1 /* 2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include <gtest/gtest.h> 17 18 #include <cstring> 19 #include "securec.h" 20 #include <thread> 21 22 #include "adaptor_memory.h" 23 #include "adaptor_time.h" 24 #include "token_key.h" 25 #include "user_sign_centre.h" 26 27 extern "C" { 28 extern bool IsTimeValid(const UserAuthTokenHal *userAuthToken); 29 extern ResultCode UserAuthTokenHmac(UserAuthTokenHal *userAuthToken, HksAuthTokenKey *authTokenKey); 30 extern ResultCode GetTokenDataCipherResult(const TokenDataToEncrypt *data, UserAuthTokenHal *authToken, 31 const HksAuthTokenKey *tokenKey); 32 extern ResultCode DecryptTokenCipher(const UserAuthTokenHal *userAuthToken, UserAuthTokenPlain *tokenPlain, 33 HksAuthTokenKey *tokenKey); 34 extern ResultCode CheckUserAuthTokenHmac(const UserAuthTokenHal *userAuthToken, HksAuthTokenKey *tokenKey); 35 } 36 37 namespace OHOS { 38 namespace UserIam { 39 namespace UserAuth { 40 using namespace testing; 41 using namespace testing::ext; 42 43 #define DEAULT_CHALLENGE {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, \ 44 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1} 45 #define DEFAULT_CIPHER {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, \ 46 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7} 47 #define DEFAULT_TAG {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5} 48 #define DEFAULT_IV {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1} 49 #define DEFAULT_SIGN {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, \ 50 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1} 51 52 class UserAuthSignTest : public testing::Test { 53 public: SetUpTestCase()54 static void SetUpTestCase() {}; 55 TearDownTestCase()56 static void TearDownTestCase() {}; 57 SetUp()58 void SetUp() {}; 59 TearDown()60 void TearDown() {}; 61 }; 62 63 HWTEST_F(UserAuthSignTest, TestIsTimeValid, TestSize.Level0) 64 { 65 UserAuthTokenHal token = {}; 66 token.tokenDataPlain.time = UINT64_MAX; 67 EXPECT_FALSE(IsTimeValid(&token)); 68 token.tokenDataPlain.time = 0; 69 IsTimeValid(&token); 70 token.tokenDataPlain.time = GetSystemTime(); 71 EXPECT_TRUE(IsTimeValid(&token)); 72 } 73 74 HWTEST_F(UserAuthSignTest, TestUserAuthTokenHmac, TestSize.Level0) 75 { 76 UserAuthTokenHal token = {}; 77 HksAuthTokenKey userAuthTokenKey = {}; 78 EXPECT_EQ(UserAuthTokenHmac(&token, &userAuthTokenKey), RESULT_SUCCESS); 79 } 80 81 HWTEST_F(UserAuthSignTest, TestTokenGenerateAndVerify, TestSize.Level0) 82 { 83 constexpr uint32_t testVersion = 1; 84 constexpr uint32_t testAuthTrustLevel = 3; 85 constexpr uint32_t testAuthType = 4; 86 constexpr uint32_t testAuthMode = 5; 87 constexpr uint32_t testSecurityLevel = 6; 88 constexpr int32_t testUserId = 7; 89 constexpr uint64_t testSecureId = 8; 90 constexpr uint64_t testEnrolledId = 9; 91 constexpr uint64_t testCredentialId = 10; 92 UserAuthTokenHal token = { 93 .version = testVersion, 94 .tokenDataPlain = { 95 .challenge = DEAULT_CHALLENGE, 96 .time = GetSystemTime(), 97 .authTrustLevel = testAuthTrustLevel, 98 .authType = testAuthType, 99 .authMode = testAuthMode, 100 .securityLevel = testSecurityLevel, 101 }, 102 .tokenDataCipher = DEFAULT_CIPHER, 103 .tag = DEFAULT_TAG, 104 .iv = DEFAULT_IV, 105 .sign = DEFAULT_SIGN, 106 }; 107 TokenDataToEncrypt data = { 108 .userId = testUserId, 109 .secureUid = testSecureId, 110 .enrolledId = testEnrolledId, 111 .credentialId = testCredentialId, 112 }; 113 HksAuthTokenKey userAuthTokenKey = {}; 114 EXPECT_EQ(GetTokenKey(&userAuthTokenKey), RESULT_SUCCESS); 115 EXPECT_EQ(GetTokenDataCipherResult(&data, &token, &userAuthTokenKey), RESULT_SUCCESS); 116 EXPECT_EQ(UserAuthTokenHmac(&token, &userAuthTokenKey), RESULT_SUCCESS); 117 UserAuthTokenPlain userAuthTokenPlain = {}; 118 EXPECT_EQ(UserAuthTokenVerify(&token, &userAuthTokenPlain), RESULT_SUCCESS); 119 EXPECT_EQ(memcmp(&(userAuthTokenPlain.tokenDataPlain), &(token.tokenDataPlain), 120 sizeof(userAuthTokenPlain.tokenDataPlain)), 0); 121 EXPECT_EQ(memcmp(&(userAuthTokenPlain.tokenDataToEncrypt), &data, 122 sizeof(userAuthTokenPlain.tokenDataToEncrypt)), 0); 123 } 124 125 HWTEST_F(UserAuthSignTest, TestDecryptTokenCipher, TestSize.Level0) 126 { 127 UserAuthTokenHal userAuthToken = {}; 128 UserAuthTokenPlain userAuthTokenPlain = {}; 129 HksAuthTokenKey userAuthTokenKey = {}; 130 EXPECT_EQ(DecryptTokenCipher(&userAuthToken, &userAuthTokenPlain, &userAuthTokenKey), RESULT_GENERAL_ERROR); 131 } 132 133 HWTEST_F(UserAuthSignTest, TestCheckUserAuthTokenHmac, TestSize.Level0) 134 { 135 UserAuthTokenHal userAuthToken = {}; 136 HksAuthTokenKey tokenKey = {}; 137 EXPECT_EQ(CheckUserAuthTokenHmac(&userAuthToken, &tokenKey), RESULT_BAD_SIGN); 138 } 139 140 HWTEST_F(UserAuthSignTest, TestUserAuthTokenVerify, TestSize.Level0) 141 { 142 UserAuthTokenHal userAuthToken = {}; 143 UserAuthTokenPlain userAuthTokenPlain = {}; 144 HksAuthTokenKey userAuthTokenKey = {}; 145 EXPECT_EQ(GetTokenKey(&userAuthTokenKey), RESULT_SUCCESS); 146 EXPECT_EQ(UserAuthTokenVerify(nullptr, &userAuthTokenPlain), RESULT_BAD_PARAM); 147 EXPECT_EQ(UserAuthTokenVerify(&userAuthToken, nullptr), RESULT_BAD_PARAM); 148 userAuthToken.tokenDataPlain.time = UINT64_MAX; 149 EXPECT_EQ(UserAuthTokenVerify(&userAuthToken, &userAuthTokenPlain), RESULT_TOKEN_TIMEOUT); 150 userAuthToken.tokenDataPlain.time = GetSystemTime(); 151 EXPECT_EQ(UserAuthTokenVerify(&userAuthToken, &userAuthTokenPlain), RESULT_BAD_SIGN); 152 EXPECT_EQ(UserAuthTokenHmac(&userAuthToken, &userAuthTokenKey), RESULT_SUCCESS); 153 EXPECT_EQ(UserAuthTokenVerify(&userAuthToken, &userAuthTokenPlain), RESULT_GENERAL_ERROR); 154 } 155 156 HWTEST_F(UserAuthSignTest, TestReuseUnlockTokenSign, TestSize.Level0) 157 { 158 UserAuthTokenHal token = {}; 159 EXPECT_EQ(ReuseUnlockTokenSign(nullptr), RESULT_BAD_PARAM); 160 EXPECT_EQ(ReuseUnlockTokenSign(&token), RESULT_SUCCESS); 161 } 162 } // namespace UserAuth 163 } // namespace UserIam 164 } // namespace OHOS 165