• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2022 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.trust.test
18 
19 import android.content.pm.PackageManager
20 import android.service.trust.GrantTrustResult
21 import android.trust.BaseTrustAgentService
22 import android.trust.TrustTestActivity
23 import android.trust.test.lib.LockStateTrackingRule
24 import android.trust.test.lib.ScreenLockRule
25 import android.trust.test.lib.TrustAgentRule
26 import androidx.test.ext.junit.rules.ActivityScenarioRule
27 import androidx.test.ext.junit.runners.AndroidJUnit4
28 import androidx.test.platform.app.InstrumentationRegistry.getInstrumentation
29 import androidx.test.uiautomator.UiDevice
30 import com.android.server.testutils.mock
31 import org.junit.Assume.assumeFalse
32 import org.junit.Before
33 import org.junit.Rule
34 import org.junit.Test
35 import org.junit.rules.RuleChain
36 import org.junit.runner.RunWith
37 import org.mockito.Mockito.verifyNoMoreInteractions
38 
39 /**
40  * Test for testing revokeTrust & grantTrust for non-renewable trust.
41  *
42  * atest TrustTests:GrantAndRevokeTrustTest
43  */
44 @RunWith(AndroidJUnit4::class)
45 class GrantAndRevokeTrustTest {
46     private val uiDevice = UiDevice.getInstance(getInstrumentation())
47     private val activityScenarioRule = ActivityScenarioRule(TrustTestActivity::class.java)
48     private val lockStateTrackingRule = LockStateTrackingRule()
49     private val trustAgentRule = TrustAgentRule<GrantAndRevokeTrustAgent>()
50     private val packageManager = getInstrumentation().getTargetContext().getPackageManager()
51 
52     @get:Rule
53     val rule: RuleChain = RuleChain
54         .outerRule(activityScenarioRule)
55         .around(ScreenLockRule())
56         .around(lockStateTrackingRule)
57         .around(trustAgentRule)
58 
59     @Before
manageTrustnull60     fun manageTrust() {
61         trustAgentRule.agent.setManagingTrust(true)
62     }
63 
64     // This test serves a baseline for Grant tests, verifying that the default behavior of the
65     // device is to lock when put to sleep
66     @Test
sleepingDeviceWithoutGrantLocksDevicenull67     fun sleepingDeviceWithoutGrantLocksDevice() {
68         uiDevice.sleep()
69 
70         lockStateTrackingRule.assertLocked()
71     }
72 
73     @Test
grantKeepsDeviceUnlockednull74     fun grantKeepsDeviceUnlocked() {
75         trustAgentRule.agent.grantTrust(GRANT_MESSAGE, 10000, 0) {}
76         uiDevice.sleep()
77 
78         lockStateTrackingRule.assertUnlockedAndTrusted()
79     }
80 
81     @Test
grantKeepsDeviceUnlocked_untilRevokednull82     fun grantKeepsDeviceUnlocked_untilRevoked() {
83         trustAgentRule.agent.grantTrust(GRANT_MESSAGE, 0, 0) {}
84         await()
85         uiDevice.sleep()
86         trustAgentRule.agent.revokeTrust()
87 
88         lockStateTrackingRule.assertLocked()
89     }
90 
91     @Test
grantCannotActivelyUnlockDevicenull92     fun grantCannotActivelyUnlockDevice() {
93         // On automotive, trust agents can actively unlock the device.
94         assumeFalse(packageManager.hasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE))
95 
96         // Lock the device.
97         uiDevice.sleep()
98         lockStateTrackingRule.assertLocked()
99 
100         // Grant trust.
101         trustAgentRule.agent.grantTrust(GRANT_MESSAGE, 10000, 0) {}
102 
103         // The grant should not have unlocked the device.  Wait a bit so that
104         // TrustManagerService probably will have finished processing the grant.
105         await()
106         lockStateTrackingRule.assertLocked()
107 
108         // Turn the screen on and off to cause TrustManagerService to refresh
109         // its deviceLocked state.  Then verify the state is still locked.  This
110         // part failed before the fix for b/296464083.
111         uiDevice.wakeUp()
112         uiDevice.sleep()
113         await()
114         lockStateTrackingRule.assertLocked()
115     }
116 
117     @Test
grantDoesNotCallBacknull118     fun grantDoesNotCallBack() {
119         val callback = mock<(GrantTrustResult) -> Unit>()
120         trustAgentRule.agent.grantTrust(GRANT_MESSAGE, 0, 0, callback)
121         await()
122 
123         verifyNoMoreInteractions(callback)
124     }
125 
126     companion object {
127         private const val TAG = "GrantAndRevokeTrustTest"
128         private const val GRANT_MESSAGE = "granted by test"
awaitnull129         private fun await() = Thread.sleep(250)
130     }
131 }
132 
133 class GrantAndRevokeTrustAgent : BaseTrustAgentService()
134