1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 /* BEGIN_HEADER */
17 #include "bsl_sal.h"
18 #include "securec.h"
19 #include "hitls_error.h"
20 #include "hitls_pki_cert.h"
21 #include "hitls_pki_utils.h"
22 #include "hitls_pki_errno.h"
23 #include "hitls_x509_verify.h"
24 #include "bsl_types.h"
25 #include "bsl_log.h"
26 #include "hitls_cert_local.h"
27 #include "hitls_crl_local.h"
28 #include "bsl_init.h"
29 #include "bsl_obj_internal.h"
30 #include "bsl_uio.h"
31 #include "crypt_errno.h"
32 #include "crypt_eal_codecs.h"
33 #include "crypt_eal_rand.h"
34 #include "hitls_x509_local.h"
35 #include "hitls_print_local.h"
36 #include "bsl_params.h"
37 #include "crypt_params_key.h"
38 #define MAX_BUFF_SIZE 4096
39 #define PATH_MAX_LEN 4096
40 #define PWD_MAX_LEN 4096
41
42 /* END_HEADER */
43
FreeListData(void * data)44 static void FreeListData(void *data)
45 {
46 (void)data;
47 return;
48 }
49
FreeSanListData(void * data)50 static void FreeSanListData(void *data)
51 {
52 TestMemInit();
53 BSL_GLOBAL_Init();
54 HITLS_X509_GeneralName *name = (HITLS_X509_GeneralName *)data;
55 if (name->type == HITLS_X509_GN_DNNAME) {
56 HITLS_X509_DnListFree((BslList *)name->value.data);
57 }
58 }
59
TestSignCb(int32_t mdId,CRYPT_EAL_PkeyCtx * prvKey,HITLS_X509_Asn1AlgId * signAlgId,void * obj)60 static int32_t TestSignCb(int32_t mdId, CRYPT_EAL_PkeyCtx *prvKey, HITLS_X509_Asn1AlgId *signAlgId, void *obj)
61 {
62 (void)signAlgId;
63 uint32_t signLen = CRYPT_EAL_PkeyGetSignLen(prvKey);
64 uint8_t *sign = (uint8_t *)BSL_SAL_Malloc(signLen);
65 if (sign == NULL) {
66 return BSL_MALLOC_FAIL;
67 }
68 uint8_t *data = (uint8_t *)obj;
69 int32_t ret = CRYPT_EAL_PkeySign(prvKey, mdId, data, 1, sign, &signLen);
70 BSL_SAL_Free(sign);
71 return ret;
72 }
73
74 /* BEGIN_CASE */
SDV_HITLS_X509_FreeStoreCtx_TC001(void)75 void SDV_HITLS_X509_FreeStoreCtx_TC001(void)
76 {
77 TestMemInit();
78 BSL_GLOBAL_Init();
79
80 HITLS_X509_StoreCtxFree(NULL);
81 }
82 /* END_CASE */
83
84 /* BEGIN_CASE */
SDV_HITLS_X509_CtrlStoreCtx_TC001(void)85 void SDV_HITLS_X509_CtrlStoreCtx_TC001(void)
86 {
87 TestMemInit();
88 BSL_GLOBAL_Init();
89
90 ASSERT_EQ(HITLS_X509_StoreCtxCtrl(NULL, 0, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
91 HITLS_X509_StoreCtx storeCtx = {0};
92 ASSERT_EQ(HITLS_X509_StoreCtxCtrl(&storeCtx, 0, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
93 EXIT:
94 BSL_GLOBAL_DeInit();
95 }
96 /* END_CASE */
97
98 /* BEGIN_CASE */
SDV_HITLS_X509_VerifyCert_TC001(void)99 void SDV_HITLS_X509_VerifyCert_TC001(void)
100 {
101 TestMemInit();
102 BSL_GLOBAL_Init();
103
104 ASSERT_EQ(HITLS_X509_CertVerify(NULL, NULL), HITLS_X509_ERR_INVALID_PARAM);
105 HITLS_X509_StoreCtx storeCtx = {0};
106 ASSERT_EQ(HITLS_X509_CertVerify(&storeCtx, NULL), HITLS_X509_ERR_INVALID_PARAM);
107 EXIT:
108 BSL_GLOBAL_DeInit();
109 }
110 /* END_CASE */
111
112 /* BEGIN_CASE */
SDV_HITLS_X509_BuildCertChain_TC001(void)113 void SDV_HITLS_X509_BuildCertChain_TC001(void)
114 {
115 TestMemInit();
116 BSL_GLOBAL_Init();
117
118 ASSERT_EQ(HITLS_X509_CertChainBuild(NULL, false, NULL, NULL), HITLS_X509_ERR_INVALID_PARAM);
119 HITLS_X509_StoreCtx storeCtx = {0};
120 ASSERT_EQ(HITLS_X509_CertChainBuild(&storeCtx, false, NULL, NULL), HITLS_X509_ERR_INVALID_PARAM);
121 HITLS_X509_Cert cert = {0};
122 ASSERT_EQ(HITLS_X509_CertChainBuild(&storeCtx, false, &cert, NULL), HITLS_X509_ERR_INVALID_PARAM);
123 EXIT:
124 BSL_GLOBAL_DeInit();
125 }
126 /* END_CASE */
127
128 /* BEGIN_CASE */
SDV_HITLS_X509_FreeCert_TC001(void)129 void SDV_HITLS_X509_FreeCert_TC001(void)
130 {
131 TestMemInit();
132 BSL_GLOBAL_Init();
133
134 HITLS_X509_CertFree(NULL);
135 }
136 /* END_CASE */
137
138 /* BEGIN_CASE */
SDV_HITLS_X509_ParseBuffCert_TC001(void)139 void SDV_HITLS_X509_ParseBuffCert_TC001(void)
140 {
141 TestMemInit();
142 HITLS_X509_Cert *cert = NULL;
143 uint8_t buffData[10] = {0};
144 BSL_GLOBAL_Init();
145
146 ASSERT_EQ(HITLS_X509_CertParseBuff(0, NULL, NULL), HITLS_X509_ERR_INVALID_PARAM);
147 BSL_Buffer buff = {0};
148 ASSERT_EQ(HITLS_X509_CertParseBuff(0, &buff, NULL), HITLS_X509_ERR_INVALID_PARAM);
149 buff.data = buffData;
150 ASSERT_EQ(HITLS_X509_CertParseBuff(0, &buff, NULL), HITLS_X509_ERR_INVALID_PARAM);
151 buff.dataLen = 1;
152 ASSERT_EQ(HITLS_X509_CertParseBuff(0, &buff, NULL), HITLS_X509_ERR_INVALID_PARAM);
153 ASSERT_EQ(HITLS_X509_CertParseBuff(0xff, &buff, &cert), HITLS_X509_ERR_FORMAT_UNSUPPORT);
154 EXIT:
155 BSL_GLOBAL_DeInit();
156 }
157 /* END_CASE */
158
159 /* BEGIN_CASE */
SDV_HITLS_X509_ParseFileCert_TC001(void)160 void SDV_HITLS_X509_ParseFileCert_TC001(void)
161 {
162 TestMemInit();
163 BSL_GLOBAL_Init();
164
165 ASSERT_EQ(HITLS_X509_CertParseFile(BSL_FORMAT_ASN1, NULL, NULL), BSL_NULL_INPUT);
166 ASSERT_EQ(HITLS_X509_CertParseFile(BSL_FORMAT_ASN1, "../testdata/cert/asn1/nist384ca.crt", NULL),
167 HITLS_X509_ERR_INVALID_PARAM);
168 EXIT:
169 BSL_GLOBAL_DeInit();
170 }
171 /* END_CASE */
172
173 /* BEGIN_CASE */
SDV_HITLS_X509_CtrlCert_TC001(void)174 void SDV_HITLS_X509_CtrlCert_TC001(void)
175 {
176 TestMemInit();
177 BSL_GLOBAL_Init();
178
179 ASSERT_EQ(HITLS_X509_CertCtrl(NULL, 0xff, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
180 HITLS_X509_Cert cert = {0};
181 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, 0x7fffffff, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
182 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_ENCODELEN, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
183 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_ENCODELEN, &cert, 0), HITLS_X509_ERR_INVALID_PARAM);
184 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_ENCODE, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
185 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_PUBKEY, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
186 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_PUBKEY, &cert, 0), CRYPT_NULL_INPUT);
187 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_SIGNALG, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
188 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_SIGNALG, &cert, 0), HITLS_X509_ERR_INVALID_PARAM);
189 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_SIGN_MDALG, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
190 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_SIGN_MDALG, &cert, 0), HITLS_X509_ERR_INVALID_PARAM);
191 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_REF_UP, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
192 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_REF_UP, &cert, 0), HITLS_X509_ERR_INVALID_PARAM);
193
194 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_SUBJECT_DN_STR, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
195 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_ISSUER_DN_STR, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
196 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_SERIALNUM, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
197 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_BEFORE_TIME_STR, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
198 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_GET_AFTER_TIME_STR, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
199 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_EXT_GET_KUSAGE, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
200 ASSERT_EQ(HITLS_X509_CertCtrl(&cert, HITLS_X509_EXT_GET_KUSAGE, &cert, 0), HITLS_X509_ERR_INVALID_PARAM);
201 EXIT:
202 BSL_GLOBAL_DeInit();
203 }
204 /* END_CASE */
205
206 /* BEGIN_CASE */
SDV_HITLS_X509_DupCert_TC001(void)207 void SDV_HITLS_X509_DupCert_TC001(void)
208 {
209 TestMemInit();
210 BSL_GLOBAL_Init();
211
212 HITLS_X509_Cert src = {0};
213 ASSERT_EQ(HITLS_X509_CertDup(NULL), NULL);
214 ASSERT_EQ(HITLS_X509_CertDup(&src), NULL);
215 EXIT:
216 BSL_GLOBAL_DeInit();
217 }
218 /* END_CASE */
219
220 /* BEGIN_CASE */
SDV_HITLS_X509_FreeCrl_TC001(void)221 void SDV_HITLS_X509_FreeCrl_TC001(void)
222 {
223 HITLS_X509_CrlFree(NULL);
224 }
225 /* END_CASE */
226
227 /* BEGIN_CASE */
SDV_HITLS_X509_CtrlCrl_TC001(void)228 void SDV_HITLS_X509_CtrlCrl_TC001(void)
229 {
230 TestMemInit();
231 BSL_GLOBAL_Init();
232
233 ASSERT_EQ(HITLS_X509_CrlCtrl(NULL, 0xff, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
234 HITLS_X509_Crl crl = {0};
235 ASSERT_EQ(HITLS_X509_CrlCtrl(&crl, 0xff, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
236 ASSERT_EQ(HITLS_X509_CrlCtrl(&crl, HITLS_X509_REF_UP, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
237 ASSERT_EQ(HITLS_X509_CrlCtrl(&crl, HITLS_X509_REF_UP, &crl, 0), HITLS_X509_ERR_INVALID_PARAM);
238 EXIT:
239 BSL_GLOBAL_DeInit();
240 }
241 /* END_CASE */
242
243 /* BEGIN_CASE */
SDV_HITLS_X509_ParseBuffCrl_TC001(void)244 void SDV_HITLS_X509_ParseBuffCrl_TC001(void)
245 {
246 TestMemInit();
247 HITLS_X509_Crl *crl = NULL;
248 uint8_t buffData[10] = {0};
249 BSL_GLOBAL_Init();
250
251 ASSERT_EQ(HITLS_X509_CrlParseBuff(0, NULL, NULL), HITLS_X509_ERR_INVALID_PARAM);
252 BSL_Buffer buff = {0};
253 ASSERT_EQ(HITLS_X509_CrlParseBuff(0, &buff, NULL), HITLS_X509_ERR_INVALID_PARAM);
254 buff.data = buffData;
255 ASSERT_EQ(HITLS_X509_CrlParseBuff(0, &buff, NULL), HITLS_X509_ERR_INVALID_PARAM);
256 buff.dataLen = 1;
257 ASSERT_EQ(HITLS_X509_CrlParseBuff(0, &buff, NULL), HITLS_X509_ERR_INVALID_PARAM);
258 ASSERT_EQ(HITLS_X509_CrlParseBuff(0xff, &buff, &crl), HITLS_X509_ERR_FORMAT_UNSUPPORT);
259 EXIT:
260 BSL_GLOBAL_DeInit();
261 }
262 /* END_CASE */
263
264 /* BEGIN_CASE */ // todo
SDV_HITLS_X509_ParseFileCrl_TC001(void)265 void SDV_HITLS_X509_ParseFileCrl_TC001(void)
266 {
267 TestMemInit();
268 BSL_GLOBAL_Init();
269
270 ASSERT_EQ(HITLS_X509_CrlParseFile(BSL_FORMAT_ASN1, NULL, NULL), BSL_NULL_INPUT);
271 ASSERT_EQ(HITLS_X509_CrlParseFile(BSL_FORMAT_ASN1, "../testdata/cert/asn1/ca-1-rsa-sha256-v2.der",
272 NULL), HITLS_X509_ERR_INVALID_PARAM);
273 EXIT:
274 BSL_GLOBAL_DeInit();
275 }
276 /* END_CASE */
277
278 /* BEGIN_CASE */
SDV_CRYPT_EAL_ParseBuffPubKey_TC001(void)279 void SDV_CRYPT_EAL_ParseBuffPubKey_TC001(void)
280 {
281 TestMemInit();
282 BSL_GLOBAL_Init();
283
284 BSL_Buffer buff = {0};
285 CRYPT_EAL_PkeyCtx *pkey = NULL;
286 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, 0xff, &buff, NULL, 0, &pkey), CRYPT_DECODE_NO_SUPPORT_TYPE);
287 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PUBKEY_SUBKEY, NULL, NULL, 0, &pkey), CRYPT_INVALID_ARG);
288 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PUBKEY_RSA, NULL, NULL, 0, &pkey), CRYPT_INVALID_ARG);
289 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PUBKEY_SUBKEY, &buff, NULL, 0, NULL), CRYPT_INVALID_ARG);
290 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PUBKEY_RSA, &buff, NULL, 0, NULL), CRYPT_INVALID_ARG);
291 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PUBKEY_SUBKEY, &buff, NULL, 0, &pkey), CRYPT_INVALID_ARG);
292 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PUBKEY_RSA, &buff, NULL, 0, &pkey), CRYPT_INVALID_ARG);
293 EXIT:
294 BSL_GLOBAL_DeInit();
295 }
296 /* END_CASE */
297
298 /* BEGIN_CASE */
SDV_CRYPT_EAL_ParseFilePubKey_TC001(void)299 void SDV_CRYPT_EAL_ParseFilePubKey_TC001(void)
300 {
301 TestMemInit();
302 BSL_GLOBAL_Init();
303
304 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(0xff, 0, NULL, NULL, 0, NULL), CRYPT_INVALID_ARG);
305 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PUBKEY_SUBKEY, NULL, NULL, 0, NULL), CRYPT_INVALID_ARG);
306 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PUBKEY_SUBKEY,
307 "../testdata/cert/asn1/prime256v1pub.der", NULL, 0, NULL), CRYPT_INVALID_ARG);
308 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PUBKEY_RSA, NULL, NULL, 0, NULL), CRYPT_INVALID_ARG);
309 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PUBKEY_RSA,
310 "../testdata/cert/asn1/rsa2048pub_pkcs1.der", NULL, 0, NULL), CRYPT_INVALID_ARG);
311 EXIT:
312 BSL_GLOBAL_DeInit();
313 }
314 /* END_CASE */
315
316 /* BEGIN_CASE */
SDV_CRYPT_EAL_ParseBuffPriKey_TC001(void)317 void SDV_CRYPT_EAL_ParseBuffPriKey_TC001(void)
318 {
319 TestMemInit();
320 BSL_GLOBAL_Init();
321
322 BSL_Buffer buff = {0};
323 uint8_t pwd = 0;
324 CRYPT_EAL_PkeyCtx *key = NULL;
325 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, 0xff, &buff, &pwd, 0, &key), CRYPT_DECODE_NO_SUPPORT_TYPE);
326 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_ECC, NULL, &pwd, 0, &key), CRYPT_INVALID_ARG);
327 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_RSA, NULL, &pwd, 0, &key), CRYPT_INVALID_ARG);
328 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_PKCS8_UNENCRYPT, NULL, &pwd, 0, &key), CRYPT_INVALID_ARG);
329 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_PKCS8_ENCRYPT, NULL, &pwd, 0, &key), CRYPT_INVALID_ARG);
330 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_ECC, &buff, NULL, 0, &key), CRYPT_INVALID_ARG);
331 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_RSA, &buff, NULL, 0, &key), CRYPT_INVALID_ARG);
332 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_PKCS8_UNENCRYPT, &buff, NULL, 0, &key), CRYPT_INVALID_ARG);
333 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_PKCS8_ENCRYPT, &buff, NULL, 0, &key), CRYPT_INVALID_ARG);
334 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_ECC, &buff, &pwd, 0, NULL), CRYPT_INVALID_ARG);
335 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_RSA, &buff, &pwd, 0, NULL), CRYPT_INVALID_ARG);
336 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_PKCS8_UNENCRYPT, &buff, &pwd, 0, NULL), CRYPT_INVALID_ARG);
337 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_PKCS8_ENCRYPT, &buff, &pwd, 0, NULL), CRYPT_INVALID_ARG);
338 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_ECC, &buff, &pwd, 0, &key), CRYPT_INVALID_ARG);
339 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_RSA, &buff, &pwd, 0, &key), CRYPT_INVALID_ARG);
340 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_PKCS8_UNENCRYPT, &buff, &pwd, 0, &key), CRYPT_INVALID_ARG);
341 ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(0, CRYPT_PRIKEY_PKCS8_ENCRYPT, &buff, &pwd, 0, &key), CRYPT_INVALID_ARG);
342 EXIT:
343 BSL_GLOBAL_DeInit();
344 }
345 /* END_CASE */
346
347 /* BEGIN_CASE */
SDV_CRYPT_EAL_ParseFilePriKey_TC001(void)348 void SDV_CRYPT_EAL_ParseFilePriKey_TC001(void)
349 {
350 TestMemInit();
351 BSL_GLOBAL_Init();
352
353 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(0xff, 0, NULL, NULL, 0, NULL), CRYPT_INVALID_ARG);
354 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PRIKEY_ECC, NULL, NULL, 0, NULL), CRYPT_INVALID_ARG);
355 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PRIKEY_ECC,
356 "../testdata/cert/asn1/prime256v1.der", NULL, 0, NULL), CRYPT_INVALID_ARG);
357 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PRIKEY_RSA, NULL, NULL, 0, NULL), CRYPT_INVALID_ARG);
358 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PRIKEY_RSA,
359 "../testdata/cert/asn1/rsa2048key_pkcs1.der", NULL, 0, NULL), CRYPT_INVALID_ARG);
360 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PRIKEY_PKCS8_UNENCRYPT, NULL, NULL, 0,
361 NULL), CRYPT_INVALID_ARG);
362 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PRIKEY_PKCS8_UNENCRYPT,
363 "../testdata/cert/asn1/prime256v1_pkcs8.der", NULL, 0, NULL), CRYPT_INVALID_ARG);
364 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PRIKEY_PKCS8_ENCRYPT, NULL, NULL, 0, NULL),
365 CRYPT_INVALID_ARG);
366 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_ASN1, CRYPT_PRIKEY_PKCS8_ENCRYPT,
367 "../testdata/cert/asn1/prime256v1_pkcs8_enc.der", NULL, 0, NULL), CRYPT_INVALID_ARG);
368 EXIT:
369 BSL_GLOBAL_DeInit();
370 }
371 /* END_CASE */
372
373 /* BEGIN_CASE */
SDV_CRYPT_EAL_ParseFilePriKeyFormat_TC001(int format,int type,char * path)374 void SDV_CRYPT_EAL_ParseFilePriKeyFormat_TC001(int format, int type, char *path)
375 {
376 TestMemInit();
377 BSL_GLOBAL_Init();
378 CRYPT_EAL_PkeyCtx *key = NULL;
379 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(format, type, path, NULL, 0, &key), CRYPT_SUCCESS);
380 EXIT:
381 CRYPT_EAL_PkeyFreeCtx(key);
382 BSL_GLOBAL_DeInit();
383 }
384 /* END_CASE */
385
386 /* BEGIN_CASE */
SDV_CRYPT_EAL_ParseFilePubKeyFormat_TC001(int format,int type,char * path)387 void SDV_CRYPT_EAL_ParseFilePubKeyFormat_TC001(int format, int type, char *path)
388 {
389 TestMemInit();
390 BSL_GLOBAL_Init();
391 CRYPT_EAL_PkeyCtx *key = NULL;
392 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(format, type, path, NULL, 0, &key), CRYPT_SUCCESS);
393 EXIT:
394 CRYPT_EAL_PkeyFreeCtx(key);
395 BSL_GLOBAL_DeInit();
396 }
397 /* END_CASE */
398
399 /* BEGIN_CASE */
SDV_X509_EncodeNameList_TC001(int format,char * certPath,Hex * expect)400 void SDV_X509_EncodeNameList_TC001(int format, char *certPath, Hex *expect)
401 {
402 HITLS_X509_Cert *cert = NULL;
403 BSL_ASN1_Buffer name = {0};
404
405 TestMemInit();
406 BSL_GLOBAL_Init();
407 ASSERT_EQ(HITLS_X509_CertParseFile(format, certPath, &cert), 0);
408 ASSERT_EQ(HITLS_X509_EncodeNameList(cert->tbs.issuerName, &name), 0);
409
410 ASSERT_COMPARE("Encode names", name.buff, name.len, expect->x, expect->len);
411
412 EXIT:
413 HITLS_X509_CertFree(cert);
414 BSL_SAL_Free(name.buff);
415 BSL_GLOBAL_DeInit();
416 }
417 /* END_CASE */
418
419 /* BEGIN_CASE */
SDV_X509_EXT_SetBCons_TC001(void)420 void SDV_X509_EXT_SetBCons_TC001(void)
421 {
422 TestMemInit();
423 BSL_GLOBAL_Init();
424 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
425 ASSERT_NE(cert, NULL);
426
427 HITLS_X509_Ext *ext = &cert->tbs.ext;
428 HITLS_X509_CertExt *certExt = (HITLS_X509_CertExt *)ext->extData;
429 ASSERT_EQ(certExt->extFlags, 0);
430 ASSERT_EQ(certExt->isCa, false);
431 ASSERT_EQ(certExt->maxPathLen, -1);
432
433 HITLS_X509_ExtBCons bCons = {true, true, 1};
434
435 ASSERT_EQ(HITLS_X509_ExtCtrl(ext, HITLS_X509_EXT_SET_BCONS, &bCons, 0), HITLS_X509_ERR_EXT_UNSUPPORT);
436 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_BCONS, &bCons, 0), HITLS_X509_ERR_INVALID_PARAM);
437
438 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_BCONS, &bCons, sizeof(HITLS_X509_ExtBCons)), 0);
439 ASSERT_EQ(BSL_LIST_COUNT(ext->extList), 1);
440 ASSERT_NE(certExt->extFlags & HITLS_X509_EXT_FLAG_BCONS, 0);
441 ASSERT_EQ(certExt->isCa, true);
442 ASSERT_EQ(certExt->maxPathLen, 1);
443
444 EXIT:
445 HITLS_X509_CertFree(cert);
446 BSL_GLOBAL_DeInit();
447 }
448 /* END_CASE */
449
450 /* BEGIN_CASE */
SDV_X509_EXT_SetAkiSki_TC001(Hex * kid)451 void SDV_X509_EXT_SetAkiSki_TC001(Hex *kid)
452 {
453 TestMemInit();
454 BSL_GLOBAL_Init();
455 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
456 ASSERT_NE(cert, NULL);
457
458 HITLS_X509_Ext *ext = &cert->tbs.ext;
459 HITLS_X509_ExtAki aki = {true, {kid->x, kid->len}, NULL, {0}};
460 HITLS_X509_ExtSki ski = {true, {kid->x, kid->len}};
461
462 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SKI, &ski, 0), HITLS_X509_ERR_INVALID_PARAM);
463 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_AKI, &aki, 0), HITLS_X509_ERR_INVALID_PARAM);
464
465 aki.kid.dataLen = 0;
466 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_AKI, &aki, sizeof(HITLS_X509_ExtAki)),
467 HITLS_X509_ERR_EXT_KID);
468 aki.kid.dataLen = kid->len;
469
470 ski.kid.dataLen = 0;
471 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SKI, &ski, sizeof(HITLS_X509_ExtSki)),
472 HITLS_X509_ERR_EXT_KID);
473 ski.kid.dataLen = kid->len;
474
475 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_AKI, &aki, sizeof(HITLS_X509_ExtAki)), 0);
476 ASSERT_EQ(BSL_LIST_COUNT(ext->extList), 1);
477 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SKI, &ski, sizeof(HITLS_X509_ExtSki)), 0);
478 ASSERT_NE(ext->flag & HITLS_X509_EXT_FLAG_GEN, 0);
479 ASSERT_EQ(BSL_LIST_COUNT(ext->extList), 1 + 1);
480 EXIT:
481 HITLS_X509_CertFree(cert);
482 BSL_GLOBAL_DeInit();
483 }
484 /* END_CASE */
485
486 /* BEGIN_CASE */
SDV_X509_EXT_SetKeyUsage_TC001(void)487 void SDV_X509_EXT_SetKeyUsage_TC001(void)
488 {
489 TestMemInit();
490 BSL_GLOBAL_Init();
491 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
492 ASSERT_NE(cert, NULL);
493
494 HITLS_X509_Ext *ext = &cert->tbs.ext;
495 HITLS_X509_CertExt *certExt = (HITLS_X509_CertExt *)ext->extData;
496 ASSERT_EQ(certExt->keyUsage, 0);
497
498 HITLS_X509_ExtKeyUsage ku = {true, 0};
499
500 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_KUSAGE, &ku, 0), HITLS_X509_ERR_INVALID_PARAM);
501
502 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_KUSAGE, &ku, sizeof(HITLS_X509_ExtKeyUsage)),
503 HITLS_X509_ERR_EXT_KU);
504
505 ku.keyUsage = HITLS_X509_EXT_KU_DIGITAL_SIGN | HITLS_X509_EXT_KU_NON_REPUDIATION |
506 HITLS_X509_EXT_KU_KEY_ENCIPHERMENT | HITLS_X509_EXT_KU_DATA_ENCIPHERMENT | HITLS_X509_EXT_KU_KEY_AGREEMENT |
507 HITLS_X509_EXT_KU_KEY_CERT_SIGN | HITLS_X509_EXT_KU_CRL_SIGN | HITLS_X509_EXT_KU_ENCIPHER_ONLY |
508 HITLS_X509_EXT_KU_DECIPHER_ONLY;
509 ku.keyUsage = ~ku.keyUsage;
510 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_KUSAGE, &ku, sizeof(HITLS_X509_ExtKeyUsage)),
511 HITLS_X509_ERR_EXT_KU);
512
513 ku.keyUsage = ~ku.keyUsage;
514 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_KUSAGE, &ku, sizeof(HITLS_X509_ExtKeyUsage)), 0);
515 ASSERT_EQ(BSL_LIST_COUNT(ext->extList), 1);
516 ASSERT_NE(certExt->extFlags & HITLS_X509_EXT_FLAG_KUSAGE, 0);
517 ASSERT_NE(ext->flag & HITLS_X509_EXT_FLAG_GEN, 0);
518
519 EXIT:
520 HITLS_X509_CertFree(cert);
521 BSL_GLOBAL_DeInit();
522 }
523 /* END_CASE */
524
525 /* BEGIN_CASE */
SDV_X509_EXT_SetExtendKeyUsage_TC001(void)526 void SDV_X509_EXT_SetExtendKeyUsage_TC001(void)
527 {
528 TestMemInit();
529 BSL_GLOBAL_Init();
530 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
531 ASSERT_NE(cert, NULL);
532 BslList *oidList = BSL_LIST_New(sizeof(BSL_Buffer));
533 ASSERT_NE(oidList, NULL);
534
535 HITLS_X509_Ext *ext = &cert->tbs.ext;
536 HITLS_X509_ExtExKeyUsage exku = {true, NULL};
537
538 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_EXKUSAGE, &exku, 0), HITLS_X509_ERR_INVALID_PARAM);
539
540 // error: list is null
541 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_EXKUSAGE, &exku, sizeof(HITLS_X509_ExtExKeyUsage)),
542 HITLS_X509_ERR_EXT_EXTENDED_KU);
543 // werror: list is empty
544 exku.oidList = oidList;
545 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_EXKUSAGE, &exku, sizeof(HITLS_X509_ExtExKeyUsage)),
546 HITLS_X509_ERR_EXT_EXTENDED_KU);
547 // error: oid is null
548 BSL_Buffer emptyOid = {0};
549 ASSERT_EQ(BSL_LIST_AddElement(oidList, &emptyOid, BSL_LIST_POS_END), 0);
550 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_EXKUSAGE, &exku, sizeof(HITLS_X509_ExtExKeyUsage)),
551 HITLS_X509_ERR_EXT_EXTENDED_KU_ELE);
552 BSL_LIST_DeleteAll(oidList, FreeListData);
553
554 // success: normal oid
555 BslOidString *oid = BSL_OBJ_GetOID(BSL_CID_KP_SERVERAUTH);
556 ASSERT_NE(oid, NULL);
557 BSL_Buffer oidBuff = {(uint8_t *)oid->octs, oid->octetLen};
558 ASSERT_EQ(BSL_LIST_AddElement(oidList, &oidBuff, BSL_LIST_POS_END), 0);
559 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_EXKUSAGE, &exku, sizeof(HITLS_X509_ExtExKeyUsage)), 0);
560 ASSERT_NE(ext->flag & HITLS_X509_EXT_FLAG_GEN, 0);
561
562 EXIT:
563 HITLS_X509_CertFree(cert);
564 BSL_LIST_FREE(oidList, FreeListData);
565 BSL_GLOBAL_DeInit();
566 }
567 /* END_CASE */
568
569 /* BEGIN_CASE */
SDV_X509_EXT_SetSan_TC001(void)570 void SDV_X509_EXT_SetSan_TC001(void)
571 {
572 TestMemInit();
573 BSL_GLOBAL_Init();
574 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
575 ASSERT_NE(cert, NULL);
576 BslList *list = BSL_LIST_New(sizeof(HITLS_X509_GeneralName));
577 ASSERT_NE(list, NULL);
578
579 HITLS_X509_Ext *ext = &cert->tbs.ext;
580 HITLS_X509_ExtSan san = {true, NULL};
581
582 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SAN, &san, 0), HITLS_X509_ERR_INVALID_PARAM);
583
584 // error: list is null
585 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SAN, &san, sizeof(HITLS_X509_ExtSan)),
586 HITLS_X509_ERR_EXT_SAN);
587 // error: list is empty
588 san.names = list;
589 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SAN, &san, sizeof(HITLS_X509_ExtSan)),
590 HITLS_X509_ERR_EXT_SAN);
591 // error: list data content is null
592 HITLS_X509_GeneralName empty = {0};
593 ASSERT_EQ(BSL_LIST_AddElement(list, &empty, BSL_LIST_POS_END), 0);
594 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SAN, &san, sizeof(HITLS_X509_ExtSan)),
595 HITLS_X509_ERR_EXT_SAN_ELE);
596 BSL_LIST_DeleteAll(list, FreeListData);
597
598 // error: name type
599 char *email = "test@a.com";
600 HITLS_X509_GeneralName errType = {HITLS_X509_GN_IP + 1, {(uint8_t *)email, (uint32_t)strlen(email)}};
601 ASSERT_EQ(BSL_LIST_AddElement(list, &errType, BSL_LIST_POS_END), 0);
602 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SAN, &san, sizeof(HITLS_X509_ExtSan)),
603 HITLS_X509_ERR_EXT_GN_UNSUPPORT);
604 BSL_LIST_DeleteAll(list, FreeListData);
605 // success
606 HITLS_X509_GeneralName nomal = {HITLS_X509_GN_EMAIL, {(uint8_t *)email, (uint32_t)strlen(email)}};
607 ASSERT_EQ(BSL_LIST_AddElement(list, &nomal, BSL_LIST_POS_END), 0);
608 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SAN, &san, sizeof(HITLS_X509_ExtSan)), 0);
609 ASSERT_NE(ext->flag & HITLS_X509_EXT_FLAG_GEN, 0);
610
611 EXIT:
612 HITLS_X509_CertFree(cert);
613 BSL_LIST_FREE(list, FreeListData);
614 BSL_GLOBAL_DeInit();
615 }
616 /* END_CASE */
617
618 /* BEGIN_CASE */
SDV_X509_EXT_EncodeBCons_TC001(int critical,int isCa,int maxPathLen,Hex * expect)619 void SDV_X509_EXT_EncodeBCons_TC001(int critical, int isCa, int maxPathLen, Hex *expect)
620 {
621 TestMemInit();
622 BSL_GLOBAL_Init();
623 int8_t tag = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
624 HITLS_X509_ExtBCons bCons = {critical, isCa, maxPathLen};
625 BSL_ASN1_Buffer encode = {0};
626
627 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
628 ASSERT_NE(cert, NULL);
629
630 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_BCONS, &bCons, sizeof(HITLS_X509_ExtBCons)), 0);
631 ASSERT_EQ(HITLS_X509_EncodeExt(tag, cert->tbs.ext.extList, &encode), HITLS_PKI_SUCCESS);
632 ASSERT_EQ(encode.len, expect->len);
633 ASSERT_COMPARE("Ext: bCons", encode.buff, encode.len, expect->x, expect->len);
634 EXIT:
635 HITLS_X509_CertFree(cert);
636 BSL_SAL_Free(encode.buff);
637 BSL_GLOBAL_DeInit();
638 }
639 /* END_CASE */
640
641 /* BEGIN_CASE */
SDV_X509_EXT_EncodeExtendKeyUsage_TC001(int critical,Hex * oid1,Hex * oid2,Hex * expect)642 void SDV_X509_EXT_EncodeExtendKeyUsage_TC001(int critical, Hex *oid1, Hex *oid2, Hex *expect)
643 {
644 TestMemInit();
645 BSL_GLOBAL_Init();
646 int8_t tag = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
647 BSL_ASN1_Buffer encode = {0};
648 HITLS_X509_ExtExKeyUsage exku = {critical, NULL};
649
650 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
651 ASSERT_NE(cert, NULL);
652 exku.oidList = BSL_LIST_New(sizeof(BSL_Buffer));
653 ASSERT_NE(exku.oidList, NULL);
654 ASSERT_EQ(BSL_LIST_AddElement(exku.oidList, oid1, BSL_LIST_POS_END), 0);
655 ASSERT_EQ(BSL_LIST_AddElement(exku.oidList, oid2, BSL_LIST_POS_END), 0);
656
657 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_EXKUSAGE, &exku, sizeof(HITLS_X509_ExtExKeyUsage)),
658 0);
659 ASSERT_EQ(HITLS_X509_EncodeExt(tag, cert->tbs.ext.extList, &encode), HITLS_PKI_SUCCESS);
660 ASSERT_EQ(encode.len, expect->len);
661 ASSERT_COMPARE("Ext: extendKeyUsage", encode.buff, encode.len, expect->x, expect->len);
662
663 EXIT:
664 HITLS_X509_CertFree(cert);
665 BSL_LIST_DeleteAll(exku.oidList, FreeListData);
666 BSL_SAL_Free(exku.oidList);
667 BSL_SAL_Free(encode.buff);
668 BSL_GLOBAL_DeInit();
669 }
670 /* END_CASE */
671
672 /* BEGIN_CASE */
SDV_X509_AddDnName_TC001(int unknownCid,int cid,Hex * oid,Hex * value)673 void SDV_X509_AddDnName_TC001(int unknownCid, int cid, Hex *oid, Hex *value)
674 {
675 TestMemInit();
676 BSL_GLOBAL_Init();
677
678 BslList *list = BSL_LIST_New(1);
679 ASSERT_TRUE(list != NULL);
680
681 HITLS_X509_DN unknownName[1] = {{unknownCid, value->x, value->len}};
682 HITLS_X509_DN dnName[1] = {{cid, value->x, value->len}};
683 HITLS_X509_DN dnNullName[1] = {{cid, NULL, value->len}};
684 HITLS_X509_DN dnZeroLenName[1] = {{cid, value->x, 0}};
685 ASSERT_EQ(HITLS_X509_AddDnName(list, unknownName, 1), HITLS_X509_ERR_SET_DNNAME_UNKNOWN);
686
687 ASSERT_EQ(HITLS_X509_AddDnName(list, dnName, 0), HITLS_X509_ERR_INVALID_PARAM);
688 ASSERT_EQ(HITLS_X509_AddDnName(list, NULL, 0), HITLS_X509_ERR_INVALID_PARAM);
689 ASSERT_EQ(HITLS_X509_AddDnName(list, dnNullName, 1), HITLS_X509_ERR_INVALID_PARAM);
690 ASSERT_EQ(HITLS_X509_AddDnName(list, dnZeroLenName, 1), HITLS_X509_ERR_INVALID_PARAM);
691 ASSERT_EQ(HITLS_X509_AddDnName(list, dnName, 1), HITLS_PKI_SUCCESS);
692 ASSERT_EQ(BSL_LIST_COUNT(list), 2); // layer 1 and layer 2
693
694 HITLS_X509_NameNode **node = BSL_LIST_First(list);
695 ASSERT_EQ((*node)->layer, 1); // layer 1
696 ASSERT_EQ((*node)->nameType.tag, 0);
697 ASSERT_EQ((*node)->nameType.buff, NULL);
698 ASSERT_EQ((*node)->nameType.len, 0);
699 ASSERT_EQ((*node)->nameValue.tag, 0);
700 ASSERT_EQ((*node)->nameValue.buff, NULL);
701 ASSERT_EQ((*node)->nameValue.len, 0);
702 node = BSL_LIST_Next(list);
703 ASSERT_EQ((*node)->layer, 2); // layer 2
704 ASSERT_EQ((*node)->nameType.tag, BSL_ASN1_TAG_OBJECT_ID);
705 ASSERT_COMPARE("nameOid", (*node)->nameType.buff, (*node)->nameType.len, oid->x, oid->len);
706 ASSERT_EQ((*node)->nameValue.tag, BSL_ASN1_TAG_UTF8STRING);
707 ASSERT_COMPARE("nameValue", (*node)->nameValue.buff, (*node)->nameValue.len, value->x, value->len);
708
709 /* subject name can add repeat name */
710 ASSERT_EQ(HITLS_X509_AddDnName(list, dnName, 1), HITLS_PKI_SUCCESS);
711
712 list->count = 100; // 100: the max number of name type.
713 ASSERT_EQ(HITLS_X509_AddDnName(list, dnName, 1), HITLS_X509_ERR_SET_DNNAME_TOOMUCH);
714
715 EXIT:
716 BSL_LIST_FREE(list, (BSL_LIST_PFUNC_FREE)HITLS_X509_FreeNameNode);
717 BSL_GLOBAL_DeInit();
718 }
719 /* END_CASE */
720
721 /* BEGIN_CASE */
SDV_X509_EXT_EncodeSan_TC001(int critical,int type1,int type2,int type3,int type4,int dirCid1,int dirCid2,Hex * value,Hex * expect)722 void SDV_X509_EXT_EncodeSan_TC001(int critical, int type1, int type2, int type3, int type4, int dirCid1,
723 int dirCid2, Hex *value, Hex *expect)
724 {
725 TestMemInit();
726 BSL_GLOBAL_Init();
727 int8_t tag = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
728 BSL_ASN1_Buffer encode = {0};
729 HITLS_X509_ExtSan san = {critical, NULL};
730
731 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
732 ASSERT_NE(cert, NULL);
733 san.names = BSL_LIST_New(sizeof(BSL_Buffer));
734 ASSERT_NE(san.names, NULL);
735
736 // Generate san
737 BslList *dirNames = HITLS_X509_DnListNew();
738 ASSERT_NE(dirNames, NULL);
739 HITLS_X509_DN dnName1[1] = {{(BslCid)dirCid1, value->x, value->len}};
740 HITLS_X509_DN dnName2[1] = {{(BslCid)dirCid2, value->x, value->len}};
741 ASSERT_EQ(HITLS_X509_AddDnName(dirNames, dnName1, 1), 0);
742 ASSERT_EQ(HITLS_X509_AddDnName(dirNames, dnName2, 1), 0);
743 HITLS_X509_GeneralName names[] = {
744 {type1, {value->x, value->len}},
745 {type2, {value->x, value->len}},
746 {type3, {value->x, value->len}},
747 {type4, {value->x, value->len}},
748 {HITLS_X509_GN_DNNAME, {(uint8_t *)dirNames, sizeof(BslList *)}},
749 };
750 for (uint32_t i = 0; i < sizeof(names) / sizeof(names[0]); i++) {
751 ASSERT_EQ(BSL_LIST_AddElement(san.names, &names[i], BSL_LIST_POS_END), 0);
752 }
753
754 // set san and encode ext
755 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SAN, &san, sizeof(HITLS_X509_ExtSan)), 0);
756 ASSERT_EQ(HITLS_X509_EncodeExt(tag, cert->tbs.ext.extList, &encode), HITLS_PKI_SUCCESS);
757 ASSERT_EQ(encode.len, expect->len);
758 ASSERT_COMPARE("Ext: san", encode.buff, encode.len, expect->x, expect->len);
759
760 EXIT:
761 HITLS_X509_CertFree(cert);
762 BSL_LIST_DeleteAll(san.names, FreeSanListData);
763 BSL_SAL_Free(san.names);
764 BSL_SAL_Free(encode.buff);
765 BSL_GLOBAL_DeInit();
766 }
767 /* END_CASE */
768
769 /* BEGIN_CASE */
SDV_X509_EXT_EncodeKeyUsage_TC001(int critical,int usage,Hex * expect)770 void SDV_X509_EXT_EncodeKeyUsage_TC001(int critical, int usage, Hex *expect)
771 {
772 TestMemInit();
773 BSL_GLOBAL_Init();
774 int8_t tag = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
775 HITLS_X509_ExtKeyUsage ku = {critical, usage};
776 BSL_ASN1_Buffer encode = {0};
777
778 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
779 ASSERT_NE(cert, NULL);
780
781 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_KUSAGE, &ku, sizeof(HITLS_X509_ExtKeyUsage)), 0);
782 ASSERT_EQ(HITLS_X509_EncodeExt(tag, cert->tbs.ext.extList, &encode), HITLS_PKI_SUCCESS);
783 ASSERT_EQ(encode.len, expect->len);
784 ASSERT_COMPARE("Ext: keyUsage", encode.buff, encode.len, expect->x, expect->len);
785 EXIT:
786 HITLS_X509_CertFree(cert);
787 BSL_SAL_Free(encode.buff);
788 BSL_GLOBAL_DeInit();
789 }
790 /* END_CASE */
791
792 /* BEGIN_CASE */
SDV_X509_EXT_EncodeAKiSki_TC001(int critical1,int critical2,Hex * kid1,Hex * kid2,Hex * expect)793 void SDV_X509_EXT_EncodeAKiSki_TC001(int critical1, int critical2, Hex *kid1, Hex *kid2, Hex *expect)
794 {
795 TestMemInit();
796 BSL_GLOBAL_Init();
797 int8_t tag = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
798 HITLS_X509_ExtAki aki = {critical1, {kid1->x, kid1->len}, NULL, {0}};
799 HITLS_X509_ExtSki ski = {critical2, {kid2->x, kid2->len}};
800 BSL_ASN1_Buffer encode = {0};
801
802 HITLS_X509_Cert *cert = HITLS_X509_CertNew();
803 ASSERT_NE(cert, NULL);
804
805 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_SKI, &ski, sizeof(HITLS_X509_ExtSki)), 0);
806 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_EXT_SET_AKI, &aki, sizeof(HITLS_X509_ExtAki)), 0);
807 ASSERT_EQ(HITLS_X509_EncodeExt(tag, cert->tbs.ext.extList, &encode), HITLS_PKI_SUCCESS);
808 ASSERT_EQ(encode.len, expect->len);
809 ASSERT_COMPARE("Ext:aki ski", encode.buff, encode.len, expect->x, expect->len);
810 EXIT:
811 HITLS_X509_CertFree(cert);
812 BSL_SAL_Free(encode.buff);
813 BSL_GLOBAL_DeInit();
814 }
815 /* END_CASE */
816
817 typedef struct {
818 int32_t type;
819 Hex *value;
820 } TestGeneralNameMap;
821
822 /* BEGIN_CASE */
SDV_X509_EXT_ParseGeneralNames_TC001(Hex * encode,Hex * ip,Hex * uri,Hex * rfc822,Hex * regId,Hex * dns)823 void SDV_X509_EXT_ParseGeneralNames_TC001(Hex *encode, Hex *ip, Hex *uri, Hex *rfc822, Hex *regId, Hex *dns)
824 {
825 TestGeneralNameMap map[] = {
826 {HITLS_X509_GN_DNNAME, NULL},
827 {HITLS_X509_GN_IP, ip},
828 {HITLS_X509_GN_URI, uri},
829 {HITLS_X509_GN_OTHER, NULL},
830 {HITLS_X509_GN_EMAIL, rfc822},
831 {HITLS_X509_GN_RID, regId},
832 {HITLS_X509_GN_DNS, dns},
833 };
834
835 TestMemInit();
836 BslList *list = BSL_LIST_New(sizeof(HITLS_X509_GeneralName));
837 ASSERT_NE(list, NULL);
838
839 ASSERT_EQ(HITLS_X509_ParseGeneralNames(encode->x, encode->len, list), HITLS_PKI_SUCCESS);
840 ASSERT_EQ(BSL_LIST_COUNT(list), sizeof(map) / sizeof(map[0]));
841
842 HITLS_X509_GeneralName *name = NULL;
843 uint32_t idx = 0;
844 for (name = BSL_LIST_GET_FIRST(list); name != NULL; name = BSL_LIST_GET_NEXT(list), idx++) {
845 ASSERT_EQ(name->type, map[idx].type);
846 if (map[idx].value != NULL) {
847 ASSERT_COMPARE("gn", name->value.data, name->value.dataLen, map[idx].value->x, map[idx].value->len);
848 }
849 }
850
851 EXIT:
852 HITLS_X509_ClearGeneralNames(list);
853 BSL_SAL_Free(list);
854 }
855 /* END_CASE */
856
857 /* BEGIN_CASE */
SDV_X509_EXT_ParseGeneralNames_Error_TC001(Hex * encode,int ret)858 void SDV_X509_EXT_ParseGeneralNames_Error_TC001(Hex *encode, int ret)
859 {
860 BSL_GLOBAL_Init();
861 TestMemInit();
862 BslList *list = BSL_LIST_New(sizeof(HITLS_X509_GeneralName));
863 ASSERT_NE(list, NULL);
864
865 ASSERT_EQ(HITLS_X509_ParseGeneralNames(encode->x, encode->len, list), ret);
866
867 EXIT:
868 BSL_SAL_Free(list);
869 BSL_GLOBAL_DeInit();
870 }
871 /* END_CASE */
872
873 /* BEGIN_CASE */
SDV_X509_EXT_ParseSki_TC001(Hex * encode,int ret,Hex * kid)874 void SDV_X509_EXT_ParseSki_TC001(Hex *encode, int ret, Hex *kid)
875 {
876 BSL_GLOBAL_Init();
877 TestMemInit();
878 HITLS_X509_ExtSki ski = {0};
879 HITLS_X509_ExtEntry entry = {BSL_CID_CE_SUBJECTKEYIDENTIFIER, {0}, true, {0, encode->len, encode->x}};
880
881 ASSERT_EQ(HITLS_X509_ParseSubjectKeyId(&entry, &ski), ret);
882 if (ret == 0) {
883 ASSERT_EQ(ski.critical, entry.critical);
884 ASSERT_COMPARE("Subject kid", kid->x, kid->len, ski.kid.data, ski.kid.dataLen);
885 }
886
887 EXIT:
888 BSL_GLOBAL_DeInit();
889 }
890 /* END_CASE */
891
892 /* BEGIN_CASE */
SDV_X509_EXT_ParseExtendedKu_TC001(Hex * encode,Hex * ku1,Hex * ku2,Hex * ku3)893 void SDV_X509_EXT_ParseExtendedKu_TC001(Hex *encode, Hex *ku1, Hex *ku2, Hex *ku3)
894 {
895 BSL_GLOBAL_Init();
896 TestMemInit();
897
898 Hex *values[] = {ku1, ku2, ku3};
899 uint32_t cnt = sizeof(values) / sizeof(values[0]);
900 HITLS_X509_ExtExKeyUsage exku = {0};
901 HITLS_X509_ExtEntry entry = {BSL_CID_CE_EXTKEYUSAGE, {0}, true, {0, encode->len, encode->x}};
902
903 ASSERT_EQ(HITLS_X509_ParseExtendedKeyUsage(&entry, &exku), 0);
904 ASSERT_EQ(exku.critical, entry.critical);
905 ASSERT_EQ(BSL_LIST_COUNT(exku.oidList), cnt);
906 uint32_t idx = 0;
907 for (BSL_Buffer *data = BSL_LIST_GET_FIRST(exku.oidList); data != NULL; data = BSL_LIST_GET_NEXT(exku.oidList)) {
908 ASSERT_COMPARE("Extended key usage", values[idx]->x, values[idx]->len, data->data, data->dataLen);
909 idx++;
910 }
911
912 EXIT:
913 HITLS_X509_ClearExtendedKeyUsage(&exku);
914 BSL_GLOBAL_DeInit();
915 }
916 /* END_CASE */
917
918 /* BEGIN_CASE */
SDV_X509_EXT_ParseAki_TC001(Hex * encode,Hex * kid,Hex * serial,int nameCnt)919 void SDV_X509_EXT_ParseAki_TC001(Hex *encode, Hex *kid, Hex *serial, int nameCnt)
920 {
921 HITLS_X509_ExtAki aki = {0};
922 HITLS_X509_ExtEntry entry = {BSL_CID_CE_AUTHORITYKEYIDENTIFIER, {0}, true, {0, encode->len, encode->x}};
923
924 TestMemInit();
925 ASSERT_EQ(HITLS_X509_ParseAuthorityKeyId(&entry, &aki), 0);
926
927 ASSERT_EQ(aki.critical, entry.critical);
928 ASSERT_COMPARE("kid", aki.kid.data, aki.kid.dataLen, kid->x, kid->len);
929 ASSERT_COMPARE("serial", aki.serialNum.data, aki.serialNum.dataLen, serial->x, serial->len);
930
931 ASSERT_EQ(BSL_LIST_COUNT(aki.issuerName), nameCnt);
932
933 EXIT:
934 HITLS_X509_ClearAuthorityKeyId(&aki);
935 }
936 /* END_CASE */
937
938 /* BEGIN_CASE */
SDV_X509_EXT_ParseSan_TC001(Hex * encode,int ret,int gnNameCnt,int gnType1,int gnType2,Hex * rfc822,Hex * dnType,Hex * dnValue)939 void SDV_X509_EXT_ParseSan_TC001(Hex *encode, int ret, int gnNameCnt, int gnType1, int gnType2, Hex *rfc822, Hex *dnType,
940 Hex *dnValue)
941 {
942 HITLS_X509_ExtSan san = {0};
943 HITLS_X509_ExtEntry entry = {BSL_CID_CE_SUBJECTALTNAME, {0}, true, {0, encode->len, encode->x}};
944 HITLS_X509_GeneralName *gnName = NULL;
945 BslList *dirNameList = NULL;
946 HITLS_X509_NameNode *dirName = NULL;
947
948 TestMemInit();
949 ASSERT_EQ(HITLS_X509_ParseSubjectAltName(&entry, &san), ret);
950 if (ret == 0) {
951 ASSERT_EQ(san.critical, entry.critical);
952 ASSERT_EQ(BSL_LIST_COUNT(san.names), gnNameCnt);
953
954 gnName = BSL_LIST_GET_FIRST(san.names);
955 ASSERT_EQ(gnName->type, gnType1);
956 ASSERT_COMPARE("gnName 1", rfc822->x, rfc822->len, gnName->value.data, gnName->value.dataLen);
957
958 gnName = BSL_LIST_GET_NEXT(san.names);
959 ASSERT_EQ(gnName->type, gnType2);
960 dirNameList = (BslList *)gnName->value.data;
961 ASSERT_EQ(BSL_LIST_COUNT(dirNameList), 1 + 1); // layer 1 and layer 2
962 dirName = BSL_LIST_GET_FIRST(dirNameList); // layer 1
963 dirName = BSL_LIST_GET_NEXT(dirNameList); // layer 2
964 ASSERT_COMPARE("dnname type", dirName->nameType.buff, dirName->nameType.len, dnType->x, dnType->len);
965 ASSERT_COMPARE("dnname value", dirName->nameValue.buff, dirName->nameValue.len, dnValue->x, dnValue->len);
966 }
967
968 EXIT:
969 HITLS_X509_ClearSubjectAltName(&san);
970 }
971 /* END_CASE */
972
973 /* BEGIN_CASE */
SDV_X509_EXT_GetSki_TC001(Hex * encode,int ret,int critical,Hex * kid)974 void SDV_X509_EXT_GetSki_TC001(Hex *encode, int ret, int critical, Hex *kid)
975 {
976 TestMemInit();
977
978 BSL_ASN1_Buffer asnExt = {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED, encode->len, encode->x};
979 bool getIsExist;
980 HITLS_X509_ExtSki ski = {0};
981
982 HITLS_X509_Ext *ext = HITLS_X509_ExtNew(HITLS_X509_EXT_TYPE_CSR);
983 ASSERT_NE(ext, NULL);
984 ASSERT_EQ(HITLS_X509_ParseExt(&asnExt, ext), 0);
985
986 ASSERT_EQ(HITLS_X509_ExtCtrl(ext, HITLS_X509_EXT_CHECK_SKI, &getIsExist, sizeof(bool)), 0);
987 ASSERT_EQ(getIsExist, ret == HITLS_PKI_SUCCESS);
988
989 ASSERT_EQ(HITLS_X509_ExtCtrl(ext, HITLS_X509_EXT_GET_SKI, &ski, sizeof(HITLS_X509_ExtSki)), ret);
990 ASSERT_EQ(ski.critical, critical);
991 ASSERT_COMPARE("Get ski", ski.kid.data, ski.kid.dataLen, kid->x, kid->len);
992
993 EXIT:
994 HITLS_X509_ExtFree(ext);
995 }
996 /* END_CASE */
997
998 /* BEGIN_CASE */
SDV_HITLS_X509_ExtParamCheck_TC001(void)999 void SDV_HITLS_X509_ExtParamCheck_TC001(void)
1000 {
1001 TestMemInit();
1002 BSL_GLOBAL_Init();
1003
1004 ASSERT_EQ(HITLS_X509_ExtNew(HITLS_X509_EXT_TYPE_CERT), NULL);
1005 ASSERT_EQ(HITLS_X509_ExtNew(HITLS_X509_EXT_TYPE_CRL), NULL);
1006 HITLS_X509_Ext *ext = HITLS_X509_ExtNew(HITLS_X509_EXT_TYPE_CSR);
1007 ASSERT_NE(ext, NULL);
1008 HITLS_X509_ExtFree(ext);
1009 EXIT:
1010 BSL_GLOBAL_DeInit();
1011 }
1012 /* END_CASE */
1013
1014
1015 /* BEGIN_CASE */
SDV_X509_SIGN_Api_TC001(void)1016 void SDV_X509_SIGN_Api_TC001(void)
1017 {
1018 CRYPT_EAL_PkeyCtx *prvKey = NULL;
1019 uint8_t obj = 1;
1020 TestMemInit();
1021 prvKey = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_RSA);
1022 ASSERT_NE(prvKey, NULL);
1023
1024 ASSERT_EQ(HITLS_X509_Sign(CRYPT_MD_SHA3_384, prvKey, NULL, &obj, TestSignCb), HITLS_X509_ERR_HASHID);
1025
1026 ASSERT_EQ(HITLS_X509_Sign(CRYPT_MD_SHA384, prvKey, NULL, &obj, TestSignCb), BSL_MALLOC_FAIL);
1027
1028 EXIT:
1029 CRYPT_EAL_PkeyFreeCtx(prvKey);
1030 }
1031 /* END_CASE */
1032
1033 /* BEGIN_CASE */
SDV_X509_SIGN_Func_TC001(char * keyPath,int keyFormat,int keyType,int mdId,int pad,int hashId,int mgfId,int saltLen,int ret)1034 void SDV_X509_SIGN_Func_TC001(char *keyPath, int keyFormat, int keyType, int mdId, int pad, int hashId, int mgfId,
1035 int saltLen, int ret)
1036 {
1037 CRYPT_EAL_PkeyCtx *prvKey = NULL;
1038 HITLS_X509_SignAlgParam algParam = {0};
1039 HITLS_X509_SignAlgParam *algParamPtr = NULL;
1040 uint8_t obj = 1;
1041 if (pad == 0) {
1042 algParamPtr = NULL;
1043 } else if (pad == CRYPT_EMSA_PSS) {
1044 algParam.algId = BSL_CID_RSASSAPSS;
1045 algParam.rsaPss.mdId = hashId;
1046 algParam.rsaPss.mgfId = mgfId;
1047 algParam.rsaPss.saltLen = saltLen;
1048 algParamPtr = &algParam;
1049 }
1050
1051 TestMemInit();
1052 TestRandInit();
1053 ASSERT_EQ(CRYPT_EAL_DecodeFileKey(keyFormat, keyType, keyPath, NULL, 0, &prvKey), 0);
1054
1055 ASSERT_EQ(HITLS_X509_Sign(mdId, prvKey, algParamPtr, &obj, TestSignCb), ret);
1056
1057 EXIT:
1058 CRYPT_EAL_PkeyFreeCtx(prvKey);
1059 TestRandDeInit();
1060 }
1061 /* END_CASE */
1062
1063 /* BEGIN_CASE */
SDV_X509_SIGN_Func_TC002(void)1064 void SDV_X509_SIGN_Func_TC002(void)
1065 {
1066 CRYPT_EAL_PkeyCtx *prvKey = NULL;
1067 HITLS_X509_SignAlgParam algParam = {0};
1068 uint8_t obj = 1;
1069 CRYPT_RsaPadType pad = CRYPT_EMSA_PKCSV15;
1070 CRYPT_EAL_PkeyPara para = {0};
1071 uint8_t e[] = {1, 0, 1};
1072 para.id = CRYPT_PKEY_RSA;
1073 para.para.rsaPara.e = e;
1074 para.para.rsaPara.eLen = 3;
1075 para.para.rsaPara.bits = 1024;
1076
1077 TestMemInit();
1078 TestRandInit();
1079 prvKey = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_RSA);
1080 ASSERT_NE(prvKey, NULL);
1081
1082 ASSERT_EQ(CRYPT_EAL_PkeySetPara(prvKey, ¶), CRYPT_SUCCESS);
1083 ASSERT_EQ(CRYPT_EAL_PkeyGen(prvKey), 0);
1084 ASSERT_EQ(CRYPT_EAL_PkeyCtrl(prvKey, CRYPT_CTRL_SET_RSA_PADDING, &pad, sizeof(CRYPT_RsaPadType)), 0);
1085
1086 ASSERT_EQ(HITLS_X509_Sign(CRYPT_MD_SHA224, prvKey, NULL, &obj, TestSignCb), 0);
1087 ASSERT_EQ(HITLS_X509_Sign(CRYPT_MD_SHA224, prvKey, &algParam, &obj, TestSignCb), HITLS_X509_ERR_SIGN_PARAM);
1088
1089 pad = CRYPT_EMSA_PSS;
1090 ASSERT_EQ(CRYPT_EAL_PkeyCtrl(prvKey, CRYPT_CTRL_SET_RSA_PADDING, &pad, sizeof(CRYPT_RsaPadType)), 0);
1091 ASSERT_EQ(HITLS_X509_Sign(CRYPT_MD_SHA224, prvKey, NULL, &obj, TestSignCb), 0);
1092
1093 CRYPT_RSA_PssPara pssPara = {1, CRYPT_MD_SHA256, CRYPT_MD_SHA256};
1094 BSL_Param pssParam[4] = {
1095 {CRYPT_PARAM_RSA_MD_ID, BSL_PARAM_TYPE_INT32, &pssPara.mdId, sizeof(pssPara.mdId), 0},
1096 {CRYPT_PARAM_RSA_MGF1_ID, BSL_PARAM_TYPE_INT32, &pssPara.mgfId, sizeof(pssPara.mgfId), 0},
1097 {CRYPT_PARAM_RSA_SALTLEN, BSL_PARAM_TYPE_INT32, &pssPara.saltLen, sizeof(pssPara.saltLen), 0},
1098 BSL_PARAM_END};
1099 ASSERT_EQ(CRYPT_EAL_PkeyCtrl(prvKey, CRYPT_CTRL_SET_RSA_EMSA_PSS, pssParam, 0), 0);
1100 ASSERT_EQ(HITLS_X509_Sign(CRYPT_MD_SHA224, prvKey, NULL, &obj, TestSignCb), HITLS_X509_ERR_MD_NOT_MATCH);
1101
1102 ASSERT_EQ(HITLS_X509_Sign(CRYPT_MD_SHA256, prvKey, NULL, &obj, TestSignCb), 0);
1103
1104 EXIT:
1105 CRYPT_EAL_PkeyFreeCtx(prvKey);
1106 TestRandDeInit();
1107 }
1108 /* END_CASE */
1109
1110 /* BEGIN_CASE */
SDV_HITLS_X509_PrintCtrl_TC001(void)1111 void SDV_HITLS_X509_PrintCtrl_TC001(void)
1112 {
1113 TestMemInit();
1114
1115 BSL_UIO *uio = BSL_UIO_New(BSL_UIO_BufferMethod());
1116 ASSERT_NE(uio, NULL);
1117 uint32_t flag = 0;
1118 BslList list = {0};
1119
1120 ASSERT_EQ(HITLS_PKI_PrintCtrl(0xff, NULL, 0, NULL), HITLS_X509_ERR_INVALID_PARAM);
1121
1122 ASSERT_EQ(HITLS_PKI_PrintCtrl(HITLS_PKI_SET_PRINT_FLAG, NULL, 0, NULL), HITLS_X509_ERR_INVALID_PARAM);
1123 ASSERT_EQ(HITLS_PKI_PrintCtrl(HITLS_PKI_SET_PRINT_FLAG, &flag, 0, NULL), HITLS_X509_ERR_INVALID_PARAM);
1124
1125 ASSERT_EQ(HITLS_PKI_PrintCtrl(HITLS_PKI_PRINT_DN, NULL, sizeof(BslList), uio), HITLS_X509_ERR_INVALID_PARAM);
1126 ASSERT_EQ(HITLS_PKI_PrintCtrl(HITLS_PKI_PRINT_DN, &list, sizeof(BslList), NULL), HITLS_X509_ERR_INVALID_PARAM);
1127 ASSERT_EQ(HITLS_PKI_PrintCtrl(HITLS_PKI_PRINT_DN, &list, 0, uio), HITLS_X509_ERR_INVALID_PARAM);
1128
1129 EXIT:
1130 BSL_UIO_Free(uio);
1131 return;
1132 }
1133 /* END_CASE */
1134
ReadFile(const char * filePath,uint8_t * buff,uint32_t buffLen,uint32_t * outLen)1135 static int32_t ReadFile(const char *filePath, uint8_t *buff, uint32_t buffLen, uint32_t *outLen)
1136 {
1137 FILE *fp = NULL;
1138 int32_t ret = -1;
1139
1140 fp = fopen(filePath, "rb");
1141 if (fp == NULL) {
1142 return ret;
1143 }
1144 if (fseek(fp, 0, SEEK_END) != 0) {
1145 goto EXIT;
1146 }
1147 long fileSize = ftell(fp);
1148 if (fileSize < 0 || (uint32_t)fileSize > buffLen) {
1149 goto EXIT;
1150 }
1151 rewind(fp);
1152 size_t readSize = fread(buff, 1, fileSize, fp);
1153 if (readSize != (size_t)fileSize) {
1154 goto EXIT;
1155 }
1156 *outLen = (uint32_t)fileSize;
1157 ret = 0;
1158
1159 EXIT:
1160 (void)fclose(fp);
1161 return ret;
1162 }
1163
PrintBuffTest(int cmd,BSL_Buffer * data,char * log,Hex * expect,bool isExpectFile)1164 static int32_t PrintBuffTest(int cmd, BSL_Buffer *data, char *log, Hex *expect, bool isExpectFile)
1165 {
1166 int32_t ret = -1;
1167 uint8_t dnBuf[MAX_BUFF_SIZE] = {};
1168 uint32_t dnBufLen = sizeof(dnBuf);
1169 uint8_t expectBuf[MAX_BUFF_SIZE] = {};
1170 uint32_t expectBufLen = sizeof(expectBuf);
1171 BSL_UIO *uio = BSL_UIO_New(BSL_UIO_MemMethod());
1172 ASSERT_NE(uio, NULL);
1173 ASSERT_EQ(HITLS_PKI_PrintCtrl(cmd, data->data, data->dataLen, uio),
1174 HITLS_PKI_SUCCESS);
1175 ASSERT_EQ(BSL_UIO_Read(uio, dnBuf, MAX_BUFF_SIZE, &dnBufLen), 0);
1176 if (isExpectFile) {
1177 ASSERT_EQ(ReadFile((char *)expect->x, expectBuf, MAX_BUFF_SIZE, &expectBufLen), 0);
1178 ASSERT_COMPARE(log, expectBuf, expectBufLen, dnBuf, dnBufLen);
1179 } else {
1180 ASSERT_COMPARE(log, expect->x, expect->len, dnBuf, dnBufLen);
1181 }
1182 ret = 0;
1183 EXIT:
1184 BSL_UIO_Free(uio);
1185 return ret;
1186 }
1187
1188 /* BEGIN_CASE */
SDV_HITLS_X509_PrintDn_TC002(char * certPath,int format,int printFlag,char * expect,Hex * multiExpect)1189 void SDV_HITLS_X509_PrintDn_TC002(char *certPath, int format, int printFlag, char *expect, Hex *multiExpect)
1190 {
1191 TestMemInit();
1192 HITLS_X509_Cert *cert = NULL;
1193 BslList *rawIssuer = NULL;
1194 Hex expectName = {};
1195 if (printFlag == HITLS_PKI_PRINT_DN_MULTILINE) {
1196 expectName.x = multiExpect->x;
1197 expectName.len = multiExpect->len;
1198 } else {
1199 expectName.x = (uint8_t *)expect;
1200 expectName.len = strlen(expect);
1201 }
1202 ASSERT_EQ(HITLS_X509_CertParseFile(format, certPath, &cert), HITLS_PKI_SUCCESS);
1203 ASSERT_NE(cert, NULL);
1204 ASSERT_EQ(HITLS_X509_CertCtrl(cert, HITLS_X509_GET_ISSUER_DN, &rawIssuer, sizeof(BslList *)), HITLS_PKI_SUCCESS);
1205 BSL_Buffer data = {(uint8_t *)rawIssuer, sizeof(BslList)};
1206 ASSERT_EQ(HITLS_PKI_PrintCtrl(HITLS_PKI_SET_PRINT_FLAG, &printFlag, sizeof(int), NULL), HITLS_PKI_SUCCESS);
1207 ASSERT_EQ(PrintBuffTest(HITLS_PKI_PRINT_DN, &data, "Print Distinguish name", &expectName, false), 0);
1208
1209 EXIT:
1210 HITLS_X509_CertFree(cert);
1211 }
1212 /* END_CASE */
1213
1214 /* BEGIN_CASE */
SDV_CRYPT_EAL_DecodeBuffKey_Ex_TC001(void)1215 void SDV_CRYPT_EAL_DecodeBuffKey_Ex_TC001(void)
1216 {
1217 #ifndef HITLS_CRYPTO_PROVIDER
1218 SKIP_TEST();
1219 #else
1220 TestMemInit();
1221 BSL_GLOBAL_Init();
1222
1223 CRYPT_EAL_PkeyCtx *key = NULL;
1224 BSL_Buffer encode = {0};
1225 BSL_Buffer pwd = {0};
1226 uint8_t data[10] = {0};
1227 uint8_t pwdData[10] = {0};
1228
1229 // Test NULL parameters
1230 ASSERT_EQ(CRYPT_EAL_ProviderDecodeBuffKey(NULL, NULL, BSL_CID_UNKNOWN, "ASN1", "PUBKEY_RSA", NULL, NULL, NULL),
1231 CRYPT_INVALID_ARG);
1232 ASSERT_EQ(CRYPT_EAL_ProviderDecodeBuffKey(NULL, NULL, BSL_CID_UNKNOWN, "ASN1", "PUBKEY_RSA", &encode, NULL, NULL),
1233 CRYPT_INVALID_ARG);
1234
1235 // Test invalid encode buffer
1236 ASSERT_EQ(CRYPT_EAL_ProviderDecodeBuffKey(NULL, NULL, BSL_CID_UNKNOWN, "ASN1", "PUBKEY_RSA", &encode, &pwd, &key),
1237 CRYPT_INVALID_ARG);
1238 encode.data = data;
1239 ASSERT_EQ(CRYPT_EAL_ProviderDecodeBuffKey(NULL, NULL, BSL_CID_UNKNOWN, "ASN1", "PUBKEY_RSA", &encode, &pwd, &key),
1240 CRYPT_INVALID_ARG);
1241
1242 // Test invalid format
1243 encode.dataLen = sizeof(data);
1244 ASSERT_EQ(CRYPT_EAL_ProviderDecodeBuffKey(NULL, NULL, BSL_CID_UNKNOWN, "UNKNOWN_FORMAT", "PUBKEY_RSA", &encode, &pwd, &key),
1245 CRYPT_DECODE_ERR_NO_USABLE_DECODER);
1246
1247 // Test invalid type
1248 ASSERT_EQ(CRYPT_EAL_ProviderDecodeBuffKey(NULL, NULL, BSL_CID_UNKNOWN, "ASN1", "UNKNOWN_TYPE", &encode, &pwd, &key),
1249 CRYPT_DECODE_ERR_NO_USABLE_DECODER);
1250
1251 // Test invalid password buffer for encrypted private key
1252 pwd.data = pwdData;
1253 pwd.dataLen = PWD_MAX_LEN + 1;
1254 ASSERT_EQ(CRYPT_EAL_ProviderDecodeBuffKey(NULL, NULL, BSL_CID_UNKNOWN, "ASN1", "PRIKEY_PKCS8_ENCRYPT",
1255 &encode, &pwd, &key), CRYPT_INVALID_ARG);
1256
1257 // Test NULL password data with non-zero length
1258 pwd.data = NULL;
1259 pwd.dataLen = 10;
1260 ASSERT_EQ(CRYPT_EAL_ProviderDecodeBuffKey(NULL, NULL, BSL_CID_UNKNOWN, "ASN1", "PRIKEY_PKCS8_ENCRYPT",
1261 &encode, &pwd, &key), CRYPT_INVALID_ARG);
1262
1263 EXIT:
1264 BSL_GLOBAL_DeInit();
1265 #endif
1266 }
1267 /* END_CASE */
1268
1269 /* BEGIN_CASE */
SDV_CRYPT_EAL_DecodeFileKey_Ex_TC001(void)1270 void SDV_CRYPT_EAL_DecodeFileKey_Ex_TC001(void)
1271 {
1272 #ifndef HITLS_CRYPTO_PROVIDER
1273 SKIP_TEST();
1274 #else
1275 TestMemInit();
1276 BSL_GLOBAL_Init();
1277
1278 CRYPT_EAL_PkeyCtx *key = NULL;
1279 BSL_Buffer pwd = {0};
1280 uint8_t pwdData[10] = {0};
1281
1282 // Test NULL parameters
1283 ASSERT_EQ(CRYPT_EAL_ProviderDecodeFileKey(NULL, NULL, CRYPT_PKEY_RSA, "ASN1", "PUBKEY_RSA", NULL, NULL, NULL),
1284 CRYPT_INVALID_ARG);
1285
1286 // Test invalid path
1287 char longPath[PATH_MAX_LEN + 2] = {0};
1288 memset(longPath, 'a', PATH_MAX_LEN + 1);
1289 ASSERT_EQ(CRYPT_EAL_ProviderDecodeFileKey(NULL, NULL, CRYPT_PKEY_RSA, "ASN1", "PUBKEY_RSA", longPath, &pwd, &key),
1290 CRYPT_INVALID_ARG);
1291
1292 // Test invalid format
1293 ASSERT_EQ(CRYPT_EAL_ProviderDecodeFileKey(NULL, NULL, CRYPT_PKEY_RSA, "UNKNOWN_FORMAT", "PUBKEY_RSA",
1294 "../testdata/cert/asn1/rsa2048pub_pkcs1.der", &pwd, &key), CRYPT_DECODE_NO_SUPPORT_FORMAT);
1295
1296 // Test invalid type
1297 ASSERT_EQ(CRYPT_EAL_ProviderDecodeFileKey(NULL, NULL, CRYPT_PKEY_RSA, "ASN1", "UNKNOWN_TYPE",
1298 "../testdata/cert/asn1/rsa2048pub_pkcs1.der", &pwd, &key), CRYPT_DECODE_NO_SUPPORT_TYPE);
1299
1300 // Test invalid password buffer for encrypted private key
1301 pwd.data = pwdData;
1302 pwd.dataLen = PWD_MAX_LEN + 1;
1303 ASSERT_EQ(CRYPT_EAL_ProviderDecodeFileKey(NULL, NULL, CRYPT_PKEY_RSA, "ASN1", "PRIKEY_PKCS8_ENCRYPT",
1304 "../testdata/cert/asn1/prime256v1_pkcs8_enc.der", &pwd, &key), CRYPT_INVALID_ARG);
1305
1306 // Test NULL password data with non-zero length
1307 pwd.data = NULL;
1308 pwd.dataLen = 10;
1309 ASSERT_EQ(CRYPT_EAL_ProviderDecodeFileKey(NULL, NULL, CRYPT_PKEY_ECDSA, "ASN1", "PRIKEY_PKCS8_ENCRYPT",
1310 "../testdata/cert/asn1/prime256v1_pkcs8_enc.der", &pwd, &key), CRYPT_INVALID_ARG);
1311
1312 EXIT:
1313 BSL_GLOBAL_DeInit();
1314 #endif
1315 }
1316 /* END_CASE */
1317