diff options
author | Cody Kesting <ckesting@google.com> | 2019-10-15 14:13:30 -0700 |
---|---|---|
committer | Cody Kesting <ckesting@google.com> | 2019-10-23 07:39:54 -0700 |
commit | 798a36db104ebd4e526ce4034dc9410723dac343 (patch) | |
tree | 6a0ad47f80bf3174a7f0343ddad39b789c7b3b70 /tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes | |
parent | 34607d248c0fee387e59bc7bce1e176061091632 (diff) | |
download | ike-798a36db104ebd4e526ce4034dc9410723dac343.tar.gz |
Implement AT_BIDDING for EAP-AKA'.
EAP-AKA' defines AT_BIDDING in RFC 5448#4 for use by EAP-AKA to prevent
bidding down attacks. This attribute is defined in
EapAkaAttributeFactory as it will be received in the EAP-AKA protocol
(not during EAP-AKA').
Bug: 142663198
Test: added AtBiddingTest.
Test: atest FrameworksIkeTests
Change-Id: Ib9f2befab1c4338f30b0dfa28905be32a703084e
Diffstat (limited to 'tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes')
2 files changed, 103 insertions, 0 deletions
diff --git a/tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes/AtBiddingTest.java b/tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes/AtBiddingTest.java new file mode 100644 index 00000000..3e6374e8 --- /dev/null +++ b/tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes/AtBiddingTest.java @@ -0,0 +1,99 @@ +/* + * Copyright (C) 2019 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.ike.eap.message.simaka.attributes; + +import static com.android.ike.eap.message.simaka.EapSimAkaAttribute.EAP_AT_BIDDING; +import static com.android.ike.eap.message.simaka.attributes.EapTestAttributeDefinitions.AT_BIDDING_DOES_NOT_SUPPORT_AKA_PRIME; +import static com.android.ike.eap.message.simaka.attributes.EapTestAttributeDefinitions.AT_BIDDING_INVALID_LENGTH; +import static com.android.ike.eap.message.simaka.attributes.EapTestAttributeDefinitions.AT_BIDDING_SUPPORTS_AKA_PRIME; + +import static org.junit.Assert.assertArrayEquals; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import com.android.ike.eap.exceptions.simaka.EapSimAkaInvalidAttributeException; +import com.android.ike.eap.message.simaka.EapAkaAttributeFactory; +import com.android.ike.eap.message.simaka.EapSimAkaAttribute; +import com.android.ike.eap.message.simaka.EapSimAkaAttribute.AtBidding; + +import org.junit.Before; +import org.junit.Test; + +import java.nio.ByteBuffer; + +public class AtBiddingTest { + private EapAkaAttributeFactory mAttributeFactory; + + @Before + public void setUp() { + mAttributeFactory = EapAkaAttributeFactory.getInstance(); + } + + @Test + public void testDecodeServerSupportsAkaPrime() throws Exception { + ByteBuffer input = ByteBuffer.wrap(AT_BIDDING_SUPPORTS_AKA_PRIME); + EapSimAkaAttribute result = mAttributeFactory.getAttribute(input); + + assertFalse(input.hasRemaining()); + AtBidding atBidding = (AtBidding) result; + assertEquals(EAP_AT_BIDDING, atBidding.attributeType); + assertEquals(AT_BIDDING_SUPPORTS_AKA_PRIME.length, atBidding.lengthInBytes); + assertTrue(atBidding.doesServerSupportEapAkaPrime); + } + + @Test + public void testDecodeDoesNotSupportAkaPrime() throws Exception { + ByteBuffer input = ByteBuffer.wrap(AT_BIDDING_DOES_NOT_SUPPORT_AKA_PRIME); + EapSimAkaAttribute result = mAttributeFactory.getAttribute(input); + + assertFalse(input.hasRemaining()); + AtBidding atBidding = (AtBidding) result; + assertEquals(EAP_AT_BIDDING, atBidding.attributeType); + assertEquals(AT_BIDDING_DOES_NOT_SUPPORT_AKA_PRIME.length, atBidding.lengthInBytes); + assertFalse(atBidding.doesServerSupportEapAkaPrime); + } + + @Test + public void testDecodeInvalidLength() throws Exception { + ByteBuffer input = ByteBuffer.wrap(AT_BIDDING_INVALID_LENGTH); + try { + mAttributeFactory.getAttribute(input); + fail("Expected EapSimAkaInvalidAttributeException for invalid length"); + } catch (EapSimAkaInvalidAttributeException expected) { + } + } + + @Test + public void testEncodeServerSupportsAkaPrime() throws Exception { + AtBidding atBidding = new AtBidding(true); + + ByteBuffer result = ByteBuffer.allocate(AT_BIDDING_SUPPORTS_AKA_PRIME.length); + atBidding.encode(result); + assertArrayEquals(AT_BIDDING_SUPPORTS_AKA_PRIME, result.array()); + } + + @Test + public void testEncodeDoesNotSupportAkaPrime() throws Exception { + AtBidding atBidding = new AtBidding(false); + + ByteBuffer result = ByteBuffer.allocate(AT_BIDDING_DOES_NOT_SUPPORT_AKA_PRIME.length); + atBidding.encode(result); + assertArrayEquals(AT_BIDDING_DOES_NOT_SUPPORT_AKA_PRIME, result.array()); + } +} diff --git a/tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes/EapTestAttributeDefinitions.java b/tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes/EapTestAttributeDefinitions.java index b9007131..01a7da1d 100644 --- a/tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes/EapTestAttributeDefinitions.java +++ b/tests/iketests/src/java/com/android/ike/eap/message/simaka/attributes/EapTestAttributeDefinitions.java @@ -73,6 +73,9 @@ public class EapTestAttributeDefinitions { public static final String AUTS = "112233445566778899AABBCCDDEE"; public static final byte[] AUTS_BYTES = hexStringToByteArray(AUTS); public static final byte[] AT_AUTS = hexStringToByteArray("0404" + AUTS); + public static final byte[] AT_BIDDING_SUPPORTS_AKA_PRIME = hexStringToByteArray("88018000"); + public static final byte[] AT_BIDDING_DOES_NOT_SUPPORT_AKA_PRIME = + hexStringToByteArray("88010000"); // Network Name = "android.net" public static final String NETWORK_NAME_HEX = "616E64726F69642E6E6574"; @@ -113,4 +116,5 @@ public class EapTestAttributeDefinitions { hexStringToByteArray("0306008800112233445566778899AABBCCDDEEFF11000000"); public static final byte[] AT_AUTS_INVALID_LENGTH = hexStringToByteArray("03010000"); public static final byte[] AT_KDF_INVALID_LENGTH = hexStringToByteArray("18020001"); + public static final byte[] AT_BIDDING_INVALID_LENGTH = hexStringToByteArray("88020000"); } |