1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <cstdio>
17 #include <cstring>
18 #include <fcntl.h>
19 #include <gtest/gtest.h>
20 #include <sys/ioctl.h>
21 #include <sys/types.h>
22 #include <ctime>
23 #include <unistd.h>
24 
25 #include "cert_path.h"
26 #include "selinux/selinux.h"
27 
28 namespace OHOS {
29 namespace Security {
30 namespace CodeSign {
31 using namespace std;
32 using namespace testing::ext;
33 
34 static const uint32_t MAX_CERT_CHAIN = 3;
35 static const uint32_t CERT_PATH_TYPE = 0x103;
36 static const uint32_t GREATER_THAN_MAX_CERT_CHAIN = 4;
37 static const uint32_t LESS_THAN_MIN_CERT_CHAIN = -1;
38 
39 static const string DEV_NAME = "/dev/code_sign";
40 static const string TEST_SUBJECT = "OpenHarmony Application Release";
41 static const string TEST_ISSUER = "OpenHarmony Application CA";
42 static const string KEY_ENABLE_CTX = "u:r:key_enable:s0";
43 static const string FAKE_SUBJECT = "Fake subject";
44 static const string FAKE_ISSUER = "Fake issuer";
45 static const string SUBJECT_AS_SYSTEM_TYPE = "System subject";
46 static const string ISSUER_AS_SYSTEM_TYPE = "System issuer";
47 
48 class AddCertPathTest : public testing::Test {
49 public:
AddCertPathTest()50     AddCertPathTest() {};
~AddCertPathTest()51     virtual ~AddCertPathTest() {};
SetUpTestCase()52     static void SetUpTestCase() {};
TearDownTestCase()53     static void TearDownTestCase() {};
SetUp()54     void SetUp() {};
TearDown()55     void TearDown() {};
56 };
57 
MakeCertPathInfo(const char * signing,const char * issuer,uint32_t max_cert_chain,uint32_t cert_path_type)58 static CertPathInfo MakeCertPathInfo(const char *signing, const char *issuer,
59     uint32_t max_cert_chain, uint32_t cert_path_type)
60 {
61     CertPathInfo arg = { 0 };
62     arg.signing = reinterpret_cast<uint64_t>(signing);
63     arg.issuer = reinterpret_cast<uint64_t>(issuer);
64     arg.signing_length = strlen(signing);
65     arg.issuer_length = strlen(issuer);
66     arg.path_len = max_cert_chain;
67     arg.path_type = cert_path_type;
68     return arg;
69 }
70 
71 /**
72  * @tc.name: AddCertPathTest_0001
73  * @tc.desc: calling interface with greater than path len
74  * @tc.type: Func
75  * @tc.require:
76  */
77 HWTEST_F(AddCertPathTest, AddCertPathTest_0001, TestSize.Level0)
78 {
79     CertPathInfo certPathInfo = MakeCertPathInfo(TEST_SUBJECT.c_str(), TEST_ISSUER.c_str(),
80         GREATER_THAN_MAX_CERT_CHAIN, CERT_PATH_TYPE);
81     EXPECT_NE(AddCertPath(certPathInfo), 0);
82 }
83 
84 /**
85  * @tc.name: AddCertPathTest_0002
86  * @tc.desc: calling interface with invalid path len
87  * @tc.type: Func
88  * @tc.require:
89  */
90 HWTEST_F(AddCertPathTest, AddCertPathTest_0002, TestSize.Level0)
91 {
92     CertPathInfo certPathInfo = MakeCertPathInfo(TEST_SUBJECT.c_str(), TEST_ISSUER.c_str(),
93         LESS_THAN_MIN_CERT_CHAIN, CERT_PATH_TYPE);
94     EXPECT_NE(AddCertPath(certPathInfo), 0);
95 }
96 
97 /**
98  * @tc.name: AddCertPathTest_0003
99  * @tc.desc: add cert path success
100  * @tc.type: Func
101  * @tc.require:
102  */
103 HWTEST_F(AddCertPathTest, AddCertPathTest_0003, TestSize.Level0)
104 {
105     // type = developer in release
106     CertPathInfo certPathInfo = MakeCertPathInfo(FAKE_SUBJECT.c_str(), FAKE_ISSUER.c_str(), MAX_CERT_CHAIN, 0x3);
107     EXPECT_EQ(AddCertPath(certPathInfo), 0);
108     EXPECT_EQ(RemoveCertPath(certPathInfo), 0);
109 
110     // type = developer in debug
111     certPathInfo = MakeCertPathInfo(FAKE_SUBJECT.c_str(), FAKE_ISSUER.c_str(), MAX_CERT_CHAIN, 0x103);
112     EXPECT_EQ(AddCertPath(certPathInfo), 0);
113     EXPECT_EQ(RemoveCertPath(certPathInfo), 0);
114 
115     // remove unexists
116     EXPECT_NE(RemoveCertPath(certPathInfo), 0);
117 }
118 
119 /**
120  * @tc.name: AddCertPathTest_0004
121  * @tc.desc: cannot add system cert except key_enable
122  * @tc.type: Func
123  * @tc.require:
124  */
125 HWTEST_F(AddCertPathTest, AddCertPathTest_0004, TestSize.Level0)
126 {
127     // release
128     CertPathInfo certPathInfo = MakeCertPathInfo(SUBJECT_AS_SYSTEM_TYPE.c_str(),
129         ISSUER_AS_SYSTEM_TYPE.c_str(), MAX_CERT_CHAIN, 1);
130     // cannot add except key_enable
131     EXPECT_NE(AddCertPath(certPathInfo), 0);
132 }
133 } // namespace CodeSign
134 } // namespace Security
135 } // namespace OHOS