1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17 #include <openssl/pem.h>
18
19 #include "certificate_openssl_common.h"
20 #include "cf_blob.h"
21 #include "cf_log.h"
22 #include "cf_mock.h"
23 #include "config.h"
24 #include "crypto_x509_test_common.h"
25 #include "memory_mock.h"
26 #include "securec.h"
27 #include "x509_certificate.h"
28 #include "x509_certificate_openssl.h"
29
30 #define OID_STR_MAX_LEN 128
31 #define CONSTRUCT_EXTENDED_KEY_USAGE_DATA_SIZE 1
32 #define ARRAY_INDEX2 2
33
34 using namespace std;
35 using namespace testing::ext;
36 using namespace CFMock;
37
38 using ::testing::_;
39 using ::testing::AnyNumber;
40 using ::testing::Invoke;
41 using ::testing::Return;
42
43 #ifdef __cplusplus
44 extern "C" {
45 #endif
46
47 int __real_OPENSSL_sk_num(const OPENSSL_STACK *st);
48 void *__real_OPENSSL_sk_value(const OPENSSL_STACK *st, int i);
49 long __real_ASN1_INTEGER_get(const ASN1_INTEGER *a);
50 void *__real_X509V3_EXT_d2i(X509_EXTENSION *ext);
51 X509_EXTENSION *__real_X509_get_ext(const X509 *x, X509_EXTENSION *loc);
52 void *__real_X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
53 CfResult __real_DeepCopyDataToBlob(const unsigned char *data, uint32_t len, CfBlob *outBlob);
54 int __real_X509_print(BIO *bp, X509 *x);
55 BIO *__real_BIO_new(const BIO_METHOD *type);
56
57 #ifdef __cplusplus
58 }
59 #endif
60
61 namespace {
62 class CryptoX509CertificateTestPart3 : public testing::Test {
63 public:
64 static void SetUpTestCase();
65 static void TearDownTestCase();
66 void SetUp();
67 void TearDown();
68 };
69
70 static HcfX509Certificate *g_x509CertExtAttrObj = nullptr;
71 static HcfX509Certificate *g_testCertWithPrivateKeyValidObj = nullptr;
72
SetUpTestCase()73 void CryptoX509CertificateTestPart3::SetUpTestCase()
74 {
75 CfEncodingBlob inStream = { 0 };
76 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testExtAttrCert));
77 inStream.encodingFormat = CF_FORMAT_PEM;
78 inStream.len = strlen(g_testExtAttrCert) + 1;
79 (void)HcfX509CertificateCreate(&inStream, &g_x509CertExtAttrObj);
80
81 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testCertWithPrivateKeyValid));
82 inStream.encodingFormat = CF_FORMAT_PEM;
83 inStream.len = strlen(g_testCertWithPrivateKeyValid) + 1;
84 (void)HcfX509CertificateCreate(&inStream, &g_testCertWithPrivateKeyValidObj);
85 }
86
TearDownTestCase()87 void CryptoX509CertificateTestPart3::TearDownTestCase()
88 {
89 CfObjDestroy(g_x509CertExtAttrObj);
90 CfObjDestroy(g_testCertWithPrivateKeyValidObj);
91 }
92
SetUp()93 void CryptoX509CertificateTestPart3::SetUp() {}
94
TearDown()95 void CryptoX509CertificateTestPart3::TearDown() {}
96
constructExtendedKeyUsageData()97 static CfArray *constructExtendedKeyUsageData()
98 {
99 CfArray *newBlobArr = static_cast<CfArray *>(CfMalloc(sizeof(CfArray), 0));
100 if (newBlobArr == nullptr) {
101 CF_LOG_E("Failed to allocate newBlobArr memory!");
102 return nullptr;
103 }
104
105 newBlobArr->count = CONSTRUCT_EXTENDED_KEY_USAGE_DATA_SIZE;
106 newBlobArr->format = CF_FORMAT_DER;
107 newBlobArr->data = static_cast<CfBlob *>(CfMalloc(newBlobArr->count * sizeof(CfBlob), 0));
108 if (newBlobArr->data == nullptr) {
109 CF_LOG_E("Failed to allocate data memory!");
110 CfFree(newBlobArr);
111 return nullptr;
112 }
113
114 newBlobArr->data[0].data = const_cast<uint8_t *>(g_testExtendedKeyUsage);
115 newBlobArr->data[0].size = sizeof(g_testExtendedKeyUsage);
116
117 return newBlobArr;
118 }
119
120 HWTEST_F(CryptoX509CertificateTestPart3, CompareSubjectAlternativeNamesTest001, TestSize.Level0)
121 {
122 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
123 bool bResult = true;
124
125 HcfX509CertMatchParams certMatchParameters = { 0 };
126 certMatchParameters.subjectAlternativeNames = ConstructSubAltNameArrayData();
127 EXPECT_NE(certMatchParameters.subjectAlternativeNames, nullptr);
128
129 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
130 EXPECT_EQ(ret, CF_SUCCESS);
131 EXPECT_EQ(bResult, false);
132
133 certMatchParameters.minPathLenConstraint = -1;
134 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
135 EXPECT_EQ(ret, CF_SUCCESS);
136 EXPECT_EQ(bResult, true);
137
138 CfFree(certMatchParameters.subjectAlternativeNames->data);
139 CfFree(certMatchParameters.subjectAlternativeNames);
140 certMatchParameters.subjectAlternativeNames = nullptr;
141 }
142
143 HWTEST_F(CryptoX509CertificateTestPart3, CompareSubjectAlternativeNamesTest002, TestSize.Level0)
144 {
145 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
146 bool bResult = true;
147
148 HcfX509CertMatchParams matchParams = { 0 };
149 matchParams.subjectAlternativeNames = ConstructSubAltNameArrayData();
150 EXPECT_NE(matchParams.subjectAlternativeNames, nullptr);
151
152 // test CfDeepCopySubAltName failed case
153 X509OpensslMock::SetMockFlag(true);
154 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_GENERAL_NAME(_, _)).WillRepeatedly(Return(-1));
155 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &matchParams, &bResult);
156 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
157 X509OpensslMock::SetMockFlag(false);
158
159 // test CompareSubAltNameX509Openssl failed case
160 X509OpensslMock::SetMockFlag(true);
161 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
162 .WillOnce(Return(nullptr))
163 .WillRepeatedly(Invoke(__real_X509_get_ext_d2i));
164 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &matchParams, &bResult);
165 EXPECT_EQ(ret, CF_SUCCESS);
166 EXPECT_EQ(bResult, false);
167 X509OpensslMock::SetMockFlag(false);
168
169 SetMockFlag(true);
170 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &matchParams, &bResult);
171 EXPECT_EQ(ret, CF_ERR_MALLOC);
172 SetMockFlag(false);
173
174 CfFree(matchParams.subjectAlternativeNames->data);
175 CfFree(matchParams.subjectAlternativeNames);
176 matchParams.subjectAlternativeNames = nullptr;
177 }
178
179 HWTEST_F(CryptoX509CertificateTestPart3, CompareMatchAllSubjectAltNamesTest001, TestSize.Level0)
180 {
181 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
182 bool bResult = true;
183 CfResult ret = CF_SUCCESS;
184 HcfX509CertMatchParams certMatchParameters = { 0 };
185 certMatchParameters.matchAllSubjectAltNames = true;
186 certMatchParameters.subjectAlternativeNames = ConstructSubAltNameArrayData();
187 EXPECT_NE(certMatchParameters.subjectAlternativeNames, nullptr);
188
189 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
190 EXPECT_EQ(ret, CF_SUCCESS);
191 EXPECT_EQ(bResult, false);
192
193 certMatchParameters.minPathLenConstraint = -1;
194 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
195 EXPECT_EQ(ret, CF_SUCCESS);
196 EXPECT_EQ(bResult, true);
197
198 certMatchParameters.subjectAlternativeNames->count = 2;
199 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
200 EXPECT_EQ(ret, CF_SUCCESS);
201 EXPECT_EQ(bResult, false);
202
203 // add failed case ret != CF_SUCCESS
204 X509OpensslMock::SetMockFlag(true);
205 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_num(_))
206 .WillOnce(Return(-1))
207 .WillRepeatedly(Invoke(__real_OPENSSL_sk_num));
208 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
209 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
210 X509OpensslMock::SetMockFlag(false);
211
212 CfFree(certMatchParameters.subjectAlternativeNames->data);
213 CfFree(certMatchParameters.subjectAlternativeNames);
214 certMatchParameters.subjectAlternativeNames = nullptr;
215 }
216
217 HWTEST_F(CryptoX509CertificateTestPart3, CompareAuthorityKeyIdentifierTest001, TestSize.Level0)
218 {
219 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
220 bool bResult = true;
221
222 HcfX509CertMatchParams certMatchParameters = { 0 };
223
224 CfBlob blob;
225 blob.data = const_cast<uint8_t *>(g_testIssuer);
226 blob.size = sizeof(g_testIssuer);
227
228 certMatchParameters.authorityKeyIdentifier = &blob;
229
230 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
231 EXPECT_EQ(ret, CF_SUCCESS);
232 EXPECT_EQ(bResult, false);
233
234 certMatchParameters.minPathLenConstraint = -1;
235 blob.data = const_cast<uint8_t *>(g_testAuthorityKeyIdentifier);
236 blob.size = sizeof(g_testAuthorityKeyIdentifier);
237 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
238 EXPECT_EQ(ret, CF_SUCCESS);
239 EXPECT_EQ(bResult, true);
240
241 // test GetAuKeyIdDNX509Openssl failed case
242 X509OpensslMock::SetMockFlag(true);
243 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_AUTHORITY_KEYID(_, _)).WillRepeatedly(Return(-1));
244 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
245 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
246 X509OpensslMock::SetMockFlag(false);
247
248 X509OpensslMock::SetMockFlag(true);
249 EXPECT_CALL(X509OpensslMock::GetInstance(), DeepCopyDataToBlob(_, _, _))
250 .WillOnce(Return(CF_INVALID_PARAMS))
251 .WillRepeatedly(Invoke(__real_DeepCopyDataToBlob));
252 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
253 EXPECT_EQ(ret, CF_INVALID_PARAMS);
254 X509OpensslMock::SetMockFlag(false);
255 }
256
257 HWTEST_F(CryptoX509CertificateTestPart3, CompareMinPathLenConstraintTest001, TestSize.Level0)
258 {
259 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
260 bool bResult = true;
261
262 HcfX509CertMatchParams certMatchParameters = { 0 };
263 certMatchParameters.minPathLenConstraint = 100000;
264
265 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
266 EXPECT_EQ(ret, CF_SUCCESS);
267 EXPECT_EQ(bResult, false);
268
269 // test DetailForMinPathLenConstraint failed case
270 certMatchParameters.minPathLenConstraint = -2;
271 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
272 EXPECT_EQ(ret, CF_SUCCESS);
273 EXPECT_EQ(bResult, true);
274
275 BASIC_CONSTRAINTS *constraints = BASIC_CONSTRAINTS_new();
276 EXPECT_NE(constraints, nullptr);
277 constraints->ca = 1;
278 X509OpensslMock::SetMockFlag(true);
279 EXPECT_CALL(X509OpensslMock::GetInstance(), X509V3_EXT_d2i(_)).WillRepeatedly(Return(constraints));
280 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
281 EXPECT_EQ(ret, CF_SUCCESS);
282 EXPECT_EQ(bResult, false);
283 X509OpensslMock::SetMockFlag(false);
284 }
285
286 HWTEST_F(CryptoX509CertificateTestPart3, CompareMinPathLenConstraintTest002, TestSize.Level0)
287 {
288 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
289 bool bResult = true;
290
291 HcfX509CertMatchParams certMatchParameters = { 0 };
292 certMatchParameters.minPathLenConstraint = 100000;
293
294 CfResult ret;
295
296 BASIC_CONSTRAINTS *constraints = BASIC_CONSTRAINTS_new();
297 EXPECT_NE(constraints, nullptr);
298 ASN1_INTEGER *pathlen = ASN1_INTEGER_new();
299 EXPECT_NE(pathlen, nullptr);
300 pathlen->type = V_ASN1_NEG_INTEGER;
301 constraints->ca = 0;
302 constraints->pathlen = pathlen;
303 X509OpensslMock::SetMockFlag(true);
304 EXPECT_CALL(X509OpensslMock::GetInstance(), X509V3_EXT_d2i(_)).WillRepeatedly(Return(constraints));
305 EXPECT_CALL(X509OpensslMock::GetInstance(), ASN1_INTEGER_get(_))
306 .WillOnce(Return(10))
307 .WillRepeatedly(Invoke(__real_ASN1_INTEGER_get));
308 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
309 EXPECT_EQ(ret, CF_SUCCESS);
310 EXPECT_EQ(bResult, false);
311 X509OpensslMock::SetMockFlag(false);
312
313 X509OpensslMock::SetMockFlag(true);
314 EXPECT_CALL(X509OpensslMock::GetInstance(), X509V3_EXT_d2i(_))
315 .WillOnce(Return(nullptr))
316 .WillRepeatedly(Invoke(__real_X509V3_EXT_d2i));
317 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
318 EXPECT_EQ(ret, CF_SUCCESS);
319 EXPECT_EQ(bResult, false);
320 X509OpensslMock::SetMockFlag(false);
321
322 X509OpensslMock::SetMockFlag(true);
323 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext(_, _)).WillRepeatedly(Return(nullptr));
324 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
325 EXPECT_EQ(ret, CF_SUCCESS);
326 EXPECT_EQ(bResult, false);
327 X509OpensslMock::SetMockFlag(false);
328
329 X509OpensslMock::SetMockFlag(true);
330 certMatchParameters.minPathLenConstraint = 2;
331 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext(_, _))
332 .WillOnce(Return(nullptr))
333 .WillRepeatedly(Invoke(__real_X509_get_ext));
334 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
335 EXPECT_EQ(ret, CF_SUCCESS);
336 EXPECT_EQ(bResult, false);
337 X509OpensslMock::SetMockFlag(false);
338 }
339
340 HWTEST_F(CryptoX509CertificateTestPart3, CompareExtendedKeyUsageTest001, TestSize.Level0)
341 {
342 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
343 bool bResult = true;
344 CfResult ret;
345 HcfX509CertMatchParams certMatchParameters = { 0 };
346
347 certMatchParameters.extendedKeyUsage = constructExtendedKeyUsageData();
348 EXPECT_NE(certMatchParameters.extendedKeyUsage, nullptr);
349
350 certMatchParameters.minPathLenConstraint = -1;
351
352 // todo add failed case bResult = true
353 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
354 EXPECT_EQ(ret, CF_SUCCESS);
355 EXPECT_EQ(bResult, true);
356
357 // todo add failed case ret != CF_SUCCESS
358 SetMockFlag(true);
359 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
360 EXPECT_EQ(ret, CF_ERR_MALLOC);
361 SetMockFlag(false);
362
363 // test IsSubset failed case
364 certMatchParameters.extendedKeyUsage->data[0].size -= 1;
365 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
366 EXPECT_EQ(ret, CF_SUCCESS);
367 EXPECT_EQ(bResult, false);
368
369 CfFree(certMatchParameters.extendedKeyUsage->data);
370 CfFree(certMatchParameters.extendedKeyUsage);
371 }
372
373 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest000, TestSize.Level0)
374 {
375 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
376 bool bResult = true;
377
378 HcfX509CertMatchParams certMatchParameters = { 0 };
379
380 CfBlob blob;
381 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
382 blob.size = sizeof(g_testNameConstraints);
383 certMatchParameters.nameConstraints = &blob;
384
385 CfResult ret =
386 g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
387 EXPECT_EQ(ret, CF_SUCCESS);
388 EXPECT_EQ(bResult, false);
389
390 certMatchParameters.minPathLenConstraint = -1;
391 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
392 EXPECT_EQ(ret, CF_SUCCESS);
393 EXPECT_EQ(bResult, true);
394
395 // test CompareNameConstraintsX509Openssl failed case
396 // GEN_OTHERNAME
397 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
398 EXPECT_NE(tree, nullptr);
399 tree->base = GENERAL_NAME_new();
400 EXPECT_NE(tree->base, nullptr);
401 tree->base->type = GEN_OTHERNAME;
402 tree->base->d.otherName = OTHERNAME_new();
403
404 X509OpensslMock::SetMockFlag(true);
405 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _))
406 .WillOnce(Return(tree))
407 .WillRepeatedly(Invoke(__real_OPENSSL_sk_value));
408 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
409 EXPECT_EQ(ret, CF_SUCCESS);
410 EXPECT_EQ(bResult, false);
411 X509OpensslMock::SetMockFlag(false);
412 OTHERNAME_free(tree->base->d.otherName);
413 tree->base->d.otherName = nullptr;
414 GENERAL_NAME_free(tree->base);
415 tree->base = nullptr;
416 GENERAL_SUBTREE_free(tree);
417 }
418
419 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest001, TestSize.Level0)
420 {
421 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
422 bool bResult = true;
423
424 HcfX509CertMatchParams certMatchParameters = { 0 };
425
426 CfBlob blob;
427 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
428 blob.size = sizeof(g_testNameConstraints);
429 certMatchParameters.nameConstraints = &blob;
430
431 CfResult ret =
432 g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
433 EXPECT_EQ(ret, CF_SUCCESS);
434 EXPECT_EQ(bResult, false);
435
436 certMatchParameters.minPathLenConstraint = -1;
437 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
438 EXPECT_EQ(ret, CF_SUCCESS);
439 EXPECT_EQ(bResult, true);
440
441 // GEN_X400
442 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
443 EXPECT_NE(tree, nullptr);
444 tree->base = GENERAL_NAME_new();
445 EXPECT_NE(tree->base, nullptr);
446 tree->base->type = GEN_X400;
447 tree->base->d.x400Address = ASN1_STRING_new();
448
449 X509OpensslMock::SetMockFlag(true);
450 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _))
451 .WillOnce(Return(tree))
452 .WillRepeatedly(Invoke(__real_OPENSSL_sk_value));
453 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
454 EXPECT_EQ(ret, CF_SUCCESS);
455 EXPECT_EQ(bResult, false);
456 X509OpensslMock::SetMockFlag(false);
457 ASN1_STRING_free(tree->base->d.x400Address);
458 tree->base->d.x400Address = nullptr;
459 GENERAL_NAME_free(tree->base);
460 tree->base = nullptr;
461 GENERAL_SUBTREE_free(tree);
462 }
463
464 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest002, TestSize.Level0)
465 {
466 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
467 bool bResult = true;
468
469 HcfX509CertMatchParams certMatchParameters = { 0 };
470
471 CfBlob blob;
472 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
473 blob.size = sizeof(g_testNameConstraints);
474 certMatchParameters.nameConstraints = &blob;
475
476 // GEN_IPADD
477 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
478 EXPECT_NE(tree, nullptr);
479 tree->base = GENERAL_NAME_new();
480 EXPECT_NE(tree->base, nullptr);
481 tree->base->type = GEN_IPADD;
482 tree->base->d.ip = ASN1_OCTET_STRING_new();
483 blob.data = const_cast<uint8_t *>(g_testNameConstraintsIPADDR);
484 blob.size = sizeof(g_testNameConstraintsIPADDR);
485
486 X509OpensslMock::SetMockFlag(true);
487 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _)).WillRepeatedly(Return(tree));
488 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
489 EXPECT_EQ(ret, CF_SUCCESS);
490 EXPECT_EQ(bResult, false);
491 X509OpensslMock::SetMockFlag(false);
492 ASN1_OCTET_STRING_free(tree->base->d.ip);
493 tree->base->d.ip = nullptr;
494 GENERAL_NAME_free(tree->base);
495 tree->base = nullptr;
496 GENERAL_SUBTREE_free(tree);
497 }
498
499 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest003, TestSize.Level0)
500 {
501 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
502 bool bResult = true;
503
504 HcfX509CertMatchParams certMatchParameters = { 0 };
505
506 CfBlob blob;
507 blob.data = const_cast<uint8_t *>(g_testNameConstraintsEDIParty);
508 blob.size = sizeof(g_testNameConstraintsEDIParty);
509 certMatchParameters.nameConstraints = &blob;
510
511 // GEN_EDIPARTY g_testNameConstraintsEDIPartyInvalid
512 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
513 EXPECT_NE(tree, nullptr);
514 tree->base = GENERAL_NAME_new();
515 EXPECT_NE(tree->base, nullptr);
516 tree->base->type = GEN_EDIPARTY;
517 tree->base->d.ediPartyName = EDIPARTYNAME_new();
518
519 X509OpensslMock::SetMockFlag(true);
520 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _)).WillRepeatedly(Return(tree));
521 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
522 EXPECT_EQ(ret, CF_SUCCESS);
523 EXPECT_EQ(bResult, false);
524 X509OpensslMock::SetMockFlag(false);
525 EDIPARTYNAME_free(tree->base->d.ediPartyName);
526 tree->base->d.ediPartyName = nullptr;
527 GENERAL_NAME_free(tree->base);
528 tree->base = nullptr;
529 GENERAL_SUBTREE_free(tree);
530
531 tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
532 EXPECT_NE(tree, nullptr);
533 tree->base = GENERAL_NAME_new();
534 EXPECT_NE(tree->base, nullptr);
535 tree->base->type = GEN_EDIPARTY;
536 tree->base->d.ediPartyName = EDIPARTYNAME_new();
537 blob.data = const_cast<uint8_t *>(g_testNameConstraintsEDIPartyInvalid);
538 blob.size = sizeof(g_testNameConstraintsEDIPartyInvalid);
539
540 X509OpensslMock::SetMockFlag(true);
541 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _)).WillRepeatedly(Return(tree));
542 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
543 EXPECT_EQ(ret, CF_SUCCESS);
544 EXPECT_EQ(bResult, false);
545 X509OpensslMock::SetMockFlag(false);
546 EDIPARTYNAME_free(tree->base->d.ediPartyName);
547 tree->base->d.ediPartyName = nullptr;
548 GENERAL_NAME_free(tree->base);
549 tree->base = nullptr;
550 GENERAL_SUBTREE_free(tree);
551 }
552
553 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest004, TestSize.Level0)
554 {
555 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
556 bool bResult = true;
557
558 HcfX509CertMatchParams certMatchParameters = { 0 };
559
560 CfBlob blob;
561 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
562 blob.size = sizeof(g_testNameConstraints);
563 certMatchParameters.nameConstraints = &blob;
564
565 CfResult ret;
566
567 // GEN_DIRNAME
568 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
569 EXPECT_NE(tree, nullptr);
570 tree->base = GENERAL_NAME_new();
571 EXPECT_NE(tree->base, nullptr);
572 tree->base->type = GEN_DIRNAME;
573 tree->base->d.directoryName = X509_NAME_new();
574
575 X509OpensslMock::SetMockFlag(true);
576 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _)).WillRepeatedly(Return(tree));
577 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
578 EXPECT_EQ(ret, CF_SUCCESS);
579 EXPECT_EQ(bResult, false);
580 X509OpensslMock::SetMockFlag(false);
581 X509_NAME_free(tree->base->d.directoryName);
582 tree->base->d.directoryName = nullptr;
583 GENERAL_NAME_free(tree->base);
584 tree->base = nullptr;
585 GENERAL_SUBTREE_free(tree);
586
587 // GEN_RID
588 tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
589 EXPECT_NE(tree, nullptr);
590 tree->base = GENERAL_NAME_new();
591 EXPECT_NE(tree->base, nullptr);
592 tree->base->type = GEN_RID;
593 tree->base->d.registeredID = ASN1_OBJECT_new();
594
595 X509OpensslMock::SetMockFlag(true);
596 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
597 EXPECT_EQ(ret, CF_SUCCESS);
598 EXPECT_EQ(bResult, false);
599 X509OpensslMock::SetMockFlag(false);
600 ASN1_OBJECT_free(tree->base->d.registeredID);
601 tree->base->d.registeredID = nullptr;
602 GENERAL_NAME_free(tree->base);
603 tree->base = nullptr;
604 GENERAL_SUBTREE_free(tree);
605 }
606
607 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest005, TestSize.Level0)
608 {
609 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
610 bool bResult = true;
611
612 HcfX509CertMatchParams certMatchParameters = { 0 };
613
614 CfBlob blob;
615 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
616 blob.size = sizeof(g_testNameConstraints);
617 certMatchParameters.nameConstraints = &blob;
618
619 CfResult ret;
620
621 X509OpensslMock::SetMockFlag(true);
622 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _)).WillRepeatedly(Return(nullptr));
623 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
624 EXPECT_EQ(ret, CF_SUCCESS);
625 EXPECT_EQ(bResult, false);
626 X509OpensslMock::SetMockFlag(false);
627
628 NAME_CONSTRAINTS *nc = NAME_CONSTRAINTS_new();
629 EXPECT_NE(nc, nullptr);
630 X509OpensslMock::SetMockFlag(true);
631 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _)).WillRepeatedly(Return(nc));
632 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
633 EXPECT_EQ(ret, CF_SUCCESS);
634 EXPECT_EQ(bResult, false);
635 X509OpensslMock::SetMockFlag(false);
636 NAME_CONSTRAINTS_free(nc);
637
638 nc = NAME_CONSTRAINTS_new();
639 EXPECT_NE(nc, nullptr);
640 nc->permittedSubtrees = sk_GENERAL_SUBTREE_new_null();
641 EXPECT_NE(nc, nullptr);
642 X509OpensslMock::SetMockFlag(true);
643 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
644 EXPECT_EQ(ret, CF_SUCCESS);
645 EXPECT_EQ(bResult, false);
646 X509OpensslMock::SetMockFlag(false);
647 NAME_CONSTRAINTS_free(nc);
648 }
649
650 HWTEST_F(CryptoX509CertificateTestPart3, CompareCertPolicyTest001, TestSize.Level0)
651 {
652 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
653 bool bResult = true;
654
655 HcfX509CertMatchParams matchParams = { 0 };
656 matchParams.certPolicy = ConstructCertPolicyData();
657 EXPECT_NE(matchParams.certPolicy, nullptr);
658 SetMockFlag(true);
659 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &matchParams, &bResult);
660 EXPECT_EQ(ret, CF_SUCCESS);
661 SetMockFlag(false);
662
663 CfFree(matchParams.certPolicy->data);
664 CfFree(matchParams.certPolicy);
665 }
666
667 HWTEST_F(CryptoX509CertificateTestPart3, CompareCertPolicyTest002, TestSize.Level0)
668 {
669 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
670 bool bResult = true;
671
672 HcfX509CertMatchParams certMatchParameters = { 0 };
673
674 certMatchParameters.certPolicy = ConstructCertPolicyData();
675
676 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
677 EXPECT_EQ(ret, CF_SUCCESS);
678 EXPECT_EQ(bResult, false);
679
680 // todo add failed case bResult = true
681 certMatchParameters.minPathLenConstraint = -1;
682 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
683 EXPECT_EQ(ret, CF_SUCCESS);
684 EXPECT_EQ(bResult, true);
685
686 // test IsSubset failed case
687 certMatchParameters.certPolicy->data[0].size -= 1;
688 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
689 EXPECT_EQ(ret, CF_SUCCESS);
690 EXPECT_EQ(bResult, false);
691
692 CfFree(certMatchParameters.certPolicy->data);
693 CfFree(certMatchParameters.certPolicy);
694 }
695
696 HWTEST_F(CryptoX509CertificateTestPart3, ComparePrivateKeyValidTest001, TestSize.Level0)
697 {
698 ASSERT_NE(g_testCertWithPrivateKeyValidObj, nullptr);
699 bool bResult = true;
700
701 HcfX509CertMatchParams certMatchParameters = { 0 };
702
703 CfBlob blob;
704 blob.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testPrivateKeyValid));
705 blob.size = strlen(g_testPrivateKeyValid) + 1;
706 certMatchParameters.privateKeyValid = &blob;
707
708 CfResult ret =
709 g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
710 EXPECT_EQ(ret, CF_SUCCESS);
711 EXPECT_EQ(bResult, false);
712
713 // todo add failed case bResult = true
714 certMatchParameters.minPathLenConstraint = -1;
715 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
716 EXPECT_EQ(ret, CF_SUCCESS);
717 EXPECT_EQ(bResult, true);
718
719 // test asn1TimeToStr failed case
720 X509OpensslMock::SetMockFlag(true);
721 PKEY_USAGE_PERIOD *pKeyValid = reinterpret_cast<PKEY_USAGE_PERIOD *>(CfMalloc(sizeof(PKEY_USAGE_PERIOD), 0));
722 EXPECT_NE(pKeyValid, nullptr);
723 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
724 .Times(AnyNumber())
725 .WillOnce(Return(pKeyValid));
726 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
727 EXPECT_EQ(ret, CF_SUCCESS);
728 EXPECT_EQ(bResult, false);
729 X509OpensslMock::SetMockFlag(false);
730
731 X509OpensslMock::SetMockFlag(true);
732 pKeyValid = reinterpret_cast<PKEY_USAGE_PERIOD *>(CfMalloc(sizeof(PKEY_USAGE_PERIOD), 0));
733 ASSERT_NE(pKeyValid, nullptr);
734 pKeyValid->notBefore = reinterpret_cast<ASN1_GENERALIZEDTIME *>(CfMalloc(sizeof(ASN1_GENERALIZEDTIME), 0));
735 ASSERT_NE(pKeyValid->notBefore, nullptr);
736 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
737 .Times(AnyNumber())
738 .WillOnce(Return(pKeyValid));
739 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
740 EXPECT_EQ(ret, CF_SUCCESS);
741 EXPECT_EQ(bResult, false);
742 X509OpensslMock::SetMockFlag(false);
743 }
744
745 HWTEST_F(CryptoX509CertificateTestPart3, ComparePrivateKeyValidTest002, TestSize.Level0)
746 {
747 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
748 bool bResult = true;
749
750 HcfX509CertMatchParams certMatchParameters = { 0 };
751
752 CfBlob blob;
753 blob.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testPrivateKeyInvalid));
754 blob.size = strlen(g_testPrivateKeyInvalid) + 1;
755 certMatchParameters.privateKeyValid = &blob;
756
757 CfResult ret;
758
759 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
760 EXPECT_EQ(ret, CF_SUCCESS);
761 EXPECT_EQ(bResult, false);
762
763 X509OpensslMock::SetMockFlag(true);
764 PKEY_USAGE_PERIOD *pKeyValid = reinterpret_cast<PKEY_USAGE_PERIOD *>(CfMalloc(sizeof(PKEY_USAGE_PERIOD), 0));
765 ASSERT_NE(pKeyValid, nullptr);
766 pKeyValid->notBefore = reinterpret_cast<ASN1_GENERALIZEDTIME *>(CfMalloc(sizeof(ASN1_GENERALIZEDTIME), 0));
767 ASSERT_NE(pKeyValid->notBefore, nullptr);
768 pKeyValid->notBefore->data = (unsigned char *)strdup(g_testPrivateKeyValid);
769 ASSERT_NE(pKeyValid->notBefore->data, nullptr);
770
771 pKeyValid->notBefore->length = strlen(g_testPrivateKeyValid);
772 pKeyValid->notAfter = nullptr;
773 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
774 .Times(AnyNumber())
775 .WillOnce(Return(pKeyValid));
776 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
777 EXPECT_EQ(ret, CF_SUCCESS);
778 EXPECT_EQ(bResult, false);
779 X509OpensslMock::SetMockFlag(false);
780
781 // test ComparePrivateKeyValidX509Openssl failed case
782 X509OpensslMock::SetMockFlag(true);
783 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _)).WillRepeatedly(Return(nullptr));
784 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
785 EXPECT_EQ(ret, CF_SUCCESS);
786 EXPECT_EQ(bResult, false);
787 X509OpensslMock::SetMockFlag(false);
788 CfFree(pKeyValid->notBefore->data);
789 pKeyValid->notBefore->data = nullptr;
790 CfFree(pKeyValid->notBefore);
791 pKeyValid->notBefore = nullptr;
792 CfFree(pKeyValid);
793 pKeyValid = nullptr;
794 }
795
796 HWTEST_F(CryptoX509CertificateTestPart3, CompareSubjectKeyIdentifierTest001, TestSize.Level0)
797 {
798 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
799 bool bResult = true;
800
801 HcfX509CertMatchParams certMatchParameters = { 0 };
802 CfBlob blob;
803
804 blob.data = const_cast<uint8_t *>(g_testIssuer);
805 blob.size = sizeof(g_testIssuer);
806 certMatchParameters.subjectKeyIdentifier = &blob;
807
808 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
809 EXPECT_EQ(ret, CF_SUCCESS);
810 EXPECT_EQ(bResult, false);
811
812 // todo add failed case bResult = true
813 certMatchParameters.minPathLenConstraint = -1;
814 blob.data = const_cast<uint8_t *>(g_testSubjectKeyIdentifier);
815 blob.size = sizeof(g_testSubjectKeyIdentifier);
816 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
817 EXPECT_EQ(ret, CF_SUCCESS);
818 EXPECT_EQ(bResult, true);
819
820 // test GetSubKeyIdDNX509Openssl failed case
821 X509OpensslMock::SetMockFlag(true);
822 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_ASN1_OCTET_STRING(_, _)).WillRepeatedly(Return(-1));
823 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
824 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
825 X509OpensslMock::SetMockFlag(false);
826
827 X509OpensslMock::SetMockFlag(true);
828 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _)).WillRepeatedly(Return(nullptr));
829 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
830 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
831 X509OpensslMock::SetMockFlag(false);
832
833 X509OpensslMock::SetMockFlag(true);
834 EXPECT_CALL(X509OpensslMock::GetInstance(), DeepCopyDataToBlob(_, _, _))
835 .Times(AnyNumber())
836 .WillOnce(Return(CF_INVALID_PARAMS));
837 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
838 EXPECT_EQ(ret, CF_INVALID_PARAMS);
839 X509OpensslMock::SetMockFlag(false);
840 }
841
842 HWTEST_F(CryptoX509CertificateTestPart3, ToStringTest001, TestSize.Level0)
843 {
844 CF_LOG_I("CryptoX509CertificateTestPart3 - ToStringTest001");
845 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
846
847 CfBlob blob = { 0, nullptr };
848 CfResult ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, &blob);
849 EXPECT_EQ(ret, CF_SUCCESS);
850 CfBlobDataFree(&blob);
851
852 HcfX509Certificate invalidCert;
853 invalidCert.base.base.getClass = GetInvalidCertClass;
854
855 ret = g_x509CertExtAttrObj->toString(&invalidCert, &blob);
856 EXPECT_EQ(ret, CF_INVALID_PARAMS);
857
858 ret = g_x509CertExtAttrObj->toString(NULL, &blob);
859 EXPECT_EQ(ret, CF_INVALID_PARAMS);
860
861 ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, NULL);
862 EXPECT_EQ(ret, CF_INVALID_PARAMS);
863
864 ret = g_x509CertExtAttrObj->toString(NULL, NULL);
865 EXPECT_EQ(ret, CF_INVALID_PARAMS);
866
867 X509OpensslMock::SetMockFlag(true);
868 EXPECT_CALL(X509OpensslMock::GetInstance(), BIO_new(_))
869 .WillOnce(Return(nullptr))
870 .WillRepeatedly(Invoke(__real_BIO_new));
871 ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, &blob);
872 EXPECT_EQ(ret, CF_ERR_MALLOC);
873 X509OpensslMock::SetMockFlag(false);
874
875 X509OpensslMock::SetMockFlag(true);
876 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_print(_, _))
877 .WillOnce(Return(-1))
878 .WillRepeatedly(Invoke(__real_X509_print));
879 ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, &blob);
880 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
881 X509OpensslMock::SetMockFlag(false);
882
883 X509OpensslMock::SetMockFlag(true);
884 EXPECT_CALL(X509OpensslMock::GetInstance(), BIO_ctrl(_, _, _, _)).WillRepeatedly(Return(0));
885 ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, &blob);
886 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
887 X509OpensslMock::SetMockFlag(false);
888 }
889
890 HWTEST_F(CryptoX509CertificateTestPart3, HashCodeTest001, TestSize.Level0)
891 {
892 CF_LOG_I("CryptoX509CertificateTestPart3 - HashCodeTest001");
893 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
894
895 CfBlob blob = { 0, nullptr };
896 CfResult ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, &blob);
897 EXPECT_EQ(ret, CF_SUCCESS);
898 CfBlobDataFree(&blob);
899
900 SetMockFlag(true);
901 ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, &blob);
902 EXPECT_EQ(ret, CF_ERR_MALLOC);
903 SetMockFlag(false);
904
905 X509OpensslMock::SetMockFlag(true);
906 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_X509(_, _)).WillRepeatedly(Return(-1));
907 ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, &blob);
908 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
909 X509OpensslMock::SetMockFlag(false);
910
911 X509OpensslMock::SetMockFlag(true);
912 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_X509(_, _)).WillRepeatedly(Return(0));
913 ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, &blob);
914 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
915 X509OpensslMock::SetMockFlag(false);
916
917 HcfX509Certificate invalidCert;
918 invalidCert.base.base.getClass = GetInvalidCertClass;
919
920 ret = g_x509CertExtAttrObj->hashCode(&invalidCert, &blob);
921 EXPECT_EQ(ret, CF_INVALID_PARAMS);
922
923 ret = g_x509CertExtAttrObj->hashCode(NULL, &blob);
924 EXPECT_EQ(ret, CF_INVALID_PARAMS);
925
926 ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, NULL);
927 EXPECT_EQ(ret, CF_INVALID_PARAMS);
928
929 ret = g_x509CertExtAttrObj->hashCode(NULL, NULL);
930 EXPECT_EQ(ret, CF_INVALID_PARAMS);
931 }
932
933 HWTEST_F(CryptoX509CertificateTestPart3, GetExtensionsObjectTest001, TestSize.Level0)
934 {
935 CF_LOG_I("CryptoX509CertificateTestPart3 - GetExtensionsObjectTest001");
936 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
937
938 CfBlob blob = { 0, nullptr };
939 CfResult ret = g_x509CertExtAttrObj->getExtensionsObject(g_x509CertExtAttrObj, &blob);
940 EXPECT_EQ(ret, CF_SUCCESS);
941 CfBlobDataFree(&blob);
942
943 X509OpensslMock::SetMockFlag(true);
944 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_X509_EXTENSIONS(_, _)).WillRepeatedly(Return(-1));
945 ret = g_x509CertExtAttrObj->getExtensionsObject(g_x509CertExtAttrObj, &blob);
946 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
947 X509OpensslMock::SetMockFlag(false);
948
949 HcfX509Certificate invalidCert;
950 invalidCert.base.base.getClass = GetInvalidCertClass;
951
952 ret = g_x509CertExtAttrObj->getExtensionsObject(&invalidCert, &blob);
953 EXPECT_EQ(ret, CF_INVALID_PARAMS);
954
955 ret = g_x509CertExtAttrObj->getExtensionsObject(NULL, &blob);
956 EXPECT_EQ(ret, CF_INVALID_PARAMS);
957
958 ret = g_x509CertExtAttrObj->getExtensionsObject(g_x509CertExtAttrObj, NULL);
959 EXPECT_EQ(ret, CF_INVALID_PARAMS);
960
961 ret = g_x509CertExtAttrObj->getExtensionsObject(NULL, NULL);
962 EXPECT_EQ(ret, CF_INVALID_PARAMS);
963 }
964
965 } // namespace
966