1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17
18 #include "hks_import_wrapped_test_common.h"
19 #include "hks_three_stage_test_common.h"
20 #include "hks_access_control_test_common.h"
21 #include "hks_mem.h"
22 #include "hks_test_log.h"
23 #include "hks_type.h"
24 #include "hks_api.h"
25 #include "hks_access_control_secure_sign_test.h"
26
27 using namespace testing::ext;
28 using namespace Unittest::HksAccessControlPartTest;
29 namespace Unittest::AccessControlSecureSignTest {
30 class HksAccessControlSecureSignTest : public testing::Test {
31 public:
32 static void SetUpTestCase(void);
33
34 static void TearDownTestCase(void);
35
36 void SetUp();
37
38 void TearDown();
39 };
40
SetUpTestCase(void)41 void HksAccessControlSecureSignTest::SetUpTestCase(void)
42 {
43 }
44
TearDownTestCase(void)45 void HksAccessControlSecureSignTest::TearDownTestCase(void)
46 {
47 }
48
SetUp()49 void HksAccessControlSecureSignTest::SetUp()
50 {
51 EXPECT_EQ(HksInitialize(), 0);
52 }
53
TearDown()54 void HksAccessControlSecureSignTest::TearDown()
55 {
56 }
57
58 static const std::string g_inData = "Hks_SM4_Cipher_Test_000000000000000000000000000000000000000000000000000000000000"
59 "00000000000000000000000000000000000000000000000000000000000000000000000000000000"
60 "0000000000000000000000000000000000000000000000000000000000000000000000000_string";
61
62 static const std::string g_inDataLess64 = "Hks_SM4_Cipher_Test_000000000000000000000000000000000000";
63
64 static const uint32_t g_authHeadSize = 24;
65
66 static const uint32_t g_secureUid = 1;
67
68 static const uint32_t g_enrolledIdPin = 1;
69
70 static const uint32_t g_enrolledIdFinger = 2;
71
72 static const uint32_t g_credentialId = 0;
73
74 static const uint32_t g_time = 0;
75
76 static struct HksBlob g_genKeyAlias = {
77 .size = strlen("TestGenKeyForSignWithInfo"),
78 .data = (uint8_t *)"TestGenKeyForSignWithInfo"
79 };
80
81 static struct HksBlob g_importKeyAlias = {
82 .size = strlen("TestImportKeyForSignWithInfo"),
83 .data = (uint8_t *)"TestImportKeyForSignWithInfo"
84 };
85
86 static struct HksBlob g_importKeyNoAuthAlias = {
87 .size = strlen("TestImportKeyNoSignWithInfo"),
88 .data = (uint8_t *)"TestImportKeyNoSignWithInfo"
89 };
90
91 static const uint32_t g_outDataSize = 2048;
92
93 static uint8_t g_outBuffer[g_outDataSize] = {0};
94
95 static struct HksBlob g_outDataBlob = {
96 .size = g_outDataSize,
97 .data = g_outBuffer
98 };
99
100 static struct HksBlob g_inDataBlob = { g_inData.length(), (uint8_t *)g_inData.c_str() };
101
102 static struct HksBlob g_inDataBlobTwoStage = { g_inDataLess64.length(), (uint8_t *)g_inDataLess64.c_str() };
103
104 struct HksTestSecureSignGenParams {
105 struct HksBlob *keyAlias;
106 struct HksParam *inputParams;
107 uint32_t inputParamSize;
108 int32_t expectResult;
109 };
110
111 struct HksTestSecureSignImportParams {
112 struct HksBlob *keyAlias;
113 struct HksParam *inputParams;
114 struct HksBlob importKey;
115 uint32_t inputParamSize;
116 int32_t expectResult;
117 };
118
119 struct HksTestSecureSignVerifyUpdateFinishParams {
120 struct HksBlob *keyAlias;
121 struct HksBlob *keyAliasNoAuth;
122 struct HksParam *updateParams;
123 struct HksBlob *outBuffer;
124 struct HksBlob *signature;
125 struct HksBlob *inData;
126 uint32_t inputParamSize;
127 int32_t expectResult;
128 bool isThreeStageUse;
129 };
130
131 static struct HksParam g_genRsaWithSignAuthParams[] = {
132 {
133 .tag = HKS_TAG_ALGORITHM,
134 .uint32Param = HKS_ALG_RSA
135 }, {
136 .tag = HKS_TAG_PURPOSE,
137 .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY
138 }, {
139 .tag = HKS_TAG_KEY_SIZE,
140 .uint32Param = HKS_RSA_KEY_SIZE_4096
141 }, {
142 .tag = HKS_TAG_PADDING,
143 .uint32Param = HKS_PADDING_PSS
144 }, {
145 .tag = HKS_TAG_DIGEST,
146 .uint32Param = HKS_DIGEST_SHA512
147 }, {
148 .tag = HKS_TAG_USER_AUTH_TYPE,
149 .uint32Param = HKS_USER_AUTH_TYPE_PIN
150 }, {
151 .tag = HKS_TAG_KEY_AUTH_ACCESS_TYPE,
152 .uint32Param = HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD
153 }, {
154 .tag = HKS_TAG_CHALLENGE_TYPE,
155 .uint32Param = HKS_CHALLENGE_TYPE_NORMAL
156 }, {
157 .tag = HKS_TAG_KEY_SECURE_SIGN_TYPE,
158 .uint32Param = HKS_SECURE_SIGN_WITH_AUTHINFO
159 }
160 };
161
162 static struct HksParam g_genEd25519WithSignAuthParams[] = {
163 {
164 .tag = HKS_TAG_ALGORITHM,
165 .uint32Param = HKS_ALG_ED25519
166 }, {
167 .tag = HKS_TAG_PURPOSE,
168 .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY
169 }, {
170 .tag = HKS_TAG_KEY_SIZE,
171 .uint32Param = HKS_CURVE25519_KEY_SIZE_256
172 }, {
173 .tag = HKS_TAG_DIGEST,
174 .uint32Param = HKS_DIGEST_SHA1
175 }, {
176 .tag = HKS_TAG_USER_AUTH_TYPE,
177 .uint32Param = HKS_USER_AUTH_TYPE_FACE
178 }, {
179 .tag = HKS_TAG_KEY_AUTH_ACCESS_TYPE,
180 .uint32Param = HKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL
181 }, {
182 .tag = HKS_TAG_CHALLENGE_TYPE,
183 .uint32Param = HKS_CHALLENGE_TYPE_NORMAL
184 }, {
185 .tag = HKS_TAG_KEY_SECURE_SIGN_TYPE,
186 .uint32Param = HKS_SECURE_SIGN_WITH_AUTHINFO
187 }
188 };
189
190 #ifdef _USE_OPENSSL_
191 // mbedtls engine don't support DSA alg
192 static struct HksParam g_genDsaWithSignAuthParams[] = {
193 {
194 .tag = HKS_TAG_ALGORITHM,
195 .uint32Param = HKS_ALG_DSA
196 }, {
197 .tag = HKS_TAG_PURPOSE,
198 .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY
199 }, {
200 .tag = HKS_TAG_KEY_SIZE,
201 .uint32Param = 1024
202 }, {
203 .tag = HKS_TAG_DIGEST,
204 .uint32Param = HKS_DIGEST_SHA1
205 }, {
206 .tag = HKS_TAG_USER_AUTH_TYPE,
207 .uint32Param = HKS_USER_AUTH_TYPE_PIN
208 }, {
209 .tag = HKS_TAG_KEY_AUTH_ACCESS_TYPE,
210 .uint32Param = HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD
211 }, {
212 .tag = HKS_TAG_CHALLENGE_TYPE,
213 .uint32Param = HKS_CHALLENGE_TYPE_NORMAL
214 }, {
215 .tag = HKS_TAG_KEY_SECURE_SIGN_TYPE,
216 .uint32Param = HKS_SECURE_SIGN_WITH_AUTHINFO
217 }
218 };
219 #endif
220
221 static struct HksTestSecureSignGenParams g_testRsaGenParams = {
222 .keyAlias = &g_genKeyAlias,
223 .inputParams = g_genRsaWithSignAuthParams,
224 .inputParamSize = HKS_ARRAY_SIZE(g_genRsaWithSignAuthParams),
225 .expectResult = HKS_SUCCESS
226 };
227
228 static struct HksTestSecureSignGenParams g_testEd25519GenParams = {
229 .keyAlias = &g_genKeyAlias,
230 .inputParams = g_genEd25519WithSignAuthParams,
231 .inputParamSize = HKS_ARRAY_SIZE(g_genEd25519WithSignAuthParams),
232 .expectResult = HKS_SUCCESS
233 };
234
235 #ifdef _USE_OPENSSL_
236 static struct HksTestSecureSignGenParams g_testDsaGenParams = {
237 .keyAlias = &g_genKeyAlias,
238 .inputParams = g_genDsaWithSignAuthParams,
239 .inputParamSize = HKS_ARRAY_SIZE(g_genDsaWithSignAuthParams),
240 .expectResult = HKS_SUCCESS
241 };
242 #endif
243
244 static struct HksParam g_importDsaKeyParams[] = {
245 { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_DSA },
246 { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY },
247 { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 },
248 { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
249 { .tag = HKS_TAG_IMPORT_KEY_TYPE, .uint32Param = HKS_KEY_TYPE_KEY_PAIR },
250 {
251 .tag = HKS_TAG_USER_AUTH_TYPE,
252 .uint32Param = HKS_USER_AUTH_TYPE_PIN
253 }, {
254 .tag = HKS_TAG_KEY_AUTH_ACCESS_TYPE,
255 .uint32Param = HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD
256 }, {
257 .tag = HKS_TAG_CHALLENGE_TYPE,
258 .uint32Param = HKS_CHALLENGE_TYPE_NORMAL
259 }, {
260 .tag = HKS_TAG_KEY_SECURE_SIGN_TYPE,
261 .uint32Param = HKS_SECURE_SIGN_WITH_AUTHINFO
262 }
263 };
264
265
266 static struct HksParam g_importDsaKeyParamsNoAuthInfo[] = {
267 { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_DSA },
268 { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY },
269 { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 },
270 { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
271 { .tag = HKS_TAG_IMPORT_KEY_TYPE, .uint32Param = HKS_KEY_TYPE_KEY_PAIR }
272 };
273
274 static struct HksParam g_importRsaKeyParams[] = {
275 { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_RSA },
276 { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY },
277 { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 },
278 { .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_PSS },
279 { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
280 { .tag = HKS_TAG_IMPORT_KEY_TYPE, .uint32Param = HKS_KEY_TYPE_KEY_PAIR },
281 {
282 .tag = HKS_TAG_USER_AUTH_TYPE,
283 .uint32Param = HKS_USER_AUTH_TYPE_PIN
284 }, {
285 .tag = HKS_TAG_KEY_AUTH_ACCESS_TYPE,
286 .uint32Param = HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD
287 }, {
288 .tag = HKS_TAG_CHALLENGE_TYPE,
289 .uint32Param = HKS_CHALLENGE_TYPE_NORMAL
290 }, {
291 .tag = HKS_TAG_KEY_SECURE_SIGN_TYPE,
292 .uint32Param = HKS_SECURE_SIGN_WITH_AUTHINFO
293 }
294 };
295
296 static struct HksParam g_importRsaKeyParamsWithBioAndClearPassword[] = {
297 { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_RSA },
298 { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY },
299 { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 },
300 { .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_PSS },
301 { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
302 { .tag = HKS_TAG_IMPORT_KEY_TYPE, .uint32Param = HKS_KEY_TYPE_KEY_PAIR },
303 {
304 .tag = HKS_TAG_USER_AUTH_TYPE,
305 .uint32Param = HKS_USER_AUTH_TYPE_FINGERPRINT
306 }, {
307 .tag = HKS_TAG_KEY_AUTH_ACCESS_TYPE,
308 .uint32Param = HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD
309 }, {
310 .tag = HKS_TAG_CHALLENGE_TYPE,
311 .uint32Param = HKS_CHALLENGE_TYPE_NORMAL
312 }, {
313 .tag = HKS_TAG_KEY_SECURE_SIGN_TYPE,
314 .uint32Param = HKS_SECURE_SIGN_WITH_AUTHINFO
315 }
316 };
317
318 static struct HksParam g_importRsaKeyParamsNoAuth[] = {
319 { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_RSA },
320 { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY },
321 { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 },
322 { .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_PSS },
323 { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
324 { .tag = HKS_TAG_IMPORT_KEY_TYPE, .uint32Param = HKS_KEY_TYPE_KEY_PAIR }
325 };
326
327 static struct HksParam g_importKeyEd25519Params[] = {
328 { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_ED25519 },
329 { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY },
330 { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_CURVE25519_KEY_SIZE_256 },
331 { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
332 { .tag = HKS_TAG_IMPORT_KEY_TYPE, .uint32Param = HKS_KEY_TYPE_KEY_PAIR },
333 {
334 .tag = HKS_TAG_USER_AUTH_TYPE,
335 .uint32Param = HKS_USER_AUTH_TYPE_PIN
336 }, {
337 .tag = HKS_TAG_KEY_AUTH_ACCESS_TYPE,
338 .uint32Param = HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD
339 }, {
340 .tag = HKS_TAG_CHALLENGE_TYPE,
341 .uint32Param = HKS_CHALLENGE_TYPE_NORMAL
342 }, {
343 .tag = HKS_TAG_KEY_SECURE_SIGN_TYPE,
344 .uint32Param = HKS_SECURE_SIGN_WITH_AUTHINFO
345 }
346 };
347
348 static struct HksParam g_importKeyEd25519ParamsNoAuth[] = {
349 { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_ED25519 },
350 { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY },
351 { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_CURVE25519_KEY_SIZE_256 },
352 { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
353 { .tag = HKS_TAG_IMPORT_KEY_TYPE, .uint32Param = HKS_KEY_TYPE_KEY_PAIR }
354 };
355
356 static struct HksParam g_signParamsTestRsa[] = {
357 {
358 .tag = HKS_TAG_ALGORITHM,
359 .uint32Param = HKS_ALG_RSA
360 }, {
361 .tag = HKS_TAG_PURPOSE,
362 .uint32Param = HKS_KEY_PURPOSE_SIGN
363 }, {
364 .tag = HKS_TAG_KEY_SIZE,
365 .uint32Param = HKS_RSA_KEY_SIZE_2048
366 }, {
367 .tag = HKS_TAG_PADDING,
368 .uint32Param = HKS_PADDING_PSS
369 }, {
370 .tag = HKS_TAG_DIGEST,
371 .uint32Param = HKS_DIGEST_SHA256
372 }
373 };
374
375 static struct HksParam g_verifyParamsTestRsa[] = {
376 {
377 .tag = HKS_TAG_ALGORITHM,
378 .uint32Param = HKS_ALG_RSA
379 }, {
380 .tag = HKS_TAG_PURPOSE,
381 .uint32Param = HKS_KEY_PURPOSE_VERIFY
382 }, {
383 .tag = HKS_TAG_KEY_SIZE,
384 .uint32Param = HKS_RSA_KEY_SIZE_2048
385 }, {
386 .tag = HKS_TAG_PADDING,
387 .uint32Param = HKS_PADDING_PSS
388 }, {
389 .tag = HKS_TAG_DIGEST,
390 .uint32Param = HKS_DIGEST_SHA256
391 }
392 };
393
394 static struct HksParam g_signParamsTestDsa[] = {
395 {
396 .tag = HKS_TAG_ALGORITHM,
397 .uint32Param = HKS_ALG_DSA
398 }, {
399 .tag = HKS_TAG_PURPOSE,
400 .uint32Param = HKS_KEY_PURPOSE_SIGN
401 }, {
402 .tag = HKS_TAG_DIGEST,
403 .uint32Param = HKS_DIGEST_SHA256
404 }
405 };
406
407 static struct HksParam g_verifyParamsTestDsa[] = {
408 {
409 .tag = HKS_TAG_ALGORITHM,
410 .uint32Param = HKS_ALG_DSA
411 }, {
412 .tag = HKS_TAG_PURPOSE,
413 .uint32Param = HKS_KEY_PURPOSE_VERIFY
414 }, {
415 .tag = HKS_TAG_DIGEST,
416 .uint32Param = HKS_DIGEST_SHA256
417 }
418 };
419
420 static struct HksParam g_signParamsTestEd25519[] = {
421 {
422 .tag = HKS_TAG_ALGORITHM,
423 .uint32Param = HKS_ALG_ED25519
424 }, {
425 .tag = HKS_TAG_PURPOSE,
426 .uint32Param = HKS_KEY_PURPOSE_SIGN
427 }, {
428 .tag = HKS_TAG_KEY_SIZE,
429 .uint32Param = HKS_CURVE25519_KEY_SIZE_256
430 }, {
431 .tag = HKS_TAG_DIGEST,
432 .uint32Param = HKS_DIGEST_SHA256
433 }
434 };
435
436 static struct HksParam g_verifyParamsTestEd25519[] = {
437 {
438 .tag = HKS_TAG_ALGORITHM,
439 .uint32Param = HKS_ALG_ED25519
440 }, {
441 .tag = HKS_TAG_PURPOSE,
442 .uint32Param = HKS_KEY_PURPOSE_VERIFY
443 }, {
444 .tag = HKS_TAG_KEY_SIZE,
445 .uint32Param = HKS_CURVE25519_KEY_SIZE_256
446 }, {
447 .tag = HKS_TAG_DIGEST,
448 .uint32Param = HKS_DIGEST_SHA256
449 }
450 };
451
452 static const uint8_t g_nData2048[] = {
453 0xc5, 0x35, 0x62, 0x48, 0xc4, 0x92, 0x87, 0x73, 0x0d, 0x42, 0x96, 0xfc, 0x7b, 0x11, 0x05, 0x06,
454 0x0f, 0x8d, 0x66, 0xc1, 0x0e, 0xad, 0x37, 0x44, 0x92, 0x95, 0x2f, 0x6a, 0x55, 0xba, 0xec, 0x1d,
455 0x54, 0x62, 0x0a, 0x4b, 0xd3, 0xc7, 0x05, 0xe4, 0x07, 0x40, 0xd9, 0xb7, 0xc2, 0x12, 0xcb, 0x9a,
456 0x90, 0xad, 0xe3, 0x24, 0xe8, 0x5e, 0xa6, 0xf8, 0xd0, 0x6e, 0xbc, 0xd1, 0x69, 0x7f, 0x6b, 0xe4,
457 0x2b, 0x4e, 0x1a, 0x65, 0xbb, 0x73, 0x88, 0x6b, 0x7c, 0xaf, 0x7e, 0xd0, 0x47, 0x26, 0xeb, 0xa5,
458 0xbe, 0xd6, 0xe8, 0xee, 0x9c, 0xa5, 0x66, 0xa5, 0xc9, 0xd3, 0x25, 0x13, 0xc4, 0x0e, 0x6c, 0xab,
459 0x50, 0xb6, 0x50, 0xc9, 0xce, 0x8f, 0x0a, 0x0b, 0xc6, 0x28, 0x69, 0xe9, 0x83, 0x69, 0xde, 0x42,
460 0x56, 0x79, 0x7f, 0xde, 0x86, 0x24, 0xca, 0xfc, 0xaa, 0xc0, 0xf3, 0xf3, 0x7f, 0x92, 0x8e, 0x8a,
461 0x12, 0x52, 0xfe, 0x50, 0xb1, 0x5e, 0x8c, 0x01, 0xce, 0xfc, 0x7e, 0xf2, 0x4f, 0x5f, 0x03, 0xfe,
462 0xa7, 0xcd, 0xa1, 0xfc, 0x94, 0x52, 0x00, 0x8b, 0x9b, 0x7f, 0x09, 0xab, 0xa8, 0xa4, 0xf5, 0xb4,
463 0xa5, 0xaa, 0xfc, 0x72, 0xeb, 0x17, 0x40, 0xa9, 0xee, 0xbe, 0x8f, 0xc2, 0xd1, 0x80, 0xc2, 0x0d,
464 0x44, 0xa9, 0x59, 0x44, 0x59, 0x81, 0x3b, 0x5d, 0x4a, 0xde, 0xfb, 0xae, 0x24, 0xfc, 0xa3, 0xd9,
465 0xbc, 0x57, 0x55, 0xc2, 0x26, 0xbc, 0x19, 0xa7, 0x9a, 0xc5, 0x59, 0xa3, 0xee, 0x5a, 0xef, 0x41,
466 0x80, 0x7d, 0xf8, 0x5e, 0xc1, 0x1d, 0x32, 0x38, 0x41, 0x5b, 0xb6, 0x92, 0xb8, 0xb7, 0x03, 0x0d,
467 0x3e, 0x59, 0x0f, 0x1c, 0xb3, 0xe1, 0x2a, 0x95, 0x1a, 0x3b, 0x50, 0x4f, 0xc4, 0x1d, 0xcf, 0x73,
468 0x7c, 0x14, 0xca, 0xe3, 0x0b, 0xa7, 0xc7, 0x1a, 0x41, 0x4a, 0xee, 0xbe, 0x1f, 0x43, 0xdd, 0xf9,
469 };
470
471 static const uint8_t g_dData2048[] = {
472 0x88, 0x4b, 0x82, 0xe7, 0xe3, 0xe3, 0x99, 0x75, 0x6c, 0x9e, 0xaf, 0x17, 0x44, 0x3e, 0xd9, 0x07,
473 0xfd, 0x4b, 0xae, 0xce, 0x92, 0xc4, 0x28, 0x44, 0x5e, 0x42, 0x79, 0x08, 0xb6, 0xc3, 0x7f, 0x58,
474 0x2d, 0xef, 0xac, 0x4a, 0x07, 0xcd, 0xaf, 0x46, 0x8f, 0xb4, 0xc4, 0x43, 0xf9, 0xff, 0x5f, 0x74,
475 0x2d, 0xb5, 0xe0, 0x1c, 0xab, 0xf4, 0x6e, 0xd5, 0xdb, 0xc8, 0x0c, 0xfb, 0x76, 0x3c, 0x38, 0x66,
476 0xf3, 0x7f, 0x01, 0x43, 0x7a, 0x30, 0x39, 0x02, 0x80, 0xa4, 0x11, 0xb3, 0x04, 0xd9, 0xe3, 0x57,
477 0x23, 0xf4, 0x07, 0xfc, 0x91, 0x8a, 0xc6, 0xcc, 0xa2, 0x16, 0x29, 0xb3, 0xe5, 0x76, 0x4a, 0xa8,
478 0x84, 0x19, 0xdc, 0xef, 0xfc, 0xb0, 0x63, 0x33, 0x0b, 0xfa, 0xf6, 0x68, 0x0b, 0x08, 0xea, 0x31,
479 0x52, 0xee, 0x99, 0xef, 0x43, 0x2a, 0xbe, 0x97, 0xad, 0xb3, 0xb9, 0x66, 0x7a, 0xae, 0xe1, 0x8f,
480 0x57, 0x86, 0xe5, 0xfe, 0x14, 0x3c, 0x81, 0xd0, 0x64, 0xf8, 0x86, 0x1a, 0x0b, 0x40, 0x58, 0xc9,
481 0x33, 0x49, 0xb8, 0x99, 0xc6, 0x2e, 0x94, 0x70, 0xee, 0x09, 0x88, 0xe1, 0x5c, 0x4e, 0x6c, 0x22,
482 0x72, 0xa7, 0x2a, 0x21, 0xdd, 0xd7, 0x1d, 0xfc, 0x63, 0x15, 0x0b, 0xde, 0x06, 0x9c, 0xf3, 0x28,
483 0xf3, 0xac, 0x4a, 0xa8, 0xb5, 0x50, 0xca, 0x9b, 0xcc, 0x0a, 0x04, 0xfe, 0x3f, 0x98, 0x68, 0x81,
484 0xac, 0x24, 0x53, 0xea, 0x1f, 0x1c, 0x6e, 0x5e, 0xca, 0xe8, 0x31, 0x0d, 0x08, 0x12, 0xf3, 0x26,
485 0xf8, 0x5e, 0xeb, 0x10, 0x27, 0xae, 0xaa, 0xc3, 0xad, 0x6c, 0xc1, 0x89, 0xdb, 0x7d, 0x5a, 0x12,
486 0x55, 0xad, 0x11, 0x19, 0xa1, 0xa9, 0x8f, 0x0b, 0x6d, 0x78, 0x8d, 0x1c, 0xdf, 0xe5, 0x63, 0x82,
487 0x0b, 0x7d, 0x23, 0x04, 0xb4, 0x75, 0x8c, 0xed, 0x77, 0xfc, 0x1a, 0x85, 0x29, 0x11, 0xe0, 0x61,
488 };
489
490 static const uint8_t g_eData[] = { 0x01, 0x00, 0x01 };
491
492
493 static const uint8_t g_ed25519PriData[] = {
494 0x61, 0xd3, 0xe7, 0x53, 0x6d, 0x79, 0x5d, 0x71, 0xc2, 0x2a, 0x51, 0x2d, 0x5e, 0xcb, 0x67, 0x3d,
495 0xdd, 0xde, 0xf0, 0xac, 0xdb, 0xba, 0x24, 0xfd, 0xf8, 0x3a, 0x7b, 0x32, 0x6e, 0x05, 0xe6, 0x37,
496 };
497
498 static const uint8_t g_ed25519PubData[] = {
499 0xab, 0xc7, 0x0f, 0x99, 0x4f, 0x6a, 0x08, 0xd0, 0x9c, 0x5d, 0x10, 0x60, 0xf8, 0x93, 0xd2, 0x8e,
500 0xe0, 0x63, 0x0e, 0x70, 0xbf, 0xad, 0x30, 0x41, 0x43, 0x09, 0x27, 0x2d, 0xb3, 0x30, 0x95, 0xa7,
501 };
502
503 static const uint8_t g_xData[] = {
504 0x99, 0x97, 0x76, 0x67, 0x4a, 0xd1, 0x21, 0xe2, 0xbd, 0x75, 0xf3, 0x05, 0x34, 0xe6, 0xc2, 0x27,
505 0xf9, 0x4b, 0xb0, 0x47, 0xb4, 0x7c, 0xc0, 0x16, 0x05, 0x2c, 0x93, 0xd2, 0xdf, 0xe6, 0x13, 0xa8,
506 };
507
508 static const uint8_t g_yData[] = {
509 0x9b, 0xf4, 0x99, 0x33, 0x05, 0xf0, 0x0c, 0xa9, 0x88, 0xcc, 0xb0, 0x3e, 0x17, 0x6b, 0x67, 0xc7,
510 0x8e, 0x31, 0x6d, 0xf7, 0x34, 0xfe, 0xdd, 0x76, 0x8e, 0x3d, 0xfa, 0x8c, 0x39, 0xdd, 0xce, 0xfa,
511 0xa9, 0xe2, 0x7b, 0xc0, 0x01, 0x23, 0xf6, 0x62, 0x93, 0x77, 0x69, 0x91, 0x6e, 0xa5, 0x32, 0x46,
512 0xbb, 0x95, 0x67, 0x81, 0xbd, 0xe8, 0xb1, 0xe4, 0xdf, 0xc8, 0x75, 0x99, 0x23, 0xc0, 0x29, 0x1b,
513 0xc7, 0x23, 0x0b, 0xf2, 0x11, 0xb8, 0x0e, 0x59, 0x25, 0xe3, 0xa2, 0x3f, 0x22, 0xe4, 0xf6, 0x20,
514 0xd2, 0xdf, 0x58, 0xd2, 0x99, 0xd8, 0x62, 0x9a, 0x24, 0x2e, 0x13, 0x4b, 0xea, 0xc9, 0x8c, 0xf9,
515 0x90, 0x6d, 0xa4, 0x34, 0x27, 0x67, 0xee, 0x5c, 0x10, 0x63, 0x58, 0xc0, 0x96, 0x7b, 0x2d, 0x5b,
516 0x6c, 0xcd, 0x0c, 0x7b, 0x18, 0xcc, 0x0d, 0x7d, 0x3a, 0xa7, 0x57, 0x9c, 0x12, 0x10, 0x8a, 0x3a,
517 0xf4, 0x6b, 0xe4, 0x38, 0xba, 0x9c, 0xf4, 0x7c, 0x27, 0xeb, 0x06, 0x88, 0x35, 0x6b, 0xd7, 0x01,
518 0xe3, 0x71, 0x48, 0x41, 0xa4, 0x1d, 0x9b, 0x1d, 0x06, 0x8a, 0x1f, 0x2c, 0x9d, 0xac, 0x81, 0x50,
519 0x4d, 0x9b, 0x05, 0xcf, 0xa2, 0x3f, 0x5c, 0x84, 0x97, 0x82, 0xa6, 0x27, 0x77, 0x88, 0xfa, 0x8a,
520 0x34, 0x8f, 0x23, 0xcb, 0x79, 0x51, 0x07, 0xfb, 0x43, 0xab, 0x75, 0xee, 0xd4, 0x0c, 0x6a, 0x4c,
521 0x5e, 0x1a, 0xc1, 0xa1, 0xd7, 0x32, 0xf8, 0xbe, 0x2b, 0x82, 0xa1, 0x69, 0x4f, 0x24, 0x25, 0x24,
522 0x35, 0x5d, 0xf1, 0x4e, 0x07, 0x0b, 0x0b, 0xb5, 0x79, 0x44, 0xcf, 0xea, 0xb6, 0xfa, 0x99, 0x60,
523 0x34, 0x5d, 0xad, 0xca, 0x3a, 0x6c, 0x9e, 0xa1, 0x81, 0xe0, 0x51, 0xc2, 0x10, 0x0e, 0x6c, 0x61,
524 0x78, 0x07, 0x94, 0x2f, 0xca, 0x0e, 0x04, 0x48, 0x01, 0xaf, 0x29, 0x17, 0x3e, 0x95, 0x99, 0x2d,
525 };
526
527 static const uint8_t g_pData[] = {
528 0xa3, 0x45, 0xc9, 0x21, 0x8a, 0xce, 0x76, 0xf9, 0x52, 0x6e, 0x49, 0x2f, 0x25, 0x05, 0xa9, 0xde,
529 0xdb, 0xd7, 0x6b, 0x39, 0x59, 0x9c, 0x73, 0xe4, 0xf0, 0xe9, 0x39, 0xd0, 0xb5, 0x12, 0x3d, 0xc0,
530 0xb5, 0x2a, 0x08, 0xf3, 0x0a, 0xa4, 0xfc, 0x4a, 0xdb, 0x00, 0x83, 0x85, 0x05, 0xd2, 0xea, 0x9e,
531 0x0b, 0xa9, 0x1f, 0x68, 0x77, 0xd6, 0x13, 0x82, 0xdb, 0xf9, 0x52, 0xe5, 0xae, 0x26, 0x37, 0x2d,
532 0x8b, 0xbd, 0x2e, 0x1d, 0x9e, 0x0c, 0xf2, 0xab, 0x1c, 0xe9, 0x78, 0xad, 0x76, 0x16, 0x55, 0x12,
533 0x81, 0xe0, 0xc9, 0x99, 0x43, 0x9e, 0xf9, 0x78, 0x31, 0x27, 0x7d, 0x13, 0xd7, 0x05, 0x8c, 0xd7,
534 0xef, 0x47, 0xc4, 0x9a, 0xc5, 0xa2, 0x99, 0x2a, 0x6a, 0xa0, 0xd8, 0xc7, 0x26, 0xde, 0xf6, 0xa2,
535 0x24, 0x12, 0x66, 0x4e, 0x90, 0xa1, 0xe2, 0x9e, 0xaa, 0xb3, 0x40, 0x93, 0x2a, 0x9d, 0x23, 0x85,
536 0xec, 0x64, 0xa6, 0x20, 0xdb, 0xe4, 0xbe, 0x8e, 0xe5, 0x4e, 0xec, 0xf6, 0xa8, 0xca, 0x9b, 0x0d,
537 0x3e, 0x34, 0x5c, 0x7a, 0xb7, 0x38, 0x2d, 0x41, 0x48, 0x0c, 0x03, 0xc3, 0x55, 0xfa, 0x10, 0x81,
538 0x62, 0xc4, 0x08, 0x30, 0xf5, 0x39, 0x4b, 0x5f, 0x32, 0x22, 0x50, 0x6f, 0x9f, 0xcb, 0xb2, 0x8a,
539 0x9e, 0x45, 0x71, 0xe2, 0xec, 0xc5, 0x67, 0xeb, 0x3c, 0xe5, 0x8f, 0x16, 0x44, 0x19, 0xe3, 0x2d,
540 0xa5, 0x8f, 0xd7, 0xdb, 0x40, 0x3a, 0x17, 0xa9, 0x0c, 0x19, 0x8b, 0x00, 0x69, 0x22, 0x8d, 0x3f,
541 0x52, 0x9f, 0x43, 0x06, 0xd5, 0x5d, 0x79, 0x60, 0xa9, 0xc2, 0xd4, 0x3c, 0x1e, 0x81, 0x05, 0x6e,
542 0x37, 0x77, 0x82, 0x51, 0x25, 0x74, 0x6a, 0x99, 0xaa, 0xb0, 0xf2, 0x4f, 0x40, 0x2b, 0x29, 0x3f,
543 0x34, 0x9c, 0x97, 0x42, 0x63, 0x9c, 0x49, 0xe8, 0x09, 0x3a, 0xbf, 0x26, 0x8c, 0xcb, 0x7e, 0x11,
544 };
545
546 static const uint8_t g_qData[] = {
547 0xc4, 0x59, 0x2b, 0xa5, 0xe1, 0x19, 0x89, 0xf2, 0x2c, 0xde, 0x54, 0x08, 0xd3, 0xfa, 0xd3, 0x37,
548 0x40, 0xd3, 0xc0, 0x88, 0xe1, 0x08, 0xf0, 0x06, 0xd4, 0x65, 0x82, 0x46, 0xbe, 0xa1, 0x82, 0xdd,
549 };
550
551 static const uint8_t g_gData[] = {
552 0x1c, 0x2d, 0x79, 0x2c, 0x1e, 0x9d, 0x9a, 0x69, 0xe3, 0x59, 0xa6, 0xc9, 0xbe, 0xb3, 0x55, 0x2e,
553 0x9d, 0xc6, 0xfd, 0x77, 0x33, 0xfe, 0x61, 0x31, 0x6a, 0x2d, 0xcf, 0x12, 0xb9, 0x1f, 0x58, 0x4a,
554 0xac, 0xd4, 0xbc, 0xd0, 0xf7, 0xb7, 0x16, 0x3a, 0x6b, 0x80, 0x3e, 0x22, 0x74, 0x81, 0xde, 0x51,
555 0x29, 0x95, 0xe6, 0x28, 0x0c, 0xaf, 0x64, 0xba, 0x11, 0x0e, 0x1a, 0xae, 0xb5, 0xb8, 0x40, 0x59,
556 0xed, 0x75, 0x5a, 0x5e, 0x54, 0x0b, 0xba, 0x8a, 0xb2, 0x14, 0x23, 0xb0, 0xec, 0x68, 0x18, 0xa1,
557 0xd2, 0xfa, 0x2d, 0x16, 0x15, 0xab, 0x1f, 0x0b, 0x18, 0x32, 0x93, 0xc2, 0xd0, 0x54, 0xe0, 0x37,
558 0x6f, 0xff, 0x0d, 0x67, 0x4a, 0x90, 0x41, 0x06, 0x33, 0xfc, 0xab, 0xf8, 0xdc, 0x1e, 0x16, 0xf2,
559 0x06, 0x93, 0xe3, 0x52, 0x18, 0x46, 0x5e, 0xe3, 0x7f, 0xba, 0x98, 0x56, 0x89, 0x0b, 0xce, 0x0b,
560 0xba, 0x01, 0xe2, 0x66, 0x71, 0x85, 0x2a, 0x32, 0x43, 0x9d, 0x48, 0xaf, 0xb9, 0xe4, 0xd3, 0xc8,
561 0xdc, 0x3a, 0x8e, 0xb4, 0xf0, 0xa5, 0x11, 0xd4, 0x5f, 0xbf, 0x65, 0x62, 0x76, 0x4c, 0x30, 0xfb,
562 0x29, 0x1c, 0x15, 0xa6, 0x16, 0x8a, 0x7f, 0x17, 0x56, 0x40, 0x79, 0x33, 0xd4, 0x91, 0x29, 0xf1,
563 0x39, 0x8d, 0xfd, 0x48, 0x97, 0x84, 0xc6, 0x42, 0x1e, 0x83, 0xd2, 0xe5, 0xf9, 0xa4, 0x26, 0x3c,
564 0xb8, 0x6a, 0xce, 0x8b, 0xb5, 0x0d, 0xd8, 0x72, 0x38, 0x3b, 0x65, 0xc8, 0x7c, 0x01, 0xf7, 0x6d,
565 0x8d, 0x50, 0x87, 0xc2, 0xce, 0x55, 0xfb, 0xe4, 0xf9, 0xe2, 0x98, 0x28, 0x9e, 0x05, 0xdf, 0x28,
566 0xcc, 0x0f, 0xe3, 0x54, 0x64, 0x36, 0x2d, 0xa4, 0x7c, 0x5a, 0x0c, 0xcd, 0xe0, 0x51, 0x8f, 0x38,
567 0x3a, 0xe7, 0x82, 0x3a, 0x62, 0x69, 0xce, 0xee, 0x53, 0x2a, 0x7c, 0xec, 0x46, 0x5c, 0x51, 0x33,
568 };
569
CheckSignWithInfoTag(const struct HksBlob * alias,const struct HksParamSet * paramSet)570 static int32_t CheckSignWithInfoTag(const struct HksBlob *alias, const struct HksParamSet *paramSet)
571 {
572 struct HksParamSet *keyParamSet = NULL;
573 int32_t ret = GenParamSetAuthTest(&keyParamSet, paramSet);
574 EXPECT_EQ(ret, HKS_SUCCESS) << "GenParamSetAuthTest failed.";
575
576 ret = HksGetKeyParamSet(alias, paramSet, keyParamSet);
577 EXPECT_EQ(ret, HKS_SUCCESS) << "HksGetKeyParamSet failed.";
578
579 struct HksParam *secureParam = nullptr;
580 ret = HksGetParam(keyParamSet, HKS_TAG_KEY_AUTH_ACCESS_TYPE, &secureParam);
581 EXPECT_EQ(ret, HKS_SUCCESS) << "HksGetParam auth access failed.";
582
583 struct HksParam *userParam = nullptr;
584 ret = HksGetParam(keyParamSet, HKS_TAG_USER_AUTH_TYPE, &userParam);
585 EXPECT_EQ(ret, HKS_SUCCESS) << "HksGetParam user auth failed.";
586
587 struct HksParam *secSignType = nullptr;
588 ret = HksGetParam(keyParamSet, HKS_TAG_KEY_SECURE_SIGN_TYPE, &secSignType);
589 EXPECT_EQ(ret, HKS_SUCCESS) << "HksGetParam secure sign type failed.";
590 EXPECT_EQ(secSignType->uint32Param, HKS_SECURE_SIGN_WITH_AUTHINFO) << "HksGetParam secure sign type failed.";
591
592 HksFreeParamSet(&keyParamSet);
593 return ret;
594 }
595
BuildImportKeyParamsForRsa(struct HksTestSecureSignImportParams * importParams,bool isAuth,bool isClearPasswordInvalid)596 static int32_t BuildImportKeyParamsForRsa(struct HksTestSecureSignImportParams *importParams, bool isAuth,
597 bool isClearPasswordInvalid)
598 {
599 if (isClearPasswordInvalid) {
600 importParams->inputParams = g_importRsaKeyParamsWithBioAndClearPassword;
601 importParams->inputParamSize = sizeof(g_importRsaKeyParamsWithBioAndClearPassword) /
602 sizeof(g_importRsaKeyParamsWithBioAndClearPassword[0]);
603 } else {
604 importParams->inputParams = isAuth ? g_importRsaKeyParams : g_importRsaKeyParamsNoAuth;
605 importParams->inputParamSize = isAuth ? sizeof(g_importRsaKeyParams)/sizeof(g_importRsaKeyParams[0]) :
606 sizeof(g_importRsaKeyParamsNoAuth)/sizeof(g_importRsaKeyParamsNoAuth[0]);
607 }
608
609 importParams->expectResult = HKS_SUCCESS;
610 uint8_t *keyBuffer = (uint8_t *)HksMalloc(MAX_KEY_SIZE);
611 if (keyBuffer == nullptr) {
612 return HKS_ERROR_MALLOC_FAIL;
613 }
614 importParams->importKey.data = keyBuffer;
615 importParams->importKey.size = MAX_KEY_SIZE;
616 struct HksBlob nDataBlob = { sizeof(g_nData2048), (uint8_t *)g_nData2048 };
617 struct HksBlob dData2048 = { sizeof(g_dData2048), (uint8_t *)g_dData2048 };
618 struct HksBlob eData = { sizeof(g_eData), (uint8_t *)g_eData };
619 int32_t ret = Unittest::HksAccessControlPartTest::ConstructRsaKeyPair(&nDataBlob, &dData2048, &eData,
620 HKS_RSA_KEY_SIZE_2048, &importParams->importKey);
621 if (ret != HKS_SUCCESS) {
622 HksFree(keyBuffer);
623 }
624 return ret;
625 }
626
BuildImportKeyParamsForDSA(struct HksTestSecureSignImportParams * importParams,bool isAuth)627 static int32_t BuildImportKeyParamsForDSA(struct HksTestSecureSignImportParams *importParams, bool isAuth)
628 {
629 importParams->inputParams = isAuth ? g_importDsaKeyParams : g_importDsaKeyParamsNoAuthInfo;
630 importParams->inputParamSize = isAuth ? sizeof(g_importDsaKeyParams)/sizeof(g_importDsaKeyParams[0]) :
631 sizeof(g_importDsaKeyParamsNoAuthInfo)/sizeof(g_importDsaKeyParamsNoAuthInfo[0]);
632 importParams->expectResult = HKS_SUCCESS;
633 uint8_t *keyBuffer = (uint8_t *)HksMalloc(MAX_KEY_SIZE);
634 if (keyBuffer == nullptr) {
635 return HKS_ERROR_MALLOC_FAIL;
636 }
637 importParams->importKey.data = keyBuffer;
638 importParams->importKey.size = MAX_KEY_SIZE;
639 struct HksBlob xData = { sizeof(g_xData), (uint8_t *)g_xData };
640 struct HksBlob yData = { sizeof(g_yData), (uint8_t *)g_yData };
641 struct HksBlob pData = { sizeof(g_pData), (uint8_t *)g_pData };
642 struct HksBlob qData = { sizeof(g_qData), (uint8_t *)g_qData };
643 struct HksBlob gData = { sizeof(g_gData), (uint8_t *)g_gData };
644 struct TestDsaKeyParams dsaKeyParams = {
645 .xData = &xData,
646 .yData = &yData,
647 .pData = &pData,
648 .qData = &qData,
649 .gData = &gData
650 };
651 int32_t ret = Unittest::HksAccessControlPartTest::ConstructDsaKeyPair(HKS_RSA_KEY_SIZE_2048, &dsaKeyParams,
652 &importParams->importKey);
653 if (ret != HKS_SUCCESS) {
654 HksFree(keyBuffer);
655 }
656 return HKS_SUCCESS;
657 }
658
BuildImportKeyTestParams(struct HksTestSecureSignImportParams * importParams,uint32_t alg,bool isAuth,bool isClearPasswordInvalid)659 static int32_t BuildImportKeyTestParams(struct HksTestSecureSignImportParams *importParams, uint32_t alg,
660 bool isAuth, bool isClearPasswordInvalid)
661 {
662 importParams->keyAlias = isAuth ? &g_importKeyAlias : &g_importKeyNoAuthAlias;
663 int32_t ret;
664 switch (alg) {
665 case HKS_ALG_RSA: {
666 ret = BuildImportKeyParamsForRsa(importParams, isAuth, isClearPasswordInvalid);
667 return ret;
668 }
669 case HKS_ALG_DSA: {
670 ret = BuildImportKeyParamsForDSA(importParams, isAuth);
671 return ret;
672 }
673 break;
674 case HKS_ALG_ED25519: {
675 importParams->inputParams = isAuth ? g_importKeyEd25519Params : g_importKeyEd25519ParamsNoAuth;
676 importParams->inputParamSize = isAuth ? sizeof(g_importKeyEd25519Params)/sizeof(g_importKeyEd25519Params[0])
677 : sizeof(g_importKeyEd25519ParamsNoAuth) / sizeof(g_importKeyEd25519ParamsNoAuth[0]);
678 importParams->expectResult = HKS_SUCCESS;
679 uint8_t *keyBuffer = (uint8_t *)HksMalloc(MAX_KEY_SIZE);
680 if (keyBuffer == nullptr) {
681 return HKS_ERROR_MALLOC_FAIL;
682 }
683 importParams->importKey.data = keyBuffer;
684 importParams->importKey.size = MAX_KEY_SIZE;
685 struct HksBlob ed25519PubData = { sizeof(g_ed25519PubData), (uint8_t *)g_ed25519PubData };
686 struct HksBlob ed25519PriData = { sizeof(g_ed25519PriData), (uint8_t *)g_ed25519PriData };
687 ret = ConstructEd25519KeyPair(HKS_CURVE25519_KEY_SIZE_256, HKS_ALG_ED25519, &ed25519PubData,
688 &ed25519PriData, &importParams->importKey);
689 if (ret != HKS_SUCCESS) {
690 HksFree(keyBuffer);
691 }
692 return ret;
693 }
694 break;
695 default:
696 break;
697 }
698 return HKS_FAILURE;
699 }
700
BuildUpdateFinishParams(struct HksTestSecureSignVerifyUpdateFinishParams * updateFinishParams,uint32_t alg,bool isThreeStage)701 static int32_t BuildUpdateFinishParams(struct HksTestSecureSignVerifyUpdateFinishParams *updateFinishParams,
702 uint32_t alg, bool isThreeStage)
703 {
704 updateFinishParams->keyAlias = &g_importKeyAlias;
705 updateFinishParams->keyAliasNoAuth = &g_importKeyNoAuthAlias;
706 updateFinishParams->isThreeStageUse = isThreeStage;
707 g_outDataBlob.data = g_outBuffer;
708 g_outDataBlob.size = sizeof(g_outBuffer);
709 updateFinishParams->outBuffer = &g_outDataBlob;
710 updateFinishParams->inData = isThreeStage ? &g_inDataBlob : &g_inDataBlobTwoStage;
711 switch (alg) {
712 case HKS_ALG_RSA: {
713 updateFinishParams->updateParams = g_signParamsTestRsa;
714 updateFinishParams->inputParamSize = HKS_ARRAY_SIZE(g_signParamsTestRsa);
715 updateFinishParams->expectResult = HKS_SUCCESS;
716 return HKS_SUCCESS;
717 }
718 case HKS_ALG_ED25519: {
719 updateFinishParams->updateParams = g_signParamsTestEd25519;
720 updateFinishParams->inputParamSize = HKS_ARRAY_SIZE(g_signParamsTestEd25519);
721 updateFinishParams->expectResult = HKS_SUCCESS;
722 return HKS_SUCCESS;
723 }
724 case HKS_ALG_DSA: {
725 updateFinishParams->updateParams = g_signParamsTestDsa;
726 updateFinishParams->inputParamSize = HKS_ARRAY_SIZE(g_signParamsTestDsa);
727 updateFinishParams->expectResult = HKS_SUCCESS;
728 return HKS_SUCCESS;
729 }
730 default:
731 break;
732 }
733 return HKS_FAILURE;
734 }
735
BuildUpdateFinishVerifyParams(struct HksTestSecureSignVerifyUpdateFinishParams * updateFinishParams,uint32_t alg,bool isThreeStage,struct HksBlob * inData,struct HksBlob * signature)736 static int32_t BuildUpdateFinishVerifyParams(struct HksTestSecureSignVerifyUpdateFinishParams *updateFinishParams,
737 uint32_t alg, bool isThreeStage, struct HksBlob *inData, struct HksBlob *signature)
738 {
739 updateFinishParams->keyAlias = &g_importKeyAlias;
740 updateFinishParams->keyAliasNoAuth = &g_importKeyNoAuthAlias;
741 updateFinishParams->isThreeStageUse = isThreeStage;
742 g_outDataBlob.data = g_outBuffer;
743 g_outDataBlob.size = sizeof(g_outBuffer);
744 updateFinishParams->outBuffer = &g_outDataBlob;
745 updateFinishParams->inData = inData;
746 updateFinishParams->signature = signature;
747 switch (alg) {
748 case HKS_ALG_RSA: {
749 updateFinishParams->updateParams = g_verifyParamsTestRsa;
750 updateFinishParams->inputParamSize = HKS_ARRAY_SIZE(g_verifyParamsTestRsa);
751 updateFinishParams->expectResult = HKS_SUCCESS;
752 return HKS_SUCCESS;
753 }
754 case HKS_ALG_ED25519: {
755 updateFinishParams->updateParams = g_verifyParamsTestEd25519;
756 updateFinishParams->inputParamSize = HKS_ARRAY_SIZE(g_verifyParamsTestEd25519);
757 updateFinishParams->expectResult = HKS_SUCCESS;
758 return HKS_SUCCESS;
759 }
760 case HKS_ALG_DSA: {
761 updateFinishParams->updateParams = g_verifyParamsTestDsa;
762 updateFinishParams->inputParamSize = HKS_ARRAY_SIZE(g_verifyParamsTestDsa);
763 updateFinishParams->expectResult = HKS_SUCCESS;
764 return HKS_SUCCESS;
765 }
766 default:
767 break;
768 }
769 return HKS_FAILURE;
770 }
771
TestGenerateKeyWithSecureSignTag(struct HksTestSecureSignGenParams * params)772 static void TestGenerateKeyWithSecureSignTag(struct HksTestSecureSignGenParams *params)
773 {
774 struct HksParamSet *genParamSet = NULL;
775 int32_t ret = InitParamSet(&genParamSet, params->inputParams, params->inputParamSize);
776 EXPECT_EQ(ret, HKS_SUCCESS) << "InitParamSet failed.";
777
778 /**
779 * @tc.steps:step1. Generate a key with user_auth_type and sign_with_info tag
780 */
781 ret = HksGenerateKey(params->keyAlias, genParamSet, nullptr);
782 EXPECT_EQ(ret, HKS_SUCCESS) << "HksGenerateKey rsa key failed.";
783
784 /**
785 * @tc.steps:step2. Get key paramSet check if related key tag exist
786 */
787 ret = CheckSignWithInfoTag(params->keyAlias, genParamSet);
788 EXPECT_EQ(ret, HKS_SUCCESS) << "CheckSignWithInfoTag rsa key failed.";
789
790 /**
791 * @tc.steps:step3. Delete key and free paramSet
792 */
793 HksDeleteKey(params->keyAlias, nullptr);
794 HksFreeParamSet(&genParamSet);
795 }
796
TestImportKeyWithSecureSignTag(struct HksTestSecureSignImportParams * params,bool ifCheckTag)797 int32_t TestImportKeyWithSecureSignTag(struct HksTestSecureSignImportParams *params, bool ifCheckTag)
798 {
799 struct HksParamSet *importParams = nullptr;
800 int32_t ret = InitParamSet(&importParams, params->inputParams, params->inputParamSize);
801 EXPECT_EQ(ret, HKS_SUCCESS) << "InitParamSet failed.";
802
803 /**
804 * @tc.steps:step1. Import a key with user_auth_type and sign_with_info tag
805 */
806 ret = HksImportKey(params->keyAlias, importParams, ¶ms->importKey);
807 EXPECT_EQ(ret, HKS_SUCCESS) << "HksImportKey key failed.";
808
809 if (ifCheckTag) {
810 /**
811 * @tc.steps:step2. Get key paramSet check if related key tag exist
812 */
813 ret = CheckSignWithInfoTag(params->keyAlias, importParams);
814 EXPECT_EQ(ret, HKS_SUCCESS) << "CheckSignWithInfoTag rsa key failed.";
815 }
816
817 /**
818 * @tc.steps:step3. Free paramSet
819 */
820 HksFreeParamSet(&importParams);
821 return ret;
822 }
823
HksTestUpdateFinishSignAuthInfo(struct HksTestSecureSignVerifyUpdateFinishParams * updateFinishParams,struct HksTestGenAuthTokenParams * genAuthTokenParams)824 int32_t HksTestUpdateFinishSignAuthInfo(struct HksTestSecureSignVerifyUpdateFinishParams *updateFinishParams,
825 struct HksTestGenAuthTokenParams *genAuthTokenParams)
826 {
827 uint8_t tmpHandle[sizeof(uint64_t)] = {0};
828 struct HksBlob handle = { sizeof(uint64_t), tmpHandle };
829 uint8_t tmpChallenge[TOKEN_SIZE] = {0};
830 struct HksBlob challenge = { sizeof(tmpChallenge), tmpChallenge };
831
832 struct HksParamSet *paramSet = nullptr;
833 int32_t ret = InitParamSet(¶mSet, updateFinishParams->updateParams, updateFinishParams->inputParamSize);
834 EXPECT_EQ(ret, HKS_SUCCESS) << "InitParamSet failed.";
835 if (ret != HKS_SUCCESS) {
836 return HKS_FAILURE;
837 }
838
839 ret = HksInit(updateFinishParams->keyAlias, paramSet, &handle, &challenge);
840 EXPECT_EQ(ret, HKS_SUCCESS) << "Init failed.";
841 if (ret != HKS_SUCCESS) {
842 HksFreeParamSet(¶mSet);
843 return HKS_FAILURE;
844 }
845
846 genAuthTokenParams->authChallenge = &challenge;
847
848 struct HksParamSet *newParamSet = nullptr;
849 ret = HksBuildAuthTokenSecure(paramSet, genAuthTokenParams, &newParamSet);
850 EXPECT_EQ(ret, HKS_SUCCESS) << "HksBuildAuthTokenSecure failed.";
851 if (ret != HKS_SUCCESS) {
852 HksFreeParamSet(¶mSet);
853 return HKS_FAILURE;
854 }
855
856 struct HksParam *tmpParam = NULL;
857 ret = HksGetParam(newParamSet, HKS_TAG_PURPOSE, &tmpParam);
858 if (ret != HKS_SUCCESS) {
859 HksFreeParamSet(¶mSet);
860 HksFreeParamSet(&newParamSet);
861 HKS_LOG_E("get tag purpose failed.");
862 return HKS_FAILURE;
863 }
864
865 if (updateFinishParams->isThreeStageUse) {
866 ret = TestUpdateFinish(&handle, newParamSet, tmpParam->uint32Param, updateFinishParams->inData,
867 updateFinishParams->outBuffer);
868 } else {
869 ret = HksFinish(&handle, newParamSet, updateFinishParams->inData, updateFinishParams->outBuffer);
870 }
871 EXPECT_EQ(ret, HKS_SUCCESS) << "TestUpdateFinish failed.";
872 if (ret != HKS_SUCCESS) {
873 HksFreeParamSet(¶mSet);
874 HksFreeParamSet(&newParamSet);
875 return HKS_FAILURE;
876 }
877
878 HksFreeParamSet(¶mSet);
879 HksFreeParamSet(&newParamSet);
880 return ret;
881 }
882
VerifyUpdateFinish(struct HksBlob * handle,struct HksParamSet * newParamSet,struct HksParam * purposeParam,struct HksTestSecureSignVerifyUpdateFinishParams * updateFinishParams,bool isSign)883 int32_t VerifyUpdateFinish(struct HksBlob *handle, struct HksParamSet *newParamSet, struct HksParam *purposeParam,
884 struct HksTestSecureSignVerifyUpdateFinishParams *updateFinishParams, bool isSign)
885 {
886 int32_t ret;
887 if (isSign) {
888 if (updateFinishParams->isThreeStageUse) {
889 ret = TestUpdateFinish(handle, newParamSet, purposeParam->uint32Param, updateFinishParams->inData,
890 updateFinishParams->outBuffer);
891 } else {
892 ret = HksFinish(handle, newParamSet, updateFinishParams->inData, updateFinishParams->outBuffer);
893 }
894 } else {
895 if (updateFinishParams->isThreeStageUse) {
896 ret = TestUpdateFinish(handle, newParamSet, purposeParam->uint32Param, updateFinishParams->inData,
897 updateFinishParams->signature);
898 } else {
899 ret = HksFinish(handle, newParamSet, updateFinishParams->inData, updateFinishParams->signature);
900 }
901 }
902 return ret;
903 }
904
HksTestUpdateFinishVerifySignAuthInfo(struct HksTestSecureSignVerifyUpdateFinishParams * updateFinishParams,struct HksTestGenAuthTokenParams * genAuthTokenParams,bool isSign)905 int32_t HksTestUpdateFinishVerifySignAuthInfo(struct HksTestSecureSignVerifyUpdateFinishParams *updateFinishParams,
906 struct HksTestGenAuthTokenParams *genAuthTokenParams, bool isSign)
907 {
908 uint8_t tmpHandle[sizeof(uint64_t)] = {0};
909 struct HksBlob handle = { sizeof(uint64_t), tmpHandle };
910 uint8_t tmpChallenge[TOKEN_SIZE] = {0};
911 struct HksBlob challenge = { sizeof(tmpChallenge), tmpChallenge };
912
913 struct HksParamSet *paramSet = nullptr;
914 int32_t ret = InitParamSet(¶mSet, updateFinishParams->updateParams, updateFinishParams->inputParamSize);
915 if (ret != HKS_SUCCESS) {
916 return HKS_FAILURE;
917 }
918
919 ret = HksInit(updateFinishParams->keyAlias, paramSet, &handle, &challenge);
920 if (ret != HKS_SUCCESS) {
921 HksFreeParamSet(¶mSet);
922 return HKS_FAILURE;
923 }
924
925 genAuthTokenParams->authChallenge = &challenge;
926
927 struct HksParamSet *newParamSet = nullptr;
928 ret = HksBuildAuthTokenSecure(paramSet, genAuthTokenParams, &newParamSet);
929 if (ret != HKS_SUCCESS) {
930 HksFreeParamSet(¶mSet);
931 return HKS_FAILURE;
932 }
933
934 struct HksParam *purposeParam = NULL;
935 ret = HksGetParam(newParamSet, HKS_TAG_PURPOSE, &purposeParam);
936 if (ret != HKS_SUCCESS) {
937 HksFreeParamSet(¶mSet);
938 HksFreeParamSet(&newParamSet);
939 HKS_LOG_E("get tag purpose failed.");
940 return HKS_FAILURE;
941 }
942
943 ret = VerifyUpdateFinish(&handle, newParamSet, purposeParam, updateFinishParams, isSign);
944
945 EXPECT_EQ(ret, HKS_SUCCESS) << "TestUpdateFinish failed.";
946
947 if (ret != HKS_SUCCESS) {
948 HksFreeParamSet(¶mSet);
949 HksFreeParamSet(&newParamSet);
950 return HKS_FAILURE;
951 }
952
953 return ret;
954 }
955
956 static const uint32_t g_fingerPrintInUserIam = 4;
957 static const uint32_t g_pinInUserIam = 1;
958
BuildAuthTokenParams(struct HksTestGenAuthTokenParams * authTokenParams,bool isClearPasswordInvalid)959 static void BuildAuthTokenParams(struct HksTestGenAuthTokenParams *authTokenParams, bool isClearPasswordInvalid)
960 {
961 if (isClearPasswordInvalid) {
962 authTokenParams->secureUid = g_secureUid;
963 authTokenParams->enrolledId = g_enrolledIdFinger;
964 authTokenParams->credentialId = g_credentialId;
965 authTokenParams->time = g_time;
966 authTokenParams->authType = g_fingerPrintInUserIam;
967 return;
968 }
969 authTokenParams->secureUid = g_secureUid;
970 authTokenParams->enrolledId = g_enrolledIdPin;
971 authTokenParams->credentialId = g_credentialId;
972 authTokenParams->time = g_time;
973 authTokenParams->authType = g_pinInUserIam;
974 }
975
BuildSigAndIndataBlob(struct HksBlob * sigBlob,struct HksBlob * inDataBlob,struct HksTestSecureSignVerifyUpdateFinishParams * secureSignUpdateFinish)976 static int32_t BuildSigAndIndataBlob(struct HksBlob *sigBlob, struct HksBlob *inDataBlob,
977 struct HksTestSecureSignVerifyUpdateFinishParams *secureSignUpdateFinish)
978 {
979 int32_t ret = memcpy_s(sigBlob->data, sigBlob->size,
980 secureSignUpdateFinish->outBuffer->data + g_authHeadSize,
981 secureSignUpdateFinish->outBuffer->size - g_authHeadSize);
982 if (ret != EOK) {
983 return ret;
984 }
985 ret = memcpy_s(inDataBlob->data, inDataBlob->size,
986 secureSignUpdateFinish->outBuffer->data, g_authHeadSize);
987 if (ret != EOK) {
988 return ret;
989 }
990 ret = memcpy_s(inDataBlob->data + g_authHeadSize, inDataBlob->size - g_authHeadSize,
991 secureSignUpdateFinish->inData->data, secureSignUpdateFinish->inData->size);
992 return ret;
993 }
994
TestImportKeyWithSignTagAndTestUseKeyCommonCase(uint32_t alg,bool isThreeStage,bool isClearPasswordInvalid)995 static void TestImportKeyWithSignTagAndTestUseKeyCommonCase(uint32_t alg, bool isThreeStage,
996 bool isClearPasswordInvalid)
997 {
998 /**
999 * @tc.steps:step1. import a key with user_auth_type and sign_with_info tag
1000 */
1001 struct HksTestSecureSignImportParams importParams;
1002 (void)memset_s((uint8_t *)&importParams, sizeof(struct HksTestSecureSignImportParams), 0,
1003 sizeof(struct HksTestSecureSignImportParams));
1004 int32_t ret = BuildImportKeyTestParams(&importParams, alg, true, isClearPasswordInvalid);
1005 EXPECT_EQ(ret, HKS_SUCCESS) << "BuildImportKeyTestParams failed.";
1006 if (ret != HKS_SUCCESS) {
1007 return;
1008 }
1009
1010 ret = TestImportKeyWithSecureSignTag(&importParams, true);
1011 EXPECT_EQ(ret, HKS_SUCCESS) << "TestImportKeyWithSecureSignTag failed.";
1012 if (ret != HKS_SUCCESS) {
1013 return;
1014 }
1015
1016 /**
1017 * @tc.steps:step2. Import a key without user_auth_type and sign_with_info tag
1018 */
1019 struct HksTestSecureSignImportParams importParamsWithoutSignAuth;
1020 (void)memset_s((uint8_t *)&importParamsWithoutSignAuth, sizeof(struct HksTestSecureSignImportParams), 0,
1021 sizeof(struct HksTestSecureSignImportParams));
1022 ret = BuildImportKeyTestParams(&importParamsWithoutSignAuth, alg, false, isClearPasswordInvalid);
1023 EXPECT_EQ(ret, HKS_SUCCESS) << "BuildImportKeyTestParams without sign auth failed.";
1024 if (ret != HKS_SUCCESS) {
1025 return;
1026 }
1027
1028 /**
1029 * @tc.steps:step3. use the key to sign:init update finish. check the sign data whether equals the expected data
1030 */
1031 ret = TestImportKeyWithSecureSignTag(&importParamsWithoutSignAuth, false);
1032 EXPECT_EQ(ret, HKS_SUCCESS) << "TestImportKeyWithSecureSignTag2 failed.";
1033 struct HksTestSecureSignVerifyUpdateFinishParams secureSignUpdateFinish;
1034 ret = BuildUpdateFinishParams(&secureSignUpdateFinish, alg, isThreeStage);
1035 EXPECT_EQ(ret, HKS_SUCCESS) << "BuildUpdateFinishParams failed.";
1036
1037 struct HksTestGenAuthTokenParams genAuthTokenParams = { 0 };
1038 BuildAuthTokenParams(&genAuthTokenParams, isClearPasswordInvalid);
1039
1040 ret = HksTestUpdateFinishVerifySignAuthInfo(&secureSignUpdateFinish, &genAuthTokenParams, true);
1041 EXPECT_EQ(ret, secureSignUpdateFinish.expectResult) << "HksTestUpdateFinishSignAuthInfo failed.";
1042
1043 uint8_t sigature[secureSignUpdateFinish.outBuffer->size - g_authHeadSize];
1044 struct HksBlob sigBlob = {secureSignUpdateFinish.outBuffer->size - g_authHeadSize, sigature};
1045 uint8_t inData[secureSignUpdateFinish.inData->size + g_authHeadSize];
1046 struct HksBlob inDataBlob = {secureSignUpdateFinish.inData->size + g_authHeadSize, inData};
1047 ret = BuildSigAndIndataBlob(&sigBlob, &inDataBlob, &secureSignUpdateFinish);
1048 EXPECT_EQ(ret, HKS_SUCCESS) << "BuildSigAndIndataBlob failed.";
1049
1050 struct HksTestSecureSignVerifyUpdateFinishParams secureSignUpdateFinishVerify;
1051 ret = BuildUpdateFinishVerifyParams(&secureSignUpdateFinishVerify, alg, true, &inDataBlob, &sigBlob);
1052 EXPECT_EQ(ret, HKS_SUCCESS) << "BuildUpdateFinishVerifyParams failed.";
1053 ret = HksTestUpdateFinishVerifySignAuthInfo(&secureSignUpdateFinishVerify, &genAuthTokenParams, false);
1054
1055 HKS_FREE_BLOB(importParams.importKey);
1056 HKS_FREE_BLOB(importParamsWithoutSignAuth.importKey);
1057 HksDeleteKey(secureSignUpdateFinish.keyAlias, nullptr);
1058 HksDeleteKey(secureSignUpdateFinish.keyAliasNoAuth, nullptr);
1059 }
1060
1061 /**
1062 * @tc.name: HksAccessControlSecureSignTest001
1063 * @tc.desc: normal case to test generate a rsa key with sign_with_info tag and check paramSet
1064 * has the tag
1065 * @tc.type: FUNC
1066 * @tc.require: issueI5NY0M
1067 */
1068 HWTEST_F(HksAccessControlSecureSignTest, HksAccessControlSecureSignTest001, TestSize.Level0)
1069 {
1070 HKS_LOG_E("enter HksAccessControlSecureSignTest001");
1071 TestGenerateKeyWithSecureSignTag(&g_testRsaGenParams);
1072 }
1073
1074 /**
1075 * @tc.name: HksAccessControlSecureSignTest002
1076 * @tc.desc: normal case to test generate a ed25519 key with sign_with_info tag and check paramSet
1077 * has the tag
1078 * @tc.type: FUNC
1079 * @tc.require: issueI5NY0M
1080 */
1081 HWTEST_F(HksAccessControlSecureSignTest, HksAccessControlSecureSignTest002, TestSize.Level0)
1082 {
1083 HKS_LOG_E("enter HksAccessControlSecureSignTest002");
1084 TestGenerateKeyWithSecureSignTag(&g_testEd25519GenParams);
1085 }
1086
1087 /**
1088 * @tc.name: HksAccessControlSecureSignTest003
1089 * @tc.desc: normal case to test generate a dsa key with sign_with_info tag and check paramSet
1090 * has the tag
1091 * @tc.type: FUNC
1092 * @tc.require: issueI5NY0M
1093 */
1094 HWTEST_F(HksAccessControlSecureSignTest, HksAccessControlSecureSignTest003, TestSize.Level0)
1095 {
1096 #ifdef _USE_OPENSSL_
1097 HKS_LOG_E("enter HksAccessControlSecureSignTest003");
1098 TestGenerateKeyWithSecureSignTag(&g_testDsaGenParams);
1099 #endif
1100 }
1101
1102 /**
1103 * @tc.name: HksAccessControlSecureSignTest004
1104 * @tc.desc: normal case to test import a rsa key with user auth type and use the key
1105 * to sign data, check the signature whether equals the expected
1106 * @tc.type: FUNC
1107 * @tc.require: issueI5NY0M
1108 */
1109 HWTEST_F(HksAccessControlSecureSignTest, HksAccessControlSecureSignTest004, TestSize.Level0)
1110 {
1111 HKS_LOG_E("enter HksAccessControlSecureSignTest004");
1112 TestImportKeyWithSignTagAndTestUseKeyCommonCase(HKS_ALG_RSA, true, false);
1113 }
1114
1115 /**
1116 * @tc.name: HksAccessControlSecureSignTest005
1117 * @tc.desc: normal case to test import a dsa key with user auth type and use the key
1118 * to sign data, check the signature whether equals the expected
1119 * @tc.type: FUNC
1120 * @tc.require: issueI5NY0M
1121 */
1122 HWTEST_F(HksAccessControlSecureSignTest, HksAccessControlSecureSignTest005, TestSize.Level0)
1123 {
1124 #ifdef _USE_OPENSSL_
1125 HKS_LOG_E("enter HksAccessControlSecureSignTest005");
1126 TestImportKeyWithSignTagAndTestUseKeyCommonCase(HKS_ALG_DSA, true, false);
1127 #endif
1128 }
1129
1130 /**
1131 * @tc.name: HksAccessControlSecureSignTest006
1132 * @tc.desc: normal case to test import a rsa key with user auth type and use the key:init&finish
1133 * to sign data, check the signature whether equals the expected
1134 * @tc.type: FUNC
1135 * @tc.require: issueI5NY0M
1136 */
1137 HWTEST_F(HksAccessControlSecureSignTest, HksAccessControlSecureSignTest006, TestSize.Level0)
1138 {
1139 HKS_LOG_E("enter HksAccessControlSecureSignTest006");
1140 TestImportKeyWithSignTagAndTestUseKeyCommonCase(HKS_ALG_RSA, false, false);
1141 }
1142
1143 /**
1144 * @tc.name: HksAccessControlSecureSignTest007
1145 * @tc.desc: normal case to test import a rsa key with auth type as fingerprint and access type as invalid clear
1146 * password, check the signature whether equals the expected
1147 * @tc.type: FUNC
1148 * @tc.require: issueI5NY0M
1149 */
1150 HWTEST_F(HksAccessControlSecureSignTest, HksAccessControlSecureSignTest007, TestSize.Level0)
1151 {
1152 HKS_LOG_E("enter HksAccessControlSecureSignTest007");
1153 TestImportKeyWithSignTagAndTestUseKeyCommonCase(HKS_ALG_RSA, true, true);
1154 }
1155 }
1156