1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17
18 #include "certificate_openssl_common.h"
19 #include "cf_blob.h"
20 #include "cf_log.h"
21 #include "cf_mock.h"
22 #include "cf_object_base.h"
23 #include "cf_result.h"
24 #include "crypto_x509_test_common.h"
25 #include "memory_mock.h"
26 #include "securec.h"
27 #include "string"
28 #include "x509_trust_anchor.h"
29 #include "x509_cert_chain.h"
30 #include "x509_cert_chain_openssl.h"
31 #include "x509_certificate_openssl.h"
32 #include "crypto_x509_cert_chain_data_pem.h"
33 #include "crypto_x509_cert_chain_data_pem_added.h"
34 #include "cert_crl_common.h"
35 #include "fwk_class.h"
36
37 #define OID_STR_MAX_LEN 128
38 #define MAX_CERT_NUM 256
39 #define DEMO_CERT_ARRAY_SIZE 2
40
41 using namespace std;
42 using namespace testing::ext;
43 using namespace CFMock;
44
45 using ::testing::_;
46 using ::testing::AnyNumber;
47 using ::testing::Invoke;
48 using ::testing::Return;
49
50 namespace {
51 class CryptoX509CertChainTest : public testing::Test {
52 public:
53 static void SetUpTestCase();
54 static void TearDownTestCase();
55 void SetUp();
56 void TearDown();
57 };
58
59 static HcfCertChain *g_certChainP7b = nullptr;
60 static HcfX509Certificate *g_x509CertObj = nullptr;
61 static HcfX509CertChainSpi *g_certChainP7bSpi = nullptr;
62 static HcfX509CertChainSpi *g_certChainPemSpi = nullptr;
63 static HcfX509CertChainSpi *g_certChainDerSpi = nullptr;
64 constexpr uint32_t TEST_MAX_CERT_NUM = 257; /* max certs number of a certchain */
65
66 static const char TEST_CERT_CHAIN_PEM[] =
67 "-----BEGIN CERTIFICATE-----\r\n"
68 "MIIJ7DCCCNSgAwIBAgIMTkADpl62gfh/S9jrMA0GCSqGSIb3DQEBCwUAMFAxCzAJ\r\n"
69 "BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H\r\n"
70 "bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yNDA3MDgwMTQxMDJaFw0y\r\n"
71 "NTA4MDkwMTQxMDFaMIGAMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHYmVpamluZzEQ\r\n"
72 "MA4GA1UEBxMHYmVpamluZzE5MDcGA1UEChMwQmVpamluZyBCYWlkdSBOZXRjb20g\r\n"
73 "U2NpZW5jZSBUZWNobm9sb2d5IENvLiwgTHRkMRIwEAYDVQQDEwliYWlkdS5jb20w\r\n"
74 "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1wFMskJ2dseOqoHptNwot\r\n"
75 "FOhdBERsZ4VQnRNKXEEXMQEfgbNtScQ+C/Z+IpRAt1EObhYlifn74kt2nTsCQLng\r\n"
76 "jfQkRVBuO/6PNGKdlCYGBeGqAL7xR+LOyHnpH9mwCBJc+WVt2zYM9I1clpXCJa+I\r\n"
77 "tsq6qpb1AGoQxRDZ2n4K8Gd61wgNCPHDHc/Lk9NPJoUBMvYWvEe5lKhHsJtWtHe4\r\n"
78 "QC3y58Vi+r5R0PWn2hyTBr9fCo58p/stDiRqp9Irtmi95YhwkNkmgwpMB8RhcGoN\r\n"
79 "h+Uw5TkPZVj4AVaoPT1ED/GMKZev0+ypmp0+nmjVg2x7yUfLUfp3X7oBdI4TS2hv\r\n"
80 "AgMBAAGjggaTMIIGjzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADCBjgYI\r\n"
81 "KwYBBQUHAQEEgYEwfzBEBggrBgEFBQcwAoY4aHR0cDovL3NlY3VyZS5nbG9iYWxz\r\n"
82 "aWduLmNvbS9jYWNlcnQvZ3Nyc2FvdnNzbGNhMjAxOC5jcnQwNwYIKwYBBQUHMAGG\r\n"
83 "K2h0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL2dzcnNhb3Zzc2xjYTIwMTgwVgYD\r\n"
84 "VR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu\r\n"
85 "Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQICMD8GA1UdHwQ4MDYw\r\n"
86 "NKAyoDCGLmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3Nyc2FvdnNzbGNhMjAx\r\n"
87 "OC5jcmwwggNhBgNVHREEggNYMIIDVIIJYmFpZHUuY29tggxiYWlmdWJhby5jb22C\r\n"
88 "DHd3dy5iYWlkdS5jboIQd3d3LmJhaWR1LmNvbS5jboIPbWN0LnkubnVvbWkuY29t\r\n"
89 "ggthcG9sbG8uYXV0b4IGZHd6LmNuggsqLmJhaWR1LmNvbYIOKi5iYWlmdWJhby5j\r\n"
90 "b22CESouYmFpZHVzdGF0aWMuY29tgg4qLmJkc3RhdGljLmNvbYILKi5iZGltZy5j\r\n"
91 "b22CDCouaGFvMTIzLmNvbYILKi5udW9taS5jb22CDSouY2h1YW5rZS5jb22CDSou\r\n"
92 "dHJ1c3Rnby5jb22CDyouYmNlLmJhaWR1LmNvbYIQKi5leXVuLmJhaWR1LmNvbYIP\r\n"
93 "Ki5tYXAuYmFpZHUuY29tgg8qLm1iZC5iYWlkdS5jb22CESouZmFueWkuYmFpZHUu\r\n"
94 "Y29tgg4qLmJhaWR1YmNlLmNvbYIMKi5taXBjZG4uY29tghAqLm5ld3MuYmFpZHUu\r\n"
95 "Y29tgg4qLmJhaWR1cGNzLmNvbYIMKi5haXBhZ2UuY29tggsqLmFpcGFnZS5jboIN\r\n"
96 "Ki5iY2Vob3N0LmNvbYIQKi5zYWZlLmJhaWR1LmNvbYIOKi5pbS5iYWlkdS5jb22C\r\n"
97 "EiouYmFpZHVjb250ZW50LmNvbYILKi5kbG5lbC5jb22CCyouZGxuZWwub3JnghIq\r\n"
98 "LmR1ZXJvcy5iYWlkdS5jb22CDiouc3UuYmFpZHUuY29tgggqLjkxLmNvbYISKi5o\r\n"
99 "YW8xMjMuYmFpZHUuY29tgg0qLmFwb2xsby5hdXRvghIqLnh1ZXNodS5iYWlkdS5j\r\n"
100 "b22CESouYmouYmFpZHViY2UuY29tghEqLmd6LmJhaWR1YmNlLmNvbYIOKi5zbWFy\r\n"
101 "dGFwcHMuY26CDSouYmR0anJjdi5jb22CDCouaGFvMjIyLmNvbYIMKi5oYW9rYW4u\r\n"
102 "Y29tgg8qLnBhZS5iYWlkdS5jb22CESoudmQuYmRzdGF0aWMuY29tghEqLmNsb3Vk\r\n"
103 "LmJhaWR1LmNvbYISY2xpY2suaG0uYmFpZHUuY29tghBsb2cuaG0uYmFpZHUuY29t\r\n"
104 "ghBjbS5wb3MuYmFpZHUuY29tghB3bi5wb3MuYmFpZHUuY29tghR1cGRhdGUucGFu\r\n"
105 "LmJhaWR1LmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0j\r\n"
106 "BBgwFoAU+O9/8s14Z6jeb48kjYjxhwMCs+swHQYDVR0OBBYEFK3KAFTK2OWUto+D\r\n"
107 "2ieAKE5ZJDsYMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgCvGBoo1oyj4KmK\r\n"
108 "TJxnqwn4u7wiuq68sTijoZ3T+bYDDQAAAZCQAGzzAAAEAwBHMEUCIFwF5Jc+zyIF\r\n"
109 "Gnpxchz9fY1qzlqg/oVrs2nnuxcpBuuIAiEAu3scD6u51VOP/9aMSqR2yKHZLbHw\r\n"
110 "Fos9U7AzSdLIZa8AdgAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAA\r\n"
111 "AZCQAG3iAAAEAwBHMEUCIBBYQ6NP7VUDgfktWRg5QxT23QAbTqYovtV2D9O8Qc0T\r\n"
112 "AiEA2P7+44EvQ5adwL1y56oyxv/m+Gujeia7wpo7+Xbhv6MAdwAN4fIwK9MNwUBi\r\n"
113 "EgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZCQAGy+AAAEAwBIMEYCIQDU7Hxtx4c9\r\n"
114 "p9Jd+cr+DCMtyRYSc0b8cktCcbMmtDE9ygIhAIpJd4yb7jtxnaEC8oLWDushbK1v\r\n"
115 "0BIuZu6YrQvsf1nQMA0GCSqGSIb3DQEBCwUAA4IBAQCh9DfewC012/+fHZpmSpCn\r\n"
116 "y+h3/+ClAZ8cJVO+LCmYz9r6bkyhcFquJ5qUpyoW8AYtU0oUFlqH6zLIyujW+7lq\r\n"
117 "wFxB6NsXKKdwBKmMbmnZr2Fca5f+TtwD/GDJgG/egr7fI1u8194j9KEl8cK8Fujm\r\n"
118 "+UsoWklEzd1It9xkLazJR/6SwbhSR4k610pvj8rQrS4wAewuYFDaDOfqsHtDIsx1\r\n"
119 "tZfIfoB/O1wGWZQJU2M9wC8uYq0jQ2Q0MQJXuyJz04MFiGrPAS1Uk8mWd8M+3p65\r\n"
120 "Xy4iAf8uWzs1M+fcwBE8BNBghkQgE+FSUsldm+5ZBCazU0joJswzldWisXMLTagI\r\n"
121 "-----END CERTIFICATE-----\r\n"
122 "-----BEGIN CERTIFICATE-----\r\n"
123 "MIIETjCCAzagAwIBAgINAe5fIh38YjvUMzqFVzANBgkqhkiG9w0BAQsFADBMMSAw\r\n"
124 "HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFs\r\n"
125 "U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODExMjEwMDAwMDBaFw0yODEx\r\n"
126 "MjEwMDAwMDBaMFAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52\r\n"
127 "LXNhMSYwJAYDVQQDEx1HbG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODCCASIw\r\n"
128 "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdaydUMGCEAI9WXD+uu3Vxoa2uP\r\n"
129 "UGATeoHLl+6OimGUSyZ59gSnKvuk2la77qCk8HuKf1UfR5NhDW5xUTolJAgvjOH3\r\n"
130 "idaSz6+zpz8w7bXfIa7+9UQX/dhj2S/TgVprX9NHsKzyqzskeU8fxy7quRU6fBhM\r\n"
131 "abO1IFkJXinDY+YuRluqlJBJDrnw9UqhCS98NE3QvADFBlV5Bs6i0BDxSEPouVq1\r\n"
132 "lVW9MdIbPYa+oewNEtssmSStR8JvA+Z6cLVwzM0nLKWMjsIYPJLJLnNvBhBWk0Cq\r\n"
133 "o8VS++XFBdZpaFwGue5RieGKDkFNm5KQConpFmvv73W+eka440eKHRwup08CAwEA\r\n"
134 "AaOCASkwggElMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G\r\n"
135 "A1UdDgQWBBT473/yzXhnqN5vjySNiPGHAwKz6zAfBgNVHSMEGDAWgBSP8Et/qC5F\r\n"
136 "JK5NUPpjmove4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6\r\n"
137 "Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0fBC8wLTAroCmgJ4Yl\r\n"
138 "aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBHBgNVHSAEQDA+\r\n"
139 "MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j\r\n"
140 "b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAJmQyC1fQorUC2bbmANz\r\n"
141 "EdSIhlIoU4r7rd/9c446ZwTbw1MUcBQJfMPg+NccmBqixD7b6QDjynCy8SIwIVbb\r\n"
142 "0615XoFYC20UgDX1b10d65pHBf9ZjQCxQNqQmJYaumxtf4z1s4DfjGRzNpZ5eWl0\r\n"
143 "6r/4ngGPoJVpjemEuunl1Ig423g7mNA2eymw0lIYkN5SQwCuaifIFJ6GlazhgDEw\r\n"
144 "fpolu4usBCOmmQDo8dIm7A9+O4orkjgTHY+GzYZSR+Y0fFukAj6KYXwidlNalFMz\r\n"
145 "hriSqHKvoflShx8xpfywgVcvzfTO3PYkz6fiNJBonf6q8amaEsybwMbDqKWwIX7e\r\n"
146 "SPY=\r\n"
147 "-----END CERTIFICATE-----\r\n"
148 "-----BEGIN CERTIFICATE-----\r\n"
149 "MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G\r\n"
150 "A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp\r\n"
151 "Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4\r\n"
152 "MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG\r\n"
153 "A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\r\n"
154 "hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8\r\n"
155 "RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT\r\n"
156 "gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm\r\n"
157 "KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd\r\n"
158 "QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ\r\n"
159 "XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw\r\n"
160 "DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o\r\n"
161 "LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU\r\n"
162 "RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp\r\n"
163 "jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK\r\n"
164 "6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX\r\n"
165 "mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs\r\n"
166 "Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH\r\n"
167 "WD9f\r\n"
168 "-----END CERTIFICATE-----\r\n";
169
170 static const char TEST_CERT_CHAIN_PEM_NOT_ROOT[] =
171 "-----BEGIN CERTIFICATE-----\r\n"
172 "MIIJ7DCCCNSgAwIBAgIMTkADpl62gfh/S9jrMA0GCSqGSIb3DQEBCwUAMFAxCzAJ\r\n"
173 "BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H\r\n"
174 "bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yNDA3MDgwMTQxMDJaFw0y\r\n"
175 "NTA4MDkwMTQxMDFaMIGAMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHYmVpamluZzEQ\r\n"
176 "MA4GA1UEBxMHYmVpamluZzE5MDcGA1UEChMwQmVpamluZyBCYWlkdSBOZXRjb20g\r\n"
177 "U2NpZW5jZSBUZWNobm9sb2d5IENvLiwgTHRkMRIwEAYDVQQDEwliYWlkdS5jb20w\r\n"
178 "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1wFMskJ2dseOqoHptNwot\r\n"
179 "FOhdBERsZ4VQnRNKXEEXMQEfgbNtScQ+C/Z+IpRAt1EObhYlifn74kt2nTsCQLng\r\n"
180 "jfQkRVBuO/6PNGKdlCYGBeGqAL7xR+LOyHnpH9mwCBJc+WVt2zYM9I1clpXCJa+I\r\n"
181 "tsq6qpb1AGoQxRDZ2n4K8Gd61wgNCPHDHc/Lk9NPJoUBMvYWvEe5lKhHsJtWtHe4\r\n"
182 "QC3y58Vi+r5R0PWn2hyTBr9fCo58p/stDiRqp9Irtmi95YhwkNkmgwpMB8RhcGoN\r\n"
183 "h+Uw5TkPZVj4AVaoPT1ED/GMKZev0+ypmp0+nmjVg2x7yUfLUfp3X7oBdI4TS2hv\r\n"
184 "AgMBAAGjggaTMIIGjzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADCBjgYI\r\n"
185 "KwYBBQUHAQEEgYEwfzBEBggrBgEFBQcwAoY4aHR0cDovL3NlY3VyZS5nbG9iYWxz\r\n"
186 "aWduLmNvbS9jYWNlcnQvZ3Nyc2FvdnNzbGNhMjAxOC5jcnQwNwYIKwYBBQUHMAGG\r\n"
187 "K2h0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL2dzcnNhb3Zzc2xjYTIwMTgwVgYD\r\n"
188 "VR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu\r\n"
189 "Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQICMD8GA1UdHwQ4MDYw\r\n"
190 "NKAyoDCGLmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3Nyc2FvdnNzbGNhMjAx\r\n"
191 "OC5jcmwwggNhBgNVHREEggNYMIIDVIIJYmFpZHUuY29tggxiYWlmdWJhby5jb22C\r\n"
192 "DHd3dy5iYWlkdS5jboIQd3d3LmJhaWR1LmNvbS5jboIPbWN0LnkubnVvbWkuY29t\r\n"
193 "ggthcG9sbG8uYXV0b4IGZHd6LmNuggsqLmJhaWR1LmNvbYIOKi5iYWlmdWJhby5j\r\n"
194 "b22CESouYmFpZHVzdGF0aWMuY29tgg4qLmJkc3RhdGljLmNvbYILKi5iZGltZy5j\r\n"
195 "b22CDCouaGFvMTIzLmNvbYILKi5udW9taS5jb22CDSouY2h1YW5rZS5jb22CDSou\r\n"
196 "dHJ1c3Rnby5jb22CDyouYmNlLmJhaWR1LmNvbYIQKi5leXVuLmJhaWR1LmNvbYIP\r\n"
197 "Ki5tYXAuYmFpZHUuY29tgg8qLm1iZC5iYWlkdS5jb22CESouZmFueWkuYmFpZHUu\r\n"
198 "Y29tgg4qLmJhaWR1YmNlLmNvbYIMKi5taXBjZG4uY29tghAqLm5ld3MuYmFpZHUu\r\n"
199 "Y29tgg4qLmJhaWR1cGNzLmNvbYIMKi5haXBhZ2UuY29tggsqLmFpcGFnZS5jboIN\r\n"
200 "Ki5iY2Vob3N0LmNvbYIQKi5zYWZlLmJhaWR1LmNvbYIOKi5pbS5iYWlkdS5jb22C\r\n"
201 "EiouYmFpZHVjb250ZW50LmNvbYILKi5kbG5lbC5jb22CCyouZGxuZWwub3JnghIq\r\n"
202 "LmR1ZXJvcy5iYWlkdS5jb22CDiouc3UuYmFpZHUuY29tgggqLjkxLmNvbYISKi5o\r\n"
203 "YW8xMjMuYmFpZHUuY29tgg0qLmFwb2xsby5hdXRvghIqLnh1ZXNodS5iYWlkdS5j\r\n"
204 "b22CESouYmouYmFpZHViY2UuY29tghEqLmd6LmJhaWR1YmNlLmNvbYIOKi5zbWFy\r\n"
205 "dGFwcHMuY26CDSouYmR0anJjdi5jb22CDCouaGFvMjIyLmNvbYIMKi5oYW9rYW4u\r\n"
206 "Y29tgg8qLnBhZS5iYWlkdS5jb22CESoudmQuYmRzdGF0aWMuY29tghEqLmNsb3Vk\r\n"
207 "LmJhaWR1LmNvbYISY2xpY2suaG0uYmFpZHUuY29tghBsb2cuaG0uYmFpZHUuY29t\r\n"
208 "ghBjbS5wb3MuYmFpZHUuY29tghB3bi5wb3MuYmFpZHUuY29tghR1cGRhdGUucGFu\r\n"
209 "LmJhaWR1LmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0j\r\n"
210 "BBgwFoAU+O9/8s14Z6jeb48kjYjxhwMCs+swHQYDVR0OBBYEFK3KAFTK2OWUto+D\r\n"
211 "2ieAKE5ZJDsYMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgCvGBoo1oyj4KmK\r\n"
212 "TJxnqwn4u7wiuq68sTijoZ3T+bYDDQAAAZCQAGzzAAAEAwBHMEUCIFwF5Jc+zyIF\r\n"
213 "Gnpxchz9fY1qzlqg/oVrs2nnuxcpBuuIAiEAu3scD6u51VOP/9aMSqR2yKHZLbHw\r\n"
214 "Fos9U7AzSdLIZa8AdgAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAA\r\n"
215 "AZCQAG3iAAAEAwBHMEUCIBBYQ6NP7VUDgfktWRg5QxT23QAbTqYovtV2D9O8Qc0T\r\n"
216 "AiEA2P7+44EvQ5adwL1y56oyxv/m+Gujeia7wpo7+Xbhv6MAdwAN4fIwK9MNwUBi\r\n"
217 "EgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZCQAGy+AAAEAwBIMEYCIQDU7Hxtx4c9\r\n"
218 "p9Jd+cr+DCMtyRYSc0b8cktCcbMmtDE9ygIhAIpJd4yb7jtxnaEC8oLWDushbK1v\r\n"
219 "0BIuZu6YrQvsf1nQMA0GCSqGSIb3DQEBCwUAA4IBAQCh9DfewC012/+fHZpmSpCn\r\n"
220 "y+h3/+ClAZ8cJVO+LCmYz9r6bkyhcFquJ5qUpyoW8AYtU0oUFlqH6zLIyujW+7lq\r\n"
221 "wFxB6NsXKKdwBKmMbmnZr2Fca5f+TtwD/GDJgG/egr7fI1u8194j9KEl8cK8Fujm\r\n"
222 "+UsoWklEzd1It9xkLazJR/6SwbhSR4k610pvj8rQrS4wAewuYFDaDOfqsHtDIsx1\r\n"
223 "tZfIfoB/O1wGWZQJU2M9wC8uYq0jQ2Q0MQJXuyJz04MFiGrPAS1Uk8mWd8M+3p65\r\n"
224 "Xy4iAf8uWzs1M+fcwBE8BNBghkQgE+FSUsldm+5ZBCazU0joJswzldWisXMLTagI\r\n"
225 "-----END CERTIFICATE-----\r\n"
226 "-----BEGIN CERTIFICATE-----\r\n"
227 "MIIETjCCAzagAwIBAgINAe5fIh38YjvUMzqFVzANBgkqhkiG9w0BAQsFADBMMSAw\r\n"
228 "HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFs\r\n"
229 "U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODExMjEwMDAwMDBaFw0yODEx\r\n"
230 "MjEwMDAwMDBaMFAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52\r\n"
231 "LXNhMSYwJAYDVQQDEx1HbG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODCCASIw\r\n"
232 "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdaydUMGCEAI9WXD+uu3Vxoa2uP\r\n"
233 "UGATeoHLl+6OimGUSyZ59gSnKvuk2la77qCk8HuKf1UfR5NhDW5xUTolJAgvjOH3\r\n"
234 "idaSz6+zpz8w7bXfIa7+9UQX/dhj2S/TgVprX9NHsKzyqzskeU8fxy7quRU6fBhM\r\n"
235 "abO1IFkJXinDY+YuRluqlJBJDrnw9UqhCS98NE3QvADFBlV5Bs6i0BDxSEPouVq1\r\n"
236 "lVW9MdIbPYa+oewNEtssmSStR8JvA+Z6cLVwzM0nLKWMjsIYPJLJLnNvBhBWk0Cq\r\n"
237 "o8VS++XFBdZpaFwGue5RieGKDkFNm5KQConpFmvv73W+eka440eKHRwup08CAwEA\r\n"
238 "AaOCASkwggElMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G\r\n"
239 "A1UdDgQWBBT473/yzXhnqN5vjySNiPGHAwKz6zAfBgNVHSMEGDAWgBSP8Et/qC5F\r\n"
240 "JK5NUPpjmove4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6\r\n"
241 "Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0fBC8wLTAroCmgJ4Yl\r\n"
242 "aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBHBgNVHSAEQDA+\r\n"
243 "MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j\r\n"
244 "b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAJmQyC1fQorUC2bbmANz\r\n"
245 "EdSIhlIoU4r7rd/9c446ZwTbw1MUcBQJfMPg+NccmBqixD7b6QDjynCy8SIwIVbb\r\n"
246 "0615XoFYC20UgDX1b10d65pHBf9ZjQCxQNqQmJYaumxtf4z1s4DfjGRzNpZ5eWl0\r\n"
247 "6r/4ngGPoJVpjemEuunl1Ig423g7mNA2eymw0lIYkN5SQwCuaifIFJ6GlazhgDEw\r\n"
248 "fpolu4usBCOmmQDo8dIm7A9+O4orkjgTHY+GzYZSR+Y0fFukAj6KYXwidlNalFMz\r\n"
249 "hriSqHKvoflShx8xpfywgVcvzfTO3PYkz6fiNJBonf6q8amaEsybwMbDqKWwIX7e\r\n"
250 "SPY=\r\n"
251 "-----END CERTIFICATE-----\r\n";
252
GetInvalidCertChainClass(void)253 static const char *GetInvalidCertChainClass(void)
254 {
255 return "HcfInvalidCertChain";
256 }
257
SetUpTestCase()258 void CryptoX509CertChainTest::SetUpTestCase()
259 {
260 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &g_certChainP7b);
261 ASSERT_EQ(ret, CF_SUCCESS);
262 ASSERT_NE(g_certChainP7b, nullptr);
263
264 HcfX509Certificate *x509CertObj = nullptr;
265 CfEncodingBlob inStream = { 0 };
266 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
267 inStream.encodingFormat = CF_FORMAT_PEM;
268 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
269 (void)HcfX509CertificateCreate(&inStream, &x509CertObj);
270 ASSERT_NE(x509CertObj, nullptr);
271 g_x509CertObj = x509CertObj;
272
273 HcfX509CertChainSpi *certChainSpi = nullptr;
274 ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
275 ASSERT_EQ(ret, CF_SUCCESS);
276 ASSERT_NE(certChainSpi, nullptr);
277 g_certChainP7bSpi = certChainSpi;
278 certChainSpi = nullptr;
279 ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataPem, &certChainSpi);
280 ASSERT_EQ(ret, CF_SUCCESS);
281 ASSERT_NE(certChainSpi, nullptr);
282 g_certChainPemSpi = certChainSpi;
283 certChainSpi = nullptr;
284 ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataDer, &certChainSpi);
285 ASSERT_EQ(ret, CF_SUCCESS);
286 ASSERT_NE(certChainSpi, nullptr);
287 g_certChainDerSpi = certChainSpi;
288 }
289
TearDownTestCase()290 void CryptoX509CertChainTest::TearDownTestCase()
291 {
292 CfObjDestroy(g_x509CertObj);
293 CfObjDestroy(g_certChainP7b);
294 CfObjDestroy(g_certChainP7bSpi);
295 CfObjDestroy(g_certChainPemSpi);
296 CfObjDestroy(g_certChainDerSpi);
297 }
298
SetUp()299 void CryptoX509CertChainTest::SetUp() {}
300
TearDown()301 void CryptoX509CertChainTest::TearDown() {}
302
303 /* invalid encodingBlob. */
304 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest001, TestSize.Level0)
305 {
306 HcfX509CertChainSpi *certChainSpi = nullptr;
307 CfResult ret = HcfX509CertChainByEncSpiCreate(nullptr, &certChainSpi);
308 ASSERT_EQ(ret, CF_INVALID_PARAMS);
309 }
310
311 /* invalid certChainSpi. */
312 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest002, TestSize.Level0)
313 {
314 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, nullptr);
315 ASSERT_EQ(ret, CF_INVALID_PARAMS);
316 }
317
318 /* The encoding format is CF_FORMAT_PKCS7 */
319 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest003, TestSize.Level0)
320 {
321 HcfX509CertChainSpi *certChainSpi = nullptr;
322 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
323 ASSERT_EQ(ret, CF_SUCCESS);
324 ASSERT_NE(certChainSpi, nullptr);
325
326 CfObjDestroy(certChainSpi);
327 }
328
329 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest004, TestSize.Level0)
330 {
331 HcfX509CertChainSpi *certChainSpi = nullptr;
332 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PKCS7 };
333 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataP7b.len, 0));
334 ASSERT_NE(inStream.data, nullptr);
335 memcpy_s(inStream.data, g_inStreamChainDataP7b.len, g_inStreamChainDataP7b.data, g_inStreamChainDataP7b.len);
336 inStream.len = g_inStreamChainDataP7b.len;
337 inStream.encodingFormat = g_inStreamChainDataP7b.encodingFormat;
338 inStream.data[0] = 0x77; // magic code 0x77
339
340 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
341 ASSERT_EQ(ret, CF_INVALID_PARAMS);
342
343 CfFree(inStream.data);
344 }
345
346 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest005, TestSize.Level0)
347 {
348 HcfX509CertChainSpi *certChainSpi = nullptr;
349 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PKCS7 };
350 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
351 ASSERT_NE(inStream.data, nullptr);
352 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
353 inStream.len = g_inStreamChainDataDer.len;
354
355 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
356 ASSERT_EQ(ret, CF_INVALID_PARAMS);
357
358 CfFree(inStream.data);
359 }
360
361 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest006, TestSize.Level0)
362 {
363 HcfX509CertChainSpi *certChainSpi = nullptr;
364 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PKCS7 };
365
366 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
367 ASSERT_EQ(ret, CF_INVALID_PARAMS);
368 }
369
370 /* The encoding format is CF_FORMAT_DER */
371 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest007, TestSize.Level0)
372 {
373 HcfX509CertChainSpi *certChainSpi = nullptr;
374 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataDer, &certChainSpi);
375 ASSERT_EQ(ret, CF_SUCCESS);
376 ASSERT_NE(certChainSpi, nullptr);
377
378 CfObjDestroy(certChainSpi);
379 }
380
381 /* Invalid encoding format. */
382 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest008, TestSize.Level0)
383 {
384 HcfX509CertChainSpi *certChainSpi = nullptr;
385 CfEncodingBlob inStream = { nullptr, 0, (CfEncodingFormat)(CF_FORMAT_PKCS7 + 1) };
386 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
387 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
388 inStream.len = g_inStreamChainDataDer.len;
389
390 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
391 ASSERT_EQ(ret, CF_INVALID_PARAMS);
392
393 CfFree(inStream.data);
394 }
395
396 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest009, TestSize.Level0)
397 {
398 HcfX509CertChainSpi *certChainSpi = nullptr;
399 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PEM };
400 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataPem.len, 0));
401 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataPem.data, g_inStreamChainDataPem.len);
402 inStream.len = g_inStreamChainDataPem.len;
403
404 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
405 ASSERT_EQ(ret, CF_SUCCESS);
406
407 CfFree(inStream.data);
408 CfObjDestroy(certChainSpi);
409 }
410
411 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest010, TestSize.Level0)
412 {
413 HcfX509CertChainSpi *certChainSpi = nullptr;
414 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PKCS7 };
415 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
416 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
417 inStream.len = ~0;
418
419 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
420 ASSERT_EQ(ret, CF_INVALID_PARAMS);
421
422 CfFree(inStream.data);
423 }
424
425 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest011, TestSize.Level0)
426 {
427 HcfX509CertChainSpi *certChainSpi = nullptr;
428 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PEM };
429
430 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
431 ASSERT_EQ(ret, CF_INVALID_PARAMS);
432 }
433
434 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest012, TestSize.Level0)
435 {
436 HcfX509CertChainSpi *certChainSpi = nullptr;
437 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_DER };
438 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
439 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
440 inStream.len = g_inStreamChainDataDer.len;
441 inStream.encodingFormat = g_inStreamChainDataDer.encodingFormat;
442 inStream.data[0] = 0x77; // magic code 0x77
443
444 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
445 ASSERT_EQ(ret, CF_INVALID_PARAMS);
446
447 CfFree(inStream.data);
448 }
449
450 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest013, TestSize.Level0)
451 {
452 HcfX509CertChainSpi *certChainSpi = nullptr;
453 SetMockFlag(true);
454 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
455 ASSERT_EQ(ret, CF_ERR_MALLOC);
456 SetMockFlag(false);
457 }
458
459 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest001, TestSize.Level0)
460 {
461 HcfX509CertChainSpi *certChainSpi;
462 CfResult ret = HcfX509CertChainByArrSpiCreate(nullptr, &certChainSpi);
463 ASSERT_EQ(ret, CF_INVALID_PARAMS);
464 }
465
466 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest002, TestSize.Level0)
467 {
468 HcfX509CertificateArray certArray;
469 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, nullptr);
470 ASSERT_EQ(ret, CF_INVALID_PARAMS);
471 }
472
473 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest003, TestSize.Level0)
474 {
475 HcfX509CertChainSpi *certChainSpi = nullptr;
476 HcfX509CertificateArray certArray;
477
478 HcfX509Certificate *x509CertObj = nullptr;
479 (void)HcfX509CertificateCreate(&g_inStreamSelfSignedCaCert, &x509CertObj);
480
481 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
482 ASSERT_NE(certArray.data, nullptr);
483 certArray.data[0] = x509CertObj;
484 certArray.count = 1;
485
486 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
487 ASSERT_EQ(ret, CF_SUCCESS);
488
489 // free memory
490 CfFree(certArray.data);
491 CfObjDestroy(x509CertObj);
492 CfObjDestroy(certChainSpi);
493 }
494
495 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest004, TestSize.Level0)
496 {
497 HcfX509CertChainSpi *certChainSpi = nullptr;
498 HcfX509CertificateArray certArray;
499
500 HcfX509Certificate *x509CertObj = nullptr;
501 CfEncodingBlob inStream = { 0 };
502 inStream.data = (uint8_t *)g_testSelfSignedCaCert;
503 inStream.encodingFormat = CF_FORMAT_PEM;
504 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
505 (void)HcfX509CertificateCreate(&inStream, &x509CertObj);
506
507 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
508 ASSERT_NE(certArray.data, nullptr);
509 certArray.data[0] = x509CertObj;
510 certArray.count = 0;
511
512 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
513 ASSERT_EQ(ret, CF_INVALID_PARAMS);
514
515 // free memory
516 CfFree(certArray.data);
517 CfObjDestroy(x509CertObj);
518 CfObjDestroy(certChainSpi);
519 }
520
521 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest005, TestSize.Level0)
522 {
523 HcfX509CertChainSpi *certChainSpi = nullptr;
524 HcfX509CertificateArray certArray;
525
526 HcfX509Certificate *x509CertObj = nullptr;
527 (void)HcfX509CertificateCreate(&g_inStreamSelfSignedCaCert, &x509CertObj);
528
529 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
530 ASSERT_NE(certArray.data, nullptr);
531 certArray.data[0] = x509CertObj;
532 certArray.count = TEST_MAX_CERT_NUM;
533
534 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
535 ASSERT_EQ(ret, CF_INVALID_PARAMS);
536
537 // free memory
538 CfFree(certArray.data);
539 CfObjDestroy(x509CertObj);
540 CfObjDestroy(certChainSpi);
541 }
542
543 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest006, TestSize.Level0)
544 {
545 ASSERT_NE(g_x509CertObj, nullptr);
546 HcfX509CertChainSpi *certChainSpi = nullptr;
547 HcfX509CertificateArray certArray;
548
549 HcfX509Certificate *x509CertObj = nullptr;
550 (void)HcfX509CertificateCreate(&g_inStreamSelfSignedCaCert, &x509CertObj);
551
552 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
553 ASSERT_NE(certArray.data, nullptr);
554 certArray.data[0] = x509CertObj;
555 certArray.count = 1;
556
557 x509CertObj->base.base.getClass = GetInvalidCertClass;
558 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
559 ASSERT_EQ(ret, CF_INVALID_PARAMS);
560
561 x509CertObj->base.base.getClass = g_x509CertObj->base.base.getClass;
562
563 CfFree(certArray.data);
564 CfObjDestroy(x509CertObj);
565 }
566
567 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest007, TestSize.Level0)
568 {
569 HcfX509CertificateArray certArray;
570 HcfX509Certificate *x509CertObj = nullptr;
571 (void)HcfX509CertificateCreate(&g_inStreamSelfSignedCaCert, &x509CertObj);
572
573 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
574 ASSERT_NE(certArray.data, nullptr);
575 certArray.data[0] = x509CertObj;
576 certArray.count = 1;
577
578 SetMockFlag(true);
579 HcfX509CertChainSpi *certChainSpi = nullptr;
580 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
581 ASSERT_EQ(ret, CF_ERR_MALLOC);
582 SetMockFlag(false);
583
584 CfFree(certArray.data);
585 CfObjDestroy(x509CertObj);
586 }
587
588 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest001, TestSize.Level0)
589 {
590 HcfX509CertificateArray certArray;
591 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, &certArray, nullptr);
592 ASSERT_EQ(ret, CF_INVALID_PARAMS);
593 }
594
595 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest002, TestSize.Level0)
596 {
597 HcfCertChain *pCertChain = nullptr;
598 CfResult ret = HcfCertChainCreate(nullptr, nullptr, &pCertChain);
599 ASSERT_EQ(ret, CF_INVALID_PARAMS);
600 }
601
602 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest003, TestSize.Level0)
603 {
604 HcfCertChain *pCertChain = nullptr;
605 HcfX509CertificateArray certArray;
606 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, &certArray, &pCertChain);
607 ASSERT_EQ(ret, CF_INVALID_PARAMS);
608 }
609
610 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest004, TestSize.Level0)
611 {
612 HcfCertChain *pCertChain = nullptr;
613 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &pCertChain);
614 ASSERT_EQ(ret, CF_SUCCESS);
615 ASSERT_NE(pCertChain, nullptr);
616
617 CfObjDestroy(pCertChain);
618 }
619
620 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest005, TestSize.Level0)
621 {
622 HcfCertChain *pCertChain = nullptr;
623 CfEncodingBlob inStream = { nullptr, 0, (CfEncodingFormat)(CF_FORMAT_PKCS7 + 1) };
624 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
625 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
626 inStream.len = g_inStreamChainDataDer.len;
627
628 CfResult ret = HcfCertChainCreate(&inStream, nullptr, &pCertChain);
629 ASSERT_EQ(ret, CF_INVALID_PARAMS);
630
631 CfFree(inStream.data);
632 }
633
634 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest001, TestSize.Level0)
635 {
636 ASSERT_NE(g_certChainP7bSpi, nullptr);
637 HcfX509CertificateArray certsList;
638 CfResult ret = g_certChainP7bSpi->engineGetCertList(nullptr, &certsList);
639 ASSERT_EQ(ret, CF_INVALID_PARAMS);
640 }
641
642 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest002, TestSize.Level0)
643 {
644 ASSERT_NE(g_certChainP7bSpi, nullptr);
645 CfResult ret = g_certChainP7bSpi->engineGetCertList(g_certChainP7bSpi, nullptr);
646 ASSERT_EQ(ret, CF_INVALID_PARAMS);
647 }
648
649 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest003, TestSize.Level0)
650 {
651 ASSERT_NE(g_certChainP7bSpi, nullptr);
652 HcfX509CertChainSpi *certChainSpi = nullptr;
653 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
654 ASSERT_EQ(ret, CF_SUCCESS);
655 ASSERT_NE(certChainSpi, nullptr);
656
657 certChainSpi->base.getClass = GetInvalidCertClass;
658 ret = certChainSpi->engineGetCertList(certChainSpi, nullptr);
659 ASSERT_EQ(ret, CF_INVALID_PARAMS);
660
661 certChainSpi->base.getClass = g_certChainP7bSpi->base.getClass;
662
663 CfObjDestroy(certChainSpi);
664 }
665
666 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest004, TestSize.Level0)
667 {
668 ASSERT_NE(g_certChainP7bSpi, nullptr);
669
670 HcfX509CertificateArray certsList = { nullptr, 0 };
671 CfResult ret = g_certChainP7bSpi->engineGetCertList(g_certChainP7bSpi, &certsList);
672 ASSERT_EQ(ret, CF_SUCCESS);
673 ASSERT_EQ(certsList.count > 0, true);
674 ASSERT_NE(certsList.data, nullptr);
675
676 FreeCertArrayData(&certsList);
677 }
678
679 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest005, TestSize.Level0)
680 {
681 ASSERT_NE(g_certChainP7bSpi, nullptr);
682 HcfX509CertChainSpi *certChainSpi = nullptr;
683 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
684 ASSERT_EQ(ret, CF_SUCCESS);
685 ASSERT_NE(certChainSpi, nullptr);
686 certChainSpi->base.getClass = GetInvalidCertChainClass;
687
688 HcfX509CertificateArray certsList = { nullptr, 0 };
689 ret = certChainSpi->engineGetCertList(certChainSpi, &certsList);
690 ASSERT_EQ(ret, CF_INVALID_PARAMS);
691
692 certChainSpi->base.getClass = g_certChainP7bSpi->base.getClass;
693 CfObjDestroy(certChainSpi);
694 }
695
696 HWTEST_F(CryptoX509CertChainTest, GetCertListCoreTest001, TestSize.Level0)
697 {
698 ASSERT_NE(g_certChainP7b, nullptr);
699 HcfX509CertificateArray certsArray = { 0 };
700 CfResult ret = g_certChainP7b->getCertList(nullptr, &certsArray);
701 ASSERT_EQ(ret, CF_INVALID_PARAMS);
702 }
703
704 HWTEST_F(CryptoX509CertChainTest, GetCertListCoreTest002, TestSize.Level0)
705 {
706 ASSERT_NE(g_certChainP7b, nullptr);
707 CfResult ret = g_certChainP7b->getCertList(g_certChainP7b, nullptr);
708 ASSERT_EQ(ret, CF_INVALID_PARAMS);
709 }
710
711 HWTEST_F(CryptoX509CertChainTest, GetCertListCoreTest003, TestSize.Level0)
712 {
713 ASSERT_NE(g_certChainP7b, nullptr);
714 HcfCertChain *pCertChain = nullptr;
715 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &pCertChain);
716 ASSERT_EQ(ret, CF_SUCCESS);
717
718 pCertChain->base.getClass = GetInvalidCertChainClass;
719 ret = g_certChainP7b->getCertList(pCertChain, nullptr);
720 ASSERT_EQ(ret, CF_INVALID_PARAMS);
721
722 pCertChain->base.getClass = g_certChainP7b->base.getClass;
723 CfObjDestroy(pCertChain);
724 }
725
726 HWTEST_F(CryptoX509CertChainTest, GetCertListCoreTest004, TestSize.Level0)
727 {
728 ASSERT_NE(g_certChainP7b, nullptr);
729 HcfX509CertificateArray out = { nullptr, 0 };
730 CfResult ret = g_certChainP7b->getCertList(g_certChainP7b, &out);
731 ASSERT_EQ(ret, CF_SUCCESS);
732 ASSERT_NE(out.data, nullptr);
733 ASSERT_EQ(out.count > 0, true);
734
735 FreeCertArrayData(&out);
736 }
737
738 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest001, TestSize.Level0)
739 {
740 CF_LOG_I("ValidateOpensslTest001");
741 HcfX509CertChainSpi *certChainSpi = nullptr;
742 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
743 ASSERT_EQ(ret, CF_SUCCESS);
744 ASSERT_NE(certChainSpi, nullptr);
745
746 ret = certChainSpi->engineValidate(nullptr, nullptr, nullptr);
747 ASSERT_EQ(ret, CF_INVALID_PARAMS);
748
749 CfObjDestroy(certChainSpi);
750 }
751
752 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest002, TestSize.Level0)
753 {
754 CF_LOG_I("ValidateOpensslTest002");
755 ASSERT_NE(g_certChainP7bSpi, nullptr);
756 CfResult ret = g_certChainP7bSpi->engineValidate(g_certChainP7bSpi, nullptr, nullptr);
757 ASSERT_EQ(ret, CF_INVALID_PARAMS);
758 }
759
760 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest003, TestSize.Level0)
761 {
762 CF_LOG_I("ValidateOpensslTest003");
763 ASSERT_NE(g_certChainP7bSpi, nullptr);
764 HcfX509TrustAnchor anchor = { 0 };
765 CfEncodingBlob inStream = { 0 };
766 inStream.data = (uint8_t *)g_testSelfSignedCaCert;
767 inStream.encodingFormat = CF_FORMAT_PEM;
768 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
769 (void)HcfX509CertificateCreate(&inStream, &anchor.CACert);
770
771 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
772 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
773 ASSERT_NE(trustAnchorArray.data, nullptr);
774 trustAnchorArray.data[0] = &anchor;
775 trustAnchorArray.count = 1;
776
777 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
778 ASSERT_EQ(pCertChainValidateParams.date, nullptr); // test
779 ASSERT_EQ(pCertChainValidateParams.certCRLCollections, nullptr); // test
780 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
781
782 CfResult ret = g_certChainP7bSpi->engineValidate(g_certChainP7bSpi, &pCertChainValidateParams, nullptr);
783 ASSERT_EQ(ret, CF_INVALID_PARAMS);
784
785 CfFree(trustAnchorArray.data);
786 CfObjDestroy(anchor.CACert);
787 }
788
789 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest004, TestSize.Level0)
790 {
791 CF_LOG_I("ValidateOpensslTest004");
792 ASSERT_NE(g_certChainP7bSpi, nullptr);
793
794 HcfX509CertChainSpi *certChainSpi = nullptr;
795 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
796 ASSERT_EQ(ret, CF_SUCCESS);
797 ASSERT_NE(certChainSpi, nullptr);
798
799 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
800 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
801
802 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
803 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
804
805 certChainSpi->base.getClass = GetInvalidCertChainClass;
806 HcfX509CertChainValidateResult result = { 0 };
807 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
808 ASSERT_EQ(ret, CF_INVALID_PARAMS);
809
810 certChainSpi->base.getClass = g_certChainP7bSpi->base.getClass;
811 FreeTrustAnchorArr(trustAnchorArray);
812 CfObjDestroy(certChainSpi);
813 }
814
815 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest005, TestSize.Level0)
816 {
817 CF_LOG_I("ValidateOpensslTest005");
818 ASSERT_NE(g_certChainPemSpi, nullptr);
819
820 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
821 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
822
823 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
824 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
825
826 HcfX509CertChainValidateResult result = { 0 };
827 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
828 ASSERT_EQ(ret, CF_SUCCESS);
829 ASSERT_NE(result.entityCert, nullptr);
830 ASSERT_NE(result.trustAnchor, nullptr);
831
832 FreeTrustAnchorArr(trustAnchorArray);
833 FreeValidateResult(result);
834 }
835
836 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest006, TestSize.Level0)
837 {
838 CF_LOG_I("ValidateOpensslTest006");
839 ASSERT_NE(g_certChainPemSpi, nullptr);
840
841 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
842 BuildAnchorArr(g_inStreamSelfSignedCaCert, trustAnchorArray);
843
844 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
845 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
846
847 HcfX509CertChainValidateResult result = { 0 };
848 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
849 ASSERT_EQ(ret, CF_INVALID_PARAMS);
850
851 FreeTrustAnchorArr(trustAnchorArray);
852 }
853
854 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest007, TestSize.Level0)
855 {
856 CF_LOG_I("ValidateOpensslTest007");
857 ASSERT_NE(g_certChainPemSpi, nullptr);
858
859 HcfX509TrustAnchor anchor = { 0 };
860
861 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
862 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
863 ASSERT_NE(trustAnchorArray.data, nullptr);
864 trustAnchorArray.data[0] = &anchor;
865 trustAnchorArray.count = 1;
866
867 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
868 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
869
870 HcfX509CertChainValidateResult result = { 0 };
871 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
872 ASSERT_EQ(ret, CF_INVALID_PARAMS);
873
874 CfFree(trustAnchorArray.data);
875 }
876
877 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest008, TestSize.Level0)
878 {
879 CF_LOG_I("ValidateOpensslTest008");
880 ASSERT_NE(g_certChainPemSpi, nullptr);
881
882 CfBlob pubkey = { 0, nullptr };
883 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootData[0]);
884 pubkey.size = g_testChainPubkeyPemRootDataSize;
885
886 HcfX509TrustAnchor anchor = { 0 };
887
888 anchor.CAPubKey = &pubkey;
889
890 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
891 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
892 ASSERT_NE(trustAnchorArray.data, nullptr);
893 trustAnchorArray.data[0] = &anchor;
894 trustAnchorArray.count = 1;
895
896 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
897 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
898
899 HcfX509CertChainValidateResult result = { 0 };
900 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
901 ASSERT_EQ(ret, CF_SUCCESS);
902 ASSERT_NE(result.entityCert, nullptr);
903 ASSERT_NE(result.trustAnchor, nullptr);
904
905 CfFree(trustAnchorArray.data);
906 FreeValidateResult(result);
907 }
908
909 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest009, TestSize.Level0)
910 {
911 CF_LOG_I("ValidateOpensslTest009");
912 ASSERT_NE(g_certChainPemSpi, nullptr);
913
914 CfBlob pubkey = { 0, nullptr };
915 pubkey.data = (uint8_t *)(&g_testCrlSubAndIssNameDerData[0]);
916 pubkey.size = g_testCrlSubAndIssNameDerDataSize;
917
918 HcfX509TrustAnchor anchor = { 0 };
919 anchor.CAPubKey = &pubkey;
920
921 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
922 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
923 ASSERT_NE(trustAnchorArray.data, nullptr);
924 trustAnchorArray.data[0] = &anchor;
925 trustAnchorArray.count = 1;
926
927 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
928 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
929
930 HcfX509CertChainValidateResult result = { 0 };
931 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
932 ASSERT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
933
934 CfFree(trustAnchorArray.data);
935 }
936
937 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest010, TestSize.Level0)
938 {
939 CF_LOG_I("ValidateOpensslTest010");
940 ASSERT_NE(g_certChainPemSpi, nullptr);
941
942 CfBlob pubkey = { 0, nullptr };
943 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootData[0]);
944 pubkey.size = g_testChainPubkeyPemRootDataSize;
945
946 CfBlob subject = { 0, nullptr };
947 subject.data = (uint8_t *)(&g_testChainSubjectPemRootData[0]);
948 subject.size = g_testChainSubjectPemRootDataSize;
949
950 HcfX509TrustAnchor anchor = { 0 };
951 anchor.CAPubKey = &pubkey;
952 anchor.CASubject = &subject;
953
954 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
955 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
956 ASSERT_NE(trustAnchorArray.data, nullptr);
957 trustAnchorArray.data[0] = &anchor;
958 trustAnchorArray.count = 1;
959
960 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
961 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
962
963 HcfX509CertChainValidateResult result = { 0 };
964 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
965 ASSERT_EQ(ret, CF_SUCCESS);
966 ASSERT_NE(result.entityCert, nullptr);
967 ASSERT_NE(result.trustAnchor, nullptr);
968
969 CfFree(trustAnchorArray.data);
970 FreeValidateResult(result);
971 }
972
973 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest011, TestSize.Level0)
974 {
975 CF_LOG_I("ValidateOpensslTest011");
976 ASSERT_NE(g_certChainPemSpi, nullptr);
977
978 CfBlob pubkey = { 0, nullptr };
979 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootData[0]);
980 pubkey.size = g_testChainPubkeyPemRootDataSize;
981
982 CfBlob subject = { 0, nullptr };
983 subject.data = (uint8_t *)(&g_testChainSubjectPemOtherSubjectData[0]);
984 subject.size = g_testChainSubjectPemOtherSubjectDataSize;
985
986 HcfX509TrustAnchor anchor = { 0 };
987 anchor.CAPubKey = &pubkey;
988 anchor.CASubject = &subject;
989
990 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
991 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
992 ASSERT_NE(trustAnchorArray.data, nullptr);
993 trustAnchorArray.data[0] = &anchor;
994 trustAnchorArray.count = 1;
995
996 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
997 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
998
999 HcfX509CertChainValidateResult result = { 0 };
1000 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1001
1002 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1003
1004 CfFree(trustAnchorArray.data);
1005 }
1006
1007 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest012, TestSize.Level0)
1008 {
1009 CF_LOG_I("ValidateOpensslTest012");
1010 ASSERT_NE(g_certChainPemSpi, nullptr);
1011
1012 CfBlob pubkey = { 0, nullptr };
1013 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootData[0]);
1014 pubkey.size = g_testChainPubkeyPemRootDataSize;
1015
1016 HcfX509TrustAnchor anchor = { 0 };
1017 anchor.CAPubKey = &pubkey;
1018 anchor.CASubject = &pubkey;
1019
1020 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1021 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1022 ASSERT_NE(trustAnchorArray.data, nullptr);
1023 trustAnchorArray.data[0] = &anchor;
1024 trustAnchorArray.count = 1;
1025
1026 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1027 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1028
1029 HcfX509CertChainValidateResult result = { 0 };
1030 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1031 ASSERT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1032
1033 CfFree(trustAnchorArray.data);
1034 }
1035
1036 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest013, TestSize.Level0)
1037 {
1038 CF_LOG_I("ValidateOpensslTest013");
1039 ASSERT_NE(g_certChainPemSpi, nullptr);
1040
1041 CfBlob pubkey = { 0, nullptr };
1042 pubkey.data = (uint8_t *)(&g_testCrlSubAndIssNameDerData[0]);
1043 pubkey.size = g_testCrlSubAndIssNameDerDataSize;
1044
1045 HcfX509TrustAnchor anchor = { 0 };
1046
1047 anchor.CAPubKey = &pubkey;
1048 anchor.CASubject = &pubkey;
1049
1050 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1051 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1052 ASSERT_NE(trustAnchorArray.data, nullptr);
1053 trustAnchorArray.data[0] = &anchor;
1054 trustAnchorArray.count = 1;
1055
1056 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1057 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1058
1059 HcfX509CertChainValidateResult result = { 0 };
1060 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1061 ASSERT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1062
1063 CfFree(trustAnchorArray.data);
1064 }
1065
1066 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest014, TestSize.Level0)
1067 {
1068 CF_LOG_I("ValidateOpensslTest014");
1069 HcfX509CertChainSpi *certChainSpi = nullptr;
1070 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataPemNoRoot, &certChainSpi);
1071 ASSERT_EQ(ret, CF_SUCCESS);
1072 ASSERT_NE(certChainSpi, nullptr);
1073
1074 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1075 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1076
1077 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1078 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1079
1080 HcfX509CertChainValidateResult result = { 0 };
1081 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1082 ASSERT_EQ(ret, CF_SUCCESS);
1083 ASSERT_NE(result.entityCert, nullptr);
1084 ASSERT_NE(result.trustAnchor, nullptr);
1085
1086 FreeTrustAnchorArr(trustAnchorArray);
1087 FreeValidateResult(result);
1088 CfObjDestroy(certChainSpi);
1089 }
1090
1091 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest015, TestSize.Level0)
1092 {
1093 CF_LOG_I("ValidateOpensslTest015");
1094 HcfX509CertChainSpi *certChainSpi = nullptr;
1095 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1096 ASSERT_EQ(ret, CF_SUCCESS);
1097 ASSERT_NE(certChainSpi, nullptr);
1098
1099 CfBlob pubkey = { 0, nullptr };
1100 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootHasPubKey[0]);
1101 pubkey.size = g_testChainPubkeyPemRootHasPubKeySize;
1102
1103 HcfX509TrustAnchor anchor = { 0 };
1104 anchor.CAPubKey = &pubkey;
1105
1106 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1107 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1108 ASSERT_NE(trustAnchorArray.data, nullptr);
1109 trustAnchorArray.data[0] = &anchor;
1110 trustAnchorArray.count = 1;
1111
1112 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1113 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1114
1115 HcfX509CertChainValidateResult result = { 0 };
1116 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1117 ASSERT_EQ(ret, CF_SUCCESS);
1118 ASSERT_NE(result.entityCert, nullptr);
1119 ASSERT_NE(result.trustAnchor, nullptr);
1120
1121 CfFree(trustAnchorArray.data);
1122 CfObjDestroy(certChainSpi);
1123 FreeValidateResult(result);
1124 }
1125
1126 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest016, TestSize.Level0)
1127 {
1128 CF_LOG_I("ValidateOpensslTest016");
1129 ASSERT_NE(g_certChainPemSpi, nullptr);
1130
1131 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1132 BuildAnchorArr(g_inStreamChainDataPemMid, trustAnchorArray);
1133
1134 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1135 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1136
1137 HcfX509CertChainValidateResult result = { 0 };
1138 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1139 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1140
1141 FreeTrustAnchorArr(trustAnchorArray);
1142 FreeValidateResult(result);
1143 }
1144
1145 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest017, TestSize.Level0)
1146 {
1147 CF_LOG_I("ValidateOpensslTest017");
1148 HcfX509CertChainSpi *certChainSpi = nullptr;
1149 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataPemRoot, &certChainSpi);
1150 ASSERT_EQ(ret, CF_SUCCESS);
1151 ASSERT_NE(certChainSpi, nullptr);
1152
1153 CfBlob pubkey = { 0, nullptr };
1154 pubkey.data = (uint8_t *)(&g_testCrlSubAndIssNameDerData[0]);
1155 pubkey.size = g_testCrlSubAndIssNameDerDataSize;
1156
1157 HcfX509TrustAnchor anchor = { 0 };
1158 (void)HcfX509CertificateCreate(&g_inStreamChainDataPemRoot, &anchor.CACert);
1159 anchor.CAPubKey = &pubkey;
1160
1161 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1162 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1163 ASSERT_NE(trustAnchorArray.data, nullptr);
1164 trustAnchorArray.data[0] = &anchor;
1165 trustAnchorArray.count = 1;
1166
1167 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1168 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1169
1170 HcfX509CertChainValidateResult result = { 0 };
1171 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1172 ASSERT_EQ(ret, CF_SUCCESS);
1173 ASSERT_NE(result.entityCert, nullptr);
1174 ASSERT_NE(result.trustAnchor, nullptr);
1175
1176 FreeValidateResult(result);
1177 CfFree(trustAnchorArray.data);
1178 CfObjDestroy(anchor.CACert);
1179 CfObjDestroy(certChainSpi);
1180 }
1181
1182 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest018, TestSize.Level0)
1183 {
1184 CF_LOG_I("ValidateOpensslTest018");
1185 ASSERT_NE(g_certChainPemSpi, nullptr);
1186
1187 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1188 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1189
1190 const char *date = "20231205073900Z";
1191 CfBlob validDate = { 0 };
1192 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1193 validDate.size = strlen(date) + 1;
1194 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1195
1196 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1197 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1198 pCertChainValidateParams.date = &validDate;
1199
1200 HcfX509CertChainValidateResult result = { 0 };
1201 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1202 ASSERT_EQ(ret, CF_SUCCESS);
1203 ASSERT_NE(result.entityCert, nullptr);
1204 ASSERT_NE(result.trustAnchor, nullptr);
1205
1206 FreeTrustAnchorArr(trustAnchorArray);
1207 FreeValidateResult(result);
1208 }
1209
1210 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest019, TestSize.Level0)
1211 {
1212 CF_LOG_I("ValidateOpensslTest019");
1213 ASSERT_NE(g_certChainPemSpi, nullptr);
1214
1215 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1216 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1217
1218 const char *date = "20240901235900Z";
1219 CfBlob validDate = { 0 };
1220 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1221 validDate.size = strlen(date) + 1;
1222 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1223
1224 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1225 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1226 pCertChainValidateParams.date = &validDate;
1227
1228 HcfX509CertChainValidateResult result = { 0 };
1229 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1230 ASSERT_EQ(ret, CF_SUCCESS);
1231 ASSERT_NE(result.entityCert, nullptr);
1232 ASSERT_NE(result.trustAnchor, nullptr);
1233
1234 FreeTrustAnchorArr(trustAnchorArray);
1235 FreeValidateResult(result);
1236 }
1237
1238 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest020, TestSize.Level0)
1239 {
1240 CF_LOG_I("ValidateOpensslTest020");
1241 ASSERT_NE(g_certChainPemSpi, nullptr);
1242
1243 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1244 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1245
1246 const char *date = "231205073900Z";
1247 CfBlob validDate = { 0 };
1248 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1249 validDate.size = strlen(date) + 1;
1250 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1251
1252 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1253 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1254 pCertChainValidateParams.date = &validDate;
1255
1256 HcfX509CertChainValidateResult result = { 0 };
1257 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1258 ASSERT_EQ(ret, CF_SUCCESS);
1259 ASSERT_NE(result.entityCert, nullptr);
1260 ASSERT_NE(result.trustAnchor, nullptr);
1261
1262 FreeTrustAnchorArr(trustAnchorArray);
1263 FreeValidateResult(result);
1264 }
1265
1266 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest021, TestSize.Level0)
1267 {
1268 CF_LOG_I("ValidateOpensslTest021");
1269 ASSERT_NE(g_certChainPemSpi, nullptr);
1270
1271 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1272 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1273
1274 const char *date = "231206090000";
1275 CfBlob validDate = { 0 };
1276 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1277 validDate.size = strlen(date); // len is wrong.
1278 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1279
1280 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1281 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1282 pCertChainValidateParams.date = &validDate;
1283
1284 HcfX509CertChainValidateResult result = { 0 };
1285 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1286 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1287
1288 FreeTrustAnchorArr(trustAnchorArray);
1289 }
1290
1291 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest022, TestSize.Level0)
1292 {
1293 CF_LOG_I("ValidateOpensslTest022");
1294 ASSERT_NE(g_certChainPemSpi, nullptr);
1295
1296 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1297 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1298
1299 const char *date = "abc"; // format is not correct.
1300 CfBlob validDate = { 0 };
1301 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1302 validDate.size = strlen(date) + 1;
1303 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1304
1305 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1306 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1307 pCertChainValidateParams.date = &validDate;
1308
1309 HcfX509CertChainValidateResult result = { 0 };
1310 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1311 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1312
1313 FreeTrustAnchorArr(trustAnchorArray);
1314 }
1315
1316 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest023, TestSize.Level0)
1317 {
1318 CF_LOG_I("ValidateOpensslTest023");
1319 ASSERT_NE(g_certChainPemSpi, nullptr);
1320
1321 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1322 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1323
1324 const char *date = "20231205073500Z";
1325 CfBlob validDate = { 0 };
1326 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1327 validDate.size = strlen(date) + 1;
1328 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1329
1330 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1331 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1332 pCertChainValidateParams.date = &validDate;
1333
1334 HcfX509CertChainValidateResult result = { 0 };
1335 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1336 ASSERT_EQ(ret, CF_ERR_CERT_NOT_YET_VALID);
1337
1338 FreeTrustAnchorArr(trustAnchorArray);
1339 FreeValidateResult(result);
1340 }
1341
1342 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest024, TestSize.Level0)
1343 {
1344 CF_LOG_I("ValidateOpensslTest024");
1345 ASSERT_NE(g_certChainPemSpi, nullptr);
1346
1347 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1348 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1349
1350 const char *date = "20240901235901Z";
1351 CfBlob validDate = { 0 };
1352 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1353 validDate.size = strlen(date) + 1;
1354 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1355
1356 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1357 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1358 pCertChainValidateParams.date = &validDate;
1359
1360 HcfX509CertChainValidateResult result = { 0 };
1361 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1362 ASSERT_EQ(ret, CF_ERR_CERT_HAS_EXPIRED);
1363
1364 FreeTrustAnchorArr(trustAnchorArray);
1365 }
1366
1367 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest025, TestSize.Level0)
1368 {
1369 CF_LOG_I("ValidateOpensslTest025");
1370 ASSERT_NE(g_certChainPemSpi, nullptr);
1371
1372 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1373 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1374
1375 HcfCertCRLCollectionArray certCRLCollections = { 0 };
1376 BuildCollectionArr(&g_inStreamChainDataPemRoot, &g_crlDerInStream, certCRLCollections);
1377
1378 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1379 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1380 pCertChainValidateParams.certCRLCollections = &certCRLCollections;
1381
1382 HcfX509CertChainValidateResult result = { 0 };
1383 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1384 ASSERT_EQ(ret, CF_SUCCESS);
1385 ASSERT_NE(result.entityCert, nullptr);
1386 ASSERT_NE(result.trustAnchor, nullptr);
1387
1388 FreeTrustAnchorArr(trustAnchorArray);
1389 FreeCertCrlCollectionArr(certCRLCollections);
1390 FreeValidateResult(result);
1391 }
1392
1393 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest026, TestSize.Level0)
1394 {
1395 CF_LOG_I("ValidateOpensslTest026");
1396 ASSERT_NE(g_certChainPemSpi, nullptr);
1397
1398 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1399 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1400
1401 HcfCertCRLCollectionArray certCRLCollections = { 0 };
1402 BuildCollectionArr(&g_inStreamChainDataPemMid, &g_inStreamChainDataPemMidCRL, certCRLCollections);
1403
1404 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1405 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1406 pCertChainValidateParams.certCRLCollections = &certCRLCollections;
1407
1408 HcfX509CertChainValidateResult result = { 0 };
1409 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1410 ASSERT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1411
1412 FreeTrustAnchorArr(trustAnchorArray);
1413 FreeCertCrlCollectionArr(certCRLCollections);
1414 }
1415
1416 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest027, TestSize.Level0)
1417 {
1418 CF_LOG_I("ValidateOpensslTest027");
1419 ASSERT_NE(g_certChainPemSpi, nullptr);
1420
1421 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1422 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1423
1424 HcfCertCRLCollectionArray certCRLCollections = { 0 };
1425 BuildCollectionArr(&g_inStreamChainDataPemRoot, &g_crlDerInStream, certCRLCollections);
1426
1427 const char *date = "20231212080000Z";
1428 CfBlob validDate = { 0 };
1429 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1430 validDate.size = strlen(date) + 1;
1431 // validatetime :notBeforeDate: 20231205080000, notAfterDate: 20241205075959
1432
1433 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1434 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1435 pCertChainValidateParams.date = &validDate;
1436 pCertChainValidateParams.certCRLCollections = &certCRLCollections;
1437
1438 HcfX509CertChainValidateResult result = { 0 };
1439 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1440 ASSERT_EQ(ret, CF_SUCCESS);
1441 ASSERT_NE(result.entityCert, nullptr);
1442 ASSERT_NE(result.trustAnchor, nullptr);
1443
1444 FreeTrustAnchorArr(trustAnchorArray);
1445 FreeCertCrlCollectionArr(certCRLCollections);
1446 FreeValidateResult(result);
1447 }
1448
1449 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest028, TestSize.Level0)
1450 {
1451 CF_LOG_I("ValidateOpensslTest028");
1452 for (unsigned int i = 0; i < 1000; i++) {
1453 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1454 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1455
1456 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1457 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1458
1459 HcfX509CertChainValidateResult result = { 0 };
1460 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1461 ASSERT_EQ(ret, CF_SUCCESS);
1462 ASSERT_NE(result.entityCert, nullptr);
1463 ASSERT_NE(result.trustAnchor, nullptr);
1464
1465 FreeTrustAnchorArr(trustAnchorArray);
1466 FreeValidateResult(result);
1467 }
1468 }
1469
1470 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest029, TestSize.Level0)
1471 {
1472 CF_LOG_I("ValidateOpensslTest029");
1473 HcfX509CertChainSpi *certChainSpi = nullptr;
1474 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1475 ASSERT_EQ(ret, CF_SUCCESS);
1476 ASSERT_NE(certChainSpi, nullptr);
1477
1478 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1479 BuildAnchorArr(g_inStreamChainPemNoRootLast, trustAnchorArray);
1480
1481 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1482 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1483
1484 HcfX509CertChainValidateResult result = { 0 };
1485 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1486 ASSERT_EQ(ret, CF_SUCCESS);
1487 ASSERT_NE(result.entityCert, nullptr);
1488 ASSERT_NE(result.trustAnchor, nullptr);
1489
1490 FreeTrustAnchorArr(trustAnchorArray);
1491 FreeValidateResult(result);
1492 CfObjDestroy(certChainSpi);
1493 }
1494
1495 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest030, TestSize.Level0)
1496 {
1497 CF_LOG_I("ValidateOpensslTest030");
1498 ASSERT_NE(g_certChainPemSpi, nullptr);
1499
1500 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1501 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1502
1503 HcfCertCRLCollectionArray certCRLCollections = { 0 };
1504 BuildCollectionArr(&g_inStreamChainDataPemRoot, nullptr, certCRLCollections);
1505
1506 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1507 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1508 pCertChainValidateParams.certCRLCollections = &certCRLCollections;
1509
1510 HcfX509CertChainValidateResult result = { 0 };
1511 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1512 ASSERT_EQ(ret, CF_SUCCESS);
1513 ASSERT_NE(result.entityCert, nullptr);
1514 ASSERT_NE(result.trustAnchor, nullptr);
1515
1516 FreeTrustAnchorArr(trustAnchorArray);
1517 FreeCertCrlCollectionArr(certCRLCollections);
1518 FreeValidateResult(result);
1519 }
1520
1521 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest031, TestSize.Level0)
1522 {
1523 CF_LOG_I("ValidateOpensslTest031");
1524 HcfX509CertChainSpi *certChainSpi = nullptr;
1525 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataPemDisorder, &certChainSpi);
1526 ASSERT_EQ(ret, CF_SUCCESS);
1527 ASSERT_NE(certChainSpi, nullptr);
1528
1529 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1530 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1531
1532 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1533 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1534
1535 HcfX509CertChainValidateResult result = { 0 };
1536 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1537 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1538
1539 FreeTrustAnchorArr(trustAnchorArray);
1540 CfObjDestroy(certChainSpi);
1541 }
1542
1543 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest032, TestSize.Level0)
1544 {
1545 CF_LOG_I("ValidateOpensslTest032");
1546 HcfX509CertChainSpi *certChainSpi = nullptr;
1547 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1548 ASSERT_EQ(ret, CF_SUCCESS);
1549 ASSERT_NE(certChainSpi, nullptr);
1550
1551 CfBlob pubkey = { 0, nullptr };
1552 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemNoRootLast[0]);
1553 pubkey.size = g_testChainPubkeyPemNoRootLastSize;
1554
1555 HcfX509TrustAnchor anchor = { 0 };
1556 anchor.CAPubKey = &pubkey;
1557
1558 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1559 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1560 ASSERT_NE(trustAnchorArray.data, nullptr);
1561 trustAnchorArray.data[0] = &anchor;
1562 trustAnchorArray.count = 1;
1563
1564 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1565 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1566
1567 HcfX509CertChainValidateResult result = { 0 };
1568 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1569 ASSERT_EQ(ret, CF_SUCCESS);
1570 ASSERT_NE(result.entityCert, nullptr);
1571 ASSERT_NE(result.trustAnchor, nullptr);
1572
1573 CfFree(trustAnchorArray.data);
1574 CfObjDestroy(certChainSpi);
1575 FreeValidateResult(result);
1576 }
1577
1578 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest033, TestSize.Level0)
1579 {
1580 CF_LOG_I("ValidateOpensslTest033");
1581 HcfX509CertChainSpi *certChainSpi = nullptr;
1582 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1583 ASSERT_EQ(ret, CF_SUCCESS);
1584 ASSERT_NE(certChainSpi, nullptr);
1585
1586 CfBlob pubkey = { 0, nullptr };
1587 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemNoRootLast[0]);
1588 pubkey.size = g_testChainPubkeyPemNoRootLastSize;
1589
1590 CfBlob subject = { 0, nullptr };
1591 subject.data = (uint8_t *)(&g_testChainSubjectPemNoRootLastUp[0]);
1592 subject.size = g_testChainSubjectPemNoRootLastUpSize;
1593
1594 HcfX509TrustAnchor anchor = { 0 };
1595 anchor.CAPubKey = &pubkey;
1596 anchor.CASubject = &subject;
1597
1598 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1599 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1600 ASSERT_NE(trustAnchorArray.data, nullptr);
1601 trustAnchorArray.data[0] = &anchor;
1602 trustAnchorArray.count = 1;
1603
1604 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1605 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1606
1607 HcfX509CertChainValidateResult result = { 0 };
1608 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1609 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1610
1611 CfFree(trustAnchorArray.data);
1612 CfObjDestroy(certChainSpi);
1613 }
1614
1615 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest034, TestSize.Level0)
1616 {
1617 CF_LOG_I("ValidateOpensslTest034");
1618 HcfX509CertChainSpi *certChainSpi = nullptr;
1619 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1620 ASSERT_EQ(ret, CF_SUCCESS);
1621 ASSERT_NE(certChainSpi, nullptr);
1622
1623 CfBlob pubkey = { 0, nullptr };
1624 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemNoRootLastUp[0]);
1625 pubkey.size = g_testChainPubkeyPemNoRootLastUpSize;
1626
1627 CfBlob subject = { 0, nullptr };
1628 subject.data = (uint8_t *)(&g_testChainSubjectPemNoRootLast[0]);
1629 subject.size = g_testChainSubjectPemNoRootLastSize;
1630
1631 HcfX509TrustAnchor anchor = { 0 };
1632 anchor.CAPubKey = &pubkey;
1633 anchor.CASubject = &subject;
1634
1635 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1636 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1637 ASSERT_NE(trustAnchorArray.data, nullptr);
1638 trustAnchorArray.data[0] = &anchor;
1639 trustAnchorArray.count = 1;
1640
1641 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1642 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1643
1644 HcfX509CertChainValidateResult result = { 0 };
1645 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1646 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1647
1648 CfFree(trustAnchorArray.data);
1649 CfObjDestroy(certChainSpi);
1650 }
1651
1652 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest001, TestSize.Level0)
1653 {
1654 CF_LOG_I("ValidateCoreTest001");
1655 HcfCertChain *pCertChain = nullptr;
1656 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &pCertChain);
1657 ASSERT_EQ(ret, CF_SUCCESS);
1658 ASSERT_NE(pCertChain, nullptr);
1659
1660 ret = pCertChain->validate(nullptr, nullptr, nullptr);
1661 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1662
1663 CfObjDestroy(pCertChain);
1664 }
1665
1666 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest002, TestSize.Level0)
1667 {
1668 CF_LOG_I("ValidateCoreTest002");
1669 HcfCertChain *pCertChain = nullptr;
1670 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &pCertChain);
1671 ASSERT_EQ(ret, CF_SUCCESS);
1672 ASSERT_NE(pCertChain, nullptr);
1673
1674 ret = pCertChain->validate(pCertChain, nullptr, nullptr);
1675 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1676
1677 CfObjDestroy(pCertChain);
1678 }
1679
1680 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest003, TestSize.Level0)
1681 {
1682 CF_LOG_I("ValidateCoreTest003");
1683 ASSERT_NE(g_certChainP7b, nullptr);
1684
1685 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1686 BuildAnchorArr(g_inStreamSelfSignedCaCert, trustAnchorArray);
1687
1688 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1689 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1690
1691 CfResult ret = g_certChainP7b->validate(g_certChainP7b, &pCertChainValidateParams, nullptr);
1692 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1693
1694 FreeTrustAnchorArr(trustAnchorArray);
1695 }
1696
1697 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest004, TestSize.Level0)
1698 {
1699 CF_LOG_I("ValidateCoreTest004");
1700 HcfCertChain *pCertChain = nullptr;
1701 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataPem, nullptr, &pCertChain);
1702 ASSERT_EQ(ret, CF_SUCCESS);
1703 ASSERT_NE(pCertChain, nullptr);
1704 pCertChain->base.getClass = GetInvalidCertChainClass;
1705
1706 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1707
1708 HcfX509CertChainValidateResult result = { 0 };
1709 ret = pCertChain->validate(pCertChain, &pCertChainValidateParams, &result);
1710 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1711
1712 pCertChain->base.getClass = g_certChainP7b->base.getClass;
1713 CfObjDestroy(pCertChain);
1714 }
1715
1716 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest005, TestSize.Level0)
1717 {
1718 ASSERT_NE(g_certChainPemSpi, nullptr);
1719
1720 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1721 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1722
1723 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1724 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1725
1726 HcfX509CertChainValidateResult result = { 0 };
1727 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1728 ASSERT_EQ(ret, CF_SUCCESS);
1729 ASSERT_NE(result.entityCert, nullptr);
1730 ASSERT_NE(result.trustAnchor, nullptr);
1731
1732 FreeTrustAnchorArr(trustAnchorArray);
1733 FreeValidateResult(result);
1734 }
1735
1736 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest006, TestSize.Level0)
1737 {
1738 ASSERT_NE(g_certChainPemSpi, nullptr);
1739
1740 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1741 pCertChainValidateParams.trustAnchors = nullptr;
1742 pCertChainValidateParams.trustSystemCa = true;
1743
1744 HcfX509CertChainValidateResult result = { 0 };
1745 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1746 ASSERT_NE(ret, CF_SUCCESS);
1747
1748 FreeValidateResult(result);
1749 }
1750
1751 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest007, TestSize.Level0)
1752 {
1753 const int testCertChainPemSize = sizeof(TEST_CERT_CHAIN_PEM) / sizeof(char);
1754 const CfEncodingBlob inStreamChainDataPem = { reinterpret_cast<uint8_t *>(const_cast<char *>(TEST_CERT_CHAIN_PEM)),
1755 testCertChainPemSize, CF_FORMAT_PEM };
1756 HcfX509CertChainSpi *certChainSpi = nullptr;
1757 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStreamChainDataPem, &certChainSpi);
1758 ASSERT_EQ(ret, CF_SUCCESS);
1759
1760 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1761 pCertChainValidateParams.trustAnchors = nullptr;
1762 pCertChainValidateParams.trustSystemCa = true;
1763 HcfX509CertChainValidateResult result = { 0 };
1764 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1765 ASSERT_EQ(ret, CF_SUCCESS);
1766
1767 FreeValidateResult(result);
1768 }
1769
1770 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest008, TestSize.Level0)
1771 {
1772 const int testCertChainPemSize = sizeof(TEST_CERT_CHAIN_PEM_NOT_ROOT) / sizeof(char);
1773 const CfEncodingBlob inStreamChainDataPem = {
1774 reinterpret_cast<uint8_t *>(const_cast<char *>(TEST_CERT_CHAIN_PEM_NOT_ROOT)), testCertChainPemSize,
1775 CF_FORMAT_PEM };
1776 HcfX509CertChainSpi *certChainSpi = nullptr;
1777 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStreamChainDataPem, &certChainSpi);
1778 ASSERT_EQ(ret, CF_SUCCESS);
1779
1780 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1781 pCertChainValidateParams.trustAnchors = nullptr;
1782 pCertChainValidateParams.trustSystemCa = true;
1783 HcfX509CertChainValidateResult result = { 0 };
1784 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1785 ASSERT_EQ(ret, CF_SUCCESS);
1786
1787 FreeValidateResult(result);
1788 }
1789 } // namespace
1790