1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17
18 #include "certificate_openssl_common.h"
19 #include "cf_blob.h"
20 #include "cf_log.h"
21 #include "cf_mock.h"
22 #include "cf_object_base.h"
23 #include "cf_result.h"
24 #include "crypto_x509_test_common.h"
25 #include "memory_mock.h"
26 #include "securec.h"
27 #include "string"
28 #include "x509_cert_chain.h"
29 #include "x509_cert_chain_openssl.h"
30 #include "x509_certificate_openssl.h"
31 #include "crypto_x509_cert_chain_data_pem.h"
32 #include "crypto_x509_cert_chain_data_pem_added.h"
33 #include "cert_crl_common.h"
34 #include "fwk_class.h"
35
36 #define OID_STR_MAX_LEN 128
37 #define MAX_CERT_NUM 256
38 #define DEMO_CERT_ARRAY_SIZE 2
39
40 using namespace std;
41 using namespace testing::ext;
42 using namespace CFMock;
43
44 using ::testing::_;
45 using ::testing::AnyNumber;
46 using ::testing::Invoke;
47 using ::testing::Return;
48
49 #ifdef __cplusplus
50 extern "C" {
51 #endif
52
53 int __real_OPENSSL_sk_num(const OPENSSL_STACK *st);
54 void *__real_OPENSSL_sk_value(const OPENSSL_STACK *st, int i);
55 BIO *__real_BIO_new_mem_buf(const void *buf, int len);
56 CfResult __real_HcfX509CertificateCreate(const CfEncodingBlob *inStream, HcfX509Certificate **returnObj);
57 OPENSSL_STACK *__real_OPENSSL_sk_new_null(void);
58 int __real_i2d_X509(X509 *a, unsigned char **out);
59 int __real_X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
60 X509_STORE_CTX *__real_X509_STORE_CTX_new(void);
61 X509_STORE *__real_X509_STORE_new(void);
62 int __real_X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) * chain);
63 int __real_X509_verify_cert(X509_STORE_CTX *ctx);
64 int __real_i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
65 void *__real_X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
66 int __real_i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **out);
67 int __real_i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **out);
68 CfResult __real_DeepCopyDataToBlob(const unsigned char *data, uint32_t len, CfBlob *outBlob);
69 ASN1_TIME *__real_ASN1_TIME_new(void);
70 EVP_PKEY *__real_X509_get_pubkey(X509 *x);
71 ASN1_OBJECT *__real_OBJ_nid2obj(int n);
72 int __real_OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
73 BIGNUM *__real_BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
74 const ASN1_INTEGER *__real_X509_get0_serialNumber(const X509 *x);
75 int __real_i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **out);
76 int __real_ASN1_TIME_normalize(ASN1_TIME *s);
77 ASN1_TIME *__real_X509_getm_notBefore(const X509 *x);
78 ASN1_TIME *__real_X509_getm_notAfter(const X509 *x);
79 void __real_X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval, const X509_ALGOR *algor);
80 ASN1_TYPE *__real_ASN1_TYPE_new(void);
81 int __real_ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
82 int __real_i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **out);
83 long __real_ASN1_INTEGER_get(const ASN1_INTEGER *a);
84 const unsigned char *__real_ASN1_STRING_get0_data(const ASN1_STRING *x);
85 int __real_i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **out);
86 X509_EXTENSION *__real_X509_get_ext(const X509 *x, X509_EXTENSION *loc);
87 void *__real_X509V3_EXT_d2i(X509_EXTENSION *ext);
88 void *__real_GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype);
89 int __real_X509_verify(X509 *a, EVP_PKEY *r);
90 CfResult __real_DeepCopyBlobToBlob(const CfBlob *inBlob, CfBlob **outBlob);
91 char *__real_X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
92 int __real_OPENSSL_sk_push(OPENSSL_STACK *st, const int data);
93 int __real_i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **out);
94 int __real_i2d_X509_CRL(X509_CRL *a, unsigned char **out);
95 OPENSSL_STACK *__real_OPENSSL_sk_deep_copy(const OPENSSL_STACK *, OPENSSL_sk_copyfunc c, OPENSSL_sk_freefunc f);
96 int __real_OBJ_obj2nid(const ASN1_OBJECT *o);
97 X509 *__real_X509_dup(X509 *x509);
98 int __real_i2d_X509_EXTENSIONS(X509_EXTENSIONS *a, unsigned char **out);
99 int __real_X509_check_host(X509 *x, const char *chk, size_t chklen, unsigned int flags, char **peername);
100 OCSP_REQUEST *__real_OCSP_REQUEST_new(void);
101 X509_CRL *__real_X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
102 struct stack_st_OPENSSL_STRING *__real_X509_get1_ocsp(X509 *x);
103 int __real_OSSL_HTTP_parse_url(const char *url, int *pssl, char **puser, char **phost, char **pport, int *pport_num,
104 char **ppath, char **pquery, char **pfrag);
105 int __real_X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder, size_t *pderlen);
106 const char *__real_OBJ_nid2sn(int n);
107 int __real_ASN1_STRING_length(const ASN1_STRING *x);
108 CfResult __real_DeepCopyDataToOut(const char *data, uint32_t len, CfBlob *out);
109 char *__real_CRYPTO_strdup(const char *str, const char *file, int line);
110 X509_NAME *__real_X509_NAME_new(void);
111 int __real_OBJ_txt2nid(const char *s);
112 int __real_X509_NAME_add_entry_by_NID(
113 X509_NAME *name, int nid, int type, const unsigned char *bytes, int len, int loc, int set);
114 BIO *__real_BIO_new(const BIO_METHOD *type);
115 int __real_X509_print(BIO *bp, X509 *x);
116 long __real_BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
117 int __real_i2d_X509_bio(BIO *bp, X509 *x509);
118 int __real_PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
119 bool __real_CheckIsSelfSigned(const X509 *cert);
120
PKCS12_parse_mock(PKCS12 * p12,const char * pass,EVP_PKEY ** pkey,X509 ** cert,STACK_OF (X509)** ca)121 int PKCS12_parse_mock(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) {
122 CF_LOG_I("PKCS12_parse_mock");
123 *cert = static_cast<X509 *>(malloc(sizeof(X509 *)));
124 if (*cert == nullptr) {
125 CF_LOG_E("Failed to malloc cert.");
126 return 0;
127 }
128 return 1;
129 }
130
ResetMockFunctionPartOne(void)131 void ResetMockFunctionPartOne(void)
132 {
133 EXPECT_CALL(X509OpensslMock::GetInstance(),
134 OPENSSL_sk_num(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OPENSSL_sk_num));
135 EXPECT_CALL(X509OpensslMock::GetInstance(),
136 OPENSSL_sk_value(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OPENSSL_sk_value));
137 EXPECT_CALL(X509OpensslMock::GetInstance(),
138 BIO_new_mem_buf(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_BIO_new_mem_buf));
139 EXPECT_CALL(X509OpensslMock::GetInstance(),
140 HcfX509CertificateCreate(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_HcfX509CertificateCreate));
141 EXPECT_CALL(X509OpensslMock::GetInstance(),
142 OPENSSL_sk_new_null()).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OPENSSL_sk_new_null));
143 EXPECT_CALL(X509OpensslMock::GetInstance(),
144 i2d_X509(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_X509));
145 EXPECT_CALL(X509OpensslMock::GetInstance(),
146 X509_STORE_add_cert(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_STORE_add_cert));
147 EXPECT_CALL(X509OpensslMock::GetInstance(),
148 X509_STORE_CTX_new()).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_STORE_CTX_new));
149 EXPECT_CALL(X509OpensslMock::GetInstance(),
150 X509_STORE_new()).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_STORE_new));
151 EXPECT_CALL(X509OpensslMock::GetInstance(),
152 X509_STORE_CTX_init(_, _, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_STORE_CTX_init));
153 EXPECT_CALL(X509OpensslMock::GetInstance(),
154 X509_verify_cert(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_verify_cert));
155 EXPECT_CALL(X509OpensslMock::GetInstance(),
156 i2d_PUBKEY(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_PUBKEY));
157 EXPECT_CALL(X509OpensslMock::GetInstance(),
158 X509_get_ext_d2i(_, _, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_get_ext_d2i));
159 EXPECT_CALL(X509OpensslMock::GetInstance(),
160 i2d_ASN1_OCTET_STRING(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_ASN1_OCTET_STRING));
161 EXPECT_CALL(X509OpensslMock::GetInstance(),
162 i2d_AUTHORITY_KEYID(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_AUTHORITY_KEYID));
163 EXPECT_CALL(X509OpensslMock::GetInstance(),
164 DeepCopyDataToBlob(_, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_DeepCopyDataToBlob));
165 EXPECT_CALL(X509OpensslMock::GetInstance(),
166 ASN1_TIME_new()).Times(AnyNumber()).WillRepeatedly(Invoke(__real_ASN1_TIME_new));
167 EXPECT_CALL(X509OpensslMock::GetInstance(),
168 X509_get_pubkey(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_get_pubkey));
169 EXPECT_CALL(X509OpensslMock::GetInstance(),
170 OBJ_nid2obj(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OBJ_nid2obj));
171 EXPECT_CALL(X509OpensslMock::GetInstance(),
172 OBJ_obj2txt(_, _, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OBJ_obj2txt));
173 }
174
ResetMockFunctionPartTwo(void)175 void ResetMockFunctionPartTwo(void)
176 {
177 EXPECT_CALL(X509OpensslMock::GetInstance(),
178 BN_bin2bn(_, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_BN_bin2bn));
179 EXPECT_CALL(X509OpensslMock::GetInstance(),
180 X509_get0_serialNumber(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_get0_serialNumber));
181 EXPECT_CALL(X509OpensslMock::GetInstance(),
182 i2d_ASN1_INTEGER(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_ASN1_INTEGER));
183 EXPECT_CALL(X509OpensslMock::GetInstance(),
184 ASN1_TIME_normalize(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_ASN1_TIME_normalize));
185 EXPECT_CALL(X509OpensslMock::GetInstance(),
186 X509_getm_notBefore(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_getm_notBefore));
187 EXPECT_CALL(X509OpensslMock::GetInstance(),
188 X509_getm_notAfter(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_getm_notAfter));
189 EXPECT_CALL(X509OpensslMock::GetInstance(),
190 X509_ALGOR_get0(_, _, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_ALGOR_get0));
191 EXPECT_CALL(X509OpensslMock::GetInstance(),
192 ASN1_TYPE_new()).Times(AnyNumber()).WillRepeatedly(Invoke(__real_ASN1_TYPE_new));
193 EXPECT_CALL(X509OpensslMock::GetInstance(),
194 ASN1_TYPE_set1(_, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_ASN1_TYPE_set1));
195 EXPECT_CALL(X509OpensslMock::GetInstance(),
196 i2d_ASN1_TYPE(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_ASN1_TYPE));
197 EXPECT_CALL(X509OpensslMock::GetInstance(),
198 ASN1_INTEGER_get(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_ASN1_INTEGER_get));
199 EXPECT_CALL(X509OpensslMock::GetInstance(),
200 ASN1_STRING_get0_data(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_ASN1_STRING_get0_data));
201 EXPECT_CALL(X509OpensslMock::GetInstance(),
202 i2d_GENERAL_NAME(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_GENERAL_NAME));
203 EXPECT_CALL(X509OpensslMock::GetInstance(),
204 X509_get_ext(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_get_ext));
205 EXPECT_CALL(X509OpensslMock::GetInstance(),
206 X509V3_EXT_d2i(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509V3_EXT_d2i));
207 EXPECT_CALL(X509OpensslMock::GetInstance(),
208 GENERAL_NAME_get0_value(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_GENERAL_NAME_get0_value));
209 EXPECT_CALL(X509OpensslMock::GetInstance(),
210 X509_verify(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_verify));
211 EXPECT_CALL(X509OpensslMock::GetInstance(),
212 DeepCopyBlobToBlob(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_DeepCopyBlobToBlob));
213 }
214
ResetMockFunctionPartThree(void)215 void ResetMockFunctionPartThree(void)
216 {
217 EXPECT_CALL(X509OpensslMock::GetInstance(),
218 X509_NAME_oneline(_, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_NAME_oneline));
219 EXPECT_CALL(X509OpensslMock::GetInstance(),
220 OPENSSL_sk_push(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OPENSSL_sk_push));
221 EXPECT_CALL(X509OpensslMock::GetInstance(),
222 i2d_X509_REVOKED(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_X509_REVOKED));
223 EXPECT_CALL(X509OpensslMock::GetInstance(),
224 i2d_X509_CRL(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_X509_CRL));
225 EXPECT_CALL(X509OpensslMock::GetInstance(),
226 OPENSSL_sk_deep_copy(_, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OPENSSL_sk_deep_copy));
227 EXPECT_CALL(X509OpensslMock::GetInstance(),
228 OBJ_obj2nid(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OBJ_obj2nid));
229 EXPECT_CALL(X509OpensslMock::GetInstance(),
230 X509_dup(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_dup));
231 EXPECT_CALL(X509OpensslMock::GetInstance(),
232 i2d_X509_EXTENSIONS(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_X509_EXTENSIONS));
233 EXPECT_CALL(X509OpensslMock::GetInstance(),
234 X509_check_host(_, _, _, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_check_host));
235 EXPECT_CALL(X509OpensslMock::GetInstance(),
236 OCSP_REQUEST_new()).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OCSP_REQUEST_new));
237 EXPECT_CALL(X509OpensslMock::GetInstance(),
238 X509_CRL_load_http(_, _, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_CRL_load_http));
239 EXPECT_CALL(X509OpensslMock::GetInstance(),
240 X509_get1_ocsp(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_get1_ocsp));
241 EXPECT_CALL(X509OpensslMock::GetInstance(),
242 OSSL_HTTP_parse_url(_, _, _, _, _, _, _, _, _)).
243 Times(AnyNumber()).WillRepeatedly(Invoke(__real_OSSL_HTTP_parse_url));
244 }
245
ResetMockFunctionPartFour(void)246 void ResetMockFunctionPartFour(void)
247 {
248 EXPECT_CALL(X509OpensslMock::GetInstance(),
249 X509_NAME_get0_der(_, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_NAME_get0_der));
250 EXPECT_CALL(X509OpensslMock::GetInstance(),
251 OBJ_nid2sn(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OBJ_nid2sn));
252 EXPECT_CALL(X509OpensslMock::GetInstance(),
253 ASN1_STRING_length(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_ASN1_STRING_length));
254 EXPECT_CALL(X509OpensslMock::GetInstance(),
255 DeepCopyDataToOut(_, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_DeepCopyDataToOut));
256 EXPECT_CALL(X509OpensslMock::GetInstance(),
257 CRYPTO_strdup(_, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_CRYPTO_strdup));
258 EXPECT_CALL(X509OpensslMock::GetInstance(),
259 X509_NAME_new()).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_NAME_new));
260 EXPECT_CALL(X509OpensslMock::GetInstance(),
261 OBJ_txt2nid(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_OBJ_txt2nid));
262 EXPECT_CALL(X509OpensslMock::GetInstance(),
263 X509_NAME_add_entry_by_NID(_, _, _, _, _, _, _)).
264 Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_NAME_add_entry_by_NID));
265 EXPECT_CALL(X509OpensslMock::GetInstance(),
266 BIO_new(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_BIO_new));
267 EXPECT_CALL(X509OpensslMock::GetInstance(),
268 X509_print(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_X509_print));
269 EXPECT_CALL(X509OpensslMock::GetInstance(),
270 BIO_ctrl(_, _, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_BIO_ctrl));
271 EXPECT_CALL(X509OpensslMock::GetInstance(),
272 i2d_X509_bio(_, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_i2d_X509_bio));
273 EXPECT_CALL(X509OpensslMock::GetInstance(),
274 PKCS12_parse(_, _, _, _, _)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_PKCS12_parse));
275 EXPECT_CALL(X509OpensslMock::GetInstance(),
276 CheckIsSelfSigned(_)).Times(AnyNumber()).WillRepeatedly(Invoke(__real_CheckIsSelfSigned));
277 }
278
279
ResetMockFunction(void)280 void ResetMockFunction(void)
281 {
282 ResetMockFunctionPartOne();
283 ResetMockFunctionPartTwo();
284 ResetMockFunctionPartThree();
285 ResetMockFunctionPartFour();
286 }
287
288 #ifdef __cplusplus
289 }
290 #endif
291
292 namespace {
293 class CryptoX509CertChainTest : public testing::Test {
294 public:
295 static void SetUpTestCase();
296 static void TearDownTestCase();
297 void SetUp();
298 void TearDown();
299 };
300
301 static HcfCertChain *g_certChainP7b = nullptr;
302 static HcfX509Certificate *g_x509CertObj = nullptr;
303 static HcfX509CertChainSpi *g_certChainP7bSpi = nullptr;
304 static HcfX509CertChainSpi *g_certChainPemSpi = nullptr;
305 static HcfX509CertChainSpi *g_certChainDerSpi = nullptr;
306 constexpr uint32_t TEST_MAX_CERT_NUM = 257; /* max certs number of a certchain */
307
GetInvalidCertChainClass(void)308 static const char *GetInvalidCertChainClass(void)
309 {
310 return "HcfInvalidCertChain";
311 }
312
SetUpTestCase()313 void CryptoX509CertChainTest::SetUpTestCase()
314 {
315 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &g_certChainP7b);
316 ASSERT_EQ(ret, CF_SUCCESS);
317 ASSERT_NE(g_certChainP7b, nullptr);
318
319 HcfX509Certificate *x509CertObj = nullptr;
320 CfEncodingBlob inStream = { 0 };
321 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
322 inStream.encodingFormat = CF_FORMAT_PEM;
323 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
324 (void)HcfX509CertificateCreate(&inStream, &x509CertObj);
325 ASSERT_NE(x509CertObj, nullptr);
326 g_x509CertObj = x509CertObj;
327
328 HcfX509CertChainSpi *certChainSpi = nullptr;
329 ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
330 ASSERT_EQ(ret, CF_SUCCESS);
331 ASSERT_NE(certChainSpi, nullptr);
332 g_certChainP7bSpi = certChainSpi;
333
334 certChainSpi = nullptr;
335 ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataPem, &certChainSpi);
336 ASSERT_EQ(ret, CF_SUCCESS);
337 ASSERT_NE(certChainSpi, nullptr);
338 g_certChainPemSpi = certChainSpi;
339
340 certChainSpi = nullptr;
341 ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataDer, &certChainSpi);
342 ASSERT_EQ(ret, CF_SUCCESS);
343 ASSERT_NE(certChainSpi, nullptr);
344 g_certChainDerSpi = certChainSpi;
345 }
346
TearDownTestCase()347 void CryptoX509CertChainTest::TearDownTestCase()
348 {
349 CfObjDestroy(g_x509CertObj);
350 CfObjDestroy(g_certChainP7b);
351 CfObjDestroy(g_certChainP7bSpi);
352 CfObjDestroy(g_certChainPemSpi);
353 CfObjDestroy(g_certChainDerSpi);
354 }
355
SetUp()356 void CryptoX509CertChainTest::SetUp() {}
357
TearDown()358 void CryptoX509CertChainTest::TearDown() {}
359
360 /* invalid encodingBlob. */
361 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest001, TestSize.Level0)
362 {
363 HcfX509CertChainSpi *certChainSpi = nullptr;
364 CfResult ret = HcfX509CertChainByEncSpiCreate(nullptr, &certChainSpi);
365 ASSERT_EQ(ret, CF_INVALID_PARAMS);
366 }
367
368 /* invalid certChainSpi. */
369 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest002, TestSize.Level0)
370 {
371 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, nullptr);
372 ASSERT_EQ(ret, CF_INVALID_PARAMS);
373 }
374
375 /* The encoding format is CF_FORMAT_PKCS7 */
376 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest003, TestSize.Level0)
377 {
378 HcfX509CertChainSpi *certChainSpi = nullptr;
379 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
380 ASSERT_EQ(ret, CF_SUCCESS);
381 ASSERT_NE(certChainSpi, nullptr);
382
383 CfObjDestroy(certChainSpi);
384 }
385
386 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest004, TestSize.Level0)
387 {
388 HcfX509CertChainSpi *certChainSpi = nullptr;
389 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PKCS7 };
390 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataP7b.len, 0));
391 ASSERT_NE(inStream.data, nullptr);
392 memcpy_s(inStream.data, g_inStreamChainDataP7b.len, g_inStreamChainDataP7b.data, g_inStreamChainDataP7b.len);
393 inStream.len = g_inStreamChainDataP7b.len;
394 inStream.encodingFormat = g_inStreamChainDataP7b.encodingFormat;
395 inStream.data[0] = 0x77; // magic code 0x77
396
397 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
398 ASSERT_EQ(ret, CF_INVALID_PARAMS);
399
400 CfFree(inStream.data);
401 }
402
403 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest005, TestSize.Level0)
404 {
405 HcfX509CertChainSpi *certChainSpi = nullptr;
406 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PKCS7 };
407 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
408 ASSERT_NE(inStream.data, nullptr);
409 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
410 inStream.len = g_inStreamChainDataDer.len;
411
412 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
413 ASSERT_EQ(ret, CF_INVALID_PARAMS);
414
415 CfFree(inStream.data);
416 }
417
418 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest006, TestSize.Level0)
419 {
420 HcfX509CertChainSpi *certChainSpi = nullptr;
421 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PKCS7 };
422
423 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
424 ASSERT_EQ(ret, CF_INVALID_PARAMS);
425 }
426
427 /* The encoding format is CF_FORMAT_DER */
428 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest007, TestSize.Level0)
429 {
430 HcfX509CertChainSpi *certChainSpi = nullptr;
431 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataDer, &certChainSpi);
432 ASSERT_EQ(ret, CF_SUCCESS);
433 ASSERT_NE(certChainSpi, nullptr);
434
435 CfObjDestroy(certChainSpi);
436 }
437
438 /* Invalid encoding format. */
439 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest008, TestSize.Level0)
440 {
441 HcfX509CertChainSpi *certChainSpi = nullptr;
442 CfEncodingBlob inStream = { nullptr, 0, (CfEncodingFormat)(CF_FORMAT_PKCS7 + 1) };
443 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
444 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
445 inStream.len = g_inStreamChainDataDer.len;
446
447 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
448 ASSERT_EQ(ret, CF_INVALID_PARAMS);
449
450 CfFree(inStream.data);
451 }
452
453 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest009, TestSize.Level0)
454 {
455 HcfX509CertChainSpi *certChainSpi = nullptr;
456 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PEM };
457 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataPem.len, 0));
458 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataPem.data, g_inStreamChainDataPem.len);
459 inStream.len = g_inStreamChainDataPem.len;
460
461 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
462 ASSERT_EQ(ret, CF_SUCCESS);
463
464 CfFree(inStream.data);
465 CfObjDestroy(certChainSpi);
466 }
467
468 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest010, TestSize.Level0)
469 {
470 HcfX509CertChainSpi *certChainSpi = nullptr;
471 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PKCS7 };
472 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
473 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
474 inStream.len = ~0;
475
476 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
477 ASSERT_EQ(ret, CF_INVALID_PARAMS);
478
479 CfFree(inStream.data);
480 }
481
482 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest011, TestSize.Level0)
483 {
484 HcfX509CertChainSpi *certChainSpi = nullptr;
485 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_PEM };
486
487 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
488 ASSERT_EQ(ret, CF_INVALID_PARAMS);
489 }
490
491 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest012, TestSize.Level0)
492 {
493 HcfX509CertChainSpi *certChainSpi = nullptr;
494 CfEncodingBlob inStream = { nullptr, 0, CF_FORMAT_DER };
495 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
496 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
497 inStream.len = g_inStreamChainDataDer.len;
498 inStream.encodingFormat = g_inStreamChainDataDer.encodingFormat;
499 inStream.data[0] = 0x77; // magic code 0x77
500
501 CfResult ret = HcfX509CertChainByEncSpiCreate(&inStream, &certChainSpi);
502 ASSERT_EQ(ret, CF_INVALID_PARAMS);
503
504 CfFree(inStream.data);
505 }
506
507 HWTEST_F(CryptoX509CertChainTest, CertChainByEncSpiCreateTest013, TestSize.Level0)
508 {
509 HcfX509CertChainSpi *certChainSpi = nullptr;
510 SetMockFlag(true);
511 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
512 ASSERT_EQ(ret, CF_ERR_MALLOC);
513 SetMockFlag(false);
514 }
515
516 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest001, TestSize.Level0)
517 {
518 HcfX509CertChainSpi *certChainSpi;
519 CfResult ret = HcfX509CertChainByArrSpiCreate(nullptr, &certChainSpi);
520 ASSERT_EQ(ret, CF_INVALID_PARAMS);
521 }
522
523 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest002, TestSize.Level0)
524 {
525 HcfX509CertificateArray certArray;
526 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, nullptr);
527 ASSERT_EQ(ret, CF_INVALID_PARAMS);
528 }
529
530 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest003, TestSize.Level0)
531 {
532 HcfX509CertChainSpi *certChainSpi = nullptr;
533 HcfX509CertificateArray certArray;
534
535 HcfX509Certificate *x509CertObj = nullptr;
536 (void)HcfX509CertificateCreate(&g_inStreamSelfSignedCaCert, &x509CertObj);
537
538 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
539 ASSERT_NE(certArray.data, nullptr);
540 certArray.data[0] = x509CertObj;
541 certArray.count = 1;
542
543 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
544 ASSERT_EQ(ret, CF_SUCCESS);
545
546 // free memory
547 CfFree(certArray.data);
548 CfObjDestroy(x509CertObj);
549 CfObjDestroy(certChainSpi);
550 }
551
552 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest004, TestSize.Level0)
553 {
554 HcfX509CertChainSpi *certChainSpi = nullptr;
555 HcfX509CertificateArray certArray;
556
557 HcfX509Certificate *x509CertObj = nullptr;
558 CfEncodingBlob inStream = { 0 };
559 inStream.data = (uint8_t *)g_testSelfSignedCaCert;
560 inStream.encodingFormat = CF_FORMAT_PEM;
561 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
562 (void)HcfX509CertificateCreate(&inStream, &x509CertObj);
563
564 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
565 ASSERT_NE(certArray.data, nullptr);
566 certArray.data[0] = x509CertObj;
567 certArray.count = 0;
568
569 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
570 ASSERT_EQ(ret, CF_INVALID_PARAMS);
571
572 // free memory
573 CfFree(certArray.data);
574 CfObjDestroy(x509CertObj);
575 CfObjDestroy(certChainSpi);
576 }
577
578 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest005, TestSize.Level0)
579 {
580 HcfX509CertChainSpi *certChainSpi = nullptr;
581 HcfX509CertificateArray certArray;
582
583 HcfX509Certificate *x509CertObj = nullptr;
584 (void)HcfX509CertificateCreate(&g_inStreamSelfSignedCaCert, &x509CertObj);
585
586 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
587 ASSERT_NE(certArray.data, nullptr);
588 certArray.data[0] = x509CertObj;
589 certArray.count = TEST_MAX_CERT_NUM;
590
591 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
592 ASSERT_EQ(ret, CF_INVALID_PARAMS);
593
594 // free memory
595 CfFree(certArray.data);
596 CfObjDestroy(x509CertObj);
597 CfObjDestroy(certChainSpi);
598 }
599
600 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest006, TestSize.Level0)
601 {
602 ASSERT_NE(g_x509CertObj, nullptr);
603 HcfX509CertChainSpi *certChainSpi = nullptr;
604 HcfX509CertificateArray certArray;
605
606 HcfX509Certificate *x509CertObj = nullptr;
607 (void)HcfX509CertificateCreate(&g_inStreamSelfSignedCaCert, &x509CertObj);
608
609 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
610 ASSERT_NE(certArray.data, nullptr);
611 certArray.data[0] = x509CertObj;
612 certArray.count = 1;
613
614 x509CertObj->base.base.getClass = GetInvalidCertClass;
615 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
616 ASSERT_EQ(ret, CF_INVALID_PARAMS);
617
618 x509CertObj->base.base.getClass = g_x509CertObj->base.base.getClass;
619
620 CfFree(certArray.data);
621 CfObjDestroy(x509CertObj);
622 }
623
624 HWTEST_F(CryptoX509CertChainTest, CertChainByArrSpiCreateTest007, TestSize.Level0)
625 {
626 HcfX509CertificateArray certArray;
627 HcfX509Certificate *x509CertObj = nullptr;
628 (void)HcfX509CertificateCreate(&g_inStreamSelfSignedCaCert, &x509CertObj);
629
630 certArray.data = static_cast<HcfX509Certificate **>(CfMalloc(1 * sizeof(HcfX509Certificate *), 0));
631 ASSERT_NE(certArray.data, nullptr);
632 certArray.data[0] = x509CertObj;
633 certArray.count = 1;
634
635 SetMockFlag(true);
636 HcfX509CertChainSpi *certChainSpi = nullptr;
637 CfResult ret = HcfX509CertChainByArrSpiCreate(&certArray, &certChainSpi);
638 ASSERT_EQ(ret, CF_ERR_MALLOC);
639 SetMockFlag(false);
640
641 CfFree(certArray.data);
642 CfObjDestroy(x509CertObj);
643 }
644
645 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest001, TestSize.Level0)
646 {
647 HcfX509CertificateArray certArray;
648 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, &certArray, nullptr);
649 ASSERT_EQ(ret, CF_INVALID_PARAMS);
650 }
651
652 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest002, TestSize.Level0)
653 {
654 HcfCertChain *pCertChain = nullptr;
655 CfResult ret = HcfCertChainCreate(nullptr, nullptr, &pCertChain);
656 ASSERT_EQ(ret, CF_INVALID_PARAMS);
657 }
658
659 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest003, TestSize.Level0)
660 {
661 HcfCertChain *pCertChain = nullptr;
662 HcfX509CertificateArray certArray;
663 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, &certArray, &pCertChain);
664 ASSERT_EQ(ret, CF_INVALID_PARAMS);
665 }
666
667 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest004, TestSize.Level0)
668 {
669 HcfCertChain *pCertChain = nullptr;
670 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &pCertChain);
671 ASSERT_EQ(ret, CF_SUCCESS);
672 ASSERT_NE(pCertChain, nullptr);
673
674 CfObjDestroy(pCertChain);
675 }
676
677 HWTEST_F(CryptoX509CertChainTest, CertChainCreateTest005, TestSize.Level0)
678 {
679 HcfCertChain *pCertChain = nullptr;
680 CfEncodingBlob inStream = { nullptr, 0, (CfEncodingFormat)(CF_FORMAT_PKCS7 + 1) };
681 inStream.data = static_cast<uint8_t *>(CfMalloc(g_inStreamChainDataDer.len, 0));
682 memcpy_s(inStream.data, g_inStreamChainDataDer.len, g_inStreamChainDataDer.data, g_inStreamChainDataDer.len);
683 inStream.len = g_inStreamChainDataDer.len;
684
685 CfResult ret = HcfCertChainCreate(&inStream, nullptr, &pCertChain);
686 ASSERT_EQ(ret, CF_INVALID_PARAMS);
687
688 CfFree(inStream.data);
689 }
690
691 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest001, TestSize.Level0)
692 {
693 ASSERT_NE(g_certChainP7bSpi, nullptr);
694 HcfX509CertificateArray certsList;
695 CfResult ret = g_certChainP7bSpi->engineGetCertList(nullptr, &certsList);
696 ASSERT_EQ(ret, CF_INVALID_PARAMS);
697 }
698
699 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest002, TestSize.Level0)
700 {
701 ASSERT_NE(g_certChainP7bSpi, nullptr);
702 CfResult ret = g_certChainP7bSpi->engineGetCertList(g_certChainP7bSpi, nullptr);
703 ASSERT_EQ(ret, CF_INVALID_PARAMS);
704 }
705
706 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest003, TestSize.Level0)
707 {
708 ASSERT_NE(g_certChainP7bSpi, nullptr);
709 HcfX509CertChainSpi *certChainSpi = nullptr;
710 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
711 ASSERT_EQ(ret, CF_SUCCESS);
712 ASSERT_NE(certChainSpi, nullptr);
713
714 certChainSpi->base.getClass = GetInvalidCertClass;
715 ret = certChainSpi->engineGetCertList(certChainSpi, nullptr);
716 ASSERT_EQ(ret, CF_INVALID_PARAMS);
717
718 certChainSpi->base.getClass = g_certChainP7bSpi->base.getClass;
719
720 CfObjDestroy(certChainSpi);
721 }
722
723 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest004, TestSize.Level0)
724 {
725 ASSERT_NE(g_certChainP7bSpi, nullptr);
726
727 HcfX509CertificateArray certsList = { nullptr, 0 };
728 CfResult ret = g_certChainP7bSpi->engineGetCertList(g_certChainP7bSpi, &certsList);
729 ASSERT_EQ(ret, CF_SUCCESS);
730 ASSERT_EQ(certsList.count > 0, true);
731 ASSERT_NE(certsList.data, nullptr);
732
733 FreeCertArrayData(&certsList);
734 }
735
736 HWTEST_F(CryptoX509CertChainTest, GetCertlistOpensslTest005, TestSize.Level0)
737 {
738 ASSERT_NE(g_certChainP7bSpi, nullptr);
739 HcfX509CertChainSpi *certChainSpi = nullptr;
740 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
741 ASSERT_EQ(ret, CF_SUCCESS);
742 ASSERT_NE(certChainSpi, nullptr);
743 certChainSpi->base.getClass = GetInvalidCertChainClass;
744
745 HcfX509CertificateArray certsList = { nullptr, 0 };
746 ret = certChainSpi->engineGetCertList(certChainSpi, &certsList);
747 ASSERT_EQ(ret, CF_INVALID_PARAMS);
748
749 certChainSpi->base.getClass = g_certChainP7bSpi->base.getClass;
750 CfObjDestroy(certChainSpi);
751 }
752
753 HWTEST_F(CryptoX509CertChainTest, GetCertListCoreTest001, TestSize.Level0)
754 {
755 ASSERT_NE(g_certChainP7b, nullptr);
756 HcfX509CertificateArray certsArray = { 0 };
757 CfResult ret = g_certChainP7b->getCertList(nullptr, &certsArray);
758 ASSERT_EQ(ret, CF_INVALID_PARAMS);
759 }
760
761 HWTEST_F(CryptoX509CertChainTest, GetCertListCoreTest002, TestSize.Level0)
762 {
763 ASSERT_NE(g_certChainP7b, nullptr);
764 CfResult ret = g_certChainP7b->getCertList(g_certChainP7b, nullptr);
765 ASSERT_EQ(ret, CF_INVALID_PARAMS);
766 }
767
768 HWTEST_F(CryptoX509CertChainTest, GetCertListCoreTest003, TestSize.Level0)
769 {
770 ASSERT_NE(g_certChainP7b, nullptr);
771 HcfCertChain *pCertChain = nullptr;
772 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &pCertChain);
773 ASSERT_EQ(ret, CF_SUCCESS);
774
775 pCertChain->base.getClass = GetInvalidCertChainClass;
776 ret = g_certChainP7b->getCertList(pCertChain, nullptr);
777 ASSERT_EQ(ret, CF_INVALID_PARAMS);
778
779 pCertChain->base.getClass = g_certChainP7b->base.getClass;
780 CfObjDestroy(pCertChain);
781 }
782
783 HWTEST_F(CryptoX509CertChainTest, GetCertListCoreTest004, TestSize.Level0)
784 {
785 ASSERT_NE(g_certChainP7b, nullptr);
786 HcfX509CertificateArray out = { nullptr, 0 };
787 CfResult ret = g_certChainP7b->getCertList(g_certChainP7b, &out);
788 ASSERT_EQ(ret, CF_SUCCESS);
789 ASSERT_NE(out.data, nullptr);
790 ASSERT_EQ(out.count > 0, true);
791
792 FreeCertArrayData(&out);
793 }
794
795 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest001, TestSize.Level0)
796 {
797 CF_LOG_I("ValidateOpensslTest001");
798 HcfX509CertChainSpi *certChainSpi = nullptr;
799 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
800 ASSERT_EQ(ret, CF_SUCCESS);
801 ASSERT_NE(certChainSpi, nullptr);
802
803 ret = certChainSpi->engineValidate(nullptr, nullptr, nullptr);
804 ASSERT_EQ(ret, CF_INVALID_PARAMS);
805
806 CfObjDestroy(certChainSpi);
807 }
808
809 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest002, TestSize.Level0)
810 {
811 CF_LOG_I("ValidateOpensslTest002");
812 ASSERT_NE(g_certChainP7bSpi, nullptr);
813 CfResult ret = g_certChainP7bSpi->engineValidate(g_certChainP7bSpi, nullptr, nullptr);
814 ASSERT_EQ(ret, CF_INVALID_PARAMS);
815 }
816
817 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest003, TestSize.Level0)
818 {
819 CF_LOG_I("ValidateOpensslTest003");
820 ASSERT_NE(g_certChainP7bSpi, nullptr);
821 HcfX509TrustAnchor anchor = { 0 };
822 CfEncodingBlob inStream = { 0 };
823 inStream.data = (uint8_t *)g_testSelfSignedCaCert;
824 inStream.encodingFormat = CF_FORMAT_PEM;
825 inStream.len = strlen(g_testSelfSignedCaCert) + 1;
826 (void)HcfX509CertificateCreate(&inStream, &anchor.CACert);
827
828 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
829 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
830 ASSERT_NE(trustAnchorArray.data, nullptr);
831 trustAnchorArray.data[0] = &anchor;
832 trustAnchorArray.count = 1;
833
834 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
835 ASSERT_EQ(pCertChainValidateParams.date, nullptr); // test
836 ASSERT_EQ(pCertChainValidateParams.certCRLCollections, nullptr); // test
837 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
838
839 CfResult ret = g_certChainP7bSpi->engineValidate(g_certChainP7bSpi, &pCertChainValidateParams, nullptr);
840 ASSERT_EQ(ret, CF_INVALID_PARAMS);
841
842 CfFree(trustAnchorArray.data);
843 CfObjDestroy(anchor.CACert);
844 }
845
846 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest004, TestSize.Level0)
847 {
848 CF_LOG_I("ValidateOpensslTest004");
849 ASSERT_NE(g_certChainP7bSpi, nullptr);
850
851 HcfX509CertChainSpi *certChainSpi = nullptr;
852 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataP7b, &certChainSpi);
853 ASSERT_EQ(ret, CF_SUCCESS);
854 ASSERT_NE(certChainSpi, nullptr);
855
856 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
857 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
858
859 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
860 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
861
862 certChainSpi->base.getClass = GetInvalidCertChainClass;
863 HcfX509CertChainValidateResult result = { 0 };
864 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
865 ASSERT_EQ(ret, CF_INVALID_PARAMS);
866
867 certChainSpi->base.getClass = g_certChainP7bSpi->base.getClass;
868 FreeTrustAnchorArr(trustAnchorArray);
869 CfObjDestroy(certChainSpi);
870 }
871
872 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest005, TestSize.Level0)
873 {
874 CF_LOG_I("ValidateOpensslTest005");
875 ASSERT_NE(g_certChainPemSpi, nullptr);
876
877 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
878 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
879
880 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
881 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
882
883 HcfX509CertChainValidateResult result = { 0 };
884 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
885 ASSERT_EQ(ret, CF_SUCCESS);
886 ASSERT_NE(result.entityCert, nullptr);
887 ASSERT_NE(result.trustAnchor, nullptr);
888
889 FreeTrustAnchorArr(trustAnchorArray);
890 FreeValidateResult(result);
891 }
892
893 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest006, TestSize.Level0)
894 {
895 CF_LOG_I("ValidateOpensslTest006");
896 ASSERT_NE(g_certChainPemSpi, nullptr);
897
898 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
899 BuildAnchorArr(g_inStreamSelfSignedCaCert, trustAnchorArray);
900
901 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
902 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
903
904 HcfX509CertChainValidateResult result = { 0 };
905 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
906 ASSERT_EQ(ret, CF_INVALID_PARAMS);
907
908 FreeTrustAnchorArr(trustAnchorArray);
909 }
910
911 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest007, TestSize.Level0)
912 {
913 CF_LOG_I("ValidateOpensslTest007");
914 ASSERT_NE(g_certChainPemSpi, nullptr);
915
916 HcfX509TrustAnchor anchor = { 0 };
917
918 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
919 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
920 ASSERT_NE(trustAnchorArray.data, nullptr);
921 trustAnchorArray.data[0] = &anchor;
922 trustAnchorArray.count = 1;
923
924 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
925 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
926
927 HcfX509CertChainValidateResult result = { 0 };
928 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
929 ASSERT_EQ(ret, CF_INVALID_PARAMS);
930
931 CfFree(trustAnchorArray.data);
932 }
933
934 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest008, TestSize.Level0)
935 {
936 CF_LOG_I("ValidateOpensslTest008");
937 ASSERT_NE(g_certChainPemSpi, nullptr);
938
939 CfBlob pubkey = { 0, nullptr };
940 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootData[0]);
941 pubkey.size = g_testChainPubkeyPemRootDataSize;
942
943 HcfX509TrustAnchor anchor = { 0 };
944
945 anchor.CAPubKey = &pubkey;
946
947 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
948 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
949 ASSERT_NE(trustAnchorArray.data, nullptr);
950 trustAnchorArray.data[0] = &anchor;
951 trustAnchorArray.count = 1;
952
953 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
954 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
955
956 HcfX509CertChainValidateResult result = { 0 };
957 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
958 ASSERT_EQ(ret, CF_SUCCESS);
959 ASSERT_NE(result.entityCert, nullptr);
960 ASSERT_NE(result.trustAnchor, nullptr);
961
962 CfFree(trustAnchorArray.data);
963 FreeValidateResult(result);
964 }
965
966 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest009, TestSize.Level0)
967 {
968 CF_LOG_I("ValidateOpensslTest009");
969 ASSERT_NE(g_certChainPemSpi, nullptr);
970
971 CfBlob pubkey = { 0, nullptr };
972 pubkey.data = (uint8_t *)(&g_testCrlSubAndIssNameDerData[0]);
973 pubkey.size = g_testCrlSubAndIssNameDerDataSize;
974
975 HcfX509TrustAnchor anchor = { 0 };
976 anchor.CAPubKey = &pubkey;
977
978 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
979 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
980 ASSERT_NE(trustAnchorArray.data, nullptr);
981 trustAnchorArray.data[0] = &anchor;
982 trustAnchorArray.count = 1;
983
984 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
985 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
986
987 HcfX509CertChainValidateResult result = { 0 };
988 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
989 ASSERT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
990
991 CfFree(trustAnchorArray.data);
992 }
993
994 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest010, TestSize.Level0)
995 {
996 CF_LOG_I("ValidateOpensslTest010");
997 ASSERT_NE(g_certChainPemSpi, nullptr);
998
999 CfBlob pubkey = { 0, nullptr };
1000 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootData[0]);
1001 pubkey.size = g_testChainPubkeyPemRootDataSize;
1002
1003 CfBlob subject = { 0, nullptr };
1004 subject.data = (uint8_t *)(&g_testChainSubjectPemRootData[0]);
1005 subject.size = g_testChainSubjectPemRootDataSize;
1006
1007 HcfX509TrustAnchor anchor = { 0 };
1008 anchor.CAPubKey = &pubkey;
1009 anchor.CASubject = &subject;
1010
1011 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1012 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1013 ASSERT_NE(trustAnchorArray.data, nullptr);
1014 trustAnchorArray.data[0] = &anchor;
1015 trustAnchorArray.count = 1;
1016
1017 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1018 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1019
1020 HcfX509CertChainValidateResult result = { 0 };
1021 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1022 ASSERT_EQ(ret, CF_SUCCESS);
1023 ASSERT_NE(result.entityCert, nullptr);
1024 ASSERT_NE(result.trustAnchor, nullptr);
1025
1026 CfFree(trustAnchorArray.data);
1027 FreeValidateResult(result);
1028 }
1029
1030 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest011, TestSize.Level0)
1031 {
1032 CF_LOG_I("ValidateOpensslTest011");
1033 ASSERT_NE(g_certChainPemSpi, nullptr);
1034
1035 CfBlob pubkey = { 0, nullptr };
1036 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootData[0]);
1037 pubkey.size = g_testChainPubkeyPemRootDataSize;
1038
1039 CfBlob subject = { 0, nullptr };
1040 subject.data = (uint8_t *)(&g_testChainSubjectPemOtherSubjectData[0]);
1041 subject.size = g_testChainSubjectPemOtherSubjectDataSize;
1042
1043 HcfX509TrustAnchor anchor = { 0 };
1044 anchor.CAPubKey = &pubkey;
1045 anchor.CASubject = &subject;
1046
1047 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1048 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1049 ASSERT_NE(trustAnchorArray.data, nullptr);
1050 trustAnchorArray.data[0] = &anchor;
1051 trustAnchorArray.count = 1;
1052
1053 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1054 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1055
1056 HcfX509CertChainValidateResult result = { 0 };
1057 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1058
1059 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1060
1061 CfFree(trustAnchorArray.data);
1062 }
1063
1064 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest012, TestSize.Level0)
1065 {
1066 CF_LOG_I("ValidateOpensslTest012");
1067 ASSERT_NE(g_certChainPemSpi, nullptr);
1068
1069 CfBlob pubkey = { 0, nullptr };
1070 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootData[0]);
1071 pubkey.size = g_testChainPubkeyPemRootDataSize;
1072
1073 HcfX509TrustAnchor anchor = { 0 };
1074 anchor.CAPubKey = &pubkey;
1075 anchor.CASubject = &pubkey;
1076
1077 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1078 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1079 ASSERT_NE(trustAnchorArray.data, nullptr);
1080 trustAnchorArray.data[0] = &anchor;
1081 trustAnchorArray.count = 1;
1082
1083 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1084 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1085
1086 HcfX509CertChainValidateResult result = { 0 };
1087 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1088 ASSERT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1089
1090 CfFree(trustAnchorArray.data);
1091 }
1092
1093 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest013, TestSize.Level0)
1094 {
1095 CF_LOG_I("ValidateOpensslTest013");
1096 ASSERT_NE(g_certChainPemSpi, nullptr);
1097
1098 CfBlob pubkey = { 0, nullptr };
1099 pubkey.data = (uint8_t *)(&g_testCrlSubAndIssNameDerData[0]);
1100 pubkey.size = g_testCrlSubAndIssNameDerDataSize;
1101
1102 HcfX509TrustAnchor anchor = { 0 };
1103
1104 anchor.CAPubKey = &pubkey;
1105 anchor.CASubject = &pubkey;
1106
1107 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1108 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1109 ASSERT_NE(trustAnchorArray.data, nullptr);
1110 trustAnchorArray.data[0] = &anchor;
1111 trustAnchorArray.count = 1;
1112
1113 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1114 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1115
1116 HcfX509CertChainValidateResult result = { 0 };
1117 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1118 ASSERT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1119
1120 CfFree(trustAnchorArray.data);
1121 }
1122
1123 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest014, TestSize.Level0)
1124 {
1125 CF_LOG_I("ValidateOpensslTest014");
1126 HcfX509CertChainSpi *certChainSpi = nullptr;
1127 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataPemNoRoot, &certChainSpi);
1128 ASSERT_EQ(ret, CF_SUCCESS);
1129 ASSERT_NE(certChainSpi, nullptr);
1130
1131 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1132 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1133
1134 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1135 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1136
1137 HcfX509CertChainValidateResult result = { 0 };
1138 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1139 ASSERT_EQ(ret, CF_SUCCESS);
1140 ASSERT_NE(result.entityCert, nullptr);
1141 ASSERT_NE(result.trustAnchor, nullptr);
1142
1143 FreeTrustAnchorArr(trustAnchorArray);
1144 FreeValidateResult(result);
1145 CfObjDestroy(certChainSpi);
1146 }
1147
1148 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest015, TestSize.Level0)
1149 {
1150 CF_LOG_I("ValidateOpensslTest015");
1151 HcfX509CertChainSpi *certChainSpi = nullptr;
1152 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1153 ASSERT_EQ(ret, CF_SUCCESS);
1154 ASSERT_NE(certChainSpi, nullptr);
1155
1156 CfBlob pubkey = { 0, nullptr };
1157 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemRootHasPubKey[0]);
1158 pubkey.size = g_testChainPubkeyPemRootHasPubKeySize;
1159
1160 HcfX509TrustAnchor anchor = { 0 };
1161 anchor.CAPubKey = &pubkey;
1162
1163 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1164 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1165 ASSERT_NE(trustAnchorArray.data, nullptr);
1166 trustAnchorArray.data[0] = &anchor;
1167 trustAnchorArray.count = 1;
1168
1169 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1170 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1171
1172 HcfX509CertChainValidateResult result = { 0 };
1173 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1174 ASSERT_EQ(ret, CF_SUCCESS);
1175 ASSERT_NE(result.entityCert, nullptr);
1176 ASSERT_NE(result.trustAnchor, nullptr);
1177
1178 CfFree(trustAnchorArray.data);
1179 CfObjDestroy(certChainSpi);
1180 FreeValidateResult(result);
1181 }
1182
1183 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest016, TestSize.Level0)
1184 {
1185 CF_LOG_I("ValidateOpensslTest016");
1186 ASSERT_NE(g_certChainPemSpi, nullptr);
1187
1188 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1189 BuildAnchorArr(g_inStreamChainDataPemMid, trustAnchorArray);
1190
1191 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1192 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1193
1194 HcfX509CertChainValidateResult result = { 0 };
1195 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1196 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1197
1198 FreeTrustAnchorArr(trustAnchorArray);
1199 FreeValidateResult(result);
1200 }
1201
1202 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest017, TestSize.Level0)
1203 {
1204 CF_LOG_I("ValidateOpensslTest017");
1205 HcfX509CertChainSpi *certChainSpi = nullptr;
1206 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataPemRoot, &certChainSpi);
1207 ASSERT_EQ(ret, CF_SUCCESS);
1208 ASSERT_NE(certChainSpi, nullptr);
1209
1210 CfBlob pubkey = { 0, nullptr };
1211 pubkey.data = (uint8_t *)(&g_testCrlSubAndIssNameDerData[0]);
1212 pubkey.size = g_testCrlSubAndIssNameDerDataSize;
1213
1214 HcfX509TrustAnchor anchor = { 0 };
1215 (void)HcfX509CertificateCreate(&g_inStreamChainDataPemRoot, &anchor.CACert);
1216 anchor.CAPubKey = &pubkey;
1217
1218 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1219 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1220 ASSERT_NE(trustAnchorArray.data, nullptr);
1221 trustAnchorArray.data[0] = &anchor;
1222 trustAnchorArray.count = 1;
1223
1224 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1225 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1226
1227 HcfX509CertChainValidateResult result = { 0 };
1228 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1229 ASSERT_EQ(ret, CF_SUCCESS);
1230 ASSERT_NE(result.entityCert, nullptr);
1231 ASSERT_NE(result.trustAnchor, nullptr);
1232
1233 FreeValidateResult(result);
1234 CfFree(trustAnchorArray.data);
1235 CfObjDestroy(anchor.CACert);
1236 CfObjDestroy(certChainSpi);
1237 }
1238
1239 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest018, TestSize.Level0)
1240 {
1241 CF_LOG_I("ValidateOpensslTest018");
1242 ASSERT_NE(g_certChainPemSpi, nullptr);
1243
1244 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1245 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1246
1247 const char *date = "20231205073900Z";
1248 CfBlob validDate = { 0 };
1249 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1250 validDate.size = strlen(date) + 1;
1251 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1252
1253 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1254 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1255 pCertChainValidateParams.date = &validDate;
1256
1257 HcfX509CertChainValidateResult result = { 0 };
1258 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1259 ASSERT_EQ(ret, CF_SUCCESS);
1260 ASSERT_NE(result.entityCert, nullptr);
1261 ASSERT_NE(result.trustAnchor, nullptr);
1262
1263 FreeTrustAnchorArr(trustAnchorArray);
1264 FreeValidateResult(result);
1265 }
1266
1267 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest019, TestSize.Level0)
1268 {
1269 CF_LOG_I("ValidateOpensslTest019");
1270 ASSERT_NE(g_certChainPemSpi, nullptr);
1271
1272 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1273 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1274
1275 const char *date = "20240901235900Z";
1276 CfBlob validDate = { 0 };
1277 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1278 validDate.size = strlen(date) + 1;
1279 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1280
1281 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1282 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1283 pCertChainValidateParams.date = &validDate;
1284
1285 HcfX509CertChainValidateResult result = { 0 };
1286 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1287 ASSERT_EQ(ret, CF_SUCCESS);
1288 ASSERT_NE(result.entityCert, nullptr);
1289 ASSERT_NE(result.trustAnchor, nullptr);
1290
1291 FreeTrustAnchorArr(trustAnchorArray);
1292 FreeValidateResult(result);
1293 }
1294
1295 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest020, TestSize.Level0)
1296 {
1297 CF_LOG_I("ValidateOpensslTest020");
1298 ASSERT_NE(g_certChainPemSpi, nullptr);
1299
1300 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1301 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1302
1303 const char *date = "231205073900Z";
1304 CfBlob validDate = { 0 };
1305 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1306 validDate.size = strlen(date) + 1;
1307 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1308
1309 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1310 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1311 pCertChainValidateParams.date = &validDate;
1312
1313 HcfX509CertChainValidateResult result = { 0 };
1314 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1315 ASSERT_EQ(ret, CF_SUCCESS);
1316 ASSERT_NE(result.entityCert, nullptr);
1317 ASSERT_NE(result.trustAnchor, nullptr);
1318
1319 FreeTrustAnchorArr(trustAnchorArray);
1320 FreeValidateResult(result);
1321 }
1322
1323 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest021, TestSize.Level0)
1324 {
1325 CF_LOG_I("ValidateOpensslTest021");
1326 ASSERT_NE(g_certChainPemSpi, nullptr);
1327
1328 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1329 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1330
1331 const char *date = "231206090000";
1332 CfBlob validDate = { 0 };
1333 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1334 validDate.size = strlen(date); // len is wrong.
1335 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1336
1337 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1338 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1339 pCertChainValidateParams.date = &validDate;
1340
1341 HcfX509CertChainValidateResult result = { 0 };
1342 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1343 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1344
1345 FreeTrustAnchorArr(trustAnchorArray);
1346 }
1347
1348 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest022, TestSize.Level0)
1349 {
1350 CF_LOG_I("ValidateOpensslTest022");
1351 ASSERT_NE(g_certChainPemSpi, nullptr);
1352
1353 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1354 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1355
1356 const char *date = "abc"; // format is not correct.
1357 CfBlob validDate = { 0 };
1358 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1359 validDate.size = strlen(date) + 1;
1360 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1361
1362 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1363 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1364 pCertChainValidateParams.date = &validDate;
1365
1366 HcfX509CertChainValidateResult result = { 0 };
1367 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1368 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1369
1370 FreeTrustAnchorArr(trustAnchorArray);
1371 }
1372
1373 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest023, TestSize.Level0)
1374 {
1375 CF_LOG_I("ValidateOpensslTest023");
1376 ASSERT_NE(g_certChainPemSpi, nullptr);
1377
1378 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1379 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1380
1381 const char *date = "20231205073500Z";
1382 CfBlob validDate = { 0 };
1383 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1384 validDate.size = strlen(date) + 1;
1385 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1386
1387 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1388 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1389 pCertChainValidateParams.date = &validDate;
1390
1391 HcfX509CertChainValidateResult result = { 0 };
1392 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1393 ASSERT_EQ(ret, CF_ERR_CERT_NOT_YET_VALID);
1394
1395 FreeTrustAnchorArr(trustAnchorArray);
1396 FreeValidateResult(result);
1397 }
1398
1399 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest024, TestSize.Level0)
1400 {
1401 CF_LOG_I("ValidateOpensslTest024");
1402 ASSERT_NE(g_certChainPemSpi, nullptr);
1403
1404 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1405 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1406
1407 const char *date = "20240901235901Z";
1408 CfBlob validDate = { 0 };
1409 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1410 validDate.size = strlen(date) + 1;
1411 // validatetime :notBeforeDate: 2023-12-05 07:39:00 UTC , notAfterDate: 2024-09-01 23:59:00 UTC
1412
1413 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1414 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1415 pCertChainValidateParams.date = &validDate;
1416
1417 HcfX509CertChainValidateResult result = { 0 };
1418 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1419 ASSERT_EQ(ret, CF_ERR_CERT_HAS_EXPIRED);
1420
1421 FreeTrustAnchorArr(trustAnchorArray);
1422 }
1423
1424 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest025, TestSize.Level0)
1425 {
1426 CF_LOG_I("ValidateOpensslTest025");
1427 ASSERT_NE(g_certChainPemSpi, nullptr);
1428
1429 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1430 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1431
1432 HcfCertCRLCollectionArray certCRLCollections = { 0 };
1433 BuildCollectionArr(&g_inStreamChainDataPemRoot, &g_crlDerInStream, certCRLCollections);
1434
1435 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1436 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1437 pCertChainValidateParams.certCRLCollections = &certCRLCollections;
1438
1439 HcfX509CertChainValidateResult result = { 0 };
1440 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1441 ASSERT_EQ(ret, CF_SUCCESS);
1442 ASSERT_NE(result.entityCert, nullptr);
1443 ASSERT_NE(result.trustAnchor, nullptr);
1444
1445 FreeTrustAnchorArr(trustAnchorArray);
1446 FreeCertCrlCollectionArr(certCRLCollections);
1447 FreeValidateResult(result);
1448 }
1449
1450 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest026, TestSize.Level0)
1451 {
1452 CF_LOG_I("ValidateOpensslTest026");
1453 ASSERT_NE(g_certChainPemSpi, nullptr);
1454
1455 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1456 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1457
1458 HcfCertCRLCollectionArray certCRLCollections = { 0 };
1459 BuildCollectionArr(&g_inStreamChainDataPemMid, &g_inStreamChainDataPemMidCRL, certCRLCollections);
1460
1461 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1462 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1463 pCertChainValidateParams.certCRLCollections = &certCRLCollections;
1464
1465 HcfX509CertChainValidateResult result = { 0 };
1466 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1467 ASSERT_EQ(ret, CF_ERR_CRYPTO_OPERATION);
1468
1469 FreeTrustAnchorArr(trustAnchorArray);
1470 FreeCertCrlCollectionArr(certCRLCollections);
1471 }
1472
1473 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest027, TestSize.Level0)
1474 {
1475 CF_LOG_I("ValidateOpensslTest027");
1476 ASSERT_NE(g_certChainPemSpi, nullptr);
1477
1478 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1479 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1480
1481 HcfCertCRLCollectionArray certCRLCollections = { 0 };
1482 BuildCollectionArr(&g_inStreamChainDataPemRoot, &g_crlDerInStream, certCRLCollections);
1483
1484 const char *date = "20231212080000Z";
1485 CfBlob validDate = { 0 };
1486 validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
1487 validDate.size = strlen(date) + 1;
1488 // validatetime :notBeforeDate: 20231205080000, notAfterDate: 20241205075959
1489
1490 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1491 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1492 pCertChainValidateParams.date = &validDate;
1493 pCertChainValidateParams.certCRLCollections = &certCRLCollections;
1494
1495 HcfX509CertChainValidateResult result = { 0 };
1496 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1497 ASSERT_EQ(ret, CF_SUCCESS);
1498 ASSERT_NE(result.entityCert, nullptr);
1499 ASSERT_NE(result.trustAnchor, nullptr);
1500
1501 FreeTrustAnchorArr(trustAnchorArray);
1502 FreeCertCrlCollectionArr(certCRLCollections);
1503 FreeValidateResult(result);
1504 }
1505
1506 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest028, TestSize.Level0)
1507 {
1508 CF_LOG_I("ValidateOpensslTest028");
1509 for (unsigned int i = 0; i < 1000; i++) {
1510 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1511 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1512
1513 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1514 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1515
1516 HcfX509CertChainValidateResult result = { 0 };
1517 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1518 ASSERT_EQ(ret, CF_SUCCESS);
1519 ASSERT_NE(result.entityCert, nullptr);
1520 ASSERT_NE(result.trustAnchor, nullptr);
1521
1522 FreeTrustAnchorArr(trustAnchorArray);
1523 FreeValidateResult(result);
1524 }
1525 }
1526
1527 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest029, TestSize.Level0)
1528 {
1529 CF_LOG_I("ValidateOpensslTest029");
1530 HcfX509CertChainSpi *certChainSpi = nullptr;
1531 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1532 ASSERT_EQ(ret, CF_SUCCESS);
1533 ASSERT_NE(certChainSpi, nullptr);
1534
1535 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1536 BuildAnchorArr(g_inStreamChainPemNoRootLast, trustAnchorArray);
1537
1538 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1539 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1540
1541 HcfX509CertChainValidateResult result = { 0 };
1542 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1543 ASSERT_EQ(ret, CF_SUCCESS);
1544 ASSERT_NE(result.entityCert, nullptr);
1545 ASSERT_NE(result.trustAnchor, nullptr);
1546
1547 FreeTrustAnchorArr(trustAnchorArray);
1548 FreeValidateResult(result);
1549 CfObjDestroy(certChainSpi);
1550 }
1551
1552 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest030, TestSize.Level0)
1553 {
1554 CF_LOG_I("ValidateOpensslTest030");
1555 ASSERT_NE(g_certChainPemSpi, nullptr);
1556
1557 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1558 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1559
1560 HcfCertCRLCollectionArray certCRLCollections = { 0 };
1561 BuildCollectionArr(&g_inStreamChainDataPemRoot, nullptr, certCRLCollections);
1562
1563 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1564 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1565 pCertChainValidateParams.certCRLCollections = &certCRLCollections;
1566
1567 HcfX509CertChainValidateResult result = { 0 };
1568 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1569 ASSERT_EQ(ret, CF_SUCCESS);
1570 ASSERT_NE(result.entityCert, nullptr);
1571 ASSERT_NE(result.trustAnchor, nullptr);
1572
1573 FreeTrustAnchorArr(trustAnchorArray);
1574 FreeCertCrlCollectionArr(certCRLCollections);
1575 FreeValidateResult(result);
1576 }
1577
1578 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest031, TestSize.Level0)
1579 {
1580 CF_LOG_I("ValidateOpensslTest031");
1581 HcfX509CertChainSpi *certChainSpi = nullptr;
1582 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainDataPemDisorder, &certChainSpi);
1583 ASSERT_EQ(ret, CF_SUCCESS);
1584 ASSERT_NE(certChainSpi, nullptr);
1585
1586 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1587 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1588
1589 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1590 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1591
1592 HcfX509CertChainValidateResult result = { 0 };
1593 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1594 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1595
1596 FreeTrustAnchorArr(trustAnchorArray);
1597 CfObjDestroy(certChainSpi);
1598 }
1599
1600 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest032, TestSize.Level0)
1601 {
1602 CF_LOG_I("ValidateOpensslTest032");
1603 HcfX509CertChainSpi *certChainSpi = nullptr;
1604 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1605 ASSERT_EQ(ret, CF_SUCCESS);
1606 ASSERT_NE(certChainSpi, nullptr);
1607
1608 CfBlob pubkey = { 0, nullptr };
1609 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemNoRootLast[0]);
1610 pubkey.size = g_testChainPubkeyPemNoRootLastSize;
1611
1612 HcfX509TrustAnchor anchor = { 0 };
1613 anchor.CAPubKey = &pubkey;
1614
1615 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1616 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1617 ASSERT_NE(trustAnchorArray.data, nullptr);
1618 trustAnchorArray.data[0] = &anchor;
1619 trustAnchorArray.count = 1;
1620
1621 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1622 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1623
1624 HcfX509CertChainValidateResult result = { 0 };
1625 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1626 ASSERT_EQ(ret, CF_SUCCESS);
1627 ASSERT_NE(result.entityCert, nullptr);
1628 ASSERT_NE(result.trustAnchor, nullptr);
1629
1630 CfFree(trustAnchorArray.data);
1631 CfObjDestroy(certChainSpi);
1632 FreeValidateResult(result);
1633 }
1634
1635 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest033, TestSize.Level0)
1636 {
1637 CF_LOG_I("ValidateOpensslTest033");
1638 HcfX509CertChainSpi *certChainSpi = nullptr;
1639 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1640 ASSERT_EQ(ret, CF_SUCCESS);
1641 ASSERT_NE(certChainSpi, nullptr);
1642
1643 CfBlob pubkey = { 0, nullptr };
1644 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemNoRootLast[0]);
1645 pubkey.size = g_testChainPubkeyPemNoRootLastSize;
1646
1647 CfBlob subject = { 0, nullptr };
1648 subject.data = (uint8_t *)(&g_testChainSubjectPemNoRootLastUp[0]);
1649 subject.size = g_testChainSubjectPemNoRootLastUpSize;
1650
1651 HcfX509TrustAnchor anchor = { 0 };
1652 anchor.CAPubKey = &pubkey;
1653 anchor.CASubject = &subject;
1654
1655 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1656 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1657 ASSERT_NE(trustAnchorArray.data, nullptr);
1658 trustAnchorArray.data[0] = &anchor;
1659 trustAnchorArray.count = 1;
1660
1661 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1662 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1663
1664 HcfX509CertChainValidateResult result = { 0 };
1665 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1666 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1667
1668 CfFree(trustAnchorArray.data);
1669 CfObjDestroy(certChainSpi);
1670 }
1671
1672 HWTEST_F(CryptoX509CertChainTest, ValidateOpensslTest034, TestSize.Level0)
1673 {
1674 CF_LOG_I("ValidateOpensslTest034");
1675 HcfX509CertChainSpi *certChainSpi = nullptr;
1676 CfResult ret = HcfX509CertChainByEncSpiCreate(&g_inStreamChainPemNoRootHasPubKey, &certChainSpi);
1677 ASSERT_EQ(ret, CF_SUCCESS);
1678 ASSERT_NE(certChainSpi, nullptr);
1679
1680 CfBlob pubkey = { 0, nullptr };
1681 pubkey.data = (uint8_t *)(&g_testChainPubkeyPemNoRootLastUp[0]);
1682 pubkey.size = g_testChainPubkeyPemNoRootLastUpSize;
1683
1684 CfBlob subject = { 0, nullptr };
1685 subject.data = (uint8_t *)(&g_testChainSubjectPemNoRootLast[0]);
1686 subject.size = g_testChainSubjectPemNoRootLastSize;
1687
1688 HcfX509TrustAnchor anchor = { 0 };
1689 anchor.CAPubKey = &pubkey;
1690 anchor.CASubject = &subject;
1691
1692 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1693 trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(CfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
1694 ASSERT_NE(trustAnchorArray.data, nullptr);
1695 trustAnchorArray.data[0] = &anchor;
1696 trustAnchorArray.count = 1;
1697
1698 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1699 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1700
1701 HcfX509CertChainValidateResult result = { 0 };
1702 ret = certChainSpi->engineValidate(certChainSpi, &pCertChainValidateParams, &result);
1703 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1704
1705 CfFree(trustAnchorArray.data);
1706 CfObjDestroy(certChainSpi);
1707 }
1708
1709 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest001, TestSize.Level0)
1710 {
1711 CF_LOG_I("ValidateCoreTest001");
1712 HcfCertChain *pCertChain = nullptr;
1713 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &pCertChain);
1714 ASSERT_EQ(ret, CF_SUCCESS);
1715 ASSERT_NE(pCertChain, nullptr);
1716
1717 ret = pCertChain->validate(nullptr, nullptr, nullptr);
1718 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1719
1720 CfObjDestroy(pCertChain);
1721 }
1722
1723 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest002, TestSize.Level0)
1724 {
1725 CF_LOG_I("ValidateCoreTest002");
1726 HcfCertChain *pCertChain = nullptr;
1727 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataP7b, nullptr, &pCertChain);
1728 ASSERT_EQ(ret, CF_SUCCESS);
1729 ASSERT_NE(pCertChain, nullptr);
1730
1731 ret = pCertChain->validate(pCertChain, nullptr, nullptr);
1732 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1733
1734 CfObjDestroy(pCertChain);
1735 }
1736
1737 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest003, TestSize.Level0)
1738 {
1739 CF_LOG_I("ValidateCoreTest003");
1740 ASSERT_NE(g_certChainP7b, nullptr);
1741
1742 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1743 BuildAnchorArr(g_inStreamSelfSignedCaCert, trustAnchorArray);
1744
1745 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1746 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1747
1748 CfResult ret = g_certChainP7b->validate(g_certChainP7b, &pCertChainValidateParams, nullptr);
1749 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1750
1751 FreeTrustAnchorArr(trustAnchorArray);
1752 }
1753
1754 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest004, TestSize.Level0)
1755 {
1756 CF_LOG_I("ValidateCoreTest004");
1757 HcfCertChain *pCertChain = nullptr;
1758 CfResult ret = HcfCertChainCreate(&g_inStreamChainDataPem, nullptr, &pCertChain);
1759 ASSERT_EQ(ret, CF_SUCCESS);
1760 ASSERT_NE(pCertChain, nullptr);
1761 pCertChain->base.getClass = GetInvalidCertChainClass;
1762
1763 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1764
1765 HcfX509CertChainValidateResult result = { 0 };
1766 ret = pCertChain->validate(pCertChain, &pCertChainValidateParams, &result);
1767 ASSERT_EQ(ret, CF_INVALID_PARAMS);
1768
1769 pCertChain->base.getClass = g_certChainP7b->base.getClass;
1770 CfObjDestroy(pCertChain);
1771 }
1772
1773 HWTEST_F(CryptoX509CertChainTest, ValidateCoreTest005, TestSize.Level0)
1774 {
1775 ASSERT_NE(g_certChainPemSpi, nullptr);
1776
1777 HcfX509TrustAnchorArray trustAnchorArray = { 0 };
1778 BuildAnchorArr(g_inStreamChainDataPemRoot, trustAnchorArray);
1779
1780 HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
1781 pCertChainValidateParams.trustAnchors = &trustAnchorArray;
1782
1783 HcfX509CertChainValidateResult result = { 0 };
1784 CfResult ret = g_certChainPemSpi->engineValidate(g_certChainPemSpi, &pCertChainValidateParams, &result);
1785 ASSERT_EQ(ret, CF_SUCCESS);
1786 ASSERT_NE(result.entityCert, nullptr);
1787 ASSERT_NE(result.trustAnchor, nullptr);
1788
1789 FreeTrustAnchorArr(trustAnchorArray);
1790 FreeValidateResult(result);
1791 }
1792
BuildX509CertMatchParamsData(const CfEncodingBlob * certInStream,const CfEncodingBlob * crlInStream,HcfX509CertChainValidateParams * params)1793 static void BuildX509CertMatchParamsData(
1794 const CfEncodingBlob *certInStream, const CfEncodingBlob *crlInStream, HcfX509CertChainValidateParams *params)
1795 {
1796 if (certInStream == nullptr || params == nullptr) {
1797 return;
1798 }
1799
1800 CfBlob *blob = (CfBlob *)CfMalloc(sizeof(CfBlob), 0);
1801 ASSERT_NE(blob, nullptr);
1802 blob->data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testUpdateDateTime));
1803 blob->size = strlen(g_testUpdateDateTime) + 1;
1804 params->date = blob;
1805
1806 HcfX509TrustAnchorArray *trustAnchorArray =
1807 (HcfX509TrustAnchorArray *)CfMalloc(sizeof(HcfX509TrustAnchorArray), 0);
1808 ASSERT_NE(trustAnchorArray, nullptr);
1809 BuildAnchorArr(*certInStream, *trustAnchorArray);
1810
1811 HcfCertCRLCollectionArray *certCRLCollections =
1812 (HcfCertCRLCollectionArray *)CfMalloc(sizeof(HcfCertCRLCollectionArray), 0);
1813 ASSERT_NE(certCRLCollections, nullptr);
1814 BuildCollectionArr(certInStream, crlInStream, *certCRLCollections);
1815
1816 params->trustAnchors = trustAnchorArray;
1817 params->certCRLCollections = certCRLCollections;
1818 }
1819
FreeX509CertMatchParamsData(HcfX509CertChainValidateParams * params)1820 static void FreeX509CertMatchParamsData(HcfX509CertChainValidateParams *params)
1821 {
1822 if (params == nullptr) {
1823 return;
1824 }
1825
1826 if (params->date != nullptr) {
1827 CfFree(params->date);
1828 params->date = nullptr;
1829 }
1830
1831 if (params->trustAnchors != nullptr) {
1832 FreeTrustAnchorArr(*(params->trustAnchors));
1833 CfFree(params->trustAnchors);
1834 params->trustAnchors = nullptr;
1835 }
1836
1837 if (params->certCRLCollections != nullptr) {
1838 FreeCertCrlCollectionArr(*(params->certCRLCollections));
1839 CfFree(params->certCRLCollections);
1840 params->certCRLCollections = nullptr;
1841 }
1842 }
1843
1844 HWTEST_F(CryptoX509CertChainTest, HcfX509CertChainByParamsSpiCreateTest001, TestSize.Level0)
1845 {
1846 CF_LOG_I("HcfX509CertChainByParamsSpiCreateTest001");
1847 HcfX509CertChainBuildParameters inParams;
1848 HcfX509CertChainSpi *spi = nullptr;
1849
1850 CfResult result;
1851
1852 inParams.maxlength = -1;
1853
1854 CfEncodingBlob inStream = { 0 };
1855 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCertValid));
1856 inStream.encodingFormat = CF_FORMAT_PEM;
1857 inStream.len = strlen(g_testSelfSignedCaCertValid) + 1;
1858
1859 BuildX509CertMatchParamsData(&inStream, NULL, &inParams.validateParameters);
1860
1861 CfBlob issue;
1862 issue.data = const_cast<uint8_t *>(g_testIssuerValid);
1863 issue.size = sizeof(g_testIssuerValid);
1864 inParams.certMatchParameters.issuer = &issue;
1865 inParams.certMatchParameters.minPathLenConstraint = -1;
1866
1867 result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
1868 EXPECT_EQ(result, CF_SUCCESS);
1869 EXPECT_NE(spi, nullptr);
1870 CfObjDestroy(spi);
1871
1872 // test inParams.maxlength
1873 inParams.maxlength = 2;
1874 result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
1875 EXPECT_EQ(result, CF_SUCCESS);
1876 EXPECT_NE(spi, nullptr);
1877 CfObjDestroy(spi);
1878
1879 FreeX509CertMatchParamsData(&inParams.validateParameters);
1880 }
1881
1882 HWTEST_F(CryptoX509CertChainTest, HcfX509CertChainByParamsSpiCreateInvalidParamTest, TestSize.Level0)
1883 {
1884 CF_LOG_I("HcfX509CertChainByParamsSpiCreateInvalidParamTest");
1885 HcfX509CertChainBuildParameters inParams;
1886 HcfX509CertChainSpi *spi = nullptr;
1887
1888 CfResult result = HcfX509CertChainByParamsSpiCreate(NULL, &spi);
1889 EXPECT_EQ(result, CF_INVALID_PARAMS);
1890
1891 result = HcfX509CertChainByParamsSpiCreate(&inParams, NULL);
1892 EXPECT_EQ(result, CF_INVALID_PARAMS);
1893
1894 result = HcfX509CertChainByParamsSpiCreate(NULL, NULL);
1895 EXPECT_EQ(result, CF_INVALID_PARAMS);
1896 }
1897
1898 HWTEST_F(CryptoX509CertChainTest, HcfX509CertChainByParamsSpiCreateTest002, TestSize.Level0)
1899 {
1900 CF_LOG_I("HcfX509CertChainByParamsSpiCreateTest002");
1901 HcfX509CertChainBuildParameters inParams;
1902 HcfX509CertChainSpi *spi = nullptr;
1903
1904 inParams.maxlength = -1;
1905
1906 CfEncodingBlob inStream = { 0 };
1907 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCertValid));
1908 inStream.encodingFormat = CF_FORMAT_PEM;
1909 inStream.len = strlen(g_testSelfSignedCaCertValid) + 1;
1910
1911 BuildX509CertMatchParamsData(&inStream, NULL, &inParams.validateParameters);
1912
1913 CfBlob issue;
1914 issue.data = const_cast<uint8_t *>(g_testIssuerValid);
1915 issue.size = sizeof(g_testIssuerValid);
1916 inParams.certMatchParameters.issuer = &issue;
1917 inParams.certMatchParameters.minPathLenConstraint = -1;
1918
1919 // test HcfX509CertChainByParamsSpiCreate failed case
1920 X509OpensslMock::SetMockFlag(true);
1921 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_new_null())
1922 .WillOnce(Return(NULL))
1923 .WillRepeatedly(Invoke(__real_OPENSSL_sk_new_null));
1924 CfResult result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
1925 EXPECT_EQ(result, CF_ERR_MALLOC);
1926 X509OpensslMock::SetMockFlag(false);
1927
1928 X509OpensslMock::SetMockFlag(true);
1929 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_new_null())
1930 .WillOnce(Invoke(__real_OPENSSL_sk_new_null))
1931 .WillOnce(Return(NULL))
1932 .WillRepeatedly(Invoke(__real_OPENSSL_sk_new_null));
1933 result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
1934 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
1935 X509OpensslMock::SetMockFlag(false);
1936
1937 X509OpensslMock::SetMockFlag(true);
1938 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_new_null())
1939 .WillOnce(Invoke(__real_OPENSSL_sk_new_null))
1940 .WillOnce(Invoke(__real_OPENSSL_sk_new_null))
1941 .WillOnce(Return(NULL))
1942 .WillRepeatedly(Invoke(__real_OPENSSL_sk_new_null));
1943 result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
1944 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
1945 X509OpensslMock::SetMockFlag(false);
1946
1947 // test CfMalloc failed case in HcfX509CertChainByParamsSpiCreate
1948 SetMockFlag(true);
1949 result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
1950 EXPECT_EQ(result, CF_ERR_MALLOC);
1951 SetMockFlag(false);
1952
1953 FreeX509CertMatchParamsData(&inParams.validateParameters);
1954 }
1955
1956 HWTEST_F(CryptoX509CertChainTest, HcfX509CertChainByParamsSpiCreateTest003, TestSize.Level0)
1957 {
1958 CF_LOG_I("HcfX509CertChainByParamsSpiCreateTest003");
1959 HcfX509CertChainBuildParameters inParams;
1960 HcfX509CertChainSpi *spi = nullptr;
1961
1962 CfResult result;
1963
1964 inParams.maxlength = -1;
1965
1966 CfEncodingBlob inStream = { 0 };
1967 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCertValid));
1968 inStream.encodingFormat = CF_FORMAT_PEM;
1969 inStream.len = strlen(g_testSelfSignedCaCertValid) + 1;
1970
1971 BuildX509CertMatchParamsData(&inStream, NULL, &inParams.validateParameters);
1972
1973 CfBlob issue;
1974 issue.data = const_cast<uint8_t *>(g_testIssuerValid);
1975 issue.size = sizeof(g_testIssuerValid);
1976 inParams.certMatchParameters.issuer = &issue;
1977 inParams.certMatchParameters.minPathLenConstraint = -1;
1978
1979 X509OpensslMock::SetMockFlag(true);
1980 ResetMockFunction();
1981 EXPECT_CALL(X509OpensslMock::GetInstance(), X509_dup(_))
1982 .WillOnce(Return(NULL))
1983 .WillRepeatedly(Invoke(__real_X509_dup));
1984 result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
1985 EXPECT_EQ(result, CF_ERR_MALLOC);
1986
1987 ResetMockFunction();
1988 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_push(_, _))
1989 .WillOnce(Return(-1))
1990 .WillRepeatedly(Invoke(__real_OPENSSL_sk_push));
1991 result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
1992 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
1993 X509OpensslMock::SetMockFlag(false);
1994
1995
1996 X509OpensslMock::SetHcfMockFlag(true);
1997 EXPECT_CALL(X509OpensslMock::GetInstance(), CheckIsSelfSigned(_))
1998 .WillRepeatedly(Return(true))
1999 .RetiresOnSaturation();
2000 result = HcfX509CertChainByParamsSpiCreate(&inParams, &spi);
2001 EXPECT_EQ(result, CF_INVALID_PARAMS);
2002 X509OpensslMock::SetHcfMockFlag(false);
2003
2004 FreeX509CertMatchParamsData(&inParams.validateParameters);
2005 }
2006
FreeHcfX509CertChainBuildResult(HcfX509CertChainBuildResult * result)2007 static void FreeHcfX509CertChainBuildResult(HcfX509CertChainBuildResult *result)
2008 {
2009 if (result == nullptr) {
2010 return;
2011 }
2012
2013 CfObjDestroy(result->certChain);
2014 CfFree(result);
2015 }
2016
2017 HWTEST_F(CryptoX509CertChainTest, HcfCertChainBuildResultCreateTest001, TestSize.Level0)
2018 {
2019 CF_LOG_I("HcfCertChainBuildResultCreateTest001");
2020 HcfX509CertChainBuildParameters inParams;
2021 HcfX509CertChainBuildResult *returnObj = nullptr;
2022 CfEncodingBlob inStream = { 0 };
2023 inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCertValid));
2024 inStream.encodingFormat = CF_FORMAT_PEM;
2025 inStream.len = strlen(g_testSelfSignedCaCertValid) + 1;
2026
2027 BuildX509CertMatchParamsData(&inStream, NULL, &inParams.validateParameters);
2028
2029 inParams.maxlength = 100;
2030
2031 CfBlob issue;
2032 issue.data = const_cast<uint8_t *>(g_testIssuerValid);
2033 issue.size = sizeof(g_testIssuerValid);
2034 inParams.certMatchParameters.issuer = &issue;
2035 inParams.certMatchParameters.minPathLenConstraint = -1;
2036
2037 CfResult result = HcfCertChainBuildResultCreate(&inParams, &returnObj);
2038 EXPECT_EQ(result, CF_SUCCESS);
2039 EXPECT_NE(returnObj, nullptr);
2040 FreeHcfX509CertChainBuildResult(returnObj);
2041 returnObj = nullptr;
2042
2043 result = HcfCertChainBuildResultCreate(NULL, &returnObj);
2044 EXPECT_EQ(result, CF_INVALID_PARAMS);
2045
2046 result = HcfCertChainBuildResultCreate(&inParams, NULL);
2047 EXPECT_EQ(result, CF_INVALID_PARAMS);
2048
2049 result = HcfCertChainBuildResultCreate(NULL, NULL);
2050 EXPECT_EQ(result, CF_INVALID_PARAMS);
2051
2052 FreeX509CertMatchParamsData(&inParams.validateParameters);
2053 }
2054
2055 HWTEST_F(CryptoX509CertChainTest, HcfX509CreateTrustAnchorWithKeyStoreFuncTest001, TestSize.Level0)
2056 {
2057 CF_LOG_I("HcfX509CreateTrustAnchorWithKeyStoreFuncTest001");
2058 CfBlob keyStore;
2059 CfBlob pwd;
2060 HcfX509TrustAnchorArray *trustAnchorArray = NULL;
2061
2062 keyStore.data = const_cast<uint8_t *>(g_testChainKeystore);
2063 keyStore.size = sizeof(g_testChainKeystore);
2064 pwd.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testKeystorePwd));
2065 pwd.size = strlen(g_testKeystorePwd) + 1;
2066 CfResult result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2067 EXPECT_EQ(result, CF_SUCCESS);
2068 EXPECT_NE(trustAnchorArray, NULL);
2069 assert(trustAnchorArray->count > 0);
2070 FreeTrustAnchorArr(*trustAnchorArray);
2071 CfFree(trustAnchorArray);
2072 trustAnchorArray = NULL;
2073
2074 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(NULL, &pwd, &trustAnchorArray);
2075 EXPECT_EQ(result, CF_INVALID_PARAMS);
2076
2077 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, NULL, &trustAnchorArray);
2078 EXPECT_EQ(result, CF_INVALID_PARAMS);
2079
2080 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, NULL);
2081 EXPECT_EQ(result, CF_INVALID_PARAMS);
2082
2083 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(NULL, NULL, &trustAnchorArray);
2084 EXPECT_EQ(result, CF_INVALID_PARAMS);
2085
2086 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(NULL, NULL, NULL);
2087 EXPECT_EQ(result, CF_INVALID_PARAMS);
2088
2089 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, NULL, NULL);
2090 EXPECT_EQ(result, CF_INVALID_PARAMS);
2091
2092 keyStore.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
2093 keyStore.size = strlen(g_testSelfSignedCaCert) + 1;
2094
2095 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2096 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
2097 }
2098
2099 HWTEST_F(CryptoX509CertChainTest, HcfX509CreateTrustAnchorWithKeyStoreFuncTest002, TestSize.Level0)
2100 {
2101 CF_LOG_I("HcfX509CreateTrustAnchorWithKeyStoreFuncTest002");
2102 CfBlob keyStore;
2103 CfBlob pwd;
2104 HcfX509TrustAnchorArray *trustAnchorArray = NULL;
2105
2106 keyStore.data = const_cast<uint8_t *>(g_testChainKeystore);
2107 keyStore.size = sizeof(g_testChainKeystore);
2108 pwd.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testKeystorePwd));
2109 pwd.size = strlen(g_testKeystorePwd) + 1;
2110
2111 X509OpensslMock::SetMockFlag(true);
2112 EXPECT_CALL(X509OpensslMock::GetInstance(), PKCS12_parse(_, _, _, _, _))
2113 .WillOnce(Return(0))
2114 .WillRepeatedly(Invoke(__real_PKCS12_parse));
2115 CfResult result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2116 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
2117 X509OpensslMock::SetMockFlag(false);
2118
2119 X509OpensslMock::SetMockFlag(true);
2120 EXPECT_CALL(X509OpensslMock::GetInstance(), PKCS12_parse(_, _, _, _, _))
2121 .WillOnce(Return(1))
2122 .WillRepeatedly(Invoke(__real_PKCS12_parse));
2123 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2124 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
2125 X509OpensslMock::SetMockFlag(false);
2126
2127 X509OpensslMock::SetMockFlag(true);
2128 EXPECT_CALL(X509OpensslMock::GetInstance(), PKCS12_parse(_, _, _, _, _))
2129 .WillOnce(Return(1))
2130 .WillRepeatedly(Invoke(__real_PKCS12_parse));
2131 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2132 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
2133 X509OpensslMock::SetMockFlag(false);
2134
2135 X509OpensslMock::SetMockFlag(true);
2136 EXPECT_CALL(X509OpensslMock::GetInstance(), PKCS12_parse(_, _, _, _, _))
2137 .WillOnce(Invoke(PKCS12_parse_mock))
2138 .WillRepeatedly(Invoke(__real_PKCS12_parse));
2139 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2140 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
2141 X509OpensslMock::SetMockFlag(false);
2142 }
2143
2144 HWTEST_F(CryptoX509CertChainTest, HcfX509CreateTrustAnchorWithKeyStoreFuncTest003, TestSize.Level0)
2145 {
2146 CF_LOG_I("HcfX509CreateTrustAnchorWithKeyStoreFuncTest003");
2147 CfBlob keyStore;
2148 CfBlob pwd;
2149 HcfX509TrustAnchorArray *trustAnchorArray = NULL;
2150
2151 keyStore.data = const_cast<uint8_t *>(g_testChainKeystore);
2152 keyStore.size = sizeof(g_testChainKeystore);
2153 pwd.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testKeystorePwd));
2154 pwd.size = strlen(g_testKeystorePwd) + 1;
2155
2156 X509OpensslMock::SetMockFlag(true);
2157 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_num(_))
2158 .WillOnce(Return(-1))
2159 .WillRepeatedly(Invoke(__real_OPENSSL_sk_num));
2160 CfResult result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2161 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
2162 X509OpensslMock::SetMockFlag(false);
2163
2164 SetMockFlag(true);
2165 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2166 EXPECT_EQ(result, CF_ERR_MALLOC);
2167 SetMockFlag(false);
2168
2169 StartRecordMallocNum();
2170 SetMockMallocIndex(1);
2171 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2172 EXPECT_EQ(result, CF_ERR_MALLOC);
2173 EndRecordMallocNum();
2174
2175 StartRecordMallocNum();
2176 SetMockMallocIndex(2);
2177 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2178 EXPECT_EQ(result, CF_ERR_MALLOC);
2179 EndRecordMallocNum();
2180 }
2181
2182 HWTEST_F(CryptoX509CertChainTest, HcfX509CreateTrustAnchorWithKeyStoreFuncTest004, TestSize.Level0)
2183 {
2184 CF_LOG_I("HcfX509CreateTrustAnchorWithKeyStoreFuncTest004");
2185 CfBlob keyStore;
2186 CfBlob pwd;
2187 HcfX509TrustAnchorArray *trustAnchorArray = NULL;
2188
2189 keyStore.data = const_cast<uint8_t *>(g_testChainKeystore);
2190 keyStore.size = sizeof(g_testChainKeystore);
2191 pwd.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testKeystorePwd));
2192 pwd.size = strlen(g_testKeystorePwd) + 1;
2193
2194 X509OpensslMock::SetMockFlag(true);
2195 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_num(_))
2196 .WillOnce(Invoke(__real_OPENSSL_sk_num))
2197 .WillOnce(Return(-1))
2198 .WillRepeatedly(Invoke(__real_OPENSSL_sk_num));
2199 CfResult result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2200 EXPECT_EQ(result, CF_SUCCESS);
2201 X509OpensslMock::SetMockFlag(false);
2202
2203 X509OpensslMock::SetMockFlag(true);
2204 EXPECT_CALL(X509OpensslMock::GetInstance(), OPENSSL_sk_value(_, _))
2205 .WillOnce(Return(NULL))
2206 .WillRepeatedly(Invoke(__real_OPENSSL_sk_value));
2207 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2208 EXPECT_EQ(result, CF_SUCCESS);
2209 X509OpensslMock::SetMockFlag(false);
2210
2211 X509OpensslMock::SetMockFlag(true);
2212 EXPECT_CALL(X509OpensslMock::GetInstance(), i2d_X509(_, _))
2213 .WillOnce(Return(-1))
2214 .WillRepeatedly(Invoke(__real_i2d_X509));
2215 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2216 EXPECT_EQ(result, CF_SUCCESS);
2217 X509OpensslMock::SetMockFlag(false);
2218
2219 X509OpensslMock::SetMockFlag(true);
2220 EXPECT_CALL(X509OpensslMock::GetInstance(), HcfX509CertificateCreate(_, _))
2221 .WillOnce(Return(CF_INVALID_PARAMS))
2222 .WillRepeatedly(Invoke(__real_HcfX509CertificateCreate));
2223 result = HcfX509CreateTrustAnchorWithKeyStoreFunc(&keyStore, &pwd, &trustAnchorArray);
2224 EXPECT_EQ(result, CF_SUCCESS);
2225 X509OpensslMock::SetMockFlag(false);
2226 }
2227
2228 HWTEST_F(CryptoX509CertChainTest, HcfCreateTrustAnchorWithKeyStoreTest001, TestSize.Level0)
2229 {
2230 CF_LOG_I("HcfCreateTrustAnchorWithKeyStoreTest001");
2231 CfBlob keyStore;
2232 CfBlob pwd;
2233 HcfX509TrustAnchorArray *trustAnchorArray = NULL;
2234
2235 keyStore.data = const_cast<uint8_t *>(g_testChainKeystore);
2236 keyStore.size = sizeof(g_testChainKeystore);
2237 pwd.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testKeystorePwd));
2238 pwd.size = sizeof(g_testKeystorePwd);
2239 CfResult result = HcfCreateTrustAnchorWithKeyStore(&keyStore, &pwd, &trustAnchorArray);
2240 EXPECT_EQ(result, CF_SUCCESS);
2241 EXPECT_NE(trustAnchorArray, NULL);
2242 assert(trustAnchorArray->count > 0);
2243 FreeTrustAnchorArr(*trustAnchorArray);
2244 CfFree(trustAnchorArray);
2245 trustAnchorArray = NULL;
2246
2247 result = HcfCreateTrustAnchorWithKeyStore(NULL, &pwd, &trustAnchorArray);
2248 EXPECT_EQ(result, CF_INVALID_PARAMS);
2249
2250 result = HcfCreateTrustAnchorWithKeyStore(&keyStore, NULL, &trustAnchorArray);
2251 EXPECT_EQ(result, CF_INVALID_PARAMS);
2252
2253 result = HcfCreateTrustAnchorWithKeyStore(&keyStore, &pwd, NULL);
2254 EXPECT_EQ(result, CF_INVALID_PARAMS);
2255
2256 result = HcfCreateTrustAnchorWithKeyStore(NULL, NULL, &trustAnchorArray);
2257 EXPECT_EQ(result, CF_INVALID_PARAMS);
2258
2259 result = HcfCreateTrustAnchorWithKeyStore(NULL, NULL, NULL);
2260 EXPECT_EQ(result, CF_INVALID_PARAMS);
2261
2262 result = HcfCreateTrustAnchorWithKeyStore(&keyStore, NULL, NULL);
2263 EXPECT_EQ(result, CF_INVALID_PARAMS);
2264
2265 keyStore.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
2266 keyStore.size = strlen(g_testSelfSignedCaCert) + 1;
2267
2268 result = HcfCreateTrustAnchorWithKeyStore(&keyStore, &pwd, &trustAnchorArray);
2269 EXPECT_EQ(result, CF_ERR_CRYPTO_OPERATION);
2270 }
2271 } // namespace
2272