Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License |
| 15 | */ |
| 16 | |
Andrew Scull | 507d11c | 2017-05-03 17:19:01 +0100 | [diff] [blame] | 17 | package com.android.server.locksettings; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 18 | |
| 19 | import static org.mockito.Matchers.any; |
Rubin Xu | 7b7424b | 2017-03-31 18:03:20 +0100 | [diff] [blame] | 20 | import static org.mockito.Matchers.anyBoolean; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 21 | import static org.mockito.Matchers.anyInt; |
| 22 | import static org.mockito.Matchers.eq; |
Rubin Xu | b31be1b | 2017-06-16 17:08:21 +0100 | [diff] [blame] | 23 | import static org.mockito.Mockito.doAnswer; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 24 | import static org.mockito.Mockito.mock; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 25 | import static org.mockito.Mockito.when; |
| 26 | |
| 27 | import android.app.IActivityManager; |
Andrew Scull | f49794b | 2018-04-13 12:01:25 +0100 | [diff] [blame] | 28 | import android.app.KeyguardManager; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 29 | import android.app.NotificationManager; |
Rubin Xu | 8b30ec3 | 2017-03-05 00:47:09 +0000 | [diff] [blame] | 30 | import android.app.admin.DevicePolicyManager; |
Andrew Scull | 1416bd0 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 31 | import android.app.admin.DevicePolicyManagerInternal; |
Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame] | 32 | import android.app.trust.TrustManager; |
Rubin Xu | 8b30ec3 | 2017-03-05 00:47:09 +0000 | [diff] [blame] | 33 | import android.content.ComponentName; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 34 | import android.content.pm.UserInfo; |
Andrew Scull | e6527c1 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 35 | import android.hardware.authsecret.V1_0.IAuthSecret; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 36 | import android.os.FileUtils; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 37 | import android.os.IProgressListener; |
Rubin Xu | b31be1b | 2017-06-16 17:08:21 +0100 | [diff] [blame] | 38 | import android.os.RemoteException; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 39 | import android.os.UserManager; |
Rubin Xu | b31be1b | 2017-06-16 17:08:21 +0100 | [diff] [blame] | 40 | import android.os.storage.IStorageManager; |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 41 | import android.os.storage.StorageManager; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 42 | import android.security.KeyStore; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 43 | import android.test.AndroidTestCase; |
| 44 | |
Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame] | 45 | import com.android.internal.widget.ILockSettings; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 46 | import com.android.internal.widget.LockPatternUtils; |
Rubin Xu | fcd49f9 | 2017-08-24 18:21:52 +0100 | [diff] [blame] | 47 | import com.android.internal.widget.LockSettingsInternal; |
Andrew Scull | 1416bd0 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 48 | import com.android.server.LocalServices; |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 49 | import com.android.server.wm.WindowManagerInternal; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 50 | |
| 51 | import org.mockito.invocation.InvocationOnMock; |
| 52 | import org.mockito.stubbing.Answer; |
| 53 | |
| 54 | import java.io.File; |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 55 | import java.util.ArrayList; |
Charles He | dec0540 | 2017-04-21 13:45:34 +0100 | [diff] [blame] | 56 | import java.util.Arrays; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 57 | |
| 58 | |
| 59 | public class BaseLockSettingsServiceTests extends AndroidTestCase { |
| 60 | protected static final int PRIMARY_USER_ID = 0; |
| 61 | protected static final int MANAGED_PROFILE_USER_ID = 12; |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 62 | protected static final int TURNED_OFF_PROFILE_USER_ID = 17; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 63 | protected static final int SECONDARY_USER_ID = 20; |
| 64 | |
| 65 | private static final UserInfo PRIMARY_USER_INFO = new UserInfo(PRIMARY_USER_ID, null, null, |
| 66 | UserInfo.FLAG_INITIALIZED | UserInfo.FLAG_ADMIN | UserInfo.FLAG_PRIMARY); |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 67 | private static final UserInfo SECONDARY_USER_INFO = new UserInfo(SECONDARY_USER_ID, null, null, |
| 68 | UserInfo.FLAG_INITIALIZED); |
| 69 | |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 70 | private ArrayList<UserInfo> mPrimaryUserProfiles = new ArrayList<>(); |
| 71 | |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 72 | LockSettingsService mService; |
Rubin Xu | fcd49f9 | 2017-08-24 18:21:52 +0100 | [diff] [blame] | 73 | LockSettingsInternal mLocalService; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 74 | |
| 75 | MockLockSettingsContext mContext; |
| 76 | LockSettingsStorageTestable mStorage; |
| 77 | |
| 78 | LockPatternUtils mLockPatternUtils; |
Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame] | 79 | FakeGateKeeperService mGateKeeperService; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 80 | NotificationManager mNotificationManager; |
| 81 | UserManager mUserManager; |
Rubin Xu | b31be1b | 2017-06-16 17:08:21 +0100 | [diff] [blame] | 82 | FakeStorageManager mStorageManager; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 83 | IActivityManager mActivityManager; |
Rubin Xu | 8b30ec3 | 2017-03-05 00:47:09 +0000 | [diff] [blame] | 84 | DevicePolicyManager mDevicePolicyManager; |
Andrew Scull | 1416bd0 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 85 | DevicePolicyManagerInternal mDevicePolicyManagerInternal; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 86 | KeyStore mKeyStore; |
Rubin Xu | 7b7424b | 2017-03-31 18:03:20 +0100 | [diff] [blame] | 87 | MockSyntheticPasswordManager mSpManager; |
Andrew Scull | e6527c1 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 88 | IAuthSecret mAuthSecretService; |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 89 | WindowManagerInternal mMockWindowManager; |
David Anderson | 6ebc25b | 2019-02-12 16:25:56 -0800 | [diff] [blame] | 90 | FakeGsiService mGsiService; |
David Anderson | 28dea68 | 2019-02-20 13:37:51 -0800 | [diff] [blame] | 91 | PasswordSlotManagerTestable mPasswordSlotManager; |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 92 | protected boolean mHasSecureLockScreen; |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 93 | |
| 94 | @Override |
| 95 | protected void setUp() throws Exception { |
| 96 | super.setUp(); |
| 97 | |
Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame] | 98 | mGateKeeperService = new FakeGateKeeperService(); |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 99 | mNotificationManager = mock(NotificationManager.class); |
| 100 | mUserManager = mock(UserManager.class); |
Rubin Xu | b31be1b | 2017-06-16 17:08:21 +0100 | [diff] [blame] | 101 | mStorageManager = new FakeStorageManager(); |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 102 | mActivityManager = mock(IActivityManager.class); |
Rubin Xu | 8b30ec3 | 2017-03-05 00:47:09 +0000 | [diff] [blame] | 103 | mDevicePolicyManager = mock(DevicePolicyManager.class); |
Andrew Scull | 1416bd0 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 104 | mDevicePolicyManagerInternal = mock(DevicePolicyManagerInternal.class); |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 105 | mMockWindowManager = mock(WindowManagerInternal.class); |
David Anderson | 6ebc25b | 2019-02-12 16:25:56 -0800 | [diff] [blame] | 106 | mGsiService = new FakeGsiService(); |
David Anderson | 28dea68 | 2019-02-20 13:37:51 -0800 | [diff] [blame] | 107 | mPasswordSlotManager = new PasswordSlotManagerTestable(); |
Andrew Scull | 1416bd0 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 108 | |
Rubin Xu | fcd49f9 | 2017-08-24 18:21:52 +0100 | [diff] [blame] | 109 | LocalServices.removeServiceForTest(LockSettingsInternal.class); |
Andrew Scull | 1416bd0 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 110 | LocalServices.removeServiceForTest(DevicePolicyManagerInternal.class); |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 111 | LocalServices.removeServiceForTest(WindowManagerInternal.class); |
Andrew Scull | 1416bd0 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 112 | LocalServices.addService(DevicePolicyManagerInternal.class, mDevicePolicyManagerInternal); |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 113 | LocalServices.addService(WindowManagerInternal.class, mMockWindowManager); |
Rubin Xu | 7b7424b | 2017-03-31 18:03:20 +0100 | [diff] [blame] | 114 | |
Rubin Xu | 8b30ec3 | 2017-03-05 00:47:09 +0000 | [diff] [blame] | 115 | mContext = new MockLockSettingsContext(getContext(), mUserManager, mNotificationManager, |
Andrew Scull | f49794b | 2018-04-13 12:01:25 +0100 | [diff] [blame] | 116 | mDevicePolicyManager, mock(StorageManager.class), mock(TrustManager.class), |
| 117 | mock(KeyguardManager.class)); |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 118 | mStorage = new LockSettingsStorageTestable(mContext, |
| 119 | new File(getContext().getFilesDir(), "locksettings")); |
| 120 | File storageDir = mStorage.mStorageDir; |
| 121 | if (storageDir.exists()) { |
| 122 | FileUtils.deleteContents(storageDir); |
| 123 | } else { |
| 124 | storageDir.mkdirs(); |
| 125 | } |
| 126 | |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 127 | mHasSecureLockScreen = true; |
Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame] | 128 | mLockPatternUtils = new LockPatternUtils(mContext) { |
| 129 | @Override |
| 130 | public ILockSettings getLockSettings() { |
| 131 | return mService; |
| 132 | } |
Lenka Trochtova | 66c492a | 2018-12-06 11:29:21 +0100 | [diff] [blame] | 133 | |
| 134 | @Override |
| 135 | public boolean hasSecureLockScreen() { |
| 136 | return mHasSecureLockScreen; |
| 137 | } |
Rubin Xu | 16c823e | 2017-06-27 14:44:58 +0100 | [diff] [blame] | 138 | }; |
Adrian Roos | 2adc263 | 2017-09-05 17:01:42 +0200 | [diff] [blame] | 139 | mSpManager = new MockSyntheticPasswordManager(mContext, mStorage, mGateKeeperService, |
David Anderson | 28dea68 | 2019-02-20 13:37:51 -0800 | [diff] [blame] | 140 | mUserManager, mPasswordSlotManager); |
Andrew Scull | e6527c1 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 141 | mAuthSecretService = mock(IAuthSecret.class); |
Rubin Xu | b31be1b | 2017-06-16 17:08:21 +0100 | [diff] [blame] | 142 | mService = new LockSettingsServiceTestable(mContext, mLockPatternUtils, mStorage, |
| 143 | mGateKeeperService, mKeyStore, setUpStorageManagerMock(), mActivityManager, |
David Anderson | 6ebc25b | 2019-02-12 16:25:56 -0800 | [diff] [blame] | 144 | mSpManager, mAuthSecretService, mGsiService); |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 145 | when(mUserManager.getUserInfo(eq(PRIMARY_USER_ID))).thenReturn(PRIMARY_USER_INFO); |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 146 | mPrimaryUserProfiles.add(PRIMARY_USER_INFO); |
| 147 | installChildProfile(MANAGED_PROFILE_USER_ID); |
Charles He | dec0540 | 2017-04-21 13:45:34 +0100 | [diff] [blame] | 148 | installAndTurnOffChildProfile(TURNED_OFF_PROFILE_USER_ID); |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 149 | when(mUserManager.getProfiles(eq(PRIMARY_USER_ID))).thenReturn(mPrimaryUserProfiles); |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 150 | when(mUserManager.getUserInfo(eq(SECONDARY_USER_ID))).thenReturn(SECONDARY_USER_INFO); |
| 151 | |
Andrew Scull | e6527c1 | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 152 | final ArrayList<UserInfo> allUsers = new ArrayList<>(mPrimaryUserProfiles); |
| 153 | allUsers.add(SECONDARY_USER_INFO); |
| 154 | when(mUserManager.getUsers(anyBoolean())).thenReturn(allUsers); |
| 155 | |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 156 | when(mActivityManager.unlockUser(anyInt(), any(), any(), any())).thenAnswer( |
| 157 | new Answer<Boolean>() { |
| 158 | @Override |
| 159 | public Boolean answer(InvocationOnMock invocation) throws Throwable { |
| 160 | Object[] args = invocation.getArguments(); |
| 161 | mStorageManager.unlockUser((int)args[0], (byte[])args[2], |
| 162 | (IProgressListener) args[3]); |
| 163 | return true; |
| 164 | } |
| 165 | }); |
| 166 | |
Rubin Xu | 8b30ec3 | 2017-03-05 00:47:09 +0000 | [diff] [blame] | 167 | // Adding a fake Device Owner app which will enable escrow token support in LSS. |
| 168 | when(mDevicePolicyManager.getDeviceOwnerComponentOnAnyUser()).thenReturn( |
| 169 | new ComponentName("com.dummy.package", ".FakeDeviceOwner")); |
Rubin Xu | fcd49f9 | 2017-08-24 18:21:52 +0100 | [diff] [blame] | 170 | mLocalService = LocalServices.getService(LockSettingsInternal.class); |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 171 | } |
| 172 | |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 173 | private UserInfo installChildProfile(int profileId) { |
| 174 | final UserInfo userInfo = new UserInfo( |
| 175 | profileId, null, null, UserInfo.FLAG_INITIALIZED | UserInfo.FLAG_MANAGED_PROFILE); |
| 176 | mPrimaryUserProfiles.add(userInfo); |
| 177 | when(mUserManager.getUserInfo(eq(profileId))).thenReturn(userInfo); |
| 178 | when(mUserManager.getProfileParent(eq(profileId))).thenReturn(PRIMARY_USER_INFO); |
Charles He | dec0540 | 2017-04-21 13:45:34 +0100 | [diff] [blame] | 179 | when(mUserManager.isUserRunning(eq(profileId))).thenReturn(true); |
| 180 | when(mUserManager.isUserUnlocked(eq(profileId))).thenReturn(true); |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 181 | return userInfo; |
| 182 | } |
| 183 | |
Charles He | dec0540 | 2017-04-21 13:45:34 +0100 | [diff] [blame] | 184 | private UserInfo installAndTurnOffChildProfile(int profileId) { |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 185 | final UserInfo userInfo = installChildProfile(profileId); |
| 186 | userInfo.flags |= UserInfo.FLAG_QUIET_MODE; |
Charles He | dec0540 | 2017-04-21 13:45:34 +0100 | [diff] [blame] | 187 | when(mUserManager.isUserRunning(eq(profileId))).thenReturn(false); |
| 188 | when(mUserManager.isUserUnlocked(eq(profileId))).thenReturn(false); |
Andrew Scull | 8e87af5 | 2017-03-03 15:38:48 +0000 | [diff] [blame] | 189 | return userInfo; |
| 190 | } |
| 191 | |
Rubin Xu | b31be1b | 2017-06-16 17:08:21 +0100 | [diff] [blame] | 192 | private IStorageManager setUpStorageManagerMock() throws RemoteException { |
| 193 | final IStorageManager sm = mock(IStorageManager.class); |
| 194 | |
| 195 | doAnswer(new Answer<Void>() { |
| 196 | @Override |
| 197 | public Void answer(InvocationOnMock invocation) throws Throwable { |
| 198 | Object[] args = invocation.getArguments(); |
| 199 | mStorageManager.addUserKeyAuth((int) args[0] /* userId */, |
| 200 | (int) args[1] /* serialNumber */, |
| 201 | (byte[]) args[2] /* token */, |
| 202 | (byte[]) args[3] /* secret */); |
| 203 | return null; |
| 204 | } |
| 205 | }).when(sm).addUserKeyAuth(anyInt(), anyInt(), any(), any()); |
| 206 | |
| 207 | doAnswer( |
| 208 | new Answer<Void>() { |
| 209 | @Override |
| 210 | public Void answer(InvocationOnMock invocation) throws Throwable { |
| 211 | Object[] args = invocation.getArguments(); |
| 212 | mStorageManager.fixateNewestUserKeyAuth((int) args[0] /* userId */); |
| 213 | return null; |
| 214 | } |
| 215 | }).when(sm).fixateNewestUserKeyAuth(anyInt()); |
| 216 | return sm; |
| 217 | } |
| 218 | |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 219 | @Override |
| 220 | protected void tearDown() throws Exception { |
| 221 | super.tearDown(); |
| 222 | mStorage.closeDatabase(); |
| 223 | File db = getContext().getDatabasePath("locksettings.db"); |
| 224 | assertTrue(!db.exists() || db.delete()); |
| 225 | |
| 226 | File storageDir = mStorage.mStorageDir; |
| 227 | assertTrue(FileUtils.deleteContents(storageDir)); |
David Anderson | 28dea68 | 2019-02-20 13:37:51 -0800 | [diff] [blame] | 228 | |
| 229 | mPasswordSlotManager.cleanup(); |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 230 | } |
Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 231 | |
Andrew Scull | 7f4ff4c | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 232 | protected void assertNotEquals(long expected, long actual) { |
| 233 | assertTrue(expected != actual); |
| 234 | } |
| 235 | |
Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 236 | protected static void assertArrayEquals(byte[] expected, byte[] actual) { |
| 237 | assertTrue(Arrays.equals(expected, actual)); |
| 238 | } |
| 239 | |
Andrew Scull | 7f4ff4c | 2018-01-05 18:33:58 +0000 | [diff] [blame] | 240 | protected static void assertArrayNotEquals(byte[] expected, byte[] actual) { |
Rubin Xu | 3bf722a | 2016-12-15 16:07:38 +0000 | [diff] [blame] | 241 | assertFalse(Arrays.equals(expected, actual)); |
| 242 | } |
Rubin Xu | 0cbc19e | 2016-12-09 14:00:21 +0000 | [diff] [blame] | 243 | } |