openharmony/security_huks
1
0
Fork 0
mirror of https://gitee.com/openharmony/security_huks synced 2024-11-27 00:40:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of https://gitee.com/openharmony/security_huks

Browse Source
This commit is contained in:
CheungVane 2023-02-25 17:25:20 +08:00
commit ea67e8b1af
42 changed files with 2744 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
build/config.gni
View File

@ -52,4 +52,7 @@ declare_args() {
# to do : 上库时改为false默认不开启
# whether enable upgrade key file for l1 sdk to l1 service, default as false
huks_enable_upgrade_small_to_service = true
# default security level supported by huks is software
huks_security_level = "software"
}

2
bundle.json
View File

@ -76,8 +76,6 @@
}
],
"test": [
"//base/security/huks:huks_sdk_test",
"//base/security/huks/test/fuzz_test:fuzztest"
]
}
}

4
frameworks/huks_standard/main/common/include/hks_config.h
View File

@ -227,4 +227,8 @@
#define HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
#endif
#ifndef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
#define HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
#endif
#endif /* HKS_CONFIG_H */

1
frameworks/huks_standard/main/common/include/hks_message_code.h
View File

@ -41,6 +41,7 @@ enum HksMessage {
HKS_MSG_UPDATE,
HKS_MSG_FINISH,
HKS_MSG_ABORT,
HKS_MSG_CHIPSET_PLATFORM_DECRYPT,
/* new cmd type must be added before HKS_MSG_MAX */
HKS_MSG_MAX,

35
frameworks/huks_standard/main/core/src/hks_verifier.c
View File

@ -27,6 +27,7 @@
#include "hks_log.h"
#include "hks_mem.h"
#include "hks_param.h"
#include "hks_template.h"
#include "hks_type.h"
#include "securec.h"
@ -608,15 +609,41 @@ static void FreeCertChainInfo(struct HksCertInfo **certs, uint32_t certNum)
}
}
int32_t HksClientValidateCertChain(const struct HksCertChain *certChain, struct HksParamSet *paramSetOut)
static int32_t CheckCertChainParams(const struct HksCertChain *certChain)
{
if (certChain->certsCount != HKS_DEFAULT_CERT_CHAIN_CNT) {
HKS_LOG_E("validate cert chain chain invalid certChain count %" LOG_PUBLIC "u", certChain->certsCount);
/* certChain has been checked not null */
if ((certChain->certs == NULL) || (certChain->certsCount != HKS_DEFAULT_CERT_CHAIN_CNT)) {
HKS_LOG_E("validate cert chain chain invalid certChain or count");
return HKS_ERROR_INVALID_ARGUMENT;
}
for (uint32_t i = 0; i < certChain->certsCount; ++i) {
if (CheckBlob(&certChain->certs[i]) != HKS_SUCCESS) {
HKS_LOG_E("certChain entry[%" LOG_PUBLIC "u] invalid", i);
return HKS_ERROR_INVALID_ARGUMENT;
}
}
return HKS_SUCCESS;
}
static int32_t CheckValidateCertChainParams(const struct HksCertChain *certChain, struct HksParamSet *paramSetOut)
{
int32_t ret = CheckCertChainParams(certChain);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "certChain invalid, ret = %" LOG_PUBLIC "d", ret)
/* paramSetOut has been checked not null */
ret = HksCheckParamSet(paramSetOut, paramSetOut->paramSetSize);
HKS_IF_NOT_SUCC_LOGE(ret, "paramSetOut invalid, ret = %" LOG_PUBLIC "d", ret)
return ret;
}
int32_t HksClientValidateCertChain(const struct HksCertChain *certChain, struct HksParamSet *paramSetOut)
{
int32_t ret = CheckValidateCertChainParams(certChain, paramSetOut);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "certChain params check failed, ret = %" LOG_PUBLIC "d", ret)
struct HksCertInfo *certsInfo = NULL;
int32_t ret = InitCertChainInfo(certChain, &certsInfo);
ret = InitCertChainInfo(certChain, &certsInfo);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get cert chain info failed")
ret = VerifyAttestationCertChain(certsInfo, certChain->certsCount);
if (ret != HKS_SUCCESS) {

2
frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_engine.c
View File

@ -39,7 +39,7 @@ void HksLogOpensslError(void)
errCode = ERR_get_error();
ERR_error_string_n(errCode, szErr, HKS_OPENSSL_ERROR_LEN);
HKS_LOG_E("Openssl engine fail, error code = %lu, error string = %" LOG_PUBLIC "s", errCode, szErr);
HKS_LOG_E("Openssl engine fail, error code = %" LOG_PUBLIC "lu, error string = %" LOG_PUBLIC "s", errCode, szErr);
}
inline int32_t HksOpensslCheckBlob(const struct HksBlob *blob)

3
frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h
View File

@ -83,6 +83,9 @@ int32_t HksClientFinish(const struct HksBlob *handle, const struct HksParamSet *
int32_t HksClientAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet);
int32_t HksClientExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey);
#ifdef __cplusplus
}
#endif

31
frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c
View File

@ -703,3 +703,34 @@ int32_t HksClientAbort(const struct HksBlob *handle, const struct HksParamSet *p
HksFreeParamSet(&sendParamSet);
return ret;
}
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
int32_t HksClientExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey)
{
struct HksParamSet *sendParamSet = NULL;
struct HksParam params[] = {
{ .tag = HKS_TAG_PARAM0_BUFFER,
.blob = *salt, },
{ .tag = HKS_TAG_PARAM1_UINT32,
.uint32Param = scene, },
};
int32_t ret = HksParamsToParamSet(params, HKS_ARRAY_SIZE(params), &sendParamSet);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
struct HksBlob parcelBlob = {
.size = sendParamSet->paramSetSize,
.data = (uint8_t *)sendParamSet
};
ret = HksSendRequest(HKS_MSG_CHIPSET_PLATFORM_DECRYPT, &parcelBlob, publicKey, NULL);
if (ret != HKS_SUCCESS) {
HKS_LOG_E("HksParamSet send fail");
HksFreeParamSet(&sendParamSet);
return ret;
}
HksFreeParamSet(&sendParamSet);
return ret;
}
#endif

22
frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c
View File

@ -22,6 +22,13 @@
#define HKS_PROCESS_INFO_LEN 128
#define HKS_MAX_DIRENT_FILE_LEN 128
static int32_t GetProcessInfo(char **processName, char **userId)
{
HKS_IF_NOT_SUCC_LOGE_RETURN(HksGetProcessName(processName), HKS_ERROR_INTERNAL_ERROR, "get process name failed")
HKS_IF_NOT_SUCC_LOGE_RETURN(HksGetUserId(userId), HKS_ERROR_INTERNAL_ERROR, "get user id failed")
return HKS_SUCCESS;
}
#ifndef _CUT_AUTHENTICATE_
int32_t HksClientInitialize(void)
{
@ -36,13 +43,6 @@ int32_t HksClientRefreshKeyInfo(void)
return HksServiceRefreshKeyInfo(&processNameBlob);
}
static int32_t GetProcessInfo(char **processName, char **userId)
{
HKS_IF_NOT_SUCC_LOGE_RETURN(HksGetProcessName(processName), HKS_ERROR_INTERNAL_ERROR, "get process name failed")
HKS_IF_NOT_SUCC_LOGE_RETURN(HksGetUserId(userId), HKS_ERROR_INTERNAL_ERROR, "get user id failed")
return HKS_SUCCESS;
}
int32_t HksClientGenerateKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn,
struct HksParamSet *paramSetOut)
{
@ -404,3 +404,11 @@ int32_t HksClientGenerateRandom(struct HksBlob *random, const struct HksParamSet
};
return HksServiceGenerateRandom(&processInfo, random);
}
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
int32_t HksClientExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey)
{
return HksServiceExportChipsetPlatformPublicKey(salt, scene, publicKey);
}
#endif

3
interfaces/inner_api/huks_standard/main/include/hks_api.h
View File

@ -106,6 +106,9 @@ HKS_API_EXPORT int32_t HksFinish(const struct HksBlob *handle, const struct HksP
HKS_API_EXPORT int32_t HksAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet);
HKS_API_EXPORT int32_t HksExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey);
#ifdef __cplusplus
}
#endif

8
interfaces/inner_api/huks_standard/main/include/hks_type.h
View File

@ -426,6 +426,10 @@ enum HksTag {
HKS_TAG_IMPORT_KEY_TYPE = HKS_TAG_TYPE_UINT | 25, /* choose from enum HksImportKeyType */
HKS_TAG_UNWRAP_ALGORITHM_SUITE = HKS_TAG_TYPE_UINT | 26,
/* parameters required by HuksCoreChipsetPlatformDecrypt */
HKS_TAG_CIPHER_TEXT = HKS_TAG_TYPE_BYTES | 27,
HKS_TAG_PEER_PUBLIC_KEY = HKS_TAG_TYPE_BYTES | 28,
/*
* Key authentication related TAG: 201 - 300
*
@ -690,6 +694,10 @@ static inline int32_t CheckBlob(const struct HksBlob *blob)
return HKS_SUCCESS;
}
enum HksChipsetPlatformDecryptScene {
HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA = 1,
};
#ifdef __cplusplus
}
#endif

3
interfaces/inner_api/huks_standard/main/include/huks_hdi.h
View File

@ -87,6 +87,9 @@ struct HuksHdi {
int32_t (*HuksHdiUpgradeKey)(const struct HksBlob *oldKey, const struct HksParamSet *paramSet,
struct HksBlob *newKey);
int32_t (*HuksHdiExportChipsetPlatformPublicKey)(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey);
};
#endif /* HUKS_HDI_H */

17
interfaces/inner_api/huks_standard/main/src/hks_api.c
View File

@ -655,3 +655,20 @@ HKS_API_EXPORT int32_t HksAbort(const struct HksBlob *handle, const struct HksPa
return ret;
}
HKS_API_EXPORT int32_t HksExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey)
{
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
HKS_LOG_I("enter export chipset platform public key");
HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(salt), HKS_ERROR_INVALID_ARGUMENT, "invalid salt")
HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(publicKey), HKS_ERROR_INVALID_ARGUMENT, "invalid publicKey")
int32_t ret = HksClientExportChipsetPlatformPublicKey(salt, scene, publicKey);
HKS_LOG_I("leave export chipset platform public key, ret = %" LOG_PUBLIC "d", ret);
return ret;
#else
(void)(salt);
(void)(scene);
(void)(publicKey);
return HKS_ERROR_API_NOT_SUPPORTED;
#endif
}

1
services/huks_standard/huks_engine/main/core/BUILD.gn
View File

@ -39,6 +39,7 @@ if (os_level == "standard") {
sources = [
"src/hks_asn1.c",
"src/hks_auth.c",
"src/hks_chipset_platform_decrypt.c",
"src/hks_core_interfaces.c",
"src/hks_core_service.c",
"src/hks_core_service_three_stage.c",

59
services/huks_standard/huks_engine/main/core/include/hks_chipset_platform_decrypt.h Normal file
View File

@ -0,0 +1,59 @@
/*
* Copyright (c) 2023-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef HKS_CHIPSET_PLATFORM_DECRYPT_H
#define HKS_CHIPSET_PLATFORM_DECRYPT_H
#include <stddef.h>
#include <stdint.h>
#include "hks_type.h"
#ifdef __cplusplus
extern "C" {
#endif
// Key protection scheme based on chipset platform key
enum {
PLATFORM_KEY_INPUT_PARAMS_COUNT = 7,
// The user must pass 16 bytes of salt, although only first 15 bytes will be used,
// the last byte of salt from user is ignored and will be replaced by huks
PLATFORM_KEY_SALT_SIZE = 16,
PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE = 32,
PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE = PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE * 2,
PLATFORM_KEY_BUSINESS_ID_SIZE = 16,
PLATFORM_KEY_CUSTOM_INFO_SIZE = 16,
PLATFORM_KEY_HMAC_MESSAGE_SIZE = PLATFORM_KEY_BUSINESS_ID_SIZE + PLATFORM_KEY_CUSTOM_INFO_SIZE,
PLATFORM_KEY_IV_SIZE = 12,
PLATFORM_KEY_AAD_SIZE = 16,
PLATFORM_KEY_TAG_SIZE = 16,
PLATFORM_KEY_TEXT_MIN_LEN = 1,
PLATFORM_KEY_TEXT_MAX_LEN = 512,
PLATFORM_KEY_SALT_PADDING_BYTE_TA_TO_TA = 0xFF,
PLATFORM_KEY_SHARED_KEY_SIZE = 32,
PLATFORM_KEY_WRAPPED_KEY_SIZE = 32,
};
int32_t HuksCoreChipsetPlatformDecrypt(const struct HksParamSet *paramSet,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *plainText);
int32_t HuksCoreExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey);
#ifdef __cplusplus
}
#endif
#endif /* HKS_CHIPSET_PLATFORM_DECRYPT_H */

6
services/huks_standard/huks_engine/main/core/include/hks_core_service.h
View File

@ -96,6 +96,12 @@ int32_t HksCoreGetHardwareInfo(void);
HksMutex *HksCoreGetHuksMutex(void);
int32_t HksCoreExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey);
int32_t HksCoreChipsetPlatformDecrypt(const struct HksParamSet *paramSet,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *plainText);
struct HksCoreInitHandler {
enum HksKeyPurpose pur;
int32_t (*handler)(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,

284
services/huks_standard/huks_engine/main/core/src/hks_chipset_platform_decrypt.c Normal file
View File

@ -0,0 +1,284 @@
/*
* Copyright (c) 2023-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "hks_chipset_platform_decrypt.h"
#include "hks_chipset_platform_key.h"
#include "hks_client_service_adapter.h"
#include "hks_crypto_hal.h"
#include "hks_log.h"
#include "hks_mem.h"
#include "hks_param.h"
#include "hks_template.h"
#include "hks_type.h"
#include "securec.h"
#include <stdbool.h>
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
static const uint32_t ORDERED_VALID_TAGS[] = {
HKS_TAG_SALT,
HKS_TAG_PEER_PUBLIC_KEY,
HKS_TAG_INFO,
HKS_TAG_IV,
HKS_TAG_ASSOCIATED_DATA,
HKS_TAG_AE_TAG,
HKS_TAG_CIPHER_TEXT,
};
static int32_t CheckParams(const struct HksParamSet *paramSet)
{
if (paramSet == NULL) {
HKS_LOG_E("invalid paramSet");
return HKS_ERROR_INVALID_ARGUMENT;
}
int32_t ret = HksCheckParamSet(paramSet, paramSet->paramSetSize);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Check params failed")
if (paramSet->paramsCnt != PLATFORM_KEY_INPUT_PARAMS_COUNT) {
HKS_LOG_E("invalid params count");
return HKS_ERROR_INVALID_ARGUMENT;
}
for (uint32_t i = 0; i < PLATFORM_KEY_INPUT_PARAMS_COUNT; ++i) {
if (GetTagType((enum HksTag)(paramSet->params[i].tag)) != HKS_TAG_TYPE_BYTES) {
HKS_LOG_E("params not bytes");
return HKS_ERROR_INVALID_ARGUMENT;
}
ret = CheckBlob(&paramSet->params[i].blob);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Check params failed")
}
// check whether all required tags are present or duplicated
uint32_t uniqCount = 0;
for (uint32_t i = 0; i < PLATFORM_KEY_INPUT_PARAMS_COUNT; ++i) {
for (uint32_t j = 0; j < PLATFORM_KEY_INPUT_PARAMS_COUNT; ++j) {
if (paramSet->params[j].tag == ORDERED_VALID_TAGS[i]) {
uniqCount++;
break;
}
}
}
if (uniqCount != PLATFORM_KEY_INPUT_PARAMS_COUNT) {
HKS_LOG_E("param tags repeat");
return HKS_ERROR_INVALID_ARGUMENT;
}
return ret;
}
static int32_t CheckText(const struct HksBlob *cipherText, const struct HksBlob *plainText)
{
if (cipherText->size != plainText->size) {
HKS_LOG_E("cipher text len %" LOG_PUBLIC "d does not equal to plain text len %" LOG_PUBLIC "d",
cipherText->size, plainText->size);
return HKS_ERROR_INVALID_ARGUMENT;
}
if (plainText->size > PLATFORM_KEY_TEXT_MAX_LEN || plainText->size < PLATFORM_KEY_TEXT_MIN_LEN) {
HKS_LOG_E("plain text length out of range %" LOG_PUBLIC "d", plainText->size);
return HKS_ERROR_INVALID_ARGUMENT;
}
return HKS_SUCCESS;
}
static int32_t DoGenEcdhSharedKey(const struct HksParamSet *paramSet, enum HksChipsetPlatformDecryptScene scene,
struct HksBlob *sharedKey)
{
struct HksBlob saltPadding = { .size = PLATFORM_KEY_SALT_SIZE,
.data = (uint8_t *)HksMalloc(PLATFORM_KEY_SALT_SIZE) };
HKS_IF_NULL_RETURN(saltPadding.data, HKS_ERROR_MALLOC_FAIL);
int32_t ret;
do {
struct HksParam *saltParam = NULL;
ret = HksGetParam(paramSet, HKS_TAG_SALT, &saltParam);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get salt fail");
struct HksParam *tmpPkParam = NULL;
ret = HksGetParam(paramSet, HKS_TAG_PEER_PUBLIC_KEY, &tmpPkParam);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get tmp pk fail");
if (saltParam->blob.size != PLATFORM_KEY_SALT_SIZE ||
tmpPkParam->blob.size != PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE) {
ret = HKS_ERROR_INVALID_ARGUMENT;
break;
}
(void)(memcpy_s(saltPadding.data, PLATFORM_KEY_SALT_SIZE, saltParam->blob.data, PLATFORM_KEY_SALT_SIZE));
if (scene == HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA) {
saltPadding.data[PLATFORM_KEY_SALT_SIZE - 1] = PLATFORM_KEY_SALT_PADDING_BYTE_TA_TO_TA;
}
ret = HksChipsetPlatformDeriveKeyAndEcdh(&tmpPkParam->blob, &saltPadding, sharedKey);
} while (false);
(void)(memset_s(saltPadding.data, PLATFORM_KEY_SALT_SIZE, 0, PLATFORM_KEY_SALT_SIZE));
HKS_FREE_BLOB(saltPadding);
return ret;
}
static int32_t DoHmacSha256(const struct HksBlob *hmacMsg,
const struct HksBlob *sharedKey, struct HksBlob *wrappedKey)
{
if (hmacMsg->size != PLATFORM_KEY_HMAC_MESSAGE_SIZE) {
return HKS_ERROR_INVALID_ARGUMENT;
}
return HksCryptoHalHmac(sharedKey, HKS_DIGEST_SHA256, hmacMsg, wrappedKey);
}
static int32_t DoAesDecrypt(const struct HksParamSet *paramSecureSet,
const struct HksBlob *wrappedKey, struct HksBlob *plainText)
{
struct HksParam *cipherTextParam = NULL;
int32_t ret = HksGetParam(paramSecureSet, HKS_TAG_CIPHER_TEXT, &cipherTextParam);
HKS_IF_NOT_SUCC_RETURN(ret, ret);
struct HksParam *ivParam = NULL;
ret = HksGetParam(paramSecureSet, HKS_TAG_IV, &ivParam);
HKS_IF_NOT_SUCC_RETURN(ret, ret);
struct HksParam *aadParam = NULL;
ret = HksGetParam(paramSecureSet, HKS_TAG_ASSOCIATED_DATA, &aadParam);
HKS_IF_NOT_SUCC_RETURN(ret, ret);
struct HksParam *tagParam = NULL;
ret = HksGetParam(paramSecureSet, HKS_TAG_AE_TAG, &tagParam);
HKS_IF_NOT_SUCC_RETURN(ret, ret);
struct HksBlob aad = aadParam->blob;
struct HksBlob iv = ivParam->blob;
struct HksBlob tag = tagParam->blob;
struct HksBlob cipherText = cipherTextParam->blob;
if (aad.size != PLATFORM_KEY_AAD_SIZE) {
HKS_LOG_E("invalid aad size %" LOG_PUBLIC "d", aad.size);
return HKS_ERROR_INVALID_ARGUMENT;
}
if (iv.size != PLATFORM_KEY_IV_SIZE) {
HKS_LOG_E("invalid iv size %" LOG_PUBLIC "d", iv.size);
return HKS_ERROR_INVALID_ARGUMENT;
}
if (tag.size != PLATFORM_KEY_TAG_SIZE) {
HKS_LOG_E("invalid tag size %" LOG_PUBLIC "d", tag.size);
return HKS_ERROR_INVALID_ARGUMENT;
}
struct HksAeadParam aeadParam = {
.nonce = iv,
.aad = aad,
.tagDec = tag,
.payloadLen = cipherText.size,
};
struct HksUsageSpec decryptSpec = {
.algType = HKS_ALG_AES,
.mode = HKS_MODE_GCM,
.padding = HKS_PADDING_NONE,
.purpose = HKS_KEY_PURPOSE_DECRYPT,
.algParam = (void *)&aeadParam,
};
return HksCryptoHalDecrypt(wrappedKey, &decryptSpec, &cipherText, plainText);
}
static int32_t CheckInput(const struct HksParamSet *paramSet, struct HksBlob *plainText,
enum HksChipsetPlatformDecryptScene scene)
{
// basic check for plainText and paramSet
int32_t ret = CheckBlob(plainText);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "Check plainText failed")
ret = CheckParams(paramSet);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "Check params failed")
// check scene
if (scene != HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA) {
HKS_LOG_E("invalid scene");
return HKS_ERROR_INVALID_ARGUMENT;
}
// specialized check for text
struct HksParam *cipherTextParam = NULL;
ret = HksGetParam(paramSet, HKS_TAG_CIPHER_TEXT, &cipherTextParam);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get param cipher text failed")
ret = CheckText(&cipherTextParam->blob, plainText);
if (ret != HKS_SUCCESS) {
return HKS_ERROR_INVALID_ARGUMENT;
}
return HKS_SUCCESS;
}
int32_t HuksCoreChipsetPlatformDecrypt(const struct HksParamSet *paramSet,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *plainText)
{
int32_t ret = CheckInput(paramSet, plainText, scene);
HKS_IF_NOT_SUCC_RETURN(ret, ret);
// malloc for key
struct HksBlob sharedKey = { .size = PLATFORM_KEY_SHARED_KEY_SIZE,
.data = (uint8_t *)HksMalloc(PLATFORM_KEY_SHARED_KEY_SIZE) };
if (sharedKey.data == NULL) {
return HKS_ERROR_INSUFFICIENT_MEMORY;
}
struct HksBlob wrappedKey = { .size = PLATFORM_KEY_WRAPPED_KEY_SIZE,
.data = (uint8_t *)HksMalloc(PLATFORM_KEY_WRAPPED_KEY_SIZE) };
if (wrappedKey.data == NULL) {
(void)(memset_s(sharedKey.data, PLATFORM_KEY_SHARED_KEY_SIZE, 0, PLATFORM_KEY_SHARED_KEY_SIZE));
HKS_FREE_BLOB(sharedKey);
return HKS_ERROR_INSUFFICIENT_MEMORY;
}
do {
// do ecdh to get sharedKey
HKS_LOG_I("start ecdh");
ret = DoGenEcdhSharedKey(paramSet, scene, &sharedKey);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ecdh get sharedKey failed")
// do hmac to get wrappedKey
struct HksParam *customInfoParam = NULL;
ret = HksGetParam(paramSet, HKS_TAG_INFO, &customInfoParam);
HKS_IF_NOT_SUCC_BREAK(ret)
HKS_LOG_I("start hmac");
ret = DoHmacSha256(&customInfoParam->blob, &sharedKey, &wrappedKey);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hmac get wrappedKey failed")
// do aes decrypt
HKS_LOG_I("start decrypt");
ret = DoAesDecrypt(paramSet, &wrappedKey, plainText);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "aes decrypt failed")
} while (false);
(void)memset_s(sharedKey.data, PLATFORM_KEY_SHARED_KEY_SIZE, 0, PLATFORM_KEY_SHARED_KEY_SIZE);
(void)memset_s(wrappedKey.data, PLATFORM_KEY_WRAPPED_KEY_SIZE, 0, PLATFORM_KEY_WRAPPED_KEY_SIZE);
HKS_FREE_BLOB(sharedKey);
HKS_FREE_BLOB(wrappedKey);
return ret;
}
int32_t HuksCoreExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey)
{
if (CheckBlob(salt) != HKS_SUCCESS || CheckBlob(publicKey) != HKS_SUCCESS ||
salt->size != PLATFORM_KEY_SALT_SIZE || publicKey->size != PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE ||
scene != HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA) {
return HKS_ERROR_INVALID_ARGUMENT;
}
struct HksBlob saltPadding = { .size = PLATFORM_KEY_SALT_SIZE,
.data = (uint8_t *)HksMalloc(PLATFORM_KEY_SALT_SIZE) };
HKS_IF_NULL_LOGE_RETURN(saltPadding.data, HKS_ERROR_MALLOC_FAIL, "malloc salt padding fail");
(void)memcpy_s(saltPadding.data, PLATFORM_KEY_SALT_SIZE, salt->data, PLATFORM_KEY_SALT_SIZE);
saltPadding.data[PLATFORM_KEY_SALT_SIZE - 1] = PLATFORM_KEY_SALT_PADDING_BYTE_TA_TO_TA;
int32_t ret = HksChipsetPlatformDerivePubKey(&saltPadding, publicKey);
(void)(memset_s(saltPadding.data, PLATFORM_KEY_SALT_SIZE, 0, PLATFORM_KEY_SALT_SIZE));
HKS_FREE_BLOB(saltPadding);
return ret;
}
#endif // HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT

3
services/huks_standard/huks_engine/main/core/src/hks_core_interfaces.c
View File

@ -209,6 +209,9 @@ struct HuksHdi *HuksCreateHdiDevicePtr(void)
#endif /* _CUT_AUTHENTICATE_ */
hdiDevicePtr->HuksHdiGenerateRandom = HksCoreGenerateRandom;
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
hdiDevicePtr->HuksHdiExportChipsetPlatformPublicKey = HksCoreExportChipsetPlatformPublicKey;
#endif
return hdiDevicePtr;
}

52
services/huks_standard/huks_engine/main/core/src/hks_core_service.c
View File

@ -29,6 +29,7 @@
#include "hks_auth.h"
#include "hks_base_check.h"
#include "hks_check_paramset.h"
#include "hks_chipset_platform_decrypt.h"
#include "hks_client_service_adapter_common.h"
#include "hks_cmd_id.h"
#include "hks_common_check.h"
@ -36,7 +37,6 @@
#include "hks_crypto_adapter.h"
#include "hks_crypto_hal.h"
#include "hks_get_mainkey.h"
#include "hks_keyblob.h"
#include "hks_log.h"
#include "hks_mem.h"
#include "hks_param.h"
@ -487,6 +487,22 @@ static int32_t Cipher(uint32_t cmdId, const struct HksBlob *key, const struct Hk
return ret;
}
static int32_t AddProcessIdentityInfoToParamSet(const struct HksParamSet *inParamSet, struct HksParamSet *paramSet)
{
uint32_t transferTagList[] = { HKS_TAG_ACCESS_TOKEN_ID, HKS_TAG_USER_ID, HKS_TAG_INNER_KEY_ALIAS,
HKS_TAG_PROCESS_NAME };
int32_t ret;
for (uint32_t i = 0; i < HKS_ARRAY_SIZE(transferTagList); ++i) {
struct HksParam *tmpParam = NULL;
ret = HksGetParam(inParamSet, transferTagList[i], &tmpParam);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get param %" LOG_PUBLIC "u failed.", i)
ret = HksAddParams(paramSet, tmpParam, 1);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "add param %" LOG_PUBLIC "u failed.", i)
}
return ret;
}
static int32_t AddAgreeKeyParamSetFromUnwrapSuite(uint32_t suite, const struct HksParamSet *inParamSet,
struct HksParamSet *paramSet)
{
@ -515,25 +531,7 @@ static int32_t AddAgreeKeyParamSetFromUnwrapSuite(uint32_t suite, const struct H
int32_t ret = HksAddParams(paramSet, agreeParams, sizeof(agreeParams) / sizeof(struct HksParam));
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "unwrap suite add params failed.")
struct HksParam *accessTokenIdParam = NULL;
ret = HksGetParam(inParamSet, HKS_TAG_ACCESS_TOKEN_ID, &accessTokenIdParam);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get param access token id failed.")
ret = HksAddParams(paramSet, accessTokenIdParam, 1);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "add param access token id failed.")
struct HksParam *userIdParam = NULL;
ret = HksGetParam(inParamSet, HKS_TAG_USER_ID, &userIdParam);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get param user id failed.")
ret = HksAddParams(paramSet, userIdParam, 1);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "add param user id failed.")
struct HksParam *keyAliasParam = NULL;
ret = HksGetParam(inParamSet, HKS_TAG_INNER_KEY_ALIAS, &keyAliasParam);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get param key alias failed.")
return HksAddParams(paramSet, keyAliasParam, 1);
return AddProcessIdentityInfoToParamSet(inParamSet, paramSet);
}
static int32_t GenAgreeKeyParamSetFromUnwrapSuite(uint32_t suite, const struct HksParamSet *inParamSet,
@ -1659,3 +1657,17 @@ int32_t HksCoreGenerateRandom(const struct HksParamSet *paramSet, struct HksBlob
(void)paramSet;
return HksCryptoHalFillRandom(random);
}
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
int32_t HksCoreChipsetPlatformDecrypt(const struct HksParamSet *paramSet,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *plainText)
{
return HuksCoreChipsetPlatformDecrypt(paramSet, scene, plainText);
}
int32_t HksCoreExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey)
{
return HuksCoreExportChipsetPlatformPublicKey(salt, scene, publicKey);
}
#endif

41
services/huks_standard/huks_engine/main/core/src/hks_secure_access.c
View File

@ -865,8 +865,8 @@ int32_t HksCoreAppendAuthInfoBeforeUpdate(struct HuksKeyNode *keyNode, uint32_t
struct HksParam *isAppendedData = NULL;
struct HksAppendDataInnerParams innerParams = {
.keyNode = keyNode,
.inData = inData,
.inParamSet = inParamSet
.inParamSet = inParamSet,
.inData = inData
};
int32_t ret = CheckIfNeedAppendUpdateData(&innerParams, &isNeedAppend, &authResult, appendedData, &isAppendedData);
@ -912,8 +912,8 @@ int32_t HksCoreAppendAuthInfoAfterFinish(struct HuksKeyNode *keyNode, uint32_t p
const struct HksBlob *inDataConst = (const struct HksBlob *)inOutData;
struct HksAppendDataInnerParams innerParams = {
.keyNode = keyNode,
.inData = inDataConst,
.inParamSet = inParamSet
.inParamSet = inParamSet,
.inData = inDataConst
};
int32_t ret = CheckIfNeedAppendFinishData(&innerParams, &isNeedAppend, &authResult, inOutDataOriginSize);
@ -976,6 +976,7 @@ int32_t HksCoreAppendAuthInfoAfterFinish(struct HuksKeyNode *keyNode, uint32_t p
}
#endif
#ifndef _STORAGE_LITE_
#ifdef HKS_SUPPORT_ACCESS_TOKEN
static int32_t HksCheckCompareAccessTokenId(const struct HksParamSet *blobParamSet,
const struct HksParamSet *runtimeParamSet)
@ -1033,9 +1034,32 @@ static int32_t HksCheckCompareKeyAlias(const struct HksParamSet *blobParamSet,
return HKS_ERROR_BAD_STATE;
}
static int32_t HksCheckCompareProcessName(const struct HksParamSet *blobParamSet,
const struct HksParamSet *runtimeParamSet)
{
struct HksParam *blobProcessName = NULL;
int32_t ret = HksGetParam(blobParamSet, HKS_TAG_PROCESS_NAME, &blobProcessName);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "no process name in keyblob")
struct HksParam *runtimeProcessName = NULL;
ret = HksGetParam(runtimeParamSet, HKS_TAG_PROCESS_NAME, &runtimeProcessName);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get process name form runtime paramSet failed")
if (blobProcessName->blob.size == runtimeProcessName->blob.size &&
HksMemCmp(blobProcessName->blob.data, runtimeProcessName->blob.data,
blobProcessName->blob.size) == HKS_SUCCESS) {
return HKS_SUCCESS;
}
return HKS_ERROR_BAD_STATE;
}
#endif /** _STORAGE_LITE_ */
int32_t HksProcessIdentityVerify(const struct HksParamSet *blobParamSet, const struct HksParamSet *runtimeParamSet)
{
int32_t ret = HksCheckCompareAccessTokenId(blobParamSet, runtimeParamSet);
int32_t ret = HKS_SUCCESS;
#ifndef _STORAGE_LITE_
ret = HksCheckCompareAccessTokenId(blobParamSet, runtimeParamSet);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "access token compare failed")
ret = HksCheckCompareUserId(blobParamSet, runtimeParamSet);
@ -1044,5 +1068,12 @@ int32_t HksProcessIdentityVerify(const struct HksParamSet *blobParamSet, const s
ret = HksCheckCompareKeyAlias(blobParamSet, runtimeParamSet);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "key alias compare failed")
ret = HksCheckCompareProcessName(blobParamSet, runtimeParamSet);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "process name compare failed")
#else
(void)blobParamSet;
(void)runtimeParamSet;
#endif
return ret;
}

12
services/huks_standard/huks_engine/main/core_dependency/BUILD.gn
View File

@ -31,8 +31,16 @@ ohos_static_library("libhuks_core_hal_api_static") {
configs = [
"//base/security/huks/frameworks/config/build:l2_standard_common_config",
]
sources = [ "src/hks_core_hal_api.c" ]
sources = [
"src/hks_chipset_platform_key_hardcoded.c",
"src/hks_core_hal_api.c",
]
deps = [ "//base/security/huks/frameworks/huks_standard/main/common:libhuks_common_standard_static" ]
include_dirs = [
"include",
"//base/security/huks/services/huks_standard/huks_engine/main/core/include",
"//base/security/huks/frameworks/huks_standard/main/common/include",
]
complete_static_lib = true
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]

36
services/huks_standard/huks_engine/main/core_dependency/include/hks_chipset_platform_key.h Normal file
View File

@ -0,0 +1,36 @@
/*
* Copyright (c) 2023-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef HKS_CHIPSET_PLATFORM_KEY_H
#define HKS_CHIPSET_PLATFORM_KEY_H
#include <stddef.h>
#include <stdint.h>
#include "hks_type.h"
#ifdef __cplusplus
extern "C" {
#endif
int32_t HksChipsetPlatformDeriveKeyAndEcdh(const struct HksBlob *tmpPk, const struct HksBlob *salt,
struct HksBlob *sharedKey);
int32_t HksChipsetPlatformDerivePubKey(const struct HksBlob *salt, struct HksBlob *pubKey);
#ifdef __cplusplus
}
#endif
#endif /* HKS_CHIPSET_PLATFORM_KEY_H */

147
services/huks_standard/huks_engine/main/core_dependency/src/hks_chipset_platform_key_hardcoded.c Normal file
View File

@ -0,0 +1,147 @@
/*
* Copyright (c) 2023-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "hks_chipset_platform_key.h"
#include "hks_chipset_platform_decrypt.h"
#include "hks_crypto_hal.h"
#include "hks_log.h"
#include "hks_mem.h"
#include "hks_template.h"
#include "securec.h"
static const uint8_t PLATFORM_KEY_PLATFORM_PRI_KEY[PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE] = {
0xF1, 0xDB, 0x27, 0xE9, 0xD8, 0x3A, 0xB6, 0x3F, 0xD6, 0x65, 0x1B, 0x2E, 0xC6, 0x2F, 0x67, 0x60,
0xE7, 0x90, 0x67, 0x47, 0x8A, 0xA3, 0x03, 0x06, 0x1F, 0x5F, 0xC9, 0x32, 0x4B, 0xA4, 0x9A, 0x50,
};
static const uint8_t PLATFORM_KEY_PLATFORM_PUB_KEY[PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE] = {
0x28, 0x22, 0xFE, 0xDC, 0xCF, 0x23, 0x14, 0x19, 0x16, 0xA6, 0xBE, 0x98, 0x1D, 0x7A, 0x11, 0x19,
0x25, 0xAA, 0xBC, 0xCF, 0x01, 0x97, 0x93, 0x33, 0xB5, 0x86, 0x6C, 0xB7, 0xE6, 0x09, 0x9A, 0x93,
0xB9, 0x46, 0xD5, 0xBB, 0x6B, 0x8E, 0x03, 0x53, 0xC0, 0xA6, 0x2D, 0x99, 0x3D, 0x5A, 0x10, 0xCF,
0x8D, 0x8A, 0xEC, 0x9C, 0x39, 0xFE, 0xD5, 0x84, 0x37, 0xE7, 0x44, 0x0C, 0xF4, 0xFC, 0xAD, 0xB2,
};
enum {
FULL_PLATFORM_PUBLIC_KEY_SIZE = sizeof(struct KeyMaterialEcc) + PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE,
FULL_PLATFORM_PRIVATE_KEY_SIZE = FULL_PLATFORM_PUBLIC_KEY_SIZE + PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE,
};
// Notice: you MUST call HKS_FREE_BLOB after using fullHksPubKey
static int32_t MallocAndFillFullHksPublicKey(const struct HksBlob *rawPubKey, struct HksBlob *fullHksPubKey)
{
struct KeyMaterialEcc publicKeyMaterial = {
.keyAlg = HKS_ALG_ECC,
.keySize = PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE * HKS_BITS_PER_BYTE,
.xSize = PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE,
.ySize = PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE,
.zSize = 0,
};
fullHksPubKey->data = (uint8_t *)HksMalloc(FULL_PLATFORM_PUBLIC_KEY_SIZE);
HKS_IF_NULL_LOGE_RETURN(fullHksPubKey->data, HKS_ERROR_MALLOC_FAIL, "malloc full hks public key failed")
fullHksPubKey->size = FULL_PLATFORM_PUBLIC_KEY_SIZE;
int32_t ret;
do {
ret = memcpy_s(fullHksPubKey->data, fullHksPubKey->size,
&publicKeyMaterial, sizeof(publicKeyMaterial));
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy public key material failed")
ret = memcpy_s(fullHksPubKey->data + sizeof(publicKeyMaterial),
fullHksPubKey->size - sizeof(publicKeyMaterial),
rawPubKey->data, rawPubKey->size);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy raw public key failed")
return HKS_SUCCESS;
} while (false);
(void)memset_s(fullHksPubKey->data, FULL_PLATFORM_PUBLIC_KEY_SIZE, 0, FULL_PLATFORM_PUBLIC_KEY_SIZE);
HKS_FREE_BLOB(*fullHksPubKey);
return HKS_ERROR_INTERNAL_ERROR;
}
/**
* malloc a new blob and fill with full platform private key
* Notice: you MUST free the blob data after using
*/
static int32_t MallocFullPlatformPrivateKey(struct HksBlob *privateKey)
{
struct KeyMaterialEcc privateKeyMaterial = {
.keyAlg = HKS_ALG_ECC,
.keySize = PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE * HKS_BITS_PER_BYTE,
.xSize = PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE,
.ySize = PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE,
.zSize = PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE,
};
privateKey->data = (uint8_t *)HksMalloc(FULL_PLATFORM_PRIVATE_KEY_SIZE);
HKS_IF_NULL_LOGE_RETURN(privateKey->data, HKS_ERROR_MALLOC_FAIL, "malloc private key failed")
privateKey->size = FULL_PLATFORM_PRIVATE_KEY_SIZE;
do {
int32_t ret = memcpy_s(privateKey->data, privateKey->size, &privateKeyMaterial, sizeof(privateKeyMaterial));
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy private key material failed")
ret = memcpy_s(privateKey->data + sizeof(privateKeyMaterial), privateKey->size - sizeof(privateKeyMaterial),
PLATFORM_KEY_PLATFORM_PUB_KEY, PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy public key failed")
ret = memcpy_s(privateKey->data + sizeof(privateKeyMaterial) + PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE,
privateKey->size - sizeof(privateKeyMaterial) - PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE,
PLATFORM_KEY_PLATFORM_PRI_KEY, PLATFORM_KEY_PLATFORM_PRI_KEY_SIZE);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy private key failed")
return HKS_SUCCESS;
} while (false);
(void)(memset_s(privateKey->data, FULL_PLATFORM_PRIVATE_KEY_SIZE, 0, FULL_PLATFORM_PRIVATE_KEY_SIZE));
HKS_FREE_BLOB(*privateKey);
return HKS_ERROR_INTERNAL_ERROR;
}
int32_t HksChipsetPlatformDeriveKeyAndEcdh(const struct HksBlob *tmpPk, const struct HksBlob *salt,
struct HksBlob *sharedKey)
{
// salt is ignored in the hardcoded key implementation,
// and it SHOULD be used in true hardware based implementations.
(void)(salt);
struct HksKeySpec ecdhSpec = {
.algType = HKS_ALG_ECDH,
.keyLen = HKS_ECC_KEY_SIZE_256,
.algParam = NULL,
};
struct HksBlob platformPrivateKey = { .size = 0, .data = NULL };
struct HksBlob peerHksPubKey = { .size = 0, .data = NULL };
int32_t ret = MallocFullPlatformPrivateKey(&platformPrivateKey);
HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "malloc full platform private key failed")
do {
ret = MallocAndFillFullHksPublicKey(tmpPk, &peerHksPubKey);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "malloc or fill full hks pub key failed");
HKS_LOG_I("DoGenEcdhSharedKey hal start");
ret = HksCryptoHalAgreeKey(&platformPrivateKey, &peerHksPubKey, &ecdhSpec, sharedKey);
HKS_LOG_I("DoGenEcdhSharedKey hal end");
} while (false);
(void)(memset_s(peerHksPubKey.data, peerHksPubKey.size, 0, peerHksPubKey.size));
(void)(memset_s(platformPrivateKey.data, platformPrivateKey.size, 0, platformPrivateKey.size));
HKS_FREE_BLOB(peerHksPubKey);
HKS_FREE_BLOB(platformPrivateKey);
return ret;
}
int32_t HksChipsetPlatformDerivePubKey(const struct HksBlob *salt, struct HksBlob *pubKey)
{
// salt is ignored in the hardcoded key implementation,
// and it SHOULD be used in true hardware based implementations.
(void)(salt);
if (CheckBlob(pubKey) != HKS_SUCCESS || pubKey->size != PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE) {
HKS_LOG_E("invalid out param pub key");
return HKS_ERROR_INVALID_ARGUMENT;
}
(void)memcpy_s(pubKey->data, PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE,
PLATFORM_KEY_PLATFORM_PUB_KEY, PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE);
return HKS_SUCCESS;
}

2
services/huks_standard/huks_engine/main/core_dependency/src/hks_core_hal_api.c
View File

@ -29,7 +29,7 @@ int32_t HksCoreHalElapsedRealTime(uint64_t *timestampMs)
return ret;
}
if ((curTime.tv_sec >= ((UINT64_MAX - S_TO_MS) / S_TO_MS)) || (curTime.tv_nsec / MS_TO_NS >= S_TO_MS)) {
if ((curTime.tv_sec >= (time_t)((UINT64_MAX - S_TO_MS) / S_TO_MS)) || (curTime.tv_nsec / MS_TO_NS >= S_TO_MS)) {
return -1;
}

3
services/huks_standard/huks_service/main/core/include/hks_client_service.h
View File

@ -95,6 +95,9 @@ int32_t HksServiceAbort(const struct HksBlob *handle, const struct HksProcessInf
void HksServiceDeleteProcessInfo(const struct HksProcessInfo *processInfo);
int32_t HksServiceExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey);
#ifdef __cplusplus
}
#endif

3
services/huks_standard/huks_service/main/core/include/huks_access.h
View File

@ -92,6 +92,9 @@ int32_t HuksAccessMac(const struct HksBlob *key, const struct HksParamSet *param
int32_t HuksAccessUpgradeKey(const struct HksBlob *oldKey, const struct HksParamSet *paramSet, struct HksBlob *newKey);
int32_t HuksAccessExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey);
#ifdef __cplusplus
}
#endif

8
services/huks_standard/huks_service/main/core/src/hks_client_service.c
View File

@ -1464,3 +1464,11 @@ int32_t HksServiceGenerateRandom(const struct HksProcessInfo *processInfo, struc
return ret;
}
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
int32_t HksServiceExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey)
{
return HuksAccessExportChipsetPlatformPublicKey(salt, scene, publicKey);
}
#endif

32
services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_ipc_service.c
View File

@ -824,3 +824,35 @@ void HksIpcErrorResponse(const uint8_t *context)
{
HksSendResponse(context, HKS_ERROR_IPC_MSG_FAIL, NULL);
}
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
void HksIpcServiceExportChipsetPlatformPublicKey(
const struct HksBlob *paramSetBlob, struct HksBlob *publicKey, const uint8_t *context)
{
int32_t ret;
struct HksParamSet *paramSet = NULL;
struct HksBlob salt = { 0, NULL };
enum HksChipsetPlatformDecryptScene scene = 0;
do {
ret = HksGetParamSet((struct HksParamSet *)paramSetBlob->data, paramSetBlob->size, &paramSet);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGetParamSet fail, ret = %" LOG_PUBLIC "d", ret)
struct HksParamOut params[] = {
{ .tag = HKS_TAG_PARAM0_BUFFER, .blob = &salt },
{ .tag = HKS_TAG_PARAM1_UINT32, .uint32Param = &scene },
};
ret = HksParamSetToParams(paramSet, params, HKS_ARRAY_SIZE(params));
HKS_IF_NOT_SUCC_BREAK(ret)
HKS_LOG_I("scene = %" LOG_PUBLIC "d", scene);
ret = HksServiceExportChipsetPlatformPublicKey(&salt, scene, publicKey);
HKS_IF_NOT_SUCC_LOGE_BREAK(ret,
"HksServiceExportChipsetPlatformPublicKey fail, ret = %" LOG_PUBLIC "d", ret)
} while (0);
HksSendResponse(context, ret, publicKey);
HksFreeParamSet(&paramSet);
}
#endif

3
services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_ipc_service.h
View File

@ -64,6 +64,9 @@ void HksIpcServiceFinish(const struct HksBlob *paramSetBlob, struct HksBlob *out
void HksIpcServiceAbort(const struct HksBlob *paramSetBlob, struct HksBlob *outData, const uint8_t *context);
void HksIpcServiceExportChipsetPlatformPublicKey(
const struct HksBlob *paramSetBlob, struct HksBlob *outData, const uint8_t *context);
#ifdef __cplusplus
}
#endif

8
services/huks_standard/huks_service/main/os_dependency/idl/passthrough/huks_access.c
View File

@ -308,3 +308,11 @@ ENABLE_CFI(int32_t HuksAccessGenerateRandom(const struct HksParamSet *paramSet,
return g_hksHalDevicePtr->HuksHdiGenerateRandom(paramSet, random);
}
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
ENABLE_CFI(int32_t HuksAccessExportChipsetPlatformPublicKey(const struct HksBlob *salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey))
{
return g_hksHalDevicePtr->HuksHdiExportChipsetPlatformPublicKey(salt, scene, publicKey);
}
#endif

3
services/huks_standard/huks_service/main/os_dependency/sa/hks_message_handler.h
View File

@ -45,6 +45,9 @@ const struct HksIpcEntryPoint g_hksIpcMessageHandler[] = {
{ HKS_MSG_MAC, HksIpcServiceMac },
{ HKS_MSG_GET_KEY_INFO_LIST, HksIpcServiceGetKeyInfoList },
{ HKS_MSG_ATTEST_KEY, HksIpcServiceAttestKey },
#ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
{ HKS_MSG_CHIPSET_PLATFORM_DECRYPT, HksIpcServiceExportChipsetPlatformPublicKey },
#endif
};
typedef void (*HksIpcThreeStageHandlerFuncProc)(const struct HksBlob *msg, struct HksBlob *outData,

6
test/unittest/huks_standard_test/module_test/interface_test/include/hks_api_test.h
View File

@ -22,6 +22,12 @@ int HksAPITest002(void);
int HksAPITest003(void);
int HksAPITest004(void);
int HksAPITest005(void);
int HksAPITest00501(void);
int HksAPITest00502(void);
int HksAPITest00503(void);
int HksAPITest00504(void);
int HksAPITest00505(void);
int HksAPITest00506(void);
int HksAPITest006(void);
int HksAPITest007(void);
int HksAPITest008(void);

130
test/unittest/huks_standard_test/module_test/interface_test/src/hks_api_test.cpp
View File

@ -29,6 +29,7 @@
using namespace testing::ext;
namespace Unittest::HksAPITest {
constexpr uint32_t DEFAULT_CERT_COUNT = 4;
class HksAPITest : public testing::Test {
public:
static void SetUpTestCase(void);
@ -110,16 +111,141 @@ HWTEST_F(HksAPITest, HksAPITest004, TestSize.Level0)
/**
* @tc.name: HksAPITest.HksAPITest005
* @tc.desc: tdd HksValidateCertChain with nullptr input, expecting HKS_ERROR_NULL_POINTER
* @tc.desc: tdd HksValidateCertChain with certChain nullptr input, expecting HKS_ERROR_NULL_POINTER
* @tc.type: FUNC
*/
HWTEST_F(HksAPITest, HksAPITest005, TestSize.Level0)
{
HKS_LOG_I("enter HksAPITest005");
int32_t ret = HksValidateCertChain(nullptr, nullptr);
struct HksParamSet paramSetOut = { 0, 0 };
int32_t ret = HksValidateCertChain(nullptr, &paramSetOut);
EXPECT_EQ(ret, HKS_ERROR_NULL_POINTER) << "HksValidateCertChain failed, ret = " << ret;
}
/**
* @tc.name: HksAPITest.HksAPITest00501
* @tc.desc: tdd HksValidateCertChain with paramSetOut nullptr input, expecting HKS_ERROR_NULL_POINTER
* @tc.type: FUNC
*/
HWTEST_F(HksAPITest, HksAPITest00501, TestSize.Level0)
{
HKS_LOG_I("enter HksAPITest00501");
struct HksCertChain certChain = { nullptr, 0 };
int32_t ret = HksValidateCertChain(&certChain, nullptr);
EXPECT_EQ(ret, HKS_ERROR_NULL_POINTER) << "HksValidateCertChain failed, ret = " << ret;
}
/**
* @tc.name: HksAPITest.HksAPITest00502
* @tc.desc: tdd HksValidateCertChain with certChain->certs nullptr input, expecting HKS_ERROR_INVALID_ARGUMENT
* @tc.type: FUNC
*/
HWTEST_F(HksAPITest, HksAPITest00502, TestSize.Level0)
{
HKS_LOG_I("enter HksAPITest00502");
struct HksParamSet *paramSetOut = nullptr;
ASSERT_EQ(HksInitParamSet(&paramSetOut), HKS_SUCCESS);
struct HksCertChain certChain = { nullptr, DEFAULT_CERT_COUNT };
int32_t ret = HksValidateCertChain(&certChain, paramSetOut);
EXPECT_EQ(ret, HKS_ERROR_INVALID_ARGUMENT) << "HksValidateCertChain failed, ret = " << ret;
HksFreeParamSet(&paramSetOut);
}
/**
* @tc.name: HksAPITest.HksAPITest00503
* @tc.desc: tdd HksValidateCertChain with certChain->certsCount not 4, expecting HKS_ERROR_INVALID_ARGUMENT
* @tc.type: FUNC
*/
HWTEST_F(HksAPITest, HksAPITest00503, TestSize.Level0)
{
HKS_LOG_I("enter HksAPITest00503");
struct HksParamSet *paramSetOut = nullptr;
ASSERT_EQ(HksInitParamSet(&paramSetOut), HKS_SUCCESS);
uint8_t certData[] = { 0x30, 0x82 };
struct HksBlob cert[] = { { sizeof(certData), certData } };
struct HksCertChain certChain = { cert, sizeof(cert) / sizeof(cert[0]) }; /* certChain->certsCount not 4 */
int32_t ret = HksValidateCertChain(&certChain, paramSetOut);
EXPECT_EQ(ret, HKS_ERROR_INVALID_ARGUMENT) << "HksValidateCertChain failed, ret = " << ret;
HksFreeParamSet(&paramSetOut);
}
/**
* @tc.name: HksAPITest.HksAPITest00504
* @tc.desc: tdd HksValidateCertChain with certChain->certs[i] blob invalid, expecting HKS_ERROR_INVALID_ARGUMENT
* @tc.type: FUNC
*/
HWTEST_F(HksAPITest, HksAPITest00504, TestSize.Level0)
{
HKS_LOG_I("enter HksAPITest00504");
struct HksParamSet *paramSetOut = nullptr;
ASSERT_EQ(HksInitParamSet(&paramSetOut), HKS_SUCCESS);
struct HksBlob cert[] = { { 0, nullptr }, { 0, nullptr }, { 0, nullptr }, { 0, nullptr } };
struct HksCertChain certChain = { cert, sizeof(cert) / sizeof(cert[0]) };
int32_t ret = HksValidateCertChain(&certChain, paramSetOut);
EXPECT_EQ(ret, HKS_ERROR_INVALID_ARGUMENT) << "HksValidateCertChain failed, ret = " << ret;
HksFreeParamSet(&paramSetOut);
}
/**
* @tc.name: HksAPITest.HksAPITest00505
* @tc.desc: tdd HksValidateCertChain with paramSetOut size invalid, expecting HKS_ERROR_INVALID_ARGUMENT
* @tc.type: FUNC
*/
HWTEST_F(HksAPITest, HksAPITest00505, TestSize.Level0)
{
HKS_LOG_I("enter HksAPITest00505");
struct HksParamSet *paramSetOut = nullptr;
ASSERT_EQ(HksInitParamSet(&paramSetOut), HKS_SUCCESS);
paramSetOut->paramSetSize = sizeof(struct HksParamSet) - 1; /* paramSetOut size invalid */
uint8_t certData1[] = { 0x30, 0x82 };
uint8_t certData2[] = { 0x30, 0x82 };
uint8_t certData3[] = { 0x30, 0x82 };
uint8_t certData4[] = { 0x30, 0x82 };
struct HksBlob cert[] = {
{ sizeof(certData1), certData1 },
{ sizeof(certData2), certData2 },
{ sizeof(certData3), certData3 },
{ sizeof(certData4), certData4 }
};
struct HksCertChain certChain = { cert, sizeof(cert) / sizeof(cert[0]) };
int32_t ret = HksValidateCertChain(&certChain, paramSetOut);
EXPECT_EQ(ret, HKS_ERROR_INVALID_ARGUMENT) << "HksValidateCertChain failed, ret = " << ret;
HksFreeParamSet(&paramSetOut);
}
/**
* @tc.name: HksAPITest.HksAPITest00506
* @tc.desc: tdd HksValidateCertChain with cert format not der or pem, expecting HKS_ERROR_VERIFICATION_FAILED
* @tc.type: FUNC
*/
HWTEST_F(HksAPITest, HksAPITest00506, TestSize.Level0)
{
HKS_LOG_I("enter HksAPITest00506");
struct HksParamSet *paramSetOut = nullptr;
ASSERT_EQ(HksInitParamSet(&paramSetOut), HKS_SUCCESS);
uint8_t certData1[] = { 0x20, 0x82 };
uint8_t certData2[] = { 0x20, 0x82 };
uint8_t certData3[] = { 0x20, 0x82 };
uint8_t certData4[] = { 0x20, 0x82 };
struct HksBlob cert[] = {
{ sizeof(certData1), certData1 },
{ sizeof(certData2), certData2 },
{ sizeof(certData3), certData3 },
{ sizeof(certData4), certData4 }
};
struct HksCertChain certChain = { cert, sizeof(cert) / sizeof(cert[0]) };
int32_t ret = HksValidateCertChain(&certChain, paramSetOut);
EXPECT_EQ(ret, HKS_ERROR_VERIFICATION_FAILED) << "HksValidateCertChain failed, ret = " << ret;
HksFreeParamSet(&paramSetOut);
}
/**
* @tc.name: HksAPITest.HksAPITest006
* @tc.desc: tdd HcmIsDeviceKeyExist with nullptr input, expecting HKS_SUCCESS

1
test/unittest/huks_standard_test/module_test/service_test/huks_engine/core/include/hks_core_service_test.h
View File

@ -34,5 +34,6 @@ int HksCoreServiceTest014(void);
int HksCoreServiceTest015(void);
int HksCoreServiceTest016(void);
int HksCoreServiceTest017(void);
int HksCoreServiceTest018(void);
}
#endif

4
test/unittest/huks_standard_test/module_test/service_test/huks_engine/core/include/hks_secure_access_test.h
View File

@ -26,5 +26,9 @@ int HksSecureAccessTest005(void);
int HksSecureAccessTest006(void);
int HksSecureAccessTest007(void);
int HksSecureAccessTest008(void);
int HksSecureAccessTest009(void);
int HksSecureAccessTest010(void);
int HksSecureAccessTest011(void);
int HksSecureAccessTest012(void);
}
#endif

40
test/unittest/huks_standard_test/module_test/service_test/huks_engine/core/src/hks_core_service_test.cpp
View File

@ -399,7 +399,7 @@ HWTEST_F(HksCoreServiceTest, HksCoreServiceTest015, TestSize.Level0)
{.tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_X25519},
{.tag = HKS_TAG_ALGORITHM, .uint32Param = 0},
};
for (uint32_t i = 0; i < sizeof(algParams) / sizeof(algParams[0]); ++i) {
for (int32_t i = 0; i < static_cast<int32_t>(sizeof(algParams) / sizeof(algParams[0])); ++i) {
struct HksParamSet *runtimeParamSet = nullptr;
int32_t ret = BuildParamSetWithParam(&runtimeParamSet, &algParams[i]);
ASSERT_EQ(ret, HKS_SUCCESS);
@ -422,10 +422,11 @@ HWTEST_F(HksCoreServiceTest, HksCoreServiceTest016, TestSize.Level0)
const struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
struct HksProcessInfo processInfo = { g_userId, g_processName, USER_ID_INT, 0 };
int32_t ret = TestGenerateKey(&keyAlias, &processInfo);
ASSERT_EQ(ret, HKS_SUCCESS);
ASSERT_EQ(ret, HKS_SUCCESS) << "HksCoreServiceTest016 ret is " << ret;
struct HksBlob keyBlob = { .size = KEY_BLOB_DEFAULT_SIZE, .data = (uint8_t *)HksMalloc(KEY_BLOB_DEFAULT_SIZE) };
ASSERT_NE(keyBlob.data, nullptr);
ret = HksStoreGetKeyBlob(&processInfo, &keyAlias, HKS_STORAGE_TYPE_KEY, &keyBlob);
ASSERT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
struct HksParam userIdRuntime = { .tag = HKS_TAG_USER_ID, .uint32Param = 1 };
@ -458,6 +459,7 @@ HWTEST_F(HksCoreServiceTest, HksCoreServiceTest017, TestSize.Level0)
struct HksBlob keyBlob = { .size = KEY_BLOB_DEFAULT_SIZE, .data = (uint8_t *)HksMalloc(KEY_BLOB_DEFAULT_SIZE) };
ASSERT_NE(keyBlob.data, nullptr);
ret = HksStoreGetKeyBlob(&processInfo, &keyAlias, HKS_STORAGE_TYPE_KEY, &keyBlob);
ASSERT_EQ(ret, HKS_SUCCESS) << "HksCoreServiceTest017 ret is " << ret;
struct HksParamSet *runtimeParamSet = nullptr;
struct HksBlob wrongKeyAlias = { .size = strlen("0"), .data = (uint8_t *)"0"};
@ -474,4 +476,38 @@ HWTEST_F(HksCoreServiceTest, HksCoreServiceTest017, TestSize.Level0)
HksFree(keyOutBlob.data);
HksFreeParamSet(&runtimeParamSet);
}
/**
* @tc.name: HksCoreServiceTest.HksCoreServiceTest018
* @tc.desc: tdd HksCoreExportPublicKey with key alias, expect HKS_ERROR_BAD_STATE
* @tc.type: FUNC
*/
HWTEST_F(HksCoreServiceTest, HksCoreServiceTest018, TestSize.Level0)
{
HKS_LOG_I("enter HksCoreServiceTest018");
const char *alias = "HksCoreServiceTest018";
const struct HksBlob keyAlias = { strlen(alias), (uint8_t *)alias };
struct HksProcessInfo processInfo = { g_userId, g_processName, USER_ID_INT, 0 };
int32_t ret = TestGenerateKey(&keyAlias, &processInfo);
ASSERT_EQ(ret, HKS_SUCCESS);
struct HksBlob keyBlob = { .size = KEY_BLOB_DEFAULT_SIZE, .data = (uint8_t *)HksMalloc(KEY_BLOB_DEFAULT_SIZE) };
ASSERT_NE(keyBlob.data, nullptr);
ret = HksStoreGetKeyBlob(&processInfo, &keyAlias, HKS_STORAGE_TYPE_KEY, &keyBlob);
ASSERT_EQ(ret, HKS_SUCCESS) << "HksCoreServiceTest018 ret is " << ret;
struct HksParamSet *runtimeParamSet = nullptr;
struct HksBlob wrongProcessName = { .size = strlen("011"), .data = (uint8_t *)"011"};
struct HksParam processNameRuntime = { .tag = HKS_TAG_PROCESS_NAME, .blob = wrongProcessName};
ret = BuildParamSetWithParam(&runtimeParamSet, &processNameRuntime);
ASSERT_EQ(ret, HKS_SUCCESS);
struct HksBlob keyOutBlob = { .size = KEY_BLOB_DEFAULT_SIZE, .data = (uint8_t *)HksMalloc(KEY_BLOB_DEFAULT_SIZE) };
ret = HksCoreExportPublicKey(&keyBlob, runtimeParamSet, &keyOutBlob);
ASSERT_EQ(ret, HKS_ERROR_BAD_STATE);
HksFree(keyBlob.data);
(void)HksServiceDeleteKey(&processInfo, &keyAlias);
HksFree(keyOutBlob.data);
HksFreeParamSet(&runtimeParamSet);
}
}

134
test/unittest/huks_standard_test/module_test/service_test/huks_engine/core/src/hks_secure_access_test.cpp
View File

@ -25,6 +25,8 @@
#include "hks_secure_access.h"
#include "base/security/huks/services/huks_standard/huks_engine/main/core/src/hks_secure_access.c"
using namespace testing::ext;
namespace Unittest::HksSecureAccessTest {
class HksSecureAccessTest : public testing::Test {
@ -54,7 +56,8 @@ void HksSecureAccessTest::TearDown()
{
}
static int32_t BuildParamSetWithParam(struct HksParamSet **paramSet, struct HksParam *param)
static int32_t BuildParamSetWithParam(struct HksParamSet **paramSet, const struct HksParam *params, uint32_t paramCnt,
bool isWithMandataryParams)
{
int32_t ret = HksInitParamSet(paramSet);
if (ret != HKS_SUCCESS) {
@ -62,8 +65,23 @@ static int32_t BuildParamSetWithParam(struct HksParamSet **paramSet, struct HksP
return ret;
}
if (param != nullptr) {
ret = HksAddParams(*paramSet, param, 1);
if (isWithMandataryParams) {
struct HksParam processNameBlob = {
.tag = HKS_TAG_PROCESS_NAME,
.blob = {
.size = strlen("0"),
.data = (uint8_t *)"0"
}
};
ret = HksAddParams(*paramSet, &processNameBlob, 1);
if (ret != HKS_SUCCESS) {
HKS_LOG_E("HksAddParams failed");
return ret;
}
}
if (params != nullptr) {
ret = HksAddParams(*paramSet, params, paramCnt);
if (ret != HKS_SUCCESS) {
HKS_LOG_E("HksAddParams failed");
return ret;
@ -84,13 +102,13 @@ HWTEST_F(HksSecureAccessTest, HksSecureAccessTest001, TestSize.Level0)
struct HksParamSet *blobParamSet = nullptr;
struct HksParam accessTokenIdBlob = { .tag = HKS_TAG_ACCESS_TOKEN_ID, .uint64Param = 0 };
int32_t ret = BuildParamSetWithParam(&blobParamSet, &accessTokenIdBlob);
int32_t ret = BuildParamSetWithParam(&blobParamSet, &accessTokenIdBlob, 1, true);
EXPECT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
struct HksParam accessTokenIdRuntime = { .tag = HKS_TAG_ACCESS_TOKEN_ID, .uint64Param = 0 };
ret = BuildParamSetWithParam(&runtimeParamSet, &accessTokenIdRuntime);
ret = BuildParamSetWithParam(&runtimeParamSet, &accessTokenIdRuntime, 1, true);
EXPECT_EQ(ret, HKS_SUCCESS);
ret = HksProcessIdentityVerify(blobParamSet, runtimeParamSet);
@ -110,12 +128,12 @@ HWTEST_F(HksSecureAccessTest, HksSecureAccessTest002, TestSize.Level0)
struct HksParamSet *blobParamSet = nullptr;
struct HksParam accessTokenIdBlob = { .tag = HKS_TAG_ACCESS_TOKEN_ID, .uint64Param = 1 };
int32_t ret = BuildParamSetWithParam(&blobParamSet, &accessTokenIdBlob);
int32_t ret = BuildParamSetWithParam(&blobParamSet, &accessTokenIdBlob, 1, true);
EXPECT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
struct HksParam accessTokenIdRuntime = { .tag = HKS_TAG_ACCESS_TOKEN_ID, .uint64Param = 0 };
ret = BuildParamSetWithParam(&runtimeParamSet, &accessTokenIdRuntime);
ret = BuildParamSetWithParam(&runtimeParamSet, &accessTokenIdRuntime, 1, true);
EXPECT_EQ(ret, HKS_SUCCESS);
ret = HksProcessIdentityVerify(blobParamSet, runtimeParamSet);
@ -134,13 +152,13 @@ HWTEST_F(HksSecureAccessTest, HksSecureAccessTest003, TestSize.Level0)
HKS_LOG_I("enter HksSecureAccessTest003");
struct HksParamSet *blobParamSet = nullptr;
int32_t ret = BuildParamSetWithParam(&blobParamSet, nullptr);
int32_t ret = BuildParamSetWithParam(&blobParamSet, nullptr, 0, true);
EXPECT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
struct HksParam accessTokenIdRuntime = { .tag = HKS_TAG_ACCESS_TOKEN_ID, .uint64Param = 0 };
ret = BuildParamSetWithParam(&runtimeParamSet, &accessTokenIdRuntime);
ret = BuildParamSetWithParam(&runtimeParamSet, &accessTokenIdRuntime, 1, true);
EXPECT_EQ(ret, HKS_SUCCESS);
ret = HksProcessIdentityVerify(blobParamSet, runtimeParamSet);
@ -160,12 +178,12 @@ HWTEST_F(HksSecureAccessTest, HksSecureAccessTest004, TestSize.Level0)
struct HksParamSet *blobParamSet = nullptr;
struct HksParam accessTokenIdBlob = { .tag = HKS_TAG_ACCESS_TOKEN_ID, .uint64Param = 1 };
int32_t ret = BuildParamSetWithParam(&blobParamSet, &accessTokenIdBlob);
int32_t ret = BuildParamSetWithParam(&blobParamSet, &accessTokenIdBlob, 1, true);
EXPECT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
ret = BuildParamSetWithParam(&runtimeParamSet, nullptr);
ret = BuildParamSetWithParam(&runtimeParamSet, nullptr, 0, true);
EXPECT_EQ(ret, HKS_SUCCESS);
ret = HksProcessIdentityVerify(blobParamSet, runtimeParamSet);
@ -208,13 +226,13 @@ HWTEST_F(HksSecureAccessTest, HksSecureAccessTest007, TestSize.Level0)
HKS_LOG_I("enter HksSecureAccessTest007");
struct HksParamSet *blobParamSet = nullptr;
int32_t ret = BuildParamSetWithParam(&blobParamSet, nullptr);
int32_t ret = BuildParamSetWithParam(&blobParamSet, nullptr, 0, true);
EXPECT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
struct HksBlob wrongKeyAlias = { .size = strlen("0"), .data = (uint8_t *)"0"};
struct HksParam keyAliasRuntime = { .tag = HKS_TAG_KEY_ALIAS, .blob = wrongKeyAlias};
ret = BuildParamSetWithParam(&runtimeParamSet, &keyAliasRuntime);
ret = BuildParamSetWithParam(&runtimeParamSet, &keyAliasRuntime, 1, true);
ASSERT_EQ(ret, HKS_SUCCESS);
ret = HksProcessIdentityVerify(blobParamSet, runtimeParamSet);
@ -233,12 +251,12 @@ HWTEST_F(HksSecureAccessTest, HksSecureAccessTest008, TestSize.Level0)
HKS_LOG_I("enter HksSecureAccessTest008");
struct HksParamSet *blobParamSet = nullptr;
int32_t ret = BuildParamSetWithParam(&blobParamSet, nullptr);
int32_t ret = BuildParamSetWithParam(&blobParamSet, nullptr, 0, true);
EXPECT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
struct HksParam userIdRuntime = { .tag = HKS_TAG_USER_ID, .uint32Param = 1 };
ret = BuildParamSetWithParam(&runtimeParamSet, &userIdRuntime);
ret = BuildParamSetWithParam(&runtimeParamSet, &userIdRuntime, 1, true);
ASSERT_EQ(ret, HKS_SUCCESS);
ret = HksProcessIdentityVerify(blobParamSet, runtimeParamSet);
@ -246,4 +264,90 @@ HWTEST_F(HksSecureAccessTest, HksSecureAccessTest008, TestSize.Level0)
HksFreeParamSet(&blobParamSet);
HksFreeParamSet(&runtimeParamSet);
}
/**
* @tc.name: HksSecureAccessTest.HksSecureAccessTest009
* @tc.desc: tdd HksCheckCompareProcessName, expect HKS_ERROR_BAD_STATE
* @tc.type: FUNC
*/
HWTEST_F(HksSecureAccessTest, HksSecureAccessTest009, TestSize.Level0)
{
HKS_LOG_I("enter HksSecureAccessTest009");
int32_t ret = HksCheckCompareProcessName(NULL, NULL);
ASSERT_EQ(ret, HKS_ERROR_BAD_STATE);
}
/**
* @tc.name: HksSecureAccessTest.HksSecureAccessTest010
* @tc.desc: tdd HksCheckCompareProcessName, expect HKS_ERROR_BAD_STATE
* @tc.type: FUNC
*/
HWTEST_F(HksSecureAccessTest, HksSecureAccessTest010, TestSize.Level0)
{
HKS_LOG_I("enter HksSecureAccessTest010");
struct HksParamSet *blobParamSet = nullptr;
struct HksBlob processName = { .size = strlen("011"), .data = (uint8_t *)"011"};
struct HksParam processNameBlob = { .tag = HKS_TAG_PROCESS_NAME, .blob = processName};
int32_t ret = BuildParamSetWithParam(&blobParamSet, &processNameBlob, 1, false);
ASSERT_EQ(ret, HKS_SUCCESS);
ret = HksCheckCompareProcessName(blobParamSet, NULL);
ASSERT_EQ(ret, HKS_ERROR_BAD_STATE);
HksFreeParamSet(&blobParamSet);
}
/**
* @tc.name: HksSecureAccessTest.HksSecureAccessTest011
* @tc.desc: tdd HksCheckCompareProcessName, expect HKS_ERROR_BAD_STATE
* @tc.type: FUNC
*/
HWTEST_F(HksSecureAccessTest, HksSecureAccessTest011, TestSize.Level0)
{
HKS_LOG_I("enter HksSecureAccessTest011");
struct HksParamSet *blobParamSet = nullptr;
struct HksBlob processName = { .size = strlen("011"), .data = (uint8_t *)"011"};
struct HksParam processNameBlob = { .tag = HKS_TAG_PROCESS_NAME, .blob = processName};
int32_t ret = BuildParamSetWithParam(&blobParamSet, &processNameBlob, 1, false);
ASSERT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
struct HksBlob processName2 = { .size = strlen("012"), .data = (uint8_t *)"012"};
struct HksParam processNameRuntime = { .tag = HKS_TAG_PROCESS_NAME, .blob = processName2};
ret = BuildParamSetWithParam(&runtimeParamSet, &processNameRuntime, 1, false);
ASSERT_EQ(ret, HKS_SUCCESS);
ret = HksCheckCompareProcessName(blobParamSet, runtimeParamSet);
ASSERT_EQ(ret, HKS_ERROR_BAD_STATE);
HksFreeParamSet(&blobParamSet);
HksFreeParamSet(&runtimeParamSet);
}
/**
* @tc.name: HksSecureAccessTest.HksSecureAccessTest012
* @tc.desc: tdd HksCheckCompareProcessName, expect HKS_ERROR_BAD_STATE
* @tc.type: FUNC
*/
HWTEST_F(HksSecureAccessTest, HksSecureAccessTest012, TestSize.Level0)
{
HKS_LOG_I("enter HksSecureAccessTest012");
struct HksParamSet *blobParamSet = nullptr;
struct HksBlob processName = { .size = strlen("011"), .data = (uint8_t *)"011"};
struct HksParam processNameBlob = { .tag = HKS_TAG_PROCESS_NAME, .blob = processName};
int32_t ret = BuildParamSetWithParam(&blobParamSet, &processNameBlob, 1, false);
ASSERT_EQ(ret, HKS_SUCCESS);
struct HksParamSet *runtimeParamSet = nullptr;
struct HksBlob processName2 = { .size = strlen("0121"), .data = (uint8_t *)"0121"};
struct HksParam processNameRuntime = { .tag = HKS_TAG_PROCESS_NAME, .blob = processName2};
ret = BuildParamSetWithParam(&runtimeParamSet, &processNameRuntime, 1, false);
ASSERT_EQ(ret, HKS_SUCCESS);
ret = HksCheckCompareProcessName(blobParamSet, runtimeParamSet);
ASSERT_EQ(ret, HKS_ERROR_BAD_STATE);
HksFreeParamSet(&blobParamSet);
HksFreeParamSet(&runtimeParamSet);
}
}

20
test/unittest/huks_standard_test/three_stage_test/BUILD.gn
View File

@ -78,7 +78,11 @@ ohos_unittest("huks_UT_test") {
"src/hks_import_rsa_test.cpp",
"src/hks_import_sign_verify_test.cpp",
]
sources += [
"src/hks_chipset_platform_decrypt_test.cpp",
"src/hks_chipset_platform_encrypt_test.cpp",
]
defines = []
if (use_crypto_lib == "openssl") {
@ -115,6 +119,8 @@ ohos_unittest("huks_UT_test") {
"//base/security/huks/interfaces/inner_api/huks_standard/main/include",
"//base/security/huks/frameworks/huks_standard/main/common/include/",
"//base/security/huks/test/unittest/src/common/include",
"//base/security/huks/utils/crypto_adapter",
"//base/security/huks/services/huks_standard/huks_service/main/core/include",
]
configs = [
"//base/security/huks/frameworks/config/build:l2_standard_common_config",
@ -127,6 +133,18 @@ ohos_unittest("huks_UT_test") {
"//base/security/huks/services/huks_standard/huks_engine/main/core:huks_engine_core_standard",
"//base/security/huks/services/huks_standard/huks_engine/main/core_dependency:libhuks_core_hal_api_static",
]
deps += [
"//base/security/huks/services/huks_standard/huks_service/main/core:libhuks_service_core_standard_static",
"//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl:libhuks_service_idl_standard_static",
"//base/security/huks/utils/crypto_adapter:libhuks_utils_client_service_adapter_static",
]
deps += [
# ld.lld: error: undefined symbol: HksRwlockClose
"//base/security/huks/services/huks_standard/huks_service/main/os_dependency:libhuks_service_os_dependency_standard_static",
# used by hks_chipset_platform_encrypt_test.cpp
"//third_party/json:nlohmann_json_static",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
}

76
test/unittest/huks_standard_test/three_stage_test/include/hks_chipset_platform_test.h Normal file
View File

@ -0,0 +1,76 @@
/*
* Copyright (c) 2023-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef HKS_CHIPSET_PLATFORM_TEST_H
#define HKS_CHIPSET_PLATFORM_TEST_H
#include <vector>
#include <cstdint>
#include <cstdio>
#include "hks_type.h"
#include "hks_param.h"
namespace {
struct HksChipsetPlatformTestCase {
std::vector<uint8_t> salt {};
std::vector<uint8_t> tmpPk {};
std::vector<uint8_t> hmacMsg {};
std::vector<uint8_t> iv {};
std::vector<uint8_t> aad {};
std::vector<uint8_t> mac {};
std::vector<uint8_t> cipher {};
std::vector<uint8_t> expectPlain {};
};
struct HksCipsetPlatformEncryptInput {
// the scene that the user will invoke decrypt on.
// currently only support ta2ta
enum HksChipsetPlatformDecryptScene scene;
// user info as derive salt, the salt will be used to derive a pair of platform keys.
// the salt length MUST be 16 bytes, and the last byte will be ignored.
// huks will fill the last byte according to different scene before deriving platform keys.
std::vector<uint8_t> salt;
// caller ta uuid.
std::vector<uint8_t> uuid;
// customInfo identifies the user's current business work.
// uuid and customInfo will be concatenating together during encrypting and decrypting.
std::vector<uint8_t> customInfo;
std::vector<uint8_t> plainText;
};
inline std::vector<HksParam> CipherMaterialsToDecryptInputParams(struct HksChipsetPlatformTestCase &t)
{
return {{ .tag = HKS_TAG_SALT, .blob = { .size = t.salt.size(), .data = t.salt.data() } },
{ .tag = HKS_TAG_PEER_PUBLIC_KEY, .blob = { .size = t.tmpPk.size(), .data = t.tmpPk.data() } },
{ .tag = HKS_TAG_INFO, .blob = { .size = t.hmacMsg.size(), .data = t.hmacMsg.data() } },
{ .tag = HKS_TAG_IV, .blob = { .size = t.iv.size(), .data = t.iv.data() } },
{ .tag = HKS_TAG_ASSOCIATED_DATA, .blob = { .size = t.aad.size(), .data = t.aad.data() } },
{ .tag = HKS_TAG_AE_TAG, .blob = { .size = t.mac.size(), .data = t.mac.data() } },
{ .tag = HKS_TAG_CIPHER_TEXT, .blob = { .size = t.cipher.size(), .data = t.cipher.data() } }};
}
struct WrapParamSet {
struct HksParamSet *s = nullptr;
~WrapParamSet()
{
if (s == nullptr) {
return;
}
HksFreeParamSet(&s);
}
};
} // anonymous namespace
#endif // HKS_CHIPSET_PLATFORM_TEST_H

870
test/unittest/huks_standard_test/three_stage_test/src/hks_chipset_platform_decrypt_test.cpp Normal file
View File

@ -0,0 +1,870 @@
/*
* Copyright (c) 2023-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <cstdint>
#include <gtest/gtest.h>
#include <memory>
#include <string>
#include <vector>
#include "hks_chipset_platform_test.h"
#include "hks_client_service.h"
#include "hks_mem.h"
#include "hks_param.h"
#include "hks_test_log.h"
#include "hks_three_stage_test_common.h"
// directly invoke HuksCoreChipsetPlatformDecrypt
#include "base/security/huks/services/huks_standard/huks_engine/main/core_dependency/src/hks_chipset_platform_key_hardcoded.c"
#include "base/security/huks/services/huks_standard/huks_engine/main/core/src/hks_chipset_platform_decrypt.c"
using namespace testing::ext;
namespace Unittest::HksChipsetPlatformDecryptTest {
namespace {
std::vector<HksChipsetPlatformTestCase> DECRYPT_KEY_NORMAL_CASES = {
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0x56, 0x66, 0x08, 0x04, 0x20, 0x5B, 0x15, 0xEA, 0x78, 0x12, 0xBE, 0xD9, 0x31, 0xBB, 0xC6, 0x0A,
0x11, 0xAC, 0x14, 0x2D, 0xEA, 0xF5, 0x18, 0x21, 0x14, 0xC7, 0x17, 0xFF, 0xFD, 0xAB, 0x51, 0xA2,
0x02, 0x9B, 0x22, 0x68, 0x90, 0x72, 0x33, 0x54, 0x1C, 0x06, 0x58, 0xAD, 0x71, 0x64, 0xC1, 0xA6,
0x42, 0x1B, 0xDC, 0x03, 0x55, 0x64, 0x3C, 0xEA, 0x5D, 0x73, 0x9F, 0x0D, 0x41, 0x20, 0x18, 0x37,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0xEC, 0xD1, 0x0D, 0x9E, 0x5E, 0xDF, 0xBA, 0xB9, 0x1E, 0x26, 0xED, 0x32,
},
.aad = {
0x9F, 0xDA, 0x88, 0x6D, 0x04, 0x67, 0xDB, 0xB8, 0xEB, 0xC4, 0x43, 0x0F, 0x71, 0x9D, 0xFF, 0xD0,
},
.mac = {
0xE8, 0x62, 0x0C, 0x53, 0xB9, 0x2C, 0xA1, 0x4D, 0xCC, 0x0E, 0xA1, 0x7C, 0x71, 0xF2, 0x9E, 0xA3,
},
.cipher = {
0x20,
},
.expectPlain = {
0x11,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0xC6, 0x5A, 0x5A, 0xC2, 0x3F, 0x45, 0xE6, 0x88, 0xE5, 0x11, 0x6F, 0xFE, 0xB6, 0xD4, 0x7A, 0xB6,
0xD3, 0x2E, 0x85, 0x15, 0x73, 0x9B, 0x2C, 0x5D, 0x71, 0xC7, 0x6F, 0x68, 0x4E, 0xA8, 0xA4, 0xC8,
0x7E, 0x3A, 0x23, 0x90, 0x2D, 0x95, 0xB4, 0x89, 0xCF, 0xE0, 0x25, 0x84, 0x78, 0xD0, 0x12, 0x48,
0x29, 0x31, 0xE1, 0x10, 0x3D, 0x04, 0x9B, 0xF0, 0x6E, 0x88, 0xC9, 0xE0, 0x5B, 0xD0, 0xC4, 0xE6,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0xBE, 0x00, 0xCF, 0x61, 0x45, 0x2F, 0x19, 0x3F, 0x6F, 0x3F, 0xD9, 0x3A,
},
.aad = {
0x3E, 0x69, 0x2A, 0xC1, 0xFA, 0xB9, 0xA7, 0x58, 0x86, 0x6D, 0xF9, 0x29, 0xA2, 0x28, 0x6D, 0xF9,
},
.mac = {
0xF0, 0x4F, 0x20, 0x55, 0x2A, 0xFD, 0x05, 0x54, 0x0B, 0xD2, 0x74, 0xBB, 0x9F, 0xA3, 0x39, 0x1B,
},
.cipher = {
0x99, 0x42, 0x78, 0xED,
},
.expectPlain = {
0x11, 0x22, 0x33, 0x44,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0xC7, 0xD6, 0x0A, 0xF1, 0xEC, 0x07, 0x08, 0xDB, 0x65, 0x49, 0x8A, 0x0E, 0x4B, 0x65, 0xFB, 0xB5,
0xA9, 0x35, 0xE0, 0x5C, 0x71, 0x81, 0x8C, 0x52, 0x5C, 0xA8, 0x8A, 0xF2, 0x2B, 0x2E, 0x9B, 0x3F,
0x74, 0x2F, 0xBC, 0x54, 0xB0, 0x99, 0x37, 0xBD, 0x63, 0x99, 0x7A, 0x41, 0x16, 0x84, 0xB8, 0x41,
0xDD, 0x11, 0xA6, 0xA5, 0x41, 0x8D, 0x9A, 0xEF, 0x9D, 0x3E, 0x30, 0x5B, 0xE0, 0xBA, 0x84, 0xFF,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0x15, 0xCA, 0x69, 0x9E, 0xFE, 0xD5, 0xB9, 0xBB, 0xF0, 0x1A, 0x63, 0xBB,
},
.aad = {
0x9B, 0xD1, 0x19, 0x88, 0xAE, 0x49, 0x8B, 0x30, 0x39, 0x41, 0xB2, 0x28, 0x58, 0xF8, 0xC2, 0x73,
},
.mac = {
0x74, 0xDB, 0x05, 0x42, 0xBD, 0xC1, 0x1D, 0x59, 0x68, 0xEE, 0x12, 0xFC, 0x29, 0x4A, 0x60, 0x4A,
},
.cipher = {
0x01, 0x44, 0xF6, 0x55, 0xD4, 0x46, 0xB3, 0xC6, 0x58, 0xC8, 0x5B, 0x17, 0xEC, 0x5A, 0x9E, 0xA9,
},
.expectPlain = {
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0x1C, 0x95, 0xED, 0xCA, 0x3E, 0x1F, 0xB5, 0x3A, 0x35, 0xEB, 0x9E, 0xAA, 0x22, 0xFB, 0x69, 0xC0,
0x78, 0x53, 0x9F, 0xC1, 0x54, 0xDC, 0xBC, 0xC9, 0xCD, 0x84, 0xE6, 0xA6, 0x00, 0xAE, 0xE1, 0xE9,
0xBD, 0x0F, 0x7B, 0x00, 0x20, 0x55, 0x16, 0x60, 0x56, 0xD1, 0xBB, 0x78, 0x74, 0xAC, 0x2B, 0x6F,
0x96, 0xF0, 0x83, 0x4E, 0xA9, 0xAB, 0x8A, 0xC8, 0x30, 0xD5, 0x46, 0x9F, 0xB9, 0x05, 0xC7, 0x7B,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0x47, 0x1D, 0xA7, 0x5F, 0xD6, 0x1A, 0xCA, 0xBF, 0x6B, 0xFE, 0x91, 0x6C,
},
.aad = {
0x8F, 0x08, 0xFC, 0x6A, 0x9C, 0xA9, 0x3C, 0x74, 0xEA, 0x2C, 0x89, 0x20, 0xD6, 0x93, 0xB5, 0x6F,
},
.mac = {
0x26, 0x08, 0x08, 0xD7, 0xE2, 0xAA, 0xCB, 0x87, 0x5A, 0x5C, 0x67, 0xF8, 0xDA, 0x57, 0xBC, 0x76,
},
.cipher = {
0x00, 0x34, 0x63, 0xBB, 0x04, 0xBF, 0xE7, 0x9F, 0x73, 0x5F, 0x41, 0x43, 0xFC, 0x8A, 0x9D, 0x8C,
0x3A, 0x83, 0xD5, 0xEA, 0xB1, 0xEA, 0xDF, 0x16, 0xFB, 0xC4, 0xF7, 0x54, 0x62, 0xBB, 0xBB, 0xE3,
},
.expectPlain = {
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0xCC, 0x0B, 0x47, 0xBD, 0xBB, 0xF3, 0xA6, 0x6B, 0x97, 0x87, 0x36, 0xFF, 0x45, 0xDD, 0xAC, 0x5E,
0xDD, 0xC8, 0x34, 0xB1, 0xA3, 0xC6, 0x42, 0x38, 0xD5, 0xC2, 0xC9, 0x0F, 0x4B, 0xFD, 0x6E, 0xF1,
0x42, 0xA3, 0xA3, 0x39, 0x84, 0x77, 0xDA, 0x20, 0x50, 0xB8, 0x56, 0x7B, 0x87, 0x9C, 0x17, 0xD2,
0xF1, 0xE4, 0x48, 0x86, 0x6B, 0xF7, 0xBB, 0xBC, 0x05, 0xAB, 0xC4, 0x23, 0xB7, 0x5C, 0x65, 0xA1,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0x5E, 0x2C, 0x66, 0x82, 0xA2, 0xEB, 0x8A, 0x94, 0x9B, 0xE1, 0x69, 0xB0,
},
.aad = {
0xA9, 0xBC, 0xAF, 0xC6, 0xF3, 0xA5, 0x75, 0xEA, 0xA5, 0x9A, 0xA6, 0x8A, 0x5E, 0x2F, 0x82, 0x78,
},
.mac = {
0xBC, 0x25, 0x6F, 0xA2, 0x56, 0x07, 0x8A, 0xEB, 0x9C, 0x26, 0x3C, 0xB4, 0x61, 0xAF, 0xA5, 0x1A,
},
.cipher = {
0xAA, 0x14, 0x20, 0x9A, 0x65, 0x91, 0xA0, 0x76, 0x8D, 0xB3, 0xB0, 0xBE, 0xEA, 0xB8, 0x8A, 0x83,
0xFE, 0xBC, 0x7B, 0x15, 0x68, 0x49, 0xF4, 0x50, 0xFA, 0x52, 0x98, 0x3F, 0x8A, 0xA7, 0xAF, 0xA9,
0x72, 0xA6, 0xDC, 0x89, 0x1E, 0x4A, 0x60, 0x62, 0xD3, 0xDB, 0x81, 0xD0, 0x0C, 0x6D, 0x6A, 0xCF,
0xBB, 0x04, 0xC9, 0xD0, 0x77, 0xD4, 0x99, 0x96, 0xDA, 0x5D, 0x52, 0x70, 0x10, 0x98, 0x4D, 0x48,
0xF3, 0x44, 0xD4, 0x88, 0x1E, 0x5C, 0xC6, 0x57, 0xB3, 0xBD, 0xD0, 0x25, 0x23, 0x9C, 0xF7, 0x95,
0xA0, 0xF7, 0xB8, 0x79, 0xEE, 0x9F, 0xA2, 0xEB, 0x55, 0x07, 0x5C, 0x3E, 0x1D, 0x2D, 0x15, 0x44,
0x33, 0xB6, 0xBF, 0x41, 0x99, 0x0A, 0x71, 0xE7, 0xC9, 0xCE, 0x79, 0x41, 0x47, 0xF5, 0x33, 0xCF,
0x3B, 0xBE, 0x9D, 0xE0, 0xCE, 0x9C, 0x4B, 0xC1, 0x96, 0x6B, 0x56, 0x14, 0x90, 0xBE, 0xEB, 0x20,
0xF8, 0xF2, 0xEA, 0x0B, 0x9F, 0xE5, 0xA6, 0x7E, 0xFD, 0x40, 0x71, 0x3F, 0xF8, 0xBE, 0xDF, 0x65,
0x4D, 0x04, 0xC4, 0x79, 0xFC, 0xCB, 0x97, 0xA5, 0x30, 0x85, 0x77, 0xD1, 0x24, 0xEE, 0x78, 0x51,
0x73, 0xBA, 0x56, 0x2E, 0xA3, 0xEA, 0xD2, 0x41, 0x2F, 0x6F, 0x9B, 0x93, 0x0F, 0x39, 0x57, 0x72,
0xA4, 0xBE, 0xE2, 0x67, 0xE1, 0xFD, 0xBA, 0x6D, 0x0B, 0xA7, 0xF4, 0x67, 0x79, 0x7D, 0x86, 0x30,
0xA9, 0x89, 0x39, 0xEC, 0x12, 0x11, 0x47, 0xF1, 0x62, 0x98, 0x41, 0x69, 0xB0, 0xE6, 0x12, 0x8E,
0x32, 0x45, 0xE1, 0x35, 0x8E, 0x08, 0x3C, 0x58, 0xFB, 0x33, 0x09, 0xCF, 0xDA, 0xC8, 0xD8, 0x9E,
0xFD, 0x64, 0x44, 0xC9, 0xE8, 0xC4, 0x3A, 0x4A, 0xF9, 0xA6, 0x52, 0x53, 0xD7, 0x8A, 0xCE, 0x32,
0x6C, 0x10, 0xA1, 0xAF, 0x3F, 0xCB, 0x52, 0x14, 0xB3, 0xA5, 0x89, 0x3F, 0xB9, 0x99, 0xC8, 0x55,
0x4A, 0x12, 0x35, 0xB1, 0xE9, 0x9C, 0xC8, 0xDC, 0xB5, 0x5D, 0xA3, 0xB5, 0x97, 0xD6, 0x04, 0xF8,
0xB5, 0xC8, 0x16, 0xBB, 0x87, 0x07, 0x9F, 0xCC, 0x80, 0x3A, 0x15, 0x0C, 0x3A, 0xA3, 0x5E, 0x4D,
0x34, 0x67, 0xB5, 0xCD, 0x52, 0xC9, 0xE9, 0x97, 0x12, 0x32, 0xDC, 0xEE, 0xB8, 0x26, 0x4F, 0x46,
0x2D, 0xB8, 0xC2, 0x79, 0xAA, 0xD7, 0x8A, 0x3B, 0xD6, 0xD4, 0x12, 0xB9, 0xE2, 0xEE, 0x2B, 0xB0,
0xA7, 0xAE, 0x69, 0x6E, 0xA7, 0x1E, 0xD8, 0xC6, 0x00, 0x51, 0x3E, 0xE3, 0x3D, 0x0E, 0x2D, 0xE4,
0x7A, 0xA6, 0x9E, 0xAE, 0x86, 0x62, 0x2D, 0x3A, 0x2A, 0x2C, 0xB8, 0x13, 0x5F, 0xA4, 0x31, 0x66,
0x9F, 0xA4, 0x8E, 0xAF, 0xE9, 0x68, 0x56, 0x25, 0x64, 0xDB, 0x4C, 0x12, 0xF1, 0xED, 0x95, 0xF5,
0x14, 0xA0, 0xE1, 0xF1, 0xCA, 0xE4, 0xEC, 0xA3, 0x03, 0xBD, 0x0A, 0x5B, 0x6D, 0xC4, 0xE8, 0x87,
0x86, 0x94, 0xC5, 0x53, 0x3D, 0x47, 0x4C, 0x94, 0x5A, 0x6F, 0x73, 0x73, 0x3F, 0x0B, 0xBF, 0x0E,
0x8F, 0x20, 0x43, 0xBA, 0x02, 0x06, 0xA6, 0xED, 0x49, 0xE1, 0x63, 0xAB, 0x8F, 0xDE, 0x6B, 0x97,
0x25, 0x0C, 0x02, 0xDB, 0x41, 0x17, 0x25, 0x77, 0x60, 0xD3, 0x7B, 0x1D, 0xFE, 0x47, 0xA2, 0xE4,
0x18, 0xE6, 0x45, 0xE4, 0x16, 0x36, 0xF6, 0xA5, 0x46, 0xE1, 0x0A, 0x5E, 0x0E, 0x04, 0xF0, 0x0E,
0x95, 0x44, 0x2B, 0x37, 0x36, 0x4F, 0xB8, 0x47, 0x67, 0xB0, 0x1C, 0x84, 0x53, 0xEA, 0x72, 0xC3,
0x5A, 0x9A, 0x2D, 0x2D, 0xB3, 0x3D, 0xE8, 0x31, 0xC5, 0x3D, 0x69, 0xD7, 0x8C, 0x6F, 0x69, 0x9E,
0x29, 0x6C, 0x3B, 0xF3, 0xEE, 0x6F, 0x6C, 0xAE, 0x90, 0xD3, 0x63, 0x16, 0xB8, 0x73, 0xE7, 0x9F,
0x5D, 0x3F, 0x5D, 0xBE, 0x0A, 0xE6, 0x99, 0xA3, 0x79, 0xC5, 0x9D, 0x26, 0x52, 0x19, 0xE8, 0xB1,
},
.expectPlain = {
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0x18, 0x1A, 0xBC, 0xA2, 0x47, 0xAB, 0xA1, 0xDF, 0xEF, 0x02, 0x0B, 0x01, 0x10, 0xF0, 0x53, 0x39,
0x7B, 0x34, 0xD6, 0x56, 0x3D, 0x81, 0xD9, 0x93, 0x43, 0x4C, 0x07, 0x83, 0x97, 0x8F, 0xD2, 0x93,
0xF3, 0xAD, 0x70, 0x92, 0x85, 0xD2, 0x3A, 0x81, 0xB2, 0x28, 0xCE, 0xD6, 0x48, 0xC0, 0x14, 0xB2,
0x36, 0x8C, 0x9E, 0x37, 0x80, 0x05, 0x93, 0x1D, 0xE9, 0x7B, 0xAA, 0x91, 0xD8, 0x04, 0x6A, 0x62,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0x5D, 0x8E, 0xDF, 0x94, 0x93, 0x5D, 0x46, 0xF4, 0x54, 0xFD, 0x1A, 0x5A,
},
.aad = {
0x04, 0x99, 0x6E, 0xB5, 0x05, 0xC6, 0x91, 0x9C, 0xF9, 0xFC, 0x81, 0xFC, 0x69, 0x3C, 0x3B, 0x44,
},
.mac = {
0x76, 0x83, 0x9F, 0xA6, 0x6C, 0x62, 0x03, 0x15, 0x08, 0xFB, 0xDD, 0x36, 0xBF, 0xCD, 0x0F, 0x29,
},
.cipher = {
0x59,
},
.expectPlain = {
0x33,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0x03, 0xDD, 0x88, 0x0D, 0x07, 0x31, 0x5B, 0x9A, 0xE5, 0x49, 0x31, 0xD3, 0xBC, 0xB9, 0xBB, 0x78,
0xB8, 0x32, 0x8E, 0x2E, 0xD2, 0x77, 0xA1, 0xFF, 0x4D, 0x1B, 0xFA, 0x68, 0x54, 0x61, 0x9D, 0xB7,
0x3F, 0xD7, 0x08, 0xCB, 0x91, 0x72, 0xD9, 0x76, 0x65, 0xE1, 0x1A, 0x75, 0x09, 0x8C, 0x13, 0x12,
0x18, 0x3A, 0xDC, 0x3A, 0x11, 0x78, 0xAF, 0x1A, 0x0F, 0x99, 0x69, 0x7D, 0x7F, 0xF9, 0x24, 0xE6,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0x00, 0x5C, 0x85, 0x09, 0x4F, 0x23, 0xC5, 0x74, 0x73, 0x80, 0x36, 0x22,
},
.aad = {
0x2F, 0xC9, 0x99, 0x34, 0x2C, 0x8F, 0x3B, 0xE2, 0xD4, 0x2F, 0x7A, 0xA3, 0x76, 0xFE, 0x09, 0xEA,
},
.mac = {
0xC8, 0x83, 0x9C, 0x3D, 0x76, 0x15, 0xAF, 0x15, 0x2B, 0x54, 0xFE, 0xA2, 0x07, 0x6D, 0xD5, 0x41,
},
.cipher = {
0x04, 0x6B, 0xAA, 0xEC,
},
.expectPlain = {
0x33, 0x44, 0x55, 0x66,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0x95, 0x52, 0xA1, 0xCC, 0xC8, 0x44, 0x16, 0xE4, 0xE5, 0x76, 0xF6, 0x54, 0xE7, 0xD1, 0xE7, 0x32,
0x9D, 0xDE, 0x4F, 0x26, 0x4E, 0x85, 0xB5, 0xAC, 0x85, 0x41, 0x31, 0x25, 0xD1, 0x0D, 0xD2, 0x6F,
0x9B, 0xA9, 0xD9, 0xDE, 0x4D, 0x59, 0xB5, 0x8F, 0x43, 0x40, 0x6A, 0x19, 0x30, 0x92, 0x60, 0xB7,
0xA5, 0x49, 0x40, 0x3F, 0x54, 0x4A, 0x47, 0xCF, 0xD2, 0xB1, 0x52, 0x01, 0x31, 0x88, 0x0C, 0x9E,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0xC3, 0x0A, 0xCC, 0x72, 0xA9, 0xD9, 0x8D, 0xC9, 0x0C, 0xEC, 0x56, 0x6C,
},
.aad = {
0x63, 0x94, 0x6C, 0xAE, 0xB2, 0x41, 0x65, 0x4E, 0x81, 0x46, 0x29, 0x07, 0x6D, 0x8E, 0xE3, 0x72,
},
.mac = {
0x8B, 0x36, 0x67, 0x21, 0x96, 0x50, 0xB5, 0x9D, 0x0D, 0xEF, 0xBC, 0x86, 0xF3, 0xCB, 0xBF, 0xE1,
},
.cipher = {
0x03, 0x29, 0x9B, 0x72, 0xAA, 0xC2, 0x2E, 0x60, 0xC9, 0x5E, 0x3C, 0xEC, 0xAB, 0xDD, 0xEC, 0x9F,
},
.expectPlain = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0xF3, 0xE7, 0x92, 0x5A, 0xD7, 0x04, 0x5F, 0x1B, 0x07, 0x07, 0xED, 0x3E, 0x34, 0xB2, 0x4F, 0x1C,
0xD1, 0xDC, 0x3F, 0x82, 0x4F, 0x21, 0x97, 0x1C, 0x42, 0xAF, 0x22, 0x15, 0x54, 0x57, 0x75, 0x62,
0x7A, 0xFA, 0x0A, 0xEA, 0xDC, 0xFB, 0x24, 0x1F, 0x4C, 0xFC, 0x19, 0x5B, 0x29, 0x6D, 0xD5, 0x29,
0x39, 0x40, 0xC7, 0x99, 0x38, 0x1C, 0x6D, 0x31, 0xEC, 0x85, 0x98, 0x46, 0x69, 0x3F, 0x15, 0xA4,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0xEC, 0xBB, 0xFD, 0xA0, 0x40, 0xBA, 0x15, 0x11, 0x92, 0x9D, 0xEB, 0x1F,
},
.aad = {
0x97, 0xC7, 0xA8, 0xC0, 0xA4, 0x4B, 0x7B, 0xC0, 0x62, 0xE5, 0x01, 0x68, 0x7B, 0x8F, 0xBD, 0xAC,
},
.mac = {
0x65, 0xA9, 0xDE, 0xF2, 0xAF, 0x25, 0x8E, 0x7F, 0xF8, 0x4A, 0xB4, 0x44, 0xC9, 0x84, 0x00, 0x1C,
},
.cipher = {
0x5E, 0x4B, 0x58, 0x3E, 0xBE, 0x88, 0x9E, 0xF5, 0xBB, 0x11, 0x06, 0xB2, 0x68, 0x82, 0xA7, 0xF4,
0xC7, 0xE0, 0xDE, 0xA6, 0xEF, 0x8E, 0x0C, 0x8C, 0x86, 0x3C, 0xD2, 0xE6, 0xEA, 0xF9, 0xC9, 0x02,
},
.expectPlain = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
},
{
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.tmpPk = {
0xF5, 0xE9, 0x44, 0x39, 0x9B, 0x17, 0x07, 0x66, 0xDC, 0x97, 0xA4, 0xE8, 0xB5, 0xE9, 0x48, 0xD8,
0x6F, 0xC9, 0xBD, 0x64, 0x5D, 0x74, 0xFA, 0x64, 0xB7, 0x8A, 0xDA, 0xEC, 0xBC, 0xC7, 0xD1, 0x51,
0x43, 0xEF, 0x36, 0xD5, 0x09, 0xD8, 0xC4, 0x39, 0x6E, 0x3C, 0x8D, 0xD8, 0x20, 0x9C, 0x7A, 0x75,
0x4A, 0x52, 0x91, 0x93, 0x0B, 0xBF, 0xD6, 0xF4, 0x1F, 0x6F, 0x9B, 0x47, 0x7E, 0xD7, 0xBD, 0x7C,
},
.hmacMsg = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
.iv = {
0x57, 0x54, 0xB4, 0xCB, 0xFF, 0x65, 0xC2, 0xEF, 0x66, 0x73, 0x6B, 0x77,
},
.aad = {
0xA2, 0x81, 0x20, 0x53, 0x41, 0xFA, 0xFD, 0x03, 0xD6, 0xCB, 0xC6, 0x9D, 0xAB, 0xED, 0xF0, 0x96,
},
.mac = {
0x49, 0x0E, 0x83, 0x7F, 0xEB, 0x24, 0x05, 0xF3, 0x74, 0x36, 0xB2, 0x21, 0xD8, 0x8F, 0xE7, 0x14,
},
.cipher = {
0xBF, 0x0B, 0xB7, 0x18, 0x7C, 0xF2, 0x7A, 0xFB, 0x18, 0x15, 0x47, 0xFD, 0x52, 0x8C, 0x15, 0x47,
0xD3, 0xC0, 0xD6, 0x31, 0x0E, 0xDF, 0x15, 0x0D, 0xEF, 0x04, 0xAC, 0xB1, 0xCC, 0x6F, 0xF6, 0x7F,
0xD5, 0x27, 0xD8, 0xA1, 0x8A, 0x9D, 0xE1, 0xC6, 0xB5, 0x94, 0x20, 0x4E, 0xB7, 0xA4, 0xC0, 0xCC,
0x2C, 0x21, 0x8A, 0x4F, 0x5A, 0x9F, 0x3F, 0x1A, 0x7A, 0xB0, 0x39, 0x08, 0xF9, 0x46, 0x4B, 0x0B,
0x40, 0x11, 0xC1, 0xCC, 0x1A, 0x23, 0x49, 0x4D, 0x02, 0x04, 0x37, 0x58, 0x76, 0xC2, 0xE5, 0xA5,
0xEC, 0xBF, 0x31, 0x3F, 0x3F, 0x3A, 0x39, 0x43, 0x49, 0x9E, 0x7C, 0x08, 0x94, 0x8A, 0xB6, 0x76,
0xDB, 0x17, 0xDB, 0x9F, 0x9D, 0x9F, 0x64, 0xDD, 0x7A, 0xA0, 0x10, 0xFD, 0x7D, 0xDB, 0xA8, 0xE8,
0x16, 0xC6, 0xD9, 0xB2, 0x65, 0x02, 0x98, 0xFF, 0xAD, 0x20, 0x5A, 0x86, 0xB6, 0xC1, 0x70, 0x14,
0x97, 0x03, 0xC6, 0xB3, 0x5B, 0x9E, 0xA2, 0x77, 0xBA, 0xCE, 0x83, 0x3B, 0x67, 0x76, 0x2E, 0x16,
0x9E, 0xB2, 0x5F, 0x8E, 0x8A, 0x02, 0x58, 0x40, 0x10, 0x26, 0xA6, 0x14, 0x03, 0x7E, 0x04, 0x40,
0x51, 0xD5, 0x40, 0xFB, 0x4C, 0xFD, 0xDD, 0x15, 0x94, 0x15, 0xB7, 0x46, 0xCC, 0xE3, 0x01, 0xAA,
0x57, 0x22, 0x18, 0x1D, 0xCA, 0x31, 0x2D, 0x86, 0x88, 0x58, 0x64, 0xB8, 0x5C, 0x1B, 0x94, 0x18,
0xB8, 0x36, 0xA5, 0xED, 0x72, 0x65, 0x27, 0x40, 0x8D, 0x1F, 0x56, 0xDB, 0x66, 0xB8, 0x85, 0xEB,
0xC1, 0x93, 0xD8, 0x30, 0xA5, 0x37, 0xD5, 0x4D, 0xA6, 0x33, 0x3B, 0x23, 0x65, 0x21, 0x4F, 0xF8,
0xF7, 0x15, 0xA3, 0x06, 0x65, 0x99, 0x5F, 0xE1, 0x9E, 0x66, 0x5D, 0x32, 0xFF, 0x31, 0x49, 0xC1,
0xEA, 0x8B, 0xF4, 0xB6, 0xD9, 0xF8, 0x57, 0x83, 0x50, 0x87, 0x3B, 0x17, 0x33, 0x22, 0x7D, 0xE7,
0x5C, 0xBA, 0x88, 0x93, 0x00, 0xAB, 0x90, 0xFE, 0x18, 0x28, 0xC7, 0x61, 0x0E, 0xC9, 0xE6, 0xA4,
0x6D, 0x4B, 0x6E, 0x45, 0xEC, 0xD7, 0xC0, 0x1F, 0x7F, 0x04, 0xBA, 0x6B, 0x48, 0xD4, 0x04, 0x87,
0xE9, 0x6D, 0xFD, 0x41, 0x1C, 0x70, 0xCA, 0xBD, 0xA8, 0x42, 0x86, 0xB1, 0x7D, 0xA6, 0xCF, 0xBC,
0x1A, 0x34, 0xA5, 0xA5, 0xDA, 0xBF, 0x4D, 0x18, 0xDF, 0x17, 0x8E, 0x1B, 0x49, 0x28, 0x0E, 0xE1,
0x41, 0xB8, 0x92, 0x3B, 0x5E, 0xCE, 0x80, 0xCD, 0xAC, 0x15, 0x96, 0xA3, 0xAF, 0xBE, 0x92, 0xE9,
0x2E, 0x33, 0xBD, 0xAE, 0x1D, 0x9D, 0xFE, 0xC1, 0xA8, 0x27, 0x7D, 0x81, 0x3D, 0xFC, 0x11, 0xDE,
0x7D, 0xA7, 0xB6, 0x45, 0x68, 0x01, 0x10, 0x26, 0xF0, 0xB0, 0x17, 0xD6, 0x4B, 0x37, 0x97, 0xCB,
0x49, 0x3B, 0x48, 0x22, 0x91, 0xF6, 0x8B, 0xF0, 0xB0, 0xC5, 0xEC, 0x50, 0x7F, 0x38, 0x41, 0xDE,
0xEE, 0x1F, 0x9D, 0x6B, 0xE7, 0x72, 0x33, 0xFF, 0x70, 0x8F, 0x19, 0xD8, 0xC1, 0x50, 0xE3, 0x03,
0x7D, 0xFC, 0xC0, 0x69, 0x55, 0xAE, 0x47, 0xA4, 0x5A, 0xEC, 0x1A, 0xC7, 0x5E, 0xCF, 0x5A, 0x6A,
0xDE, 0x9D, 0xAE, 0x36, 0xF2, 0xA5, 0xE9, 0xB1, 0x79, 0x95, 0x8F, 0x75, 0x03, 0x60, 0xDE, 0x07,
0x7C, 0x2A, 0xAB, 0x21, 0xEF, 0xDB, 0x96, 0x89, 0x4F, 0x6E, 0x6F, 0x96, 0x6D, 0xCA, 0x7F, 0xEC,
0xEF, 0x32, 0xCD, 0xE3, 0x40, 0x31, 0x03, 0x61, 0x2F, 0x03, 0x10, 0x14, 0xE9, 0xD3, 0xAC, 0x36,
0x18, 0xCA, 0x33, 0x54, 0x90, 0x05, 0xA3, 0x95, 0xA6, 0x95, 0x6F, 0x75, 0x4F, 0x73, 0x0A, 0xDF,
0x57, 0xE4, 0x67, 0x6B, 0x31, 0x94, 0xDD, 0x9C, 0x40, 0x44, 0x61, 0x1D, 0x73, 0xF8, 0x7C, 0x60,
0x63, 0xB2, 0x2F, 0x9D, 0xC3, 0x78, 0xC2, 0x83, 0x06, 0xFE, 0x81, 0x80, 0xFC, 0xBB, 0xA6, 0x84,
},
.expectPlain = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x11, 0x22,
},
},
};
} // anonymous namespace
class HksChipsetPlatformDecryptTest : public testing::Test {
public:
static void SetUpTestCase(void);
static void TearDownTestCase(void);
void SetUp();
void TearDown();
};
void HksChipsetPlatformDecryptTest::SetUpTestCase(void)
{
HKS_LOG_E("set up cases");
}
void HksChipsetPlatformDecryptTest::TearDownTestCase(void)
{
}
void HksChipsetPlatformDecryptTest::SetUp()
{
HKS_LOG_E("enter HksServiceInitialize");
HksServiceInitialize();
HKS_LOG_E("init end");
}
void HksChipsetPlatformDecryptTest::TearDown()
{
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest001
* @tc.desc: tdd Normal process of chipset platform decrypt, expect ret == HKS_SUCCESS
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest001, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest001");
for (size_t i = 0; i < DECRYPT_KEY_NORMAL_CASES.size(); ++i) {
struct HksChipsetPlatformTestCase &t = DECRYPT_KEY_NORMAL_CASES[i];
HKS_TEST_LOG_I("test case %zu / %zu, expected plain length = %zu",
(i + 1), DECRYPT_KEY_NORMAL_CASES.size(), t.expectPlain.size());
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet{};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA,
&plainBlob);
ASSERT_EQ(ret, HKS_SUCCESS);
ASSERT_EQ(plainBlob.size, t.expectPlain.size());
ASSERT_EQ(memcmp(plainBlob.data, t.expectPlain.data(), plainBlob.size), 0);
HKS_TEST_LOG_I("test case %zu / %zu end", (i + 1), DECRYPT_KEY_NORMAL_CASES.size());
}
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest002
* @tc.desc: tdd abnormal case, pass nullptr as paramSet
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest002, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest002");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
int32_t ret = HuksCoreChipsetPlatformDecrypt(nullptr, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest003
* @tc.desc: tdd abnormal case, incorrect count of params in paramSet
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest003, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest003");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
size_t correctCount = decryptParams.size();
auto run = [&t, &decryptParams]() {
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA,
&plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
};
// add one useless param
decryptParams.insert(decryptParams.begin(), HksParam{
.tag = HKS_TAG_ALGORITHM,
.uint32Param = 0,
});
ASSERT_EQ(decryptParams.size(), correctCount + 1);
run();
decryptParams.erase(decryptParams.begin());
// remove one necessary param
decryptParams.erase(decryptParams.begin());
ASSERT_EQ(decryptParams.size(), correctCount - 1);
run();
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest004
* @tc.desc: tdd abnormal case, params in paramSet repeat
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest004, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest004");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
// repeat one param
decryptParams.emplace_back(decryptParams[0]);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest005
* @tc.desc: tdd abnormal case, param in paramSet repeat has nullptr blob
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest005, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest005");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
decryptParamSet.s->params[0].blob.data = nullptr;
decryptParamSet.s->params[0].blob.size = 0;
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest006
* @tc.desc: tdd abnormal case, invalid salt type
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest006, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest006");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s,
static_cast<enum HksChipsetPlatformDecryptScene>(HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA + 1), &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest007
* @tc.desc: tdd abnormal case, invalid pub key length
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest007, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest007");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
size_t correctSize = t.tmpPk.size();
t.tmpPk = {t.tmpPk.begin(), t.tmpPk.begin() + t.tmpPk.size() / 2};
EXPECT_EQ(t.tmpPk.size() * 2, correctSize);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest008
* @tc.desc: tdd abnormal case, invalid salt length
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest008, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest008");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
size_t correctSize = t.salt.size();
t.salt = {t.salt.begin(), t.salt.begin() + t.salt.size() / 2};
EXPECT_EQ(t.salt.size() * 2, correctSize);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest009
* @tc.desc: tdd abnormal case, invalid customInfo length
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest009, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest009");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
size_t correctSize = t.hmacMsg.size();
t.hmacMsg = {t.hmacMsg.begin(), t.hmacMsg.begin() + t.hmacMsg.size() / 2};
EXPECT_EQ(t.hmacMsg.size() * 2, correctSize);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest010
* @tc.desc: tdd abnormal case, invalid plainText length
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest010, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest010");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size() + t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest011
* @tc.desc: tdd abnormal case, cipher length is not the multiple of 16
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest011, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest011");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
t.cipher.emplace_back(1);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest012
* @tc.desc: tdd abnormal case, cipher length is out of range
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest012, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest012");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
t.cipher = std::vector<uint8_t>(PLATFORM_KEY_TEXT_MAX_LEN + 1);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest013
* @tc.desc: tdd abnormal case, invalid aad length
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest013, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest013");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
t.aad.emplace_back(1);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest014
* @tc.desc: tdd abnormal case, invalid iv length
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest014, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest014");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
t.iv.emplace_back(1);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformDecryptTest.HksChipsetPlatformDecryptTest015
* @tc.desc: tdd abnormal case, invalid mac length
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformDecryptTest, HksChipsetPlatformDecryptTest015, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformDecryptTest015");
struct HksChipsetPlatformTestCase t(DECRYPT_KEY_NORMAL_CASES[0]);
t.mac.emplace_back(1);
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
WrapParamSet decryptParamSet {};
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> plainText(t.cipher.size());
struct HksBlob plainBlob = { .size = plainText.size(), .data = plainText.data() };
ret = HuksCoreChipsetPlatformDecrypt(decryptParamSet.s, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &plainBlob);
ASSERT_NE(ret, HKS_SUCCESS);
}
}

669
test/unittest/huks_standard_test/three_stage_test/src/hks_chipset_platform_encrypt_test.cpp Normal file
View File

@ -0,0 +1,669 @@
/*
* Copyright (c) 2023-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <cstdint>
#include <fstream>
#include <gtest/gtest.h>
#include <string>
#include <vector>
#include <nlohmann/json.hpp>
#include "hks_log.h"
#include "hks_mem.h"
#include "hks_param.h"
#include "hks_type.h"
#include "hks_api.h"
#include "hks_template.h"
#include "hks_test_log.h"
#include "hks_three_stage_test_common.h"
#include "hks_chipset_platform_decrypt.h"
#include "hks_client_service_adapter.h"
#include "hks_chipset_platform_test.h"
using namespace testing::ext;
namespace {
std::vector<HksCipsetPlatformEncryptInput> g_encryptInputs = {
{
.scene = HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA,
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.uuid = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.customInfo = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.plainText = {
0x11,
},
}, {
.scene = HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA,
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.uuid = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.customInfo = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.plainText = {
0x11, 0x22, 0x33, 0x44,
},
}, {
.scene = HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA,
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.uuid = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.customInfo = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.plainText = {
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
},
}, {
.scene = HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA,
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.uuid = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.customInfo = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.plainText = {
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
},
}, {
.scene = HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA,
.salt = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.uuid = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.customInfo = {
0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0x00,
0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x11, 0x22,
},
.plainText = {
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
},
},
};
void PrintOne(const std::vector<uint8_t> one)
{
enum { NEW_LINE = 16 };
for (std::size_t i = 0; i < one.size(); ++i) {
if (i % NEW_LINE == 0) {
printf(" 0x%02X, ", one[i]);
} else if (i % NEW_LINE == NEW_LINE - 1) {
printf("0x%02X,\n", one[i]);
} else {
printf("0x%02X, ", one[i]);
}
}
if (one.size() % NEW_LINE != 0) {
printf("\n");
}
}
void PrintResult(const HksChipsetPlatformTestCase &res)
{
printf("{\n");
printf(" .salt = {\n");
PrintOne(res.salt);
printf(" },\n");
printf(" .tmpPk = {\n");
PrintOne(res.tmpPk);
printf(" },\n");
printf(" .hmacMsg = {\n");
PrintOne(res.hmacMsg);
printf(" },\n");
printf(" .iv = {\n");
PrintOne(res.iv);
printf(" },\n");
printf(" .aad = {\n");
PrintOne(res.aad);
printf(" },\n");
printf(" .mac = {\n");
PrintOne(res.mac);
printf(" },\n");
printf(" .cipher = {\n");
PrintOne(res.cipher);
printf(" },\n");
printf(" .expectPlain = {\n");
PrintOne(res.expectPlain);
printf(" },\n");
printf("},\n");
}
uint8_t g_tmpKeyPairAliasStr[] = "tmpKeyPair";
struct HksBlob g_tmpKeyPairAlias = { sizeof(g_tmpKeyPairAliasStr), g_tmpKeyPairAliasStr };
// Notice: you need to pass an empty HksBlob for x509PubKey, and you MUST free x509PubKey after using
int32_t ExportX509ChipsetPlatformPubKey(const struct HksBlob &salt,
enum HksChipsetPlatformDecryptScene scene, struct HksBlob &x509PubKey)
{
std::vector<uint8_t> rawPk(PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE);
HksBlob publicKeyBlob = { .size = PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE, .data = rawPk.data() };
int32_t ret = HksExportChipsetPlatformPublicKey(&salt, scene, &publicKeyBlob);
EXPECT_EQ(ret, HKS_SUCCESS);
struct HksPubKeyInfo publicKeyInfo = {
.keyAlg = HKS_ALG_ECC,
.keySize = HKS_ECC_KEY_SIZE_256,
.nOrXSize = HKS_ECC_KEY_SIZE_256 / HKS_BITS_PER_BYTE,
.eOrYSize = HKS_ECC_KEY_SIZE_256 / HKS_BITS_PER_BYTE,
.placeHolder = 0,
};
std::vector<uint8_t> huksPk(sizeof(publicKeyInfo) + publicKeyBlob.size);
struct HksBlob HksFullPubKey = { .size = static_cast<uint32_t>(huksPk.size()), .data = huksPk.data() };
EXPECT_EQ(memcpy_s(HksFullPubKey.data, HksFullPubKey.size, &publicKeyInfo, sizeof(publicKeyInfo)), EOK);
EXPECT_EQ(memcpy_s(HksFullPubKey.data + sizeof(publicKeyInfo), HksFullPubKey.size - sizeof(publicKeyInfo),
publicKeyBlob.data, publicKeyBlob.size), EOK);
ret = TranslateToX509PublicKey(&HksFullPubKey, &x509PubKey);
EXPECT_EQ(ret, HKS_SUCCESS);
HKS_LOG_I("import platform public key success");
return ret;
}
int32_t GenerateTmpKeyPairAndExportPublicKey(std::vector<uint8_t> &resTmpPk)
{
WrapParamSet genParamSet {};
struct HksParam genParams[] = {
{
.tag = HKS_TAG_ALGORITHM,
.uint32Param = HKS_ALG_ECC
}, {
.tag = HKS_TAG_PURPOSE,
.uint32Param = HKS_KEY_PURPOSE_AGREE
}, {
.tag = HKS_TAG_KEY_SIZE,
.uint32Param = HKS_ECC_KEY_SIZE_256
}, {
.tag = HKS_TAG_DIGEST,
.uint32Param = HKS_DIGEST_NONE
}, {
.tag = HKS_TAG_PADDING,
.uint32Param = HKS_PADDING_NONE
}
};
int32_t ret = InitParamSet(&genParamSet.s, genParams, HKS_ARRAY_SIZE(genParams));
EXPECT_EQ(ret, HKS_SUCCESS) << "InitParamSet(gen) failed.";
HksGenerateKey(&g_tmpKeyPairAlias, genParamSet.s, nullptr);
enum { TMP_PK_BUFFER_SIZE = 4096, };
resTmpPk.resize(TMP_PK_BUFFER_SIZE);
struct HksBlob tmpPk = { .size = TMP_PK_BUFFER_SIZE, .data = resTmpPk.data() };
ret = HksExportPublicKey(&g_tmpKeyPairAlias, nullptr, &tmpPk);
EXPECT_EQ(ret, HKS_SUCCESS) << "export tmp ecc pub key failed";
// the exported key is in X.509 format, and the last part is the raw key
resTmpPk = std::vector<uint8_t> {
resTmpPk.begin() + tmpPk.size - PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE,
resTmpPk.begin() + tmpPk.size
};
return ret;
}
int32_t AgreeSharedKey(struct HksBlob &x509PubKey, struct HksBlob &sharedKey)
{
WrapParamSet agreeParamSet {};
static struct HksParam agreeParams[] = {
{
.tag = HKS_TAG_ALGORITHM,
.uint32Param = HKS_ALG_ECDH
}, {
.tag = HKS_TAG_PURPOSE,
.uint32Param = HKS_KEY_PURPOSE_AGREE
}, {
.tag = HKS_TAG_KEY_SIZE,
.uint32Param = HKS_ECC_KEY_SIZE_224
}
};
int32_t ret = InitParamSet(&agreeParamSet.s, agreeParams, HKS_ARRAY_SIZE(agreeParams));
EXPECT_EQ(ret, HKS_SUCCESS) << "InitParamSet(agree) failed.";
ret = HksAgreeKey(agreeParamSet.s, &g_tmpKeyPairAlias, &x509PubKey, &sharedKey);
EXPECT_EQ(ret, HKS_SUCCESS);
return ret;
}
int32_t HmacWrapKey(const struct HksBlob &sharedKey, const struct HksBlob &hmacMsg, struct HksBlob wrapKey)
{
uint8_t sharedKeyAliasStr[] = "sharedKey";
struct HksBlob sharedKeyAlias = { sizeof(sharedKeyAliasStr), sharedKeyAliasStr };
// first, import sharedKey into huks
std::vector<HksParam> importParams = {
{ .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_HMAC },
{ .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_MAC },
{ .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_AES_KEY_SIZE_256 },
{ .tag = HKS_TAG_DIGEST, .uint32Param = HKS_DIGEST_SHA256 },
};
WrapParamSet importParamSet {};
int32_t ret = InitParamSet(&importParamSet.s, importParams.data(), importParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
ret = HksImportKey(&sharedKeyAlias, importParamSet.s, &sharedKey);
EXPECT_EQ(ret, HKS_SUCCESS);
// second, do hmac-sha256
static struct HksParam hmacParams[] = {
{
.tag = HKS_TAG_ALGORITHM,
.uint32Param = HKS_ALG_HMAC
}, {
.tag = HKS_TAG_PURPOSE,
.uint32Param = HKS_KEY_PURPOSE_MAC
}, {
.tag = HKS_TAG_DIGEST,
.uint32Param = HKS_DIGEST_SHA256
}, {
.tag = HKS_TAG_KEY_SIZE,
.uint32Param = PLATFORM_KEY_WRAPPED_KEY_SIZE,
}
};
WrapParamSet hmacParamSet {};
EXPECT_EQ(InitParamSet(&hmacParamSet.s, hmacParams, HKS_ARRAY_SIZE(hmacParams)), HKS_SUCCESS);
ret = HksMac(&sharedKeyAlias, hmacParamSet.s, &hmacMsg, &wrapKey);
EXPECT_EQ(ret, HKS_SUCCESS) << "this case failed.";
static_cast<void>(HksDeleteKey(&sharedKeyAlias, nullptr));
return ret;
}
int32_t AesGcmEncrypt(const struct HksBlob &wrapKey, const struct HksBlob &plainText,
struct HksBlob iv, struct HksBlob aad, struct HksBlob cipherText)
{
uint8_t wrapKeyAliasStr[] = "wrapKey";
struct HksBlob wrapKeyAlias = { sizeof(wrapKeyAliasStr), wrapKeyAliasStr };
// first, import wrapKey into huks
std::vector<HksParam> importParams = {
{ .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_AES },
{ .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_ENCRYPT },
{ .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_AES_KEY_SIZE_256 },
{ .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_NONE },
{ .tag = HKS_TAG_BLOCK_MODE, .uint32Param = HKS_MODE_GCM },
};
WrapParamSet importParamSet {};
int32_t ret = InitParamSet(&importParamSet.s, importParams.data(), importParams.size());
EXPECT_EQ(ret, HKS_SUCCESS);
ret = HksImportKey(&wrapKeyAlias, importParamSet.s, &wrapKey);
EXPECT_EQ(ret, HKS_SUCCESS);
// second, generate random IV and aad
ret = HksGenerateRandom(nullptr, &iv);
EXPECT_EQ(ret, HKS_SUCCESS);
ret = HksGenerateRandom(nullptr, &aad);
EXPECT_EQ(ret, HKS_SUCCESS);
// third, encrypt with aes gcm
struct HksParam encryptParams[] = {
{ .tag = HKS_TAG_ALGORITHM, .uint32Param = HKS_ALG_AES },
{ .tag = HKS_TAG_PURPOSE, .uint32Param = HKS_KEY_PURPOSE_ENCRYPT },
{ .tag = HKS_TAG_KEY_SIZE, .uint32Param = HKS_AES_KEY_SIZE_256 },
{ .tag = HKS_TAG_PADDING, .uint32Param = HKS_PADDING_NONE },
{ .tag = HKS_TAG_BLOCK_MODE, .uint32Param = HKS_MODE_GCM },
{ .tag = HKS_TAG_NONCE, .blob = iv },
{ .tag = HKS_TAG_ASSOCIATED_DATA, .blob = aad },
};
WrapParamSet encryptParamSet {};
ret = InitParamSet(&encryptParamSet.s, encryptParams, HKS_ARRAY_SIZE(encryptParams));
EXPECT_EQ(ret, HKS_SUCCESS) << "InitParamSet(encrypt) failed.";
ret = HksEncrypt(&wrapKeyAlias, encryptParamSet.s, &plainText, &cipherText);
EXPECT_EQ(ret, HKS_SUCCESS);
(void)HksDeleteKey(&wrapKeyAlias, nullptr);
return ret;
}
HksChipsetPlatformTestCase Encrypt(HksCipsetPlatformEncryptInput &input)
{
HksChipsetPlatformTestCase res {
.salt = std::vector<uint8_t>(input.salt),
.expectPlain = std::vector<uint8_t>(input.plainText),
};
HksBlob saltBlob = { .size = static_cast<uint32_t>(input.salt.size()), .data = input.salt.data() };
HksBlob plainText = { .size = static_cast<uint32_t>(input.plainText.size()), .data = input.plainText.data() };
struct HksBlob x509PubKey {};
int32_t ret = ExportX509ChipsetPlatformPubKey(saltBlob, input.scene, x509PubKey);
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> sharedKeyBuffer(PLATFORM_KEY_SHARED_KEY_SIZE);
struct HksBlob sharedKey = { .size = PLATFORM_KEY_SHARED_KEY_SIZE, .data = sharedKeyBuffer.data() };
// concatenating uuid and customData
res.hmacMsg = std::vector<uint8_t>(input.uuid);
res.hmacMsg.insert(res.hmacMsg.end(), input.customInfo.begin(), input.customInfo.end());
struct HksBlob hmacMsg = { .size = static_cast<uint32_t>(res.hmacMsg.size()), .data = res.hmacMsg.data() };
std::vector<uint8_t> wrapKeyBuffer(PLATFORM_KEY_WRAPPED_KEY_SIZE);
struct HksBlob wrapKey = { .size = PLATFORM_KEY_WRAPPED_KEY_SIZE, .data = wrapKeyBuffer.data() };
res.iv.resize(PLATFORM_KEY_IV_SIZE);
struct HksBlob iv = { .size = PLATFORM_KEY_IV_SIZE, .data = res.iv.data() };
// notice: cipher length = plain length + tag length
res.cipher.resize(plainText.size + PLATFORM_KEY_TAG_SIZE);
struct HksBlob cipherText = { .size = static_cast<uint32_t>(res.cipher.size()), .data = res.cipher.data() };
res.aad.resize(PLATFORM_KEY_AAD_SIZE);
struct HksBlob aad = { .size = PLATFORM_KEY_AAD_SIZE, .data = res.aad.data() };
ret = GenerateTmpKeyPairAndExportPublicKey(res.tmpPk);
EXPECT_EQ(ret, HKS_SUCCESS) << "generate tmp ecc key pair failed";
ret = AgreeSharedKey(x509PubKey, sharedKey);
EXPECT_EQ(ret, HKS_SUCCESS) << "agree shared key failed";
ret = HmacWrapKey(sharedKey, hmacMsg, wrapKey);
EXPECT_EQ(ret, HKS_SUCCESS) << "hmac wrap key failed";
ret = AesGcmEncrypt(wrapKey, plainText, iv, aad, cipherText);
EXPECT_EQ(ret, HKS_SUCCESS);
// extract cipher and tag from cipher
res.mac = std::vector<uint8_t> { res.cipher.end() - PLATFORM_KEY_TAG_SIZE, res.cipher.end() };
res.cipher = std::vector<uint8_t> { res.cipher.begin(), res.cipher.end() - PLATFORM_KEY_TAG_SIZE };
(void)HksDeleteKey(&g_tmpKeyPairAlias, nullptr);
HKS_FREE_BLOB(x509PubKey);
return res;
}
std::vector<uint8_t> VectorStrToVectorUint8(const std::vector<std::string> &str)
{
enum { HEX_BASE = 16 };
std::vector<uint8_t> res(str.size());
for (size_t i = 0; i < str.size(); ++i) {
res[i] = (uint8_t)strtol(str[i].c_str(), nullptr, HEX_BASE);
}
return res;
}
int32_t ReadInputFile(const char *path, HksCipsetPlatformEncryptInput &input)
{
#define MAP_SCENE_ENUM_KEY_VALUE(a) { (#a), (a) }
std::map<std::string, enum HksChipsetPlatformDecryptScene> scenes = {
MAP_SCENE_ENUM_KEY_VALUE(HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA),
};
#undef MAP_SCENE_ENUM_KEY_VALUE
std::ifstream f(path, std::ios::binary | std::ios::in);
if (!f) {
HKS_TEST_LOG_I("open file \"%s\" failed", path);
return HKS_ERROR_INVALID_ARGUMENT;
}
nlohmann::json data = nlohmann::json::parse(f);
std::string scene = data["scene"];
auto sceneValue = scenes.find(scene);
if (sceneValue == scenes.end()) {
HKS_TEST_LOG_I("invalid scene \"%s\"", scene.c_str());
return HKS_ERROR_INVALID_ARGUMENT;
}
input.scene = sceneValue->second;
input.salt = VectorStrToVectorUint8(data["salt"]);
input.uuid = VectorStrToVectorUint8(data["uuid"]);
input.customInfo = VectorStrToVectorUint8(data["customInfo"]);
input.plainText = VectorStrToVectorUint8(data["plainText"]);
HKS_TEST_LOG_I("read scene = %s", scene.c_str());
HKS_TEST_LOG_I("read salt size = %zu, data = ", input.salt.size());
PrintOne(input.salt);
HKS_TEST_LOG_I("read uuid size = %zu, data = ", input.uuid.size());
PrintOne(input.uuid);
HKS_TEST_LOG_I("read customInfo size = %zu, data = ", input.customInfo.size());
PrintOne(input.customInfo);
HKS_TEST_LOG_I("read plainText size = %zu, data = ", input.plainText.size());
PrintOne(input.plainText);
return HKS_SUCCESS;
}
void PrintTaToTaParams(HksChipsetPlatformTestCase &t)
{
// Notice: the customInfo in ta to ta input params do not contains uuid
t.hmacMsg = std::vector<uint8_t> { t.hmacMsg.begin() + PLATFORM_KEY_BUSINESS_ID_SIZE, t.hmacMsg.end() };
WrapParamSet decryptParamSet {};
auto decryptParams = CipherMaterialsToDecryptInputParams(t);
int32_t ret = InitParamSet(&decryptParamSet.s, decryptParams.data(), decryptParams.size());
EXPECT_EQ(ret, HKS_SUCCESS) << "decryptParamSet failed.";
HKS_TEST_LOG_I("params[0] size = %d, data =", decryptParamSet.s->paramSetSize);
PrintOne(std::vector<uint8_t>{reinterpret_cast<uint8_t*>(decryptParamSet.s),
reinterpret_cast<uint8_t*>(decryptParamSet.s) + decryptParamSet.s->paramSetSize});
HKS_TEST_LOG_I("params[1] size = %zu, data are all zeros", t.cipher.size());
}
}
namespace Unittest::HksChipsetPlatformEncryptTest {
class HksChipsetPlatformEncryptTest : public testing::Test {
public:
static void SetUpTestCase(void);
static void TearDownTestCase(void);
void SetUp();
void TearDown();
};
void HksChipsetPlatformEncryptTest::SetUpTestCase(void)
{
HKS_LOG_E("set up cases");
int32_t ret = HksInitialize();
EXPECT_EQ(ret, HKS_SUCCESS);
}
void HksChipsetPlatformEncryptTest::TearDownTestCase(void)
{
}
void HksChipsetPlatformEncryptTest::SetUp()
{
}
void HksChipsetPlatformEncryptTest::TearDown()
{
}
/**
* @tc.name: HksChipsetPlatformEncryptTest.EncryptTool
* @tc.desc: encrypt tool
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformEncryptTest, EncryptTool, TestSize.Level0)
{
HKS_TEST_LOG_I("begin EncryptTool");
constexpr const char envInputPath[] = "HUKS_CHIPSET_PLATFORM_INPUT_PATH";
constexpr const char defaultPath[] = "/data/input.json";
HKS_TEST_LOG_I(
"the encrypt tool will read the environment variable $%s or %s if the environment variable is not set",
envInputPath, defaultPath);
const char *inputPath = std::getenv(envInputPath);
HKS_TEST_LOG_I("the environment variable $%s = \"%s\"", envInputPath, inputPath);
if (inputPath == nullptr) {
inputPath = defaultPath;
}
HKS_TEST_LOG_I("read \"%s\" now", inputPath);
HksCipsetPlatformEncryptInput input {};
int32_t ret = ReadInputFile(inputPath, input);
if (ret != HKS_SUCCESS) {
HKS_TEST_LOG_I("read input file failed, do not test encrypt tool");
return;
}
EXPECT_EQ(ret, HKS_SUCCESS);
if (ret != HKS_SUCCESS) {
HKS_TEST_LOG_I("read input failed, please check input file format!");
return;
}
HKS_TEST_LOG_I("begin encrypt");
HksChipsetPlatformTestCase cipherMaterials = Encrypt(input);
HKS_TEST_LOG_I("done encrypt, cipherMaterials =");
PrintResult(cipherMaterials);
if (input.scene == HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA) {
HKS_TEST_LOG_I("TA TO TA input params =");
PrintTaToTaParams(cipherMaterials);
}
HKS_TEST_LOG_I("end EncryptTool");
}
/**
* @tc.name: HksChipsetPlatformEncryptTest.HksChipsetPlatformEncryptTest001
* @tc.desc: tdd Normal process of chipset platform encrypt, expect ret == HKS_SUCCESS
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformEncryptTest, HksChipsetPlatformEncryptTest001, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformEncryptTest");
HksChipsetPlatformTestCase cipherMaterials {};
for (auto &input : g_encryptInputs) {
cipherMaterials = Encrypt(input);
PrintResult(cipherMaterials);
}
}
/**
* @tc.name: HksChipsetPlatformEncryptTest.HksChipsetPlatformEncryptTest002
* @tc.desc: tdd HksExportChipsetPlatformPublicKey normal case
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformEncryptTest, HksChipsetPlatformEncryptTest002, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformEncryptTest");
std::vector<uint8_t> saltData = std::vector<uint8_t>(PLATFORM_KEY_SALT_SIZE);
HksBlob salt = { .size = static_cast<uint32_t>(saltData.size()), .data = saltData.data() };
std::vector<uint8_t> pubKey = std::vector<uint8_t>(PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE);
HksBlob pk = { .size = static_cast<uint32_t>(pubKey.size()), .data = pubKey.data() };
int32_t ret = HksExportChipsetPlatformPublicKey(&salt, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &pk);
EXPECT_EQ(ret, HKS_SUCCESS);
std::vector<uint8_t> allZero(PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE);
EXPECT_NE(memcmp(pubKey.data(), allZero.data(), PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE), 0);
}
/**
* @tc.name: HksChipsetPlatformEncryptTest.HksChipsetPlatformEncryptTest003
* @tc.desc: tdd HksExportChipsetPlatformPublicKey bad case, nullptr
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformEncryptTest, HksChipsetPlatformEncryptTest003, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformEncryptTest");
// bad case, nullptr
int32_t ret = HksExportChipsetPlatformPublicKey(nullptr, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, nullptr);
EXPECT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformEncryptTest.HksChipsetPlatformEncryptTest004
* @tc.desc: tdd HksExportChipsetPlatformPublicKey bad case, salt too long, pubKey too long
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformEncryptTest, HksChipsetPlatformEncryptTest004, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformEncryptTest");
// bad case, salt too long, pubKey too long
std::vector<uint8_t> saltData(PLATFORM_KEY_SALT_SIZE + 1);
HksBlob salt = { .size = static_cast<uint32_t>(saltData.size()), .data = saltData.data() };
std::vector<uint8_t> pubKey(PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE + 1);
HksBlob pk = { .size = static_cast<uint32_t>(pubKey.size()), .data = pubKey.data() };
int32_t ret = HksExportChipsetPlatformPublicKey(&salt, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &pk);
EXPECT_NE(ret, HKS_SUCCESS);
}
/**
* @tc.name: HksChipsetPlatformEncryptTest.HksChipsetPlatformEncryptTest005
* @tc.desc: tdd HksExportChipsetPlatformPublicKey bad case, salt too short
* @tc.type: FUNC
*/
HWTEST_F(HksChipsetPlatformEncryptTest, HksChipsetPlatformEncryptTest005, TestSize.Level0)
{
HKS_LOG_E("enter HksChipsetPlatformEncryptTest");
// bad case, salt too short
std::vector<uint8_t> saltData = std::vector<uint8_t>(PLATFORM_KEY_SALT_SIZE - 1);
HksBlob salt = { .size = static_cast<uint32_t>(saltData.size()), .data = saltData.data() };
std::vector<uint8_t> pubKey = std::vector<uint8_t>(PLATFORM_KEY_PLATFORM_PUB_KEY_SIZE);
HksBlob pk = { .size = static_cast<uint32_t>(pubKey.size()), .data = pubKey.data() };
int32_t ret = HksExportChipsetPlatformPublicKey(&salt, HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA, &pk);
EXPECT_NE(ret, HKS_SUCCESS);
}
}

19
test/unittest/huks_standard_test/three_stage_test/src/hks_chipset_platform_encrypt_tool_input.json Normal file
View File

@ -0,0 +1,19 @@
{
"scene": "HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA",
"salt": [
"0x33", "0x44", "0x55", "0x66", "0x77", "0x88", "0x99", "0x00",
"0xaa", "0xbb", "0xcc", "0xdd", "0xee", "0xff", "0x11", "0x22"
],
"uuid": [
"0x33", "0x44", "0x55", "0x66", "0x77", "0x88", "0x99", "0x00",
"0xaa", "0xbb", "0xcc", "0xdd", "0xee", "0xff", "0x11", "0x22"
],
"customInfo": [
"0x33", "0x44", "0x55", "0x66", "0x77", "0x88", "0x99", "0x00",
"0xaa", "0xbb", "0xcc", "0xdd", "0xee", "0xff", "0x11", "0x22"
],
"plainText": [
"0x33", "0x44", "0x55", "0x66", "0x77", "0x88", "0x99", "0x00",
"0xaa", "0xbb", "0xcc", "0xdd", "0xee", "0xff", "0x11", "0x22"
]
}