1 /*
2 * Copyright (C) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "huks_attest_test_common.h"
17
18 #include <cstdlib>
19 #include <gtest/gtest.h>
20
21 using namespace testing::ext;
22
23 namespace Unittest::AttestKey {
24 const static uint32_t g_paramCountInKeyAttest = 4;
25 const static uint32_t g_paramCountInIdAttest = 7;
26 const static uint32_t g_index0 = 0;
27 const static uint32_t g_index1 = 1;
28 const static uint32_t g_index2 = 2;
29 const static uint32_t g_index3 = 3;
30 const static uint32_t g_index4 = 4;
31 const static uint32_t g_index5 = 5;
32 const static uint32_t g_index6 = 6;
33
FreeCertChain(struct OH_Huks_CertChain ** certChain,const uint32_t pos)34 void FreeCertChain(struct OH_Huks_CertChain **certChain, const uint32_t pos)
35 {
36 if (certChain == nullptr || *certChain == nullptr) {
37 return;
38 }
39
40 if ((*certChain)->certs == nullptr) {
41 HksFree(*certChain);
42 *certChain = nullptr;
43 return;
44 }
45 for (uint32_t j = 0; j < pos; j++) {
46 if ((*certChain)->certs[j].data != nullptr) {
47 HksFree((*certChain)->certs[j].data);
48 (*certChain)->certs[j].data = nullptr;
49 }
50 }
51
52 if ((*certChain)->certs != nullptr) {
53 HksFree((*certChain)->certs);
54 (*certChain)->certs = nullptr;
55 }
56
57 if (*certChain != nullptr) {
58 HksFree(*certChain);
59 *certChain = nullptr;
60 }
61 }
62
TestGenerateKey(const struct OH_Huks_Blob * keyAlias)63 OH_Huks_Result TestGenerateKey(const struct OH_Huks_Blob *keyAlias)
64 {
65 struct OH_Huks_Param tmpParams[] = {
66 { .tag = OH_HUKS_TAG_KEY_STORAGE_FLAG, .uint32Param = OH_HUKS_STORAGE_PERSISTENT },
67 { .tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_RSA },
68 { .tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_RSA_KEY_SIZE_2048 },
69 { .tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_VERIFY },
70 { .tag = OH_HUKS_TAG_DIGEST, .uint32Param = OH_HUKS_DIGEST_SHA256 },
71 { .tag = OH_HUKS_TAG_PADDING, .uint32Param = OH_HUKS_PADDING_PSS },
72 { .tag = OH_HUKS_TAG_KEY_GENERATE_TYPE, .uint32Param = OH_HUKS_KEY_GENERATE_TYPE_DEFAULT },
73 { .tag = OH_HUKS_TAG_BLOCK_MODE, .uint32Param = OH_HUKS_MODE_ECB },
74 };
75 struct OH_Huks_ParamSet *paramSet = nullptr;
76 OH_Huks_Result ret = OH_Huks_InitParamSet(¶mSet);
77 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
78 return ret;
79 }
80
81 ret = OH_Huks_AddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0]));
82 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
83 OH_Huks_FreeParamSet(¶mSet);
84 return ret;
85 }
86
87 ret = OH_Huks_BuildParamSet(¶mSet);
88 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
89 OH_Huks_FreeParamSet(¶mSet);
90 return ret;
91 }
92
93 ret = OH_Huks_GenerateKeyItem(keyAlias, paramSet, nullptr);
94 OH_Huks_FreeParamSet(¶mSet);
95 return ret;
96 }
97
ConstructDataToCertChain(struct OH_Huks_CertChain ** certChain,const struct HksTestCertChain * certChainParam)98 int32_t ConstructDataToCertChain(struct OH_Huks_CertChain **certChain,
99 const struct HksTestCertChain *certChainParam)
100 {
101 if (!certChainParam->certChainExist) {
102 return 0;
103 }
104 *certChain = (struct OH_Huks_CertChain *)HksMalloc(sizeof(struct OH_Huks_CertChain));
105 if (*certChain == nullptr) {
106 return OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT;
107 }
108 if (!certChainParam->certCountValid) {
109 (*certChain)->certsCount = 0;
110 (*certChain)->certs = nullptr;
111 return 0;
112 }
113 (*certChain)->certsCount = CERT_COUNT;
114 if (!certChainParam->certDataExist) {
115 (*certChain)->certs = nullptr;
116 return 0;
117 }
118 (*certChain)->certs = (struct OH_Huks_Blob *)HksMalloc(sizeof(struct OH_Huks_Blob) * ((*certChain)->certsCount));
119 if ((*certChain)->certs == nullptr) {
120 HksFree(*certChain);
121 *certChain = nullptr;
122 }
123 for (uint32_t i = 0; i < (*certChain)->certsCount; i++) {
124 (*certChain)->certs[i].size = certChainParam->certDataSize;
125 (*certChain)->certs[i].data = (uint8_t *)HksMalloc((*certChain)->certs[i].size);
126 if ((*certChain)->certs[i].data == nullptr) {
127 FreeCertChain(certChain, i);
128 return OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT;
129 }
130 memset_s((*certChain)->certs[i].data, certChainParam->certDataSize, 0, certChainParam->certDataSize);
131 }
132 return 0;
133 }
134
GenerateParamSet(struct OH_Huks_ParamSet ** paramSet,const struct OH_Huks_Param tmpParams[],uint32_t paramCount)135 OH_Huks_Result GenerateParamSet(struct OH_Huks_ParamSet **paramSet, const struct OH_Huks_Param tmpParams[], uint32_t paramCount)
136 {
137 OH_Huks_Result ret = OH_Huks_InitParamSet(paramSet);
138 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
139 return ret;
140 }
141
142 ret = OH_Huks_AddParams(*paramSet, tmpParams, paramCount);
143 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
144 OH_Huks_FreeParamSet(paramSet);
145 return ret;
146 }
147
148 ret = OH_Huks_BuildParamSet(paramSet);
149 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
150 OH_Huks_FreeParamSet(paramSet);
151 return ret;
152 }
153 return ret;
154 }
155
ValidataAndCompareCertInfo(ParamType type,const struct OH_Huks_CertChain * certChain,struct OH_Huks_ParamSet * paramSet)156 static int32_t ValidataAndCompareCertInfo(ParamType type, const struct OH_Huks_CertChain *certChain,
157 struct OH_Huks_ParamSet *paramSet)
158 {
159 if (certChain == nullptr || paramSet == nullptr) {
160 return OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT;
161 }
162 int32_t ret = HksValidateCertChain((HksCertChain *)certChain, (HksParamSet *)paramSet);
163 if (ret == OH_HUKS_SUCCESS) {
164 ret |= strcmp(SEC_INFO_DATA, (char *)paramSet->params[g_index0].blob.data);
165 ret |= strcmp(CHALLENGE_DATA, (char *)paramSet->params[g_index1].blob.data);
166 ret |= strcmp(VERSION_DATA, (char *)paramSet->params[g_index2].blob.data);
167 ret |= strcmp(ALIAS, (char *)paramSet->params[g_index3].blob.data);
168 }
169 if (type == IDS_PARAM) {
170 if (ret == OH_HUKS_SUCCESS) {
171 ret |= strcmp(UDID_DATA, (char *)paramSet->params[g_index4].blob.data);
172 ret |= strcmp(SN_DATA, (char *)paramSet->params[g_index5].blob.data);
173 ret |= strcmp(DEVICE_ID, (char *)paramSet->params[g_index6].blob.data);
174 }
175 }
176 return ret;
177 }
178
ValidateCertChainTest(const struct OH_Huks_CertChain * certChain,const struct OH_Huks_Param tmpParam[],ParamType type)179 OH_Huks_Result ValidateCertChainTest(const struct OH_Huks_CertChain *certChain, const struct OH_Huks_Param tmpParam[], ParamType type)
180 {
181 OH_Huks_Result ret;
182 struct OH_Huks_ParamSet *paramSet = nullptr;
183 do {
184 ret = OH_Huks_InitParamSet(¶mSet);
185 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
186 break;
187 }
188 uint32_t paramCount = 0;
189 if (type == IDS_PARAM) {
190 paramCount = g_paramCountInIdAttest;
191 } else if (type == NON_IDS_PARAM) {
192 paramCount = g_paramCountInKeyAttest;
193 }
194 ret = OH_Huks_AddParams(paramSet, tmpParam, paramCount);
195 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
196 break;
197 }
198 ret = OH_Huks_BuildParamSet(¶mSet);
199 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
200 break;
201 }
202 ret.errorCode = ValidataAndCompareCertInfo(type, certChain, paramSet);
203 } while (0);
204 OH_Huks_FreeParamSet(¶mSet);
205 return ret;
206 }
207 }
208