1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.ipsec.ike.cts; 18 19 import static android.system.OsConstants.AF_INET; 20 import static android.system.OsConstants.AF_INET6; 21 22 import static org.junit.Assert.assertEquals; 23 import static org.junit.Assert.assertTrue; 24 25 import android.net.LinkAddress; 26 import android.net.ipsec.ike.ChildSaProposal; 27 import android.net.ipsec.ike.ChildSessionParams; 28 import android.net.ipsec.ike.TransportModeChildSessionParams; 29 import android.net.ipsec.ike.TunnelModeChildSessionParams; 30 import android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequestIpv4Address; 31 import android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequestIpv4DhcpServer; 32 import android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequestIpv4DnsServer; 33 import android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequestIpv4Netmask; 34 import android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequestIpv6Address; 35 import android.net.ipsec.ike.TunnelModeChildSessionParams.ConfigRequestIpv6DnsServer; 36 import android.net.ipsec.ike.TunnelModeChildSessionParams.TunnelModeChildConfigRequest; 37 38 import androidx.test.ext.junit.runners.AndroidJUnit4; 39 40 import org.junit.Test; 41 import org.junit.runner.RunWith; 42 43 import java.net.Inet4Address; 44 import java.util.Arrays; 45 import java.util.HashMap; 46 import java.util.HashSet; 47 import java.util.Map; 48 import java.util.Set; 49 import java.util.concurrent.TimeUnit; 50 51 @RunWith(AndroidJUnit4.class) 52 public class ChildSessionParamsTest extends IkeTestBase { 53 private static final int HARD_LIFETIME_SECONDS = (int) TimeUnit.HOURS.toSeconds(3L); 54 private static final int SOFT_LIFETIME_SECONDS = (int) TimeUnit.HOURS.toSeconds(1L); 55 56 // Random proposal. Content doesn't matter 57 private final ChildSaProposal mSaProposal = 58 SaProposalTest.buildChildSaProposalWithCombinedModeCipher(); 59 verifyTunnelModeChildParamsWithDefaultValues(ChildSessionParams childParams)60 private void verifyTunnelModeChildParamsWithDefaultValues(ChildSessionParams childParams) { 61 assertTrue(childParams instanceof TunnelModeChildSessionParams); 62 verifyChildParamsWithDefaultValues(childParams); 63 } 64 verifyTunnelModeChildParamsWithCustomizedValues(ChildSessionParams childParams)65 private void verifyTunnelModeChildParamsWithCustomizedValues(ChildSessionParams childParams) { 66 assertTrue(childParams instanceof TunnelModeChildSessionParams); 67 verifyChildParamsWithCustomizedValues(childParams); 68 } 69 verifyTransportModeChildParamsWithDefaultValues(ChildSessionParams childParams)70 private void verifyTransportModeChildParamsWithDefaultValues(ChildSessionParams childParams) { 71 assertTrue(childParams instanceof TransportModeChildSessionParams); 72 verifyChildParamsWithDefaultValues(childParams); 73 } 74 verifyTransportModeChildParamsWithCustomizedValues( ChildSessionParams childParams)75 private void verifyTransportModeChildParamsWithCustomizedValues( 76 ChildSessionParams childParams) { 77 assertTrue(childParams instanceof TransportModeChildSessionParams); 78 verifyChildParamsWithCustomizedValues(childParams); 79 } 80 verifyChildParamsWithDefaultValues(ChildSessionParams childParams)81 private void verifyChildParamsWithDefaultValues(ChildSessionParams childParams) { 82 assertEquals(Arrays.asList(mSaProposal), childParams.getSaProposals()); 83 84 // Do not do assertEquals to the default values to be avoid being a change-detector test 85 assertTrue(childParams.getHardLifetimeSeconds() > childParams.getSoftLifetimeSeconds()); 86 assertTrue(childParams.getSoftLifetimeSeconds() > 0); 87 88 assertEquals( 89 Arrays.asList(DEFAULT_V4_TS, DEFAULT_V6_TS), 90 childParams.getInboundTrafficSelectors()); 91 assertEquals( 92 Arrays.asList(DEFAULT_V4_TS, DEFAULT_V6_TS), 93 childParams.getOutboundTrafficSelectors()); 94 } 95 verifyChildParamsWithCustomizedValues(ChildSessionParams childParams)96 private void verifyChildParamsWithCustomizedValues(ChildSessionParams childParams) { 97 assertEquals(Arrays.asList(mSaProposal), childParams.getSaProposals()); 98 99 assertEquals(HARD_LIFETIME_SECONDS, childParams.getHardLifetimeSeconds()); 100 assertEquals(SOFT_LIFETIME_SECONDS, childParams.getSoftLifetimeSeconds()); 101 102 assertEquals( 103 Arrays.asList(INBOUND_V4_TS, INBOUND_V6_TS), 104 childParams.getInboundTrafficSelectors()); 105 assertEquals( 106 Arrays.asList(OUTBOUND_V4_TS, OUTBOUND_V6_TS), 107 childParams.getOutboundTrafficSelectors()); 108 } 109 110 @Test testBuildTransportModeParamsWithDefaultValues()111 public void testBuildTransportModeParamsWithDefaultValues() { 112 TransportModeChildSessionParams childParams = 113 new TransportModeChildSessionParams.Builder().addSaProposal(mSaProposal).build(); 114 115 verifyTransportModeChildParamsWithDefaultValues(childParams); 116 } 117 118 @Test testBuildTunnelModeParamsWithDefaultValues()119 public void testBuildTunnelModeParamsWithDefaultValues() { 120 TunnelModeChildSessionParams childParams = 121 new TunnelModeChildSessionParams.Builder().addSaProposal(mSaProposal).build(); 122 123 verifyTunnelModeChildParamsWithDefaultValues(childParams); 124 assertTrue(childParams.getConfigurationRequests().isEmpty()); 125 } 126 127 @Test testBuildTransportModeParamsWithTransportModeParams()128 public void testBuildTransportModeParamsWithTransportModeParams() { 129 TransportModeChildSessionParams childParams = 130 new TransportModeChildSessionParams.Builder().addSaProposal(mSaProposal).build(); 131 TransportModeChildSessionParams result = 132 new TransportModeChildSessionParams.Builder(childParams).build(); 133 134 assertEquals(childParams, result); 135 } 136 137 @Test testBuildTunnelModeParamsWithTunnelModeParams()138 public void testBuildTunnelModeParamsWithTunnelModeParams() { 139 TunnelModeChildSessionParams childParams = 140 new TunnelModeChildSessionParams.Builder().addSaProposal(mSaProposal).build(); 141 TunnelModeChildSessionParams result = 142 new TunnelModeChildSessionParams.Builder(childParams).build(); 143 144 assertEquals(childParams, result); 145 } 146 147 @Test testBuildTransportModeParamsWithCustomizedValues()148 public void testBuildTransportModeParamsWithCustomizedValues() { 149 TransportModeChildSessionParams childParams = 150 new TransportModeChildSessionParams.Builder() 151 .addSaProposal(mSaProposal) 152 .setLifetimeSeconds(HARD_LIFETIME_SECONDS, SOFT_LIFETIME_SECONDS) 153 .addInboundTrafficSelectors(INBOUND_V4_TS) 154 .addInboundTrafficSelectors(INBOUND_V6_TS) 155 .addOutboundTrafficSelectors(OUTBOUND_V4_TS) 156 .addOutboundTrafficSelectors(OUTBOUND_V6_TS) 157 .build(); 158 159 verifyTransportModeChildParamsWithCustomizedValues(childParams); 160 } 161 162 @Test testBuildTunnelModeParamsWithCustomizedValues()163 public void testBuildTunnelModeParamsWithCustomizedValues() { 164 TunnelModeChildSessionParams childParams = 165 new TunnelModeChildSessionParams.Builder() 166 .addSaProposal(mSaProposal) 167 .setLifetimeSeconds(HARD_LIFETIME_SECONDS, SOFT_LIFETIME_SECONDS) 168 .addInboundTrafficSelectors(INBOUND_V4_TS) 169 .addInboundTrafficSelectors(INBOUND_V6_TS) 170 .addOutboundTrafficSelectors(OUTBOUND_V4_TS) 171 .addOutboundTrafficSelectors(OUTBOUND_V6_TS) 172 .build(); 173 174 verifyTunnelModeChildParamsWithCustomizedValues(childParams); 175 } 176 177 @Test testBuildChildSessionParamsWithConfigReq()178 public void testBuildChildSessionParamsWithConfigReq() { 179 TunnelModeChildSessionParams childParams = 180 new TunnelModeChildSessionParams.Builder() 181 .addSaProposal(mSaProposal) 182 .addInternalAddressRequest(AF_INET) 183 .addInternalAddressRequest(AF_INET6) 184 .addInternalAddressRequest(AF_INET6) 185 .addInternalAddressRequest(IPV4_ADDRESS_REMOTE) 186 .addInternalAddressRequest(IPV6_ADDRESS_REMOTE, IP6_PREFIX_LEN) 187 .addInternalDnsServerRequest(AF_INET) 188 .addInternalDnsServerRequest(AF_INET6) 189 .addInternalDhcpServerRequest(AF_INET) 190 .addInternalDhcpServerRequest(AF_INET) 191 .build(); 192 193 verifyTunnelModeChildParamsWithDefaultValues(childParams); 194 195 // Verify config request types and number of requests for each type 196 Map<Class<? extends TunnelModeChildConfigRequest>, Integer> expectedAttributeCounts = 197 new HashMap<>(); 198 expectedAttributeCounts.put(ConfigRequestIpv4Address.class, 2); 199 expectedAttributeCounts.put(ConfigRequestIpv6Address.class, 3); 200 expectedAttributeCounts.put(ConfigRequestIpv4Netmask.class, 1); 201 expectedAttributeCounts.put(ConfigRequestIpv4DnsServer.class, 1); 202 expectedAttributeCounts.put(ConfigRequestIpv6DnsServer.class, 1); 203 expectedAttributeCounts.put(ConfigRequestIpv4DhcpServer.class, 2); 204 verifyConfigRequestTypes(expectedAttributeCounts, childParams.getConfigurationRequests()); 205 206 // Verify specific IPv4 address request 207 Set<Inet4Address> expectedV4Addresses = new HashSet<>(); 208 expectedV4Addresses.add(IPV4_ADDRESS_REMOTE); 209 verifySpecificV4AddrConfigReq(expectedV4Addresses, childParams); 210 211 // Verify specific IPv6 address request 212 Set<LinkAddress> expectedV6Addresses = new HashSet<>(); 213 expectedV6Addresses.add(new LinkAddress(IPV6_ADDRESS_REMOTE, IP6_PREFIX_LEN)); 214 verifySpecificV6AddrConfigReq(expectedV6Addresses, childParams); 215 } 216 verifySpecificV4AddrConfigReq( Set<Inet4Address> expectedAddresses, TunnelModeChildSessionParams childParams)217 protected void verifySpecificV4AddrConfigReq( 218 Set<Inet4Address> expectedAddresses, TunnelModeChildSessionParams childParams) { 219 for (TunnelModeChildConfigRequest req : childParams.getConfigurationRequests()) { 220 if (req instanceof ConfigRequestIpv4Address 221 && ((ConfigRequestIpv4Address) req).getAddress() != null) { 222 Inet4Address address = ((ConfigRequestIpv4Address) req).getAddress(); 223 224 // Fail if expectedAddresses does not contain this address 225 assertTrue(expectedAddresses.remove(address)); 226 } 227 } 228 229 // Fail if any expected address is not found in result 230 assertTrue(expectedAddresses.isEmpty()); 231 } 232 verifySpecificV6AddrConfigReq( Set<LinkAddress> expectedAddresses, TunnelModeChildSessionParams childParams)233 protected void verifySpecificV6AddrConfigReq( 234 Set<LinkAddress> expectedAddresses, TunnelModeChildSessionParams childParams) { 235 for (TunnelModeChildConfigRequest req : childParams.getConfigurationRequests()) { 236 if (req instanceof ConfigRequestIpv6Address 237 && ((ConfigRequestIpv6Address) req).getAddress() != null) { 238 ConfigRequestIpv6Address ipv6AddrReq = (ConfigRequestIpv6Address) req; 239 240 // Fail if expectedAddresses does not contain this address 241 LinkAddress address = 242 new LinkAddress(ipv6AddrReq.getAddress(), ipv6AddrReq.getPrefixLength()); 243 assertTrue(expectedAddresses.remove(address)); 244 } 245 } 246 247 // Fail if any expected address is not found in result 248 assertTrue(expectedAddresses.isEmpty()); 249 } 250 } 251