From 211e9e797b923aff057f1b7f9d37b8c5fadc9d3d Mon Sep 17 00:00:00 2001 From: Yuting Fang Date: Sat, 20 May 2023 00:03:25 +0000 Subject: [RESTRICT AUTOMERGE] Fix CTS test failure by skipping LAUNCH_PERMISSION_SETTINGS permission Bug:282787426 Change-Id: Ib1b2b21f88516579ff90d1e60c9063cae82d83c2 Test:CTS test pass --- .../permission2/src/android/permission2/cts/PermissionPolicyTest.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/tests/permission2/src/android/permission2/cts/PermissionPolicyTest.java b/tests/tests/permission2/src/android/permission2/cts/PermissionPolicyTest.java index 63b8cc0cb79..f0f453a8e20 100644 --- a/tests/tests/permission2/src/android/permission2/cts/PermissionPolicyTest.java +++ b/tests/tests/permission2/src/android/permission2/cts/PermissionPolicyTest.java @@ -55,6 +55,8 @@ public class PermissionPolicyTest extends AndroidTestCase { private static final Date MANAGE_COMPANION_DEVICES_PATCH_DATE = parseDate("2020-07-01"); private static final String MANAGE_COMPANION_DEVICES_PERMISSION = "android.permission.MANAGE_COMPANION_DEVICES"; + private static final String LAUNCH_PERMISSION_SETTINGS = + "android.permission.LAUNCH_PERMISSION_SETTINGS"; private static final String LOG_TAG = "PermissionProtectionTest"; @@ -316,6 +318,8 @@ public class PermissionPolicyTest extends AndroidTestCase { return parseDate(SECURITY_PATCH).before(HIDE_NON_SYSTEM_OVERLAY_WINDOWS_PATCH_DATE); case MANAGE_COMPANION_DEVICES_PERMISSION: return parseDate(SECURITY_PATCH).before(MANAGE_COMPANION_DEVICES_PATCH_DATE); + case LAUNCH_PERMISSION_SETTINGS: + return true; default: return false; } -- cgit v1.2.3 From 7b0310c1f5ca19c0cb2414b2dafa38620a7f4ec4 Mon Sep 17 00:00:00 2001 From: Yuting Fang Date: Mon, 22 May 2023 03:43:26 +0000 Subject: [RESTRICT AUTOMERGE] Add test support for a new permission to launch the permission manager settings page without granting grant/revoke permission access. Bug: 282787426 Test: Existing tests pass (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:fea2595c889589e26f8682bfa31705817e5b54fc) Merged-In: I072eb0386a497bcd3beb276a9ef8519cc725d46f Change-Id: I072eb0386a497bcd3beb276a9ef8519cc725d46f --- tests/tests/permission2/res/raw/android_manifest.xml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/tests/permission2/res/raw/android_manifest.xml b/tests/tests/permission2/res/raw/android_manifest.xml index b329fa259cb..749eba0bed4 100644 --- a/tests/tests/permission2/res/raw/android_manifest.xml +++ b/tests/tests/permission2/res/raw/android_manifest.xml @@ -3103,6 +3103,12 @@ + + + -- cgit v1.2.3 From 98da0fd52a88400b598ea93e9e9f7bbf9863a79c Mon Sep 17 00:00:00 2001 From: Kazuhiro Inaba Date: Thu, 1 Jun 2023 11:02:28 +0900 Subject: [RESTRICT AUTOMERGE] Remove OsHostTests#testIntentFilterHostValidation The test was depending on log parsing and was too fragile. Recent GMS core actually changed the log format and started breaking the test. Bug: 284435281 Test: build Change-Id: I8fb35fa10e55441794fef81a5c2bfd534ae8c113 --- .../os/src/android/os/cts/OsHostTests.java | 59 ---------------------- 1 file changed, 59 deletions(-) diff --git a/hostsidetests/os/src/android/os/cts/OsHostTests.java b/hostsidetests/os/src/android/os/cts/OsHostTests.java index c557c9eed57..3c5117095b6 100644 --- a/hostsidetests/os/src/android/os/cts/OsHostTests.java +++ b/hostsidetests/os/src/android/os/cts/OsHostTests.java @@ -26,13 +26,9 @@ import com.android.tradefed.testtype.DeviceTestCase; import com.android.tradefed.testtype.IAbi; import com.android.tradefed.testtype.IAbiReceiver; import com.android.tradefed.testtype.IBuildReceiver; -import com.android.tradefed.util.AbiUtils; import java.io.File; import java.io.FileNotFoundException; -import java.util.Arrays; -import java.util.HashSet; -import java.util.Scanner; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -44,16 +40,6 @@ public class OsHostTests extends DeviceTestCase implements IBuildReceiver, IAbiR "am start -n %s/%s.%s", TEST_APP_PACKAGE, TEST_APP_PACKAGE, TEST_NON_EXPORTED_ACTIVITY_CLASS); - // Testing the intent filter verification mechanism - private static final String HOST_VERIFICATION_APK = "CtsHostLinkVerificationApp.apk"; - private static final String HOST_VERIFICATION_PKG = "com.android.cts.openlinksskeleton"; - private static final String FILTER_VERIFIER_REGEXP = - "Verifying IntentFilter\\..* package:\"" + HOST_VERIFICATION_PKG + "\""; - private static final Pattern HOST_PATTERN = Pattern.compile(".*hosts:\"(.*?)\""); - // domains that should be validated against given our test apk - private static final String HOST_EXPLICIT = "explicit.example.com"; - private static final String HOST_WILDCARD = "wildcard.tld"; - /** * A reference to the device under test. */ @@ -104,51 +90,6 @@ public class OsHostTests extends DeviceTestCase implements IBuildReceiver, IAbiR } } - public void testIntentFilterHostValidation() throws Exception { - String line = null; - try { - // Clean slate in case of earlier aborted run - mDevice.uninstallPackage(HOST_VERIFICATION_PKG); - - String[] options = { AbiUtils.createAbiFlag(mAbi.getName()) }; - - mDevice.clearLogcat(); - - String installResult = getDevice().installPackage(getTestAppFile(HOST_VERIFICATION_APK), - false /* = reinstall? */, options); - - assertNull("Couldn't install web intent filter sample apk", installResult); - - String logs = mDevice.executeAdbCommand("logcat", "-v", "brief", "-d"); - boolean foundVerifierOutput = false; - Pattern verifierPattern = Pattern.compile(FILTER_VERIFIER_REGEXP); - Scanner scanner = new Scanner(logs); - while (scanner.hasNextLine()) { - line = scanner.nextLine(); - Matcher verifierMatcher = verifierPattern.matcher(line); - if (verifierMatcher.find()) { - Matcher m = HOST_PATTERN.matcher(line); - assertTrue(m.find()); - final String hostgroup = m.group(1); - HashSet allHosts = new HashSet( - Arrays.asList(hostgroup.split(" "))); - assertEquals(2, allHosts.size()); - assertTrue("AllHosts Contains: " + allHosts, allHosts.contains(HOST_EXPLICIT)); - assertTrue("AllHosts Contains: " + allHosts, allHosts.contains(HOST_WILDCARD)); - foundVerifierOutput = true; - break; - } - } - - assertTrue(foundVerifierOutput); - } catch (Exception e) { - fail("Unable to parse verification results: " + e.getMessage() - + " line=" + line); - } finally { - // Finally, uninstall the app - mDevice.uninstallPackage(HOST_VERIFICATION_PKG); - } - } /* * Helper: find a test apk -- cgit v1.2.3 From b56dca015c4bdfd766e470755c8da4d2c75d4a07 Mon Sep 17 00:00:00 2001 From: Miguel Date: Thu, 25 May 2023 09:22:15 +0000 Subject: Remove E-Tugra certificates. Test: atest CertificateDataTest Bug: 284262845, 288601359 Change-Id: I4c4140c9769ba4f18dd4460ccd01febadd92d152 Merged-In: I4c4140c9769ba4f18dd4460ccd01febadd92d152 (cherry picked from commit c3d04ec6556c435f249378064acbea5d1c5572e8) --- tests/tests/security/src/android/security/cts/CertificateData.java | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/tests/security/src/android/security/cts/CertificateData.java b/tests/tests/security/src/android/security/cts/CertificateData.java index 301ba14150c..960f7855b8d 100644 --- a/tests/tests/security/src/android/security/cts/CertificateData.java +++ b/tests/tests/security/src/android/security/cts/CertificateData.java @@ -135,7 +135,6 @@ class CertificateData { "03:9E:ED:B8:0B:E7:A0:3C:69:53:89:3B:20:D2:D9:32:3A:4C:2A:FD", "1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F", "DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4", - "51:C6:E7:08:49:06:6E:F3:92:D4:5C:A0:0D:6D:A3:62:8F:C3:52:39", "D3:DD:48:3E:2B:BF:4C:05:E8:AF:10:F5:FA:76:26:CF:D3:DC:30:92", "B8:23:6B:00:2F:1D:16:86:53:01:55:6C:11:A4:37:CA:EB:FF:C3:BB", "87:82:C6:C3:04:35:3B:CF:D2:96:92:D2:59:3E:7D:44:D9:34:FF:11", -- cgit v1.2.3 From fbcbaf590e9b08613b6d38c719a863409a543714 Mon Sep 17 00:00:00 2001 From: Orion Hodson Date: Thu, 15 Dec 2022 10:04:22 +0000 Subject: [RESTRICT AUTOMERGE] Drop TrustCor certificates INIT Store initialized from system/ca-certificates/files REMOVE Android security review SHA1 : FF:BD:CD:E7:82:C8:43:5E:3C:6F:26:86:5C:CA:A8:3A:45:5B:C3:0A Subject : C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-1 Not Before: Feb 4 12:32:16 2016 GMT Not After : Dec 31 17:23:16 2029 GMT REMOVE Android security review SHA1 : B8:BE:6D:CB:56:F1:55:B9:63:D4:12:CA:4E:06:34:C7:94:B2:1C:C0 Subject : C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-2 Not Before: Feb 4 12:32:23 2016 GMT Not After : Dec 31 17:26:39 2034 GMT REMOVE Android security review SHA1 : 58:D1:DF:95:95:67:6B:63:C0:F0:5B:1C:17:4D:8B:84:0B:C8:78:BD Subject : C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor ECA-1 Not Before: Feb 4 12:32:33 2016 GMT Not After : Dec 31 17:28:07 2029 GMT SUMMARY CertRequest total count: 158 add count: 30 remove count: 124 trust count: 0 Repository total trusted: 136 roots for import: 137 intermediate for import: 0 Store (before import) total count: 140 expired: 0 expiring with 1 year: 3 Store (after import) total count: 137 newly imported: 0 existing matched by import: 137 other trusted: 0 expired: 0 expiring with 1 year: 3 Store (after cert requests) total count: 137 newly imported: 0 existing matched by import: 137 other trusted: 0 expired: 0 expiring with 1 year: 3 Bug: 262521447 Bug: 263652067 Bug: 288601359 Test: atest CtsLibcoreTestCases:com.android.org.conscrypt.TrustedCertificateStoreTest (cherry picked from commit 355893a2ed5a361e3ee42c284409f00d577785f5) Merged-In: If7426bdf4e7fb44bbf7729ddb43d2403f6653036 Change-Id: If7426bdf4e7fb44bbf7729ddb43d2403f6653036 (cherry picked from commit 9bf4c2c4f72738eb16e30e86bf794f8ed7785554) --- tests/tests/security/src/android/security/cts/CertificateData.java | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/tests/security/src/android/security/cts/CertificateData.java b/tests/tests/security/src/android/security/cts/CertificateData.java index 960f7855b8d..c1b1fb5f49c 100644 --- a/tests/tests/security/src/android/security/cts/CertificateData.java +++ b/tests/tests/security/src/android/security/cts/CertificateData.java @@ -88,7 +88,6 @@ class CertificateData { "DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12", "0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E", "CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7", - "FF:BD:CD:E7:82:C8:43:5E:3C:6F:26:86:5C:CA:A8:3A:45:5B:C3:0A", "13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6", "5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25", "49:0A:75:74:DE:87:0A:47:FE:58:EE:F6:C7:6B:EB:C6:0B:12:40:99", @@ -129,7 +128,6 @@ class CertificateData { "47:BE:AB:C9:22:EA:E8:0E:78:78:34:62:A7:9F:45:C2:54:FD:E6:8B", "3A:44:73:5A:E5:81:90:1F:24:86:61:46:1E:3B:9C:C4:5F:F5:3A:1B", "B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9", - "58:D1:DF:95:95:67:6B:63:C0:F0:5B:1C:17:4D:8B:84:0B:C8:78:BD", "F5:17:A2:4F:9A:48:C6:C9:F8:A2:00:26:9F:DC:0F:48:2C:AB:30:89", "3B:C0:38:0B:33:C3:F6:A6:0C:86:15:22:93:D9:DF:F5:4B:81:C0:04", "03:9E:ED:B8:0B:E7:A0:3C:69:53:89:3B:20:D2:D9:32:3A:4C:2A:FD", @@ -139,7 +137,6 @@ class CertificateData { "B8:23:6B:00:2F:1D:16:86:53:01:55:6C:11:A4:37:CA:EB:FF:C3:BB", "87:82:C6:C3:04:35:3B:CF:D2:96:92:D2:59:3E:7D:44:D9:34:FF:11", "59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9", - "B8:BE:6D:CB:56:F1:55:B9:63:D4:12:CA:4E:06:34:C7:94:B2:1C:C0", "AE:C5:FB:3F:C8:E1:BF:C4:E5:4F:03:07:5A:9A:E8:00:B7:F7:B6:FA", "DF:71:7E:AA:4A:D9:4E:C9:55:84:99:60:2D:48:DE:5F:BC:F0:3A:25", "F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE", -- cgit v1.2.3 From 2f774c4b81e1dd116d9cc20460fc5fa20b9d241a Mon Sep 17 00:00:00 2001 From: Miguel Date: Wed, 12 Jul 2023 15:51:39 +0000 Subject: [RESTRICT AUTOMERGE] Fix issue in which certs are inconsistently present in different phones. Test: atest CertificateTests Bug: 289965967 Bug: 288601359 (cherry picked from https://android-review.googlesource.com/q/commit:46d8f8ece4eab9a6ea15581964405dd4315a2a5e) Merged-In: Iba336b6127624589aa4a2552986f6c337ceffd3e Change-Id: Iba336b6127624589aa4a2552986f6c337ceffd3e --- .../security/src/android/security/cts/CertificateTest.java | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/tests/security/src/android/security/cts/CertificateTest.java b/tests/tests/security/src/android/security/cts/CertificateTest.java index adc14de4689..2d1a58c26de 100644 --- a/tests/tests/security/src/android/security/cts/CertificateTest.java +++ b/tests/tests/security/src/android/security/cts/CertificateTest.java @@ -40,11 +40,21 @@ public class CertificateTest extends AndroidTestCase { // The directory for CA root certificates trusted by WFA (WiFi Alliance) static final String DIR_OF_CACERTS_FOR_WFA = "/etc/security/cacerts_wfa"; + // Fix for b/289965967 due to backport issues. These certs were deleted but may still be on some + // devices + private Set mOptionalCertificates = new HashSet( + Arrays.asList( + new String[] {"B8:BE:6D:CB:56:F1:55:B9:63:D4:12:CA:4E:06:34:C7:94:B2:1C:C0", + "FF:BD:CD:E7:82:C8:43:5E:3C:6F:26:86:5C:CA:A8:3A:45:5B:C3:0A", + "51:C6:E7:08:49:06:6E:F3:92:D4:5C:A0:0D:6D:A3:62:8F:C3:52:39", + "58:D1:DF:95:95:67:6B:63:C0:F0:5B:1C:17:4D:8B:84:0B:C8:78:BD"})); + public void testNoRemovedCertificates() throws Exception { Set expectedCertificates = new HashSet( Arrays.asList(CertificateData.CERTIFICATE_DATA)); Set deviceCertificates = getDeviceCertificates(); expectedCertificates.removeAll(deviceCertificates); + expectedCertificates.removeAll(mOptionalCertificates); assertEquals("Missing CA certificates", Collections.EMPTY_SET, expectedCertificates); } @@ -71,6 +81,7 @@ public class CertificateTest extends AndroidTestCase { Arrays.asList(CertificateData.CERTIFICATE_DATA)); Set deviceCertificates = getDeviceCertificates(); deviceCertificates.removeAll(expectedCertificates); + deviceCertificates.removeAll(mOptionalCertificates); assertEquals("Unknown CA certificates", Collections.EMPTY_SET, deviceCertificates); } -- cgit v1.2.3 From 2d7206567fdd53444817ec3d4b4f10cdb839d1e7 Mon Sep 17 00:00:00 2001 From: Sasha Kuznetsov Date: Fri, 10 Nov 2023 13:24:54 +0000 Subject: DO NOT MERGE Ignore IOException failure Bug: 302648017 Change-Id: Ifbce6821f76fbac9ee1aa791b86744b1905bcb1c --- .../src/android/location/cts/GeocoderTest.java | 46 +++++++--------------- 1 file changed, 14 insertions(+), 32 deletions(-) diff --git a/tests/tests/location/src/android/location/cts/GeocoderTest.java b/tests/tests/location/src/android/location/cts/GeocoderTest.java index 62d9d251028..d6b425f776a 100644 --- a/tests/tests/location/src/android/location/cts/GeocoderTest.java +++ b/tests/tests/location/src/android/location/cts/GeocoderTest.java @@ -22,14 +22,13 @@ import android.content.Intent; import android.content.pm.PackageManager; import android.location.Geocoder; import android.test.AndroidTestCase; +import android.util.Log; import java.io.IOException; import java.util.Locale; public class GeocoderTest extends AndroidTestCase { - - private static final int MAX_NUM_RETRIES = 5; - private static final int TIME_BETWEEN_RETRIES_MS = 10 * 1000; + private static final String TAG = GeocoderTest.class.getSimpleName(); public void testConstructor() { new Geocoder(getContext()); @@ -70,23 +69,14 @@ public class GeocoderTest extends AndroidTestCase { // Thus only test that calling the method with valid arguments doesn't produce // an unexpected exception // Note: there is a risk this test will fail if device under test does not have - // a network connection. This is why we try the geocode 5 times if it fails due - // to a network error. - int numRetries = 0; - while (numRetries < MAX_NUM_RETRIES) { - try { - geocoder.getFromLocation(60, 30, 5); - break; - } catch (IOException e) { - Thread.sleep(TIME_BETWEEN_RETRIES_MS); - numRetries++; - } - } - if (numRetries >= MAX_NUM_RETRIES) { - fail("Failed to geocode location " + MAX_NUM_RETRIES + " times."); + // a network connection. This is why we don't fail the test if we get an + // IOException. + try { + geocoder.getFromLocation(60, 30, 5); + } catch (IOException e) { + Log.e(TAG, "GeoCoder getFromLocation request failed.", e); } - try { // latitude is less than -90 geocoder.getFromLocation(-91, 30, 5); @@ -123,20 +113,12 @@ public class GeocoderTest extends AndroidTestCase { // Thus only test that calling the method with valid arguments doesn't produce // an unexpected exception // Note: there is a risk this test will fail if device under test does not have - // a network connection. This is why we try the geocode 5 times if it fails due - // to a network error. - int numRetries = 0; - while (numRetries < MAX_NUM_RETRIES) { - try { - geocoder.getFromLocationName("Dalvik,Iceland", 5); - break; - } catch (IOException e) { - Thread.sleep(TIME_BETWEEN_RETRIES_MS); - numRetries++; - } - } - if (numRetries >= MAX_NUM_RETRIES) { - fail("Failed to geocode location name " + MAX_NUM_RETRIES + " times."); + // a network connection. This is why we don't fail the test if we get an + // IOException. + try { + geocoder.getFromLocationName("Dalvik,Iceland", 5); + } catch (IOException e) { + Log.e(TAG, "GeoCoder getFromLocationName request failed.", e); } try { -- cgit v1.2.3