1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17 #include "securec.h"
18 #include "string"
19
20 #include "cert_chain_validator.h"
21 #include "cf_blob.h"
22 #include "memory_mock.h"
23 #include "cf_object_base.h"
24 #include "cf_result.h"
25 #include "crypto_x509_cert_chain_data_pem.h"
26 #include "crypto_x509_cert_chain_data_pem_added.h"
27 #include "x509_cert_chain_validator_openssl.h"
28
29 using namespace std;
30 using namespace testing::ext;
31
32 namespace {
33 class CryptoX509CertChainValidatorTest : public testing::Test {
34 public:
35 static void SetUpTestCase();
36 static void TearDownTestCase();
37 void SetUp();
38 void TearDown();
39 };
40
41 constexpr int32_t CERT_HEADER_LEN = 2;
42 constexpr int32_t INVALID_MAX_CERT_LEN = 8194;
43
44
45 static uint8_t g_certDerFormat[] = {
46 0x30, 0x82, 0x05, 0xc1, 0x30, 0x82, 0x03, 0xa9, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x05,
47 0xf2, 0x86, 0xae, 0xef, 0xff, 0xcb, 0x1b, 0xdd, 0x46, 0x8b, 0xdc, 0xf2, 0x25, 0xbd, 0x53, 0xd7,
48 0x73, 0x82, 0xa3, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
49 0x05, 0x00, 0x30, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43,
50 0x49, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x02, 0x68, 0x6e, 0x31, 0x0b,
51 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x02, 0x73, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06,
52 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x68, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
53 0x0b, 0x0c, 0x02, 0x69, 0x69, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02,
54 0x61, 0x62, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
55 0x01, 0x16, 0x10, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x40, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x2e,
56 0x63, 0x6f, 0x6d, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x32, 0x30, 0x38, 0x32, 0x30, 0x31, 0x32, 0x32,
57 0x32, 0x33, 0x36, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x36, 0x32, 0x30, 0x38, 0x32, 0x30, 0x31, 0x32,
58 0x32, 0x32, 0x33, 0x36, 0x5a, 0x30, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
59 0x13, 0x02, 0x43, 0x49, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x02, 0x68,
60 0x6e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x02, 0x73, 0x68, 0x31, 0x0b,
61 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x68, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06,
62 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x02, 0x69, 0x69, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
63 0x03, 0x0c, 0x02, 0x61, 0x62, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
64 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x40, 0x68, 0x65, 0x6c,
65 0x6c, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
66 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0f, 0x00, 0x30, 0x82,
67 0x02, 0x0a, 0x02, 0x82, 0x02, 0x01, 0x00, 0xe5, 0xe4, 0x71, 0x7e, 0xdc, 0x1e, 0x09, 0x53, 0xc9,
68 0x29, 0x78, 0x5e, 0x68, 0xf0, 0x32, 0x18, 0xb2, 0xc6, 0x13, 0x10, 0x51, 0x24, 0xe7, 0x66, 0xd0,
69 0x32, 0x8c, 0x88, 0xae, 0x77, 0x22, 0x66, 0xaf, 0xda, 0xba, 0x0a, 0x2f, 0x0e, 0x5c, 0x64, 0xf3,
70 0xc8, 0xf2, 0xa6, 0xbc, 0x37, 0xa3, 0xc0, 0xa7, 0x16, 0xab, 0x06, 0x0d, 0xa5, 0x22, 0x6c, 0xb7,
71 0x02, 0xd4, 0x97, 0xba, 0x3c, 0x9c, 0x58, 0x08, 0x26, 0x60, 0xbd, 0xce, 0x44, 0x36, 0x67, 0x07,
72 0x44, 0xaf, 0x98, 0x03, 0x35, 0xe8, 0x6e, 0x47, 0xd9, 0xcd, 0x8c, 0x3e, 0x79, 0xb5, 0x52, 0x83,
73 0xeb, 0xcb, 0x2f, 0xb8, 0xb1, 0x84, 0x59, 0xbc, 0x85, 0x23, 0xd0, 0x0b, 0xf2, 0x9e, 0x7b, 0xf1,
74 0x53, 0xd3, 0x7b, 0x1d, 0x7c, 0x2a, 0x72, 0xd8, 0x4e, 0x72, 0x73, 0x62, 0xed, 0xab, 0x56, 0xc9,
75 0x45, 0x34, 0x1c, 0xd0, 0x15, 0x53, 0x72, 0x14, 0xf1, 0xa1, 0x6c, 0xdf, 0xd9, 0x11, 0xc9, 0xc4,
76 0x20, 0x25, 0xb8, 0xa8, 0x5a, 0x2f, 0xba, 0xa3, 0x5d, 0x58, 0x7f, 0xd1, 0xf7, 0x0b, 0xb2, 0x8a,
77 0x51, 0x74, 0xf0, 0x22, 0x63, 0x05, 0xd5, 0xc0, 0x7c, 0x5b, 0xee, 0x92, 0x8a, 0x25, 0x78, 0xcd,
78 0xc8, 0xa7, 0xf1, 0x4d, 0x48, 0xd6, 0xf4, 0xca, 0x0b, 0x3d, 0x37, 0xe1, 0xa7, 0xc4, 0xab, 0xb0,
79 0xc7, 0x26, 0xdc, 0x80, 0x2f, 0xea, 0x66, 0x53, 0xc7, 0xb6, 0x79, 0x74, 0xdd, 0xe6, 0xc8, 0xef,
80 0xf8, 0x11, 0x80, 0xbf, 0x3a, 0xdc, 0x4e, 0xd2, 0x65, 0x1d, 0x65, 0x0c, 0x83, 0x05, 0x43, 0x7e,
81 0x7e, 0x67, 0xe4, 0xdc, 0x33, 0x84, 0x8f, 0xa9, 0xba, 0x24, 0x36, 0xbf, 0xa7, 0x0a, 0x25, 0x15,
82 0x86, 0x64, 0xd6, 0xe7, 0xaa, 0xd9, 0x25, 0x22, 0xc3, 0x0c, 0xab, 0xf3, 0x1f, 0x34, 0x9b, 0xa2,
83 0x7d, 0x5a, 0xb5, 0xde, 0xdb, 0x8e, 0x35, 0x96, 0x0c, 0x0f, 0xc5, 0x91, 0x46, 0x6d, 0xbe, 0x3a,
84 0xcf, 0xf8, 0x85, 0x47, 0x7b, 0xe3, 0x1c, 0x39, 0x2d, 0x69, 0x0f, 0x15, 0x0e, 0xc9, 0x4b, 0xfa,
85 0xd9, 0x88, 0x91, 0x0f, 0xa5, 0x24, 0x1c, 0x00, 0xc0, 0xa8, 0xad, 0x2c, 0x84, 0x4a, 0x3f, 0x7a,
86 0x36, 0xdd, 0xf7, 0x60, 0x91, 0x6e, 0x86, 0xd5, 0x2d, 0xaa, 0x58, 0xf4, 0x62, 0x74, 0x54, 0xea,
87 0x25, 0x13, 0x4e, 0xb5, 0x3d, 0xe3, 0x43, 0x8b, 0x2f, 0xdc, 0x30, 0x8d, 0x62, 0x86, 0x16, 0xc1,
88 0x6e, 0xae, 0x92, 0xe5, 0x83, 0x7f, 0x9a, 0x78, 0xe0, 0x9f, 0x4c, 0xa5, 0x0c, 0x3f, 0xfa, 0x48,
89 0x0e, 0x2b, 0x71, 0xcf, 0x0f, 0x7a, 0x9e, 0xee, 0x6d, 0x74, 0x95, 0xce, 0x1a, 0x7f, 0x9a, 0xe8,
90 0x24, 0x26, 0x5b, 0x43, 0xbd, 0x85, 0xa8, 0x4c, 0xef, 0x2b, 0xb5, 0x92, 0x6b, 0xca, 0xa3, 0xfb,
91 0x85, 0xe8, 0x69, 0x27, 0xc9, 0x59, 0xd6, 0xc1, 0xa3, 0x94, 0x11, 0x3e, 0xd4, 0x7e, 0x3a, 0xef,
92 0x7c, 0x2a, 0xc7, 0xe1, 0xde, 0x19, 0x3a, 0x06, 0xa4, 0x1c, 0x2b, 0x5c, 0xcf, 0xb7, 0x98, 0xa6,
93 0xb6, 0xec, 0xa0, 0xcc, 0xb5, 0x24, 0x6d, 0xd0, 0x2b, 0xcb, 0xbb, 0x27, 0x11, 0xd5, 0x22, 0x16,
94 0x16, 0x66, 0x57, 0xcb, 0xc9, 0xfc, 0x79, 0x57, 0xa6, 0x78, 0x0e, 0x1d, 0xf5, 0xf9, 0x52, 0x61,
95 0xa9, 0x36, 0x32, 0xfe, 0x4f, 0x3d, 0x7b, 0x6d, 0xa5, 0x23, 0x39, 0xf2, 0xbc, 0xa5, 0x23, 0x60,
96 0x68, 0x49, 0x32, 0x60, 0xc4, 0xdf, 0xe3, 0xd6, 0xd1, 0x35, 0x2e, 0x8f, 0x21, 0x69, 0xdc, 0x29,
97 0x8b, 0x98, 0x3a, 0xf0, 0x7d, 0x05, 0x77, 0x5f, 0x47, 0x38, 0xd7, 0x7e, 0x2c, 0x5c, 0x40, 0x86,
98 0x98, 0x09, 0xd9, 0x95, 0x09, 0x6f, 0x7a, 0xa8, 0x1b, 0x2a, 0x44, 0xcb, 0x52, 0x77, 0xdb, 0x61,
99 0x42, 0xab, 0xa7, 0x63, 0x22, 0xb2, 0x17, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x53, 0x30, 0x51,
100 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x47, 0xd9, 0xcb, 0x06, 0xb8,
101 0x3f, 0xa4, 0xc2, 0x8e, 0xad, 0x53, 0x4d, 0xeb, 0x55, 0xb4, 0x79, 0x76, 0xd0, 0x61, 0x7e, 0x30,
102 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x47, 0xd9, 0xcb, 0x06,
103 0xb8, 0x3f, 0xa4, 0xc2, 0x8e, 0xad, 0x53, 0x4d, 0xeb, 0x55, 0xb4, 0x79, 0x76, 0xd0, 0x61, 0x7e,
104 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
105 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00,
106 0x03, 0x82, 0x02, 0x01, 0x00, 0xa8, 0xbd, 0x7f, 0xb2, 0xe1, 0xf3, 0x76, 0xee, 0x08, 0xcf, 0x66,
107 0xe4, 0xf5, 0xc7, 0xc2, 0xdb, 0x9b, 0x57, 0x3a, 0x50, 0xf7, 0x2b, 0x69, 0x63, 0x94, 0xc7, 0x97,
108 0xd0, 0xab, 0xb8, 0x29, 0x6f, 0x11, 0xa1, 0x91, 0x6b, 0xdc, 0x35, 0x60, 0xc4, 0x33, 0xa1, 0x43,
109 0xf5, 0xb3, 0x48, 0x4f, 0x7a, 0x00, 0xd1, 0x88, 0xa2, 0x52, 0xa3, 0xd5, 0x38, 0x6f, 0xb6, 0xa5,
110 0x88, 0x83, 0x13, 0x0b, 0x10, 0x25, 0xbc, 0x20, 0xac, 0x76, 0x66, 0x40, 0x86, 0x1a, 0xb9, 0xf3,
111 0x19, 0x7a, 0xf3, 0xbe, 0x6b, 0x92, 0x38, 0xbb, 0xa1, 0x47, 0xb6, 0xd8, 0xf4, 0xe7, 0xf8, 0xee,
112 0x67, 0xf8, 0xf9, 0xc5, 0x51, 0x02, 0x51, 0x62, 0x29, 0x18, 0x52, 0x25, 0xfa, 0xaf, 0x54, 0xf0,
113 0x1e, 0x5d, 0x67, 0xb1, 0x9b, 0x23, 0x9c, 0xcc, 0x35, 0x9f, 0xa4, 0xd7, 0xf2, 0x96, 0xb7, 0xee,
114 0xb1, 0xe7, 0x3a, 0x91, 0x61, 0x4d, 0x72, 0xb3, 0x19, 0x71, 0x21, 0x3a, 0x24, 0x55, 0xfc, 0xea,
115 0x06, 0xef, 0xc3, 0xb4, 0xc1, 0xaa, 0xb2, 0xbc, 0x37, 0xe8, 0x5a, 0x86, 0x11, 0x55, 0x1c, 0xd2,
116 0x46, 0x07, 0x19, 0x6f, 0x60, 0xc2, 0xc3, 0x4b, 0x5e, 0x6c, 0x3e, 0x60, 0xca, 0x50, 0x32, 0x29,
117 0xc0, 0x38, 0x4f, 0x2e, 0x53, 0x43, 0xf0, 0xf3, 0x0b, 0x50, 0x79, 0x7f, 0x54, 0x70, 0x0f, 0x9b,
118 0x51, 0xd3, 0xf8, 0xbf, 0xd4, 0x7b, 0x62, 0x41, 0x2d, 0x13, 0x7a, 0xdf, 0x50, 0x26, 0x75, 0xa6,
119 0x29, 0x44, 0x10, 0x1e, 0x57, 0xa2, 0x49, 0x4e, 0x3e, 0x7e, 0x87, 0x63, 0x00, 0x21, 0xad, 0x20,
120 0x7c, 0x81, 0xbd, 0x40, 0xaf, 0xc8, 0x26, 0x2d, 0x47, 0x1b, 0x3b, 0x40, 0x53, 0xf3, 0x9c, 0x92,
121 0xa0, 0xf2, 0xc9, 0x73, 0x0f, 0xe6, 0xf1, 0x71, 0x42, 0xf0, 0x38, 0xfd, 0x64, 0x55, 0x36, 0xe6,
122 0xec, 0x78, 0x96, 0x1b, 0xf0, 0x99, 0x1b, 0x3d, 0x1c, 0x51, 0x5c, 0x05, 0x42, 0x6d, 0x63, 0x10,
123 0x75, 0xdd, 0x47, 0x5f, 0xaa, 0x51, 0x53, 0x02, 0x56, 0x5d, 0xb4, 0xf5, 0xa2, 0xd3, 0x42, 0x10,
124 0x0b, 0xb3, 0x2e, 0x8d, 0x5d, 0x22, 0x8e, 0x84, 0x7a, 0x3e, 0x79, 0xed, 0xc2, 0x90, 0x61, 0x2c,
125 0x72, 0x2b, 0xcb, 0x55, 0xd9, 0xc7, 0x39, 0x2b, 0x1e, 0x6b, 0x89, 0x19, 0x0b, 0x99, 0x3b, 0xb4,
126 0xda, 0x7f, 0xd1, 0x72, 0x6e, 0x5a, 0xf2, 0x74, 0x8a, 0x6b, 0x91, 0x1c, 0x8b, 0x65, 0x14, 0xa3,
127 0xaf, 0x78, 0xf5, 0xbd, 0xaf, 0xda, 0x9a, 0x16, 0x59, 0x65, 0xe2, 0x99, 0xbb, 0x50, 0x3c, 0x28,
128 0xb9, 0x93, 0x2b, 0xf5, 0x45, 0xd4, 0x85, 0x3c, 0x7f, 0xdb, 0xcc, 0x05, 0xb9, 0xab, 0x23, 0xa4,
129 0x71, 0xd2, 0x18, 0x26, 0xc0, 0xea, 0xf8, 0x91, 0x57, 0xb1, 0x0d, 0xd2, 0xb2, 0x86, 0xe6, 0x70,
130 0x53, 0x4b, 0xb4, 0x1e, 0xa2, 0x4c, 0x25, 0x1d, 0x55, 0x8a, 0x7f, 0x77, 0x20, 0x53, 0x11, 0x13,
131 0xad, 0xe1, 0x8c, 0xd9, 0xe8, 0xdc, 0xd3, 0xcb, 0xed, 0xdd, 0x26, 0x96, 0x19, 0xb0, 0x8c, 0x4c,
132 0xb0, 0xad, 0x8d, 0x0c, 0x99, 0x76, 0x22, 0x43, 0xa6, 0xa0, 0xf2, 0x8d, 0x0f, 0x60, 0x05, 0xe0,
133 0x36, 0xbf, 0x0d, 0xc4, 0xe1, 0x2f, 0x05, 0x8e, 0xd9, 0x3a, 0x45, 0x9d, 0xd9, 0xd7, 0x89, 0x23,
134 0x20, 0x11, 0x0c, 0x47, 0x3d, 0x9c, 0xf7, 0x18, 0xe3, 0xa3, 0x22, 0xc2, 0x8c, 0x09, 0xe9, 0xb3,
135 0xcc, 0x54, 0xf0, 0x97, 0x60, 0x63, 0xb1, 0x49, 0xf4, 0x69, 0xbd, 0x8e, 0x52, 0x12, 0x38, 0x23,
136 0x96, 0x55, 0x67, 0x2b, 0x75, 0x0b, 0x20, 0xcd, 0xc0, 0x7d, 0x5a, 0x83, 0x7b, 0xb9, 0xf7, 0x1a,
137 0x70, 0xf8, 0xa4, 0x76, 0xc7, 0x65, 0x03, 0xcb, 0x1a, 0x9a, 0xb4, 0x6d, 0x01, 0xfd, 0x25, 0x49,
138 0xc2, 0xad, 0xa0, 0x7a, 0xd2
139 };
140
141 static uint8_t g_secCertDerFormat[] = {
142 0x30, 0x82, 0x05, 0xbc, 0x30, 0x82, 0x03, 0xa4, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x64,
143 0x36, 0x52, 0x81, 0xa9, 0xfb, 0xb4, 0x5b, 0xe6, 0x78, 0xc9, 0x94, 0x0f, 0xcd, 0x24, 0x93, 0xea,
144 0x29, 0x39, 0x9c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
145 0x05, 0x00, 0x30, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43,
146 0x49, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x02, 0x68, 0x6e, 0x31, 0x0b,
147 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x02, 0x73, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06,
148 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x68, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
149 0x0b, 0x0c, 0x02, 0x69, 0x69, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02,
150 0x61, 0x62, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
151 0x01, 0x16, 0x10, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x40, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x2e,
152 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x32, 0x30, 0x38, 0x32, 0x30, 0x31, 0x32, 0x32,
153 0x38, 0x30, 0x38, 0x5a, 0x17, 0x0d, 0x34, 0x32, 0x30, 0x38, 0x32, 0x30, 0x31, 0x32, 0x32, 0x38,
154 0x30, 0x38, 0x5a, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
155 0x43, 0x4e, 0x31, 0x0e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x05, 0x48, 0x55, 0x4e,
156 0x41, 0x4e, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x08, 0x53, 0x48, 0x41,
157 0x47, 0x4e, 0x48, 0x41, 0x49, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02,
158 0x68, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x02, 0x69, 0x69, 0x31,
159 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x06, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72,
160 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16,
161 0x10, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x40, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x2e, 0x63, 0x6f,
162 0x6d, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
163 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0f, 0x00, 0x30, 0x82, 0x02, 0x0a, 0x02, 0x82, 0x02,
164 0x01, 0x00, 0xb9, 0x25, 0x72, 0xae, 0x5b, 0x02, 0xe6, 0x73, 0xbe, 0xeb, 0x89, 0x93, 0x60, 0x60,
165 0x15, 0x25, 0xbd, 0x5b, 0x75, 0x12, 0x61, 0xcf, 0xb0, 0x13, 0x33, 0x2d, 0x82, 0x13, 0x60, 0x02,
166 0xca, 0x8f, 0xd1, 0x02, 0x5d, 0xa9, 0xe1, 0x8a, 0x33, 0xf2, 0xe2, 0x7a, 0x53, 0x6d, 0xc8, 0xa7,
167 0x81, 0x7e, 0x1e, 0x60, 0x06, 0xa9, 0x79, 0xc8, 0x44, 0x67, 0xb3, 0xc1, 0xbf, 0x94, 0xd5, 0x76,
168 0x8c, 0x93, 0x15, 0xfa, 0x58, 0x94, 0x32, 0x6e, 0x78, 0x1b, 0x62, 0x17, 0x49, 0x5f, 0x40, 0x2c,
169 0xac, 0x49, 0x73, 0xd8, 0x26, 0x6c, 0x87, 0x46, 0x44, 0xf5, 0xbb, 0x1f, 0x01, 0xa9, 0x29, 0x32,
170 0xd4, 0xab, 0x0a, 0x6e, 0xd1, 0x0a, 0xe7, 0x07, 0xc4, 0x30, 0xfd, 0x47, 0xa5, 0x83, 0x58, 0xed,
171 0xa9, 0xdc, 0x04, 0x6a, 0xf1, 0x06, 0xe6, 0x2c, 0xf9, 0x3a, 0x33, 0x4b, 0x65, 0xf4, 0x86, 0xe8,
172 0xe3, 0x2f, 0xe7, 0x27, 0xce, 0x2b, 0xbc, 0xd7, 0xc4, 0x92, 0x38, 0x15, 0x36, 0x75, 0xa1, 0xdc,
173 0x92, 0xc9, 0xf1, 0xaf, 0x4e, 0x9d, 0xa3, 0xc1, 0x9b, 0xed, 0xe3, 0xff, 0x57, 0xcf, 0x87, 0x37,
174 0x13, 0x02, 0x8e, 0x55, 0x01, 0x7c, 0xc4, 0x71, 0x4a, 0x26, 0xc6, 0x85, 0x7f, 0x25, 0x97, 0x54,
175 0x0d, 0xcd, 0x2e, 0x16, 0x3a, 0x95, 0x78, 0x6f, 0x6c, 0xbc, 0xc1, 0x31, 0xd1, 0xd6, 0xe7, 0xff,
176 0x16, 0x2b, 0x3e, 0x6d, 0xce, 0xca, 0x09, 0x8d, 0x8e, 0x66, 0xf0, 0xb9, 0x69, 0x14, 0xf7, 0x0c,
177 0x75, 0x68, 0x10, 0xc1, 0xd2, 0x4e, 0x44, 0xc1, 0x9d, 0xa9, 0x11, 0xa8, 0x2e, 0xb3, 0xb5, 0x9b,
178 0x43, 0x1d, 0xfb, 0x32, 0xbc, 0xaf, 0x2c, 0x83, 0x19, 0x22, 0x53, 0x9f, 0xa8, 0x29, 0xf2, 0x83,
179 0x08, 0xb8, 0xef, 0xc1, 0x4b, 0x0f, 0x63, 0x25, 0xd3, 0xed, 0x52, 0xff, 0x75, 0x50, 0x47, 0xc4,
180 0xb8, 0x32, 0x9b, 0x65, 0x3e, 0xb9, 0x69, 0x7c, 0xdb, 0x64, 0x16, 0xe8, 0x79, 0x22, 0x7f, 0xe5,
181 0x12, 0x03, 0x77, 0xe3, 0x42, 0x3c, 0x71, 0xd4, 0x1f, 0xbf, 0x86, 0x45, 0x95, 0x9d, 0x41, 0x70,
182 0x58, 0x73, 0xd3, 0xd3, 0x18, 0x24, 0x5a, 0x3e, 0xb6, 0x84, 0x26, 0xeb, 0x6b, 0xa6, 0xa1, 0x91,
183 0x41, 0x74, 0x7e, 0xfa, 0xc3, 0x2e, 0xb7, 0xe0, 0x51, 0x9b, 0xd4, 0x99, 0x61, 0x26, 0xfe, 0xaf,
184 0x32, 0x0b, 0xb2, 0x33, 0xc4, 0x14, 0x4d, 0x8b, 0x05, 0xf4, 0xd0, 0x4b, 0x5c, 0xaa, 0x93, 0xe4,
185 0x6b, 0x6e, 0x88, 0xae, 0x29, 0x6a, 0xac, 0x30, 0x88, 0xdc, 0xff, 0x9a, 0xee, 0xee, 0x95, 0xfc,
186 0x40, 0xc0, 0xa8, 0x76, 0xbb, 0x92, 0x62, 0xc3, 0x4c, 0x5d, 0xf9, 0x00, 0x8d, 0x36, 0x4d, 0xdd,
187 0x8b, 0x72, 0x9c, 0x87, 0x1d, 0x19, 0xb6, 0x89, 0xa3, 0xbe, 0x61, 0xd0, 0x87, 0x9e, 0xce, 0x65,
188 0x14, 0x5f, 0x3b, 0x79, 0x4d, 0xa6, 0x59, 0xee, 0x8d, 0xdf, 0x7f, 0xe2, 0x89, 0x68, 0x3f, 0xe3,
189 0x78, 0xc4, 0x66, 0x7d, 0x52, 0x49, 0xf0, 0xf4, 0xa1, 0xfe, 0x5f, 0x1d, 0x15, 0x67, 0x2e, 0xbc,
190 0xd6, 0x5b, 0xb2, 0x69, 0x6d, 0x81, 0xb4, 0x42, 0x9c, 0xdc, 0xae, 0x6f, 0x70, 0x50, 0x40, 0xb7,
191 0xc1, 0x52, 0x48, 0x06, 0x29, 0xf7, 0xf6, 0xc9, 0x6e, 0xa7, 0xd7, 0x34, 0x80, 0xcb, 0x3c, 0x9a,
192 0x20, 0x43, 0xc1, 0x0a, 0xb1, 0xc7, 0x0e, 0x7e, 0xcf, 0xc8, 0x88, 0xc0, 0xcf, 0xdd, 0x68, 0x2d,
193 0x4f, 0x7b, 0xf5, 0x0a, 0xbe, 0xfa, 0xcf, 0xe7, 0x5b, 0x06, 0x8d, 0x39, 0x7c, 0x77, 0xb0, 0xde,
194 0x7d, 0x98, 0xe5, 0x24, 0xc2, 0x9f, 0x19, 0xf1, 0xc6, 0xd8, 0x7f, 0x8e, 0x8e, 0x7d, 0x6c, 0xee,
195 0x88, 0x79, 0x48, 0x4d, 0xfa, 0x47, 0xe7, 0x9c, 0xa1, 0x80, 0xee, 0xec, 0x70, 0x3e, 0x9a, 0x64,
196 0xfc, 0x21, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x43, 0x30, 0x41, 0x30, 0x0c, 0x06, 0x03, 0x55,
197 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x31, 0x06, 0x03, 0x55, 0x1d, 0x1f,
198 0x04, 0x2a, 0x30, 0x28, 0x30, 0x26, 0xa0, 0x24, 0xa0, 0x22, 0x86, 0x20, 0x68, 0x74, 0x74, 0x70,
199 0x73, 0x3a, 0x2f, 0x2f, 0x63, 0x61, 0x2e, 0x78, 0x69, 0x65, 0x78, 0x69, 0x61, 0x6e, 0x62, 0x69,
200 0x6e, 0x2e, 0x63, 0x6e, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x70, 0x65, 0x6d, 0x30, 0x0d, 0x06, 0x09,
201 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, 0x00,
202 0x29, 0x50, 0x7b, 0x20, 0x86, 0x76, 0x58, 0x74, 0xaf, 0x44, 0xb9, 0xe4, 0x32, 0x46, 0x83, 0x74,
203 0x8b, 0xb7, 0xee, 0x5e, 0xb4, 0x54, 0xc8, 0x63, 0xef, 0xd3, 0x1f, 0x39, 0x34, 0xc8, 0xff, 0x40,
204 0x9c, 0x67, 0x4a, 0x7c, 0x1b, 0xe7, 0xea, 0x38, 0xa1, 0x93, 0x0a, 0xd3, 0x93, 0x14, 0xb7, 0xf3,
205 0x9d, 0x70, 0xa0, 0x0c, 0xe6, 0x07, 0xf4, 0x5e, 0x6d, 0xba, 0x02, 0xcb, 0x77, 0xd0, 0x7b, 0x16,
206 0x22, 0xf2, 0xb3, 0x97, 0x81, 0x75, 0x74, 0x72, 0x9b, 0x6d, 0x81, 0x1e, 0xcf, 0xe3, 0xb7, 0x35,
207 0x17, 0x16, 0xbc, 0x52, 0x15, 0x60, 0x61, 0xc6, 0xf5, 0xb4, 0x73, 0x00, 0xb0, 0xcb, 0x9f, 0x60,
208 0xe5, 0xcf, 0xef, 0x5f, 0x74, 0x1c, 0xbe, 0x58, 0x89, 0x7e, 0x36, 0x8b, 0xab, 0xae, 0xc2, 0xc0,
209 0x72, 0x1d, 0x2a, 0x52, 0xa8, 0x72, 0x88, 0x09, 0xa7, 0x5a, 0x9e, 0x44, 0xec, 0xbb, 0x1d, 0xf2,
210 0xd0, 0x31, 0x02, 0x47, 0x13, 0xf1, 0x5c, 0xdf, 0x44, 0x19, 0x5e, 0x9e, 0x5b, 0x25, 0xc9, 0xa0,
211 0x28, 0x36, 0x06, 0x76, 0xfa, 0xe0, 0x28, 0x6a, 0x73, 0x81, 0xfe, 0x33, 0x8c, 0xe6, 0x07, 0xf8,
212 0xe3, 0x21, 0xc0, 0x1d, 0x86, 0xf4, 0xd7, 0x7a, 0x7a, 0x7e, 0xd3, 0x0a, 0x28, 0x6a, 0xdc, 0x0f,
213 0x07, 0x88, 0x68, 0xfe, 0x33, 0x73, 0xb3, 0xac, 0xa8, 0x16, 0x47, 0x8a, 0xa2, 0x1e, 0x63, 0xe0,
214 0xdd, 0x25, 0xfb, 0x9e, 0x33, 0xcb, 0x3d, 0x57, 0xab, 0x97, 0x2f, 0xa8, 0xf2, 0x88, 0x76, 0xa5,
215 0x2c, 0x31, 0x48, 0xb4, 0x0c, 0x2a, 0x03, 0xc7, 0xa5, 0xbb, 0xcc, 0x1c, 0x8a, 0xf9, 0xbd, 0x12,
216 0x00, 0x92, 0x51, 0xa0, 0xd9, 0x33, 0xfb, 0x59, 0x5e, 0x7e, 0x59, 0xcf, 0x8c, 0x0b, 0xe2, 0xec,
217 0x7d, 0x9e, 0x4c, 0xed, 0x64, 0x99, 0x58, 0x3e, 0x81, 0x57, 0x65, 0xc8, 0x1c, 0x0d, 0xa2, 0x33,
218 0x73, 0x7b, 0xc1, 0x8c, 0xef, 0x1f, 0x49, 0x4d, 0x96, 0x04, 0x75, 0x3e, 0xef, 0x2f, 0x85, 0xf9,
219 0x4f, 0x7d, 0x28, 0xc5, 0xa2, 0xe2, 0x0b, 0x6c, 0x41, 0xe7, 0xb2, 0x89, 0x07, 0x3e, 0xc5, 0x1d,
220 0x6f, 0x19, 0xcd, 0x98, 0xec, 0x8c, 0xa4, 0x20, 0xc2, 0x83, 0x77, 0x23, 0xb9, 0x96, 0x08, 0xca,
221 0x30, 0x08, 0x07, 0xf3, 0xa8, 0x00, 0x30, 0x1e, 0x90, 0x01, 0xd7, 0xdd, 0xc0, 0x22, 0xb4, 0x10,
222 0x73, 0xcc, 0x3f, 0x4c, 0x04, 0xaf, 0xd4, 0x5d, 0x19, 0x0c, 0x75, 0xe7, 0x7a, 0x25, 0x5c, 0x1f,
223 0x6d, 0x91, 0xaa, 0xfb, 0x62, 0xcb, 0x37, 0x35, 0xf3, 0xa8, 0xc5, 0x90, 0x78, 0x27, 0x06, 0xa1,
224 0xc4, 0x47, 0x89, 0x5f, 0xbb, 0xbb, 0x0d, 0xe4, 0x94, 0xb0, 0x0d, 0x7c, 0x5f, 0x4d, 0xc9, 0x7b,
225 0xd6, 0xe8, 0x56, 0x0d, 0xe7, 0x42, 0xe1, 0x9e, 0x8a, 0xe8, 0x1b, 0x0b, 0x2e, 0x19, 0xeb, 0x58,
226 0xdb, 0x61, 0x7f, 0xf2, 0xcd, 0x4d, 0xd2, 0x80, 0xbb, 0x51, 0xc9, 0xff, 0x26, 0x66, 0x54, 0x03,
227 0xdc, 0x63, 0x68, 0x20, 0xc4, 0x7a, 0x84, 0xc3, 0xa1, 0xe7, 0xef, 0xf3, 0xfd, 0xf3, 0x4a, 0xbd,
228 0xac, 0x47, 0xac, 0x11, 0xee, 0x12, 0x07, 0x82, 0xf0, 0xbd, 0x34, 0xd3, 0x93, 0xcd, 0xd4, 0x92,
229 0x46, 0xa7, 0x37, 0x01, 0xf5, 0x33, 0xf7, 0x49, 0x1d, 0xb0, 0x0a, 0x19, 0xa3, 0x0a, 0xa5, 0xec,
230 0x2a, 0xd9, 0xcb, 0xb2, 0xe2, 0xab, 0x36, 0x89, 0x33, 0x2d, 0x45, 0xfb, 0x61, 0xfc, 0x8e, 0x6c,
231 0xdf, 0x09, 0x5e, 0x83, 0x05, 0xa0, 0x98, 0x83, 0x39, 0x41, 0x19, 0x2f, 0xdd, 0xab, 0xf4, 0x3b,
232 0x03, 0xd9, 0x1b, 0x66, 0xb7, 0xc2, 0x79, 0xbf, 0xf2, 0x12, 0x0c, 0xf4, 0x87, 0x42, 0xeb, 0x5a,
233 0x70, 0x56, 0xc3, 0x0e, 0xeb, 0xd9, 0x3f, 0x87, 0x93, 0x82, 0xd0, 0xfe, 0x32, 0xed, 0x0b, 0x54,
234 };
235
236 static uint8_t g_invalidCert0[] = {
237 0x30, 0x82, 0x03, 0xc1, 0x30, 0x82, 0x03, 0xa9, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x05,
238 };
239
240 static HcfCertChainValidator *g_validator = nullptr;
241
SetUpTestCase()242 void CryptoX509CertChainValidatorTest::SetUpTestCase()
243 {
244 (void)HcfCertChainValidatorCreate("PKIX", &g_validator);
245 }
TearDownTestCase()246 void CryptoX509CertChainValidatorTest::TearDownTestCase()
247 {
248 CfObjDestroy(g_validator);
249 }
250
SetUp()251 void CryptoX509CertChainValidatorTest::SetUp()
252 {
253 }
254
TearDown()255 void CryptoX509CertChainValidatorTest::TearDown()
256 {
257 }
258
259 HWTEST_F(CryptoX509CertChainValidatorTest, GetAlgorithm001, TestSize.Level0)
260 {
261 const char *algo = g_validator->getAlgorithm(g_validator);
262 EXPECT_NE(algo, nullptr);
263 if (algo == nullptr) {
264 CfObjDestroy(g_validator);
265 return;
266 }
267 string st("PKIX");
268 ASSERT_STREQ(algo, st.c_str());
269 }
270
271 HWTEST_F(CryptoX509CertChainValidatorTest, GetAlgorithm002, TestSize.Level0)
272 {
273 HcfCertChainValidator *pathValidator = nullptr;
274 CfResult res = HcfCertChainValidatorCreate("invalidPKIX", &pathValidator);
275 EXPECT_EQ(res, CF_NOT_SUPPORT);
276 EXPECT_EQ(pathValidator, nullptr);
277
278 char inputAlg[1025] = {0}; /* 1025: size bigger than max */
279 for (uint32_t i = 0; i < sizeof(inputAlg); ++i) {
280 inputAlg[i] = 'c';
281 }
282 res = HcfCertChainValidatorCreate(inputAlg, &pathValidator);
283 EXPECT_NE(res, CF_SUCCESS);
284 }
285
286 /* valid cert chain. */
287 HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest001, TestSize.Level0)
288 {
289 CfResult res = CF_SUCCESS;
290 HcfCertChainData certsData = { 0 };
291 certsData.format = CF_FORMAT_PEM;
292 certsData.count = 2; /* level-2 cert chain. */
293 uint32_t caCertLen = strlen(g_testCertChainValidatorCaCert) + 1;
294 uint32_t secondCaCertLen = strlen(g_testCertChainValidatorSecondCaCert) + 1;
295 certsData.dataLen = CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen;
296 certsData.data = (uint8_t *)malloc(certsData.dataLen);
297 if (certsData.data == nullptr) {
298 return;
299 }
300 if (memcpy_s(certsData.data, CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen,
301 &secondCaCertLen, CERT_HEADER_LEN) != EOK) {
302 goto OUT;
303 }
304 if (memcpy_s(certsData.data + CERT_HEADER_LEN, secondCaCertLen + CERT_HEADER_LEN + caCertLen,
305 g_testCertChainValidatorSecondCaCert, secondCaCertLen) != EOK) {
306 goto OUT;
307 }
308 if (memcpy_s(certsData.data + CERT_HEADER_LEN + secondCaCertLen, CERT_HEADER_LEN + caCertLen,
309 &caCertLen, CERT_HEADER_LEN) != EOK) {
310 goto OUT;
311 }
312 if (memcpy_s(certsData.data + CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN, caCertLen,
313 g_testCertChainValidatorCaCert, caCertLen) != EOK) {
314 goto OUT;
315 }
316
317 res = g_validator->validate(g_validator, &certsData);
318 EXPECT_EQ(res, CF_SUCCESS);
319 OUT:
320 free(certsData.data);
321 }
322
323 /* invalid cert chain. */
324 HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest002, TestSize.Level0)
325 {
326 CfResult res = CF_SUCCESS;
327 HcfCertChainData certsData = { 0 };
328 certsData.format = CF_FORMAT_PEM;
329 certsData.count = 3; /* level-3 cert chain. */
330 uint32_t caCertLen = strlen(g_testCertChainValidatorCaCert) + 1;
331 uint32_t secondCaCertLen = strlen(g_testCertChainValidatorSecondCaCert) + 1;
332 uint32_t thirdCertLen = strlen(g_testCertChainValidatorInvalidCaCert) + 1;
333 certsData.dataLen = CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN +
334 secondCaCertLen + CERT_HEADER_LEN + caCertLen;
335 certsData.data = (uint8_t *)malloc(certsData.dataLen);
336 EXPECT_NE(certsData.data, nullptr);
337 if (certsData.data == nullptr) {
338 return;
339 }
340 if (memcpy_s(certsData.data,
341 CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen,
342 &thirdCertLen, CERT_HEADER_LEN) != EOK) {
343 goto OUT;
344 }
345 if (memcpy_s(certsData.data + CERT_HEADER_LEN,
346 thirdCertLen + CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen,
347 g_testCertChainValidatorInvalidCaCert, thirdCertLen) != EOK) {
348 return;
349 }
350 if (memcpy_s(certsData.data + CERT_HEADER_LEN + thirdCertLen,
351 CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen, &secondCaCertLen, CERT_HEADER_LEN) != EOK) {
352 goto OUT;
353 }
354 if (memcpy_s(certsData.data + CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN,
355 secondCaCertLen + CERT_HEADER_LEN + caCertLen, g_testCertChainValidatorSecondCaCert, secondCaCertLen) != EOK) {
356 goto OUT;
357 }
358 if (memcpy_s(certsData.data + CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN + secondCaCertLen,
359 CERT_HEADER_LEN + caCertLen, &caCertLen, CERT_HEADER_LEN) != EOK) {
360 goto OUT;
361 }
362 if (memcpy_s(certsData.data + CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN,
363 caCertLen, g_testCertChainValidatorCaCert, caCertLen) != EOK) {
364 goto OUT;
365 }
366
367 res = g_validator->validate(g_validator, &certsData);
368 EXPECT_NE(res, CF_SUCCESS);
369 OUT:
370 free(certsData.data);
371 }
372
373 /* invalid cert chain data len. */
374 HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest003, TestSize.Level0)
375 {
376 HcfCertChainData certsData = { 0 };
377 certsData.format = CF_FORMAT_PEM;
378 certsData.count = 3; /* level-3 cert chain. */
379 certsData.dataLen = INVALID_MAX_CERT_LEN;
380 certsData.data = (uint8_t *)malloc(certsData.dataLen);
381 EXPECT_NE(certsData.data, nullptr);
382 if (certsData.data == nullptr) {
383 return;
384 }
385
386 CfResult res = g_validator->validate(g_validator, &certsData);
387 EXPECT_NE(res, CF_SUCCESS);
388 free(certsData.data);
389 }
390
391 /* invalid cert number(1). */
392 HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest004, TestSize.Level0)
393 {
394 CfResult res = CF_SUCCESS;
395 HcfCertChainData certsData = { 0 };
396 certsData.format = CF_FORMAT_PEM;
397 certsData.count = 1; /* level-3 cert chain. */
398 uint32_t caCertLen = strlen(g_testCertChainValidatorCaCert) + 1;
399 certsData.dataLen = CERT_HEADER_LEN + caCertLen;
400 certsData.data = (uint8_t *)malloc(certsData.dataLen);
401 EXPECT_NE(certsData.data, nullptr);
402 if (certsData.data == nullptr) {
403 return;
404 }
405 if (memcpy_s(certsData.data,
406 CERT_HEADER_LEN + caCertLen, &caCertLen, CERT_HEADER_LEN) != EOK) {
407 goto OUT;
408 }
409 if (memcpy_s(certsData.data + CERT_HEADER_LEN,
410 caCertLen, g_testCertChainValidatorCaCert, caCertLen) != EOK) {
411 goto OUT;
412 }
413
414 res = g_validator->validate(g_validator, &certsData);
415 EXPECT_NE(res, CF_SUCCESS);
416 OUT:
417 free(certsData.data);
418 }
419
ConstructCertData(HcfCertChainData * certsData,uint8_t * caCert,uint32_t caCertLen,uint8_t * secCaCert,uint32_t secCaCertLen)420 static int32_t ConstructCertData(HcfCertChainData *certsData, uint8_t *caCert, uint32_t caCertLen,
421 uint8_t *secCaCert, uint32_t secCaCertLen)
422 {
423 uint32_t size = CERT_HEADER_LEN + secCaCertLen + CERT_HEADER_LEN + caCertLen;
424 uint8_t *tmp = (uint8_t *)malloc(size);
425 if (tmp == nullptr) {
426 return CF_ERR_MALLOC;
427 }
428
429 int32_t ret = CF_ERR_COPY;
430 do {
431 uint32_t offset = 0;
432 if (memcpy_s(tmp + offset, size - offset, &secCaCertLen, CERT_HEADER_LEN) != EOK) {
433 break;
434 }
435 offset += CERT_HEADER_LEN;
436 if (memcpy_s(tmp + offset, size - offset, secCaCert, secCaCertLen) != EOK) {
437 break;
438 }
439 offset += secCaCertLen;
440 if (memcpy_s(tmp + offset, size - offset, &caCertLen, CERT_HEADER_LEN) != EOK) {
441 break;
442 }
443 offset += CERT_HEADER_LEN;
444 if (memcpy_s(tmp + offset, size - offset, caCert, caCertLen) != EOK) {
445 break;
446 }
447 certsData->data = tmp;
448 certsData->dataLen = size;
449 return CF_SUCCESS;
450 } while (0);
451 free(tmp);
452 return ret;
453 }
454
455 /* valid cert chain der format. */
456 HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest005, TestSize.Level0)
457 {
458 HcfCertChainData certsData = { 0 };
459 certsData.format = CF_FORMAT_DER;
460 certsData.count = 2; /* level-2 cert chain. */
461
462 uint32_t caCertLen = sizeof(g_certDerFormat);
463 uint32_t secondCaCertLen = sizeof(g_secCertDerFormat);
464 int32_t ret = ConstructCertData(&certsData, g_certDerFormat, caCertLen, g_secCertDerFormat, secondCaCertLen);
465 ASSERT_EQ(ret, CF_SUCCESS);
466
467 ret = g_validator->validate(g_validator, &certsData);
468 EXPECT_EQ(ret, CF_SUCCESS);
469 free(certsData.data);
470 }
471
472 /* valid cert chain format. */
473 HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest006, TestSize.Level0)
474 {
475 HcfCertChainData certsData = { 0 };
476 certsData.format = static_cast<enum CfEncodingFormat>(CF_FORMAT_PEM + 1);
477 certsData.count = 2; /* level-2 cert chain. */
478
479 uint32_t caCertLen = sizeof(g_certDerFormat);
480 uint32_t secondCaCertLen = sizeof(g_secCertDerFormat);
481 int32_t ret = ConstructCertData(&certsData, g_certDerFormat, caCertLen, g_secCertDerFormat, secondCaCertLen);
482 ASSERT_EQ(ret, CF_SUCCESS);
483
484 ret = g_validator->validate(g_validator, &certsData);
485 EXPECT_NE(ret, CF_SUCCESS);
486 free(certsData.data);
487 }
488
489 /* invalid cert 0. */
490 HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest007, TestSize.Level0)
491 {
492 HcfCertChainData certsData = { 0 };
493 certsData.format = CF_FORMAT_DER;
494 certsData.count = 2; /* level-2 cert chain. */
495
496 uint32_t caCertLen = sizeof(g_invalidCert0);
497 uint32_t secondCaCertLen = sizeof(g_secCertDerFormat);
498 int32_t ret = ConstructCertData(&certsData, g_invalidCert0, caCertLen, g_secCertDerFormat, secondCaCertLen);
499 ASSERT_EQ(ret, CF_SUCCESS);
500
501 ret = g_validator->validate(g_validator, &certsData);
502 EXPECT_NE(ret, CF_SUCCESS);
503 free(certsData.data);
504 }
505
GetInvalidValidatorClass(void)506 static const char *GetInvalidValidatorClass(void)
507 {
508 return "INVALID_VALIDATOR_CLASS";
509 }
510
511 HWTEST_F(CryptoX509CertChainValidatorTest, NullInput, TestSize.Level0)
512 {
513 CfResult res = HcfCertChainValidatorCreate("PKIX", nullptr);
514 EXPECT_NE(res, CF_SUCCESS);
515 res = g_validator->validate(nullptr, nullptr);
516 EXPECT_NE(res, CF_SUCCESS);
517 res = g_validator->validate(g_validator, nullptr);
518 EXPECT_NE(res, CF_SUCCESS);
519 const char *algo = g_validator->getAlgorithm(nullptr);
520 EXPECT_EQ(algo, nullptr);
521 (void)g_validator->base.destroy(nullptr);
522 }
523
524 HWTEST_F(CryptoX509CertChainValidatorTest, InvalidClass, TestSize.Level0)
525 {
526 HcfCertChainValidator invalidValidator;
527 invalidValidator.base.getClass = GetInvalidValidatorClass;
528 HcfCertChainData certsData = { 0 };
529 CfResult res = g_validator->validate(&invalidValidator, &certsData);
530 EXPECT_NE(res, CF_SUCCESS);
531 const char *algo = g_validator->getAlgorithm(&invalidValidator);
532 EXPECT_EQ(algo, nullptr);
533 (void)g_validator->base.destroy(&(invalidValidator.base));
534 }
535
536 HWTEST_F(CryptoX509CertChainValidatorTest, NullSpiInput, TestSize.Level0)
537 {
538 HcfCertChainValidatorSpi *spiObj = nullptr;
539 CfResult res = HcfCertChainValidatorSpiCreate(nullptr);
540 EXPECT_NE(res, CF_SUCCESS);
541 res = HcfCertChainValidatorSpiCreate(&spiObj);
542 EXPECT_EQ(res, CF_SUCCESS);
543 res = spiObj->engineValidate(spiObj, nullptr);
544 EXPECT_NE(res, CF_SUCCESS);
545 CfArray data = { 0 };
546 res = spiObj->engineValidate(nullptr, &data);
547 EXPECT_NE(res, CF_SUCCESS);
548 (void)spiObj->base.destroy(nullptr);
549 CfObjDestroy(spiObj);
550 }
551
552 HWTEST_F(CryptoX509CertChainValidatorTest, InvalidSpiClass, TestSize.Level0)
553 {
554 HcfCertChainValidatorSpi *spiObj = nullptr;
555 CfResult res = HcfCertChainValidatorSpiCreate(&spiObj);
556 EXPECT_EQ(res, CF_SUCCESS);
557 HcfCertChainValidatorSpi invalidSpi;
558 invalidSpi.base.getClass = GetInvalidValidatorClass;
559 CfArray data = { 0 };
560 data.count = 2; /* 2: count is valid */
561 res = spiObj->engineValidate(&invalidSpi, &data);
562 EXPECT_NE(res, CF_SUCCESS);
563 (void)spiObj->base.destroy(&(invalidSpi.base));
564 CfObjDestroy(spiObj);
565 }
566
567 HWTEST_F(CryptoX509CertChainValidatorTest, InvalidMalloc, TestSize.Level0)
568 {
569 SetMockFlag(true);
570 HcfCertChainValidator *pathValidator = nullptr;
571 CfResult res = HcfCertChainValidatorCreate("PKIX", &pathValidator);
572 EXPECT_EQ(res, CF_ERR_MALLOC);
573 HcfCertChainData certsData = { 0 };
574 certsData.dataLen = 1;
575 res = g_validator->validate(g_validator, &certsData);
576 EXPECT_NE(res, CF_SUCCESS);
577 SetMockFlag(false);
578 }
579
580 HWTEST_F(CryptoX509CertChainValidatorTest, InvalidSpiMalloc, TestSize.Level0)
581 {
582 HcfCertChainValidatorSpi *spiObj = nullptr;
583 CfResult res = HcfCertChainValidatorSpiCreate(&spiObj);
584 EXPECT_EQ(res, CF_SUCCESS);
585
586 SetMockFlag(true);
587 CfArray data = { nullptr, CF_FORMAT_PEM, 2 }; /* 2: count is valid */
588 res = spiObj->engineValidate(spiObj, &data);
589 EXPECT_NE(res, CF_SUCCESS);
590 SetMockFlag(false);
591
592 CfObjDestroy(spiObj);
593 }
594 }