1 /*
2 * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "hap_verify_test.h"
17 #include <string>
18 #include <gtest/gtest.h>
19 #include <filesystem>
20 #include "profile_info.h"
21 #include "verify_hap.h"
22 #include "test_hap_file_data.h"
23 #include "hap_cert_verify_openssl_utils_test.h"
24 #include "test_const.h"
25 #include "test_hap_file_data.h"
26 #include "file_utils.h"
27 #include "random_access_file.h"
28 #include "signature_tools_log.h"
29 #include "verify_hap.h"
30 #include "hap_signer_block_utils.h"
31 #include "openssl/pem.h"
32 #include "options.h"
33 #include "signature_tools_errno.h"
34 #include "hap_utils.h"
35 #include "cert_dn_utils.h"
36 #include "signer_config.h"
37 #include "digest_common.h"
38
39 using namespace testing::ext;
40
41 namespace OHOS {
42 namespace SignatureTools {
43 const std::string ERROR_CERTIFICATE = "errorCertificate";
44 const std::string TEST_CERTIFICATE = "-----BEGIN CERTIFICATE-----\n\
45 MIICMzCCAbegAwIBAgIEaOC/zDAMBggqhkjOPQQDAwUAMGMxCzAJBgNVBAYTAkNO\n\
46 MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh\n\
47 bTEjMCEGA1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwHhcNMjEwMjAy\n\
48 MTIxOTMxWhcNNDkxMjMxMTIxOTMxWjBoMQswCQYDVQQGEwJDTjEUMBIGA1UEChML\n\
49 T3Blbkhhcm1vbnkxGTAXBgNVBAsTEE9wZW5IYXJtb255IFRlYW0xKDAmBgNVBAMT\n\
50 H09wZW5IYXJtb255IEFwcGxpY2F0aW9uIFJlbGVhc2UwWTATBgcqhkjOPQIBBggq\n\
51 hkjOPQMBBwNCAATbYOCQQpW5fdkYHN45v0X3AHax12jPBdEDosFRIZ1eXmxOYzSG\n\
52 JwMfsHhUU90E8lI0TXYZnNmgM1sovubeQqATo1IwUDAfBgNVHSMEGDAWgBTbhrci\n\
53 FtULoUu33SV7ufEFfaItRzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0OBBYEFPtxruhl\n\
54 cRBQsJdwcZqLu9oNUVgaMAwGCCqGSM49BAMDBQADaAAwZQIxAJta0PQ2p4DIu/ps\n\
55 LMdLCDgQ5UH1l0B4PGhBlMgdi2zf8nk9spazEQI/0XNwpft8QAIwHSuA2WelVi/o\n\
56 zAlF08DnbJrOOtOnQq5wHOPlDYB4OtUzOYJk9scotrEnJxJzGsh/\n\
57 -----END CERTIFICATE-----\n";
58
59 class VerifyHapTest : public testing::Test {
60 public:
61 static void SetUpTestCase(void);
62
63 static void TearDownTestCase(void);
64
65 void SetUp();
66
67 void TearDown();
68 };
69
GenUnvaildVerfyHap(const std::string& path)70 void GenUnvaildVerfyHap(const std::string& path)
71 {
72 std::ofstream outfile(path);
73 if (!outfile) {
74 SIGNATURE_TOOLS_LOGE("Unable to open file: %s", path.c_str());
75 return;
76 }
77 outfile << "Hello, this is a Unvaild verfy Hap.\n";
78 outfile.flush();
79 outfile.close();
80 return;
81 }
82
SetUpTestCase(void)83 void VerifyHapTest::SetUpTestCase(void)
84 {
85 GenUnvaildVerfyHap("./hapVerify/unvaild.app");
86 GenUnvaildVerfyHap("./hapVerify/unvaild.hap");
87 GenUnvaildVerfyHap("./hapVerify/unvaild.hqf");
88 GenUnvaildVerfyHap("./hapVerify/unvaild.hsp");
89 GenUnvaildVerfyHap("./hapVerify/unvaild.txt");
90 (void)rename("./hapVerify/packet_diget_algo_error.txt", "./hapVerify/packet_diget_algo_error.hap");
91 (void)rename("./hapVerify/packet_hap_integrity_error.txt", "./hapVerify/packet_hap_integrity_error.hap");
92 (void)rename("./hapVerify/packet_verify_app_error.txt", "./hapVerify/packet_verify_app_error.hap");
93 (void)rename("./hapVerify/packet_get_certchain_error.txt", "./hapVerify/packet_get_certchain_error.hap");
94 (void)rename("./hapVerify/packet_parse_profile_error.txt", "./hapVerify/packet_parse_profile_error.hap");
95 (void)rename("./hapVerify/phone-default-signed.txt", "./hapVerify/phone-default-signed.hap");
96 sync();
97 }
98
TearDownTestCase(void)99 void VerifyHapTest::TearDownTestCase(void)
100 {
101 }
102
SetUp()103 void VerifyHapTest::SetUp()
104 {
105 }
106
TearDown()107 void VerifyHapTest::TearDown()
108 {
109 }
110
111 /**
112 * @tc.name: CheckFilePathTest001
113 * @tc.desc: The static function test whether input is a valid filepath;
114 * @tc.type: FUNC
115 */
HWTEST_F(VerifyHapTest, CheckFilePathTest001, TestSize.Level1)116 HWTEST_F(VerifyHapTest, CheckFilePathTest001, TestSize.Level1)
117 {
118 /*
119 * @tc.steps: step1. input an too long filepath.
120 * @tc.expected: step1. the return will be false.
121 */
122 VerifyHap v2;
123 std::string filePath = HAP_FILE_ECC_SIGN_BASE64;
124 std::string standardFilePath;
125 ASSERT_FALSE(v2.CheckFilePath(filePath, standardFilePath));
126 }
127
128 /**
129 * @tc.name: GetDigestAndAlgorithmTest001
130 * @tc.desc: The static function will return result of GetDigestAndAlgorithm;
131 * @tc.type: FUNC
132 */
HWTEST_F(VerifyHapTest, GetDigestAndAlgorithmTest001, TestSize.Level1)133 HWTEST_F(VerifyHapTest, GetDigestAndAlgorithmTest001, TestSize.Level1)
134 {
135 /*
136 * @tc.steps: step1. input an error pkcs7 content.
137 * @tc.expected: step1. the return will be false.
138 */
139 VerifyHap v2;
140 Pkcs7Context digest;
141 digest.content.SetCapacity(TEST_FILE_BLOCK_LENGTH);
142 ASSERT_FALSE(v2.GetDigestAndAlgorithm(digest));
143 }
144
145 /**
146 * @tc.name: Verify001
147 * @tc.desc: The static function will return verify result;
148 * @tc.type: FUNC
149 */
HWTEST_F(VerifyHapTest, Verify001, TestSize.Level0)150 HWTEST_F(VerifyHapTest, Verify001, TestSize.Level0)
151 {
152 /*
153 * @tc.steps: step1. input a invalid path to function of HapVerify.
154 * @tc.expected: step1. the return will be FILE_PATH_INVALID.
155 */
156 Options options;
157 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
158 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
159
160 std::string errorFile = "./hapVerify/signed_test.app";
161
162 VerifyHap verify;
163 int32_t resultCode = verify.Verify(errorFile, &options);
164 ASSERT_TRUE(resultCode != OHOS::SignatureTools::RET_OK);
165 std::ofstream appFile;
166 appFile.open(errorFile.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
167 ASSERT_TRUE(appFile.is_open());
168 appFile.close();
169 resultCode = verify.Verify(errorFile, &options);
170 ASSERT_TRUE(resultCode != OHOS::SignatureTools::RET_OK);
171 }
172
173 /**
174 * @tc.name: HapVerifyOsApp001
175 * @tc.desc: The static function will return verify result of signed file;
176 * @tc.type: FUNC
177 */
HWTEST_F(VerifyHapTest, HapVerifyOsApp001, TestSize.Level0)178 HWTEST_F(VerifyHapTest, HapVerifyOsApp001, TestSize.Level0)
179 {
180 /*
181 * @tc.steps: step1. input a signed file to verify.
182 * @tc.expected: step1. the return will be RET_OK.
183 */
184
185 std::string filePath = "./hapVerify/phone-default-signed.hap";
186 Options options;
187 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
188 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
189
190 VerifyHap verify;
191 int32_t ret = verify.Verify(filePath, &options);
192 ASSERT_EQ(ret, OHOS::SignatureTools::RET_OK);
193 }
194
195 /**
196 * @tc.name: Verify002
197 * @tc.desc: The static function will return verify result of signed file;
198 * @tc.type: FUNC
199 */
HWTEST_F(VerifyHapTest, Verify002, TestSize.Level0)200 HWTEST_F(VerifyHapTest, Verify002, TestSize.Level0)
201 {
202 std::string filePath = "./hapVerify/phone-default-signed.hap";
203 std::string errorfilePath = "./hapVerify/phone-default-signed_error.hap";
204 Options options;
205 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
206 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
207
208 OHOS::SignatureTools::ByteBuffer byteBuffer;
209 std::ifstream hapFile;
210 hapFile.open(filePath, std::ifstream::binary);
211 ASSERT_TRUE(hapFile.is_open());
212 std::stringstream hapFileStr;
213 hapFileStr << hapFile.rdbuf();
214 size_t strSize = hapFileStr.str().size();
215 byteBuffer.SetCapacity(strSize);
216 byteBuffer.PutData(hapFileStr.str().c_str(), hapFileStr.str().size());
217 hapFile.close();
218 /*
219 * @tc.steps: step1. input a signed file to verify.
220 * @tc.expected: step1. the return will be RET_OK.
221 */
222 VerifyHap verify;
223 ASSERT_TRUE(verify.Verify(filePath, &options) == OHOS::SignatureTools::RET_OK);
224 /*
225 * @tc.steps: step3. change comment data.
226 * @tc.expected: step3. the return will be VERIFY_INTEGRITY_FAIL.
227 */
228 OHOS::SignatureTools::ByteBuffer errorCommentFile = byteBuffer;
229 char tmp = TEST_HAPBYTEBUFFER_CHAR_DATA;
230 errorCommentFile.PutByte(0, tmp);
231 std::ofstream errorFile;
232 errorFile.open(errorfilePath.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
233 ASSERT_TRUE(errorFile.is_open());
234 errorFile.seekp(0, std::ios_base::beg);
235 errorFile.write(errorCommentFile.GetBufferPtr(), errorCommentFile.GetCapacity());
236 errorFile.close();
237 ASSERT_NE(verify.Verify(errorfilePath, &options), OHOS::SignatureTools::RET_OK);
238 /*
239 * @tc.steps: step4. change profile pkcs7 data.
240 * @tc.expected: step4. the return will be APP_SOURCE_NOT_TRUSTED.
241 */
242 errorCommentFile.PutByte(TEST_PFOFILE_PKCS7_DATA_INDEX, tmp);
243 errorFile.open(errorfilePath.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
244 ASSERT_TRUE(errorFile.is_open());
245 errorFile.seekp(0, std::ios_base::beg);
246 errorFile.write(errorCommentFile.GetBufferPtr(), errorCommentFile.GetCapacity());
247 errorFile.close();
248 ASSERT_NE(verify.Verify(errorfilePath, &options), OHOS::SignatureTools::RET_OK);
249 /*
250 * @tc.steps: step5. change app pkcs7 data.
251 * @tc.expected: step5. the return will be VERIFY_APP_PKCS7_FAIL.
252 */
253 errorCommentFile.PutByte(TEST_APP_PKCS7_DATA_INDEX, tmp);
254 errorFile.open(errorfilePath.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
255 ASSERT_TRUE(errorFile.is_open());
256 errorFile.seekp(0, std::ios_base::beg);
257 errorFile.write(errorCommentFile.GetBufferPtr(), errorCommentFile.GetCapacity());
258 errorFile.close();
259 ASSERT_NE(verify.Verify(errorfilePath, &options), OHOS::SignatureTools::RET_OK);
260 }
261
262 /**
263 * @tc.name: Verify003
264 * @tc.desc: The static function will return verify result of signed file;
265 * @tc.type: FUNC
266 */
HWTEST_F(VerifyHapTest, Verify003, TestSize.Level0)267 HWTEST_F(VerifyHapTest, Verify003, TestSize.Level0)
268 {
269 /*
270 * @tc.steps: step1. input a invalid path to function of HapVerify.
271 * @tc.expected: step1. the return will be FILE_PATH_INVALID.
272 */
273 Options options;
274 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
275 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
276
277 VerifyHap verify;
278 /*
279 * @tc.steps: step2. create a hapfile and run HapVerify.
280 * @tc.expected: step2. the return will be SIGNATURE_NOT_FOUND.
281 */
282 std::string rightFile = "./hapVerify/signed.hap";
283 std::ofstream hapFile;
284 hapFile.open(rightFile.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
285 ASSERT_TRUE(hapFile.is_open());
286 hapFile.seekp(0, std::ios_base::beg);
287 hapFile.write(MINIHAPFILE, TEST_MINI_HAP_FILE_LENGTH);
288 hapFile.close();
289 int32_t resultCode = verify.Verify(rightFile, &options);
290 ASSERT_NE(resultCode, OHOS::SignatureTools::RET_OK);
291
292 /*
293 * @tc.steps: step3. create an error hapfile and run HapVerify.
294 * @tc.expected: step3. the return will be SIGNATURE_NOT_FOUND.
295 */
296 std::string rightFile1 = "./hapVerify/signed1.hap";
297 std::ofstream hapFile1;
298 hapFile1.open(rightFile1.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
299 ASSERT_TRUE(hapFile1.is_open());
300 hapFile1.seekp(0, std::ios_base::beg);
301 hapFile1.write(MINIHAPFILE, sizeof(MINIHAPFILE));
302 hapFile1.seekp(TEST_MINI_HAP_FILE_LENGTH - sizeof(short), std::ios_base::beg);
303 hapFile1.close();
304 resultCode = verify.Verify(rightFile1, &options);
305 ASSERT_NE(resultCode, OHOS::SignatureTools::RET_OK);
306 /*
307 * @tc.steps: step4. use an empty file to run HapVerify.
308 * @tc.expected: step4. the return will be SIGNATURE_NOT_FOUND.
309 */
310 std::string invalidFile = "./hapVerify/signed2.hap";
311 std::ofstream hapFile2;
312 hapFile2.open(invalidFile.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
313 ASSERT_TRUE(hapFile2.is_open());
314 hapFile2.close();
315 resultCode = verify.Verify(invalidFile, &options);
316 ASSERT_NE(resultCode, OHOS::SignatureTools::RET_OK);
317 }
318
319 /**
320 * @tc.name: Verify004
321 * @tc.desc: This function tests failure for interface HapOutPutPkcs7 due to PKCS7 error
322 * @tc.type: FUNC
323 */
HWTEST_F(VerifyHapTest, Verify004, TestSize.Level0)324 HWTEST_F(VerifyHapTest, Verify004, TestSize.Level0)
325 {
326 std::string outPutPath = "./test.log";
327 PKCS7* p7 = nullptr;
328 VerifyHap verify;
329 bool ret = verify.HapOutPutPkcs7(p7, outPutPath);
330 EXPECT_EQ(ret, false);
331 }
332
333 /**
334 * @tc.name: Verify005
335 * @tc.desc: This function tests failure for interface GetProfileContent due to profile error
336 * @tc.type: FUNC
337 */
HWTEST_F(VerifyHapTest, Verify005, TestSize.Level0)338 HWTEST_F(VerifyHapTest, Verify005, TestSize.Level0)
339 {
340 std::string profile = "";
341 std::string ret = "111";
342 VerifyHap verify;
343 verify.setIsPrintCert(true);
344 int rets = verify.GetProfileContent(profile, ret);
345 EXPECT_EQ(rets, -1);
346 }
347
348 /**
349 * @tc.name: Verify006
350 * @tc.desc: This function tests failure for interface GetProfileContent due to profile error
351 * @tc.type: FUNC
352 */
HWTEST_F(VerifyHapTest, Verify006, TestSize.Level0)353 HWTEST_F(VerifyHapTest, Verify006, TestSize.Level0)
354 {
355 VerifyHap verify;
356 std::string profile = "{version-name: 1.0.0,version-code: 1,uuid: fe686e1b-3770-4824-a938-961b140a7c98}";
357 std::string ret = "111";
358 int rets = verify.GetProfileContent(profile, ret);
359 EXPECT_EQ(rets, -1);
360 }
361
362 /**
363 * @tc.name: Verify007
364 * @tc.desc: This function tests failure for interface VerifyAppPkcs7 due to context error
365 * @tc.type: FUNC
366 */
HWTEST_F(VerifyHapTest, Verify007, TestSize.Level0)367 HWTEST_F(VerifyHapTest, Verify007, TestSize.Level0)
368 {
369 VerifyHap verify;
370 Pkcs7Context pkcs7Context;
371 ByteBuffer hapSignatureBlock;
372 bool ret = verify.VerifyAppPkcs7(pkcs7Context, hapSignatureBlock);
373 EXPECT_EQ(ret, false);
374 }
375
376 /**
377 * @tc.name: Verify008
378 * @tc.desc: The static function will return verify result;
379 * @tc.type: FUNC
380 */
HWTEST_F(VerifyHapTest, Verify008, TestSize.Level0)381 HWTEST_F(VerifyHapTest, Verify008, TestSize.Level0)
382 {
383 /*
384 * @tc.steps: step1. input a invalid path to function of HapVerify.
385 * @tc.expected: step1. the return will be FILE_PATH_INVALID.
386 */
387 Options options;
388 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
389 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
390 std::string errorFile = "./hapVerify/signed_test.app";
391 VerifyHap verify;
392 int32_t resultCode = verify.Verify(errorFile, &options);
393 ASSERT_TRUE(resultCode != OHOS::SignatureTools::RET_OK);
394 std::ofstream appFile;
395 appFile.open(errorFile.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
396 ASSERT_TRUE(appFile.is_open());
397 appFile.close();
398 resultCode = verify.Verify(errorFile, &options);
399 ASSERT_TRUE(resultCode != OHOS::SignatureTools::RET_OK);
400 /*
401 * @tc.steps: step2. create a hapfile and run HapVerify.
402 * @tc.expected: step2. the return will be SIGNATURE_NOT_FOUND.
403 */
404 std::string rightFile = "./hapVerify/signed.hap";
405 std::ofstream hapFile;
406 hapFile.open(rightFile.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
407 ASSERT_TRUE(hapFile.is_open());
408 hapFile.seekp(0, std::ios_base::beg);
409 hapFile.write(MINIHAPFILE, TEST_MINI_HAP_FILE_LENGTH);
410 hapFile.close();
411 resultCode = verify.Verify(rightFile, &options);
412 ASSERT_TRUE(resultCode != OHOS::SignatureTools::RET_OK);
413
414 /*
415 * @tc.steps: step3. create an error hapfile and run HapVerify.
416 * @tc.expected: step3. the return will be SIGNATURE_NOT_FOUND.
417 */
418 std::string rightFile1 = "./hapVerify/signed1.hap";
419 std::ofstream hapFile1;
420 hapFile1.open(rightFile1.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
421 ASSERT_TRUE(hapFile1.is_open());
422 hapFile1.seekp(0, std::ios_base::beg);
423 hapFile1.write(MINIHAPFILE, sizeof(MINIHAPFILE));
424 hapFile1.seekp(TEST_MINI_HAP_FILE_LENGTH - sizeof(short), std::ios_base::beg);
425 hapFile1.close();
426 resultCode = verify.Verify(rightFile1, &options);
427 ASSERT_TRUE(resultCode != OHOS::SignatureTools::RET_OK);
428 /*
429 * @tc.steps: step4. use an empty file to run HapVerify.
430 * @tc.expected: step4. the return will be SIGNATURE_NOT_FOUND.
431 */
432 std::string invalidFile = "./hapVerify/signed2.hap";
433 std::ofstream hapFile2;
434 hapFile2.open(invalidFile.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
435 ASSERT_TRUE(hapFile2.is_open());
436 hapFile2.close();
437 resultCode = verify.Verify(invalidFile, &options);
438 ASSERT_TRUE(resultCode != OHOS::SignatureTools::RET_OK);
439 }
440
441 /**
442 * @tc.name: Verify009
443 * @tc.desc: The static function will return verify result of signed file;
444 * @tc.type: FUNC
445 */
HWTEST_F(VerifyHapTest, Verify009, TestSize.Level0)446 HWTEST_F(VerifyHapTest, Verify009, TestSize.Level0)
447 {
448 /*
449 * @tc.steps: step1. input a signed file to verify.
450 * @tc.expected: step1. the return will be RET_OK.
451 */
452 std::string filePath = "./hapVerify/phone-default-signed.hap";
453 Options options;
454 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
455 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
456
457 VerifyHap verify;
458 int32_t ret = verify.Verify(filePath, &options);
459 ASSERT_EQ(ret, OHOS::SignatureTools::RET_OK);
460 }
461
462 /**
463 * @tc.name: Verify010
464 * @tc.desc: The static function will return verify result of signed file;
465 * @tc.type: FUNC
466 */
HWTEST_F(VerifyHapTest, Verify010, TestSize.Level0)467 HWTEST_F(VerifyHapTest, Verify010, TestSize.Level0)
468 {
469 std::string filePath = "./hapVerify/phone-default-signed.hap";
470 std::string errorfilePath = "./hapVerify/phone-default-signed_error.hap";
471 Options options;
472 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
473 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
474
475 OHOS::SignatureTools::ByteBuffer byteBuffer;
476 std::ifstream hapFile;
477 hapFile.open(filePath, std::ifstream::binary);
478 ASSERT_TRUE(hapFile.is_open());
479 std::stringstream hapFileStr;
480 hapFileStr << hapFile.rdbuf();
481 size_t strSize = hapFileStr.str().size();
482 byteBuffer.SetCapacity(strSize);
483 byteBuffer.PutData(hapFileStr.str().c_str(), hapFileStr.str().size());
484 hapFile.close();
485 /*
486 * @tc.steps: step1. input a signed file to verify.
487 * @tc.expected: step1. the return will be RET_OK.
488 */
489 VerifyHap verify;
490 ASSERT_TRUE(verify.Verify(filePath, &options) == OHOS::SignatureTools::RET_OK);
491 /*
492 * @tc.steps: step3. change comment data.
493 * @tc.expected: step3. the return will be VERIFY_INTEGRITY_FAIL.
494 */
495 OHOS::SignatureTools::ByteBuffer errorCommentFile = byteBuffer;
496 char tmp = TEST_HAPBYTEBUFFER_CHAR_DATA;
497 errorCommentFile.PutByte(0, tmp);
498 std::ofstream errorFile;
499 errorFile.open(errorfilePath.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
500 ASSERT_TRUE(errorFile.is_open());
501 errorFile.seekp(0, std::ios_base::beg);
502 errorFile.write(errorCommentFile.GetBufferPtr(), errorCommentFile.GetCapacity());
503 errorFile.close();
504 ASSERT_NE(verify.Verify(errorfilePath, &options), OHOS::SignatureTools::RET_OK);
505 /*
506 * @tc.steps: step4. change profile pkcs7 data.
507 * @tc.expected: step4. the return will be APP_SOURCE_NOT_TRUSTED.
508 */
509 errorCommentFile.PutByte(TEST_PFOFILE_PKCS7_DATA_INDEX, tmp);
510 errorFile.open(errorfilePath.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
511 ASSERT_TRUE(errorFile.is_open());
512 errorFile.seekp(0, std::ios_base::beg);
513 errorFile.write(errorCommentFile.GetBufferPtr(), errorCommentFile.GetCapacity());
514 errorFile.close();
515 ASSERT_NE(verify.Verify(errorfilePath, &options), OHOS::SignatureTools::RET_OK);
516 /*
517 * @tc.steps: step5. change app pkcs7 data.
518 * @tc.expected: step5. the return will be VERIFY_APP_PKCS7_FAIL.
519 */
520 errorCommentFile.PutByte(TEST_APP_PKCS7_DATA_INDEX, tmp);
521 errorFile.open(errorfilePath.c_str(), std::ios::binary | std::ios::out | std::ios::trunc);
522 ASSERT_TRUE(errorFile.is_open());
523 errorFile.seekp(0, std::ios_base::beg);
524 errorFile.write(errorCommentFile.GetBufferPtr(), errorCommentFile.GetCapacity());
525 errorFile.close();
526 ASSERT_NE(verify.Verify(errorfilePath, &options), OHOS::SignatureTools::RET_OK);
527 }
528
529 /**
530 * @tc.name: Verify011
531 * @tc.desc: This function tests failure for interface HapOutPutPkcs7 due to PKCS7 error
532 * @tc.type: FUNC
533 */
HWTEST_F(VerifyHapTest, Verify011, TestSize.Level0)534 HWTEST_F(VerifyHapTest, Verify011, TestSize.Level0)
535 {
536 std::string outPutPath = "./test.log";
537 PKCS7* p7 = nullptr;
538 VerifyHap verify;
539 bool ret = verify.HapOutPutPkcs7(p7, outPutPath);
540 EXPECT_EQ(ret, false);
541 }
542
543 /**
544 * @tc.name: Verify012
545 * @tc.desc: This function tests failure for interface GetProfileContent due to profile error
546 * @tc.type: FUNC
547 */
HWTEST_F(VerifyHapTest, Verify012, TestSize.Level0)548 HWTEST_F(VerifyHapTest, Verify012, TestSize.Level0)
549 {
550 std::string profile = "";
551 std::string ret = "111";
552 VerifyHap verify;
553 int rets = verify.GetProfileContent(profile, ret);
554 EXPECT_EQ(rets, -1);
555 }
556
557 /**
558 * @tc.name: Verify013
559 * @tc.desc: This function tests failure for interface GetProfileContent due to profile error
560 * @tc.type: FUNC
561 */
HWTEST_F(VerifyHapTest, Verify013, TestSize.Level0)562 HWTEST_F(VerifyHapTest, Verify013, TestSize.Level0)
563 {
564 VerifyHap verify;
565 std::string profile = "{version-name: 1.0.0,version-code: 1,uuid: fe686e1b-3770-4824-a938-961b140a7c98}";
566 std::string ret = "111";
567 int rets = verify.GetProfileContent(profile, ret);
568 EXPECT_EQ(rets, -1);
569 }
570
571 /**
572 * @tc.name: Verify014
573 * @tc.desc: This function tests failure for interface VerifyAppPkcs7 due to context error
574 * @tc.type: FUNC
575 */
HWTEST_F(VerifyHapTest, Verify014, TestSize.Level0)576 HWTEST_F(VerifyHapTest, Verify014, TestSize.Level0)
577 {
578 VerifyHap verify;
579 Pkcs7Context pkcs7Context;
580 ByteBuffer hapSignatureBlock;
581 bool ret = verify.VerifyAppPkcs7(pkcs7Context, hapSignatureBlock);
582 EXPECT_EQ(ret, false);
583 }
584
585 /**
586 * @tc.name: VerifyHapError001
587 * @tc.desc: This function tests failure for interface Verify due to unvaild file
588 * @tc.type: FUNC
589 */
HWTEST_F(VerifyHapTest, VerifyHapError001, TestSize.Level0)590 HWTEST_F(VerifyHapTest, VerifyHapError001, TestSize.Level0)
591 {
592 Options options;
593 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
594 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
595 std::string errorFile = "./hapVerify/unvaild.hqf";
596 VerifyHap verify;
597 int32_t resultCode = verify.Verify(errorFile, &options);
598 EXPECT_NE(resultCode, 0);
599 }
600
601 /**
602 * @tc.name: VerifyHapError002
603 * @tc.desc: This function tests failure for interface Verify due to unvaild file
604 * @tc.type: FUNC
605 */
HWTEST_F(VerifyHapTest, VerifyHapError002, TestSize.Level0)606 HWTEST_F(VerifyHapTest, VerifyHapError002, TestSize.Level0)
607 {
608 Options options;
609 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
610 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
611 std::string errorFile = "./hapVerify/unvaild.hap";
612 VerifyHap verify;
613 int32_t resultCode = verify.Verify(errorFile, &options);
614 EXPECT_NE(resultCode, 0);
615 }
616
617 /**
618 * @tc.name: VerifyHapError003
619 * @tc.desc: This function tests failure for interface Verify due to unvaild file
620 * @tc.type: FUNC
621 */
HWTEST_F(VerifyHapTest, VerifyHapError003, TestSize.Level0)622 HWTEST_F(VerifyHapTest, VerifyHapError003, TestSize.Level0)
623 {
624 Options options;
625 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
626 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
627 std::string errorFile = "./hapVerify/unvaild.app";
628 VerifyHap verify;
629 int32_t resultCode = verify.Verify(errorFile, &options);
630 EXPECT_NE(resultCode, 0);
631 }
632
633 /**
634 * @tc.name: VerifyHapError004
635 * @tc.desc: This function tests failure for interface Verify due to unvaild file
636 * @tc.type: FUNC
637 */
HWTEST_F(VerifyHapTest, VerifyHapError004, TestSize.Level0)638 HWTEST_F(VerifyHapTest, VerifyHapError004, TestSize.Level0)
639 {
640 Options options;
641 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
642 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
643 std::string errorFile = "./hapVerify/unvaild.hsp";
644 VerifyHap verify;
645 int32_t resultCode = verify.Verify(errorFile, &options);
646 EXPECT_NE(resultCode, 0);
647 }
648
649 /**
650 * @tc.name: VerifyHapError005
651 * @tc.desc: This function tests failure for interface Verify due to unvaild file
652 * @tc.type: FUNC
653 */
HWTEST_F(VerifyHapTest, VerifyHapError005, TestSize.Level0)654 HWTEST_F(VerifyHapTest, VerifyHapError005, TestSize.Level0)
655 {
656 Options options;
657 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.pem";
658 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
659
660 std::string errorFile = "./hapVerify/unvaild.txt";
661
662 VerifyHap verify;
663 int32_t resultCode = verify.Verify(errorFile, &options);
664 EXPECT_NE(resultCode, 0);
665 }
666
667 /**
668 * @tc.name: VerifyHapError006
669 * @tc.desc: This function tests failure for interface Verify due to parameter outCertChain
670 * @tc.type: FUNC
671 */
HWTEST_F(VerifyHapTest, VerifyHapError006, TestSize.Level0)672 HWTEST_F(VerifyHapTest, VerifyHapError006, TestSize.Level0)
673 {
674 Options options;
675 options[Options::OUT_CERT_CHAIN] = "./hapVerify_nohave/certchain.pem";
676 options[Options::OUT_PROFILE] = "./hapVerify_nohava/profile.p7b";
677 std::string errorFile = "./hapVerify/phone-default-signed.hap";
678 VerifyHap verify;
679 int32_t resultCode = verify.Verify(errorFile, &options);
680 EXPECT_NE(resultCode, 0);
681 }
682
683 /**
684 * @tc.name: VerifyHapError007
685 * @tc.desc: This function tests failure for interface Verify due to parameter outCertChain
686 * @tc.type: FUNC
687 */
HWTEST_F(VerifyHapTest, VerifyHapError007, TestSize.Level0)688 HWTEST_F(VerifyHapTest, VerifyHapError007, TestSize.Level0)
689 {
690 std::shared_ptr<Options> params = std::make_shared<Options>();
691 std::string outCertChain = "./hapVerify_nohave/certchain.pem";
692 std::string outProfile = "./hapVerify/profile.p7b";
693 (*params)["outCertChain"] = outCertChain;
694 (*params)["outProfile"] = outProfile;
695 std::string errorFile = "./hapVerify/phone-default-signed.hap";
696 VerifyHap verify;
697 int32_t resultCode = verify.Verify(errorFile, params.get());
698 EXPECT_NE(resultCode, 0);
699 }
700
701 /**
702 * @tc.name: VerifyHapError008
703 * @tc.desc: This function tests failure for interface Verify due to parameter outProfile
704 * @tc.type: FUNC
705 */
HWTEST_F(VerifyHapTest, VerifyHapError008, TestSize.Level0)706 HWTEST_F(VerifyHapTest, VerifyHapError008, TestSize.Level0)
707 {
708 std::shared_ptr<Options> params = std::make_shared<Options>();
709 std::string outCertChain = "./hapVerify/certchain.pem";
710 std::string outProfile = "./hapVerify_nohave/profile.p7b";
711 (*params)["outCertChain"] = outCertChain;
712 (*params)["outProfile"] = outProfile;
713 std::string errorFile = "./hapVerify/phone-default-signed.hap";
714 VerifyHap verify;
715 int32_t resultCode = verify.Verify(errorFile, params.get());
716 EXPECT_NE(resultCode, 0);
717 }
718
719 /**
720 * @tc.name: VerifyHapError009
721 * @tc.desc: This function tests failure for interface GetDigestAndAlgorithm due to content error
722 * @tc.type: FUNC
723 */
HWTEST_F(VerifyHapTest, VerifyHapError009, TestSize.Level0)724 HWTEST_F(VerifyHapTest, VerifyHapError009, TestSize.Level0)
725 {
726 VerifyHap verify;
727 Pkcs7Context digest;
728 ByteBuffer content("1", 1);
729 digest.content = content;
730 bool ret = verify.GetDigestAndAlgorithm(digest);
731 EXPECT_EQ(ret, false);
732 }
733
734 /**
735 * @tc.name: VerifyHapError010
736 * @tc.desc: This function tests failure for interface GetDigestAndAlgorithm due to content error
737 * @tc.type: FUNC
738 */
HWTEST_F(VerifyHapTest, VerifyHapError010, TestSize.Level0)739 HWTEST_F(VerifyHapTest, VerifyHapError010, TestSize.Level0)
740 {
741 VerifyHap verify;
742 Pkcs7Context digest;
743 ByteBuffer content("12345678912345", 14);
744 digest.content = content;
745 bool ret = verify.GetDigestAndAlgorithm(digest);
746 EXPECT_EQ(ret, false);
747 }
748
749 /**
750 * @tc.name: VerifyHapError011
751 * @tc.desc: This function tests failure for interface GetDigestAndAlgorithm due to content error
752 * @tc.type: FUNC
753 */
HWTEST_F(VerifyHapTest, VerifyHapError011, TestSize.Level0)754 HWTEST_F(VerifyHapTest, VerifyHapError011, TestSize.Level0)
755 {
756 VerifyHap verify;
757 Pkcs7Context digest;
758 ByteBuffer content("123456789123456789123456789", 27);
759 digest.content = content;
760 bool ret = verify.GetDigestAndAlgorithm(digest);
761 EXPECT_EQ(ret, false);
762 }
763
764 /**
765 * @tc.name: VerifyHapError012
766 * @tc.desc: This function tests failure for interface GetDigestAndAlgorithm due to content error
767 * @tc.type: FUNC
768 */
HWTEST_F(VerifyHapTest, VerifyHapError012, TestSize.Level0)769 HWTEST_F(VerifyHapTest, VerifyHapError012, TestSize.Level0)
770 {
771 VerifyHap verify;
772 Pkcs7Context digest;
773 ByteBuffer content("123456789123456789123456789", 19);
774 digest.content = content;
775 bool ret = verify.GetDigestAndAlgorithm(digest);
776 EXPECT_EQ(ret, false);
777 }
778
779 /**
780 * @tc.name: VerifyHapError013
781 * @tc.desc: This function tests failure for interface Verify due to diget algo
782 * @tc.type: FUNC
783 */
HWTEST_F(VerifyHapTest, VerifyHapError013, TestSize.Level0)784 HWTEST_F(VerifyHapTest, VerifyHapError013, TestSize.Level0)
785 {
786 Options options;
787 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.cer";
788 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
789
790 std::string errorFile = "./hapVerify/packet_diget_algo_error.hap";
791
792 VerifyHap verify;
793 int32_t resultCode = verify.Verify(errorFile, &options);
794 EXPECT_NE(resultCode, 0);
795 }
796
797 /**
798 * @tc.name: VerifyHapError014
799 * @tc.desc: This function tests failure for interface Verify due to hap integrity
800 * @tc.type: FUNC
801 */
HWTEST_F(VerifyHapTest, VerifyHapError014, TestSize.Level0)802 HWTEST_F(VerifyHapTest, VerifyHapError014, TestSize.Level0)
803 {
804 Options options;
805 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.cer";
806 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
807 std::string errorFile = "./hapVerify/packet_hap_integrity_error.hap";
808 VerifyHap verify;
809 int32_t resultCode = verify.Verify(errorFile, &options);
810 EXPECT_NE(resultCode, 0);
811 }
812
813 /**
814 * @tc.name: VerifyHapError015
815 * @tc.desc: This function tests failure for interface Verify due to verify app
816 * @tc.type: FUNC
817 */
HWTEST_F(VerifyHapTest, VerifyHapError015, TestSize.Level0)818 HWTEST_F(VerifyHapTest, VerifyHapError015, TestSize.Level0)
819 {
820 Options options;
821 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.cer";
822 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
823 std::string errorFile = "./hapVerify/packet_verify_app_error.hap";
824 VerifyHap verify;
825 int32_t resultCode = verify.Verify(errorFile, &options);
826 EXPECT_NE(resultCode, 0);
827 }
828
829 /**
830 * @tc.name: VerifyHapError016
831 * @tc.desc: This function tests failure for interface Verify due to get certchain
832 * @tc.type: FUNC
833 */
HWTEST_F(VerifyHapTest, VerifyHapError016, TestSize.Level0)834 HWTEST_F(VerifyHapTest, VerifyHapError016, TestSize.Level0)
835 {
836 Options options;
837 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.cer";
838 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
839 std::string errorFile = "./hapVerify/packet_get_certchain_error.hap";
840 VerifyHap verify;
841 int32_t resultCode = verify.Verify(errorFile, &options);
842 EXPECT_NE(resultCode, 0);
843 }
844
845 /**
846 * @tc.name: VerifyHapError017
847 * @tc.desc: This function tests failure for interface Verify due to parse profle
848 * @tc.type: FUNC
849 */
HWTEST_F(VerifyHapTest, VerifyHapError017, TestSize.Level0)850 HWTEST_F(VerifyHapTest, VerifyHapError017, TestSize.Level0)
851 {
852 Options options;
853 options[Options::OUT_CERT_CHAIN] = "./hapVerify/certchain.cer";
854 options[Options::OUT_PROFILE] = "./hapVerify/profile.p7b";
855 std::string errorFile = "./hapVerify/packet_parse_profile_error.hap";
856 VerifyHap verify;
857 int32_t resultCode = verify.Verify(errorFile, &options);
858 EXPECT_EQ(resultCode, 0);
859 }
860
861 /**
862 * @tc.name: VerifyHapError018
863 * @tc.desc: This function tests two scenarios of success and failure for interface outputOptionalBlocks
864 * @tc.type: FUNC
865 */
HWTEST_F(VerifyHapTest, VerifyHapError018, TestSize.Level0)866 HWTEST_F(VerifyHapTest, VerifyHapError018, TestSize.Level0)
867 {
868 std::string outputProfileFile = "./hapVerify/outputProfileFile.txt";
869 std::string outputProofFile = "./hapVerify/outputProfileFile.txt";
870 std::string outputPropertyFile = "./hapVerify/outputProfileFile.txt";
871 std::string errorfile = "";
872 ByteBuffer bf1("123456789", 9);
873 ByteBuffer bf2("123456789", 9);
874 ByteBuffer bf3("123456789", 9);
875 ByteBuffer bf4("123456789", 9);
876 std::vector<OptionalBlock> optionBlocks;
877 optionBlocks.push_back({HapUtils::HAP_PROFILE_BLOCK_ID, bf1});
878 optionBlocks.push_back({HapUtils::HAP_PROPERTY_BLOCK_ID, bf2});
879 optionBlocks.push_back({HapUtils::HAP_PROOF_OF_ROTATION_BLOCK_ID, bf3});
880 VerifyHap verify;
881 bool resultCode = verify.outputOptionalBlocks(outputProfileFile, outputProofFile, outputPropertyFile, optionBlocks);
882 EXPECT_EQ(resultCode, true);
883
884 optionBlocks.push_back({HapUtils::HAP_CODE_SIGN_BLOCK_ID, bf4});
885 resultCode = verify.outputOptionalBlocks(outputProfileFile, outputProofFile, outputPropertyFile, optionBlocks);
886 EXPECT_EQ(resultCode, false);
887 resultCode = verify.outputOptionalBlocks(errorfile, outputProofFile, outputPropertyFile, optionBlocks);
888 EXPECT_EQ(resultCode, false);
889 resultCode = verify.outputOptionalBlocks(outputProfileFile, errorfile, outputPropertyFile, optionBlocks);
890 EXPECT_EQ(resultCode, false);
891 resultCode = verify.outputOptionalBlocks(outputProfileFile, outputProofFile, errorfile, optionBlocks);
892 EXPECT_EQ(resultCode, false);
893 }
894
895 /**
896 * @tc.name: VerifyHapError019
897 * @tc.desc: This function tests two scenarios of success and failure for interface GetDigestAlgorithmString
898 * @tc.type: FUNC
899 */
HWTEST_F(VerifyHapTest, VerifyHapError019, TestSize.Level0)900 HWTEST_F(VerifyHapTest, VerifyHapError019, TestSize.Level0)
901 {
902 int32_t signAlgorithm = ALGORITHM_SHA256_WITH_ECDSA;
903 std::string ret = DigestCommon::GetDigestAlgorithmString(signAlgorithm);
904
905 signAlgorithm = ALGORITHM_SHA384_WITH_ECDSA;
906 ret = DigestCommon::GetDigestAlgorithmString(signAlgorithm);
907 signAlgorithm = ALGORITHM_SHA512_WITH_ECDSA;
908 ret = DigestCommon::GetDigestAlgorithmString(signAlgorithm);
909
910 signAlgorithm = ALGORITHM_SHA512_WITH_DSA;
911 ret = DigestCommon::GetDigestAlgorithmString(signAlgorithm);
912
913 EXPECT_EQ(ret, "");
914 }
915
916 /**
917 * @tc.name: VerifyHapError021
918 * @tc.desc: This function tests failure for interface GetCertsChain due to certsChain and certVisitSign are empty
919 * @tc.type: FUNC
920 */
HWTEST_F(VerifyHapTest, VerifyHapError021, TestSize.Level0)921 HWTEST_F(VerifyHapTest, VerifyHapError021, TestSize.Level0)
922 {
923 CertSign certVisitSign;
924 CertChain certsChain;
925 STACK_OF(X509)* certs = sk_X509_new_null();
926 sk_X509_push(certs, nullptr);
927 CertSign certVisitSign1;
928 VerifyCertOpensslUtils::GenerateCertSignFromCertStack(certs, certVisitSign1);
929 sk_X509_pop_free(certs, X509_free);
930 bool ret = VerifyCertOpensslUtils::GetCertsChain(certsChain, certVisitSign);
931 EXPECT_EQ(ret, false);
932 }
933
934 /**
935 * @tc.name: VerifyHapError022
936 * @tc.desc: This function tests failure for interface GetCertsChain due to certVisitSign is empty
937 * @tc.type: FUNC
938 */
HWTEST_F(VerifyHapTest, VerifyHapError022, TestSize.Level0)939 HWTEST_F(VerifyHapTest, VerifyHapError022, TestSize.Level0)
940 {
941 CertSign certVisitSign;
942 CertChain certsChain;
943 certsChain.push_back(nullptr);
944 bool ret = VerifyCertOpensslUtils::GetCertsChain(certsChain, certVisitSign);
945 EXPECT_EQ(ret, false);
946 }
947
948 /**
949 * @tc.name: VerifyHapError023
950 * @tc.desc: This function tests failure for interface GetCrlBySignedCertIssuer due to crls is empty
951 * @tc.type: FUNC
952 */
HWTEST_F(VerifyHapTest, VerifyHapError023, TestSize.Level0)953 HWTEST_F(VerifyHapTest, VerifyHapError023, TestSize.Level0)
954 {
955 STACK_OF(X509_CRL)* crls = sk_X509_CRL_new_null();
956 X509* cert = X509_new();
957 X509_CRL* ret = VerifyCertOpensslUtils::GetCrlBySignedCertIssuer(crls, cert);
958 EXPECT_EQ(ret, nullptr);
959 sk_X509_CRL_pop_free(crls, X509_CRL_free);
960 X509_free(cert);
961 }
962
963 /**
964 * @tc.name: VerifyHapError024
965 * @tc.desc: This function tests failure for interface GetCrlBySignedCertIssuer due to crls all empty element
966 * @tc.type: FUNC
967 */
HWTEST_F(VerifyHapTest, VerifyHapError024, TestSize.Level0)968 HWTEST_F(VerifyHapTest, VerifyHapError024, TestSize.Level0)
969 {
970 STACK_OF(X509_CRL)* crls = sk_X509_CRL_new_null();
971 sk_X509_CRL_push(crls, nullptr);
972 X509* cert = X509_new();
973 X509_CRL* ret = VerifyCertOpensslUtils::GetCrlBySignedCertIssuer(crls, cert);
974 EXPECT_EQ(ret, nullptr);
975 sk_X509_CRL_pop_free(crls, X509_CRL_free);
976 X509_free(cert);
977 }
978
979 /**
980 * @tc.name: VerifyHapError025
981 * @tc.desc: This function tests success for interface GetCrlBySignedCertIssuer
982 * @tc.type: FUNC
983 */
HWTEST_F(VerifyHapTest, VerifyHapError025, TestSize.Level0)984 HWTEST_F(VerifyHapTest, VerifyHapError025, TestSize.Level0)
985 {
986 STACK_OF(X509_CRL)* crls = sk_X509_CRL_new_null();
987 sk_X509_CRL_push(crls, X509_CRL_new());
988 X509* cert = X509_new();
989 X509_CRL* ret = VerifyCertOpensslUtils::GetCrlBySignedCertIssuer(crls, cert);
990 EXPECT_NE(ret, nullptr);
991 sk_X509_CRL_pop_free(crls, X509_CRL_free);
992 X509_free(cert);
993 }
994
995 /**
996 * @tc.name: VerifyHapError026
997 * @tc.desc: This function tests failed for interface GetCrlBySignedCertIssuer dut issuer name different
998 * @tc.type: FUNC
999 */
HWTEST_F(VerifyHapTest, VerifyHapError026, TestSize.Level0)1000 HWTEST_F(VerifyHapTest, VerifyHapError026, TestSize.Level0)
1001 {
1002 STACK_OF(X509_CRL)* crls = sk_X509_CRL_new_null();
1003 sk_X509_CRL_push(crls, X509_CRL_new());
1004 X509* cert = X509_new();
1005 X509_REQ* issuerReq = X509_REQ_new();
1006 std::string subjectname = "C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN=Application Signature Service CA";
1007 X509_NAME* subName = BuildDN(subjectname, issuerReq);
1008 X509_set_issuer_name(cert, subName);
1009 X509_CRL* ret = VerifyCertOpensslUtils::GetCrlBySignedCertIssuer(crls, cert);
1010 EXPECT_EQ(ret, nullptr);
1011 sk_X509_CRL_pop_free(crls, X509_CRL_free);
1012 X509_free(cert);
1013 }
1014
1015 /**
1016 * @tc.name: VerifyHapError027
1017 * @tc.desc: This function tests failed for interface VerifyCrl dut certsChain no have public key
1018 * @tc.type: FUNC
1019 */
HWTEST_F(VerifyHapTest, VerifyHapError027, TestSize.Level0)1020 HWTEST_F(VerifyHapTest, VerifyHapError027, TestSize.Level0)
1021 {
1022 STACK_OF(X509_CRL)* crls = sk_X509_CRL_new_null();
1023 sk_X509_CRL_push(crls, X509_CRL_new());
1024 X509* cert = X509_new();
1025 X509* cert1 = X509_new();
1026 CertChain certsChain;
1027 certsChain.push_back(cert);
1028 certsChain.push_back(cert1);
1029 Pkcs7Context pkcs7Context;
1030 bool ret = VerifyCertOpensslUtils::VerifyCrl(certsChain, crls, pkcs7Context);
1031 EXPECT_EQ(ret, false);
1032 SignerConfig config;
1033 config.SetX509CRLs(crls);
1034 X509_free(cert);
1035 X509_free(cert1);
1036 }
1037
1038 /**
1039 * @tc.name: VerifyHapError028
1040 * @tc.desc: This function tests failed for interface outputOptionalBlocks dut errorfile is not exit
1041 * @tc.type: FUNC
1042 */
HWTEST_F(VerifyHapTest, VerifyHapError028, TestSize.Level0)1043 HWTEST_F(VerifyHapTest, VerifyHapError028, TestSize.Level0)
1044 {
1045 std::string outputProfileFile = "outputProfileFile.txt";
1046 std::string outputProofFile = "outputProfileFile.txt";
1047 std::string outputPropertyFile = "outputProfileFile.txt";
1048 std::string errorfile = "./nohave/path.txt";
1049 ByteBuffer bf1("123456789", 9);
1050 ByteBuffer bf2("123456789", 9);
1051 ByteBuffer bf3("123456789", 9);
1052 std::vector<OptionalBlock> optionBlocks;
1053 optionBlocks.push_back({ HapUtils::HAP_PROFILE_BLOCK_ID, bf1 });
1054 optionBlocks.push_back({ HapUtils::HAP_PROPERTY_BLOCK_ID, bf2 });
1055 optionBlocks.push_back({ HapUtils::HAP_PROOF_OF_ROTATION_BLOCK_ID, bf3 });
1056 ProfileInfo info1;
1057 ProfileInfo info2(info1);
1058 ProfileInfo info3;
1059 info1.profileBlockLength = 1;
1060 info1.profileBlock = std::make_unique<unsigned char[]>(2);
1061 info3 = info1;
1062 VerifyHap verify;
1063 bool resultCode = verify.outputOptionalBlocks(errorfile, outputProofFile, outputPropertyFile, optionBlocks);
1064 EXPECT_EQ(resultCode, false);
1065 resultCode = verify.outputOptionalBlocks(outputProfileFile, errorfile, outputPropertyFile, optionBlocks);
1066 EXPECT_EQ(resultCode, false);
1067 resultCode = verify.outputOptionalBlocks(outputProfileFile, outputProofFile, errorfile, optionBlocks);
1068 EXPECT_EQ(resultCode, false);
1069 }
1070 }
1071 }
1072