Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2019 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.server.biometrics; |
| 18 | |
| 19 | import static android.hardware.biometrics.BiometricManager.Authenticators; |
| 20 | |
| 21 | import static junit.framework.Assert.assertEquals; |
| 22 | import static junit.framework.Assert.assertFalse; |
| 23 | import static junit.framework.Assert.assertTrue; |
| 24 | |
| 25 | import static org.junit.Assert.assertNull; |
| 26 | |
| 27 | import android.hardware.biometrics.BiometricConstants; |
| 28 | import android.hardware.biometrics.BiometricManager; |
| 29 | import android.hardware.biometrics.BiometricPrompt; |
| 30 | import android.os.Bundle; |
| 31 | |
| 32 | import androidx.test.filters.SmallTest; |
| 33 | |
| 34 | import org.junit.Test; |
| 35 | |
| 36 | @SmallTest |
| 37 | public class UtilsTest { |
| 38 | |
| 39 | @Test |
| 40 | public void testCombineAuthenticatorBundles_withKeyDeviceCredential_andKeyAuthenticators() { |
| 41 | final boolean allowDeviceCredential = false; |
| 42 | final @Authenticators.Types int authenticators = |
| 43 | Authenticators.DEVICE_CREDENTIAL | Authenticators.BIOMETRIC_WEAK; |
| 44 | final Bundle bundle = new Bundle(); |
| 45 | |
| 46 | bundle.putBoolean(BiometricPrompt.KEY_ALLOW_DEVICE_CREDENTIAL, allowDeviceCredential); |
| 47 | bundle.putInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED, authenticators); |
| 48 | Utils.combineAuthenticatorBundles(bundle); |
| 49 | |
| 50 | assertNull(bundle.get(BiometricPrompt.KEY_ALLOW_DEVICE_CREDENTIAL)); |
| 51 | assertEquals(bundle.getInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED), authenticators); |
| 52 | } |
| 53 | |
| 54 | @Test |
| 55 | public void testCombineAuthenticatorBundles_withNoKeyDeviceCredential_andKeyAuthenticators() { |
| 56 | final @Authenticators.Types int authenticators = |
| 57 | Authenticators.DEVICE_CREDENTIAL | Authenticators.BIOMETRIC_WEAK; |
| 58 | final Bundle bundle = new Bundle(); |
| 59 | |
| 60 | bundle.putInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED, authenticators); |
| 61 | Utils.combineAuthenticatorBundles(bundle); |
| 62 | |
| 63 | assertNull(bundle.get(BiometricPrompt.KEY_ALLOW_DEVICE_CREDENTIAL)); |
| 64 | assertEquals(bundle.getInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED), authenticators); |
| 65 | } |
| 66 | |
| 67 | @Test |
| 68 | public void testCombineAuthenticatorBundles_withKeyDeviceCredential_andNoKeyAuthenticators() { |
| 69 | final boolean allowDeviceCredential = true; |
| 70 | final Bundle bundle = new Bundle(); |
| 71 | |
| 72 | bundle.putBoolean(BiometricPrompt.KEY_ALLOW_DEVICE_CREDENTIAL, allowDeviceCredential); |
| 73 | Utils.combineAuthenticatorBundles(bundle); |
| 74 | |
| 75 | assertNull(bundle.get(BiometricPrompt.KEY_ALLOW_DEVICE_CREDENTIAL)); |
| 76 | assertEquals(bundle.getInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED), |
| 77 | Authenticators.DEVICE_CREDENTIAL | Authenticators.BIOMETRIC_WEAK); |
| 78 | } |
| 79 | |
| 80 | @Test |
| 81 | public void testCombineAuthenticatorBundles_withNoKeyDeviceCredential_andNoKeyAuthenticators() { |
| 82 | final Bundle bundle = new Bundle(); |
| 83 | |
| 84 | Utils.combineAuthenticatorBundles(bundle); |
| 85 | |
| 86 | assertNull(bundle.get(BiometricPrompt.KEY_ALLOW_DEVICE_CREDENTIAL)); |
| 87 | assertEquals(bundle.getInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED), |
| 88 | Authenticators.BIOMETRIC_WEAK); |
| 89 | } |
| 90 | |
| 91 | @Test |
| 92 | public void testIsDeviceCredentialAllowed_withIntegerFlags() { |
| 93 | int authenticators = 0; |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 94 | assertFalse(Utils.isCredentialRequested(authenticators)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 95 | |
| 96 | authenticators |= Authenticators.DEVICE_CREDENTIAL; |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 97 | assertTrue(Utils.isCredentialRequested(authenticators)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 98 | |
| 99 | authenticators |= Authenticators.BIOMETRIC_WEAK; |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 100 | assertTrue(Utils.isCredentialRequested(authenticators)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 101 | } |
| 102 | |
| 103 | @Test |
| 104 | public void testIsDeviceCredentialAllowed_withBundle() { |
| 105 | Bundle bundle = new Bundle(); |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 106 | assertFalse(Utils.isCredentialRequested(bundle)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 107 | |
| 108 | int authenticators = 0; |
| 109 | bundle.putInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED, authenticators); |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 110 | assertFalse(Utils.isCredentialRequested(bundle)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 111 | |
| 112 | authenticators |= Authenticators.DEVICE_CREDENTIAL; |
| 113 | bundle.putInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED, authenticators); |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 114 | assertTrue(Utils.isCredentialRequested(bundle)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 115 | |
| 116 | authenticators |= Authenticators.BIOMETRIC_WEAK; |
| 117 | bundle.putInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED, authenticators); |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 118 | assertTrue(Utils.isCredentialRequested(bundle)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 119 | } |
| 120 | |
| 121 | @Test |
| 122 | public void testGetBiometricStrength_removeUnrelatedBits() { |
| 123 | // BIOMETRIC_MIN_STRENGTH uses all of the allowed bits for biometric strength, so any other |
| 124 | // bits aside from these should be clipped off. |
| 125 | |
| 126 | int authenticators = Integer.MAX_VALUE; |
| 127 | assertEquals(Authenticators.BIOMETRIC_WEAK, |
Kevin Chyn | d04b43d | 2019-12-13 12:56:41 -0800 | [diff] [blame] | 128 | Utils.getPublicBiometricStrength(authenticators)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 129 | |
| 130 | Bundle bundle = new Bundle(); |
| 131 | bundle.putInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED, authenticators); |
Kevin Chyn | d04b43d | 2019-12-13 12:56:41 -0800 | [diff] [blame] | 132 | assertEquals(Authenticators.BIOMETRIC_WEAK, Utils.getPublicBiometricStrength(bundle)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 133 | } |
| 134 | |
| 135 | @Test |
| 136 | public void testIsBiometricAllowed() { |
| 137 | // Only the lowest 8 bits (BIOMETRIC_WEAK mask) are allowed to integrate with the |
| 138 | // Biometric APIs |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 139 | Bundle bundle = new Bundle(); |
| 140 | for (int i = 0; i <= 7; i++) { |
| 141 | int authenticators = 1 << i; |
| 142 | bundle.putInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED, authenticators); |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 143 | assertTrue(Utils.isBiometricRequested(bundle)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 144 | } |
| 145 | |
Kevin Chyn | d04b43d | 2019-12-13 12:56:41 -0800 | [diff] [blame] | 146 | // The rest of the bits are not allowed to integrate with the public APIs |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 147 | for (int i = 8; i < 32; i++) { |
| 148 | int authenticators = 1 << i; |
| 149 | bundle.putInt(BiometricPrompt.KEY_AUTHENTICATORS_ALLOWED, authenticators); |
Kevin Chyn | 98e9225 | 2020-02-06 16:28:33 -0800 | [diff] [blame] | 150 | assertFalse(Utils.isBiometricRequested(bundle)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 151 | } |
| 152 | } |
| 153 | |
| 154 | @Test |
Kevin Chyn | d04b43d | 2019-12-13 12:56:41 -0800 | [diff] [blame] | 155 | public void testIsValidAuthenticatorConfig() { |
| 156 | assertTrue(Utils.isValidAuthenticatorConfig(Authenticators.EMPTY_SET)); |
| 157 | |
| 158 | assertTrue(Utils.isValidAuthenticatorConfig(Authenticators.BIOMETRIC_STRONG)); |
| 159 | |
| 160 | assertTrue(Utils.isValidAuthenticatorConfig(Authenticators.BIOMETRIC_WEAK)); |
| 161 | |
| 162 | assertTrue(Utils.isValidAuthenticatorConfig(Authenticators.DEVICE_CREDENTIAL)); |
| 163 | |
| 164 | assertTrue(Utils.isValidAuthenticatorConfig(Authenticators.DEVICE_CREDENTIAL |
| 165 | | Authenticators.BIOMETRIC_STRONG)); |
| 166 | |
| 167 | assertTrue(Utils.isValidAuthenticatorConfig(Authenticators.DEVICE_CREDENTIAL |
| 168 | | Authenticators.BIOMETRIC_WEAK)); |
| 169 | |
| 170 | assertFalse(Utils.isValidAuthenticatorConfig(Authenticators.BIOMETRIC_CONVENIENCE)); |
| 171 | |
| 172 | assertFalse(Utils.isValidAuthenticatorConfig(Authenticators.BIOMETRIC_CONVENIENCE |
| 173 | | Authenticators.DEVICE_CREDENTIAL)); |
| 174 | |
| 175 | assertFalse(Utils.isValidAuthenticatorConfig(Authenticators.BIOMETRIC_MAX_STRENGTH)); |
| 176 | |
| 177 | assertFalse(Utils.isValidAuthenticatorConfig(Authenticators.BIOMETRIC_MIN_STRENGTH)); |
| 178 | |
| 179 | // The rest of the bits are not allowed to integrate with the public APIs |
| 180 | for (int i = 8; i < 32; i++) { |
| 181 | final int authenticator = 1 << i; |
| 182 | if (authenticator == Authenticators.DEVICE_CREDENTIAL) { |
| 183 | continue; |
| 184 | } |
| 185 | assertFalse(Utils.isValidAuthenticatorConfig(1 << i)); |
| 186 | } |
| 187 | } |
| 188 | |
| 189 | @Test |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 190 | public void testIsAtLeastStrength() { |
| 191 | int sensorStrength = Authenticators.BIOMETRIC_STRONG; |
| 192 | int requestedStrength = Authenticators.BIOMETRIC_WEAK; |
| 193 | assertTrue(Utils.isAtLeastStrength(sensorStrength, requestedStrength)); |
| 194 | |
| 195 | requestedStrength = Authenticators.BIOMETRIC_STRONG; |
| 196 | assertTrue(Utils.isAtLeastStrength(sensorStrength, requestedStrength)); |
| 197 | |
| 198 | sensorStrength = Authenticators.BIOMETRIC_WEAK; |
| 199 | requestedStrength = Authenticators.BIOMETRIC_STRONG; |
| 200 | assertFalse(Utils.isAtLeastStrength(sensorStrength, requestedStrength)); |
| 201 | |
| 202 | requestedStrength = Authenticators.BIOMETRIC_WEAK; |
| 203 | assertTrue(Utils.isAtLeastStrength(sensorStrength, requestedStrength)); |
Kevin Chyn | 7d07c89 | 2020-02-18 18:18:17 -0800 | [diff] [blame^] | 204 | |
| 205 | |
| 206 | // Test invalid inputs |
| 207 | |
| 208 | sensorStrength = Authenticators.BIOMETRIC_STRONG; |
| 209 | requestedStrength = Authenticators.DEVICE_CREDENTIAL; |
| 210 | assertFalse(Utils.isAtLeastStrength(sensorStrength, requestedStrength)); |
| 211 | |
| 212 | requestedStrength = 1 << 2; |
| 213 | assertFalse(Utils.isAtLeastStrength(sensorStrength, requestedStrength)); |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 214 | } |
| 215 | |
| 216 | @Test |
| 217 | public void testBiometricConstantsConversion() { |
| 218 | final int[][] testCases = { |
| 219 | {BiometricConstants.BIOMETRIC_SUCCESS, |
| 220 | BiometricManager.BIOMETRIC_SUCCESS}, |
| 221 | {BiometricConstants.BIOMETRIC_ERROR_NO_BIOMETRICS, |
| 222 | BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED}, |
| 223 | {BiometricConstants.BIOMETRIC_ERROR_NO_DEVICE_CREDENTIAL, |
| 224 | BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED}, |
| 225 | {BiometricConstants.BIOMETRIC_ERROR_HW_UNAVAILABLE, |
| 226 | BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE}, |
| 227 | {BiometricConstants.BIOMETRIC_ERROR_HW_NOT_PRESENT, |
| 228 | BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE} |
| 229 | }; |
| 230 | |
| 231 | for (int i = 0; i < testCases.length; i++) { |
| 232 | assertEquals(testCases[i][1], |
| 233 | Utils.biometricConstantsToBiometricManager(testCases[i][0])); |
| 234 | } |
| 235 | } |
Curtis Belmonte | 6601bc3 | 2020-01-09 17:46:31 -0800 | [diff] [blame] | 236 | |
| 237 | @Test |
| 238 | public void testGetAuthenticationTypeForResult_getsCorrectType() { |
| 239 | assertEquals(Utils.getAuthenticationTypeForResult( |
| 240 | BiometricPrompt.DISMISSED_REASON_CREDENTIAL_CONFIRMED), |
| 241 | BiometricPrompt.AUTHENTICATION_RESULT_TYPE_DEVICE_CREDENTIAL); |
| 242 | assertEquals(Utils.getAuthenticationTypeForResult( |
| 243 | BiometricPrompt.DISMISSED_REASON_BIOMETRIC_CONFIRMED), |
| 244 | BiometricPrompt.AUTHENTICATION_RESULT_TYPE_BIOMETRIC); |
| 245 | assertEquals(Utils.getAuthenticationTypeForResult( |
| 246 | BiometricPrompt.DISMISSED_REASON_BIOMETRIC_CONFIRM_NOT_REQUIRED), |
| 247 | BiometricPrompt.AUTHENTICATION_RESULT_TYPE_BIOMETRIC); |
| 248 | } |
| 249 | |
| 250 | @Test(expected = IllegalArgumentException.class) |
| 251 | public void testGetAuthResultType_throwsForInvalidReason() { |
| 252 | Utils.getAuthenticationTypeForResult(BiometricPrompt.DISMISSED_REASON_NEGATIVE); |
| 253 | } |
Ilya Matyukhin | 30f1dd8 | 2019-11-18 18:08:56 -0800 | [diff] [blame] | 254 | } |