Back to Repositories

Validating Network Security Configuration Implementation in Apktool

This test suite validates network security configuration handling in Android APK processing using Apktool. It ensures proper generation, decoding, and validation of network security settings during APK manipulation operations.

Test Coverage Overview

The test suite provides comprehensive coverage of network security configuration aspects in APK processing.

Validates APK building and decoding operations
Tests network security configuration file generation
Verifies manifest integration of security settings
Ensures XML configuration structure integrity

Implementation Analysis

The testing approach utilizes JUnit framework with XML validation capabilities. It implements a systematic verification process starting from APK building through configuration generation to manifest integration.

Uses XMLUnit for structured XML comparisons
Implements BeforeClass setup for test environment preparation
Employs multiple assertion levels for thorough validation

Technical Details

JUnit test framework integration
XMLUnit for XML comparison
ExtFile handling for APK operations
Custom TestUtils for resource management
Document object model (DOM) for XML parsing
File system operations for configuration validation

Best Practices Demonstrated

The test suite exemplifies robust testing practices for Android security configuration validation.

Proper test setup and cleanup procedures
Structured test organization with clear separation of concerns
Comprehensive XML validation techniques
Detailed logging for debugging and traceability
Effective use of test utilities and helper methods

ibotpeaches/apktool

brut.apktool/apktool-lib/src/test/java/brut/androlib/aapt2/NoNetworkConfigTest.java

            
/*
 *  Copyright (C) 2010 Ryszard Wiśniewski <[email protected]>
 *  Copyright (C) 2010 Connor Tumbleson <[email protected]>
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *       https://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */
package brut.androlib.aapt2;

import brut.androlib.ApkBuilder;
import brut.androlib.ApkDecoder;
import brut.androlib.BaseTest;
import brut.androlib.TestUtils;
import brut.common.BrutException;
import brut.directory.ExtFile;
import org.w3c.dom.Document;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;

import java.io.File;
import java.io.IOException;
import java.nio.file.Files;

import org.junit.*;
import static org.junit.Assert.*;

import org.custommonkey.xmlunit.XMLUnit;
import static org.custommonkey.xmlunit.XMLAssert.assertXMLEqual;

public class NoNetworkConfigTest extends BaseTest {

    @BeforeClass
    public static void beforeClass() throws Exception {
        sTestOrigDir = new ExtFile(sTmpDir, "testapp-orig");
        sTestNewDir = new ExtFile(sTmpDir, "testapp-new");

        LOGGER.info("Unpacking testapp...");
        TestUtils.copyResourceDir(NoNetworkConfigTest.class, "aapt2/testapp", sTestOrigDir);

        sConfig.setNetSecConf(true);

        LOGGER.info("Building testapp.apk...");
        ExtFile testApk = new ExtFile(sTmpDir, "testapp.apk");
        new ApkBuilder(sTestOrigDir, sConfig).build(testApk);

        LOGGER.info("Decoding testapp.apk...");
        new ApkDecoder(testApk, sConfig).decode(sTestNewDir);
    }

    @Test
    public void buildAndDecodeTest() {
        assertTrue(sTestNewDir.isDirectory());
    }

    @Test
    public void netSecConfGeneric() throws IOException, SAXException {
        LOGGER.info("Comparing network security configuration file...");
        String expected = TestUtils.replaceNewlines("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>" +
            "<network-security-config><base-config><trust-anchors><certificates src=\"system\"/><certificates src=\"us" +
            "er\"/></trust-anchors></base-config></network-security-config>");

        byte[] encoded = Files.readAllBytes(new File(sTestNewDir, "res/xml/network_security_config.xml").toPath());
        String obtained = TestUtils.replaceNewlines(new String(encoded));

        XMLUnit.setIgnoreWhitespace(true);
        XMLUnit.setIgnoreAttributeOrder(true);
        XMLUnit.setCompareUnmatched(false);

        assertXMLEqual(expected, obtained);
    }

    @Test
    public void netSecConfInManifest() throws BrutException {
        LOGGER.info("Validating network security config in Manifest...");

        // Load the XML document
        Document doc = loadDocument(new File(sTestNewDir, "AndroidManifest.xml"));

        // Check if network security config attribute is set correctly
        Node application = doc.getElementsByTagName("application").item(0);
        NamedNodeMap attrs = application.getAttributes();
        Node netSecConfAttr = attrs.getNamedItem("android:networkSecurityConfig");
        assertEquals("@xml/network_security_config", netSecConfAttr.getNodeValue());
    }
}