1 /*
2 * Copyright (C) 2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifndef _CUT_AUTHENTICATE_
17
18 #include "hks_modify_key_test.h"
19
20 #include <hctest.h>
21
22 #include "hks_api.h"
23 #include "hks_param.h"
24 #include "hks_test_api_performance.h"
25 #include "hks_test_cipher.h"
26 #include "hks_test_common.h"
27 #include "hks_test_log.h"
28 #include "stdlib.h"
29
30 #include "cmsis_os2.h"
31 #include "ohos_types.h"
32
33 #include <unistd.h>
34 #define DEFAULT_AES_CIPHER_PLAIN_SIZE 1000
35 #define AES_DEFAULT_GCM_NONCE_LENGTH 12
36 #define AES_DEFAULT_AAD_LEN 4
37 static const char *g_storePath = "./hks_store/";
38 static const char *g_testName = "TestName";
39
40 #define TEST_TASK_STACK_SIZE 0x2000
41 #define WAIT_TO_TEST_DONE 4
42
43 static osPriority_t g_setPriority;
44
45 static const struct HksTestCipherParams g_testCipherParams[] = {
46 /* success: aes256-gcm-none */
47 { 0, HKS_SUCCESS, { true, DEFAULT_KEY_ALIAS_SIZE, true, DEFAULT_KEY_ALIAS_SIZE },
48 {
49 true, /* genKey params */
50 true, HKS_ALG_AES,
51 true, HKS_AES_KEY_SIZE_256,
52 true, HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
53 false, 0,
54 true, HKS_PADDING_NONE,
55 true, HKS_MODE_GCM,
56 false, 0
57 },
58 { false, 0 },
59 {
60 HKS_TEST_CIPHER_TYPE_AES, true, /* encrypt params */
61 true, HKS_ALG_AES,
62 true, HKS_KEY_PURPOSE_ENCRYPT,
63 false, 0,
64 true, HKS_PADDING_NONE,
65 true, HKS_MODE_GCM,
66 false, 0,
67 true, AES_DEFAULT_GCM_NONCE_LENGTH,
68 true, AES_DEFAULT_AAD_LEN
69 },
70 {
71 HKS_TEST_CIPHER_TYPE_AES, true, /* decrypt params */
72 true, HKS_ALG_AES,
73 true, HKS_KEY_PURPOSE_DECRYPT,
74 false, 0,
75 true, HKS_PADDING_NONE,
76 true, HKS_MODE_GCM,
77 false, 0,
78 true, AES_DEFAULT_GCM_NONCE_LENGTH,
79 true, AES_DEFAULT_AAD_LEN
80 },
81 { true, DEFAULT_AES_CIPHER_PLAIN_SIZE, true, DEFAULT_AES_CIPHER_PLAIN_SIZE },
82 { true, DEFAULT_AES_CIPHER_PLAIN_SIZE + 16, true, DEFAULT_AES_CIPHER_PLAIN_SIZE + 16 },
83 { true, DEFAULT_AES_CIPHER_PLAIN_SIZE, true, DEFAULT_AES_CIPHER_PLAIN_SIZE },
84 { false, 0, false, 0 }
85 },
86 };
87
88 /*
89 * @tc.register: register a test suit named "CalcMultiTest"
90 * @param: test subsystem name
91 * @param: c_example module name
92 * @param: CalcMultiTest test suit name
93 */
94 LITE_TEST_SUIT(security, securityData, HksModifyKeyTest);
95
ExecHksInitialize(void const * argument)96 static void ExecHksInitialize(void const *argument)
97 {
98 LiteTestPrint("HksInitialize Begin!\n");
99 TEST_ASSERT_TRUE(HksInitialize() == 0);
100 LiteTestPrint("HksInitialize End!\n");
101 osThreadExit();
102 }
103
104 /**
105 * @tc.setup: define a setup for test suit, format:"CalcMultiTest + SetUp"
106 * @return: true——setup success
107 */
HksModifyKeyTestSetUp()108 static BOOL HksModifyKeyTestSetUp()
109 {
110 LiteTestPrint("setup\n");
111 osThreadId_t id;
112 osThreadAttr_t attr;
113 g_setPriority = osPriorityAboveNormal6;
114 attr.name = "test";
115 attr.attr_bits = 0U;
116 attr.cb_mem = NULL;
117 attr.cb_size = 0U;
118 attr.stack_mem = NULL;
119 attr.stack_size = TEST_TASK_STACK_SIZE;
120 attr.priority = g_setPriority;
121 id = osThreadNew((osThreadFunc_t)ExecHksInitialize, NULL, &attr);
122 sleep(WAIT_TO_TEST_DONE);
123 LiteTestPrint("HksModifyKeyTestSetUp End2!\n");
124 return TRUE;
125 }
126
HksTestRemoveFile()127 static void HksTestRemoveFile()
128 {
129 }
130
131 /**
132 * @tc.teardown: define a setup for test suit, format:"CalcMultiTest + TearDown"
133 * @return: true——teardown success
134 */
HksModifyKeyTestTearDown()135 static BOOL HksModifyKeyTestTearDown()
136 {
137 LiteTestPrint("tearDown\n");
138 HksTestRemoveFile();
139 return TRUE;
140 }
141
142
ConstructDataToBlob(struct HksBlob ** inData,struct HksBlob ** outData,const struct HksTestBlobParams * inTextParams,const struct HksTestBlobParams * outTextParams)143 static int32_t ConstructDataToBlob(struct HksBlob **inData, struct HksBlob **outData,
144 const struct HksTestBlobParams *inTextParams, const struct HksTestBlobParams *outTextParams)
145 {
146 int32_t ret = TestConstuctBlob(inData,
147 inTextParams->blobExist,
148 inTextParams->blobSize,
149 inTextParams->blobDataExist,
150 inTextParams->blobDataSize);
151 HKS_TEST_ASSERT(ret == 0);
152
153 ret = TestConstuctBlob(outData,
154 outTextParams->blobExist,
155 outTextParams->blobSize,
156 outTextParams->blobDataExist,
157 outTextParams->blobDataSize);
158 HKS_TEST_ASSERT(ret == 0);
159 return ret;
160 }
161
Encrypt(struct CipherEncryptStructure * encryptStruct)162 static int32_t Encrypt(struct CipherEncryptStructure *encryptStruct)
163 {
164 int32_t ret;
165 struct HksParamSet *encryptParamSet = NULL;
166
167 uint32_t ivSize = encryptStruct->cipherParms->ivSize;
168 uint32_t nonceSize = encryptStruct->cipherParms->nonceSize;
169 uint32_t aadSize = encryptStruct->cipherParms->aadSize;
170 if (ivSize != 0) {
171 ret = TestConstuctBlob(encryptStruct->ivData, true, ivSize, true, ivSize);
172 HKS_TEST_ASSERT(ret == 0);
173 }
174 if (nonceSize != 0) {
175 ret = TestConstuctBlob(encryptStruct->nonceData, true, nonceSize, true, nonceSize);
176 HKS_TEST_ASSERT(ret == 0);
177 }
178 if (aadSize != 0) {
179 ret = TestConstuctBlob(encryptStruct->aadData, true, aadSize, true, aadSize);
180 HKS_TEST_ASSERT(ret == 0);
181 }
182 struct AesCipherParamSetStructure enParamStruct = {
183 &encryptParamSet,
184 encryptStruct->cipherParms->paramSetExist,
185 encryptStruct->cipherParms->setAlg, encryptStruct->cipherParms->alg,
186 encryptStruct->cipherParms->setPurpose, encryptStruct->cipherParms->purpose,
187 encryptStruct->cipherParms->setPadding, encryptStruct->cipherParms->padding,
188 encryptStruct->cipherParms->setBlockMode, encryptStruct->cipherParms->mode,
189 encryptStruct->cipherParms->setIv, *(encryptStruct->ivData),
190 encryptStruct->cipherParms->setNonce, *(encryptStruct->nonceData),
191 encryptStruct->cipherParms->setAad, *(encryptStruct->aadData),
192 encryptStruct->cipherParms->setIsKeyAlias, encryptStruct->cipherParms->isKeyAlias
193 };
194 ret = TestConstructAesCipherParamSet(&enParamStruct);
195 HKS_TEST_ASSERT(ret == 0);
196
197 ret = HksEncryptRun(encryptStruct->keyAlias, encryptParamSet, encryptStruct->plainData, encryptStruct->cipherData,
198 encryptStruct->performTimes);
199 HksFreeParamSet(&encryptParamSet);
200 return ret;
201 }
202
DecryptCipher(struct CipherDecryptStructure * decryptStruct)203 static int32_t DecryptCipher(struct CipherDecryptStructure *decryptStruct)
204 {
205 int32_t ret = TestConstuctBlob(decryptStruct->decryptedData,
206 decryptStruct->cipherParms->decryptedTextParams.blobExist,
207 decryptStruct->cipherParms->decryptedTextParams.blobSize,
208 decryptStruct->cipherParms->decryptedTextParams.blobDataExist,
209 decryptStruct->cipherParms->decryptedTextParams.blobDataSize);
210 HKS_TEST_ASSERT(ret == 0);
211
212 struct HksParamSet *decryptParamSet = NULL;
213 struct AesCipherParamSetStructure deParamStruct = {
214 &decryptParamSet,
215 decryptStruct->cipherParms->decryptParamSetParams.paramSetExist,
216 decryptStruct->cipherParms->decryptParamSetParams.setAlg,
217 decryptStruct->cipherParms->decryptParamSetParams.alg,
218 decryptStruct->cipherParms->decryptParamSetParams.setPurpose,
219 decryptStruct->cipherParms->decryptParamSetParams.purpose,
220 decryptStruct->cipherParms->decryptParamSetParams.setPadding,
221 decryptStruct->cipherParms->decryptParamSetParams.padding,
222 decryptStruct->cipherParms->decryptParamSetParams.setBlockMode,
223 decryptStruct->cipherParms->decryptParamSetParams.mode,
224 decryptStruct->cipherParms->decryptParamSetParams.setIv, decryptStruct->ivData,
225 decryptStruct->cipherParms->decryptParamSetParams.setNonce, decryptStruct->nonceData,
226 decryptStruct->cipherParms->decryptParamSetParams.setAad, decryptStruct->aadData,
227 decryptStruct->cipherParms->decryptParamSetParams.setIsKeyAlias,
228 decryptStruct->cipherParms->decryptParamSetParams.isKeyAlias
229 };
230 ret = TestConstructAesCipherParamSet(&deParamStruct);
231 HKS_TEST_ASSERT(ret == 0);
232
233 ret = HksDecryptRun(decryptStruct->keyAlias, decryptParamSet, decryptStruct->cipherData,
234 *(decryptStruct->decryptedData), decryptStruct->performTimes);
235 HksFreeParamSet(&decryptParamSet);
236 return ret;
237 }
238
GenerateKeyTwo(const struct HksBlob * keyAlias,const struct HksTestBlobParams * keyAliasParams,const struct HksTestGenKeyParamsParamSet * genKeyParamSetParams,const struct HksTestGenKeyParamsParamSetOut * genKeyParamSetParamsOut)239 int32_t GenerateKeyTwo(const struct HksBlob *keyAlias, const struct HksTestBlobParams *keyAliasParams,
240 const struct HksTestGenKeyParamsParamSet *genKeyParamSetParams,
241 const struct HksTestGenKeyParamsParamSetOut *genKeyParamSetParamsOut)
242 {
243 struct HksParamSet *paramSet = NULL;
244 struct GenerateKeyParamSetStructure paramStruct = {
245 ¶mSet,
246 genKeyParamSetParams->paramSetExist,
247 genKeyParamSetParams->setAlg, genKeyParamSetParams->alg,
248 genKeyParamSetParams->setKeySize, genKeyParamSetParams->keySize,
249 genKeyParamSetParams->setPurpose, genKeyParamSetParams->purpose,
250 genKeyParamSetParams->setDigest, genKeyParamSetParams->digest,
251 genKeyParamSetParams->setPadding, genKeyParamSetParams->padding,
252 genKeyParamSetParams->setBlockMode, genKeyParamSetParams->mode,
253 genKeyParamSetParams->setKeyStorageFlag, genKeyParamSetParams->keyStorageFlag
254 };
255 int32_t ret = TestConstructGenerateKeyParamSet(¶mStruct);
256 HKS_TEST_ASSERT(ret == 0);
257
258 struct HksParamSet *paramSetOut = NULL;
259 if (genKeyParamSetParamsOut != NULL) {
260 ret = TestConstructGenerateKeyParamSetOut(¶mSet,
261 genKeyParamSetParamsOut->paramSetExist, genKeyParamSetParamsOut->paramSetSize);
262 HKS_TEST_ASSERT(ret == 0);
263 }
264
265 ret = HksGenerateKey(keyAlias, paramSet, paramSetOut);
266 HKS_TEST_ASSERT(ret == 0);
267
268 HksFreeParamSet(¶mSet);
269 return ret;
270 }
271
BaseTestCipherProcess(const struct HksBlob * keyAlias,uint32_t index)272 int32_t BaseTestCipherProcess(const struct HksBlob *keyAlias, uint32_t index)
273 {
274 struct HksBlob *plainData = NULL;
275 struct HksBlob *cipherData = NULL;
276 int32_t ret = ConstructDataToBlob(&plainData, &cipherData,
277 &g_testCipherParams[index].plainTextParams, &g_testCipherParams[index].cipherTextParams);
278 HKS_TEST_ASSERT(ret == 0);
279 struct HksBlob *ivData = NULL;
280 struct HksBlob *nonceData = NULL;
281 struct HksBlob *aadData = NULL;
282 struct HksBlob *decryptedData = NULL;
283 /* 2. encrypt */
284 do {
285 struct CipherEncryptStructure testEncryptStruct = {
286 keyAlias, &g_testCipherParams[index].encryptParamSetParams,
287 plainData, cipherData, &ivData, &nonceData, &aadData, 1
288 };
289 ret = Encrypt(&testEncryptStruct);
290 if (ret != g_testCipherParams[index].expectResult) {
291 break;
292 }
293 /* 3. decrypt */
294 struct CipherDecryptStructure testDecryptStruct = {
295 (struct HksBlob *)(keyAlias), &g_testCipherParams[index], cipherData,
296 &decryptedData, ivData, nonceData, aadData, 1
297 };
298 ret = DecryptCipher(&testDecryptStruct);
299 if (ret != g_testCipherParams[index].expectResult) {
300 break;
301 }
302
303 if (ret == g_testCipherParams[index].expectResult) {
304 if (plainData->size != decryptedData->size) {
305 break;
306 };
307 ret = memcmp(plainData->data, decryptedData->data, plainData->size);
308 }
309 } while (0);
310 TestFreeBlob(&plainData);
311 TestFreeBlob(&cipherData);
312 TestFreeBlob(&decryptedData);
313 TestFreeBlob(&ivData);
314 TestFreeBlob(&nonceData);
315 TestFreeBlob(&aadData);
316 return ret;
317 }
318
319 enum HksStorageType {
320 HKS_STORAGE_TYPE_KEY = 0,
321 HKS_STORAGE_TYPE_CERTCHAIN,
322 HKS_STORAGE_TYPE_ROOT_KEY,
323 };
324
325 extern int32_t HksStoreKeyBlob(const struct HksBlob *processName, const struct HksBlob *keyAlias,
326 enum HksStorageType storageType, const struct HksBlob *keyBlob);
HksStoreKeyBlob(const struct HksBlob * processName,const struct HksBlob * keyAlias,enum HksStorageType storageType,const struct HksBlob * keyBlob)327 int32_t __attribute__((weak)) HksStoreKeyBlob(const struct HksBlob *processName, const struct HksBlob *keyAlias,
328 enum HksStorageType storageType, const struct HksBlob *keyBlob)
329 {
330 (void)processName;
331 (void)keyAlias;
332 (void)storageType;
333 (void)keyBlob;
334 return HKS_SUCCESS;
335 }
336
ExecHksModifyKeyTest001(void const * argument)337 static void ExecHksModifyKeyTest001(void const *argument)
338 {
339 LiteTestPrint("HksModifyKeyTest001 Begin!\n");
340
341 uint32_t index = 0;
342 struct HksBlob keyAlias = { strlen(g_testName), (uint8_t *)g_testName };
343 int32_t ret = GenerateKeyTwo(&keyAlias, &g_testCipherParams[index].keyAliasParams,
344 &g_testCipherParams[index].genKeyParamSetParams,
345 &g_testCipherParams[index].genKeyParamSetParamsOut);
346 TEST_ASSERT_TRUE(ret == 0);
347
348 ret = BaseTestCipherProcess(&keyAlias, 0);
349 TEST_ASSERT_TRUE(ret == 0);
350
351 struct HksBlob *plainData = NULL;
352 struct HksBlob *cipherData = NULL;
353 ret = ConstructDataToBlob(&plainData, &cipherData,
354 &g_testCipherParams[index].plainTextParams, &g_testCipherParams[index].cipherTextParams);
355 TEST_ASSERT_TRUE(ret == 0);
356 struct HksBlob *ivData = NULL;
357 struct HksBlob *nonceData = NULL;
358 struct HksBlob *aadData = NULL;
359
360 /* 2. encrypt */
361 struct CipherEncryptStructure testEncryptStruct = {
362 &keyAlias, &g_testCipherParams[index].encryptParamSetParams,
363 plainData, cipherData, &ivData, &nonceData, &aadData, 1
364 };
365 ret = Encrypt(&testEncryptStruct);
366 TEST_ASSERT_TRUE(ret == 0);
367
368 ret = GenerateKeyTwo(&keyAlias, &g_testCipherParams[index].keyAliasParams,
369 &g_testCipherParams[index].genKeyParamSetParams,
370 &g_testCipherParams[index].genKeyParamSetParamsOut);
371 TEST_ASSERT_TRUE(ret == 0);
372
373 /* 3. decrypt */
374 struct HksBlob *decryptedData = NULL;
375 struct CipherDecryptStructure testDecryptStruct = {
376 &keyAlias, &g_testCipherParams[index], cipherData,
377 &decryptedData, ivData, nonceData, aadData, 1
378 };
379 ret = DecryptCipher(&testDecryptStruct);
380
381 HKS_TEST_ASSERT(ret != g_testCipherParams[index].expectResult);
382 TestFreeBlob(&plainData);
383 TestFreeBlob(&cipherData);
384 TestFreeBlob(&decryptedData);
385 TestFreeBlob(&ivData);
386 TestFreeBlob(&nonceData);
387 TestFreeBlob(&aadData);
388 TEST_ASSERT_TRUE(ret != 0);
389
390 LiteTestPrint("HksModifyKeyTest001 End!\n");
391 osThreadExit();
392 }
393
394 /**
395 * @tc.name: HksModifyKeyTest.HksModifyKeyTest001
396 * @tc.desc: The static function will return true;
397 * @tc.type: FUNC
398 */
LITE_TEST_CASE(HksModifyKeyTest,HksModifyKeyTest001,Level1)399 LITE_TEST_CASE(HksModifyKeyTest, HksModifyKeyTest001, Level1)
400 {
401 osThreadId_t id;
402 osThreadAttr_t attr;
403 g_setPriority = osPriorityAboveNormal6;
404 attr.name = "test";
405 attr.attr_bits = 0U;
406 attr.cb_mem = NULL;
407 attr.cb_size = 0U;
408 attr.stack_mem = NULL;
409 attr.stack_size = TEST_TASK_STACK_SIZE;
410 attr.priority = g_setPriority;
411 id = osThreadNew((osThreadFunc_t)ExecHksModifyKeyTest001, NULL, &attr);
412 sleep(WAIT_TO_TEST_DONE);
413 LiteTestPrint("HksModifyKeyTest001 End2!\n");
414 }
415
416 RUN_TEST_SUITE(HksModifyKeyTest);
417 #endif /* _CUT_AUTHENTICATE_ */
418