1 /*
2 * Copyright (C) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "huks_attest_test_common.h"
17
18 #include <gtest/gtest.h>
19
20 #include <cstdlib>
21
22 using namespace testing::ext;
23
24 namespace Unittest::AttestKey
25 {
26 const static uint32_t g_paramCountInKeyAttest = 4;
27 const static uint32_t g_paramCountInIdAttest = 7;
28 const static uint32_t g_index0 = 0;
29 const static uint32_t g_index1 = 1;
30 const static uint32_t g_index2 = 2;
31 const static uint32_t g_index3 = 3;
32 const static uint32_t g_index4 = 4;
33 const static uint32_t g_index5 = 5;
34 const static uint32_t g_index6 = 6;
35
FreeCertChain(struct OH_Huks_CertChain ** certChain,const uint32_t pos)36 void FreeCertChain(struct OH_Huks_CertChain **certChain, const uint32_t pos)
37 {
38 if (certChain == nullptr || *certChain == nullptr) {
39 return;
40 }
41
42 if ((*certChain)->certs == nullptr) {
43 HksFree(*certChain);
44 *certChain = nullptr;
45 return;
46 }
47 for (uint32_t j = 0; j < pos; j++) {
48 if ((*certChain)->certs[j].data != nullptr) {
49 HksFree((*certChain)->certs[j].data);
50 (*certChain)->certs[j].data = nullptr;
51 }
52 }
53
54 if ((*certChain)->certs != nullptr) {
55 HksFree((*certChain)->certs);
56 (*certChain)->certs = nullptr;
57 }
58
59 if (*certChain != nullptr) {
60 HksFree(*certChain);
61 *certChain = nullptr;
62 }
63 }
64
TestGenerateKey(const struct OH_Huks_Blob * keyAlias)65 OH_Huks_Result TestGenerateKey(const struct OH_Huks_Blob *keyAlias)
66 {
67 struct OH_Huks_Param tmpParams[] = {
68 {.tag = OH_HUKS_TAG_KEY_STORAGE_FLAG, .uint32Param = OH_HUKS_STORAGE_PERSISTENT},
69 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_RSA},
70 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_RSA_KEY_SIZE_2048},
71 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_VERIFY},
72 {.tag = OH_HUKS_TAG_DIGEST, .uint32Param = OH_HUKS_DIGEST_SHA256},
73 {.tag = OH_HUKS_TAG_PADDING, .uint32Param = OH_HUKS_PADDING_PSS},
74 {.tag = OH_HUKS_TAG_KEY_GENERATE_TYPE, .uint32Param = OH_HUKS_KEY_GENERATE_TYPE_DEFAULT},
75 {.tag = OH_HUKS_TAG_BLOCK_MODE, .uint32Param = OH_HUKS_MODE_ECB},
76 {.tag = OH_HUKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = OH_HUKS_AUTH_STORAGE_LEVEL_DE}};
77 struct OH_Huks_ParamSet *paramSet = nullptr;
78 OH_Huks_Result ret = OH_Huks_InitParamSet(¶mSet);
79 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
80 return ret;
81 }
82
83 ret = OH_Huks_AddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0]));
84 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
85 OH_Huks_FreeParamSet(¶mSet);
86 return ret;
87 }
88
89 ret = OH_Huks_BuildParamSet(¶mSet);
90 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
91 OH_Huks_FreeParamSet(¶mSet);
92 return ret;
93 }
94
95 ret = OH_Huks_GenerateKeyItem(keyAlias, paramSet, nullptr);
96 OH_Huks_FreeParamSet(¶mSet);
97 return ret;
98 }
99
ConstructDataToCertChain(struct OH_Huks_CertChain ** certChain,const struct HksTestCertChain * certChainParam)100 int32_t ConstructDataToCertChain(struct OH_Huks_CertChain **certChain, const struct HksTestCertChain *certChainParam)
101 {
102 if (!certChainParam->certChainExist) {
103 return 0;
104 }
105 *certChain = (struct OH_Huks_CertChain *)HksMalloc(sizeof(struct OH_Huks_CertChain));
106 if (*certChain == nullptr) {
107 return OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT;
108 }
109 if (!certChainParam->certCountValid) {
110 (*certChain)->certsCount = 0;
111 (*certChain)->certs = nullptr;
112 return 0;
113 }
114 (*certChain)->certsCount = CERT_COUNT;
115 if (!certChainParam->certDataExist) {
116 (*certChain)->certs = nullptr;
117 return 0;
118 }
119 (*certChain)->certs = (struct OH_Huks_Blob *)HksMalloc(sizeof(struct OH_Huks_Blob) * ((*certChain)->certsCount));
120 if ((*certChain)->certs == nullptr) {
121 HksFree(*certChain);
122 *certChain = nullptr;
123 }
124 for (uint32_t i = 0; i < (*certChain)->certsCount; i++) {
125 (*certChain)->certs[i].size = certChainParam->certDataSize;
126 (*certChain)->certs[i].data = (uint8_t *)HksMalloc((*certChain)->certs[i].size);
127 if ((*certChain)->certs[i].data == nullptr) {
128 FreeCertChain(certChain, i);
129 return OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT;
130 }
131 memset_s((*certChain)->certs[i].data, certChainParam->certDataSize, 0, certChainParam->certDataSize);
132 }
133 return 0;
134 }
135
GenerateParamSet(struct OH_Huks_ParamSet ** paramSet,const struct OH_Huks_Param tmpParams[],uint32_t paramCount)136 OH_Huks_Result GenerateParamSet(struct OH_Huks_ParamSet **paramSet, const struct OH_Huks_Param tmpParams[],
137 uint32_t paramCount)
138 {
139 OH_Huks_Result ret = OH_Huks_InitParamSet(paramSet);
140 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
141 return ret;
142 }
143
144 ret = OH_Huks_AddParams(*paramSet, tmpParams, paramCount);
145 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
146 OH_Huks_FreeParamSet(paramSet);
147 return ret;
148 }
149
150 ret = OH_Huks_BuildParamSet(paramSet);
151 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
152 OH_Huks_FreeParamSet(paramSet);
153 return ret;
154 }
155 return ret;
156 }
157
ValidataAndCompareCertInfo(ParamType type,const struct OH_Huks_CertChain * certChain,struct OH_Huks_ParamSet * paramSet)158 static int32_t ValidataAndCompareCertInfo(ParamType type, const struct OH_Huks_CertChain *certChain,
159 struct OH_Huks_ParamSet *paramSet)
160 {
161 if (certChain == nullptr || paramSet == nullptr) {
162 return OH_HUKS_ERR_CODE_ILLEGAL_ARGUMENT;
163 }
164 int32_t ret = HksValidateCertChain((HksCertChain *)certChain, (HksParamSet *)paramSet);
165 if (ret == OH_HUKS_SUCCESS) {
166 ret |= strcmp(SEC_INFO_DATA, (char *)paramSet->params[g_index0].blob.data);
167 ret |= strcmp(CHALLENGE_DATA, (char *)paramSet->params[g_index1].blob.data);
168 ret |= strcmp(VERSION_DATA, (char *)paramSet->params[g_index2].blob.data);
169 ret |= strcmp(ALIAS, (char *)paramSet->params[g_index3].blob.data);
170 }
171 if (type == IDS_PARAM) {
172 if (ret == OH_HUKS_SUCCESS) {
173 ret |= strcmp(UDID_DATA, (char *)paramSet->params[g_index4].blob.data);
174 ret |= strcmp(SN_DATA, (char *)paramSet->params[g_index5].blob.data);
175 ret |= strcmp(DEVICE_ID, (char *)paramSet->params[g_index6].blob.data);
176 }
177 }
178 return ret;
179 }
180
ValidateCertChainTest(const struct OH_Huks_CertChain * certChain,const struct OH_Huks_Param tmpParam[],ParamType type)181 OH_Huks_Result ValidateCertChainTest(const struct OH_Huks_CertChain *certChain, const struct OH_Huks_Param tmpParam[],
182 ParamType type)
183 {
184 OH_Huks_Result ret;
185 struct OH_Huks_ParamSet *paramSet = nullptr;
186 do {
187 ret = OH_Huks_InitParamSet(¶mSet);
188 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
189 break;
190 }
191 uint32_t paramCount = 0;
192 if (type == IDS_PARAM) {
193 paramCount = g_paramCountInIdAttest;
194 } else if (type == NON_IDS_PARAM) {
195 paramCount = g_paramCountInKeyAttest;
196 }
197 ret = OH_Huks_AddParams(paramSet, tmpParam, paramCount);
198 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
199 break;
200 }
201 ret = OH_Huks_BuildParamSet(¶mSet);
202 if (ret.errorCode != (int32_t)OH_HUKS_SUCCESS) {
203 break;
204 }
205 ret.errorCode = ValidataAndCompareCertInfo(type, certChain, paramSet);
206 } while (0);
207 OH_Huks_FreeParamSet(¶mSet);
208 return ret;
209 }
210 } // namespace Unittest::AttestKey
211