1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 use std::{
17 ffi::{c_char, CString},
18 ptr::null,
19 };
20
21 use asset_common::{CallingInfo, OwnerType};
22 use asset_crypto_manager::{crypto::*, crypto_manager::*, secret_key::*};
23 use asset_definition::{Accessibility, AuthType, ErrCode};
24
25 pub const AAD_SIZE: u32 = 8;
26
27 #[repr(C)]
28 struct TokenInfoParams {
29 dcaps_num: i32,
30 perms_num: i32,
31 acls_num: i32,
32 dcaps: *const *const c_char,
33 perms: *const *const c_char,
34 acls: *const *const c_char,
35 process_name: *const c_char,
36 apl_str: *const c_char,
37 }
38
39 extern "C" {
GetAccessTokenId(token_info: *mut TokenInfoParams) -> u6440 fn GetAccessTokenId(token_info: *mut TokenInfoParams) -> u64;
SetSelfTokenID(token_id: u64) -> i3241 fn SetSelfTokenID(token_id: u64) -> i32;
42 }
43
44 /// Init access token ID for current process
grant_self_permission() -> i3245 fn grant_self_permission() -> i32 {
46 let perms_str = CString::new("ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS").unwrap();
47 let name = CString::new("asset_bin_test").unwrap();
48 let apl = CString::new("system_basic").unwrap();
49 let mut param = TokenInfoParams {
50 dcaps_num: 0,
51 perms_num: 1,
52 acls_num: 0,
53 dcaps: null(),
54 perms: &perms_str.as_ptr(),
55 acls: null(),
56 process_name: name.as_ptr(),
57 apl_str: apl.as_ptr(),
58 };
59
60 unsafe {
61 let token_id = GetAccessTokenId(&mut param as *mut TokenInfoParams);
62 SetSelfTokenID(token_id)
63 }
64 }
65
66 #[test]
generate_and_delete()67 fn generate_and_delete() {
68 assert_eq!(0, grant_self_permission());
69 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2'], None);
70 let secret_key =
71 SecretKey::new_without_alias(&calling_info, AuthType::None, Accessibility::DevicePowerOn, false).unwrap();
72 secret_key.generate().unwrap();
73 secret_key.exists().unwrap();
74 let _ = SecretKey::delete_by_owner(&calling_info);
75 assert!(secret_key.delete().is_ok())
76 }
77
78 #[test]
encrypt_and_decrypt()79 fn encrypt_and_decrypt() {
80 assert_eq!(0, grant_self_permission());
81 // generate key
82 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2'], None);
83 let secret_key =
84 SecretKey::new_without_alias(&calling_info, AuthType::None, Accessibility::DevicePowerOn, false).unwrap();
85 secret_key.generate().unwrap();
86
87 // encrypt data
88 let msg = vec![1, 2, 3, 4, 5, 6];
89 let aad = vec![0; AAD_SIZE as usize];
90 let cipher = Crypto::encrypt(&secret_key, &msg, &aad).unwrap();
91 assert!(!cipher.eq(&msg));
92
93 // decrypt data
94 let plaintext = Crypto::decrypt(&secret_key, &cipher, &aad).unwrap();
95 assert!(plaintext.eq(&msg));
96
97 // delete key
98 let _ = secret_key.delete();
99 }
100
101 #[test]
crypto_init()102 fn crypto_init() {
103 assert_eq!(0, grant_self_permission());
104 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2'], None);
105 let secret_key =
106 SecretKey::new_without_alias(&calling_info, AuthType::Any, Accessibility::DevicePowerOn, false).unwrap();
107 secret_key.generate().unwrap();
108
109 let mut crypto = Crypto::build(secret_key.clone(), calling_info, 600).unwrap();
110 crypto.init_key().unwrap();
111 let _ = secret_key.delete();
112 }
113
114 #[test]
crypto_exec()115 fn crypto_exec() {
116 assert_eq!(0, grant_self_permission());
117 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2'], None);
118 let secret_key =
119 SecretKey::new_without_alias(&calling_info, AuthType::Any, Accessibility::DevicePowerOn, false).unwrap();
120 secret_key.generate().unwrap();
121
122 let msg = vec![1, 2, 3, 4, 5, 6];
123 let aad = vec![0; AAD_SIZE as usize];
124 let cipher = Crypto::encrypt(&secret_key, &msg, &aad).unwrap();
125 let mut crypto = Crypto::build(secret_key.clone(), calling_info, 600).unwrap();
126 crypto.init_key().unwrap();
127
128 let authtoken = vec![0; 1024];
129 assert!(crypto.exec_crypt(&cipher, &aad, &authtoken).is_err());
130
131 let authtoken2 = vec![0; 1];
132 assert!(crypto.exec_crypt(&cipher, &aad, &authtoken2).is_err());
133 let _ = secret_key.delete();
134 }
135
136 #[test]
crypto_manager()137 fn crypto_manager() {
138 assert_eq!(0, grant_self_permission());
139 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2'], None);
140 let secret_key1 =
141 SecretKey::new_without_alias(&calling_info, AuthType::Any, Accessibility::DevicePowerOn, false).unwrap();
142 secret_key1.generate().unwrap();
143 let mut crypto1 = Crypto::build(secret_key1.clone(), calling_info.clone(), 600).unwrap();
144 let challenge1 = crypto1.init_key().unwrap().clone();
145
146 let secret_key2 =
147 SecretKey::new_without_alias(&calling_info, AuthType::Any, Accessibility::DevicePowerOn, false).unwrap();
148 secret_key2.generate().unwrap();
149 let mut crypto2 = Crypto::build(secret_key2.clone(), calling_info.clone(), 600).unwrap();
150 let challenge2 = crypto2.init_key().unwrap().clone();
151
152 let arc_crypto_manager = CryptoManager::get_instance();
153 let mut crypto_manager = arc_crypto_manager.lock().unwrap();
154 crypto_manager.add(crypto1).unwrap();
155 crypto_manager.add(crypto2).unwrap();
156
157 let calling_info_2 = CallingInfo::new(0, OwnerType::Native, vec![b'3'], None);
158 crypto_manager.find(&calling_info, &challenge1).unwrap();
159 crypto_manager.find(&calling_info, &challenge2).unwrap();
160 assert_eq!(ErrCode::NotFound, crypto_manager.find(&calling_info_2, &challenge2).err().unwrap().code);
161
162 crypto_manager.remove(&calling_info, &challenge1);
163 crypto_manager.remove(&calling_info_2, &challenge2);
164 crypto_manager.find(&calling_info, &challenge2).unwrap();
165 crypto_manager.remove(&calling_info, &challenge2);
166 assert_eq!(ErrCode::NotFound, crypto_manager.find(&calling_info, &challenge2).err().unwrap().code);
167
168 crypto_manager.remove_need_device_unlocked();
169
170 let _ = secret_key1.delete();
171 let _ = secret_key2.delete();
172 }
173