13d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra/* 23d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * Copyright (C) 2012 The Android Open Source Project 33d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * 43d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * Licensed under the Apache License, Version 2.0 (the "License"); 53d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * you may not use this file except in compliance with the License. 63d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * You may obtain a copy of the License at 73d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * 83d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * http://www.apache.org/licenses/LICENSE-2.0 93d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * 103d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * Unless required by applicable law or agreed to in writing, software 113d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * distributed under the License is distributed on an "AS IS" BASIS, 123d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 133d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * See the License for the specific language governing permissions and 143d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * limitations under the License. 153d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra */ 163d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 173d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condrapackage com.android.server; 183d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 193d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport android.content.Context; 203d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport android.content.Intent; 213d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport android.test.AndroidTestCase; 223d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport android.provider.Settings; 233d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport android.util.Log; 243d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 253d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport java.io.File; 263d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport java.io.FileInputStream; 273d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport java.io.IOException; 283d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport java.util.HashSet; 293d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 303d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condraimport libcore.io.IoUtils; 313d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 323d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra/** 333d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra * Tests for {@link com.android.server.CertBlacklister} 343d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra */ 353d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condrapublic class CertBlacklisterTest extends AndroidTestCase { 363d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 373d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra private static final String BLACKLIST_ROOT = System.getenv("ANDROID_DATA") + "/misc/keychain/"; 383d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 393d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public static final String PUBKEY_PATH = BLACKLIST_ROOT + "pubkey_blacklist.txt"; 403d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public static final String SERIAL_PATH = BLACKLIST_ROOT + "serial_blacklist.txt"; 413d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 423d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public static final String PUBKEY_KEY = "pubkey_blacklist"; 433d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public static final String SERIAL_KEY = "serial_blacklist"; 443d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 453d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra private void overrideSettings(String key, String value) throws Exception { 463d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra Settings.Secure.putString(mContext.getContentResolver(), key, value); 473d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra Thread.sleep(1000); 483d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 493d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 503d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testClearBlacklistPubkey() throws Exception { 513d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // clear the gservices setting for a clean slate 523d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(PUBKEY_KEY, ""); 533d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // read the contents of the pubkey blacklist 543d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(PUBKEY_PATH); 553d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // Verify that it's empty 563d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals("", blacklist); 573d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 583d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 593d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testSetBlacklistPubkey() throws Exception { 603d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // build a new thing to blacklist 613d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badPubkey = "7ccabd7db47e94a5759901b6a7dfd45d1c091ccc"; 623d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // add the gservices override 633d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(PUBKEY_KEY, badPubkey); 643d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // check the contents again 653d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(PUBKEY_PATH); 663d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // make sure that we're equal to the string we sent out 673d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badPubkey, blacklist); 683d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 693d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 703d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testChangeBlacklistPubkey() throws Exception { 713d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badPubkey = "6ccabd7db47e94a5759901b6a7dfd45d1c091ccc"; 723d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(PUBKEY_KEY, badPubkey); 733d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra badPubkey = "6ccabd7db47e94a5759901b6a7dfd45d1c091cce"; 743d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(PUBKEY_KEY, badPubkey); 753d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(PUBKEY_PATH); 763d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badPubkey, blacklist); 773d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 783d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 793d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testMultiBlacklistPubkey() throws Exception { 803d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badPubkey = "6ccabd7db47e94a5759901b6a7dfd45d1c091ccc,6ccabd7db47e94a5759901b6a7dfd45d1c091ccd"; 813d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(PUBKEY_KEY, badPubkey); 823d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(PUBKEY_PATH); 833d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badPubkey, blacklist); 843d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 853d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 863d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testInvalidMultiBlacklistPubkey() throws Exception { 873d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badPubkey = "6ccabd7db47e94a5759901b6a7dfd45d1c091ccc,ZZZZZ,6ccabd7db47e94a5759901b6a7dfd45d1c091ccd"; 883d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(PUBKEY_KEY, badPubkey); 893d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(PUBKEY_PATH); 903d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badPubkey, blacklist); 913d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 923d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 933d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testInvalidCharsBlacklistPubkey() throws Exception { 943d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badPubkey = "\n6ccabd7db47e94a5759901b6a7dfd45d1c091ccc,-ZZZZZ,+6ccabd7db47e94a5759901b6a7dfd45d1c091ccd"; 953d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(PUBKEY_KEY, badPubkey); 963d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(PUBKEY_PATH); 973d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badPubkey, blacklist); 983d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 993d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 1003d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testLotsOfBlacklistedPubkeys() throws Exception { 1013d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra StringBuilder bl = new StringBuilder(); 1023d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra for (int i=0; i < 1000; i++) { 1033d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra bl.append("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc,"); 1043d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1053d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(PUBKEY_KEY, bl.toString()); 1063d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(PUBKEY_PATH); 1073d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(bl.toString(), blacklist); 1083d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1093d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 1103d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testClearBlacklistSerial() throws Exception { 1113d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // clear the gservices setting for a clean slate 1123d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(SERIAL_KEY, ""); 1133d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // read the contents of the pubkey blacklist 1143d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(SERIAL_PATH); 1153d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // Verify that it's empty 1163d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals("", blacklist); 1173d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1183d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 1193d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testSetBlacklistSerial() throws Exception { 1203d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // build a new thing to blacklist 1213d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badSerial = "22e514121e61c643b1e9b06bd4b9f7d0"; 1223d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // add the gservices override 1233d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(SERIAL_KEY, badSerial); 1243d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // check the contents again 1253d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(SERIAL_PATH); 1263d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra // make sure that we're equal to the string we sent out 1273d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badSerial, blacklist); 1283d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1293d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 1303d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testChangeBlacklistSerial() throws Exception { 1313d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badSerial = "22e514121e61c643b1e9b06bd4b9f7d0"; 1323d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(SERIAL_KEY, badSerial); 1333d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra badSerial = "22e514121e61c643b1e9b06bd4b9f7d1"; 1343d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(SERIAL_KEY, badSerial); 1353d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(SERIAL_PATH); 1363d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badSerial, blacklist); 1373d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1383d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 1393d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testMultiBlacklistSerial() throws Exception { 1403d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badSerial = "22e514121e61c643b1e9b06bd4b9f7d0,22e514121e61c643b1e9b06bd4b9f7d1"; 1413d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(SERIAL_KEY, badSerial); 1423d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(SERIAL_PATH); 1433d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badSerial, blacklist); 1443d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1453d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 1463d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testInvalidMultiBlacklistSerial() throws Exception { 1473d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badSerial = "22e514121e61c643b1e9b06bd4b9f7d0,ZZZZ,22e514121e61c643b1e9b06bd4b9f7d1"; 1483d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(SERIAL_KEY, badSerial); 1493d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(SERIAL_PATH); 1503d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badSerial, blacklist); 1513d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1523d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 1533d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testInvalidCharsBlacklistSerial() throws Exception { 1543d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String badSerial = "\n22e514121e61c643b1e9b06bd4b9f7d0,-ZZZZ,+22e514121e61c643b1e9b06bd4b9f7d1"; 1553d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(SERIAL_KEY, badSerial); 1563d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(SERIAL_PATH); 1573d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(badSerial, blacklist); 1583d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1593d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra 1603d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra public void testLotsOfBlacklistedSerials() throws Exception { 1613d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra StringBuilder bl = new StringBuilder(); 1623d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra for (int i=0; i < 1000; i++) { 1633d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra bl.append("22e514121e61c643b1e9b06bd4b9f7d0,"); 1643d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1653d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra overrideSettings(SERIAL_KEY, bl.toString()); 1663d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra String blacklist = IoUtils.readFileAsString(SERIAL_PATH); 1673d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra assertEquals(bl.toString(), blacklist); 1683d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra } 1693d33c268cc7f08ec3d2ec1aa535fa86dec458b2eGeremy Condra} 170