Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 90991d41 authored by Song Pan's avatar Song Pan
Browse files

Add unit test for parsing apks with two certificates. 

Bug:148373316
Test: atest AppIntegrityManagerServiceImpl
Change-Id: Ia6c8e28a09ded8e5695b02c9d93d13e321dfcbe7
parent 64fccfb3

services/tests/servicestests/src/com/android/server/integrity/AppIntegrityManagerServiceImplTest.java

+46 −0
Original line number Diff line number Diff line
@@ -40,6 +40,8 @@ import static org.mockito.Mockito.spy; 
import static org.mockito.Mockito.verify;

import static org.mockito.Mockito.when;



import static java.nio.file.StandardCopyOption.REPLACE_EXISTING;



import android.content.BroadcastReceiver;

import android.content.Context;

import android.content.Intent;
@@ -66,6 +68,7 @@ import com.android.server.integrity.engine.RuleEvaluationEngine; 
import com.android.server.integrity.model.IntegrityCheckResult;

import com.android.server.testutils.TestUtils;



import org.junit.After;

import org.junit.Before;

import org.junit.Test;

import org.junit.runner.RunWith;
@@ -77,6 +80,8 @@ import org.mockito.junit.MockitoRule; 


import java.io.File;

import java.io.IOException;

import java.io.InputStream;

import java.nio.file.Files;

import java.util.Arrays;

import java.util.List;

import java.util.Map;
@@ -87,6 +92,9 @@ public class AppIntegrityManagerServiceImplTest { 
    private static final String TEST_APP_PATH =

            "/data/local/tmp/AppIntegrityManagerServiceTestApp.apk";



    private static final String TEST_APP_TWO_CERT_PATH =

            "AppIntegrityManagerServiceImplTest/DummyAppTwoCerts.apk";



    private static final String PACKAGE_MIME_TYPE = "application/vnd.android.package-archive";

    private static final String VERSION = "version";

    private static final String TEST_FRAMEWORK_PACKAGE = "com.android.frameworks.servicestests";
@@ -105,6 +113,11 @@ public class AppIntegrityManagerServiceImplTest { 
    private static final String INSTALLER_SHA256 =

            "30F41A7CBF96EE736A54DD6DF759B50ED3CC126ABCEF694E167C324F5976C227";



    private static final String DUMMY_APP_TWO_CERTS_CERT_1 =

            "C0369C2A1096632429DFA8433068AECEAD00BAC337CA92A175036D39CC9AFE94";

    private static final String DUMMY_APP_TWO_CERTS_CERT_2 =

            "94366E0A80F3A3F0D8171A15760B88E228CD6E1101F0414C98878724FBE70147";



    private static final String PLAY_STORE_PKG = "com.android.vending";

    private static final String ADB_INSTALLER = "adb";

    private static final String PLAY_STORE_CERT = "play_store_cert";
@@ -128,6 +141,7 @@ public class AppIntegrityManagerServiceImplTest { 


    private PackageManager mSpyPackageManager;

    private File mTestApk;

    private File mTestApkTwoCerts;



    private final Context mRealContext = InstrumentationRegistry.getTargetContext();

    // under test
@@ -136,6 +150,10 @@ public class AppIntegrityManagerServiceImplTest { 
    @Before

    public void setup() throws Exception {

        mTestApk = new File(TEST_APP_PATH);

        mTestApkTwoCerts = File.createTempFile("AppIntegrity", ".apk");

        try (InputStream inputStream = mRealContext.getAssets().open(TEST_APP_TWO_CERT_PATH)) {

            Files.copy(inputStream, mTestApkTwoCerts.toPath(), REPLACE_EXISTING);

        }



        mService =

                new AppIntegrityManagerServiceImpl(
@@ -154,6 +172,11 @@ public class AppIntegrityManagerServiceImplTest { 
        when(mIntegrityFileManager.initialized()).thenReturn(true);

    }



    @After

    public void tearDown() throws Exception {

        mTestApkTwoCerts.delete();

    }



    @Test

    public void updateRuleSet_notAuthorized() throws Exception {

        makeUsSystemApp();
@@ -292,6 +315,29 @@ public class AppIntegrityManagerServiceImplTest { 
        assertEquals(INSTALLER_CERTIFICATE_NOT_EVALUATED, allowedInstallers.get(ADB_INSTALLER));

    }



    @Test

    public void handleBroadcast_correctArgs_multipleCerts() throws Exception {

        whitelistUsAsRuleProvider();

        makeUsSystemApp();

        ArgumentCaptor<BroadcastReceiver> broadcastReceiverCaptor =

                ArgumentCaptor.forClass(BroadcastReceiver.class);

        verify(mMockContext)

                .registerReceiver(broadcastReceiverCaptor.capture(), any(), any(), any());

        Intent intent = makeVerificationIntent();

        intent.setDataAndType(Uri.fromFile(mTestApkTwoCerts), PACKAGE_MIME_TYPE);

        when(mRuleEvaluationEngine.evaluate(any())).thenReturn(IntegrityCheckResult.allow());



        broadcastReceiverCaptor.getValue().onReceive(mMockContext, intent);

        runJobInHandler();



        ArgumentCaptor<AppInstallMetadata> metadataCaptor =

                ArgumentCaptor.forClass(AppInstallMetadata.class);

        verify(mRuleEvaluationEngine).evaluate(metadataCaptor.capture());

        AppInstallMetadata appInstallMetadata = metadataCaptor.getValue();

        assertThat(appInstallMetadata.getAppCertificates()).containsExactly(

                DUMMY_APP_TWO_CERTS_CERT_1, DUMMY_APP_TWO_CERTS_CERT_2);

    }



    @Test

    public void handleBroadcast_allow() throws Exception {

        whitelistUsAsRuleProvider();