1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package com.android.cts.deviceandprofileowner; 17 18 import static com.android.cts.devicepolicy.TestCertificates.getCaCert; 19 import static com.android.cts.devicepolicy.TestCertificates.getTestKey; 20 import static com.android.cts.devicepolicy.TestCertificates.getUserCert; 21 22 import static org.junit.Assert.assertNotEquals; 23 24 import android.content.ComponentName; 25 import android.content.pm.PackageManager; 26 import android.net.wifi.WifiConfiguration; 27 import android.net.wifi.WifiEnterpriseConfig; 28 import android.net.wifi.WifiManager; 29 import android.net.wifi.WifiNetworkSuggestion; 30 import android.text.TextUtils; 31 32 import java.security.cert.Certificate; 33 import java.security.cert.X509Certificate; 34 import java.util.Collections; 35 36 /** 37 * Tests that require the WiFi feature. 38 */ 39 public class WifiTest extends BaseDeviceAdminTest { 40 /** Mac address returned when the caller doesn't have access. */ 41 private static final String DEFAULT_MAC_ADDRESS = "02:00:00:00:00:00"; 42 43 public static final ComponentName ADMIN = new ComponentName( 44 BasicAdminReceiver.class.getPackage().getName(), 45 BasicAdminReceiver.class.getName()); 46 47 private static final String TEST_ALIAS = "test_alias"; 48 private static final String TEST_SSID = "\"SomeNet\""; 49 50 private WifiManager mWm; 51 private int mNetId = -1; 52 53 @Override setUp()54 protected void setUp() throws Exception { 55 super.setUp(); 56 57 mWm = mContext.getSystemService(WifiManager.class); 58 } 59 60 @Override tearDown()61 protected void tearDown() throws Exception { 62 if (mNetId != -1) { 63 mWm.removeNetwork(mNetId); 64 } 65 // Remove all suggestions if any were added. 66 mWm.removeNetworkSuggestions(Collections.emptyList()); 67 mDevicePolicyManager.removeKeyPair(ADMIN, TEST_ALIAS); 68 69 super.tearDown(); 70 } 71 testGetWifiMacAddress()72 public void testGetWifiMacAddress() { 73 if (!mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_WIFI)) { 74 // wifi not supported. 75 return; 76 } 77 final String macAddress = mDevicePolicyManager.getWifiMacAddress(ADMIN); 78 79 assertFalse("Device owner should be able to get the real MAC address", 80 DEFAULT_MAC_ADDRESS.equals(macAddress)); 81 assertFalse("getWifiMacAddress() returned an empty string. WiFi not enabled?", 82 TextUtils.isEmpty(macAddress)); 83 } 84 testCannotGetWifiMacAddress()85 public void testCannotGetWifiMacAddress() { 86 try { 87 mDevicePolicyManager.getWifiMacAddress(ADMIN); 88 fail("Profile owner shouldn't be able to get the MAC address"); 89 } catch (SecurityException expected) { 90 } 91 } 92 testAddNetworkWithKeychainKey_granted()93 public void testAddNetworkWithKeychainKey_granted() throws Exception { 94 prepareTestKeyPair(/* allowForWifi= */ true); 95 final WifiConfiguration config = makeTestWifiConfig(); 96 97 mNetId = mWm.addNetwork(config); 98 99 assertNotEquals(-1, mNetId); 100 } 101 testAddNetworkWithKeychainKey_notGranted()102 public void testAddNetworkWithKeychainKey_notGranted() throws Exception { 103 prepareTestKeyPair(/* allowForWifi= */ false); 104 final WifiConfiguration config = makeTestWifiConfig(); 105 106 mNetId = mWm.addNetwork(config); 107 108 assertEquals(-1, mNetId); 109 } 110 testAddNetworkSuggestionWithKeychainKey_granted()111 public void testAddNetworkSuggestionWithKeychainKey_granted() throws Exception { 112 prepareTestKeyPair(/* allowForWifi= */ true); 113 final WifiNetworkSuggestion suggestion = makeWifiNetworkSuggestion(); 114 115 assertEquals(WifiManager.STATUS_NETWORK_SUGGESTIONS_SUCCESS, 116 mWm.addNetworkSuggestions(Collections.singletonList(suggestion))); 117 } 118 testAddNetworkSuggestionWithKeychainKey_notGranted()119 public void testAddNetworkSuggestionWithKeychainKey_notGranted() throws Exception { 120 prepareTestKeyPair(/* allowForWifi= */ false); 121 final WifiNetworkSuggestion suggestion = makeWifiNetworkSuggestion(); 122 123 assertEquals(WifiManager.STATUS_NETWORK_SUGGESTIONS_ERROR_ADD_INVALID, 124 mWm.addNetworkSuggestions(Collections.singletonList(suggestion))); 125 } 126 makeWifiEnterpriseConfig()127 private WifiEnterpriseConfig makeWifiEnterpriseConfig() throws Exception { 128 WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig(); 129 enterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TLS); 130 enterpriseConfig.setDomainSuffixMatch("some-domain.com"); 131 enterpriseConfig.setIdentity("user"); 132 enterpriseConfig.setCaCertificate((X509Certificate) getCaCert()); 133 enterpriseConfig.setClientKeyPairAlias(TEST_ALIAS); 134 return enterpriseConfig; 135 } 136 makeWifiNetworkSuggestion()137 private WifiNetworkSuggestion makeWifiNetworkSuggestion() throws Exception { 138 return new WifiNetworkSuggestion.Builder() 139 .setSsid(TEST_SSID) 140 .setWpa2EnterpriseConfig(makeWifiEnterpriseConfig()) 141 .build(); 142 } 143 prepareTestKeyPair(boolean allowForWifi)144 private void prepareTestKeyPair(boolean allowForWifi) throws Exception { 145 assertTrue(mDevicePolicyManager.installKeyPair(ADMIN, getTestKey(), 146 new Certificate[]{getUserCert()}, TEST_ALIAS, 147 /* requestAccess= */ false)); 148 if (allowForWifi) { 149 assertTrue(mDevicePolicyManager.grantKeyPairToWifiAuth(TEST_ALIAS)); 150 } 151 } 152 makeTestWifiConfig()153 private WifiConfiguration makeTestWifiConfig() throws Exception { 154 WifiConfiguration config = new WifiConfiguration(); 155 config.SSID = TEST_SSID; 156 config.allowedKeyManagement.set(WifiConfiguration.KeyMgmt.WPA_EAP); 157 config.enterpriseConfig = makeWifiEnterpriseConfig(); 158 return config; 159 } 160 } 161