1 /* 2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include <gtest/gtest.h> 17 18 #include "securec.h" 19 20 #include "defines.h" 21 #include "adaptor_time.h" 22 #include "adaptor_memory.h" 23 #include "enroll_specification_check.h" 24 #include "idm_common.h" 25 #include "token_key.h" 26 27 extern "C" { 28 extern struct SessionInfo { 29 int32_t userId; 30 uint32_t authType; 31 uint64_t time; 32 uint64_t validAuthTokenTime; 33 uint8_t challenge[CHALLENGE_LEN]; 34 uint64_t scheduleId; 35 bool isUpdate; 36 bool isScheduleValid; 37 } *g_session; 38 extern LinkedList *g_userInfoList; 39 extern UserInfo *g_currentUser; 40 extern ResultCode GenerateChallenge(uint8_t *challenge, uint32_t challengeLen); 41 extern ResultCode UserAuthTokenHmac(UserAuthTokenHal *userAuthToken, HksAuthTokenKey *tokenKey); 42 extern ResultCode GetTokenDataCipherResult(const TokenDataToEncrypt *data, UserAuthTokenHal *authToken, 43 const HksAuthTokenKey *tokenKey); 44 } 45 46 namespace OHOS { 47 namespace UserIam { 48 namespace UserAuth { 49 using namespace testing; 50 using namespace testing::ext; 51 52 class EnrollCheckTest : public testing::Test { 53 public: SetUpTestCase()54 static void SetUpTestCase() {}; 55 TearDownTestCase()56 static void TearDownTestCase() {}; 57 SetUp()58 void SetUp() {}; 59 TearDown()60 void TearDown() {}; 61 }; 62 63 #define GENERATE_TOKEN(dataToEncrypt, userAuthTokenHal, tokenKey) \ 64 { \ 65 EXPECT_EQ(GetTokenDataCipherResult(&(dataToEncrypt), &(userAuthTokenHal), &(tokenKey)), RESULT_SUCCESS); \ 66 EXPECT_EQ(UserAuthTokenHmac(&(userAuthTokenHal), &(tokenKey)), RESULT_SUCCESS); \ 67 } 68 69 HWTEST_F(EnrollCheckTest, TestCheckIdmOperationToken_001, TestSize.Level0) 70 { 71 g_session = nullptr; 72 EXPECT_EQ(CheckIdmOperationToken(0, nullptr), RESULT_BAD_PARAM); 73 UserAuthTokenHal token = {}; 74 token.tokenDataPlain.authType = FACE_AUTH; 75 EXPECT_EQ(CheckIdmOperationToken(0, &token), RESULT_BAD_MATCH); 76 TokenDataToEncrypt data = {}; 77 token.tokenDataPlain.time = GetSystemTime(); 78 HksAuthTokenKey tokenKey = {}; 79 EXPECT_EQ(GetTokenKey(&tokenKey), RESULT_SUCCESS); 80 GENERATE_TOKEN(data, token, tokenKey); 81 EXPECT_EQ(CheckIdmOperationToken(0, &token), RESULT_VERIFY_TOKEN_FAIL); 82 token.tokenDataPlain.authType = PIN_AUTH; 83 token.tokenDataPlain.authMode = SCHEDULE_MODE_AUTH; 84 token.tokenDataPlain.tokenType = TOKEN_TYPE_LOCAL_AUTH; 85 GENERATE_TOKEN(data, token, tokenKey); 86 EXPECT_EQ(CheckIdmOperationToken(0, &token), RESULT_BAD_MATCH); 87 token.tokenDataPlain.authMode = SCHEDULE_MODE_AUTH; 88 token.tokenDataPlain.tokenType = TOKEN_TYPE_COAUTH; 89 GENERATE_TOKEN(data, token, tokenKey); 90 EXPECT_EQ(CheckIdmOperationToken(0, &token), RESULT_VERIFY_TOKEN_FAIL); 91 token.tokenDataPlain.tokenType = TOKEN_TYPE_LOCAL_AUTH; 92 GENERATE_TOKEN(data, token, tokenKey); 93 EXPECT_EQ(CheckIdmOperationToken(0, &token), RESULT_BAD_MATCH); 94 } 95 96 HWTEST_F(EnrollCheckTest, TestCheckIdmOperationToken_002, TestSize.Level0) 97 { 98 g_userInfoList = nullptr; 99 constexpr int32_t userId = 2661; 100 constexpr uint64_t validAuthTokenTime = 100; 101 constexpr uint32_t authType = 1; 102 constexpr uint64_t secUid1 = 10; 103 constexpr uint64_t secUid2 = 20; 104 struct SessionInfo session = {}; 105 session.userId = userId; 106 session.validAuthTokenTime = validAuthTokenTime; 107 g_session = &session; 108 EXPECT_EQ(GenerateChallenge(session.challenge, CHALLENGE_LEN), RESULT_SUCCESS); 109 UserAuthTokenHal token = {}; 110 token.tokenDataPlain.authType = authType; 111 token.tokenDataPlain.authMode = SCHEDULE_MODE_AUTH; 112 token.tokenDataPlain.tokenType = TOKEN_TYPE_LOCAL_AUTH; 113 token.tokenDataPlain.time = GetSystemTime(); 114 TokenDataToEncrypt data = { 115 .userId = 0, 116 .secureUid = 10, 117 .enrolledId = 2, 118 .credentialId = 3, 119 }; 120 EXPECT_EQ(memcpy_s(token.tokenDataPlain.challenge, CHALLENGE_LEN, session.challenge, CHALLENGE_LEN), EOK); 121 HksAuthTokenKey tokenKey = {}; 122 EXPECT_EQ(GetTokenKey(&tokenKey), RESULT_SUCCESS); 123 GENERATE_TOKEN(data, token, tokenKey); 124 token.tokenDataPlain.authMode = SCHEDULE_MODE_AUTH; 125 token.tokenDataPlain.tokenType = TOKEN_TYPE_LOCAL_AUTH; 126 EXPECT_EQ(CheckIdmOperationToken(0, &token), RESULT_BAD_MATCH); 127 EXPECT_EQ(CheckIdmOperationToken(session.userId, &token), RESULT_BAD_MATCH); 128 129 data.userId = session.userId; 130 GENERATE_TOKEN(data, token, tokenKey); 131 EXPECT_EQ(CheckIdmOperationToken(session.userId, &token), RESULT_BAD_MATCH); 132 133 g_userInfoList = CreateLinkedList(DestroyUserInfoNode); 134 EXPECT_NE(g_userInfoList, nullptr); 135 UserInfo *userInfo = static_cast<UserInfo *>(Malloc(sizeof(UserInfo))); 136 userInfo->userId = session.userId; 137 userInfo->secUid = secUid2; 138 userInfo->credentialInfoList = CreateLinkedList(DestroyCredentialNode); 139 userInfo->enrolledInfoList = CreateLinkedList(DestroyEnrolledNode); 140 g_userInfoList->insert(g_userInfoList, static_cast<void *>(userInfo)); 141 EXPECT_EQ(CheckIdmOperationToken(session.userId, &token), RESULT_BAD_MATCH); 142 143 userInfo->secUid = secUid1; 144 EXPECT_EQ(CheckIdmOperationToken(session.userId, &token), RESULT_SUCCESS); 145 g_session = nullptr; 146 DestroyLinkedList(g_userInfoList); 147 g_userInfoList = nullptr; 148 } 149 150 HWTEST_F(EnrollCheckTest, TestCheckSpecification, TestSize.Level0) 151 { 152 g_userInfoList = nullptr; 153 g_currentUser = nullptr; 154 constexpr int32_t userId = 2361; 155 constexpr uint32_t authType = 1; 156 EXPECT_EQ(CheckSpecification(userId, authType), RESULT_UNKNOWN); 157 } 158 } // namespace UserAuth 159 } // namespace UserIam 160 } // namespace OHOS 161