1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ASNY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "huks_warpped_test.h"
17
18 #include <gtest/gtest.h>
19
20 #include "huks_mem.h"
21 #include "huks_three_stage_test_common.h"
22 #include "huks_wrapped_test_common.h"
23 #include "native_huks_type.h"
24
25 using namespace testing::ext;
26 namespace Unittest::ImportWrapped
27 {
28 class HuksImportWrappedX25519Test : public testing::Test
29 {
30 public:
31 static void SetUpTestCase(void);
32
33 static void TearDownTestCase(void);
34
35 void SetUp();
36
37 void TearDown();
38 };
39
SetUpTestCase(void)40 void HuksImportWrappedX25519Test::SetUpTestCase(void) {}
41
TearDownTestCase(void)42 void HuksImportWrappedX25519Test::TearDownTestCase(void) {}
43
SetUp()44 void HuksImportWrappedX25519Test::SetUp() {}
45
TearDown()46 void HuksImportWrappedX25519Test::TearDown() {}
47
48 struct TestImportKeyData {
49 struct OH_Huks_Blob x509PublicKey;
50 struct OH_Huks_Blob publicOrXData;
51 struct OH_Huks_Blob privateOrYData;
52 struct OH_Huks_Blob zData;
53 };
54
55 static struct OH_Huks_Blob g_wrappingKeyAliasAes256 = {.size = strlen("test_wrappingKey_x25519_aes256"),
56 .data = (uint8_t *)"test_wrappingKey_x25519_aes256"};
57
58 static struct OH_Huks_Blob g_callerKeyAliasAes256 = {.size = strlen("test_caller_key_x25519_aes256"),
59 .data = (uint8_t *)"test_caller_key_x25519_aes256"};
60
61 static struct OH_Huks_Blob g_callerKekAliasAes256 = {.size = strlen("test_caller_kek_x25519_aes256"),
62 .data = (uint8_t *)"test_caller_kek_x25519_aes256"};
63
64 static struct OH_Huks_Blob g_callerAes256Kek = {.size = strlen("This is kek to encrypt plain key"),
65 .data = (uint8_t *)"This is kek to encrypt plain key"};
66
67 static struct OH_Huks_Blob g_callerAgreeKeyAliasAes256 = {.size = strlen("test_caller_agree_key_x25519_aes256"),
68 .data = (uint8_t *)"test_caller_agree_key_x25519_aes256"};
69
70 static struct OH_Huks_Blob g_importedKeyAliasAes256 = {.size = strlen("test_import_key_x25519_aes256"),
71 .data = (uint8_t *)"test_import_key_x25519_aes256"};
72
73 static struct OH_Huks_Blob g_importedAes256PlainKey = {.size = strlen("This is plain key to be imported"),
74 .data = (uint8_t *)"This is plain key to be imported"};
75
76 static struct OH_Huks_Param g_importWrappedAes256Params[] = {
77 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_AES},
78 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_ENCRYPT | OH_HUKS_KEY_PURPOSE_DECRYPT},
79 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_AES_KEY_SIZE_256},
80 {.tag = OH_HUKS_TAG_PADDING, .uint32Param = OH_HUKS_PADDING_NONE},
81 {.tag = OH_HUKS_TAG_BLOCK_MODE, .uint32Param = OH_HUKS_MODE_GCM},
82 {.tag = OH_HUKS_TAG_DIGEST, .uint32Param = OH_HUKS_DIGEST_NONE},
83 {.tag = OH_HUKS_TAG_UNWRAP_ALGORITHM_SUITE, .uint32Param = OH_HUKS_UNWRAP_SUITE_X25519_AES_256_GCM_NOPADDING},
84 {.tag = OH_HUKS_TAG_ASSOCIATED_DATA,
85 .blob = {.size = Unittest::ImportWrapped::AAD_SIZE, .data = (uint8_t *)Unittest::ImportWrapped::AAD}},
86 {.tag = OH_HUKS_TAG_NONCE,
87 .blob = {.size = Unittest::ImportWrapped::NONCE_SIZE, .data = (uint8_t *)Unittest::ImportWrapped::NONCE}},
88 {.tag = OH_HUKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = OH_HUKS_AUTH_STORAGE_LEVEL_DE}};
89
90 static char g_agreeKeyAlgName[] = "X25519";
91
92 static struct OH_Huks_Blob g_agreeKeyAlgNameBlob = {.size = sizeof(g_agreeKeyAlgName),
93 .data = (uint8_t *)g_agreeKeyAlgName};
94
95 static const uint32_t g_x25519PubKeySize = 32;
96
97 static struct OH_Huks_Param g_genWrappingKeyParams[] = {
98 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_X25519},
99 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_UNWRAP},
100 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_CURVE25519_KEY_SIZE_256},
101 {.tag = OH_HUKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = OH_HUKS_AUTH_STORAGE_LEVEL_DE}};
102
103 static struct OH_Huks_Param g_genCallerX25519Params[] = {
104 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_X25519},
105 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_AGREE},
106 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_CURVE25519_KEY_SIZE_256},
107 {.tag = OH_HUKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = OH_HUKS_AUTH_STORAGE_LEVEL_DE}};
108
109 static struct OH_Huks_Param g_importParamsCallerKek[] = {
110 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_AES},
111 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_ENCRYPT},
112 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_AES_KEY_SIZE_256},
113 {.tag = OH_HUKS_TAG_PADDING, .uint32Param = OH_HUKS_PADDING_NONE},
114 {.tag = OH_HUKS_TAG_BLOCK_MODE, .uint32Param = OH_HUKS_MODE_GCM},
115 {.tag = OH_HUKS_TAG_DIGEST, .uint32Param = OH_HUKS_DIGEST_NONE},
116 {.tag = OH_HUKS_TAG_IV,
117 .blob = {.size = Unittest::ImportWrapped::IV_SIZE, .data = (uint8_t *)Unittest::ImportWrapped::IV}},
118 {.tag = OH_HUKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = OH_HUKS_AUTH_STORAGE_LEVEL_DE}};
119
120 static struct OH_Huks_Param g_callerAgreeParams[] = {
121 {.tag = OH_HUKS_TAG_ALGORITHM, .uint32Param = OH_HUKS_ALG_X25519},
122 {.tag = OH_HUKS_TAG_PURPOSE, .uint32Param = OH_HUKS_KEY_PURPOSE_AGREE},
123 {.tag = OH_HUKS_TAG_KEY_SIZE, .uint32Param = OH_HUKS_CURVE25519_KEY_SIZE_256},
124 {.tag = OH_HUKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = OH_HUKS_AUTH_STORAGE_LEVEL_DE}};
125
InitCommonTestParamsAndDoImport(struct HksImportWrappedKeyTestParams * importWrappedKeyTestParams,const struct OH_Huks_Param * importedKeyParamSetArray,uint32_t arraySize)126 static void InitCommonTestParamsAndDoImport(struct HksImportWrappedKeyTestParams *importWrappedKeyTestParams,
127 const struct OH_Huks_Param *importedKeyParamSetArray, uint32_t arraySize)
128 {
129 importWrappedKeyTestParams->agreeKeyAlgName = &g_agreeKeyAlgNameBlob;
130
131 struct OH_Huks_ParamSet *genX25519KeyParamSet = nullptr;
132 OH_Huks_Result ret = InitParamSet(&genX25519KeyParamSet, g_genWrappingKeyParams,
133 sizeof(g_genWrappingKeyParams) / sizeof(OH_Huks_Param));
134 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(gen huks x25519) failed.";
135 importWrappedKeyTestParams->genWrappingKeyParamSet = genX25519KeyParamSet;
136 importWrappedKeyTestParams->publicKeySize = g_x25519PubKeySize;
137
138 struct OH_Huks_ParamSet *genCallerKeyParamSet = nullptr;
139 ret = InitParamSet(&genCallerKeyParamSet, g_genCallerX25519Params,
140 sizeof(g_genCallerX25519Params) / sizeof(OH_Huks_Param));
141 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(gen caller x25519) failed.";
142 importWrappedKeyTestParams->genCallerKeyParamSet = genCallerKeyParamSet;
143
144 struct OH_Huks_ParamSet *callerImportParamsKek = nullptr;
145 ret = InitParamSet(&callerImportParamsKek, g_importParamsCallerKek,
146 sizeof(g_importParamsCallerKek) / sizeof(OH_Huks_Param));
147 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(import call kek) failed.";
148 importWrappedKeyTestParams->importCallerKekParamSet = callerImportParamsKek;
149
150 struct OH_Huks_ParamSet *agreeParamSet = nullptr;
151 ret = InitParamSet(&agreeParamSet, g_callerAgreeParams, sizeof(g_callerAgreeParams) / sizeof(OH_Huks_Param));
152 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(agreeParamSet) failed.";
153 importWrappedKeyTestParams->agreeParamSet = agreeParamSet;
154
155 struct OH_Huks_ParamSet *importPlainKeyParams = nullptr;
156 ret = InitParamSet(&importPlainKeyParams, importedKeyParamSetArray, arraySize);
157 EXPECT_EQ(ret.errorCode, (int32_t)OH_HUKS_SUCCESS) << "InitParamSet(import plain key) failed.";
158 importWrappedKeyTestParams->importWrappedKeyParamSet = importPlainKeyParams;
159
160 HksImportWrappedKeyTestCommonCase(importWrappedKeyTestParams);
161 HksClearKeysForWrappedKeyTest(importWrappedKeyTestParams);
162
163 OH_Huks_FreeParamSet(&genX25519KeyParamSet);
164 OH_Huks_FreeParamSet(&genCallerKeyParamSet);
165 OH_Huks_FreeParamSet(&callerImportParamsKek);
166 OH_Huks_FreeParamSet(&importPlainKeyParams);
167 }
168
169 /**
170 * @tc.name: HuksImportWrappedX25519Test.Security_HUKS_NAPI_Wrapped_0100
171 * @tc.desc: Test import wrapped aes256-gcm-no_padding key including generate&export x25519 key, generate kek,
172 * agree, encrypt, of which generate kek, agree, encrypt should done by caller self.
173 * @tc.type: FUNC
174 */
175 HWTEST_F(HuksImportWrappedX25519Test, Security_HUKS_NAPI_Wrapped_0100, TestSize.Level0)
176 {
177 struct HksImportWrappedKeyTestParams importWrappedKeyTestParams001 = {0};
178
179 importWrappedKeyTestParams001.wrappingKeyAlias = &g_wrappingKeyAliasAes256;
180 importWrappedKeyTestParams001.keyMaterialLen = g_importedAes256PlainKey.size;
181 importWrappedKeyTestParams001.callerKeyAlias = &g_callerKeyAliasAes256;
182 importWrappedKeyTestParams001.callerKekAlias = &g_callerKekAliasAes256;
183 importWrappedKeyTestParams001.callerKek = &g_callerAes256Kek;
184 importWrappedKeyTestParams001.callerAgreeKeyAlias = &g_callerAgreeKeyAliasAes256;
185 importWrappedKeyTestParams001.importedKeyAlias = &g_importedKeyAliasAes256;
186 importWrappedKeyTestParams001.importedPlainKey = &g_importedAes256PlainKey;
187 InitCommonTestParamsAndDoImport(&importWrappedKeyTestParams001, g_importWrappedAes256Params,
188 sizeof(g_importWrappedAes256Params) / sizeof(struct OH_Huks_Param));
189 }
190 } // namespace Unittest::ImportWrapped
191