From 2f093fe13f942811d48c0234ff3c4b79b5f6587b Mon Sep 17 00:00:00 2001 From: xujie Date: Tue, 26 Mar 2024 11:40:15 +0800 Subject: [PATCH] test Signed-off-by: xujie --- .../main/include/cm_type.h | 8 +- .../kits/js/@ohos.security.certManager.d.ts | 42 ++++--- interfaces/kits/napi/include/cm_napi_common.h | 5 +- .../napi/include/cm_napi_get_app_cert_info.h | 4 +- .../napi/include/cm_napi_get_app_cert_list.h | 4 +- .../include/cm_napi_get_system_cert_list.h | 4 +- interfaces/kits/napi/include/cm_napi_grant.h | 6 +- .../napi/include/cm_napi_install_app_cert.h | 4 +- .../napi/include/cm_napi_uninstall_app_cert.h | 4 +- interfaces/kits/napi/src/cm_napi.cpp | 19 +-- interfaces/kits/napi/src/cm_napi_common.cpp | 11 +- .../napi/src/cm_napi_get_app_cert_info.cpp | 4 +- .../napi/src/cm_napi_get_app_cert_list.cpp | 4 +- .../napi/src/cm_napi_get_system_cert_list.cpp | 4 +- interfaces/kits/napi/src/cm_napi_grant.cpp | 10 +- .../napi/src/cm_napi_install_app_cert.cpp | 4 +- .../napi/src/cm_napi_uninstall_app_cert.cpp | 4 +- .../main/core/include/cert_manager_uri.h | 5 - .../main/core/src/cert_manager.c | 6 +- .../main/core/src/cert_manager_auth_mgr.c | 4 +- .../main/core/src/cert_manager_check.c | 37 ++---- .../main/core/src/cert_manager_service.c | 3 +- .../main/core/src/cert_manager_storage.c | 108 +++++++++--------- test/unittest/src/cm_is_authed_test.cpp | 2 +- test/unittest/src/cm_user_cert_test.cpp | 8 +- 25 files changed, 158 insertions(+), 156 deletions(-) diff --git a/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h b/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h index c026d9b..353e01d 100644 --- a/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h +++ b/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -39,7 +39,7 @@ extern "C" { #define MAX_SUFFIX_LEN 16 #define MAX_COUNT_CERTIFICATE 256 -#define MAX_LEN_URI 64 +#define MAX_LEN_URI 256 #define MAX_AUTH_LEN_URI 256 #define MAX_LEN_CERT_ALIAS 64 #define MAX_LEN_SUBJECT_NAME 256 @@ -121,7 +121,7 @@ enum CmErrorCode { CMR_ERROR_REMOVE_FILE_FAIL = -13, CMR_ERROR_CLOSE_FILE_FAIL = -14, CMR_ERROR_MALLOC_FAIL = -15, - CMR_ERROR_NOT_EXIST = -16, + CMR_ERROR_NOT_EXIST = -16, CMR_ERROR_ALREADY_EXISTS = -17, CMR_ERROR_INSUFFICIENT_DATA = -18, CMR_ERROR_BUFFER_TOO_SMALL = -19, @@ -132,6 +132,8 @@ enum CmErrorCode { CMR_ERROR_AUTH_CHECK_FAILED = -24, CMR_ERROR_KEY_OPERATION_FAILED = -25, CMR_ERROR_NOT_SYSTEMP_APP = -26, + CMR_ERROR_CERT_NUM_REACHED_LIMIT = -27, + CMR_ERROR_ALIAS_LENGTH_REACHED_LIMIT = -28, }; enum CMErrorCode { /* temp use */ diff --git a/interfaces/kits/js/@ohos.security.certManager.d.ts b/interfaces/kits/js/@ohos.security.certManager.d.ts index dbb49b9..77d3597 100644 --- a/interfaces/kits/js/@ohos.security.certManager.d.ts +++ b/interfaces/kits/js/@ohos.security.certManager.d.ts @@ -95,8 +95,8 @@ declare namespace CertificateManager { * @syscap SystemCapability.Security.CertificateManager * @permission ohos.permission.ACCESS_CERT_MANAGER */ - function getUserTrustedCertificateList(callback: AsyncCallback) : void; - function getUserTrustedCertificateList() : Promise; + function getAllUserTrustedCertificates(callback: AsyncCallback) : void; + function getAllUserTrustedCertificates() : Promise; /** * Get the detail of user root certificate. @@ -118,8 +118,8 @@ declare namespace CertificateManager { * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL * @systemapi Hide this for inner system use */ - function installAppCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string, callback: AsyncCallback) : void; - function installAppCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string) : Promise; + function installPublicCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string, callback: AsyncCallback) : void; + function installPublicCertificate(keystore: Uint8Array, keystorePwd: string, certAlias: string) : Promise; /** * Install private application certificate. @@ -174,8 +174,8 @@ declare namespace CertificateManager { * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL * @systemapi Hide this for inner system use */ - function uninstallAppCertificate(keyUri: string, callback: AsyncCallback) : void; - function uninstallAppCertificate(keyUri: string) : Promise; + function uninstallPublicCertificate(keyUri: string, callback: AsyncCallback) : void; + function uninstallPublicCertificate(keyUri: string) : Promise; /** * Uninstall the specified normal application certificate. @@ -194,8 +194,8 @@ declare namespace CertificateManager { * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL * @systemapi Hide this for inner system use */ - function getAppCertificateList(callback: AsyncCallback) : void; - function getAppCertificateList() : Promise; + function getAllPublicCertificates(callback: AsyncCallback) : void; + function getAllPublicCertificates() : Promise; /** * Get a list of private application certificates. @@ -214,8 +214,8 @@ declare namespace CertificateManager { * @param keyUri Indicates key's name. * @permission ohos.permission.ACCESS_CERT_MANAGER */ - function getAppCertificate(keyUri: string, callback: AsyncCallback) : void; - function getAppCertificate(keyUri: string, ) : Promise; + function getPublicCertificate(keyUri: string, callback: AsyncCallback) : void; + function getPublicCertificate(keyUri: string, ) : Promise; /** * Get the detail of private application certificate. @@ -236,8 +236,8 @@ declare namespace CertificateManager { * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL * @systemapi Hide this for inner system use */ - function grantAppCertificate(keyUri: string, clientAppUid: string, callback: AsyncCallback) : void; - function grantAppCertificate(keyUri: string, clientAppUid: string) : Promise; + function grantPublicCertificate(keyUri: string, clientAppUid: string, callback: AsyncCallback) : void; + function grantPublicCertificate(keyUri: string, clientAppUid: string) : Promise; /** * Whether the current application is authorized by the specified application certificate. @@ -269,8 +269,8 @@ declare namespace CertificateManager { * @permission ohos.permission.ACCESS_CERT_MANAGER_INTERNAL * @systemapi Hide this for inner system use */ - function removeGrantedAppCertificate(keyUri: string, clientAppUid: string, callback: AsyncCallback) : void; - function removeGrantedAppCertificate(keyUri: string, clientAppUid: string) : Promise; + function removeGrantedPublicCertificate(keyUri: string, clientAppUid: string, callback: AsyncCallback) : void; + function removeGrantedPublicCertificate(keyUri: string, clientAppUid: string) : Promise; /** * Init operation for signing and verifying etc. @@ -394,11 +394,15 @@ declare namespace CertificateManager { } export enum CMErrorCode { - CM_SUCCESS = 0, - CM_ERROR_INNER_ERROR = 17500001, - CM_ERROR_NO_PERMISSION = 17500002, - CM_ERROR_NO_FOUND = 17500003, - CM_ERROR_X509_FORMATE = 17500004, + CM_ERROR_NO_PERMISSION = 201, + CM_ERROR_NOT_SYSTEM_APP = 202, + CM_ERROR_INVALID_PARAMS = 401, + CM_ERROR_GENERIC = 17500001, + CM_ERROR_NO_FOUND = 17500002, + CM_ERROR_INCORRECT_FORMAT = 17500003, + CM_ERROR_CERT_NUM_REACHED_LIMIT = 17500004, + CM_ERROR_NO_AUTHORIZATION = 17500005, + CM_ERROR_ALIAS_LENGTH_REACHED_LIMIT = 17500006 } } diff --git a/interfaces/kits/napi/include/cm_napi_common.h b/interfaces/kits/napi/include/cm_napi_common.h index 64e6d7c..e6384cd 100644 --- a/interfaces/kits/napi/include/cm_napi_common.h +++ b/interfaces/kits/napi/include/cm_napi_common.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -155,6 +155,9 @@ enum ErrorCode { INNER_FAILURE = 17500001, NOT_FOUND = 17500002, INVALID_CERT_FORMAT = 17500003, + CERT_NUM_REACHED_LIMIT = 17500004, + NO_AUTHORIZATION = 17500005, + ALIAS_LENGTH_REACHED_LIMIT = 17500006, }; enum CmJSKeyDigest { diff --git a/interfaces/kits/napi/include/cm_napi_get_app_cert_info.h b/interfaces/kits/napi/include/cm_napi_get_app_cert_info.h index 153881e..d7ab5df 100644 --- a/interfaces/kits/napi/include/cm_napi_get_app_cert_info.h +++ b/interfaces/kits/napi/include/cm_napi_get_app_cert_info.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -20,7 +20,7 @@ #include "napi/native_node_api.h" namespace CMNapi { -napi_value CMNapiGetAppCertInfo(napi_env env, napi_callback_info info); +napi_value CMNapiGetPublicCertInfo(napi_env env, napi_callback_info info); napi_value CMNapiGetPrivateAppCertInfo(napi_env env, napi_callback_info info); } // namespace CertManagerNapi diff --git a/interfaces/kits/napi/include/cm_napi_get_app_cert_list.h b/interfaces/kits/napi/include/cm_napi_get_app_cert_list.h index 83ba2f5..4ea77ff 100644 --- a/interfaces/kits/napi/include/cm_napi_get_app_cert_list.h +++ b/interfaces/kits/napi/include/cm_napi_get_app_cert_list.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -20,7 +20,7 @@ #include "napi/native_node_api.h" namespace CMNapi { -napi_value CMNapiGetAppCertList(napi_env env, napi_callback_info info); +napi_value CMNapiGetAllPublicCertList(napi_env env, napi_callback_info info); napi_value CMNapiGetPrivateAppCertList(napi_env env, napi_callback_info info); } // namespace CertManagerNapi diff --git a/interfaces/kits/napi/include/cm_napi_get_system_cert_list.h b/interfaces/kits/napi/include/cm_napi_get_system_cert_list.h index 6acbd97..456440a 100644 --- a/interfaces/kits/napi/include/cm_napi_get_system_cert_list.h +++ b/interfaces/kits/napi/include/cm_napi_get_system_cert_list.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -22,7 +22,7 @@ namespace CMNapi { napi_value CMNapiGetSystemCertList(napi_env env, napi_callback_info info); -napi_value CMNapiGetUserTrustedCertList(napi_env env, napi_callback_info info); +napi_value CMNapiGetAllUserTrustedCertList(napi_env env, napi_callback_info info); } // namespace CertManagerNapi #endif // CM_NAPI_GET_CERTIFICATE_LIST_H \ No newline at end of file diff --git a/interfaces/kits/napi/include/cm_napi_grant.h b/interfaces/kits/napi/include/cm_napi_grant.h index e69b8d2..2c6cb06 100755 --- a/interfaces/kits/napi/include/cm_napi_grant.h +++ b/interfaces/kits/napi/include/cm_napi_grant.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -20,10 +20,10 @@ #include "napi/native_node_api.h" namespace CMNapi { - napi_value CMNapiGrantAppCertificate(napi_env env, napi_callback_info info); + napi_value CMNapiGrantPublicCertificate(napi_env env, napi_callback_info info); napi_value CMNapiIsAuthorizedApp(napi_env env, napi_callback_info info); napi_value CMNapiGetAuthorizedAppList(napi_env env, napi_callback_info info); - napi_value CMNapiRemoveGrantedApp(napi_env env, napi_callback_info info); + napi_value CMNapiRemoveGrantedPublic(napi_env env, napi_callback_info info); } // namespace CMNapi #endif /* CM_NAPI_GRANT_H */ diff --git a/interfaces/kits/napi/include/cm_napi_install_app_cert.h b/interfaces/kits/napi/include/cm_napi_install_app_cert.h index 67aa60e..e38486d 100644 --- a/interfaces/kits/napi/include/cm_napi_install_app_cert.h +++ b/interfaces/kits/napi/include/cm_napi_install_app_cert.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -20,7 +20,7 @@ #include "napi/native_node_api.h" namespace CMNapi { -napi_value CMNapiInstallAppCert(napi_env env, napi_callback_info info); +napi_value CMNapiInstallPublicCert(napi_env env, napi_callback_info info); napi_value CMNapiInstallPrivateAppCert(napi_env env, napi_callback_info info); } // namespace CertManagerNapi diff --git a/interfaces/kits/napi/include/cm_napi_uninstall_app_cert.h b/interfaces/kits/napi/include/cm_napi_uninstall_app_cert.h index f434a91..dafa9f2 100644 --- a/interfaces/kits/napi/include/cm_napi_uninstall_app_cert.h +++ b/interfaces/kits/napi/include/cm_napi_uninstall_app_cert.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -20,7 +20,7 @@ #include "napi/native_node_api.h" namespace CMNapi { -napi_value CMNapiUninstallAppCert(napi_env env, napi_callback_info info); +napi_value CMNapiUninstallPublicCert(napi_env env, napi_callback_info info); napi_value CMNapiUninstallPrivateAppCert(napi_env env, napi_callback_info info); } // namespace CertManagerNapi diff --git a/interfaces/kits/napi/src/cm_napi.cpp b/interfaces/kits/napi/src/cm_napi.cpp index bea9393..adcb9c1 100644 --- a/interfaces/kits/napi/src/cm_napi.cpp +++ b/interfaces/kits/napi/src/cm_napi.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -46,6 +46,9 @@ namespace CMNapi { AddInt32Property(env, errorCode, "CM_ERROR_GENERIC", INNER_FAILURE); AddInt32Property(env, errorCode, "CM_ERROR_NO_FOUND", NOT_FOUND); AddInt32Property(env, errorCode, "CM_ERROR_INCORRECT_FORMAT", INVALID_CERT_FORMAT); + AddInt32Property(env, errorCode, "CM_ERROR_CERT_NUM_REACHED_LIMIT", CERT_NUM_REACHED_LIMIT); + AddInt32Property(env, errorCode, "CM_ERROR_NO_AUTHORIZATION", NO_AUTHORIZATION); + AddInt32Property(env, errorCode, "CM_ERROR_ALIAS_LENGTH_REACHED_LIMIT", ALIAS_LENGTH_REACHED_LIMIT); } static napi_value CreateCMErrorCode(napi_env env) @@ -110,26 +113,26 @@ extern "C" { DECLARE_NAPI_FUNCTION("getSystemTrustedCertificateList", CMNapiGetSystemCertList), DECLARE_NAPI_FUNCTION("getSystemTrustedCertificate", CMNapiGetSystemCertInfo), DECLARE_NAPI_FUNCTION("setCertificateStatus", CMNapiSetCertStatus), - DECLARE_NAPI_FUNCTION("installAppCertificate", CMNapiInstallAppCert), + DECLARE_NAPI_FUNCTION("installPublicCertificate", CMNapiInstallPublicCert), DECLARE_NAPI_FUNCTION("uninstallAllAppCertificate", CMNapiUninstallAllAppCert), - DECLARE_NAPI_FUNCTION("uninstallAppCertificate", CMNapiUninstallAppCert), - DECLARE_NAPI_FUNCTION("getAppCertificateList", CMNapiGetAppCertList), - DECLARE_NAPI_FUNCTION("getAppCertificate", CMNapiGetAppCertInfo), + DECLARE_NAPI_FUNCTION("uninstallPublicCertificate", CMNapiUninstallPublicCert), + DECLARE_NAPI_FUNCTION("getAllPublicCertificates", CMNapiGetAllPublicCertList), + DECLARE_NAPI_FUNCTION("getPublicCertificate", CMNapiGetPublicCertInfo), DECLARE_NAPI_FUNCTION("installUserTrustedCertificate", CMNapiInstallUserTrustedCert), DECLARE_NAPI_FUNCTION("uninstallAllUserTrustedCertificate", CMNapiUninstallAllUserTrustedCert), DECLARE_NAPI_FUNCTION("uninstallUserTrustedCertificate", CMNapiUninstallUserTrustedCert), - DECLARE_NAPI_FUNCTION("getUserTrustedCertificateList", CMNapiGetUserTrustedCertList), + DECLARE_NAPI_FUNCTION("getAllUserTrustedCertificates", CMNapiGetAllUserTrustedCertList), DECLARE_NAPI_FUNCTION("getUserTrustedCertificate", CMNapiGetUserTrustedCertInfo), DECLARE_NAPI_FUNCTION("installPrivateCertificate", CMNapiInstallPrivateAppCert), DECLARE_NAPI_FUNCTION("uninstallPrivateCertificate", CMNapiUninstallPrivateAppCert), DECLARE_NAPI_FUNCTION("getPrivateCertificateList", CMNapiGetPrivateAppCertList), DECLARE_NAPI_FUNCTION("getAllAppPrivateCertificates", CMNapiGetPrivateAppCertList), DECLARE_NAPI_FUNCTION("getPrivateCertificate", CMNapiGetPrivateAppCertInfo), - DECLARE_NAPI_FUNCTION("grantAppCertificate", CMNapiGrantAppCertificate), + DECLARE_NAPI_FUNCTION("grantPublicCertificate", CMNapiGrantPublicCertificate), DECLARE_NAPI_FUNCTION("isAuthorizedApp", CMNapiIsAuthorizedApp), DECLARE_NAPI_FUNCTION("getAuthorizedAppList", CMNapiGetAuthorizedAppList), - DECLARE_NAPI_FUNCTION("removeGrantedAppCertificate", CMNapiRemoveGrantedApp), + DECLARE_NAPI_FUNCTION("removeGrantedPublicCertificate", CMNapiRemoveGrantedPublic), DECLARE_NAPI_FUNCTION("init", CMNapiInit), DECLARE_NAPI_FUNCTION("update", CMNapiUpdate), DECLARE_NAPI_FUNCTION("finish", CMNapiFinish), diff --git a/interfaces/kits/napi/src/cm_napi_common.cpp b/interfaces/kits/napi/src/cm_napi_common.cpp index 6c237e6..5aa25a8 100644 --- a/interfaces/kits/napi/src/cm_napi_common.cpp +++ b/interfaces/kits/napi/src/cm_napi_common.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -349,6 +349,15 @@ int32_t TranformErrorCode(int32_t errorCode) if (errorCode == CMR_ERROR_INVALID_ARGUMENT) { return PARAM_ERROR; } + if (errorCode == CMR_ERROR_CERT_NUM_REACHED_LIMIT) { + return CERT_NUM_REACHED_LIMIT; + } + if (errorCode == CMR_ERROR_AUTH_CHECK_FAILED) { + return NO_AUTHORIZATION; + } + if (errorCode == CMR_ERROR_ALIAS_LENGTH_REACHED_LIMIT) { + return ALIAS_LENGTH_REACHED_LIMIT; + } return INNER_FAILURE; } diff --git a/interfaces/kits/napi/src/cm_napi_get_app_cert_info.cpp b/interfaces/kits/napi/src/cm_napi_get_app_cert_info.cpp index fdbc134..2c03c47 100644 --- a/interfaces/kits/napi/src/cm_napi_get_app_cert_info.cpp +++ b/interfaces/kits/napi/src/cm_napi_get_app_cert_info.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -19,7 +19,7 @@ #include "cm_log.h" namespace CMNapi { -napi_value CMNapiGetAppCertInfo(napi_env env, napi_callback_info info) +napi_value CMNapiGetPublicCertInfo(napi_env env, napi_callback_info info) { return CMNapiGetAppCertInfoCommon(env, info, APPLICATION_CERTIFICATE_STORE); } diff --git a/interfaces/kits/napi/src/cm_napi_get_app_cert_list.cpp b/interfaces/kits/napi/src/cm_napi_get_app_cert_list.cpp index fbc4610..d847549 100644 --- a/interfaces/kits/napi/src/cm_napi_get_app_cert_list.cpp +++ b/interfaces/kits/napi/src/cm_napi_get_app_cert_list.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -19,7 +19,7 @@ #include "cm_log.h" namespace CMNapi { -napi_value CMNapiGetAppCertList(napi_env env, napi_callback_info info) +napi_value CMNapiGetAllPublicCertList(napi_env env, napi_callback_info info) { return CMNapiGetAppCertListCommon(env, info, APPLICATION_CERTIFICATE_STORE); } diff --git a/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp b/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp index 35a6076..3bc17cb 100644 --- a/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp +++ b/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -208,7 +208,7 @@ napi_value CMNapiGetSystemCertList(napi_env env, napi_callback_info info) return result; } -napi_value CMNapiGetUserTrustedCertList(napi_env env, napi_callback_info info) +napi_value CMNapiGetAllUserTrustedCertList(napi_env env, napi_callback_info info) { GetCertListAsyncContext context = CreateGetCertListAsyncContext(); if (context == nullptr) { diff --git a/interfaces/kits/napi/src/cm_napi_grant.cpp b/interfaces/kits/napi/src/cm_napi_grant.cpp index 65cad06..571c76e 100644 --- a/interfaces/kits/napi/src/cm_napi_grant.cpp +++ b/interfaces/kits/napi/src/cm_napi_grant.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -245,6 +245,10 @@ static void RemoveOrIsAuthedComplete(napi_env env, napi_status status, void *dat if (context->errCode == CM_SUCCESS) { napi_create_uint32(env, 0, &result[0]); napi_get_boolean(env, true, &result[1]); + } else if (context->errCode == CMR_ERROR_AUTH_CHECK_FAILED) { + napi_create_uint32(env, 0, &result[0]); + napi_get_boolean(env, false, &result[1]); + context->errCode = CM_SUCCESS; } else { result[0] = GenerateBusinessError(env, context->errCode, "remove or check is authed process failed"); napi_get_undefined(env, &result[1]); @@ -428,7 +432,7 @@ static napi_value GetUidListAsyncWork(napi_env env, GrantAsyncContext context) return promise; } -napi_value CMNapiGrantAppCertificate(napi_env env, napi_callback_info info) +napi_value CMNapiGrantPublicCertificate(napi_env env, napi_callback_info info) { GrantAsyncContext context = InitGrantAsyncContext(); if (context == nullptr) { @@ -503,7 +507,7 @@ napi_value CMNapiGetAuthorizedAppList(napi_env env, napi_callback_info info) return result; } -napi_value CMNapiRemoveGrantedApp(napi_env env, napi_callback_info info) +napi_value CMNapiRemoveGrantedPublic(napi_env env, napi_callback_info info) { GrantAsyncContext context = InitGrantAsyncContext(); if (context == nullptr) { diff --git a/interfaces/kits/napi/src/cm_napi_install_app_cert.cpp b/interfaces/kits/napi/src/cm_napi_install_app_cert.cpp index ee0a2e0..7c2c56e 100644 --- a/interfaces/kits/napi/src/cm_napi_install_app_cert.cpp +++ b/interfaces/kits/napi/src/cm_napi_install_app_cert.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -19,7 +19,7 @@ #include "cm_log.h" namespace CMNapi { -napi_value CMNapiInstallAppCert(napi_env env, napi_callback_info info) +napi_value CMNapiInstallPublicCert(napi_env env, napi_callback_info info) { return CMNapiInstallAppCertCommon(env, info, APPLICATION_CERTIFICATE_STORE); } diff --git a/interfaces/kits/napi/src/cm_napi_uninstall_app_cert.cpp b/interfaces/kits/napi/src/cm_napi_uninstall_app_cert.cpp index e855e4a..dc8d2b3 100644 --- a/interfaces/kits/napi/src/cm_napi_uninstall_app_cert.cpp +++ b/interfaces/kits/napi/src/cm_napi_uninstall_app_cert.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -19,7 +19,7 @@ #include "cm_log.h" namespace CMNapi { -napi_value CMNapiUninstallAppCert(napi_env env, napi_callback_info info) +napi_value CMNapiUninstallPublicCert(napi_env env, napi_callback_info info) { return CMNapiUninstallAppCertCommon(env, info, APPLICATION_CERTIFICATE_STORE); } diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_uri.h b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_uri.h index 92995fd..069e8e6 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_uri.h +++ b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_uri.h @@ -25,11 +25,6 @@ extern "C" { #define DEC_LEN 10 -// maximum length of object names for cert manager -#define CM_NAME_MAX_LEN 32 -// maximum length of URI -#define CM_URI_MAX_LEN 256 - #define CM_URI_TYPE_CERTIFICATE ((uint32_t)0) #define CM_URI_TYPE_MAC_KEY ((uint32_t)1) #define CM_URI_TYPE_APP_KEY ((uint32_t)2) diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c index dea5696..96e0171 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -468,7 +468,7 @@ int32_t CmWriteUserCert(const struct CmContext *context, struct CmMutableBlob *p { if (certAlias->size > MAX_LEN_CERT_ALIAS) { CM_LOG_E("alias size is too large"); - return CMR_ERROR_INVALID_ARGUMENT; + return CMR_ERROR_ALIAS_LENGTH_REACHED_LIMIT; } int32_t ret; @@ -488,7 +488,7 @@ int32_t CmWriteUserCert(const struct CmContext *context, struct CmMutableBlob *p ret = CherkCertCountBeyondMax((char*)pathBlob->data, (char *)certUri->data); if (ret != CM_SUCCESS) { CM_LOG_E("cert count beyond maxcount, can't install"); - ret = CMR_ERROR_INVALID_ARGUMENT; + ret = CMR_ERROR_CERT_NUM_REACHED_LIMIT; break; } diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_auth_mgr.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_auth_mgr.c index 5c41760..b730d70 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_auth_mgr.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_auth_mgr.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -470,7 +470,7 @@ static int32_t CheckIsAuthorizedApp(const struct CMUri *uriObj) if (ret != CM_SUCCESS) { CM_LOG_E("calc uri mac failed, ret = %d", ret); CM_FREE_PTR(macByte.data); - return ret; + return CMR_ERROR_AUTH_CHECK_FAILED; } if ((macByte.size != mac.size) || (memcmp(macByte.data, mac.data, macByte.size) != 0)) { diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c index aa5f6a2..652a013 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c @@ -106,24 +106,6 @@ int32_t CmServiceSetCertStatusCheck(const uint32_t store, const struct CmBlob *c return CM_SUCCESS; } -static bool AppCertCheckBlobValid(const struct CmBlob *data) -{ - for (uint32_t i = 0; i < data->size; i++) { - if ((i > 0) && (data->data[i] == '\0')) { /* from index 1 has '\0' */ - CM_LOG_D("data has string end character"); - return true; - } - - if ((!isalnum(data->data[i])) && (data->data[i] != '_')) { /* has invalid character */ - CM_LOG_E("data include invalid character"); - return false; - } - } - - CM_LOG_E("data has no string end character"); - return false; -} - static bool CmCheckMaxInstalledCertCount(const uint32_t store, const struct CmContext *cmContext) { bool isValid = true; @@ -162,22 +144,23 @@ int32_t CmServiceInstallAppCertCheck(const struct CmBlob *appCert, const struct CM_LOG_E("CmInstallAppCertCheck blob check fail"); return CMR_ERROR_INVALID_ARGUMENT; } - - if (appCert->size > MAX_LEN_APP_CERT || appCertPwd->size > MAX_LEN_APP_CERT_PASSWD || - certAlias->size > MAX_LEN_CERT_ALIAS) { - CM_LOG_E("CmInstallAppCertCheck max check fail, appCert:%u, appCertPwd:%u, certAlias:%u", - appCert->size, appCertPwd->size, certAlias->size); + if (certAlias->size > MAX_LEN_CERT_ALIAS) { + CM_LOG_E("alias size is too large"); + return CMR_ERROR_ALIAS_LENGTH_REACHED_LIMIT; + } + if (appCert->size > MAX_LEN_APP_CERT || appCertPwd->size > MAX_LEN_APP_CERT_PASSWD) { + CM_LOG_E("CmInstallAppCertCheck max check fail, appCert:%u, appCertPwd:%u", appCert->size, appCertPwd->size); return CMR_ERROR_INVALID_ARGUMENT; } - if ((CheckUri(appCertPwd) != CM_SUCCESS) || (!AppCertCheckBlobValid(certAlias))) { - CM_LOG_E("CmInstallAppCertCheck blob data check fail"); - return CMR_ERROR_INVALID_ARGUMENT; + if (CheckUri(appCertPwd) != CM_SUCCESS) { + CM_LOG_E("CmInstallAppCertCheck blob data check fail"); + return CMR_ERROR_INVALID_ARGUMENT; } if (CmCheckMaxInstalledCertCount(store, cmContext) == false) { CM_LOG_E("CmCheckMaxInstalledCertCount check fail"); - return CM_FAILURE; + return CMR_ERROR_CERT_NUM_REACHED_LIMIT; } if (!CmPermissionCheck(store)) { diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c index 1405fdb..75edf1e 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -533,7 +533,6 @@ int32_t CmInstallUserCert(const struct CmContext *context, const struct CmBlob * ret = CmWriteUserCert(context, &pathBlob, userCert, certAlias, certUri); if (ret != CM_SUCCESS) { CM_LOG_E("CertManagerWriteUserCert fail"); - ret = CM_FAILURE; break; } diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_storage.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_storage.c index 96fda25..604ad26 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_storage.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_storage.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -11,62 +11,62 @@ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - */ - -#include "cert_manager_storage.h" - + */ + +#include "cert_manager_storage.h" + #include -#include - +#include + #include "cert_manager_file_operator.h" -#include "cert_manager_mem.h" -#include "cert_manager_uri.h" -#include "cm_log.h" +#include "cert_manager_mem.h" +#include "cert_manager_uri.h" +#include "cm_log.h" #include "cm_type.h" #include "securec.h" - -int32_t GetRootPath(uint32_t store, char *rootPath, uint32_t pathLen) + +int32_t GetRootPath(uint32_t store, char *rootPath, uint32_t pathLen) { errno_t ret; /* keep \0 at end */ switch (store) { - case CM_CREDENTIAL_STORE: + case CM_CREDENTIAL_STORE: ret = memcpy_s(rootPath, pathLen - 1, CREDNTIAL_STORE, strlen(CREDNTIAL_STORE)); - break; - case CM_SYSTEM_TRUSTED_STORE: - ret = memcpy_s(rootPath, pathLen - 1, SYSTEM_CA_STORE, strlen(SYSTEM_CA_STORE)); - break; - case CM_USER_TRUSTED_STORE: - ret = memcpy_s(rootPath, pathLen - 1, USER_CA_STORE, strlen(USER_CA_STORE)); - break; - case CM_PRI_CREDENTIAL_STORE: - ret = memcpy_s(rootPath, pathLen - 1, PRI_CREDNTIAL_STORE, strlen(PRI_CREDNTIAL_STORE)); - break; + break; + case CM_SYSTEM_TRUSTED_STORE: + ret = memcpy_s(rootPath, pathLen - 1, SYSTEM_CA_STORE, strlen(SYSTEM_CA_STORE)); + break; + case CM_USER_TRUSTED_STORE: + ret = memcpy_s(rootPath, pathLen - 1, USER_CA_STORE, strlen(USER_CA_STORE)); + break; + case CM_PRI_CREDENTIAL_STORE: + ret = memcpy_s(rootPath, pathLen - 1, PRI_CREDNTIAL_STORE, strlen(PRI_CREDNTIAL_STORE)); + break; default: return CMR_ERROR_INVALID_ARGUMENT; } if (ret != EOK) { CM_LOG_E("copy path failed, store = %u", store); - return CMR_ERROR_INVALID_OPERATION; + return CMR_ERROR_INVALID_OPERATION; } return CM_SUCCESS; } -int32_t ConstructUserIdPath(const struct CmContext *context, uint32_t store, +int32_t ConstructUserIdPath(const struct CmContext *context, uint32_t store, char *userIdPath, uint32_t pathLen) { - char rootPath[CERT_MAX_PATH_LEN] = { 0 }; - int32_t ret = GetRootPath(store, rootPath, CERT_MAX_PATH_LEN); + char rootPath[CERT_MAX_PATH_LEN] = { 0 }; + int32_t ret = GetRootPath(store, rootPath, CERT_MAX_PATH_LEN); if (ret != CM_SUCCESS) { return ret; } if (snprintf_s(userIdPath, pathLen, pathLen - 1, "%s%u", rootPath, context->userId) < 0) { CM_LOG_E("construct user id path failed"); - return CMR_ERROR_INVALID_OPERATION; + return CMR_ERROR_INVALID_OPERATION; } ret = CmMakeDir(userIdPath); @@ -78,18 +78,18 @@ int32_t ConstructUserIdPath(const struct CmContext *context, uint32_t store, return CM_SUCCESS; } -int32_t ConstructUidPath(const struct CmContext *context, uint32_t store, +int32_t ConstructUidPath(const struct CmContext *context, uint32_t store, char *uidPath, uint32_t pathLen) { - char userIdPath[CERT_MAX_PATH_LEN] = { 0 }; - int32_t ret = ConstructUserIdPath(context, store, userIdPath, CERT_MAX_PATH_LEN); + char userIdPath[CERT_MAX_PATH_LEN] = { 0 }; + int32_t ret = ConstructUserIdPath(context, store, userIdPath, CERT_MAX_PATH_LEN); if (ret != CM_SUCCESS) { return ret; } if (snprintf_s(uidPath, pathLen, pathLen - 1, "%s/%u", userIdPath, context->uid) < 0) { CM_LOG_E("construct uid path failed"); - return CMR_ERROR_INVALID_OPERATION; + return CMR_ERROR_INVALID_OPERATION; } ret = CmMakeDir(uidPath); @@ -101,18 +101,18 @@ int32_t ConstructUidPath(const struct CmContext *context, uint32_t store, return CM_SUCCESS; } -int32_t ConstructAuthListPath(const struct CmContext *context, uint32_t store, +int32_t ConstructAuthListPath(const struct CmContext *context, uint32_t store, char *authListPath, uint32_t pathLen) { - char uidPath[CERT_MAX_PATH_LEN] = { 0 }; - int32_t ret = ConstructUidPath(context, store, uidPath, CERT_MAX_PATH_LEN); + char uidPath[CERT_MAX_PATH_LEN] = { 0 }; + int32_t ret = ConstructUidPath(context, store, uidPath, CERT_MAX_PATH_LEN); if (ret != CM_SUCCESS) { return ret; } if (snprintf_s(authListPath, pathLen, pathLen - 1, "%s/%s", uidPath, "authlist") < 0) { CM_LOG_E("construct authlist failed"); - return CMR_ERROR_INVALID_OPERATION; + return CMR_ERROR_INVALID_OPERATION; } ret = CmMakeDir(authListPath); @@ -123,13 +123,13 @@ int32_t ConstructAuthListPath(const struct CmContext *context, uint32_t store, return CM_SUCCESS; } - -int32_t CmStorageGetBuf(const char *path, const char *fileName, struct CmBlob *storageBuf) + +int32_t CmStorageGetBuf(const char *path, const char *fileName, struct CmBlob *storageBuf) { uint32_t fileSize = CmFileSize(path, fileName); if (fileSize == 0 || fileSize > MAX_OUT_BLOB_SIZE) { CM_LOG_E("file size[%u] invalid", fileSize); - return CMR_ERROR_INVALID_OPERATION; + return CMR_ERROR_NOT_EXIST; } uint8_t *data = (uint8_t *)CMMalloc(fileSize); @@ -142,33 +142,33 @@ int32_t CmStorageGetBuf(const char *path, const char *fileName, struct CmBlob *s if (readSize == 0) { CM_LOG_E("read file size 0 invalid"); CMFree(data); - return CMR_ERROR_INVALID_OPERATION; + return CMR_ERROR_NOT_EXIST; } - storageBuf->data = data; - storageBuf->size = fileSize; + storageBuf->data = data; + storageBuf->size = fileSize; return CM_SUCCESS; -} - -int32_t CmStorageGetAppCert(const struct CmContext *context, uint32_t store, - const struct CmBlob *keyUri, struct CmBlob *certBlob) -{ +} + +int32_t CmStorageGetAppCert(const struct CmContext *context, uint32_t store, + const struct CmBlob *keyUri, struct CmBlob *certBlob) +{ uint32_t uid = 0; - int32_t ret = CertManagerGetUidFromUri(keyUri, &uid); + int32_t ret = CertManagerGetUidFromUri(keyUri, &uid); if (ret != CM_SUCCESS) { return ret; } - struct CmContext uriContext = { context->userId, uid, { 0 } }; - char uidPath[CERT_MAX_PATH_LEN] = { 0 }; - ret = ConstructUidPath(&uriContext, store, uidPath, CERT_MAX_PATH_LEN); + struct CmContext uriContext = { context->userId, uid, { 0 } }; + char uidPath[CERT_MAX_PATH_LEN] = { 0 }; + ret = ConstructUidPath(&uriContext, store, uidPath, CERT_MAX_PATH_LEN); if (ret != CM_SUCCESS) { return ret; } - return CmStorageGetBuf(uidPath, (const char *)keyUri->data, certBlob); -} - + return CmStorageGetBuf(uidPath, (const char *)keyUri->data, certBlob); +} + int32_t CmGetCertFilePath(const struct CmContext *context, uint32_t store, struct CmMutableBlob *pathBlob) { char pathPtr[CERT_MAX_PATH_LEN] = {0}; diff --git a/test/unittest/src/cm_is_authed_test.cpp b/test/unittest/src/cm_is_authed_test.cpp index ccff211..f0670de 100755 --- a/test/unittest/src/cm_is_authed_test.cpp +++ b/test/unittest/src/cm_is_authed_test.cpp @@ -324,7 +324,7 @@ HWTEST_F(CmIsAuthedTest, CmIsAuthedTest016, TestSize.Level0) "oh:t=ak;o=keyA;u=0;a=0?ca=0&m=BA632421B76F1059BC28184FB9E50D5795232B6D5C535E0DCAC0114A7AD8FAFE"; struct CmBlob authUriFail = { sizeof(uriDataFail), uriDataFail }; int32_t ret = CmIsAuthorizedApp(&authUriFail); - EXPECT_EQ(ret, CMR_ERROR_KEY_OPERATION_FAILED); + EXPECT_EQ(ret, CMR_ERROR_AUTH_CHECK_FAILED); } /** diff --git a/test/unittest/src/cm_user_cert_test.cpp b/test/unittest/src/cm_user_cert_test.cpp index 5835fb8..4668e30 100755 --- a/test/unittest/src/cm_user_cert_test.cpp +++ b/test/unittest/src/cm_user_cert_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -683,7 +683,7 @@ HWTEST_F(CmUserCertTest, InstallUserCertTest007, TestSize.Level0) struct CmBlob certUri257 = { sizeof(certUriBuf257), certUriBuf257 }; ret = CmInstallUserTrustedCert(&userCertTest, &certAlias257, &certUri257); - EXPECT_EQ(ret, CM_FAILURE) << "Normal user cert Install test failed, recode:" << ret; + EXPECT_EQ(ret, CMR_ERROR_CERT_NUM_REACHED_LIMIT) << "Normal user cert Install test failed, recode:" << ret; uint8_t certAliasBuf000[] = "alias0"; /* update 001th user cert */ uint8_t certUriBuf000[MAX_URI_LEN] = {0}; @@ -735,7 +735,7 @@ HWTEST_F(CmUserCertTest, InstallUserCertTest009, TestSize.Level0) struct CmBlob certUriTemp = { sizeof(certUriBuf), certUriBuf }; ret = CmInstallUserTrustedCert(&userCertTemp, &largeAlias, &certUriTemp); - EXPECT_EQ(ret, CM_FAILURE) << "Normal user cert Install test failed, recode:" << ret; + EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT) << "Normal user cert Install test failed, recode:" << ret; } /** @@ -775,7 +775,7 @@ HWTEST_F(CmUserCertTest, InstallUserCertTest011, TestSize.Level0) struct CmBlob largeUri = { sizeof(largeUriBuf), largeUriBuf }; ret = CmInstallUserTrustedCert(&userCertTemp, &edgeAlias, &largeUri); - EXPECT_EQ(ret, CM_FAILURE) << "Normal user cert Install test failed, recode:" << ret; + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Install test failed, recode:" << ret; } /** -- Gitee