/* * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include #include #define private public #include "accesstoken_kit.h" #include "tls_socket.h" #include "socket_remote_info.h" #include "token_setproc.h" #include "tls.h" #include "TlsTest.h" namespace OHOS { namespace NetStack { namespace TlsSocket { namespace { using namespace testing::ext; using namespace Security::AccessToken; using Security::AccessToken::AccessTokenID; static constexpr const char *KEY_PASS = ""; static constexpr const char *PROTOCOL12 = "TLSv1.2"; static constexpr const char *PROTOCOL13 = "TLSv1.3"; static constexpr const char *IP_ADDRESS = "127.0.0.1"; static constexpr const char *ALPN_PROTOCOL = "http/1.1"; static constexpr const char *SIGNATURE_ALGORITHM = "rsa_pss_rsae_sha256:ECDSA+SHA256"; static constexpr const char *CIPHER_SUITE = "AES256-SHA256"; static constexpr const char *SEND_DATA = "How do you do"; static constexpr const char *SEND_DATA_EMPTY = ""; static constexpr const size_t MAX_BUFFER_SIZE = 8192; const int PORT = 7838; const int SOCKET_FD = 5; const int SSL_ERROR_RETURN = -1; TLSConnectOptions BaseOption() { (void)SEND_DATA; (void)SEND_DATA_EMPTY; (void)MAX_BUFFER_SIZE; (void)SOCKET_FD; (void)SSL_ERROR_RETURN; TLSSecureOptions secureOption; SecureData structureData(PRI_KEY_FILE); secureOption.SetKey(structureData); std::vector caChain; caChain.push_back(CA_CRT_FILE); secureOption.SetCaChain(caChain); secureOption.SetCert(CLIENT_FILE); secureOption.SetCipherSuite(CIPHER_SUITE); secureOption.SetSignatureAlgorithms(SIGNATURE_ALGORITHM); std::vector protocol; protocol.push_back(PROTOCOL13); secureOption.SetProtocolChain(protocol); TLSConnectOptions connectOptions; connectOptions.SetTlsSecureOptions(secureOption); Socket::NetAddress netAddress; netAddress.SetAddress(IP_ADDRESS); netAddress.SetPort(0); netAddress.SetFamilyBySaFamily(AF_INET); connectOptions.SetNetAddress(netAddress); std::vector alpnProtocols; alpnProtocols.push_back(ALPN_PROTOCOL); connectOptions.SetAlpnProtocols(alpnProtocols); return connectOptions; } HapInfoParams testInfoParms = {.bundleName = "TlsSocketBranchTest", .userID = 1, .instIndex = 0, .appIDDesc = "test", .isSystemApp = true}; PermissionDef testPermDef = { .permissionName = "ohos.permission.INTERNET", .bundleName = "TlsSocketBranchTest", .grantMode = 1, .label = "label", .labelId = 1, .description = "Test Tls Socket Branch", .descriptionId = 1, .availableLevel = APL_SYSTEM_BASIC, }; PermissionStateFull testState = { .grantFlags = {2}, .grantStatus = {PermissionState::PERMISSION_GRANTED}, .isGeneral = true, .permissionName = "ohos.permission.INTERNET", .resDeviceID = {"local"}, }; HapPolicyParams testPolicyPrams = { .apl = APL_SYSTEM_BASIC, .domain = "test.domain", .permList = {testPermDef}, .permStateList = {testState}, }; } // namespace class AccessToken { public: AccessToken() : currentID_(GetSelfTokenID()) { AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(testInfoParms, testPolicyPrams); accessID_ = tokenIdEx.tokenIdExStruct.tokenID; SetSelfTokenID(tokenIdEx.tokenIDEx); } ~AccessToken() { AccessTokenKit::DeleteToken(accessID_); SetSelfTokenID(currentID_); } private: AccessTokenID currentID_; AccessTokenID accessID_ = 0; }; class TlsSocketBranchTest : public testing::Test { public: static void SetUpTestCase() {} static void TearDownTestCase() {} virtual void SetUp() {} virtual void TearDown() {} }; HWTEST_F(TlsSocketBranchTest, BranchTest1, TestSize.Level2) { TLSSecureOptions secureOption; SecureData structureData(PRI_KEY_FILE); secureOption.SetKey(structureData); SecureData keyPass(KEY_PASS); secureOption.SetKeyPass(keyPass); SecureData secureData = secureOption.GetKey(); EXPECT_EQ(structureData.Length(), strlen(PRI_KEY_FILE)); std::vector caChain; caChain.push_back(CA_CRT_FILE); secureOption.SetCaChain(caChain); std::vector getCaChain = secureOption.GetCaChain(); EXPECT_NE(getCaChain.data(), nullptr); secureOption.SetCert(CLIENT_FILE); std::string getCert = secureOption.GetCert(); EXPECT_NE(getCert.data(), nullptr); std::vector protocolVec = {PROTOCOL12, PROTOCOL13}; secureOption.SetProtocolChain(protocolVec); std::vector getProtocol; getProtocol = secureOption.GetProtocolChain(); TLSSecureOptions copyOption = TLSSecureOptions(secureOption); TLSSecureOptions equalOption = secureOption; } HWTEST_F(TlsSocketBranchTest, BranchTest2, TestSize.Level2) { TLSSecureOptions secureOption; secureOption.SetUseRemoteCipherPrefer(false); bool isUseRemoteCipher = secureOption.UseRemoteCipherPrefer(); EXPECT_FALSE(isUseRemoteCipher); secureOption.SetSignatureAlgorithms(SIGNATURE_ALGORITHM); std::string getSignatureAlgorithm = secureOption.GetSignatureAlgorithms(); EXPECT_STREQ(getSignatureAlgorithm.data(), SIGNATURE_ALGORITHM); secureOption.SetCipherSuite(CIPHER_SUITE); std::string getCipherSuite = secureOption.GetCipherSuite(); EXPECT_STREQ(getCipherSuite.data(), CIPHER_SUITE); TLSSecureOptions copyOption = TLSSecureOptions(secureOption); TLSSecureOptions equalOption = secureOption; TLSConnectOptions connectOptions; connectOptions.SetTlsSecureOptions(secureOption); } HWTEST_F(TlsSocketBranchTest, BranchTest3, TestSize.Level2) { TLSSecureOptions secureOption; TLSConnectOptions connectOptions; connectOptions.SetTlsSecureOptions(secureOption); Socket::NetAddress netAddress; netAddress.SetAddress(IP_ADDRESS); netAddress.SetPort(PORT); connectOptions.SetNetAddress(netAddress); Socket::NetAddress getNetAddress = connectOptions.GetNetAddress(); std::string address = getNetAddress.GetAddress(); EXPECT_STREQ(IP_ADDRESS, address.data()); int port = getNetAddress.GetPort(); EXPECT_EQ(port, PORT); netAddress.SetFamilyBySaFamily(AF_INET6); sa_family_t getFamily = netAddress.GetSaFamily(); EXPECT_EQ(getFamily, AF_INET6); std::vector alpnProtocols; alpnProtocols.push_back(ALPN_PROTOCOL); connectOptions.SetAlpnProtocols(alpnProtocols); std::vector getAlpnProtocols; getAlpnProtocols = connectOptions.GetAlpnProtocols(); EXPECT_STREQ(getAlpnProtocols[0].data(), alpnProtocols[0].data()); } HWTEST_F(TlsSocketBranchTest, BranchTest4, TestSize.Level2) { TLSSecureOptions secureOption; SecureData structureData(PRI_KEY_FILE); secureOption.SetKey(structureData); std::vector caChain; caChain.push_back(CA_CRT_FILE); secureOption.SetCaChain(caChain); secureOption.SetCert(CLIENT_FILE); TLSConnectOptions connectOptions; connectOptions.SetTlsSecureOptions(secureOption); Socket::NetAddress netAddress; netAddress.SetAddress(IP_ADDRESS); netAddress.SetPort(0); netAddress.SetFamilyBySaFamily(AF_INET); EXPECT_EQ(netAddress.GetSaFamily(), AF_INET); } HWTEST_F(TlsSocketBranchTest, BranchTest5, TestSize.Level2) { TLSConnectOptions tlsConnectOptions = BaseOption(); AccessToken token; TLSSocket tlsSocket; tlsSocket.OnError( [](int32_t errorNumber, const std::string &errorString) { EXPECT_NE(TLSSOCKET_SUCCESS, errorNumber); }); tlsSocket.Connect(tlsConnectOptions, [](int32_t errCode) { EXPECT_NE(TLSSOCKET_SUCCESS, errCode); }); std::string getData; tlsSocket.OnMessage([&getData](const std::string &data, const Socket::SocketRemoteInfo &remoteInfo) { EXPECT_STREQ(getData.data(), nullptr); }); const std::string data = "how do you do?"; Socket::TCPSendOptions tcpSendOptions; tcpSendOptions.SetData(data); tlsSocket.Send(tcpSendOptions, [](int32_t errCode) { EXPECT_EQ(errCode, TLS_ERR_SSL_NULL); }); tlsSocket.GetSignatureAlgorithms( [](int32_t errCode, const std::vector &algorithms) { EXPECT_EQ(errCode, TLS_ERR_SSL_NULL); }); tlsSocket.GetCertificate( [](int32_t errCode, const X509CertRawData &cert) { EXPECT_NE(errCode, TLSSOCKET_SUCCESS); }); tlsSocket.GetCipherSuite( [](int32_t errCode, const std::vector &suite) { EXPECT_EQ(errCode, TLS_ERR_SSL_NULL); }); tlsSocket.GetProtocol([](int32_t errCode, const std::string &protocol) { EXPECT_EQ(errCode, TLSSOCKET_SUCCESS); }); tlsSocket.GetRemoteCertificate( [](int32_t errCode, const X509CertRawData &cert) { EXPECT_EQ(errCode, TLS_ERR_SSL_NULL); }); (void)tlsSocket.Close([](int32_t errCode) { EXPECT_FALSE(errCode == TLSSOCKET_SUCCESS); }); } HWTEST_F(TlsSocketBranchTest, BranchTest7, TestSize.Level2) { TLSSocket tlsSocket; TLSSocket::TLSSocketInternal *tlsSocketInternal = new TLSSocket::TLSSocketInternal(); std::vector alpnProtocols; alpnProtocols.push_back(ALPN_PROTOCOL); bool alpnProSslNull = tlsSocketInternal->SetAlpnProtocols(alpnProtocols); EXPECT_FALSE(alpnProSslNull); std::vector getCipherSuite = tlsSocketInternal->GetCipherSuite(); EXPECT_EQ(getCipherSuite.size(), 0); bool setSharedSigals = tlsSocketInternal->SetSharedSigals(); EXPECT_FALSE(setSharedSigals); tlsSocketInternal->ssl_ = SSL_new(SSL_CTX_new(TLS_client_method())); getCipherSuite = tlsSocketInternal->GetCipherSuite(); EXPECT_NE(getCipherSuite.size(), 0); setSharedSigals = tlsSocketInternal->SetSharedSigals(); EXPECT_FALSE(setSharedSigals); TLSConnectOptions connectOptions = BaseOption(); bool alpnPro = tlsSocketInternal->SetAlpnProtocols(alpnProtocols); EXPECT_TRUE(alpnPro); Socket::SocketRemoteInfo remoteInfo; tlsSocketInternal->hostName_ = IP_ADDRESS; tlsSocketInternal->port_ = PORT; tlsSocketInternal->family_ = AF_INET; tlsSocketInternal->MakeRemoteInfo(remoteInfo); getCipherSuite = tlsSocketInternal->GetCipherSuite(); EXPECT_NE(getCipherSuite.size(), 0); std::string getRemoteCert = tlsSocketInternal->GetRemoteCertificate(); EXPECT_EQ(getRemoteCert, ""); std::vector getSignatureAlgorithms = tlsSocketInternal->GetSignatureAlgorithms(); EXPECT_EQ(getSignatureAlgorithms.size(), 0); std::string getProtocol = tlsSocketInternal->GetProtocol(); EXPECT_NE(getProtocol, ""); setSharedSigals = tlsSocketInternal->SetSharedSigals(); EXPECT_FALSE(setSharedSigals); ssl_st *ssl = tlsSocketInternal->GetSSL(); EXPECT_NE(ssl, nullptr); delete tlsSocketInternal; } } // namespace TlsSocket } // namespace NetStack } // namespace OHOS