From c912a50aca12aea0651a5706b20246630dd22d4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E6=96=87=E5=90=9B?= Date: Mon, 21 Jun 2021 19:51:31 +0800 Subject: [PATCH 1/2] update interfaces/innerkits/appverify_lite/unittest/src/hap_verify_test.cpp. --- .../appverify_lite/unittest/src/hap_verify_test.cpp | 8 -------- 1 file changed, 8 deletions(-) diff --git a/interfaces/innerkits/appverify_lite/unittest/src/hap_verify_test.cpp b/interfaces/innerkits/appverify_lite/unittest/src/hap_verify_test.cpp index d170516..5cc9001 100755 --- a/interfaces/innerkits/appverify_lite/unittest/src/hap_verify_test.cpp +++ b/interfaces/innerkits/appverify_lite/unittest/src/hap_verify_test.cpp @@ -52,7 +52,6 @@ void HapVerifyTest::TearDown() } /** - * @tc.require: SR000E10EO * @tc.name: test001 * @tc.desc: 测试签名正确的hap包可以安装并验签通过 * @tc.function: SUB_SEC_AppSec_AppSign_VerifySignature @@ -77,7 +76,6 @@ HWTEST_F(HapVerifyTest, test001, TestSize.Level3) } /** - * @tc.require: SR000E10EO * @tc.name: test002 * @tc.desc: 安装未签名的应用,校验失败 * @tc.function: SUB_SEC_AppSec_AppSign_VerifySignature @@ -102,7 +100,6 @@ HWTEST_F(HapVerifyTest, test002, TestSize.Level3) } /** - * @tc.require: SR000E10EO * @tc.name: test003 * @tc.desc: udid号与设备不对应的应用安装验签失败 * @tc.function: SUB_SEC_AppSec_AppSign_VerifySignature @@ -131,7 +128,6 @@ HWTEST_F(HapVerifyTest, test003, TestSize.Level3) } /** - * @tc.require: AR000F5M36 * @tc.name: test004 * @tc.desc: udid号与设备对应的应用安装验签 * @tc.function: SUB_SEC_AppSec_AppSign_VerifySignature @@ -160,7 +156,6 @@ HWTEST_F(HapVerifyTest, test004, TestSize.Level3) } /** - * @tc.require: SR000E320R * @tc.name: test005 * @tc.desc: 被篡改的应用安装验签 * @tc.function: SUB_SEC_AppSec_AppSign_VerifySignature @@ -185,7 +180,6 @@ HWTEST_F(HapVerifyTest, test005, TestSize.Level3) } /** - * @tc.require: AR000E320S * @tc.name: test006 * @tc.desc: debug模式打开,安装商用版本hap成功,安装测试版本hap成功 * @tc.function: SUB_SEC_AppSec_AppSign_VerifySignature @@ -224,7 +218,6 @@ HWTEST_F(HapVerifyTest, test006, TestSize.Level3) } /** - * @tc.require: AR000E320S * @tc.name: test007 * @tc.desc: debug模式关闭,安装商用版本hap成功,安装测试版本hap失败 * @tc.function: SUB_SEC_AppSec_AppSign_VerifySignature @@ -263,7 +256,6 @@ HWTEST_F(HapVerifyTest, test007, TestSize.Level3) } /** - * @tc.require: SR000E320R * @tc.name: test008 * @tc.desc: 使用错误证书的应用安全验签失败 * @tc.function: SUB_SEC_AppSec_AppSign_VerifySignature -- Gitee From 8b20825b18514634e5ea54356dbded5c4db4ec76 Mon Sep 17 00:00:00 2001 From: HJ Date: Fri, 16 Jul 2021 09:54:35 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=E9=80=82=E9=85=8DUDID=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- BUILD.gn | 4 +- interfaces/innerkits/appverify/BUILD.gn | 18 ++++-- .../config/trusted_apps_sources.json | 11 +++- .../config/trusted_apps_sources_test.json | 13 +++- .../appverify/include/init/matching_result.h | 3 +- .../include/init/trusted_source_manager.h | 2 + .../include/provision/provision_verify.h | 2 + .../appverify/include/verify/hap_verify_v2.h | 3 +- .../appverify/src/init/hap_crl_manager.cpp | 4 ++ .../src/init/trusted_source_manager.cpp | 31 +++++++--- .../src/provision/provision_verify.cpp | 26 +++++++- .../appverify/src/verify/hap_verify_v2.cpp | 20 ++++++- interfaces/innerkits/appverify/test/BUILD.gn | 18 ++++-- .../unittest/src/provision_verify_test.cpp | 59 +++++++++++++++++++ 14 files changed, 188 insertions(+), 26 deletions(-) diff --git a/BUILD.gn b/BUILD.gn index aadaaf8..081b6cd 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -13,7 +13,5 @@ group("testcase_packages") { testonly = true - deps = [ - "//base/security/appverify/interfaces/innerkits/appverify/test:unittest", - ] + deps = [ "//base/security/appverify/interfaces/innerkits/appverify/test:unittest" ] } diff --git a/interfaces/innerkits/appverify/BUILD.gn b/interfaces/innerkits/appverify/BUILD.gn index fdf1a8f..8c8a29c 100644 --- a/interfaces/innerkits/appverify/BUILD.gn +++ b/interfaces/innerkits/appverify/BUILD.gn @@ -59,10 +59,20 @@ ohos_shared_library("libhapverify") { "//utils/native/base:utils", ] - external_deps = [ - "hiviewdfx_hilog_native:libhilog", - "ipc:ipc_core", - ] + if (is_standard_system) { + defines = [ "STANDARD_SYSTEM" ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + "startup_l2:syspara", + ] + } else { + external_deps = [ + "hilog_native:libhilog", + "ipc:ipc_core", + "os_account:libaccountkits", + ] + } part_name = "appverify" diff --git a/interfaces/innerkits/appverify/config/trusted_apps_sources.json b/interfaces/innerkits/appverify/config/trusted_apps_sources.json index 7605f26..b7af5f6 100644 --- a/interfaces/innerkits/appverify/config/trusted_apps_sources.json +++ b/interfaces/innerkits/appverify/config/trusted_apps_sources.json @@ -1,6 +1,6 @@ { "version": "1.0.1", - "release-time":"2020-07-09 21:20:00", + "release-time":"2021-06-03 10:06:00", "trust-app-source":[ { "name":"huawei app gallery", @@ -19,6 +19,15 @@ "issuer-ca":"C=CN, O=Huawei, OU=Huawei CBG, CN=Huawei CBG Software Signing Service CA", "max-certs-path":3, "critialcal-cert-extension":["keyusage","huawei-signing-capability"] + }, + { + "name":"third_party app preload", + "app-signing-cert":"C=CN, O=Huawei, OU=HOS Open Platform, CN=HOS Preload Service", + "profile-signing-certificate":"", + "profile-debug-signing-certificate":"", + "issuer-ca":"C=CN, O=Huawei, OU=Huawei CBG, CN=Huawei CBG Software Signing Service CA", + "max-certs-path":3, + "critialcal-cert-extension":["keyusage","huawei-signing-capability"] } ] } diff --git a/interfaces/innerkits/appverify/config/trusted_apps_sources_test.json b/interfaces/innerkits/appverify/config/trusted_apps_sources_test.json index 55bd819..8718e9e 100644 --- a/interfaces/innerkits/appverify/config/trusted_apps_sources_test.json +++ b/interfaces/innerkits/appverify/config/trusted_apps_sources_test.json @@ -1,6 +1,6 @@ { "version": "1.0.1", - "release-time":"2020-7-10 9:49:00", + "release-time":"2021-06-03 10:06:00", "trust-app-source":[ { "name":"huawei app gallery", @@ -19,6 +19,15 @@ "issuer-ca":"C=CN, O=Huawei, OU=Huawei CBG, CN=Huawei CBG Software Signing Service CA Test", "max-certs-path":3, "critialcal-cert-extension":["keyusage","huawei-signing-capability"] + }, + { + "name":"third_party app preload", + "app-signing-cert":"C=CN, O=Huawei, OU=HOS Open Platform, CN=HOS Preload Service", + "profile-signing-certificate":"", + "profile-debug-signing-certificate":"", + "issuer-ca":"C=CN, O=Huawei, OU=Huawei CBG, CN=Huawei CBG Software Signing Service CA Test", + "max-certs-path":3, + "critialcal-cert-extension":["keyusage","huawei-signing-capability"] } - ] + ] } \ No newline at end of file diff --git a/interfaces/innerkits/appverify/include/init/matching_result.h b/interfaces/innerkits/appverify/include/init/matching_result.h index 60bb98b..97f9054 100644 --- a/interfaces/innerkits/appverify/include/init/matching_result.h +++ b/interfaces/innerkits/appverify/include/init/matching_result.h @@ -19,9 +19,10 @@ namespace OHOS { namespace Security { namespace Verify { enum TrustedSources { - NOT_TRUSTED_SOURCE = 0, + OTHER_TRUSTED_SOURCE = 0, APP_GALLARY, APP_SYSTEM, + APP_THIRD_PARTY_PRELOAD, }; enum MatchingStates { diff --git a/interfaces/innerkits/appverify/include/init/trusted_source_manager.h b/interfaces/innerkits/appverify/include/init/trusted_source_manager.h index 6653960..a922a5f 100644 --- a/interfaces/innerkits/appverify/include/init/trusted_source_manager.h +++ b/interfaces/innerkits/appverify/include/init/trusted_source_manager.h @@ -66,6 +66,7 @@ private: MatchingStates TrustedSourceListCompare(const std::string& certSubject, const std::string& certIssuer, const HapAppSourceInfo& appSource, HapBlobType blobType) const; TrustedSources GetTrustedSource(std::string& sourceName); + bool MatchSubjectAndIssuer(const std::string& trustedSource, const std::string& certSubjectOrIssuer) const; private: static const std::string APP_TRUSTED_SOURCE_FILE_PATH; @@ -82,6 +83,7 @@ private: static const std::string KEY_OF_CRITIALCAL_CERT_EXTENSION; static const std::string APP_GALLARY_SOURCE_NAME; static const std::string APP_SYSTEM_SOURCE_NAME; + static const std::string APP_THIRD_PARTY_PRELOAD_SOURCE_NAME; SourceInfoVec appTrustedSources; SourceInfoVec appTrustedSourcesForTest; std::string version; diff --git a/interfaces/innerkits/appverify/include/provision/provision_verify.h b/interfaces/innerkits/appverify/include/provision/provision_verify.h index e7ccaf0..200d70d 100644 --- a/interfaces/innerkits/appverify/include/provision/provision_verify.h +++ b/interfaces/innerkits/appverify/include/provision/provision_verify.h @@ -21,6 +21,8 @@ namespace OHOS { namespace Security { namespace Verify { +#define DEV_UUID_LEN 65 + enum AppProvisionVerifyResult { PROVISION_INVALID, // Invalid json string PROVISION_OK, // Passed diff --git a/interfaces/innerkits/appverify/include/verify/hap_verify_v2.h b/interfaces/innerkits/appverify/include/verify/hap_verify_v2.h index 46a5b6e..cb1950c 100644 --- a/interfaces/innerkits/appverify/include/verify/hap_verify_v2.h +++ b/interfaces/innerkits/appverify/include/verify/hap_verify_v2.h @@ -35,7 +35,7 @@ private: bool VerifyAppPkc7AndParseProfile(Pkcs7Context& pkcs7Context, HapByteBuffer& hapProfileBlock, HapVerifyResult& hapVerifyV1Result); bool VerifyAppSourceAndParseProfile(Pkcs7Context& pkcs7Context, const HapByteBuffer& hapProfileBlock, - HapVerifyResult& hapVerifyV1Result, bool& profileNeedWriteCrl); + HapVerifyResult& hapVerifyV1Result, bool& profileNeadWriteCrl); bool VerifyAppPkcs7(Pkcs7Context& pkcs7Context, const HapByteBuffer& hapSignatureBlock); bool VerifyAppSource(Pkcs7Context& pkcs7Context, Pkcs7Context& profileContext); DLL_EXPORT bool GetDigestAndAlgorithm(Pkcs7Context& digest); @@ -48,6 +48,7 @@ private: ProvisionInfo& provisionInfo); bool CheckProfileSignatureIsRight(const MatchingStates& matchState, const ProvisionType& type); DLL_EXPORT bool GenerateAppId(ProvisionInfo& provisionInfo); + bool VerifyProfileSignature(const Pkcs7Context& pkcs7Context, Pkcs7Context& profileContext); private: static const int HEX_PRINT_LENGTH; diff --git a/interfaces/innerkits/appverify/src/init/hap_crl_manager.cpp b/interfaces/innerkits/appverify/src/init/hap_crl_manager.cpp index 3cc2aa9..3f129d0 100644 --- a/interfaces/innerkits/appverify/src/init/hap_crl_manager.cpp +++ b/interfaces/innerkits/appverify/src/init/hap_crl_manager.cpp @@ -24,7 +24,11 @@ namespace OHOS { namespace Security { namespace Verify { +#ifndef STANDARD_SYSTEM +const std::string HapCrlManager::HAP_CRL_FILE_PATH = "/data/sadata/hap_crl"; +#else const std::string HapCrlManager::HAP_CRL_FILE_PATH = "/data/hap_crl"; +#endif HapCrlManager& HapCrlManager::GetInstance() { diff --git a/interfaces/innerkits/appverify/src/init/trusted_source_manager.cpp b/interfaces/innerkits/appverify/src/init/trusted_source_manager.cpp index cdab2d2..ae8adb0 100644 --- a/interfaces/innerkits/appverify/src/init/trusted_source_manager.cpp +++ b/interfaces/innerkits/appverify/src/init/trusted_source_manager.cpp @@ -38,6 +38,7 @@ const std::string TrustedSourceManager::KEY_OF_MAX_CERTS_PATH = "max-certs-path" const std::string TrustedSourceManager::KEY_OF_CRITIALCAL_CERT_EXTENSION = "critialcal-cert-extension"; const std::string TrustedSourceManager::APP_GALLARY_SOURCE_NAME = "huawei app gallery"; const std::string TrustedSourceManager::APP_SYSTEM_SOURCE_NAME = "huawei system apps"; +const std::string TrustedSourceManager::APP_THIRD_PARTY_PRELOAD_SOURCE_NAME = "third_party app preload"; TrustedSourceManager& TrustedSourceManager::GetInstance() { @@ -227,16 +228,17 @@ MatchingStates TrustedSourceManager::TrustedSourceListCompare(const std::string& MatchingStates ret = DO_NOT_MATCH; switch (blobType) { case HAP_SIGN_BLOB: { - if (appSource.appSigningCert.compare(certSubject) == 0 && appSource.issuer.compare(certIssuer) == 0) { + if (MatchSubjectAndIssuer(appSource.appSigningCert, certSubject) && + MatchSubjectAndIssuer(appSource.issuer, certIssuer)) { ret = MATCH_WITH_SIGN; } break; } case PROFILE_BLOB: { - if (appSource.issuer.compare(certIssuer) == 0) { - if (appSource.profileSigningCertificate.compare(certSubject) == 0) { + if (MatchSubjectAndIssuer(appSource.issuer, certIssuer)) { + if (MatchSubjectAndIssuer(appSource.profileSigningCertificate, certSubject)) { ret = MATCH_WITH_PROFILE; - } else if (appSource.profileDebugSigningCertificate.compare(certSubject) == 0) { + } else if (MatchSubjectAndIssuer(appSource.profileDebugSigningCertificate, certSubject)) { ret = MATCH_WITH_PROFILE_DEBUG; } } @@ -250,13 +252,28 @@ MatchingStates TrustedSourceManager::TrustedSourceListCompare(const std::string& TrustedSources TrustedSourceManager::GetTrustedSource(std::string& sourceName) { - if (APP_GALLARY_SOURCE_NAME.compare(sourceName) == 0) { + if (APP_GALLARY_SOURCE_NAME == sourceName) { return APP_GALLARY; } - if (APP_SYSTEM_SOURCE_NAME.compare(sourceName) == 0) { + + if (APP_SYSTEM_SOURCE_NAME == sourceName) { return APP_SYSTEM; } - return NOT_TRUSTED_SOURCE; + + if (APP_THIRD_PARTY_PRELOAD_SOURCE_NAME == sourceName) { + return APP_THIRD_PARTY_PRELOAD; + } + return OTHER_TRUSTED_SOURCE; +} + +bool TrustedSourceManager::MatchSubjectAndIssuer(const std::string& trustedSource, + const std::string& certSubjectOrIssuer) const +{ + if (trustedSource.empty()) { + return false; + } + + return trustedSource == certSubjectOrIssuer; } } // namespace Verify } // namespace Security diff --git a/interfaces/innerkits/appverify/src/provision/provision_verify.cpp b/interfaces/innerkits/appverify/src/provision/provision_verify.cpp index ee12315..56304f9 100644 --- a/interfaces/innerkits/appverify/src/provision/provision_verify.cpp +++ b/interfaces/innerkits/appverify/src/provision/provision_verify.cpp @@ -19,6 +19,13 @@ #include "nlohmann/json.hpp" +#ifndef STANDARD_SYSTEM +#include "ohos_account_kits.h" +#else +#include "parameter.h" +#include "sysparam_errno.h" +#endif // STANDARD_SYSTEM + #include "common/hap_verify_log.h" using namespace std; @@ -207,7 +214,24 @@ AppProvisionVerifyResult CheckDeviceID(ProvisionInfo& info) return PROVISION_NUM_DEVICE_EXCEEDED; } string deviceId; - if (info.debugInfo.deviceIdType != VALUE_DEVICE_ID_TYPE_UDID) { + if (info.debugInfo.deviceIdType == VALUE_DEVICE_ID_TYPE_UDID) { +#ifndef STANDARD_SYSTEM + int32_t ret = OHOS::AccountSA::OhosAccountKits::GetInstance().GetUdid(deviceId); + if (ret != 0) { + HAPVERIFY_LOG_ERROR(LABEL, "obtaining current device id failed (%{public}d).", ret); + return PROVISION_DEVICE_UNAUTHORIZED; + } +#else + char udid[DEV_UUID_LEN] = {0}; + int ret = GetDevUdid(udid, sizeof(udid)); + if (ret != EC_SUCCESS) { + HAPVERIFY_LOG_ERROR(LABEL, "obtaining current device id failed (%{public}d).", static_cast(ret)); + return PROVISION_DEVICE_UNAUTHORIZED; + } + deviceId = std::string(udid, sizeof(udid) - 1); + HAPVERIFY_LOG_INFO(LABEL, "L2 UDID:%{public}s, len:%{public}d.", deviceId.c_str(), deviceId.size()); +#endif // STANDARD_SYSTEM + } else { HAPVERIFY_LOG_ERROR(LABEL, "type of device ID is not supported."); return PROVISION_UNSUPPORTED_DEVICE_TYPE; } diff --git a/interfaces/innerkits/appverify/src/verify/hap_verify_v2.cpp b/interfaces/innerkits/appverify/src/verify/hap_verify_v2.cpp index 804b4ac..12b6ae5 100644 --- a/interfaces/innerkits/appverify/src/verify/hap_verify_v2.cpp +++ b/interfaces/innerkits/appverify/src/verify/hap_verify_v2.cpp @@ -139,7 +139,7 @@ bool HapVerifyV2::VerifyAppPkcs7(Pkcs7Context& pkcs7Context, const HapByteBuffer } bool HapVerifyV2::VerifyAppSourceAndParseProfile(Pkcs7Context& pkcs7Context, - const HapByteBuffer& hapProfileBlock, HapVerifyResult& hapVerifyV1Result, bool& profileNeedWriteCrl) + const HapByteBuffer& hapProfileBlock, HapVerifyResult& hapVerifyV1Result, bool& profileNeadWriteCrl) { std::string certSubject; if (!HapCertVerifyOpensslUtils::GetSubjectFromX509(pkcs7Context.certChains[0][0], certSubject)) { @@ -160,6 +160,10 @@ bool HapVerifyV2::VerifyAppSourceAndParseProfile(Pkcs7Context& pkcs7Context, return false; } + if (!VerifyProfileSignature(pkcs7Context, profileContext)) { + HAPVERIFY_LOG_ERROR(LABEL, "VerifyProfileSignature failed"); + return false; + } /* * If app source is not trusted, verify profile. * If profile is debug, check whether app signed cert is same as the debug cert in profile. @@ -194,7 +198,19 @@ bool HapVerifyV2::VerifyAppSourceAndParseProfile(Pkcs7Context& pkcs7Context, } hapVerifyV1Result.SetProvisionInfo(provisionInfo); - profileNeedWriteCrl = profileContext.needWriteCrl; + profileNeadWriteCrl = profileContext.needWriteCrl; + return true; +} + +bool HapVerifyV2::VerifyProfileSignature(const Pkcs7Context& pkcs7Context, Pkcs7Context& profileContext) +{ + if (pkcs7Context.matchResult.matchState == MATCH_WITH_SIGN && + pkcs7Context.matchResult.source == APP_THIRD_PARTY_PRELOAD) { + if (!HapProfileVerifyUtils::VerifyProfile(profileContext)) { + HAPVERIFY_LOG_ERROR(LABEL, "profile verify failed"); + return false; + } + } return true; } diff --git a/interfaces/innerkits/appverify/test/BUILD.gn b/interfaces/innerkits/appverify/test/BUILD.gn index 77a7e92..302dcd7 100644 --- a/interfaces/innerkits/appverify/test/BUILD.gn +++ b/interfaces/innerkits/appverify/test/BUILD.gn @@ -53,10 +53,20 @@ ohos_unittest("verify_test") { "//utils/native/base:utils", ] - external_deps = [ - "hiviewdfx_hilog_native:libhilog", - "ipc:ipc_core", - ] + if (is_standard_system) { + defines = [ "STANDARD_SYSTEM" ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + "startup_l2:syspara", + ] + } else { + external_deps = [ + "hilog_native:libhilog", + "ipc:ipc_core", + "os_account:libaccountkits", + ] + } resource_config_file = "//base/security/appverify/test/resource/appverify/ohos_test.xml" diff --git a/interfaces/innerkits/appverify/test/unittest/src/provision_verify_test.cpp b/interfaces/innerkits/appverify/test/unittest/src/provision_verify_test.cpp index 4d432d8..7cbc5ad 100644 --- a/interfaces/innerkits/appverify/test/unittest/src/provision_verify_test.cpp +++ b/interfaces/innerkits/appverify/test/unittest/src/provision_verify_test.cpp @@ -16,6 +16,13 @@ #include +#ifndef STANDARD_SYSTEM +#include "ohos_account_kits.h" +#else +#include "parameter.h" +#include "sysparam_errno.h" +#endif // STANDARD_SYSTEM + #include "provision/provision_verify.h" using namespace testing::ext; @@ -352,4 +359,56 @@ HWTEST_F(ProvisionVerifyTest, ProvisionVerify007, TestSize.Level1) int ret = ParseAndVerify(DEVICE_UNAUTH_PROVISION, info); ASSERT_EQ(ret, AppProvisionVerifyResult::PROVISION_DEVICE_UNAUTHORIZED); } + +/** + * @tc.name: Test HarmonyAppProvision ProvisionVerify008 function + * @tc.desc: The static function will return verify result; + * @tc.type: FUNC + */ +HWTEST_F(ProvisionVerifyTest, ProvisionVerify008, TestSize.Level1) +{ + /* + * @tc.steps: step8. input a valid HarmonyAppProvision with device info + * and run ParseAndVerify function. + * @tc.expected: step8. return code will be PROVISION_OK. + */ + std::string prefixValidDeviceInfoProvision = R"( + { + "version-code": 9, + "version-name": "9.0.0", + "uuid": "test_uuid", + "type": "debug", + "validity": { + "not-before": 1262275200, + "not-after": 2524579300 + }, + "bundle-info": { + "developer-id": "test_developer_9", + "development-certificate": "ABCDEFG", + "distribution-certificate": "123456789", + "bundle-name": "com.hello", + "app-feature": "hos_normal_app" + }, + "debug-info": { + "device-id-type": "udid", + "device-ids" : [")"; + std::string postfixValidDeviceInfoProvision = R"("] + }, + "issuer": "App Gallery" + })"; + string deviceId = ""; +#ifndef STANDARD_SYSTEM + OHOS::AccountSA::OhosAccountKits::GetInstance().GetUdid(deviceId); +#else + char udid[DEV_UUID_LEN] = {0}; + int udidRet = GetDevUdid(udid, sizeof(udid)); + ASSERT_EQ(udidRet, EC_SUCCESS); + deviceId = std::string(udid, sizeof(udid) - 1); +#endif + prefixValidDeviceInfoProvision += deviceId; + prefixValidDeviceInfoProvision += postfixValidDeviceInfoProvision; + ProvisionInfo info; + int ret = ParseAndVerify(prefixValidDeviceInfoProvision, info); + ASSERT_EQ(ret, AppProvisionVerifyResult::PROVISION_OK); +} } // namespace -- Gitee