diff options
author | chiachangwang <chiachangwang@google.com> | 2022-09-02 03:52:04 +0000 |
---|---|---|
committer | Cherrypicker Worker <android-build-cherrypicker-worker@google.com> | 2022-09-20 03:39:34 +0000 |
commit | 3cd66c1abab456fb6a003ec6155f0ec2953cfed7 (patch) | |
tree | bcc1d809c56520909225c3478c30d3bdb69a2b7c | |
parent | 42126998cf9185b1602d3669367e63ca50e48085 (diff) | |
download | Connectivity-3cd66c1abab456fb6a003ec6155f0ec2953cfed7.tar.gz |
Verify converting to Vpnprofile with IkeTunnelConnectionParams set
Add test to verify converting Ikev2VpnProfile to Vpnprofile with
IkeTunnelConnectionParams set. Some fields like server should
not be set since the information should contain in the assigned
IkeTunnelConnectionParams.
Bug: 243718982
Test: atest FrameworksNetTests
Change-Id: Ie019ea98932a6d079f213e3bff45f21b44d3fa4e
(cherry picked from commit 4e953f63dd419fa7793d07857bcb281a499654f6)
Merged-In: Ie019ea98932a6d079f213e3bff45f21b44d3fa4e
-rw-r--r-- | tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java | 6 | ||||
-rw-r--r-- | tests/unit/java/android/net/Ikev2VpnProfileTest.java | 36 |
2 files changed, 42 insertions, 0 deletions
diff --git a/tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java b/tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java index 244bfc51fd..11eb466050 100644 --- a/tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java +++ b/tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java @@ -27,6 +27,7 @@ import static android.net.ipsec.ike.SaProposal.PSEUDORANDOM_FUNCTION_AES128_XCBC import android.net.InetAddresses; import android.net.ipsec.ike.ChildSaProposal; import android.net.ipsec.ike.IkeFqdnIdentification; +import android.net.ipsec.ike.IkeIdentification; import android.net.ipsec.ike.IkeIpv4AddrIdentification; import android.net.ipsec.ike.IkeIpv6AddrIdentification; import android.net.ipsec.ike.IkeSaProposal; @@ -57,6 +58,11 @@ public class IkeSessionTestUtils { } private static IkeSessionParams getTestIkeSessionParams(boolean testIpv6) { + return getTestIkeSessionParams(testIpv6, new IkeFqdnIdentification(TEST_IDENTITY)); + } + + public static IkeSessionParams getTestIkeSessionParams(boolean testIpv6, + IkeIdentification identification) { final String testServer = testIpv6 ? TEST_SERVER_ADDR_V6 : TEST_SERVER_ADDR_V4; final InetAddress addr = InetAddresses.parseNumericAddress(testServer); final IkeSessionParams.Builder ikeOptionsBuilder = diff --git a/tests/unit/java/android/net/Ikev2VpnProfileTest.java b/tests/unit/java/android/net/Ikev2VpnProfileTest.java index 2f5b0ab40b..3b681202c4 100644 --- a/tests/unit/java/android/net/Ikev2VpnProfileTest.java +++ b/tests/unit/java/android/net/Ikev2VpnProfileTest.java @@ -18,6 +18,7 @@ package android.net; import static android.net.cts.util.IkeSessionTestUtils.CHILD_PARAMS; import static android.net.cts.util.IkeSessionTestUtils.IKE_PARAMS_V6; +import static android.net.cts.util.IkeSessionTestUtils.getTestIkeSessionParams; import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2; @@ -28,6 +29,7 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +import android.net.ipsec.ike.IkeKeyIdIdentification; import android.net.ipsec.ike.IkeTunnelConnectionParams; import android.os.Build; import android.test.mock.MockContext; @@ -446,6 +448,40 @@ public class Ikev2VpnProfileTest { } @Test + public void testBuildWithIkeTunConnParamsConvertToVpnProfile() throws Exception { + // Special keyId that contains delimiter character of VpnProfile + final byte[] keyId = "foo\0bar".getBytes(); + final IkeTunnelConnectionParams tunnelParams = new IkeTunnelConnectionParams( + getTestIkeSessionParams(true /* testIpv6 */, new IkeKeyIdIdentification(keyId)), + CHILD_PARAMS); + final Ikev2VpnProfile ikev2VpnProfile = new Ikev2VpnProfile.Builder(tunnelParams).build(); + final VpnProfile vpnProfile = ikev2VpnProfile.toVpnProfile(); + + assertEquals(VpnProfile.TYPE_IKEV2_FROM_IKE_TUN_CONN_PARAMS, vpnProfile.type); + + // Username, password, server, ipsecIdentifier, ipsecCaCert, ipsecSecret, ipsecUserCert and + // getAllowedAlgorithms should not be set if IkeTunnelConnectionParams is set. + assertEquals("", vpnProfile.server); + assertEquals("", vpnProfile.ipsecIdentifier); + assertEquals("", vpnProfile.username); + assertEquals("", vpnProfile.password); + assertEquals("", vpnProfile.ipsecCaCert); + assertEquals("", vpnProfile.ipsecSecret); + assertEquals("", vpnProfile.ipsecUserCert); + assertEquals(0, vpnProfile.getAllowedAlgorithms().size()); + + // IkeTunnelConnectionParams should stay the same. + assertEquals(tunnelParams, vpnProfile.ikeTunConnParams); + + // Convert to disk-stable format and then back to Ikev2VpnProfile should be the same. + final VpnProfile decodedVpnProfile = + VpnProfile.decode(vpnProfile.key, vpnProfile.encode()); + final Ikev2VpnProfile convertedIkev2VpnProfile = + Ikev2VpnProfile.fromVpnProfile(decodedVpnProfile); + assertEquals(ikev2VpnProfile, convertedIkev2VpnProfile); + } + + @Test public void testConversionIsLosslessWithIkeTunConnParams() throws Exception { final IkeTunnelConnectionParams tunnelParams = new IkeTunnelConnectionParams(IKE_PARAMS_V6, CHILD_PARAMS); |