1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "nativetoken_kit_test.h"
17 #include <fcntl.h>
18 #include <poll.h>
19 #include <pthread.h>
20 #include "securec.h"
21 #include "nativetoken.h"
22 #include "nativetoken_json_oper.h"
23 #include "nativetoken_kit.h"
24
25 using namespace testing::ext;
26 using namespace OHOS::Security;
27
28 extern NativeTokenList *g_tokenListHead;
29 extern int32_t g_isNativeTokenInited;
30 extern int32_t GetFileBuff(const char *cfg, char **retBuff);
31
SetUpTestCase()32 void TokenLibKitTest::SetUpTestCase()
33 {}
34
TearDownTestCase()35 void TokenLibKitTest::TearDownTestCase()
36 {}
37
SetUp()38 void TokenLibKitTest::SetUp()
39 {
40 g_isNativeTokenInited = 0;
41 }
42
TearDown()43 void TokenLibKitTest::TearDown()
44 {
45 ASSERT_NE(g_tokenListHead, nullptr);
46 while (g_tokenListHead->next != nullptr) {
47 NativeTokenList *tmp = g_tokenListHead->next;
48 g_tokenListHead->next = tmp->next;
49 free(tmp);
50 tmp = nullptr;
51 }
52 }
53
WriteContentToFile(const cJSON * root)54 static void WriteContentToFile(const cJSON *root)
55 {
56 char *jsonString = nullptr;
57 jsonString = cJSON_PrintUnformatted(root);
58 if (jsonString == nullptr) {
59 return;
60 }
61
62 do {
63 int32_t fd = open(TOKEN_ID_CFG_FILE_PATH, O_RDWR | O_CREAT | O_TRUNC,
64 S_IRUSR | S_IWUSR | S_IRGRP);
65 if (fd < 0) {
66 break;
67 }
68 size_t strLen = strlen(jsonString);
69 ssize_t writtenLen = write(fd, static_cast<void *>(jsonString), strLen);
70 close(fd);
71 if (writtenLen < 0 || static_cast<size_t>(writtenLen) != strLen) {
72 break;
73 }
74 } while (0);
75
76 cJSON_free(jsonString);
77 return;
78 }
79
DeleteGoalItemFromRecord(const char * processName,cJSON * record)80 static void DeleteGoalItemFromRecord(const char *processName, cJSON *record)
81 {
82 cJSON *rec = nullptr;
83 int32_t index = -1;
84 bool isFound = false;
85 cJSON_ArrayForEach(rec, record) {
86 index++;
87 cJSON *innerProcessName = cJSON_GetObjectItemCaseSensitive(rec, PROCESS_KEY_NAME);
88 if ((cJSON_IsString(innerProcessName)) && (innerProcessName->valuestring != nullptr)) {
89 if (strcmp(innerProcessName->valuestring, processName) == 0) {
90 isFound = true;
91 break;
92 }
93 }
94 }
95 if (isFound) {
96 cJSON_DeleteItemFromArray(record, index);
97 }
98 }
99
DeleteNodeInFile(const char * processName)100 static int32_t DeleteNodeInFile(const char *processName)
101 {
102 cJSON *record = nullptr;
103 char *fileBuff = nullptr;
104
105 if (GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff) != ATRET_SUCCESS) {
106 return ATRET_FAILED;
107 }
108
109 if (fileBuff == nullptr) {
110 record = cJSON_CreateArray();
111 } else {
112 record = cJSON_Parse(fileBuff);
113 free(fileBuff);
114 fileBuff = nullptr;
115 }
116
117 if (record == nullptr) {
118 return ATRET_FAILED;
119 }
120
121 DeleteGoalItemFromRecord(processName, record);
122 WriteContentToFile(record);
123 cJSON_Delete(record);
124
125 return ATRET_SUCCESS;
126 }
127
DeleteAccessTokenId(const char * processName)128 static int32_t DeleteAccessTokenId(const char *processName)
129 {
130 int32_t result = 0;
131
132 if ((g_isNativeTokenInited == 0) && (AtlibInit() != ATRET_SUCCESS)) {
133 return INVALID_TOKEN_ID;
134 }
135 NativeTokenList *tokenNode = g_tokenListHead;
136 while (tokenNode->next != nullptr) {
137 if (strcmp(tokenNode->next->processName, processName) == 0) {
138 result = DeleteNodeInFile(processName);
139 NativeTokenList *tokenNodeA = tokenNode->next;
140 tokenNode->next = tokenNode->next->next;
141 free(tokenNodeA);
142 break;
143 }
144 tokenNode = tokenNode->next;
145 }
146 return result;
147 }
148
Start(const char * processName)149 int32_t Start(const char *processName)
150 {
151 const char **dcapArray = new (std::nothrow) const char *[2];
152 if (dcapArray == nullptr) {
153 return 0;
154 }
155 dcapArray[0] = "AT_CAP";
156 dcapArray[1] = "ST_CAP";
157 uint64_t tokenId;
158 const char **permArray = new (std::nothrow) const char *[2];
159 if (permArray == nullptr) {
160 return 0;
161 }
162 permArray[0] = "ohos.permission.test1";
163 permArray[1] = "ohos.permission.test2";
164 const char **acls = new (std::nothrow) const char *[1];
165 if (acls == nullptr) {
166 return 0;
167 }
168 acls[0] = "ohos.permission.test1";
169 NativeTokenInfoParams infoInstance = {
170 .dcapsNum = 2,
171 .permsNum = 2,
172 .aclsNum = 1,
173 .dcaps = dcapArray,
174 .perms = permArray,
175 .acls = acls,
176 .processName = processName,
177 .aplStr = "system_core",
178 };
179 tokenId = GetAccessTokenId(&infoInstance);
180 delete[] dcapArray;
181 delete[] permArray;
182 delete[] acls;
183 return tokenId;
184 }
185
186 /**
187 * @tc.name: GetAccessTokenId001
188 * @tc.desc: cannot getAccessTokenId with invalid processName.
189 * @tc.type: FUNC
190 * @tc.require:AR000GK6TD
191 */
192 HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1)
193 {
194 const char **dcaps = new (std::nothrow) const char *[2];
195 ASSERT_NE(dcaps, nullptr);
196 dcaps[0] = "AT_CAP";
197 dcaps[1] = "ST_CAP";
198 int32_t dcapNum = 2;
199 uint64_t tokenId;
200 const char **perms = new (std::nothrow) const char *[2];
201 ASSERT_NE(perms, nullptr);
202 perms[0] = "ohos.permission.test1";
203 perms[1] = "ohos.permission.test2";
204 NativeTokenInfoParams infoInstance = {
205 .dcapsNum = dcapNum,
206 .permsNum = 2,
207 .aclsNum = 0,
208 .dcaps = dcaps,
209 .perms = perms,
210 .acls = nullptr,
211 .aplStr = "system_core",
212 };
213 infoInstance.processName = "";
214 tokenId = GetAccessTokenId(&infoInstance);
215 ASSERT_EQ(tokenId, 0);
216 infoInstance.processName = nullptr;
217 tokenId = GetAccessTokenId(&infoInstance);
218 ASSERT_EQ(tokenId, 0);
219
220 /* 257 is invalid processName length */
221 const std::string invalidProcName (257, 'x');
222 infoInstance.processName = invalidProcName.c_str();
223 tokenId = GetAccessTokenId(&infoInstance);
224 ASSERT_EQ(tokenId, 0);
225
226 /* 255 is valid processName length */
227 const std::string validProcName01 (255, 'x');
228 infoInstance.processName = validProcName01.c_str();
229 tokenId = GetAccessTokenId(&infoInstance);
230 ASSERT_NE(tokenId, 0);
231 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
232
233 /* 256 is valid processName length */
234 const std::string validProcName02 (256, 'x');
235 infoInstance.processName = validProcName02.c_str();
236 tokenId = GetAccessTokenId(&infoInstance);
237 ASSERT_NE(tokenId, 0);
238 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
239 delete[] dcaps;
240 delete[] perms;
241 }
242
243 /**
244 * @tc.name: GetAccessTokenId002
245 * @tc.desc: cannot getAccessTokenId with invalid dcapNum.
246 * @tc.type: FUNC
247 * @tc.require:AR000GK6TD
248 */
249 HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1)
250 {
251 const char **dcaps = new (std::nothrow) const char *[32];
252 ASSERT_NE(dcaps, nullptr);
253 dcaps[0] = "AT_CAP";
254 dcaps[1] = "ST_CAP";
255 int32_t dcapNum = -1;
256 uint64_t tokenId;
257 NativeTokenInfoParams infoInstance = {
258 .permsNum = 0,
259 .aclsNum = 0,
260 .dcaps = dcaps,
261 .perms = nullptr,
262 .aplStr = "system_core",
263 };
264 infoInstance.dcapsNum = dcapNum;
265 infoInstance.processName = "GetAccessTokenId002";
266 tokenId = GetAccessTokenId(&infoInstance);
267 ASSERT_EQ(tokenId, 0);
268
269 /* 33 is invalid dcapNum */
270 dcapNum = 33;
271 infoInstance.dcapsNum = dcapNum;
272 infoInstance.processName = "GetAccessTokenId002_00";
273 tokenId = GetAccessTokenId(&infoInstance);
274 ASSERT_EQ(tokenId, 0);
275
276 for (int32_t i = 0; i < 32; i++) {
277 dcaps[i] = "AT_CAP";
278 }
279 /* 32 is valid dcapNum */
280 dcapNum = 32;
281 infoInstance.dcapsNum = dcapNum;
282 infoInstance.processName = "GetAccessTokenId002_01";
283 tokenId = GetAccessTokenId(&infoInstance);
284 ASSERT_NE(tokenId, 0);
285 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
286
287 /* 31 is valid dcapNum */
288 dcapNum = 31;
289 infoInstance.dcapsNum = dcapNum;
290 infoInstance.processName = "GetAccessTokenId002_02";
291 tokenId = GetAccessTokenId(&infoInstance);
292 ASSERT_NE(tokenId, 0);
293 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
294
295 delete[] dcaps;
296 }
297
298 /**
299 * @tc.name: GetAccessTokenId003
300 * @tc.desc: cannot getAccessTokenId with invalid dcaps.
301 * @tc.type: FUNC
302 * @tc.require:AR000GK6TD
303 */
304 HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1)
305 {
306 const char **dcaps = new (std::nothrow) const char *[2];
307 ASSERT_NE(dcaps, nullptr);
308 dcaps[0] = "AT_CAP";
309 dcaps[1] = "ST_CAP";
310 NativeTokenInfoParams infoInstance = {
311 .dcapsNum = 2,
312 .permsNum = 0,
313 .aclsNum = 0,
314 .dcaps = dcaps,
315 .perms = nullptr,
316 .aplStr = "system_core",
317 };
318 infoInstance.dcaps = nullptr;
319 infoInstance.processName = "GetAccessTokenId003";
320 uint64_t tokenId = GetAccessTokenId(&infoInstance);
321 ASSERT_EQ(tokenId, 0);
322
323 int32_t dcapNum = 0;
324 infoInstance.dcapsNum = dcapNum;
325 infoInstance.dcaps = nullptr;
326 infoInstance.processName = "GetAccessTokenId003_01";
327 tokenId = GetAccessTokenId(&infoInstance);
328 ASSERT_NE(tokenId, 0);
329 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
330
331 dcapNum = 2;
332 /* 1025 is invalid dcap length */
333 const std::string invalidDcap (1025, 'x');
334 dcaps[0] = invalidDcap.c_str();
335 infoInstance.dcapsNum = dcapNum;
336 infoInstance.dcaps = dcaps;
337 infoInstance.processName = "GetAccessTokenId003_02";
338 tokenId = GetAccessTokenId(&infoInstance);
339 ASSERT_EQ(tokenId, 0);
340
341 /* 1024 is valid dcap length */
342 const std::string validDcap01 (1024, 'x');
343 dcaps[0] = validDcap01.c_str();
344 infoInstance.dcapsNum = dcapNum;
345 infoInstance.dcaps = dcaps;
346 infoInstance.processName = "GetAccessTokenId003_03";
347 tokenId = GetAccessTokenId(&infoInstance);
348 ASSERT_NE(tokenId, 0);
349 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
350
351 /* 1023 is valid dcap length */
352 const std::string validDcap02 (1023, 'x');
353 dcaps[0] = validDcap02.c_str();
354 infoInstance.dcapsNum = dcapNum;
355 infoInstance.dcaps = dcaps;
356 infoInstance.processName = "GetAccessTokenId003_04";
357 tokenId = GetAccessTokenId(&infoInstance);
358 ASSERT_NE(tokenId, 0);
359 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
360
361 delete[] dcaps;
362 }
363
364 /**
365 * @tc.name: GetAccessTokenId004
366 * @tc.desc: cannot getAccessTokenId with invalid APL.
367 * @tc.type: FUNC
368 * @tc.require:AR000GK6TD
369 */
370 HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1)
371 {
372 const char **dcaps = new (std::nothrow) const char *[2];
373 ASSERT_NE(dcaps, nullptr);
374 dcaps[0] = "AT_CAP";
375 dcaps[1] = "ST_CAP";
376 int32_t dcapNum = 2;
377 uint64_t tokenId;
378 NativeTokenInfoParams infoInstance = {
379 .dcapsNum = dcapNum,
380 .permsNum = 0,
381 .aclsNum = 0,
382 .dcaps = dcaps,
383 .perms = nullptr,
384 .processName = "GetAccessTokenId003",
385 };
386
387 infoInstance.aplStr = nullptr,
388 tokenId = GetAccessTokenId(&infoInstance);
389 ASSERT_EQ(tokenId, 0);
390
391 infoInstance.aplStr = "system_invalid",
392 tokenId = GetAccessTokenId(&infoInstance);
393 ASSERT_EQ(tokenId, 0);
394
395 delete[] dcaps;
396 }
397
398 /**
399 * @tc.name: GetAccessTokenId005
400 * @tc.desc: Get AccessTokenId successfully.
401 * @tc.type: FUNC
402 * @tc.require:AR000GK6TD
403 */
404 HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1)
405 {
406 uint64_t tokenId01 = Start("GetAccessTokenId005");
407 ASSERT_NE(tokenId01, 0);
408 uint64_t tokenId02 = Start("GetAccessTokenId005");
409 ASSERT_NE(tokenId02, 0);
410
411 ASSERT_EQ(tokenId01, tokenId02);
412 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId005"), 0);
413 }
414
415 /**
416 * @tc.name: GetAccessTokenId006
417 * @tc.desc: Get AccessTokenId with new processName and check g_tokenListHead.
418 * @tc.type: FUNC
419 * @tc.require:AR000GK6TD
420 */
421 HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1)
422 {
423 uint64_t tokenID;
424 tokenID = Start("GetAccessTokenId006");
425 ASSERT_NE(tokenID, 0);
426
427 char *fileBuff = nullptr;
428 int32_t ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff);
429 ASSERT_EQ(ret, ATRET_SUCCESS);
430 string s = "GetAccessTokenId006";
431 char *pos = strstr(fileBuff, s.c_str());
432 ASSERT_NE(pos, nullptr);
433 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId006"), 0);
434 }
435
436 /**
437 * @tc.name: GetAccessTokenId007
438 * @tc.desc: cannot getAccessTokenId with invalid dcapNum.
439 * @tc.type: FUNC
440 * @tc.require:AR000GK6TD
441 */
442 HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1)
443 {
444 const char **perms = new (std::nothrow) const char *[MAX_PERM_NUM];
445 ASSERT_NE(perms, nullptr);
446 perms[0] = "ohos.permission.test1";
447 perms[1] = "ohos.permission.test2";
448 int32_t permsNum = -1;
449 uint64_t tokenId;
450 NativeTokenInfoParams infoInstance = {
451 .dcapsNum = 0,
452 .aclsNum = 0,
453 .dcaps = nullptr,
454 .perms = perms,
455 .aplStr = "system_core",
456 };
457
458 infoInstance.permsNum = permsNum;
459 infoInstance.processName = "GetAccessTokenId007";
460 tokenId = GetAccessTokenId(&infoInstance);
461 ASSERT_EQ(tokenId, 0);
462
463 permsNum = MAX_PERM_NUM + 1;
464 infoInstance.permsNum = permsNum;
465 infoInstance.processName = "GetAccessTokenId007_00";
466 tokenId = GetAccessTokenId(&infoInstance);
467 ASSERT_EQ(tokenId, 0);
468
469 for (int32_t i = 0; i < MAX_PERM_NUM; i++) {
470 perms[i] = "ohos.permission.test";
471 }
472
473 permsNum = MAX_PERM_NUM;
474 infoInstance.permsNum = permsNum;
475 infoInstance.processName = "GetAccessTokenId007_01";
476 tokenId = GetAccessTokenId(&infoInstance);
477 ASSERT_NE(tokenId, 0);
478 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId007_01"), 0);
479
480 permsNum = MAX_PERM_NUM - 1;
481 infoInstance.permsNum = permsNum;
482 infoInstance.processName = "GetAccessTokenId007_02";
483 tokenId = GetAccessTokenId(&infoInstance);
484 ASSERT_NE(tokenId, 0);
485 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId007_02"), 0);
486
487 delete[] perms;
488 }
489
490 /**
491 * @tc.name: GetAccessTokenId008
492 * @tc.desc: Get AccessTokenId with new processName.
493 * @tc.type: FUNC
494 * @tc.require:AR000GK6TD
495 */
496 HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1)
497 {
498 const char **dcaps = new (std::nothrow) const char *[2];
499 ASSERT_NE(dcaps, nullptr);
500 uint64_t tokenId;
501 const char **acls = new (std::nothrow) const char *[2];
502 ASSERT_NE(acls, nullptr);
503 const char **perms = new (std::nothrow) const char *[2];
504 ASSERT_NE(perms, nullptr);
505 perms[0] = "ohos.permission.test1";
506 perms[1] = "ohos.permission.test2";
507 acls[0] = "ohos.permission.test1";
508 acls[1] = "ohos.permission.test2";
509 dcaps[0] = "AT_CAP";
510 dcaps[1] = "ST_CAP";
511 int32_t size = 2;
512 NativeTokenInfoParams infoInstance = {
513 .dcapsNum = size,
514 .permsNum = size,
515 .aclsNum = size,
516 .dcaps = dcaps,
517 .perms = perms,
518 .acls = acls,
519 .processName = "GetAccessTokenId008",
520 .aplStr = "system_core",
521 };
522 tokenId = GetAccessTokenId(&infoInstance);
523 ASSERT_NE(tokenId, 0);
524 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId008"), 0);
525
526 delete[] perms;
527 delete[] dcaps;
528 delete[] acls;
529 }
530
531 /**
532 * @tc.name: GetAccessTokenId009
533 * @tc.desc: cannot getAccessTokenId with invalid perms.
534 * @tc.type: FUNC
535 * @tc.require:AR000GK6TD
536 */
537 HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1)
538 {
539 const char **perms = new (std::nothrow) const char *[2];
540 ASSERT_NE(perms, nullptr);
541 perms[0] = "AT_CAP";
542 perms[1] = "ST_CAP";
543 int32_t permsNum = 2;
544 uint64_t tokenId;
545 NativeTokenInfoParams infoInstance = {
546 .dcapsNum = 0,
547 .dcaps = nullptr,
548 .aplStr = "system_core",
549 };
550
551 infoInstance.permsNum = permsNum;
552 infoInstance.perms = nullptr;
553 infoInstance.processName = "GetAccessTokenId009";
554 tokenId = GetAccessTokenId(&infoInstance);
555 ASSERT_EQ(tokenId, 0);
556
557 permsNum = 0;
558 infoInstance.permsNum = permsNum;
559 infoInstance.perms = nullptr;
560 infoInstance.processName = "GetAccessTokenId009_01";
561 tokenId = GetAccessTokenId(&infoInstance);
562 ASSERT_NE(tokenId, 0);
563 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId009_01"), 0);
564
565 permsNum = 2;
566 /* 1025 is invalid dcap length */
567 const std::string invalidDcap (MAX_PERM_LEN + 1, 'x');
568 perms[0] = invalidDcap.c_str();
569 infoInstance.permsNum = permsNum;
570 infoInstance.perms = perms;
571 infoInstance.processName = "GetAccessTokenId009_02";
572 tokenId = GetAccessTokenId(&infoInstance);
573 ASSERT_EQ(tokenId, 0);
574
575 const std::string validDcap01 (MAX_PERM_LEN, 'x');
576 perms[0] = validDcap01.c_str();
577 infoInstance.permsNum = permsNum;
578 infoInstance.perms = perms;
579 infoInstance.processName = "GetAccessTokenId009_03";
580 tokenId = GetAccessTokenId(&infoInstance);
581 ASSERT_NE(tokenId, 0);
582 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId009_03"), 0);
583
584 const std::string validDcap02 (MAX_PERM_LEN - 1, 'x');
585 perms[0] = validDcap02.c_str();
586 infoInstance.permsNum = permsNum;
587 infoInstance.perms = perms;
588 infoInstance.processName = "GetAccessTokenId009_04";
589 tokenId = GetAccessTokenId(&infoInstance);
590 ASSERT_NE(tokenId, 0);
591 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId009_04"), 0);
592
593 delete[] perms;
594 }
595
596 /**
597 * @tc.name: GetAccessTokenId010
598 * @tc.desc: Get a batch of AccessTokenId.
599 * @tc.type: FUNC
600 * @tc.require:AR000GK6TD
601 */
602 HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1)
603 {
604 char processName[200][MAX_PROCESS_NAME_LEN];
605 /* enable 200 process before fondation is prepared */
606 for (int32_t i = 0; i < 200; i++) {
607 processName[i][0] = '\0';
608 int32_t ret = sprintf_s(processName[i], MAX_PROCESS_NAME_LEN, "processName_%d", i);
609 ASSERT_NE(ret, 0);
610 uint64_t tokenId = Start(processName[i]);
611 ASSERT_NE(tokenId, 0);
612 }
613 char *fileBuff = nullptr;
614 int32_t ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff);
615 ASSERT_EQ(ret, 0);
616 for (int32_t i = 0; i < 200; i++) {
617 char *pos = strstr(fileBuff, processName[i]);
618 ASSERT_NE(pos, nullptr);
619 }
620 free(fileBuff);
621 for (int32_t i = 0; i < 200; i++) {
622 ASSERT_EQ(DeleteAccessTokenId(processName[i]), 0);
623 }
624 }
625
626 /**
627 * @tc.name: GetAccessTokenId011
628 * @tc.desc: Get AccessTokenId and check the config file.
629 * @tc.type: FUNC
630 * @tc.require:AR000GK6TD
631 */
632 HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1)
633 {
634 Start("process1");
635 Start("process2");
636
637 char *fileBuff = nullptr;
638 int32_t ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff);
639 ASSERT_EQ(ret, 0);
640 char *pos = strstr(fileBuff, "process1");
641 ASSERT_NE(pos, nullptr);
642 pos = strstr(fileBuff, "process2");
643 ASSERT_NE(pos, nullptr);
644 free(fileBuff);
645
646 DeleteAccessTokenId("process1");
647 DeleteAccessTokenId("process2");
648 fileBuff = nullptr;
649 ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff);
650 ASSERT_EQ(ret, 0);
651 pos = strstr(fileBuff, "process1");
652 ASSERT_EQ(pos, nullptr);
653 pos = strstr(fileBuff, "process2");
654 ASSERT_EQ(pos, nullptr);
655 free(fileBuff);
656 }
657
658 /**
659 * @tc.name: GetAccessTokenId012
660 * @tc.desc: Get AccessTokenId with valid acls.
661 * @tc.type: FUNC
662 * @tc.require:AR000H09K6
663 */
664 HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1)
665 {
666 const char **dcaps = new (std::nothrow) const char *[2];
667 ASSERT_NE(dcaps, nullptr);
668 dcaps[0] = "AT_CAP";
669 dcaps[1] = "ST_CAP";
670 const char **acls = new (std::nothrow) const char *[2];
671 ASSERT_NE(acls, nullptr);
672 acls[0] = "ohos.permission.test1";
673 acls[1] = "ohos.permission.test2";
674 uint64_t tokenId;
675 int32_t num = 2;
676 NativeTokenInfoParams infoInstance = {
677 .dcapsNum = num,
678 .permsNum = 0,
679 .aclsNum = num,
680 .dcaps = dcaps,
681 .perms = nullptr,
682 .acls = acls,
683 .processName = "GetAccessTokenId012",
684 .aplStr = "system_core",
685 };
686 tokenId = GetAccessTokenId(&infoInstance);
687 ASSERT_EQ(tokenId, 0);
688
689 infoInstance.acls = nullptr;
690 infoInstance.aclsNum = 0;
691
692 delete[] dcaps;
693 delete[] acls;
694 }
695
696 /**
697 * @tc.name: GetAccessTokenId013
698 * @tc.desc: cannot getAccessTokenId with invalid acls.
699 * @tc.type: FUNC
700 * @tc.require:AR000H09K6
701 */
702 HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level1)
703 {
704 const char **acls = new (std::nothrow) const char *[2];
705 ASSERT_NE(acls, nullptr);
706 acls[0] = "AT_CAP";
707 acls[1] = "ST_CAP";
708 NativeTokenInfoParams infoInstance = {
709 .dcapsNum = 0,
710 .permsNum = 2,
711 .aclsNum = 2,
712 .dcaps = nullptr,
713 .perms = acls,
714 .aplStr = "system_core",
715 };
716
717 infoInstance.acls = nullptr;
718 infoInstance.processName = "GetAccessTokenId013";
719 uint64_t tokenId = GetAccessTokenId(&infoInstance);
720 ASSERT_EQ(tokenId, 0);
721
722 int32_t aclsNum = 0;
723 infoInstance.aclsNum = aclsNum;
724 infoInstance.acls = nullptr;
725 infoInstance.processName = "GetAccessTokenId013_01";
726 tokenId = GetAccessTokenId(&infoInstance);
727 ASSERT_NE(tokenId, 0);
728 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
729
730 aclsNum = 1;
731 const std::string invalidAcl (MAX_PERM_LEN + 1, 'x');
732 acls[0] = invalidAcl.c_str();
733 infoInstance.aclsNum = aclsNum;
734 infoInstance.acls = acls;
735 infoInstance.processName = "GetAccessTokenId013_02";
736 tokenId = GetAccessTokenId(&infoInstance);
737 ASSERT_EQ(tokenId, 0);
738
739 const std::string validcAcl01 (MAX_PERM_LEN, 'x');
740 acls[0] = validcAcl01.c_str();
741 infoInstance.aclsNum = aclsNum;
742 infoInstance.acls = acls;
743 infoInstance.processName = "GetAccessTokenId013_03";
744 tokenId = GetAccessTokenId(&infoInstance);
745 ASSERT_NE(tokenId, 0);
746 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
747
748 const std::string validcAcl02 (MAX_PERM_LEN - 1, 'x');
749 acls[0] = validcAcl02.c_str();
750 infoInstance.aclsNum = aclsNum;
751 infoInstance.acls = acls;
752 infoInstance.processName = "GetAccessTokenId013_04";
753 tokenId = GetAccessTokenId(&infoInstance);
754 ASSERT_NE(tokenId, 0);
755 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
756
757 delete[] acls;
758 }
759
760 /**
761 * @tc.name: GetAccessTokenId014
762 * @tc.desc: getAccessTokenId success with perms and acls.
763 * @tc.type: FUNC
764 * @tc.require:AR000H09K7
765 */
766 HWTEST_F(TokenLibKitTest, GetAccessTokenId014, TestSize.Level0)
767 {
768 uint64_t tokenId;
769 const char **acls = new (std::nothrow) const char *[1];
770 ASSERT_NE(acls, nullptr);
771 acls[0] = "ohos.permission.PERMISSION_USED_STATS";
772 const char **perms = new (std::nothrow) const char *[3];
773 ASSERT_NE(perms, nullptr);
774 perms[0] = "ohos.permission.PERMISSION_USED_STATS"; // system_core
775 perms[1] = "ohos.permission.PLACE_CALL"; // system_basic
776 perms[2] = "ohos.permission.unknown"; // invalid
777 NativeTokenInfoParams infoInstance = {
778 .dcapsNum = 0,
779 .permsNum = 3,
780 .dcaps = nullptr,
781 .perms = perms,
782 .aplStr = "system_basic",
783 };
784
785 infoInstance.acls = nullptr;
786 infoInstance.aclsNum = 0;
787 infoInstance.processName = "GetAccessTokenId014_01";
788 tokenId = GetAccessTokenId(&infoInstance);
789 ASSERT_NE(tokenId, 0);
790 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
791
792 infoInstance.acls = acls;
793 infoInstance.aclsNum = 1;
794 infoInstance.processName = "GetAccessTokenId014_02";
795 tokenId = GetAccessTokenId(&infoInstance);
796 ASSERT_NE(tokenId, 0);
797 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
798
799 delete[] perms;
800 delete[] acls;
801 }
802
803 /**
804 * @tc.name: GetAccessTokenId015
805 * @tc.desc: cannot getAccessTokenId with invalid aclsNum.
806 * @tc.type: FUNC
807 * @tc.require:AR000H09K6
808 */
809 HWTEST_F(TokenLibKitTest, GetAccessTokenId015, TestSize.Level1)
810 {
811 const char **perms = new (std::nothrow) const char *[MAX_PERM_NUM + 1];
812 ASSERT_NE(perms, nullptr);
813 perms[0] = "ohos.permission.test1";
814 perms[1] = "ohos.permission.test2";
815 int32_t permsNum = 2;
816 uint64_t tokenId;
817 NativeTokenInfoParams infoInstance = {
818 .dcapsNum = 0,
819 .dcaps = nullptr,
820 .perms = perms,
821 .acls = perms,
822 .aplStr = "system_core",
823 };
824
825 infoInstance.permsNum = permsNum;
826 infoInstance.aclsNum = -1;
827 infoInstance.processName = "GetAccessTokenId015";
828 tokenId = GetAccessTokenId(&infoInstance);
829 ASSERT_EQ(tokenId, 0);
830
831 for (int32_t i = 0; i < MAX_PERM_NUM + 1; i++) {
832 perms[i] = "ohos.permission.test";
833 }
834
835 infoInstance.permsNum = MAX_PERM_NUM;
836 infoInstance.aclsNum = MAX_PERM_NUM + 1;
837 infoInstance.processName = "GetAccessTokenId015_00";
838 tokenId = GetAccessTokenId(&infoInstance);
839 ASSERT_EQ(tokenId, 0);
840
841 permsNum = MAX_PERM_NUM;
842 infoInstance.permsNum = permsNum;
843 infoInstance.aclsNum = permsNum;
844 infoInstance.processName = "GetAccessTokenId015_01";
845 tokenId = GetAccessTokenId(&infoInstance);
846 ASSERT_NE(tokenId, 0);
847 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
848
849 permsNum = MAX_PERM_NUM - 1;
850 infoInstance.permsNum = permsNum;
851 infoInstance.aclsNum = permsNum;
852 infoInstance.processName = "GetAccessTokenId015_02";
853 tokenId = GetAccessTokenId(&infoInstance);
854 ASSERT_NE(tokenId, 0);
855 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
856
857 permsNum = MAX_PERM_NUM - 1;
858 infoInstance.permsNum = permsNum;
859 infoInstance.aclsNum = permsNum + 1;
860 infoInstance.processName = "GetAccessTokenId015_03";
861 tokenId = GetAccessTokenId(&infoInstance);
862 ASSERT_EQ(tokenId, 0);
863
864 delete[] perms;
865 }
866