1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
|
/*
* Copyright (C) 2009 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.appsecurity.cts;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import android.platform.test.annotations.AppModeFull;
import com.android.compatibility.common.tradefed.build.CompatibilityBuildHelper;
import com.android.ddmlib.Log;
import com.android.tradefed.device.DeviceNotAvailableException;
import com.android.tradefed.testtype.DeviceJUnit4ClassRunner;
import com.android.tradefed.testtype.junit4.BaseHostJUnit4Test;
import com.android.tradefed.util.AbiUtils;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import java.io.File;
import java.io.FileNotFoundException;
/**
* Set of tests that verify various security checks involving multiple apps are
* properly enforced.
*/
@RunWith(DeviceJUnit4ClassRunner.class)
public class AppSecurityTests extends BaseHostJUnit4Test {
// testSharedUidDifferentCerts constants
private static final String SHARED_UI_APK = "CtsSharedUidInstall.apk";
private static final String SHARED_UI_PKG = "com.android.cts.shareuidinstall";
private static final String SHARED_UI_DIFF_CERT_APK = "CtsSharedUidInstallDiffCert.apk";
private static final String SHARED_UI_DIFF_CERT_PKG =
"com.android.cts.shareuidinstalldiffcert";
// testAppUpgradeDifferentCerts constants
private static final String SIMPLE_APP_APK = "CtsSimpleAppInstall.apk";
private static final String SIMPLE_APP_PKG = "com.android.cts.simpleappinstall";
private static final String SIMPLE_APP_DIFF_CERT_APK = "CtsSimpleAppInstallDiffCert.apk";
// testAppFailAccessPrivateData constants
private static final String APP_WITH_DATA_APK = "CtsAppWithData.apk";
private static final String APP_WITH_DATA_PKG = "com.android.cts.appwithdata";
private static final String APP_WITH_DATA_CLASS =
"com.android.cts.appwithdata.CreatePrivateDataTest";
private static final String APP_WITH_DATA_CREATE_METHOD =
"testCreatePrivateData";
private static final String APP_WITH_DATA_CHECK_NOEXIST_METHOD =
"testEnsurePrivateDataNotExist";
private static final String APP_ACCESS_DATA_APK = "CtsAppAccessData.apk";
private static final String APP_ACCESS_DATA_PKG = "com.android.cts.appaccessdata";
// testInstrumentationDiffCert constants
private static final String TARGET_INSTRUMENT_APK = "CtsTargetInstrumentationApp.apk";
private static final String TARGET_INSTRUMENT_PKG = "com.android.cts.targetinstrumentationapp";
private static final String INSTRUMENT_DIFF_CERT_APK = "CtsInstrumentationAppDiffCert.apk";
private static final String INSTRUMENT_DIFF_CERT_PKG =
"com.android.cts.instrumentationdiffcertapp";
// testPermissionDiffCert constants
private static final String DECLARE_PERMISSION_APK = "CtsPermissionDeclareApp.apk";
private static final String DECLARE_PERMISSION_PKG = "com.android.cts.permissiondeclareapp";
private static final String DECLARE_PERMISSION_COMPAT_APK = "CtsPermissionDeclareAppCompat.apk";
private static final String DECLARE_PERMISSION_COMPAT_PKG = "com.android.cts.permissiondeclareappcompat";
private static final String PERMISSION_DIFF_CERT_APK = "CtsUsePermissionDiffCert.apk";
private static final String PERMISSION_DIFF_CERT_PKG =
"com.android.cts.usespermissiondiffcertapp";
private static final String LOG_TAG = "AppSecurityTests";
private File getTestAppFile(String fileName) throws FileNotFoundException {
CompatibilityBuildHelper buildHelper = new CompatibilityBuildHelper(getBuild());
return buildHelper.getTestFile(fileName);
}
@Before
public void setUp() throws Exception {
Utils.prepareSingleUser(getDevice());
assertNotNull(getBuild());
}
/**
* Test that an app that declares the same shared uid as an existing app, cannot be installed
* if it is signed with a different certificate.
*/
@Test
@AppModeFull // TODO: Needs porting to instant
public void testSharedUidDifferentCerts() throws Exception {
Log.i(LOG_TAG, "installing apks with shared uid, but different certs");
try {
// cleanup test apps that might be installed from previous partial test run
getDevice().uninstallPackage(SHARED_UI_PKG);
getDevice().uninstallPackage(SHARED_UI_DIFF_CERT_PKG);
String[] options = {AbiUtils.createAbiFlag(getAbi().getName())};
String installResult = getDevice().installPackage(getTestAppFile(SHARED_UI_APK),
false, options);
assertNull(String.format("failed to install shared uid app, Reason: %s", installResult),
installResult);
installResult = getDevice().installPackage(getTestAppFile(SHARED_UI_DIFF_CERT_APK),
false, options);
assertNotNull("shared uid app with different cert than existing app installed " +
"successfully", installResult);
assertEquals("INSTALL_FAILED_SHARED_USER_INCOMPATIBLE",
installResult.substring(0, installResult.indexOf(':')));
} finally {
getDevice().uninstallPackage(SHARED_UI_PKG);
getDevice().uninstallPackage(SHARED_UI_DIFF_CERT_PKG);
}
}
/**
* Test that an app update cannot be installed over an existing app if it has a different
* certificate.
*/
@Test
@AppModeFull // TODO: Needs porting to instant
public void testAppUpgradeDifferentCerts() throws Exception {
Log.i(LOG_TAG, "installing app upgrade with different certs");
try {
// cleanup test app that might be installed from previous partial test run
getDevice().uninstallPackage(SIMPLE_APP_PKG);
String[] options = {AbiUtils.createAbiFlag(getAbi().getName())};
String installResult = getDevice().installPackage(getTestAppFile(SIMPLE_APP_APK),
false, options);
assertNull(String.format("failed to install simple app. Reason: %s", installResult),
installResult);
installResult = getDevice().installPackage(getTestAppFile(SIMPLE_APP_DIFF_CERT_APK),
true /* reinstall */, options);
assertNotNull("app upgrade with different cert than existing app installed " +
"successfully", installResult);
assertEquals("INSTALL_FAILED_UPDATE_INCOMPATIBLE",
installResult.substring(0, installResult.indexOf(':')));
} finally {
getDevice().uninstallPackage(SIMPLE_APP_PKG);
}
}
/**
* Test that an app cannot access another app's private data.
*/
@Test
@AppModeFull // TODO: Needs porting to instant
public void testAppFailAccessPrivateData() throws Exception {
Log.i(LOG_TAG, "installing app that attempts to access another app's private data");
try {
// cleanup test app that might be installed from previous partial test run
getDevice().uninstallPackage(APP_WITH_DATA_PKG);
getDevice().uninstallPackage(APP_ACCESS_DATA_PKG);
String[] options = {AbiUtils.createAbiFlag(getAbi().getName())};
String installResult = getDevice().installPackage(getTestAppFile(APP_WITH_DATA_APK),
false, options);
assertNull(String.format("failed to install app with data. Reason: %s", installResult),
installResult);
// run appwithdata's tests to create private data
runDeviceTestsAsCurrentUser(
APP_WITH_DATA_PKG, APP_WITH_DATA_CLASS, APP_WITH_DATA_CREATE_METHOD);
installResult = getDevice().installPackage(getTestAppFile(APP_ACCESS_DATA_APK),
false, options);
assertNull(String.format("failed to install app access data. Reason: %s",
installResult), installResult);
// run appaccessdata's tests which attempt to access appwithdata's private data
runDeviceTestsAsCurrentUser(APP_ACCESS_DATA_PKG);
} finally {
getDevice().uninstallPackage(APP_WITH_DATA_PKG);
getDevice().uninstallPackage(APP_ACCESS_DATA_PKG);
}
}
/**
* Test that uninstall of an app removes its private data.
*/
@Test
@AppModeFull // TODO: Needs porting to instant
public void testUninstallRemovesData() throws Exception {
Log.i(LOG_TAG, "Uninstalling app, verifying data is removed.");
try {
// cleanup test app that might be installed from previous partial test run
getDevice().uninstallPackage(APP_WITH_DATA_PKG);
String[] options = {AbiUtils.createAbiFlag(getAbi().getName())};
String installResult = getDevice().installPackage(getTestAppFile(APP_WITH_DATA_APK),
false, options);
assertNull(String.format("failed to install app with data. Reason: %s", installResult),
installResult);
// run appwithdata's tests to create private data
runDeviceTestsAsCurrentUser(
APP_WITH_DATA_PKG, APP_WITH_DATA_CLASS, APP_WITH_DATA_CREATE_METHOD);
getDevice().uninstallPackage(APP_WITH_DATA_PKG);
installResult = getDevice().installPackage(getTestAppFile(APP_WITH_DATA_APK),
false, options);
assertNull(String.format("failed to install app with data second time. Reason: %s",
installResult), installResult);
// run appwithdata's 'check if file exists' test
runDeviceTestsAsCurrentUser(APP_WITH_DATA_PKG, APP_WITH_DATA_CLASS,
APP_WITH_DATA_CHECK_NOEXIST_METHOD);
} finally {
getDevice().uninstallPackage(APP_WITH_DATA_PKG);
}
}
/**
* Test that an app cannot instrument another app that is signed with different certificate.
*/
@Test
@AppModeFull // TODO: Needs porting to instant
public void testInstrumentationDiffCert() throws Exception {
Log.i(LOG_TAG, "installing app that attempts to instrument another app");
try {
// cleanup test app that might be installed from previous partial test run
getDevice().uninstallPackage(TARGET_INSTRUMENT_PKG);
getDevice().uninstallPackage(INSTRUMENT_DIFF_CERT_PKG);
String[] options = {AbiUtils.createAbiFlag(getAbi().getName())};
String installResult = getDevice().installPackage(
getTestAppFile(TARGET_INSTRUMENT_APK), false, options);
assertNull(String.format("failed to install target instrumentation app. Reason: %s",
installResult), installResult);
// the app will install, but will get error at runtime when starting instrumentation
installResult = getDevice().installPackage(getTestAppFile(INSTRUMENT_DIFF_CERT_APK),
false, options);
assertNull(String.format(
"failed to install instrumentation app with diff cert. Reason: %s",
installResult), installResult);
// run INSTRUMENT_DIFF_CERT_PKG tests
// this test will attempt to call startInstrumentation directly and verify
// SecurityException is thrown
runDeviceTestsAsCurrentUser(INSTRUMENT_DIFF_CERT_PKG);
} finally {
getDevice().uninstallPackage(TARGET_INSTRUMENT_PKG);
getDevice().uninstallPackage(INSTRUMENT_DIFF_CERT_PKG);
}
}
/**
* Test that an app cannot use a signature-enforced permission if it is signed with a different
* certificate than the app that declared the permission.
*/
@Test
@AppModeFull // TODO: Needs porting to instant
public void testPermissionDiffCert() throws Exception {
Log.i(LOG_TAG, "installing app that attempts to use permission of another app");
try {
// cleanup test app that might be installed from previous partial test run
getDevice().uninstallPackage(DECLARE_PERMISSION_PKG);
getDevice().uninstallPackage(DECLARE_PERMISSION_COMPAT_PKG);
getDevice().uninstallPackage(PERMISSION_DIFF_CERT_PKG);
String[] options = {AbiUtils.createAbiFlag(getAbi().getName())};
String installResult = getDevice().installPackage(
getTestAppFile(DECLARE_PERMISSION_APK), false, options);
assertNull(String.format("failed to install declare permission app. Reason: %s",
installResult), installResult);
installResult = getDevice().installPackage(
getTestAppFile(DECLARE_PERMISSION_COMPAT_APK), false, options);
assertNull(String.format("failed to install declare permission compat app. Reason: %s",
installResult), installResult);
// the app will install, but will get error at runtime
installResult = getDevice().installPackage(getTestAppFile(PERMISSION_DIFF_CERT_APK),
false, options);
assertNull(String.format("failed to install permission app with diff cert. Reason: %s",
installResult), installResult);
// run PERMISSION_DIFF_CERT_PKG tests which try to access the permission
runDeviceTestsAsCurrentUser(PERMISSION_DIFF_CERT_PKG);
} finally {
getDevice().uninstallPackage(DECLARE_PERMISSION_PKG);
getDevice().uninstallPackage(DECLARE_PERMISSION_COMPAT_PKG);
getDevice().uninstallPackage(PERMISSION_DIFF_CERT_PKG);
}
}
/**
* Tests that an arbitrary file cannot be installed using the 'cmd' command.
*/
@Test
@AppModeFull // TODO: Needs porting to instant
public void testAdbInstallFile() throws Exception {
String output = getDevice().executeShellCommand(
"cmd package install -S 1024 /data/local/tmp/foo.apk");
assertTrue("Error text", output.contains("Error"));
}
private void runDeviceTestsAsCurrentUser(String packageName)
throws DeviceNotAvailableException {
Utils.runDeviceTestsAsCurrentUser(getDevice(), packageName, null, null);
}
private void runDeviceTestsAsCurrentUser(
String packageName, String className, String methodName)
throws DeviceNotAvailableException {
Utils.runDeviceTestsAsCurrentUser(getDevice(), packageName, className, methodName);
}
}
|
