1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17 #include <openssl/pem.h>
18
19 #include "securec.h"
20
21 #include "x509_certificate.h"
22 #include "cf_blob.h"
23 #include "crypto_x509_test_common.h"
24 #include "memory_mock.h"
25
26 #include "certificate_openssl_common.h"
27 #include "x509_certificate_openssl.h"
28 #include "certificate_openssl_class.h"
29
30 using namespace std;
31 using namespace testing::ext;
32
33 namespace {
34 class CryptoX509CertificateTest : public testing::Test {
35 public:
36 static void SetUpTestCase();
37 static void TearDownTestCase();
38 void SetUp();
39 void TearDown();
40 };
41
42 constexpr int TEST_CERT_VERSION = 3;
43 constexpr int TEST_CERT_CHAIN_LEN = 2;
44 constexpr int TEST_CERT_SERIAL_NUMBER = 272;
45 constexpr uint32_t HCF_MAX_BUFFER_LEN = 8192;
46
47 static const char g_testUtf8CaCert[] =
48 "-----BEGIN CERTIFICATE-----\r\n"
49 "MIIDizCCAnOgAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNVBAYT\r\n"
50 "AkNOMQ8wDQYDVQQIDAbpmZXopb8xEjAQBgNVBAcMCeilv++/peWuiTEQMA4GA1UE\r\n"
51 "CgwH5rWLJeivlTEWMBQGA1UEAwwN5Lit5paHQOa1i+ivlTAeFw0yNDA1MTUwOTQx\r\n"
52 "NTFaFw0zNDA1MTMwOTQxNTFaMFwxCzAJBgNVBAYTAkNOMQ8wDQYDVQQIDAbpmZXo\r\n"
53 "pb8xEjAQBgNVBAcMCeilv++/peWuiTEQMA4GA1UECgwH5rWLJeivlTEWMBQGA1UE\r\n"
54 "AwwN5Lit5paHQOa1i+ivlTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\r\n"
55 "ANE1XpjR6Zrk2eJ6e9arl3S3KEQFNidC4wANm2uTAhRKWk9u3GQhyaMtJ44TCv7J\r\n"
56 "yG4j5Vn5dXHPELYhKrTUoG2vK7qYigDi2xh3VEQcc9yQGa/BMT2j2xoye62OXd4u\r\n"
57 "3SRKK7suAyBNFuYcOCe7bKaiWoQJJI3+EQjwWVUVcXLdW+spS4DvBA0ZATsZmrs+\r\n"
58 "4pw1q5U68pm5Fy0n14lCQohK1SdiaccAHK129bK5B5KHYuJZ9/jfJZn2zIv8qHV2\r\n"
59 "8NNccqBQS36rVGWfRkfSlHscfDhQ4ZxEhInayfu5BY0qxqLLFOtqeQGvmTTjGW/n\r\n"
60 "L2s47mL0/uWnpFlMJ7BxHoECAwEAAaNTMFEwHQYDVR0OBBYEFKsCCrUUhKQDw4Rl\r\n"
61 "ndlKCRybnupnMB8GA1UdIwQYMBaAFKsCCrUUhKQDw4RlndlKCRybnupnMA8GA1Ud\r\n"
62 "EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBACS1dPSJzMpoZaMohs7Kk0zE\r\n"
63 "e7Mv+iZElwDi3vfG11CynbOleIFEFGeixRTQyVW5SMmZGMdwaF3uD3Uoas7Q9G8d\r\n"
64 "NKZsJa0FeFg5aArBBr7ggbVTR5iEDs32cPr9ic/VDNBGqIcQmp10qvZ0cydK10Fl\r\n"
65 "g/0YJB1pw7zZwz+J5YgTKwkTAbtFLva6yqPno8HG+FruMXF3WxGAsLfIOjL9h7rU\r\n"
66 "jG5iRiA0WjdrKW4YTNNzjoez3SFx7/P7NWg1gp51HwBSL7mg+ctVjsG9G4xwhrLI\r\n"
67 "dcJFeuBWEaWbA6lAiW+lAcQKqqfolHOF7VMIB+ieIUR0cavlHEIGLYg/BL5VSKU=\r\n"
68 "-----END CERTIFICATE-----\r\n";
69
70 static const char g_testUtf8CaCertNull[] =
71 "-----BEGIN CERTIFICATE-----\r\n"
72 "MIIBzjCCATegAwIBAgIGAXKnJjrAMA0GCSqGSIb3DQEBCwUAMAAwHhcNMjQwNTE1\r\n"
73 "MDkzMTQ1WhcNMzQwNTEzMDkzMTQ1WjAAMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\r\n"
74 "iQKBgQCyXbtKPbpKIvQSqFIKThMBHdPkquDJ/Lg8+PDbwP3s+AJ1b6fFhsB9s0oV\r\n"
75 "knmmYT1CYvN52RVYTJJDPFbEFsbBePQLG/OAaMKDg6SXieVgzbvx5MStJaBDvhqT\r\n"
76 "GwdzmxKfadghxdOfT65E4KENUipc2WI0/H2BqvwkXahIugBhJQIDAQABo1MwUTAd\r\n"
77 "BgNVHQ4EFgQUuMkml7Jx2h2A1dEuGt+SLUt2UV8wHwYDVR0jBBgwFoAUuMkml7Jx\r\n"
78 "2h2A1dEuGt+SLUt2UV8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOB\r\n"
79 "gQAFSN+j8N5bORIt79WaM8rSgtKJspxagkyrQxbX6zerhYy1Jdakp/gk0mzjBllD\r\n"
80 "LS1tc0elUH9uBeGMNe0EHaFmIW+9ZyBHNSgC5kFO+c9foM5IlgX2rffgoyYhymzg\r\n"
81 "QjEAdY2Ni2kz9CUvUj8sy/vGtdOXkBFBpGrNUEKz4STKjA==\r\n"
82 "-----END CERTIFICATE-----\r\n";
83
84 static HcfX509Certificate *g_x509CertObj = nullptr;
85
SetUpTestCase()86 void CryptoX509CertificateTest::SetUpTestCase()
87 {
88 CfEncodingBlob inStream = { 0 };
89 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
90 inStream.encodingFormat = CF_FORMAT_PEM;
91 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
92 (void)HcfX509CertificateCreate(&inStream, &g_x509CertObj);
93 }
94
TearDownTestCase()95 void CryptoX509CertificateTest::TearDownTestCase()
96 {
97 CfObjDestroy(g_x509CertObj);
98 }
99
SetUp()100 void CryptoX509CertificateTest::SetUp()
101 {
102 }
103
TearDown()104 void CryptoX509CertificateTest::TearDown()
105 {
106 }
107
108 /**
109 * @tc.name: CryptoX509CertificateTest.GenerateCert001
110 * @tc.desc: Generate valid PEM format certificate.
111 * @tc.type: FUNC
112 * @tc.require: I5QDNN
113 */
114 HWTEST_F(CryptoX509CertificateTest, GenerateCert001, TestSize.Level0)
115 {
116 HcfX509Certificate *x509Cert = nullptr;
117 CfEncodingBlob inStream = { 0 };
118 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
119 inStream.encodingFormat = CF_FORMAT_PEM;
120 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
121 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
122 EXPECT_EQ(ret, CF_SUCCESS);
123 EXPECT_NE(x509Cert, nullptr);
124 CfObjDestroy(x509Cert);
125 }
126
127 /* Invalid input. */
128 HWTEST_F(CryptoX509CertificateTest, GenerateCert002, TestSize.Level0)
129 {
130 HcfX509Certificate *x509Cert = nullptr;
131 CfEncodingBlob inStream = { 0 };
132 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
133 EXPECT_NE(ret, CF_SUCCESS);
134 EXPECT_EQ(x509Cert, nullptr);
135 CfObjDestroy(x509Cert);
136 }
137
138 /* Invalid PEM format. */
139 HWTEST_F(CryptoX509CertificateTest, GenerateCert003, TestSize.Level0)
140 {
141 HcfX509Certificate *x509Cert = nullptr;
142 CfEncodingBlob inStream = { 0 };
143 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testInvalidCert));
144 inStream.encodingFormat = CF_FORMAT_PEM;
145 inStream.len = strlen(g_testInvalidCert) + 1;
146 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
147 EXPECT_NE(ret, CF_SUCCESS);
148 EXPECT_EQ(x509Cert, nullptr);
149 CfObjDestroy(x509Cert);
150 }
151
152 /* Valid DER format. */
153 HWTEST_F(CryptoX509CertificateTest, GenerateCert004, TestSize.Level0)
154 {
155 CfEncodingBlob derBlob = { 0 };
156 CfResult ret = g_x509CertObj->base.getEncoded(reinterpret_cast<HcfCertificate *>(g_x509CertObj), &derBlob);
157 EXPECT_EQ(ret, CF_SUCCESS);
158 EXPECT_NE(derBlob.data, nullptr);
159 EXPECT_EQ(derBlob.encodingFormat, CF_FORMAT_DER);
160 HcfX509Certificate *certFromDerData = nullptr;
161 ret = HcfX509CertificateCreate(&derBlob, &certFromDerData);
162 EXPECT_EQ(ret, CF_SUCCESS);
163 EXPECT_NE(certFromDerData, nullptr);
164
165 free(derBlob.data);
166 CfObjDestroy(certFromDerData);
167 }
168
169 /* verify self signed cert. */
170 HWTEST_F(CryptoX509CertificateTest, Verify001, TestSize.Level0)
171 {
172 HcfPubKey *keyOut = nullptr;
173 CfResult ret = g_x509CertObj->base.getPublicKey(reinterpret_cast<HcfCertificate *>(g_x509CertObj),
174 (void **)&keyOut);
175 EXPECT_EQ(ret, CF_SUCCESS);
176 EXPECT_NE(keyOut, nullptr);
177 ret = g_x509CertObj->base.verify(reinterpret_cast<HcfCertificate *>(g_x509CertObj), keyOut);
178 EXPECT_EQ(ret, CF_SUCCESS);
179 CfObjDestroy(keyOut);
180 }
181
182 /* use root ca cert's public key to verify next cert. */
183 HWTEST_F(CryptoX509CertificateTest, Verify002, TestSize.Level0)
184 {
185 HcfX509Certificate *rootCert = nullptr;
186 CfEncodingBlob root = { 0 };
187 root.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_rootCert));
188 root.encodingFormat = CF_FORMAT_PEM;
189 root.len = strlen(g_rootCert) + 1;
190 CfResult ret = HcfX509CertificateCreate(&root, &rootCert);
191 EXPECT_EQ(ret, CF_SUCCESS);
192 EXPECT_NE(rootCert, nullptr);
193 HcfPubKey *rootkeyOut = nullptr;
194 ret = rootCert->base.getPublicKey(reinterpret_cast<HcfCertificate *>(rootCert), (void **)&rootkeyOut);
195 EXPECT_EQ(ret, CF_SUCCESS);
196 EXPECT_NE(rootkeyOut, nullptr);
197
198 HcfX509Certificate *secondCert = nullptr;
199 CfEncodingBlob second = { 0 };
200 second.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_secondCert));
201 second.encodingFormat = CF_FORMAT_PEM;
202 second.len = strlen(g_secondCert) + 1;
203 ret = HcfX509CertificateCreate(&root, &secondCert);
204 EXPECT_EQ(ret, CF_SUCCESS);
205 EXPECT_NE(rootCert, nullptr);
206 ret = secondCert->base.verify(reinterpret_cast<HcfCertificate *>(secondCert), rootkeyOut);
207 EXPECT_EQ(ret, CF_SUCCESS);
208 CfObjDestroy(rootkeyOut);
209 CfObjDestroy(rootCert);
210 CfObjDestroy(secondCert);
211 }
212
213 /* verify cert with wrong pub key. */
214 HWTEST_F(CryptoX509CertificateTest, Verify003, TestSize.Level0)
215 {
216 HcfX509Certificate *rootCert = nullptr;
217 CfEncodingBlob root = { 0 };
218 root.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_rootCert));
219 root.encodingFormat = CF_FORMAT_PEM;
220 root.len = strlen(g_rootCert) + 1;
221 CfResult ret = HcfX509CertificateCreate(&root, &rootCert);
222 EXPECT_EQ(ret, CF_SUCCESS);
223 EXPECT_NE(rootCert, nullptr);
224 HcfPubKey *rootkeyOut = nullptr;
225 ret = rootCert->base.getPublicKey(reinterpret_cast<HcfCertificate *>(rootCert), (void **)&rootkeyOut);
226 EXPECT_EQ(ret, CF_SUCCESS);
227 EXPECT_NE(rootkeyOut, nullptr);
228
229 ret = g_x509CertObj->base.verify(reinterpret_cast<HcfCertificate *>(g_x509CertObj), rootkeyOut);
230 EXPECT_NE(ret, CF_SUCCESS);
231 CfObjDestroy(rootkeyOut);
232 CfObjDestroy(rootCert);
233 }
234
235 /* verify cert with invalid input pub key. */
236 HWTEST_F(CryptoX509CertificateTest, Verify004, TestSize.Level0)
237 {
238 CfResult ret = g_x509CertObj->base.verify(reinterpret_cast<HcfCertificate *>(g_x509CertObj), nullptr);
239 EXPECT_NE(ret, CF_SUCCESS);
240 }
241
242 HWTEST_F(CryptoX509CertificateTest, GetEncoded001, TestSize.Level0)
243 {
244 CfEncodingBlob encodingBlob = { 0 };
245 CfResult ret = g_x509CertObj->base.getEncoded(reinterpret_cast<HcfCertificate *>(g_x509CertObj), &encodingBlob);
246 EXPECT_EQ(ret, CF_SUCCESS);
247 EXPECT_NE(encodingBlob.data, nullptr);
248 EXPECT_EQ(encodingBlob.encodingFormat, CF_FORMAT_DER);
249 CfEncodingBlobDataFree(&encodingBlob);
250 }
251
252 /* Invalid input. */
253 HWTEST_F(CryptoX509CertificateTest, GetEncoded002, TestSize.Level0)
254 {
255 CfResult ret = g_x509CertObj->base.getEncoded(reinterpret_cast<HcfCertificate *>(g_x509CertObj), nullptr);
256 EXPECT_NE(ret, CF_SUCCESS);
257 }
258
259 HWTEST_F(CryptoX509CertificateTest, GetPublicKey, TestSize.Level0)
260 {
261 HcfPubKey *keyOut = nullptr;
262 CfResult ret = g_x509CertObj->base.getPublicKey(reinterpret_cast<HcfCertificate *>(g_x509CertObj),
263 (void **)&keyOut);
264 EXPECT_EQ(ret, CF_SUCCESS);
265 EXPECT_NE(keyOut, nullptr);
266 CfObjDestroy(keyOut);
267 }
268
269 /* Input valid date. YYMMDDHHMMSSZ */
270 HWTEST_F(CryptoX509CertificateTest, CheckValidityWithDate001, TestSize.Level0)
271 {
272 const char *date = "231018162433Z";
273 // validatetime :2022/08/19 - 2032/08/16
274 CfResult ret = g_x509CertObj->checkValidityWithDate(g_x509CertObj, date);
275 EXPECT_EQ(ret, CF_SUCCESS);
276 }
277
278 /* Input valid date. time format: YYYYMMDDHHMMSSZ */
279 HWTEST_F(CryptoX509CertificateTest, CheckValidityWithDate002, TestSize.Level0)
280 {
281 const char *date = "20231018162433Z";
282 // validatetime :2022/08/19 - 2032/08/16
283 CfResult ret = g_x509CertObj->checkValidityWithDate(g_x509CertObj, date);
284 EXPECT_EQ(ret, CF_SUCCESS);
285 }
286
287 /* Input invalid date--expiered. */
288 HWTEST_F(CryptoX509CertificateTest, CheckValidityWithDate003, TestSize.Level0)
289 {
290 const char *date = "20991018162433Z";
291 // validatetime :2022/08/19 - 2032/08/16
292 CfResult ret = g_x509CertObj->checkValidityWithDate(g_x509CertObj, date);
293 EXPECT_EQ(ret, CF_ERR_CERT_HAS_EXPIRED);
294 }
295
296 /* Input invalid date. */
297 HWTEST_F(CryptoX509CertificateTest, CheckValidityWithDate004, TestSize.Level0)
298 {
299 const char *date = "20191018162433Z";
300 // validatetime :2022/08/19 - 2032/08/16
301 CfResult ret = g_x509CertObj->checkValidityWithDate(g_x509CertObj, date);
302 EXPECT_EQ(ret, CF_ERR_CERT_NOT_YET_VALID);
303 }
304
305 /* Input invalid date form. */
306 HWTEST_F(CryptoX509CertificateTest, CheckValidityWithDate005, TestSize.Level0)
307 {
308 const char *date = "20191018";
309 // validatetime :2022/08/19 - 2032/08/16
310 CfResult ret = g_x509CertObj->checkValidityWithDate(g_x509CertObj, date);
311 EXPECT_NE(ret, CF_SUCCESS);
312 }
313
314 HWTEST_F(CryptoX509CertificateTest, GetVersion, TestSize.Level0)
315 {
316 long ver = g_x509CertObj->getVersion(g_x509CertObj);
317 EXPECT_EQ(ver, TEST_CERT_VERSION);
318 }
319
320 HWTEST_F(CryptoX509CertificateTest, GetSerialNumber, TestSize.Level0)
321 {
322 CfBlob out = { 0, nullptr };
323 CfResult ret = g_x509CertObj->getSerialNumber(g_x509CertObj, &out);
324 EXPECT_EQ(ret, CF_SUCCESS);
325 EXPECT_NE(out.data, nullptr);
326 EXPECT_EQ(out.size, 2); /* out size: 2 bytes */
327 EXPECT_EQ(out.data[0] * 0x100 + out.data[1], TEST_CERT_SERIAL_NUMBER);
328 CfBlobDataClearAndFree(&out);
329 }
330
331 HWTEST_F(CryptoX509CertificateTest, GetIssuerName001, TestSize.Level0)
332 {
333 CfBlob out = { 0 };
334 CfResult ret = g_x509CertObj->getIssuerName(g_x509CertObj, &out);
335 EXPECT_EQ(ret, CF_SUCCESS);
336 EXPECT_NE(out.data, nullptr);
337 CfBlobDataClearAndFree(&out);
338 }
339
340 /* invalid input. */
341 HWTEST_F(CryptoX509CertificateTest, GetIssuerName002, TestSize.Level0)
342 {
343 CfResult ret = g_x509CertObj->getIssuerName(g_x509CertObj, nullptr);
344 EXPECT_NE(ret, CF_SUCCESS);
345 }
346
347 HWTEST_F(CryptoX509CertificateTest, GetSubjectName001, TestSize.Level0)
348 {
349 CfBlob out = { 0 };
350 CfResult ret = g_x509CertObj->getSubjectName(g_x509CertObj, &out);
351 EXPECT_EQ(ret, CF_SUCCESS);
352 EXPECT_NE(out.data, nullptr);
353 CfBlobDataClearAndFree(&out);
354 }
355
356 /* invalid input. */
357 HWTEST_F(CryptoX509CertificateTest, GetSubjectName002, TestSize.Level0)
358 {
359 CfResult ret = g_x509CertObj->getSubjectName(g_x509CertObj, nullptr);
360 EXPECT_NE(ret, CF_SUCCESS);
361 }
362
363 HWTEST_F(CryptoX509CertificateTest, GetNotBeforeTime001, TestSize.Level0)
364 {
365 CfBlob out = { 0 };
366 CfResult ret = g_x509CertObj->getNotBeforeTime(g_x509CertObj, &out);
367 EXPECT_EQ(ret, CF_SUCCESS);
368 EXPECT_NE(out.data, nullptr);
369 CfBlobDataClearAndFree(&out);
370 }
371
372 /* invalid input. */
373 HWTEST_F(CryptoX509CertificateTest, GetNotBeforeTime002, TestSize.Level0)
374 {
375 CfResult ret = g_x509CertObj->getNotBeforeTime(g_x509CertObj, nullptr);
376 EXPECT_NE(ret, CF_SUCCESS);
377 }
378
379 HWTEST_F(CryptoX509CertificateTest, GetNotAfterTime001, TestSize.Level0)
380 {
381 CfBlob out = { 0 };
382 CfResult ret = g_x509CertObj->getNotAfterTime(g_x509CertObj, &out);
383 EXPECT_EQ(ret, CF_SUCCESS);
384 EXPECT_NE(out.data, nullptr);
385 CfBlobDataClearAndFree(&out);
386 }
387
388 /* invalid input. */
389 HWTEST_F(CryptoX509CertificateTest, GetNotAfterTime002, TestSize.Level0)
390 {
391 CfResult ret = g_x509CertObj->getNotAfterTime(g_x509CertObj, nullptr);
392 EXPECT_NE(ret, CF_SUCCESS);
393 }
394
395 HWTEST_F(CryptoX509CertificateTest, GetSignature001, TestSize.Level0)
396 {
397 CfBlob sigOut = { 0 };
398 CfResult ret = g_x509CertObj->getSignature(g_x509CertObj, &sigOut);
399 EXPECT_EQ(ret, CF_SUCCESS);
400 EXPECT_NE(sigOut.data, nullptr);
401 CfBlobDataClearAndFree(&sigOut);
402 }
403
404 /* invalid input. */
405 HWTEST_F(CryptoX509CertificateTest, GetSignature002, TestSize.Level0)
406 {
407 CfResult ret = g_x509CertObj->getSignature(g_x509CertObj, nullptr);
408 EXPECT_NE(ret, CF_SUCCESS);
409 }
410
411 HWTEST_F(CryptoX509CertificateTest, GetSignatureAlgName001, TestSize.Level0)
412 {
413 CfBlob sigAlgName = { 0 };
414 CfResult ret = g_x509CertObj->getSignatureAlgName(g_x509CertObj, &sigAlgName);
415 EXPECT_EQ(ret, CF_SUCCESS);
416 EXPECT_NE(sigAlgName.data, nullptr);
417 CfBlobDataClearAndFree(&sigAlgName);
418 }
419
420 /* invalid input. */
421 HWTEST_F(CryptoX509CertificateTest, GetSignatureAlgName002, TestSize.Level0)
422 {
423 CfResult ret = g_x509CertObj->getSignatureAlgName(g_x509CertObj, nullptr);
424 EXPECT_NE(ret, CF_SUCCESS);
425 }
426
427 HWTEST_F(CryptoX509CertificateTest, GetSignatureAlgOid001, TestSize.Level0)
428 {
429 CfBlob sigAlgOid = { 0 };
430 CfResult ret = g_x509CertObj->getSignatureAlgOid(g_x509CertObj, &sigAlgOid);
431 EXPECT_EQ(ret, CF_SUCCESS);
432 EXPECT_NE(sigAlgOid.data, nullptr);
433 CfBlobDataClearAndFree(&sigAlgOid);
434 }
435
436 /* invalid input. */
437 HWTEST_F(CryptoX509CertificateTest, GetSignatureAlgOid002, TestSize.Level0)
438 {
439 CfResult ret = g_x509CertObj->getSignatureAlgOid(g_x509CertObj, nullptr);
440 EXPECT_NE(ret, CF_SUCCESS);
441 }
442
443 HWTEST_F(CryptoX509CertificateTest, GetSignatureAlgParams001, TestSize.Level0)
444 {
445 CfBlob sigAlgParamsOut = { 0 };
446 CfResult ret = g_x509CertObj->getSignatureAlgParams(g_x509CertObj, &sigAlgParamsOut);
447 EXPECT_EQ(ret, CF_SUCCESS);
448 EXPECT_NE(sigAlgParamsOut.data, nullptr);
449 CfBlobDataClearAndFree(&sigAlgParamsOut);
450 }
451
452 /* invalid input. */
453 HWTEST_F(CryptoX509CertificateTest, GetSignatureAlgParams002, TestSize.Level0)
454 {
455 CfResult ret = g_x509CertObj->getSignatureAlgParams(g_x509CertObj, nullptr);
456 EXPECT_NE(ret, CF_SUCCESS);
457 }
458
459 HWTEST_F(CryptoX509CertificateTest, GetKeyUsage, TestSize.Level0)
460 {
461 CfBlob out = { 0 };
462 CfResult ret = g_x509CertObj->getKeyUsage(g_x509CertObj, &out);
463 EXPECT_EQ(ret, CF_SUCCESS);
464 EXPECT_NE(out.data, nullptr);
465 CfBlobDataClearAndFree(&out);
466 }
467
468 HWTEST_F(CryptoX509CertificateTest, GetExtKeyUsage001, TestSize.Level0)
469 {
470 CfArray keyUsageOut = { 0 };
471 CfResult ret = g_x509CertObj->getExtKeyUsage(g_x509CertObj, &keyUsageOut);
472 EXPECT_EQ(ret, CF_SUCCESS);
473 EXPECT_NE(keyUsageOut.data, nullptr);
474 CfArrayDataClearAndFree(&keyUsageOut);
475 }
476
477 /* Cert which has no extended key usage. */
478 HWTEST_F(CryptoX509CertificateTest, GetExtKeyUsage002, TestSize.Level0)
479 {
480 CfArray keyUsageOut = { 0 };
481 HcfX509Certificate *x509Cert = nullptr;
482 CfEncodingBlob inStream = { 0 };
483 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_secondCert));
484 inStream.encodingFormat = CF_FORMAT_PEM;
485 inStream.len = strlen(g_secondCert) + 1;
486 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
487 EXPECT_EQ(ret, CF_SUCCESS);
488 EXPECT_NE(x509Cert, nullptr);
489 ret = x509Cert->getExtKeyUsage(x509Cert, &keyUsageOut);
490 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
491 EXPECT_EQ(keyUsageOut.data, nullptr);
492 CfObjDestroy(x509Cert);
493 }
494
495 /* not a CA cert */
496 HWTEST_F(CryptoX509CertificateTest, GetBasicConstraints001, TestSize.Level0)
497 {
498 HcfX509Certificate *x509Cert = nullptr;
499 CfEncodingBlob inStream = { 0 };
500 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_deviceTestCert));
501 inStream.encodingFormat = CF_FORMAT_PEM;
502 inStream.len = strlen(g_deviceTestCert) + 1;
503 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
504 EXPECT_EQ(ret, CF_SUCCESS);
505 EXPECT_NE(x509Cert, nullptr);
506 int32_t pathLen = x509Cert->getBasicConstraints(x509Cert);
507 EXPECT_EQ(pathLen, -1); /* cert path len is only valid for CA. */
508 CfObjDestroy(x509Cert);
509 }
510
511 /* CA cert */
512 HWTEST_F(CryptoX509CertificateTest, GetBasicConstraints002, TestSize.Level0)
513 {
514 int32_t pathLen = g_x509CertObj->getBasicConstraints(g_x509CertObj);
515 EXPECT_EQ(pathLen, TEST_CERT_CHAIN_LEN); /* g_testSelfSignedCaCert is CA and it's path len is 2. */
516 }
517
518 /* invalid input. */
519 HWTEST_F(CryptoX509CertificateTest, GetBasicConstraints003, TestSize.Level0)
520 {
521 int32_t pathLen = g_x509CertObj->getBasicConstraints(nullptr);
522 EXPECT_EQ(pathLen, -1);
523 }
524
525 HWTEST_F(CryptoX509CertificateTest, GetSubjectAltNames001, TestSize.Level0)
526 {
527 CfArray outName = { 0 };
528 CfResult ret = g_x509CertObj->getSubjectAltNames(g_x509CertObj, &outName);
529 EXPECT_EQ(ret, CF_SUCCESS);
530 EXPECT_NE(outName.data, nullptr);
531 CfArrayDataClearAndFree(&outName);
532 }
533
534 /* cert without subject alternative names. */
535 HWTEST_F(CryptoX509CertificateTest, GetSubjectAltNames002, TestSize.Level0)
536 {
537 CfArray outName = { 0 };
538 HcfX509Certificate *x509Cert = nullptr;
539 CfEncodingBlob inStream = { 0 };
540 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_secondCert));
541 inStream.encodingFormat = CF_FORMAT_PEM;
542 inStream.len = strlen(g_secondCert) + 1;
543 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
544 EXPECT_EQ(ret, CF_SUCCESS);
545 EXPECT_NE(x509Cert, nullptr);
546 ret = x509Cert->getSubjectAltNames(x509Cert, &outName);
547 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
548 EXPECT_EQ(outName.data, nullptr);
549 CfObjDestroy(x509Cert);
550 }
551
552 /* invalid input. */
553 HWTEST_F(CryptoX509CertificateTest, GetSubjectAltNames003, TestSize.Level0)
554 {
555 HcfX509Certificate *x509Cert = nullptr;
556 CfEncodingBlob inStream = { 0 };
557 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_secondCert));
558 inStream.encodingFormat = CF_FORMAT_PEM;
559 inStream.len = strlen(g_secondCert) + 1;
560 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
561 EXPECT_EQ(ret, CF_SUCCESS);
562 EXPECT_NE(x509Cert, nullptr);
563 ret = x509Cert->getSubjectAltNames(x509Cert, nullptr);
564 EXPECT_EQ(ret, CF_INVALID_PARAMS);
565 CfObjDestroy(x509Cert);
566 }
567
568 HWTEST_F(CryptoX509CertificateTest, GetIssuerAltNames001, TestSize.Level0)
569 {
570 CfArray outName = { 0 };
571 CfResult ret = g_x509CertObj->getIssuerAltNames(g_x509CertObj, &outName);
572 EXPECT_EQ(ret, CF_SUCCESS);
573 EXPECT_NE(outName.data, nullptr);
574 CfArrayDataClearAndFree(&outName);
575 }
576
577 /* cert without issuer alternative names. */
578 HWTEST_F(CryptoX509CertificateTest, GetIssuerAltNames002, TestSize.Level0)
579 {
580 CfArray outName = { 0 };
581 HcfX509Certificate *x509Cert = nullptr;
582 CfEncodingBlob inStream = { 0 };
583 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_secondCert));
584 inStream.encodingFormat = CF_FORMAT_PEM;
585 inStream.len = strlen(g_secondCert) + 1;
586 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
587 EXPECT_EQ(ret, CF_SUCCESS);
588 EXPECT_NE(x509Cert, nullptr);
589 ret = x509Cert->getIssuerAltNames(x509Cert, &outName);
590 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
591 EXPECT_EQ(outName.data, nullptr);
592 CfObjDestroy(x509Cert);
593 }
594
595 /* invalid input. */
596 HWTEST_F(CryptoX509CertificateTest, GetIssuerAltNames003, TestSize.Level0)
597 {
598 HcfX509Certificate *x509Cert = nullptr;
599 CfEncodingBlob inStream = { 0 };
600 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_secondCert));
601 inStream.encodingFormat = CF_FORMAT_PEM;
602 inStream.len = strlen(g_secondCert) + 1;
603 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
604 EXPECT_EQ(ret, CF_SUCCESS);
605 EXPECT_NE(x509Cert, nullptr);
606 ret = x509Cert->getIssuerAltNames(x509Cert, nullptr);
607 EXPECT_EQ(ret, CF_INVALID_PARAMS);
608 CfObjDestroy(x509Cert);
609 }
610
611 /* oid is nullptr */
612 HWTEST_F(CryptoX509CertificateTest, GetAlgorithmName001, TestSize.Level0)
613 {
614 const char *str = GetAlgorithmName(nullptr);
615 EXPECT_EQ(str, nullptr);
616 }
617
618 /* oid not found */
619 HWTEST_F(CryptoX509CertificateTest, GetAlgorithmName002, TestSize.Level0)
620 {
621 char oid[] = "1.2.840.113549.1.1.255";
622 const char *str = GetAlgorithmName(oid);
623 EXPECT_EQ(str, nullptr);
624 }
625
626 /* self point is nullptr */
627 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest001, TestSize.Level0)
628 {
629 bool bResult = true;
630 HcfX509CertMatchParams matchParams;
631 matchParams.x509Cert = &(g_x509CertObj->base);
632 CfResult ret = g_x509CertObj->match(nullptr, &matchParams, &bResult);
633 EXPECT_NE(ret, CF_SUCCESS);
634 }
635
636 /* x509Cert point is nullptr */
637 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest002, TestSize.Level0)
638 {
639 bool bResult = true;
640 CfResult ret = g_x509CertObj->match(g_x509CertObj, nullptr, &bResult);
641 EXPECT_NE(ret, CF_SUCCESS);
642 }
643
644 /* out point is nullptr */
645 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest003, TestSize.Level0)
646 {
647 HcfX509CertMatchParams matchParams;
648 matchParams.x509Cert = &(g_x509CertObj->base);
649 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, nullptr);
650 EXPECT_NE(ret, CF_SUCCESS);
651 }
652
653 /* self is not a invalidCertClass */
654 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest004, TestSize.Level0)
655 {
656 HcfX509CertificateSpi invalidSpi = { { 0 } };
657 invalidSpi.base.getClass = GetInvalidCertClass;
658
659 HcfX509CertMatchParams matchParams;
660 matchParams.x509Cert = &(g_x509CertObj->base);
661
662 CfResult ret = g_x509CertObj->match((HcfX509Certificate *)&invalidSpi, &matchParams, nullptr);
663 EXPECT_NE(ret, CF_SUCCESS);
664 }
665
666 /* self cert encodedBlob is not equal to x509Cert */
667 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest005, TestSize.Level0)
668 {
669 HcfX509Certificate *x509Cert = nullptr;
670 CfEncodingBlob inStream = { 0 };
671 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_secondCert));
672 inStream.encodingFormat = CF_FORMAT_PEM;
673 inStream.len = strlen(g_secondCert) + 1;
674 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
675 EXPECT_EQ(ret, CF_SUCCESS);
676 EXPECT_NE(x509Cert, nullptr);
677
678 bool bResult = true;
679 HcfX509CertMatchParams matchParams;
680 matchParams.x509Cert = &(x509Cert->base);
681 ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
682 EXPECT_EQ(ret, CF_SUCCESS);
683 EXPECT_EQ(bResult, false);
684
685 CfObjDestroy(x509Cert);
686 }
687
688 /* self encodedBlob length equales to x509Cert */
689 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest006, TestSize.Level0)
690 {
691 ASSERT_NE(g_x509CertObj, nullptr);
692 bool bResult = true;
693 HcfX509CertMatchParams matchParams;
694 matchParams.x509Cert = &(g_x509CertObj->base);
695 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
696 EXPECT_EQ(ret, CF_SUCCESS);
697 EXPECT_EQ(bResult, true);
698 }
699
700 /* HcfX509CertMatchParams`s subject is valid */
701 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest007, TestSize.Level0)
702 {
703 ASSERT_NE(g_x509CertObj, nullptr);
704 bool bResult = true;
705 CfBlob cfBlobDataParam = { 0 };
706 cfBlobDataParam.data = (uint8_t *)(&g_testSubjectAndIssuerNameDerData[0]);
707 cfBlobDataParam.size = g_testSubjectAndIssuerNameDerDataSize;
708
709 HcfX509CertMatchParams matchParams;
710 matchParams.subject = &cfBlobDataParam;
711 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
712 EXPECT_EQ(ret, CF_SUCCESS);
713 EXPECT_EQ(bResult, true);
714 }
715
716 /* HcfX509CertMatchParams`s subject is invalid */
717 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest008, TestSize.Level0)
718 {
719 ASSERT_NE(g_x509CertObj, nullptr);
720 bool bResult = true;
721 CfBlob cfBlobDataParam = { 0 };
722 cfBlobDataParam.data = (uint8_t *)(&g_deviceTestCert[0]);
723 cfBlobDataParam.size = g_deviceTestCertSize;
724
725 HcfX509CertMatchParams matchParams;
726 matchParams.subject = &cfBlobDataParam;
727 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
728 EXPECT_NE(ret, CF_SUCCESS);
729 }
730
731 /* HcfX509CertMatchParams`s validDate is less than start time(20220819124906Z) */
732 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest009, TestSize.Level0)
733 {
734 ASSERT_NE(g_x509CertObj, nullptr);
735 bool bResult = true;
736 const char *date = "20220819124900Z";
737 CfBlob validDate = { 0 };
738 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
739 validDate.size = strlen(date) + 1;
740 HcfX509CertMatchParams matchParams;
741 matchParams.validDate = &validDate;
742 // validatetime :2022/08/19 - 2032/08/16
743 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
744 EXPECT_EQ(ret, CF_SUCCESS);
745 EXPECT_EQ(bResult, false);
746 }
747
748 /* HcfX509CertMatchParams`s validDate is equal to start time(20220819124906Z) */
749 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest010, TestSize.Level0)
750 {
751 ASSERT_NE(g_x509CertObj, nullptr);
752 bool bResult = true;
753 const char *date = "20220819124906Z";
754 CfBlob validDate = { 0 };
755 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
756 validDate.size = strlen(date) + 1;
757 HcfX509CertMatchParams matchParams;
758 matchParams.validDate = &validDate;
759 // validatetime :2022/08/19 - 2032/08/16
760 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
761 EXPECT_EQ(ret, CF_SUCCESS);
762 EXPECT_EQ(bResult, true);
763 }
764
765 /* HcfX509CertMatchParams`s validDate is valid */
766 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest011, TestSize.Level0)
767 {
768 ASSERT_NE(g_x509CertObj, nullptr);
769 bool bResult = true;
770 const char *date = "20231018162433Z";
771 CfBlob validDate = { 0 };
772 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
773 validDate.size = strlen(date) + 1;
774 HcfX509CertMatchParams matchParams;
775 matchParams.validDate = &validDate;
776 // validatetime :2022/08/19 - 2032/08/16
777 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
778 EXPECT_EQ(ret, CF_SUCCESS);
779 EXPECT_EQ(bResult, true);
780 }
781
782 /* HcfX509CertMatchParams`s validDate is equal to end time(20320816124906Z) */
783 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest012, TestSize.Level0)
784 {
785 ASSERT_NE(g_x509CertObj, nullptr);
786 bool bResult = true;
787 const char *date = "20320816124906Z";
788 CfBlob validDate = { 0 };
789 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
790 validDate.size = strlen(date) + 1;
791 HcfX509CertMatchParams matchParams;
792 matchParams.validDate = &validDate;
793 // validatetime :2022/08/19 - 2032/08/16
794 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
795 EXPECT_EQ(ret, CF_SUCCESS);
796 EXPECT_EQ(bResult, true);
797 }
798
799 /* HcfX509CertMatchParams`s validDate is more than end time(20320816124906Z) */
800 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest013, TestSize.Level0)
801 {
802 ASSERT_NE(g_x509CertObj, nullptr);
803 bool bResult = true;
804 const char *date = "20330816124906Z";
805 CfBlob validDate = { 0 };
806 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
807 validDate.size = strlen(date) + 1;
808 HcfX509CertMatchParams matchParams;
809 matchParams.validDate = &validDate;
810 // validatetime :2022/08/19 - 2032/08/16
811 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
812 EXPECT_EQ(ret, CF_SUCCESS);
813 EXPECT_EQ(bResult, false);
814 }
815
816 /* HcfX509CertMatchParams`s validDate is empty string */
817 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest014, TestSize.Level0)
818 {
819 ASSERT_NE(g_x509CertObj, nullptr);
820 bool bResult = true;
821 string emptyData = "";
822 const char *date = emptyData.c_str();
823 CfBlob validDate = { 0 };
824 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
825 validDate.size = strlen(date) + 1;
826 HcfX509CertMatchParams matchParams;
827 matchParams.validDate = &validDate;
828 // validatetime :2022/08/19 - 2032/08/16
829 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
830 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
831 }
832
833 /* HcfX509CertMatchParams`s issuer is valid */
834 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest015, TestSize.Level0)
835 {
836 ASSERT_NE(g_x509CertObj, nullptr);
837 bool bResult = true;
838 CfBlob cfBlobDataParam = { 0 };
839 cfBlobDataParam.data = (uint8_t *)(&g_testSubjectAndIssuerNameDerData[0]);
840 cfBlobDataParam.size = g_testSubjectAndIssuerNameDerDataSize;
841
842 HcfX509CertMatchParams matchParams;
843 matchParams.issuer = &cfBlobDataParam;
844 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
845 EXPECT_EQ(ret, CF_SUCCESS);
846 EXPECT_EQ(bResult, true);
847 }
848
849 /* HcfX509CertMatchParams`s issuer is invalid */
850 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest016, TestSize.Level0)
851 {
852 ASSERT_NE(g_x509CertObj, nullptr);
853 bool bResult = true;
854 CfBlob cfBlobDataParam = { 0 };
855 cfBlobDataParam.data = (uint8_t *)(&g_deviceTestCert[0]);
856 cfBlobDataParam.size = g_deviceTestCertSize;
857
858 HcfX509CertMatchParams matchParams;
859 matchParams.issuer = &cfBlobDataParam;
860 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
861 EXPECT_NE(ret, CF_SUCCESS);
862 }
863
864 /* HcfX509CertMatchParams`s keyUsage is valid */
865 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest017, TestSize.Level0)
866 {
867 ASSERT_NE(g_x509CertObj, nullptr);
868 bool bResult = true;
869 CfBlob cfBlobDataParam = { 0 };
870 CfResult ret = g_x509CertObj->getKeyUsage(g_x509CertObj, &cfBlobDataParam);
871 EXPECT_EQ(ret, CF_SUCCESS);
872
873 HcfX509CertMatchParams matchParams;
874 matchParams.keyUsage = &cfBlobDataParam;
875 ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
876 EXPECT_EQ(ret, CF_SUCCESS);
877 EXPECT_EQ(bResult, true);
878 CfBlobDataClearAndFree(&cfBlobDataParam);
879 }
880
881 /* HcfX509CertMatchParams`s keyUsage`s length is smaller */
882 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest018, TestSize.Level0)
883 {
884 ASSERT_NE(g_x509CertObj, nullptr);
885 bool bResult = true;
886 CfBlob cfBlobDataParam = { 0 };
887 CfBlob cfBlobDataSelf = { 0 };
888 CfResult ret = g_x509CertObj->getKeyUsage(g_x509CertObj, &cfBlobDataSelf);
889 EXPECT_EQ(ret, CF_SUCCESS);
890
891 uint8_t *data = static_cast<uint8_t *>(CfMalloc(cfBlobDataSelf.size - 1, 0));
892 for (uint32_t index = 0; index < cfBlobDataSelf.size - 1; index++) {
893 data[index] = cfBlobDataSelf.data[index];
894 }
895 cfBlobDataParam.size = cfBlobDataSelf.size - 1;
896 cfBlobDataParam.data = data;
897 HcfX509CertMatchParams matchParams;
898 matchParams.keyUsage = &cfBlobDataParam;
899 ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
900 EXPECT_EQ(ret, CF_SUCCESS);
901 EXPECT_EQ(bResult, false);
902
903 CfFree(data);
904 CfBlobDataClearAndFree(&cfBlobDataSelf);
905 }
906
907 /* HcfX509CertMatchParams`s keyUsage`s length is greater */
908 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest019, TestSize.Level0)
909 {
910 ASSERT_NE(g_x509CertObj, nullptr);
911 bool bResult = true;
912 CfBlob cfBlobDataParam = { 0 };
913 CfBlob cfBlobDataSelf = { 0 };
914 CfResult ret = g_x509CertObj->getKeyUsage(g_x509CertObj, &cfBlobDataSelf);
915 EXPECT_EQ(ret, CF_SUCCESS);
916
917 uint8_t *data = static_cast<uint8_t *>(CfMalloc(cfBlobDataSelf.size + 1, 0));
918 uint32_t index = 0;
919 for (index = 0; index < cfBlobDataSelf.size; index++) {
920 data[index] = cfBlobDataSelf.data[index];
921 }
922 data[index] = 1;
923
924 cfBlobDataParam.size = cfBlobDataSelf.size + 1;
925 cfBlobDataParam.data = data;
926 HcfX509CertMatchParams matchParams;
927 matchParams.keyUsage = &cfBlobDataParam;
928 ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
929 EXPECT_EQ(ret, CF_SUCCESS);
930 EXPECT_EQ(bResult, false);
931
932 CfFree(data);
933 CfBlobDataClearAndFree(&cfBlobDataSelf);
934 }
935
936 /* HcfX509CertMatchParams`s keyUsage`s length is greater */
937 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest020, TestSize.Level0)
938 {
939 ASSERT_NE(g_x509CertObj, nullptr);
940 bool bResult = true;
941 CfBlob cfBlobDataParam = { 0 };
942 CfBlob cfBlobDataSelf = { 0 };
943 CfResult ret = g_x509CertObj->getKeyUsage(g_x509CertObj, &cfBlobDataSelf);
944 EXPECT_EQ(ret, CF_SUCCESS);
945
946 uint8_t *data = static_cast<uint8_t *>(CfMalloc(cfBlobDataSelf.size + 1, 0));
947 uint32_t index = 0;
948 for (index = 0; index < cfBlobDataSelf.size; index++) {
949 data[index] = cfBlobDataSelf.data[index];
950 }
951 data[index] = 0;
952
953 cfBlobDataParam.size = cfBlobDataSelf.size + 1;
954 cfBlobDataParam.data = data;
955 HcfX509CertMatchParams matchParams;
956 matchParams.keyUsage = &cfBlobDataParam;
957 ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
958 EXPECT_EQ(ret, CF_SUCCESS);
959 EXPECT_EQ(bResult, true);
960
961 CfFree(data);
962 CfBlobDataClearAndFree(&cfBlobDataSelf);
963 }
964
965 /* HcfX509CertMatchParams`s keyUsage`s length is equals to self`s */
966 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest021, TestSize.Level0)
967 {
968 ASSERT_NE(g_x509CertObj, nullptr);
969 bool bResult = true;
970 CfBlob cfBlobDataParam = { 0 };
971 CfBlob cfBlobDataSelf = { 0 };
972 CfResult ret = g_x509CertObj->getKeyUsage(g_x509CertObj, &cfBlobDataSelf);
973 EXPECT_EQ(ret, CF_SUCCESS);
974
975 uint8_t *data = static_cast<uint8_t *>(CfMalloc(cfBlobDataSelf.size, 0));
976 for (uint32_t index = 0; index < cfBlobDataSelf.size; index++) {
977 data[index] = (cfBlobDataSelf.data[index]) ? 0 : 1;
978 }
979 cfBlobDataParam.size = cfBlobDataSelf.size;
980 cfBlobDataParam.data = data;
981 HcfX509CertMatchParams matchParams;
982 matchParams.keyUsage = &cfBlobDataParam;
983 ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
984 EXPECT_EQ(ret, CF_SUCCESS);
985 EXPECT_EQ(bResult, false);
986
987 CfFree(data);
988 CfBlobDataClearAndFree(&cfBlobDataSelf);
989 }
990
991 /* HcfX509CertMatchParams's serialNumber is equals to self's */
992 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest022, TestSize.Level0)
993 {
994 ASSERT_NE(g_x509CertObj, nullptr);
995 // Serial Number: 272 (0x110)
996 uint8_t testSn[] = { 0x01, 0x10 };
997 CfBlob testSnBlob = { sizeof(testSn) / sizeof(testSn[0]), testSn };
998 HcfX509CertMatchParams matchParams;
999 matchParams.serialNumber = &testSnBlob;
1000
1001 bool bResult = true;
1002 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1003 EXPECT_EQ(ret, CF_SUCCESS);
1004 EXPECT_EQ(bResult, true);
1005 }
1006
1007 /* HcfX509CertMatchParams's serialNumber is not equals to self's */
1008 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest023, TestSize.Level0)
1009 {
1010 ASSERT_NE(g_x509CertObj, nullptr);
1011 // Serial Number: 272 (0x110)
1012 uint8_t testSn[] = { 0x01, 0x11 };
1013 CfBlob testSnBlob = { sizeof(testSn) / sizeof(testSn[0]), testSn };
1014 HcfX509CertMatchParams matchParams;
1015 matchParams.serialNumber = &testSnBlob;
1016
1017 bool bResult = true;
1018 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1019 EXPECT_EQ(ret, CF_SUCCESS);
1020 EXPECT_EQ(bResult, false);
1021 }
1022
1023 /* HcfX509CertMatchParams's public key is valid */
1024 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest024, TestSize.Level0)
1025 {
1026 ASSERT_NE(g_x509CertObj, nullptr);
1027 bool bResult = true;
1028 CfBlob cfBlobDataParam = { 0 };
1029 cfBlobDataParam.data = reinterpret_cast<uint8_t *>(const_cast<uint8_t *>(&g_testPublicKeyDerData[0]));
1030 cfBlobDataParam.size = g_testPublicKeyDerDataSize;
1031
1032 HcfX509CertMatchParams matchParams;
1033 matchParams.publicKey = &cfBlobDataParam;
1034 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1035 EXPECT_EQ(ret, CF_SUCCESS);
1036 EXPECT_EQ(bResult, true);
1037 }
1038
1039 /* HcfX509CertMatchParams's public key is invalid */
1040 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest025, TestSize.Level0)
1041 {
1042 ASSERT_NE(g_x509CertObj, nullptr);
1043 bool bResult = true;
1044 CfBlob cfBlobDataParam = { 0 };
1045 cfBlobDataParam.data = const_cast<uint8_t *>(g_testSubjectAndIssuerNameDerData);
1046 cfBlobDataParam.size = g_testSubjectAndIssuerNameDerDataSize;
1047
1048 HcfX509CertMatchParams matchParams;
1049 matchParams.publicKey = &cfBlobDataParam;
1050 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1051 EXPECT_EQ(ret, CF_SUCCESS);
1052 EXPECT_EQ(bResult, false);
1053 }
1054
1055 /* HcfX509CertMatchParams's public key algorithm oid is valid */
1056 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest026, TestSize.Level0)
1057 {
1058 ASSERT_NE(g_x509CertObj, nullptr);
1059 bool bResult = true;
1060 const char *data = "1.2.840.113549.1.1.1";
1061 CfBlob cfBlobDataParam = { 0 };
1062 cfBlobDataParam.data = reinterpret_cast<uint8_t *>(const_cast<char *>(data));
1063 cfBlobDataParam.size = strlen(data) + 1;
1064 HcfX509CertMatchParams matchParams;
1065 matchParams.publicKeyAlgID = &cfBlobDataParam;
1066 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1067 EXPECT_EQ(ret, CF_SUCCESS);
1068 EXPECT_EQ(bResult, true);
1069 }
1070
1071 /* HcfX509CertMatchParams's public key algorithm oid is invalid */
1072 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest027, TestSize.Level0)
1073 {
1074 ASSERT_NE(g_x509CertObj, nullptr);
1075 bool bResult = true;
1076 const char *data = "3.1.4.1.5.926";
1077 CfBlob cfBlobDataParam = { 0 };
1078 cfBlobDataParam.data = reinterpret_cast<uint8_t *>(const_cast<char *>(data));
1079 cfBlobDataParam.size = strlen(data) + 1;
1080 HcfX509CertMatchParams matchParams;
1081 matchParams.publicKeyAlgID = &cfBlobDataParam;
1082 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1083 EXPECT_EQ(ret, CF_SUCCESS);
1084 EXPECT_EQ(bResult, false);
1085 }
1086
1087 /* HcfX509CertMatchParams's public key algorithm oid is empty */
1088 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest028, TestSize.Level0)
1089 {
1090 ASSERT_NE(g_x509CertObj, nullptr);
1091 bool bResult = true;
1092 string emptyData = "";
1093 const char *data = emptyData.c_str();
1094 CfBlob cfBlobDataParam = { 0 };
1095 cfBlobDataParam.data = reinterpret_cast<uint8_t *>(const_cast<char *>(data));
1096 cfBlobDataParam.size = strlen(data) + 1;
1097 HcfX509CertMatchParams matchParams;
1098 matchParams.publicKeyAlgID = &cfBlobDataParam;
1099 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1100 EXPECT_EQ(ret, CF_SUCCESS);
1101 EXPECT_EQ(bResult, false);
1102 }
1103
1104 /* HcfX509CertMatchParams's subject length is 0 */
1105 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest029, TestSize.Level0)
1106 {
1107 ASSERT_NE(g_x509CertObj, nullptr);
1108 bool bResult = true;
1109 CfBlob cfBlobDataParam = { 0 };
1110 cfBlobDataParam.data = reinterpret_cast<uint8_t *>(const_cast<char *>(&g_deviceTestCert[0]));
1111 cfBlobDataParam.size = 0;
1112
1113 HcfX509CertMatchParams matchParams;
1114 matchParams.subject = &cfBlobDataParam;
1115 CfResult ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1116 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1117 }
1118
1119 /* match all params */
1120 HWTEST_F(CryptoX509CertificateTest, MatchX509CertTest030, TestSize.Level0)
1121 {
1122 ASSERT_NE(g_x509CertObj, nullptr);
1123 bool bResult = true;
1124 HcfX509CertMatchParams matchParams;
1125 CfBlob cfDataSubject = { 0 };
1126 cfDataSubject.data = const_cast<uint8_t *>(&g_testSubjectAndIssuerNameDerData[0]);
1127 cfDataSubject.size = g_testSubjectAndIssuerNameDerDataSize;
1128 const char *date = "20220819124906Z";
1129 CfBlob validDate = { 0 };
1130 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1131 validDate.size = strlen(date) + 1;
1132 CfBlob cfDataIssuer = { 0 };
1133 cfDataIssuer.data = const_cast<uint8_t *>(&g_testSubjectAndIssuerNameDerData[0]);
1134 cfDataIssuer.size = g_testSubjectAndIssuerNameDerDataSize;
1135 CfBlob cfDataKeyUsage = { 0 };
1136 CfResult ret = g_x509CertObj->getKeyUsage(g_x509CertObj, &cfDataKeyUsage);
1137 uint8_t testSn[] = { 0x01, 0x10 };
1138 CfBlob testSnBlob = { sizeof(testSn) / sizeof(testSn[0]), testSn };
1139 CfBlob cfDataPublicKey = { 0 };
1140 cfDataPublicKey.data = const_cast<uint8_t *>(&g_testPublicKeyDerData[0]);
1141 cfDataPublicKey.size = g_testPublicKeyDerDataSize;
1142 const char *dataOid = "1.2.840.113549.1.1.1";
1143 CfBlob cfDataPublicKeyAlgID = { 0 };
1144 cfDataPublicKeyAlgID.data = reinterpret_cast<uint8_t *>(const_cast<char *>(dataOid));
1145 cfDataPublicKeyAlgID.size = strlen(dataOid) + 1;
1146
1147 matchParams.x509Cert = &(g_x509CertObj->base);
1148 matchParams.subject = &cfDataSubject;
1149 matchParams.validDate = &validDate;
1150 matchParams.issuer = &cfDataIssuer;
1151 matchParams.keyUsage = &cfDataKeyUsage;
1152 matchParams.serialNumber = &testSnBlob;
1153 matchParams.publicKey = &cfDataPublicKey;
1154 matchParams.publicKeyAlgID = &cfDataPublicKeyAlgID;
1155 ret = g_x509CertObj->match(g_x509CertObj, &matchParams, &bResult);
1156 EXPECT_EQ(ret, CF_SUCCESS);
1157 EXPECT_EQ(bResult, true);
1158
1159 CfFree(cfDataKeyUsage.data);
1160 }
1161
1162 HWTEST_F(CryptoX509CertificateTest, DeepCopyDataToBlobTest001, TestSize.Level0)
1163 {
1164 SetMockFlag(true);
1165 CfResult ret = DeepCopyDataToBlob(nullptr, 0, nullptr);
1166 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1167 SetMockFlag(false);
1168 }
1169
1170 HWTEST_F(CryptoX509CertificateTest, DeepCopyBlobToBlobTest001, TestSize.Level0)
1171 {
1172 CfResult ret = DeepCopyBlobToBlob(nullptr, nullptr);
1173 EXPECT_EQ(ret, CF_SUCCESS);
1174 }
1175
1176 HWTEST_F(CryptoX509CertificateTest, DeepCopyBlobToBlobTest002, TestSize.Level0)
1177 {
1178 CfBlob inBlob = { 0 };
1179 CfBlob *outBlob = nullptr;
1180 SetMockFlag(true);
1181 CfResult ret = DeepCopyBlobToBlob(&inBlob, &outBlob);
1182 EXPECT_EQ(ret, CF_ERR_MALLOC);
1183 SetMockFlag(false);
1184 }
1185
1186 HWTEST_F(CryptoX509CertificateTest, CopyExtensionsToBlobTest001, TestSize.Level0)
1187 {
1188 CfBlob outBlob = { 0 };
1189
1190 X509_EXTENSIONS *exts = sk_X509_EXTENSION_new_null();
1191
1192 CfResult ret = CopyExtensionsToBlob(exts, &outBlob);
1193 EXPECT_EQ(ret, CF_SUCCESS);
1194
1195 sk_X509_EXTENSION_free(exts);
1196 }
1197
1198 /* ConvertNameDerDataToString : data is nullptr */
1199 HWTEST_F(CryptoX509CertificateTest, ConvertNameDerDataToStringTest001, TestSize.Level0)
1200 {
1201 uint32_t derLen = 10;
1202 CfBlob out = { 0, nullptr };
1203 CfResult ret = ConvertNameDerDataToString(nullptr, derLen, &out);
1204 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1205 }
1206
1207 /* ConvertNameDerDataToString : out is nullptr */
1208 HWTEST_F(CryptoX509CertificateTest, ConvertNameDerDataToStringTest002, TestSize.Level0)
1209 {
1210 const char *data = "abc";
1211 uint32_t derLen = 10;
1212 CfResult ret = ConvertNameDerDataToString((const unsigned char *)&data, derLen, nullptr);
1213 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1214 }
1215
1216 /* ConvertNameDerDataToString : derLen = 0 */
1217 HWTEST_F(CryptoX509CertificateTest, ConvertNameDerDataToStringTest003, TestSize.Level0)
1218 {
1219 const char *data = "abc";
1220 CfBlob out = { 0, nullptr };
1221 CfResult ret = ConvertNameDerDataToString((const unsigned char *)&data, 0, &out);
1222 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1223 }
1224
1225 /* ConvertNameDerDataToString : The incoming DER data is valid */
1226 HWTEST_F(CryptoX509CertificateTest, ConvertNameDerDataToStringTest004, TestSize.Level0)
1227 {
1228 const unsigned char data[] = { 0x30, 0x1A, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45,
1229 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41 };
1230 uint32_t derLen = sizeof(data);
1231 CfBlob out = { 0, nullptr };
1232
1233 CfResult ret = ConvertNameDerDataToString((const unsigned char *)&data, derLen, &out);
1234 EXPECT_EQ(ret, CF_SUCCESS);
1235 EXPECT_NE(out.data, nullptr);
1236 CfBlobDataClearAndFree(&out);
1237 }
1238
1239 /* ConvertNameDerDataToString : The incoming data is the issuer of the DER certificate */
1240 HWTEST_F(CryptoX509CertificateTest, ConvertNameDerDataToStringTest005, TestSize.Level0)
1241 {
1242 const unsigned char data[] = { 0x30, 0x1A, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45,
1243 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41 };
1244 uint32_t derLen = sizeof(data);
1245 CfBlob out = { 0, nullptr };
1246
1247 CfResult ret = ConvertNameDerDataToString((const unsigned char *)&data, derLen, &out);
1248 EXPECT_EQ(ret, CF_SUCCESS);
1249 EXPECT_NE(out.data, nullptr);
1250 CfBlobDataClearAndFree(&out);
1251 }
1252
1253 /* ConvertNameDerDataToString : The incoming data is the subject of the DER certificate */
1254 HWTEST_F(CryptoX509CertificateTest, ConvertNameDerDataToStringTest006, TestSize.Level0)
1255 {
1256 const unsigned char data[] = { 0x30, 0x1A, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x45,
1257 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41 };
1258 uint32_t derLen = sizeof(data);
1259 CfBlob out = { 0, nullptr };
1260
1261 CfResult ret = ConvertNameDerDataToString((const unsigned char *)&data, derLen, &out);
1262 EXPECT_EQ(ret, CF_SUCCESS);
1263 EXPECT_NE(out.data, nullptr);
1264 CfBlobDataClearAndFree(&out);
1265 }
1266
1267 /* ConvertNameDerDataToString : d2i_X509_NAME is NULL */
1268 HWTEST_F(CryptoX509CertificateTest, ConvertNameDerDataToStringTest007, TestSize.Level0)
1269 {
1270 const char *data = "abc";
1271 uint32_t derLen = sizeof(data);
1272 CfBlob out = { 0, nullptr };
1273
1274 CfResult ret = ConvertNameDerDataToString((const unsigned char *)&data, derLen, &out);
1275 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1276 }
1277
1278 HWTEST_F(CryptoX509CertificateTest, ConvertNameDerDataToStringTest008, TestSize.Level0)
1279 {
1280 const unsigned char data[] = "error data";
1281 uint32_t derLen = sizeof(data);
1282 CfBlob out = { 0, nullptr };
1283 CfResult ret = ConvertNameDerDataToString(data, derLen, &out);
1284 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1285 }
1286
1287 /* CompareBigNum : CfBlob lhs and CfBlob rhs is NULL */
1288 HWTEST_F(CryptoX509CertificateTest, CompareBigNumTest001, TestSize.Level0)
1289 {
1290 CfBlob lhs = { 0 };
1291 CfBlob rhs = { 0 };
1292 lhs.data = (unsigned char *)"1234567890";
1293 lhs.size = 10;
1294 rhs.data = (unsigned char *)"4567890123";
1295 rhs.size = 10;
1296 int out;
1297
1298 lhs.data = nullptr;
1299 rhs.data = nullptr;
1300 CfResult ret = CompareBigNum(&lhs, &rhs, &out);
1301 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1302 }
1303
1304 /* CompareBigNum : CfBlob lhs and CfBlob rhs is NULL */
1305 HWTEST_F(CryptoX509CertificateTest, CompareBigNumTest002, TestSize.Level0)
1306 {
1307 CfBlob lhs = { 0 };
1308 CfBlob rhs = { 0 };
1309 lhs.data = (unsigned char *)"1234567890";
1310 lhs.size = 0;
1311 rhs.data = (unsigned char *)"4567890123";
1312 rhs.size = 0;
1313 int out;
1314
1315 CfResult ret = CompareBigNum(&lhs, &rhs, &out);
1316 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1317 }
1318
1319 /* CompareBigNum : CfBlob lhs and CfBlob rhs parameters are valid and of equal size */
1320 HWTEST_F(CryptoX509CertificateTest, CompareBigNumTest003, TestSize.Level0)
1321 {
1322 CfBlob lhs = { 0 };
1323 uint8_t testBigNum1[] = { 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1324 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x01 };
1325 lhs.data = testBigNum1;
1326 lhs.size = sizeof(lhs.data);
1327 int out;
1328
1329 CfResult ret = CompareBigNum(&lhs, &lhs, &out);
1330 EXPECT_EQ(ret, CF_SUCCESS);
1331 EXPECT_EQ(out, 0);
1332 }
1333
1334 /* CompareBigNum : CfBlob lhs and CfBlob rhs parameters are valid and have different sizes */
1335 HWTEST_F(CryptoX509CertificateTest, CompareBigNumTest004, TestSize.Level0)
1336 {
1337 CfBlob lhs = { 0 };
1338 CfBlob rhs = { 0 };
1339 uint8_t testBigNum1[] = { 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1340 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x01 };
1341 uint8_t testBigNum2[] = { 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1342 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x02 };
1343 lhs.data = testBigNum1;
1344 lhs.size = sizeof(testBigNum1) / sizeof(testBigNum1[0]);
1345 rhs.data = testBigNum2;
1346 rhs.size = sizeof(testBigNum2) / sizeof(testBigNum2[0]);
1347 EXPECT_EQ(lhs.size, rhs.size);
1348 int out;
1349
1350 CfResult ret = CompareBigNum(&lhs, &rhs, &out);
1351 EXPECT_EQ(ret, CF_SUCCESS);
1352 EXPECT_EQ(out < 0, true);
1353 ret = CompareBigNum(&rhs, &lhs, &out);
1354 EXPECT_EQ(ret, CF_SUCCESS);
1355 EXPECT_EQ(out > 0, true);
1356 }
1357
1358 /* CompareBigNum : CfBlob lhs and CfBlob rhs parameters are valid but conversion to large number failed */
1359 HWTEST_F(CryptoX509CertificateTest, CompareBigNumTest005, TestSize.Level0)
1360 {
1361 CfBlob lhs = { 0 };
1362 uint8_t testBigNum1[] = { 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1363 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x01 };
1364 lhs.data = testBigNum1;
1365 lhs.size = ~0;
1366 int out;
1367
1368 CfResult ret = CompareBigNum(&lhs, &lhs, &out);
1369 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1370 }
1371
1372 /* CompareBigNum : CfBlob lhs and CfBlob rhs parameters are valid but conversion to large number failed */
1373 HWTEST_F(CryptoX509CertificateTest, CompareBigNumTest006, TestSize.Level0)
1374 {
1375 CfBlob lhs = { 0 };
1376 CfBlob rhs = { 0 };
1377 lhs.data = (unsigned char *)"1234567890";
1378 lhs.size = 0;
1379 rhs.data = (unsigned char *)"4567890123";
1380 rhs.size = 10;
1381 int out;
1382
1383 lhs.data = nullptr;
1384 CfResult ret = CompareBigNum(&lhs, &rhs, &out);
1385 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1386 }
1387
1388 /* CompareBigNum : CfBlob lhs and CfBlob rhs parameters are valid but conversion to large number failed */
1389 HWTEST_F(CryptoX509CertificateTest, CompareBigNumTest007, TestSize.Level0)
1390 {
1391 CfBlob lhs = { 0 };
1392 CfBlob rhs = { 0 };
1393 lhs.data = (unsigned char *)"1234567890";
1394 lhs.size = 10;
1395 rhs.data = (unsigned char *)"4567890123";
1396 rhs.size = 0;
1397 int out;
1398
1399 rhs.data = nullptr;
1400 CfResult ret = CompareBigNum(&lhs, &rhs, &out);
1401 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1402 }
1403
1404 HWTEST_F(CryptoX509CertificateTest, CompareBigNumTest008, TestSize.Level0)
1405 {
1406 CfBlob lhs = { 0 };
1407 CfBlob rhs = { 0 };
1408 uint8_t testBigNum1[] = { 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1409 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x01 };
1410 uint8_t testBigNum2[] = { 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1411 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x02 };
1412 lhs.data = testBigNum1;
1413 lhs.size = sizeof(testBigNum1) / sizeof(testBigNum1[0]);
1414 rhs.data = testBigNum2;
1415 rhs.size = ~0;
1416 int out;
1417
1418 CfResult ret = CompareBigNum(&lhs, &rhs, &out);
1419 EXPECT_EQ(ret, CF_INVALID_PARAMS);
1420 }
1421
1422 /* GetX509EncodedDataStream : certificate is NULL */
1423 HWTEST_F(CryptoX509CertificateTest, GetX509EncodedDataStreamTest001, TestSize.Level0)
1424 {
1425 int dataLength;
1426
1427 uint8_t *ret = GetX509EncodedDataStream(nullptr, &dataLength);
1428 EXPECT_EQ(ret, nullptr);
1429 }
1430
1431 HWTEST_F(CryptoX509CertificateTest, GetX509EncodedDataStreamTest002, TestSize.Level0)
1432 {
1433 int dataLength;
1434 X509 *certificate = nullptr;
1435 BIO *bio = BIO_new_mem_buf(g_testCertChainPemMid, sizeof(g_testCertChainPemMid));
1436 EXPECT_NE(bio, nullptr);
1437 certificate = PEM_read_bio_X509(bio, nullptr, nullptr, nullptr);
1438 BIO_free(bio);
1439
1440 SetMockFlag(true);
1441 uint8_t *ret = GetX509EncodedDataStream(certificate, &dataLength);
1442 EXPECT_EQ(ret, nullptr);
1443 SetMockFlag(false);
1444 X509_free(certificate);
1445 }
1446
1447 HWTEST_F(CryptoX509CertificateTest, NullInput, TestSize.Level0)
1448 {
1449 (void)HcfX509CertificateCreate(nullptr, nullptr);
1450 HcfPubKey *keyOut = nullptr;
1451 CfResult ret = g_x509CertObj->base.getPublicKey(reinterpret_cast<HcfCertificate *>(g_x509CertObj),
1452 (void **)&keyOut);
1453 EXPECT_EQ(ret, CF_SUCCESS);
1454 EXPECT_NE(keyOut, nullptr);
1455 (void)g_x509CertObj->base.base.destroy(nullptr);
1456 (void)keyOut->base.getAlgorithm(&(keyOut->base));
1457 (void)keyOut->base.getEncoded(&(keyOut->base), nullptr);
1458 (void)keyOut->base.getFormat(&(keyOut->base));
1459 ret = g_x509CertObj->base.verify(nullptr, nullptr);
1460 EXPECT_NE(ret, CF_SUCCESS);
1461 ret = g_x509CertObj->base.getEncoded(nullptr, nullptr);
1462 EXPECT_NE(ret, CF_SUCCESS);
1463 ret = g_x509CertObj->base.getPublicKey(nullptr, nullptr);
1464 EXPECT_NE(ret, CF_SUCCESS);
1465 (void)g_x509CertObj->checkValidityWithDate(nullptr, nullptr);
1466 (void)g_x509CertObj->getVersion(nullptr);
1467 (void)g_x509CertObj->getSerialNumber(nullptr, nullptr);
1468 (void)g_x509CertObj->getIssuerName(nullptr, nullptr);
1469 (void)g_x509CertObj->getSubjectName(nullptr, nullptr);
1470 (void)g_x509CertObj->getNotBeforeTime(nullptr, nullptr);
1471 (void)g_x509CertObj->getNotAfterTime(nullptr, nullptr);
1472 (void)g_x509CertObj->getSignature(nullptr, nullptr);
1473 (void)g_x509CertObj->getSignatureAlgName(nullptr, nullptr);
1474 (void)g_x509CertObj->getSignatureAlgOid(nullptr, nullptr);
1475 (void)g_x509CertObj->getSignatureAlgParams(nullptr, nullptr);
1476 (void)g_x509CertObj->getKeyUsage(nullptr, nullptr);
1477 (void)g_x509CertObj->getExtKeyUsage(nullptr, nullptr);
1478 (void)g_x509CertObj->getBasicConstraints(nullptr);
1479 (void)g_x509CertObj->getSubjectAltNames(nullptr, nullptr);
1480 (void)g_x509CertObj->getIssuerAltNames(nullptr, nullptr);
1481 CfObjDestroy(keyOut);
1482 }
1483
1484 HWTEST_F(CryptoX509CertificateTest, NullInput002, TestSize.Level0)
1485 {
1486 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PEM };
1487 HcfX509Certificate *x509Cert = nullptr;
1488 (void)HcfX509CertificateCreate(&inStream, &x509Cert); /* inStream.data is nullptr */
1489
1490 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
1491 inStream.len = HCF_MAX_BUFFER_LEN + 1;
1492 (void)HcfX509CertificateCreate(&inStream, &x509Cert); /* inStream.len is bigger than HCF_MAX_BUFFER_LEN */
1493
1494 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
1495 (void)HcfX509CertificateCreate(&inStream, nullptr); /* inStream is valid */
1496
1497 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
1498 ASSERT_EQ(ret, CF_SUCCESS);
1499
1500 (void)x509Cert->base.getPublicKey(reinterpret_cast<HcfCertificate *>(x509Cert), nullptr);
1501 (void)x509Cert->checkValidityWithDate(x509Cert, nullptr);
1502 (void)x509Cert->getSerialNumber(x509Cert, nullptr);
1503 (void)x509Cert->getIssuerName(x509Cert, nullptr);
1504 (void)x509Cert->getSubjectName(x509Cert, nullptr);
1505 (void)x509Cert->getNotBeforeTime(x509Cert, nullptr);
1506 (void)x509Cert->getNotAfterTime(x509Cert, nullptr);
1507 (void)x509Cert->getSignature(x509Cert, nullptr);
1508 (void)x509Cert->getSignatureAlgName(x509Cert, nullptr);
1509 (void)x509Cert->getSignatureAlgOid(x509Cert, nullptr);
1510 (void)x509Cert->getSignatureAlgParams(x509Cert, nullptr);
1511 (void)x509Cert->getKeyUsage(x509Cert, nullptr);
1512 (void)x509Cert->getExtKeyUsage(x509Cert, nullptr);
1513 (void)x509Cert->getSubjectAltNames(x509Cert, nullptr);
1514 (void)x509Cert->getIssuerAltNames(x509Cert, nullptr);
1515 CfObjDestroy(x509Cert);
1516 }
1517
1518 HWTEST_F(CryptoX509CertificateTest, NullSpiInput, TestSize.Level0)
1519 {
1520 HcfX509CertificateSpi *spiObj = nullptr;
1521 CfEncodingBlob inStream = { 0 };
1522 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
1523 inStream.encodingFormat = CF_FORMAT_PEM;
1524 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
1525 (void)OpensslX509CertSpiCreate(nullptr, nullptr);
1526 CfResult ret = OpensslX509CertSpiCreate(&inStream, &spiObj);
1527 EXPECT_EQ(ret, CF_SUCCESS);
1528 EXPECT_NE(spiObj, nullptr);
1529 (void)spiObj->base.destroy(nullptr);
1530 ret = spiObj->engineVerify(nullptr, nullptr);
1531 ret = spiObj->engineGetEncoded(nullptr, nullptr);
1532 ret = spiObj->engineGetPublicKey(nullptr, nullptr);
1533 EXPECT_NE(ret, CF_SUCCESS);
1534 ret = spiObj->engineCheckValidityWithDate(nullptr, nullptr);
1535 EXPECT_NE(ret, CF_SUCCESS);
1536 long ver = spiObj->engineGetVersion(nullptr);
1537 EXPECT_EQ(ver, -1);
1538 ret = spiObj->engineGetSerialNumber(nullptr, nullptr);
1539 ret = spiObj->engineGetIssuerName(nullptr, nullptr);
1540 ret = spiObj->engineGetSubjectName(nullptr, nullptr);
1541 ret = spiObj->engineGetNotBeforeTime(nullptr, nullptr);
1542 ret = spiObj->engineGetNotAfterTime(nullptr, nullptr);
1543 ret = spiObj->engineGetSignature(nullptr, nullptr);
1544 ret = spiObj->engineGetSignatureAlgName(nullptr, nullptr);
1545 ret = spiObj->engineGetSignatureAlgOid(nullptr, nullptr);
1546 ret = spiObj->engineGetSignatureAlgParams(nullptr, nullptr);
1547 ret = spiObj->engineGetKeyUsage(nullptr, nullptr);
1548 ret = spiObj->engineGetExtKeyUsage(nullptr, nullptr);
1549 EXPECT_NE(ret, CF_SUCCESS);
1550 long basicLen = spiObj->engineGetBasicConstraints(nullptr);
1551 EXPECT_EQ(basicLen, -1);
1552 ret = spiObj->engineGetSubjectAltNames(nullptr, nullptr);
1553 EXPECT_NE(ret, CF_SUCCESS);
1554 ret = spiObj->engineGetIssuerAltNames(nullptr, nullptr);
1555 EXPECT_NE(ret, CF_SUCCESS);
1556 bool bResutlt = true;
1557 HcfX509CertMatchParams matchParams;
1558 ret = spiObj->engineMatch(nullptr, &matchParams, &bResutlt);
1559 EXPECT_NE(ret, CF_SUCCESS);
1560 CfObjDestroy(spiObj);
1561 }
1562
1563 HWTEST_F(CryptoX509CertificateTest, NullSpiInput002, TestSize.Level0)
1564 {
1565 HcfX509CertificateSpi *spiObj = nullptr;
1566 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PEM };
1567 (void)OpensslX509CertSpiCreate(&inStream, &spiObj);
1568
1569 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
1570 inStream.encodingFormat = CF_FORMAT_PEM;
1571 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
1572 (void)OpensslX509CertSpiCreate(&inStream, nullptr);
1573 CfResult ret = OpensslX509CertSpiCreate(&inStream, &spiObj);
1574 ASSERT_EQ(ret, CF_SUCCESS);
1575 ret = spiObj->engineVerify(spiObj, nullptr);
1576 ret = spiObj->engineGetEncoded(spiObj, nullptr);
1577 ret = spiObj->engineGetPublicKey(spiObj, nullptr);
1578 ret = spiObj->engineCheckValidityWithDate(spiObj, nullptr);
1579 ret = spiObj->engineGetSerialNumber(spiObj, nullptr);
1580 ret = spiObj->engineGetIssuerName(spiObj, nullptr);
1581 ret = spiObj->engineGetSubjectName(spiObj, nullptr);
1582 ret = spiObj->engineGetNotBeforeTime(spiObj, nullptr);
1583 ret = spiObj->engineGetNotAfterTime(spiObj, nullptr);
1584 ret = spiObj->engineGetSignature(spiObj, nullptr);
1585 ret = spiObj->engineGetSignatureAlgName(spiObj, nullptr);
1586 ret = spiObj->engineGetSignatureAlgOid(spiObj, nullptr);
1587 ret = spiObj->engineGetSignatureAlgParams(spiObj, nullptr);
1588 ret = spiObj->engineGetKeyUsage(spiObj, nullptr);
1589 ret = spiObj->engineGetExtKeyUsage(spiObj, nullptr);
1590 ret = spiObj->engineGetSubjectAltNames(spiObj, nullptr);
1591 ret = spiObj->engineGetIssuerAltNames(spiObj, nullptr);
1592 EXPECT_NE(ret, CF_SUCCESS);
1593 bool bResutlt = true;
1594 HcfX509CertMatchParams matchParams;
1595 ret = spiObj->engineMatch(spiObj, nullptr, &bResutlt);
1596 EXPECT_NE(ret, CF_SUCCESS);
1597 ret = spiObj->engineMatch(spiObj, &matchParams, nullptr);
1598 EXPECT_NE(ret, CF_SUCCESS);
1599 CfObjDestroy(spiObj);
1600 }
1601
1602 /* HcfX509CertMatchParams's public key is valid, but the operation is error! */
1603 HWTEST_F(CryptoX509CertificateTest, NullSpiInput003, TestSize.Level0)
1604 {
1605 HcfX509CertificateSpi *spiObj = nullptr;
1606 CfEncodingBlob inStream = { 0 };
1607 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
1608 inStream.encodingFormat = CF_FORMAT_PEM;
1609 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
1610 CfResult ret = OpensslX509CertSpiCreate(&inStream, &spiObj);
1611 EXPECT_EQ(ret, CF_SUCCESS);
1612 EXPECT_NE(spiObj, nullptr);
1613
1614 HcfOpensslX509Cert *realCert = reinterpret_cast<HcfOpensslX509Cert *>(spiObj);
1615 X509 *bk = realCert->x509;
1616 realCert->x509 = nullptr;
1617
1618 CfBlob cfBlobDataParam = { 0 };
1619 cfBlobDataParam.data = (uint8_t *)(&g_testPublicKeyDerData[0]);
1620 cfBlobDataParam.size = g_testPublicKeyDerDataSize;
1621 HcfX509CertMatchParams matchParams;
1622 matchParams.publicKey = &cfBlobDataParam;
1623 bool bResult = false;
1624 ret = spiObj->engineMatch(spiObj, &matchParams, &bResult);
1625 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1626
1627 realCert->x509 = bk;
1628 CfObjDestroy(spiObj);
1629 }
1630
1631 HWTEST_F(CryptoX509CertificateTest, InvalidSpiClass, TestSize.Level0)
1632 {
1633 HcfX509CertificateSpi *spiObj = nullptr;
1634 HcfX509CertificateSpi invalidSpi = { { 0 } };
1635 invalidSpi.base.getClass = GetInvalidCertClass;
1636 CfBlob invalidOut = { 0 };
1637 CfEncodingBlob inStream = { 0 };
1638 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
1639 inStream.encodingFormat = CF_FORMAT_PEM;
1640 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
1641 CfResult ret = OpensslX509CertSpiCreate(&inStream, &spiObj);
1642 EXPECT_EQ(ret, CF_SUCCESS);
1643 EXPECT_NE(spiObj, nullptr);
1644 (void)spiObj->base.destroy(&(invalidSpi.base));
1645 HcfPubKey pubKey;
1646 ret = spiObj->engineVerify(&invalidSpi, &pubKey);
1647 EXPECT_NE(ret, CF_SUCCESS);
1648 ret = spiObj->engineGetEncoded(&invalidSpi, &inStream);
1649 EXPECT_NE(ret, CF_SUCCESS);
1650 HcfPubKey *pubKeyOut = nullptr;
1651 ret = spiObj->engineGetPublicKey(&invalidSpi, &pubKeyOut);
1652 EXPECT_NE(ret, CF_SUCCESS);
1653 const char *date = "2020";
1654 ret = spiObj->engineCheckValidityWithDate(&invalidSpi, date);
1655 EXPECT_NE(ret, CF_SUCCESS);
1656 long ver = spiObj->engineGetVersion(&invalidSpi);
1657 EXPECT_EQ(ver, -1);
1658 ret = spiObj->engineGetSerialNumber(&invalidSpi, &invalidOut);
1659 ret = spiObj->engineGetIssuerName(&invalidSpi, &invalidOut);
1660 ret = spiObj->engineGetSubjectName(&invalidSpi, &invalidOut);
1661 ret = spiObj->engineGetNotBeforeTime(&invalidSpi, &invalidOut);
1662 ret = spiObj->engineGetNotAfterTime(&invalidSpi, &invalidOut);
1663 ret = spiObj->engineGetSignature(&invalidSpi, &invalidOut);
1664 ret = spiObj->engineGetSignatureAlgName(&invalidSpi, &invalidOut);
1665 ret = spiObj->engineGetSignatureAlgOid(&invalidSpi, &invalidOut);
1666 ret = spiObj->engineGetSignatureAlgParams(&invalidSpi, &invalidOut);
1667 ret = spiObj->engineGetKeyUsage(&invalidSpi, &invalidOut);
1668 CfArray invalidArr = { 0 };
1669 ret = spiObj->engineGetExtKeyUsage(&invalidSpi, &invalidArr);
1670 long basicLen = spiObj->engineGetBasicConstraints(&invalidSpi);
1671 EXPECT_EQ(basicLen, -1);
1672 ret = spiObj->engineGetSubjectAltNames(&invalidSpi, &invalidArr);
1673 ret = spiObj->engineGetIssuerAltNames(&invalidSpi, &invalidArr);
1674 EXPECT_NE(ret, CF_SUCCESS);
1675 bool bResutlt = true;
1676 HcfX509CertMatchParams matchParams;
1677 ret = spiObj->engineMatch(&invalidSpi, &matchParams, &bResutlt);
1678 EXPECT_NE(ret, CF_SUCCESS);
1679
1680 CfObjDestroy(spiObj);
1681 }
1682
1683 HWTEST_F(CryptoX509CertificateTest, InvalidCertClass, TestSize.Level0)
1684 {
1685 HcfX509Certificate invalidCert;
1686 invalidCert.base.base.getClass = GetInvalidCertClass;
1687 CfBlob invalidOut = { 0 };
1688
1689 CfEncodingBlob inStream = { 0 };
1690 HcfPubKey keyOut;
1691 g_x509CertObj->base.base.destroy(&(invalidCert.base.base));
1692 CfResult ret = g_x509CertObj->base.verify(&(invalidCert.base), &keyOut);
1693 EXPECT_NE(ret, CF_SUCCESS);
1694 ret = g_x509CertObj->base.getEncoded(&(invalidCert.base), &inStream);
1695 EXPECT_NE(ret, CF_SUCCESS);
1696 HcfPubKey *pubKeyOut = nullptr;
1697 ret = g_x509CertObj->base.getPublicKey(&(invalidCert.base), (void **)&pubKeyOut);
1698 EXPECT_NE(ret, CF_SUCCESS);
1699 const char *date = "2020";
1700 ret = g_x509CertObj->checkValidityWithDate(&invalidCert, date);
1701 long ver = g_x509CertObj->getVersion(&invalidCert);
1702 EXPECT_EQ(ver, -1);
1703 ret = g_x509CertObj->getSerialNumber(&invalidCert, &invalidOut);
1704 ret = g_x509CertObj->getIssuerName(&invalidCert, &invalidOut);
1705 ret = g_x509CertObj->getSubjectName(&invalidCert, &invalidOut);
1706 ret = g_x509CertObj->getNotBeforeTime(&invalidCert, &invalidOut);
1707 ret = g_x509CertObj->getNotAfterTime(&invalidCert, &invalidOut);
1708 ret = g_x509CertObj->getSignature(&invalidCert, &invalidOut);
1709 ret = g_x509CertObj->getSignatureAlgName(&invalidCert, &invalidOut);
1710 ret = g_x509CertObj->getSignatureAlgOid(&invalidCert, &invalidOut);
1711 ret = g_x509CertObj->getSignatureAlgParams(&invalidCert, &invalidOut);
1712 ret = g_x509CertObj->getKeyUsage(&invalidCert, &invalidOut);
1713 CfArray invalidArr = { 0 };
1714 ret = g_x509CertObj->getExtKeyUsage(&invalidCert, &invalidArr);
1715 long basicLen = g_x509CertObj->getBasicConstraints(&invalidCert);
1716 EXPECT_EQ(basicLen, -1);
1717 ret = g_x509CertObj->getSubjectAltNames(&invalidCert, &invalidArr);
1718 ret = g_x509CertObj->getIssuerAltNames(&invalidCert, &invalidArr);
1719 EXPECT_NE(ret, CF_SUCCESS);
1720 }
1721
1722 HWTEST_F(CryptoX509CertificateTest, InvalidMalloc, TestSize.Level0)
1723 {
1724 SetMockFlag(true);
1725 HcfX509Certificate *x509Cert = nullptr;
1726 CfEncodingBlob inStream = { 0 };
1727 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_secondCert));
1728 inStream.encodingFormat = CF_FORMAT_PEM;
1729 inStream.len = strlen(g_secondCert) + 1;
1730 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
1731 EXPECT_NE(ret, CF_SUCCESS);
1732 CfBlob out = { 0 };
1733 CfArray arr = { 0 };
1734 ret = g_x509CertObj->base.getEncoded(&(g_x509CertObj->base), &inStream);
1735 EXPECT_NE(ret, CF_SUCCESS);
1736 HcfPubKey *pubKeyOut = nullptr;
1737 ret = g_x509CertObj->base.getPublicKey(&(g_x509CertObj->base), (void **)&pubKeyOut);
1738 EXPECT_NE(ret, CF_SUCCESS);
1739 const char *date = "2020";
1740 ret = g_x509CertObj->checkValidityWithDate(g_x509CertObj, date);
1741 ret = g_x509CertObj->getIssuerName(g_x509CertObj, &out);
1742 ret = g_x509CertObj->getSubjectName(g_x509CertObj, &out);
1743 ret = g_x509CertObj->getNotBeforeTime(g_x509CertObj, &out);
1744 ret = g_x509CertObj->getNotAfterTime(g_x509CertObj, &out);
1745 ret = g_x509CertObj->getSignature(g_x509CertObj, &out);
1746 ret = g_x509CertObj->getSignatureAlgName(g_x509CertObj, &out);
1747 ret = g_x509CertObj->getSignatureAlgOid(g_x509CertObj, &out);
1748 EXPECT_NE(ret, CF_SUCCESS);
1749 ret = g_x509CertObj->getSignatureAlgParams(g_x509CertObj, &out);
1750 ret = g_x509CertObj->getKeyUsage(g_x509CertObj, &out);
1751 EXPECT_NE(ret, CF_SUCCESS);
1752 ret = g_x509CertObj->getExtKeyUsage(g_x509CertObj, &arr);
1753 ret = g_x509CertObj->getSubjectAltNames(g_x509CertObj, &arr);
1754 ret = g_x509CertObj->getIssuerAltNames(g_x509CertObj, &arr);
1755 EXPECT_NE(ret, CF_SUCCESS);
1756 SetMockFlag(false);
1757 }
1758
1759 // Certificate subjectName contains Chinese and special characters.
1760 HWTEST_F(CryptoX509CertificateTest, getSubjectNameUtf8001, TestSize.Level0)
1761 {
1762 HcfX509Certificate *x509Cert = nullptr;
1763 CfEncodingBlob inStream = { 0 };
1764 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testUtf8CaCert));
1765 inStream.encodingFormat = CF_FORMAT_PEM;
1766 inStream.len = strlen(g_testUtf8CaCert) + 1;
1767 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
1768 EXPECT_EQ(ret, CF_SUCCESS);
1769 EXPECT_NE(x509Cert, nullptr);
1770
1771 CfBlob out = { 0 };
1772 ret = x509Cert->getSubjectNameEx(x509Cert, CF_ENCODING_UTF8, &out);
1773 EXPECT_EQ(ret, CF_SUCCESS);
1774 EXPECT_NE(out.data, nullptr);
1775 CfBlobDataClearAndFree(&out);
1776 CfObjDestroy(x509Cert);
1777 }
1778
1779 // Certificate subjectName is null.
1780 HWTEST_F(CryptoX509CertificateTest, getSubjectNameUtf8002, TestSize.Level0)
1781 {
1782 HcfX509Certificate *x509Cert = nullptr;
1783 CfEncodingBlob inStream = { 0 };
1784 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testUtf8CaCertNull));
1785 inStream.encodingFormat = CF_FORMAT_PEM;
1786 inStream.len = strlen(g_testUtf8CaCertNull) + 1;
1787 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
1788 EXPECT_EQ(ret, CF_SUCCESS);
1789 EXPECT_NE(x509Cert, nullptr);
1790
1791 CfBlob out = { 0 };
1792 ret = x509Cert->getSubjectNameEx(x509Cert, CF_ENCODING_UTF8, &out);
1793 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1794 EXPECT_EQ(out.data, nullptr);
1795 CfBlobDataClearAndFree(&out);
1796 CfObjDestroy(x509Cert);
1797 }
1798
1799 // invalid input.
1800 HWTEST_F(CryptoX509CertificateTest, getSubjectNameUtf8003, TestSize.Level0)
1801 {
1802 HcfX509Certificate *x509Cert = nullptr;
1803 CfEncodingBlob inStream = { 0 };
1804 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testUtf8CaCert));
1805 inStream.encodingFormat = CF_FORMAT_PEM;
1806 inStream.len = strlen(g_testUtf8CaCert) + 1;
1807 CfResult ret = HcfX509CertificateCreate(&inStream, &x509Cert);
1808 EXPECT_EQ(ret, CF_SUCCESS);
1809 EXPECT_NE(x509Cert, nullptr);
1810
1811 CfBlob out = { 0 };
1812 ret = x509Cert->getSubjectNameEx(nullptr, CF_ENCODING_UTF8, &out);
1813 EXPECT_NE(ret, CF_SUCCESS);
1814 EXPECT_EQ(out.data, nullptr);
1815
1816 CfEncodinigType encodingType = static_cast<CfEncodinigType>(1);
1817 ret = x509Cert->getSubjectNameEx(nullptr, encodingType, &out);
1818 EXPECT_NE(ret, CF_SUCCESS);
1819 EXPECT_EQ(out.data, nullptr);
1820
1821 ret = x509Cert->getSubjectNameEx(x509Cert, CF_ENCODING_UTF8, nullptr);
1822 EXPECT_NE(ret, CF_SUCCESS);
1823 EXPECT_EQ(out.data, nullptr);
1824 CfBlobDataClearAndFree(&out);
1825 CfObjDestroy(x509Cert);
1826 }
1827
1828 // spi test Certificate subjectName contains Chinese and special characters.
1829 HWTEST_F(CryptoX509CertificateTest, getSubjectNameUtf8004, TestSize.Level0)
1830 {
1831 HcfX509CertificateSpi *spiObj = nullptr;
1832 CfEncodingBlob inStream = { 0 };
1833 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testUtf8CaCert));
1834 inStream.encodingFormat = CF_FORMAT_PEM;
1835 inStream.len = strlen(g_testUtf8CaCert) + 1;
1836 CfResult ret = OpensslX509CertSpiCreate(&inStream, &spiObj);
1837 EXPECT_EQ(ret, CF_SUCCESS);
1838 EXPECT_NE(spiObj, nullptr);
1839
1840 CfBlob out = { 0 };
1841 ret = spiObj->engineGetSubjectNameEx(spiObj, CF_ENCODING_UTF8, &out);
1842 EXPECT_EQ(ret, CF_SUCCESS);
1843 EXPECT_NE(out.data, nullptr);
1844 CfBlobDataClearAndFree(&out);
1845 CfObjDestroy(spiObj);
1846 }
1847
1848 // spi test Certificate subjectName is null.
1849 HWTEST_F(CryptoX509CertificateTest, getSubjectNameUtf8005, TestSize.Level0)
1850 {
1851 HcfX509CertificateSpi *spiObj = nullptr;
1852 CfEncodingBlob inStream = { 0 };
1853 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testUtf8CaCertNull));
1854 inStream.encodingFormat = CF_FORMAT_PEM;
1855 inStream.len = strlen(g_testUtf8CaCert) + 1;
1856 CfResult ret = OpensslX509CertSpiCreate(&inStream, &spiObj);
1857 EXPECT_EQ(ret, CF_SUCCESS);
1858 EXPECT_NE(spiObj, nullptr);
1859
1860 CfBlob out = { 0 };
1861 ret = spiObj->engineGetSubjectNameEx(spiObj, CF_ENCODING_UTF8, &out);
1862 EXPECT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1863 EXPECT_EQ(out.data, nullptr);
1864 CfBlobDataClearAndFree(&out);
1865 CfObjDestroy(spiObj);
1866 }
1867
1868 // spi test invalid input.
1869 HWTEST_F(CryptoX509CertificateTest, getSubjectNameUtf8006, TestSize.Level0)
1870 {
1871 HcfX509CertificateSpi *spiObj = nullptr;
1872 CfEncodingBlob inStream = { 0 };
1873 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testUtf8CaCertNull));
1874 inStream.encodingFormat = CF_FORMAT_PEM;
1875 inStream.len = strlen(g_testUtf8CaCert) + 1;
1876 CfResult ret = OpensslX509CertSpiCreate(&inStream, &spiObj);
1877 EXPECT_EQ(ret, CF_SUCCESS);
1878 EXPECT_NE(spiObj, nullptr);
1879
1880 CfBlob out = { 0 };
1881 ret = spiObj->engineGetSubjectNameEx(nullptr, CF_ENCODING_UTF8, &out);
1882 EXPECT_NE(ret, CF_SUCCESS);
1883 EXPECT_EQ(out.data, nullptr);
1884
1885 CfEncodinigType encodingType = static_cast<CfEncodinigType>(1);
1886 ret = spiObj->engineGetSubjectNameEx(nullptr, encodingType, &out);
1887 EXPECT_NE(ret, CF_SUCCESS);
1888 EXPECT_EQ(out.data, nullptr);
1889
1890 ret = spiObj->engineGetSubjectNameEx(spiObj, CF_ENCODING_UTF8, nullptr);
1891 EXPECT_NE(ret, CF_SUCCESS);
1892 EXPECT_EQ(out.data, nullptr);
1893 CfBlobDataClearAndFree(&out);
1894 CfObjDestroy(spiObj);
1895 }
1896 }