1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ASNY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include <gtest/gtest.h> 17 18 #include "huks_warpped_test.h" 19 #include "huks_three_stage_test_common.h" 20 #include "huks_wrapped_test_common.h" 21 #include "huks_mem.h" 22 #include "native_huks_type.h" 23 24 using namespace testing::ext; 25 namespace Unittest::ImportWrapped 26 { 27 class HuksImportWrappedX25519Test : public testing::Test 28 { 29 public: 30 static void SetUpTestCase(void); 31 32 static void TearDownTestCase(void); 33 34 void SetUp(); 35 36 void TearDown(); 37 }; 38 SetUpTestCase(void)39 void HuksImportWrappedX25519Test::SetUpTestCase(void) 40 { 41 } 42 TearDownTestCase(void)43 void HuksImportWrappedX25519Test::TearDownTestCase(void) 44 { 45 } 46 SetUp()47 void HuksImportWrappedX25519Test::SetUp() 48 { 49 } 50 TearDown()51 void HuksImportWrappedX25519Test::TearDown() 52 { 53 } 54 55 struct TestImportKeyData { 56 struct OH_Huks_Blob x509PublicKey; 57 struct OH_Huks_Blob publicOrXData; 58 struct OH_Huks_Blob privateOrYData; 59 struct OH_Huks_Blob zData; 60 }; 61 62 static struct OH_Huks_Blob g_wrappingKeyAliasAes256 = { 63 .size = strlen("test_wrappingKey_x25519_aes256"), 64 .data = (uint8_t *)"test_wrappingKey_x25519_aes256"}; 65 66 static struct OH_Huks_Blob g_callerKeyAliasAes256 = { 67 .size = strlen("test_caller_key_x25519_aes256"), 68 .data = (uint8_t *)"test_caller_key_x25519_aes256"}; 69 70 static struct OH_Huks_Blob g_callerKekAliasAes256 = { 71 .size = strlen("test_caller_kek_x25519_aes256"), 72 .data = (uint8_t *)"test_caller_kek_x25519_aes256"}; 73 74 static struct OH_Huks_Blob g_callerAes256Kek = { 75 .size = strlen("This is kek to encrypt plain key"), 76 .data = (uint8_t *)"This is kek to encrypt plain key"}; 77 78 static struct OH_Huks_Blob g_callerAgreeKeyAliasAes256 = { 79 .size = strlen("test_caller_agree_key_x25519_aes256"), 80 .data = (uint8_t *)"test_caller_agree_key_x25519_aes256"}; 81 82 static struct OH_Huks_Blob g_importedKeyAliasAes256 = { 83 .size = strlen("test_import_key_x25519_aes256"), 84 .data = (uint8_t *)"test_import_key_x25519_aes256"}; 85 86 static struct OH_Huks_Blob g_importedAes256PlainKey = { 87 .size = strlen("This is plain key to be imported"), 88 .data = (uint8_t *)"This is plain key to be imported"}; 89 90 static struct OH_Huks_Param g_importWrappedAes256Params[] = { 91 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_AES}, 92 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_ENCRYPT | OH_HUKS_KEY_PURPOSE_DECRYPT}, 93 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_AES_KEY_SIZE_256}, 94 {.tag = OH_HUKS_TAG_PADDING, .uint32Param = OH_HUKS_PADDING_NONE}, 95 {.tag = OH_HUKS_TAG_BLOCK_MODE, .uint32Param = OH_HUKS_MODE_GCM}, 96 {.tag = OH_HUKS_TAG_DIGEST, .uint32Param = OH_HUKS_DIGEST_NONE}, 97 {.tag = OH_HUKS_TAG_UNWRAP_ALGORITHM_SUITE, .uint32Param = OH_HUKS_UNWRAP_SUITE_X25519_AES_256_GCM_NOPADDING}, 98 {.tag = OH_HUKS_TAG_ASSOCIATED_DATA, .blob = {.size = Unittest::ImportWrapped::AAD_SIZE, .data = (uint8_t *)Unittest::ImportWrapped::AAD}}, 99 {.tag = OH_HUKS_TAG_NONCE, .blob = {.size = Unittest::ImportWrapped::NONCE_SIZE, .data = (uint8_t *)Unittest::ImportWrapped::NONCE}}}; 100 101 static char g_agreeKeyAlgName[] = "X25519"; 102 103 static struct OH_Huks_Blob g_agreeKeyAlgNameBlob = { 104 .size = sizeof(g_agreeKeyAlgName), 105 .data = (uint8_t *)g_agreeKeyAlgName}; 106 107 static const uint32_t g_x25519PubKeySize = 32; 108 109 static struct OH_Huks_Param g_genWrappingKeyParams[] = { 110 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_X25519}, 111 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_UNWRAP}, 112 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_CURVE25519_KEY_SIZE_256}}; 113 114 static struct OH_Huks_Param g_genCallerX25519Params[] = { 115 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_X25519}, 116 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_AGREE}, 117 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_CURVE25519_KEY_SIZE_256}}; 118 119 static struct OH_Huks_Param g_importParamsCallerKek[] = { 120 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_AES}, 121 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_ENCRYPT}, 122 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_AES_KEY_SIZE_256}, 123 {.tag = OH_HUKS_TAG_PADDING, .uint32Param = OH_HUKS_PADDING_NONE}, 124 {.tag = OH_HUKS_TAG_BLOCK_MODE, .uint32Param = OH_HUKS_MODE_GCM}, 125 {.tag = OH_HUKS_TAG_DIGEST, .uint32Param = OH_HUKS_DIGEST_NONE}, 126 {.tag = OH_HUKS_TAG_IV, .blob = {.size = Unittest::ImportWrapped::IV_SIZE, .data = (uint8_t *)Unittest::ImportWrapped::IV}}}; 127 128 static struct OH_Huks_Param g_callerAgreeParams[] = { 129 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_X25519}, 130 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_AGREE}, 131 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_CURVE25519_KEY_SIZE_256} 132 }; 133 InitCommonTestParamsAndDoImport(struct HksImportWrappedKeyTestParams * importWrappedKeyTestParams,const struct OH_Huks_Param * importedKeyParamSetArray,uint32_t arraySize)134 static void InitCommonTestParamsAndDoImport( 135 struct HksImportWrappedKeyTestParams *importWrappedKeyTestParams, 136 const struct OH_Huks_Param *importedKeyParamSetArray, 137 uint32_t arraySize) 138 { 139 importWrappedKeyTestParams->agreeKeyAlgName = &g_agreeKeyAlgNameBlob; 140 141 struct OH_Huks_ParamSet *genX25519KeyParamSet = nullptr; 142 OH_Huks_Result ret = InitParamSet(&genX25519KeyParamSet, g_genWrappingKeyParams, 143 sizeof(g_genWrappingKeyParams) / sizeof(OH_Huks_Param)); 144 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(gen huks x25519) failed."; 145 importWrappedKeyTestParams->genWrappingKeyParamSet = genX25519KeyParamSet; 146 importWrappedKeyTestParams->publicKeySize = g_x25519PubKeySize; 147 148 struct OH_Huks_ParamSet *genCallerKeyParamSet = nullptr; 149 ret = InitParamSet(&genCallerKeyParamSet, g_genCallerX25519Params, 150 sizeof(g_genCallerX25519Params) / sizeof(OH_Huks_Param)); 151 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(gen caller x25519) failed."; 152 importWrappedKeyTestParams->genCallerKeyParamSet = genCallerKeyParamSet; 153 154 struct OH_Huks_ParamSet *callerImportParamsKek = nullptr; 155 ret = InitParamSet(&callerImportParamsKek, g_importParamsCallerKek, 156 sizeof(g_importParamsCallerKek) / sizeof(OH_Huks_Param)); 157 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(import call kek) failed."; 158 importWrappedKeyTestParams->importCallerKekParamSet = callerImportParamsKek; 159 160 struct OH_Huks_ParamSet *agreeParamSet = nullptr; 161 ret = InitParamSet(&agreeParamSet, g_callerAgreeParams, 162 sizeof(g_callerAgreeParams) / sizeof(OH_Huks_Param)); 163 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(agreeParamSet) failed."; 164 importWrappedKeyTestParams->agreeParamSet = agreeParamSet; 165 166 struct OH_Huks_ParamSet *importPlainKeyParams = nullptr; 167 ret = InitParamSet(&importPlainKeyParams, importedKeyParamSetArray, arraySize); 168 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(import plain key) failed."; 169 importWrappedKeyTestParams->importWrappedKeyParamSet = importPlainKeyParams; 170 171 HksImportWrappedKeyTestCommonCase(importWrappedKeyTestParams); 172 173 OH_Huks_FreeParamSet(&genX25519KeyParamSet); 174 OH_Huks_FreeParamSet(&genCallerKeyParamSet); 175 OH_Huks_FreeParamSet(&callerImportParamsKek); 176 OH_Huks_FreeParamSet(&importPlainKeyParams); 177 } 178 179 /** 180 * @tc.name: HuksImportWrappedX25519Test.Security_HUKS_NAPI_Wrapped_0100 181 * @tc.desc: Test import wrapped aes256-gcm-no_padding key including generate&export x25519 key, generate kek, 182 * agree, encrypt, of which generate kek, agree, encrypt should done by caller self. 183 * @tc.type: FUNC 184 */ 185 HWTEST_F(HuksImportWrappedX25519Test, Security_HUKS_NAPI_Wrapped_0100, TestSize.Level0) 186 { 187 struct HksImportWrappedKeyTestParams importWrappedKeyTestParams001 = {0}; 188 189 importWrappedKeyTestParams001.wrappingKeyAlias = &g_wrappingKeyAliasAes256; 190 importWrappedKeyTestParams001.keyMaterialLen = g_importedAes256PlainKey.size; 191 importWrappedKeyTestParams001.callerKeyAlias = &g_callerKeyAliasAes256; 192 importWrappedKeyTestParams001.callerKekAlias = &g_callerKekAliasAes256; 193 importWrappedKeyTestParams001.callerKek = &g_callerAes256Kek; 194 importWrappedKeyTestParams001.callerAgreeKeyAlias = &g_callerAgreeKeyAliasAes256; 195 importWrappedKeyTestParams001.importedKeyAlias = &g_importedKeyAliasAes256; 196 importWrappedKeyTestParams001.importedPlainKey = &g_importedAes256PlainKey; 197 InitCommonTestParamsAndDoImport(&importWrappedKeyTestParams001, g_importWrappedAes256Params, 198 sizeof(g_importWrappedAes256Params) / sizeof(struct OH_Huks_Param)); 199 HksClearKeysForWrappedKeyTest(&importWrappedKeyTestParams001); 200 } 201 } 202