From 82ecf9a3fd6480e915c3396caae88f221e22355b Mon Sep 17 00:00:00 2001 From: zhenghui Date: Fri, 9 Aug 2024 17:48:00 +0800 Subject: [PATCH] =?UTF-8?q?TDD=E8=A6=86=E7=9B=96=E7=8E=87=E6=8F=90?= =?UTF-8?q?=E5=8D=87?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhenghui --- test/unittest/BUILD.gn | 51 +++--- test/unittest/local_code_sign_test.cpp | 25 +++ .../local_code_sign_utils_mock_test.cpp | 153 ++++++++++++++++++ test/unittest/mock/include/hks_api.h | 1 + test/unittest/mock/src/hks_api_mock_test.cpp | 94 +++++++++++ 5 files changed, 303 insertions(+), 21 deletions(-) create mode 100644 test/unittest/local_code_sign_utils_mock_test.cpp create mode 100644 test/unittest/mock/src/hks_api_mock_test.cpp diff --git a/test/unittest/BUILD.gn b/test/unittest/BUILD.gn index b8eb872..80d8286 100644 --- a/test/unittest/BUILD.gn +++ b/test/unittest/BUILD.gn @@ -63,24 +63,6 @@ ohos_unittest("code_sign_utils_unittest") { ] } -ohos_unittest("code_sign_attr_utils_unittest") { - module_out_path = "security/code_signature" - sources = [ "code_sign_attr_utils_test.cpp" ] - - deps = [ "${code_signature_root_dir}/interfaces/innerkits/code_sign_attr_utils:libcode_sign_attr_utils" ] - - include_dirs = [ - "utils/include", - "${code_signature_root_dir}/interfaces/innerkits/common/include", - "${code_signature_root_dir}/utils/include", - ] - - external_deps = [ - "c_utils:utils", - "hilog:libhilog", - ] -} - ohos_unittest("code_sign_utils_in_c_unittest") { module_out_path = "security/code_signature" resource_config_file = "resources/ohos_test.xml" @@ -162,6 +144,34 @@ ohos_unittest("local_code_sign_utils_unittest") { ] } +ohos_unittest("local_code_sign_utils_mock_unittest") { + module_out_path = "security/code_signature" + resource_config_file = "resources/ohos_test.xml" + sources = [ + "${code_signature_root_dir}/services/local_code_sign/src/local_sign_key.cpp", + "${code_signature_root_dir}/utils/src/cert_utils.cpp", + "local_code_sign_utils_mock_test.cpp", + "mock/src/hks_api_mock_test.cpp", + "mock/src/hks_api_mock_helper.cpp", + ] + deps = [ "${code_signature_root_dir}/interfaces/innerkits/code_sign_utils:libcode_sign_utils" ] + + include_dirs = [ + "mock/include", + "utils/include", + "${code_signature_root_dir}/services/local_code_sign/include", + ] + + configs = [ "${code_signature_root_dir}:common_utils_config" ] + external_deps = [ + "c_utils:utils", + "fsverity-utils:libfsverity_utils", + "hilog:libhilog", + "huks:libhukssdk", + "openssl:libcrypto_shared", + ] +} + ohos_unittest("sign_and_enforce_unittest") { module_out_path = "security/code_signature" resource_config_file = "resources/ohos_test.xml" @@ -226,7 +236,6 @@ ohos_rust_static_library("rust_key_enable_lib") { "${code_signature_root_dir}/services/key_enable/utils:libkey_enable_utils", "${rust_openssl_dir}/openssl:lib", "//third_party/rust/crates/cxx:lib", - "//third_party/rust/crates/lazy-static.rs:lib", ] external_deps = [ "c_utils:utils_rust", @@ -256,7 +265,6 @@ ohos_rust_unittest("rust_key_enable_unittest") { resource_config_file = "resources/ohos_test.xml" crate_root = "./rust_key_enable_test.rs" sources = [ "./rust_key_enable_test.rs" ] - external_deps = [ "ylong_json:lib" ] deps = [ ":rust_key_enable_lib" ] subsystem_name = "security" part_name = "code_signature" @@ -317,6 +325,7 @@ ohos_unittest("key_enable_utils_unittest") { deps = [ "${code_signature_root_dir}/services/key_enable/utils:libkey_enable_utils", ] + external_deps = [ "hilog:libhilog" ] } group("unittest_group") { @@ -324,12 +333,12 @@ group("unittest_group") { if (!defined(ohos_lite)) { deps = [ ":add_cert_path_unittest", - ":code_sign_attr_utils_unittest", ":code_sign_utils_in_c_unittest", ":code_sign_utils_unittest", ":enable_verity_ioctl_unittest", ":local_code_sign_unittest", ":local_code_sign_utils_unittest", + ":local_code_sign_utils_mock_unittest", ":multi_thread_local_sign_unittest", ":sign_and_enforce_unittest", ] diff --git a/test/unittest/local_code_sign_test.cpp b/test/unittest/local_code_sign_test.cpp index cb1879b..0a8297c 100644 --- a/test/unittest/local_code_sign_test.cpp +++ b/test/unittest/local_code_sign_test.cpp @@ -266,6 +266,31 @@ HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0014, TestSize.Level0) NativeTokenReset(selfTokenId); EXPECT_EQ(ret, CS_ERR_INVALID_OWNER_ID); } + +/** + * @tc.name: LocalCodeSignTest_0015 + * @tc.desc: sign local code failed with ownerID exceed 128 bytes + * @tc.type: Func + * @tc.require: issueI8FCGF + */ +HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0015, TestSize.Level0) +{ + ByteBuffer sig; + uint64_t selfTokenId = NativeTokenSet("compiler_service"); + std::string ownerID = "AppName123"; + + int ret = LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2, sig); + + NativeTokenSet("local_code_sign"); + sptr samgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + EXPECT_NQ(samgr, nullptr); + + ret = samgr->UnloadSystemAbility(LOCAL_CODE_SIGN_SA_ID); + EXPECT_EQ(ret, ERR_OK); + NativeTokenSet("compiler_service"); + LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2, sig); + NativeTokenReset(selfTokenId); +} } // namespace CodeSign } // namespace Security } // namespace OHOS diff --git a/test/unittest/local_code_sign_utils_mock_test.cpp b/test/unittest/local_code_sign_utils_mock_test.cpp new file mode 100644 index 0000000..1a0011b --- /dev/null +++ b/test/unittest/local_code_sign_utils_mock_test.cpp @@ -0,0 +1,153 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include + +#include "cert_utils.h" +#include "directory_ex.h" +#include "fsverity_utils_helper.h" +#include "local_sign_key.h" +#include "log.h" +#include "pkcs7_generator.h" +#include "hks_api.h" + +using namespace OHOS::Security::CodeSign; +using namespace testing::ext; +using namespace std; + +namespace OHOS { +namespace Security { +namespace CodeSign { +static const std::string AN_BASE_PATH = "/data/local/ark-cache/tmp/"; +static const std::string DEMO_AN_PATH2 = AN_BASE_PATH + "demo2.an"; +static const std::string DEFAULT_HASH_ALGORITHM = "sha256"; +extern int gCount; + +class LocalCodeSignUtilsMockTest : public testing::Test { +public: + LocalCodeSignUtilsMockTest() {}; + virtual ~LocalCodeSignUtilsMockTest() {}; + static void SetUpTestCase() {}; + static void TearDownTestCase() {}; + void SetUp() {}; + void TearDown() {}; +}; + +/** + * @tc.name: LocalCodeSignUtilsMockTest_0001 + * @tc.desc: Sign local code successfully, owner ID is empty, and set gCount + * @tc.type: Func + * @tc.require: issueI8FCGF + */ +HWTEST_F(LocalCodeSignUtilsMockTest, LocalCodeSignUtilsMockTest_0001, TestSize.Level0) +{ + ByteBuffer digest; + std::string realPath; + std::string ownerID = ""; + bool bRet = OHOS::PathToRealPath(DEMO_AN_PATH2, realPath); + EXPECT_EQ(bRet, true); + bRet = FsverityUtilsHelper::GetInstance().GenerateFormattedDigest(realPath.c_str(), digest); + EXPECT_EQ(bRet, true); + + ByteBuffer signature; + gCount = 2; + int ret = PKCS7Generator::GenerateSignature(ownerID, LocalSignKey::GetInstance(), DEFAULT_HASH_ALGORITHM.c_str(), + digest, signature); + EXPECT_EQ(ret, CS_SUCCESS); + + gCount = 4; + ret = PKCS7Generator::GenerateSignature(ownerID, LocalSignKey::GetInstance(), DEFAULT_HASH_ALGORITHM.c_str(), + digest, signature); + EXPECT_EQ(ret, CS_SUCCESS); + + gCount = 5; + ret = PKCS7Generator::GenerateSignature(ownerID, LocalSignKey::GetInstance(), DEFAULT_HASH_ALGORITHM.c_str(), + digest, signature); + EXPECT_EQ(ret, CS_SUCCESS); + + gCount = 6; + ret = PKCS7Generator::GenerateSignature(ownerID, LocalSignKey::GetInstance(), DEFAULT_HASH_ALGORITHM.c_str(), + digest, signature); + EXPECT_EQ(ret, CS_SUCCESS); +} + +/** + * @tc.name: LocalCodeSignUtilsMockTest_0002 + * @tc.desc: Sign local code with owner ID successfully, and set gCount + * @tc.type: Func + * @tc.require: issueI88PPA + */ +HWTEST_F(LocalCodeSignUtilsMockTest, LocalCodeSignUtilsMockTest_0002, TestSize.Level0) +{ + ByteBuffer digest; + std::string realPath; + std::string ownerID = "AppName123"; + bool bRet = OHOS::PathToRealPath(DEMO_AN_PATH2, realPath); + EXPECT_EQ(bRet, true); + bRet = FsverityUtilsHelper::GetInstance().GenerateFormattedDigest(realPath.c_str(), digest); + EXPECT_EQ(bRet, true); + + ByteBuffer signature; + gCount = 2; + int ret = PKCS7Generator::GenerateSignature(ownerID, LocalSignKey::GetInstance(), DEFAULT_HASH_ALGORITHM.c_str(), + digest, signature); + EXPECT_EQ(ret, CS_SUCCESS); + + gCount = 4; + ret = PKCS7Generator::GenerateSignature(ownerID, LocalSignKey::GetInstance(), DEFAULT_HASH_ALGORITHM.c_str(), + digest, signature); + EXPECT_EQ(ret, CS_SUCCESS); + + gCount = 5; + ret = PKCS7Generator::GenerateSignature(ownerID, LocalSignKey::GetInstance(), DEFAULT_HASH_ALGORITHM.c_str(), + digest, signature); + EXPECT_EQ(ret, CS_SUCCESS); + + gCount = 6; + ret = PKCS7Generator::GenerateSignature(ownerID, LocalSignKey::GetInstance(), DEFAULT_HASH_ALGORITHM.c_str(), + digest, signature); + EXPECT_EQ(ret, CS_SUCCESS); +} + +/** + * @tc.name: LocalCodeSignUtilsMockTest_0003 + * @tc.desc: Generate formatted digest failed with wrong path + * @tc.type: Func + * @tc.require: issueI8FCGF + */ +HWTEST_F(LocalCodeSignUtilsMockTest, LocalCodeSignUtilsMockTest_0003, TestSize.Level0) +{ + std::unique_ptr challenge = GetRandomChallenge(); + LocalSignKey &key = LocalSignKey::GetInstance(); + key.SetChallenge(*challenge); + bool bRet = key.InitKey(); + EXPECT_EQ(ret, false); + + gCount = -1; + bool bRet = key.InitKey(); + EXPECT_EQ(ret, false); + + gCount = 1; + bool bRet = key.InitKey(); + EXPECT_EQ(ret, false); + + int32_t iRet = key.GetFormattedCertChain(*challenge); + EXPECT_EQ(iRet, 0); +} +} // namespace CodeSign +} // namespace Security +} // namespace OHOS diff --git a/test/unittest/mock/include/hks_api.h b/test/unittest/mock/include/hks_api.h index fa509f1..bc05cde 100644 --- a/test/unittest/mock/include/hks_api.h +++ b/test/unittest/mock/include/hks_api.h @@ -18,6 +18,7 @@ #include "hks_type.h" +extern int gCount; namespace OHOS { namespace Security { namespace CodeSign { diff --git a/test/unittest/mock/src/hks_api_mock_test.cpp b/test/unittest/mock/src/hks_api_mock_test.cpp new file mode 100644 index 0000000..894bd7e --- /dev/null +++ b/test/unittest/mock/src/hks_api_mock_test.cpp @@ -0,0 +1,94 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "hks_api.h" + +#include "hks_api_mock_helper.h" + +namespace OHOS { +namespace Security { +namespace CodeSign { +int gCount = 0; +int32_t HksKeyExist(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet) +{ + LOG_INFO("Mock HksKeyExist"); + if(gCount == 1){ + return -1; + } + if(gCount == 7){ + return HKS_ERROR_NOT_EXTIST; + } + return HKS_SUCCESS; +} + +int32_t HksAttestKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, + struct HksCertChain *certChain) +{ + LOG_INFO("Mock HksAttestKey"); + if(gCount == 2){ + return -1; + } + + bool ret = GetCertInDer(certChain->certs[0].data, certChain->certs[0].size); + if (!ret) { + LOG_ERROR("Failed to convert PEM to DER.\n"); + return HKS_FAILURE; + } + return HKS_SUCCESS; +} + +int32_t HksGenerateKey(const struct HksBlob *keyAlias, + const struct HksParamSet *paramSetIn, struct HksParamSet *paramSetOut) +{ + LOG_INFO("Mock HksGenerateKey"); + if(gCount == 3){ + return -1; + } + return HKS_SUCCESS; +} + +int32_t HksInit(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, + struct HksBlob *handle, struct HksBlob *token) +{ + LOG_INFO("Mock HksInit"); + if(gCount == 4){ + return -1; + } + return HKS_SUCCESS; +} + + +int32_t HksUpdate(const struct HksBlob *handle, const struct HksParamSet *paramSet, + const struct HksBlob *inData, struct HksBlob *outData) +{ + LOG_INFO("Mock HksUpdate"); + if(gCount == 5){ + return -1; + } + return HKS_SUCCESS; +} + +int32_t HksFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet, + const struct HksBlob *inData, struct HksBlob *outData) +{ + LOG_INFO("Mock HksFinish"); + if(gCount == 6){ + return -1; + } + return HKS_SUCCESS; +} +} +} +} \ No newline at end of file -- Gitee