1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <cstdio>
17 #include <cstring>
18 #include <fcntl.h>
19 #include <gtest/gtest.h>
20 #include <sys/ioctl.h>
21 #include <sys/types.h>
22 #include <ctime>
23 #include <unistd.h>
24
25 #include "cert_path.h"
26 #include "selinux/selinux.h"
27
28 namespace OHOS {
29 namespace Security {
30 namespace CodeSign {
31 using namespace std;
32 using namespace testing::ext;
33
34 static const uint32_t MAX_CERT_CHAIN = 3;
35 static const uint32_t CERT_PATH_TYPE = 0x103;
36 static const uint32_t GREATER_THAN_MAX_CERT_CHAIN = 4;
37 static const uint32_t LESS_THAN_MIN_CERT_CHAIN = -1;
38
39 static const string DEV_NAME = "/dev/code_sign";
40 static const string TEST_SUBJECT = "OpenHarmony Application Release";
41 static const string TEST_ISSUER = "OpenHarmony Application CA";
42 static const string KEY_ENABLE_CTX = "u:r:key_enable:s0";
43 static const string FAKE_SUBJECT = "Fake subject";
44 static const string FAKE_ISSUER = "Fake issuer";
45 static const string TEST_APP_ID = "6918688064123613841";
46 static const string EMPTY_APP_ID = "";
47 static const string SUBJECT_AS_SYSTEM_TYPE = "System subject";
48 static const string ISSUER_AS_SYSTEM_TYPE = "System issuer";
49
50 class AddCertPathTest : public testing::Test {
51 public:
AddCertPathTest()52 AddCertPathTest() {};
~AddCertPathTest()53 virtual ~AddCertPathTest() {};
SetUpTestCase()54 static void SetUpTestCase() {};
TearDownTestCase()55 static void TearDownTestCase() {};
SetUp()56 void SetUp() {};
TearDown()57 void TearDown() {};
58 };
59
MakeCertPathInfo(const char * signing,const char * issuer,const char * app_id,uint32_t max_cert_chain,uint32_t cert_path_type)60 static CertPathInfo MakeCertPathInfo(const char *signing, const char *issuer, const char *app_id,
61 uint32_t max_cert_chain, uint32_t cert_path_type)
62 {
63 CertPathInfo arg = { 0 };
64 arg.signing = reinterpret_cast<uint64_t>(signing);
65 arg.issuer = reinterpret_cast<uint64_t>(issuer);
66 arg.app_id = reinterpret_cast<uint64_t>(app_id);
67 arg.signing_length = strlen(signing);
68 arg.issuer_length = strlen(issuer);
69 arg.app_id_length = strlen(app_id);
70 arg.path_len = max_cert_chain;
71 arg.path_type = cert_path_type;
72 return arg;
73 }
74
75 /**
76 * @tc.name: AddCertPathTest_0001
77 * @tc.desc: calling interface with greater than path len
78 * @tc.type: Func
79 * @tc.require:
80 */
81 HWTEST_F(AddCertPathTest, AddCertPathTest_0001, TestSize.Level0)
82 {
83 CertPathInfo certPathInfo = MakeCertPathInfo(TEST_SUBJECT.c_str(), TEST_ISSUER.c_str(), EMPTY_APP_ID.c_str(),
84 GREATER_THAN_MAX_CERT_CHAIN, CERT_PATH_TYPE);
85 EXPECT_NE(AddCertPath(certPathInfo), 0);
86 }
87
88 /**
89 * @tc.name: AddCertPathTest_0002
90 * @tc.desc: calling interface with invalid path len
91 * @tc.type: Func
92 * @tc.require:
93 */
94 HWTEST_F(AddCertPathTest, AddCertPathTest_0002, TestSize.Level0)
95 {
96 CertPathInfo certPathInfo = MakeCertPathInfo(TEST_SUBJECT.c_str(), TEST_ISSUER.c_str(), EMPTY_APP_ID.c_str(),
97 LESS_THAN_MIN_CERT_CHAIN, CERT_PATH_TYPE);
98 EXPECT_NE(AddCertPath(certPathInfo), 0);
99 }
100
101 /**
102 * @tc.name: AddCertPathTest_0003
103 * @tc.desc: add cert path success
104 * @tc.type: Func
105 * @tc.require:
106 */
107 HWTEST_F(AddCertPathTest, AddCertPathTest_0003, TestSize.Level0)
108 {
109 // type = developer in release
110 CertPathInfo certPathInfo = MakeCertPathInfo(FAKE_SUBJECT.c_str(), FAKE_ISSUER.c_str(),
111 EMPTY_APP_ID.c_str(), MAX_CERT_CHAIN, 0x3);
112 EXPECT_EQ(AddCertPath(certPathInfo), 0);
113 EXPECT_EQ(RemoveCertPath(certPathInfo), 0);
114
115 // type = developer in debug
116 certPathInfo = MakeCertPathInfo(FAKE_SUBJECT.c_str(), FAKE_ISSUER.c_str(),
117 EMPTY_APP_ID.c_str(), MAX_CERT_CHAIN, 0x103);
118 EXPECT_EQ(AddCertPath(certPathInfo), 0);
119 EXPECT_EQ(RemoveCertPath(certPathInfo), 0);
120
121 // remove unexists
122 EXPECT_NE(RemoveCertPath(certPathInfo), 0);
123 }
124
125 /**
126 * @tc.name: AddCertPathTest_0004
127 * @tc.desc: cannot add system cert except key_enable
128 * @tc.type: Func
129 * @tc.require:
130 */
131 HWTEST_F(AddCertPathTest, AddCertPathTest_0004, TestSize.Level0)
132 {
133 // release
134 CertPathInfo certPathInfo = MakeCertPathInfo(SUBJECT_AS_SYSTEM_TYPE.c_str(),
135 ISSUER_AS_SYSTEM_TYPE.c_str(), EMPTY_APP_ID.c_str(), MAX_CERT_CHAIN, 1);
136 // cannot add except key_enable
137 EXPECT_NE(AddCertPath(certPathInfo), 0);
138 }
139
140 /**
141 * @tc.name: AddCertPathTest_0005
142 * @tc.desc: add enterprise cert path success
143 * @tc.type: Func
144 * @tc.require:
145 */
146 HWTEST_F(AddCertPathTest, AddCertPathTest_0005, TestSize.Level0)
147 {
148 // type = developer in release
149 CertPathInfo certPathInfo = MakeCertPathInfo(FAKE_SUBJECT.c_str(), FAKE_ISSUER.c_str(),
150 TEST_APP_ID.c_str(), MAX_CERT_CHAIN, 0x3);
151 EXPECT_EQ(AddCertPath(certPathInfo), 0);
152 EXPECT_EQ(RemoveCertPath(certPathInfo), 0);
153
154 // type = developer in debug
155 certPathInfo = MakeCertPathInfo(FAKE_SUBJECT.c_str(), FAKE_ISSUER.c_str(),
156 TEST_APP_ID.c_str(), MAX_CERT_CHAIN, 0x103);
157 EXPECT_EQ(AddCertPath(certPathInfo), 0);
158 EXPECT_EQ(RemoveCertPath(certPathInfo), 0);
159
160 // remove unexists
161 EXPECT_NE(RemoveCertPath(certPathInfo), 0);
162 }
163 } // namespace CodeSign
164 } // namespace Security
165 } // namespace OHOS