1/*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include <gtest/gtest.h>
17
18#include "cm_test_common.h"
19
20#include "cert_manager_api.h"
21
22using namespace testing::ext;
23using namespace CertmanagerTest;
24namespace {
25static constexpr uint32_t DEFAULT_AUTH_URI_LEN = 256;
26static constexpr uint32_t INVALID_AUTH_URI_LEN = 100;
27static constexpr uint32_t DEFAULT_APP_ID = 1000;
28static constexpr uint32_t GRANT_ONE_APP_ID = 1;
29static constexpr uint32_t GRANT_MULTIPLE_APP_ID = 10;
30
31class CmGrantTest : public testing::Test {
32public:
33    static void SetUpTestCase(void);
34
35    static void TearDownTestCase(void);
36
37    void SetUp();
38
39    void TearDown();
40};
41
42void CmGrantTest::SetUpTestCase(void)
43{
44    SetATPermission();
45}
46
47void CmGrantTest::TearDownTestCase(void)
48{
49}
50
51void CmGrantTest::SetUp()
52{
53}
54
55void CmGrantTest::TearDown()
56{
57}
58
59static void TestNormalGrant(uint32_t count, bool isSameUid)
60{
61    uint8_t aliasData[] = "TestNormalGrant";
62    struct CmBlob alias = { sizeof(aliasData), aliasData };
63    int32_t ret = TestGenerateAppCert(&alias, CERT_KEY_ALG_RSA, CM_CREDENTIAL_STORE);
64    EXPECT_EQ(ret, CM_SUCCESS) << "TestGenerateAppCert failed, retcode:" << ret;
65
66    uint8_t uriData[] = "oh:t=ak;o=TestNormalGrant;u=0;a=0";
67    struct CmBlob keyUri = { sizeof(uriData), uriData };
68    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
69    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
70    uint32_t appId = DEFAULT_APP_ID;
71
72    for (uint32_t i = 0; i < count; ++i) {
73        if (!isSameUid) {
74            appId += i;
75        }
76        authUri.size = DEFAULT_AUTH_URI_LEN; /* clear authUri size */
77        ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
78        EXPECT_EQ(ret, CM_SUCCESS) << "CmGrantAppCertificate failed, retcode:" << ret;
79    }
80
81    ret = CmUninstallAppCert(&keyUri, CM_CREDENTIAL_STORE);
82    EXPECT_EQ(ret, CM_SUCCESS) << "CmUninstallAppCert failed, retcode:" << ret;
83}
84
85/**
86 * @tc.name: CmGrantTest001
87 * @tc.desc: Test CmGrantTest keyUri is NULL
88 * @tc.type: FUNC
89 * @tc.require: AR000H0MIA /SR000H09NA
90 */
91HWTEST_F(CmGrantTest, CmGrantTest001, TestSize.Level0)
92{
93    struct CmBlob *keyUri = nullptr; /* keyUri is NULL */
94
95    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
96    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
97
98    uint32_t appId = DEFAULT_APP_ID;
99
100    int32_t ret = CmGrantAppCertificate(keyUri, appId, &authUri);
101    EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
102}
103
104/**
105 * @tc.name: CmGrantTest002
106 * @tc.desc: Test CmGrantTest keyUri size is 0
107 * @tc.type: FUNC
108 * @tc.require: AR000H0MIA /SR000H09NA
109 */
110HWTEST_F(CmGrantTest, CmGrantTest002, TestSize.Level0)
111{
112    uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
113    struct CmBlob keyUri = { 0, uriData }; /* keyUri size is 0 */
114
115    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
116    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
117
118    uint32_t appId = DEFAULT_APP_ID;
119
120    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
121    EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
122}
123
124/**
125 * @tc.name: CmGrantTest003
126 * @tc.desc: Test CmGrantTest keyUri data is null
127 * @tc.type: FUNC
128 * @tc.require: AR000H0MIA /SR000H09NA
129 */
130HWTEST_F(CmGrantTest, CmGrantTest003, TestSize.Level0)
131{
132    uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
133    struct CmBlob keyUri = { sizeof(uriData), nullptr }; /* keyUri data is null */
134
135    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
136    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
137
138    uint32_t appId = DEFAULT_APP_ID;
139
140    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
141    EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
142}
143
144/**
145 * @tc.name: CmGrantTest004
146 * @tc.desc: Test CmGrantTest keyUri data not end of '\0'
147 * @tc.type: FUNC
148 * @tc.require: AR000H0MIA /SR000H09NA
149 */
150HWTEST_F(CmGrantTest, CmGrantTest004, TestSize.Level0)
151{
152    uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
153    struct CmBlob keyUri = { strlen((char *)uriData), uriData }; /* keyUri data not end of '\0' */
154
155    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
156    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
157
158    uint32_t appId = DEFAULT_APP_ID;
159
160    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
161    EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
162}
163
164/**
165 * @tc.name: CmGrantTest005
166 * @tc.desc: Test CmGrantTest keyUri data has no app: can't find cert
167 * @tc.type: FUNC
168 * @tc.require: AR000H0MIA /SR000H09NA
169 */
170HWTEST_F(CmGrantTest, CmGrantTest005, TestSize.Level0)
171{
172    /* keyUri data has no app */
173    uint8_t uriData[] = "oh:t=ak;o=keyA;u=0";
174    struct CmBlob keyUri = { sizeof(uriData), uriData };
175
176    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
177    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
178
179    uint32_t appId = DEFAULT_APP_ID;
180
181    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
182    EXPECT_EQ(ret, CMR_ERROR_NOT_EXIST);
183}
184
185/**
186 * @tc.name: CmGrantTest006
187 * @tc.desc: Test CmGrantTest keyUri data has no user: can't find cert
188 * @tc.type: FUNC
189 * @tc.require: AR000H0MIA /SR000H09NA
190 */
191HWTEST_F(CmGrantTest, CmGrantTest006, TestSize.Level0)
192{
193    /* keyUri data has no user */
194    uint8_t uriData[] = "oh:t=ak;o=keyA;a=0";
195    struct CmBlob keyUri = { sizeof(uriData), uriData };
196
197    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
198    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
199
200    uint32_t appId = DEFAULT_APP_ID;
201
202    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
203    EXPECT_EQ(ret, CMR_ERROR_NOT_EXIST);
204}
205
206/**
207 * @tc.name: CmGrantTest007
208 * @tc.desc: Test CmGrantTest keyUri data has no object: can't find cert
209 * @tc.type: FUNC
210 * @tc.require: AR000H0MIA /SR000H09NA
211 */
212HWTEST_F(CmGrantTest, CmGrantTest007, TestSize.Level0)
213{
214    /* keyUri data has no object */
215    uint8_t uriData[] = "oh:t=ak;u=0;a=0";
216    struct CmBlob keyUri = { sizeof(uriData), uriData };
217
218    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
219    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
220
221    uint32_t appId = DEFAULT_APP_ID;
222
223    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
224    EXPECT_EQ(ret, CMR_ERROR_NOT_EXIST);
225}
226
227/**
228 * @tc.name: CmGrantTest008
229 * @tc.desc: Test CmGrantTest keyUri data type not ak: can't find cert
230 * @tc.type: FUNC
231 * @tc.require: AR000H0MIA /SR000H09NA
232 */
233HWTEST_F(CmGrantTest, CmGrantTest008, TestSize.Level0)
234{
235    /* keyUri data type not ak */
236    uint8_t uriData[] = "oh:t=m;o=keyA;u=0;a=0";
237    struct CmBlob keyUri = { sizeof(uriData), uriData };
238
239    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
240    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
241
242    uint32_t appId = DEFAULT_APP_ID;
243
244    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
245    EXPECT_EQ(ret, CMR_ERROR_NOT_EXIST);
246}
247
248/**
249 * @tc.name: CmGrantTest009
250 * @tc.desc: Test CmGrantTest authUri null
251 * @tc.type: FUNC
252 * @tc.require: AR000H0MIA /SR000H09NA
253 */
254HWTEST_F(CmGrantTest, CmGrantTest009, TestSize.Level0)
255{
256    uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
257    struct CmBlob keyUri = { sizeof(uriData), uriData };
258    uint32_t appId = DEFAULT_APP_ID;
259    struct CmBlob *authUri = nullptr; /* authUri nullptr */
260
261    int32_t ret = CmGrantAppCertificate(&keyUri, appId, authUri);
262    EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
263}
264
265/**
266 * @tc.name: CmGrantTest010
267 * @tc.desc: Test CmGrantTest authUri size is 0
268 * @tc.type: FUNC
269 * @tc.require: AR000H0MIA /SR000H09NA
270 */
271HWTEST_F(CmGrantTest, CmGrantTest010, TestSize.Level0)
272{
273    uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
274    struct CmBlob keyUri = { sizeof(uriData), uriData };
275
276    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
277    struct CmBlob authUri = { 0, authUriData }; /* authUri size is 0 */
278
279    uint32_t appId = DEFAULT_APP_ID;
280
281    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
282    EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
283}
284
285/**
286 * @tc.name: CmGrantTest011
287 * @tc.desc: Test CmGrantTest authUri data is NULL
288 * @tc.type: FUNC
289 * @tc.require: AR000H0MIA /SR000H09NA
290 */
291HWTEST_F(CmGrantTest, CmGrantTest011, TestSize.Level0)
292{
293    uint8_t uriData[] = "oh:t=ak;o=keyA;u=0;a=0";
294    struct CmBlob keyUri = { sizeof(uriData), uriData };
295    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, nullptr }; /* authUri data is NULL */
296    uint32_t appId = DEFAULT_APP_ID;
297
298    int32_t ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
299    EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT);
300}
301
302/**
303 * @tc.name: CmGrantTest012
304 * @tc.desc: Test CmGrantTest normal case: grant 1 app id
305 * @tc.type: FUNC
306 * @tc.require: AR000H0MIA /SR000H09NA
307 */
308HWTEST_F(CmGrantTest, CmGrantTest012, TestSize.Level0)
309{
310    TestNormalGrant(GRANT_ONE_APP_ID, true); /* grant 1 app id */
311}
312
313/**
314 * @tc.name: CmGrantTest013
315 * @tc.desc: Test CmGrantTest normal case: grant 10 same app id
316 * @tc.type: FUNC
317 * @tc.require: AR000H0MIA /SR000H09NA
318 */
319HWTEST_F(CmGrantTest, CmGrantTest013, TestSize.Level0)
320{
321    TestNormalGrant(GRANT_MULTIPLE_APP_ID, true); /* grant 10 same app id */
322}
323
324/**
325 * @tc.name: CmGrantTest014
326 * @tc.desc: Test CmGrantTest normal case: grant 10 different app id
327 * @tc.type: FUNC
328 * @tc.require: AR000H0MIA /SR000H09NA
329 */
330HWTEST_F(CmGrantTest, CmGrantTest014, TestSize.Level0)
331{
332    TestNormalGrant(GRANT_MULTIPLE_APP_ID, false); /* grant 10 different app id */
333}
334
335/**
336 * @tc.name: CmGrantTest015
337 * @tc.desc: Test CmGrantTest authUri size too small
338 * @tc.type: FUNC
339 * @tc.require: AR000H0MIA /SR000H09NA
340 */
341HWTEST_F(CmGrantTest, CmGrantTest015, TestSize.Level0)
342{
343    uint8_t aliasData[] = "CmGrantTest014";
344    struct CmBlob alias = { sizeof(aliasData), aliasData };
345    int32_t ret = TestGenerateAppCert(&alias, CERT_KEY_ALG_RSA, CM_CREDENTIAL_STORE);
346    EXPECT_EQ(ret, CM_SUCCESS) << "TestGenerateAppCert failed, retcode:" << ret;
347
348    uint8_t uriData[] = "oh:t=ak;o=CmGrantTest014;u=0;a=0";
349    struct CmBlob keyUri = { sizeof(uriData), uriData };
350    uint8_t authUriData[INVALID_AUTH_URI_LEN] = {0}; /* size too small */
351    struct CmBlob authUri = { INVALID_AUTH_URI_LEN, authUriData };
352    uint32_t appId = DEFAULT_APP_ID;
353
354    ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
355    EXPECT_EQ(ret, CMR_ERROR_BUFFER_TOO_SMALL) << "CmGrantAppCertificate failed, retcode:" << ret;
356
357    ret = CmUninstallAppCert(&keyUri, CM_CREDENTIAL_STORE);
358    EXPECT_EQ(ret, CM_SUCCESS) << "CmUninstallAppCert failed, retcode:" << ret;
359}
360
361/**
362 * @tc.name: CmGrantTestPerformance016
363 * @tc.desc: 1000 times: grant and remove grant
364 * @tc.type: FUNC
365 * @tc.require: AR000H0MIA /SR000H09NA
366 */
367HWTEST_F(CmGrantTest, CmGrantTestPerformance016, TestSize.Level1)
368{
369    uint8_t aliasData[] = "TestGrantPer";
370    struct CmBlob alias = { sizeof(aliasData), aliasData };
371    int32_t ret = TestGenerateAppCert(&alias, CERT_KEY_ALG_RSA, CM_CREDENTIAL_STORE);
372    EXPECT_EQ(ret, CM_SUCCESS) << "TestGenerateAppCert failed, retcode:" << ret;
373
374    uint8_t uriData[] = "oh:t=ak;o=TestGrantPer;u=0;a=0";
375    struct CmBlob keyUri = { sizeof(uriData), uriData };
376    uint8_t authUriData[DEFAULT_AUTH_URI_LEN] = {0};
377    struct CmBlob authUri = { DEFAULT_AUTH_URI_LEN, authUriData };
378    uint32_t appId = DEFAULT_APP_ID;
379
380    for (uint32_t i = 0; i < PERFORMACE_COUNT; ++i) {
381        ret = CmGrantAppCertificate(&keyUri, appId, &authUri);
382        EXPECT_EQ(ret, CM_SUCCESS) << "CmGrantAppCertificate failed, retcode:" << ret;
383
384        ret = CmRemoveGrantedApp(&keyUri, appId);
385        EXPECT_EQ(ret, CM_SUCCESS) << "CmRemoveGrantedApp failed, retcode:" << ret;
386    }
387
388    ret = CmUninstallAppCert(&keyUri, CM_CREDENTIAL_STORE);
389    EXPECT_EQ(ret, CM_SUCCESS) << "CmUninstallAppCert failed, retcode:" << ret;
390}
391} // end of namespace
392
393