openharmony/security_certificate_framework
1
0
Fork 0
mirror of https://gitee.com/openharmony/security_certificate_framework synced 2024-11-23 06:29:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

增加证书模块fuzz用例

Browse Source 
Signed-off-by: liudan <liudan144@huawei.com>
This commit is contained in:
liudan 2024-04-22 15:55:40 +08:00
parent 2e388567a7
commit 5521127ffc
25 changed files with 1073 additions and 383 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
BUILD.gn
View File

@ -35,6 +35,7 @@ group("certificate_framework_fuzztest") {
deps += [
"test/fuzztest/cfcreate_fuzzer:fuzztest",
"test/fuzztest/cfgetandcheck_fuzzer:fuzztest",
"test/fuzztest/cfparam_fuzzer:fuzztest",
"test/fuzztest/v1.0/x509certchain_fuzzer:fuzztest",
"test/fuzztest/v1.0/x509certificate_fuzzer:fuzztest",
"test/fuzztest/v1.0/x509crl_fuzzer:fuzztest",

1
test/fuzztest/cfcreate_fuzzer/cfcreate_fuzzer.cpp
View File

@ -27,7 +27,6 @@ namespace OHOS {
if (size < sizeof(CfObjectType) + sizeof(CfEncodingBlob)) {
return false;
}
uint8_t *tmpData = const_cast<uint8_t *>(data);
size_t usedSize = 0;
CfObjectType objType = *(reinterpret_cast<CfObjectType *>(tmpData));

55
test/fuzztest/cfparam_fuzzer/BUILD.gn Normal file
View File

@ -0,0 +1,55 @@
# Copyright (c) 2024 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#####################hydra-fuzz###################
import("//build/config/features.gni")
import("//build/test.gni")
module_output_path = "certificate_framework/certificate_framework"
##############################fuzztest##########################################
ohos_fuzztest("CfParamFuzzTest") {
module_out_path = module_output_path
fuzz_config_file = "../../../test/fuzztest/cfparam_fuzzer"
include_dirs = [
"include",
"../../../interfaces/innerkits/common",
"../../../interfaces/innerkits/include",
"../../../frameworks/common/v1.0/inc",
"../../../test/unittest/common/include",
]
configs = [ "../../../config/build:coverage_flag_cc" ]
cflags = [
"-g",
"-O0",
"-Wno-unused-variable",
"-fno-omit-frame-pointer",
]
sources = [ "cfparam_fuzzer.cpp" ]
deps = []
external_deps = [
"c_utils:utils",
"certificate_framework:certificate_framework_core",
]
}
###############################################################################
group("fuzztest") {
testonly = true
deps = []
deps += [
# deps file
":CfParamFuzzTest",
]
}
###############################################################################

82
test/fuzztest/cfparam_fuzzer/cfparam_fuzzer.cpp Normal file
View File

@ -0,0 +1,82 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "cfparam_fuzzer.h"
#include <securec.h>
#include "cf_param.h"
#include "cf_memory.h"
#include "cf_result.h"
namespace OHOS {
bool CfParamAddandGetFuzzTest(const uint8_t* data, size_t size)
{
CfParamSet *paramSet = nullptr;
int32_t ret = CfInitParamSet(&paramSet);
if (ret != CF_SUCCESS) {
return false;
}
if (data == nullptr || size < (sizeof(uint32_t) + 1)) {
return false;
}
uint32_t offset = 0;
CfParam params[1] = {};
size_t i = 0;
params[0].tag = *reinterpret_cast<const uint32_t *>(data + offset);
offset += sizeof(uint32_t);
params[i].blob.size = size - offset;
params[i].blob.data = const_cast<uint8_t *>(data + offset);
(void)CfAddParams(paramSet, params, 1);
CfParam *paramsGet = nullptr;
CfGetParam(paramSet, params[0].tag, &paramsGet);
CfFreeParamSet(&paramSet);
return true;
}
bool CfBuildParamSetFuzzTest(const uint8_t* data, size_t size)
{
CfParamSet *paramSet = nullptr;
int32_t ret = CfInitParamSet(&paramSet);
if (ret != CF_SUCCESS) {
return false;
}
paramSet->paramsCnt = 1;
paramSet->paramSetSize += sizeof(CfParam) + size + 1; /* invalid size */
paramSet->params[0].tag = CF_TAG_PARAM0_BUFFER;
paramSet->params[0].blob.size = size;
paramSet->params[0].blob.data = const_cast<uint8_t *>(data);
(void)CfBuildParamSet(&paramSet);
CfFreeParamSet(&paramSet);
return true;
}
}
/* Fuzzer entry point */
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{
/* Run your code on data */
OHOS::CfParamAddandGetFuzzTest(data, size);
OHOS::CfBuildParamSetFuzzTest(data, size);
return 0;
}

8
test/fuzztest/v1.0/x509certchain_fuzzer/x509cert_chain_fuzzer.h → test/fuzztest/cfparam_fuzzer/cfparam_fuzzer.h
View File

@ -13,9 +13,9 @@
* limitations under the License.
*/
#ifndef X509_CERT_CHAIN_FUZZER_H
#define X509_CERT_CHAIN_FUZZER_H
#ifndef CF_PARAM_FUZZER_H
#define CF_PARAM_FUZZER_H
#define FUZZ_PROJECT_NAME "x509cert_chain_fuzzer"
#define FUZZ_PROJECT_NAME "cfparam_fuzzer"
#endif
#endif

13
test/fuzztest/cfparam_fuzzer/corpus/init Normal file
View File

@ -0,0 +1,13 @@
# Copyright (c) 2024 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
FUZZ

25
test/fuzztest/cfparam_fuzzer/project.xml Normal file
View File

@ -0,0 +1,25 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<fuzz_config>
<fuzztest>
<!-- maximum length of a test input -->
<max_len>1000</max_len>
<!-- maximum total time in seconds to run the fuzzer -->
<max_total_time>300</max_total_time>
<!-- memory usage limit in Mb -->
<rss_limit_mb>4096</rss_limit_mb>
</fuzztest>
</fuzz_config>

9
test/fuzztest/v1.0/x509certchain_fuzzer/BUILD.gn
View File

@ -21,13 +21,20 @@ ohos_fuzztest("X509CertChainFuzzTest") {
module_out_path = module_output_path
fuzz_config_file = "../x509certchain_fuzzer"
configs = [ "../../../../config/build:coverage_flag_cc" ]
include_dirs = [
"include",
"../../../../interfaces/innerkits/certificate",
"../../../../interfaces/innerkits/common",
"../../../../frameworks/common/v1.0/inc",
"../../../../test/unittest/v1.0/include",
]
cflags = [
"-g",
"-O0",
"-Wno-unused-variable",
"-fno-omit-frame-pointer",
]
sources = [ "x509cert_chain_fuzzer.cpp" ]
sources = [ "x509certchain_fuzzer.cpp" ]
external_deps = [
"c_utils:utils",

226
test/fuzztest/v1.0/x509certchain_fuzzer/x509cert_chain_fuzzer.cpp
View File

@ -1,226 +0,0 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "x509cert_chain_fuzzer.h"
#include <cstddef>
#include <cstdint>
#include "securec.h"
#include "cf_blob.h"
#include "cf_result.h"
#include "x509_cert_chain.h"
namespace OHOS {
static char g_fuzzCert[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIEMjCCAxqgAwIBAgICARAwDQYJKoZIhvcNAQELBQAwdjELMAkGA1UEBhMCQ04x\r\n"
"CzAJBgNVBAgMAkJKMQswCQYDVQQHDAJCSjELMAkGA1UECgwCSEQxDDAKBgNVBAsM\r\n"
"A2RldjELMAkGA1UEAwwCY2ExJTAjBgkqhkiG9w0BCQEWFmNhQGNyeXB0b2ZyYW1l\r\n"
"d29yay5jb20wHhcNMjIwODE5MTI0OTA2WhcNMzIwODE2MTI0OTA2WjB2MQswCQYD\r\n"
"VQQGEwJDTjELMAkGA1UECAwCQkoxCzAJBgNVBAcMAkJKMQswCQYDVQQKDAJIRDEM\r\n"
"MAoGA1UECwwDZGV2MQswCQYDVQQDDAJjYTElMCMGCSqGSIb3DQEJARYWY2FAY3J5\r\n"
"cHRvZnJhbWV3b3JrLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\r\n"
"AJ8p0IWE7WwwbtATg+AbYQj33WNBBktU+/AVf+Tl1aAa4TOeW2/ZARc4sdwLVTxd\r\n"
"XCipFseuiGN30hwXrXFUHrcMf0w2sCkznJVZ/rQcfEO5Kb1vBz6DEEcgISYEhhqO\r\n"
"BfYBit5qfpq5R2+2R/Th/ybV+kBrUl+GssXbDAe6oZCy56lGphDvmHMUO7a13j+S\r\n"
"FmThMbI2yeyua1LagSoaBJfY1J+i7jWPmmEFR0dQ2p0EGjHTgQGhRo5VuwDHipNS\r\n"
"v0XP8OUA/PYbL/SBj1Fq4C3gtfvjeswUbzVaMoq/wCuy1qcXI80ZLe3whR24c0cX\r\n"
"YFO0uGi9egPp24fw7yYGqgECAwEAAaOByTCBxjAdBgNVHQ4EFgQUjKM7QmMBs01R\r\n"
"9uQttYN/GDkvt7UwHwYDVR0jBBgwFoAUjKM7QmMBs01R9uQttYN/GDkvt7UwEgYD\r\n"
"VR0TAQH/BAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUH\r\n"
"AwEGCCsGAQUFBwMCMCEGA1UdEQQaMBiBFmNhQGNyeXB0b2ZyYW1ld29yay5jb20w\r\n"
"IQYDVR0SBBowGIEWY2FAY3J5cHRvZnJhbWV3b3JrLmNvbTANBgkqhkiG9w0BAQsF\r\n"
"AAOCAQEAh+4RE6cJ62/gLYssLkc7ESg7exKwZlmisHyBicuy/+XagOZ3cTbgQNXl\r\n"
"QoZKbw/ks/B/cInbQGYbpAm47Sudo+I/G9xj0X7gQB9wtSrbStOs6SjnLiYU0xFc\r\n"
"Fsc0j6k2SrlyiwRQcjS4POKiUS0Cm3F3DHGdj55PlBkXxudXCq2V3J3VwKf2bVjQ\r\n"
"bzz2+M/Q1m+P7FhB+JmeO8eemkqMQ0tFMU3EM441NpejC5iFVAGgownC8S0B+fxH\r\n"
"9dBJuHM6vpxEWw3ckZFDZQ1kd91YRgr7jY8fc0v/T0tzHWbOEVzklEIBWL1mompL\r\n"
"BCwe0/Gw+BO60bfi2MoJw8t2IcB1Qw==\r\n"
"-----END CERTIFICATE-----\r\n";
static char g_fuzzDate[] = "20231212080000Z";
static uint8_t g_fuzzPubKey[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82,
0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd0, 0x35, 0x39, 0x92, 0x49, 0xb5,
0x95, 0x08, 0xef, 0x38, 0xf8, 0xa8, 0x51, 0xd3, 0xef, 0xd8, 0x3e, 0x3a, 0xd9,
0x2c, 0xe1, 0x31, 0x1f, 0x99, 0x41, 0x03, 0x86, 0xb3, 0x4a, 0x04, 0x41, 0x23,
0x6f, 0xf8, 0xb6, 0xf4, 0x60, 0x5f, 0x9e, 0x9b, 0xc5, 0x75, 0x3d, 0xfa, 0x6b,
0x30, 0xa0, 0xd9, 0x53, 0x83, 0x25, 0x14, 0xa3, 0x23, 0x31, 0x67, 0xe2, 0xa0,
0x03, 0x71, 0xcf, 0x38, 0x12, 0x67, 0xca, 0x88, 0x31, 0x0c, 0xf7, 0xb1, 0xc5,
0xb1, 0x03, 0xe9, 0xf5, 0x14, 0x64, 0xab, 0x11, 0xf9, 0x70, 0x1e, 0x75, 0x11,
0x4d, 0x9e, 0x04, 0x4f, 0x54, 0x6b, 0xde, 0x71, 0xfb, 0x04, 0x29, 0xfc, 0xa4,
0x9d, 0x0a, 0xa2, 0x13, 0x09, 0x0f, 0xef, 0xca, 0xf9, 0xb7, 0x27, 0x85, 0x29,
0x8e, 0x5d, 0x30, 0x95, 0x6f, 0x30, 0x44, 0x23, 0xc2, 0x59, 0xc6, 0x30, 0xde,
0x92, 0x82, 0x94, 0x64, 0x64, 0x37, 0x35, 0x6d, 0x23, 0x52, 0x97, 0x9d, 0xfa,
0x67, 0xed, 0xf1, 0xb7, 0x37, 0xce, 0x27, 0xef, 0x09, 0x41, 0x6f, 0xd2, 0x06,
0x28, 0x91, 0x5a, 0x73, 0xfe, 0xbe, 0x87, 0x1b, 0xd9, 0xc7, 0x6a, 0xa7, 0x7c,
0xbb, 0x31, 0x74, 0x82, 0x91, 0xd1, 0x0f, 0xdb, 0x88, 0x6a, 0x14, 0xe9, 0x9f,
0x08, 0xcb, 0xf4, 0x7f, 0xa7, 0xb1, 0xa8, 0x3c, 0xef, 0x2f, 0x6a, 0x65, 0x74,
0xf7, 0x4f, 0x90, 0x1c, 0x42, 0xf9, 0x01, 0xd4, 0xb3, 0x2a, 0xd1, 0x21, 0x53,
0xdb, 0xdd, 0xbd, 0xcb, 0x96, 0x8e, 0x32, 0xf1, 0x56, 0x76, 0x89, 0x2d, 0xf8,
0xff, 0xe9, 0x6a, 0x06, 0x66, 0x3f, 0x14, 0x5a, 0x7d, 0xf3, 0x15, 0xb1, 0x28,
0x4d, 0x56, 0x80, 0x7e, 0x9d, 0xb1, 0xa9, 0xdc, 0xd6, 0xef, 0x24, 0x6f, 0x8b,
0x6a, 0xf5, 0xe3, 0xc9, 0xbd, 0x7a, 0xfe, 0xe5, 0x8c, 0x3a, 0x87, 0xa3, 0xc5,
0x17, 0xeb, 0xdb, 0x02, 0x03, 0x01, 0x00, 0x01
};
static uint8_t g_fuzzSubject[] = {
0x30, 0x44, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0c,
0x44, 0x69, 0x67, 0x69, 0x43, 0x65, 0x72, 0x74, 0x20, 0x49, 0x6e, 0x63, 0x31,
0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x15, 0x47, 0x65, 0x6f,
0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x52, 0x53, 0x41, 0x20, 0x43, 0x4e, 0x20,
0x43, 0x41, 0x20, 0x47, 0x32
};
static char g_fuzzSslHostName[] = "*.163.com";
constexpr int TEST_DATA_LEN = 1;
static bool g_testFlag = true;
static void FreeTrustAnchor(HcfX509TrustAnchor *trustAnchor)
{
if (trustAnchor == nullptr) {
return;
}
CfBlobFree(&trustAnchor->CAPubKey);
CfBlobFree(&trustAnchor->CASubject);
CfObjDestroy(trustAnchor->CACert);
trustAnchor->CACert = nullptr;
free(trustAnchor);
trustAnchor = nullptr;
}
static void FreeValidateResult(HcfX509CertChainValidateResult *result)
{
if (result->entityCert != nullptr) {
CfObjDestroy(result->entityCert);
result->entityCert = nullptr;
}
if (result->trustAnchor != nullptr) {
FreeTrustAnchor(result->trustAnchor);
}
}
static void TestValidateParam(HcfX509CertChainValidateParams &params, HcfCertChain *x509CertChainObj)
{
CfBlob date = { 0 };
date.data = reinterpret_cast<uint8_t *>(g_fuzzDate);
date.size = strlen(g_fuzzDate) + 1;
HcfX509TrustAnchorArray trustAnchors = { 0 };
HcfX509TrustAnchor anchor = { 0 };
CfBlob caPubKey = { 0 };
caPubKey.data = g_fuzzPubKey;
caPubKey.size = strlen(reinterpret_cast<char *>(g_fuzzPubKey)) + 1;
anchor.CAPubKey = &caPubKey;
CfBlob caSubject = { 0 };
caSubject.data = g_fuzzSubject;
caSubject.size = strlen(reinterpret_cast<char *>(g_fuzzSubject)) + 1;
anchor.CASubject = &caSubject;
trustAnchors.data = static_cast<HcfX509TrustAnchor **>(
calloc(TEST_DATA_LEN * sizeof(HcfX509TrustAnchor *), 0));
if (trustAnchors.data == nullptr) {
return;
}
trustAnchors.data[0] = &anchor;
trustAnchors.count = TEST_DATA_LEN;
HcfRevocationCheckParam revocationCheckParam = { 0 };
HcfRevChkOpArray optionData = { 0 };
HcfRevChkOption option[TEST_DATA_LEN] = { REVOCATION_CHECK_OPTION_ACCESS_NETWORK };
optionData.data = option;
optionData.count = TEST_DATA_LEN;
revocationCheckParam.options = &optionData;
CfBlob sslHostname = { 0 };
sslHostname.data = reinterpret_cast<uint8_t *>(g_fuzzSslHostName);
sslHostname.size = strlen(g_fuzzSslHostName) + 1;
HcfKuArray keyUsage = { 0 };
HcfKeyUsageType type[TEST_DATA_LEN] = { KEYUSAGE_DIGITAL_SIGNATURE };
keyUsage.data = type;
keyUsage.count = TEST_DATA_LEN;
params.date = &date;
params.trustAnchors = &trustAnchors;
params.sslHostname = &sslHostname;
params.policy = HcfValPolicyType::VALIDATION_POLICY_TYPE_SSL;
params.keyUsage = &keyUsage;
params.revocationCheckParam = &revocationCheckParam;
HcfX509CertChainValidateResult result = { 0 };
(void)x509CertChainObj->validate(x509CertChainObj, &params, &result);
FreeValidateResult(&result);
free(params.trustAnchors->data);
}
static void TestQuery(HcfCertChain *x509CertChainObj)
{
HcfX509CertChainValidateParams params = { 0 };
TestValidateParam(params, x509CertChainObj);
CfBlob toStringBlob = { 0 };
(void)x509CertChainObj->toString(x509CertChainObj, &toStringBlob);
CfBlobDataClearAndFree(&toStringBlob);
CfBlob hashCodeBlob = { 0 };
(void)x509CertChainObj->hashCode(x509CertChainObj, &hashCodeBlob);
CfBlobDataClearAndFree(&hashCodeBlob);
}
static void CreateOneCert(void)
{
CfEncodingBlob inStream = { 0 };
inStream.data = reinterpret_cast<uint8_t *>(g_fuzzCert);
inStream.encodingFormat = CF_FORMAT_PEM;
inStream.len = strlen(g_fuzzCert) + 1;
HcfCertChain *x509CertChainObj = nullptr;
CfResult res = HcfCertChainCreate(&inStream, nullptr, &x509CertChainObj);
if (res != CF_SUCCESS) {
return;
}
TestQuery(x509CertChainObj);
CfObjDestroy(x509CertChainObj);
}
bool X509CertChainFuzzTest(const uint8_t* data, size_t size)
{
if (g_testFlag) {
CreateOneCert();
g_testFlag = false;
}
if (data == nullptr) {
return false;
}
CfEncodingBlob inStream = { 0 };
inStream.data = const_cast<uint8_t *>(data);
inStream.encodingFormat = CF_FORMAT_PEM;
inStream.len = size;
HcfCertChain *x509CertChainObj = nullptr;
CfResult res = HcfCertChainCreate(&inStream, nullptr, &x509CertChainObj);
if (res != CF_SUCCESS) {
return false;
}
CfObjDestroy(x509CertChainObj);
return true;
}
}
/* Fuzzer entry point */
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{
/* Run your code on data */
OHOS::X509CertChainFuzzTest(data, size);
return 0;
}

587
test/fuzztest/v1.0/x509certchain_fuzzer/x509certchain_fuzzer.cpp Normal file
View File

@ -0,0 +1,587 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "x509certchain_fuzzer.h"
#include <cstddef>
#include <cstdint>
#include "securec.h"
#include "crypto_x509_cert_chain_data_p7b.h"
#include "crypto_x509_cert_chain_data_der.h"
#include "crypto_x509_cert_chain_data_pem.h"
#include "crypto_x509_cert_chain_data_pem_ex.h"
#include "x509_cert_chain_validate_params.h"
#include "x509_cert_chain_validate_result.h"
#include "crypto_x509_test_common.h"
#include "x509_trust_anchor.h"
#include "cf_blob.h"
#include "cf_result.h"
#include "x509_certificate.h"
#include "x509_cert_chain.h"
#include "cert_chain_validator.h"
namespace OHOS {
constexpr int32_t CERT_HEADER_LEN = 2;
constexpr int32_t CERT_COUNT = 3;
constexpr int32_t MAX_DEPTH = 100;
static bool g_testCertChainFlag = true;
static bool g_testCertChainValidatorFlag = true;
static bool g_testCertChainBuildResultFlag = true;
static bool g_testCreateTrustAnchorFlag = true;
const CfEncodingBlob g_inStreamChainDataP7b = { const_cast<uint8_t *>(g_testChainDataP7b),
sizeof(g_testChainDataP7b) / sizeof(g_testChainDataP7b[0]),
CF_FORMAT_PKCS7 };
const CfEncodingBlob g_inStreamChainDataDer = { const_cast<uint8_t *>(g_testChainDataDer),
sizeof(g_testChainDataDer) / sizeof(g_testChainDataDer[0]),
CF_FORMAT_DER };
const CfEncodingBlob g_inStreamChainDataPem = { reinterpret_cast<uint8_t *>(const_cast<char *>(g_testCertChainPem)),
sizeof(g_testCertChainPem) / sizeof(g_testCertChainPem[0]), CF_FORMAT_PEM };
const CfEncodingBlob g_inStreamChainDataPemRoot = {
reinterpret_cast<uint8_t *>(const_cast<char *>(g_testCertChainPemRoot)),
sizeof(g_testCertChainPemRoot) / sizeof(g_testCertChainPemRoot[0]),
CF_FORMAT_PEM };
static CfResult TestGetCertList(HcfCertChain *certChain)
{
HcfX509CertificateArray certs = {nullptr, 0};
CfResult ret = certChain->getCertList(certChain, &certs);
if (ret != CF_SUCCESS) {
return ret;
}
if (certs.count != CERT_COUNT) {
return CF_INVALID_PARAMS;
}
return CF_SUCCESS;
}
static CfResult BuildAnchorArr1(const CfEncodingBlob &certInStream, HcfX509TrustAnchorArray &trustAnchorArray)
{
HcfX509TrustAnchor *anchor = static_cast<HcfX509TrustAnchor *>(HcfMalloc(sizeof(HcfX509TrustAnchor), 0));
if (anchor == nullptr) {
return CF_ERR_MALLOC;
}
(void)HcfX509CertificateCreate(&certInStream, &anchor->CACert);
trustAnchorArray.data = static_cast<HcfX509TrustAnchor **>(HcfMalloc(1 * sizeof(HcfX509TrustAnchor *), 0));
if (trustAnchorArray.data == nullptr) {
CfFree(anchor);
return CF_ERR_MALLOC;
}
trustAnchorArray.data[0] = anchor;
trustAnchorArray.count = 1;
return CF_SUCCESS;
}
static void FreeTrustAnchor1(HcfX509TrustAnchor *&trustAnchor)
{
if (trustAnchor == nullptr) {
return;
}
CfBlobFree(&trustAnchor->CAPubKey);
CfBlobFree(&trustAnchor->CASubject);
CfObjDestroy(trustAnchor->CACert);
trustAnchor->CACert = nullptr;
CfFree(trustAnchor);
trustAnchor = nullptr;
}
static void FreeTrustAnchorArr1(HcfX509TrustAnchorArray &trustAnchorArray)
{
for (uint32_t i = 0; i < trustAnchorArray.count; ++i) {
HcfX509TrustAnchor *anchor = trustAnchorArray.data[i];
FreeTrustAnchor1(anchor);
}
CfFree(trustAnchorArray.data);
trustAnchorArray.data = nullptr;
trustAnchorArray.count = 0;
}
static CfResult TestVerify(HcfCertChain *certChain)
{
HcfX509CertChainValidateResult result = { 0 };
HcfX509TrustAnchorArray trustAnchorArray = { 0 };
CfResult ret = BuildAnchorArr1(g_inStreamChainDataPemRoot, trustAnchorArray);
if (ret != CF_SUCCESS) {
return ret;
}
HcfX509CertChainValidateParams pCertChainValidateParams = { 0 };
const char *date = "20231212080000Z";
CfBlob validDate = { 0 };
validDate.data = reinterpret_cast<uint8_t *>(const_cast<char *>(date));
validDate.size = strlen(date) + 1;
pCertChainValidateParams.date = &validDate;
pCertChainValidateParams.trustAnchors = &trustAnchorArray;
ret = certChain->validate(certChain, &pCertChainValidateParams, &result);
FreeTrustAnchorArr1(trustAnchorArray);
return ret;
}
static CfResult CreateOneCertChainCore(const CfEncodingBlob *inStream)
{
HcfCertChain *certChain = nullptr;
CfResult ret = HcfCertChainCreate(inStream, nullptr, &certChain);
if (ret != CF_SUCCESS) {
return ret;
}
ret = TestGetCertList(certChain);
if (ret != CF_SUCCESS) {
CfObjDestroy(certChain);
return ret;
}
ret = TestVerify(certChain);
CfObjDestroy(certChain);
return ret;
}
static CfResult CreateOneCertChain(CfEncodingFormat encodingFormat)
{
switch (encodingFormat) {
case CF_FORMAT_DER:
return CreateOneCertChainCore(&g_inStreamChainDataDer);
case CF_FORMAT_PKCS7:
return CreateOneCertChainCore(&g_inStreamChainDataP7b);
case CF_FORMAT_PEM:
return CreateOneCertChainCore(&g_inStreamChainDataPem);
default:
return CF_INVALID_PARAMS;
}
}
void X509CertChainFuzzTest(const uint8_t* data, size_t size, CfEncodingFormat encodingFormat)
{
if (g_testCertChainFlag) {
if (CreateOneCertChain(encodingFormat) != CF_SUCCESS) {
return;
}
g_testCertChainFlag = false;
}
if (data == nullptr) {
return;
}
CfEncodingBlob inStream = { 0 };
inStream.data = const_cast<uint8_t *>(data);
inStream.encodingFormat = encodingFormat;
inStream.len = size;
HcfCertChain *x509CertObj = nullptr;
CfResult res = HcfCertChainCreate(&inStream, nullptr, &x509CertObj);
if (res != CF_SUCCESS) {
return;
}
CfObjDestroy(x509CertObj);
return;
}
static CfResult ConstructCertData(HcfCertChainData *certsData)
{
certsData->format = CF_FORMAT_PEM;
certsData->count = 2; /* level-2 cert chain. */
uint32_t caCertLen = strlen(g_testCertChainValidatorCaCert) + 1;
uint32_t secondCaCertLen = strlen(g_testCertChainValidatorSecondCaCert) + 1;
certsData->dataLen = CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen;
certsData->data = (uint8_t *)malloc(certsData->dataLen);
if (certsData->data == nullptr) {
return CF_ERR_MALLOC;
}
if (memcpy_s(certsData->data, CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen,
&secondCaCertLen, CERT_HEADER_LEN) != EOK) {
goto OUT;
}
if (memcpy_s(certsData->data + CERT_HEADER_LEN, secondCaCertLen + CERT_HEADER_LEN + caCertLen,
g_testCertChainValidatorSecondCaCert, secondCaCertLen) != EOK) {
goto OUT;
}
if (memcpy_s(certsData->data + CERT_HEADER_LEN + secondCaCertLen, CERT_HEADER_LEN + caCertLen,
&caCertLen, CERT_HEADER_LEN) != EOK) {
goto OUT;
}
if (memcpy_s(certsData->data + CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN, caCertLen,
g_testCertChainValidatorCaCert, caCertLen) != EOK) {
goto OUT;
}
return CF_SUCCESS;
OUT:
free(certsData->data);
certsData->data = nullptr;
return CF_INVALID_PARAMS;
}
static void FreeCertData(HcfCertChainData *certsData)
{
if (certsData != nullptr && certsData->data != nullptr) {
free(certsData->data);
}
}
static CfResult CreateOneCertChainValidator()
{
HcfCertChainData certsData = {};
ConstructCertData(&certsData);
HcfCertChainValidator *pathValidator = nullptr;
CfResult res = HcfCertChainValidatorCreate("PKIX", &pathValidator);
if (res != CF_SUCCESS) {
goto OUT;
}
res = pathValidator->validate(pathValidator, &certsData);
if (res != CF_SUCCESS) {
goto OUT;
}
OUT:
FreeCertData(&certsData);
CfObjDestroy(pathValidator);
return res;
}
void X509CertChainValidatorCreateFuzzTest(const uint8_t* data, size_t size, CfEncodingFormat certFormat)
{
if (g_testCertChainValidatorFlag) {
(void)CreateOneCertChainValidator();
g_testCertChainValidatorFlag = false;
}
if (data == nullptr || size < sizeof(uint32_t)) {
return;
}
HcfCertChainData certsData = {};
certsData.format = certFormat;
certsData.count = *reinterpret_cast<const uint32_t *>(data); /* level-2 cert chain. */
certsData.dataLen = size;
certsData.data = const_cast<uint8_t *>(data);
HcfCertChainValidator *pathValidator = nullptr;
CfResult res = HcfCertChainValidatorCreate("PKIX", &pathValidator);
if (res != CF_SUCCESS) {
return;
}
CfObjDestroy(pathValidator);
return;
}
static void FreeCertArrayData(HcfX509CertificateArray *certs)
{
if (certs == nullptr) {
return;
}
for (uint32_t i = 0; i < certs->count; ++i) {
CfObjDestroy(certs->data[i]);
}
CfFree(certs->data);
certs->data = nullptr;
certs->count = 0;
}
static CfResult BuildCollectionArrNoCRL(const CfEncodingBlob *certInStream,
HcfCertCRLCollectionArray &certCRLCollections)
{
CfResult ret = CF_ERR_MALLOC;
HcfX509CertificateArray *certArray = nullptr;
HcfCertCrlCollection *x509CertCrlCollection = nullptr;
if (certInStream != nullptr) {
certArray = static_cast<HcfX509CertificateArray *>(HcfMalloc(sizeof(HcfX509CertificateArray), 0));
if (certArray == nullptr) {
goto Exit;
}
HcfX509Certificate *x509CertObj = nullptr;
(void)HcfX509CertificateCreate(certInStream, &x509CertObj);
if (x509CertObj == nullptr) {
goto Exit;
}
certArray->data = static_cast<HcfX509Certificate **>(HcfMalloc(1 * sizeof(HcfX509Certificate *), 0));
if (certArray->data == nullptr) {
goto Exit;
}
certArray->data[0] = x509CertObj;
certArray->count = 1;
}
ret = HcfCertCrlCollectionCreate(certArray, nullptr, &x509CertCrlCollection);
if (ret != CF_SUCCESS) {
goto Exit;
}
certCRLCollections.data = static_cast<HcfCertCrlCollection **>(HcfMalloc(1 * sizeof(HcfCertCrlCollection *),
0));
if (certCRLCollections.data == nullptr) {
goto Exit;
}
certCRLCollections.data[0] = x509CertCrlCollection;
certCRLCollections.count = 1;
FreeCertArrayData(certArray);
CfFree(certArray);
return CF_SUCCESS;
Exit:
FreeCertArrayData(certArray);
CfFree(certArray);
CfFree(certCRLCollections.data);
CfObjDestroy(x509CertCrlCollection);
return ret;
}
static void FreeCertCrlCollectionArr1(HcfCertCRLCollectionArray &certCRLCollections)
{
for (uint32_t i = 0; i < certCRLCollections.count; ++i) {
HcfCertCrlCollection *collection = certCRLCollections.data[i];
CfObjDestroy(collection);
}
CfFree(certCRLCollections.data);
certCRLCollections.data = nullptr;
certCRLCollections.count = 0;
}
static CfResult BuildX509CertMatchParamsDataNoCRL(const CfEncodingBlob *certInStream,
HcfX509CertChainValidateParams *params)
{
HcfCertCRLCollectionArray *certCRLCollections = nullptr;
CfResult ret = CF_ERR_MALLOC;
CfBlob *blob = (CfBlob *)HcfMalloc(sizeof(CfBlob), 0);
if (blob == nullptr) {
return CF_ERR_MALLOC;
}
blob->data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testUpdateDateTime));
blob->size = strlen(g_testUpdateDateTime) + 1;
params->date = blob;
HcfX509TrustAnchorArray *trustAnchorArray =
(HcfX509TrustAnchorArray *)HcfMalloc(sizeof(HcfX509TrustAnchorArray), 0);
if (trustAnchorArray == nullptr) {
goto Exit;
}
ret = BuildAnchorArr1(*certInStream, *trustAnchorArray);
if (ret != CF_SUCCESS) {
goto Exit;
}
certCRLCollections = (HcfCertCRLCollectionArray *)HcfMalloc(sizeof(HcfCertCRLCollectionArray), 0);
if (certCRLCollections == nullptr) {
goto Exit;
}
ret = BuildCollectionArrNoCRL(certInStream, *certCRLCollections);
if (ret != CF_SUCCESS) {
goto Exit;
}
params->trustAnchors = trustAnchorArray;
params->certCRLCollections = certCRLCollections;
return CF_SUCCESS;
Exit:
CfFree(blob);
FreeTrustAnchorArr1(*trustAnchorArray);
CfFree(trustAnchorArray);
CfFree(certCRLCollections);
return ret;
}
static void FreeX509CertMatchParamsData(HcfX509CertChainValidateParams *params)
{
if (params == nullptr) {
return;
}
if (params->date != nullptr) {
CfFree(params->date);
params->date = nullptr;
}
if (params->trustAnchors != nullptr) {
FreeTrustAnchorArr1(*(params->trustAnchors));
CfFree(params->trustAnchors);
params->trustAnchors = nullptr;
}
if (params->certCRLCollections != nullptr) {
FreeCertCrlCollectionArr1(*(params->certCRLCollections));
CfFree(params->certCRLCollections);
params->certCRLCollections = nullptr;
}
}
static void FreeTrustAnchorData(HcfX509TrustAnchor *trustAnchor)
{
if (trustAnchor == NULL) {
return;
}
CfBlobFree(&trustAnchor->CAPubKey);
CfBlobFree(&trustAnchor->CASubject);
CfObjDestroy(trustAnchor->CACert);
trustAnchor->CACert = NULL;
}
static void FreeHcfX509CertChainBuildResult(HcfX509CertChainBuildResult *result)
{
if (result == nullptr) {
return;
}
CfObjDestroy(result->certChain);
CfFree(result);
}
static CfResult CreateOneCertChainBuildResultCreate()
{
HcfX509CertChainBuildParameters inParams = {};
HcfX509CertChainBuildResult *returnObj = nullptr;
CfEncodingBlob inStream = { 0 };
HcfCertChain *certChain = nullptr;
inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCertValid));
inStream.encodingFormat = CF_FORMAT_PEM;
inStream.len = strlen(g_testSelfSignedCaCertValid) + 1;
CfResult ret = BuildX509CertMatchParamsDataNoCRL(&inStream, &inParams.validateParameters);
if (ret != CF_SUCCESS) {
goto Exit;
}
inParams.maxlength = MAX_DEPTH;
CfBlob issue;
issue.data = const_cast<uint8_t *>(g_testIssuerValid);
issue.size = sizeof(g_testIssuerValid);
inParams.certMatchParameters.issuer = &issue;
inParams.certMatchParameters.minPathLenConstraint = -1;
ret = HcfCertChainBuildResultCreate(&inParams, &returnObj);
if (ret != CF_SUCCESS) {
goto Exit;
}
certChain = returnObj->certChain;
ret = certChain->validate(certChain, &inParams.validateParameters, &returnObj->validateResult);
if (ret != CF_SUCCESS) {
goto Exit;
}
Exit:
if (returnObj != nullptr) {
FreeTrustAnchorData(returnObj->validateResult.trustAnchor);
CF_FREE_PTR(returnObj->validateResult.trustAnchor);
CfObjDestroy(returnObj->validateResult.entityCert);
FreeHcfX509CertChainBuildResult(returnObj);
}
FreeX509CertMatchParamsData(&inParams.validateParameters);
return ret;
}
void X509BuildResultCreateFuzzTest(const uint8_t* data, size_t size, CfEncodingFormat certFormat)
{
if (g_testCertChainBuildResultFlag) {
(void)CreateOneCertChainBuildResultCreate();
g_testCertChainBuildResultFlag = false;
}
const char *date = "20231212080000Z";
if (data == nullptr || size < sizeof(int32_t) || size < (strlen(date) + 1)) {
return;
}
HcfX509CertChainBuildParameters inParams = {};
HcfX509CertChainBuildResult *returnObj = nullptr;
CfEncodingBlob inStream = { 0 };
inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCertValid));
inStream.encodingFormat = CF_FORMAT_PEM;
inStream.len = strlen(g_testSelfSignedCaCertValid) + 1;
CfResult ret = BuildX509CertMatchParamsDataNoCRL(&inStream, &inParams.validateParameters);
if (ret != CF_SUCCESS) {
return;
}
inParams.maxlength = *reinterpret_cast<const int32_t *>(data);
CfBlob issue;
issue.data = const_cast<uint8_t *>(data);
issue.size = size;
inParams.certMatchParameters.issuer = &issue;
inParams.certMatchParameters.minPathLenConstraint = -1;
CfBlob validDate;
validDate.data = const_cast<uint8_t *>(data);
validDate.size = strlen(date) + 1;
inParams.certMatchParameters.issuer = &issue;
ret = HcfCertChainBuildResultCreate(&inParams, &returnObj);
if (ret != CF_SUCCESS) {
FreeX509CertMatchParamsData(&inParams.validateParameters);
return;
}
FreeX509CertMatchParamsData(&inParams.validateParameters);
FreeHcfX509CertChainBuildResult(returnObj);
}
static void OneCreateTrustAnchorWithKeyStore()
{
CfBlob keyStore;
CfBlob pwd;
HcfX509TrustAnchorArray *trustAnchorArray = NULL;
keyStore.data = const_cast<uint8_t *>(g_testChainKeystore);
keyStore.size = sizeof(g_testChainKeystore);
pwd.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testKeystorePwd));
pwd.size = sizeof(g_testKeystorePwd);
CfResult result = HcfCreateTrustAnchorWithKeyStore(&keyStore, &pwd, &trustAnchorArray);
if (result != CF_SUCCESS) {
return;
}
FreeTrustAnchorArr1(*trustAnchorArray);
CfFree(trustAnchorArray);
return;
}
void X509BuildResultCreateFuzzTest(const uint8_t* data, size_t size)
{
if (g_testCreateTrustAnchorFlag) {
OneCreateTrustAnchorWithKeyStore();
g_testCreateTrustAnchorFlag = false;
}
CfBlob keyStore;
CfBlob pwd;
HcfX509TrustAnchorArray *trustAnchorArray = NULL;
keyStore.data = const_cast<uint8_t *>(data);
keyStore.size = size;
pwd.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testKeystorePwd));
pwd.size = sizeof(g_testKeystorePwd);
CfResult result = HcfCreateTrustAnchorWithKeyStore(&keyStore, &pwd, &trustAnchorArray);
if (result != CF_SUCCESS) {
return;
}
FreeTrustAnchorArr1(*trustAnchorArray);
CfFree(trustAnchorArray);
return;
}
}
/* Fuzzer entry point */
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{
/* Run your code on data */
OHOS::X509CertChainFuzzTest(data, size, CF_FORMAT_DER);
OHOS::X509CertChainFuzzTest(data, size, CF_FORMAT_PKCS7);
OHOS::X509CertChainFuzzTest(data, size, CF_FORMAT_PEM);
OHOS::X509CertChainValidatorCreateFuzzTest(data, size, CF_FORMAT_DER);
OHOS::X509CertChainValidatorCreateFuzzTest(data, size, CF_FORMAT_PKCS7);
OHOS::X509CertChainValidatorCreateFuzzTest(data, size, CF_FORMAT_PEM);
OHOS::X509BuildResultCreateFuzzTest(data, size, CF_FORMAT_DER);
OHOS::X509BuildResultCreateFuzzTest(data, size, CF_FORMAT_PKCS7);
OHOS::X509BuildResultCreateFuzzTest(data, size, CF_FORMAT_PEM);
OHOS::X509BuildResultCreateFuzzTest(data, size);
return 0;
}

21
test/fuzztest/v1.0/x509certchain_fuzzer/x509certchain_fuzzer.h Normal file
View File

@ -0,0 +1,21 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef X509_CERTIFICATE_FUZZER_H
#define X509_CERTIFICATE_FUZZER_H
#define FUZZ_PROJECT_NAME "x509certchain_fuzzer"
#endif

20
test/fuzztest/v1.0/x509certificate_fuzzer/x509certificate_fuzzer.cpp
View File

@ -72,6 +72,10 @@ namespace OHOS {
}
(void)x509CertObj->base.verify(&(x509CertObj->base), keyOut);
CfObjDestroy(keyOut);
const char *date = "231018162433Z";
// validatetime :2022/08/19 - 2032/08/16
x509CertObj->checkValidityWithDate(x509CertObj, date);
}
static void TestQuery(HcfX509Certificate *x509CertObj)
@ -108,6 +112,10 @@ namespace OHOS {
(void)x509CertObj->getSignatureAlgParams(x509CertObj, &sigAlgParamsOut);
CfBlobDataClearAndFree(&sigAlgParamsOut);
CfBlob sigAlgName = { 0 };
(void)x509CertObj->getSignatureAlgName(x509CertObj, &sigAlgName);
CfBlobDataClearAndFree(&sigAlgName);
CfArray keyUsageOut = { 0 };
(void)x509CertObj->getExtKeyUsage(x509CertObj, &keyUsageOut);
CfArrayDataClearAndFree(&keyUsageOut);
@ -119,6 +127,18 @@ namespace OHOS {
CfArray subjectAltName = { 0 };
(void)x509CertObj->getSubjectAltNames(x509CertObj, &subjectAltName);
CfArrayDataClearAndFree(&subjectAltName);
CfArray outName = { 0 };
(void)x509CertObj->getIssuerAltNames(x509CertObj, &outName);
CfArrayDataClearAndFree(&outName);
CfBlob out = { 0 };
(void)x509CertObj->getKeyUsage(x509CertObj, &out);
CfBlobDataClearAndFree(&out);
CfArray outURI = { nullptr, CF_FORMAT_DER, 0 };
(void)x509CertObj->getCRLDistributionPointsURI(x509CertObj, &outURI);
CfArrayDataClearAndFree(&outURI);
}
static void TestQueryName(HcfX509Certificate *x509CertObj)

2
test/fuzztest/v1.0/x509crl_fuzzer/BUILD.gn
View File

@ -26,6 +26,8 @@ ohos_fuzztest("X509CrlFuzzTest") {
"../../../../frameworks/adapter/v1.0/inc",
"../../../../frameworks/common/v1.0/inc",
"../../../../frameworks/core/v1.0/spi",
"//third_party/openssl/include",
"../../../../test/unittest/v1.0/include",
]
sources = [ "x509crl_fuzzer.cpp" ]
cflags = [

100
test/fuzztest/v1.0/x509crl_fuzzer/x509crl_fuzzer.cpp
View File

@ -19,6 +19,8 @@
#include "asy_key_generator.h"
#include "certificate_openssl_class.h"
#include "crypto_x509_test_common.h"
#include "cf_log.h"
#include "cf_blob.h"
#include "cf_memory.h"
#include "cf_result.h"
@ -28,6 +30,7 @@
#include "x509_certificate.h"
#include "x509_crl.h"
#include "x509_crl_entry.h"
#include "cert_crl_collection.h"
namespace OHOS {
constexpr int TEST_VERSION = 3;
@ -41,6 +44,7 @@ namespace OHOS {
ASN1_TIME *g_lastUpdate = nullptr;
ASN1_TIME *g_nextUpdate = nullptr;
ASN1_TIME *g_rvTime = nullptr;
static bool g_testFlag = true;
static char g_testCrl[] =
"-----BEGIN X509 CRL-----\r\n"
@ -78,6 +82,8 @@ namespace OHOS {
"7zh6YU5JILHnrkjRGdNGmpz8SXJ+bh7u8ffHc4R9FO1q4c9/1YSsOXQj0KazyDIP\r\n"
"IArlydFj8wK8sHvYC9WhPs+hiirrRb9Y2ApFzcYX5aYn46Y=\r\n"
"-----END CERTIFICATE-----\r\n";
const CfEncodingBlob g_crlDerInStream = { const_cast<uint8_t *>(g_crlDerData),
sizeof(g_crlDerData), CF_FORMAT_DER };
static void FreeCrlData()
{
@ -305,9 +311,6 @@ namespace OHOS {
bool FuzzDoX509CrlTest(const uint8_t *data, size_t size)
{
if ((data == nullptr) || (size < sizeof(long))) {
return false;
}
HcfX509Crl *x509CrlDer = nullptr;
CfEncodingBlob crlDerInStream = { 0 };
unsigned char *crlStream = GetCrlStream();
@ -350,6 +353,94 @@ namespace OHOS {
}
return true;
}
void OneCrlCollectionTest()
{
CfEncodingBlob inStream = { 0 };
HcfX509Crl *x509Crl = nullptr;
HcfCertCrlCollection *x509CertCrlCollection = nullptr;
HcfX509Certificate *x509CertObj = nullptr;
HcfX509CertificateArray certArray = { 0 };
HcfX509CrlArray crlArray = { 0 };
inStream.data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testSelfSignedCaCert));
inStream.encodingFormat = CF_FORMAT_PEM;
inStream.len = strlen(g_testSelfSignedCaCert) + 1;
CfResult ret = HcfX509CertificateCreate(&inStream, &x509CertObj);
if (ret != CF_SUCCESS || x509CertObj == nullptr) {
goto Exit;
}
ret = HcfX509CrlCreate(&g_crlDerInStream, &x509Crl);
if (ret != CF_SUCCESS || x509Crl == nullptr) {
goto Exit;
}
certArray.data = static_cast<HcfX509Certificate **>(HcfMalloc(1 * sizeof(HcfX509Certificate *), 0));
if (certArray.data == nullptr) {
goto Exit;
}
certArray.data[0] = x509CertObj;
certArray.count = 1;
crlArray.data = static_cast<HcfX509Crl **>(HcfMalloc(1 * sizeof(HcfX509Crl *), 0));
if (crlArray.data == nullptr) {
goto Exit;
}
crlArray.data[0] = x509Crl;
crlArray.count = 1;
ret = HcfCertCrlCollectionCreate(&certArray, &crlArray, &x509CertCrlCollection);
if (ret != CF_SUCCESS || x509CertCrlCollection == nullptr) {
goto Exit;
}
Exit:
CfObjDestroy(x509CertObj);
CfObjDestroy(x509Crl);
CfFree(crlArray.data);
CfFree(certArray.data);
CfObjDestroy(x509CertCrlCollection);
}
void FuzzDoX509CrlCollectionTest(const uint8_t *data, size_t size, CfEncodingFormat format)
{
if (g_testFlag) {
OneCrlCollectionTest();
g_testFlag = false;
}
if (data == nullptr || size < sizeof(HcfX509Certificate) || size < sizeof(HcfX509Crl)) {
return;
}
CfResult ret;
HcfX509CertificateArray certArray = { 0 };
HcfX509CrlArray crlArray = { 0 };
HcfCertCrlCollection *x509CertCrlCollection = nullptr;
certArray.data = static_cast<HcfX509Certificate **>(HcfMalloc(1 * sizeof(HcfX509Certificate *), 0));
if (certArray.data == nullptr) {
return;
}
certArray.data[0] = reinterpret_cast<HcfX509Certificate *>(const_cast<uint8_t *>(data));
certArray.count = 1;
crlArray.data = static_cast<HcfX509Crl **>(HcfMalloc(1 * sizeof(HcfX509Crl *), 0));
if (crlArray.data == nullptr) {
CfFree(certArray.data);
return;
}
crlArray.data[0] = reinterpret_cast<HcfX509Crl *>(const_cast<uint8_t *>(data));
crlArray.count = 1;
ret = HcfCertCrlCollectionCreate(&certArray, &crlArray, &x509CertCrlCollection);
if (ret != CF_SUCCESS || x509CertCrlCollection == nullptr) {
CfFree(certArray.data);
CfFree(crlArray.data);
return;
}
CfFree(certArray.data);
CfFree(crlArray.data);
CfObjDestroy(x509CertCrlCollection);
return;
}
}
/* Fuzzer entry point */
@ -357,5 +448,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
/* Run your code on data */
OHOS::FuzzDoX509CrlTest(data, size);
OHOS::FuzzDoX509CrlCollectionTest(data, size, CF_FORMAT_DER);
OHOS::FuzzDoX509CrlCollectionTest(data, size, CF_FORMAT_PEM);
OHOS::FuzzDoX509CrlCollectionTest(data, size, CF_FORMAT_PKCS7);
return 0;
}

1
test/fuzztest/v1.0/x509distinguishedname_fuzzer/BUILD.gn
View File

@ -21,6 +21,7 @@ ohos_fuzztest("X509DistinguishedNameFuzzTest") {
module_out_path = module_output_path
fuzz_config_file = "../x509distinguishedname_fuzzer"
configs = [ "../../../../config/build:coverage_flag_cc" ]
include_dirs = [ "../../../../frameworks/common/v1.0/inc" ]
cflags = [
"-g",
"-O0",

15
test/fuzztest/v1.0/x509distinguishedname_fuzzer/x509distinguished_name_fuzzer.cpp
View File

@ -19,6 +19,7 @@
#include <cstdint>
#include "securec.h"
#include "cf_memory.h"
#include "cf_blob.h"
#include "cf_result.h"
#include "x509_distinguished_name.h"
@ -84,15 +85,20 @@ namespace OHOS {
CreateOneDistinguishedName();
g_testFlag = false;
}
if (data == nullptr) {
if (data == nullptr || size < 1) {
return false;
}
uint8_t *testData = (uint8_t *)HcfMalloc(size + 1, sizeof(uint8_t));
if (testData == nullptr) {
return false;
}
CfBlob inStream = { 0 };
inStream.data = const_cast<uint8_t *>(data);
inStream.size = size;
inStream.data = testData;
inStream.size = size + 1;
HcfX509DistinguishedName *x509DistinguishedNameObj = nullptr;
CfResult res = HcfX509DistinguishedNameCreate(&inStream, false, &x509DistinguishedNameObj);
if (res != CF_SUCCESS) {
CfFree(testData);
return false;
}
CfObjDestroy(x509DistinguishedNameObj);
@ -101,10 +107,11 @@ namespace OHOS {
x509DistinguishedNameObj = nullptr;
res = HcfX509DistinguishedNameCreate(&inStream, true, &x509DistinguishedNameObj);
if (res != CF_SUCCESS) {
CfFree(testData);
return false;
}
CfObjDestroy(x509DistinguishedNameObj);
CfFree(testData);
return true;
}
}

2
test/unittest/v1.0/include/crypto_x509_cert_chain_data_der.h
View File

@ -16,7 +16,7 @@
#ifndef CRYPTO_X509_CERT_CHAIN_DATA_DER_H
#define CRYPTO_X509_CERT_CHAIN_DATA_DER_H
#include <gtest/gtest.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C" {

2
test/unittest/v1.0/include/crypto_x509_cert_chain_data_p7b.h
View File

@ -16,7 +16,7 @@
#ifndef CRYPTO_X509_CERT_CHAIN_DATA_P7B_H
#define CRYPTO_X509_CERT_CHAIN_DATA_P7B_H
#include <gtest/gtest.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C" {

128
test/unittest/v1.0/include/crypto_x509_cert_chain_data_pem.h
View File

@ -16,7 +16,7 @@
#ifndef CRYPTO_X509_CERT_CHAIN_DATA_PEM_H
#define CRYPTO_X509_CERT_CHAIN_DATA_PEM_H
#include <gtest/gtest.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C" {
@ -362,6 +362,132 @@ static const char g_testCertChainPemDisorder[] =
"uKPWR9dKBA==\r\n"
"-----END CERTIFICATE-----\r\n";
static const char g_testCertChainValidatorCaCert[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIFwTCCA6mgAwIBAgIUBfKGru//yxvdRovc8iW9U9dzgqMwDQYJKoZIhvcNAQEL\r\n"
"BQAwbzELMAkGA1UEBhMCQ0kxCzAJBgNVBAgMAmhuMQswCQYDVQQHDAJzaDELMAkG\r\n"
"A1UECgwCaGgxCzAJBgNVBAsMAmlpMQswCQYDVQQDDAJhYjEfMB0GCSqGSIb3DQEJ\r\n"
"ARYQY3J5cHRvQGhlbGxvLmNvbTAgFw0yMjA4MjAxMjIyMzZaGA8yMDYyMDgyMDEy\r\n"
"MjIzNlowbzELMAkGA1UEBhMCQ0kxCzAJBgNVBAgMAmhuMQswCQYDVQQHDAJzaDEL\r\n"
"MAkGA1UECgwCaGgxCzAJBgNVBAsMAmlpMQswCQYDVQQDDAJhYjEfMB0GCSqGSIb3\r\n"
"DQEJARYQY3J5cHRvQGhlbGxvLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC\r\n"
"AgoCggIBAOXkcX7cHglTySl4XmjwMhiyxhMQUSTnZtAyjIiudyJmr9q6Ci8OXGTz\r\n"
"yPKmvDejwKcWqwYNpSJstwLUl7o8nFgIJmC9zkQ2ZwdEr5gDNehuR9nNjD55tVKD\r\n"
"68svuLGEWbyFI9AL8p578VPTex18KnLYTnJzYu2rVslFNBzQFVNyFPGhbN/ZEcnE\r\n"
"ICW4qFovuqNdWH/R9wuyilF08CJjBdXAfFvukooleM3Ip/FNSNb0ygs9N+GnxKuw\r\n"
"xybcgC/qZlPHtnl03ebI7/gRgL863E7SZR1lDIMFQ35+Z+TcM4SPqbokNr+nCiUV\r\n"
"hmTW56rZJSLDDKvzHzSbon1atd7bjjWWDA/FkUZtvjrP+IVHe+McOS1pDxUOyUv6\r\n"
"2YiRD6UkHADAqK0shEo/ejbd92CRbobVLapY9GJ0VOolE061PeNDiy/cMI1ihhbB\r\n"
"bq6S5YN/mnjgn0ylDD/6SA4rcc8Pep7ubXSVzhp/mugkJltDvYWoTO8rtZJryqP7\r\n"
"hehpJ8lZ1sGjlBE+1H4673wqx+HeGToGpBwrXM+3mKa27KDMtSRt0CvLuycR1SIW\r\n"
"FmZXy8n8eVemeA4d9flSYak2Mv5PPXttpSM58rylI2BoSTJgxN/j1tE1Lo8hadwp\r\n"
"i5g68H0Fd19HONd+LFxAhpgJ2ZUJb3qoGypEy1J322FCq6djIrIXAgMBAAGjUzBR\r\n"
"MB0GA1UdDgQWBBRH2csGuD+kwo6tU03rVbR5dtBhfjAfBgNVHSMEGDAWgBRH2csG\r\n"
"uD+kwo6tU03rVbR5dtBhfjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA\r\n"
"A4ICAQCovX+y4fN27gjPZuT1x8Lbm1c6UPcraWOUx5fQq7gpbxGhkWvcNWDEM6FD\r\n"
"9bNIT3oA0YiiUqPVOG+2pYiDEwsQJbwgrHZmQIYaufMZevO+a5I4u6FHttj05/ju\r\n"
"Z/j5xVECUWIpGFIl+q9U8B5dZ7GbI5zMNZ+k1/KWt+6x5zqRYU1ysxlxITokVfzq\r\n"
"Bu/DtMGqsrw36FqGEVUc0kYHGW9gwsNLXmw+YMpQMinAOE8uU0Pw8wtQeX9UcA+b\r\n"
"UdP4v9R7YkEtE3rfUCZ1pilEEB5XoklOPn6HYwAhrSB8gb1Ar8gmLUcbO0BT85yS\r\n"
"oPLJcw/m8XFC8Dj9ZFU25ux4lhvwmRs9HFFcBUJtYxB13UdfqlFTAlZdtPWi00IQ\r\n"
"C7MujV0ijoR6PnntwpBhLHIry1XZxzkrHmuJGQuZO7Taf9FyblrydIprkRyLZRSj\r\n"
"r3j1va/amhZZZeKZu1A8KLmTK/VF1IU8f9vMBbmrI6Rx0hgmwOr4kVexDdKyhuZw\r\n"
"U0u0HqJMJR1Vin93IFMRE63hjNno3NPL7d0mlhmwjEywrY0MmXYiQ6ag8o0PYAXg\r\n"
"Nr8NxOEvBY7ZOkWd2deJIyARDEc9nPcY46MiwowJ6bPMVPCXYGOxSfRpvY5SEjgj\r\n"
"llVnK3ULIM3AfVqDe7n3GnD4pHbHZQPLGpq0bQH9JUnCraB60g==\r\n"
"-----END CERTIFICATE-----\r\n";
static const char g_testCertChainValidatorSecondCaCert[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIFvDCCA6SgAwIBAgIUZDZSgan7tFvmeMmUD80kk+opOZwwDQYJKoZIhvcNAQEL\r\n"
"BQAwbzELMAkGA1UEBhMCQ0kxCzAJBgNVBAgMAmhuMQswCQYDVQQHDAJzaDELMAkG\r\n"
"A1UECgwCaGgxCzAJBgNVBAsMAmlpMQswCQYDVQQDDAJhYjEfMB0GCSqGSIb3DQEJ\r\n"
"ARYQY3J5cHRvQGhlbGxvLmNvbTAeFw0yMjA4MjAxMjI4MDhaFw00MjA4MjAxMjI4\r\n"
"MDhaMHwxCzAJBgNVBAYTAkNOMQ4wDAYDVQQIDAVIVU5BTjERMA8GA1UEBwwIU0hB\r\n"
"R05IQUkxCzAJBgNVBAoMAmhoMQswCQYDVQQLDAJpaTEPMA0GA1UEAwwGYXV0aG9y\r\n"
"MR8wHQYJKoZIhvcNAQkBFhBjcnlwdG9AaGVsbG8uY29tMIICIjANBgkqhkiG9w0B\r\n"
"AQEFAAOCAg8AMIICCgKCAgEAuSVyrlsC5nO+64mTYGAVJb1bdRJhz7ATMy2CE2AC\r\n"
"yo/RAl2p4Yoz8uJ6U23Ip4F+HmAGqXnIRGezwb+U1XaMkxX6WJQybngbYhdJX0As\r\n"
"rElz2CZsh0ZE9bsfAakpMtSrCm7RCucHxDD9R6WDWO2p3ARq8QbmLPk6M0tl9Ibo\r\n"
"4y/nJ84rvNfEkjgVNnWh3JLJ8a9OnaPBm+3j/1fPhzcTAo5VAXzEcUomxoV/JZdU\r\n"
"Dc0uFjqVeG9svMEx0dbn/xYrPm3OygmNjmbwuWkU9wx1aBDB0k5EwZ2pEagus7Wb\r\n"
"Qx37MryvLIMZIlOfqCnygwi478FLD2Ml0+1S/3VQR8S4MptlPrlpfNtkFuh5In/l\r\n"
"EgN340I8cdQfv4ZFlZ1BcFhz09MYJFo+toQm62umoZFBdH76wy634FGb1JlhJv6v\r\n"
"MguyM8QUTYsF9NBLXKqT5GtuiK4paqwwiNz/mu7ulfxAwKh2u5Jiw0xd+QCNNk3d\r\n"
"i3Kchx0ZtomjvmHQh57OZRRfO3lNplnujd9/4oloP+N4xGZ9Uknw9KH+Xx0VZy68\r\n"
"1luyaW2BtEKc3K5vcFBAt8FSSAYp9/bJbqfXNIDLPJogQ8EKsccOfs/IiMDP3Wgt\r\n"
"T3v1Cr76z+dbBo05fHew3n2Y5STCnxnxxth/jo59bO6IeUhN+kfnnKGA7uxwPppk\r\n"
"/CECAwEAAaNDMEEwDAYDVR0TBAUwAwEB/zAxBgNVHR8EKjAoMCagJKAihiBodHRw\r\n"
"czovL2NhLnhpZXhpYW5iaW4uY24vY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOCAgEA\r\n"
"KVB7IIZ2WHSvRLnkMkaDdIu37l60VMhj79MfOTTI/0CcZ0p8G+fqOKGTCtOTFLfz\r\n"
"nXCgDOYH9F5tugLLd9B7FiLys5eBdXRym22BHs/jtzUXFrxSFWBhxvW0cwCwy59g\r\n"
"5c/vX3QcvliJfjaLq67CwHIdKlKocogJp1qeROy7HfLQMQJHE/Fc30QZXp5bJcmg\r\n"
"KDYGdvrgKGpzgf4zjOYH+OMhwB2G9Nd6en7TCihq3A8HiGj+M3OzrKgWR4qiHmPg\r\n"
"3SX7njPLPVerly+o8oh2pSwxSLQMKgPHpbvMHIr5vRIAklGg2TP7WV5+Wc+MC+Ls\r\n"
"fZ5M7WSZWD6BV2XIHA2iM3N7wYzvH0lNlgR1Pu8vhflPfSjFouILbEHnsokHPsUd\r\n"
"bxnNmOyMpCDCg3cjuZYIyjAIB/OoADAekAHX3cAitBBzzD9MBK/UXRkMded6JVwf\r\n"
"bZGq+2LLNzXzqMWQeCcGocRHiV+7uw3klLANfF9NyXvW6FYN50LhnoroGwsuGetY\r\n"
"22F/8s1N0oC7Ucn/JmZUA9xjaCDEeoTDoefv8/3zSr2sR6wR7hIHgvC9NNOTzdSS\r\n"
"Rqc3AfUz90kdsAoZowql7CrZy7LiqzaJMy1F+2H8jmzfCV6DBaCYgzlBGS/dq/Q7\r\n"
"A9kbZrfCeb/yEgz0h0LrWnBWww7r2T+Hk4LQ/jLtC1Q=\r\n"
"-----END CERTIFICATE-----\r\n";
static const char g_testCertChainValidatorInvalidCaCert[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIFwTCCA6mgAwIBAgIUBQorsmfkw1hrf85bkGSOiJLFCfYwDQYJKoZIhvcNAQEL\r\n"
"BQAwezELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFNIQU5HSEFJMREwDwYDVQQHDAhT\r\n"
"SEFOR0hBSTELMAkGA1UECgwCQUExCzAJBgNVBAsMAkJCMQswCQYDVQQDDAJDQzEf\r\n"
"MB0GCSqGSIb3DQEJARYQc2Vjb25kQGhlbGxvLmNvbTAeFw0yMjA4MjMxMTM4NDNa\r\n"
"Fw00MjA4MjMxMTM4NDNaMHoxCzAJBgNVBAYTAkNBMREwDwYDVQQIDAhTSEFOR0hB\r\n"
"STERMA8GA1UEBwwIU0hBTkdIQUkxCzAJBgNVBAoMAkFBMQswCQYDVQQLDAJCQjEL\r\n"
"MAkGA1UEAwwCQ0MxHjAcBgkqhkiG9w0BCQEWD3RoaXJkQGhlbGxvLmNvbTCCAiIw\r\n"
"DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMoRJDPA4mVDVgO7TGQqFZh4OxbV\r\n"
"uGaYmlEIVMwadsjA16l7xKB25bX7WmzHVDgZaJ0zJIyxbXXKvlmELS4mqDVmHUhh\r\n"
"sDHM+N00LVjV70F0xjaMRb1s6hOWlQ8Y314iDjW+c1lcHhWFliXqIp2Y7/c2QNKH\r\n"
"cRd+cqBzR45a9axHQTxS5ajTmLBSSAuSi3u1uVnA7BE7e0i0WSiISOtWiKoqG/R4\r\n"
"o+6llKg68LY0zHdWPyHn6F3aTvP+OJN+NHM+2onovpujDI28sTMRKeT92h/Ubf+s\r\n"
"q+kD25ADBZbq5kOXKq2m2jyh3RHSrxoPRyVUCFfWeqJk2ZUyOleHqV+orOCvTM37\r\n"
"LfbgIG6vchwMRnZHNBYWIm0BYkyo+O9wFV2+wC9iQwk/k+st9sQYNNwH6C2gzNnQ\r\n"
"WHgEYbGRSiUYsyXvkoUjw2gsBZJHjtKBNEqVwUA+yapbVRPsIPnzMr2IcLj9K2LM\r\n"
"FxOtpuliUjg/pqb4r5m83ZJQDBT3mvJr3NWbzbFKhqIaZyjjacCWr0vaumRsryEz\r\n"
"FwOVUZoPvLz/CgTAOAoouxGPs7qJhXb5CtXLdC15U9IEtsP88SExFa4gvO9nZPHE\r\n"
"HW9rc8/kppulsPGEDeZxYonGnk8l55ORqjmxcUQnWxWG1sqz4oTwUifWf9cybwMS\r\n"
"PpDQ4piAyncWY2jbAgMBAAGjPjA8MAwGA1UdEwQFMAMBAf8wLAYDVR0fBCUwIzAh\r\n"
"oB+gHYYbaHR0cHM6Ly9jYS50aGlyZC5jbi9jcmwucGVtMA0GCSqGSIb3DQEBCwUA\r\n"
"A4ICAQA0CP5FEccMxxd83S0IL5uwNCPPBzN3qHGZWm1PJD4dvbzsB5AtWbhDvfvD\r\n"
"GQRvfH83t3701U2J7wAUuFgG8UCNVKLSLfSv3Gqo5wKhEnZcoE0KZot56IA+lwVe\r\n"
"LfwAYgrzPMOWl1pyQ/BE5BcKthS/7OTH7qdNHc0J59xsanKFU9jnGEjfZv14XSRo\r\n"
"/iCM9ZIb4tVETnGFVfjp3Rjgnw2OZjdJcfVLIF/zTlkkGOQLqfyJqoafy0MIuM/k\r\n"
"nosPXJHX7tqQs5+ckKhPRkBltGsoLv2HzoIGiiGLvFmulvkyUd9FDq8UwfetAKU6\r\n"
"BTO6ZkjeS0S+2SBZ29Hm5F2xMoQjTtzYkmxCxbhFkAF2SWvR+hVXoOsAgG2csU15\r\n"
"ef+IgUw1aX7RK2OxYEYvX9BFLaoc8zima+ZzUbScZznVsyPGLZl+7tiOkQVFUSOY\r\n"
"F2TJqRXT8Obb0gQ1rHfU+ilDuP3+eUuUFfmzInqXTkGDArDEkwKoHezXgHhsvLTu\r\n"
"vBYSV/GOZHduz4WmiPQri3CkntSe4/JWeYoJHD+IWBO/Czvh6nNOciRxZSif917h\r\n"
"FQ6og3z/5CyHLd7EWKX/CwUqZ0jmGUdGoaO5i7xTeVzYGpkPzoTTRUv2T/go3roE\r\n"
"3hd5yG48AaYNKhJ26auBrOARpJe/ktKZTMuU3zHuPRtv3Wtdiw==\r\n"
"-----END CERTIFICATE-----\r\n";
static const char g_testSelfSignedCaCertValid[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIDHTCCAgWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0\r\n"
"IE5DIENBIDEwIBcNMjExMjAyMTcyNTAyWhgPMjEyMTEyMDMxNzI1MDJaMDwxIzAh\r\n"
"BgNVBAoMGkdvb2QgTkMgVGVzdCBDZXJ0aWZpY2F0ZSAxMRUwEwYDVQQDDAx3d3cu\r\n"
"Z29vZC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqx1t7HiPe\r\n"
"kRAWdiGUt4pklKGZ7338An6R7/y0e/8Grx2jeUfyc19BAB7MW1p8L+zdMjbclNE0\r\n"
"UZ6RZZNexfgMksNI/nW+4Lzu8qu2wFx1MjbTpMT8w/vnsGBMthxLu6+2wdnpdD1B\r\n"
"0led8xu7PSBgVULqyHcUvoLeRGEsB14yGx7dbIsokYxno1nr4u3BK5ic9KTTSxJR\r\n"
"Ig93qwo2pAZR7mfnOo33B9alhzvSwmEKJ9v7pERDnIP5ED0HaWFAeXl7GFgoH2y9\r\n"
"QDyJVuwWsoSWIx4Mr8UIr0IbVJU6KsqEiqqc5P5rX/y4tYMkpHZd9U1EONd2uwmX\r\n"
"dwSp0LEmQb/DAgMBAAGjTTBLMB0GA1UdDgQWBBSfJPZqs1tk+xjjDrovr13ORDWn\r\n"
"ojAfBgNVHSMEGDAWgBQI0Zv55tVkcKDxaxqe7VLa3fVQQzAJBgNVHRMEAjAAMA0G\r\n"
"CSqGSIb3DQEBCwUAA4IBAQAEKXs56hB4DOO1vJe7pByfCHU33ij/ux7u68BdkDQ8\r\n"
"S9SNaoD7h1XNSmC8kKULvpoKctJzJxh1IH4wtvGGGXsUt1By0a6Y5SnKW9/mG4NM\r\n"
"D4fGea0G2AeI8BHFs6vl8voYK9wgx9Ygus3Kj/8h6V7t2zB8ZhhVqpZkAQEjj0C2\r\n"
"1IV273wD0VdZl7uB+MEKk+7eTjNMeo6JzlBBf5GhtA1WbLNdszMfI0ljo7HAX+9L\r\n"
"yco0xKSKkZQ+v7VdJBfC6odp+epPMZqfyHrkFzUr8XRJfriP1lydPK7AbXLVrLJg\r\n"
"fIXCvUdxQx4B1LaclUDORL5r2tRhRYdAEKtUz7RpQzJK\r\n"
"-----END CERTIFICATE-----\r\n";
static const uint8_t g_testChainPubkeyPemRootData[] = { 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03,
0x21, 0x00, 0xBB, 0x16, 0x9D, 0x8F, 0x5C, 0x30, 0xD0, 0xBA, 0x8F, 0x37, 0x6E, 0x33, 0xAF, 0x6F, 0x23, 0x71, 0x23,
0xA5, 0x49, 0x60, 0x1E, 0xD1, 0x07, 0x4B, 0xC9, 0x11, 0x7E, 0x66, 0x01, 0xBA, 0x92, 0x52 };

2
test/unittest/v1.0/include/crypto_x509_cert_chain_data_pem_ex.h
View File

@ -16,7 +16,7 @@
#ifndef CRYPTO_X509_CERT_CHAIN_DATA_PEM_EX_H
#define CRYPTO_X509_CERT_CHAIN_DATA_PEM_EX_H
#include <gtest/gtest.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C" {

3
test/unittest/v1.0/include/crypto_x509_test_common.h
View File

@ -16,12 +16,9 @@
#ifndef CRYPTO_X509_TEST_COMMON_H
#define CRYPTO_X509_TEST_COMMON_H
#include <gtest/gtest.h>
#include <openssl/x509.h>
#include <stdbool.h>
#include "asy_key_generator.h"
#include "certificate_openssl_class.h"
#include "cf_memory.h"
#include "cipher.h"
#include "crypto_x509_cert_chain_data_der.h"

22
test/unittest/v1.0/src/crypto_x509_cert_chain_test.cpp
View File

@ -28,6 +28,7 @@
#include "x509_cert_chain.h"
#include "x509_cert_chain_openssl.h"
#include "x509_certificate_openssl.h"
#include "crypto_x509_cert_chain_data_pem.h"
#include "cert_crl_common.h"
#include "fwk_class.h"
@ -70,27 +71,6 @@ public:
void TearDown();
};
static const char g_testSelfSignedCaCertValid[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIDHTCCAgWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0\r\n"
"IE5DIENBIDEwIBcNMjExMjAyMTcyNTAyWhgPMjEyMTEyMDMxNzI1MDJaMDwxIzAh\r\n"
"BgNVBAoMGkdvb2QgTkMgVGVzdCBDZXJ0aWZpY2F0ZSAxMRUwEwYDVQQDDAx3d3cu\r\n"
"Z29vZC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqx1t7HiPe\r\n"
"kRAWdiGUt4pklKGZ7338An6R7/y0e/8Grx2jeUfyc19BAB7MW1p8L+zdMjbclNE0\r\n"
"UZ6RZZNexfgMksNI/nW+4Lzu8qu2wFx1MjbTpMT8w/vnsGBMthxLu6+2wdnpdD1B\r\n"
"0led8xu7PSBgVULqyHcUvoLeRGEsB14yGx7dbIsokYxno1nr4u3BK5ic9KTTSxJR\r\n"
"Ig93qwo2pAZR7mfnOo33B9alhzvSwmEKJ9v7pERDnIP5ED0HaWFAeXl7GFgoH2y9\r\n"
"QDyJVuwWsoSWIx4Mr8UIr0IbVJU6KsqEiqqc5P5rX/y4tYMkpHZd9U1EONd2uwmX\r\n"
"dwSp0LEmQb/DAgMBAAGjTTBLMB0GA1UdDgQWBBSfJPZqs1tk+xjjDrovr13ORDWn\r\n"
"ojAfBgNVHSMEGDAWgBQI0Zv55tVkcKDxaxqe7VLa3fVQQzAJBgNVHRMEAjAAMA0G\r\n"
"CSqGSIb3DQEBCwUAA4IBAQAEKXs56hB4DOO1vJe7pByfCHU33ij/ux7u68BdkDQ8\r\n"
"S9SNaoD7h1XNSmC8kKULvpoKctJzJxh1IH4wtvGGGXsUt1By0a6Y5SnKW9/mG4NM\r\n"
"D4fGea0G2AeI8BHFs6vl8voYK9wgx9Ygus3Kj/8h6V7t2zB8ZhhVqpZkAQEjj0C2\r\n"
"1IV273wD0VdZl7uB+MEKk+7eTjNMeo6JzlBBf5GhtA1WbLNdszMfI0ljo7HAX+9L\r\n"
"yco0xKSKkZQ+v7VdJBfC6odp+epPMZqfyHrkFzUr8XRJfriP1lydPK7AbXLVrLJg\r\n"
"fIXCvUdxQx4B1LaclUDORL5r2tRhRYdAEKtUz7RpQzJK\r\n"
"-----END CERTIFICATE-----\r\n";
static HcfCertChain *g_certChainP7b = nullptr;
static HcfX509Certificate *g_x509CertObj = nullptr;
static HcfX509CertChainSpi *g_certChainP7bSpi = nullptr;

129
test/unittest/v1.0/src/crypto_x509_cert_chain_validator_test.cpp
View File

@ -22,6 +22,7 @@
#include "memory_mock.h"
#include "cf_object_base.h"
#include "cf_result.h"
#include "crypto_x509_cert_chain_data_pem.h"
#include "x509_cert_chain_validator_openssl.h"
using namespace std;
@ -39,110 +40,6 @@ public:
constexpr int32_t CERT_HEADER_LEN = 2;
constexpr int32_t INVALID_MAX_CERT_LEN = 8194;
static char g_caCert[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIFwTCCA6mgAwIBAgIUBfKGru//yxvdRovc8iW9U9dzgqMwDQYJKoZIhvcNAQEL\r\n"
"BQAwbzELMAkGA1UEBhMCQ0kxCzAJBgNVBAgMAmhuMQswCQYDVQQHDAJzaDELMAkG\r\n"
"A1UECgwCaGgxCzAJBgNVBAsMAmlpMQswCQYDVQQDDAJhYjEfMB0GCSqGSIb3DQEJ\r\n"
"ARYQY3J5cHRvQGhlbGxvLmNvbTAgFw0yMjA4MjAxMjIyMzZaGA8yMDYyMDgyMDEy\r\n"
"MjIzNlowbzELMAkGA1UEBhMCQ0kxCzAJBgNVBAgMAmhuMQswCQYDVQQHDAJzaDEL\r\n"
"MAkGA1UECgwCaGgxCzAJBgNVBAsMAmlpMQswCQYDVQQDDAJhYjEfMB0GCSqGSIb3\r\n"
"DQEJARYQY3J5cHRvQGhlbGxvLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC\r\n"
"AgoCggIBAOXkcX7cHglTySl4XmjwMhiyxhMQUSTnZtAyjIiudyJmr9q6Ci8OXGTz\r\n"
"yPKmvDejwKcWqwYNpSJstwLUl7o8nFgIJmC9zkQ2ZwdEr5gDNehuR9nNjD55tVKD\r\n"
"68svuLGEWbyFI9AL8p578VPTex18KnLYTnJzYu2rVslFNBzQFVNyFPGhbN/ZEcnE\r\n"
"ICW4qFovuqNdWH/R9wuyilF08CJjBdXAfFvukooleM3Ip/FNSNb0ygs9N+GnxKuw\r\n"
"xybcgC/qZlPHtnl03ebI7/gRgL863E7SZR1lDIMFQ35+Z+TcM4SPqbokNr+nCiUV\r\n"
"hmTW56rZJSLDDKvzHzSbon1atd7bjjWWDA/FkUZtvjrP+IVHe+McOS1pDxUOyUv6\r\n"
"2YiRD6UkHADAqK0shEo/ejbd92CRbobVLapY9GJ0VOolE061PeNDiy/cMI1ihhbB\r\n"
"bq6S5YN/mnjgn0ylDD/6SA4rcc8Pep7ubXSVzhp/mugkJltDvYWoTO8rtZJryqP7\r\n"
"hehpJ8lZ1sGjlBE+1H4673wqx+HeGToGpBwrXM+3mKa27KDMtSRt0CvLuycR1SIW\r\n"
"FmZXy8n8eVemeA4d9flSYak2Mv5PPXttpSM58rylI2BoSTJgxN/j1tE1Lo8hadwp\r\n"
"i5g68H0Fd19HONd+LFxAhpgJ2ZUJb3qoGypEy1J322FCq6djIrIXAgMBAAGjUzBR\r\n"
"MB0GA1UdDgQWBBRH2csGuD+kwo6tU03rVbR5dtBhfjAfBgNVHSMEGDAWgBRH2csG\r\n"
"uD+kwo6tU03rVbR5dtBhfjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA\r\n"
"A4ICAQCovX+y4fN27gjPZuT1x8Lbm1c6UPcraWOUx5fQq7gpbxGhkWvcNWDEM6FD\r\n"
"9bNIT3oA0YiiUqPVOG+2pYiDEwsQJbwgrHZmQIYaufMZevO+a5I4u6FHttj05/ju\r\n"
"Z/j5xVECUWIpGFIl+q9U8B5dZ7GbI5zMNZ+k1/KWt+6x5zqRYU1ysxlxITokVfzq\r\n"
"Bu/DtMGqsrw36FqGEVUc0kYHGW9gwsNLXmw+YMpQMinAOE8uU0Pw8wtQeX9UcA+b\r\n"
"UdP4v9R7YkEtE3rfUCZ1pilEEB5XoklOPn6HYwAhrSB8gb1Ar8gmLUcbO0BT85yS\r\n"
"oPLJcw/m8XFC8Dj9ZFU25ux4lhvwmRs9HFFcBUJtYxB13UdfqlFTAlZdtPWi00IQ\r\n"
"C7MujV0ijoR6PnntwpBhLHIry1XZxzkrHmuJGQuZO7Taf9FyblrydIprkRyLZRSj\r\n"
"r3j1va/amhZZZeKZu1A8KLmTK/VF1IU8f9vMBbmrI6Rx0hgmwOr4kVexDdKyhuZw\r\n"
"U0u0HqJMJR1Vin93IFMRE63hjNno3NPL7d0mlhmwjEywrY0MmXYiQ6ag8o0PYAXg\r\n"
"Nr8NxOEvBY7ZOkWd2deJIyARDEc9nPcY46MiwowJ6bPMVPCXYGOxSfRpvY5SEjgj\r\n"
"llVnK3ULIM3AfVqDe7n3GnD4pHbHZQPLGpq0bQH9JUnCraB60g==\r\n"
"-----END CERTIFICATE-----\r\n";
static char g_secondCaCert[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIFvDCCA6SgAwIBAgIUZDZSgan7tFvmeMmUD80kk+opOZwwDQYJKoZIhvcNAQEL\r\n"
"BQAwbzELMAkGA1UEBhMCQ0kxCzAJBgNVBAgMAmhuMQswCQYDVQQHDAJzaDELMAkG\r\n"
"A1UECgwCaGgxCzAJBgNVBAsMAmlpMQswCQYDVQQDDAJhYjEfMB0GCSqGSIb3DQEJ\r\n"
"ARYQY3J5cHRvQGhlbGxvLmNvbTAeFw0yMjA4MjAxMjI4MDhaFw00MjA4MjAxMjI4\r\n"
"MDhaMHwxCzAJBgNVBAYTAkNOMQ4wDAYDVQQIDAVIVU5BTjERMA8GA1UEBwwIU0hB\r\n"
"R05IQUkxCzAJBgNVBAoMAmhoMQswCQYDVQQLDAJpaTEPMA0GA1UEAwwGYXV0aG9y\r\n"
"MR8wHQYJKoZIhvcNAQkBFhBjcnlwdG9AaGVsbG8uY29tMIICIjANBgkqhkiG9w0B\r\n"
"AQEFAAOCAg8AMIICCgKCAgEAuSVyrlsC5nO+64mTYGAVJb1bdRJhz7ATMy2CE2AC\r\n"
"yo/RAl2p4Yoz8uJ6U23Ip4F+HmAGqXnIRGezwb+U1XaMkxX6WJQybngbYhdJX0As\r\n"
"rElz2CZsh0ZE9bsfAakpMtSrCm7RCucHxDD9R6WDWO2p3ARq8QbmLPk6M0tl9Ibo\r\n"
"4y/nJ84rvNfEkjgVNnWh3JLJ8a9OnaPBm+3j/1fPhzcTAo5VAXzEcUomxoV/JZdU\r\n"
"Dc0uFjqVeG9svMEx0dbn/xYrPm3OygmNjmbwuWkU9wx1aBDB0k5EwZ2pEagus7Wb\r\n"
"Qx37MryvLIMZIlOfqCnygwi478FLD2Ml0+1S/3VQR8S4MptlPrlpfNtkFuh5In/l\r\n"
"EgN340I8cdQfv4ZFlZ1BcFhz09MYJFo+toQm62umoZFBdH76wy634FGb1JlhJv6v\r\n"
"MguyM8QUTYsF9NBLXKqT5GtuiK4paqwwiNz/mu7ulfxAwKh2u5Jiw0xd+QCNNk3d\r\n"
"i3Kchx0ZtomjvmHQh57OZRRfO3lNplnujd9/4oloP+N4xGZ9Uknw9KH+Xx0VZy68\r\n"
"1luyaW2BtEKc3K5vcFBAt8FSSAYp9/bJbqfXNIDLPJogQ8EKsccOfs/IiMDP3Wgt\r\n"
"T3v1Cr76z+dbBo05fHew3n2Y5STCnxnxxth/jo59bO6IeUhN+kfnnKGA7uxwPppk\r\n"
"/CECAwEAAaNDMEEwDAYDVR0TBAUwAwEB/zAxBgNVHR8EKjAoMCagJKAihiBodHRw\r\n"
"czovL2NhLnhpZXhpYW5iaW4uY24vY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOCAgEA\r\n"
"KVB7IIZ2WHSvRLnkMkaDdIu37l60VMhj79MfOTTI/0CcZ0p8G+fqOKGTCtOTFLfz\r\n"
"nXCgDOYH9F5tugLLd9B7FiLys5eBdXRym22BHs/jtzUXFrxSFWBhxvW0cwCwy59g\r\n"
"5c/vX3QcvliJfjaLq67CwHIdKlKocogJp1qeROy7HfLQMQJHE/Fc30QZXp5bJcmg\r\n"
"KDYGdvrgKGpzgf4zjOYH+OMhwB2G9Nd6en7TCihq3A8HiGj+M3OzrKgWR4qiHmPg\r\n"
"3SX7njPLPVerly+o8oh2pSwxSLQMKgPHpbvMHIr5vRIAklGg2TP7WV5+Wc+MC+Ls\r\n"
"fZ5M7WSZWD6BV2XIHA2iM3N7wYzvH0lNlgR1Pu8vhflPfSjFouILbEHnsokHPsUd\r\n"
"bxnNmOyMpCDCg3cjuZYIyjAIB/OoADAekAHX3cAitBBzzD9MBK/UXRkMded6JVwf\r\n"
"bZGq+2LLNzXzqMWQeCcGocRHiV+7uw3klLANfF9NyXvW6FYN50LhnoroGwsuGetY\r\n"
"22F/8s1N0oC7Ucn/JmZUA9xjaCDEeoTDoefv8/3zSr2sR6wR7hIHgvC9NNOTzdSS\r\n"
"Rqc3AfUz90kdsAoZowql7CrZy7LiqzaJMy1F+2H8jmzfCV6DBaCYgzlBGS/dq/Q7\r\n"
"A9kbZrfCeb/yEgz0h0LrWnBWww7r2T+Hk4LQ/jLtC1Q=\r\n"
"-----END CERTIFICATE-----\r\n";
static char g_invalidCaCert[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIFwTCCA6mgAwIBAgIUBQorsmfkw1hrf85bkGSOiJLFCfYwDQYJKoZIhvcNAQEL\r\n"
"BQAwezELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFNIQU5HSEFJMREwDwYDVQQHDAhT\r\n"
"SEFOR0hBSTELMAkGA1UECgwCQUExCzAJBgNVBAsMAkJCMQswCQYDVQQDDAJDQzEf\r\n"
"MB0GCSqGSIb3DQEJARYQc2Vjb25kQGhlbGxvLmNvbTAeFw0yMjA4MjMxMTM4NDNa\r\n"
"Fw00MjA4MjMxMTM4NDNaMHoxCzAJBgNVBAYTAkNBMREwDwYDVQQIDAhTSEFOR0hB\r\n"
"STERMA8GA1UEBwwIU0hBTkdIQUkxCzAJBgNVBAoMAkFBMQswCQYDVQQLDAJCQjEL\r\n"
"MAkGA1UEAwwCQ0MxHjAcBgkqhkiG9w0BCQEWD3RoaXJkQGhlbGxvLmNvbTCCAiIw\r\n"
"DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMoRJDPA4mVDVgO7TGQqFZh4OxbV\r\n"
"uGaYmlEIVMwadsjA16l7xKB25bX7WmzHVDgZaJ0zJIyxbXXKvlmELS4mqDVmHUhh\r\n"
"sDHM+N00LVjV70F0xjaMRb1s6hOWlQ8Y314iDjW+c1lcHhWFliXqIp2Y7/c2QNKH\r\n"
"cRd+cqBzR45a9axHQTxS5ajTmLBSSAuSi3u1uVnA7BE7e0i0WSiISOtWiKoqG/R4\r\n"
"o+6llKg68LY0zHdWPyHn6F3aTvP+OJN+NHM+2onovpujDI28sTMRKeT92h/Ubf+s\r\n"
"q+kD25ADBZbq5kOXKq2m2jyh3RHSrxoPRyVUCFfWeqJk2ZUyOleHqV+orOCvTM37\r\n"
"LfbgIG6vchwMRnZHNBYWIm0BYkyo+O9wFV2+wC9iQwk/k+st9sQYNNwH6C2gzNnQ\r\n"
"WHgEYbGRSiUYsyXvkoUjw2gsBZJHjtKBNEqVwUA+yapbVRPsIPnzMr2IcLj9K2LM\r\n"
"FxOtpuliUjg/pqb4r5m83ZJQDBT3mvJr3NWbzbFKhqIaZyjjacCWr0vaumRsryEz\r\n"
"FwOVUZoPvLz/CgTAOAoouxGPs7qJhXb5CtXLdC15U9IEtsP88SExFa4gvO9nZPHE\r\n"
"HW9rc8/kppulsPGEDeZxYonGnk8l55ORqjmxcUQnWxWG1sqz4oTwUifWf9cybwMS\r\n"
"PpDQ4piAyncWY2jbAgMBAAGjPjA8MAwGA1UdEwQFMAMBAf8wLAYDVR0fBCUwIzAh\r\n"
"oB+gHYYbaHR0cHM6Ly9jYS50aGlyZC5jbi9jcmwucGVtMA0GCSqGSIb3DQEBCwUA\r\n"
"A4ICAQA0CP5FEccMxxd83S0IL5uwNCPPBzN3qHGZWm1PJD4dvbzsB5AtWbhDvfvD\r\n"
"GQRvfH83t3701U2J7wAUuFgG8UCNVKLSLfSv3Gqo5wKhEnZcoE0KZot56IA+lwVe\r\n"
"LfwAYgrzPMOWl1pyQ/BE5BcKthS/7OTH7qdNHc0J59xsanKFU9jnGEjfZv14XSRo\r\n"
"/iCM9ZIb4tVETnGFVfjp3Rjgnw2OZjdJcfVLIF/zTlkkGOQLqfyJqoafy0MIuM/k\r\n"
"nosPXJHX7tqQs5+ckKhPRkBltGsoLv2HzoIGiiGLvFmulvkyUd9FDq8UwfetAKU6\r\n"
"BTO6ZkjeS0S+2SBZ29Hm5F2xMoQjTtzYkmxCxbhFkAF2SWvR+hVXoOsAgG2csU15\r\n"
"ef+IgUw1aX7RK2OxYEYvX9BFLaoc8zima+ZzUbScZznVsyPGLZl+7tiOkQVFUSOY\r\n"
"F2TJqRXT8Obb0gQ1rHfU+ilDuP3+eUuUFfmzInqXTkGDArDEkwKoHezXgHhsvLTu\r\n"
"vBYSV/GOZHduz4WmiPQri3CkntSe4/JWeYoJHD+IWBO/Czvh6nNOciRxZSif917h\r\n"
"FQ6og3z/5CyHLd7EWKX/CwUqZ0jmGUdGoaO5i7xTeVzYGpkPzoTTRUv2T/go3roE\r\n"
"3hd5yG48AaYNKhJ26auBrOARpJe/ktKZTMuU3zHuPRtv3Wtdiw==\r\n"
"-----END CERTIFICATE-----\r\n";
static uint8_t g_certDerFormat[] = {
0x30, 0x82, 0x05, 0xc1, 0x30, 0x82, 0x03, 0xa9, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x05,
@ -392,8 +289,8 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest001, TestSize.Level0)
HcfCertChainData certsData = { 0 };
certsData.format = CF_FORMAT_PEM;
certsData.count = 2; /* level-2 cert chain. */
uint32_t caCertLen = strlen(g_caCert) + 1;
uint32_t secondCaCertLen = strlen(g_secondCaCert) + 1;
uint32_t caCertLen = strlen(g_testCertChainValidatorCaCert) + 1;
uint32_t secondCaCertLen = strlen(g_testCertChainValidatorSecondCaCert) + 1;
certsData.dataLen = CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen;
certsData.data = (uint8_t *)malloc(certsData.dataLen);
if (certsData.data == nullptr) {
@ -404,7 +301,7 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest001, TestSize.Level0)
goto OUT;
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN, secondCaCertLen + CERT_HEADER_LEN + caCertLen,
g_secondCaCert, secondCaCertLen) != EOK) {
g_testCertChainValidatorSecondCaCert, secondCaCertLen) != EOK) {
goto OUT;
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN + secondCaCertLen, CERT_HEADER_LEN + caCertLen,
@ -412,7 +309,7 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest001, TestSize.Level0)
goto OUT;
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN, caCertLen,
g_caCert, caCertLen) != EOK) {
g_testCertChainValidatorCaCert, caCertLen) != EOK) {
goto OUT;
}
@ -429,9 +326,9 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest002, TestSize.Level0)
HcfCertChainData certsData = { 0 };
certsData.format = CF_FORMAT_PEM;
certsData.count = 3; /* level-3 cert chain. */
uint32_t caCertLen = strlen(g_caCert) + 1;
uint32_t secondCaCertLen = strlen(g_secondCaCert) + 1;
uint32_t thirdCertLen = strlen(g_invalidCaCert) + 1;
uint32_t caCertLen = strlen(g_testCertChainValidatorCaCert) + 1;
uint32_t secondCaCertLen = strlen(g_testCertChainValidatorSecondCaCert) + 1;
uint32_t thirdCertLen = strlen(g_testCertChainValidatorInvalidCaCert) + 1;
certsData.dataLen = CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN +
secondCaCertLen + CERT_HEADER_LEN + caCertLen;
certsData.data = (uint8_t *)malloc(certsData.dataLen);
@ -446,7 +343,7 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest002, TestSize.Level0)
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN,
thirdCertLen + CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN + caCertLen,
g_invalidCaCert, thirdCertLen) != EOK) {
g_testCertChainValidatorInvalidCaCert, thirdCertLen) != EOK) {
return;
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN + thirdCertLen,
@ -454,7 +351,7 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest002, TestSize.Level0)
goto OUT;
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN,
secondCaCertLen + CERT_HEADER_LEN + caCertLen, g_secondCaCert, secondCaCertLen) != EOK) {
secondCaCertLen + CERT_HEADER_LEN + caCertLen, g_testCertChainValidatorSecondCaCert, secondCaCertLen) != EOK) {
goto OUT;
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN + secondCaCertLen,
@ -462,7 +359,7 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest002, TestSize.Level0)
goto OUT;
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN + thirdCertLen + CERT_HEADER_LEN + secondCaCertLen + CERT_HEADER_LEN,
caCertLen, g_caCert, caCertLen) != EOK) {
caCertLen, g_testCertChainValidatorCaCert, caCertLen) != EOK) {
goto OUT;
}
@ -497,7 +394,7 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest004, TestSize.Level0)
HcfCertChainData certsData = { 0 };
certsData.format = CF_FORMAT_PEM;
certsData.count = 1; /* level-3 cert chain. */
uint32_t caCertLen = strlen(g_caCert) + 1;
uint32_t caCertLen = strlen(g_testCertChainValidatorCaCert) + 1;
certsData.dataLen = CERT_HEADER_LEN + caCertLen;
certsData.data = (uint8_t *)malloc(certsData.dataLen);
EXPECT_NE(certsData.data, nullptr);
@ -509,7 +406,7 @@ HWTEST_F(CryptoX509CertChainValidatorTest, VerifyTest004, TestSize.Level0)
goto OUT;
}
if (memcpy_s(certsData.data + CERT_HEADER_LEN,
caCertLen, g_caCert, caCertLen) != EOK) {
caCertLen, g_testCertChainValidatorCaCert, caCertLen) != EOK) {
goto OUT;
}

1
test/unittest/v1.0/src/crypto_x509_certificate_test.cpp
View File

@ -25,6 +25,7 @@
#include "certificate_openssl_common.h"
#include "x509_certificate_openssl.h"
#include "certificate_openssl_class.h"
using namespace std;
using namespace testing::ext;

1
test/unittest/v1.0/src/crypto_x509_test_common.cpp
View File

@ -27,6 +27,7 @@
#include "securec.h"
#include "x509_certificate.h"
#include "x509_certificate_openssl.h"
#include "certificate_openssl_class.h"
#define CONSTRUCT_CERTPOLICY_DATA_SIZE 1