From f4815cfe53bd654e15703b2771aaae2a57dfd24d Mon Sep 17 00:00:00 2001 From: David Zeuthen Date: Fri, 27 Oct 2023 11:15:22 -0400 Subject: [PATCH] Fix identity-android unit tests. (#396) These tests haven't compiled for a while. Fix this. Test: Verify identity and identity-android unit tests pass. --- .../android/legacy/DynamicAuthTest.java | 27 ++++++++++--------- .../legacy/MultiDocumentPresentationTest.java | 3 ++- .../android/legacy/ProvisioningTest.java | 5 ++-- .../DeviceRetrievalHelperTest.java | 9 ++++--- .../DeviceResponseGeneratorOnAndroidTest.java | 3 ++- 5 files changed, 26 insertions(+), 21 deletions(-) diff --git a/identity-android/src/androidTest/java/com/android/identity/android/legacy/DynamicAuthTest.java b/identity-android/src/androidTest/java/com/android/identity/android/legacy/DynamicAuthTest.java index 0ad9d6041..ef2bd536a 100644 --- a/identity-android/src/androidTest/java/com/android/identity/android/legacy/DynamicAuthTest.java +++ b/identity-android/src/androidTest/java/com/android/identity/android/legacy/DynamicAuthTest.java @@ -32,6 +32,7 @@ import androidx.test.filters.LargeTest; import com.android.identity.internal.Util; +import com.android.identity.securearea.SecureArea; import com.android.identity.util.Constants; import org.junit.Test; @@ -200,7 +201,7 @@ public void dynamicAuthTest() throws Exception { + "}", pretty); - KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); credential = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); @@ -647,7 +648,7 @@ public void dynamicAuthWithExpirationTest() throws Exception { IdentityCredential tc = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); KeyPair ekp = tc.createEphemeralKeyPair(); - KeyPair rekp = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair rekp = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); tc.setReaderEphemeralPublicKey(rekp.getPublic()); tc.setSessionTranscript(Util.buildSessionTranscript(ekp)); Map> etr = new LinkedHashMap<>(); @@ -676,7 +677,7 @@ public void dynamicAuthWithExpirationTest() throws Exception { IdentityCredential tc = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); KeyPair ekp = tc.createEphemeralKeyPair(); - KeyPair rekp = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair rekp = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); tc.setReaderEphemeralPublicKey(rekp.getPublic()); tc.setSessionTranscript(Util.buildSessionTranscript(ekp)); Map> etr = new LinkedHashMap<>(); @@ -704,7 +705,7 @@ public void dynamicAuthWithExpirationTest() throws Exception { IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); tc.setAllowUsingExpiredKeys(true); // <-- this is the call that makes the difference! KeyPair ekp = tc.createEphemeralKeyPair(); - KeyPair rekp = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair rekp = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); tc.setReaderEphemeralPublicKey(rekp.getPublic()); tc.setSessionTranscript(Util.buildSessionTranscript(ekp)); Map> etr = new LinkedHashMap<>(); @@ -776,7 +777,7 @@ public void dynamicAuthMinValidTimeTest() throws Exception { IdentityCredential tc = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); KeyPair ekp = tc.createEphemeralKeyPair(); - KeyPair rekp = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair rekp = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); tc.setReaderEphemeralPublicKey(rekp.getPublic()); tc.setSessionTranscript(Util.buildSessionTranscript(ekp)); Map> etr = new LinkedHashMap<>(); @@ -808,7 +809,7 @@ public void dynamicAuthMinValidTimeTest() throws Exception { IdentityCredential tc = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); KeyPair ekp = tc.createEphemeralKeyPair(); - KeyPair rekp = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair rekp = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); tc.setReaderEphemeralPublicKey(rekp.getPublic()); tc.setSessionTranscript(Util.buildSessionTranscript(ekp)); Map> etr = new LinkedHashMap<>(); @@ -857,7 +858,7 @@ public void dynamicAuthMinValidTimeTest() throws Exception { IdentityCredential tc = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); KeyPair ekp = tc.createEphemeralKeyPair(); - KeyPair rekp = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair rekp = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); tc.setReaderEphemeralPublicKey(rekp.getPublic()); tc.setSessionTranscript(Util.buildSessionTranscript(ekp)); Map> etr = new LinkedHashMap<>(); @@ -888,7 +889,7 @@ public void dynamicAuthMinValidTimeTest() throws Exception { IdentityCredential tc = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); KeyPair ekp = tc.createEphemeralKeyPair(); - KeyPair rekp = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair rekp = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); tc.setReaderEphemeralPublicKey(rekp.getPublic()); tc.setSessionTranscript(Util.buildSessionTranscript(ekp)); Map> etr = new LinkedHashMap<>(); @@ -916,7 +917,7 @@ public void dynamicAuthMinValidTimeTest() throws Exception { IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); tc.setAllowUsingExpiredKeys(true); // <-- this is the call that makes the difference! KeyPair ekp = tc.createEphemeralKeyPair(); - KeyPair rekp = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair rekp = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); tc.setReaderEphemeralPublicKey(rekp.getPublic()); tc.setSessionTranscript(Util.buildSessionTranscript(ekp)); Map> etr = new LinkedHashMap<>(); @@ -1040,7 +1041,7 @@ public void dynamicAuthMultipleGetEntries() throws Exception { Map> entriesToRequest = new LinkedHashMap<>(); entriesToRequest.put("org.iso.18013-5.2019", Arrays.asList("First name", "Last name")); KeyPair ephemeralKeyPair = credential.createEphemeralKeyPair(); - KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); byte[] sessionTranscript = Util.buildSessionTranscript(ephemeralKeyPair); credential.setReaderEphemeralPublicKey(readerEphemeralKeyPair.getPublic()); credential.setSessionTranscript(sessionTranscript); @@ -1101,7 +1102,7 @@ public void dynamicAuthNoUsageCountIncrement() throws Exception { Map> entriesToRequest = new LinkedHashMap<>(); entriesToRequest.put("org.iso.18013-5.2019", Arrays.asList("First name", "Last name")); KeyPair ephemeralKeyPair = credential.createEphemeralKeyPair(); - KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); byte[] sessionTranscript = Util.buildSessionTranscript(ephemeralKeyPair); credential.setReaderEphemeralPublicKey(readerEphemeralKeyPair.getPublic()); credential.setSessionTranscript(sessionTranscript); @@ -1124,7 +1125,7 @@ public void dynamicAuthNoUsageCountIncrement() throws Exception { credential = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); ephemeralKeyPair = credential.createEphemeralKeyPair(); - readerEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + readerEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); sessionTranscript = Util.buildSessionTranscript(ephemeralKeyPair); credential.setReaderEphemeralPublicKey(readerEphemeralKeyPair.getPublic()); credential.setSessionTranscript(sessionTranscript); @@ -1145,7 +1146,7 @@ public void dynamicAuthNoUsageCountIncrement() throws Exception { credential = store.getCredentialByName(credentialName, IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); ephemeralKeyPair = credential.createEphemeralKeyPair(); - readerEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + readerEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); sessionTranscript = Util.buildSessionTranscript(ephemeralKeyPair); credential.setReaderEphemeralPublicKey(readerEphemeralKeyPair.getPublic()); credential.setSessionTranscript(sessionTranscript); diff --git a/identity-android/src/androidTest/java/com/android/identity/android/legacy/MultiDocumentPresentationTest.java b/identity-android/src/androidTest/java/com/android/identity/android/legacy/MultiDocumentPresentationTest.java index 91f6c587a..53000daa6 100644 --- a/identity-android/src/androidTest/java/com/android/identity/android/legacy/MultiDocumentPresentationTest.java +++ b/identity-android/src/androidTest/java/com/android/identity/android/legacy/MultiDocumentPresentationTest.java @@ -25,6 +25,7 @@ import android.content.Context; import com.android.identity.internal.Util; +import com.android.identity.securearea.SecureArea; import com.android.identity.util.Constants; import org.junit.Test; @@ -207,7 +208,7 @@ public void multipleDocuments() throws Exception { IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256); KeyPair ephemeralKeyPair = session.getEphemeralKeyPair(); - KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); session.setReaderEphemeralPublicKey(readerEphemeralKeyPair.getPublic()); byte[] sessionTranscript = Util.buildSessionTranscript(ephemeralKeyPair); session.setSessionTranscript(sessionTranscript); diff --git a/identity-android/src/androidTest/java/com/android/identity/android/legacy/ProvisioningTest.java b/identity-android/src/androidTest/java/com/android/identity/android/legacy/ProvisioningTest.java index b4bbde11c..4128bc7c3 100644 --- a/identity-android/src/androidTest/java/com/android/identity/android/legacy/ProvisioningTest.java +++ b/identity-android/src/androidTest/java/com/android/identity/android/legacy/ProvisioningTest.java @@ -42,6 +42,7 @@ import com.android.identity.android.legacy.Utility; import com.android.identity.android.legacy.WritableIdentityCredential; import com.android.identity.internal.Util; +import com.android.identity.securearea.SecureArea; import com.android.identity.util.Constants; import org.junit.Test; @@ -601,7 +602,7 @@ public void testProvisionAndRetrieveMultipleTimes() throws IdentityCredentialExc } KeyPair ephemeralKeyPair = credential.createEphemeralKeyPair(); - KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); credential.setReaderEphemeralPublicKey(readerEphemeralKeyPair.getPublic()); byte[] sessionTranscript = Util.buildSessionTranscript(ephemeralKeyPair); @@ -621,7 +622,7 @@ public void testProvisionAndRetrieveMultipleTimes() throws IdentityCredentialExc // Now try with a different (but still valid) sessionTranscript - this should fail with // a RuntimeException - KeyPair otherEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair otherEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); byte[] otherSessionTranscript = Util.buildSessionTranscript(otherEphemeralKeyPair); try { credential.setSessionTranscript(otherSessionTranscript); diff --git a/identity-android/src/androidTest/java/com/android/identity/android/mdoc/deviceretrieval/DeviceRetrievalHelperTest.java b/identity-android/src/androidTest/java/com/android/identity/android/mdoc/deviceretrieval/DeviceRetrievalHelperTest.java index b29c21266..6dd627d1e 100644 --- a/identity-android/src/androidTest/java/com/android/identity/android/mdoc/deviceretrieval/DeviceRetrievalHelperTest.java +++ b/identity-android/src/androidTest/java/com/android/identity/android/mdoc/deviceretrieval/DeviceRetrievalHelperTest.java @@ -50,6 +50,7 @@ import com.android.identity.mdoc.response.DeviceResponseGenerator; import com.android.identity.mdoc.response.DeviceResponseParser; import com.android.identity.mdoc.sessionencryption.SessionEncryption; +import com.android.identity.securearea.SecureArea; import com.android.identity.util.Constants; import com.android.identity.internal.Util; import com.android.identity.util.Logger; @@ -221,7 +222,7 @@ public void onError(@NonNull Throwable error) { byte[] encodedDeviceEngagement = qrHelper.getDeviceEngagement(); DataItem handover = SimpleValue.NULL; - KeyPair eReaderKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair eReaderKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); byte[] encodedEReaderKeyPub = Util.cborEncode(Util.cborBuildCoseKey(eReaderKeyPair.getPublic())); byte[] encodedSessionTranscript = Util.cborEncode(new CborBuilder() .addArray() @@ -502,7 +503,7 @@ public void onError(@NonNull Throwable error) { byte[] encodedDeviceEngagement = qrHelper.getDeviceEngagement(); DataItem handover = SimpleValue.NULL; - KeyPair eReaderKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair eReaderKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); byte[] encodedEReaderKeyPub = Util.cborEncode(Util.cborBuildCoseKey(eReaderKeyPair.getPublic())); byte[] encodedSessionTranscript = Util.cborEncode(new CborBuilder() .addArray() @@ -679,7 +680,7 @@ public void onError(@NonNull Throwable error) { byte[] encodedDeviceEngagement = qrHelper.getDeviceEngagement(); DataItem handover = SimpleValue.NULL; - KeyPair eReaderKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair eReaderKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); byte[] encodedEReaderKeyPub = Util.cborEncode(Util.cborBuildCoseKey(eReaderKeyPair.getPublic())); byte[] encodedSessionTranscript = Util.cborEncode(new CborBuilder() .addArray() @@ -860,7 +861,7 @@ public void onError(@NonNull Throwable error) { byte[] encodedDeviceEngagement = qrHelper.getDeviceEngagement(); byte[] encodedHandover = Util.cborEncode(SimpleValue.NULL); - KeyPair eReaderKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair eReaderKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); byte[] encodedEReaderKeyPub = Util.cborEncode(Util.cborBuildCoseKey(eReaderKeyPair.getPublic())); byte[] encodedSessionTranscript = Util.cborEncode(new CborBuilder() .addArray() diff --git a/identity-android/src/androidTest/java/com/android/identity/mdoc/response/DeviceResponseGeneratorOnAndroidTest.java b/identity-android/src/androidTest/java/com/android/identity/mdoc/response/DeviceResponseGeneratorOnAndroidTest.java index 647132257..d2a2e3ac7 100644 --- a/identity-android/src/androidTest/java/com/android/identity/mdoc/response/DeviceResponseGeneratorOnAndroidTest.java +++ b/identity-android/src/androidTest/java/com/android/identity/mdoc/response/DeviceResponseGeneratorOnAndroidTest.java @@ -34,6 +34,7 @@ import com.android.identity.android.legacy.Utility; import com.android.identity.android.legacy.WritableIdentityCredential; import com.android.identity.mdoc.mso.StaticAuthDataParser; +import com.android.identity.securearea.SecureArea; import com.android.identity.util.CborUtil; import com.android.identity.util.Constants; import com.android.identity.internal.Util; @@ -244,7 +245,7 @@ public void testDeviceResponseGenerator() throws Exception { Arrays.asList("given_name", "family_name", "some_number", "raw_cbor_1", "raw_cbor_2")); issuerSignedEntriesToRequest.put(AAMVA_NAMESPACE, Collections.singletonList("real_id")); - KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(Constants.EC_CURVE_P256); + KeyPair readerEphemeralKeyPair = Util.createEphemeralKeyPair(SecureArea.EC_CURVE_P256); PresentationSession session = store.createPresentationSession( IdentityCredentialStore.CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256);