1 /*
2 * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include <chrono>
16 #include <thread>
17 #include <string>
18
19 #include "gtest/gtest.h"
20 #include "options.h"
21 #include "sign_tool_service_impl.h"
22 #include "nlohmann/json.hpp"
23 #include "signer_factory.h"
24 #include "profile_sign_tool.h"
25 #include "params_run_tool.h"
26 #include "pkcs7_data.h"
27 #include "signer_config.h"
28 #include "local_signer.h"
29 #include "bc_pkcs7_generator.h"
30 #include "bc_signeddata_generator.h"
31 #include "profile_verify.h"
32 #include "verify_hap_openssl_utils.h"
33
34 using nlohmann::json;
35
36 namespace OHOS {
37 namespace SignatureTools {
38 // sign profile使用的全局参数
39 static const std::string SIGN_PROFILE_MODE = "localSign";
40 static const std::string SIGN_PROFILE_KEY_ALIAS = "oh-profile1-key-v1";
41 static const std::string SIGN_PROFILE_PROFILE_CERT_FILE = "./signProfile/profile-release1.pem";
42 static const std::string SIGN_PROFILE_SIGN_ALG = "SHA384withECDSA";
43 static const std::string SIGN_PROFILE_KEY_STORE_FILE = "./signProfile/ohtest.p12";
44 static const std::string SIGN_PROFILE_OUT_FILE = "./signProfile/signed-profile.p7b";
45 static const std::string SIGN_PROFILE_IN_FILE = "./signProfile/profile.json";
46
47 static const std::string SIGN_PROFILE_CERT_PEM = "./signProfile/profile-release1-cert.pem";
48 static const std::string SIGN_PROFILE_REVERSE_PEM = "./signProfile/profile-release1-reverse.pem";
49 static const std::string SIGN_PROFILE_DOUBLE_CERT_PEM = "./signProfile/profile-release1-invalid_cert_chain.pem";
50
51 // verify profile 使用的全局参数
52 static const std::string VERIFY_PROFILE_IN_FILE = "./signProfile/signed-profile.p7b";
53 static const std::string VERIFY_PROFILE_OUT_FILE = "./signProfile/VerifyResult.json";
54
55 class Pkcs7DataTest : public testing::Test {
56 public:
57 static void SetUpTestCase(void);
58 static void TearDownTestCase(void);
59 void SetUp()override;
60 void TearDown()override;
61 };
SetUpTestCase(void)62 void Pkcs7DataTest::SetUpTestCase(void)
63 {
64 }
65
TearDownTestCase(void)66 void Pkcs7DataTest::TearDownTestCase(void)
67 {
68 }
69
SetUp()70 void Pkcs7DataTest::SetUp()
71 {
72 }
73
TearDown()74 void Pkcs7DataTest::TearDown()
75 {
76 }
77
78 /**
79 * @tc.name: pkcs7_test001
80 * @tc.desc: Test function of VerifyCertOpensslUtils::CertVerify() failed for invalid param.
81 * @tc.size: MEDIUM
82 * @tc.type: FUNC
83 * @tc.level Level 1
84 * @tc.require: SR000H63TL
85 */
86 HWTEST_F(Pkcs7DataTest, pkcs7_test001, testing::ext::TestSize.Level1)
87 {
88 X509* cert = X509_new();
89 X509* issuerCert = X509_new();
90 bool result = VerifyCertOpensslUtils::CertVerify(NULL, issuerCert);
91 X509_free(cert);
92 X509_free(issuerCert);
93 EXPECT_FALSE(result);
94 }
95
96 /**
97 * @tc.name: pkcs7_test002
98 * @tc.desc: Test function of VerifyCertOpensslUtils::CertVerify() failed for invalid param.
99 * @tc.size: MEDIUM
100 * @tc.type: FUNC
101 * @tc.level Level 1
102 * @tc.require: SR000H63TL
103 */
104 HWTEST_F(Pkcs7DataTest, pkcs7_test002, testing::ext::TestSize.Level1)
105 {
106 X509* cert = X509_new();
107 X509* issuerCert = X509_new();
108 bool result = VerifyCertOpensslUtils::CertVerify(cert, NULL);
109 X509_free(cert);
110 X509_free(issuerCert);
111 EXPECT_FALSE(result);
112 }
113
114 /**
115 * @tc.name: pkcs7_test003
116 * @tc.desc: Test function of VerifyCertOpensslUtils::CertVerify failed for invalid cert.
117 * @tc.size: MEDIUM
118 * @tc.type: FUNC
119 * @tc.level Level 1
120 * @tc.require: SR000H63TL
121 */
122 HWTEST_F(Pkcs7DataTest, pkcs7_test003, testing::ext::TestSize.Level1)
123 {
124 X509* cert = X509_new();
125 X509* issuerCert = X509_new();
126 bool result = VerifyCertOpensslUtils::CertVerify(cert, issuerCert);
127 X509_free(cert);
128 X509_free(issuerCert);
129 EXPECT_FALSE(result);
130 }
131
132 /**
133 * @tc.name: pkcs7_test004
134 * @tc.desc: Test function of VerifyCertOpensslUtils::CertVerify() failed for invalid cert.
135 * @tc.size: MEDIUM
136 * @tc.type: FUNC
137 * @tc.level Level 1
138 * @tc.require: SR000H63TL
139 */
140 HWTEST_F(Pkcs7DataTest, pkcs7_test004, testing::ext::TestSize.Level1)
141 {
142 X509* cert = X509_new();
143 X509* issuerCert = X509_new();
144 bool result = VerifyCertOpensslUtils::CertVerify(cert, issuerCert);
145 X509_free(cert);
146 X509_free(issuerCert);
147 EXPECT_FALSE(result);
148 }
149
ReverseX509Stack(STACK_OF (X509)* certs)150 static void ReverseX509Stack(STACK_OF(X509)* certs)
151 {
152 if (certs == NULL)
153 return;
154 std::vector<X509*> certChain;
155 for (int i = 0; i < sk_X509_num(certs); i++) {
156 certChain.push_back(sk_X509_value(certs, i));
157 }
158 std::reverse(certChain.begin(), certChain.end());
159 while (sk_X509_num(certs))sk_X509_pop(certs);
160 for (int i = 0; i < static_cast<int>(certChain.size()); i++)
161 sk_X509_push(certs, certChain[i]);
162 }
163
164 \
165 /**
166 * @tc.name: pkcs7_test005
167 * @tc.desc: Test function of VerifyCertOpensslUtils::CertVerify() interface cert signature verify failed.
168 * @tc.size: MEDIUM
169 * @tc.type: FUNC
170 * @tc.level Level 1
171 * @tc.require: SR000H63TL
172 */
173 HWTEST_F(Pkcs7DataTest, pkcs7_test005, testing::ext::TestSize.Level1)
174 {
175 Options options;
176 char keyStorePwd[] = "123456";
177 char keypwd[] = "123456";
178 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
179 options[Options::MODE] = SIGN_PROFILE_MODE;
180 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
181 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
182 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
183 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
184 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
185 options[Options::KEY_RIGHTS] = keypwd;
186 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
187
188 LocalizationAdapter adapter(&options);
189 SignerFactory factory;
190 std::shared_ptr<Signer> signer = factory.GetSigner(adapter);
191 STACK_OF(X509)* certs = signer->GetCertificates();
192 ReverseX509Stack(certs);
193 bool result = VerifyCertOpensslUtils::CertVerify(sk_X509_value(certs, 0), sk_X509_value(certs, 1));
194 PKCS7Data::PrintCertChainSub(certs);
195 EXPECT_FALSE(result);
196 }
197
198
199 /**
200 * @tc.name: pkcs7_test007
201 * @tc.desc: Test function of PKCS7Data::GetASN1Time() failed for too large time.
202 * @tc.size: MEDIUM
203 * @tc.type: FUNC
204 * @tc.level Level 1
205 * @tc.require: SR000H63TL
206 */
207 HWTEST_F(Pkcs7DataTest, pkcs7_test007, testing::ext::TestSize.Level1)
208 {
209 ASN1_TIME* time = ASN1_TIME_new();
210 ASN1_TIME_set(time, -1);
211 std::string result = PKCS7Data::GetASN1Time(time);
212 ASN1_TIME_free(time);
213 EXPECT_TRUE(result.empty());
214 }
215
216 /**
217 * @tc.name: pkcs7_test008
218 * @tc.desc: Test function of VerifyCertOpensslUtils::GetTextFromX509Name() failed for invalid param.
219 * @tc.size: MEDIUM
220 * @tc.type: FUNC
221 * @tc.level Level 1
222 * @tc.require: SR000H63TL
223 */
224 HWTEST_F(Pkcs7DataTest, pkcs7_test008, testing::ext::TestSize.Level1)
225 {
226 std::string text;
227 VerifyCertOpensslUtils::GetTextFromX509Name(NULL, 45, text);
228 EXPECT_TRUE(text.empty());
229 }
230
231 /**
232 * @tc.name: pkcs7_test009
233 * @tc.desc: Test function of VerifyCertOpensslUtils::GetDnToString() failed for invalid param.
234 * @tc.size: MEDIUM
235 * @tc.type: FUNC
236 * @tc.level Level 1
237 * @tc.require: SR000H63TL
238 */
239 HWTEST_F(Pkcs7DataTest, pkcs7_test009, testing::ext::TestSize.Level1)
240 {
241 std::string result = VerifyCertOpensslUtils::GetDnToString(NULL);
242 EXPECT_TRUE(result.empty());
243 }
244
245 /**
246 * @tc.name: pkcs7_test010
247 * @tc.desc: Test function of VerifyCertOpensslUtils::GetSubjectFromX509() failed for invalid param.
248 * @tc.size: MEDIUM
249 * @tc.type: FUNC
250 * @tc.level Level 1
251 * @tc.require: SR000H63TL
252 */
253 HWTEST_F(Pkcs7DataTest, pkcs7_test010, testing::ext::TestSize.Level1)
254 {
255 std::string subject;
256 bool result = VerifyCertOpensslUtils::GetSubjectFromX509(NULL, subject);
257 EXPECT_FALSE(result);
258 }
259
260 /**
261 * @tc.name: pkcs7_test011
262 * @tc.desc: Test function of PKCS7Data::X509NameCompare() failed for invalid param.
263 * @tc.size: MEDIUM
264 * @tc.type: FUNC
265 * @tc.level Level 1
266 * @tc.require: SR000H63TL
267 */
268 HWTEST_F(Pkcs7DataTest, pkcs7_test011, testing::ext::TestSize.Level1)
269 {
270 int result = PKCS7Data::X509NameCompare(NULL, NULL);
271 EXPECT_EQ(result, false);
272 }
273
274 /**
275 * @tc.name: pkcs7_test012
276 * @tc.desc: Test function of PKCS7Data::X509NameCompare() failed for invalid param.
277 * @tc.size: MEDIUM
278 * @tc.type: FUNC
279 * @tc.level Level 1
280 * @tc.require: SR000H63TL
281 */
282 HWTEST_F(Pkcs7DataTest, pkcs7_test012, testing::ext::TestSize.Level1)
283 {
284 Options options;
285 char keyStorePwd[] = "123456";
286 char keypwd[] = "123456";
287 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
288 options[Options::MODE] = SIGN_PROFILE_MODE;
289 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
290 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
291 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
292 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
293 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
294 options[Options::KEY_RIGHTS] = keypwd;
295 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
296
297 LocalizationAdapter adapter(&options);
298 SignerFactory factory;
299 std::shared_ptr<Signer> signer = factory.GetSigner(adapter);
300 STACK_OF(X509)* certs = signer->GetCertificates();
301 int result = PKCS7Data::X509NameCompare(sk_X509_value(certs, 0), NULL);
302 EXPECT_EQ(result, false);
303 }
304
305 /**
306 * @tc.name: pkcs7_test013
307 * @tc.desc: Test function of PKCS7Data::X509NameCompare() interface for SUCCESS.
308 * @tc.size: MEDIUM
309 * @tc.type: FUNC
310 * @tc.level Level 1
311 * @tc.require: SR000H63TL
312 */
313 HWTEST_F(Pkcs7DataTest, pkcs7_test013, testing::ext::TestSize.Level1)
314 {
315 Options options;
316 char keyStorePwd[] = "123456";
317 char keypwd[] = "123456";
318 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
319 options[Options::MODE] = SIGN_PROFILE_MODE;
320 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
321 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
322 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
323 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
324 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
325 options[Options::KEY_RIGHTS] = keypwd;
326 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
327
328 LocalizationAdapter adapter(&options);
329 SignerFactory factory;
330 std::shared_ptr<Signer> signer = factory.GetSigner(adapter);
331 STACK_OF(X509)* certs = signer->GetCertificates();
332 int result = PKCS7Data::X509NameCompare(sk_X509_value(certs, 0), sk_X509_value(certs, 1));
333 EXPECT_EQ(result, true);
334 }
335
336 /**
337 * @tc.name: pkcs7_test014
338 * @tc.desc: Test function of Pkcs7Data::Parse() failed for invalid pkcs7.
339 * @tc.size: MEDIUM
340 * @tc.type: FUNC
341 * @tc.level Level 1
342 * @tc.require: SR000H63TL
343 */
344 HWTEST_F(Pkcs7DataTest, pkcs7_test014, testing::ext::TestSize.Level1)
345 {
346 PKCS7Data p7Data;
347 unsigned char buf[15] = "hello";
348 const unsigned char* p = buf;
349 int len = 5;
350 std::string p7b(p, p + len);
351 int result = p7Data.Parse(p7b);
352 EXPECT_TRUE(result < 0);
353 }
354
355 /**
356 * @tc.name: pkcs7_test015
357 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
358 * @tc.size: MEDIUM
359 * @tc.type: FUNC
360 * @tc.level Level 1
361 * @tc.require: SR000H63TL
362 */
363 HWTEST_F(Pkcs7DataTest, pkcs7_test015, testing::ext::TestSize.Level1)
364 {
365 ASN1_TYPE* signTime = NULL;
366 ASN1_TIME* notBefore = NULL;
367 ASN1_TIME* notAfter = NULL;
368 PKCS7Data p7Data;
369 int result = PKCS7Data::CheckSignTimeInValidPeriod(signTime, notBefore, notAfter);
370 EXPECT_TRUE(result < 0);
371 }
372
373 /**
374 * @tc.name: pkcs7_test016
375 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
376 * @tc.size: MEDIUM
377 * @tc.type: FUNC
378 * @tc.level Level 1
379 * @tc.require: SR000H63TL
380 */
381 HWTEST_F(Pkcs7DataTest, pkcs7_test016, testing::ext::TestSize.Level1)
382 {
383 ASN1_TYPE* signTime = NULL;
384 ASN1_TIME notBefore{ 0 };
385 notBefore.data = NULL;
386 ASN1_TIME* notAfter = NULL;
387 PKCS7Data p7Data;
388 int result = PKCS7Data::CheckSignTimeInValidPeriod(signTime, ¬Before, notAfter);
389 EXPECT_TRUE(result < 0);
390 }
391
392 /**
393 * @tc.name: pkcs7_test017
394 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
395 * @tc.size: MEDIUM
396 * @tc.type: FUNC
397 * @tc.level Level 1
398 * @tc.require: SR000H63TL
399 */
400 HWTEST_F(Pkcs7DataTest, pkcs7_test017, testing::ext::TestSize.Level1)
401 {
402 unsigned char data[5] = "hell";
403 ASN1_TYPE* signTime = NULL;
404 ASN1_TIME notBefore{ 0 };
405 notBefore.data = data;
406 ASN1_TIME* notAfter = NULL;
407 PKCS7Data p7Data;
408 int result = PKCS7Data::CheckSignTimeInValidPeriod(signTime, ¬Before, notAfter);
409 EXPECT_TRUE(result < 0);
410 }
411
412 /**
413 * @tc.name: pkcs7_test018
414 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
415 * @tc.size: MEDIUM
416 * @tc.type: FUNC
417 * @tc.level Level 1
418 * @tc.require: SR000H63TL
419 */
420 HWTEST_F(Pkcs7DataTest, pkcs7_test018, testing::ext::TestSize.Level1)
421 {
422 unsigned char data[5] = "hell";
423 ASN1_TYPE* signTime = NULL;
424 ASN1_TIME notBefore{ 0 };
425 notBefore.data = data;
426 ASN1_TIME notAfter;
427 notAfter.data = NULL;
428 PKCS7Data p7Data;
429 int result = PKCS7Data::CheckSignTimeInValidPeriod(signTime, ¬Before, ¬After);
430 EXPECT_TRUE(result < 0);
431 }
432
433 /**
434 * @tc.name: pkcs7_test019
435 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
436 * @tc.size: MEDIUM
437 * @tc.type: FUNC
438 * @tc.level Level 1
439 * @tc.require: SR000H63TL
440 */
441 HWTEST_F(Pkcs7DataTest, pkcs7_test019, testing::ext::TestSize.Level1)
442 {
443 unsigned char data[5] = "hell";
444 ASN1_TYPE* signTime = NULL;
445 ASN1_TIME notBefore{ 0 };
446 notBefore.data = data;
447 ASN1_TIME notAfter;
448 notAfter.data = data;
449 PKCS7Data p7Data;
450 int result = PKCS7Data::CheckSignTimeInValidPeriod(signTime, ¬Before, ¬After);
451 EXPECT_TRUE(result < 0);
452 }
453
454 /**
455 * @tc.name: pkcs7_test020
456 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
457 * @tc.size: MEDIUM
458 * @tc.type: FUNC
459 * @tc.level Level 1
460 * @tc.require: SR000H63TL
461 */
462 HWTEST_F(Pkcs7DataTest, pkcs7_test020, testing::ext::TestSize.Level1)
463 {
464 unsigned char data[5] = "hell";
465 ASN1_TYPE signTime;
466 signTime.value.asn1_string = NULL;
467 ASN1_TIME notBefore{ 0 };
468 notBefore.data = data;
469 ASN1_TIME notAfter;
470 notAfter.data = data;
471 PKCS7Data p7Data;
472 int result = PKCS7Data::CheckSignTimeInValidPeriod(&signTime, ¬Before, ¬After);
473 EXPECT_TRUE(result < 0);
474 }
475
476 /**
477 * @tc.name: pkcs7_test021
478 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
479 * @tc.size: MEDIUM
480 * @tc.type: FUNC
481 * @tc.level Level 1
482 * @tc.require: SR000H63TL
483 */
484 HWTEST_F(Pkcs7DataTest, pkcs7_test021, testing::ext::TestSize.Level1)
485 {
486 ASN1_STRING* tmp = ASN1_STRING_new();
487 unsigned char data[5] = "hell";
488 ASN1_TYPE signTime;
489 signTime.value.asn1_string = tmp;
490 signTime.value.asn1_string->data = NULL;
491 ASN1_TIME notBefore{ 0 };
492 notBefore.data = data;
493 ASN1_TIME notAfter;
494 notAfter.data = data;
495 PKCS7Data p7Data;
496 int result = PKCS7Data::CheckSignTimeInValidPeriod(&signTime, ¬Before, ¬After);
497 ASN1_STRING_free(tmp);
498 EXPECT_TRUE(result < 0);
499 }
500
501 /**
502 * @tc.name: pkcs7_test022
503 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
504 * @tc.size: MEDIUM
505 * @tc.type: FUNC
506 * @tc.level Level 1
507 * @tc.require: SR000H63TL
508 */
509 HWTEST_F(Pkcs7DataTest, pkcs7_test022, testing::ext::TestSize.Level1)
510 {
511 ASN1_TIME* tmp = NULL;
512 ASN1_TYPE* signTime = NULL;
513 ASN1_TIME* notBefore = NULL;
514 ASN1_TIME* notAfter = NULL;
515 time_t t1 = 365 * 24 * 3600;
516
517 signTime = ASN1_TYPE_new();
518 tmp = ASN1_TIME_new();
519 notBefore = ASN1_TIME_new();
520 notAfter = ASN1_TIME_new();
521 time_t timeNow = time(NULL);
522 ASN1_TIME_set(tmp, timeNow - t1);
523 ASN1_TYPE_set(signTime, V_ASN1_UTCTIME, tmp);
524 ASN1_TIME_set(notBefore, timeNow);
525 ASN1_TIME_set(notAfter, timeNow + t1);
526 int result = PKCS7Data::CheckSignTimeInValidPeriod(signTime, notBefore, notAfter);
527 ASN1_TYPE_free(signTime);
528 ASN1_TIME_free(notBefore);
529 ASN1_TIME_free(notAfter);
530 EXPECT_TRUE(result < 0);
531 }
532
533 /**
534 * @tc.name: pkcs7_test023
535 * @tc.desc: Test function of PKCS7Data::CheckSignTimeInValidPeriod() failed for invalid asn1_time.
536 * @tc.size: MEDIUM
537 * @tc.type: FUNC
538 * @tc.level Level 1
539 * @tc.require: SR000H63TL
540 */
541 HWTEST_F(Pkcs7DataTest, pkcs7_test023, testing::ext::TestSize.Level1)
542 {
543 ASN1_TIME* tmp = NULL;
544 ASN1_TYPE* signTime = NULL;
545 ASN1_TIME* notBefore = NULL;
546 ASN1_TIME* notAfter = NULL;
547 time_t t1 = 365 * 24 * 3600;
548
549 signTime = ASN1_TYPE_new();
550 tmp = ASN1_TIME_new();
551 notBefore = ASN1_TIME_new();
552 notAfter = ASN1_TIME_new();
553 time_t timeNow = time(NULL);
554 ASN1_TIME_set(tmp, timeNow + t1);
555 ASN1_TYPE_set(signTime, V_ASN1_UTCTIME, tmp);
556 ASN1_TIME_set(notBefore, timeNow - t1);
557 ASN1_TIME_set(notAfter, timeNow);
558 int result = PKCS7Data::CheckSignTimeInValidPeriod(signTime, notBefore, notAfter);
559 ASN1_TYPE_free(signTime);
560 ASN1_TIME_free(notBefore);
561 ASN1_TIME_free(notAfter);
562 EXPECT_TRUE(result < 0);
563 }
564
565 /**
566 * @tc.name: pkcs7_test024
567 * @tc.desc: Test function of HapSignTool::RunSignProfile() failed for no requred mode.
568 * @tc.size: MEDIUM
569 * @tc.type: FUNC
570 * @tc.level Level 1
571 * @tc.require: SR000H63TL
572 */
573 HWTEST_F(Pkcs7DataTest, pkcs7_test024, testing::ext::TestSize.Level1)
574 {
575 Options options;
576 char keyStorePwd[] = "123456";
577 char keypwd[] = "123456";
578 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
579 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
580 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
581 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
582 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
583 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
584 options[Options::KEY_RIGHTS] = keypwd;
585 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
586
587 LocalizationAdapter adapter(&options);
588 SignToolServiceImpl api;
589 bool result = ParamsRunTool::RunSignProfile(&options, api);
590 EXPECT_EQ(result, false);
591 }
592
593 /**
594 * @tc.name: pkcs7_test025
595 * @tc.desc: Test function of HapSignTool::RunSignProfile() failed for no required sigAlg.
596 * @tc.size: MEDIUM
597 * @tc.type: FUNC
598 * @tc.level Level 1
599 * @tc.require: SR000H63TL
600 */
601 HWTEST_F(Pkcs7DataTest, pkcs7_test025, testing::ext::TestSize.Level1)
602 {
603 Options options;
604 char keyStorePwd[] = "123456";
605 char keypwd[] = "123456";
606 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
607 options[Options::MODE] = SIGN_PROFILE_MODE;
608 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
609 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
610 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
611 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
612 options[Options::KEY_RIGHTS] = keypwd;
613 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
614
615 LocalizationAdapter adapter(&options);
616 SignToolServiceImpl api;
617 bool result = ParamsRunTool::RunSignProfile(&options, api);
618 EXPECT_EQ(result, false);
619 }
620
621 /**
622 * @tc.name: pkcs7_test026
623 * @tc.desc: Test function of HapSignTool::RunSignProfile() failed for no output File.
624 * @tc.size: MEDIUM
625 * @tc.type: FUNC
626 * @tc.level Level 1
627 * @tc.require: SR000H63TL
628 */
629 HWTEST_F(Pkcs7DataTest, pkcs7_test026, testing::ext::TestSize.Level1)
630 {
631 Options options;
632 char keyStorePwd[] = "123456";
633 char keypwd[] = "123456";
634 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
635 options[Options::MODE] = SIGN_PROFILE_MODE;
636 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
637 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
638 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
639 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
640 options[Options::KEY_RIGHTS] = keypwd;
641 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
642
643 LocalizationAdapter adapter(&options);
644 SignToolServiceImpl api;
645 bool result = ParamsRunTool::RunSignProfile(&options, api);
646 EXPECT_EQ(result, false);
647 }
648
649 /**
650 * @tc.name: pkcs7_test027
651 * @tc.desc: Test function of HapSignTool::RunSignProfile() failed for no inFile.
652 * @tc.size: MEDIUM
653 * @tc.type: FUNC
654 * @tc.level Level 1
655 * @tc.require: SR000H63TL
656 */
657 HWTEST_F(Pkcs7DataTest, pkcs7_test027, testing::ext::TestSize.Level1)
658 {
659 Options options;
660 char keyStorePwd[] = "123456";
661 char keypwd[] = "123456";
662 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
663 options[Options::MODE] = SIGN_PROFILE_MODE;
664 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
665 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
666 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
667 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
668 options[Options::KEY_RIGHTS] = keypwd;
669 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
670
671 LocalizationAdapter adapter(&options);
672 SignToolServiceImpl api;
673 bool result = ParamsRunTool::RunSignProfile(&options, api);
674 EXPECT_EQ(result, false);
675 }
676
677 /**
678 * @tc.name: pkcs7_test028
679 * @tc.desc: Test function of HapSignTool::RunSignProfile() failed for invalid mode.
680 * @tc.size: MEDIUM
681 * @tc.type: FUNC
682 * @tc.level Level 1
683 * @tc.require: SR000H63TL
684 */
685 HWTEST_F(Pkcs7DataTest, pkcs7_test028, testing::ext::TestSize.Level1)
686 {
687 Options options;
688 char keyStorePwd[] = "123456";
689 char keypwd[] = "123456";
690 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
691 options[Options::MODE] = "LocalSign";
692 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
693 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
694 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
695 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
696 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
697 options[Options::KEY_RIGHTS] = keypwd;
698 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
699
700 LocalizationAdapter adapter(&options);
701 SignToolServiceImpl api;
702 bool result = ParamsRunTool::RunSignProfile(&options, api);
703 EXPECT_EQ(result, false);
704 }
705
706 /**
707 * @tc.name: pkcs7_test029
708 * @tc.desc: Test function of HapSignTool::RunSignProfile() failed for no mode param.
709 * @tc.size: MEDIUM
710 * @tc.type: FUNC
711 * @tc.level Level 1
712 * @tc.require: SR000H63TL
713 */
714 HWTEST_F(Pkcs7DataTest, pkcs7_test029, testing::ext::TestSize.Level1)
715 {
716 Options options;
717 char keyStorePwd[] = "123456";
718 char keypwd[] = "123456";
719 options[Options::MODE] = SIGN_PROFILE_MODE;
720 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
721 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
722 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
723 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
724 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
725 options[Options::KEY_RIGHTS] = keypwd;
726 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
727
728 LocalizationAdapter adapter(&options);
729 SignToolServiceImpl api;
730 bool result = ParamsRunTool::RunSignProfile(&options, api);
731 EXPECT_EQ(result, false);
732 }
733
734 /**
735 * @tc.name: pkcs7_test030
736 * @tc.desc: Test function of HapSignTool::RunSignProfile() failed for no profile cert file.
737 * @tc.size: MEDIUM
738 * @tc.type: FUNC
739 * @tc.level Level 1
740 * @tc.require: SR000H63TL
741 */
742 HWTEST_F(Pkcs7DataTest, pkcs7_test030, testing::ext::TestSize.Level1)
743 {
744 Options options;
745 char keyStorePwd[] = "123456";
746 char keypwd[] = "123456";
747 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
748 options[Options::MODE] = SIGN_PROFILE_MODE;
749 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
750 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
751 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
752 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
753 options[Options::KEY_RIGHTS] = keypwd;
754 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
755
756 LocalizationAdapter adapter(&options);
757 SignToolServiceImpl api;
758 bool result = ParamsRunTool::RunSignProfile(&options, api);
759 EXPECT_EQ(result, false);
760 }
761
762 /**
763 * @tc.name: pkcs7_test031
764 * @tc.desc: Test function of HapSignTool::RunSignProfile() failed for no keystore file.
765 * @tc.size: MEDIUM
766 * @tc.type: FUNC
767 * @tc.level Level 1
768 * @tc.require: SR000H63TL
769 */
770 HWTEST_F(Pkcs7DataTest, pkcs7_test031, testing::ext::TestSize.Level1)
771 {
772 Options options;
773 char keyStorePwd[] = "123456";
774 char keypwd[] = "123456";
775 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
776 options[Options::MODE] = SIGN_PROFILE_MODE;
777 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
778 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
779 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
780 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
781 options[Options::KEY_RIGHTS] = keypwd;
782 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
783
784 LocalizationAdapter adapter(&options);
785 SignToolServiceImpl api;
786 bool result = ParamsRunTool::RunSignProfile(&options, api);
787 EXPECT_EQ(result, false);
788 }
789
790 /**
791 * @tc.name: pkcs7_test032
792 * @tc.desc: Test function of SignToolServiceImpl::GetProvisionContent() failed for invalid json.
793 * @tc.size: MEDIUM
794 * @tc.type: FUNC
795 * @tc.level Level 1
796 * @tc.require: SR000H63TL
797 */
798 HWTEST_F(Pkcs7DataTest, pkcs7_test032, testing::ext::TestSize.Level1)
799 {
800 std::string ret;
801 const std::string input = "invalid.txt";
802 SignToolServiceImpl::GetProvisionContent(input, ret);
803 EXPECT_TRUE(ret.empty());
804 }
805
806 /**
807 * @tc.name: pkcs7_test033
808 * @tc.desc: Test function of VerifyHapOpensslUtils::ParsePkcs7Package() failed for invalid packageLen .
809 * @tc.size: MEDIUM
810 * @tc.type: FUNC
811 * @tc.level Level 1
812 * @tc.require: SR000H63TL
813 */
814 HWTEST_F(Pkcs7DataTest, pkcs7_test033, testing::ext::TestSize.Level1)
815 {
816 unsigned char packageData[] = "hello,world";
817 uint32_t packageLen = 0;
818 Pkcs7Context ctx;
819 bool result = VerifyHapOpensslUtils::ParsePkcs7Package(packageData, packageLen, ctx);
820 EXPECT_EQ(result, false);
821 }
822
823 /**
824 * @tc.name: pkcs7_test034
825 * @tc.desc: Test function of SignToolServiceImpl::SignProfile() failed for empty json.
826 * @tc.size: MEDIUM
827 * @tc.type: FUNC
828 * @tc.level Level 1
829 * @tc.require: SR000H63TL
830 */
831 HWTEST_F(Pkcs7DataTest, pkcs7_test034, testing::ext::TestSize.Level1)
832 {
833 Options options;
834 char keyStorePwd[] = "123456";
835 char keypwd[] = "123456";
836 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
837 options[Options::MODE] = SIGN_PROFILE_MODE;
838 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
839 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
840 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
841 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
842 options[Options::IN_FILE] = std::string("test.bin");
843 options[Options::KEY_RIGHTS] = keypwd;
844 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
845
846 LocalizationAdapter adapter(&options);
847 SignToolServiceImpl api;
848 bool result = api.SignProfile(&options);
849 EXPECT_EQ(result, false);
850 }
851
852 /**
853 * @tc.name: pkcs7_test035
854 * @tc.desc: Test function of SignToolServiceImpl::SignProfile() interface for SUCCESS.
855 * @tc.size: MEDIUM
856 * @tc.type: FUNC
857 * @tc.level Level 1
858 * @tc.require: SR000H63TL
859 */
860 HWTEST_F(Pkcs7DataTest, pkcs7_test035, testing::ext::TestSize.Level1)
861 {
862 Options options;
863 char keyStorePwd[] = "123456";
864 char keypwd[] = "123456";
865 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
866 options[Options::MODE] = SIGN_PROFILE_MODE;
867 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_PROFILE_CERT_FILE;
868 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
869 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
870 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
871 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
872 options[Options::KEY_RIGHTS] = keypwd;
873 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
874
875 LocalizationAdapter adapter(&options);
876 SignToolServiceImpl api;
877 bool result = api.SignProfile(&options);
878 EXPECT_EQ(result, true);
879 }
880
881 /**
882 * @tc.name: pkcs7_test036
883 * @tc.desc: Test function of SignToolServiceImpl::SignProfile() failed for invalid certchain.
884 * @tc.size: MEDIUM
885 * @tc.type: FUNC
886 * @tc.level Level 1
887 * @tc.require: SR000H63TL
888 */
889 HWTEST_F(Pkcs7DataTest, pkcs7_test036, testing::ext::TestSize.Level1)
890 {
891 Options options;
892 char keyStorePwd[] = "123456";
893 char keypwd[] = "123456";
894 options[Options::KEY_ALIAS] = SIGN_PROFILE_KEY_ALIAS;
895 options[Options::MODE] = SIGN_PROFILE_MODE;
896 options[Options::PROFILE_CERT_FILE] = SIGN_PROFILE_DOUBLE_CERT_PEM;
897 options[Options::SIGN_ALG] = SIGN_PROFILE_SIGN_ALG;
898 options[Options::KEY_STORE_FILE] = SIGN_PROFILE_KEY_STORE_FILE;
899 options[Options::OUT_FILE] = SIGN_PROFILE_OUT_FILE;
900 options[Options::IN_FILE] = SIGN_PROFILE_IN_FILE;
901 options[Options::KEY_RIGHTS] = keypwd;
902 options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
903
904 LocalizationAdapter adapter(&options);
905 SignToolServiceImpl api;
906 bool result = api.SignProfile(&options);
907 EXPECT_EQ(result, false);
908 }
909
910 /**
911 * @tc.name: pkcs7_test037
912 * @tc.desc: Test function of SignToolServiceImpl::VerifyProfile() failed for invalid pkcs7.
913 * @tc.size: MEDIUM
914 * @tc.type: FUNC
915 * @tc.level Level 1
916 * @tc.require: SR000H63TL
917 */
918 HWTEST_F(Pkcs7DataTest, pkcs7_test037, testing::ext::TestSize.Level1)
919 {
920 Options options;
921 options[Options::IN_FILE] = SIGN_PROFILE_CERT_PEM;
922 options[Options::OUT_FILE] = VERIFY_PROFILE_OUT_FILE;
923 bool result = false;
924 SignToolServiceImpl api;
925 result = api.VerifyProfile(&options);
926 EXPECT_EQ(result, false);
927 }
928
929 /**
930 * @tc.name: pkcs7_test038
931 * @tc.desc: Test function of SignToolServiceImpl::VerifyProfile() interface for SUCCESS json写入OUT_FILE.
932 * @tc.size: MEDIUM
933 * @tc.type: FUNC
934 * @tc.level Level 1
935 * @tc.require: SR000H63TL
936 */
937 HWTEST_F(Pkcs7DataTest, pkcs7_test038, testing::ext::TestSize.Level1)
938 {
939 Options options;
940 options[Options::IN_FILE] = VERIFY_PROFILE_IN_FILE;
941 bool result = false;
942 SignToolServiceImpl api;
943 result = api.VerifyProfile(&options);
944 EXPECT_EQ(result, true);
945 }
946
947 /**
948 * @tc.name: pkcs7_test039
949 * @tc.desc: Test function of SignToolServiceImpl::VerifyProfile() failed for invalid pkcs7.
950 * @tc.size: MEDIUM
951 * @tc.type: FUNC
952 * @tc.level Level 1
953 * @tc.require: SR000H63TL
954 */
955 HWTEST_F(Pkcs7DataTest, pkcs7_test039, testing::ext::TestSize.Level1)
956 {
957 Options options;
958 options[Options::IN_FILE] = std::string("text.bin");
959 bool result = false;
960 SignToolServiceImpl api;
961 result = api.VerifyProfile(&options);
962 EXPECT_EQ(result, false);
963 }
964
965 }
966 }