1 /*
2 * Copyright (C) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifndef _CUT_AUTHENTICATE_
17
18
19 #include "hks_modify_key_test.h"
20
21 #include <hctest.h>
22 #include "hi_watchdog.h"
23 #include "hks_api.h"
24 #include "hks_param.h"
25 #include "hks_test_api_performance.h"
26 #include "hks_test_cipher.h"
27 #include "hks_test_common.h"
28 #include "hks_test_log.h"
29 #include "stdlib.h"
30
31 #define DEFAULT_AES_CIPHER_PLAIN_SIZE 1000
32 #define AES_DEFAULT_GCM_NONCE_LENGTH 12
33 #define AES_DEFAULT_AAD_LEN 4
34 static const char *g_storePath = "./hks_store/";
35 static const char *g_testName = "TestName";
36
37 static const struct HksTestCipherParams g_testCipherParams[] = {
38 /* success: aes256-gcm-none */
39 { 0, HKS_SUCCESS, { true, DEFAULT_KEY_ALIAS_SIZE, true, DEFAULT_KEY_ALIAS_SIZE },
40 {
41 true, /* genKey params */
42 true, HKS_ALG_AES,
43 true, HKS_AES_KEY_SIZE_256,
44 true, HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
45 false, 0,
46 true, HKS_PADDING_NONE,
47 true, HKS_MODE_GCM,
48 false, 0
49 },
50 { false, 0 },
51 {
52 HKS_TEST_CIPHER_TYPE_AES, true, /* encrypt params */
53 true, HKS_ALG_AES,
54 true, HKS_KEY_PURPOSE_ENCRYPT,
55 false, 0,
56 true, HKS_PADDING_NONE,
57 true, HKS_MODE_GCM,
58 false, 0,
59 true, AES_DEFAULT_GCM_NONCE_LENGTH,
60 true, AES_DEFAULT_AAD_LEN
61 },
62 {
63 HKS_TEST_CIPHER_TYPE_AES, true, /* decrypt params */
64 true, HKS_ALG_AES,
65 true, HKS_KEY_PURPOSE_DECRYPT,
66 false, 0,
67 true, HKS_PADDING_NONE,
68 true, HKS_MODE_GCM,
69 false, 0,
70 true, AES_DEFAULT_GCM_NONCE_LENGTH,
71 true, AES_DEFAULT_AAD_LEN
72 },
73 { true, DEFAULT_AES_CIPHER_PLAIN_SIZE, true, DEFAULT_AES_CIPHER_PLAIN_SIZE },
74 { true, DEFAULT_AES_CIPHER_PLAIN_SIZE + 16, true, DEFAULT_AES_CIPHER_PLAIN_SIZE + 16 },
75 { true, DEFAULT_AES_CIPHER_PLAIN_SIZE, true, DEFAULT_AES_CIPHER_PLAIN_SIZE },
76 { false, 0, false, 0 }
77 },
78 };
79
80 /*
81 * @tc.register: register a test suit named "CalcMultiTest"
82 * @param: test subsystem name
83 * @param: c_example module name
84 * @param: CalcMultiTest test suit name
85 */
86 LITE_TEST_SUIT(husk, huks_lite, HksModifyKeyTest);
87
88 /**
89 * @tc.setup: define a setup for test suit, format:"CalcMultiTest + SetUp"
90 * @return: true——setup success
91 */
HksModifyKeyTestSetUp()92 static BOOL HksModifyKeyTestSetUp()
93 {
94 LiteTestPrint("setup\n");
95 hi_watchdog_disable();
96 TEST_ASSERT_TRUE(HksInitialize() == 0);
97 return TRUE;
98 }
99
HksTestRemoveFile(void)100 static void HksTestRemoveFile(void)
101 {
102 }
103
104 /**
105 * @tc.teardown: define a setup for test suit, format:"CalcMultiTest + TearDown"
106 * @return: true——teardown success
107 */
HksModifyKeyTestTearDown()108 static BOOL HksModifyKeyTestTearDown()
109 {
110 LiteTestPrint("tearDown\n");
111 HksTestRemoveFile();
112 hi_watchdog_enable();
113 return TRUE;
114 }
115
116
ConstructDataToBlob(struct HksBlob ** inData,struct HksBlob ** outData,const struct HksTestBlobParams * inTextParams,const struct HksTestBlobParams * outTextParams)117 static int32_t ConstructDataToBlob(struct HksBlob **inData, struct HksBlob **outData,
118 const struct HksTestBlobParams *inTextParams, const struct HksTestBlobParams *outTextParams)
119 {
120 int32_t ret = TestConstuctBlob(inData,
121 inTextParams->blobExist,
122 inTextParams->blobSize,
123 inTextParams->blobDataExist,
124 inTextParams->blobDataSize);
125 HKS_TEST_ASSERT(ret == 0);
126
127 ret = TestConstuctBlob(outData,
128 outTextParams->blobExist,
129 outTextParams->blobSize,
130 outTextParams->blobDataExist,
131 outTextParams->blobDataSize);
132 HKS_TEST_ASSERT(ret == 0);
133 return ret;
134 }
135
Encrypt(struct CipherEncryptStructure * encryptStruct)136 static int32_t Encrypt(struct CipherEncryptStructure *encryptStruct)
137 {
138 int32_t ret;
139 struct HksParamSet *encryptParamSet = NULL;
140
141 uint32_t ivSize = encryptStruct->cipherParms->ivSize;
142 uint32_t nonceSize = encryptStruct->cipherParms->nonceSize;
143 uint32_t aadSize = encryptStruct->cipherParms->aadSize;
144 if (ivSize != 0) {
145 ret = TestConstuctBlob(encryptStruct->ivData, true, ivSize, true, ivSize);
146 HKS_TEST_ASSERT(ret == 0);
147 }
148 if (nonceSize != 0) {
149 ret = TestConstuctBlob(encryptStruct->nonceData, true, nonceSize, true, nonceSize);
150 HKS_TEST_ASSERT(ret == 0);
151 }
152 if (aadSize != 0) {
153 ret = TestConstuctBlob(encryptStruct->aadData, true, aadSize, true, aadSize);
154 HKS_TEST_ASSERT(ret == 0);
155 }
156 struct AesCipherParamSetStructure enParamStruct = {
157 &encryptParamSet,
158 encryptStruct->cipherParms->paramSetExist,
159 encryptStruct->cipherParms->setAlg, encryptStruct->cipherParms->alg,
160 encryptStruct->cipherParms->setPurpose, encryptStruct->cipherParms->purpose,
161 encryptStruct->cipherParms->setPadding, encryptStruct->cipherParms->padding,
162 encryptStruct->cipherParms->setBlockMode, encryptStruct->cipherParms->mode,
163 encryptStruct->cipherParms->setIv, *(encryptStruct->ivData),
164 encryptStruct->cipherParms->setNonce, *(encryptStruct->nonceData),
165 encryptStruct->cipherParms->setAad, *(encryptStruct->aadData),
166 encryptStruct->cipherParms->setIsKeyAlias, encryptStruct->cipherParms->isKeyAlias
167 };
168 ret = TestConstructAesCipherParamSet(&enParamStruct);
169 HKS_TEST_ASSERT(ret == 0);
170
171 ret = HksEncryptRun(encryptStruct->keyAlias, encryptParamSet, encryptStruct->plainData, encryptStruct->cipherData,
172 encryptStruct->performTimes);
173 HksFreeParamSet(&encryptParamSet);
174 return ret;
175 }
176
DecryptCipher(struct CipherDecryptStructure * decryptStruct)177 static int32_t DecryptCipher(struct CipherDecryptStructure *decryptStruct)
178 {
179 int32_t ret = TestConstuctBlob(decryptStruct->decryptedData,
180 decryptStruct->cipherParms->decryptedTextParams.blobExist,
181 decryptStruct->cipherParms->decryptedTextParams.blobSize,
182 decryptStruct->cipherParms->decryptedTextParams.blobDataExist,
183 decryptStruct->cipherParms->decryptedTextParams.blobDataSize);
184 HKS_TEST_ASSERT(ret == 0);
185
186 struct HksParamSet *decryptParamSet = NULL;
187 struct AesCipherParamSetStructure deParamStruct = {
188 &decryptParamSet,
189 decryptStruct->cipherParms->decryptParamSetParams.paramSetExist,
190 decryptStruct->cipherParms->decryptParamSetParams.setAlg,
191 decryptStruct->cipherParms->decryptParamSetParams.alg,
192 decryptStruct->cipherParms->decryptParamSetParams.setPurpose,
193 decryptStruct->cipherParms->decryptParamSetParams.purpose,
194 decryptStruct->cipherParms->decryptParamSetParams.setPadding,
195 decryptStruct->cipherParms->decryptParamSetParams.padding,
196 decryptStruct->cipherParms->decryptParamSetParams.setBlockMode,
197 decryptStruct->cipherParms->decryptParamSetParams.mode,
198 decryptStruct->cipherParms->decryptParamSetParams.setIv, decryptStruct->ivData,
199 decryptStruct->cipherParms->decryptParamSetParams.setNonce, decryptStruct->nonceData,
200 decryptStruct->cipherParms->decryptParamSetParams.setAad, decryptStruct->aadData,
201 decryptStruct->cipherParms->decryptParamSetParams.setIsKeyAlias,
202 decryptStruct->cipherParms->decryptParamSetParams.isKeyAlias
203 };
204 ret = TestConstructAesCipherParamSet(&deParamStruct);
205 HKS_TEST_ASSERT(ret == 0);
206
207 ret = HksDecryptRun(decryptStruct->keyAlias, decryptParamSet, decryptStruct->cipherData,
208 *(decryptStruct->decryptedData), decryptStruct->performTimes);
209 HksFreeParamSet(&decryptParamSet);
210 return ret;
211 }
212
GenerateKeyTwo(const struct HksBlob * keyAlias,const struct HksTestBlobParams * keyAliasParams,const struct HksTestGenKeyParamsParamSet * genKeyParamSetParams,const struct HksTestGenKeyParamsParamSetOut * genKeyParamSetParamsOut)213 int32_t GenerateKeyTwo(const struct HksBlob *keyAlias, const struct HksTestBlobParams *keyAliasParams,
214 const struct HksTestGenKeyParamsParamSet *genKeyParamSetParams,
215 const struct HksTestGenKeyParamsParamSetOut *genKeyParamSetParamsOut)
216 {
217 struct HksParamSet *paramSet = NULL;
218 struct GenerateKeyParamSetStructure paramStruct = {
219 ¶mSet,
220 genKeyParamSetParams->paramSetExist,
221 genKeyParamSetParams->setAlg, genKeyParamSetParams->alg,
222 genKeyParamSetParams->setKeySize, genKeyParamSetParams->keySize,
223 genKeyParamSetParams->setPurpose, genKeyParamSetParams->purpose,
224 genKeyParamSetParams->setDigest, genKeyParamSetParams->digest,
225 genKeyParamSetParams->setPadding, genKeyParamSetParams->padding,
226 genKeyParamSetParams->setBlockMode, genKeyParamSetParams->mode,
227 genKeyParamSetParams->setKeyStorageFlag, genKeyParamSetParams->keyStorageFlag
228 };
229 int32_t ret = TestConstructGenerateKeyParamSet(¶mStruct);
230 HKS_TEST_ASSERT(ret == 0);
231
232 struct HksParamSet *paramSetOut = NULL;
233 if (genKeyParamSetParamsOut != NULL) {
234 ret = TestConstructGenerateKeyParamSetOut(¶mSet,
235 genKeyParamSetParamsOut->paramSetExist, genKeyParamSetParamsOut->paramSetSize);
236 HKS_TEST_ASSERT(ret == 0);
237 }
238
239 ret = HksGenerateKey(keyAlias, paramSet, paramSetOut);
240 HKS_TEST_ASSERT(ret == 0);
241
242 HksFreeParamSet(¶mSet);
243 return ret;
244 }
245
BaseTestCipherProcess(const struct HksBlob * keyAlias,uint32_t index)246 int32_t BaseTestCipherProcess(const struct HksBlob *keyAlias, uint32_t index)
247 {
248 struct HksBlob *plainData = NULL;
249 struct HksBlob *cipherData = NULL;
250 int32_t ret = ConstructDataToBlob(&plainData, &cipherData,
251 &g_testCipherParams[index].plainTextParams, &g_testCipherParams[index].cipherTextParams);
252 HKS_TEST_ASSERT(ret == 0);
253 struct HksBlob *ivData = NULL;
254 struct HksBlob *nonceData = NULL;
255 struct HksBlob *aadData = NULL;
256 struct HksBlob *decryptedData = NULL;
257 /* 2. encrypt */
258 do {
259 struct CipherEncryptStructure testEncryptStruct = {
260 keyAlias, &g_testCipherParams[index].encryptParamSetParams,
261 plainData, cipherData, &ivData, &nonceData, &aadData, 1
262 };
263 ret = Encrypt(&testEncryptStruct);
264 if (ret != g_testCipherParams[index].expectResult) {
265 break;
266 }
267 /* 3. decrypt */
268 struct CipherDecryptStructure testDecryptStruct = {
269 keyAlias, &g_testCipherParams[index], cipherData,
270 &decryptedData, ivData, nonceData, aadData, 1
271 };
272 ret = DecryptCipher(&testDecryptStruct);
273 if (ret != g_testCipherParams[index].expectResult) {
274 break;
275 }
276
277 if (ret == g_testCipherParams[index].expectResult) {
278 if (plainData->size != decryptedData->size) {
279 break;
280 }
281 ret = memcmp(plainData->data, decryptedData->data, plainData->size);
282 }
283 } while (0);
284 TestFreeBlob(&plainData);
285 TestFreeBlob(&cipherData);
286 TestFreeBlob(&decryptedData);
287 TestFreeBlob(&ivData);
288 TestFreeBlob(&nonceData);
289 TestFreeBlob(&aadData);
290 return ret;
291 }
292
293 enum HksStorageType {
294 HKS_STORAGE_TYPE_KEY = 0,
295 HKS_STORAGE_TYPE_CERTCHAIN,
296 HKS_STORAGE_TYPE_ROOT_KEY,
297 };
298
299 extern int32_t HksStoreKeyBlob(const struct HksBlob *processName, const struct HksBlob *keyAlias,
300 enum HksStorageType storageType, const struct HksBlob *keyBlob);
HksStoreKeyBlob(const struct HksBlob * processName,const struct HksBlob * keyAlias,enum HksStorageType storageType,const struct HksBlob * keyBlob)301 int32_t __attribute__((weak)) HksStoreKeyBlob(const struct HksBlob *processName, const struct HksBlob *keyAlias,
302 enum HksStorageType storageType, const struct HksBlob *keyBlob)
303 {
304 (void)processName;
305 (void)keyAlias;
306 (void)storageType;
307 (void)keyBlob;
308 return HKS_SUCCESS;
309 }
310
311 /**
312 * @tc.name: HksModifyKeyTest.HksModifyKeyTest001
313 * @tc.desc: The static function will return true;
314 * @tc.type: FUNC
315 */
LITE_TEST_CASE(HksModifyKeyTest,HksModifyKeyTest001,Level1)316 LITE_TEST_CASE(HksModifyKeyTest, HksModifyKeyTest001, Level1)
317 {
318 uint32_t index = 0;
319 struct HksBlob keyAlias = { strlen(g_testName), (uint8_t *)g_testName };
320 int32_t ret = GenerateKeyTwo(&keyAlias, &g_testCipherParams[index].keyAliasParams,
321 &g_testCipherParams[index].genKeyParamSetParams, &g_testCipherParams[index].genKeyParamSetParamsOut);
322 TEST_ASSERT_TRUE(ret == 0);
323
324 ret = BaseTestCipherProcess(&keyAlias, 0);
325 TEST_ASSERT_TRUE(ret == 0);
326
327 struct HksBlob *plainData = NULL;
328 struct HksBlob *cipherData = NULL;
329 ret = ConstructDataToBlob(&plainData, &cipherData,
330 &g_testCipherParams[index].plainTextParams, &g_testCipherParams[index].cipherTextParams);
331 TEST_ASSERT_TRUE(ret == 0);
332 struct HksBlob *ivData = NULL;
333 struct HksBlob *nonceData = NULL;
334 struct HksBlob *aadData = NULL;
335
336 /* 2. encrypt */
337 struct CipherEncryptStructure testEncryptStruct = {
338 &keyAlias, &g_testCipherParams[index].encryptParamSetParams,
339 plainData, cipherData, &ivData, &nonceData, &aadData, 1
340 };
341 ret = Encrypt(&testEncryptStruct);
342 TEST_ASSERT_TRUE(ret == 0);
343
344 ret = GenerateKeyTwo(&keyAlias, &g_testCipherParams[index].keyAliasParams,
345 &g_testCipherParams[index].genKeyParamSetParams, &g_testCipherParams[index].genKeyParamSetParamsOut);
346 TEST_ASSERT_TRUE(ret == 0);
347
348 /* 3. decrypt */
349 struct HksBlob *decryptedData = NULL;
350 struct CipherDecryptStructure testDecryptStruct = {
351 &keyAlias, &g_testCipherParams[index], cipherData,
352 &decryptedData, ivData, nonceData, aadData, 1
353 };
354 ret = DecryptCipher(&testDecryptStruct);
355
356 HKS_TEST_ASSERT(ret != g_testCipherParams[index].expectResult);
357 TestFreeBlob(&plainData);
358 TestFreeBlob(&cipherData);
359 TestFreeBlob(&decryptedData);
360 TestFreeBlob(&ivData);
361 TestFreeBlob(&nonceData);
362 TestFreeBlob(&aadData);
363 TEST_ASSERT_TRUE(ret != 0);
364 }
365
366 RUN_TEST_SUITE(HksModifyKeyTest);
367 #endif /* _CUT_AUTHENTICATE_ */
368
369