1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17 #include <openssl/pem.h>
18
19 #include "certificate_openssl_common.h"
20 #include "cf_blob.h"
21 #include "cf_log.h"
22 #include "cf_mock.h"
23 #include "config.h"
24 #include "crypto_x509_test_common.h"
25 #include "memory_mock.h"
26 #include "securec.h"
27 #include "x509_certificate.h"
28 #include "x509_certificate_openssl.h"
29
30 #define OID_STR_MAX_LEN 128
31 #define CONSTRUCT_EXTENDED_KEY_USAGE_DATA_SIZE 1
32 #define ARRAY_INDEX2 2
33
34 using namespace std;
35 using namespace testing::ext;
36 using namespace CFMock;
37
38 using ::testing::_;
39 using ::testing::AnyNumber;
40 using ::testing::Invoke;
41 using ::testing::Return;
42
43 #ifdef __cplusplus
44 extern "C" {
45 #endif
46
47 int __real_OPENSSL_sk_num(const OPENSSL_STACK *st);
48 void *__real_OPENSSL_sk_value(const OPENSSL_STACK *st, int i);
49 long __real_ASN1_INTEGER_get(const ASN1_INTEGER *a);
50 void *__real_X509V3_EXT_d2i(X509_EXTENSION *ext);
51 X509_EXTENSION *__real_X509_get_ext(const X509 *x, X509_EXTENSION *loc);
52 void *__real_X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
53 CfResult __real_DeepCopyDataToBlob(const unsigned char *data, uint32_t len, CfBlob *outBlob);
54 int __real_X509_print(BIO *bp, X509 *x);
55 BIO *__real_BIO_new(const BIO_METHOD *type);
56
57 #ifdef __cplusplus
58 }
59 #endif
60
61 namespace {
62 class CryptoX509CertificateTestPart3 : public testing::Test {
63 public:
64 static void SetUpTestCase();
65 static void TearDownTestCase();
66 void SetUp();
67 void TearDown();
68 };
69
70 static HcfX509Certificate *g_x509CertExtAttrObj = nullptr;
71 static HcfX509Certificate *g_testCertWithPrivateKeyValidObj = nullptr;
72
SetUpTestCase()73 void CryptoX509CertificateTestPart3::SetUpTestCase()
74 {
75 CfEncodingBlob inStream = { 0 };
76 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testExtAttrCert));
77 inStream.encodingFormat = CF_FORMAT_PEM;
78 inStream.len = strlen(g_testExtAttrCert) + 1;
79 (void)HcfX509CertificateCreate(&inStream, &g_x509CertExtAttrObj);
80
81 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testCertWithPrivateKeyValid));
82 inStream.encodingFormat = CF_FORMAT_PEM;
83 inStream.len = strlen(g_testCertWithPrivateKeyValid) + 1;
84 (void)HcfX509CertificateCreate(&inStream, &g_testCertWithPrivateKeyValidObj);
85 }
86
TearDownTestCase()87 void CryptoX509CertificateTestPart3::TearDownTestCase()
88 {
89 CfObjDestroy(g_x509CertExtAttrObj);
90 CfObjDestroy(g_testCertWithPrivateKeyValidObj);
91 }
92
SetUp()93 void CryptoX509CertificateTestPart3::SetUp() {}
94
TearDown()95 void CryptoX509CertificateTestPart3::TearDown() {}
96
constructExtendedKeyUsageData()97 static CfArray *constructExtendedKeyUsageData()
98 {
99 CfArray *newBlobArr = static_cast<CfArray *>(CfMalloc(sizeof(CfArray), 0));
100 if (newBlobArr == nullptr) {
101 CF_LOG_E("Failed to allocate newBlobArr memory!");
102 return nullptr;
103 }
104
105 newBlobArr->count = CONSTRUCT_EXTENDED_KEY_USAGE_DATA_SIZE;
106 newBlobArr->format = CF_FORMAT_DER;
107 newBlobArr->data = static_cast<CfBlob *>(CfMalloc(newBlobArr->count * sizeof(CfBlob), 0));
108 if (newBlobArr->data == nullptr) {
109 CF_LOG_E("Failed to allocate data memory!");
110 CfFree(newBlobArr);
111 return nullptr;
112 }
113
114 newBlobArr->data[0].data = const_cast<uint8_t *>(g_testExtendedKeyUsage);
115 newBlobArr->data[0].size = sizeof(g_testExtendedKeyUsage);
116
117 return newBlobArr;
118 }
119
120 HWTEST_F(CryptoX509CertificateTestPart3, CompareSubjectAlternativeNamesTest001, TestSize.Level0)
121 {
122 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
123 bool bResult = true;
124
125 HcfX509CertMatchParams certMatchParameters = { 0 };
126 certMatchParameters.subjectAlternativeNames = ConstructSubAltNameArrayData();
127 EXPECT_NE(certMatchParameters.subjectAlternativeNames, nullptr);
128
129 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
130 EXPECT_EQ(ret, CF_SUCCESS);
131 EXPECT_EQ(bResult, false);
132
133 certMatchParameters.minPathLenConstraint = -1;
134 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
135 EXPECT_EQ(ret, CF_SUCCESS);
136 EXPECT_EQ(bResult, true);
137
138 CfFree(certMatchParameters.subjectAlternativeNames->data);
139 CfFree(certMatchParameters.subjectAlternativeNames);
140 certMatchParameters.subjectAlternativeNames = nullptr;
141 }
142
143 HWTEST_F(CryptoX509CertificateTestPart3, CompareSubjectAlternativeNamesTest002, TestSize.Level0)
144 {
145 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
146 bool bResult = true;
147
148 HcfX509CertMatchParams matchParams;
149 matchParams.subjectAlternativeNames = ConstructSubAltNameArrayData();
150 EXPECT_NE(matchParams.subjectAlternativeNames, nullptr);
151
152 // test DeepCopySubAltName failed case
153 X509OpensslMock::SetMockFlag(true);
154 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_GENERAL_NAME(_, _)).WillRepeatedly(Return(-1));
155 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &matchParams, &bResult);
156 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
157 X509OpensslMock::SetMockFlag(false);
158
159 // test CompareSubAltNameX509Openssl failed case
160 X509OpensslMock::SetMockFlag(true);
161 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
162 .WillOnce(Return(NULL))
163 .WillRepeatedly(Invoke(__real_X509_get_ext_d2i));
164 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &matchParams, &bResult);
165 EXPECT_EQ(ret, CF_SUCCESS);
166 EXPECT_EQ(bResult, false);
167 X509OpensslMock::SetMockFlag(false);
168
169 SetMockFlag(true);
170 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &matchParams, &bResult);
171 EXPECT_EQ(ret, CF_ERR_MALLOC);
172 SetMockFlag(false);
173
174 CfFree(matchParams.subjectAlternativeNames->data);
175 CfFree(matchParams.subjectAlternativeNames);
176 matchParams.subjectAlternativeNames = nullptr;
177 }
178
179 HWTEST_F(CryptoX509CertificateTestPart3, CompareMatchAllSubjectAltNamesTest001, TestSize.Level0)
180 {
181 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
182 bool bResult = true;
183 CfResult ret = CF_SUCCESS;
184 HcfX509CertMatchParams certMatchParameters = { 0 };
185 certMatchParameters.matchAllSubjectAltNames = true;
186 certMatchParameters.subjectAlternativeNames = ConstructSubAltNameArrayData();
187 EXPECT_NE(certMatchParameters.subjectAlternativeNames, nullptr);
188
189 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
190 EXPECT_EQ(ret, CF_SUCCESS);
191 EXPECT_EQ(bResult, false);
192
193 certMatchParameters.minPathLenConstraint = -1;
194 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
195 EXPECT_EQ(ret, CF_SUCCESS);
196 EXPECT_EQ(bResult, true);
197
198 certMatchParameters.subjectAlternativeNames->count = 2;
199 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
200 EXPECT_EQ(ret, CF_SUCCESS);
201 EXPECT_EQ(bResult, false);
202
203 // add failed case ret != CF_SUCCESS
204 X509OpensslMock::SetMockFlag(true);
205 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_num(_))
206 .WillOnce(Return(-1))
207 .WillRepeatedly(Invoke(__real_OPENSSL_sk_num));
208 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
209 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
210 X509OpensslMock::SetMockFlag(false);
211
212 CfFree(certMatchParameters.subjectAlternativeNames->data);
213 CfFree(certMatchParameters.subjectAlternativeNames);
214 certMatchParameters.subjectAlternativeNames = nullptr;
215 }
216
217 HWTEST_F(CryptoX509CertificateTestPart3, CompareAuthorityKeyIdentifierTest001, TestSize.Level0)
218 {
219 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
220 bool bResult = true;
221
222 HcfX509CertMatchParams certMatchParameters = { 0 };
223
224 CfBlob blob;
225 blob.data = const_cast<uint8_t *>(g_testIssuer);
226 blob.size = sizeof(g_testIssuer);
227
228 certMatchParameters.authorityKeyIdentifier = &blob;
229
230 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
231 EXPECT_EQ(ret, CF_SUCCESS);
232 EXPECT_EQ(bResult, false);
233
234 certMatchParameters.minPathLenConstraint = -1;
235 blob.data = const_cast<uint8_t *>(g_testAuthorityKeyIdentifier);
236 blob.size = sizeof(g_testAuthorityKeyIdentifier);
237 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
238 EXPECT_EQ(ret, CF_SUCCESS);
239 EXPECT_EQ(bResult, true);
240
241 // test GetAuKeyIdDNX509Openssl failed case
242 X509OpensslMock::SetMockFlag(true);
243 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_AUTHORITY_KEYID(_, _)).WillRepeatedly(Return(-1));
244 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
245 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
246 X509OpensslMock::SetMockFlag(false);
247
248 X509OpensslMock::SetMockFlag(true);
249 EXPECT_CALL(X509OpensslMock::GetInstance(), DeepCopyDataToBlob(_, _, _))
250 .WillOnce(Return(CF_INVALID_PARAMS))
251 .WillRepeatedly(Invoke(__real_DeepCopyDataToBlob));
252 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
253 EXPECT_EQ(ret, CF_INVALID_PARAMS);
254 X509OpensslMock::SetMockFlag(false);
255 }
256
257 HWTEST_F(CryptoX509CertificateTestPart3, CompareMinPathLenConstraintTest001, TestSize.Level0)
258 {
259 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
260 bool bResult = true;
261
262 HcfX509CertMatchParams certMatchParameters = { 0 };
263 certMatchParameters.minPathLenConstraint = 100000;
264
265 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
266 EXPECT_EQ(ret, CF_SUCCESS);
267 EXPECT_EQ(bResult, false);
268
269 // test DetailForMinPathLenConstraint failed case
270 certMatchParameters.minPathLenConstraint = -2;
271 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
272 EXPECT_EQ(ret, CF_SUCCESS);
273 EXPECT_EQ(bResult, true);
274
275 BASIC_CONSTRAINTS *constraints = BASIC_CONSTRAINTS_new();
276 EXPECT_NE(constraints, nullptr);
277 constraints->ca = 1;
278 X509OpensslMock::SetMockFlag(true);
279 EXPECT_CALL(X509OpensslMock::GetInstance(), X509V3_EXT_d2i(_)).WillRepeatedly(Return(constraints));
280 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
281 EXPECT_EQ(ret, CF_SUCCESS);
282 EXPECT_EQ(bResult, false);
283 X509OpensslMock::SetMockFlag(false);
284 }
285
286 HWTEST_F(CryptoX509CertificateTestPart3, CompareMinPathLenConstraintTest002, TestSize.Level0)
287 {
288 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
289 bool bResult = true;
290
291 HcfX509CertMatchParams certMatchParameters = { 0 };
292 certMatchParameters.minPathLenConstraint = 100000;
293
294 CfResult ret;
295
296 BASIC_CONSTRAINTS *constraints = BASIC_CONSTRAINTS_new();
297 EXPECT_NE(constraints, nullptr);
298 ASN1_INTEGER *pathlen = ASN1_INTEGER_new();
299 EXPECT_NE(pathlen, nullptr);
300 pathlen->type = V_ASN1_NEG_INTEGER;
301 constraints->ca = 0;
302 constraints->pathlen = pathlen;
303 X509OpensslMock::SetMockFlag(true);
304 EXPECT_CALL(X509OpensslMock::GetInstance(), X509V3_EXT_d2i(_)).WillRepeatedly(Return(constraints));
305 EXPECT_CALL(X509OpensslMock::GetInstance(), ASN1_INTEGER_get(_))
306 .WillOnce(Return(10))
307 .WillRepeatedly(Invoke(__real_ASN1_INTEGER_get));
308 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
309 EXPECT_EQ(ret, CF_SUCCESS);
310 EXPECT_EQ(bResult, false);
311 X509OpensslMock::SetMockFlag(false);
312
313 X509OpensslMock::SetMockFlag(true);
314 EXPECT_CALL(X509OpensslMock::GetInstance(), X509V3_EXT_d2i(_))
315 .WillOnce(Return(NULL))
316 .WillRepeatedly(Invoke(__real_X509V3_EXT_d2i));
317 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
318 EXPECT_EQ(ret, CF_SUCCESS);
319 EXPECT_EQ(bResult, false);
320 X509OpensslMock::SetMockFlag(false);
321
322 X509OpensslMock::SetMockFlag(true);
323 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext(_, _)).WillRepeatedly(Return(NULL));
324 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
325 EXPECT_EQ(ret, CF_SUCCESS);
326 EXPECT_EQ(bResult, false);
327 X509OpensslMock::SetMockFlag(false);
328
329 X509OpensslMock::SetMockFlag(true);
330 certMatchParameters.minPathLenConstraint = 2;
331 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext(_, _))
332 .WillOnce(Return(NULL))
333 .WillRepeatedly(Invoke(__real_X509_get_ext));
334 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
335 EXPECT_EQ(ret, CF_SUCCESS);
336 EXPECT_EQ(bResult, false);
337 X509OpensslMock::SetMockFlag(false);
338 }
339
340 HWTEST_F(CryptoX509CertificateTestPart3, CompareExtendedKeyUsageTest001, TestSize.Level0)
341 {
342 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
343 bool bResult = true;
344 CfResult ret;
345 HcfX509CertMatchParams certMatchParameters = { 0 };
346
347 certMatchParameters.extendedKeyUsage = constructExtendedKeyUsageData();
348 EXPECT_NE(certMatchParameters.extendedKeyUsage, nullptr);
349
350 certMatchParameters.minPathLenConstraint = -1;
351
352 // todo add failed case bResult = true
353 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
354 EXPECT_EQ(ret, CF_SUCCESS);
355 EXPECT_EQ(bResult, true);
356
357 // todo add failed case ret != CF_SUCCESS
358 SetMockFlag(true);
359 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
360 EXPECT_EQ(ret, CF_ERR_MALLOC);
361 SetMockFlag(false);
362
363 // test IsSubset failed case
364 certMatchParameters.extendedKeyUsage->data[0].size -= 1;
365 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
366 EXPECT_EQ(ret, CF_SUCCESS);
367 EXPECT_EQ(bResult, false);
368
369 CfFree(certMatchParameters.extendedKeyUsage->data);
370 CfFree(certMatchParameters.extendedKeyUsage);
371 }
372
373 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest000, TestSize.Level0)
374 {
375 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
376 bool bResult = true;
377
378 HcfX509CertMatchParams certMatchParameters = { 0 };
379
380 CfBlob blob;
381 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
382 blob.size = sizeof(g_testNameConstraints);
383 certMatchParameters.nameConstraints = &blob;
384
385 CfResult ret =
386 g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
387 EXPECT_EQ(ret, CF_SUCCESS);
388 EXPECT_EQ(bResult, false);
389
390 certMatchParameters.minPathLenConstraint = -1;
391 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
392 EXPECT_EQ(ret, CF_SUCCESS);
393 EXPECT_EQ(bResult, true);
394
395 // test CompareNameConstraintsX509Openssl failed case
396 // GEN_OTHERNAME
397 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
398 EXPECT_NE(tree, nullptr);
399 tree->base = GENERAL_NAME_new();
400 EXPECT_NE(tree->base, nullptr);
401 tree->base->type = GEN_OTHERNAME;
402 tree->base->d.otherName = OTHERNAME_new();
403
404 X509OpensslMock::SetMockFlag(true);
405 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _))
406 .WillOnce(Return(tree))
407 .WillRepeatedly(Invoke(__real_OPENSSL_sk_value));
408 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
409 EXPECT_EQ(ret, CF_SUCCESS);
410 EXPECT_EQ(bResult, false);
411 X509OpensslMock::SetMockFlag(false);
412 OTHERNAME_free(tree->base->d.otherName);
413 tree->base->d.otherName = nullptr;
414 GENERAL_NAME_free(tree->base);
415 tree->base = nullptr;
416 GENERAL_SUBTREE_free(tree);
417 }
418
419 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest001, TestSize.Level0)
420 {
421 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
422 bool bResult = true;
423
424 HcfX509CertMatchParams certMatchParameters = { 0 };
425
426 CfBlob blob;
427 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
428 blob.size = sizeof(g_testNameConstraints);
429 certMatchParameters.nameConstraints = &blob;
430
431 CfResult ret =
432 g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
433 EXPECT_EQ(ret, CF_SUCCESS);
434 EXPECT_EQ(bResult, false);
435
436 certMatchParameters.minPathLenConstraint = -1;
437 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
438 EXPECT_EQ(ret, CF_SUCCESS);
439 EXPECT_EQ(bResult, true);
440
441 // GEN_X400
442 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
443 EXPECT_NE(tree, nullptr);
444 tree->base = GENERAL_NAME_new();
445 EXPECT_NE(tree->base, nullptr);
446 tree->base->type = GEN_X400;
447 tree->base->d.x400Address = ASN1_STRING_new();
448
449 X509OpensslMock::SetMockFlag(true);
450 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _))
451 .WillOnce(Return(tree))
452 .WillRepeatedly(Invoke(__real_OPENSSL_sk_value));
453 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
454 EXPECT_EQ(ret, CF_SUCCESS);
455 EXPECT_EQ(bResult, false);
456 X509OpensslMock::SetMockFlag(false);
457 ASN1_STRING_free(tree->base->d.x400Address);
458 tree->base->d.x400Address = nullptr;
459 GENERAL_NAME_free(tree->base);
460 tree->base = nullptr;
461 GENERAL_SUBTREE_free(tree);
462 }
463
464 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest002, TestSize.Level0)
465 {
466 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
467 bool bResult = true;
468
469 HcfX509CertMatchParams certMatchParameters = { 0 };
470
471 CfBlob blob;
472 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
473 blob.size = sizeof(g_testNameConstraints);
474 certMatchParameters.nameConstraints = &blob;
475
476 // GEN_IPADD
477 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
478 EXPECT_NE(tree, nullptr);
479 tree->base = GENERAL_NAME_new();
480 EXPECT_NE(tree->base, nullptr);
481 tree->base->type = GEN_IPADD;
482 tree->base->d.ip = ASN1_OCTET_STRING_new();
483 blob.data = const_cast<uint8_t *>(g_testNameConstraintsIPADDR);
484 blob.size = sizeof(g_testNameConstraintsIPADDR);
485
486 X509OpensslMock::SetMockFlag(true);
487 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _)).WillRepeatedly(Return(tree));
488 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
489 EXPECT_EQ(ret, CF_SUCCESS);
490 EXPECT_EQ(bResult, false);
491 X509OpensslMock::SetMockFlag(false);
492 ASN1_OCTET_STRING_free(tree->base->d.ip);
493 tree->base->d.ip = nullptr;
494 GENERAL_NAME_free(tree->base);
495 tree->base = nullptr;
496 GENERAL_SUBTREE_free(tree);
497 }
498
499 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest003, TestSize.Level0)
500 {
501 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
502 bool bResult = true;
503
504 HcfX509CertMatchParams certMatchParameters = { 0 };
505
506 CfBlob blob;
507 blob.data = const_cast<uint8_t *>(g_testNameConstraintsEDIParty);
508 blob.size = sizeof(g_testNameConstraintsEDIParty);
509 certMatchParameters.nameConstraints = &blob;
510
511 // GEN_EDIPARTY g_testNameConstraintsEDIPartyInvalid
512 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
513 EXPECT_NE(tree, nullptr);
514 tree->base = GENERAL_NAME_new();
515 EXPECT_NE(tree->base, nullptr);
516 tree->base->type = GEN_EDIPARTY;
517 tree->base->d.ediPartyName = EDIPARTYNAME_new();
518
519 X509OpensslMock::SetMockFlag(true);
520 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _)).WillRepeatedly(Return(tree));
521 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
522 EXPECT_EQ(ret, CF_SUCCESS);
523 EXPECT_EQ(bResult, false);
524 X509OpensslMock::SetMockFlag(false);
525 EDIPARTYNAME_free(tree->base->d.ediPartyName);
526 tree->base->d.ediPartyName = nullptr;
527 GENERAL_NAME_free(tree->base);
528 tree->base = nullptr;
529 GENERAL_SUBTREE_free(tree);
530
531 tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
532 EXPECT_NE(tree, nullptr);
533 tree->base = GENERAL_NAME_new();
534 EXPECT_NE(tree->base, nullptr);
535 tree->base->type = GEN_EDIPARTY;
536 tree->base->d.ediPartyName = EDIPARTYNAME_new();
537 blob.data = const_cast<uint8_t *>(g_testNameConstraintsEDIPartyInvalid);
538 blob.size = sizeof(g_testNameConstraintsEDIPartyInvalid);
539
540 X509OpensslMock::SetMockFlag(true);
541 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _)).WillRepeatedly(Return(tree));
542 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
543 EXPECT_EQ(ret, CF_SUCCESS);
544 EXPECT_EQ(bResult, false);
545 X509OpensslMock::SetMockFlag(false);
546 EDIPARTYNAME_free(tree->base->d.ediPartyName);
547 tree->base->d.ediPartyName = nullptr;
548 GENERAL_NAME_free(tree->base);
549 tree->base = nullptr;
550 GENERAL_SUBTREE_free(tree);
551 }
552
553 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest004, TestSize.Level0)
554 {
555 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
556 bool bResult = true;
557
558 HcfX509CertMatchParams certMatchParameters = { 0 };
559
560 CfBlob blob;
561 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
562 blob.size = sizeof(g_testNameConstraints);
563 certMatchParameters.nameConstraints = &blob;
564
565 CfResult ret;
566
567 // GEN_DIRNAME
568 GENERAL_SUBTREE *tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
569 EXPECT_NE(tree, nullptr);
570 tree->base = GENERAL_NAME_new();
571 EXPECT_NE(tree->base, nullptr);
572 tree->base->type = GEN_DIRNAME;
573 tree->base->d.directoryName = X509_NAME_new();
574
575 X509OpensslMock::SetMockFlag(true);
576 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _)).WillRepeatedly(Return(tree));
577 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
578 EXPECT_EQ(ret, CF_SUCCESS);
579 EXPECT_EQ(bResult, false);
580 X509OpensslMock::SetMockFlag(false);
581 X509_NAME_free(tree->base->d.directoryName);
582 tree->base->d.directoryName = nullptr;
583 GENERAL_NAME_free(tree->base);
584 tree->base = nullptr;
585 GENERAL_SUBTREE_free(tree);
586
587 // GEN_RID
588 tree = reinterpret_cast<GENERAL_SUBTREE *>sk_GENERAL_SUBTREE_new_null();
589 EXPECT_NE(tree, nullptr);
590 tree->base = GENERAL_NAME_new();
591 EXPECT_NE(tree->base, nullptr);
592 tree->base->type = GEN_RID;
593 tree->base->d.registeredID = ASN1_OBJECT_new();
594
595 X509OpensslMock::SetMockFlag(true);
596 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _))
597 .WillOnce(Return(tree))
598 .WillRepeatedly(Invoke(__real_OPENSSL_sk_value));
599 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
600 EXPECT_EQ(ret, CF_SUCCESS);
601 EXPECT_EQ(bResult, false);
602 X509OpensslMock::SetMockFlag(false);
603 ASN1_OBJECT_free(tree->base->d.registeredID);
604 tree->base->d.registeredID = nullptr;
605 GENERAL_NAME_free(tree->base);
606 tree->base = nullptr;
607 GENERAL_SUBTREE_free(tree);
608 }
609
610 HWTEST_F(CryptoX509CertificateTestPart3, CompareNameConstraintsTest005, TestSize.Level0)
611 {
612 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
613 bool bResult = true;
614
615 HcfX509CertMatchParams certMatchParameters = { 0 };
616
617 CfBlob blob;
618 blob.data = const_cast<uint8_t *>(g_testNameConstraints);
619 blob.size = sizeof(g_testNameConstraints);
620 certMatchParameters.nameConstraints = &blob;
621
622 CfResult ret;
623
624 X509OpensslMock::SetMockFlag(true);
625 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _)).WillRepeatedly(Return(NULL));
626 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
627 EXPECT_EQ(ret, CF_SUCCESS);
628 EXPECT_EQ(bResult, false);
629 X509OpensslMock::SetMockFlag(false);
630
631 NAME_CONSTRAINTS *nc = NAME_CONSTRAINTS_new();
632 EXPECT_NE(nc, nullptr);
633 X509OpensslMock::SetMockFlag(true);
634 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _)).WillRepeatedly(Return(nc));
635 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
636 EXPECT_EQ(ret, CF_SUCCESS);
637 EXPECT_EQ(bResult, false);
638 X509OpensslMock::SetMockFlag(false);
639 NAME_CONSTRAINTS_free(nc);
640
641 nc = NAME_CONSTRAINTS_new();
642 EXPECT_NE(nc, nullptr);
643 nc->permittedSubtrees = sk_GENERAL_SUBTREE_new_null();
644 EXPECT_NE(nc, nullptr);
645 X509OpensslMock::SetMockFlag(true);
646 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
647 .WillOnce(Return(nc))
648 .WillRepeatedly(Invoke(__real_X509_get_ext_d2i));
649 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
650 EXPECT_EQ(ret, CF_SUCCESS);
651 EXPECT_EQ(bResult, false);
652 X509OpensslMock::SetMockFlag(false);
653 NAME_CONSTRAINTS_free(nc);
654 }
655
656 HWTEST_F(CryptoX509CertificateTestPart3, CompareCertPolicyTest001, TestSize.Level0)
657 {
658 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
659 bool bResult = true;
660
661 HcfX509CertMatchParams matchParams;
662 matchParams.certPolicy = ConstructCertPolicyData();
663 EXPECT_NE(matchParams.certPolicy, nullptr);
664 SetMockFlag(true);
665 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &matchParams, &bResult);
666 EXPECT_EQ(ret, CF_SUCCESS);
667 SetMockFlag(false);
668
669 CfFree(matchParams.certPolicy->data);
670 CfFree(matchParams.certPolicy);
671 }
672
673 HWTEST_F(CryptoX509CertificateTestPart3, CompareCertPolicyTest002, TestSize.Level0)
674 {
675 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
676 bool bResult = true;
677
678 HcfX509CertMatchParams certMatchParameters = { 0 };
679
680 certMatchParameters.certPolicy = ConstructCertPolicyData();
681
682 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
683 EXPECT_EQ(ret, CF_SUCCESS);
684 EXPECT_EQ(bResult, false);
685
686 // todo add failed case bResult = true
687 certMatchParameters.minPathLenConstraint = -1;
688 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
689 EXPECT_EQ(ret, CF_SUCCESS);
690 EXPECT_EQ(bResult, true);
691
692 // test IsSubset failed case
693 certMatchParameters.certPolicy->data[0].size -= 1;
694 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
695 EXPECT_EQ(ret, CF_SUCCESS);
696 EXPECT_EQ(bResult, false);
697
698 CfFree(certMatchParameters.certPolicy->data);
699 CfFree(certMatchParameters.certPolicy);
700 }
701
702 HWTEST_F(CryptoX509CertificateTestPart3, ComparePrivateKeyValidTest001, TestSize.Level0)
703 {
704 ASSERT_NE(g_testCertWithPrivateKeyValidObj, nullptr);
705 bool bResult = true;
706
707 HcfX509CertMatchParams certMatchParameters = { 0 };
708
709 CfBlob blob;
710 blob.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testPrivateKeyValid));
711 blob.size = strlen(g_testPrivateKeyValid) + 1;
712 certMatchParameters.privateKeyValid = &blob;
713
714 CfResult ret =
715 g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
716 EXPECT_EQ(ret, CF_SUCCESS);
717 EXPECT_EQ(bResult, false);
718
719 // todo add failed case bResult = true
720 certMatchParameters.minPathLenConstraint = -1;
721 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
722 EXPECT_EQ(ret, CF_SUCCESS);
723 EXPECT_EQ(bResult, true);
724
725 // test asn1TimeToStr failed case
726 X509OpensslMock::SetMockFlag(true);
727 PKEY_USAGE_PERIOD *pKeyValid = reinterpret_cast<PKEY_USAGE_PERIOD *>(CfMalloc(sizeof(PKEY_USAGE_PERIOD), 0));
728 EXPECT_NE(pKeyValid, nullptr);
729 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
730 .Times(AnyNumber())
731 .WillOnce(Return(pKeyValid));
732 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
733 EXPECT_EQ(ret, CF_SUCCESS);
734 EXPECT_EQ(bResult, false);
735 X509OpensslMock::SetMockFlag(false);
736
737 X509OpensslMock::SetMockFlag(true);
738 pKeyValid = reinterpret_cast<PKEY_USAGE_PERIOD *>(CfMalloc(sizeof(PKEY_USAGE_PERIOD), 0));
739 ASSERT_NE(pKeyValid, nullptr);
740 pKeyValid->notBefore = reinterpret_cast<ASN1_GENERALIZEDTIME *>(CfMalloc(sizeof(ASN1_GENERALIZEDTIME), 0));
741 ASSERT_NE(pKeyValid->notBefore, nullptr);
742 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
743 .Times(AnyNumber())
744 .WillOnce(Return(pKeyValid));
745 ret = g_testCertWithPrivateKeyValidObj->match(g_testCertWithPrivateKeyValidObj, &certMatchParameters, &bResult);
746 EXPECT_EQ(ret, CF_SUCCESS);
747 EXPECT_EQ(bResult, false);
748 X509OpensslMock::SetMockFlag(false);
749 }
750
751 HWTEST_F(CryptoX509CertificateTestPart3, ComparePrivateKeyValidTest002, TestSize.Level0)
752 {
753 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
754 bool bResult = true;
755
756 HcfX509CertMatchParams certMatchParameters = { 0 };
757
758 CfBlob blob;
759 blob.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testPrivateKeyInvalid));
760 blob.size = strlen(g_testPrivateKeyInvalid) + 1;
761 certMatchParameters.privateKeyValid = &blob;
762
763 CfResult ret;
764
765 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
766 EXPECT_EQ(ret, CF_SUCCESS);
767 EXPECT_EQ(bResult, false);
768
769 X509OpensslMock::SetMockFlag(true);
770 PKEY_USAGE_PERIOD *pKeyValid = reinterpret_cast<PKEY_USAGE_PERIOD *>(CfMalloc(sizeof(PKEY_USAGE_PERIOD), 0));
771 ASSERT_NE(pKeyValid, nullptr);
772 pKeyValid->notBefore = reinterpret_cast<ASN1_GENERALIZEDTIME *>(CfMalloc(sizeof(ASN1_GENERALIZEDTIME), 0));
773 ASSERT_NE(pKeyValid->notBefore, nullptr);
774 pKeyValid->notBefore->data = (unsigned char *)strdup(g_testPrivateKeyValid);
775 ASSERT_NE(pKeyValid->notBefore->data, nullptr);
776
777 pKeyValid->notBefore->length = strlen(g_testPrivateKeyValid);
778 pKeyValid->notAfter = nullptr;
779 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _))
780 .Times(AnyNumber())
781 .WillOnce(Return(pKeyValid));
782 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
783 EXPECT_EQ(ret, CF_SUCCESS);
784 EXPECT_EQ(bResult, false);
785 X509OpensslMock::SetMockFlag(false);
786
787 // test ComparePrivateKeyValidX509Openssl failed case
788 X509OpensslMock::SetMockFlag(true);
789 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _)).WillRepeatedly(Return(NULL));
790 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
791 EXPECT_EQ(ret, CF_SUCCESS);
792 EXPECT_EQ(bResult, false);
793 X509OpensslMock::SetMockFlag(false);
794 CfFree(pKeyValid->notBefore->data);
795 pKeyValid->notBefore->data = nullptr;
796 CfFree(pKeyValid->notBefore);
797 pKeyValid->notBefore = nullptr;
798 CfFree(pKeyValid);
799 pKeyValid = nullptr;
800 }
801
802 HWTEST_F(CryptoX509CertificateTestPart3, CompareSubjectKeyIdentifierTest001, TestSize.Level0)
803 {
804 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
805 bool bResult = true;
806
807 HcfX509CertMatchParams certMatchParameters = { 0 };
808 CfBlob blob;
809
810 blob.data = const_cast<uint8_t *>(g_testIssuer);
811 blob.size = sizeof(g_testIssuer);
812 certMatchParameters.subjectKeyIdentifier = &blob;
813
814 CfResult ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
815 EXPECT_EQ(ret, CF_SUCCESS);
816 EXPECT_EQ(bResult, false);
817
818 // todo add failed case bResult = true
819 certMatchParameters.minPathLenConstraint = -1;
820 blob.data = const_cast<uint8_t *>(g_testSubjectKeyIdentifier);
821 blob.size = sizeof(g_testSubjectKeyIdentifier);
822 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
823 EXPECT_EQ(ret, CF_SUCCESS);
824 EXPECT_EQ(bResult, true);
825
826 // test GetSubKeyIdDNX509Openssl failed case
827 X509OpensslMock::SetMockFlag(true);
828 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_ASN1_OCTET_STRING(_, _)).WillRepeatedly(Return(-1));
829 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
830 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
831 X509OpensslMock::SetMockFlag(false);
832
833 X509OpensslMock::SetMockFlag(true);
834 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_get_ext_d2i(_, _, _, _)).WillRepeatedly(Return(NULL));
835 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
836 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
837 X509OpensslMock::SetMockFlag(false);
838
839 X509OpensslMock::SetMockFlag(true);
840 EXPECT_CALL(X509OpensslMock::GetInstance(), DeepCopyDataToBlob(_, _, _))
841 .Times(AnyNumber())
842 .WillOnce(Return(CF_INVALID_PARAMS));
843 ret = g_x509CertExtAttrObj->match(g_x509CertExtAttrObj, &certMatchParameters, &bResult);
844 EXPECT_EQ(ret, CF_INVALID_PARAMS);
845 X509OpensslMock::SetMockFlag(false);
846 }
847
848 HWTEST_F(CryptoX509CertificateTestPart3, ToStringTest001, TestSize.Level0)
849 {
850 CF_LOG_I("CryptoX509CertificateTestPart3 - ToStringTest001");
851 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
852
853 CfBlob blob = { 0, nullptr };
854 CfResult ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, &blob);
855 EXPECT_EQ(ret, CF_SUCCESS);
856 CfBlobDataFree(&blob);
857
858 HcfX509Certificate invalidCert;
859 invalidCert.base.base.getClass = GetInvalidCertClass;
860
861 ret = g_x509CertExtAttrObj->toString(&invalidCert, &blob);
862 EXPECT_EQ(ret, CF_INVALID_PARAMS);
863
864 ret = g_x509CertExtAttrObj->toString(NULL, &blob);
865 EXPECT_EQ(ret, CF_INVALID_PARAMS);
866
867 ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, NULL);
868 EXPECT_EQ(ret, CF_INVALID_PARAMS);
869
870 ret = g_x509CertExtAttrObj->toString(NULL, NULL);
871 EXPECT_EQ(ret, CF_INVALID_PARAMS);
872
873 X509OpensslMock::SetMockFlag(true);
874 EXPECT_CALL(X509OpensslMock::GetInstance(), BIO_new(_))
875 .WillOnce(Return(NULL))
876 .WillRepeatedly(Invoke(__real_BIO_new));
877 ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, &blob);
878 EXPECT_EQ(ret, CF_ERR_MALLOC);
879 X509OpensslMock::SetMockFlag(false);
880
881 X509OpensslMock::SetMockFlag(true);
882 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_print(_, _))
883 .WillOnce(Return(-1))
884 .WillRepeatedly(Invoke(__real_X509_print));
885 ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, &blob);
886 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
887 X509OpensslMock::SetMockFlag(false);
888
889 X509OpensslMock::SetMockFlag(true);
890 EXPECT_CALL(X509OpensslMock::GetInstance(), BIO_ctrl(_, _, _, _)).WillRepeatedly(Return(0));
891 ret = g_x509CertExtAttrObj->toString(g_x509CertExtAttrObj, &blob);
892 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
893 X509OpensslMock::SetMockFlag(false);
894 }
895
896 HWTEST_F(CryptoX509CertificateTestPart3, HashCodeTest001, TestSize.Level0)
897 {
898 CF_LOG_I("CryptoX509CertificateTestPart3 - HashCodeTest001");
899 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
900
901 CfBlob blob = { 0, nullptr };
902 CfResult ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, &blob);
903 EXPECT_EQ(ret, CF_SUCCESS);
904 CfBlobDataFree(&blob);
905
906 SetMockFlag(true);
907 ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, &blob);
908 EXPECT_EQ(ret, CF_ERR_MALLOC);
909 SetMockFlag(false);
910
911 X509OpensslMock::SetMockFlag(true);
912 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_X509(_, _)).WillRepeatedly(Return(-1));
913 ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, &blob);
914 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
915 X509OpensslMock::SetMockFlag(false);
916
917 X509OpensslMock::SetMockFlag(true);
918 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_X509(_, _)).WillRepeatedly(Return(0));
919 ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, &blob);
920 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
921 X509OpensslMock::SetMockFlag(false);
922
923 HcfX509Certificate invalidCert;
924 invalidCert.base.base.getClass = GetInvalidCertClass;
925
926 ret = g_x509CertExtAttrObj->hashCode(&invalidCert, &blob);
927 EXPECT_EQ(ret, CF_INVALID_PARAMS);
928
929 ret = g_x509CertExtAttrObj->hashCode(NULL, &blob);
930 EXPECT_EQ(ret, CF_INVALID_PARAMS);
931
932 ret = g_x509CertExtAttrObj->hashCode(g_x509CertExtAttrObj, NULL);
933 EXPECT_EQ(ret, CF_INVALID_PARAMS);
934
935 ret = g_x509CertExtAttrObj->hashCode(NULL, NULL);
936 EXPECT_EQ(ret, CF_INVALID_PARAMS);
937 }
938
939 HWTEST_F(CryptoX509CertificateTestPart3, GetExtensionsObjectTest001, TestSize.Level0)
940 {
941 CF_LOG_I("CryptoX509CertificateTestPart3 - GetExtensionsObjectTest001");
942 ASSERT_NE(g_x509CertExtAttrObj, nullptr);
943
944 CfBlob blob = { 0, nullptr };
945 CfResult ret = g_x509CertExtAttrObj->getExtensionsObject(g_x509CertExtAttrObj, &blob);
946 EXPECT_EQ(ret, CF_SUCCESS);
947 CfBlobDataFree(&blob);
948
949 X509OpensslMock::SetMockFlag(true);
950 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_X509_EXTENSIONS(_, _)).WillRepeatedly(Return(-1));
951 ret = g_x509CertExtAttrObj->getExtensionsObject(g_x509CertExtAttrObj, &blob);
952 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
953 X509OpensslMock::SetMockFlag(false);
954
955 HcfX509Certificate invalidCert;
956 invalidCert.base.base.getClass = GetInvalidCertClass;
957
958 ret = g_x509CertExtAttrObj->getExtensionsObject(&invalidCert, &blob);
959 EXPECT_EQ(ret, CF_INVALID_PARAMS);
960
961 ret = g_x509CertExtAttrObj->getExtensionsObject(NULL, &blob);
962 EXPECT_EQ(ret, CF_INVALID_PARAMS);
963
964 ret = g_x509CertExtAttrObj->getExtensionsObject(g_x509CertExtAttrObj, NULL);
965 EXPECT_EQ(ret, CF_INVALID_PARAMS);
966
967 ret = g_x509CertExtAttrObj->getExtensionsObject(NULL, NULL);
968 EXPECT_EQ(ret, CF_INVALID_PARAMS);
969 }
970
971 } // namespace
972