1 /*
2 * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <memory>
17 #include <gtest/gtest.h>
18
19 #include "sign_elf.h"
20 #include "code_signing.h"
21
22 namespace OHOS {
23 namespace SignatureTools {
24 class SignElfTest : public testing::Test {
25 public:
SetUpTestCase(void)26 static void SetUpTestCase(void)
27 {
28 (void)rename("./codeSigning/unsigned-file.txt", "./codeSigning/unsigned-file.hap");
29 };
TearDownTestCase()30 static void TearDownTestCase()
31 {
32 };
SetUp()33 void SetUp()
34 {
35 };
TearDown()36 void TearDown()
37 {
38 };
39 };
40
SetElfParamsMap(std::map<std::string, std::string>& params)41 void SetElfParamsMap(std::map<std::string, std::string>& params)
42 {
43 params["keyPwd"] = "123456";
44 params["mode"] = "localSign";
45 params["keyAlias"] = "oh-app1-key-v1";
46 params["signAlg"] = "SHA256withECDSA";
47 params["appCertFile"] = "./hapSign/app-release1.pem";
48 params["signCode"] = "1";
49 params["compatibleVersion"] = "9";
50 params["outFile"] = "./hapSign/entry-default-signed.elf";
51 params["profileFile"] = "./hapSign/signed-profile.p7b";
52 params["keystorePwd"] = "123456";
53 params["keystoreFile"] = "./hapSign/ohtest.jks";
54 params["inFile"] = "./codeSigning/unsigned-file.hap";
55 params["profileSigned"] = "1";
56 params["inForm"] = "elf";
57 std::string provision = "{\"app-distribution-type\": \"app_gallery\",\"bundle-info\":{\"app-"
58 "feature\":\"hos_system_app\",\"bundle-name\":\"com.OpenHarmony.app.test\",\"developer-id\":\"O"
59 "penHarmony\",\"distribution-certificate\":\"-----BEGIN CERTIFICATE-----\\n"
60 "MIICMzCCAbegAwIBAgIEaOC/zDAMBggqhkjOPQQDAwUAMGMxCzAJBgNVBAYTAkNO\\n"
61 "MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh\\n"
62 "bTEjMCEGA1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwHhcNMjEwMjAy\\n"
63 "MTIxOTMxWhcNNDkxMjMxMTIxOTMxWjBoMQswCQYDVQQGEwJDTjEUMBIGA1UEChML\\n"
64 "T3Blbkhhcm1vbnkxGTAXBgNVBAsTEE9wZW5IYXJtb255IFRlYW0xKDAmBgNVBAMT\\n"
65 "H09wZW5IYXJtb255IEFwcGxpY2F0aW9uIFJlbGVhc2UwWTATBgcqhkjOPQIBBggq\\n"
66 "hkjOPQMBBwNCAATbYOCQQpW5fdkYHN45v0X3AHax12jPBdEDosFRIZ1eXmxOYzSG\\n"
67 "JwMfsHhUU90E8lI0TXYZnNmgM1sovubeQqATo1IwUDAfBgNVHSMEGDAWgBTbhrci\\n"
68 "FtULoUu33SV7ufEFfaItRzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0OBBYEFPtxruhl\\n"
69 "cRBQsJdwcZqLu9oNUVgaMAwGCCqGSM49BAMDBQADaAAwZQIxAJta0PQ2p4DIu/ps\\n"
70 "LMdLCDgQ5UH1l0B4PGhBlMgdi2zf8nk9spazEQI/0XNwpft8QAIwHSuA2WelVi/o\\n"
71 "zAlF08DnbJrOOtOnQq5wHOPlDYB4OtUzOYJk9scotrEnJxJzGsh/\\n"
72 "-----END CERTIFICATE-----\\n"
73 "\"},\"debug-info\":{\"device-id-type\":\"udid\",\"device-ids\":[\"69C7505BE341BDA5948C3C0CB"
74 "44ABCD530296054159EFE0BD16A16CD0129CC42\",\"7EED06506FCE6325EB2E2FAA019458B856AB10493A6718C76"
75 "79A73F958732865\"]},\"issuer\":\"pki_internal\",\"permissions\":{\"restricted-permissions\":"
76 "[\"\"]},\"type\":\"release\",\"uuid\":\"fe686e1b-3770-4824-a938-961b140a7c98\",\"validity\":"
77 "{\"not-after\":1705127532,\"not-before\":1610519532},\"version-code\":1,\"version-name\":\"1.0.0\"}";
78 params["profileContent"] = provision;
79 }
80
SetElfOptions(Options* options)81 void SetElfOptions(Options* options)
82 {
83 std::string mode = "localSign";
84 std::string keyAlias = "oh-app1-key-v1";
85 std::string signAlg = "SHA256withECDSA";
86 std::string signCode = "1";
87 std::string appCertFile = "./hapSign/app-release1.pem";
88 std::string profileFile = "./hapSign/signed-profile.p7b";
89 std::string inFile = "./codeSigning/unsigned-file.hap";
90 std::string keystoreFile = "./hapSign/ohtest.p12";
91 std::string outFile = "./hapSign/entry-default-signed.elf";
92 std::string inForm = "elf";
93 static char keyPwd[] = "123456";
94 static char keystorePwd[] = "123456";
95
96 (*options)["mode"] = "localSign";
97 (*options)["keyAlias"] = keyAlias;
98 (*options)["signAlg"] = signAlg;
99 (*options)["signCode"] = signCode;
100 (*options)["appCertFile"] = appCertFile;
101 (*options)["profileFile"] = profileFile;
102 (*options)["inFile"] = inFile;
103 (*options)["keystoreFile"] = keystoreFile;
104 (*options)["outFile"] = outFile;
105 (*options)["inForm"] = inForm;
106 (*options)["keyPwd"] = keyPwd;
107 (*options)["keystorePwd"] = keystorePwd;
108 }
109
110 /**
111 * @tc.name: sign001
112 * @tc.desc: Test function of SignElf::sign() interface for SUCCESS.
113 * @tc.size: MEDIUM
114 * @tc.type: FUNC
115 * @tc.level Level 1
116 * @tc.require: SR000H63TL
117 */
HWTEST_F(SignElfTest, Sign001, testing::ext::TestSize.Level1)118 HWTEST_F(SignElfTest, Sign001, testing::ext::TestSize.Level1)
119 {
120 // success
121 SignerConfig signerConfig;
122 signerConfig.SetCompatibleVersion(9);
123
124 std::map<std::string, std::string> params;
125 SetElfParamsMap(params);
126 signerConfig.FillParameters(params);
127
128 ContentDigestAlgorithm contentDigestAlgorithm("SHA-256", 32);
129 std::pair<std::string, void*> signatureAlgAndParams("SHA256withECDSA", nullptr);
130 SignatureAlgorithmHelper signatureAlgorithm(SignatureAlgorithmId::ECDSA_WITH_SHA256, "ECDSA_WITH_SHA256",
131 contentDigestAlgorithm, signatureAlgAndParams);
132 std::vector<SignatureAlgorithmHelper> signatureAlgorithms;
133 signatureAlgorithms.push_back(signatureAlgorithm);
134 signerConfig.SetSignatureAlgorithms(signatureAlgorithms);
135
136 std::shared_ptr<Options> options = std::make_shared<Options>();
137 SetElfOptions(options.get());
138 signerConfig.SetOptions(options.get());
139
140 signerConfig.GetSigner();
141 SignElf::Sign(signerConfig, params);
142 EXPECT_EQ(signerConfig.GetCompatibleVersion(), 9);
143 }
144
145 /**
146 * @tc.name: sign002
147 * @tc.desc: The return will be false, because the inFile is not exist.
148 * @tc.size: MEDIUM
149 * @tc.type: FUNC
150 * @tc.level Level 1
151 * @tc.require: SR000H63TL
152 */
HWTEST_F(SignElfTest, Sign002, testing::ext::TestSize.Level1)153 HWTEST_F(SignElfTest, Sign002, testing::ext::TestSize.Level1)
154 {
155 SignerConfig signerConfig;
156 signerConfig.SetCompatibleVersion(9);
157
158 std::map<std::string, std::string> params;
159 SetElfParamsMap(params);
160 params["inFile"] = "./hapSign/unsigned-file-no.out";
161 signerConfig.FillParameters(params);
162
163 ContentDigestAlgorithm contentDigestAlgorithm("SHA-256", 32);
164 std::pair<std::string, void*> signatureAlgAndParams("SHA256withECDSA", nullptr);
165 SignatureAlgorithmHelper signatureAlgorithm(SignatureAlgorithmId::ECDSA_WITH_SHA256, "ECDSA_WITH_SHA256",
166 contentDigestAlgorithm, signatureAlgAndParams);
167 std::vector<SignatureAlgorithmHelper> signatureAlgorithms;
168 signatureAlgorithms.push_back(signatureAlgorithm);
169 signerConfig.SetSignatureAlgorithms(signatureAlgorithms);
170
171 std::shared_ptr<Options> options = std::make_shared<Options>();
172 SetElfOptions(options.get());
173 (*options)["inFile"] = "./hapSign/unsigned-file-no.out";
174 signerConfig.SetOptions(options.get());
175
176 signerConfig.GetSigner();
177 bool ret = SignElf::Sign(signerConfig, params);
178
179 EXPECT_EQ(ret, false);
180 }
181
182 /**
183 * @tc.name: sign003
184 * @tc.desc: The return will be false, because the profileFile is not exist.
185 * @tc.size: MEDIUM
186 * @tc.type: FUNC
187 * @tc.level Level 1
188 * @tc.require: SR000H63TL
189 */
HWTEST_F(SignElfTest, Sign003, testing::ext::TestSize.Level1)190 HWTEST_F(SignElfTest, Sign003, testing::ext::TestSize.Level1)
191 {
192 // failed:profileFile is null
193 SignerConfig signerConfig;
194 signerConfig.SetCompatibleVersion(9);
195
196 std::map<std::string, std::string> params;
197 SetElfParamsMap(params);
198 params["profileFile"] = "./hapSign/signed-profile-no.p7b";
199 signerConfig.FillParameters(params);
200
201 ContentDigestAlgorithm contentDigestAlgorithm("SHA-256", 32);
202 std::pair<std::string, void*> signatureAlgAndParams("SHA256withECDSA", nullptr);
203 SignatureAlgorithmHelper signatureAlgorithm(SignatureAlgorithmId::ECDSA_WITH_SHA256, "ECDSA_WITH_SHA256",
204 contentDigestAlgorithm, signatureAlgAndParams);
205 std::vector<SignatureAlgorithmHelper> signatureAlgorithms;
206 signatureAlgorithms.push_back(signatureAlgorithm);
207 signerConfig.SetSignatureAlgorithms(signatureAlgorithms);
208
209 std::shared_ptr<Options> options = std::make_shared<Options>();
210 SetElfOptions(options.get());
211 (*options)["profileFile"] = "./hapSign/signed-profile-no.p7b";
212 signerConfig.SetOptions(options.get());
213
214 signerConfig.GetSigner();
215 bool ret = SignElf::Sign(signerConfig, params);
216 EXPECT_EQ(ret, false);
217 }
218
219 /**
220 * @tc.name: sign004
221 * @tc.desc: The return will be false, because the outFile path is not exist.
222 * @tc.size: MEDIUM
223 * @tc.type: FUNC
224 * @tc.level Level 1
225 * @tc.require: SR000H63TL
226 */
HWTEST_F(SignElfTest, Sign004, testing::ext::TestSize.Level1)227 HWTEST_F(SignElfTest, Sign004, testing::ext::TestSize.Level1)
228 {
229 // failed:outFile is null
230 SignerConfig signerConfig;
231 signerConfig.SetCompatibleVersion(9);
232
233 std::map<std::string, std::string> params;
234 SetElfParamsMap(params);
235 params["outFile"] = "./hapSign_test/entry-default-signed.elf";
236 signerConfig.FillParameters(params);
237
238 ContentDigestAlgorithm contentDigestAlgorithm("SHA-256", 32);
239 std::pair<std::string, void*> signatureAlgAndParams("SHA256withECDSA", nullptr);
240 SignatureAlgorithmHelper signatureAlgorithm(SignatureAlgorithmId::ECDSA_WITH_SHA256, "ECDSA_WITH_SHA256",
241 contentDigestAlgorithm, signatureAlgAndParams);
242 std::vector<SignatureAlgorithmHelper> signatureAlgorithms;
243 signatureAlgorithms.push_back(signatureAlgorithm);
244 signerConfig.SetSignatureAlgorithms(signatureAlgorithms);
245
246 std::shared_ptr<Options> options = std::make_shared<Options>();
247 SetElfOptions(options.get());
248 (*options)["outFile"] = "./hapSign_test/entry-default-signed.elf";
249 signerConfig.SetOptions(options.get());
250
251 signerConfig.GetSigner();
252 bool ret = SignElf::Sign(signerConfig, params);
253 EXPECT_EQ(ret, false);
254 }
255
256 /**
257 * @tc.name: sign005
258 * @tc.desc: The return will be false, because the signCode is 0, when signelf the signCode must be 1.
259 * @tc.size: MEDIUM
260 * @tc.type: FUNC
261 * @tc.level Level 1
262 * @tc.require: SR000H63TL
263 */
HWTEST_F(SignElfTest, Sign005, testing::ext::TestSize.Level1)264 HWTEST_F(SignElfTest, Sign005, testing::ext::TestSize.Level1)
265 {
266 // failed:signCode is 0
267 SignerConfig signerConfig;
268 signerConfig.SetCompatibleVersion(9);
269
270 std::map<std::string, std::string> params;
271 SetElfParamsMap(params);
272 params["signCode"] = "0";
273 signerConfig.FillParameters(params);
274
275 ContentDigestAlgorithm contentDigestAlgorithm("SHA-256", 32);
276 std::pair<std::string, void*> signatureAlgAndParams("SHA256withECDSA", nullptr);
277 SignatureAlgorithmHelper signatureAlgorithm(SignatureAlgorithmId::ECDSA_WITH_SHA256, "ECDSA_WITH_SHA256",
278 contentDigestAlgorithm, signatureAlgAndParams);
279 std::vector<SignatureAlgorithmHelper> signatureAlgorithms;
280 signatureAlgorithms.push_back(signatureAlgorithm);
281 signerConfig.SetSignatureAlgorithms(signatureAlgorithms);
282
283 std::shared_ptr<Options> options = std::make_shared<Options>();
284 SetElfOptions(options.get());
285 (*options)["signCode"] = "0";
286 signerConfig.SetOptions(options.get());
287
288 signerConfig.GetSigner();
289 bool ret = SignElf::Sign(signerConfig, params);
290 EXPECT_EQ(ret, false);
291 }
292
293 /**
294 * @tc.name: GetCodeSignBlock001
295 * @tc.desc: The return will be false, because the input format is not support, it must be hap/hsp/hqf.
296 * @tc.size: MEDIUM
297 * @tc.type: FUNC
298 * @tc.level Level 1
299 * @tc.require: SR000H63TL
300 */
HWTEST_F(SignElfTest, GetCodeSignBlock001, testing::ext::TestSize.Level1)301 HWTEST_F(SignElfTest, GetCodeSignBlock001, testing::ext::TestSize.Level1)
302 {
303 CodeSigning object;
304 std::string input = "./hapSign_test/entry-default-signed.elf";
305 int64_t offset = 0;
306 std::string inForm = "elf";
307 std::string profileContent = "";
308 ZipSigner zip;
309 std::vector<int8_t> ret;
310 bool flag = object.GetCodeSignBlock(input, offset, inForm, profileContent, zip, ret);
311 EXPECT_EQ(flag, false);
312 }
313 }
314 }
315