1 /*
2 * Copyright (c) 2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17 #include <cstddef>
18 #include <cstdint>
19 #include <iostream>
20 #include <cstdio>
21 #include "tee_get_native_cert.h"
22 #include "tcu_authentication.h"
23 #include "tee_auth_system.h"
24 #include "accesstoken_kit.h"
25 #include "if_system_ability_manager.h"
26 #include "ipc_skeleton.h"
27 #include "iservice_registry.h"
28 #include "system_ability_definition.h"
29 #include "bundle_mgr_mini_proxy.h"
30 #include "bundle_mgr_stub.h"
31
32 using namespace testing::ext;
33 using namespace testing;
34 using namespace OHOS;
35 using namespace OHOS::Security::AccessToken;
36 using namespace OHOS::AppExecFwk;
37
38 class AuthenticationTest : public testing::Test {
39 public:
40 static void SetUpTestCase(void);
41 static void TearDownTestCase(void);
42 void SetUp();
43 void TearDown();
44 };
45
SetUpTestCase(void)46 void AuthenticationTest::SetUpTestCase(void)
47 {
48 printf("SetUp\n");
49 }
50
TearDownTestCase(void)51 void AuthenticationTest::TearDownTestCase(void)
52 {
53 printf("SetUpTestCase\n");
54 }
55
SetUp(void)56 void AuthenticationTest::SetUp(void)
57 {
58 printf("TearDownTestCase\n");
59 }
60
TearDown(void)61 void AuthenticationTest::TearDown(void)
62 {
63 printf("TearDown\n");
64 }
65 namespace {
66 HWTEST_F(AuthenticationTest, ReadCmdLine_001, TestSize.Level1)
67 {
68 int caPid = 0;
69 char path[4] = { 0 };
70 size_t pathLen = 4;
71
72 int ret = TeeGetPkgName(caPid, path, pathLen);
73 EXPECT_TRUE(ret != 0);
74 }
75
76 HWTEST_F(AuthenticationTest, TeeGetPkgName_001, TestSize.Level1)
77 {
78 int caPid = 0;
79 char path[4] = { 0 };
80 size_t pathLen = 4;
81
82 int ret = TeeGetPkgName(caPid, nullptr, MAX_PATH_LENGTH + 1);
83 EXPECT_TRUE(ret != 0);
84
85 ret = TeeGetPkgName(caPid, path, MAX_PATH_LENGTH + 1);
86 EXPECT_TRUE(ret != 0);
87
88 ret = TeeGetPkgName(caPid, path, 0);
89 EXPECT_TRUE(ret != 0);
90
91 caPid = 1;
92 ret = TeeGetPkgName(caPid, path, pathLen);
93 EXPECT_TRUE(ret != 0);
94 }
95
96 HWTEST_F(AuthenticationTest, TeeGetNativeCert_001, TestSize.Level1)
97 {
98 uint8_t buffer[MAX_PATH_LENGTH] = { 0 };
99 uint32_t len = MAX_PATH_LENGTH;
100 int caPid = 1;
101 unsigned int caUid = 0;
102
103 int ret = TeeGetNativeCert(caPid, caUid, nullptr, nullptr);
104 EXPECT_TRUE(ret != 0);
105
106 ret = TeeGetNativeCert(caPid, caUid, &len, nullptr);
107 EXPECT_TRUE(ret != 0);
108
109 ret = TeeGetNativeCert(caPid, caUid, &len, buffer);
110 EXPECT_TRUE(ret == 0);
111 }
112
113 HWTEST_F(AuthenticationTest, TcuAuthentication_001, TestSize.Level1)
114 {
115 int ret = TcuAuthentication(HASH_TYPE_SYSTEM);
116 EXPECT_TRUE(ret != 0);
117
118 ret = TcuAuthentication(HASH_TYPE_VENDOR);
119 EXPECT_TRUE(ret != 0);
120 }
121
122 HWTEST_F(AuthenticationTest, ConstructSelfAuthInfo_ConstructNativeCaInfoFromToken_001, TestSize.Level1)
123 {
124 // ConstructSelfAuthInfo
125 int32_t ret = ConstructSelfAuthInfo(nullptr);
126 EXPECT_TRUE(ret != 0);
127 uint32_t selfTokenID = 1;
128
129 IPCSkeleton::obj = new MockIPCSkeleton();
130 SystemAbilityManagerClient::objSaMgrC = new MockSystemAbilityManagerClientMid();
131 SystemAbilityManagerClient::objISaMgr = new ISystemAbilityManager();
132 AccessTokenKit::mockKitIntfObj = new MockAccessTokenKitInterface();
133
134 // ConstructNativeCaInfoFromToken
135 EXPECT_CALL(*(IPCSkeleton::obj), GetSelfTokenID()).WillOnce(Return(selfTokenID));
136 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC), GetSystemAbilityManager()).WillOnce(Return(nullptr));
137 CaAuthInfo caInfo = { .certs = {0}, .pid = 0, .uid = 0 };
138 ret = ConstructSelfAuthInfo(&caInfo);
139 EXPECT_TRUE(ret != 0);
140
141 EXPECT_CALL(*(IPCSkeleton::obj), GetSelfTokenID()).WillOnce(Return(selfTokenID));
142 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
143 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
144 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr), CheckSystemAbility(_)).WillOnce(Return(nullptr));
145 ret = ConstructSelfAuthInfo(&caInfo);
146 EXPECT_TRUE(ret != -1);
147
148 EXPECT_CALL(*(IPCSkeleton::obj), GetSelfTokenID()).WillOnce(Return(selfTokenID));
149 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
150 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
151 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
152 CheckSystemAbility(_)).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
153 EXPECT_CALL(*(AccessTokenKit::mockKitIntfObj), GetNativeTokenInfo(_, _)).WillRepeatedly(Return(-1));
154 ret = ConstructSelfAuthInfo(&caInfo);
155 EXPECT_TRUE(ret != 0);
156
157 EXPECT_CALL(*(IPCSkeleton::obj), GetSelfTokenID()).WillOnce(Return(selfTokenID));
158 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
159 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
160 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
161 CheckSystemAbility(_)).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
162 EXPECT_CALL(*(AccessTokenKit::mockKitIntfObj), GetNativeTokenInfo(_, _)).WillRepeatedly(Return(-1));
163 ret = ConstructSelfAuthInfo(&caInfo);
164 EXPECT_TRUE(ret != 0);
165
166 delete(IPCSkeleton::obj);
167 delete(SystemAbilityManagerClient::objSaMgrC);
168 delete(SystemAbilityManagerClient::objISaMgr);
169 delete(AccessTokenKit::mockKitIntfObj);
170
171 IPCSkeleton::obj = nullptr;
172 SystemAbilityManagerClient::objSaMgrC = nullptr;
173 SystemAbilityManagerClient::objISaMgr = nullptr;
174 AccessTokenKit::mockKitIntfObj = nullptr;
175 }
176
177 HWTEST_F(AuthenticationTest, ConstructNativeCaInfoFromToken_002, TestSize.Level1)
178 {
179 IPCSkeleton::obj = new MockIPCSkeleton();
180 SystemAbilityManagerClient::objSaMgrC = new MockSystemAbilityManagerClientMid();
181 SystemAbilityManagerClient::objISaMgr = new ISystemAbilityManager();
182 AccessTokenKit::mockKitIntfObj = new MockAccessTokenKitInterface();
183
184 uint32_t selfTokenID = 1;
185 CaAuthInfo caInfo = { .certs = {0}, .pid = 0, .uid = 0 };
186 AccessTokenIDInner innerToken;
187 innerToken.tokenUniqueID = 1;
188 selfTokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
189 EXPECT_CALL(*(IPCSkeleton::obj), GetSelfTokenID()).WillOnce(Return(selfTokenID));
190 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
191 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
192 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
193 CheckSystemAbility(_)).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
194 EXPECT_CALL(*(AccessTokenKit::mockKitIntfObj), GetNativeTokenInfo(_, _)).WillOnce(Return(0));
195 int32_t ret = ConstructSelfAuthInfo(&caInfo);
196 EXPECT_TRUE(ret != 0);
197
198 innerToken.tokenUniqueID = 2;
199 selfTokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
200 EXPECT_CALL(*(IPCSkeleton::obj), GetSelfTokenID()).WillOnce(Return(selfTokenID));
201 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
202 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
203 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
204 CheckSystemAbility(_)).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
205 EXPECT_CALL(*(AccessTokenKit::mockKitIntfObj), GetNativeTokenInfo(_, _)).WillOnce(Return(0));
206 ret = ConstructSelfAuthInfo(&caInfo);
207 EXPECT_TRUE(ret != -1);
208
209 innerToken.tokenUniqueID = 3;
210 selfTokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
211 EXPECT_CALL(*(IPCSkeleton::obj), GetSelfTokenID()).WillOnce(Return(selfTokenID));
212 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
213 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
214 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
215 CheckSystemAbility(_)).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
216 EXPECT_CALL(*(AccessTokenKit::mockKitIntfObj), GetNativeTokenInfo(_, _)).WillOnce(Return(0));
217 ret = ConstructSelfAuthInfo(&caInfo);
218 EXPECT_TRUE(ret == -1);
219
220 delete(IPCSkeleton::obj);
221 delete(SystemAbilityManagerClient::objSaMgrC);
222 delete(SystemAbilityManagerClient::objISaMgr);
223 delete(AccessTokenKit::mockKitIntfObj);
224
225 IPCSkeleton::obj = nullptr;
226 SystemAbilityManagerClient::objSaMgrC = nullptr;
227 SystemAbilityManagerClient::objISaMgr = nullptr;
228 AccessTokenKit::mockKitIntfObj = nullptr;
229 }
230
231 HWTEST_F(AuthenticationTest, GetCaName_001, TestSize.Level1)
232 {
233 char name[MAX_PATH_LENGTH] = { 0 };
234 GetCaName(nullptr, 1);
235 GetCaName(nullptr, MAX_PATH_LENGTH);
236 GetCaName(name, 1);
237
238 AccessTokenIDInner innerToken = { 0 };
239 innerToken.tokenUniqueID = 0;
240 innerToken.type = 0;
241 uint32_t tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
242 SystemAbilityManagerClient::objISaMgr = new ISystemAbilityManager();
243 SystemAbilityManagerClient::objSaMgrC = new MockSystemAbilityManagerClientMid();
244 sptr<IRemoteObject> object = new BundleMgrStub();
245 IPCSkeleton::obj = new MockIPCSkeleton();
246 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingPid()).WillRepeatedly(Return(0));
247 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingUid()).WillRepeatedly(Return(200000));
248 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
249 GetSystemAbilityManager()).WillRepeatedly(Return(SystemAbilityManagerClient::objISaMgr));
250 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
251 GetSystemAbility(_)).WillRepeatedly(Return(object));
252 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingTokenID()).WillRepeatedly(Return(tokenID));
253 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr), CheckSystemAbility(_)).WillRepeatedly(Return(nullptr));
254
255 innerToken.type = 0;
256 GetCaName(name, MAX_PATH_LENGTH);
257 EXPECT_TRUE(name[0] == '\0');
258
259 innerToken.type = 1;
260 tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
261 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingTokenID()).WillRepeatedly(Return(tokenID));
262 GetCaName(name, MAX_PATH_LENGTH);
263 EXPECT_TRUE(name[0] == '\0');
264
265 innerToken.type = 2;
266 tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
267 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingTokenID()).WillRepeatedly(Return(tokenID));
268 GetCaName(name, MAX_PATH_LENGTH);
269 EXPECT_TRUE(name[0] == '\0');
270 EXPECT_TRUE(name[MAX_PATH_LENGTH - 1] == '\0');
271 delete(AccessTokenKit::mockKitIntfObj);
272 delete(SystemAbilityManagerClient::objSaMgrC);
273 delete(SystemAbilityManagerClient::objISaMgr);
274 delete(IPCSkeleton::obj);
275 AccessTokenKit::mockKitIntfObj = nullptr;
276 SystemAbilityManagerClient::objSaMgrC = nullptr;
277 SystemAbilityManagerClient::objISaMgr = nullptr;
278 IPCSkeleton::obj = nullptr;
279 }
280
281 HWTEST_F(AuthenticationTest, ConstructCaAuthInfo_001, TestSize.Level1)
282 {
283 uint32_t tokenID = 0;
284 int32_t ret = ConstructCaAuthInfo(tokenID, nullptr);
285 EXPECT_TRUE(ret != 0);
286
287 AccessTokenIDInner innerToken = { 0 };
288 innerToken.tokenUniqueID = 0;
289 innerToken.type = 0;
290 tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
291 CaAuthInfo caInfo = { { 0 } };
292 SystemAbilityManagerClient::objISaMgr = new ISystemAbilityManager();
293 SystemAbilityManagerClient::objSaMgrC = new MockSystemAbilityManagerClientMid();
294 sptr<IRemoteObject> object = new BundleMgrStub();
295 IPCSkeleton::obj = new MockIPCSkeleton();
296 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingUid()).WillOnce(Return(200000));
297 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
298 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
299 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
300 GetSystemAbility(_)).WillOnce(Return(object));
301
302 ret = ConstructCaAuthInfo(tokenID, &caInfo);
303 EXPECT_TRUE(ret != 0);
304
305 innerToken.tokenUniqueID = 1;
306 innerToken.type = 1;
307 tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
308 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC), GetSystemAbilityManager()).WillOnce(Return(nullptr));
309 ret = ConstructCaAuthInfo(tokenID, &caInfo);
310 EXPECT_TRUE(ret != 0);
311
312 innerToken.tokenUniqueID = 2;
313 innerToken.type = 2;
314 tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
315 ret = ConstructCaAuthInfo(tokenID, &caInfo);
316 EXPECT_TRUE(ret != -1);
317
318 innerToken.type = -1;
319 tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
320 ret = ConstructCaAuthInfo(tokenID, &caInfo);
321 EXPECT_TRUE(ret != 0);
322
323 delete(AccessTokenKit::mockKitIntfObj);
324 delete(SystemAbilityManagerClient::objSaMgrC);
325 delete(SystemAbilityManagerClient::objISaMgr);
326 delete(IPCSkeleton::obj);
327 AccessTokenKit::mockKitIntfObj = nullptr;
328 SystemAbilityManagerClient::objSaMgrC = nullptr;
329 SystemAbilityManagerClient::objISaMgr = nullptr;
330 IPCSkeleton::obj = nullptr;
331 }
332
333 HWTEST_F(AuthenticationTest, ConstructHapCaInfoFromToken_001, TestSize.Level1)
334 {
335 AccessTokenIDInner innerToken = { 0 };
336 innerToken.tokenUniqueID = 0;
337 innerToken.type = 0;
338 uint32_t tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
339 CaAuthInfo caInfo = { { 0 } };
340 SystemAbilityManagerClient::objISaMgr = new ISystemAbilityManager();
341 SystemAbilityManagerClient::objSaMgrC = new MockSystemAbilityManagerClientMid();
342 sptr<IRemoteObject> object = new BundleMgrStub();
343 IPCSkeleton::obj = new MockIPCSkeleton();
344 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingUid()).WillOnce(Return(200000));
345 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
346 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
347 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
348 GetSystemAbility(_)).WillOnce(Return(object));
349 int32_t ret = ConstructCaAuthInfo(tokenID, &caInfo);
350 EXPECT_TRUE(ret != 0);
351 printf("1\n");
352 innerToken.tokenUniqueID = 1;
353 innerToken.type = 0;
354 tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
355 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingUid()).WillOnce(Return(0));
356 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
357 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
358 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
359 GetSystemAbility(_)).WillOnce(Return(object));
360 ret = ConstructCaAuthInfo(tokenID, &caInfo);
361 EXPECT_TRUE(ret != 0);
362 printf("2\n");
363 innerToken.tokenUniqueID = 2;
364 innerToken.type = 0;
365 tokenID = *(reinterpret_cast<uint32_t *>(&innerToken));
366 EXPECT_CALL(*(IPCSkeleton::obj), GetCallingUid()).WillOnce(Return(-1));
367 EXPECT_CALL(*(SystemAbilityManagerClient::objSaMgrC),
368 GetSystemAbilityManager()).WillOnce(Return(SystemAbilityManagerClient::objISaMgr));
369 EXPECT_CALL(*(SystemAbilityManagerClient::objISaMgr),
370 GetSystemAbility(_)).WillOnce(Return(object));
371 ret = ConstructCaAuthInfo(tokenID, &caInfo);
372 EXPECT_TRUE(ret != 0);
373 printf("3\n");
374 delete(AccessTokenKit::mockKitIntfObj);
375 delete(SystemAbilityManagerClient::objSaMgrC);
376 delete(SystemAbilityManagerClient::objISaMgr);
377 delete(IPCSkeleton::obj);
378 SystemAbilityManagerClient::objSaMgrC = nullptr;
379 SystemAbilityManagerClient::objISaMgr = nullptr;
380 AccessTokenKit::mockKitIntfObj = nullptr;
381 IPCSkeleton::obj = nullptr;
382 }
383
384 HWTEST_F(AuthenticationTest, TEEGetNativeSACaInfo_001, TestSize.Level1)
385 {
386 int32_t ret = TEEGetNativeSACaInfo(nullptr, nullptr, 0);
387 EXPECT_TRUE(ret != 0);
388
389 CaAuthInfo caInfo = { .certs="TEEGetNativeSACaInfo_001", .uid= 1};
390 uint8_t buf[1024] = { 0 };
391 uint32_t bufLen = sizeof(buf);
392 ret = TEEGetNativeSACaInfo(&caInfo, nullptr, 0);
393 EXPECT_TRUE(ret != 0);
394
395 ret = TEEGetNativeSACaInfo(&caInfo, buf, 0);
396 EXPECT_TRUE(ret != 0);
397
398 ret = TEEGetNativeSACaInfo(&caInfo, buf, bufLen);
399 EXPECT_TRUE(ret != -1);
400 }
401 }
402