1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17
18 #include "cm_test_common.h"
19
20 #include "cert_manager_api.h"
21
22 #include "cm_log.h"
23 #include "cm_mem.h"
24
25 using namespace testing::ext;
26 using namespace CertmanagerTest;
27 namespace {
28 static constexpr uint32_t INIT_COUNT_MULTI = 16;
29
30 class CmInitTest : public testing::Test {
31 public:
32 static void SetUpTestCase(void);
33
34 static void TearDownTestCase(void);
35
36 void SetUp();
37
38 void TearDown();
39 };
40
SetUpTestCase(void)41 void CmInitTest::SetUpTestCase(void)
42 {
43 SetATPermission();
44 }
45
TearDownTestCase(void)46 void CmInitTest::TearDownTestCase(void)
47 {
48 }
49
50 static const uint8_t g_rsaUriData[] = "oh:t=ak;o=TestInitRsa;u=0;a=0";
51 static const uint8_t g_eccUriData[] = "oh:t=ak;o=TestInitEcc;u=0;a=0";
52 static const CmBlob g_rsaKeyUri = { sizeof(g_rsaUriData), (uint8_t *)g_rsaUriData };
53 static const CmBlob g_eccKeyUri = { sizeof(g_eccUriData), (uint8_t *)g_eccUriData };
54
SetUp()55 void CmInitTest::SetUp()
56 {
57 uint8_t aliasRsaData[] = "TestInitRsa";
58 uint8_t aliasEccData[] = "TestInitEcc";
59 struct CmBlob aliasRsa = { sizeof(aliasRsaData), aliasRsaData };
60 struct CmBlob aliasEcc = { sizeof(aliasEccData), aliasEccData };
61
62 int32_t ret = TestGenerateAppCert(&aliasRsa, CERT_KEY_ALG_RSA, CM_CREDENTIAL_STORE);
63 EXPECT_EQ(ret, CM_SUCCESS) << "TestGenerateAppCert rsa failed, retcode:" << ret;
64 ret = TestGenerateAppCert(&aliasEcc, CERT_KEY_ALG_ECC, CM_CREDENTIAL_STORE);
65 EXPECT_EQ(ret, CM_SUCCESS) << "TestGenerateAppCert ecc failed, retcode:" << ret;
66 }
67
TearDown()68 void CmInitTest::TearDown()
69 {
70 int32_t ret = CmUninstallAppCert(&g_rsaKeyUri, CM_CREDENTIAL_STORE);
71 EXPECT_EQ(ret, CM_SUCCESS) << "CmUninstallAppCert rsa failed, retcode:" << ret;
72 ret = CmUninstallAppCert(&g_eccKeyUri, CM_CREDENTIAL_STORE);
73 EXPECT_EQ(ret, CM_SUCCESS) << "CmUninstallAppCert ecc failed, retcode:" << ret;
74 }
75
76 /**
77 * @tc.name: CmInitTest001
78 * @tc.desc: Test CmIsAuthorizedApp authUri is NULL
79 * @tc.type: FUNC
80 * @tc.require: AR000H0MIA /SR000H09NA
81 */
82 HWTEST_F(CmInitTest, CmInitTest001, TestSize.Level0)
83 {
84 struct CmBlob *authUri = nullptr; /* authUri is NULL */
85 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
86 uint64_t handleValue = 0;
87 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
88
89 int32_t ret = CmInit(authUri, &spec, &handle);
90 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
91 }
92
93 /**
94 * @tc.name: CmInitTest002
95 * @tc.desc: Test CmIsAuthorizedApp authUri size is 0
96 * @tc.type: FUNC
97 * @tc.require: AR000H0MIA /SR000H09NA
98 */
99 HWTEST_F(CmInitTest, CmInitTest002, TestSize.Level0)
100 {
101 uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
102 struct CmBlob authUri = { 0, uriData }; /* authUri size is 0 */
103 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
104 uint64_t handleValue = 0;
105 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
106
107 int32_t ret = CmInit(&authUri, &spec, &handle);
108 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
109 }
110
111 /**
112 * @tc.name: CmInitTest003
113 * @tc.desc: Test CmIsAuthorizedApp authUri data is null
114 * @tc.type: FUNC
115 * @tc.require: AR000H0MIA /SR000H09NA
116 */
117 HWTEST_F(CmInitTest, CmInitTest003, TestSize.Level0)
118 {
119 uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
120 struct CmBlob authUri = { sizeof(uriData), nullptr }; /* authUri data is null */
121 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
122 uint64_t handleValue = 0;
123 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
124
125 int32_t ret = CmInit(&authUri, &spec, &handle);
126 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
127 }
128
129 /**
130 * @tc.name: CmInitTest004
131 * @tc.desc: Test CmIsAuthorizedApp authUri data not end of '\0'
132 * @tc.type: FUNC
133 * @tc.require: AR000H0MIA /SR000H09NA
134 */
135 HWTEST_F(CmInitTest, CmInitTest004, TestSize.Level0)
136 {
137 uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
138 struct CmBlob authUri = { strlen((char *)uriData), uriData }; /* authUri data not end of '\0' */
139 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
140 uint64_t handleValue = 0;
141 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
142
143 int32_t ret = CmInit(&authUri, &spec, &handle);
144 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
145 }
146
147 /**
148 * @tc.name: CmInitTest005
149 * @tc.desc: Test CmIsAuthorizedApp authUri data has no app
150 * @tc.type: FUNC
151 * @tc.require: AR000H0MIA /SR000H09NA
152 */
153 HWTEST_F(CmInitTest, CmInitTest005, TestSize.Level0)
154 {
155 uint8_t uriData[] = "oh:t=ak;o=keyA;u=0"; /* authUri data has no app */
156 struct CmBlob authUri = { sizeof(uriData), uriData };
157 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
158 uint64_t handleValue = 0;
159 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
160
161 int32_t ret = CmInit(&authUri, &spec, &handle);
162 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
163 }
164
165 /**
166 * @tc.name: CmInitTest006
167 * @tc.desc: Test CmIsAuthorizedApp authUri data has no user
168 * @tc.type: FUNC
169 * @tc.require: AR000H0MIA /SR000H09NA
170 */
171 HWTEST_F(CmInitTest, CmInitTest006, TestSize.Level0)
172 {
173 uint8_t uriData[] = "oh:t=ak;o=keyA;a=0"; /* authUri data has no user */
174 struct CmBlob authUri = { sizeof(uriData), uriData };
175 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
176 uint64_t handleValue = 0;
177 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
178
179 int32_t ret = CmInit(&authUri, &spec, &handle);
180 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
181 }
182
183 /**
184 * @tc.name: CmInitTest007
185 * @tc.desc: Test CmIsAuthorizedApp authUri data has no object
186 * @tc.type: FUNC
187 * @tc.require: AR000H0MIA /SR000H09NA
188 */
189 HWTEST_F(CmInitTest, CmInitTest007, TestSize.Level0)
190 {
191 uint8_t uriData[] = "oh:t=ak;u=0;a=0"; /* authUri data has no object */
192 struct CmBlob authUri = { sizeof(uriData), uriData };
193 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
194 uint64_t handleValue = 0;
195 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
196
197 int32_t ret = CmInit(&authUri, &spec, &handle);
198 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
199 }
200
201 /**
202 * @tc.name: CmInitTest008
203 * @tc.desc: Test CmIsAuthorizedApp authUri data type not ak
204 * @tc.type: FUNC
205 * @tc.require: AR000H0MIA /SR000H09NA
206 */
207 HWTEST_F(CmInitTest, CmInitTest008, TestSize.Level0)
208 {
209 uint8_t uriData[] = "oh:t=m;o=keyA;u=0;a=0"; /* authUri data type not ak */
210 struct CmBlob authUri = { sizeof(uriData), uriData };
211 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
212 uint64_t handleValue = 0;
213 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
214
215 int32_t ret = CmInit(&authUri, &spec, &handle);
216 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
217 }
218
219 /**
220 * @tc.name: CmInitTest009
221 * @tc.desc: Test CmIsAuthorizedApp spec is NULL
222 * @tc.type: FUNC
223 * @tc.require: AR000H0MIA /SR000H09NA
224 */
225 HWTEST_F(CmInitTest, CmInitTest009, TestSize.Level0)
226 {
227 struct CmSignatureSpec *spec = nullptr; /* spec is NULL */
228 uint64_t handleValue = 0;
229 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
230
231 int32_t ret = CmInit(&g_rsaKeyUri, spec, &handle);
232 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
233 }
234
235 /**
236 * @tc.name: CmInitTest010
237 * @tc.desc: Test CmIsAuthorizedApp spec->purpose is not CM_KEY_PURPOSE_SIGN/VERIFY
238 * @tc.type: FUNC
239 * @tc.require: AR000H0MIA /SR000H09NA
240 */
241 HWTEST_F(CmInitTest, CmInitTest010, TestSize.Level0)
242 {
243 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_AGREE }; /* purpose is not CM_KEY_PURPOSE_SIGN/VERIFY */
244 uint64_t handleValue = 0;
245 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
246
247 int32_t ret = CmInit(&g_rsaKeyUri, &spec, &handle);
248 EXPECT_EQ(ret, CMR_ERROR_KEY_OPERATION_FAILED);
249 }
250
251 /**
252 * @tc.name: CmInitTest011
253 * @tc.desc: Test CmIsAuthorizedApp handle is NULL
254 * @tc.type: FUNC
255 * @tc.require: AR000H0MIA /SR000H09NA
256 */
257 HWTEST_F(CmInitTest, CmInitTest011, TestSize.Level0)
258 {
259 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
260 struct CmBlob *handle = nullptr; /* handle is NULL */
261
262 int32_t ret = CmInit(&g_rsaKeyUri, &spec, handle);
263 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
264 }
265
266 /**
267 * @tc.name: CmInitTest012
268 * @tc.desc: Test CmIsAuthorizedApp handle size is 0
269 * @tc.type: FUNC
270 * @tc.require: AR000H0MIA /SR000H09NA
271 */
272 HWTEST_F(CmInitTest, CmInitTest012, TestSize.Level0)
273 {
274 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
275 uint64_t handleValue = 0;
276 struct CmBlob handle = { 0, (uint8_t *)&handleValue }; /* handle size is 0 */
277
278 int32_t ret = CmInit(&g_rsaKeyUri, &spec, &handle);
279 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
280 }
281
282 /**
283 * @tc.name: CmInitTest013
284 * @tc.desc: Test CmIsAuthorizedApp handle data is NULL
285 * @tc.type: FUNC
286 * @tc.require: AR000H0MIA /SR000H09NA
287 */
288 HWTEST_F(CmInitTest, CmInitTest013, TestSize.Level0)
289 {
290 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
291 struct CmBlob handle = { sizeof(uint64_t), nullptr }; /* handle data is NULL */
292
293 int32_t ret = CmInit(&g_rsaKeyUri, &spec, &handle);
294 EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
295 }
296
297 /**
298 * @tc.name: CmInitTest014
299 * @tc.desc: Test CmIsAuthorizedApp handle size smaller than sizeof(uint64_t)
300 * @tc.type: FUNC
301 * @tc.require: AR000H0MIA /SR000H09NA
302 */
303 HWTEST_F(CmInitTest, CmInitTest014, TestSize.Level0)
304 {
305 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
306 uint32_t handleValue = 0;
307 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue }; /* size smaller than sizeof(uint64_t) */
308
309 int32_t ret = CmInit(&g_rsaKeyUri, &spec, &handle);
310 EXPECT_EQ(ret, CMR_ERROR_KEY_OPERATION_FAILED);
311 }
312
313 /**
314 * @tc.name: CmInitTest015
315 * @tc.desc: Test CmIsAuthorizedApp huks key not exist
316 * @tc.type: FUNC
317 * @tc.require: AR000H0MIA /SR000H09NA
318 */
319 HWTEST_F(CmInitTest, CmInitTest015, TestSize.Level0)
320 {
321 uint8_t uriData[] = "oh:t=ak;o=NotExist64897;u=0;a=0";
322 struct CmBlob authUri = { sizeof(uriData), uriData };
323 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
324 uint64_t handleValue = 0;
325 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
326
327 int32_t ret = CmInit(&authUri, &spec, &handle); /* key not exist */
328 EXPECT_EQ(ret, CMR_ERROR_KEY_OPERATION_FAILED);
329 }
330
331 /**
332 * @tc.name: CmInitTest016
333 * @tc.desc: Test CmIsAuthorizedApp normal case: caller is producer, init once rsa
334 * @tc.type: FUNC
335 * @tc.require: AR000H0MIA /SR000H09NA
336 */
337 HWTEST_F(CmInitTest, CmInitTest016, TestSize.Level0)
338 {
339 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_SIGN, CM_PADDING_PSS, CM_DIGEST_SHA256 };
340 uint64_t handleValue = 0;
341 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
342
343 int32_t ret = CmInit(&g_rsaKeyUri, &spec, &handle);
344 EXPECT_EQ(ret, CM_SUCCESS);
345 }
346
347 /**
348 * @tc.name: CmInitTest017
349 * @tc.desc: Test CmIsAuthorizedApp normal case: caller is producer, init once ecc
350 * @tc.type: FUNC
351 * @tc.require: AR000H0MIA /SR000H09NA
352 */
353 HWTEST_F(CmInitTest, CmInitTest017, TestSize.Level0)
354 {
355 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_VERIFY, CM_PADDING_PSS, CM_DIGEST_SHA256 };
356 uint64_t handleValue = 0;
357 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
358
359 int32_t ret = CmInit(&g_eccKeyUri, &spec, &handle);
360 EXPECT_EQ(ret, CM_SUCCESS);
361 }
362
363 /**
364 * @tc.name: CmInitTest018
365 * @tc.desc: Test CmIsAuthorizedApp normal case: caller is producer, init max times + 1
366 * @tc.type: FUNC
367 * @tc.require: AR000H0MIA /SR000H09NA
368 */
369 HWTEST_F(CmInitTest, CmInitTest018, TestSize.Level0)
370 {
371 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_VERIFY, CM_PADDING_PSS, CM_DIGEST_SHA256 };
372
373 for (uint32_t i = 0; i < INIT_COUNT_MULTI; ++i) {
374 uint64_t handleValue = 0;
375 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
376
377 int32_t ret = CmInit(&g_eccKeyUri, &spec, &handle);
378 EXPECT_EQ(ret, CM_SUCCESS);
379 }
380 }
381
382 /**
383 * @tc.name: CmInitTestPerformance019
384 * @tc.desc: 1000 times: caller is producer, init once ecc
385 * @tc.type: FUNC
386 * @tc.require: AR000H0MIA /SR000H09NA
387 */
388 HWTEST_F(CmInitTest, CmInitTestPerformance019, TestSize.Level1)
389 {
390 struct CmSignatureSpec spec = { CM_KEY_PURPOSE_VERIFY, CM_PADDING_PSS, CM_DIGEST_SHA256 };
391 uint64_t handleValue = 0;
392 struct CmBlob handle = { sizeof(handleValue), (uint8_t *)&handleValue };
393
394 int32_t ret;
395 for (uint32_t i = 0; i < PERFORMACE_COUNT; ++i) {
396 ret = CmInit(&g_eccKeyUri, &spec, &handle);
397 EXPECT_EQ(ret, CM_SUCCESS);
398 ret = CmAbort(&handle);
399 EXPECT_EQ(ret, CM_SUCCESS);
400 }
401 }
402 } // end of namespace
403