Add HksRenameKeyAlias API TDD tests

Signed-off-by: l00889714 <linzhaosheng@huawei.com>

frameworks/huks_standard/main/common/include/huks_service_ipc_interface_code.h

@@ -45,7 +45,7 @@ enum HksIpcInterfaceCode {
     HKS_MSG_CHIPSET_PLATFORM_DECRYPT,
     HKS_MSG_ATTEST_KEY_ASYNC_REPLY,
     HKS_MSG_LIST_ALIASES,
-    HKS_MSG_RENAME_KEY_ALIASES,
+    HKS_MSG_RENAME_KEY_ALIAS,
     /* new cmd type must be added before HKS_MSG_MAX */
     HKS_MSG_MAX,
 };

frameworks/huks_standard/main/common/src/hks_param.c

@@ -126,6 +126,7 @@ static uint32_t g_validTags[] = {
     HKS_TAG_IF_NEED_APPEND_AUTH_INFO,
     HKS_TAG_VERIFIED_AUTH_TOKEN,
     HKS_TAG_IS_APPEND_UPDATE_DATA,
+    HKS_TAG_IS_COPY_NEW_KEY,
 
     HKS_TAG_PROCESS_NAME,
     HKS_TAG_PACKAGE_NAME,

frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c

@@ -926,9 +926,7 @@ int32_t HksClientRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struct
         }
         ret = HksRenameKeyAliasPack(oldKeyAlias, newKeyAlias, newParamSet, &inBlob);
         HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksRenameKeyAliasPack failed!")
-
+        ret = HksSendRequest(HKS_MSG_RENAME_KEY_ALIAS, &inBlob, NULL, newParamSet);
-        ret = HksSendRequest(HKS_MSG_RENAME_KEY_ALIASES, &inBlob, NULL, newParamSet);
-
     } while (0);
     HksFreeParamSet(&newParamSet);
     HKS_FREE_BLOB(inBlob);

frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c

@@ -460,4 +460,13 @@ int32_t HksClientListAliases(const struct HksParamSet *paramSet, struct HksKeyAl
         0
     };
     return HksServiceListAliases(&processInfo, paramSet, outData);
+}
+
+int32_t HksClientRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struct HksParamSet *paramSet,
+    const struct HksBlob *newKeyAlias)
+{
+    (void)oldKeyAlias;
+    (void)paramSet;
+    (void)newKeyAlias;
+    return HKS_ERROR_NOT_SUPPORTED;
 }

frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_check.c

@@ -275,9 +275,8 @@ int32_t HksCheckIpcRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struc
     int32_t ret = HksCheckBlob2AndParamSet(oldKeyAlias, newKeyAlias, paramSet);
     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check keyAlias or paramSet failed")
 
-    if (((sizeof(oldKeyAlias->size) + ALIGN_SIZE(oldKeyAlias->size) +
+    if ((MAX_PROCESS_SIZE - sizeof(oldKeyAlias->size) - ALIGN_SIZE(oldKeyAlias->size) -
-        sizeof(newKeyAlias->size) + ALIGN_SIZE(newKeyAlias->size) +
+        sizeof(newKeyAlias->size) - ALIGN_SIZE(newKeyAlias->size) < ALIGN_SIZE(paramSet->paramSetSize))) {
-        ALIGN_SIZE(paramSet->paramSetSize)) > MAX_PROCESS_SIZE)) {
         HKS_LOG_E("ipc rename key alias check size failed");
         return HKS_ERROR_INVALID_ARGUMENT;
     }

interfaces/inner_api/huks_standard/main/libhukssdk.map

@@ -63,5 +63,6 @@
     HksConvertErrCode;
     HksMalloc;
     HksFreeKeyAliasSet;
+    HksRenameKeyAlias;
   local: *;
 };

services/huks_standard/huks_service/main/core/src/hks_client_check.c

@@ -339,8 +339,8 @@ int32_t HksCheckOldKeyExist(const struct HksProcessInfo *processInfo, const stru
     HKS_IF_NOT_SUCC_RETURN(ret, ret);
 
     ret = HksManageStoreIsKeyBlobExist(processInfo, paramSet, oldKeyAlias, HKS_STORAGE_TYPE_KEY);
-    if (ret != HKS_SUCCESS) {
+    if (ret == HKS_ERROR_NOT_EXIST) {
-        HKS_LOG_E("oldKey not exist !");
+        HKS_LOG_E("the oldKey not exist!");
     }
     return ret;
 }
@@ -353,10 +353,11 @@ int32_t HksCheckNewKeyNotExist(const struct HksProcessInfo *processInfo, const s
 
     ret = HksManageStoreIsKeyBlobExist(processInfo, paramSet, newKeyAlias, HKS_STORAGE_TYPE_KEY);
     if (ret == HKS_SUCCESS) {
-        HKS_LOG_E("newKey is exist!");
+        HKS_LOG_E("the newKey is already exist!");
         return HKS_ERROR_ALREADY_EXISTS;
     }
     if (ret == HKS_ERROR_NOT_EXIST) {
+        HKS_LOG_I("the newKey is  not exist!");
         return HKS_SUCCESS;
     }
     return ret;

services/huks_standard/huks_service/main/core/src/hks_client_service.c

@@ -2084,18 +2084,18 @@ int32_t HksServiceRenameKeyAlias(const struct HksProcessInfo *processInfo, const
     ret = HKsCheckOldKeyAliasDiffNewKeyAlias(oldKeyAlias, newKeyAlias);
     if (ret != HKS_SUCCESS) {
         HKS_LOG_E("the new key alias same as old key alias !, ret = %" LOG_PUBLIC "d", ret);
-        return HKS_ERROR_BAD_STATE;
+        return HKS_ERROR_INVALID_ARGUMENT;
     }
 
     ret = HksCheckOldKeyExist(processInfo, oldKeyAlias, paramSet);
     if (ret != HKS_SUCCESS) {
-        HKS_LOG_E("the old key is not exist !, ret = %" LOG_PUBLIC "d", ret);
+        HKS_LOG_E("HksCheckOldKeyExist failed!, ret = %" LOG_PUBLIC "d", ret);
         return ret;
     }
 
     ret = HksCheckNewKeyNotExist(processInfo, newKeyAlias, paramSet);
     if (ret != HKS_SUCCESS) {
-        HKS_LOG_E("the new key is already exist !, ret = %" LOG_PUBLIC "d", ret);
+        HKS_LOG_E("HksCheckNewKeyNotExist failed!, ret = %" LOG_PUBLIC "d", ret);
         return ret;
     }
 

services/huks_standard/huks_service/main/hks_storage/include/hks_storage.h

@@ -71,7 +71,10 @@ void HksServiceDeleteUIDKeyAliasFile(const struct HksProcessInfo *processInfo);
 
 int32_t HksListAliasesByProcessName(const struct HksStoreFileInfo *fileInfo, struct HksKeyAliasSet **outData);
 
-int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo, 
+int32_t HksStorageCopyKeyBlobFile(const char *srcPath, const char *srcFileName,
+    const char *destPath, const char *destFileName);
+
+int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo,
     const struct HksStoreFileInfo *newFileInfo, bool isCopy);
 
 #ifdef HKS_ENABLE_SMALL_TO_SERVICE

services/huks_standard/huks_service/main/hks_storage/src/hks_storage.c

@@ -148,7 +148,6 @@ static int32_t HksStorageRemoveFile(const char *path, const char *fileName)
     return ret;
 }
 
-#ifdef SUPPORT_STORAGE_BACKUP
 static int32_t CopyKeyBlobFromSrc(const char *srcPath, const char *srcFileName,
     const char *destPath, const char *destFileName)
 {
@@ -185,7 +184,6 @@ static int32_t CopyKeyBlobFromSrc(const char *srcPath, const char *srcFileName,
     HKS_FREE(buffer);
     return ret;
 }
-#endif
 
 static int32_t GetKeyBlobFromFile(const char *path, const char *fileName, struct HksBlob *keyBlob)
 {
@@ -868,7 +866,9 @@ int32_t HksListAliasesByProcessName(const struct HksStoreFileInfo *fileInfo, str
     return ret;
 }
 
-int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo, 
+#endif
+
+int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo,
     const struct HksStoreFileInfo *newFileInfo, bool isCopy)
 {
     int32_t ret;
@@ -876,9 +876,11 @@ int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo,
         ret = CopyKeyBlobFromSrc(oldFileInfo->mainPath.path, oldFileInfo->mainPath.fileName,
             newFileInfo->mainPath.path, newFileInfo->mainPath.fileName);
         HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks copy old key blob failed, ret = %" LOG_PUBLIC "d.", ret)
+#ifdef SUPPORT_STORAGE_BACKUP
         ret = CopyKeyBlobFromSrc(oldFileInfo->bakPath.path, oldFileInfo->bakPath.fileName,
             newFileInfo->bakPath.path, newFileInfo->bakPath.fileName);
         HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks copy old key blob failed, ret = %" LOG_PUBLIC "d.", ret)
+#endif
         if (!isCopy) {
             ret = HksStoreDeleteKeyBlob(oldFileInfo);
             HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks delete key blob failed, ret = %" LOG_PUBLIC "d.", ret)
@@ -887,5 +889,4 @@ int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo,
     return ret;
 }
 
-#endif
+#endif /* _CUT_AUTHENTICATE_ */
-#endif /* _CUT_AUTHENTICATE_ */

services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c

@@ -582,15 +582,19 @@ int32_t HksManageStoreRenameKeyAlias(const struct HksProcessInfo *processInfo,
         HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "check paramset invalid failed!");
 
         struct HksParam *isNeedCopy = NULL;
-        int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_COPY_NEW_KEY, &isNeedCopy);
+        ret = HksGetParam(paramSet, HKS_TAG_IS_COPY_NEW_KEY, &isNeedCopy);
-        if (ret == HKS_ERROR_PARAM_NOT_EXIST || isNeedCopy->boolParam == false) {
+        if (ret == HKS_SUCCESS && isNeedCopy->boolParam == true) {
-            ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, false);
+            ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, true);
             HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret);
         } else {
-            ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, true);
+            ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, false);
             HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret);
         }
     } while (0);
+    FileInfoFree(&oldKeyFileInfo);
+    FileInfoFree(&newKeyFileInfo);
+    FreeStorageMaterial(&oldKeyMaterial);
+    FreeStorageMaterial(&newKeyMaterial);
     return ret;
 }
 

services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_ipc_service.c

@@ -1003,9 +1003,6 @@ void HksIpcServiceRenameKeyAlias(const struct HksBlob *srcData, const uint8_t *c
 
     HksSendResponse(context, ret, NULL);
 
-    HksFreeParamSet(&paramSet);
     HKS_FREE_BLOB(processInfo.processName);
     HKS_FREE_BLOB(processInfo.userId);
-    HKS_FREE_BLOB(oldKeyAlias);
-    HKS_FREE_BLOB(newKeyAlias);
 }

services/huks_standard/huks_service/main/os_dependency/sa/hks_message_handler.h

@@ -46,7 +46,7 @@ const struct HksIpcEntryPoint HKS_IPC_MESSAGE_HANDLER[] = {
     { HKS_MSG_MAC, HksIpcServiceMac },
     { HKS_MSG_GET_KEY_INFO_LIST, HksIpcServiceGetKeyInfoList },
     { HKS_MSG_LIST_ALIASES, HksIpcServiceListAliases },
-    { HKS_MSG_RENAME_KEY_ALIASES, HksIpcServiceRenameKeyAlias },
+    { HKS_MSG_RENAME_KEY_ALIAS, HksIpcServiceRenameKeyAlias },
 };
 
 typedef void (*HksIpcThreeStageHandlerFuncProc)(const struct HksBlob *msg, struct HksBlob *outData,

test/unittest/huks_standard_test/three_stage_test/BUILD.gn

@@ -67,6 +67,8 @@ ohos_unittest("huks_UT_test") {
     "src/hks_pbkdf2_derive_part1_test.cpp",
     "src/hks_pbkdf2_derive_part2_test.cpp",
     "src/hks_pbkdf2_derive_test_common.cpp",
+
+    # "src/hks_rename_test.cpp",
     "src/hks_three_stage_test_common.c",
     "src/hks_x25519_agree_test.cpp",
     "src/symmetric_alg_test/hks_aes_cipher_ccm_test.cpp",

test/unittest/huks_standard_test/three_stage_test/include/hks_rename_test.h

@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HUKS_OTHERS_TEST_H
+#define HUKS_OTHERS_TEST_H
+
+int HksRenameKeyAliasTest001(void);
+
+int HksRenameKeyAliasTest002(void);
+
+int HksRenameKeyAliasTest003(void);
+
+int HksRenameKeyAliasTest004(void);
+
+int HksRenameKeyAliasTest005(void);
+
+int HksRenameKeyAliasTest006(void);
+
+int HksRenameKeyAliasTest007(void);
+
+#endif

test/unittest/huks_standard_test/three_stage_test/src/hks_rename_test.cpp

@@ -0,0 +1,478 @@
+/*
+ * Copyright (C) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+
+#include "hks_rename_test.h"
+#include "hks_api.h"
+#include "hks_param.h"
+#include "hks_test_common.h"
+#include "hks_test_log.h"
+#include "hks_type.h"
+#include "hks_log.h"
+#include "hks_mem.h"
+#include "nativetoken_kit.h"
+#include "token_setproc.h"
+#include "hks_file_operator.h"
+using namespace testing::ext;
+namespace {
+class HksRenameKeyAliasTest : public testing::Test {
+public:
+    static void SetUpTestCase(void);
+
+    static void TearDownTestCase(void);
+
+    void SetUp();
+
+    void TearDown();
+};
+
+void HksRenameKeyAliasTest::SetUpTestCase(void)
+{
+}
+
+void HksRenameKeyAliasTest::TearDownTestCase(void)
+{
+}
+
+void HksRenameKeyAliasTest::SetUp()
+{
+}
+
+void HksRenameKeyAliasTest::TearDown()
+{
+}
+
+static const uint32_t USER_ID_INT = 0;
+
+static int32_t TestGenerateKey(const struct HksBlob *keyAlias)
+{
+    struct HksParam tmpParams[] = {
+        { .tag = HKS_TAG_BLOCK_MODE, .uint32Param = HKS_MODE_ECB },
+        { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_RSA },
+        { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 },
+        { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
+        { .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_PSS },
+        { .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_VERIFY },
+        { .tag = HKS_TAG_KEY_STORAGE_FLAG, .uint32Param = HKS_STORAGE_PERSISTENT },
+        { .tag = HKS_TAG_KEY_GENERATE_TYPE, .uint32Param = HKS_KEY_GENERATE_TYPE_DEFAULT },
+        { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE },
+    };
+    struct HksParamSet *paramSet = nullptr;
+    int32_t ret = HksInitParamSet(&paramSet);
+    if (ret != HKS_SUCCESS) {
+        HKS_LOG_E("hks_core_service_test HksInitParamSet failed");
+        return ret;
+    }
+
+    ret = HksAddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0]));
+    if (ret != HKS_SUCCESS) {
+        HKS_LOG_E("hks_core_service_test HksAddParams failed");
+        HksFreeParamSet(&paramSet);
+        return ret;
+    }
+
+    ret = HksBuildParamSet(&paramSet);
+    if (ret != HKS_SUCCESS) {
+        HKS_LOG_E("hks_core_service_test HksBuildParamSet failed");
+        HksFreeParamSet(&paramSet);
+        return ret;
+    }
+
+    ret = HksGenerateKey(keyAlias, paramSet, nullptr);
+    if (ret != HKS_SUCCESS) {
+        HKS_LOG_E("hks_core_service_test HksGenerateKey failed");
+    }
+    HksFreeParamSet(&paramSet);
+    return ret;
+}
+
+static int32_t BuildParamSetWithParam(struct HksParamSet **paramSet, struct HksParam *param, uint32_t paramCnt)
+{
+    int32_t ret = HksInitParamSet(paramSet);
+    if (ret != HKS_SUCCESS) {
+        HKS_LOG_E("BuildParamSetWithParam HksInitParamSet failed");
+        return ret;
+    }
+    if (param != nullptr) {
+        ret = HksAddParams(*paramSet, param, paramCnt);
+        if (ret != HKS_SUCCESS) {
+            HKS_LOG_E("BuildParamSetWithParam HksAddParams failed");
+            return ret;
+        }
+    }
+    return HksBuildParamSet(paramSet);
+}
+
+#ifdef HKS_INTERACT_ABILITY
+static int32_t SetIdsToken()
+{
+    uint64_t tokenId;
+    const char *acls[] = {
+        "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS",
+    };
+    const char *perms[] = {
+        "ohos.permission.PLACE_CALL", // system_basic
+        "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS",
+    };
+    NativeTokenInfoParams infoInstance = {
+        .dcapsNum = 0,
+        .permsNum = 2,
+        .dcaps = nullptr,
+        .perms = perms,
+        .aplStr = "system_basic",
+    };
+    infoInstance.acls = acls;
+    infoInstance.aclsNum = 1;
+    infoInstance.processName = "test_movece";
+    tokenId = GetAccessTokenId(&infoInstance);
+    int32_t ret = SetSelfTokenID(tokenId);
+    if (ret != HKS_SUCCESS) {
+        HKS_LOG_I("SetSelfTokenID fail, ret is %" LOG_PUBLIC "x!", ret);
+    }
+    return ret;
+}
+#endif
+
+/**
+ * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest001
+ * @tc.desc: Rename the key and keep the old one;
+ * @tc.type: FUNC
+ */
+HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest001, TestSize.Level0)
+{
+#ifdef HKS_INTERACT_ABILITY
+    SetIdsToken();
+#endif
+    const char *alias = "oldAlias001";
+    struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
+    
+    int32_t ret = TestGenerateKey(&keyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey ret is " << ret;
+
+    struct HksParamSet *paramSet = nullptr;
+    struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE };
+    ret = BuildParamSetWithParam(&paramSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;;
+
+    struct HksParamSet *renameParamSet = NULL;
+    struct HksParam paramArr[] = {
+        {.tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE},
+        {.tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT},
+        {.tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true},
+    };
+    ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0]));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    const char *alias2 = "newKeyAlias001";
+    struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 };
+    ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "HksRenameKeyAlias ret is " << ret;
+
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "old key is not exit, ret is " << ret;
+
+    ret = HksKeyExist(&newKeyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "new key is not exit, ret is " << ret;
+
+    ret = HksDeleteKey(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksDeleteKey(&newKeyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    HksFreeParamSet(&paramSet);
+    HksFreeParamSet(&renameParamSet);
+}
+
+/**
+ * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest002
+ * @tc.desc: Rename the key and remove the old one;
+ * @tc.type: FUNC
+ */
+HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest002, TestSize.Level0)
+{
+#ifdef HKS_INTERACT_ABILITY
+    SetIdsToken();
+#endif
+    const char *alias = "oldAlias002";
+    struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
+    
+    int32_t ret = TestGenerateKey(&keyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey ret is " << ret;
+
+    struct HksParamSet *paramSet = nullptr;
+    struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE };
+    ret = BuildParamSetWithParam(&paramSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;;
+
+    struct HksParamSet *renameParamSet = NULL;
+    struct HksParam paramArr[] = {
+        {.tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE},
+        {.tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT},
+    };
+    ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0]));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    const char *alias2 = "newKeyAlias002";
+    struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 };
+    ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "HksRenameKeyAlias ret is " << ret;
+
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_ERROR_NOT_EXIST) << "old key exit, delet failed, ret is " << ret;
+
+    ret = HksKeyExist(&newKeyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "new key is not exit, ret is " << ret;
+
+    ret = HksDeleteKey(&newKeyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    HksFreeParamSet(&paramSet);
+    HksFreeParamSet(&renameParamSet);
+}
+
+static const char *STORE_PATH = "/data/service/el1/public/huks_service/maindata/0/0/key/";
+/**
+ * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest003
+ * @tc.desc: If the main key is lost, the renaming is still successful;
+ * @tc.type: FUNC
+ */
+HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest003, TestSize.Level0)
+{
+#ifdef HKS_INTERACT_ABILITY
+    SetIdsToken();
+#endif
+    const char *alias = "oldAlias003";
+    struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
+    
+    int32_t ret = TestGenerateKey(&keyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey ret is " << ret;
+    
+    struct HksParamSet *paramSet = nullptr;
+    struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE };
+    ret = BuildParamSetWithParam(&paramSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;
+
+    ret = HksFileRemove(STORE_PATH, alias);
+    ASSERT_EQ(ret, HKS_SUCCESS);
+
+    struct HksParamSet *renameParamSet = NULL;
+    struct HksParam paramArr[] = {
+        {.tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE},
+        {.tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT},
+        {.tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true},
+    };
+    ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0]));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    const char *alias2 = "newKeyAlias003";
+    struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 };
+    ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "HksRenameKeyAlias ret is " << ret;
+
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "old key exit, delet failed, ret is " << ret;
+    ret = HksKeyExist(&newKeyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "new key is not exit, ret is " << ret;
+    ret = HksDeleteKey(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksDeleteKey(&newKeyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    HksFreeParamSet(&paramSet);
+    HksFreeParamSet(&renameParamSet);
+}
+
+/**
+ * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest004
+ * @tc.desc: The old key is lost, the renaming is failed;
+ * @tc.type: FUNC
+ */
+HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest004, TestSize.Level2)
+{
+#ifdef HKS_INTERACT_ABILITY
+    SetIdsToken();
+#endif
+    const char *alias = "oldAlias004";
+    struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
+    
+    int32_t ret = TestGenerateKey(&keyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey ret is " << ret;
+
+    struct HksParamSet *paramSet = nullptr;
+    struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE };
+    ret = BuildParamSetWithParam(&paramSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;
+
+    ret = HksDeleteKey(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks delete MainFile key failed, ret is " << ret;
+
+    struct HksParamSet *renameParamSet = NULL;
+    struct HksParam paramArr[] = {
+        {.tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE},
+        {.tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT},
+        {.tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true},
+    };
+    ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0]));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    const char *alias2 = "newKeyAlias004";
+    struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 };
+    ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias);
+    EXPECT_EQ(ret, HKS_ERROR_NOT_EXIST) << "HksRenameKeyAlias ret is " << ret;
+
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_ERROR_NOT_EXIST) << "old key exit, delet failed, ret is " << ret;
+
+    ret = HksKeyExist(&newKeyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_ERROR_NOT_EXIST) << "new key is not exit, ret is " << ret;
+
+    HksFreeParamSet(&paramSet);
+    HksFreeParamSet(&renameParamSet);
+}
+
+/**
+ * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest005
+ * @tc.desc: A new key with the same name exists, the renaming is faild;
+ * @tc.type: FUNC
+ */
+HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest005, TestSize.Level1)
+{
+#ifdef HKS_INTERACT_ABILITY
+    SetIdsToken();
+#endif
+    const char *alias = "oldAlias005";
+    const char *alias2 = "newKeyAlias005";
+    struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
+    struct HksBlob keyAlias2 = { strlen(alias2), (uint8_t *)alias2 };
+    
+    int32_t ret = TestGenerateKey(&keyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey keyAlias ret is " << ret;
+    ret = TestGenerateKey(&keyAlias2);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey keyAlias2 ret is " << ret;
+    
+    struct HksParamSet *paramSet = nullptr;
+    struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE };
+    ret = BuildParamSetWithParam(&paramSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;
+    ret = HksKeyExist(&keyAlias2, paramSet);;
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;
+    struct HksParamSet *renameParamSet = NULL;
+    struct HksParam paramArr[] = {
+        { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE},
+        { .tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT},
+        { .tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true},
+    };
+    ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0]));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 };
+    ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias);
+    EXPECT_EQ(ret, HKS_ERROR_ALREADY_EXISTS) << "HksRenameKeyAlias ret is " << ret;
+
+    ret = HksDeleteKey(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksDeleteKey(&keyAlias2, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    HksFreeParamSet(&paramSet);
+    HksFreeParamSet(&renameParamSet);
+}
+
+/**
+ * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest006
+ * @tc.desc: The renameParamSet has incorrect parameters, the renaming is faild;
+ * @tc.type: FUNC
+ */
+HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest006, TestSize.Level0)
+{
+#ifdef HKS_INTERACT_ABILITY
+    SetIdsToken();
+#endif
+    const char *alias = "oldAlias006";
+    struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
+    
+    int32_t ret = TestGenerateKey(&keyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey keyAlias ret is " << ret;
+    
+    struct HksParamSet *paramSet = nullptr;
+    struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE };
+    ret = BuildParamSetWithParam(&paramSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;
+    struct HksParamSet *renameParamSet = NULL;
+    struct HksParam paramArr[] = {
+        { .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_RSA },
+        { .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_RSA_KEY_SIZE_2048 },
+        { .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
+        { .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_PSS },
+        { .tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true},
+    };
+    ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0]));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    const char *alias2 = "newKeyAlias006";
+    struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 };
+    ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias);
+    EXPECT_EQ(ret, HKS_ERROR_PARAM_NOT_EXIST) << "HksRenameKeyAlias ret is " << ret;
+
+    ret = HksDeleteKey(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    HksFreeParamSet(&paramSet);
+    HksFreeParamSet(&renameParamSet);
+}
+
+/**
+ * @tc.name: HksRenameKeyAliasTest.HksRenameKeyAliasTest007
+ * @tc.desc: The old and new name of the key are the same, the renaming is faild;
+ * @tc.type: FUNC
+ */
+HWTEST_F(HksRenameKeyAliasTest, HksRenameKeyAliasTest007, TestSize.Level0)
+{
+#ifdef HKS_INTERACT_ABILITY
+    SetIdsToken();
+#endif
+    const char *alias = "oldAlias007";
+    struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
+    
+    int32_t ret = TestGenerateKey(&keyAlias);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "TestGenerateKey keyAlias ret is " << ret;
+    
+    struct HksParamSet *paramSet = nullptr;
+    struct HksParam storageLevel = { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE };
+    ret = BuildParamSetWithParam(&paramSet, &storageLevel, sizeof(storageLevel) / sizeof(HksParam));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    ret = HksKeyExist(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS) << "Hks get generate key failed, ret is " << ret;
+    struct HksParamSet *renameParamSet = NULL;
+    struct HksParam paramArr[] = {
+        { .tag = HKS_TAG_AUTH_STORAGE_LEVEL, .uint32Param = HKS_AUTH_STORAGE_LEVEL_DE},
+        { .tag = HKS_TAG_SPECIFIC_USER_ID, .uint32Param = USER_ID_INT},
+        { .tag = HKS_TAG_IS_COPY_NEW_KEY, .boolParam = true},
+    };
+    ret = BuildParamSetWithParam(&renameParamSet, paramArr, sizeof(paramArr) / sizeof(paramArr[0]));
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    const char *alias2 = "oldAlias007";
+    struct HksBlob newKeyAlias = { strlen(alias2), (uint8_t *)alias2 };
+    ret = HksRenameKeyAlias(&keyAlias, renameParamSet, &newKeyAlias);
+    EXPECT_EQ(ret, HKS_ERROR_INVALID_ARGUMENT) << "HksRenameKeyAlias ret is " << ret;
+
+    ret = HksDeleteKey(&keyAlias, paramSet);
+    EXPECT_EQ(ret, HKS_SUCCESS);
+    HksFreeParamSet(&paramSet);
+    HksFreeParamSet(&renameParamSet);
+}
+}