1 /* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include <cstdlib> 17 #include <gtest/gtest.h> 18 #include <string> 19 20 #include "access_token_setter.h" 21 #include "byte_buffer.h" 22 #include "code_sign_utils.h" 23 #include "local_code_sign_client.h" 24 #include "local_code_sign_kit.h" 25 #include "local_code_sign_load_callback.h" 26 #include "local_key_helper.h" 27 #include "log.h" 28 #include "signer_info.h" 29 30 using namespace OHOS::Security::CodeSign; 31 using namespace testing::ext; 32 using namespace std; 33 34 namespace OHOS { 35 namespace Security { 36 namespace CodeSign { 37 static const std::string AN_BASE_PATH = "/data/local/ark-cache/tmp/"; 38 static const std::string DEMO_AN_PATH = AN_BASE_PATH + "demo.an"; 39 static const std::string DEMO_AN_PATH2 = AN_BASE_PATH + "demo2.an"; 40 41 class LocalCodeSignTest : public testing::Test { 42 public: LocalCodeSignTest()43 LocalCodeSignTest() {}; ~LocalCodeSignTest()44 virtual ~LocalCodeSignTest() {}; SetUpTestCase()45 static void SetUpTestCase() {}; TearDownTestCase()46 static void TearDownTestCase() {}; SetUp()47 void SetUp() {}; TearDown()48 void TearDown() {}; 49 }; 50 51 /** 52 * @tc.name: LocalCodeSignTest_0001 53 * @tc.desc: init local certificate successfully 54 * @tc.type: Func 55 * @tc.require: 56 */ 57 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0001, TestSize.Level0) 58 { 59 ByteBuffer cert; 60 uint64_t selfTokenId = NativeTokenSet("key_enable"); 61 int ret = LocalCodeSignKit::InitLocalCertificate(cert); 62 NativeTokenReset(selfTokenId); 63 EXPECT_EQ(ret, CS_SUCCESS); 64 } 65 66 /** 67 * @tc.name: LocalCodeSignTest_0002 68 * @tc.desc: init local certificate failed with invalid caller 69 * @tc.type: Func 70 * @tc.require: 71 */ 72 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0002, TestSize.Level0) 73 { 74 ByteBuffer cert; 75 int ret = LocalCodeSignKit::InitLocalCertificate(cert); 76 EXPECT_EQ(ret, CS_ERR_NO_PERMISSION); 77 } 78 79 /** 80 * @tc.name: LocalCodeSignTest_0003 81 * @tc.desc: sign local code successfully, owner ID is empty 82 * @tc.type: Func 83 * @tc.require: 84 */ 85 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0003, TestSize.Level0) 86 { 87 ByteBuffer sig; 88 uint64_t selfTokenId = NativeTokenSet("compiler_service"); 89 int ret = LocalCodeSignKit::SignLocalCode(DEMO_AN_PATH, sig); 90 NativeTokenReset(selfTokenId); 91 EXPECT_EQ(ret, CS_SUCCESS); 92 std::string retOwnerID; 93 ret = CodeSignUtils::ParseOwnerIdFromSignature(sig, retOwnerID); 94 EXPECT_EQ(ret, CS_ERR_NO_OWNER_ID); 95 EXPECT_EQ(retOwnerID, ""); 96 ret = CodeSignUtils::EnforceCodeSignForFile(DEMO_AN_PATH, sig); 97 EXPECT_EQ(ret, GetEnforceFileResult()); 98 } 99 100 /** 101 * @tc.name: LocalCodeSignTest_0004 102 * @tc.desc: sign local code failed with invalid caller 103 * @tc.type: Func 104 * @tc.require: 105 */ 106 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0004, TestSize.Level0) 107 { 108 ByteBuffer sig; 109 int ret = LocalCodeSignKit::SignLocalCode(DEMO_AN_PATH, sig); 110 EXPECT_EQ(ret, CS_ERR_NO_PERMISSION); 111 } 112 113 /** 114 * @tc.name: LocalCodeSignTest_0005 115 * @tc.desc: sign local code failed with wrong path 116 * @tc.type: Func 117 * @tc.require: 118 */ 119 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0005, TestSize.Level0) 120 { 121 ByteBuffer sig; 122 uint64_t selfTokenId = NativeTokenSet("compiler_service"); 123 int ret = LocalCodeSignKit::SignLocalCode(DEMO_AN_PATH + "invalid", sig); 124 NativeTokenReset(selfTokenId); 125 EXPECT_EQ(ret, CS_ERR_FILE_PATH); 126 } 127 128 /** 129 * @tc.name: LocalCodeSignTest_0006 130 * @tc.desc: local codesignsvr died 131 * @tc.type: Func 132 * @tc.require: 133 */ 134 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0006, TestSize.Level0) 135 { 136 LocalCodeSignClient *client = GetLocalCodeSignClient(); 137 EXPECT_NE(client, nullptr); 138 sptr<ISystemAbilityManager> systemAbilityManager = 139 SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); 140 EXPECT_NE(systemAbilityManager, nullptr); 141 sptr<IRemoteObject> remoteObject = 142 systemAbilityManager->GetSystemAbility(LOCAL_CODE_SIGN_SA_ID); 143 client->OnRemoteLocalCodeSignSvrDied(remoteObject); 144 } 145 146 /** 147 * @tc.name: LocalCodeSignTest_0007 148 * @tc.desc: load sa fail 149 * @tc.type: Func 150 * @tc.require: 151 */ 152 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0007, TestSize.Level0) 153 { 154 LocalCodeSignLoadCallback cb; 155 cb.OnLoadSystemAbilityFail(LOCAL_CODE_SIGN_SA_ID); 156 } 157 158 /** 159 * @tc.name: LocalCodeSignTest_0008 160 * @tc.desc: load sa success and return sa id not code sign sa id 161 * @tc.type: Func 162 * @tc.require: 163 */ 164 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0008, TestSize.Level0) 165 { 166 LocalCodeSignLoadCallback cb; 167 cb.OnLoadSystemAbilitySuccess(LOCAL_CODE_SIGN_SA_ID - 1, nullptr); 168 } 169 170 /** 171 * @tc.name: LocalCodeSignTest_0009 172 * @tc.desc: load sa success and return remote object is null 173 * @tc.type: Func 174 * @tc.require: 175 */ 176 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0009, TestSize.Level0) 177 { 178 LocalCodeSignLoadCallback cb; 179 cb.OnLoadSystemAbilitySuccess(LOCAL_CODE_SIGN_SA_ID, nullptr); 180 } 181 182 /** 183 * @tc.name: LocalCodeSignTest_0010 184 * @tc.desc: sign local code with owner ID successfully, parse owner ID from signature success 185 * @tc.type: Func 186 * @tc.require: issueI88PPA 187 */ 188 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0010, TestSize.Level0) 189 { 190 ByteBuffer sig; 191 uint64_t selfTokenId = NativeTokenSet("compiler_service"); 192 std::string ownerID = "AppName123"; 193 int ret = LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2, sig); 194 NativeTokenReset(selfTokenId); 195 EXPECT_EQ(ret, CS_SUCCESS); 196 197 std::string retOwnerID; 198 ret = CodeSignUtils::ParseOwnerIdFromSignature(sig, retOwnerID); 199 EXPECT_EQ(ownerID, retOwnerID); 200 ret = CodeSignUtils::EnforceCodeSignForFile(DEMO_AN_PATH2, sig); 201 EXPECT_EQ(ret, GetEnforceFileResult()); 202 } 203 204 /** 205 * @tc.name: LocalCodeSignTest_0011 206 * @tc.desc: sign local code with empty owner ID successfully 207 * @tc.type: Func 208 * @tc.require: issueI88PPA 209 */ 210 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0011, TestSize.Level0) 211 { 212 ByteBuffer sig; 213 uint64_t selfTokenId = NativeTokenSet("compiler_service"); 214 std::string ownerID = ""; 215 int ret = LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2, sig); 216 NativeTokenReset(selfTokenId); 217 EXPECT_EQ(ret, CS_SUCCESS); 218 std::string retOwnerID; 219 ret = CodeSignUtils::ParseOwnerIdFromSignature(sig, retOwnerID); 220 EXPECT_EQ(ret, CS_ERR_NO_OWNER_ID); 221 EXPECT_EQ(retOwnerID, ""); 222 } 223 224 /** 225 * @tc.name: LocalCodeSignTest_0012 226 * @tc.desc: sign local code with owner ID failed, reason = invalid path 227 * @tc.type: Func 228 * @tc.require: issueI88PPA 229 */ 230 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0012, TestSize.Level0) 231 { 232 ByteBuffer sig; 233 uint64_t selfTokenId = NativeTokenSet("compiler_service"); 234 std::string ownerID = "AppName123"; 235 int ret = LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2 + "invalid", sig); 236 NativeTokenReset(selfTokenId); 237 EXPECT_EQ(ret, CS_ERR_FILE_PATH); 238 } 239 240 /** 241 * @tc.name: LocalCodeSignTest_0013 242 * @tc.desc: sign local code failed with invalid caller 243 * @tc.type: Func 244 * @tc.require: issueI88PPA 245 */ 246 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0013, TestSize.Level0) 247 { 248 ByteBuffer sig; 249 std::string ownerID = "AppName123"; 250 int ret = LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2, sig); 251 EXPECT_EQ(ret, CS_ERR_NO_PERMISSION); 252 } 253 254 /** 255 * @tc.name: LocalCodeSignTest_0014 256 * @tc.desc: sign local code failed with ownerID exceed 128 bytes 257 * @tc.type: Func 258 * @tc.require: issueI8FCGF 259 */ 260 HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0014, TestSize.Level0) 261 { 262 ByteBuffer sig; 263 uint64_t selfTokenId = NativeTokenSet("compiler_service"); 264 std::string ownerID(33, 'a'); 265 int ret = LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2, sig); 266 NativeTokenReset(selfTokenId); 267 EXPECT_EQ(ret, CS_ERR_INVALID_OWNER_ID); 268 } 269 } // namespace CodeSign 270 } // namespace Security 271 } // namespace OHOS 272