1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17 #include <iostream>
18 #include <string>
19
20 #define private public
21 #include "tls.h"
22 #include "tls_key.h"
23
24 namespace OHOS {
25 namespace NetStack {
26 namespace TlsSocket {
27 namespace {
28 using namespace testing::ext;
29 constexpr int FILE_READ_KEY_LEN = 4096;
30 constexpr int RSA_KEY_LEN = 2048;
31 static char g_keyFile[] =
32 "-----BEGIN RSA PRIVATE KEY-----\r\n"
33 "MIIEowIBAAKCAQEAqVzrf6PkLu0uhp5yl2HPNm0vLyI1KLqgsdz5s+JvVdbPXNxD\r\n"
34 "g6fmdwa64tJXZPKx7i1KwNs/Jx3xv1N6rqB0au+Ku0Zdq7zbMCqej63SbFW1XWvQ\r\n"
35 "6RJ76GcitgrFMTlQN4AzfX0xLFaUJHRuDS4QC5UE9CmV3kD09BNgItu/hxPAHSwg\r\n"
36 "q6myc1uufYCwCUIV3bzxd65M343zubTlwOSmsCSqQIl8C1Gd6NWT69tL4fq2hHc/\r\n"
37 "09VAlcLvugztwM6NHwDCmRFEDz3RdRahAvCEde8OkY/Aor6UucYWzCJofLeyKVQg\r\n"
38 "6J3CTsT/zUE6pdKTvuhQbpRCtWKWSa7qDv1WywIDAQABAoIBAFGpbCPvcmbuFjDy\r\n"
39 "1W4Iy1EC9G1VoSwyUKlyUzRZSjWpjfLIggVJP+bEZ/hWU61pGEIvtIupK5pA5f/K\r\n"
40 "0KzC0V9+gPYrx563QTjIVAwTVBLIgNq60dCQCQ7WK/Z62voRGIyqVCl94+ftFyE8\r\n"
41 "wpO4UiRDhk/0fT7dMz882G32ZzNJmY9eHu+yOaRctJW2gRBROHpQfDGBCz7w8s2j\r\n"
42 "ulIcnvwGOrvVllsL+vgY95M0LOq0W8ObbUSlawTnNTSRxFL68Hz5EaVJ19EYvEcC\r\n"
43 "eWnpEqIfF8OhQ+mYbdrAutXCkqJLz3rdu5P2Lbk5Ht5ETfr7rtUzvb4+ExIcxVOs\r\n"
44 "eys8EgECgYEA29tTxJOy2Cb4DKB9KwTErD1sFt9Ed+Z/A3RGmnM+/h75DHccqS8n\r\n"
45 "g9DpvHVMcMWYFVYGlEHC1F+bupM9CgxqQcVhGk/ysJ5kXF6lSTnOQxORnku3HXnV\r\n"
46 "4QzgKtLfHbukW1Y2RZM3aCz+Hg+bJrpacWyWZ4tRWNYsO58JRaubZjsCgYEAxTSP\r\n"
47 "yUBleQejl5qO76PGUUs2W8+GPr492NJGb63mEiM1zTYLVN0uuDJ2JixzHb6o1NXZ\r\n"
48 "6i00pSksT3+s0eiBTRnF6BJ0y/8J07ZnfQQXRAP8ypiZtd3jdOnUxEHfBw2QaIdP\r\n"
49 "tVdUc2mpIhosAYT9sWpHYvlUqTCdeLwhkYfgeLECgYBoajjVcmQM3i0OKiZoCOKy\r\n"
50 "/pTYI/8rho+p/04MylEPdXxIXEWDYD6/DrgDZh4ArQc2kt2bCcRTAnk+WfEyVYUd\r\n"
51 "aXVdfry+/uqhJ94N8eMw3hlZeZIk8JkQQgIwtGd8goJjUoWB85Hr6vphIn5IHVcY\r\n"
52 "6T5hPLxMmaL2SeioawDpwwKBgQCFXjDH6Hc3zQTEKND2HIqou/b9THH7yOlG056z\r\n"
53 "NKZeKdXe/OfY8uT/yZDB7FnGCgVgO2huyTfLYvcGpNAZ/eZEYGPJuYGn3MmmlruS\r\n"
54 "fsvFQfUahu2dY3zKusEcIXhV6sR5DNnJSFBi5VhvKcgNFwYDkF7K/thUu/4jgwgo\r\n"
55 "xf33YQKBgDQffkP1jWqT/pzlVLFtF85/3eCC/uedBfxXknVMrWE+CM/Vsx9cvBZw\r\n"
56 "hi15LA5+hEdbgvj87hmMiCOc75e0oz2Rd12ZoRlBVfbncH9ngfqBNQElM7Bueqoc\r\n"
57 "JOpKV+gw0gQtiu4beIdFnYsdZoZwrTjC4rW7OI0WYoLJabMFFh3I\r\n"
58 "-----END RSA PRIVATE KEY-----\r\n";
59 } // namespace
60
61 class TlsKeyTest : public testing::Test {
62 public:
SetUpTestCase()63 static void SetUpTestCase() {}
64
TearDownTestCase()65 static void TearDownTestCase() {}
66
SetUp()67 virtual void SetUp() {}
68
TearDown()69 virtual void TearDown() {}
70 };
71
72 HWTEST_F(TlsKeyTest, AlgorithmTest, TestSize.Level2)
73 {
74 SecureData structureData(g_keyFile);
75 std::string keyPassStr = "";
76 SecureData keyPass(keyPassStr);
77 TLSKey tlsKey = TLSKey(structureData, ALGORITHM_RSA, keyPass);
78 KeyAlgorithm algorithm = tlsKey.Algorithm();
79 EXPECT_EQ(algorithm, ALGORITHM_RSA);
80 }
81
82 HWTEST_F(TlsKeyTest, DecodePemTest, TestSize.Level2)
83 {
84 std::string fileName = "";
85 std::string keyPassStr = "";
86 SecureData keyPass(keyPassStr);
87 TLSKey tlsKey1 = TLSKey(fileName, ALGORITHM_RSA, keyPass);
88 TLSKey tlsKey2 = TLSKey(fileName, ALGORITHM_RSA, keyPass, EncodingFormat::DER);
89 std::string fileName2 = "/system/lib";
90 TLSKey tlsKey3 = TLSKey(fileName2, ALGORITHM_RSA, keyPass);
91 TLSKey tlsKey4 = TLSKey(fileName2, ALGORITHM_RSA, keyPass, EncodingFormat::DER);
92 SecureData structureData(g_keyFile);
93 structureData.length_ = sizeof(g_keyFile);
94 TLSKey tlsKey = TLSKey(structureData, ALGORITHM_RSA, keyPass);
95 EXPECT_EQ(tlsKey.keyIsNull_, false);
96 }
97
98 HWTEST_F(TlsKeyTest, CopyConstruction, TestSize.Level2)
99 {
100 SecureData structureData(g_keyFile);
101 std::string keyPassStr = "";
102 SecureData keyPass(keyPassStr);
103 TLSKey tlsKey = TLSKey(structureData, ALGORITHM_RSA, keyPass);
104 TLSKey tlsKeyCopy = TLSKey(tlsKey);
105 KeyAlgorithm algorithm = tlsKeyCopy.Algorithm();
106 EXPECT_EQ(algorithm, ALGORITHM_RSA);
107 }
108
109 HWTEST_F(TlsKeyTest, AssignmentConstruction, TestSize.Level2)
110 {
111 SecureData structureData(g_keyFile);
112 std::string keyPassStr = "";
113 SecureData keyPass(keyPassStr);
114 TLSKey tlsKey = TLSKey(structureData, ALGORITHM_RSA, keyPass);
115 TLSKey key = tlsKey;
116 KeyAlgorithm algorithm = key.Algorithm();
117 EXPECT_EQ(algorithm, ALGORITHM_RSA);
118 }
119
120 HWTEST_F(TlsKeyTest, HandleTest, TestSize.Level2)
121 {
122 SecureData structureData(g_keyFile);
123 std::string keyPassStr = "";
124 SecureData keyPass(keyPassStr);
125 TLSKey tlsKey = TLSKey(structureData, ALGORITHM_RSA, keyPass);
126 Handle handle = tlsKey.handle();
127 EXPECT_NE(handle, nullptr);
128 tlsKey.Clear(true);
129 TLSKey tlsKeyDsa = TLSKey(structureData, ALGORITHM_DSA, keyPass);
130 Handle handleDsa = tlsKeyDsa.handle();
131 EXPECT_EQ(handleDsa, nullptr);
132 tlsKeyDsa.Clear(true);
133 TLSKey tlsKeyEc = TLSKey(structureData, ALGORITHM_EC, keyPass);
134 Handle handleEc = tlsKeyEc.handle();
135 EXPECT_EQ(handleEc, nullptr);
136 tlsKeyEc.Clear(true);
137 TLSKey tlsKeyDh = TLSKey(structureData, ALGORITHM_DH, keyPass);
138 Handle handleDh = tlsKeyDh.handle();
139 EXPECT_EQ(handleDh, nullptr);
140 tlsKeyDh.Clear(true);
141 TLSKey tlsKeyOpaque = TLSKey(structureData, OPAQUE, keyPass);
142 Handle handleOpaque = tlsKeyOpaque.handle();
143 EXPECT_EQ(handleOpaque, nullptr);
144 tlsKeyOpaque.Clear(true);
145 TLSKey keyOpaque = tlsKeyOpaque;
146 EXPECT_NE(handle, nullptr);
147 }
148
149 HWTEST_F(TlsKeyTest, GetKeyPassTest, TestSize.Level2)
150 {
151 SecureData structureData(g_keyFile);
152 std::string keyPassStr = "";
153 SecureData keyPass(keyPassStr);
154 TLSKey tlsKey = TLSKey(structureData, ALGORITHM_RSA, keyPass);
155 SecureData getKeyPass = tlsKey.GetKeyPass();
156 EXPECT_EQ(getKeyPass.Length(), keyPass.Length());
157 }
158
159 HWTEST_F(TlsKeyTest, GetKeyDataTest, TestSize.Level2)
160 {
161 SecureData structureData(g_keyFile);
162 std::string keyPassStr = "";
163 SecureData keyPass(keyPassStr);
164 TLSKey tlsKey = TLSKey(structureData, ALGORITHM_RSA, keyPass);
165 SecureData getKeyData = tlsKey.GetKeyData();
166 EXPECT_EQ(getKeyData.Length(), structureData.Length());
167 }
168
169 HWTEST_F(TlsKeyTest, AlgorithmTest2, TestSize.Level2)
170 {
171 SecureData structureData(g_keyFile);
172 std::string keyPassStr = "";
173 SecureData keyPass(keyPassStr);
174 TLSKey tlsKeyDsa = TLSKey(structureData, ALGORITHM_DSA, keyPass);
175 TLSKey keyDsa = tlsKeyDsa;
176 TLSKey tlsKeyEc = TLSKey(structureData, ALGORITHM_EC, keyPass);
177 TLSKey keyEc = tlsKeyEc;
178 TLSKey tlsKeyDh = TLSKey(structureData, ALGORITHM_DH, keyPass);
179 TLSKey keyDh = tlsKeyDh;
180 TLSKey tlsKeyOpaque = TLSKey(structureData, OPAQUE, keyPass);
181 TLSKey keyOpaque = tlsKeyOpaque;
182 SecureData getKeyData = tlsKeyDsa.GetKeyData();
183 EXPECT_EQ(getKeyData.Length(), structureData.Length());
184 }
185
186 HWTEST_F(TlsKeyTest, SwitchAlgorithmTest, TestSize.Level2)
187 {
188 SecureData structureData(g_keyFile);
189 std::string keyPassStr = "";
190
191 KeyType typePublic = KeyType::PUBLIC_KEY;
192 SecureData keyPass(keyPassStr);
193 KeyType typePrivate = KeyType::PRIVATE_KEY;
194 char privateKey[FILE_READ_KEY_LEN] = {0};
195 const char *privateKeyData = static_cast<const char *>(privateKey);
196 BIO *bio = BIO_new_mem_buf(privateKeyData, -1);
197 TLSKey tlsKeyRsa = TLSKey(structureData, ALGORITHM_RSA, keyPass);
198 tlsKeyRsa.SwitchAlgorithm(typePrivate, ALGORITHM_RSA, bio);
199 tlsKeyRsa.SwitchAlgorithm(typePublic, ALGORITHM_RSA, bio);
200 TLSKey tlsKeyDsa = TLSKey(structureData, ALGORITHM_DSA, keyPass);
201 tlsKeyDsa.SwitchAlgorithm(typePrivate, ALGORITHM_DSA, bio);
202 tlsKeyDsa.SwitchAlgorithm(typePublic, ALGORITHM_DSA, bio);
203 TLSKey tlsKeyEc = TLSKey(structureData, ALGORITHM_EC, keyPass);
204 tlsKeyEc.SwitchAlgorithm(typePrivate, ALGORITHM_EC, bio);
205 tlsKeyEc.SwitchAlgorithm(typePublic, ALGORITHM_EC, bio);
206 TLSKey tlsKeyDh = TLSKey(structureData, ALGORITHM_DH, keyPass);
207 tlsKeyDh.SwitchAlgorithm(typePrivate, ALGORITHM_DH, bio);
208 tlsKeyDh.SwitchAlgorithm(typePublic, ALGORITHM_DH, bio);
209 TLSKey tlsKeyOpaque = TLSKey(structureData, OPAQUE, keyPass);
210 tlsKeyOpaque.SwitchAlgorithm(typePrivate, OPAQUE, bio);
211 tlsKeyOpaque.SwitchAlgorithm(typePublic, OPAQUE, bio);
212 SecureData getKeyData = tlsKeyDsa.GetKeyData();
213 EXPECT_EQ(getKeyData.Length(), structureData.Length());
214 }
215
216 HWTEST_F(TlsKeyTest, ClearTest, TestSize.Level2)
217 {
218 SecureData structureData(g_keyFile);
219 std::string keyPassStr = "";
220 SecureData keyPass(keyPassStr);
221 TLSKey tlsKeyDsa = TLSKey(structureData, ALGORITHM_DSA, keyPass);
222 tlsKeyDsa.dsa_ = DSA_new();
223 tlsKeyDsa.Clear(true);
224 TLSKey tlsKeyDh = TLSKey(structureData, ALGORITHM_DH, keyPass);
225 tlsKeyDh.dh_ = DH_new();
226 tlsKeyDh.Clear(true);
227 TLSKey tlsKeyEc = TLSKey(structureData, ALGORITHM_EC, keyPass);
228 tlsKeyEc.ec_ = EC_KEY_new();
229 tlsKeyEc.Clear(true);
230 TLSKey tlsKeyOpaque = TLSKey(structureData, OPAQUE, keyPass);
231 tlsKeyOpaque.opaque_ = EVP_PKEY_new();
232 tlsKeyOpaque.Clear(true);
233 EXPECT_EQ(tlsKeyOpaque.keyIsNull_, true);
234 }
235
236 HWTEST_F(TlsKeyTest, DecodeDataTest, TestSize.Level2)
237 {
238 SecureData data;
239 std::string keyPassStr = "";
240 SecureData keyPass(keyPassStr);
241 TLSKey tlsKey = TLSKey(data, ALGORITHM_DSA, keyPass);
242 tlsKey.DecodeData(data, ALGORITHM_DSA, keyPass);
243 SecureData getKeyData = tlsKey.GetKeyData();
244 EXPECT_EQ(getKeyData.Length(), data.Length());
245 }
246
GenerateRSAKeyPEM()247 std::string GenerateRSAKeyPEM()
248 {
249 RSA *rsa = RSA_new();
250 if (rsa == nullptr) {
251 return "";
252 }
253 if (RSA_generate_key_ex(rsa, RSA_KEY_LEN, nullptr, nullptr) != 1) {
254 RSA_free(rsa);
255 return "";
256 }
257 BIO *bio = BIO_new(BIO_s_mem());
258 if (bio == nullptr) {
259 RSA_free(rsa);
260 return "";
261 }
262 if (PEM_write_bio_RSAPrivateKey(bio, rsa, nullptr, nullptr, 0, nullptr, nullptr) != 1) {
263 BIO_free(bio);
264 RSA_free(rsa);
265 return "";
266 }
267 char *buffer;
268 long len = BIO_get_mem_data(bio, &buffer);
269 std::string pemKey(buffer, len);
270
271 BIO_free(bio);
272 RSA_free(rsa);
273 return pemKey;
274 }
275
276 HWTEST_F(TlsKeyTest, DecodeDataTest002, TestSize.Level2)
277 {
278 std::string rsaPem = GenerateRSAKeyPEM();
279 SecureData data(rsaPem);
280 SecureData passPhrase;
281 TLSKey tlsKey = TLSKey(data, passPhrase);
282 tlsKey.DecodeData(data, passPhrase);
283 EXPECT_NE(tlsKey.rsa_, nullptr);
284 EXPECT_EQ(tlsKey.keyAlgorithm_, ALGORITHM_RSA);
285 }
286
GenerateECKeyPEM()287 std::string GenerateECKeyPEM()
288 {
289 const EC_GROUP *group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
290 if (group == nullptr) {
291 return "";
292 }
293 EC_KEY *ecKey = EC_KEY_new();
294 if (ecKey == nullptr) {
295 EC_GROUP_free((EC_GROUP*)group);
296 return "";
297 }
298 if (EC_KEY_set_group(ecKey, group) != 1) {
299 EC_KEY_free(ecKey);
300 EC_GROUP_free((EC_GROUP*)group);
301 return "";
302 }
303 if (EC_KEY_generate_key(ecKey) != 1) {
304 EC_KEY_free(ecKey);
305 EC_GROUP_free((EC_GROUP*)group);
306 return "";
307 }
308 BIO *bio = BIO_new(BIO_s_mem());
309 if (bio == nullptr) {
310 EC_KEY_free(ecKey);
311 EC_GROUP_free((EC_GROUP*)group);
312 return "";
313 }
314 if (PEM_write_bio_ECPrivateKey(bio, ecKey, nullptr, nullptr, 0, nullptr, nullptr) != 1) {
315 BIO_free(bio);
316 EC_KEY_free(ecKey);
317 EC_GROUP_free((EC_GROUP*)group);
318 return "";
319 }
320 char *buffer;
321 long len = BIO_get_mem_data(bio, &buffer);
322 std::string pemKey(buffer, len);
323
324 BIO_free(bio);
325 EC_KEY_free(ecKey);
326 EC_GROUP_free((EC_GROUP*)group);
327 return pemKey;
328 }
329
330 HWTEST_F(TlsKeyTest, DecodeDataTest003, TestSize.Level2)
331 {
332 std::string ecPem = GenerateECKeyPEM();
333 SecureData data(ecPem);
334 SecureData passPhrase;
335 TLSKey tlsKey = TLSKey(data, passPhrase);
336 tlsKey.DecodeData(data, passPhrase);
337 EXPECT_NE(tlsKey.ec_, nullptr);
338 EXPECT_EQ(tlsKey.keyAlgorithm_, ALGORITHM_EC);
339 }
340
GenerateUnsupportedKeyPEM()341 std::string GenerateUnsupportedKeyPEM()
342 {
343 EVP_PKEY *evpPkey = EVP_PKEY_new();
344 if (evpPkey == nullptr) {
345 return "";
346 }
347 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
348 if (EVP_PKEY_generate(ctx, &evpPkey) != 1) {
349 EVP_PKEY_CTX_free(ctx);
350 EVP_PKEY_free(evpPkey);
351 return "";
352 }
353 EVP_PKEY_CTX_free(ctx);
354 BIO *bio = BIO_new(BIO_s_mem());
355 if (bio == nullptr) {
356 EVP_PKEY_free(evpPkey);
357 return "";
358 }
359 if (PEM_write_bio_PrivateKey(bio, evpPkey, nullptr, nullptr, 0, nullptr, nullptr) != 1) {
360 BIO_free(bio);
361 EVP_PKEY_free(evpPkey);
362 return "";
363 }
364 char *buffer;
365 long len = BIO_get_mem_data(bio, &buffer);
366 std::string pemKey(buffer, len);
367
368 BIO_free(bio);
369 EVP_PKEY_free(evpPkey);
370 return pemKey;
371 }
372
373 HWTEST_F(TlsKeyTest, DecodeDataTest004, TestSize.Level2)
374 {
375 std::string unsupportedPem = GenerateUnsupportedKeyPEM();
376 SecureData data(unsupportedPem);
377 SecureData passPhrase;
378 TLSKey tlsKey = TLSKey(data, passPhrase);
379 tlsKey.DecodeData(data, passPhrase);
380 EXPECT_TRUE(tlsKey.keyIsNull_);
381 }
382
383 HWTEST_F(TlsKeyTest, SwitchAlgorithmTest002, TestSize.Level2)
384 {
385 std::string rsaPem = GenerateRSAKeyPEM();
386 SecureData data(rsaPem);
387 SecureData passPhrase;
388 BIO *bio = BIO_new_mem_buf(data.Data(), -1);
389 TLSKey tlsKey = TLSKey(data, passPhrase);
390 tlsKey.SwitchAlgorithm(KeyType::PRIVATE_KEY, ALGORITHM_RSA, bio);
391 EXPECT_NE(tlsKey.rsa_, nullptr);
392 EXPECT_FALSE(tlsKey.keyIsNull_);
393 BIO_free(bio);
394 }
395
396 HWTEST_F(TlsKeyTest, SwitchAlgorithmTest003, TestSize.Level2)
397 {
398 std::string ecPem = GenerateECKeyPEM();
399 SecureData data(ecPem);
400 SecureData passPhrase;
401 BIO *bio = BIO_new_mem_buf(data.Data(), -1);
402 TLSKey tlsKey = TLSKey(data, passPhrase);
403 tlsKey.SwitchAlgorithm(KeyType::PRIVATE_KEY, ALGORITHM_RSA, bio);
404 EXPECT_NE(tlsKey.ec_, nullptr);
405 EXPECT_FALSE(tlsKey.keyIsNull_);
406 BIO_free(bio);
407 }
408
409 HWTEST_F(TlsKeyTest, SwitchAlgorithmTest004, TestSize.Level2)
410 {
411 std::string unsupportedPem = GenerateUnsupportedKeyPEM();
412 SecureData data(unsupportedPem);
413 SecureData passPhrase;
414 BIO *bio = BIO_new_mem_buf(data.Data(), -1);
415 TLSKey tlsKey = TLSKey(data, passPhrase);
416 tlsKey.SwitchAlgorithm(KeyType::PRIVATE_KEY, OPAQUE, bio);
417 EXPECT_TRUE(tlsKey.keyIsNull_);
418 BIO_free(bio);
419 }
420 } // namespace TlsSocket
421 } // namespace NetStack
422 } // namespace OHOS