throws Exception { ArraySet<Pin> pins = new ArraySet<Pin>(); ArraySet<Pin> pins = new ArraySet<Pin>(); pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256)); pins.add(new Pin("SHA-256", GTS_INTERMEDIATE_SPKI_SHA256)); Loading @@ -263,6 +275,7 @@ public class NetworkSecurityConfigTests extends ActivityUnitTestCase<Activity> { TestUtils.assertUrlConnectionFails(context, "google.com", 443); TestUtils.assertUrlConnectionFails(context, "google.com", 443); } } @Test public void testUserAddedCaOptIn() throws Exception { public void testUserAddedCaOptIn() throws Exception { TrustedCertificateStore store = new TrustedCertificateStore(); TrustedCertificateStore store = new TrustedCertificateStore(); try { try { Loading
tests/NetworkSecurityConfigTest/src/android/security/net/config/XmlConfigTests.java +98 −50 File changed.Preview size limit exceeded, changes collapsed. Show changes
