commit cc54def719c1d91e410d69446e30ad25dcf88a53
author Bill Lin <lbill@google.com> Thu Nov 28 06:33:27 2019 -0800
committer android-build-merger <android-build-merger@google.com> Thu Nov 28 06:33:27 2019 -0800
tree f1d08f363cc20e1146509cff3a2f296cb128859f
parent fba666bf05f68c072e41beb1a7b21161fb780cf0
parent 19cb503efafe6bb899a84bdfce66da955a153111

Merge "Enhance ApexSignatureVerificationTest to be more robust" am: aee533a15a am: 1c940df46e
am: 19cb503efa

Change-Id: Idcbe428c5499a759c759660da6a452385ac29d0f

hostsidetests/appsecurity/src/android/appsecurity/cts/ApexSignatureVerificationTest.java

diff --git a/hostsidetests/appsecurity/src/android/appsecurity/cts/ApexSignatureVerificationTest.java b/hostsidetests/appsecurity/src/android/appsecurity/cts/ApexSignatureVerificationTest.java
index 535899b..2392069 100644
--- a/hostsidetests/appsecurity/src/android/appsecurity/cts/ApexSignatureVerificationTest.java
+++ b/hostsidetests/appsecurity/src/android/appsecurity/cts/ApexSignatureVerificationTest.java
@@ -26,11 +26,14 @@
 import com.android.tradefed.util.FileUtil;
 import com.android.tradefed.util.ZipUtil;
 
+import org.hamcrest.CustomTypeSafeMatcher;
+import org.hamcrest.Matcher;
 import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
+import org.junit.rules.ErrorCollector;
 import org.junit.rules.TestRule;
 import org.junit.runner.Description;
 import org.junit.runner.RunWith;
@@ -79,6 +82,9 @@
     private static List<File> mWellKnownKeyFileList = new ArrayList<>();
     private ITestDevice mDevice;
 
+    @Rule
+    public final ErrorCollector mErrorCollector = new ErrorCollector();
+
     @Before
     public void setUp() throws Exception {
         mDevice = getDevice();
@@ -125,7 +131,6 @@
 
     @Test
     public void testApexPubKeyIsNotWellKnownKey() {
-        assertThat(mWellKnownKeyFileList).isNotNull();
 
         for (Map.Entry<String, File> entry : mExtractedTestDirMap.entrySet()) {
             final File pubKeyFile = FileUtil.findFile(entry.getValue(), APEX_PUB_KEY_NAME);
@@ -135,14 +140,8 @@
 
             while (it.hasNext()) {
                 final File wellKnownKey = (File) it.next();
-
-                try {
-                    assertWithMessage("Well-known key:" + wellKnownKey.getName() + ", match apex:"
-                            + entry.getKey()).that(
-                            FileUtil.compareFileContents(pubKeyFile, wellKnownKey)).isFalse();
-                } catch (IOException e) {
-                    throw new AssertionError("compareFileContents IOException" + e);
-                }
+                verifyPubKey("must not use well known pubkey", pubKeyFile,
+                        pubkeyShouldNotEqualTo(wellKnownKey));
             }
         }
     }
@@ -260,6 +259,28 @@
                 throw new AssertionError("Copy well-known keys to tmp IOException" + e);
             }
         }
+
+        assertThat(mWellKnownKeyFileList).isNotEmpty();
+    }
+
+    private <T> void verifyPubKey(String reason, T actual, Matcher<? super T> matcher) {
+        mErrorCollector.checkThat(reason, actual, matcher);
+    }
+
+    private static Matcher<File> pubkeyShouldNotEqualTo(File wellknownKey) {
+        return new CustomTypeSafeMatcher<File>("must not match well known key ") {
+            @Override
+            protected boolean matchesSafely(File actual) {
+                boolean isMatchWellknownKey = false;
+                try {
+                    isMatchWellknownKey = FileUtil.compareFileContents(actual, wellknownKey);
+                } catch (IOException e) {
+                    e.printStackTrace();
+                }
+                // Assert fail if the keys matched
+                return !isMatchWellknownKey;
+            }
+        };
     }
 
     /**