Verify creation and deletion of IpSecTransform pair
- Verify that inbound and outbound IpSecTransforms
are created when a Child Session is created
- Verify that when Child Session is deleted,
the IpSecTransform pair is deleted
Bug: 148689509
Test: atest CtsIkeTestCases
Change-Id: If142b3fb2ac791322921beeab1bc8d43db255317
diff --git a/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionPskTest.java b/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionPskTest.java
index fb93398..ca7ee1f 100644
--- a/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionPskTest.java
+++ b/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionPskTest.java
@@ -165,8 +165,11 @@
assertTrue(firstChildConfig.getInternalDnsServers().isEmpty());
assertTrue(firstChildConfig.getInternalDhcpServers().isEmpty());
- assertNotNull(mFirstChildSessionCallback.awaitNextCreatedIpSecTransform());
- assertNotNull(mFirstChildSessionCallback.awaitNextCreatedIpSecTransform());
+ IpSecTransformCallRecord firstTransformRecordA =
+ mFirstChildSessionCallback.awaitNextCreatedIpSecTransform();
+ IpSecTransformCallRecord firstTransformRecordB =
+ mFirstChildSessionCallback.awaitNextCreatedIpSecTransform();
+ verifyCreateIpSecTransformPair(firstTransformRecordA, firstTransformRecordB);
// Open additional Child Session
TestChildSessionCallback additionalChildCb = new TestChildSessionCallback();
@@ -188,8 +191,11 @@
assertTrue(additionalChildConfig.getInternalDnsServers().isEmpty());
assertTrue(additionalChildConfig.getInternalDhcpServers().isEmpty());
- assertNotNull(additionalChildCb.awaitNextCreatedIpSecTransform());
- assertNotNull(additionalChildCb.awaitNextCreatedIpSecTransform());
+ IpSecTransformCallRecord additionalTransformRecordA =
+ additionalChildCb.awaitNextCreatedIpSecTransform();
+ IpSecTransformCallRecord additionalTransformRecordB =
+ additionalChildCb.awaitNextCreatedIpSecTransform();
+ verifyCreateIpSecTransformPair(additionalTransformRecordA, additionalTransformRecordB);
// Close additional Child Session
ikeSession.closeChildSession(additionalChildCb);
@@ -199,8 +205,8 @@
true /* expectedUseEncap */,
hexStringToByteArray(SUCCESS_DELETE_CHILD_RESP));
- assertNotNull(additionalChildCb.awaitNextDeletedIpSecTransform());
- assertNotNull(additionalChildCb.awaitNextDeletedIpSecTransform());
+ verifyDeleteIpSecTransformPair(
+ additionalChildCb, additionalTransformRecordA, additionalTransformRecordB);
additionalChildCb.awaitOnClosed();
// Close IKE Session
@@ -211,12 +217,10 @@
true /* expectedUseEncap */,
hexStringToByteArray(SUCCESS_DELETE_IKE_RESP));
- assertNotNull(mFirstChildSessionCallback.awaitNextDeletedIpSecTransform());
- assertNotNull(mFirstChildSessionCallback.awaitNextDeletedIpSecTransform());
+ verifyDeleteIpSecTransformPair(
+ mFirstChildSessionCallback, firstTransformRecordA, firstTransformRecordB);
mFirstChildSessionCallback.awaitOnClosed();
mIkeSessionCallback.awaitOnClosed();
-
- // TODO: verify created and deleted IpSecTransform pair and their directions
}
@Test
@@ -245,7 +249,7 @@
@Test
public void testIkeInitFail() throws Exception {
- String ikeInitFailRespHex =
+ final String ikeInitFailRespHex =
"46B8ECA1E0D72A180000000000000000292022200000000000000024000000080000000E";
// Open IKE Session
diff --git a/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionTestBase.java b/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionTestBase.java
index 279d088..e49f75f 100644
--- a/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionTestBase.java
+++ b/tests/cts/net/ipsec/src/android/net/ipsec/ike/cts/IkeSessionTestBase.java
@@ -17,12 +17,16 @@
import static android.app.AppOpsManager.OP_MANAGE_IPSEC_TUNNELS;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
import android.annotation.NonNull;
import android.app.AppOpsManager;
import android.content.Context;
import android.content.pm.PackageManager;
import android.net.ConnectivityManager;
import android.net.InetAddresses;
+import android.net.IpSecManager;
import android.net.IpSecTransform;
import android.net.LinkAddress;
import android.net.Network;
@@ -55,6 +59,9 @@
import java.net.Inet4Address;
import java.net.InetAddress;
+import java.util.HashSet;
+import java.util.Objects;
+import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.Executor;
import java.util.concurrent.Executors;
@@ -370,6 +377,53 @@
this.ipSecTransform = ipSecTransform;
this.direction = direction;
}
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(ipSecTransform, direction);
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (!(o instanceof IpSecTransformCallRecord)) return false;
+
+ IpSecTransformCallRecord record = (IpSecTransformCallRecord) o;
+ return ipSecTransform.equals(record.ipSecTransform) && direction == record.direction;
+ }
+ }
+
+ static void verifyCreateIpSecTransformPair(
+ IpSecTransformCallRecord transformRecordA, IpSecTransformCallRecord transformRecordB) {
+ IpSecTransform transformA = transformRecordA.ipSecTransform;
+ IpSecTransform transformB = transformRecordB.ipSecTransform;
+
+ assertNotNull(transformA);
+ assertNotNull(transformB);
+
+ Set<Integer> expectedDirections = new HashSet<>();
+ expectedDirections.add(IpSecManager.DIRECTION_IN);
+ expectedDirections.add(IpSecManager.DIRECTION_OUT);
+
+ Set<Integer> resultDirections = new HashSet<>();
+ resultDirections.add(transformRecordA.direction);
+ resultDirections.add(transformRecordB.direction);
+
+ assertEquals(expectedDirections, resultDirections);
+ }
+
+ static void verifyDeleteIpSecTransformPair(
+ TestChildSessionCallback childCb,
+ IpSecTransformCallRecord expectedTransformRecordA,
+ IpSecTransformCallRecord expectedTransformRecordB) {
+ Set<IpSecTransformCallRecord> expectedTransforms = new HashSet<>();
+ expectedTransforms.add(expectedTransformRecordA);
+ expectedTransforms.add(expectedTransformRecordB);
+
+ Set<IpSecTransformCallRecord> resultTransforms = new HashSet<>();
+ resultTransforms.add(childCb.awaitNextDeletedIpSecTransform());
+ resultTransforms.add(childCb.awaitNextDeletedIpSecTransform());
+
+ assertEquals(expectedTransforms, resultTransforms);
}
/** Package private method to check if device has IPsec tunnels feature */