1 /*
2 * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <unistd.h>
17 #include <fstream>
18 #include <map>
19 #include <gtest/gtest.h>
20
21 #include "byte_buffer_data_source.h"
22 #include "random_access_file.h"
23 #include "hap_signer_block_utils.h"
24 #include "hap_signer_block_utils_test.h"
25
26 using namespace testing::ext;
27
28 namespace OHOS {
29 namespace SignatureTools {
CreateHapSubSignBlockHead(HapSubSignBlockHead & signBlob,HapSubSignBlockHead & profileBlob,HapSubSignBlockHead & propertyBlob)30 void CreateHapSubSignBlockHead(HapSubSignBlockHead& signBlob, HapSubSignBlockHead& profileBlob,
31 HapSubSignBlockHead& propertyBlob)
32 {
33 signBlob.type = HAP_SIGN_BLOB;
34 signBlob.length = TEST_FILE_BLOCK_LENGTH;
35 signBlob.offset = sizeof(HapSubSignBlockHead) * TEST_FILE_BLOCK_COUNT;
36 profileBlob.type = PROFILE_BLOB;
37 profileBlob.length = TEST_FILE_BLOCK_LENGTH;
38 profileBlob.offset = signBlob.offset + signBlob.length;
39 propertyBlob.type = PROPERTY_BLOB;
40 propertyBlob.length = TEST_FILE_BLOCK_LENGTH;
41 propertyBlob.offset = profileBlob.offset + profileBlob.length;
42 }
43
CreatTestZipFile(const std::string & pathFile,SignatureInfo & signInfo)44 int64_t CreatTestZipFile(const std::string& pathFile, SignatureInfo& signInfo)
45 {
46 std::ofstream hapFile(pathFile.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
47 if (!hapFile.is_open()) {
48 return 0;
49 }
50 char block[TEST_FILE_BLOCK_LENGTH] = { 0 };
51 /* input contents of ZIP entries */
52 hapFile.seekp(0, std::ios_base::beg);
53 hapFile.write(block, sizeof(block));
54 /* input sign block */
55 HapSubSignBlockHead signBlob;
56 HapSubSignBlockHead profileBlob;
57 HapSubSignBlockHead propertyBlob;
58 CreateHapSubSignBlockHead(signBlob, profileBlob, propertyBlob);
59 hapFile.write(reinterpret_cast<char*>(&signBlob), sizeof(signBlob));
60 hapFile.write(reinterpret_cast<char*>(&profileBlob), sizeof(profileBlob));
61 hapFile.write(reinterpret_cast<char*>(&propertyBlob), sizeof(propertyBlob));
62 for (int32_t i = 0; i < TEST_FILE_BLOCK_COUNT; i++) {
63 hapFile.write(block, sizeof(block));
64 }
65 int32_t blockCount = TEST_FILE_BLOCK_COUNT;
66 hapFile.write(reinterpret_cast<char*>(&blockCount), sizeof(blockCount));
67 int64_t signBlockSize = (sizeof(HapSubSignBlockHead) + sizeof(block)) *
68 TEST_FILE_BLOCK_COUNT +
69 HapSignerBlockUtils::ZIP_HEAD_OF_SIGNING_BLOCK_LENGTH;
70 hapFile.write(reinterpret_cast<char*>(&signBlockSize), sizeof(signBlockSize));
71 int64_t magic = HapSignerBlockUtils::HAP_SIG_BLOCK_MAGIC_LOW_OLD;
72 hapFile.write(reinterpret_cast<char*>(&magic), sizeof(magic));
73 magic = HapSignerBlockUtils::HAP_SIG_BLOCK_MAGIC_HIGH_OLD;
74 hapFile.write(reinterpret_cast<char*>(&magic), sizeof(magic));
75 int32_t version = 1;
76 hapFile.write(reinterpret_cast<char*>(&version), sizeof(version));
77 /* input central direction */
78 hapFile.write(block, sizeof(block));
79 /* input end of central direction */
80 int32_t zidEocdSign = HapSignerBlockUtils::ZIP_EOCD_SEGMENT_FLAG;
81 hapFile.write(reinterpret_cast<char*>(&zidEocdSign), sizeof(zidEocdSign));
82 hapFile.write(reinterpret_cast<char*>(&magic), sizeof(magic));
83 uint32_t centralDirLen = sizeof(block);
84 hapFile.write(reinterpret_cast<char*>(¢ralDirLen), sizeof(centralDirLen));
85 uint32_t centralDirOffset = TEST_FILE_BLOCK_LENGTH + signBlockSize;
86 hapFile.write(reinterpret_cast<char*>(¢ralDirOffset), sizeof(centralDirOffset));
87 short eocdCommentLen = 0;
88 hapFile.write(reinterpret_cast<char*>(&eocdCommentLen), sizeof(eocdCommentLen));
89 hapFile.close();
90 signInfo.hapCentralDirOffset = centralDirOffset;
91 signInfo.hapEocdOffset = centralDirOffset + centralDirLen;
92 signInfo.hapSignatureBlock.SetCapacity(TEST_FILE_BLOCK_LENGTH);
93 signInfo.hapSignatureBlock.PutData(0, block, sizeof(block));
94 int64_t sumLen = signInfo.hapEocdOffset + sizeof(zidEocdSign) + sizeof(centralDirLen) +
95 sizeof(centralDirOffset) + sizeof(magic) + sizeof(eocdCommentLen);
96 return sumLen;
97 }
98
SetTestSignerInfoSignAlgor(PKCS7_SIGNER_INFO * info)99 int SetTestSignerInfoSignAlgor(PKCS7_SIGNER_INFO* info)
100 {
101 int signNid = 0;
102 int hashNid = 0;
103 X509_ALGOR* dig;
104 X509_ALGOR* sig;
105 PKCS7_SIGNER_INFO_get0_algs(info, NULL, &dig, &sig);
106 if (dig == NULL || dig->algorithm == NULL ||
107 (hashNid = OBJ_obj2nid(dig->algorithm)) == NID_undef ||
108 !OBJ_find_sigid_by_algs(&signNid, hashNid, NID_X9_62_id_ecPublicKey) ||
109 X509_ALGOR_set0(sig, OBJ_nid2obj(signNid), V_ASN1_UNDEF, 0) != 1) {
110 return 0;
111 }
112 return 1;
113 }
114
Pkcs7TestSetSignerInfo(PKCS7_SIGNER_INFO * info,X509 * cert,const EVP_MD * hash)115 int Pkcs7TestSetSignerInfo(PKCS7_SIGNER_INFO* info, X509* cert, const EVP_MD* hash)
116 {
117 if (!ASN1_INTEGER_set(info->version, 1) ||
118 !X509_NAME_set(&info->issuer_and_serial->issuer, X509_get_issuer_name(cert))) {
119 return 0;
120 }
121
122 ASN1_INTEGER_free(info->issuer_and_serial->serial);
123 if (!(info->issuer_and_serial->serial =
124 ASN1_INTEGER_dup(X509_get_serialNumber(cert)))) {
125 return 0;
126 }
127
128 X509_ALGOR_set0(info->digest_alg, OBJ_nid2obj(EVP_MD_type(hash)),
129 V_ASN1_NULL, NULL);
130
131 if (!SetTestSignerInfoSignAlgor(info)) {
132 return 0;
133 }
134 return 1;
135 }
136
137 const std::string HAP_VERIFY_V2_PATH = "./hapVerify/hap_verify_v2.hap";
138 const std::string HAP_VERIFY_V3_PATH = "./hapVerify/hap_verify_v3.hap";
139 class HapSignerBlockUtilsTest : public testing::Test {
140 public:
141 static void SetUpTestCase(void);
142 static void TearDownTestCase(void);
143 void SetUp();
144 void TearDown();
145 static const int32_t TEST_ZIP_BLOCKS_NUM_NEED_DIGEST;
146 };
147
148 const int32_t HapSignerBlockUtilsTest::TEST_ZIP_BLOCKS_NUM_NEED_DIGEST = 3;
149
SetUpTestCase(void)150 void HapSignerBlockUtilsTest::SetUpTestCase(void)
151 {
152 (void)rename("./hapVerify/hap_verify_v2.txt", HAP_VERIFY_V2_PATH.c_str());
153 (void)rename("./hapVerify/hap_verify_v3.txt", HAP_VERIFY_V3_PATH.c_str());
154 sync();
155 }
156
TearDownTestCase(void)157 void HapSignerBlockUtilsTest::TearDownTestCase(void)
158 {
159 }
160
SetUp()161 void HapSignerBlockUtilsTest::SetUp()
162 {
163 }
164
TearDown()165 void HapSignerBlockUtilsTest::TearDown()
166 {
167 }
168
169 /**
170 * @tc.name: Test FindHapSignature function
171 * @tc.desc: input one right file and some error files, The static function will return correct result;
172 * @tc.type: FUNC
173 */
174 HWTEST_F(HapSignerBlockUtilsTest, FindHapSignatureTest001, TestSize.Level1)
175 {
176 /*
177 * @tc.steps: step1. create a test zip file.
178 */
179 std::string pathFile = "./hapVerify/test_hap_verify.hap";
180 SignatureInfo signInfo;
181 int64_t sumLen = CreatTestZipFile(pathFile, signInfo);
182 /*
183 * @tc.steps: step2. test FindHapSignature function
184 * @tc.expected: step2. the return will be true.
185 */
186 RandomAccessFile hapTestFile;
187 ASSERT_TRUE(hapTestFile.Init(pathFile));
188 ASSERT_EQ(hapTestFile.GetLength(), sumLen);
189 SignatureInfo hapSignInfo;
190 ASSERT_TRUE(HapSignerBlockUtils::FindHapSignature(hapTestFile, hapSignInfo));
191 /*
192 * @tc.steps: step3. make central offset error, and test FindHapSignature function
193 * @tc.expected: step3. can not find central directory, the return will be false.
194 */
195 ByteBuffer eocd(TEST_ZIP_EOCD_SIZE);
196 EXPECT_GT(hapTestFile.ReadFileFullyFromOffset(eocd, sumLen - TEST_ZIP_EOCD_SIZE), 0);
197 ByteBuffer buff(eocd);
198 buff.PutInt32(TEST_ZIP_ECD_OFFSET_FIELD_OFFSET, TEST_HAPBYTEBUFFER_INT32_DATA);
199 EXPECT_GT(hapTestFile.WriteToFile(buff, sumLen - TEST_ZIP_EOCD_SIZE, buff.GetCapacity()), 0);
200 ASSERT_FALSE(HapSignerBlockUtils::FindHapSignature(hapTestFile, hapSignInfo));
201 /*
202 * @tc.steps: step4. make eocd comment error, and test FindHapSignature function
203 * @tc.expected: step4. can not find eocd, the return will be false.
204 */
205 ByteBuffer buff2(eocd);
206 buff2.PutInt16(TEST_ZIP_EOCD_COMMENT_OFFSET, TEST_HAPBYTEBUFFER_UINT16_DATA);
207 EXPECT_GT(hapTestFile.WriteToFile(buff2, sumLen - TEST_ZIP_EOCD_SIZE, buff2.GetCapacity()), 0);
208 ASSERT_FALSE(HapSignerBlockUtils::FindHapSignature(hapTestFile, hapSignInfo));
209 /*
210 * @tc.steps: step5. make hap signing block error, and test FindHapSignature function
211 * @tc.expected: step4. can not find hap signing block, the return will be false.
212 */
213 RandomAccessFile hapTestFile2;
214 ASSERT_TRUE(hapTestFile2.Init(HAP_VERIFY_V2_PATH));
215 ASSERT_FALSE(HapSignerBlockUtils::FindHapSignature(hapTestFile2, hapSignInfo));
216 }
217
218 /**
219 * @tc.name: Test FindEocdInHap function
220 * @tc.desc: create a file with invalid length, The function will return false;
221 * @tc.type: FUNC
222 */
223 HWTEST_F(HapSignerBlockUtilsTest, FindEocdInHapTest001, TestSize.Level1)
224 {
225 /*
226 * @tc.steps: step1. create a test file with invalid length.
227 */
228 std::string pathFile = "./hapVerify/test_hap_verify.hap";
229 std::ofstream hapFile;
230 hapFile.open(pathFile.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
231 ASSERT_TRUE(hapFile.is_open());
232 uint32_t centralDirLen = TEST_HAPBYTEBUFFER_UINT32_DATA;
233 hapFile.write(reinterpret_cast<char*>(¢ralDirLen), sizeof(centralDirLen));
234 hapFile.close();
235 /*
236 * @tc.steps: step2. test FindEocdInHap function
237 * @tc.expected: step2. the return will be false.
238 */
239 RandomAccessFile hapTestFile;
240 hapTestFile.Init(pathFile);
241 std::pair<ByteBuffer, int64_t> eocd;
242
243 ASSERT_FALSE(HapSignerBlockUtils::FindEocdInHap(hapTestFile, eocd));
244 /*
245 * @tc.steps: step3. test FindEocdInHap function
246 * @tc.expected: step3. make the file length is right, but the comment size is wrong, the return will be false.
247 */
248 ByteBuffer fileLen(TEST_FILE_BLOCK_LENGTH);
249 EXPECT_GT(hapTestFile.WriteToFile(fileLen, 0, fileLen.GetCapacity()), 0);
250 int32_t maxCommentSize = TEST_INVALID_MAX_COMMENT_SIZE;
251 ASSERT_FALSE(HapSignerBlockUtils::FindEocdInHap(hapTestFile, maxCommentSize, eocd));
252 maxCommentSize = TEST_MAX_COMMENT_SIZE;
253 ASSERT_FALSE(HapSignerBlockUtils::FindEocdInHap(hapTestFile, maxCommentSize, eocd));
254 /*
255 * @tc.steps: step4. test FindEocdInSearchBuffer function
256 * @tc.expected: step4. make the searchBuffer is wrong, the return will be false.
257 */
258 ByteBuffer testHapBuffer(TEST_HAPBYTEBUFFER_LENGTH);
259 int32_t offset = 0;
260 ASSERT_FALSE(HapSignerBlockUtils::FindEocdInSearchBuffer(testHapBuffer, offset));
261 ByteBuffer eocdBuff(TEST_ZIP_EOCD_SIZE);
262 eocdBuff.PutInt32(HapSignerBlockUtils::ZIP_EOCD_SEGMENT_FLAG);
263 eocdBuff.Flip();
264 ASSERT_FALSE(HapSignerBlockUtils::FindEocdInSearchBuffer(eocdBuff, offset));
265 }
266
267 /**
268 * @tc.name: Test GetCentralDirectoryOffset function
269 * @tc.desc: create an ecod with invalid central offset and length,
270 * The function will return TEST_NOT_FIND_TARGET_OFFSET;
271 * @tc.type: FUNC
272 */
273 HWTEST_F(HapSignerBlockUtilsTest, GetCentralDirectoryOffsetTest001, TestSize.Level1)
274 {
275 /*
276 * @tc.steps: step1. create a test eocd with invalid central offset and length.
277 */
278 ByteBuffer testEocd(TEST_ZIP_EOCD_SIZE);
279 int32_t centralDirLen = TEST_FILE_BLOCK_LENGTH;
280 testEocd.PutInt32(TEST_ZIP_ECD_SIZE_FIELD_OFFSET, centralDirLen);
281 int32_t centralDirOffset = TEST_FILE_BLOCK_LENGTH;
282 testEocd.PutInt32(TEST_ZIP_ECD_OFFSET_FIELD_OFFSET, centralDirOffset);
283
284 ASSERT_FALSE(HapSignerBlockUtils::SetUnsignedInt32(testEocd, 0, TEST_INVALID_MAX_COMMENT_SIZE));
285 ByteBuffer emptyEocd;
286 /*
287 * @tc.steps: step2. run function with error eocdoffset
288 * @tc.expected: step2. the return will be NOT_FIND_TARGET_OFFSET.
289 */
290 int64_t offset;
291 ASSERT_FALSE(HapSignerBlockUtils::GetCentralDirectoryOffset(emptyEocd, 0, offset));
292 ASSERT_FALSE(HapSignerBlockUtils::GetCentralDirectoryOffset(testEocd, 0, offset));
293 ASSERT_FALSE(HapSignerBlockUtils::GetCentralDirectoryOffset(testEocd, TEST_FILE_BLOCK_LENGTH, offset));
294 }
295
296 /**
297 * @tc.name: Test GetCentralDirectorySize function
298 * @tc.desc: create an wrong eocd, the function will return false;
299 * @tc.type: FUNC
300 */
301 HWTEST_F(HapSignerBlockUtilsTest, GetCentralDirectorySizeTest001, TestSize.Level1)
302 {
303 /*
304 * @tc.steps: step1. create a test eocd with invalid length;
305 * @tc.expected: step1. the return will be false.
306 */
307 ByteBuffer testEocd(TEST_HAPBYTEBUFFER_LENGTH);
308 long centralDirectorySize;
309
310 ASSERT_FALSE(HapSignerBlockUtils::GetCentralDirectorySize(testEocd, centralDirectorySize));
311 }
312
313 /**
314 * @tc.name: Test FindHapSigningBlock function
315 * @tc.desc: input one right file and some error files, The static function will return correct result;
316 * @tc.type: FUNC
317 */
318 HWTEST_F(HapSignerBlockUtilsTest, FindHapSigningBlockTest001, TestSize.Level1)
319 {
320 /*
321 * @tc.steps: step1. create a test zip file.
322 */
323 std::string pathFile = "./hapVerify/test_hap_verify.hap";
324 SignatureInfo signInfo;
325 int64_t sumLen = CreatTestZipFile(pathFile, signInfo);
326 /*
327 * @tc.steps: step2. test FindHapSigningBlock function
328 * @tc.expected: step2. the return will be true.
329 */
330 RandomAccessFile hapTestFile;
331 ASSERT_TRUE(hapTestFile.Init(pathFile));
332 ASSERT_EQ(hapTestFile.GetLength(), sumLen);
333
334 SignatureInfo hapSignInfo;
335 ASSERT_TRUE(HapSignerBlockUtils::FindHapSigningBlock(hapTestFile, signInfo.hapCentralDirOffset, hapSignInfo));
336 /*
337 * @tc.steps: step3. test FindHapSigningBlock function
338 * @tc.expected: step3. can not find cd offset, the return will be false.
339 */
340 ASSERT_FALSE(HapSignerBlockUtils::FindHapSigningBlock(hapTestFile, 0, hapSignInfo));
341 /*
342 * @tc.steps: step4. test FindHapSigningBlock function
343 * @tc.expected: step4. cd offset is out of range, the return will be false.
344 */
345 ASSERT_FALSE(HapSignerBlockUtils::FindHapSigningBlock(hapTestFile, TEST_HAPBYTEBUFFER_INT32_DATA, hapSignInfo));
346 /*
347 * @tc.steps: step5. test CheckSignBlockHead function
348 * @tc.expected: step5. make hapSignBlockMagic is wrong, the return will be false.
349 */
350 RandomAccessFile hapTestFile2;
351 ASSERT_TRUE(hapTestFile2.Init(HAP_VERIFY_V2_PATH));
352 int64_t fileLength = hapTestFile2.GetLength();
353 ByteBuffer eocd(TEST_ZIP_EOCD_SIZE);
354 int32_t centralDirOffset;
355 EXPECT_GT(hapTestFile2.ReadFileFullyFromOffset(eocd, fileLength - TEST_ZIP_EOCD_SIZE), 0);
356 ASSERT_TRUE(eocd.GetInt32(TEST_ZIP_ECD_OFFSET_FIELD_OFFSET, centralDirOffset));
357 ASSERT_FALSE(HapSignerBlockUtils::FindHapSigningBlock(hapTestFile2, centralDirOffset, hapSignInfo));
358 /*
359 * @tc.steps: step6. test CheckSignBlockHead function
360 * @tc.expected: step6. make hapSignBlockOffset is wrong, the return will be false.
361 */
362 RandomAccessFile hapTestFile3;
363 ASSERT_TRUE(hapTestFile3.Init(HAP_VERIFY_V3_PATH));
364 fileLength = hapTestFile3.GetLength();
365 ByteBuffer eocd2(TEST_ZIP_EOCD_SIZE);
366 EXPECT_GT(hapTestFile3.ReadFileFullyFromOffset(eocd2, fileLength - TEST_ZIP_EOCD_SIZE), 0);
367 ASSERT_TRUE(eocd2.GetInt32(TEST_ZIP_ECD_OFFSET_FIELD_OFFSET, centralDirOffset));
368 ASSERT_FALSE(HapSignerBlockUtils::FindHapSigningBlock(hapTestFile3, centralDirOffset, hapSignInfo));
369 }
370
371 /**
372 * @tc.name: Test CheckSignBlockHead function
373 * @tc.desc: input one right file and some error files, The static function will return correct result;
374 * @tc.type: FUNC
375 */
376 HWTEST_F(HapSignerBlockUtilsTest, CheckSignBlockHeadTest001, TestSize.Level1)
377 {
378 /*
379 * @tc.steps: step1. test CheckSignBlockHead function
380 * @tc.expected: step1. check the hapSignBlockMagicHi is wrong, the return will be false.
381 */
382 HapSignBlockHead hapSignBlockHead{
383 .version = 3,
384 .blockCount = 0,
385 .hapSignBlockSize = 0,
386 .hapSignBlockMagicLo = HapSignerBlockUtils::HAP_SIG_BLOCK_MAGIC_LOW,
387 .hapSignBlockMagicHi = 0,
388 };
389
390 ASSERT_FALSE(HapSignerBlockUtils::CheckSignBlockHead(hapSignBlockHead));
391 /*
392 * @tc.steps: step2. test CheckSignBlockHead function
393 * @tc.expected: step2. check the hapSignBlockSize is less than ZIP_HEAD_OF_SIGNING_BLOCK_LENGTH,
394 * the return will be false.
395 */
396 hapSignBlockHead.hapSignBlockMagicHi = HapSignerBlockUtils::HAP_SIG_BLOCK_MAGIC_HIGH;
397 ASSERT_FALSE(HapSignerBlockUtils::CheckSignBlockHead(hapSignBlockHead));
398 /*
399 * @tc.steps: step3. test CheckSignBlockHead function
400 * @tc.expected: step3. check the hapSignBlockSize is greater than MAX_HAP_SIGN_BLOCK_SIZE,
401 * the return will be false.
402 */
403 hapSignBlockHead.hapSignBlockSize = INT_MAX;
404 ASSERT_FALSE(HapSignerBlockUtils::CheckSignBlockHead(hapSignBlockHead));
405 /*
406 * @tc.steps: step4. test CheckSignBlockHead function
407 * @tc.expected: step4. check the blockCount is greater than MAX_BLOCK_COUNT, the return will be false.
408 */
409 hapSignBlockHead.hapSignBlockSize = HapSignerBlockUtils::ZIP_HEAD_OF_SIGNING_BLOCK_LENGTH;
410 hapSignBlockHead.blockCount = INT_MAX;
411 ASSERT_FALSE(HapSignerBlockUtils::CheckSignBlockHead(hapSignBlockHead));
412 }
413
414 /**
415 * @tc.name: Test FindHapSubSigningBlock function
416 * @tc.desc: input one right file and some error files, The static function will return correct result;
417 * @tc.type: FUNC
418 */
419 HWTEST_F(HapSignerBlockUtilsTest, FindHapSubSigningBlockTest001, TestSize.Level1)
420 {
421 RandomAccessFile hapTestFile;
422 ASSERT_TRUE(hapTestFile.Init(HAP_VERIFY_V2_PATH));
423
424 ByteBuffer hapSignatureBlock(1);
425 ByteBuffer hapEocd(1);
426 ByteBuffer optionalBlockValue(1);
427 std::vector<OptionalBlock> optionalBlocks{
428 {
429 .optionalType = 0,
430 .optionalBlockValue = optionalBlockValue
431 }
432 };
433 SignatureInfo signatureInfo{
434 .hapSignatureBlock = hapSignatureBlock,
435 .hapSigningBlockOffset = 0,
436 .hapCentralDirOffset = 0,
437 .hapEocdOffset = 0,
438 .hapEocd = hapEocd,
439 .optionBlocks = optionalBlocks,
440 .version = 0
441 };
442
443 ASSERT_FALSE(HapSignerBlockUtils::FindHapSubSigningBlock(hapTestFile, 0, INT_MAX, 0, signatureInfo));
444
445 ASSERT_FALSE(HapSignerBlockUtils::FindHapSubSigningBlock(hapTestFile, 1, 0, INT_MAX, signatureInfo));
446
447 ASSERT_FALSE(HapSignerBlockUtils::FindHapSubSigningBlock(hapTestFile, 1, 0, 0, signatureInfo));
448
449 ASSERT_FALSE(HapSignerBlockUtils::FindHapSubSigningBlock(hapTestFile, 1, 128, 128, signatureInfo));
450 }
451
452 /**
453 * @tc.name: Test ClassifyHapSubSigningBlock function
454 * @tc.desc: test function of classify optional block
455 * @tc.type: FUNC
456 */
457 HWTEST_F(HapSignerBlockUtilsTest, ClassifyHapSubSigningBlock001, TestSize.Level1)
458 {
459 /*
460 * @tc.steps: step1. run function with input of property block
461 * @tc.expected: step1. the return signInfo.optionBlocks has property block which inputed.
462 */
463 SignatureInfo signInfo;
464 ByteBuffer subBlock;
465 uint32_t type = PROPERTY_BLOB;
466
467 HapSignerBlockUtils::ClassifyHapSubSigningBlock(signInfo, subBlock, type);
468 ASSERT_FALSE(signInfo.optionBlocks.empty());
469 ASSERT_TRUE(signInfo.optionBlocks[0].optionalType == PROPERTY_BLOB);
470 }
471
472 /**
473 * @tc.name: Test ComputeDigestsWithOptionalBlock function
474 * @tc.desc: use an error nid and a right nid to compute digest
475 * @tc.type: FUNC
476 */
477 HWTEST_F(HapSignerBlockUtilsTest, ComputeDigestsWithOptionalBlock001, TestSize.Level1)
478 {
479 /*
480 * @tc.steps: step1. run function with an error nid and a right nid
481 * @tc.expected: step1. the return will be false and right respectively.
482 */
483 OptionalBlock testOptionalBlock;
484 testOptionalBlock.optionalType = PROPERTY_BLOB;
485 testOptionalBlock.optionalBlockValue.SetCapacity(TEST_HAPBYTEBUFFER_LENGTH);
486 std::vector<OptionalBlock> optionalBlocks;
487 optionalBlocks.push_back(testOptionalBlock);
488
489 ByteBuffer chunkDigest(TEST_HAPBYTEBUFFER_LENGTH);
490 ByteBuffer finalDigest;
491 int32_t nid = TEST_NULL_NID;
492 DigestParameter errorParam = HapSignerBlockUtils::GetDigestParameter(nid);
493 int32_t ret = HapSignerBlockUtils::ComputeDigestsWithOptionalBlock(
494 errorParam, optionalBlocks, chunkDigest, finalDigest);
495 ASSERT_FALSE(ret);
496 nid = TEST_SHA256_NID;
497 DigestParameter digestParam = HapSignerBlockUtils::GetDigestParameter(nid);
498 ret = HapSignerBlockUtils::ComputeDigestsWithOptionalBlock(digestParam, optionalBlocks, chunkDigest, finalDigest);
499 ASSERT_TRUE(ret);
500 }
501
502 /**
503 * @tc.name: Test GetSumOfChunkDigestLen function
504 * @tc.desc: Test GetSumOfChunkDigestLen with some error inputs
505 * @tc.type: FUNC
506 */
507 HWTEST_F(HapSignerBlockUtilsTest, GetSumOfChunkDigestLenTest001, TestSize.Level1)
508 {
509 /*
510 * @tc.steps: step1. input some error input to test GetSumOfChunkDigestLen
511 * @tc.expected: step1. the return will be false.
512 */
513 int32_t chunkCount = 0;
514 int32_t sumOfChunkDigestLen = 0;
515 DataSource* contents[TEST_ZIP_BLOCKS_NUM_NEED_DIGEST] = { nullptr, nullptr, nullptr };
516 bool ret = HapSignerBlockUtils::GetSumOfChunkDigestLen(contents, 0, 0, chunkCount, sumOfChunkDigestLen);
517 ASSERT_FALSE(ret);
518 ret = HapSignerBlockUtils::GetSumOfChunkDigestLen(contents,
519 TEST_ZIP_BLOCKS_NUM_NEED_DIGEST, 0,
520 chunkCount, sumOfChunkDigestLen);
521 ASSERT_FALSE(ret);
522 ByteBuffer testBuffer(TEST_ZIP_EOCD_SIZE);
523 ByteBufferDataSource testSource(testBuffer);
524 for (int32_t i = 0; i < TEST_ZIP_BLOCKS_NUM_NEED_DIGEST; i++) {
525 contents[i] = &testSource;
526 }
527 ret = HapSignerBlockUtils::GetSumOfChunkDigestLen(contents,
528 TEST_ZIP_BLOCKS_NUM_NEED_DIGEST,
529 INT_MAX, chunkCount,
530 sumOfChunkDigestLen);
531 ASSERT_FALSE(ret);
532 }
533
534 /**
535 * @tc.name: Test VerifyHapIntegrity function
536 * @tc.desc: create a file and input error digest, The static function will return false;
537 * @tc.type: FUNC
538 */
539 HWTEST_F(HapSignerBlockUtilsTest, VerifyHapIntegrityTest001, TestSize.Level1)
540 {
541 /*
542 * @tc.steps: step1. create a test zip file without eocd.
543 */
544 std::string pathFile = "./hapVerify/test_hap_verify.hap";
545 SignatureInfo signInfo;
546 CreatTestZipFile(pathFile, signInfo);
547 /*
548 * @tc.steps: step2. create an error digest to test VerifyHapIntegrity function
549 * @tc.expected: step2. the return will be false.
550 */
551 Pkcs7Context digestInfo;
552 digestInfo.content.SetCapacity(TEST_FILE_BLOCK_LENGTH);
553 RandomAccessFile hapTestFile;
554 hapTestFile.Init(pathFile);
555
556 ASSERT_FALSE(HapSignerBlockUtils::VerifyHapIntegrity(digestInfo, hapTestFile, signInfo));
557 }
558
559 /**
560 * @tc.name: VerifyHapError001
561 * @tc.desc: This function tests failure for interface GetCertsChain due to PKCS7_SIGNER_INFO have not cert
562 * @tc.type: FUNC
563 */
564 HWTEST_F(HapSignerBlockUtilsTest, VerifyHapError001, TestSize.Level1)
565 {
566 PKCS7* pkcs7 = PKCS7_new();
567 X509* cert = X509_new();
568 PKCS7_set_type(pkcs7, NID_pkcs7_signed);
569 PKCS7_content_new(pkcs7, NID_pkcs7_data);
570 const EVP_MD* md = EVP_sha384();
571 PKCS7_SIGNER_INFO* info = PKCS7_SIGNER_INFO_new();
572 Pkcs7TestSetSignerInfo(info, cert, md);
573 PKCS7_add_signer(pkcs7, info);
574 Pkcs7Context pkcs7Context;
575 bool ret = VerifyHapOpensslUtils::GetCertChains(pkcs7, pkcs7Context);
576 EXPECT_EQ(ret, false);
577 PKCS7_free(pkcs7);
578 X509_free(cert);
579 }
580
581 /**
582 * @tc.name: VerifyHapError002
583 * @tc.desc: This function tests failure for interface GetCrlStack due to pkcs7 not init
584 * @tc.type: FUNC
585 */
586 HWTEST_F(HapSignerBlockUtilsTest, VerifyHapError002, TestSize.Level1)
587 {
588 PKCS7* pkcs7 = PKCS7_new();
589 bool ret = VerifyHapOpensslUtils::GetCrlStack(pkcs7, nullptr);
590 EXPECT_EQ(ret, false);
591 PKCS7_free(pkcs7);
592 }
593
594 /**
595 * @tc.name: VerifyHapError003
596 * @tc.desc: This function tests failure for interface VerifyPkcs7 due to cert1 not init
597 * @tc.type: FUNC
598 */
599 HWTEST_F(HapSignerBlockUtilsTest, VerifyHapError003, TestSize.Level1)
600 {
601 PKCS7* pkcs7 = PKCS7_new();
602 X509* cert = X509_new();
603 PKCS7_set_type(pkcs7, NID_pkcs7_signed);
604 PKCS7_content_new(pkcs7, NID_pkcs7_data);
605 const EVP_MD* md = EVP_sha384();
606 PKCS7_SIGNER_INFO* info = PKCS7_SIGNER_INFO_new();
607 Pkcs7TestSetSignerInfo(info, cert, md);
608 char* t = new char[2];
609 t[0] = 1;
610 t[1] = 2;
611 ASN1_STRING_set0(info->enc_digest, t, 2);
612 PKCS7_add_signer(pkcs7, info);
613 Pkcs7Context pkcs7Context;
614 pkcs7Context.p7 = pkcs7;
615 CertChain certs;
616 X509* cert1 = X509_new();
617 certs.push_back(cert1);
618 pkcs7Context.certChain.push_back(certs);
619 bool ret = VerifyHapOpensslUtils::VerifyPkcs7(pkcs7Context);
620 EXPECT_EQ(ret, false);
621 X509_free(cert);
622 X509_free(cert1);
623 }
624
625 /**
626 * @tc.name: VerifyHapError004
627 * @tc.desc: This function tests failure for interface ParsePkcs7Package due to cert1 not init
628 * @tc.type: FUNC
629 */
630 HWTEST_F(HapSignerBlockUtilsTest, VerifyHapError004, TestSize.Level1)
631 {
632 PKCS7* pkcs7 = PKCS7_new();
633 PKCS7_set_type(pkcs7, NID_pkcs7_signed);
634 PKCS7_content_new(pkcs7, NID_pkcs7_data);
635 unsigned char* p = nullptr;
636 int len = i2d_PKCS7(pkcs7, &p);
637 Pkcs7Context pkcs7Context;
638 bool ret = VerifyHapOpensslUtils::ParsePkcs7Package(p, len, pkcs7Context);
639 EXPECT_EQ(ret, false);
640 PKCS7_free(pkcs7);
641 }
642 } // namespace SignatureTools
643 } // namespace OHOS