1/*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include <cstdio>
17#include <cstring>
18#include <fcntl.h>
19#include <gtest/gtest.h>
20#include <sys/ioctl.h>
21#include <sys/types.h>
22#include <ctime>
23#include <unistd.h>
24
25#include "cert_path.h"
26#include "selinux/selinux.h"
27
28namespace OHOS {
29namespace Security {
30namespace CodeSign {
31using namespace std;
32using namespace testing::ext;
33
34static const uint32_t MAX_CERT_CHAIN = 3;
35static const uint32_t CERT_PATH_TYPE = 0x103;
36static const uint32_t GREATER_THAN_MAX_CERT_CHAIN = 4;
37static const uint32_t LESS_THAN_MIN_CERT_CHAIN = -1;
38
39static const string DEV_NAME = "/dev/code_sign";
40static const string TEST_SUBJECT = "OpenHarmony Application Release";
41static const string TEST_ISSUER = "OpenHarmony Application CA";
42static const string KEY_ENABLE_CTX = "u:r:key_enable:s0";
43static const string FAKE_SUBJECT = "Fake subject";
44static const string FAKE_ISSUER = "Fake issuer";
45static const string SUBJECT_AS_SYSTEM_TYPE = "System subject";
46static const string ISSUER_AS_SYSTEM_TYPE = "System issuer";
47
48class AddCertPathTest : public testing::Test {
49public:
50    AddCertPathTest() {};
51    virtual ~AddCertPathTest() {};
52    static void SetUpTestCase() {};
53    static void TearDownTestCase() {};
54    void SetUp() {};
55    void TearDown() {};
56};
57
58static CertPathInfo MakeCertPathInfo(const char *signing, const char *issuer,
59    uint32_t max_cert_chain, uint32_t cert_path_type)
60{
61    CertPathInfo arg = { 0 };
62    arg.signing = reinterpret_cast<uint64_t>(signing);
63    arg.issuer = reinterpret_cast<uint64_t>(issuer);
64    arg.signing_length = strlen(signing);
65    arg.issuer_length = strlen(issuer);
66    arg.path_len = max_cert_chain;
67    arg.path_type = cert_path_type;
68    return arg;
69}
70
71/**
72 * @tc.name: AddCertPathTest_0001
73 * @tc.desc: calling interface with greater than path len
74 * @tc.type: Func
75 * @tc.require:
76 */
77HWTEST_F(AddCertPathTest, AddCertPathTest_0001, TestSize.Level0)
78{
79    CertPathInfo certPathInfo = MakeCertPathInfo(TEST_SUBJECT.c_str(), TEST_ISSUER.c_str(),
80        GREATER_THAN_MAX_CERT_CHAIN, CERT_PATH_TYPE);
81    EXPECT_NE(AddCertPath(certPathInfo), 0);
82}
83
84/**
85 * @tc.name: AddCertPathTest_0002
86 * @tc.desc: calling interface with invalid path len
87 * @tc.type: Func
88 * @tc.require:
89 */
90HWTEST_F(AddCertPathTest, AddCertPathTest_0002, TestSize.Level0)
91{
92    CertPathInfo certPathInfo = MakeCertPathInfo(TEST_SUBJECT.c_str(), TEST_ISSUER.c_str(),
93        LESS_THAN_MIN_CERT_CHAIN, CERT_PATH_TYPE);
94    EXPECT_NE(AddCertPath(certPathInfo), 0);
95}
96
97/**
98 * @tc.name: AddCertPathTest_0003
99 * @tc.desc: add cert path success
100 * @tc.type: Func
101 * @tc.require:
102 */
103HWTEST_F(AddCertPathTest, AddCertPathTest_0003, TestSize.Level0)
104{
105    // type = developer in release
106    CertPathInfo certPathInfo = MakeCertPathInfo(FAKE_SUBJECT.c_str(), FAKE_ISSUER.c_str(), MAX_CERT_CHAIN, 0x3);
107    EXPECT_EQ(AddCertPath(certPathInfo), 0);
108    EXPECT_EQ(RemoveCertPath(certPathInfo), 0);
109
110    // type = developer in debug
111    certPathInfo = MakeCertPathInfo(FAKE_SUBJECT.c_str(), FAKE_ISSUER.c_str(), MAX_CERT_CHAIN, 0x103);
112    EXPECT_EQ(AddCertPath(certPathInfo), 0);
113    EXPECT_EQ(RemoveCertPath(certPathInfo), 0);
114
115    // remove unexists
116    EXPECT_NE(RemoveCertPath(certPathInfo), 0);
117}
118
119/**
120 * @tc.name: AddCertPathTest_0004
121 * @tc.desc: cannot add system cert except key_enable
122 * @tc.type: Func
123 * @tc.require:
124 */
125HWTEST_F(AddCertPathTest, AddCertPathTest_0004, TestSize.Level0)
126{
127    // release
128    CertPathInfo certPathInfo = MakeCertPathInfo(SUBJECT_AS_SYSTEM_TYPE.c_str(),
129        ISSUER_AS_SYSTEM_TYPE.c_str(), MAX_CERT_CHAIN, 1);
130    // cannot add except key_enable
131    EXPECT_NE(AddCertPath(certPathInfo), 0);
132}
133} // namespace CodeSign
134} // namespace Security
135} // namespace OHOS