Mark CT tests as NonCts

These tests use the internal API of certificate transparency. There is
no compatibility guarantee.

Bug: 357803810
Bug: 357460797
Test: atest
(cherry picked from https://android-review.googlesource.com/q/commit:6ef51d7ff788bf6266443b9a3291a294cd1aa31c)
Merged-In: Ide07eca800ecdaa6aa344b5b58d4988bf0bc1e88
Change-Id: Ide07eca800ecdaa6aa344b5b58d4988bf0bc1e88
diff --git a/common/src/test/java/org/conscrypt/ct/CTVerifierTest.java b/common/src/test/java/org/conscrypt/ct/CTVerifierTest.java
index 85e5458..716a905 100644
--- a/common/src/test/java/org/conscrypt/ct/CTVerifierTest.java
+++ b/common/src/test/java/org/conscrypt/ct/CTVerifierTest.java
@@ -20,6 +20,8 @@
 import static org.conscrypt.TestUtils.readTestFile;
 import static org.junit.Assert.assertEquals;
 
+import libcore.test.annotation.NonCts;
+import libcore.test.reasons.NonCtsReasons;
 import java.security.PublicKey;
 import java.util.Arrays;
 import org.conscrypt.OpenSSLX509Certificate;
@@ -61,6 +63,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withOCSPResponse() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -72,6 +75,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withTLSExtension() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -83,6 +87,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withEmbeddedExtension() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { certEmbedded, ca };
 
@@ -93,6 +98,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withoutTimestamp() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -103,6 +109,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withInvalidSignature() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -117,6 +124,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withUnknownLog() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -131,6 +139,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withInvalidEncoding() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -144,6 +153,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withInvalidOCSPResponse() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -157,6 +167,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withMultipleTimestamps() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
diff --git a/common/src/test/java/org/conscrypt/ct/SerializationTest.java b/common/src/test/java/org/conscrypt/ct/SerializationTest.java
index a4c71ce..2d4a112 100644
--- a/common/src/test/java/org/conscrypt/ct/SerializationTest.java
+++ b/common/src/test/java/org/conscrypt/ct/SerializationTest.java
@@ -20,16 +20,20 @@
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
-import java.io.ByteArrayOutputStream;
-import java.util.Arrays;
+import libcore.test.annotation.NonCts;
+import libcore.test.reasons.NonCtsReasons;
+
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.JUnit4;
 
+import java.io.ByteArrayOutputStream;
+import java.util.Arrays;
+
 @RunWith(JUnit4.class)
 public class SerializationTest {
-
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_decode_SignedCertificateTimestamp() throws Exception {
         byte[] in = new byte[] {
             0x00,                            // version
@@ -59,6 +63,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_decode_invalid_SignedCertificateTimestamp() throws Exception {
         byte[] sct = new byte[] {
             0x00,                            // version
@@ -92,6 +97,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_decode_DigitallySigned() throws Exception {
         byte[] in = new byte[] {
             0x04, 0x03,            // hash & signature algorithm
@@ -106,6 +112,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_decode_invalid_DigitallySigned() throws Exception {
         try {
             DigitallySigned.decode(new byte[] {
@@ -143,6 +150,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_encode_CertificateEntry_X509Certificate() throws Exception {
         // Use a dummy certificate. It doesn't matter, CertificateEntry doesn't care about the contents.
         CertificateEntry entry = CertificateEntry.createForX509Certificate(new byte[] { 0x12, 0x34, 0x56, 0x78 });
@@ -157,6 +165,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_encode_CertificateEntry_PreCertificate() throws Exception {
         // Use a dummy certificate and issuer key hash. It doesn't matter,
         // CertificateEntry doesn't care about the contents.
@@ -176,6 +185,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_readDEROctetString() throws Exception {
         byte[] in, expected;
 
@@ -222,4 +232,3 @@
         assertEquals(Arrays.toString(expected), Arrays.toString(actual));
     }
 }
-
diff --git a/platform/src/test/java/org/conscrypt/ct/CTLogStoreImplTest.java b/platform/src/test/java/org/conscrypt/ct/CTLogStoreImplTest.java
index 1ba3ff4..d9b9c87 100644
--- a/platform/src/test/java/org/conscrypt/ct/CTLogStoreImplTest.java
+++ b/platform/src/test/java/org/conscrypt/ct/CTLogStoreImplTest.java
@@ -19,6 +19,8 @@
 import static java.nio.charset.StandardCharsets.US_ASCII;
 import static java.nio.charset.StandardCharsets.UTF_8;
 
+import libcore.test.annotation.NonCts;
+import libcore.test.reasons.NonCtsReasons;
 import java.io.BufferedWriter;
 import java.io.ByteArrayInputStream;
 import java.io.File;
@@ -81,6 +83,7 @@
         }
     }
 
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_loadLog() throws Exception {
         CTLogInfo log = CTLogStoreImpl.loadLog(
                 new ByteArrayInputStream(LOGS_SERIALIZED[0].getBytes(US_ASCII)));
@@ -103,6 +106,7 @@
         } catch (FileNotFoundException e) {}
     }
 
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_getKnownLog() throws Exception {
         File userDir = createTempDirectory();
         userDir.deleteOnExit();
diff --git a/repackaged/common/src/test/java/com/android/org/conscrypt/ct/CTVerifierTest.java b/repackaged/common/src/test/java/com/android/org/conscrypt/ct/CTVerifierTest.java
index af11b09..d67bf3a 100644
--- a/repackaged/common/src/test/java/com/android/org/conscrypt/ct/CTVerifierTest.java
+++ b/repackaged/common/src/test/java/com/android/org/conscrypt/ct/CTVerifierTest.java
@@ -21,10 +21,12 @@
 import static com.android.org.conscrypt.TestUtils.readTestFile;
 import static org.junit.Assert.assertEquals;
 
-import java.security.PublicKey;
-import java.util.Arrays;
 import com.android.org.conscrypt.OpenSSLX509Certificate;
 import com.android.org.conscrypt.TestUtils;
+import java.security.PublicKey;
+import java.util.Arrays;
+import libcore.test.annotation.NonCts;
+import libcore.test.reasons.NonCtsReasons;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -65,6 +67,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withOCSPResponse() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -76,6 +79,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withTLSExtension() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -87,6 +91,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withEmbeddedExtension() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { certEmbedded, ca };
 
@@ -97,6 +102,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withoutTimestamp() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -107,6 +113,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withInvalidSignature() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -121,6 +128,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withUnknownLog() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -135,6 +143,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withInvalidEncoding() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -148,6 +157,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withInvalidOCSPResponse() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
@@ -161,6 +171,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_verifySignedCertificateTimestamps_withMultipleTimestamps() throws Exception {
         OpenSSLX509Certificate[] chain = new OpenSSLX509Certificate[] { cert, ca };
 
diff --git a/repackaged/common/src/test/java/com/android/org/conscrypt/ct/SerializationTest.java b/repackaged/common/src/test/java/com/android/org/conscrypt/ct/SerializationTest.java
index 7dabf84..8c40636 100644
--- a/repackaged/common/src/test/java/com/android/org/conscrypt/ct/SerializationTest.java
+++ b/repackaged/common/src/test/java/com/android/org/conscrypt/ct/SerializationTest.java
@@ -21,19 +21,23 @@
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
-import java.io.ByteArrayOutputStream;
-import java.util.Arrays;
+import libcore.test.annotation.NonCts;
+import libcore.test.reasons.NonCtsReasons;
+
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.JUnit4;
 
+import java.io.ByteArrayOutputStream;
+import java.util.Arrays;
+
 /**
  * @hide This class is not part of the Android public SDK API
  */
 @RunWith(JUnit4.class)
 public class SerializationTest {
-
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_decode_SignedCertificateTimestamp() throws Exception {
         byte[] in = new byte[] {
             0x00,                            // version
@@ -63,6 +67,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_decode_invalid_SignedCertificateTimestamp() throws Exception {
         byte[] sct = new byte[] {
             0x00,                            // version
@@ -96,6 +101,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_decode_DigitallySigned() throws Exception {
         byte[] in = new byte[] {
             0x04, 0x03,            // hash & signature algorithm
@@ -110,6 +116,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_decode_invalid_DigitallySigned() throws Exception {
         try {
             DigitallySigned.decode(new byte[] {
@@ -147,6 +154,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_encode_CertificateEntry_X509Certificate() throws Exception {
         // Use a dummy certificate. It doesn't matter, CertificateEntry doesn't care about the contents.
         CertificateEntry entry = CertificateEntry.createForX509Certificate(new byte[] { 0x12, 0x34, 0x56, 0x78 });
@@ -161,6 +169,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_encode_CertificateEntry_PreCertificate() throws Exception {
         // Use a dummy certificate and issuer key hash. It doesn't matter,
         // CertificateEntry doesn't care about the contents.
@@ -180,6 +189,7 @@
     }
 
     @Test
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_readDEROctetString() throws Exception {
         byte[] in, expected;
 
@@ -226,4 +236,3 @@
         assertEquals(Arrays.toString(expected), Arrays.toString(actual));
     }
 }
-
diff --git a/repackaged/platform/src/test/java/com/android/org/conscrypt/ct/CTLogStoreImplTest.java b/repackaged/platform/src/test/java/com/android/org/conscrypt/ct/CTLogStoreImplTest.java
index 52eb556..82177ac 100644
--- a/repackaged/platform/src/test/java/com/android/org/conscrypt/ct/CTLogStoreImplTest.java
+++ b/repackaged/platform/src/test/java/com/android/org/conscrypt/ct/CTLogStoreImplTest.java
@@ -31,6 +31,8 @@
 import java.io.PrintWriter;
 import java.security.PublicKey;
 import junit.framework.TestCase;
+import libcore.test.annotation.NonCts;
+import libcore.test.reasons.NonCtsReasons;
 
 /**
  * @hide This class is not part of the Android public SDK API
@@ -85,6 +87,7 @@
         }
     }
 
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_loadLog() throws Exception {
         CTLogInfo log = CTLogStoreImpl.loadLog(
                 new ByteArrayInputStream(LOGS_SERIALIZED[0].getBytes(US_ASCII)));
@@ -107,6 +110,7 @@
         } catch (FileNotFoundException e) {}
     }
 
+    @NonCts(reason = NonCtsReasons.INTERNAL_APIS)
     public void test_getKnownLog() throws Exception {
         File userDir = createTempDirectory();
         userDir.deleteOnExit();