Add test cases to verify methods in NearbyManager not work for untrusted app. Eng team now decided to expose NearbyManager to any app and methods in NearbyManager need system permission to call so not misused by untrusted app. This change add test cases to verify untrusted app will FAIL to call methods in NearbyManager, also check privileged app with sufficient permissions can call methods in NearbyManager without exception. Mark the following test as @Ignore due to the permission check for stopXXX not yet implement (b/229338477#comment24): testNearbyManagerStopScan_fromUnTrustedApp_throwsException testNearbyManagerStopBroadcast_fromUnTrustedApp_throwsException Ignore-AOSP-First: nearby_not_in_aosp_yet Test: atest NearbyIntegrationUntrustedTests Bug: 229310677 Bug: 229338477 Change-Id: Iadd8890f5351140c110a817b5b5e2efeeb52a114

commit: bbbdc6b82fa0c7622a6a05c0dad11377ea70c270 [log] [tgz]
author: Eric Lin <ericth@google.com> Fri Apr 15 07:03:18 2022 +0000
committer: Eric Lin <ericth@google.com> Wed May 04 03:50:45 2022 +0000
tree: 92613329b3d6618f2457f96da7c604f9f137c467
parent: b2db0b5119cb656ee7f4206e054e4b1c3272589f [diff]
diff --git a/nearby/tests/integration/privileged/AndroidManifest.xml b/nearby/tests/integration/privileged/AndroidManifest.xml
index 00845f1..86ec111 100644
--- a/nearby/tests/integration/privileged/AndroidManifest.xml
+++ b/nearby/tests/integration/privileged/AndroidManifest.xml

@@ -18,6 +18,10 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
           package="android.nearby.integration.privileged">
 
+    <uses-permission android:name="android.permission.BLUETOOTH_ADVERTISE" />
+    <uses-permission android:name="android.permission.BLUETOOTH_PRIVILEGED" />
+    <uses-permission android:name="android.permission.BLUETOOTH_SCAN" />
+    <uses-permission android:name="android.permission.READ_DEVICE_CONFIG" />
     <uses-permission android:name="android.permission.WRITE_SECURE_SETTINGS" />
 
     <instrumentation

diff --git a/nearby/tests/integration/privileged/src/android/nearby/integration/privileged/NearbyManagerTest.kt b/nearby/tests/integration/privileged/src/android/nearby/integration/privileged/NearbyManagerTest.kt
index 3b6337a..66bab23 100644
--- a/nearby/tests/integration/privileged/src/android/nearby/integration/privileged/NearbyManagerTest.kt
+++ b/nearby/tests/integration/privileged/src/android/nearby/integration/privileged/NearbyManagerTest.kt

@@ -17,22 +17,81 @@
 package android.nearby.integration.privileged
 
 import android.content.Context
+import android.nearby.BroadcastCallback
+import android.nearby.BroadcastRequest
+import android.nearby.NearbyDevice
 import android.nearby.NearbyManager
+import android.nearby.PresenceBroadcastRequest
+import android.nearby.PresenceCredential
+import android.nearby.PrivateCredential
+import android.nearby.ScanCallback
+import android.nearby.ScanRequest
 import androidx.test.core.app.ApplicationProvider
 import androidx.test.ext.junit.runners.AndroidJUnit4
 import com.google.common.truth.Truth.assertThat
+import org.junit.Before
 import org.junit.Test
 import org.junit.runner.RunWith
 
 @RunWith(AndroidJUnit4::class)
 class NearbyManagerTest {
+    private lateinit var appContext: Context
+
+    @Before
+    fun setUp() {
+        appContext = ApplicationProvider.getApplicationContext<Context>()
+    }
 
     /** Verify privileged app can get Nearby service. */
     @Test
     fun testContextGetNearbySystemService_fromPrivilegedApp_returnsNoneNull() {
-        val appContext = ApplicationProvider.getApplicationContext<Context>()
-        val nearbyManager = appContext.getSystemService(Context.NEARBY_SERVICE) as NearbyManager
+        assertThat(appContext.getSystemService(Context.NEARBY_SERVICE)).isNotNull()
+    }
 
-        assertThat(nearbyManager).isNotNull()
+    /** Verify privileged app can start/stop scan without exception. */
+    @Test
+    fun testNearbyManagerStartScanStopScan_fromPrivilegedApp_succeed() {
+        val nearbyManager = appContext.getSystemService(Context.NEARBY_SERVICE) as NearbyManager
+        val scanRequest = ScanRequest.Builder()
+            .setScanMode(ScanRequest.SCAN_MODE_LOW_LATENCY)
+            .setScanType(ScanRequest.SCAN_TYPE_FAST_PAIR)
+            .setBleEnabled(true)
+            .build()
+        val scanCallback = object : ScanCallback {
+            override fun onDiscovered(device: NearbyDevice) {}
+
+            override fun onUpdated(device: NearbyDevice) {}
+
+            override fun onLost(device: NearbyDevice) {}
+        }
+
+        nearbyManager.startScan(scanRequest, /* executor */ { it.run() }, scanCallback)
+        nearbyManager.stopScan(scanCallback)
+    }
+
+    /** Verify privileged app can start/stop broadcast without exception. */
+    @Test
+    fun testNearbyManagerStartBroadcastStopBroadcast_fromPrivilegedApp_succeed() {
+        val nearbyManager = appContext.getSystemService(Context.NEARBY_SERVICE) as NearbyManager
+        val salt = byteArrayOf(1, 2)
+        val secreteId = byteArrayOf(1, 2, 3, 4)
+        val metadataEncryptionKey = ByteArray(14)
+        val authenticityKey = byteArrayOf(0, 1, 1, 1)
+        val deviceName = "test_device"
+        val mediums = listOf(BroadcastRequest.MEDIUM_BLE)
+        val credential =
+            PrivateCredential.Builder(secreteId, authenticityKey, metadataEncryptionKey, deviceName)
+                .setIdentityType(PresenceCredential.IDENTITY_TYPE_PRIVATE)
+                .build()
+        val broadcastRequest: BroadcastRequest =
+            PresenceBroadcastRequest.Builder(mediums, salt, credential)
+                .addAction(123)
+                .build()
+        val broadcastCallback = BroadcastCallback { }
+
+        nearbyManager.startBroadcast(
+            broadcastRequest, /* executor */ { it.run() }, broadcastCallback
+        )
+        nearbyManager.stopBroadcast(broadcastCallback)
     }
 }

diff --git a/nearby/tests/integration/untrusted/src/android/nearby/integration/untrusted/NearbyManagerTest.kt b/nearby/tests/integration/untrusted/src/android/nearby/integration/untrusted/NearbyManagerTest.kt
index 04c5e30..3bfac6d 100644
--- a/nearby/tests/integration/untrusted/src/android/nearby/integration/untrusted/NearbyManagerTest.kt
+++ b/nearby/tests/integration/untrusted/src/android/nearby/integration/untrusted/NearbyManagerTest.kt

@@ -17,20 +17,127 @@
 package android.nearby.integration.untrusted
 
 import android.content.Context
+import android.nearby.BroadcastCallback
+import android.nearby.BroadcastRequest
+import android.nearby.NearbyDevice
 import android.nearby.NearbyManager
+import android.nearby.PresenceBroadcastRequest
+import android.nearby.PresenceCredential
+import android.nearby.PrivateCredential
+import android.nearby.ScanCallback
+import android.nearby.ScanRequest
 import androidx.test.core.app.ApplicationProvider
 import androidx.test.ext.junit.runners.AndroidJUnit4
 import com.google.common.truth.Truth.assertThat
+import org.junit.Assert.assertThrows
+import org.junit.Before
+import org.junit.Ignore
 import org.junit.Test
 import org.junit.runner.RunWith
 
 @RunWith(AndroidJUnit4::class)
 class NearbyManagerTest {
+    private lateinit var appContext: Context
+
+    @Before
+    fun setUp() {
+        appContext = ApplicationProvider.getApplicationContext<Context>()
+    }
 
     /** Verify untrusted app can get Nearby service. */
     @Test
     fun testContextGetNearbyService_fromUnTrustedApp_returnsNotNull() {
-        val appContext = ApplicationProvider.getApplicationContext<Context>()
         assertThat(appContext.getSystemService(Context.NEARBY_SERVICE)).isNotNull()
     }
+
+    /**
+     * Verify untrusted app can't start scan because it needs BLUETOOTH_PRIVILEGED
+     * permission which is not for use by third-party applications.
+     */
+    @Test
+    fun testNearbyManagerStartScan_fromUnTrustedApp_throwsException() {
+        val nearbyManager = appContext.getSystemService(Context.NEARBY_SERVICE) as NearbyManager
+        val scanRequest = ScanRequest.Builder()
+            .setScanMode(ScanRequest.SCAN_MODE_LOW_LATENCY)
+            .setScanType(ScanRequest.SCAN_TYPE_FAST_PAIR)
+            .setBleEnabled(true)
+            .build()
+        val scanCallback = object : ScanCallback {
+            override fun onDiscovered(device: NearbyDevice) {}
+
+            override fun onUpdated(device: NearbyDevice) {}
+
+            override fun onLost(device: NearbyDevice) {}
+        }
+
+        assertThrows(SecurityException::class.java) {
+            nearbyManager.startScan(scanRequest, /* executor */ { it.run() }, scanCallback)
+        }
+    }
+
+    /**
+     * Verify untrusted app can't stop scan because it needs BLUETOOTH_PRIVILEGED
+     * permission which is not for use by third-party applications.
+     */
+    @Test
+    @Ignore("Permission check for stopXXX not yet implement: b/229338477#comment24")
+    fun testNearbyManagerStopScan_fromUnTrustedApp_throwsException() {
+        val nearbyManager = appContext.getSystemService(Context.NEARBY_SERVICE) as NearbyManager
+        val scanCallback = object : ScanCallback {
+            override fun onDiscovered(device: NearbyDevice) {}
+
+            override fun onUpdated(device: NearbyDevice) {}
+
+            override fun onLost(device: NearbyDevice) {}
+        }
+
+        assertThrows(SecurityException::class.java) {
+            nearbyManager.stopScan(scanCallback)
+        }
+    }
+
+    /**
+     * Verify untrusted app can't start broadcast because it needs BLUETOOTH_PRIVILEGED
+     * permission which is not for use by third-party applications.
+     */
+    @Test
+    fun testNearbyManagerStartBroadcast_fromUnTrustedApp_throwsException() {
+        val nearbyManager = appContext.getSystemService(Context.NEARBY_SERVICE) as NearbyManager
+        val salt = byteArrayOf(1, 2)
+        val secreteId = byteArrayOf(1, 2, 3, 4)
+        val metadataEncryptionKey = ByteArray(14)
+        val authenticityKey = byteArrayOf(0, 1, 1, 1)
+        val deviceName = "test_device"
+        val mediums = listOf(BroadcastRequest.MEDIUM_BLE)
+        val credential =
+            PrivateCredential.Builder(secreteId, authenticityKey, metadataEncryptionKey, deviceName)
+                .setIdentityType(PresenceCredential.IDENTITY_TYPE_PRIVATE)
+                .build()
+        val broadcastRequest: BroadcastRequest =
+            PresenceBroadcastRequest.Builder(mediums, salt, credential)
+                .addAction(123)
+                .build()
+        val broadcastCallback = BroadcastCallback { }
+
+        assertThrows(SecurityException::class.java) {
+            nearbyManager.startBroadcast(
+                broadcastRequest, /* executor */ { it.run() }, broadcastCallback
+            )
+        }
+    }
+
+    /**
+     * Verify untrusted app can't stop broadcast because it needs BLUETOOTH_PRIVILEGED
+     * permission which is not for use by third-party applications.
+     */
+    @Test
+    @Ignore("Permission check for stopXXX not yet implement: b/229338477#comment24")
+    fun testNearbyManagerStopBroadcast_fromUnTrustedApp_throwsException() {
+        val nearbyManager = appContext.getSystemService(Context.NEARBY_SERVICE) as NearbyManager
+        val broadcastCallback = BroadcastCallback { }
+
+        assertThrows(SecurityException::class.java) {
+            nearbyManager.stopBroadcast(broadcastCallback)
+        }
+    }
 }
commit	bbbdc6b82fa0c7622a6a05c0dad11377ea70c270	[log] [tgz]
author	Eric Lin <ericth@google.com>	Fri Apr 15 07:03:18 2022 +0000
committer	Eric Lin <ericth@google.com>	Wed May 04 03:50:45 2022 +0000
tree	92613329b3d6618f2457f96da7c604f9f137c467
parent	b2db0b5119cb656ee7f4206e054e4b1c3272589f [diff]