1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17 #include <string>
18 #include <unistd.h>
19 #include <vector>
20
21 #include "hks_access_control_rsa_sign_verify_test_common.h"
22 #include "hks_test_adapt_for_de.h"
23
24 #include "hks_mem.h"
25
26 using namespace testing::ext;
27 namespace Unittest::AccessControlRsaSignVerify {
28 struct AcRsaSignVerifyParamStruct {
29 IDMParams testIDMParams;
30 bool isUseIndataAfterHash;
31 uint32_t hashAlgIndex;
32 };
33
34 const uint32_t SLEEP_TWO_SECOND = 2;
35
RSAAuthTokenSign(struct HksBlob * challenge,const IDMParams & testIDMParams,struct HksParam * tmpParams)36 static int32_t RSAAuthTokenSign(struct HksBlob *challenge,
37 const IDMParams &testIDMParams, struct HksParam *tmpParams)
38 {
39 HksUserAuthToken *authTokenHal = nullptr;
40
41 authTokenHal = static_cast<struct HksUserAuthToken *>(HksMalloc(AUTH_TOKEN_LEN));
42 if (authTokenHal == nullptr) {
43 return HKS_ERROR_NULL_POINTER;
44 }
45
46 int ret = HksAccessControlPartTest::AuthTokenEncrypt(testIDMParams, challenge, authTokenHal);
47 if (ret != HKS_SUCCESS) {
48 HKS_FREE(authTokenHal);
49 HKS_LOG_E("AuthTokenEncrypt Failed.");
50 return ret;
51 }
52
53 std::vector<uint8_t> token;
54 ret = HksAccessControlPartTest::AuthTokenSign(testIDMParams, authTokenHal, token);
55 HKS_FREE(authTokenHal);
56 if (ret != HKS_SUCCESS) {
57 HKS_LOG_E("AuthTokenSign Failed.");
58 return ret;
59 }
60
61 uint8_t *authToken = static_cast<uint8_t *>(HksMalloc(AUTH_TOKEN_LEN));
62 for (uint32_t i = 0; i < AUTH_TOKEN_LEN; i++) {
63 authToken[i] = token[i];
64 }
65 tmpParams->tag = HKS_TAG_AUTH_TOKEN;
66 tmpParams->blob.data = authToken;
67 tmpParams->blob.size = AUTH_TOKEN_LEN;
68 return HKS_SUCCESS;
69 }
70
AddAuthTokenParam(struct HksParamSet ** paramSet,const struct HksParam * tmpParams)71 static int32_t AddAuthTokenParam(struct HksParamSet **paramSet, const struct HksParam *tmpParams)
72 {
73 int32_t ret = HksAddParams(*paramSet, tmpParams, 1);
74 if (ret != HKS_SUCCESS) {
75 HKS_LOG_E("HksAddParam failed!\n");
76 return ret;
77 }
78 ret = HksBuildParamSet(paramSet);
79 if (ret != HKS_SUCCESS) {
80 HKS_LOG_E("HksBuildParamSet failed!\n");
81 return ret;
82 }
83 return HKS_SUCCESS;
84 }
85
AppendToNewParamSet(const struct HksParamSet * paramSet,struct HksParamSet ** outParamSet)86 static int32_t AppendToNewParamSet(const struct HksParamSet *paramSet, struct HksParamSet **outParamSet)
87 {
88 int32_t ret;
89 struct HksParamSet *newParamSet = nullptr;
90 HKS_LOG_E("AppendToNewParamSet start ");
91 do {
92 ret = HksCheckParamSet(paramSet, paramSet->paramSetSize);
93 if (ret != HKS_SUCCESS) {
94 HKS_LOG_E("check paramSet failed");
95 break;
96 }
97
98 ret = HksFreshParamSet(const_cast<struct HksParamSet *>(paramSet), false);
99 if (ret != HKS_SUCCESS) {
100 HKS_LOG_E("append fresh paramset failed");
101 break;
102 }
103
104 ret = HksInitParamSet(&newParamSet);
105 if (ret != HKS_SUCCESS) {
106 HKS_LOG_E("append init operation param set failed");
107 break;
108 }
109
110 ret = HksAddParams(newParamSet, paramSet->params, paramSet->paramsCnt);
111 if (ret != HKS_SUCCESS) {
112 HKS_LOG_E("append params failed");
113 break;
114 }
115 HKS_LOG_E("AppendToNewParamSet end ");
116
117 *outParamSet = newParamSet;
118 return ret;
119 } while (0);
120
121 HksFreeParamSet(&newParamSet);
122 return ret;
123 }
124
125 static const uint32_t SLEEP_TIME = 1;
126
HksAcRsaThreeStageNormalCase(struct HksBlob * keyAlias,struct HksParamSet * paramSet,const struct AcRsaSignVerifyParamStruct & param,struct HksBlob * inDataSign,struct HksBlob * outDataSign)127 static int32_t HksAcRsaThreeStageNormalCase(struct HksBlob *keyAlias, struct HksParamSet *paramSet,
128 const struct AcRsaSignVerifyParamStruct ¶m, struct HksBlob *inDataSign, struct HksBlob *outDataSign)
129 {
130 struct HksBlob inData = {
131 g_inData.length(),
132 const_cast<uint8_t *>(reinterpret_cast<const uint8_t *>(g_inData.c_str()))
133 };
134
135 if (param.isUseIndataAfterHash) {
136 inData.size = strlen(reinterpret_cast<const char *>(g_inDataArrayAfterHash[param.hashAlgIndex]));
137 inData.data = const_cast<uint8_t *>(g_inDataArrayAfterHash[param.hashAlgIndex]);
138 }
139
140 // Init
141 uint8_t handleS[sizeof(uint64_t)] = {0};
142 struct HksBlob handle = { sizeof(uint64_t), handleS };
143 uint8_t challenge[TOKEN_CHALLENGE_LEN] = {0};
144 struct HksBlob challengeBlob = { TOKEN_CHALLENGE_LEN, challenge };
145 int32_t ret = HksInitForDe(keyAlias, paramSet, &handle, &challengeBlob);
146 EXPECT_EQ(ret, HKS_SUCCESS) << "Init failed.";
147
148 // sleep 1 sec for time out test
149 sleep(SLEEP_TIME);
150
151 // Update loop
152 struct HksParam Params;
153 ret = RSAAuthTokenSign(&challengeBlob, param.testIDMParams, &Params);
154 EXPECT_EQ(ret, HKS_SUCCESS) << "AuthToken sign failed.";
155
156 struct HksParamSet *newParamSet = nullptr;
157
158 ret = AppendToNewParamSet(paramSet, &newParamSet);
159 if (ret != HKS_SUCCESS) {
160 HKS_LOG_E("AppendToNewParamSet failed, ret : %" LOG_PUBLIC "d", ret);
161 return ret;
162 }
163
164 ret = AddAuthTokenParam(&newParamSet, &Params);
165
166 EXPECT_EQ(ret, HKS_SUCCESS) << "Add Param failed.";
167 ret = HksTestUpdate(&handle, newParamSet, &inData);
168 if (ret != HKS_SUCCESS) {
169 HKS_LOG_E("Update failed, ret : %" LOG_PUBLIC "d", ret);
170 HksFreeParamSet(&newParamSet);
171 return ret;
172 }
173
174 // Finish
175 ret = HksFinishForDe(&handle, newParamSet, inDataSign, outDataSign);
176 HksFreeParamSet(&newParamSet);
177 return ret;
178 }
179
HksAcRsaThreeStageAbnormalCase(struct HksBlob * keyAlias,struct HksParamSet * paramSet,const struct AcRsaSignVerifyParamStruct & param,struct HksBlob * inDataSign,struct HksBlob * outDataSign)180 static int32_t HksAcRsaThreeStageAbnormalCase(struct HksBlob *keyAlias, struct HksParamSet *paramSet,
181 const struct AcRsaSignVerifyParamStruct ¶m, struct HksBlob *inDataSign, struct HksBlob *outDataSign)
182 {
183 struct HksBlob inData = {
184 g_inData.length(),
185 const_cast<uint8_t *>(reinterpret_cast<const uint8_t *>(g_inData.c_str()))
186 };
187
188 if (param.isUseIndataAfterHash) {
189 inData.size = strlen(reinterpret_cast<const char *>(g_inDataArrayAfterHash[param.hashAlgIndex]));
190 inData.data = const_cast<uint8_t *>(g_inDataArrayAfterHash[param.hashAlgIndex]);
191 }
192
193 // Init
194 uint8_t handleS[sizeof(uint64_t)] = {0};
195 struct HksBlob handle = { sizeof(uint64_t), handleS };
196 uint8_t challenge[TOKEN_CHALLENGE_LEN] = {0};
197 struct HksBlob challengeBlob = { TOKEN_CHALLENGE_LEN, challenge };
198 int32_t ret = HksInitForDe(keyAlias, paramSet, &handle, &challengeBlob);
199 EXPECT_EQ(ret, HKS_SUCCESS) << "Init failed.";
200
201 sleep(SLEEP_TWO_SECOND); // Waiting for time out
202
203 // Update loop
204 struct HksParam Params;
205 ret = RSAAuthTokenSign(&challengeBlob, param.testIDMParams, &Params);
206 EXPECT_EQ(ret, HKS_SUCCESS) << "AuthToken sign failed.";
207
208 struct HksParamSet *newParamSet = nullptr;
209
210 ret = AppendToNewParamSet(paramSet, &newParamSet);
211 if (ret != HKS_SUCCESS) {
212 HKS_LOG_E("AppendToNewParamSet failed, ret : %" LOG_PUBLIC "d", ret);
213 return ret;
214 }
215
216 ret = AddAuthTokenParam(&newParamSet, &Params);
217
218 EXPECT_EQ(ret, HKS_SUCCESS) << "Add Param failed.";
219 ret = HksTestUpdate(&handle, newParamSet, &inData);
220 if (ret != HKS_SUCCESS) {
221 HKS_LOG_E("Update failed, ret : %" LOG_PUBLIC "d", ret);
222 HksAbort(&handle, newParamSet);
223 HksFreeParamSet(&newParamSet);
224 return ret;
225 }
226
227 // Finish
228 ret = HksFinishForDe(&handle, newParamSet, inDataSign, outDataSign);
229 HksFreeParamSet(&newParamSet);
230 return ret;
231 }
232
AddAuthToeknParamCustomCase(const struct HksBlob & challengeBlob1,const struct HksBlob & challengeBlob2,struct HksParam * signParams,const IDMParams & testIDMParams)233 static int32_t AddAuthToeknParamCustomCase(const struct HksBlob &challengeBlob1,
234 const struct HksBlob &challengeBlob2, struct HksParam *signParams, const IDMParams &testIDMParams)
235 {
236 uint8_t challenge[TOKEN_CHALLENGE_LEN] = {0};
237 struct HksBlob challengeBlob = { TOKEN_CHALLENGE_LEN, challenge };
238 if (memcpy_s(challengeBlob.data, TOKEN_CHALLENGE_LEN, challengeBlob1.data, TOKEN_CHALLENGE_LEN_PER_POS) != EOK) {
239 return HKS_FAILURE;
240 }
241
242 if (memcpy_s(challengeBlob.data + TOKEN_CHALLENGE_LEN_PER_POS, TOKEN_CHALLENGE_LEN - TOKEN_CHALLENGE_LEN_PER_POS,
243 challengeBlob2.data + TOKEN_CHALLENGE_LEN_PER_POS, TOKEN_CHALLENGE_LEN_PER_POS) != EOK) {
244 return HKS_FAILURE;
245 }
246
247 int32_t ret = RSAAuthTokenSign(&challengeBlob, testIDMParams, signParams);
248 return ret;
249 }
250
AddSignParamCustomCase(struct HksParam * signParams,struct HksParamSet * paramSet,struct HksParamSet ** newParamSet,const IDMParams & testIDMParams)251 static int32_t AddSignParamCustomCase(struct HksParam *signParams, struct HksParamSet *paramSet,
252 struct HksParamSet **newParamSet, const IDMParams &testIDMParams)
253 {
254 int32_t ret = AppendToNewParamSet(paramSet, newParamSet);
255 if (ret != HKS_SUCCESS) {
256 HKS_LOG_E("AppendToNewParamSet failed, ret : %" LOG_PUBLIC "d", ret);
257 return ret;
258 }
259 ret = HksAddParams(*newParamSet, signParams, 1);
260 if (ret != HKS_SUCCESS) {
261 HKS_LOG_E("HksAddParam failed!\n");
262 return ret;
263 }
264 ret = HksBuildParamSet(newParamSet);
265 if (ret != HKS_SUCCESS) {
266 HKS_LOG_E("HksBuildParamSet failed!\n");
267 return ret;
268 }
269 return ret;
270 }
271
272 uint8_t outDataS1[RSA_COMMON_SIZE] = {0};
273 struct HksBlob outData1 = { RSA_COMMON_SIZE, outDataS1 };
274 uint8_t outDataS2[RSA_COMMON_SIZE] = {0};
275 struct HksBlob outData2 = { RSA_COMMON_SIZE, outDataS2 };
276
HksAcRsaThreeStageSignCustomCase(struct HksBlob * keyAlias1,struct HksParamSet * paramSet1,struct HksBlob * keyAlias2,struct HksParamSet * paramSet2,const struct AcRsaSignVerifyParamStruct & param)277 static int32_t HksAcRsaThreeStageSignCustomCase(struct HksBlob *keyAlias1, struct HksParamSet *paramSet1,
278 struct HksBlob *keyAlias2, struct HksParamSet *paramSet2, const struct AcRsaSignVerifyParamStruct ¶m)
279 {
280 struct HksBlob inData = {
281 g_inData.length(),
282 const_cast<uint8_t *>(reinterpret_cast<const uint8_t *>(g_inData.c_str()))
283 };
284
285 uint8_t handleS1[sizeof(uint64_t)] = {0};
286 uint8_t handleS2[sizeof(uint64_t)] = {0};
287 struct HksParam signParams;
288
289 if (param.isUseIndataAfterHash) {
290 inData.size = strlen(reinterpret_cast<const char *>(g_inDataArrayAfterHash[param.hashAlgIndex]));
291 inData.data = const_cast<uint8_t *>(g_inDataArrayAfterHash[param.hashAlgIndex]);
292 }
293
294 struct HksBlob handle1 = { sizeof(uint64_t), handleS1 };
295 uint8_t challenge1[TOKEN_CHALLENGE_LEN] = {0};
296 struct HksBlob challengeBlob1 = { TOKEN_CHALLENGE_LEN, challenge1 };
297 int32_t ret = HksInitForDe(keyAlias1, paramSet1, &handle1, &challengeBlob1);
298 EXPECT_EQ(ret, HKS_SUCCESS) << "Init failed.";
299
300 struct HksBlob handle2 = { sizeof(uint64_t), handleS2 };
301 uint8_t challenge2[TOKEN_CHALLENGE_LEN] = {0};
302 struct HksBlob challengeBlob2 = { TOKEN_CHALLENGE_LEN, challenge2 };
303 ret = HksInitForDe(keyAlias2, paramSet2, &handle2, &challengeBlob2);
304 EXPECT_EQ(ret, HKS_SUCCESS) << "Init failed.";
305
306 // Update loop
307 struct HksParamSet *newParamSet1 = nullptr;
308 struct HksParamSet *newParamSet2 = nullptr;
309
310 ret = AddAuthToeknParamCustomCase(challengeBlob1, challengeBlob2, &signParams, param.testIDMParams);
311 EXPECT_EQ(ret, HKS_SUCCESS) << "AddAuthToeknParam failed.";
312
313 ret = AddSignParamCustomCase(&signParams, paramSet1, &newParamSet1, param.testIDMParams);
314 EXPECT_EQ(ret, HKS_SUCCESS) << "AddPosParam failed.";
315 ret = HksTestUpdate(&handle1, newParamSet1, &inData);
316 EXPECT_EQ(ret, HKS_SUCCESS) << "Update failed.";
317
318 uint8_t tmpIn1[] = "tempIn";
319
320 ret = AddSignParamCustomCase(&signParams, paramSet2, &newParamSet2, param.testIDMParams);
321 EXPECT_EQ(ret, HKS_SUCCESS) << "AddPosParam failed.";
322 ret = HksTestUpdate(&handle2, newParamSet2, &inData);
323 EXPECT_EQ(ret, HKS_SUCCESS) << "Update failed.";
324
325 // Finish
326 struct HksBlob finishInData1 = { 0, tmpIn1 };
327 ret = HksFinishForDe(&handle1, paramSet1, &finishInData1, &outData1);
328 EXPECT_EQ(ret, HKS_SUCCESS) << "Finish failed.";
329
330 uint8_t tmpIn2[] = "tempIn";
331 struct HksBlob finishInData2 = { 0, tmpIn2 };
332 ret = HksFinishForDe(&handle2, paramSet2, &finishInData2, &outData2);
333 EXPECT_EQ(ret, HKS_SUCCESS) << "Finish failed.";
334 HksFreeParamSet(&newParamSet1);
335 HksFreeParamSet(&newParamSet2);
336 return ret;
337 }
338
HksAcRsaThreeStageVerifyCustomCase(struct HksBlob * keyAlias1,struct HksParamSet * paramSet1,struct HksBlob * keyAlias2,struct HksParamSet * paramSet2,const struct AcRsaSignVerifyParamStruct & param)339 static int32_t HksAcRsaThreeStageVerifyCustomCase(struct HksBlob *keyAlias1, struct HksParamSet *paramSet1,
340 struct HksBlob *keyAlias2, struct HksParamSet *paramSet2, const struct AcRsaSignVerifyParamStruct ¶m)
341 {
342 struct HksBlob inData = {
343 g_inData.length(),
344 const_cast<uint8_t *>(reinterpret_cast<const uint8_t *>(g_inData.c_str()))
345 };
346
347 if (param.isUseIndataAfterHash) {
348 inData.size = strlen(reinterpret_cast<const char *>(g_inDataArrayAfterHash[param.hashAlgIndex]));
349 inData.data = const_cast<uint8_t *>(g_inDataArrayAfterHash[param.hashAlgIndex]);
350 }
351
352 uint8_t handleS1[sizeof(uint64_t)] = {0};
353 struct HksBlob handle1 = { sizeof(uint64_t), handleS1 };
354 uint8_t challenge1[TOKEN_CHALLENGE_LEN] = {0};
355 struct HksBlob challengeBlob1 = { TOKEN_CHALLENGE_LEN, challenge1 };
356 int32_t ret = HksInitForDe(keyAlias1, paramSet1, &handle1, &challengeBlob1);
357 EXPECT_EQ(ret, HKS_SUCCESS) << "Init failed.";
358
359 uint8_t handleS2[sizeof(uint64_t)] = {0};
360 struct HksBlob handle2 = { sizeof(uint64_t), handleS2 };
361 uint8_t challenge2[TOKEN_CHALLENGE_LEN] = {0};
362 struct HksBlob challengeBlob2 = { TOKEN_CHALLENGE_LEN, challenge2 };
363 ret = HksInitForDe(keyAlias2, paramSet2, &handle2, &challengeBlob2);
364 EXPECT_EQ(ret, HKS_SUCCESS) << "Init failed.";
365
366 // Update loop
367 struct HksParamSet *newParamSet1 = nullptr;
368 struct HksParamSet *newParamSet2 = nullptr;
369 struct HksParam signParams;
370 ret = AddAuthToeknParamCustomCase(challengeBlob1, challengeBlob2, &signParams, param.testIDMParams);
371 EXPECT_EQ(ret, HKS_SUCCESS) << "AddAuthToeknParam failed.";
372
373 ret = AddSignParamCustomCase(&signParams, paramSet1, &newParamSet1, param.testIDMParams);
374 EXPECT_EQ(ret, HKS_SUCCESS) << "AddPosParam failed.";
375 ret = HksTestUpdate(&handle1, newParamSet1, &inData);
376 EXPECT_EQ(ret, HKS_SUCCESS) << "Update failed.";
377
378 ret = AddSignParamCustomCase(&signParams, paramSet2, &newParamSet2, param.testIDMParams);
379 EXPECT_EQ(ret, HKS_SUCCESS) << "AddPosParam failed.";
380 ret = HksTestUpdate(&handle2, newParamSet2, &inData);
381 EXPECT_EQ(ret, HKS_SUCCESS) << "Update failed.";
382
383 // Finish
384 uint8_t tmpIn1[] = "tempIn";
385 struct HksBlob finishOutData1 = { 0, tmpIn1 };
386 ret = HksFinishForDe(&handle1, paramSet1, &outData1, &finishOutData1);
387 EXPECT_EQ(ret, HKS_SUCCESS) << "Finish failed.";
388
389 uint8_t tmpIn2[] = "tempIn";
390 struct HksBlob finishOutData2 = { 0, tmpIn2 };
391 ret = HksFinishForDe(&handle2, paramSet2, &outData2, &finishOutData2);
392 EXPECT_EQ(ret, HKS_SUCCESS) << "Finish failed.";
393 HksFreeParamSet(&newParamSet1);
394 HksFreeParamSet(&newParamSet2);
395 return ret;
396 }
397
AcRsaSignVerifyTestNormalCase(const TestAccessCaseRSAParams & testCaseParams,const struct AcRsaSignVerifyParamStruct & param)398 static int32_t AcRsaSignVerifyTestNormalCase(const TestAccessCaseRSAParams &testCaseParams,
399 const struct AcRsaSignVerifyParamStruct ¶m)
400 {
401 /* 1. Generate Key */
402 // Generate Key
403 struct HksParamSet *genParamSet = nullptr;
404 int32_t ret = InitParamSet(&genParamSet, testCaseParams.genParams.data(), testCaseParams.genParams.size());
405 EXPECT_EQ(ret, HKS_SUCCESS) << "InitgenParamSet failed.";
406 uint8_t alias[] = "AcRSASignVerify";
407 struct HksBlob keyAlias = { sizeof(alias), alias };
408 ret = HksGenerateKeyForDe(&keyAlias, genParamSet, nullptr);
409 EXPECT_EQ(ret, HKS_SUCCESS) << "RSA generate key failed.";
410
411 uint8_t tmpIn[] = "tempIn";
412 struct HksBlob finishInData = { 0, tmpIn };
413 uint8_t outDataS[RSA_COMMON_SIZE] = {0};
414 struct HksBlob outDataSign = { RSA_COMMON_SIZE, outDataS };
415 struct HksParamSet *signParamSet = nullptr;
416 ret = InitParamSet(&signParamSet, testCaseParams.signParams.data(), testCaseParams.signParams.size());
417 EXPECT_EQ(ret, HKS_SUCCESS) << "InitsignParamSet failed.";
418 ret = HksAcRsaThreeStageNormalCase(&keyAlias, signParamSet, param, &finishInData, &outDataSign);
419 EXPECT_EQ(ret, HKS_SUCCESS) << "Three stage failed.";
420
421 /* 3. Export Public Key */
422 uint8_t pubKey[HKS_RSA_KEY_SIZE_1024] = {0};
423 struct HksBlob publicKey = { HKS_RSA_KEY_SIZE_1024, pubKey };
424 ret = HksExportPublicKeyForDe(&keyAlias, genParamSet, &publicKey);
425 EXPECT_EQ(ret, HKS_SUCCESS) << "ExportPublicKey failed.";
426
427 /* 4. Import Key */
428 struct HksParamSet *verifyParamSet = nullptr;
429 ret = InitParamSet(&verifyParamSet, testCaseParams.verifyParams.data(), testCaseParams.verifyParams.size());
430 EXPECT_EQ(ret, HKS_SUCCESS) << "InitverifyParamSet failed.";
431
432 char newKey[] = "RSA_Sign_Verify_Import_KeyAlias";
433 struct HksBlob newKeyAlias = { .size = strlen(newKey), .data = reinterpret_cast<uint8_t *>(newKey) };
434 ret = HksImportKeyForDe(&newKeyAlias, verifyParamSet, &publicKey);
435 EXPECT_EQ(ret, HKS_SUCCESS) << "ImportKey failed";
436
437 uint8_t temp[] = "out";
438 struct HksBlob verifyOut = { sizeof(temp), temp };
439 ret = HksAcRsaThreeStageNormalCase(&newKeyAlias, verifyParamSet, param, &outDataSign, &verifyOut);
440 EXPECT_EQ(ret, HKS_SUCCESS) << "Three stage failed.";
441
442 /* 6. Delete New Key */
443 int32_t deleteRet = HksDeleteKeyForDe(&newKeyAlias, verifyParamSet);
444 EXPECT_EQ(deleteRet, HKS_SUCCESS) << "Delete ImportKey failed.";
445
446 ret = HksDeleteKeyForDe(&keyAlias, genParamSet);
447 EXPECT_EQ(ret, HKS_SUCCESS) << "DeleteKey failed.";
448
449 HksFreeParamSet(&genParamSet);
450 HksFreeParamSet(&signParamSet);
451 HksFreeParamSet(&verifyParamSet);
452
453 return ret;
454 }
455
HksAcRsaSignVerifyTestNormalCase(const TestAccessCaseRSAParams & testCaseParams,const IDMParams & testIDMParams)456 int32_t HksAcRsaSignVerifyTestNormalCase(const TestAccessCaseRSAParams &testCaseParams,
457 const IDMParams &testIDMParams)
458 {
459 struct HksParamSet *signParamSet = nullptr;
460 int32_t ret = InitParamSet(&signParamSet, testCaseParams.signParams.data(), testCaseParams.signParams.size());
461 EXPECT_EQ(ret, HKS_SUCCESS) << "InitsignParamSet failed.";
462
463 struct AcRsaSignVerifyParamStruct param = { testIDMParams, false, 0 };
464 struct HksParam *digestAlg = nullptr;
465 ret = HksGetParam(signParamSet, HKS_TAG_DIGEST, &digestAlg);
466 EXPECT_EQ(ret, HKS_SUCCESS) << "GetParam failed.";
467 if (digestAlg->uint32Param == HKS_DIGEST_NONE) {
468 param.isUseIndataAfterHash = true;
469 }
470
471 if (param.isUseIndataAfterHash) {
472 for (uint32_t i = 0; i < (sizeof(g_inDataArrayAfterHash) / sizeof(uint8_t *)); i++) {
473 param.hashAlgIndex = i;
474 ret = AcRsaSignVerifyTestNormalCase(testCaseParams, param);
475 if (ret != HKS_SUCCESS) {
476 return ret;
477 }
478 }
479 } else {
480 return AcRsaSignVerifyTestNormalCase(testCaseParams, param);
481 }
482
483 return HKS_SUCCESS;
484 }
485
AcRsaSignVerifyTestAbnormalCase(const TestAccessCaseRSAParams & testCaseParams,const struct AcRsaSignVerifyParamStruct & param)486 static int32_t AcRsaSignVerifyTestAbnormalCase(const TestAccessCaseRSAParams &testCaseParams,
487 const struct AcRsaSignVerifyParamStruct ¶m)
488 {
489 /* 1. Generate Key */
490 // Generate Key
491 struct HksParamSet *genParamSet = nullptr;
492 int32_t ret = InitParamSet(&genParamSet, testCaseParams.genParams.data(), testCaseParams.genParams.size());
493 EXPECT_EQ(ret, HKS_SUCCESS) << "InitgenParamSet failed.";
494 uint8_t alias[] = "AcRSASignVerify";
495 struct HksBlob keyAlias = { sizeof(alias), alias };
496 ret = HksGenerateKeyForDe(&keyAlias, genParamSet, nullptr);
497 EXPECT_EQ(ret, HKS_SUCCESS) << "RSA generate key failed.";
498
499 uint8_t tmpIn[] = "tempIn";
500 struct HksBlob finishInData = { 0, tmpIn };
501 uint8_t outDataS[RSA_COMMON_SIZE] = {0};
502 struct HksBlob outDataSign = { RSA_COMMON_SIZE, outDataS };
503 struct HksParamSet *signParamSet = nullptr;
504 ret = InitParamSet(&signParamSet, testCaseParams.signParams.data(), testCaseParams.signParams.size());
505 EXPECT_EQ(ret, HKS_SUCCESS) << "InitsignParamSet failed.";
506 ret = HksAcRsaThreeStageAbnormalCase(&keyAlias, signParamSet, param, &finishInData, &outDataSign);
507 EXPECT_NE(ret, HKS_SUCCESS) << "Three stage failed.";
508
509 /* 3. Export Public Key */
510 uint8_t pubKey[HKS_RSA_KEY_SIZE_1024] = {0};
511 struct HksBlob publicKey = { HKS_RSA_KEY_SIZE_1024, pubKey };
512 ret = HksExportPublicKeyForDe(&keyAlias, genParamSet, &publicKey);
513 EXPECT_EQ(ret, HKS_SUCCESS) << "ExportPublicKey failed.";
514
515 /* 4. Import Key */
516 struct HksParamSet *verifyParamSet = nullptr;
517 ret = InitParamSet(&verifyParamSet, testCaseParams.verifyParams.data(), testCaseParams.verifyParams.size());
518 EXPECT_EQ(ret, HKS_SUCCESS) << "InitverifyParamSet failed.";
519
520 char newKey[] = "RSA_Sign_Verify_Import_KeyAlias";
521 struct HksBlob newKeyAlias = { .size = strlen(newKey), .data = reinterpret_cast<uint8_t *>(newKey) };
522 ret = HksImportKeyForDe(&newKeyAlias, verifyParamSet, &publicKey);
523 EXPECT_EQ(ret, HKS_SUCCESS) << "ImportKey failed";
524
525 uint8_t temp[] = "out";
526 struct HksBlob verifyOut = { sizeof(temp), temp };
527 ret = HksAcRsaThreeStageAbnormalCase(&newKeyAlias, verifyParamSet, param, &outDataSign, &verifyOut);
528 EXPECT_NE(ret, HKS_SUCCESS) << "Three stage failed.";
529
530 /* 6. Delete New Key */
531 int32_t deleteRet = HksDeleteKeyForDe(&newKeyAlias, verifyParamSet);
532 EXPECT_EQ(deleteRet, HKS_SUCCESS) << "Delete ImportKey failed.";
533
534 ret = HksDeleteKeyForDe(&keyAlias, genParamSet);
535 EXPECT_EQ(ret, HKS_SUCCESS) << "DeleteKey failed.";
536
537 HksFreeParamSet(&genParamSet);
538 HksFreeParamSet(&signParamSet);
539 HksFreeParamSet(&verifyParamSet);
540
541 return ret;
542 }
543
HksAcRsaSignVerifyTestAbnormalCase(const TestAccessCaseRSAParams & testCaseParams,const IDMParams & testIDMParams)544 int32_t HksAcRsaSignVerifyTestAbnormalCase(const TestAccessCaseRSAParams &testCaseParams,
545 const IDMParams &testIDMParams)
546 {
547 struct HksParamSet *signParamSet = nullptr;
548 int32_t ret = InitParamSet(&signParamSet, testCaseParams.signParams.data(), testCaseParams.signParams.size());
549 EXPECT_EQ(ret, HKS_SUCCESS) << "InitsignParamSet failed.";
550
551 struct AcRsaSignVerifyParamStruct param = { testIDMParams, false, 0 };
552 struct HksParam *digestAlg = nullptr;
553 ret = HksGetParam(signParamSet, HKS_TAG_DIGEST, &digestAlg);
554 EXPECT_EQ(ret, HKS_SUCCESS) << "GetParam failed.";
555 if (digestAlg->uint32Param == HKS_DIGEST_NONE) {
556 param.isUseIndataAfterHash = true;
557 }
558
559 if (param.isUseIndataAfterHash) {
560 for (uint32_t i = 0; i < (sizeof(g_inDataArrayAfterHash) / sizeof(uint8_t *)); i++) {
561 param.hashAlgIndex = i;
562 ret = AcRsaSignVerifyTestAbnormalCase(testCaseParams, param);
563 if (ret != HKS_SUCCESS) {
564 return ret;
565 }
566 }
567 } else {
568 return AcRsaSignVerifyTestAbnormalCase(testCaseParams, param);
569 }
570
571 return HKS_SUCCESS;
572 }
573
HksAcRsaVerifyTestCustomCase(const TestAccessCaseRSAParams & testCaseParams1,const TestAccessCaseRSAParams & testCaseParams2,struct HksBlob * publicKey1,struct HksBlob * publicKey2,const struct AcRsaSignVerifyParamStruct & param)574 static int32_t HksAcRsaVerifyTestCustomCase(const TestAccessCaseRSAParams &testCaseParams1,
575 const TestAccessCaseRSAParams &testCaseParams2, struct HksBlob *publicKey1, struct HksBlob *publicKey2,
576 const struct AcRsaSignVerifyParamStruct ¶m)
577 {
578 /* 4. Import Key */
579 struct HksParamSet *verifyParamSet1 = nullptr;
580 int32_t ret = InitParamSet(&verifyParamSet1, testCaseParams1.verifyParams.data(),
581 testCaseParams1.verifyParams.size());
582 EXPECT_EQ(ret, HKS_SUCCESS) << "InitverifyParamSet failed.";
583 char newKey1[] = "RSA_Sign_Verify_Import_KeyAlia1";
584 struct HksBlob newKeyAlias1 = { .size = strlen(newKey1), .data = reinterpret_cast<uint8_t *>(newKey1) };
585 ret = HksImportKeyForDe(&newKeyAlias1, verifyParamSet1, publicKey1);
586 EXPECT_EQ(ret, HKS_SUCCESS) << "ImportKey failed";
587
588 struct HksParamSet *verifyParamSet2 = nullptr;
589 ret = InitParamSet(&verifyParamSet2, testCaseParams2.verifyParams.data(), testCaseParams2.verifyParams.size());
590 EXPECT_EQ(ret, HKS_SUCCESS) << "InitverifyParamSet failed.";
591 char newKey2[] = "RSA_Sign_Verify_Import_KeyAlia2";
592 struct HksBlob newKeyAlias2 = { .size = strlen(newKey2), .data = reinterpret_cast<uint8_t *>(newKey2) };
593 ret = HksImportKeyForDe(&newKeyAlias2, verifyParamSet2, publicKey2);
594 EXPECT_EQ(ret, HKS_SUCCESS) << "ImportKey failed";
595
596 ret = HksAcRsaThreeStageVerifyCustomCase(&newKeyAlias1, verifyParamSet1, &newKeyAlias2, verifyParamSet2, param);
597 EXPECT_EQ(ret, HKS_SUCCESS) << "verify custom case failed.";
598
599 /* 6. Delete New Key */
600 int32_t deleteRet = HksDeleteKeyForDe(&newKeyAlias1, verifyParamSet1);
601 EXPECT_EQ(deleteRet, HKS_SUCCESS) << "Delete ImportKey failed.";
602 deleteRet = HksDeleteKeyForDe(&newKeyAlias2, verifyParamSet2);
603 EXPECT_EQ(deleteRet, HKS_SUCCESS) << "Delete ImportKey failed.";
604
605 HksFreeParamSet(&verifyParamSet1);
606 HksFreeParamSet(&verifyParamSet2);
607
608 return ret;
609 }
610
AcRsaSignTestCustomCase(const TestAccessCaseRSAParams & testCaseParams1,const TestAccessCaseRSAParams & testCaseParams2,const struct AcRsaSignVerifyParamStruct & param)611 static int32_t AcRsaSignTestCustomCase(const TestAccessCaseRSAParams &testCaseParams1,
612 const TestAccessCaseRSAParams &testCaseParams2, const struct AcRsaSignVerifyParamStruct ¶m)
613 {
614 /* 1. Generate Key */
615 // Generate Key
616 struct HksParamSet *genParamSet1 = nullptr;
617 int32_t ret = InitParamSet(&genParamSet1, testCaseParams1.genParams.data(), testCaseParams1.genParams.size());
618 EXPECT_EQ(ret, HKS_SUCCESS) << "InitgenParamSet failed.";
619 uint8_t alias1[] = "Ac_RSA_Sign_Verify1";
620 struct HksBlob keyAlias1 = { sizeof(alias1), alias1 };
621 ret = HksGenerateKeyForDe(&keyAlias1, genParamSet1, nullptr);
622 EXPECT_EQ(ret, HKS_SUCCESS) << "RSA generate key failed.";
623
624 struct HksParamSet *genParamSet2 = nullptr;
625 ret = InitParamSet(&genParamSet2, testCaseParams2.genParams.data(), testCaseParams2.genParams.size());
626 EXPECT_EQ(ret, HKS_SUCCESS) << "InitgenParamSet failed.";
627 uint8_t alias2[] = "Ac_RSA_Sign_Verify2";
628 struct HksBlob keyAlias2 = { sizeof(alias2), alias2 };
629 ret = HksGenerateKeyForDe(&keyAlias2, genParamSet2, nullptr);
630 EXPECT_EQ(ret, HKS_SUCCESS) << "RSA generate key failed.";
631
632 struct HksParamSet *signParamSet1 = nullptr;
633 ret = InitParamSet(&signParamSet1, testCaseParams1.signParams.data(), testCaseParams1.signParams.size());
634
635 EXPECT_EQ(ret, HKS_SUCCESS) << "InitsignParamSet failed.";
636
637 struct HksParamSet *signParamSet2 = nullptr;
638 ret = InitParamSet(&signParamSet2, testCaseParams2.signParams.data(), testCaseParams2.signParams.size());
639 EXPECT_EQ(ret, HKS_SUCCESS) << "InitsignParamSet failed.";
640
641 ret = HksAcRsaThreeStageSignCustomCase(&keyAlias1, signParamSet1, &keyAlias2, signParamSet2, param);
642 EXPECT_EQ(ret, HKS_SUCCESS) << "RSA Sign failed.";
643
644 /* 3. Export Public Key */
645 uint8_t pubKey1[HKS_RSA_KEY_SIZE_1024] = {0};
646 struct HksBlob publicKey1 = { HKS_RSA_KEY_SIZE_1024, pubKey1 };
647 ret = HksExportPublicKeyForDe(&keyAlias1, genParamSet1, &publicKey1);
648 EXPECT_EQ(ret, HKS_SUCCESS) << "ExportPublicKey failed.";
649
650 uint8_t pubKey2[HKS_RSA_KEY_SIZE_1024] = {0};
651 struct HksBlob publicKey2 = { HKS_RSA_KEY_SIZE_1024, pubKey2 };
652 ret = HksExportPublicKeyForDe(&keyAlias2, genParamSet2, &publicKey2);
653 EXPECT_EQ(ret, HKS_SUCCESS) << "ExportPublicKey failed.";
654
655 ret = HksAcRsaVerifyTestCustomCase(testCaseParams1, testCaseParams2, &publicKey1, &publicKey2, param);
656 EXPECT_EQ(ret, HKS_SUCCESS) << "RSA Verify failed.";
657
658 ret = HksDeleteKeyForDe(&keyAlias1, genParamSet1);
659 EXPECT_EQ(ret, HKS_SUCCESS) << "DeleteKey failed.";
660 ret = HksDeleteKeyForDe(&keyAlias2, genParamSet2);
661 EXPECT_EQ(ret, HKS_SUCCESS) << "DeleteKey failed.";
662
663 HksFreeParamSet(&genParamSet1);
664 HksFreeParamSet(&signParamSet1);
665 HksFreeParamSet(&genParamSet2);
666 HksFreeParamSet(&signParamSet2);
667
668 return ret;
669 }
670
HksAcRsaSignTestCustomCase(const TestAccessCaseRSAParams & testCaseParams1,const TestAccessCaseRSAParams & testCaseParams2,const IDMParams & testIDMParams)671 int32_t HksAcRsaSignTestCustomCase(const TestAccessCaseRSAParams &testCaseParams1,
672 const TestAccessCaseRSAParams &testCaseParams2, const IDMParams &testIDMParams)
673 {
674 struct HksParamSet *signParamSet = nullptr;
675 int32_t ret = InitParamSet(&signParamSet, testCaseParams1.signParams.data(), testCaseParams1.signParams.size());
676 EXPECT_EQ(ret, HKS_SUCCESS) << "InitsignParamSet failed.";
677
678 struct AcRsaSignVerifyParamStruct param = { testIDMParams, false, 0 };
679 struct HksParam *digestAlg = nullptr;
680 ret = HksGetParam(signParamSet, HKS_TAG_DIGEST, &digestAlg);
681 EXPECT_EQ(ret, HKS_SUCCESS) << "GetParam failed.";
682 if (digestAlg->uint32Param == HKS_DIGEST_NONE) {
683 param.isUseIndataAfterHash = true;
684 }
685
686 if (param.isUseIndataAfterHash) {
687 for (uint32_t i = 0; i < (sizeof(g_inDataArrayAfterHash) / sizeof(uint8_t *)); i++) {
688 param.hashAlgIndex = i;
689 ret = AcRsaSignTestCustomCase(testCaseParams1, testCaseParams2, param);
690 if (ret != HKS_SUCCESS) {
691 return ret;
692 }
693 }
694 } else {
695 return AcRsaSignTestCustomCase(testCaseParams1, testCaseParams2, param);
696 }
697
698 return HKS_SUCCESS;
699 }
700 }