修改证书用例偶现失败问题

Signed-off-by: hhhFun <fanghaojie@huawei.com>
2024-11-23 06:29:41 +00:00 · 2024-07-11 09:56:15 +08:00 · 2024-07-11 09:56:15 +08:00 · b72028703c
commit b72028703c
parent 8869ee39b7
3 changed files with 60 additions and 1 deletions
--- a/test/unittest/v1.0/include/crypto_x509_cert_chain_data_pem_ex.h
+++ b/test/unittest/v1.0/include/crypto_x509_cert_chain_data_pem_ex.h
@ -161,6 +161,35 @@ static const char g_testCertChainPemRoot163[] =
    "k4RHhHLWtmz2lTZ5CEo2ljDsGzCFGJP7oT4q6Q8oFC38irvdKIJ95cUxYzj4tnOI\r\n"
    "-----END CERTIFICATE-----\r\n";

+static const char g_testCertChainPemCrl163[] =
+    "-----BEGIN X509 CRL-----\r\n"
+    "MIIEjzCCA3cCAQEwDQYJKoZIhvcNAQELBQAwYTELMAkGA1UEBhMCVVMxFTATBgNV\r\n"
+    "BAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEgMB4G\r\n"
+    "A1UEAxMXRGlnaUNlcnQgR2xvYmFsIFJvb3QgRzIXDTI0MDcwOTE5NDYzMFoXDTI0\r\n"
+    "MDczMDE5NDYzMFowggKuMC8CEAuKW53VAaiHdTmbmgSIEaMXDTIzMTAwMzE5NDIz\r\n"
+    "N1owDDAKBgNVHRUEAwoBBTAvAhANI0dBkoMMjTB6+f3rezEnFw0xOTEwMzExNzMz\r\n"
+    "MDZaMAwwCgYDVR0VBAMKAQUwLwIQDamhD9I49FBVW2Q22Z85pBcNMTkxMTAxMTYx\r\n"
+    "MzM4WjAMMAoGA1UdFQQDCgEFMC8CEA595GzNOHRmKWDFhDfZTRcXDTE5MTEwMTE1\r\n"
+    "NDcyOFowDDAKBgNVHRUEAwoBBTAvAhACwYlIadRQKes4OBp1u2FnFw0yMDA3MzAw\r\n"
+    "NDAwMDBaMAwwCgYDVR0VBAMKAQQwLwIQCgZFWoVH8W4JmjaEZIlOZBcNMjAwNzMw\r\n"
+    "MDQwMDAwWjAMMAoGA1UdFQQDCgEEMC8CEAZnVIW62O2SCNs8smxQGhMXDTIwMDcz\r\n"
+    "MDA0MDAwMFowDDAKBgNVHRUEAwoBBDAvAhAK9ly+caYQVBKTbELCGJunFw0yMDA3\r\n"
+    "MzAwNDAwMDBaMAwwCgYDVR0VBAMKAQQwLwIQC8ITIH8cmqoINfKIkQubHBcNMjEx\r\n"
+    "MTE5MTAxNDUyWjAMMAoGA1UdFQQDCgEEMC8CEAOTh6gaLMaN8ouiE4XXOxsXDTIy\r\n"
+    "MDQyNjExNTA0MFowDDAKBgNVHRUEAwoBBDAvAhANde21v4FeNVp93OGHDnYPFw0y\r\n"
+    "MzA2MDYxNjU4MzlaMAwwCgYDVR0VBAMKAQQwLwIQD/c121neYxk/D6cHkJnJahcN\r\n"
+    "MjMwNjA2MTY1OTU4WjAMMAoGA1UdFQQDCgEEMC8CEAueXlnlQQX+L/Qt7hyfmTgX\r\n"
+    "DTIzMDYwNjE3MDA0M1owDDAKBgNVHRUEAwoBBDAvAhABMzgOpETlGdVX3FFu3LEg\r\n"
+    "Fw0yMzA2MDYxNzAxMjZaMAwwCgYDVR0VBAMKAQSgMDAuMB8GA1UdIwQYMBaAFE4i\r\n"
+    "VCAYlebjbuYP+vq5Eu0GF485MAsGA1UdFAQEAgICljANBgkqhkiG9w0BAQsFAAOC\r\n"
+    "AQEAg1alE5qNpK3HRyZAktCpMGNChEkMy58VvU6Z1APX40P1BeC1B0Gc7bwQTSug\r\n"
+    "yhUCdsuAW2Yb1NE7M7bMFgdjwRBj1TmIzqbbe5JjQT1CKseA6JR6mQBkihFJNqj3\r\n"
+    "J3PwmfT/+BoSnTL3mhpfWSKVDpW7T+JnC1wd8FY7J8ZDO11JIyGD3OpHXOXZ0z3+\r\n"
+    "ep+kh/StkB5qH+FBLe1DZehMQ/eDHCkjZvlJNA7TZ7yYmsqfWmmrVebgMx15lHkR\r\n"
+    "WHnoCTVvikOAU4oG6faojhIf2UDv5oGDyOWstmxkNm6IkUTAhuCVW48Lt5kSiDYn\r\n"
+    "U6nJvKRXMHp9hoTYetaaH2pMzw==\r\n"
+    "-----END X509 CRL-----\r\n";
+
 const uint8_t g_testChainKeystore[] = { 0x30, 0x82, 0x0D, 0xF1, 0x02, 0x01, 0x03, 0x30, 0x82, 0x0D, 0xB7, 0x06, 0x09,
    0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01, 0xA0, 0x82, 0x0D, 0xA8, 0x04, 0x82, 0x0D, 0xA4, 0x30, 0x82,
    0x0D, 0xA0, 0x30, 0x82, 0x08, 0x57, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06, 0xA0, 0x82,
--- a/test/unittest/v1.0/src/cf_mock.cpp
+++ b/test/unittest/v1.0/src/cf_mock.cpp
@ -847,7 +847,7 @@ OCSP_REQUEST *__wrap_OCSP_REQUEST_new(void)

 X509_CRL *__wrap_X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout)
 {
-    if (g_mockTagX509Openssl) {
+    if (g_mockTagX509Openssl || g_mockTagX509HcfCert) {
        CF_LOG_I("X509OpensslMock X509_CRL_load_http");
        return X509OpensslMock::GetInstance().X509_CRL_load_http(url, bio, rbio, timeout);
    } else {
--- a/test/unittest/v1.0/src/crypto_x509_cert_chain_test_part2.cpp
+++ b/test/unittest/v1.0/src/crypto_x509_cert_chain_test_part2.cpp
@ -15,6 +15,8 @@

 #include <gtest/gtest.h>

+#include <openssl/pem.h>
+
 #include "cert_crl_common.h"
 #include "cf_blob.h"
 #include "cf_log.h"
@ -69,6 +71,10 @@ public:
 static HcfX509CertChainSpi *g_certChainPemSpi = nullptr;
 static HcfX509CertChainSpi *g_certChainPemSpi163 = nullptr;

+static CfBlob g_blobCertChainPemCrl163 = {
+    .data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_testCertChainPemCrl163)),
+    .size = strlen(g_testCertChainPemCrl163) };
+
 static CfBlob g_blobDownloadURI = { .data = reinterpret_cast<uint8_t *>(const_cast<char *>(g_crlDownloadURI)),
    .size = strlen(g_crlDownloadURI) + 1 };

@ -392,6 +398,22 @@ HWTEST_F(CryptoX509CertChainTestPart2, ValidateOpensslRevocationLocalTest001, Te
    FreeHcfRevocationCheckParam(params.revocationCheckParam);
 }

+static X509_CRL *GetX509CRL(void)
+{
+    BIO *bio = BIO_new_mem_buf(g_blobCertChainPemCrl163.data, g_blobCertChainPemCrl163.size);
+    if (bio == nullptr) {
+        CF_LOG_E("bio get null!");
+        return nullptr;
+    }
+    X509_CRL *crlOut = PEM_read_bio_X509_CRL(bio, nullptr, nullptr, nullptr);
+    BIO_free_all(bio);
+    if (crlOut == nullptr) {
+        CF_LOG_E("Get X509 CRL fail!");
+        return nullptr;
+    }
+    return crlOut;
+}
+
 HWTEST_F(CryptoX509CertChainTestPart2, ValidateOpensslRevocationOnLineTest001, TestSize.Level0)
 {
    CF_LOG_I("ValidateOpensslRevocationOnLineTest001");
@ -408,12 +430,20 @@ HWTEST_F(CryptoX509CertChainTestPart2, ValidateOpensslRevocationOnLineTest001, T
        ConstructHcfRevocationCheckParam(data, sizeof(data) / sizeof(data[0]), &g_blobDownloadURI, &g_blobDownloadURI);
    ASSERT_NE(params.revocationCheckParam, nullptr);

+    X509_CRL *certChainPemCrl163 = GetX509CRL();
+    ASSERT_NE(certChainPemCrl163, nullptr);
+
    HcfX509CertChainValidateResult result = { 0 };
    CfResult ret;

+    X509OpensslMock::SetHcfMockFlag(true);
+    EXPECT_CALL(X509OpensslMock::GetInstance(), X509_CRL_load_http(_, _, _, _))
+        .WillOnce(Return(certChainPemCrl163))
+        .WillRepeatedly(Invoke(__real_X509_CRL_load_http));
    // test ValidateOcspLocal failed case
    ret = g_certChainPemSpi163->engineValidate(g_certChainPemSpi163, &params, &result);
    EXPECT_EQ(ret, CF_SUCCESS);
+    X509OpensslMock::SetHcfMockFlag(false);
    FreeValidateResult(result);

    FreeTrustAnchorArr(trustAnchorArray);