diff options
Diffstat (limited to 'tests/iketests/src/java/com')
6 files changed, 263 insertions, 47 deletions
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java b/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java index e81b17aa..1d760b7e 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/ChildSessionStateMachineTest.java @@ -63,12 +63,13 @@ public final class ChildSessionStateMachineTest { private ISaRecordHelper mMockSaRecordHelper; private IChildSessionCallback mMockChildSessionCallback; - private ChildSessionOptions mMockChildSessionOptions; + private ChildSessionOptions mChildSessionOptions; public ChildSessionStateMachineTest() { mMockSaRecordHelper = mock(SaRecord.ISaRecordHelper.class); mMockChildSessionCallback = mock(IChildSessionCallback.class); - mMockChildSessionOptions = mock(ChildSessionOptions.class); + + mChildSessionOptions = new ChildSessionOptions(); } @Before @@ -77,7 +78,7 @@ public final class ChildSessionStateMachineTest { mLooper = new TestLooper(); mChildSessionStateMachine = new ChildSessionStateMachine( - "ChildSessionStateMachine", mLooper.getLooper(), mMockChildSessionOptions); + "ChildSessionStateMachine", mLooper.getLooper(), mChildSessionOptions); mChildSessionStateMachine.setDbg(true); SaRecord.setSaRecordHelper(mMockSaRecordHelper); diff --git a/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java b/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java index e3ad450a..1dcf5b82 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/IkeSessionStateMachineTest.java @@ -17,6 +17,9 @@ package com.android.ike.ikev2; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotEquals; +import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.mockito.Matchers.any; import static org.mockito.Matchers.eq; @@ -26,8 +29,14 @@ import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; +import android.content.Context; +import android.net.IpSecManager; +import android.net.IpSecManager.UdpEncapsulationSocket; +import android.os.Looper; import android.os.test.TestLooper; +import androidx.test.InstrumentationRegistry; + import com.android.ike.ikev2.ChildSessionStateMachineFactory.ChildSessionFactoryHelper; import com.android.ike.ikev2.ChildSessionStateMachineFactory.IChildSessionFactoryHelper; import com.android.ike.ikev2.IkeSessionStateMachine.ReceivedIkePacket; @@ -43,26 +52,37 @@ import com.android.ike.ikev2.message.IkePayload; import org.junit.After; import org.junit.Before; import org.junit.Test; +import org.mockito.ArgumentCaptor; +import java.net.InetAddress; import java.util.LinkedList; +import java.util.List; public final class IkeSessionStateMachineTest { + private static final String SERVER_ADDRESS = "192.0.2.100"; + + private UdpEncapsulationSocket mUdpEncapSocket; + private TestLooper mLooper; private IkeSessionStateMachine mIkeSessionStateMachine; + private IkeSessionOptions mIkeSessionOptions; + private ChildSessionOptions mChildSessionOptions; + private IIkeMessageHelper mMockIkeMessageHelper; private ISaRecordHelper mMockSaRecordHelper; - private IkeSessionOptions mMockIkeSessionOptions; private ChildSessionStateMachine mMockChildSessionStateMachine; - private ChildSessionOptions mMockChildSessionOptions; private IChildSessionFactoryHelper mMockChildSessionFactoryHelper; private IkeSaRecord mSpyCurrentIkeSaRecord; private IkeSaRecord mSpyLocalInitIkeSaRecord; private IkeSaRecord mSpyRemoteInitIkeSaRecord; + private ArgumentCaptor<IkeMessage> mIkeMessageCaptor = + ArgumentCaptor.forClass(IkeMessage.class); + private ReceivedIkePacket makeDummyUnencryptedReceivedIkePacket(int packetType) throws Exception { IkeMessage dummyIkeMessage = makeDummyIkeMessageForTest(0, 0, false, false); @@ -83,7 +103,7 @@ public final class IkeSessionStateMachineTest { byte[] dummyIkePacketBytes = new byte[0]; when(mMockIkeMessageHelper.decode( - mMockIkeSessionOptions, + mIkeSessionOptions, ikeSaRecord, dummyIkeMessage.ikeHeader, dummyIkePacketBytes)) @@ -97,27 +117,21 @@ public final class IkeSessionStateMachineTest { int firstPayloadType = isEncrypted ? IkePayload.PAYLOAD_TYPE_SK : IkePayload.PAYLOAD_TYPE_NO_NEXT; IkeHeader header = - new IkeHeader(initSpi, respSpi, firstPayloadType, 0, true, fromikeInit, 0, 0); + new IkeHeader(initSpi, respSpi, firstPayloadType, 0, true, fromikeInit, 0); return new IkeMessage(header, new LinkedList<IkePayload>()); } private void verifyDecodeEncryptedMessage(IkeSaRecord record, ReceivedIkePacket rcvPacket) throws Exception { verify(mMockIkeMessageHelper) - .decode( - mMockIkeSessionOptions, - record, - rcvPacket.ikeHeader, - rcvPacket.ikePacketBytes); + .decode(mIkeSessionOptions, record, rcvPacket.ikeHeader, rcvPacket.ikePacketBytes); } public IkeSessionStateMachineTest() { mMockIkeMessageHelper = mock(IkeMessage.IIkeMessageHelper.class); mMockSaRecordHelper = mock(SaRecord.ISaRecordHelper.class); - mMockIkeSessionOptions = mock(IkeSessionOptions.class); mMockChildSessionStateMachine = mock(ChildSessionStateMachine.class); - mMockChildSessionOptions = mock(ChildSessionOptions.class); mMockChildSessionFactoryHelper = mock(IChildSessionFactoryHelper.class); mSpyCurrentIkeSaRecord = spy(new IkeSaRecord(11, 12, true, null, null)); @@ -131,17 +145,25 @@ public final class IkeSessionStateMachineTest { } @Before - public void setUp() { + public void setUp() throws Exception { + Context context = InstrumentationRegistry.getContext(); + IpSecManager ipSecManager = (IpSecManager) context.getSystemService(Context.IPSEC_SERVICE); + mUdpEncapSocket = ipSecManager.openUdpEncapsulationSocket(); + + mIkeSessionOptions = buildIkeSessionOptions(); + mChildSessionOptions = new ChildSessionOptions(); + // Setup thread and looper mLooper = new TestLooper(); mIkeSessionStateMachine = new IkeSessionStateMachine( "IkeSessionStateMachine", mLooper.getLooper(), - mMockIkeSessionOptions, - mMockChildSessionOptions); + mIkeSessionOptions, + mChildSessionOptions); mIkeSessionStateMachine.setDbg(true); mIkeSessionStateMachine.start(); + IkeMessage.setIkeMessageHelper(mMockIkeMessageHelper); SaRecord.setSaRecordHelper(mMockSaRecordHelper); ChildSessionStateMachineFactory.setChildSessionFactoryHelper( @@ -149,17 +171,46 @@ public final class IkeSessionStateMachineTest { } @After - public void tearDown() { + public void tearDown() throws Exception { mIkeSessionStateMachine.quit(); mIkeSessionStateMachine.setDbg(false); + mUdpEncapSocket.close(); + IkeMessage.setIkeMessageHelper(new IkeMessageHelper()); SaRecord.setSaRecordHelper(new SaRecordHelper()); ChildSessionStateMachineFactory.setChildSessionFactoryHelper( new ChildSessionFactoryHelper()); } + private IkeSessionOptions buildIkeSessionOptions() throws Exception { + SaProposal saProposal = + SaProposal.Builder.newIkeSaProposalBuilder() + .addEncryptionAlgorithm( + SaProposal.ENCRYPTION_ALGORITHM_AES_CBC, SaProposal.KEY_LEN_AES_128) + .addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA1_96) + .addPseudorandomFunction(SaProposal.PSEUDORANDOM_FUNCTION_HMAC_SHA1) + .addDhGroup(SaProposal.DH_GROUP_1024_BIT_MODP) + .build(); + + InetAddress serveAddress = InetAddress.getByName(SERVER_ADDRESS); + IkeSessionOptions sessionOptions = + new IkeSessionOptions.Builder(serveAddress, mUdpEncapSocket) + .addSaProposal(saProposal) + .build(); + return sessionOptions; + } + + private static boolean isIkePayloadExist( + List<IkePayload> payloadList, @IkePayload.PayloadType int payloadType) { + for (IkePayload payload : payloadList) { + if (payload.payloadType == payloadType) return true; + } + return false; + } + @Test public void testCreateIkeLocalIkeInit() throws Exception { + if (Looper.myLooper() == null) Looper.myLooper().prepare(); // Mock IKE_INIT response. ReceivedIkePacket dummyReceivedIkePacket = makeDummyUnencryptedReceivedIkePacket(IkeMessage.MESSAGE_TYPE_IKE_INIT_RESP); @@ -171,15 +222,37 @@ public final class IkeSessionStateMachineTest { IkeSessionStateMachine.CMD_RECEIVE_IKE_PACKET, dummyReceivedIkePacket); mLooper.dispatchAll(); + + // Validate outbound IKE INIT request + verify(mMockIkeMessageHelper).encode(mIkeMessageCaptor.capture()); + IkeMessage ikeInitReqMessage = mIkeMessageCaptor.getValue(); + + IkeHeader ikeHeader = ikeInitReqMessage.ikeHeader; + assertEquals(IkeHeader.EXCHANGE_TYPE_IKE_SA_INIT, ikeHeader.exchangeType); + assertFalse(ikeHeader.isResponseMsg); + assertTrue(ikeHeader.fromIkeInitiator); + + List<IkePayload> payloadList = ikeInitReqMessage.ikePayloadList; + assertTrue(isIkePayloadExist(payloadList, IkePayload.PAYLOAD_TYPE_SA)); + assertTrue(isIkePayloadExist(payloadList, IkePayload.PAYLOAD_TYPE_KE)); + assertTrue(isIkePayloadExist(payloadList, IkePayload.PAYLOAD_TYPE_NONCE)); + + IkeSocket ikeSocket = mIkeSessionStateMachine.mIkeSocket; + assertNotNull(ikeSocket); + assertNotEquals( + -1 /*not found*/, ikeSocket.mSpiToIkeSession.indexOfValue(mIkeSessionStateMachine)); + verify(mMockIkeMessageHelper) .decode(dummyReceivedIkePacket.ikeHeader, dummyReceivedIkePacket.ikePacketBytes); verify(mMockIkeMessageHelper).getMessageType(any()); + assertTrue( mIkeSessionStateMachine.getCurrentState() instanceof IkeSessionStateMachine.CreateIkeLocalIkeAuth); } private void mockIkeSetup() throws Exception { + if (Looper.myLooper() == null) Looper.myLooper().prepare(); // Mock IKE_INIT response ReceivedIkePacket dummyIkeInitRespReceivedPacket = makeDummyUnencryptedReceivedIkePacket(IkeMessage.MESSAGE_TYPE_IKE_INIT_RESP); diff --git a/tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java b/tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java index 428c028d..7f40d729 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/SaProposalTest.java @@ -66,16 +66,17 @@ public final class SaProposalTest { .addDhGroup(SaProposal.DH_GROUP_1024_BIT_MODP) .build(); - assertEquals(IkePayload.PROTOCOL_ID_IKE, proposal.mProtocolId); + assertEquals(IkePayload.PROTOCOL_ID_IKE, proposal.getProtocolId()); assertArrayEquals( new EncryptionTransform[] {mEncryption3DesTransform}, - proposal.mEncryptionAlgorithms); + proposal.getEncryptionTransforms()); assertArrayEquals( new IntegrityTransform[] {mIntegrityHmacSha1Transform}, - proposal.mIntegrityAlgorithms); + proposal.getIntegrityTransforms()); assertArrayEquals( - new PrfTransform[] {mPrfAes128XCbcTransform}, proposal.mPseudorandomFunctions); - assertArrayEquals(new DhGroupTransform[] {mDhGroup1024Transform}, proposal.mDhGroups); + new PrfTransform[] {mPrfAes128XCbcTransform}, proposal.getPrfTransforms()); + assertArrayEquals( + new DhGroupTransform[] {mDhGroup1024Transform}, proposal.getDhGroupTransforms()); } @Test @@ -89,14 +90,15 @@ public final class SaProposalTest { .addDhGroup(SaProposal.DH_GROUP_1024_BIT_MODP) .build(); - assertEquals(IkePayload.PROTOCOL_ID_IKE, proposal.mProtocolId); + assertEquals(IkePayload.PROTOCOL_ID_IKE, proposal.getProtocolId()); assertArrayEquals( new EncryptionTransform[] {mEncryptionAesGcm8Transform}, - proposal.mEncryptionAlgorithms); + proposal.getEncryptionTransforms()); + assertArrayEquals( + new PrfTransform[] {mPrfAes128XCbcTransform}, proposal.getPrfTransforms()); assertArrayEquals( - new PrfTransform[] {mPrfAes128XCbcTransform}, proposal.mPseudorandomFunctions); - assertArrayEquals(new DhGroupTransform[] {mDhGroup1024Transform}, proposal.mDhGroups); - assertTrue(proposal.mIntegrityAlgorithms.length == 0); + new DhGroupTransform[] {mDhGroup1024Transform}, proposal.getDhGroupTransforms()); + assertTrue(proposal.getIntegrityTransforms().length == 0); } @Test @@ -109,14 +111,15 @@ public final class SaProposalTest { .addIntegrityAlgorithm(SaProposal.INTEGRITY_ALGORITHM_NONE) .build(); - assertEquals(IkePayload.PROTOCOL_ID_ESP, proposal.mProtocolId); + assertEquals(IkePayload.PROTOCOL_ID_ESP, proposal.getProtocolId()); assertArrayEquals( new EncryptionTransform[] {mEncryptionAesGcm8Transform}, - proposal.mEncryptionAlgorithms); + proposal.getEncryptionTransforms()); assertArrayEquals( - new IntegrityTransform[] {mIntegrityNoneTransform}, proposal.mIntegrityAlgorithms); - assertTrue(proposal.mPseudorandomFunctions.length == 0); - assertTrue(proposal.mDhGroups.length == 0); + new IntegrityTransform[] {mIntegrityNoneTransform}, + proposal.getIntegrityTransforms()); + assertTrue(proposal.getPrfTransforms().length == 0); + assertTrue(proposal.getDhGroupTransforms().length == 0); } @Test @@ -129,14 +132,16 @@ public final class SaProposalTest { .addDhGroup(SaProposal.DH_GROUP_1024_BIT_MODP) .build(); - assertEquals(IkePayload.PROTOCOL_ID_ESP, proposal.mProtocolId); + assertEquals(IkePayload.PROTOCOL_ID_ESP, proposal.getProtocolId()); assertArrayEquals( new EncryptionTransform[] {mEncryption3DesTransform}, - proposal.mEncryptionAlgorithms); + proposal.getEncryptionTransforms()); + assertArrayEquals( + new IntegrityTransform[] {mIntegrityNoneTransform}, + proposal.getIntegrityTransforms()); assertArrayEquals( - new IntegrityTransform[] {mIntegrityNoneTransform}, proposal.mIntegrityAlgorithms); - assertArrayEquals(new DhGroupTransform[] {mDhGroup1024Transform}, proposal.mDhGroups); - assertTrue(proposal.mPseudorandomFunctions.length == 0); + new DhGroupTransform[] {mDhGroup1024Transform}, proposal.getDhGroupTransforms()); + assertTrue(proposal.getPrfTransforms().length == 0); } @Test diff --git a/tests/iketests/src/java/com/android/ike/ikev2/SaRecordTest.java b/tests/iketests/src/java/com/android/ike/ikev2/SaRecordTest.java new file mode 100644 index 00000000..5c61105c --- /dev/null +++ b/tests/iketests/src/java/com/android/ike/ikev2/SaRecordTest.java @@ -0,0 +1,138 @@ +/* + * Copyright (C) 2019 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.ike.ikev2; + +import static org.junit.Assert.assertArrayEquals; + +import com.android.ike.ikev2.message.TestUtils; + +import org.junit.Test; + +public final class SaRecordTest { + private static final String IKE_INIT_SPI = "5F54BF6D8B48E6E1"; + private static final String IKE_RESP_SPI = "909232B3D1EDCB5C"; + + private static final String IKE_NONCE_INIT_HEX_STRING = + "C39B7F368F4681B89FA9B7BE6465ABD7C5F68B6ED5D3B4C72CB4240EB5C46412"; + private static final String IKE_NONCE_RESP_HEX_STRING = + "9756112CA539F5C25ABACC7EE92B73091942A9C06950F98848F1AF1694C4DDFF"; + + private static final String IKE_SHARED_DH_KEY_HEX_STRING = + "C14155DEA40056BD9C76FB4819687B7A397582F4CD5AFF4B" + + "8F441C56E0C08C84234147A0BA249A555835A048E3CA2980" + + "7D057A61DD26EEFAD9AF9C01497005E52858E29FB42EB849" + + "6731DF96A11CCE1F51137A9A1B900FA81AEE7898E373D4E4" + + "8B899BBECA091314ECD4B6E412EF4B0FEF798F54735F3180" + + "7424A318287F20E8"; + + private static final String IKE_SKEYSEED_HEX_STRING = + "8C42F3B1F5F81C7BAAC5F33E9A4F01987B2F9657"; + private static final String IKE_SK_D_HEX_STRING = "C86B56EFCF684DCC2877578AEF3137167FE0EBF6"; + private static final String IKE_SK_AUTH_INIT_HEX_STRING = + "554FBF5A05B7F511E05A30CE23D874DB9EF55E51"; + private static final String IKE_SK_AUTH_RESP_HEX_STRING = + "36D83420788337CA32ECAA46892C48808DCD58B1"; + private static final String IKE_SK_ENCR_INIT_HEX_STRING = "5CBFD33F75796C0188C4A3A546AEC4A1"; + private static final String IKE_SK_ENCR_RESP_HEX_STRING = "C33B35FCF29514CD9D8B4A695E1A816E"; + private static final String IKE_SK_PRF_INIT_HEX_STRING = + "094787780EE466E2CB049FA327B43908BC57E485"; + private static final String IKE_SK_PRF_RESP_HEX_STRING = + "A30E6B08BE56C0E6BFF4744143C75219299E1BEB"; + private static final String IKE_KEY_MAT = + IKE_SK_D_HEX_STRING + + IKE_SK_AUTH_INIT_HEX_STRING + + IKE_SK_AUTH_RESP_HEX_STRING + + IKE_SK_ENCR_INIT_HEX_STRING + + IKE_SK_ENCR_RESP_HEX_STRING + + IKE_SK_PRF_INIT_HEX_STRING + + IKE_SK_PRF_RESP_HEX_STRING; + + private static final int IKE_AUTH_ALGO_KEY_LEN = 20; + private static final int IKE_ENCR_ALGO_KEY_LEN = 16; + private static final int IKE_PRF_KEY_LEN = 20; + private static final int IKE_SK_D_KEY_LEN = IKE_PRF_KEY_LEN; + + private static final String FIRST_CHILD_ENCR_INIT_HEX_STRING = + "1B865CEA6E2C23973E8C5452ADC5CD7D"; + private static final String FIRST_CHILD_ENCR_RESP_HEX_STRING = + "5E82FEDACC6DCB0756DDD7553907EBD1"; + private static final String FIRST_CHILD_AUTH_INIT_HEX_STRING = + "A7A5A44F7EF4409657206C7DC52B7E692593B51E"; + private static final String FIRST_CHILD_AUTH_RESP_HEX_STRING = + "CDE612189FD46DE870FAEC04F92B40B0BFDBD9E1"; + private static final String FIRST_CHILD_KEY_MAT = + FIRST_CHILD_ENCR_INIT_HEX_STRING + + FIRST_CHILD_AUTH_INIT_HEX_STRING + + FIRST_CHILD_ENCR_RESP_HEX_STRING + + FIRST_CHILD_AUTH_RESP_HEX_STRING; + + private static final int FIRST_CHILD_AUTH_ALGO_KEY_LEN = 20; + private static final int FIRST_CHILD_ENCR_ALGO_KEY_LEN = 16; + + private static final String PRF_HMAC_SHA1_ALGO_NAME = "HmacSHA1"; + + @Test + public void testCalculateSKeySeed() throws Exception { + byte[] nonceInit = TestUtils.hexStringToByteArray(IKE_NONCE_INIT_HEX_STRING); + byte[] nonceResp = TestUtils.hexStringToByteArray(IKE_NONCE_RESP_HEX_STRING); + byte[] sharedDhKey = TestUtils.hexStringToByteArray(IKE_SHARED_DH_KEY_HEX_STRING); + + byte[] calculatedSKeySeed = + SaRecord.generateSKeySeed( + PRF_HMAC_SHA1_ALGO_NAME, nonceInit, nonceResp, sharedDhKey); + + byte[] expectedSKeySeed = TestUtils.hexStringToByteArray(IKE_SKEYSEED_HEX_STRING); + assertArrayEquals(expectedSKeySeed, calculatedSKeySeed); + } + + @Test + public void testSignWithPrfPlusForIke() throws Exception { + byte[] prfKey = TestUtils.hexStringToByteArray(IKE_SKEYSEED_HEX_STRING); + byte[] prfData = + TestUtils.hexStringToByteArray( + IKE_NONCE_INIT_HEX_STRING + + IKE_NONCE_RESP_HEX_STRING + + IKE_INIT_SPI + + IKE_RESP_SPI); + int keyMaterialLen = + IKE_SK_D_KEY_LEN + + IKE_AUTH_ALGO_KEY_LEN * 2 + + IKE_ENCR_ALGO_KEY_LEN * 2 + + IKE_PRF_KEY_LEN * 2; + + byte[] calculatedKeyMat = + SaRecord.generateKeyMat(PRF_HMAC_SHA1_ALGO_NAME, prfKey, prfData, keyMaterialLen); + + byte[] expectedKeyMat = TestUtils.hexStringToByteArray(IKE_KEY_MAT); + assertArrayEquals(expectedKeyMat, calculatedKeyMat); + } + + @Test + public void testSignWithPrfPlusForFirstChild() throws Exception { + byte[] prfKey = TestUtils.hexStringToByteArray(IKE_SK_D_HEX_STRING); + byte[] prfData = + TestUtils.hexStringToByteArray( + IKE_NONCE_INIT_HEX_STRING + IKE_NONCE_RESP_HEX_STRING); + int keyMaterialLen = FIRST_CHILD_AUTH_ALGO_KEY_LEN * 2 + FIRST_CHILD_ENCR_ALGO_KEY_LEN * 2; + + byte[] calculatedKeyMat = + SaRecord.generateKeyMat(PRF_HMAC_SHA1_ALGO_NAME, prfKey, prfData, keyMaterialLen); + + byte[] expectedKeyMat = TestUtils.hexStringToByteArray(FIRST_CHILD_KEY_MAT); + assertArrayEquals(expectedKeyMat, calculatedKeyMat); + } +} diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java index 1bc52c3b..08b1612b 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java @@ -62,6 +62,7 @@ public final class IkeHeaderTest { private static final int IKE_MSG_ID = 0; private static final int IKE_MSG_LENGTH = 336; + private static final int IKE_MSG_BODY_LENGTH = IKE_MSG_LENGTH - IkeHeader.IKE_HEADER_LENGTH; // Byte offsets of version field in IKE message header. private static final int VERSION_OFFSET = 17; @@ -89,7 +90,7 @@ public final class IkeHeaderTest { assertFalse(header.isResponseMsg); assertTrue(header.fromIkeInitiator); assertEquals(IKE_MSG_ID, header.messageId); - assertEquals(IKE_MSG_LENGTH, header.messageLength); + assertEquals(IKE_MSG_LENGTH, header.getInboundMessageLength()); } @Test @@ -142,7 +143,7 @@ public final class IkeHeaderTest { IkeHeader header = new IkeHeader(inputPacket); ByteBuffer byteBuffer = ByteBuffer.allocate(IkeHeader.IKE_HEADER_LENGTH); - header.encodeToByteBuffer(byteBuffer); + header.encodeToByteBuffer(byteBuffer, IKE_MSG_BODY_LENGTH); byte[] expectedPacket = TestUtils.hexStringToByteArray(IKE_HEADER_HEX_STRING); assertArrayEquals(expectedPacket, byteBuffer.array()); diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeKePayloadTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeKePayloadTest.java index 4f45f26d..1bb0b709 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeKePayloadTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeKePayloadTest.java @@ -18,11 +18,10 @@ package com.android.ike.ikev2.message; import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; -import android.util.Pair; - import com.android.ike.ikev2.IkeDhParams; import com.android.ike.ikev2.SaProposal; import com.android.ike.ikev2.exceptions.InvalidSyntaxException; @@ -100,6 +99,7 @@ public final class IkeKePayloadTest { IkeKePayload payload = new IkeKePayload(CRITICAL_BIT, inputPacket); + assertFalse(payload.isOutbound); assertEquals(EXPECTED_DH_GROUP, payload.dhGroup); byte[] keyExchangeData = TestUtils.hexStringToByteArray(KEY_EXCHANGE_DATA_RAW_PACKET); @@ -138,11 +138,11 @@ public final class IkeKePayloadTest { @Test public void testGetIkeKePayload() throws Exception { - Pair<DHPrivateKeySpec, IkeKePayload> pair = - IkeKePayload.getKePayload(SaProposal.DH_GROUP_1024_BIT_MODP); + IkeKePayload payload = new IkeKePayload(SaProposal.DH_GROUP_1024_BIT_MODP); // Test DHPrivateKeySpec - DHPrivateKeySpec privateKeySpec = pair.first; + assertTrue(payload.isOutbound); + DHPrivateKeySpec privateKeySpec = payload.localPrivateKey; BigInteger primeValue = privateKeySpec.getP(); BigInteger expectedPrimeValue = new BigInteger(IkeDhParams.PRIME_1024_BIT_MODP, 16); @@ -153,8 +153,6 @@ public final class IkeKePayloadTest { assertEquals(0, expectedGenValue.compareTo(genValue)); // Test IkeKePayload - IkeKePayload payload = pair.second; - assertEquals(EXPECTED_DH_GROUP, payload.dhGroup); assertEquals(EXPECTED_KE_DATA_LEN, payload.keyExchangeData.length); } |