google · stevenckngaa · Nov 29, 2021 · Sep 15, 2021 · Sep 15, 2021 · Sep 15, 2021
@@ -83,6 +83,7 @@ object Dependencies {
  const val jsonToolsPatch = "com.github.java-json-tools:json-patch:${Versions.jsonToolsPatch}"
  const val material = "com.google.android.material:material:${Versions.material}"
  const val kotlinPoet = "com.squareup:kotlinpoet:${Versions.kotlinPoet}"
+ const val sqlcipher = "net.zetetic:android-database-sqlcipher:${Versions.sqlcipher}"
 
  // Dependencies for testing go here
  object AndroidxTest {
@@ -143,6 +144,7 @@ object Dependencies {
  const val jsonToolsPatch = "1.13"
  const val material = "1.3.0"
  const val retrofit = "2.7.2"
+ const val sqlcipher = "4.4.3"
  const val truth = "1.0.1"
  const val flexBox = "3.0.0"
  const val kotlinPoet = "1.9.0"

@@ -122,6 +122,7 @@ dependencies {
  implementation(Dependencies.Kotlin.stdlib)
  implementation(Dependencies.Room.runtime)
  implementation(Dependencies.Room.ktx)
+ implementation(Dependencies.sqlcipher)
  implementation(Dependencies.guava)
  implementation(Dependencies.jsonToolsPatch)
  implementation(Dependencies.Lifecycle.liveDataKtx)

@@ -0,0 +1,68 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http:https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.android.fhir.db.impl
+
+import androidx.test.ext.junit.runners.AndroidJUnit4
+import androidx.test.filters.SmallTest
+import com.google.common.truth.Truth.assertThat
+import java.security.KeyStore
+import org.junit.After
+import org.junit.Before
+import org.junit.Test
+import org.junit.runner.RunWith
+
+/** Integration test for [DatabaseEncryptionKeyProviderTest]. */
+@SmallTest
+@RunWith(AndroidJUnit4::class)
+class DatabaseEncryptionKeyProviderTest {
+ @Before fun setup() = deleteTestKeys()
+
+ @After fun tearDown() = deleteTestKeys()
+
+ @Test
+ fun getOrCreatePassphrase_aliasNotExists_shouldGenerateKey() {
+ assertThat(DatabaseEncryptionKeyProvider.getOrCreatePassphrase(ALIAS_NAME)).isNotNull()
+ }
+
+ @Test
+ fun getOrCreatePassphrase_aliasExists_shouldReturnSameKey() {
+ val key = DatabaseEncryptionKeyProvider.getOrCreatePassphrase(ALIAS_NAME)
+
+ assertThat(DatabaseEncryptionKeyProvider.getOrCreatePassphrase(ALIAS_NAME)).isEqualTo(key)
+ }
+
+ @Test
+ fun getOrCreatePassphrase_otherAliasExists_shouldReplaceKey() {
+ val key = DatabaseEncryptionKeyProvider.getOrCreatePassphrase(ALIAS_NAME)
+
+ assertThat(DatabaseEncryptionKeyProvider.getOrCreatePassphrase(OTHER_ALIAS_NAME))
+ .isNotEqualTo(key)
+ }
+
+ private fun deleteTestKeys() {
+ val keyStore = KeyStore.getInstance(DatabaseEncryptionKeyProvider.ANDROID_KEYSTORE_NAME)
+ keyStore.load(/* param = */ null)
+ keyStore.deleteEntry(ALIAS_NAME)
+ keyStore.deleteEntry(OTHER_ALIAS_NAME)
+ DatabaseEncryptionKeyProvider.clearKeyCache()
+ }
+
+ private companion object {
+ const val ALIAS_NAME = "test_key"
+ const val OTHER_ALIAS_NAME = "other_test_key"
+ }
+}
@@ -16,8 +16,9 @@
 
 package com.google.android.fhir.db.impl
 
+import android.content.Context
 import androidx.test.core.app.ApplicationProvider
-import androidx.test.ext.junit.runners.AndroidJUnit4
+import androidx.test.filters.MediumTest
 import ca.uhn.fhir.rest.param.ParamPrefixEnum
 import com.google.android.fhir.FhirServices
 import com.google.android.fhir.db.ResourceNotFoundException
@@ -59,6 +60,8 @@ import org.junit.Assert.assertThrows
 import org.junit.Before
 import org.junit.Test
 import org.junit.runner.RunWith
+import org.junit.runners.Parameterized
+import org.junit.runners.Parameterized.Parameters
 
 /**
  * Integration tests for [DatabaseImpl]. There are written as integration tests as officially
@@ -68,8 +71,11 @@ import org.junit.runner.RunWith
  * * Robolectric's SQLite implementation does not match Android, e.g.:
  * https://github.com/robolectric/robolectric/blob/master/shadows/framework/src/main/java/org/robolectric/shadows/ShadowSQLiteConnection.java#L97
  */
-@RunWith(AndroidJUnit4::class)
+@MediumTest
+@RunWith(Parameterized::class)
 class DatabaseImplTest {
+ @JvmField @Parameterized.Parameter(0) var encrypted: Boolean = false
+
  private val dataSource =
  object : DataSource {
 
@@ -97,8 +103,13 @@ class DatabaseImplTest {
  return OperationOutcome()
  }
  }
+ private val context: Context = ApplicationProvider.getApplicationContext()
  private val services =
- FhirServices.builder(ApplicationProvider.getApplicationContext()).inMemory().build()
+ if (encrypted) {
+ FhirServices.builder(context).inMemory().enableEncryption().build()
+ } else {
+ FhirServices.builder(context).inMemory().build()
+ }
  private val testingUtils = TestingUtils(services.parser)
  private val database = services.database
 
@@ -2399,5 +2410,7 @@ class DatabaseImplTest {
  TEST_PATIENT_2.setId(TEST_PATIENT_2_ID)
  TEST_PATIENT_2.setGender(Enumerations.AdministrativeGender.MALE)
  }
+
+ @JvmStatic @Parameters(name = "encrypted={0}") fun data(): Array<Boolean> = arrayOf(true, false)
  }
 }