1 /* 2 * Copyright (C) 2022 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.trust.test 18 19 import android.service.trust.GrantTrustResult 20 import android.service.trust.GrantTrustResult.STATUS_UNLOCKED_BY_GRANT 21 import android.service.trust.TrustAgentService.FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE 22 import android.trust.BaseTrustAgentService 23 import android.trust.TrustTestActivity 24 import android.trust.test.lib.LockStateTrackingRule 25 import android.trust.test.lib.ScreenLockRule 26 import android.trust.test.lib.TrustAgentRule 27 import android.util.Log 28 import androidx.test.ext.junit.rules.ActivityScenarioRule 29 import androidx.test.ext.junit.runners.AndroidJUnit4 30 import androidx.test.platform.app.InstrumentationRegistry.getInstrumentation 31 import androidx.test.uiautomator.UiDevice 32 import android.trust.test.lib.wait 33 import org.junit.Before 34 import org.junit.Rule 35 import org.junit.Test 36 import org.junit.rules.RuleChain 37 import org.junit.runner.RunWith 38 39 /** 40 * Test for testing revokeTrust & grantTrust for renewable trust. 41 * 42 * atest TrustTests:TemporaryAndRenewableTrustTest 43 */ 44 @RunWith(AndroidJUnit4::class) 45 class TemporaryAndRenewableTrustTest { 46 private val uiDevice = UiDevice.getInstance(getInstrumentation()) 47 private val activityScenarioRule = ActivityScenarioRule(TrustTestActivity::class.java) 48 private val lockStateTrackingRule = LockStateTrackingRule() 49 private val trustAgentRule = TrustAgentRule<TemporaryAndRenewableTrustAgent>() 50 51 @get:Rule 52 val rule: RuleChain = RuleChain 53 .outerRule(activityScenarioRule) 54 .around(ScreenLockRule()) 55 .around(lockStateTrackingRule) 56 .around(trustAgentRule) 57 58 @Before manageTrustnull59 fun manageTrust() { 60 trustAgentRule.agent.setManagingTrust(true) 61 } 62 63 // This test serves a baseline for Grant tests, verifying that the default behavior of the 64 // device is to lock when put to sleep 65 @Test sleepingDeviceWithoutGrantLocksDevicenull66 fun sleepingDeviceWithoutGrantLocksDevice() { 67 uiDevice.sleep() 68 69 lockStateTrackingRule.assertLocked() 70 } 71 72 @Test grantTrustLockedDevice_deviceStaysLockednull73 fun grantTrustLockedDevice_deviceStaysLocked() { 74 uiDevice.sleep() 75 lockStateTrackingRule.assertLocked() 76 77 uiDevice.wakeUp() 78 trustAgentRule.agent.grantTrust( 79 GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} 80 81 lockStateTrackingRule.assertLocked() 82 } 83 84 @Test grantTrustUnlockedDevice_deviceLocksOnScreenOffnull85 fun grantTrustUnlockedDevice_deviceLocksOnScreenOff() { 86 trustAgentRule.agent.grantTrust( 87 GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} 88 uiDevice.sleep() 89 90 lockStateTrackingRule.assertLocked() 91 } 92 93 @Test grantTrustLockedDevice_grantTrustOnLockedDeviceUnlocksDevicenull94 fun grantTrustLockedDevice_grantTrustOnLockedDeviceUnlocksDevice() { 95 trustAgentRule.agent.grantTrust( 96 GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} 97 uiDevice.sleep() 98 99 lockStateTrackingRule.assertLocked() 100 101 uiDevice.wakeUp() 102 trustAgentRule.agent.grantTrust( 103 GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} 104 105 lockStateTrackingRule.assertUnlockedAndTrusted() 106 } 107 108 @Test grantTrustLockedDevice_callsBackWhenUnlockednull109 fun grantTrustLockedDevice_callsBackWhenUnlocked() { 110 Log.i(TAG, "Granting renewable trust while unlocked") 111 trustAgentRule.agent.grantTrust( 112 GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} 113 await(1000) 114 115 Log.i(TAG, "Locking device") 116 uiDevice.sleep() 117 118 lockStateTrackingRule.assertLocked() 119 uiDevice.wakeUp() 120 121 Log.i(TAG, "Renewing trust and unlocking") 122 var result: GrantTrustResult? = null 123 trustAgentRule.agent.grantTrust( 124 GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) { 125 Log.i(TAG, "Callback received; status=${it.status}") 126 result = it 127 } 128 lockStateTrackingRule.assertUnlockedAndTrusted() 129 130 wait("callback triggered") { result?.status == STATUS_UNLOCKED_BY_GRANT } 131 } 132 133 @Test grantTrustLockedDevice_revokeTrustPreventsSubsequentUnlocknull134 fun grantTrustLockedDevice_revokeTrustPreventsSubsequentUnlock() { 135 trustAgentRule.agent.grantTrust( 136 GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} 137 uiDevice.sleep() 138 139 lockStateTrackingRule.assertLocked() 140 141 trustAgentRule.agent.revokeTrust() 142 await(500) 143 uiDevice.wakeUp() 144 145 trustAgentRule.agent.grantTrust( 146 GRANT_MESSAGE, 0, FLAG_GRANT_TRUST_TEMPORARY_AND_RENEWABLE) {} 147 148 lockStateTrackingRule.assertLocked() 149 } 150 151 companion object { 152 private const val TAG = "TemporaryAndRenewableTrustTest" 153 private const val GRANT_MESSAGE = "granted by test" awaitnull154 private fun await(millis: Long) = Thread.sleep(millis) 155 } 156 } 157 158 class TemporaryAndRenewableTrustAgent : BaseTrustAgentService() 159