aboutsummaryrefslogtreecommitdiff
path: root/tests/iketests/src/java/com/android
diff options
context:
space:
mode:
authorevitayan <evitayan@google.com>2019-06-11 19:34:19 -0700
committerevitayan <evitayan@google.com>2019-06-17 19:52:54 -0700
commit1ca34d5653057b588aaacf240c6f6f8349585836 (patch)
tree7b3e1316116ec007364442918fbee7858f4bae0c /tests/iketests/src/java/com/android
parent73d4baae63e42eb3085ae873229f9052c81cb72a (diff)
downloadike-1ca34d5653057b588aaacf240c6f6f8349585836.tar.gz
Remove DH Transform for first Child
This commit allows users to propose DH Group for first Child SA negotiation. DH Group negotiation will not be done during initial creation but will be done during rekey Bug: 134625950 Test: atest FrameworksIkeTests Change-Id: I24f8fe40c2b5d2056331b7a1ff7a041708daa3d9
Diffstat (limited to 'tests/iketests/src/java/com/android')
-rw-r--r--tests/iketests/src/java/com/android/ike/ikev2/ChildSessionOptionsTest.java2
-rw-r--r--tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java2
-rw-r--r--tests/iketests/src/java/com/android/ike/ikev2/IkeSessionOptionsTest.java2
-rw-r--r--tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java2
-rw-r--r--tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java62
-rw-r--r--tests/iketests/src/java/com/android/ike/ikev2/message/IkeSaPayloadTest.java4
6 files changed, 27 insertions, 47 deletions
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionOptionsTest.java b/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionOptionsTest.java
index 3e8d3555..fab0e54a 100644
--- a/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionOptionsTest.java
+++ b/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionOptionsTest.java
@@ -30,7 +30,7 @@ public final class ChildSessionOptionsTest {
@Test
public void testBuild() throws Exception {
SaProposal saProposal =
- SaProposal.Builder.newChildSaProposalBuilder(true /*isFirstChildSaProposal*/)
+ SaProposal.Builder.newChildSaProposalBuilder()
.addEncryptionAlgorithm(
SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_12,
SaProposal.KEY_LEN_AES_128)
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java b/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java
index a2ea7f1c..b20a6ebb 100644
--- a/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java
+++ b/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java
@@ -181,7 +181,7 @@ public final class ChildSessionStateMachineTest {
private ChildSessionOptions buildChildSessionOptions() throws Exception {
SaProposal saProposal =
- SaProposal.Builder.newChildSaProposalBuilder(true /*isFirstChildSaProposal*/)
+ SaProposal.Builder.newChildSaProposalBuilder()
.addEncryptionAlgorithm(
SaProposal.ENCRYPTION_ALGORITHM_AES_CBC, SaProposal.KEY_LEN_AES_128)
.addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA1_96)
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionOptionsTest.java b/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionOptionsTest.java
index 10e34f9e..e2ab75e7 100644
--- a/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionOptionsTest.java
+++ b/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionOptionsTest.java
@@ -144,7 +144,7 @@ public final class IkeSessionOptionsTest {
@Test
public void testBuildWithChildSaProposal() throws Exception {
SaProposal saProposal =
- SaProposal.Builder.newChildSaProposalBuilder(true)
+ SaProposal.Builder.newChildSaProposalBuilder()
.addEncryptionAlgorithm(
SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_8,
SaProposal.KEY_LEN_AES_128)
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java b/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java
index 7a408290..ba41a08f 100644
--- a/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java
+++ b/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java
@@ -450,7 +450,7 @@ public final class IkeSessionStateMachineTest {
private ChildSessionOptions buildChildSessionOptions() throws Exception {
SaProposal saProposal =
- SaProposal.Builder.newChildSaProposalBuilder(true /*isFirstChildSaProposal*/)
+ SaProposal.Builder.newChildSaProposalBuilder()
.addEncryptionAlgorithm(
SaProposal.ENCRYPTION_ALGORITHM_AES_CBC, SaProposal.KEY_LEN_AES_128)
.addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA1_96)
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java b/tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java
index 7f40d729..1f841a48 100644
--- a/tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java
+++ b/tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java
@@ -102,46 +102,44 @@ public final class SaProposalTest {
}
@Test
- public void testBuildFirstChildSaProposalWithCombinedCipher() throws Exception {
- Builder builder = Builder.newChildSaProposalBuilder(true);
+ public void testBuildChildSaProposalWithNormalCipher() throws Exception {
+ Builder builder = Builder.newChildSaProposalBuilder();
+
SaProposal proposal =
- builder.addEncryptionAlgorithm(
- SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_8,
- SaProposal.KEY_LEN_AES_128)
+ builder.addEncryptionAlgorithm(SaProposal.ENCRYPTION_ALGORITHM_3DES)
.addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_NONE)
+ .addDhGroup(SaProposal.DH_GROUP_1024_BIT_MODP)
.build();
assertEquals(IkePayload.PROTOCOL_ID_ESP, proposal.getProtocolId());
assertArrayEquals(
- new EncryptionTransform[] {mEncryptionAesGcm8Transform},
+ new EncryptionTransform[] {mEncryption3DesTransform},
proposal.getEncryptionTransforms());
assertArrayEquals(
new IntegrityTransform[] {mIntegrityNoneTransform},
proposal.getIntegrityTransforms());
+ assertArrayEquals(
+ new DhGroupTransform[] {mDhGroup1024Transform}, proposal.getDhGroupTransforms());
assertTrue(proposal.getPrfTransforms().length == 0);
- assertTrue(proposal.getDhGroupTransforms().length == 0);
}
@Test
- public void testBuildAdditionalChildSaProposalWithNormalCipher() throws Exception {
- Builder builder = Builder.newChildSaProposalBuilder(false);
-
+ public void testGetCopyWithoutDhGroup() throws Exception {
SaProposal proposal =
- builder.addEncryptionAlgorithm(SaProposal.ENCRYPTION_ALGORITHM_3DES)
+ Builder.newChildSaProposalBuilder()
+ .addEncryptionAlgorithm(SaProposal.ENCRYPTION_ALGORITHM_3DES)
.addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_NONE)
.addDhGroup(SaProposal.DH_GROUP_1024_BIT_MODP)
.build();
+ SaProposal proposalWithoutDh = proposal.getCopyWithoutDhTransform();
- assertEquals(IkePayload.PROTOCOL_ID_ESP, proposal.getProtocolId());
assertArrayEquals(
- new EncryptionTransform[] {mEncryption3DesTransform},
- proposal.getEncryptionTransforms());
- assertArrayEquals(
- new IntegrityTransform[] {mIntegrityNoneTransform},
- proposal.getIntegrityTransforms());
+ proposal.getEncryptionTransforms(), proposalWithoutDh.getEncryptionTransforms());
assertArrayEquals(
- new DhGroupTransform[] {mDhGroup1024Transform}, proposal.getDhGroupTransforms());
- assertTrue(proposal.getPrfTransforms().length == 0);
+ proposal.getIntegrityTransforms(), proposalWithoutDh.getIntegrityTransforms());
+ assertArrayEquals(proposal.getPrfTransforms(), proposalWithoutDh.getPrfTransforms());
+ assertTrue(proposal.getDhGroupTransforms().length == 1);
+ assertTrue(proposalWithoutDh.getDhGroupTransforms().length == 0);
}
@Test
@@ -193,7 +191,7 @@ public final class SaProposalTest {
@Test
public void testBuildChildProposalWithPrf() throws Exception {
- Builder builder = Builder.newChildSaProposalBuilder(false);
+ Builder builder = Builder.newChildSaProposalBuilder();
try {
builder.addEncryptionAlgorithm(SaProposal.ENCRYPTION_ALGORITHM_3DES)
.addPseudorandomFunction(SaProposal.PSEUDORANDOM_FUNCTION_HMAC_SHA1)
@@ -209,7 +207,7 @@ public final class SaProposalTest {
// algorithm.
@Test
public void testBuildAeadWithIntegrityAlgo() throws Exception {
- Builder builder = Builder.newChildSaProposalBuilder(false);
+ Builder builder = Builder.newChildSaProposalBuilder();
try {
builder.addEncryptionAlgorithm(SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_12)
.addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_NONE)
@@ -226,7 +224,7 @@ public final class SaProposalTest {
// integrity algorithm.
@Test
public void testBuildIkeProposalNormalCipherWithoutIntegrityAlgo() throws Exception {
- Builder builder = Builder.newChildSaProposalBuilder(false);
+ Builder builder = Builder.newChildSaProposalBuilder();
try {
builder.addEncryptionAlgorithm(SaProposal.ENCRYPTION_ALGORITHM_3DES)
.addPseudorandomFunction(SaProposal.PSEUDORANDOM_FUNCTION_HMAC_SHA1)
@@ -244,7 +242,7 @@ public final class SaProposalTest {
// integrity algorithm.
@Test
public void testBuildIkeProposalNormalCipherWithNoneValueIntegrityAlgo() throws Exception {
- Builder builder = Builder.newChildSaProposalBuilder(false);
+ Builder builder = Builder.newChildSaProposalBuilder();
try {
builder.addEncryptionAlgorithm(SaProposal.ENCRYPTION_ALGORITHM_3DES)
.addPseudorandomFunction(SaProposal.PSEUDORANDOM_FUNCTION_HMAC_SHA1)
@@ -292,24 +290,6 @@ public final class SaProposalTest {
}
}
- // Test throwing exception when building first Child SA Proposal with not-none-value DH Group.
- @Test
- public void testBuildFirstChildProposalWithNotNoneValueDhGroup() throws Exception {
- Builder builder = Builder.newChildSaProposalBuilder(true);
- try {
- builder.addEncryptionAlgorithm(SaProposal.ENCRYPTION_ALGORITHM_3DES)
- .addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA1_96)
- .addDhGroup(SaProposal.DH_GROUP_1024_BIT_MODP)
- .build();
-
- fail(
- "Expected to fail when"
- + " not-none-value DH Group is proposed in first Child SA proposal.");
- } catch (IllegalArgumentException expected) {
-
- }
- }
-
@Test
public void testIsTransformSelectedFrom() throws Exception {
assertTrue(SaProposal.isTransformSelectedFrom(new Transform[0], new Transform[0]));
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeSaPayloadTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeSaPayloadTest.java
index 24cc11a3..fae4cd23 100644
--- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeSaPayloadTest.java
+++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeSaPayloadTest.java
@@ -207,13 +207,13 @@ public final class IkeSaPayloadTest {
mTwoIkeSaProposalsArray = new SaProposal[] {mIkeSaProposalOne, mIkeSaProposalTwo};
mChildSaProposalOne =
- SaProposal.Builder.newChildSaProposalBuilder(true /*isFirstChildSaProposal*/)
+ SaProposal.Builder.newChildSaProposalBuilder()
.addEncryptionAlgorithm(
SaProposal.ENCRYPTION_ALGORITHM_AES_CBC, SaProposal.KEY_LEN_AES_128)
.addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA1_96)
.build();
mChildSaProposalTwo =
- SaProposal.Builder.newChildSaProposalBuilder(true /*isFirstChildSaProposal*/)
+ SaProposal.Builder.newChildSaProposalBuilder()
.addEncryptionAlgorithm(
SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_8,
SaProposal.KEY_LEN_AES_128)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 09:26:40 +0000