1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17 #include "cJSON.h"
18
19 #ifdef GTEST_API_
20 #define private public
21 #endif
22 #include "iservice_registry.h"
23 #include "system_ability_definition.h"
24 #include "bundle_mgr_proxy.h"
25 #include "net_mgr_log_wrapper.h"
26 #include "net_manager_constants.h"
27 #include "network_security_config.h"
28
29 namespace OHOS {
30 namespace NetManagerStandard {
31 namespace {
32 using namespace testing::ext;
33
34 const std::string TEST_TRUST_ANCHORS(R"([{"certificates": "@resource/raw/ca"}])");
35
36 const std::string TEST_DOMAINS(R"([{"include-subdomains": false, "name": "baidu.com"},
37 {"include-subdomains": true, "name": "taobao.com"}])");
38
39 const std::string TEST_COMPONENT_Network(R"({"NetworkKit": true})");
40 const std::string TEST_COMPONENT_ArkWeb(R"({"ArkWeb": false})");
41
42 const std::string TEST_PINSET(R"({
43 "expiration": "2024-8-6",
44 "pin": [
45 {"digest-algorithm": "sha256", "digest": "Q9TCQAWqP4t+eq41xnKaUgJdrPWqyG5L+Ni2YzMhqdY="},
46 {"digest-algorithm": "sha256", "digest": "Q6TCQAWqP4t+eq41xnKaUgJdrPWqyG5L+Ni2YzMhqdY="}
47 ]})");
48
49 const std::string TEST_CLEARTEXT_TRAFFIC_PERMITTED(R"([{"cleartextTrafficPermitted": false}])");
50 } // namespace
51
52 std::shared_ptr<NetworkSecurityConfig> g_networkSecurityConfig;
53
54 class NetworkSecurityConfigTest : public testing::Test {
55 public:
56 static void SetUpTestCase();
57 static void TearDownTestCase();
58 void SetUp();
59 void TearDown();
60 };
61
SetUpTestCase()62 void NetworkSecurityConfigTest::SetUpTestCase() {}
63
TearDownTestCase()64 void NetworkSecurityConfigTest::TearDownTestCase() {}
65
SetUp()66 void NetworkSecurityConfigTest::SetUp() {}
67
TearDown()68 void NetworkSecurityConfigTest::TearDown() {}
69
BuildTestJsonObject(std::string & content,cJSON * & json)70 void BuildTestJsonObject(std::string &content, cJSON* &json)
71 {
72 json = cJSON_Parse(content.c_str());
73 }
74
75 /**
76 * @tc.name: IsCACertFileNameTest001
77 * @tc.desc: Test NetworkSecurityConfig::IsCACertFileName
78 * @tc.type: FUNC
79 */
80 HWTEST_F(NetworkSecurityConfigTest, IsCACertFileNameTest001, TestSize.Level1)
81 {
82 std::string fileName("cafile.Pem");
83 std::cout << "IsCACertFileNameTest001 In" << std::endl;
84 auto ret = NetworkSecurityConfig::GetInstance().IsCACertFileName(fileName.c_str());
85 EXPECT_EQ(ret, true);
86 }
87
88 /**
89 * @tc.name: GetCAFilesFromPathTest001
90 * @tc.desc: Test NetworkSecurityConfig::GetCAFilesFromPath
91 * @tc.type: FUNC
92 */
93 HWTEST_F(NetworkSecurityConfigTest, GetCAFilesFromPathTest001, TestSize.Level1)
94 {
95 std::string caPath("/etc/security/certificates/test");
96 std::vector<std::string> caFiles;
97 std::cout << "GetCAFilesFromPathTest001 In" << std::endl;
98 NetworkSecurityConfig::GetInstance().GetCAFilesFromPath(caPath, caFiles);
99 EXPECT_EQ(caFiles.size(), 0);
100 }
101
102 /**
103 * @tc.name: AddSurfixToCACertFileNameTest001
104 * @tc.desc: Test NetworkSecurityConfig::AddSurfixToCACertFileName
105 * @tc.type: FUNC
106 */
107 HWTEST_F(NetworkSecurityConfigTest, AddSurfixToCACertFileNameTest001, TestSize.Level1)
108 {
109 std::string caPath("/etc/security/certificates/test");
110 std::set<std::string> allFileNames;
111 std::string caFile("cacert.pem");
112 std::cout << "AddSurfixToCACertFileNameTest001 In" << std::endl;
113 NetworkSecurityConfig::GetInstance().AddSurfixToCACertFileName(caPath, allFileNames, caFile);
114 EXPECT_EQ(allFileNames.size(), 1);
115 }
116
117 /**
118 * @tc.name: ReadCertFileTest001
119 * @tc.desc: Test NetworkSecurityConfig::ReadCertFile
120 * @tc.type: FUNC
121 */
122 HWTEST_F(NetworkSecurityConfigTest, ReadCertFileTest001, TestSize.Level1)
123 {
124 std::string caFile("cacert.pem");
125 std::cout << "ReadCertFileTest001 In" << std::endl;
126 auto ret = NetworkSecurityConfig::GetInstance().ReadCertFile(caFile);
127 EXPECT_EQ(ret, nullptr);
128 }
129
130 /**
131 * @tc.name: GetRehashedCADirName001
132 * @tc.desc: Test NetworkSecurityConfig::GetRehashedCADirName
133 * @tc.type: FUNC
134 */
135 HWTEST_F(NetworkSecurityConfigTest, GetRehashedCADirName001, TestSize.Level1)
136 {
137 std::string caPath("/etc/security/certificates/test");
138 std::string caPathHashValue = "eb6bf998a72433bdeb4eeb32cfa4bc15";
139 std::cout << "GetRehashedCADirName001 In" << std::endl;
140 auto ret = NetworkSecurityConfig::GetInstance().GetRehashedCADirName(caPath);
141 EXPECT_EQ(ret, caPathHashValue);
142 }
143
144 /**
145 * @tc.name: BuildRehasedCAPath001
146 * @tc.desc: Test NetworkSecurityConfig::BuildRehasedCAPath
147 * @tc.type: FUNC
148 */
149 HWTEST_F(NetworkSecurityConfigTest, BuildRehasedCAPath001, TestSize.Level1)
150 {
151 std::string caPath("/etc/security/certificates/test");
152 std::cout << "BuildRehasedCAPath001 In" << std::endl;
153 auto ret = NetworkSecurityConfig::GetInstance().BuildRehasedCAPath(caPath);
154 EXPECT_NE(ret, "");
155 }
156
157 /**
158 * @tc.name: GetRehasedCAPath001
159 * @tc.desc: Test NetworkSecurityConfig::GetRehasedCAPath
160 * @tc.type: FUNC
161 */
162 HWTEST_F(NetworkSecurityConfigTest, GetRehasedCAPath001, TestSize.Level1)
163 {
164 std::string caPath("/etc/security/certificates/test");
165 std::cout << "GetRehasedCAPath001 In" << std::endl;
166 auto ret = NetworkSecurityConfig::GetInstance().GetRehasedCAPath(caPath);
167 EXPECT_NE(ret, "");
168 }
169
170 /**
171 * @tc.name: ReHashCAPathForX509001
172 * @tc.desc: Test NetworkSecurityConfig::ReHashCAPathForX509
173 * @tc.type: FUNC
174 */
175 HWTEST_F(NetworkSecurityConfigTest, ReHashCAPathForX509001, TestSize.Level1)
176 {
177 std::string caPath("/etc/security/certificates/test");
178 std::cout << "ReHashCAPathForX509001 In" << std::endl;
179 auto ret = NetworkSecurityConfig::GetInstance().ReHashCAPathForX509(caPath);
180 EXPECT_EQ(ret, "");
181 }
182
183 /**
184 * @tc.name: ParseJsonTrustAnchorsTest001
185 * @tc.desc: Test NetworkSecurityConfig::ParseJsonTrustAnchors, not applying for
186 * permission,return NETMANAGER_ERR_PERMISSION_DENIED
187 * @tc.type: FUNC
188 */
189 HWTEST_F(NetworkSecurityConfigTest, ParseJsonTrustAnchorsTest001, TestSize.Level1)
190 {
191 cJSON *root = nullptr;
192 TrustAnchors trustAnchors;
193
194 std::string jsonTxt(TEST_TRUST_ANCHORS);
195 BuildTestJsonObject(jsonTxt, root);
196
197 std::cout << "ParseJsonTrustAnchorsTest001 In" << std::endl;
198 NetworkSecurityConfig::GetInstance().ParseJsonTrustAnchors(root, trustAnchors);
199 EXPECT_EQ(trustAnchors.certs_[0], "@resource/raw/ca");
200 }
201
202 /**
203 * @tc.name: ParseJsonDomainsTest001
204 * @tc.desc: Test NetworkSecurityConfig::ParseJsonDomains, not applying for
205 * permission,return NETMANAGER_ERR_PERMISSION_DENIED
206 * @tc.type: FUNC
207 */
208 HWTEST_F(NetworkSecurityConfigTest, ParseJsonDomainsTest001, TestSize.Level1)
209 {
210 cJSON *root = nullptr;
211 std::vector<Domain> domains;
212
213 std::string jsonTxt(TEST_DOMAINS);
214 BuildTestJsonObject(jsonTxt, root);
215
216 std::cout << "ParseJsonDomainsTest001 In" << std::endl;
217 NetworkSecurityConfig::GetInstance().ParseJsonDomains(root, domains);
218 ASSERT_EQ(domains[0].domainName_, "baidu.com");
219 ASSERT_EQ(domains[0].includeSubDomains_, false);
220 ASSERT_EQ(domains[1].domainName_, "taobao.com");
221 EXPECT_EQ(domains[1].includeSubDomains_, true);
222 }
223
224 /**
225 * @tc.name: ParseJsonPinSet001
226 * @tc.desc: Test NetworkSecurityConfig::ParseJsonPinSet, not applying for
227 * permission,return NETMANAGER_ERR_PERMISSION_DENIED
228 * @tc.type: FUNC
229 */
230 HWTEST_F(NetworkSecurityConfigTest, ParseJsonPinSet001, TestSize.Level1)
231 {
232 cJSON *root = nullptr;
233 PinSet pinSet;
234
235 std::string jsonTxt(TEST_PINSET);
236 BuildTestJsonObject(jsonTxt, root);
237
238 std::cout << "ParseJsonPinSet001 In" << std::endl;
239 NetworkSecurityConfig::GetInstance().ParseJsonPinSet(root, pinSet);
240 ASSERT_EQ(pinSet.expiration_, "2024-8-6");
241 ASSERT_EQ(pinSet.pins_[0].digestAlgorithm_, "sha256");
242 ASSERT_EQ(pinSet.pins_[0].digest_, "Q9TCQAWqP4t+eq41xnKaUgJdrPWqyG5L+Ni2YzMhqdY=");
243 ASSERT_EQ(pinSet.pins_[1].digestAlgorithm_, "sha256");
244 EXPECT_EQ(pinSet.pins_[1].digest_, "Q6TCQAWqP4t+eq41xnKaUgJdrPWqyG5L+Ni2YzMhqdY=");
245 }
246
247 /**
248 * @tc.name: HWTEST_F(NetworkSecurityConfigTest, GetPinSetForHostName001, TestSize.Level1)
249 * @tc.desc: Test NetworkSecurityConfig::GetPinSetForHostName, not applying for
250 * permission,return NETMANAGER_ERR_PERMISSION_DENIED
251 * @tc.type: FUNC
252 */
253 HWTEST_F(NetworkSecurityConfigTest, GetPinSetForHostName001, TestSize.Level1)
254 {
255 PinSet pinSet;
256
257 std::string hostname("www.example.com");
258 std::string pins;
259
260 std::cout << "GetPinSetForHostName001 In" << std::endl;
261 auto ret = NetworkSecurityConfig::GetInstance().GetPinSetForHostName(hostname, pins);
262 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
263 }
264
265 /**
266 * @tc.name: HWTEST_F(NetworkSecurityConfigTest, ParseJsonCleartextPermitted001, TestSize.Level1)
267 * @tc.desc: Test NetworkSecurityConfig::ParseJsonCleartextPermitted, not applying for
268 * @tc.type: FUNC
269 */
270 HWTEST_F(NetworkSecurityConfigTest, ParseJsonCleartextPermitted001, TestSize.Level1)
271 {
272 cJSON *root = nullptr;
273 bool cleartextPermitted;
274
275 std::string jsonTxt(TEST_CLEARTEXT_TRAFFIC_PERMITTED);
276 BuildTestJsonObject(jsonTxt, root);
277
278 std::cout << "ParseJsonCleartextPermitted001 In" << std::endl;
279 NetworkSecurityConfig::GetInstance().ParseJsonCleartextPermitted(root, cleartextPermitted);
280 EXPECT_TRUE(cleartextPermitted);
281 }
282
283 /**
284 * @tc.name: HWTEST_F(NetworkSecurityConfigTest, IsCleartextPermitted001, TestSize.Level1)
285 * @tc.desc: Test NetworkSecurityConfig::IsCleartextPermitted, not applying for
286 * @tc.type: FUNC
287 */
288 HWTEST_F(NetworkSecurityConfigTest, IsCleartextPermitted001, TestSize.Level1)
289 {
290 NetworkSecurityConfig::GetInstance().baseConfig_.cleartextTrafficPermitted_ = true;
291 std::cout << "IsCleartextPermitted001 In" << std::endl;
292 bool isclearpermitted;
293 auto ret = NetworkSecurityConfig::GetInstance().IsCleartextPermitted(isclearpermitted);
294 EXPECT_EQ(ret, 0);
295 auto ret2 = NetworkSecurityConfig::GetInstance().IsCleartextPermitted("", isclearpermitted);
296 EXPECT_EQ(ret, 0);
297 }
298
299 /**
300 * @tc.name: HWTEST_F(NetworkSecurityConfigTest, IsCleartextPermitted002, TestSize.Level1)
301 * @tc.desc: Test NetworkSecurityConfig::IsCleartextPermitted, not applying for
302 * @tc.type: FUNC
303 */
304 HWTEST_F(NetworkSecurityConfigTest, IsCleartextPermitted002, TestSize.Level1)
305 {
306 NetworkSecurityConfig::GetInstance().baseConfig_.cleartextTrafficPermitted_ = false;
307 std::vector<DomainConfig> domainConfigs;
308 DomainConfig domainConfig;
309 domainConfig.cleartextTrafficPermitted_ = true;
310 std::vector<Domain> domains;
311 Domain domain;
312 domain.domainName_ = "www.text.com";
313 domains.push_back(domain);
314 domainConfig.domains_ = domains;
315 domainConfigs.push_back(domainConfig);
316 std::cout << "IsCleartextPermitted001 In" << std::endl;
317 bool isclearpermitted;
318 auto ret = NetworkSecurityConfig::GetInstance().IsCleartextPermitted("www.text.com", isclearpermitted);
319 EXPECT_EQ(ret, 0);
320 auto ret2 = NetworkSecurityConfig::GetInstance().IsCleartextPermitted("www.text2.com", isclearpermitted);
321 EXPECT_EQ(ret, 0);
322 }
323
324 /**
325 * @tc.name: IsCACertFileNameTest002
326 * @tc.desc: Test NetworkSecurityConfig::IsCACertFileName
327 * @tc.type: FUNC
328 */
329 HWTEST_F(NetworkSecurityConfigTest, IsCACertFileNameTest002, TestSize.Level1)
330 {
331 std::string fileName("c");
332 std::cout << "IsCACertFileNameTest002 In" << std::endl;
333 auto ret = NetworkSecurityConfig::GetInstance().IsCACertFileName(fileName.c_str());
334 EXPECT_NE(ret, true);
335 }
336
337 /**
338 * @tc.name: AddSurfixToCACertFileNameTest002
339 * @tc.desc: Test NetworkSecurityConfig::AddSurfixToCACertFileName
340 * @tc.type: FUNC
341 */
342 HWTEST_F(NetworkSecurityConfigTest, AddSurfixToCACertFileNameTest002, TestSize.Level1)
343 {
344 std::string caPath("/etc/security/certificates/test");
345 std::set<std::string> allFileNames;
346 allFileNames.insert("123");
347 std::string caFile("cacert.pem");
348 std::cout << "AddSurfixToCACertFileNameTest002 In" << std::endl;
349 NetworkSecurityConfig::GetInstance().AddSurfixToCACertFileName(caPath, allFileNames, caFile);
350 EXPECT_EQ(allFileNames.size(), 2);
351 }
352
353 /**
354 * @tc.name: IsPinOpenModeTest001
355 * @tc.desc: Test NetworkSecurityConfig::IsPinOpenMode
356 * @tc.type: FUNC
357 */
358 HWTEST_F(NetworkSecurityConfigTest, IsPinOpenModeTest001, TestSize.Level1)
359 {
360 NetworkSecurityConfig networksecurityconfig;
361 Domain domain1;
362 domain1.domainName_ = "example.com";
363 DomainConfig config;
364 config.domains_.push_back(domain1);
365 networksecurityconfig.domainConfigs_.push_back(config);
366 std::string hostname("example.com");
367 std::cout << "IsPinOpenModeTest001 In" << std::endl;
368 auto ret = networksecurityconfig.IsPinOpenMode(hostname);
369 EXPECT_NE(ret, true);
370 hostname = "example.com2";
371 ret = networksecurityconfig.IsPinOpenMode(hostname);
372 EXPECT_NE(ret, true);
373 }
374
375 /**
376 * @tc.name: IsPinOpenModeTest002
377 * @tc.desc: Test NetworkSecurityConfig::IsPinOpenMode
378 * @tc.type: FUNC
379 */
380 HWTEST_F(NetworkSecurityConfigTest, IsPinOpenModeTest002, TestSize.Level1)
381 {
382 NetworkSecurityConfig networksecurityconfig;
383 Domain domain1;
384 domain1.domainName_ = "example.com";
385 Pin pin;
386 pin.digestAlgorithm_ = "123";
387 pin.digest_ = "123";
388 PinSet pinset;
389 pinset.isOpenMode = true;
390 pinset.shouldVerifyRootCa_ = true;
391 pinset.pins_.push_back(pin);
392 pinset.expiration_ = "123";
393 DomainConfig config;
394 config.domains_.push_back(domain1);
395 config.pinSet_ = pinset;
396 networksecurityconfig.domainConfigs_.push_back(config);
397 std::string hostname = "example.com";
398 std::cout << "IsPinOpenModeTest002 In" << std::endl;
399 auto ret = networksecurityconfig.IsPinOpenModeVerifyRootCa(hostname);
400 EXPECT_EQ(ret, true);
401 }
402
403 /**
404 * @tc.name: IsPinOpenModeVerifyRootCaTest001
405 * @tc.desc: Test NetworkSecurityConfig::IsPinOpenModeVerifyRootCa
406 * @tc.type: FUNC
407 */
408 HWTEST_F(NetworkSecurityConfigTest, IsPinOpenModeVerifyRootCaTest001, TestSize.Level1)
409 {
410 NetworkSecurityConfig networksecurityconfig;
411 Domain domain1;
412 domain1.domainName_ = "example.com";
413 DomainConfig config;
414 config.domains_.push_back(domain1);
415 networksecurityconfig.domainConfigs_.push_back(config);
416 std::string hostname;
417 std::cout << "IsPinOpenModeVerifyRootCaTest001 In" << std::endl;
418 auto ret = networksecurityconfig.IsPinOpenModeVerifyRootCa(hostname);
419 EXPECT_NE(ret, true);
420 hostname = "example.com";
421 ret = networksecurityconfig.IsPinOpenModeVerifyRootCa(hostname);
422 hostname = "example.com2";
423 ret = networksecurityconfig.IsPinOpenModeVerifyRootCa(hostname);
424 EXPECT_NE(ret, true);
425 }
426
427 /**
428 * @tc.name: IsPinOpenModeVerifyRootCaTest002
429 * @tc.desc: Test NetworkSecurityConfig::IsPinOpenModeVerifyRootCa
430 * @tc.type: FUNC
431 */
432 HWTEST_F(NetworkSecurityConfigTest, IsPinOpenModeVerifyRootCaTest002, TestSize.Level1)
433 {
434 NetworkSecurityConfig networksecurityconfig;
435 Domain domain1;
436 domain1.domainName_ = "example.com";
437 Pin pin;
438 pin.digestAlgorithm_ = "123";
439 pin.digest_ = "123";
440 PinSet pinset;
441 pinset.isOpenMode = true;
442 pinset.shouldVerifyRootCa_ = true;
443 pinset.pins_.push_back(pin);
444 pinset.expiration_ = "123";
445 DomainConfig config;
446 config.domains_.push_back(domain1);
447 config.pinSet_ = pinset;
448 networksecurityconfig.domainConfigs_.push_back(config);
449 std::string hostname = "example.com";
450 std::cout << "IsPinOpenModeVerifyRootCaTest002 In" << std::endl;
451 auto ret = networksecurityconfig.IsPinOpenModeVerifyRootCa(hostname);
452 EXPECT_EQ(ret, true);
453 }
454
455 /**
456 * @tc.name: IsPinOpenModeVerifyRootCaTest003
457 * @tc.desc: Test NetworkSecurityConfig::IsPinOpenModeVerifyRootCa
458 * @tc.type: FUNC
459 */
460 HWTEST_F(NetworkSecurityConfigTest, IsPinOpenModeVerifyRootCaTest003, TestSize.Level1)
461 {
462 NetworkSecurityConfig networksecurityconfig;
463 Domain domain1;
464 domain1.domainName_ = "example.com";
465 Pin pin;
466 pin.digestAlgorithm_ = "123";
467 pin.digest_ = "123";
468 PinSet pinset;
469 pinset.isOpenMode = false;
470 pinset.shouldVerifyRootCa_ = true;
471 pinset.pins_.push_back(pin);
472 pinset.expiration_ = "123";
473 DomainConfig config;
474 config.domains_.push_back(domain1);
475 config.pinSet_ = pinset;
476 networksecurityconfig.domainConfigs_.push_back(config);
477 std::string hostname = "example.com";
478 std::cout << "IsPinOpenModeVerifyRootCaTest003 In" << std::endl;
479 auto ret = networksecurityconfig.IsPinOpenModeVerifyRootCa(hostname);
480 EXPECT_NE(ret, true);
481 }
482
483 HWTEST_F(NetworkSecurityConfigTest, IsPinOpenModeVerifyRootCaTest004, TestSize.Level1)
484 {
485 NetworkSecurityConfig networksecurityconfig;
486 std::string hostname("");
487 auto ret = networksecurityconfig.IsPinOpenModeVerifyRootCa(hostname);
488 EXPECT_FALSE(ret);
489 }
490
491 /**
492 * @tc.name: GetPinSetForHostNameTest001
493 * @tc.desc: Test NetworkSecurityConfig::GetPinSetForHostName
494 * @tc.type: FUNC
495 */
496 HWTEST_F(NetworkSecurityConfigTest, GetPinSetForHostNameTest001, TestSize.Level1)
497 {
498 NetworkSecurityConfig networksecurityconfig;
499 Domain domain1;
500 domain1.domainName_ = "example.com";
501 DomainConfig config;
502 config.domains_.push_back(domain1);
503 networksecurityconfig.domainConfigs_.push_back(config);
504 std::string hostname = "example.com";
505 std::string pins;
506 std::cout << "GetPinSetForHostNameTest001 In" << std::endl;
507 auto ret = networksecurityconfig.GetPinSetForHostName(hostname, pins);
508 EXPECT_NE(ret, true);
509 hostname = "example.com2";
510 ret = networksecurityconfig.GetPinSetForHostName(hostname, pins);
511 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
512 }
513
514 /**
515 * @tc.name: GetPinSetForHostNameTest002
516 * @tc.desc: Test NetworkSecurityConfig::GetPinSetForHostName
517 * @tc.type: FUNC
518 */
519 HWTEST_F(NetworkSecurityConfigTest, GetPinSetForHostNameTest002, TestSize.Level1)
520 {
521 NetworkSecurityConfig networksecurityconfig;
522 Domain domain1;
523 domain1.domainName_ = "example.com";
524 Pin pin;
525 pin.digestAlgorithm_ = "123";
526 pin.digest_ = "123";
527 PinSet pinset;
528 pinset.isOpenMode = true;
529 pinset.shouldVerifyRootCa_ = true;
530 pinset.pins_.push_back(pin);
531 pinset.expiration_ = "123";
532 DomainConfig config;
533 config.domains_.push_back(domain1);
534 config.pinSet_ = pinset;
535 networksecurityconfig.domainConfigs_.push_back(config);
536 std::string hostname = "example.com";
537 std::string pins;
538 std::cout << "GetPinSetForHostNameTest002 In" << std::endl;
539 auto ret = networksecurityconfig.GetPinSetForHostName(hostname, pins);
540 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
541 }
542
543 /**
544 * @tc.name: GetPinSetForHostNameTest003
545 * @tc.desc: Test NetworkSecurityConfig::GetPinSetForHostName
546 * @tc.type: FUNC
547 */
548 HWTEST_F(NetworkSecurityConfigTest, GetPinSetForHostNameTest003, TestSize.Level1)
549 {
550 NetworkSecurityConfig networksecurityconfig;
551 Domain domain1;
552 domain1.domainName_ = "example.com";
553 Pin pin;
554 pin.digestAlgorithm_ = "123";
555 pin.digest_ = "123";
556 PinSet pinset;
557 pinset.isOpenMode = true;
558 pinset.shouldVerifyRootCa_ = true;
559 pinset.pins_.push_back(pin);
560 pinset.expiration_ = "";
561 DomainConfig config;
562 config.domains_.push_back(domain1);
563 config.pinSet_ = pinset;
564 networksecurityconfig.domainConfigs_.push_back(config);
565 std::string hostname = "example.com";
566 std::string pins;
567 std::cout << "GetPinSetForHostNameTest003 In" << std::endl;
568 auto ret = networksecurityconfig.GetPinSetForHostName(hostname, pins);
569 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
570 pins = "123";
571 ret = networksecurityconfig.GetPinSetForHostName(hostname, pins);
572 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
573 }
574
575 HWTEST_F(NetworkSecurityConfigTest, GetPinSetForHostNameTest004, TestSize.Level1)
576 {
577 NetworkSecurityConfig networksecurityconfig;
578 std::string hostname("www.example.com");
579 std::string pins;
580 auto ret = networksecurityconfig.GetPinSetForHostName(hostname, pins);
581 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
582 }
583
584 HWTEST_F(NetworkSecurityConfigTest, GetTrustAnchorsForHostName001, TestSize.Level1)
585 {
586 NetworkSecurityConfig networksecurityconfig;
587 std::string hostname("www.example.com");
588 std::vector<std::string> certs;
589 auto ret = networksecurityconfig.GetTrustAnchorsForHostName(hostname, certs);
590 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
591 }
592
593 /**
594 * @tc.name: IsCleartextPermittedTest001
595 * @tc.desc: Test NetworkSecurityConfig::IsCleartextPermitted
596 * @tc.type: FUNC
597 */
598 HWTEST_F(NetworkSecurityConfigTest, IsCleartextPermittedTest001, TestSize.Level1)
599 {
600 std::string hostname = "example.com";
601 NetworkSecurityConfig networksecurityconfig;
602 bool cleartextPermitted = true;
603 auto ret = networksecurityconfig.IsCleartextPermitted(hostname, cleartextPermitted);
604 Domain domain1;
605 domain1.domainName_ = "example.com";
606 DomainConfig config;
607 config.domains_.push_back(domain1);
608 networksecurityconfig.domainConfigs_.push_back(config);
609 std::cout << "IsCleartextPermittedTest001 In" << std::endl;
610 ret = networksecurityconfig.IsCleartextPermitted(hostname, cleartextPermitted);
611 EXPECT_NE(ret, true);
612 hostname = "example.com2";
613 ret = networksecurityconfig.IsCleartextPermitted(hostname, cleartextPermitted);
614 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
615 }
616
617 HWTEST_F(NetworkSecurityConfigTest, IsCleartextPermittedTest002, TestSize.Level1)
618 {
619 NetworkSecurityConfig networksecurityconfig;
620 bool isclearpermitted;
621 auto ret = networksecurityconfig.IsCleartextPermitted(isclearpermitted);
622 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
623 }
624
625 HWTEST_F(NetworkSecurityConfigTest, IsCleartextPermittedTest003, TestSize.Level1)
626 {
627 NetworkSecurityConfig networksecurityconfig;
628 bool isclearpermitted;
629 auto ret = networksecurityconfig.IsCleartextPermitted("www.testCleartextPermitted.com", isclearpermitted);
630 EXPECT_EQ(ret, NETMANAGER_SUCCESS);
631 }
632
633 HWTEST_F(NetworkSecurityConfigTest, IsUserDnsCacheTest001, TestSize.Level1)
634 {
635 NetworkSecurityConfig networksecurityconfig;
636 bool isUserDnsCache = networksecurityconfig.isUserDnsCache_;
637 networksecurityconfig.isUserDnsCache_ = false;
638 auto ret = networksecurityconfig.IsUserDnsCache();
639 EXPECT_FALSE(ret);
640 networksecurityconfig.isUserDnsCache_ = isUserDnsCache;
641 }
642
643 HWTEST_F(NetworkSecurityConfigTest, IsCleartextCfgByComponentTest001, TestSize.Level1)
644 {
645 NetworkSecurityConfig networksecurityconfig;
646 bool isCleartextCfg;
647 EXPECT_EQ(networksecurityconfig.IsCleartextCfgByComponent("Network Kit", isCleartextCfg), NETMANAGER_SUCCESS);
648 EXPECT_TRUE(isCleartextCfg);
649 EXPECT_EQ(networksecurityconfig.IsCleartextCfgByComponent("ArkWeb", isCleartextCfg), NETMANAGER_SUCCESS);
650 EXPECT_FALSE(isCleartextCfg);
651 EXPECT_EQ(networksecurityconfig.IsCleartextCfgByComponent("RCP", isCleartextCfg), NETMANAGER_ERR_INVALID_PARAMETER);
652 }
653
654 /**
655 * @tc.name: HWTEST_F(NetworkSecurityConfigTest, ParseJsonComponentCfg001, TestSize.Level1)
656 * @tc.desc: Test NetworkSecurityConfig::ParseJsonComponentCfg, not applying for
657 * @tc.type: FUNC
658 */
659 HWTEST_F(NetworkSecurityConfigTest, ParseJsonComponentCfg001, TestSize.Level1)
660 {
661 cJSON *root = nullptr;
662 ComponentCfg componentCfg;
663 std::string jsonTxt(TEST_COMPONENT_Network);
664 BuildTestJsonObject(jsonTxt, root);
665 std::cout << "ParseJsonComponentCfg001 In" << std::endl;
666 NetworkSecurityConfig::GetInstance().ParseJsonComponentCfg(root, componentCfg);
667 EXPECT_FALSE(componentCfg["NetworkKit"]);
668 }
669
670 /**
671 * @tc.name: HWTEST_F(NetworkSecurityConfigTest, ParseJsonComponentCfg002, TestSize.Level1)
672 * @tc.desc: Test NetworkSecurityConfig::ParseJsonComponentCfg, not applying for
673 * @tc.type: FUNC
674 */
675 HWTEST_F(NetworkSecurityConfigTest, ParseJsonComponentCfg002, TestSize.Level1)
676 {
677 cJSON *root = nullptr;
678 ComponentCfg componentCfg;
679 std::string jsonTxt(TEST_COMPONENT_ArkWeb);
680 BuildTestJsonObject(jsonTxt, root);
681 std::cout << "ParseJsonComponentCfg002 In" << std::endl;
682 NetworkSecurityConfig::GetInstance().ParseJsonComponentCfg(root, componentCfg, "ArkWeb");
683 EXPECT_FALSE(componentCfg["ArkWeb"]);
684 }
685
686 /**
687 * @tc.name: HWTEST_F(NetworkSecurityConfigTest, ParseJsonComponentCfg003, TestSize.Level1)
688 * @tc.desc: Test NetworkSecurityConfig::ParseJsonComponentCfg, not applying for
689 * @tc.type: FUNC
690 */
691 HWTEST_F(NetworkSecurityConfigTest, ParseJsonComponentCfg003, TestSize.Level1)
692 {
693 cJSON *root = nullptr;
694 ComponentCfg componentCfg;
695 NetworkSecurityConfig::GetInstance().ParseJsonComponentCfg(root, componentCfg);
696 std::string jsonTxt(TEST_COMPONENT_ArkWeb);
697 BuildTestJsonObject(jsonTxt, root);
698 std::cout << "ParseJsonComponentCfg003 In" << std::endl;
699 NetworkSecurityConfig::GetInstance().ParseJsonComponentCfg(root, componentCfg);
700 EXPECT_FALSE(componentCfg["ArkWeb"]);
701 }
702 }
703 }
704