/* * Copyright (C) 2016 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License */ package android.net.wifi; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import android.net.wifi.WifiEnterpriseConfig.Eap; import android.net.wifi.WifiEnterpriseConfig.Phase2; import android.os.Parcel; import android.security.Credentials; import android.test.suitebuilder.annotation.SmallTest; import org.junit.Before; import org.junit.Test; import java.security.cert.X509Certificate; /** * Unit tests for {@link android.net.wifi.WifiEnterpriseConfig}. */ @SmallTest public class WifiEnterpriseConfigTest { // Maintain a ground truth of the keystore uri prefix which is expected by wpa_supplicant. public static final String KEYSTORE_URI = "keystore://"; public static final String CA_CERT_PREFIX = KEYSTORE_URI + Credentials.CA_CERTIFICATE; public static final String KEYSTORES_URI = "keystores://"; private WifiEnterpriseConfig mEnterpriseConfig; @Before public void setUp() throws Exception { mEnterpriseConfig = new WifiEnterpriseConfig(); } @Test public void testSetGetSingleCaCertificate() { X509Certificate cert0 = FakeKeys.CA_CERT0; mEnterpriseConfig.setCaCertificate(cert0); assertEquals(mEnterpriseConfig.getCaCertificate(), cert0); } @Test public void testSetGetMultipleCaCertificates() { X509Certificate cert0 = FakeKeys.CA_CERT0; X509Certificate cert1 = FakeKeys.CA_CERT1; mEnterpriseConfig.setCaCertificates(new X509Certificate[] {cert0, cert1}); X509Certificate[] result = mEnterpriseConfig.getCaCertificates(); assertEquals(result.length, 2); assertTrue(result[0] == cert0 && result[1] == cert1); } @Test public void testSaveSingleCaCertificateAlias() { final String alias = "single_alias 0"; mEnterpriseConfig.setCaCertificateAliases(new String[] {alias}); assertEquals(getCaCertField(), CA_CERT_PREFIX + alias); } @Test public void testLoadSingleCaCertificateAlias() { final String alias = "single_alias 1"; setCaCertField(CA_CERT_PREFIX + alias); String[] aliases = mEnterpriseConfig.getCaCertificateAliases(); assertEquals(aliases.length, 1); assertEquals(aliases[0], alias); } @Test public void testSaveMultipleCaCertificates() { final String alias0 = "single_alias 0"; final String alias1 = "single_alias 1"; mEnterpriseConfig.setCaCertificateAliases(new String[] {alias0, alias1}); assertEquals(getCaCertField(), String.format("%s%s %s", KEYSTORES_URI, WifiEnterpriseConfig.encodeCaCertificateAlias(Credentials.CA_CERTIFICATE + alias0), WifiEnterpriseConfig.encodeCaCertificateAlias(Credentials.CA_CERTIFICATE + alias1))); } @Test public void testLoadMultipleCaCertificates() { final String alias0 = "single_alias 0"; final String alias1 = "single_alias 1"; setCaCertField(String.format("%s%s %s", KEYSTORES_URI, WifiEnterpriseConfig.encodeCaCertificateAlias(Credentials.CA_CERTIFICATE + alias0), WifiEnterpriseConfig.encodeCaCertificateAlias(Credentials.CA_CERTIFICATE + alias1))); String[] aliases = mEnterpriseConfig.getCaCertificateAliases(); assertEquals(aliases.length, 2); assertEquals(aliases[0], alias0); assertEquals(aliases[1], alias1); } private String getCaCertField() { return mEnterpriseConfig.getFieldValue(WifiEnterpriseConfig.CA_CERT_KEY, ""); } private void setCaCertField(String value) { mEnterpriseConfig.setFieldValue(WifiEnterpriseConfig.CA_CERT_KEY, value); } // Retrieves the value for a specific key supplied to wpa_supplicant. private class SupplicantConfigExtractor implements WifiEnterpriseConfig.SupplicantSaver { private String mValue = null; private String mKey; SupplicantConfigExtractor(String key) { mKey = key; } @Override public boolean saveValue(String key, String value) { if (key.equals(mKey)) { mValue = value; } return true; } public String getValue() { return mValue; } } private String getSupplicantEapMethod() { SupplicantConfigExtractor entryExtractor = new SupplicantConfigExtractor( WifiEnterpriseConfig.EAP_KEY); mEnterpriseConfig.saveToSupplicant(entryExtractor); return entryExtractor.getValue(); } private String getSupplicantPhase2Method() { SupplicantConfigExtractor entryExtractor = new SupplicantConfigExtractor( WifiEnterpriseConfig.PHASE2_KEY); mEnterpriseConfig.saveToSupplicant(entryExtractor); return entryExtractor.getValue(); } /** Verifies the default value for EAP outer and inner methods */ @Test public void eapInnerDefault() { assertEquals(null, getSupplicantEapMethod()); assertEquals(null, getSupplicantPhase2Method()); } /** Verifies that the EAP inner method is reset when we switch to TLS */ @Test public void eapPhase2MethodForTls() { // Initially select an EAP method that supports an phase2. mEnterpriseConfig.setEapMethod(Eap.PEAP); mEnterpriseConfig.setPhase2Method(Phase2.MSCHAPV2); assertEquals("PEAP", getSupplicantEapMethod()); assertEquals("\"auth=MSCHAPV2\"", getSupplicantPhase2Method()); // Change the EAP method to another type which supports a phase2. mEnterpriseConfig.setEapMethod(Eap.TTLS); assertEquals("TTLS", getSupplicantEapMethod()); assertEquals("\"auth=MSCHAPV2\"", getSupplicantPhase2Method()); // Change the EAP method to TLS which does not support a phase2. mEnterpriseConfig.setEapMethod(Eap.TLS); assertEquals(null, getSupplicantPhase2Method()); } /** Verfies that the EAP inner method is reset when we switch phase2 to NONE */ @Test public void eapPhase2None() { // Initially select an EAP method that supports an phase2. mEnterpriseConfig.setEapMethod(Eap.PEAP); mEnterpriseConfig.setPhase2Method(Phase2.MSCHAPV2); assertEquals("PEAP", getSupplicantEapMethod()); assertEquals("\"auth=MSCHAPV2\"", getSupplicantPhase2Method()); // Change the phase2 method to NONE and ensure the value is cleared. mEnterpriseConfig.setPhase2Method(Phase2.NONE); assertEquals(null, getSupplicantPhase2Method()); } /** Verfies that the correct "autheap" parameter is supplied for TTLS/GTC. */ @Test public void peapGtcToTtls() { mEnterpriseConfig.setEapMethod(Eap.PEAP); mEnterpriseConfig.setPhase2Method(Phase2.GTC); assertEquals("PEAP", getSupplicantEapMethod()); assertEquals("\"auth=GTC\"", getSupplicantPhase2Method()); mEnterpriseConfig.setEapMethod(Eap.TTLS); assertEquals("TTLS", getSupplicantEapMethod()); assertEquals("\"autheap=GTC\"", getSupplicantPhase2Method()); } /** Verfies that the correct "auth" parameter is supplied for PEAP/GTC. */ @Test public void ttlsGtcToPeap() { mEnterpriseConfig.setEapMethod(Eap.TTLS); mEnterpriseConfig.setPhase2Method(Phase2.GTC); assertEquals("TTLS", getSupplicantEapMethod()); assertEquals("\"autheap=GTC\"", getSupplicantPhase2Method()); mEnterpriseConfig.setEapMethod(Eap.PEAP); assertEquals("PEAP", getSupplicantEapMethod()); assertEquals("\"auth=GTC\"", getSupplicantPhase2Method()); } /** Verfies that the copy constructor preseves the inner method information. */ @Test public void copyConstructor() { WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig(); enterpriseConfig.setEapMethod(Eap.TTLS); enterpriseConfig.setPhase2Method(Phase2.GTC); mEnterpriseConfig = new WifiEnterpriseConfig(enterpriseConfig); assertEquals("TTLS", getSupplicantEapMethod()); assertEquals("\"autheap=GTC\"", getSupplicantPhase2Method()); } /** Verfies that parceling a WifiEnterpriseConfig preseves method information. */ @Test public void parcelConstructor() { WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig(); enterpriseConfig.setEapMethod(Eap.TTLS); enterpriseConfig.setPhase2Method(Phase2.GTC); Parcel parcel = Parcel.obtain(); enterpriseConfig.writeToParcel(parcel, 0); parcel.setDataPosition(0); // Allow parcel to be read from the beginning. mEnterpriseConfig = WifiEnterpriseConfig.CREATOR.createFromParcel(parcel); assertEquals("TTLS", getSupplicantEapMethod()); assertEquals("\"autheap=GTC\"", getSupplicantPhase2Method()); } /** Verifies proper operation of the getKeyId() method. */ @Test public void getKeyId() { assertEquals("NULL", mEnterpriseConfig.getKeyId(null)); WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig(); enterpriseConfig.setEapMethod(Eap.TTLS); enterpriseConfig.setPhase2Method(Phase2.GTC); assertEquals("TTLS_GTC", mEnterpriseConfig.getKeyId(enterpriseConfig)); mEnterpriseConfig.setEapMethod(Eap.PEAP); mEnterpriseConfig.setPhase2Method(Phase2.MSCHAPV2); assertEquals("PEAP_MSCHAPV2", mEnterpriseConfig.getKeyId(enterpriseConfig)); } /** Verifies that passwords are not displayed in toString. */ @Test public void passwordNotInToString() { String password = "supersecret"; mEnterpriseConfig.setPassword(password); assertFalse(mEnterpriseConfig.toString().contains(password)); } }