• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2021 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.ipsec.ike.cts;
18 
19 import static android.app.AppOpsManager.OP_MANAGE_IPSEC_TUNNELS;
20 
21 import android.net.ipsec.ike.ChildSessionParams;
22 import android.net.ipsec.ike.IkeFqdnIdentification;
23 import android.net.ipsec.ike.IkeSaProposal;
24 import android.net.ipsec.ike.IkeSession;
25 import android.net.ipsec.ike.IkeSessionParams;
26 
27 import org.junit.AfterClass;
28 import org.junit.BeforeClass;
29 
30 import java.net.InetAddress;
31 
32 abstract class IkeSessionPskTestBase extends IkeSessionTestBase {
33     @BeforeClass
setUpTunnelPermissionBeforeClass()34     public static void setUpTunnelPermissionBeforeClass() throws Exception {
35         // Under normal circumstances, the MANAGE_IPSEC_TUNNELS appop would be auto-granted, and
36         // a standard permission is insufficient. So we shell out the appop, to give us the
37         // right appop permissions.
38         setAppOp(OP_MANAGE_IPSEC_TUNNELS, true);
39     }
40 
41     // This method is guaranteed to run in subclasses and will run after subclasses' @AfterClass
42     // methods.
43     @AfterClass
tearDownTunnelPermissionAfterClass()44     public static void tearDownTunnelPermissionAfterClass() throws Exception {
45         setAppOp(OP_MANAGE_IPSEC_TUNNELS, false);
46     }
47 
openIkeSessionWithTunnelModeChild(InetAddress remoteAddress)48     protected IkeSession openIkeSessionWithTunnelModeChild(InetAddress remoteAddress) {
49         return openIkeSession(remoteAddress, buildTunnelModeChildSessionParams());
50     }
51 
openIkeSessionWithTunnelModeChild( InetAddress remoteAddress, IkeSessionParams ikeParams)52     protected IkeSession openIkeSessionWithTunnelModeChild(
53             InetAddress remoteAddress, IkeSessionParams ikeParams) {
54         return openIkeSession(remoteAddress, ikeParams, buildTunnelModeChildSessionParams());
55     }
56 
openIkeSessionWithTransportModeChild(InetAddress remoteAddress)57     protected IkeSession openIkeSessionWithTransportModeChild(InetAddress remoteAddress) {
58         return openIkeSession(remoteAddress, buildTransportModeChildParamsWithDefaultTs());
59     }
60 
createIkeParamsBuilderBase(InetAddress remoteAddress)61     protected IkeSessionParams.Builder createIkeParamsBuilderBase(InetAddress remoteAddress) {
62         return createIkeParamsBuilderBase(
63                 remoteAddress,
64                 SaProposalTest.buildIkeSaProposalWithNormalModeCipher(),
65                 SaProposalTest.buildIkeSaProposalWithCombinedModeCipher());
66     }
67 
createIkeParamsBuilderBase( InetAddress remoteAddress, IkeSaProposal... saProposals)68     protected IkeSessionParams.Builder createIkeParamsBuilderBase(
69             InetAddress remoteAddress, IkeSaProposal... saProposals) {
70         final IkeSessionParams.Builder builder =
71                 new IkeSessionParams.Builder(sContext)
72                         .setNetwork(mTunNetworkContext.tunNetwork)
73                         .setServerHostname(remoteAddress.getHostAddress())
74                         .setLocalIdentification(new IkeFqdnIdentification(LOCAL_HOSTNAME))
75                         .setRemoteIdentification(new IkeFqdnIdentification(REMOTE_HOSTNAME))
76                         .setAuthPsk(IKE_PSK);
77 
78         for (IkeSaProposal saProposal : saProposals) {
79             builder.addSaProposal(saProposal);
80         }
81 
82         return builder;
83     }
84 
getIkeSessionParams(InetAddress remoteAddress)85     protected abstract IkeSessionParams getIkeSessionParams(InetAddress remoteAddress);
86 
openIkeSession(InetAddress remoteAddress, ChildSessionParams childParams)87     private IkeSession openIkeSession(InetAddress remoteAddress, ChildSessionParams childParams) {
88         return openIkeSession(remoteAddress, getIkeSessionParams(remoteAddress), childParams);
89     }
90 
openIkeSession( InetAddress remoteAddress, IkeSessionParams ikeParams, ChildSessionParams childParams)91     private IkeSession openIkeSession(
92             InetAddress remoteAddress, IkeSessionParams ikeParams, ChildSessionParams childParams) {
93         return new IkeSession(
94                 sContext,
95                 ikeParams,
96                 childParams,
97                 mUserCbExecutor,
98                 mIkeSessionCallback,
99                 mFirstChildSessionCallback);
100     }
101 }
102