diff --git a/frameworks/huks_standard/main/common/include/huks_service_ipc_interface_code.h b/frameworks/huks_standard/main/common/include/huks_service_ipc_interface_code.h index 00b3ffee..9f377f6e 100644 --- a/frameworks/huks_standard/main/common/include/huks_service_ipc_interface_code.h +++ b/frameworks/huks_standard/main/common/include/huks_service_ipc_interface_code.h @@ -45,7 +45,7 @@ enum HksIpcInterfaceCode { HKS_MSG_CHIPSET_PLATFORM_DECRYPT, HKS_MSG_ATTEST_KEY_ASYNC_REPLY, HKS_MSG_LIST_ALIASES, - HKS_MSG_RENAME_KEY_ALIASES, + HKS_MSG_RENAME_KEY_ALIAS, /* new cmd type must be added before HKS_MSG_MAX */ HKS_MSG_MAX, }; diff --git a/frameworks/huks_standard/main/common/src/hks_param.c b/frameworks/huks_standard/main/common/src/hks_param.c index 0e0e2ddf..5f2ca15b 100644 --- a/frameworks/huks_standard/main/common/src/hks_param.c +++ b/frameworks/huks_standard/main/common/src/hks_param.c @@ -126,6 +126,7 @@ static uint32_t g_validTags[] = { HKS_TAG_IF_NEED_APPEND_AUTH_INFO, HKS_TAG_VERIFIED_AUTH_TOKEN, HKS_TAG_IS_APPEND_UPDATE_DATA, + HKS_TAG_IS_COPY_NEW_KEY, HKS_TAG_PROCESS_NAME, HKS_TAG_PACKAGE_NAME, diff --git a/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c b/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c index 75c459bf..7b67aaa0 100644 --- a/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c +++ b/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c @@ -926,9 +926,7 @@ int32_t HksClientRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struct } ret = HksRenameKeyAliasPack(oldKeyAlias, newKeyAlias, newParamSet, &inBlob); HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksRenameKeyAliasPack failed!") - - ret = HksSendRequest(HKS_MSG_RENAME_KEY_ALIASES, &inBlob, NULL, newParamSet); - + ret = HksSendRequest(HKS_MSG_RENAME_KEY_ALIAS, &inBlob, NULL, newParamSet); } while (0); HksFreeParamSet(&newParamSet); HKS_FREE_BLOB(inBlob); diff --git a/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c b/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c index c1ac812b..f0cbc8f5 100644 --- a/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c +++ b/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c @@ -460,4 +460,13 @@ int32_t HksClientListAliases(const struct HksParamSet *paramSet, struct HksKeyAl 0 }; return HksServiceListAliases(&processInfo, paramSet, outData); +} + +int32_t HksClientRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struct HksParamSet *paramSet, + const struct HksBlob *newKeyAlias) +{ + (void)oldKeyAlias; + (void)paramSet; + (void)newKeyAlias; + return HKS_ERROR_NOT_SUPPORTED; } \ No newline at end of file diff --git a/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_check.c b/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_check.c index a0ffa7e6..60bd1e94 100644 --- a/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_check.c +++ b/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_check.c @@ -275,9 +275,8 @@ int32_t HksCheckIpcRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struc int32_t ret = HksCheckBlob2AndParamSet(oldKeyAlias, newKeyAlias, paramSet); HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check keyAlias or paramSet failed") - if (((sizeof(oldKeyAlias->size) + ALIGN_SIZE(oldKeyAlias->size) + - sizeof(newKeyAlias->size) + ALIGN_SIZE(newKeyAlias->size) + - ALIGN_SIZE(paramSet->paramSetSize)) > MAX_PROCESS_SIZE)) { + if ((MAX_PROCESS_SIZE - sizeof(oldKeyAlias->size) - ALIGN_SIZE(oldKeyAlias->size) - + sizeof(newKeyAlias->size) - ALIGN_SIZE(newKeyAlias->size) < ALIGN_SIZE(paramSet->paramSetSize))) { HKS_LOG_E("ipc rename key alias check size failed"); return HKS_ERROR_INVALID_ARGUMENT; } diff --git a/interfaces/inner_api/huks_standard/main/libhukssdk.map b/interfaces/inner_api/huks_standard/main/libhukssdk.map index 77bb47e2..2c1d8b10 100644 --- a/interfaces/inner_api/huks_standard/main/libhukssdk.map +++ b/interfaces/inner_api/huks_standard/main/libhukssdk.map @@ -63,5 +63,6 @@ HksConvertErrCode; HksMalloc; HksFreeKeyAliasSet; + HksRenameKeyAlias; local: *; }; \ No newline at end of file diff --git a/services/huks_standard/huks_service/main/core/src/hks_client_check.c b/services/huks_standard/huks_service/main/core/src/hks_client_check.c index 295977d6..84a92a5a 100644 --- a/services/huks_standard/huks_service/main/core/src/hks_client_check.c +++ b/services/huks_standard/huks_service/main/core/src/hks_client_check.c @@ -339,8 +339,8 @@ int32_t HksCheckOldKeyExist(const struct HksProcessInfo *processInfo, const stru HKS_IF_NOT_SUCC_RETURN(ret, ret); ret = HksManageStoreIsKeyBlobExist(processInfo, paramSet, oldKeyAlias, HKS_STORAGE_TYPE_KEY); - if (ret != HKS_SUCCESS) { - HKS_LOG_E("oldKey not exist !"); + if (ret == HKS_ERROR_NOT_EXIST) { + HKS_LOG_E("the oldKey not exist!"); } return ret; } @@ -353,10 +353,11 @@ int32_t HksCheckNewKeyNotExist(const struct HksProcessInfo *processInfo, const s ret = HksManageStoreIsKeyBlobExist(processInfo, paramSet, newKeyAlias, HKS_STORAGE_TYPE_KEY); if (ret == HKS_SUCCESS) { - HKS_LOG_E("newKey is exist!"); + HKS_LOG_E("the newKey is already exist!"); return HKS_ERROR_ALREADY_EXISTS; } if (ret == HKS_ERROR_NOT_EXIST) { + HKS_LOG_I("the newKey is not exist!"); return HKS_SUCCESS; } return ret; diff --git a/services/huks_standard/huks_service/main/core/src/hks_client_service.c b/services/huks_standard/huks_service/main/core/src/hks_client_service.c index 684f42cb..9b173774 100644 --- a/services/huks_standard/huks_service/main/core/src/hks_client_service.c +++ b/services/huks_standard/huks_service/main/core/src/hks_client_service.c @@ -2084,18 +2084,18 @@ int32_t HksServiceRenameKeyAlias(const struct HksProcessInfo *processInfo, const ret = HKsCheckOldKeyAliasDiffNewKeyAlias(oldKeyAlias, newKeyAlias); if (ret != HKS_SUCCESS) { HKS_LOG_E("the new key alias same as old key alias !, ret = %" LOG_PUBLIC "d", ret); - return HKS_ERROR_BAD_STATE; + return HKS_ERROR_INVALID_ARGUMENT; } ret = HksCheckOldKeyExist(processInfo, oldKeyAlias, paramSet); if (ret != HKS_SUCCESS) { - HKS_LOG_E("the old key is not exist !, ret = %" LOG_PUBLIC "d", ret); + HKS_LOG_E("HksCheckOldKeyExist failed!, ret = %" LOG_PUBLIC "d", ret); return ret; } ret = HksCheckNewKeyNotExist(processInfo, newKeyAlias, paramSet); if (ret != HKS_SUCCESS) { - HKS_LOG_E("the new key is already exist !, ret = %" LOG_PUBLIC "d", ret); + HKS_LOG_E("HksCheckNewKeyNotExist failed!, ret = %" LOG_PUBLIC "d", ret); return ret; } diff --git a/services/huks_standard/huks_service/main/hks_storage/include/hks_storage.h b/services/huks_standard/huks_service/main/hks_storage/include/hks_storage.h index 836d4efe..c48e6899 100644 --- a/services/huks_standard/huks_service/main/hks_storage/include/hks_storage.h +++ b/services/huks_standard/huks_service/main/hks_storage/include/hks_storage.h @@ -71,7 +71,10 @@ void HksServiceDeleteUIDKeyAliasFile(const struct HksProcessInfo *processInfo); int32_t HksListAliasesByProcessName(const struct HksStoreFileInfo *fileInfo, struct HksKeyAliasSet **outData); -int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo, +int32_t HksStorageCopyKeyBlobFile(const char *srcPath, const char *srcFileName, + const char *destPath, const char *destFileName); + +int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo, const struct HksStoreFileInfo *newFileInfo, bool isCopy); #ifdef HKS_ENABLE_SMALL_TO_SERVICE diff --git a/services/huks_standard/huks_service/main/hks_storage/src/hks_storage.c b/services/huks_standard/huks_service/main/hks_storage/src/hks_storage.c index 5a4f5185..b6362d3f 100644 --- a/services/huks_standard/huks_service/main/hks_storage/src/hks_storage.c +++ b/services/huks_standard/huks_service/main/hks_storage/src/hks_storage.c @@ -148,7 +148,6 @@ static int32_t HksStorageRemoveFile(const char *path, const char *fileName) return ret; } -#ifdef SUPPORT_STORAGE_BACKUP static int32_t CopyKeyBlobFromSrc(const char *srcPath, const char *srcFileName, const char *destPath, const char *destFileName) { @@ -185,7 +184,6 @@ static int32_t CopyKeyBlobFromSrc(const char *srcPath, const char *srcFileName, HKS_FREE(buffer); return ret; } -#endif static int32_t GetKeyBlobFromFile(const char *path, const char *fileName, struct HksBlob *keyBlob) { @@ -868,7 +866,9 @@ int32_t HksListAliasesByProcessName(const struct HksStoreFileInfo *fileInfo, str return ret; } -int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo, +#endif + +int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo, const struct HksStoreFileInfo *newFileInfo, bool isCopy) { int32_t ret; @@ -876,9 +876,11 @@ int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo, ret = CopyKeyBlobFromSrc(oldFileInfo->mainPath.path, oldFileInfo->mainPath.fileName, newFileInfo->mainPath.path, newFileInfo->mainPath.fileName); HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks copy old key blob failed, ret = %" LOG_PUBLIC "d.", ret) +#ifdef SUPPORT_STORAGE_BACKUP ret = CopyKeyBlobFromSrc(oldFileInfo->bakPath.path, oldFileInfo->bakPath.fileName, newFileInfo->bakPath.path, newFileInfo->bakPath.fileName); HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks copy old key blob failed, ret = %" LOG_PUBLIC "d.", ret) +#endif if (!isCopy) { ret = HksStoreDeleteKeyBlob(oldFileInfo); HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks delete key blob failed, ret = %" LOG_PUBLIC "d.", ret) @@ -887,5 +889,4 @@ int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo, return ret; } -#endif -#endif /* _CUT_AUTHENTICATE_ */ +#endif /* _CUT_AUTHENTICATE_ */ \ No newline at end of file diff --git a/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c b/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c index 627cb35f..3692bd3e 100644 --- a/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c +++ b/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c @@ -582,15 +582,19 @@ int32_t HksManageStoreRenameKeyAlias(const struct HksProcessInfo *processInfo, HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "check paramset invalid failed!"); struct HksParam *isNeedCopy = NULL; - int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_COPY_NEW_KEY, &isNeedCopy); - if (ret == HKS_ERROR_PARAM_NOT_EXIST || isNeedCopy->boolParam == false) { - ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, false); + ret = HksGetParam(paramSet, HKS_TAG_IS_COPY_NEW_KEY, &isNeedCopy); + if (ret == HKS_SUCCESS && isNeedCopy->boolParam == true) { + ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, true); HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret); } else { - ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, true); + ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, false); HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret); } } while (0); + FileInfoFree(&oldKeyFileInfo); + FileInfoFree(&newKeyFileInfo); + FreeStorageMaterial(&oldKeyMaterial); + FreeStorageMaterial(&newKeyMaterial); return ret; } diff --git a/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_ipc_service.c b/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_ipc_service.c index 50048309..67e02daf 100644 --- a/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_ipc_service.c +++ b/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_ipc_service.c @@ -1003,9 +1003,6 @@ void HksIpcServiceRenameKeyAlias(const struct HksBlob *srcData, const uint8_t *c HksSendResponse(context, ret, NULL); - HksFreeParamSet(¶mSet); HKS_FREE_BLOB(processInfo.processName); HKS_FREE_BLOB(processInfo.userId); - HKS_FREE_BLOB(oldKeyAlias); - HKS_FREE_BLOB(newKeyAlias); } \ No newline at end of file diff --git a/services/huks_standard/huks_service/main/os_dependency/sa/hks_message_handler.h b/services/huks_standard/huks_service/main/os_dependency/sa/hks_message_handler.h index 8cf11914..523624b4 100644 --- a/services/huks_standard/huks_service/main/os_dependency/sa/hks_message_handler.h +++ b/services/huks_standard/huks_service/main/os_dependency/sa/hks_message_handler.h @@ -46,7 +46,7 @@ const struct HksIpcEntryPoint HKS_IPC_MESSAGE_HANDLER[] = { { HKS_MSG_MAC, HksIpcServiceMac }, { HKS_MSG_GET_KEY_INFO_LIST, HksIpcServiceGetKeyInfoList }, { HKS_MSG_LIST_ALIASES, HksIpcServiceListAliases }, - { HKS_MSG_RENAME_KEY_ALIASES, HksIpcServiceRenameKeyAlias }, + { HKS_MSG_RENAME_KEY_ALIAS, HksIpcServiceRenameKeyAlias }, }; typedef void (*HksIpcThreeStageHandlerFuncProc)(const struct HksBlob *msg, struct HksBlob *outData, diff --git a/test/unittest/huks_standard_test/three_stage_test/BUILD.gn b/test/unittest/huks_standard_test/three_stage_test/BUILD.gn index 70305b03..5715c9eb 100644 --- a/test/unittest/huks_standard_test/three_stage_test/BUILD.gn +++ b/test/unittest/huks_standard_test/three_stage_test/BUILD.gn @@ -67,6 +67,8 @@ ohos_unittest("huks_UT_test") { "src/hks_pbkdf2_derive_part1_test.cpp", "src/hks_pbkdf2_derive_part2_test.cpp", "src/hks_pbkdf2_derive_test_common.cpp", + + # "src/hks_rename_test.cpp", "src/hks_three_stage_test_common.c", "src/hks_x25519_agree_test.cpp", "src/symmetric_alg_test/hks_aes_cipher_ccm_test.cpp", diff --git a/test/unittest/huks_standard_test/three_stage_test/include/hks_rename_test.h b/test/unittest/huks_standard_test/three_stage_test/include/hks_rename_test.h new file mode 100644 index 00000000..d62fe281 --- /dev/null +++ b/test/unittest/huks_standard_test/three_stage_test/include/hks_rename_test.h @@ -0,0 +1,33 @@ +/* + * Copyright (C) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef HUKS_OTHERS_TEST_H +#define HUKS_OTHERS_TEST_H + +int HksRenameKeyAliasTest001(void); + +int HksRenameKeyAliasTest002(void); + +int HksRenameKeyAliasTest003(void); + +int HksRenameKeyAliasTest004(void); + +int HksRenameKeyAliasTest005(void); + +int HksRenameKeyAliasTest006(void); + +int HksRenameKeyAliasTest007(void); + +#endif \ No newline at end of file diff --git a/test/unittest/huks_standard_test/three_stage_test/src/hks_rename_test.cpp b/test/unittest/huks_standard_test/three_stage_test/src/hks_rename_test.cpp new file mode 100644 index 00000000..c0b6684e --- /dev/null +++ b/test/unittest/huks_standard_test/three_stage_test/src/hks_rename_test.cpp @@ -0,0 +1,478 @@ +/* + * Copyright (C) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "hks_rename_test.h" +#include "hks_api.h" +#include "hks_param.h" +#include "hks_test_common.h" +#include "hks_test_log.h" +#include "hks_type.h" +#include "hks_log.h" +#include "hks_mem.h" +#include "nativetoken_kit.h" +#include "token_setproc.h" +#include "hks_file_operator.h" +using namespace testing::ext; +namespace { +class HksRenameKeyAliasTest : public testing::Test { +public: + static void SetUpTestCase(void); + + static void TearDownTestCase(void); + + void SetUp(); + + void TearDown(); +}; + +void HksRenameKeyAliasTest::SetUpTestCase(void) +{ +} + +void HksRenameKeyAliasTest::TearDownTestCase(void) +{ +} + +void HksRenameKeyAliasTest::SetUp() +{ +} + +void HksRenameKeyAliasTest::TearDown() +{ +} + +static const uint32_t USER_ID_INT = 0; + +static int32_t TestGenerateKey(const struct HksBlob *keyAlias) +{ + struct HksParam tmpParams[] = { + { .tag = HKS_TAG_BLOCK_MODE, .uint32Param = HKS_MODE_ECB }, + { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_RSA }, + { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 }, + { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 }, + { .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_PSS }, + { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_VERIFY }, + { .tag = HKS_TAG_KEY_STORAGE_FLAG, .uint32Param = HKS_STORAGE_PERSISTENT }, + { .tag = HKS_TAG_KEY_GENERATE_TYPE, .uint32Param = HKS_KEY_GENERATE_TYPE_DEFAULT }, + { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE }, + }; + struct HksParamSet *paramSet = nullptr; + int32_t ret = HksInitParamSet(¶mSet); + if (ret != HKS_SUCCESS) { + HKS_LOG_E("hks_core_service_test HksInitParamSet failed"); + return ret; + } + + ret = HksAddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0])); + if (ret != HKS_SUCCESS) { + HKS_LOG_E("hks_core_service_test HksAddParams failed"); + HksFreeParamSet(¶mSet); + return ret; + } + + ret = HksBuildParamSet(¶mSet); + if (ret != HKS_SUCCESS) { + HKS_LOG_E("hks_core_service_test HksBuildParamSet failed"); + HksFreeParamSet(¶mSet); + return ret; + } + + ret = HksGenerateKey(keyAlias, paramSet, nullptr); + if (ret != HKS_SUCCESS) { + HKS_LOG_E("hks_core_service_test HksGenerateKey failed"); + } + HksFreeParamSet(¶mSet); + return ret; +} + +static int32_t BuildParamSetWithParam(struct HksParamSet **paramSet, struct HksParam *param, uint32_t paramCnt) +{ + int32_t ret = HksInitParamSet(paramSet); + if (ret != HKS_SUCCESS) { + HKS_LOG_E("BuildParamSetWithParam HksInitParamSet failed"); + return ret; + } + if (param != nullptr) { + ret = HksAddParams(*paramSet, param, paramCnt); + if (ret != HKS_SUCCESS) { + HKS_LOG_E("BuildParamSetWithParam HksAddParams failed"); + return ret; + } + } + return HksBuildParamSet(paramSet); +} + +#ifdef HKS_INTERACT_ABILITY +static int32_t SetIdsToken() +{ + uint64_t tokenId; + const char *acls[] = { + "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS", + }; + const char *perms[] = { + "ohos.permission.PLACE_CALL", // system_basic + "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS", + }; + NativeTokenInfoParams infoInstance = { + .dcapsNum = 0, + .permsNum = 2, + .dcaps = nullptr, + .perms = perms, + .aplStr = "system_basic", + }; + infoInstance.acls = acls; + infoInstance.aclsNum = 1; + infoInstance.processName = "test_movece"; + tokenId = GetAccessTokenId(&infoInstance); + int32_t ret = SetSelfTokenID(tokenId); + if (ret != HKS_SUCCESS) { + HKS_LOG_I("SetSelfTokenID fail, ret is %" LOG_PUBLIC "x!", ret); + } + return ret; +} +#endif + +/** + * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest001 + * @tc.desc: Rename the key and keep the old one; + * @tc.type: FUNC + */ +HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest001, TestSize.Level0) +{ +#ifdef HKS_INTERACT_ABILITY + SetIdsToken(); +#endif + const char *alias = "oldAlias001"; + struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias }; + + int32_t ret = TestGenerateKey(&keyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey ret is " << ret; + + struct HksParamSet *paramSet = nullptr; + struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE }; + ret = BuildParamSetWithParam(¶mSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam)); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;; + + struct HksParamSet *renameParamSet = NULL; + struct HksParam paramArr[] = { + {.tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE}, + {.tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT}, + {.tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true}, + }; + ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0])); + EXPECT_EQ(ret, HKS_SUCCESS); + const char *alias2 = "newKeyAlias001"; + struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 }; + ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "HksRenameKeyAlias ret is " << ret; + + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "old key is not exit, ret is " << ret; + + ret = HksKeyExist(&newKeyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "new key is not exit, ret is " << ret; + + ret = HksDeleteKey(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksDeleteKey(&newKeyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + HksFreeParamSet(¶mSet); + HksFreeParamSet(&renameParamSet); +} + +/** + * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest002 + * @tc.desc: Rename the key and remove the old one; + * @tc.type: FUNC + */ +HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest002, TestSize.Level0) +{ +#ifdef HKS_INTERACT_ABILITY + SetIdsToken(); +#endif + const char *alias = "oldAlias002"; + struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias }; + + int32_t ret = TestGenerateKey(&keyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey ret is " << ret; + + struct HksParamSet *paramSet = nullptr; + struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE }; + ret = BuildParamSetWithParam(¶mSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam)); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;; + + struct HksParamSet *renameParamSet = NULL; + struct HksParam paramArr[] = { + {.tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE}, + {.tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT}, + }; + ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0])); + EXPECT_EQ(ret, HKS_SUCCESS); + const char *alias2 = "newKeyAlias002"; + struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 }; + ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "HksRenameKeyAlias ret is " << ret; + + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_ERROR_NOT_EXIST) << "old key exit, delet failed, ret is " << ret; + + ret = HksKeyExist(&newKeyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "new key is not exit, ret is " << ret; + + ret = HksDeleteKey(&newKeyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + HksFreeParamSet(¶mSet); + HksFreeParamSet(&renameParamSet); +} + +static const char *STORE_PATH = "/data/service/el1/public/huks_service/maindata/0/0/key/"; +/** + * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest003 + * @tc.desc: If the main key is lost, the renaming is still successful; + * @tc.type: FUNC + */ +HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest003, TestSize.Level0) +{ +#ifdef HKS_INTERACT_ABILITY + SetIdsToken(); +#endif + const char *alias = "oldAlias003"; + struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias }; + + int32_t ret = TestGenerateKey(&keyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey ret is " << ret; + + struct HksParamSet *paramSet = nullptr; + struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE }; + ret = BuildParamSetWithParam(¶mSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam)); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret; + + ret = HksFileRemove(STORE_PATH, alias); + ASSERT_EQ(ret, HKS_SUCCESS); + + struct HksParamSet *renameParamSet = NULL; + struct HksParam paramArr[] = { + {.tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE}, + {.tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT}, + {.tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true}, + }; + ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0])); + EXPECT_EQ(ret, HKS_SUCCESS); + const char *alias2 = "newKeyAlias003"; + struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 }; + ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "HksRenameKeyAlias ret is " << ret; + + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "old key exit, delet failed, ret is " << ret; + ret = HksKeyExist(&newKeyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "new key is not exit, ret is " << ret; + ret = HksDeleteKey(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksDeleteKey(&newKeyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + HksFreeParamSet(¶mSet); + HksFreeParamSet(&renameParamSet); +} + +/** + * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest004 + * @tc.desc: The old key is lost, the renaming is failed; + * @tc.type: FUNC + */ +HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest004, TestSize.Level2) +{ +#ifdef HKS_INTERACT_ABILITY + SetIdsToken(); +#endif + const char *alias = "oldAlias004"; + struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias }; + + int32_t ret = TestGenerateKey(&keyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey ret is " << ret; + + struct HksParamSet *paramSet = nullptr; + struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE }; + ret = BuildParamSetWithParam(¶mSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam)); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret; + + ret = HksDeleteKey(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks delete MainFile key failed, ret is " << ret; + + struct HksParamSet *renameParamSet = NULL; + struct HksParam paramArr[] = { + {.tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE}, + {.tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT}, + {.tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true}, + }; + ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0])); + EXPECT_EQ(ret, HKS_SUCCESS); + const char *alias2 = "newKeyAlias004"; + struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 }; + ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias); + EXPECT_EQ(ret, HKS_ERROR_NOT_EXIST) << "HksRenameKeyAlias ret is " << ret; + + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_ERROR_NOT_EXIST) << "old key exit, delet failed, ret is " << ret; + + ret = HksKeyExist(&newKeyAlias, paramSet); + EXPECT_EQ(ret, HKS_ERROR_NOT_EXIST) << "new key is not exit, ret is " << ret; + + HksFreeParamSet(¶mSet); + HksFreeParamSet(&renameParamSet); +} + +/** + * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest005 + * @tc.desc: A new key with the same name exists, the renaming is faild; + * @tc.type: FUNC + */ +HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest005, TestSize.Level1) +{ +#ifdef HKS_INTERACT_ABILITY + SetIdsToken(); +#endif + const char *alias = "oldAlias005"; + const char *alias2 = "newKeyAlias005"; + struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias }; + struct HksBlob keyAlias2 = { strlen(alias2), (uint8_t *)alias2 }; + + int32_t ret = TestGenerateKey(&keyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey keyAlias ret is " << ret; + ret = TestGenerateKey(&keyAlias2); + EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey keyAlias2 ret is " << ret; + + struct HksParamSet *paramSet = nullptr; + struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE }; + ret = BuildParamSetWithParam(¶mSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam)); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret; + ret = HksKeyExist(&keyAlias2, paramSet);; + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret; + struct HksParamSet *renameParamSet = NULL; + struct HksParam paramArr[] = { + { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE}, + { .tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT}, + { .tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true}, + }; + ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0])); + EXPECT_EQ(ret, HKS_SUCCESS); + struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 }; + ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias); + EXPECT_EQ(ret, HKS_ERROR_ALREADY_EXISTS) << "HksRenameKeyAlias ret is " << ret; + + ret = HksDeleteKey(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksDeleteKey(&keyAlias2, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + HksFreeParamSet(¶mSet); + HksFreeParamSet(&renameParamSet); +} + +/** + * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest006 + * @tc.desc: The renameParamSet has incorrect parameters, the renaming is faild; + * @tc.type: FUNC + */ +HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest006, TestSize.Level0) +{ +#ifdef HKS_INTERACT_ABILITY + SetIdsToken(); +#endif + const char *alias = "oldAlias006"; + struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias }; + + int32_t ret = TestGenerateKey(&keyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey keyAlias ret is " << ret; + + struct HksParamSet *paramSet = nullptr; + struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE }; + ret = BuildParamSetWithParam(¶mSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam)); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret; + struct HksParamSet *renameParamSet = NULL; + struct HksParam paramArr[] = { + { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_RSA }, + { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 }, + { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 }, + { .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_PSS }, + { .tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true}, + }; + ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0])); + EXPECT_EQ(ret, HKS_SUCCESS); + const char *alias2 = "newKeyAlias006"; + struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 }; + ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias); + EXPECT_EQ(ret, HKS_ERROR_PARAM_NOT_EXIST) << "HksRenameKeyAlias ret is " << ret; + + ret = HksDeleteKey(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + HksFreeParamSet(¶mSet); + HksFreeParamSet(&renameParamSet); +} + +/** + * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest007 + * @tc.desc: The old and new name of the key are the same, the renaming is faild; + * @tc.type: FUNC + */ +HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest007, TestSize.Level0) +{ +#ifdef HKS_INTERACT_ABILITY + SetIdsToken(); +#endif + const char *alias = "oldAlias007"; + struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias }; + + int32_t ret = TestGenerateKey(&keyAlias); + EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey keyAlias ret is " << ret; + + struct HksParamSet *paramSet = nullptr; + struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE }; + ret = BuildParamSetWithParam(¶mSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam)); + EXPECT_EQ(ret, HKS_SUCCESS); + ret = HksKeyExist(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret; + struct HksParamSet *renameParamSet = NULL; + struct HksParam paramArr[] = { + { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE}, + { .tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT}, + { .tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true}, + }; + ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0])); + EXPECT_EQ(ret, HKS_SUCCESS); + const char *alias2 = "oldAlias007"; + struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 }; + ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias); + EXPECT_EQ(ret, HKS_ERROR_INVALID_ARGUMENT) << "HksRenameKeyAlias ret is " << ret; + + ret = HksDeleteKey(&keyAlias, paramSet); + EXPECT_EQ(ret, HKS_SUCCESS); + HksFreeParamSet(¶mSet); + HksFreeParamSet(&renameParamSet); +} +} \ No newline at end of file