diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h index d1cff5de26ed53b9b67ee27f0d58f0296d74e755..fef67311d597d4bbc3080a16621f5c145d122ca7 100755 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h @@ -61,7 +61,8 @@ int32_t CmClientFinish(const struct CmBlob *handle, const struct CmBlob *inData, int32_t CmClientAbort(const struct CmBlob *handle); -int32_t CmClientGetUserCertList(const uint32_t store, struct CertList *certificateList); +int32_t CmClientGetUserCertList(const struct UserCAProperty *property, const uint32_t store, + struct CertList *certificateList); int32_t CmClientGetUserCertInfo(const struct CmBlob *certUri, const uint32_t store, struct CertInfo *certificateInfo); diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c index 756a7919dadc5f9a67877b5d699055d986f4bc47..66191e7ecfa984371f572fcfb077e04d5d8c6db7 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c @@ -41,7 +41,7 @@ static int32_t GetCertListInitOutData(struct CmBlob *outListBlob) { /* buff struct: certCount + MAX_CERT_COUNT * (subjectBlob + status + uriBlob + aliasBlob) */ uint32_t buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + - sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; + sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE_ALL; outListBlob->data = (uint8_t *)CmMalloc(buffSize); if (outListBlob->data == NULL) { return CMR_ERROR_MALLOC_FAIL; @@ -820,8 +820,8 @@ int32_t CmClientAbort(const struct CmBlob *handle) return ret; } -static int32_t GetUserCertList(enum CertManagerInterfaceCode type, const uint32_t store, - struct CertList *certificateList) +static int32_t GetUserCertList(enum CertManagerInterfaceCode type, const struct UserCAProperty *property, + const uint32_t store, struct CertList *certificateList) { int32_t ret = CM_SUCCESS; struct CmBlob outBlob = {0, NULL}; @@ -829,6 +829,8 @@ static int32_t GetUserCertList(enum CertManagerInterfaceCode type, const uint32_ struct CmParamSet *sendParamSet = NULL; struct CmParam params[] = { { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = store }, + { .tag = CM_TAG_PARAM1_UINT32, .uint32Param = property->userId }, + { .tag = CM_TAG_PARAM2_UINT32, .uint32Param = property->scope }, }; do { @@ -862,9 +864,10 @@ static int32_t GetUserCertList(enum CertManagerInterfaceCode type, const uint32_ return ret; } -int32_t CmClientGetUserCertList(const uint32_t store, struct CertList *certificateList) +int32_t CmClientGetUserCertList(const struct UserCAProperty *property, const uint32_t store, + struct CertList *certificateList) { - return GetUserCertList(CM_MSG_GET_USER_CERTIFICATE_LIST, store, certificateList); + return GetUserCertList(CM_MSG_GET_USER_CERTIFICATE_LIST, property, store, certificateList); } static int32_t GetUserCertInfo(enum CertManagerInterfaceCode type, const struct CmBlob *certUri, diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client_serialization.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client_serialization.c index b9a74614324c9ede899d3dd9d378477f8e45095f..f0c547a5e5869f40cb85eb95be61d0f9d0868c2c 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client_serialization.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client_serialization.c @@ -63,6 +63,7 @@ static int32_t CmCertListGetCertCount(const struct CmBlob *outData, struct CertL return ret; } + /* Avoid applying for less memory than returned */ if (certsCount > certificateList->certsCount) { CM_LOG_E("Caller Buffer too small"); return CMR_ERROR_BUFFER_TOO_SMALL; diff --git a/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h b/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h index b0843a0f1355fb270f26ae84d33fa393c84cc6b1..c5e72bcd4a19f518f6721f1a0d7dfbc0635ba063 100644 --- a/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h +++ b/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h @@ -79,6 +79,8 @@ CM_API_EXPORT int32_t CmInstallSystemAppCert(const struct CmAppCertParam *certPa CM_API_EXPORT int32_t CmInstallUserCACert(const struct CmBlob *userCert, const struct CmBlob *certAlias, const uint32_t userId, const bool status, struct CmBlob *certUri); +CM_API_EXPORT int32_t CmGetUserCACertList(const struct UserCAProperty *property, struct CertList *certificateList); + #ifdef __cplusplus } #endif diff --git a/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h b/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h index caeee2dc8d5122a4bc5aa3b9b269dc147493ec63..0256acb952e1e37434d952b75faa12705fbd5fed 100644 --- a/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h +++ b/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h @@ -39,6 +39,7 @@ extern "C" { #define MAX_SUFFIX_LEN 16 #define MAX_COUNT_CERTIFICATE 256 +#define MAX_COUNT_CERTIFICATE_ALL 512 #define MAX_LEN_URI 256 #define MAX_AUTH_LEN_URI 256 #define MAX_LEN_CERT_ALIAS 129 /* include 1 byte: the terminator('\0') */ @@ -227,9 +228,9 @@ struct CmBlob { }; struct CertBlob { - struct CmBlob uri[MAX_COUNT_CERTIFICATE]; - struct CmBlob certAlias[MAX_COUNT_CERTIFICATE]; - struct CmBlob subjectName[MAX_COUNT_CERTIFICATE]; + struct CmBlob uri[MAX_COUNT_CERTIFICATE_ALL]; + struct CmBlob certAlias[MAX_COUNT_CERTIFICATE_ALL]; + struct CmBlob subjectName[MAX_COUNT_CERTIFICATE_ALL]; }; struct CmAppCertInfo { @@ -378,6 +379,17 @@ struct CertName { struct CmBlob *subjectName; }; +enum CmCertScope { + CM_ALL_USER = 0, + CM_CURRENT_USER = 1, + CM_GLOBAL_USER = 2, +}; + +struct UserCAProperty { + uint32_t userId; + enum CmCertScope scope; +}; + static inline bool CmIsAdditionOverflow(uint32_t a, uint32_t b) { return (UINT32_MAX - a) < b; diff --git a/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c b/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c index 36d549a9330c8ec688d8fbb5bad7e828893ba675..668d2bad4e865790ea2bb215c64e3158e34ad024 100644 --- a/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c +++ b/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c @@ -262,7 +262,8 @@ CM_API_EXPORT int32_t CmGetUserCertList(uint32_t store, struct CertList *certifi return CMR_ERROR_NULL_POINTER; } - int32_t ret = CmClientGetUserCertList(store, certificateList); + const struct UserCAProperty property = { INIT_INVALID_VALUE, CM_ALL_USER }; + int32_t ret = CmClientGetUserCertList(&property, store, certificateList); CM_LOG_D("leave get cert list, result = %d", ret); return ret; } @@ -367,3 +368,16 @@ CM_API_EXPORT int32_t CmInstallUserCACert(const struct CmBlob *userCert, CM_LOG_D("leave install user ca cert, result = %d", ret); return ret; } + +CM_API_EXPORT int32_t CmGetUserCACertList(const struct UserCAProperty *property, struct CertList *certificateList) +{ + CM_LOG_D("enter get user ca cert list"); + if (certificateList == NULL || property == NULL) { + return CMR_ERROR_NULL_POINTER; + } + + const uint32_t store = CM_USER_TRUSTED_STORE; + int32_t ret = CmClientGetUserCertList(property, store, certificateList); + CM_LOG_D("leave get user ca cert list, result = %d", ret); + return ret; +} diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h index d15122c0f503d9a5fc26b9b6da92f85886ec4d06..8a505acebdaa67cbaf5f5d4fdd07ffac6b49b31d 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h +++ b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h @@ -51,7 +51,8 @@ int32_t CmServiceFinish(const struct CmContext *context, const struct CmBlob *ha int32_t CmServiceAbort(const struct CmContext *context, const struct CmBlob *handle); -int32_t CmServiceGetCertList(const struct CmContext *context, uint32_t store, struct CmMutableBlob *certFileList); +int32_t CmServiceGetCertList(const struct CmContext *context, const struct UserCAProperty *prop, + uint32_t store, struct CmMutableBlob *certFileList); int32_t CmServiceGetCertInfo(struct CmContext *context, const struct CmBlob *certUri, uint32_t store, struct CmBlob *certificateData, uint32_t *status); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_query.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_query.c index 1e5f5cd571872ea9571449587af081e8250d8a5a..544b27439827362dcdfd0e43794cf86fe8387739 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_query.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_query.c @@ -64,10 +64,10 @@ static int32_t ConstrutPathList(const char *useridPath, struct CmMutableBlob *cP return CM_FAILURE; } - uint32_t i = 0; + uint32_t dealCert = 0; struct CmFileDirentInfo dire = {0}; while (CmGetSubDir(d, &dire) == CMR_OK) { - if (i >= dirCount) { + if (dealCert >= dirCount) { CM_LOG_E("uid dir count beyond dirCount"); break; } @@ -79,20 +79,20 @@ static int32_t ConstrutPathList(const char *useridPath, struct CmMutableBlob *cP break; } - ret = MallocCertPath(&cPathList[i], pathBuf); /* uniformly free memory by caller */ + ret = MallocCertPath(&cPathList[dealCert], pathBuf); /* uniformly free memory by caller */ if (ret != CM_SUCCESS) { break; } - if (sprintf_s((char *)cPathList[i].data, cPathList[i].size, "%s", pathBuf) < 0) { + if (sprintf_s((char *)cPathList[dealCert].data, cPathList[dealCert].size, "%s", pathBuf) < 0) { ret = CM_FAILURE; break; } - i++; + dealCert++; } (void) CmCloseDir(d); - if (i != dirCount) { /* real dir count less than dirCount */ + if (dealCert != dirCount) { /* real dir count less than dirCount */ ret = CM_FAILURE; } return ret; @@ -264,32 +264,31 @@ static int32_t CreateCertFile(struct CertFileInfo *cFileList, const char *path, return CM_FAILURE; } - void *d = CmOpenDir(path); - if (d == NULL) { + void *isOpen = CmOpenDir(path); + if (isOpen == NULL) { CM_LOG_E("Failed to open directory"); return CM_FAILURE; } int32_t ret; - uint32_t i = *certCount; + uint32_t getCount = *certCount; struct CmFileDirentInfo dire = {0}; - while (CmGetDirFile(d, &dire) == CMR_OK) { - if (i >= MAX_COUNT_CERTIFICATE) { + while (CmGetDirFile(isOpen, &dire) == CMR_OK) { + if (getCount >= MAX_COUNT_CERTIFICATE_ALL) { CM_LOG_E("cert count beyond MAX"); break; } - - ret = GetCertNameAndPath(&cFileList[i], path, dire.fileName); + ret = GetCertNameAndPath(&cFileList[getCount], path, dire.fileName); if (ret != CM_SUCCESS) { CM_LOG_E("malloc certfile for cert failed"); break; } - i++; + getCount++; } - (void) CmCloseDir(d); - uint32_t realCount = i - *certCount; + (void) CmCloseDir(isOpen); + uint32_t realCount = getCount - *certCount; *certCount += realCount; if (realCount != (uint32_t)fileNums) { return CM_FAILURE; @@ -303,7 +302,7 @@ int32_t CreateCertFileList(const struct CmMutableBlob *pathList, struct CmMutabl return CM_SUCCESS; } - uint32_t arraySize = sizeof(struct CertFileInfo) * MAX_COUNT_CERTIFICATE; + uint32_t arraySize = sizeof(struct CertFileInfo) * MAX_COUNT_CERTIFICATE_ALL; struct CertFileInfo *cFileList = (struct CertFileInfo *)CMMalloc(arraySize); if (cFileList == NULL) { CM_LOG_E("malloc cFileList failed"); @@ -491,6 +490,7 @@ int32_t CmGetCertListInfo(const struct CmContext *context, uint32_t store, CM_LOG_E("Failed to get cert uri"); return CM_FAILURE; } + certBlob->uri[i].size = cFileList[i].fileName.size; /* uri */ struct CmBlob certData = { 0, NULL }; diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c index ad9328cf2d0e1d92095d8dd371d845d93ea78d3f..17504818ee79399bdd1127490e81f9304465cfb1 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c @@ -348,14 +348,14 @@ static int32_t DeepCopyPath(const uint8_t *srcData, uint32_t srcLen, struct CmMu } static int32_t MergeUserPathList(const struct CmMutableBlob *callerPathList, - const struct CmMutableBlob *sysServicePathList, struct CmMutableBlob *pathList) + const struct CmMutableBlob *targetPathList, struct CmMutableBlob *pathList) { - uint32_t uidCount = callerPathList->size + sysServicePathList->size; + uint32_t uidCount = callerPathList->size + targetPathList->size; if (uidCount == 0) { return CM_SUCCESS; } - if (uidCount > MAX_COUNT_CERTIFICATE) { + if (uidCount > MAX_COUNT_CERTIFICATE_ALL) { CM_LOG_E("uid count beyond MAX"); return CM_FAILURE; } @@ -370,7 +370,7 @@ static int32_t MergeUserPathList(const struct CmMutableBlob *callerPathList, int32_t ret = CM_SUCCESS; struct CmMutableBlob *callerPath = (struct CmMutableBlob *)callerPathList->data; - struct CmMutableBlob *sysServicePath = (struct CmMutableBlob *)sysServicePathList->data; + struct CmMutableBlob *sysServicePath = (struct CmMutableBlob *)targetPathList->data; for (uint32_t i = 0; i < callerPathList->size; i++) { ret = DeepCopyPath(callerPath[i].data, callerPath[i].size, &uidList[i]); if (ret != CM_SUCCESS) { @@ -378,7 +378,7 @@ static int32_t MergeUserPathList(const struct CmMutableBlob *callerPathList, return ret; } } - for (uint32_t i = 0; i < sysServicePathList->size; i++) { + for (uint32_t i = 0; i < targetPathList->size; i++) { ret = DeepCopyPath(sysServicePath[i].data, sysServicePath[i].size, &uidList[i + callerPathList->size]); if (ret != CM_SUCCESS) { CmFreePathList(uidList, uidCount); @@ -391,11 +391,12 @@ static int32_t MergeUserPathList(const struct CmMutableBlob *callerPathList, return CM_SUCCESS; } -static int32_t CmGetUserCertPathList(const struct CmContext *context, uint32_t store, struct CmMutableBlob *pathList) +static int32_t CmGetUserCertPathList(const struct CmContext *context, const struct UserCAProperty *prop, + uint32_t store, struct CmMutableBlob *pathList) { int32_t ret = CM_SUCCESS; struct CmMutableBlob callerPathList = { 0, NULL }; - struct CmMutableBlob sysServicePathList = { 0, NULL }; + struct CmMutableBlob targetPathList = { 0, NULL }; do { /* user: caller */ @@ -405,17 +406,20 @@ static int32_t CmGetUserCertPathList(const struct CmContext *context, uint32_t s break; } - /* user: system service */ - uint32_t sysServiceUserId = 0; - struct CmContext sysServiceContext = { sysServiceUserId, context->uid, {0} }; - ret = CmGetCertPathList(&sysServiceContext, store, &sysServicePathList); - if (ret != CM_SUCCESS) { - CM_LOG_E("get system service certPathList fail, ret = %d", ret); - break; + /* avoid obtain duplicate data when both the target userid and the caller's userid are same */ + if (context->userId != prop->userId) { + /* The caller takes the specified userid for sa, otherwise 0 */ + uint32_t targetUserId = context->userId == 0 ? prop->userId : 0; + struct CmContext targetContext = { targetUserId, context->uid, {0} }; + ret = CmGetCertPathList(&targetContext, store, &targetPathList); + if (ret != CM_SUCCESS) { + CM_LOG_E("get system service certPathList fail, ret = %d", ret); + break; + } } - /* merge callerPathList and sysServicePathList */ - ret = MergeUserPathList(&callerPathList, &sysServicePathList, pathList); + /* merge callerPathList and targetPathList */ + ret = MergeUserPathList(&callerPathList, &targetPathList, pathList); if (ret != CM_SUCCESS) { CM_LOG_E("merge cert path list failed"); break; @@ -425,23 +429,116 @@ static int32_t CmGetUserCertPathList(const struct CmContext *context, uint32_t s if (callerPathList.data != NULL) { CmFreePathList((struct CmMutableBlob *)callerPathList.data, callerPathList.size); } - if (sysServicePathList.data != NULL) { - CmFreePathList((struct CmMutableBlob *)sysServicePathList.data, sysServicePathList.size); + if (targetPathList.data != NULL) { + CmFreePathList((struct CmMutableBlob *)targetPathList.data, targetPathList.size); + } + return ret; +} + +static int32_t CmGetSaUserCertList(const struct CmContext *context, const struct UserCAProperty *prop, + struct CmMutableBlob *pathList) +{ + int32_t ret = CM_SUCCESS; + struct CmContext cmContext = *context; + + if (prop->userId == INIT_INVALID_VALUE) { + /* if target userid is invalid, obtain the certificate in the userid=0 directory */ + ret = CmGetCertPathList(&cmContext, CM_USER_TRUSTED_STORE, pathList); + if (ret != CM_SUCCESS) { + CM_LOG_E("get target invalid cert path list failed"); + } + return ret; + } + + if (prop->scope == CM_ALL_USER) { + ret = CmGetUserCertPathList(&cmContext, prop, CM_USER_TRUSTED_STORE, pathList); + if (ret != CM_SUCCESS) { + CM_LOG_E("get all user cert path list failed"); + return ret; + } + } else { + if (prop->scope == CM_CURRENT_USER) { /* update target userid */ + cmContext.userId = prop->userId; + } + ret = CmGetCertPathList(&cmContext, CM_USER_TRUSTED_STORE, pathList); + if (ret != CM_SUCCESS) { + CM_LOG_E("get current or global user cert path list failed"); + return ret; + } } return ret; } -int32_t CmServiceGetCertList(const struct CmContext *context, uint32_t store, struct CmMutableBlob *certFileList) +static int32_t CmGetHapUserCertList(const struct CmContext *context, const struct UserCAProperty *prop, + struct CmMutableBlob *pathList) { int32_t ret = CM_SUCCESS; - struct CmMutableBlob pathList = { 0, NULL }; /* uid path list */ + struct CmContext cmContext = *context; + if (prop->scope == CM_ALL_USER) { + ret = CmGetUserCertPathList(&cmContext, prop, CM_USER_TRUSTED_STORE, pathList); + if (ret != CM_SUCCESS) { + CM_LOG_E("get all user cert path list failed"); + return ret; + } + } else { + if (prop->scope == CM_GLOBAL_USER) { /* Obtain only the certificate in the userid=0 directory */ + cmContext.userId = 0; + } + ret = CmGetCertPathList(&cmContext, CM_USER_TRUSTED_STORE, pathList); + if (ret != CM_SUCCESS) { + CM_LOG_E("get current or gloval cert path list failed"); + return ret; + } + } + return ret; +} + +static int32_t CmServiceGetUserCACertList(const struct CmContext *context, const struct UserCAProperty *prop, + struct CmMutableBlob *pathList) +{ + int32_t ret = CM_SUCCESS; + + if (context->userId == 0) { /* caller is sa */ + ret = CmGetSaUserCertList(context, prop, pathList); + if (ret != CM_SUCCESS) { + CM_LOG_E("get sa user cert list failed"); + return ret; + } + } else { /* caller is hap */ + ret = CmGetHapUserCertList(context, prop, pathList); + if (ret != CM_SUCCESS) { + CM_LOG_E("get gap user cert list failed"); + return ret; + } + } + return ret; +} + +int32_t CmServiceGetCertList(const struct CmContext *context, const struct UserCAProperty *prop, + uint32_t store, struct CmMutableBlob *certFileList) +{ + uint32_t scope = prop->scope; + if (scope != CM_ALL_USER && scope != CM_CURRENT_USER && scope != CM_GLOBAL_USER) { + CM_LOG_E("The scope is incorrect"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + int32_t ret = CM_SUCCESS; + struct CmMutableBlob pathList = { 0, NULL }; + do { if (store == CM_USER_TRUSTED_STORE) { + if (context->userId != 0 && prop->userId != INIT_INVALID_VALUE) { + /* if caller is hap, the target userid must be invalid */ + CM_LOG_E("The target userid is incorrect"); + ret = CMR_ERROR_INVALID_ARGUMENT; + break; + } /* get all uid path for caller and system service */ - ret = CmGetUserCertPathList(context, store, &pathList); + ret = CmServiceGetUserCACertList(context, prop, &pathList); if (ret != CM_SUCCESS) { - CM_LOG_E("GetCertPathList fail, ret = %d", ret); + CM_LOG_E("CmServiceGetUserCACertList fail, ret = %d", ret); break; } } else if (store == CM_SYSTEM_TRUSTED_STORE) { @@ -476,7 +573,8 @@ static int32_t CmServiceGetSysCertInfo(const struct CmContext *context, const st int32_t ret = CM_SUCCESS; struct CmMutableBlob certFileList = { 0, NULL }; do { - ret = CmServiceGetCertList(context, store, &certFileList); + const struct UserCAProperty prop = { INIT_INVALID_VALUE, CM_ALL_USER }; + ret = CmServiceGetCertList(context, &prop, store, &certFileList); if (ret != CM_SUCCESS) { CM_LOG_E("GetCertList failed, ret = %d", ret); break; diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_status.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_status.c index 51497150079cf352de52d996aac33d95c4cc7924..3fa57e4dc40e390f1643ce93a695bdfd26cfbb06 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_status.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_status.c @@ -782,7 +782,7 @@ static int32_t CertManagerCheckStorePermission(const struct CmContext *context, } else if (store == CM_PRI_CREDENTIAL_STORE) { /* no additional checks here. context->caller can remove its own */ } else { - CM_LOG_W("Invalid store type. Only a asingle store should be indicated: %u\n", store); + CM_LOG_W("Invalid store type. Only a single store should be indicated: %u\n", store); return CMR_ERROR_INVALID_ARGUMENT; } diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c index 2648db5d6a41dd68bfe2db2ed2cb7b4bb4e4070f..3330a939d7590a0bebf69f068273563079aa8a14 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c @@ -89,7 +89,8 @@ void CmIpcServiceGetCertificateList(const struct CmBlob *paramSetBlob, struct Cm break; } - ret = CmServiceGetCertList(&cmContext, store, &certFileList); + const struct UserCAProperty prop = { INIT_INVALID_VALUE, CM_ALL_USER }; + ret = CmServiceGetCertList(&cmContext, &prop, store, &certFileList); if (ret != CM_SUCCESS) { CM_LOG_E("get cert list failed, ret = %d", ret); break; @@ -1003,11 +1004,15 @@ void CmIpcServiceGetUserCertList(const struct CmBlob *paramSetBlob, struct CmBlo { int32_t ret = CM_SUCCESS; uint32_t store; + uint32_t userId; + enum CmCertScope scope; struct CmContext cmContext = {0}; struct CmParamSet *paramSet = NULL; struct CmMutableBlob certFileList = { 0, NULL }; struct CmParamOut params[] = { { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = &store }, + { .tag = CM_TAG_PARAM1_UINT32, .uint32Param = &userId }, + { .tag = CM_TAG_PARAM2_UINT32, .uint32Param = &scope }, }; do { @@ -1023,7 +1028,8 @@ void CmIpcServiceGetUserCertList(const struct CmBlob *paramSetBlob, struct CmBlo break; } - ret = CmServiceGetCertList(&cmContext, store, &certFileList); + struct UserCAProperty prop = { userId, scope }; + ret = CmServiceGetCertList(&cmContext, &prop, store, &certFileList); if (ret != CM_SUCCESS) { CM_LOG_E("GetCertList failed, ret = %d", ret); break; diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service_serialization.c b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service_serialization.c index 7db8c6b7eaacc269f0ab7764d54e8b85276fc887..55756c0d6bc053d4c379c2f60fe9749f3c7d68e3 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service_serialization.c +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service_serialization.c @@ -131,8 +131,12 @@ static int32_t CmGetCertListPack(const struct CertBlob *certBlob, uint32_t *stat struct CmBlob *certificateList) { uint32_t offset = 0; + if (certCount > MAX_COUNT_CERTIFICATE_ALL) { + CM_LOG_E("cert count is too large"); + return CM_FAILURE; + } uint32_t buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + - sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; + sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * certCount; if (certificateList->size < buffSize) { CM_LOG_E("outdata size too small"); return CMR_ERROR_BUFFER_TOO_SMALL; @@ -167,6 +171,9 @@ static int32_t CmGetCertListPack(const struct CertBlob *certBlob, uint32_t *stat return ret; } } + + /* Avoid returning too large a size */ + certificateList->size = offset; return ret; } @@ -176,7 +183,7 @@ int32_t CmServiceGetCertListPack(const struct CmContext *context, uint32_t store if (context == NULL || certFileList == NULL || CmCheckBlob(certificateList) != CM_SUCCESS) { return CMR_ERROR_INVALID_ARGUMENT; } - uint32_t status[MAX_COUNT_CERTIFICATE] = {0}; + uint32_t status[MAX_COUNT_CERTIFICATE_ALL] = {0}; struct CertBlob certBlob; (void)memset_s(&certBlob, sizeof(struct CertBlob), 0, sizeof(struct CertBlob)); int32_t ret = CmGetCertListInfo(context, store, certFileList, &certBlob, status); diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_response.cpp b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_response.cpp index f7b7f2158fba3ea13b62b98f9a4c31d13b1d6239..593f894444729481ec991f28677f9caa8a957025 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_response.cpp +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_response.cpp @@ -26,7 +26,8 @@ #include "cm_mem.h" #include "os_account_manager.h" -#define MAX_SIZE_CAPACITY 409600 + +#define MAX_SIZE_CAPACITY 819200 /* Prevent sendrequest from failing to send due to memory limitations */ using namespace OHOS; diff --git a/test/BUILD.gn b/test/BUILD.gn index 2317301ee118bb2e70051e257da1954d1d57650d..7b22ca6c0664762084a7ed1326c2143203e18995 100644 --- a/test/BUILD.gn +++ b/test/BUILD.gn @@ -25,6 +25,7 @@ ohos_unittest("cm_sdk_test") { "unittest/src/cm_get_auth_list_test.cpp", "unittest/src/cm_get_certinfo_test.cpp", "unittest/src/cm_get_certlist_test.cpp", + "unittest/src/cm_get_user_ca_cert_list.cpp", "unittest/src/cm_grant_test.cpp", "unittest/src/cm_init_test.cpp", "unittest/src/cm_is_authed_test.cpp", diff --git a/test/unittest/include/cm_test_common.h b/test/unittest/include/cm_test_common.h index 548a7466357c22e2112fc5ba9e1b639f45ba1245..098fa23f4fdc6254d56de6d7cbfac9f7644666e1 100644 --- a/test/unittest/include/cm_test_common.h +++ b/test/unittest/include/cm_test_common.h @@ -37,6 +37,7 @@ constexpr uint32_t CERT_KEY_ALG_ECC_P384 = 8; constexpr uint32_t CERT_KEY_ALG_ECC_P521 = 9; constexpr uint32_t CERT_KEY_ALG_ED25519 = 10; constexpr uint32_t TEST_USERID = 100; +constexpr uint32_t SA_USERID = 0; namespace CertmanagerTest { void FreeCMBlobData(struct CmBlob *blob); diff --git a/test/unittest/src/cm_get_user_ca_cert_list.cpp b/test/unittest/src/cm_get_user_ca_cert_list.cpp new file mode 100644 index 0000000000000000000000000000000000000000..022b84d8060b6e749a1b13304a1076be5c3a2655 --- /dev/null +++ b/test/unittest/src/cm_get_user_ca_cert_list.cpp @@ -0,0 +1,824 @@ +/* + * Copyright (c) 2022-2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "cm_test_log.h" +#include "cm_test_common.h" +#include "cert_manager_api.h" +#include "cm_log.h" +#include "cm_mem.h" +#include "cm_cert_data_user.h" + +using namespace testing::ext; +using namespace CertmanagerTest; +namespace { +constexpr uint32_t MAX_URI_LEN = 256; +constexpr uint32_t ERROR_SCOPE = 3; + +struct CmBlob userCert[] = { + { sizeof(g_certData01), const_cast(g_certData01) }, + { sizeof(g_certData02), const_cast(g_certData02) }, + { sizeof(g_certData03), const_cast(g_certData03) }, + { sizeof(g_certData05), const_cast(g_certData05) } +}; + +static uint8_t certAliasBuf01[] = "40dc992e"; +static uint8_t certAliasBuf02[] = "985c1f52"; +static uint8_t certAliasBuf03[] = "1df5a75f"; +static uint8_t certAliasBuf05[] = "2e0g9ue5"; + +struct CmBlob certAlias[] = { + { sizeof(certAliasBuf01), certAliasBuf01 }, + { sizeof(certAliasBuf02), certAliasBuf02 }, + { sizeof(certAliasBuf03), certAliasBuf03 }, + { sizeof(certAliasBuf05), certAliasBuf05 } +}; + +class CmGetUserCertListTest : public testing::Test { +public: + static void SetUpTestCase(void); + + static void TearDownTestCase(void); + + void SetUp(); + + void TearDown(); + + struct CertList *lstCert; +}; + +void CmGetUserCertListTest::SetUpTestCase(void) +{ + SetATPermission(); +} + +void CmGetUserCertListTest::TearDownTestCase(void) +{ +} + +void CmGetUserCertListTest::SetUp() +{ + InitCertList(&lstCert); +} + +void CmGetUserCertListTest::TearDown() +{ + FreeCertList(lstCert); +} + +/* installation in the directory with userid 0 */ +static uint32_t CmInstallTestCert() +{ + int32_t ret; + uint32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + + for (uint32_t i = 0; i < size; i++) { + uint8_t uriBuf[MAX_URI_LEN] = {0}; + struct CmBlob certUri = { sizeof(uriBuf), uriBuf }; + ret = CmInstallUserTrustedCert(&userCert[i], &certAlias[i], &certUri); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Install test failed, recode:" << ret; + } + + return ret; +} + +/* installation in any userid directory */ +static uint32_t CmInstallCATestCert(uint32_t userId) +{ + int32_t ret; + uint32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + + for (uint32_t i = 0; i < size; i++) { + uint8_t uriBuf[MAX_URI_LEN] = {0}; + struct CmBlob certUri = { sizeof(uriBuf), uriBuf }; + ret = CmInstallUserCACert(&userCert[i], &certAlias[i], userId, true, &certUri); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user CA cert Install test failed, recode:" << ret; + } + + return ret; +} + +/* install the maximum limit certs in userid 0 */ +static uint32_t CmInstallBorderTestCert() +{ + int32_t ret; + struct CmBlob userCertTest = { sizeof(g_certData01), const_cast(g_certData01) }; + + for (uint32_t i = 0; i < MAX_COUNT_CERTIFICATE; i++) { /* install 256 times user cert */ + char alias[] = "alias"; + char aliasBuf[MAX_LEN_CERT_ALIAS]; + ret = snprintf_s(aliasBuf, MAX_LEN_CERT_ALIAS, MAX_LEN_CERT_ALIAS - 1, "%s%u", alias, i); + EXPECT_EQ(ret, CM_SUCCESS) << "Get cert alias failed, recode:" << ret; + struct CmBlob certAliasTest = { strlen(aliasBuf) + 1, reinterpret_cast(aliasBuf) }; + + uint8_t uriBuf[MAX_URI_LEN] = {0}; + struct CmBlob certUriTest = { sizeof(uriBuf), uriBuf }; + + ret = CmInstallUserTrustedCert(&userCertTest, &certAliasTest, &certUriTest); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Install test failed, recode:" << ret; + } + return ret; +} + +/* install the maximum limit certs in any directory */ +static uint32_t CmInstallCABorderTestCert(uint32_t userId) +{ + int32_t ret; + struct CmBlob userCertTest = { sizeof(g_certData01), const_cast(g_certData01) }; + + for (uint32_t i = 0; i < MAX_COUNT_CERTIFICATE; i++) { /* install 256 times user cert */ + char alias[] = "alias"; + char aliasBuf[MAX_LEN_CERT_ALIAS]; + ret = snprintf_s(aliasBuf, MAX_LEN_CERT_ALIAS, MAX_LEN_CERT_ALIAS - 1, "%s%u", alias, i); + EXPECT_EQ(ret, CM_SUCCESS) << "Get cert alias failed, recode:" << ret; + struct CmBlob certAliasTest = { strlen(aliasBuf) + 1, reinterpret_cast(aliasBuf) }; + + uint8_t uriBuf[MAX_URI_LEN] = {0}; + struct CmBlob certUriTest = { sizeof(uriBuf), uriBuf }; + + ret = CmInstallUserCACert(&userCertTest, &certAliasTest, userId, true, &certUriTest); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user CA cert Install test failed, recode:" << ret; + } + return ret; +} + +/* uninstall the maximum limit certs in any directory */ +static uint32_t CmUninstallCACertList(struct CertList *certList) +{ + int32_t ret; + + for (uint32_t i = 0; i < certList->certsCount; i++) { + uint8_t uriBuf[MAX_URI_LEN] = {0}; + uint32_t len = strlen(certList->certAbstract[i].uri) + 1; + (void)memcpy_s(uriBuf, sizeof(uriBuf), certList->certAbstract[i].uri, len); + const struct CmBlob certUri = { sizeof(uriBuf), uriBuf }; + ret = CmUninstallUserTrustedCert(&certUri); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal Uninstall trusted cert test failed, recode:" << ret; + } + return ret; +} + +/* Initialize the minimum space */ +static int32_t InitSmallCertList(struct CertList **cList) +{ + *cList = static_cast(CmMalloc(sizeof(struct CertList))); + if (*cList == nullptr) { + return CMR_ERROR_MALLOC_FAIL; + } + + uint32_t buffSize = sizeof(struct CertAbstract); + (*cList)->certAbstract = static_cast(CmMalloc(buffSize)); + if ((*cList)->certAbstract == NULL) { + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s((*cList)->certAbstract, buffSize, 0, buffSize); + (*cList)->certsCount = 1; + + return CM_SUCCESS; +} + +/* If there is a failed use case, run the command to uninstall all certificates */ +// /** +// * @tc.name: CmUninstallAllUserCACert001 +// * @tc.desc: Test CertManager Get target user cert list interface performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmUninstallAllUserCACert001, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList001 = nullptr; + InitCertList(&certList001); + struct CertList *certList002 = nullptr; + InitCertList(&certList002); + + struct UserCAProperty prop = { TEST_USERID, CM_CURRENT_USER }; + ret = CmGetUserCACertList(&prop, certList001); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + prop = { SA_USERID, CM_CURRENT_USER }; + ret = CmGetUserCACertList(&prop, certList002); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + ret = CmUninstallCACertList(certList001); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal uninstall CA cert list failed, recode:" << ret; + ret = CmUninstallCACertList(certList002); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal uninstall CA cert list failed, recode:" << ret; + FreeCertList(certList001); + FreeCertList(certList002); +} + +/** + * @tc.name: CmGetUserCACertList001 + * @tc.desc: Test CertManager Get target user cert list interface performance + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList001, TestSize.Level0) +{ + int32_t ret; + uint32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + + ret = CmInstallTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Install test cert failed, recode:" << ret; + + struct CertList *certList001 = nullptr; + InitCertList(&certList001); + struct UserCAProperty prop = { SA_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList001); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user cert list test failed, recode:" << ret; + + uint32_t certsCount001 = certList001->certsCount; + EXPECT_EQ(certsCount001, size) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList001); +} + +/** + * @tc.name: CmGetUserCACertList002 + * @tc.desc: Test CertManager Get target user cert list interface performance + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList002, TestSize.Level0) +{ + int32_t ret; + int32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + + ret = CmInstallTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Install test cert failed, recode:" << ret; + + struct CertList *certList002 = nullptr; + InitCertList(&certList002); + struct UserCAProperty prop = { SA_USERID, CM_CURRENT_USER }; + ret = CmGetUserCACertList(&prop, certList002); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user cert list test failed, recode:" << ret; + + uint32_t certsCount002 = certList002->certsCount; + EXPECT_EQ(certsCount002, size) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList002); +} + +/** + * @tc.name: CmGetUserCACertList003 + * @tc.desc: Test CertManager Get target user cert list interface performance + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList003, TestSize.Level0) +{ + int32_t ret; + int32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + + ret = CmInstallTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Install test cert failed, recode:" << ret; + + struct CertList *certList003 = nullptr; + InitCertList(&certList003); + struct UserCAProperty prop = { SA_USERID, CM_GLOBAL_USER }; + ret = CmGetUserCACertList(&prop, certList003); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user cert list test failed, recode:" << ret; + + uint32_t certsCount003 = certList003->certsCount; + EXPECT_EQ(certsCount003, size) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList003); +} + +/** + * @tc.name: CmGetUserCACertList004 + * @tc.desc: Test CertManager Get target user cert list interface performance + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList004, TestSize.Level0) +{ + int32_t ret; + int32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + + ret = CmInstallTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Install test cert failed, recode:" << ret; + + struct CertList *certList004 = nullptr; + InitCertList(&certList004); + struct UserCAProperty prop = { TEST_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList004); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user cert list test failed, recode:" << ret; + + uint32_t certsCount004 = certList004->certsCount; + EXPECT_EQ(certsCount004, size) << "Get certs count wrong, recode:" << ret; + + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList004); +} + +/** + * @tc.name: CmGetUserCACertList005 + * @tc.desc: Test CertManager Get target user cert list interface performance + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList005, TestSize.Level0) +{ + int32_t ret; + uint32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + + ret = CmInstallCATestCert(TEST_USERID); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install CA test cert failed, recode:" << ret; + + struct CertList *certList005 = nullptr; + InitCertList(&certList005); + struct UserCAProperty prop = { TEST_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList005); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user cert list test failed, recode:" << ret; + + uint32_t certsCount005 = certList005->certsCount; + EXPECT_EQ(certsCount005, size) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallCACertList(certList005); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal uninstall CA cert list failed, recode:" << ret; + FreeCertList(certList005); +} + +// /** +// * @tc.name: CmGetUserCACertList006 +// * @tc.desc: Test CertManager Get target user cert list interface performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList006, TestSize.Level0) +{ + int32_t ret; + uint32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + + ret = CmInstallTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install test cert failed, recode:" << ret; + ret = CmInstallCATestCert(TEST_USERID); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install CA test cert failed, recode:" << ret; + + struct CertList *certList006 = nullptr; + InitCertList(&certList006); + struct UserCAProperty prop = { SA_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList006); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount006 = certList006->certsCount; + EXPECT_EQ(certsCount006, size) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + CmUninstallCACertList(certList006); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall CA test cert failed, recode:" << ret; + FreeCertList(certList006); +} + +// /** +// * @tc.name: CmGetUserCACertList007 +// * @tc.desc: Test CertManager Get target user cert list interface performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList007, TestSize.Level0) +{ + int32_t ret; + uint32_t size = sizeof(certAlias) / sizeof(certAlias[0]) * 2; + + ret = CmInstallTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install test cert failed, recode:" << ret; + ret = CmInstallCATestCert(TEST_USERID); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install CA test cert failed, recode:" << ret; + + struct CertList *certList007 = nullptr; + InitCertList(&certList007); + struct UserCAProperty prop = { TEST_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList007); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount007 = certList007->certsCount; + EXPECT_EQ(certsCount007, size) << "Get certs count wrong, recode:" << ret; + + CmUninstallCACertList(certList007); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall CA test cert failed, recode:" << ret; + FreeCertList(certList007); +} + +/** + * @tc.name: CmGetUserCACertList008 + * @tc.desc: Test CertManager Get target user cert list interface Abnormal performance + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList008, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList008 = nullptr; + InitCertList(&certList008); + + struct UserCAProperty prop = { SA_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList008); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount008 = certList008->certsCount; + EXPECT_EQ(certsCount008, 0) << "Get certs count wrong, recode:" << ret; + FreeCertList(certList008); +} + +// /** +// * @tc.name: CmGetUserCACertList009 +// * @tc.desc: Test CertManager Get target user cert list interface Abnormal performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList009, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList009 = nullptr; + InitCertList(&certList009); + + struct UserCAProperty prop = { SA_USERID, CM_CURRENT_USER }; + ret = CmGetUserCACertList(&prop, certList009); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount009 = certList009->certsCount; + EXPECT_EQ(certsCount009, 0) << "Get certs count wrong, recode:" << ret; + FreeCertList(certList009); +} + + +// /** +// * @tc.name: CmGetUserCACertList010 +// * @tc.desc: Test CertManager Get target user cert list interface Abnormal performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList010, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList010 = nullptr; + InitCertList(&certList010); + + struct UserCAProperty prop = { SA_USERID, CM_GLOBAL_USER }; + ret = CmGetUserCACertList(&prop, certList010); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount010 = certList010->certsCount; + EXPECT_EQ(certsCount010, 0) << "Get certs count wrong, recode:" << ret; + FreeCertList(certList010); +} + +// /** +// * @tc.name: CmGetUserCACertList011 +// * @tc.desc: Test CertManager Get target user cert list interface Abnormal performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList011, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList011 = nullptr; + InitCertList(&certList011); + + struct UserCAProperty prop = { TEST_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList011); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount011 = certList011->certsCount; + EXPECT_EQ(certsCount011, 0) << "Get certs count wrong, recode:" << ret; + FreeCertList(certList011); +} + +// /** +// * @tc.name: CmGetUserCACertList012 +// * @tc.desc: Test CertManager Get target user cert list interface boundary performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7s +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList012, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList012 = nullptr; + InitCertList(&certList012); + + ret = CmInstallBorderTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border test cert failed, recode:" << ret; + + struct UserCAProperty prop = { SA_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList012); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount012 = certList012->certsCount; + EXPECT_EQ(certsCount012, MAX_COUNT_CERTIFICATE) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList012); +} + +// /** +// * @tc.name: CmGetUserCACertList013 +// * @tc.desc: Test CertManager Get target user cert list interface boundary performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7s +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList013, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList013 = nullptr; + InitCertList(&certList013); + + ret = CmInstallBorderTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border test cert failed, recode:" << ret; + + struct UserCAProperty prop = { SA_USERID, CM_CURRENT_USER }; + ret = CmGetUserCACertList(&prop, certList013); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount013 = certList013->certsCount; + EXPECT_EQ(certsCount013, MAX_COUNT_CERTIFICATE) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList013); +} + +// /** +// * @tc.name: CmGetUserCACertList014 +// * @tc.desc: Test CertManager Get target user cert list interface boundary performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList014, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList014 = nullptr; + InitCertList(&certList014); + + ret = CmInstallBorderTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border test cert failed, recode:" << ret; + + struct UserCAProperty prop = { SA_USERID, CM_GLOBAL_USER }; + ret = CmGetUserCACertList(&prop, certList014); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount014 = certList014->certsCount; + EXPECT_EQ(certsCount014, MAX_COUNT_CERTIFICATE) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList014); +} + +// /** +// * @tc.name: CmGetUserCACertList015 +// * @tc.desc: Test CertManager Get target user cert list interface boundary performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList015, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList015 = nullptr; + InitCertList(&certList015); + + ret = CmInstallBorderTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border test cert failed, recode:" << ret; + + struct UserCAProperty prop = { TEST_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList015); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount015 = certList015->certsCount; + EXPECT_EQ(certsCount015, MAX_COUNT_CERTIFICATE) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList015); +} + +// /** +// * @tc.name: CmGetUserCACertList016 +// * @tc.desc: Test CertManager Get target user cert list interface boundary performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList016, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList016 = nullptr; + InitCertList(&certList016); + + ret = CmInstallCABorderTestCert(TEST_USERID); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border CA test cert failed, recode:" << ret; + + struct UserCAProperty prop = { TEST_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList016); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount016 = certList016->certsCount; + EXPECT_EQ(certsCount016, MAX_COUNT_CERTIFICATE) << "Get certs count wrong, recode:" << ret; + + CmUninstallCACertList(certList016); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall CA test cert failed, recode:" << ret; + FreeCertList(certList016); +} + +// /** +// * @tc.name: CmGetUserCACertList017 +// * @tc.desc: Test CertManager Get target user cert list interface boundary performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList017, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList017 = nullptr; + InitCertList(&certList017); + struct CertList *certList018 = nullptr; + InitCertList(&certList018); + + ret = CmInstallBorderTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border test cert failed, recode:" << ret; + ret = CmInstallCABorderTestCert(TEST_USERID); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border CA test cert failed, recode:" << ret; + + struct UserCAProperty prop = { SA_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList017); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + /* Make sure that the certificate can be completely unmounted */ + prop = { TEST_USERID, CM_CURRENT_USER }; + ret = CmGetUserCACertList(&prop, certList018); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount017 = certList017->certsCount; + EXPECT_EQ(certsCount017, MAX_COUNT_CERTIFICATE) << "Get certs count wrong, recode:" << ret; + uint32_t certsCountBak = certList018->certsCount; + EXPECT_EQ(certsCountBak, MAX_COUNT_CERTIFICATE) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + ret = CmUninstallCACertList(certList018); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall CA test cert failed, recode:" << ret; + + FreeCertList(certList017); + FreeCertList(certList018); +} + +// /** +// * @tc.name: CmGetUserCACertList018 +// * @tc.desc: Test CertManager Get target user cert list interface boundary performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList018, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList018 = nullptr; + InitCertList(&certList018); + + ret = CmInstallBorderTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border test cert failed, recode:" << ret; + ret = CmInstallCABorderTestCert(TEST_USERID); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install border CA test cert failed, recode:" << ret; + + struct UserCAProperty prop = { TEST_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList018); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + + uint32_t certsCount018 = certList018->certsCount; + EXPECT_EQ(certsCount018, MAX_COUNT_CERTIFICATE_ALL) << "Get certs count wrong, recode:" << ret; + + ret = CmUninstallCACertList(certList018); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall CA test cert failed, recode:" << ret; + + FreeCertList(certList018); +} + +// /** +// * @tc.name: CmGetUserCACertList019 +// * @tc.desc: Test CertManager Get target user cert list interface Abnormal performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList019, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList019 = nullptr; + InitCertList(&certList019); + + ret = CmGetUserCACertList(nullptr, certList019); + EXPECT_EQ(ret, CMR_ERROR_NULL_POINTER) << "Normal get user ca cert list test failed, recode:" << ret; + FreeCertList(certList019); +} + +// /** +// * @tc.name: CmGetUserCACertList020 +// * @tc.desc: Test CertManager Get target user cert list interface Abnormal performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList020, TestSize.Level0) +{ + int32_t ret; + + struct UserCAProperty prop = { SA_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, nullptr); + EXPECT_EQ(ret, CMR_ERROR_NULL_POINTER) << "Normal get user ca cert list test failed, recode:" << ret; +} + +// /** +// * @tc.name: CmGetUserCACertList021 +// * @tc.desc: Test CertManager Get target user cert list interface Abnormal performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList021, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList021 = nullptr; + InitCertList(&certList021); + + struct UserCAProperty prop = { SA_USERID, static_cast(ERROR_SCOPE) }; + ret = CmGetUserCACertList(&prop, certList021); + EXPECT_EQ(ret, CMR_ERROR_INVALID_ARGUMENT) << "Normal get user ca cert list test failed, recode:" << ret; + FreeCertList(certList021); +} + +// /** +// * @tc.name: CmGetUserCACertList022 +// * @tc.desc: Test CertManager Get target user cert list interface performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList022, TestSize.Level0) +{ + int32_t ret; + struct CertList *certList022 = nullptr; + InitSmallCertList(&certList022); + + ret = CmInstallTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Install test cert failed, recode:" << ret; + + struct UserCAProperty prop = { SA_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList022); + EXPECT_EQ(ret, CMR_ERROR_BUFFER_TOO_SMALL) << "Normal get user ca cert list test failed, recode:" << ret; + + ret = CmUninstallAllUserTrustedCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal user cert Uninstall All test failed, recode:" << ret; + FreeCertList(certList022); +} + +// /** +// * @tc.name: CmGetUserCACertList023 +// * @tc.desc: Test CertManager Get target user cert list interface performance +// * @tc.type: FUNC +// * @tc.require: AR000H0MJ8 /SR000H09N7 +// */ +HWTEST_F(CmGetUserCertListTest, CmGetUserCACertList023, TestSize.Level0) +{ + int32_t ret; + uint32_t size = sizeof(certAlias) / sizeof(certAlias[0]); + struct CertList *certList023 = nullptr; + InitCertList(&certList023); + struct CertList *certList024 = nullptr; + InitCertList(&certList024); + + ret = CmInstallTestCert(); + EXPECT_EQ(ret, CM_SUCCESS) << "Install test cert failed, recode:" << ret; + ret = CmInstallCATestCert(TEST_USERID); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal install CA test cert failed, recode:" << ret; + + struct UserCAProperty prop = { INIT_INVALID_VALUE, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList023); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + uint32_t certsCount = certList023->certsCount; + EXPECT_EQ(certsCount, size) << "Get certs count wrong, recode:" << ret; + + prop = { TEST_USERID, CM_ALL_USER }; + ret = CmGetUserCACertList(&prop, certList024); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal get user ca cert list test failed, recode:" << ret; + ret = CmUninstallCACertList(certList024); + EXPECT_EQ(ret, CM_SUCCESS) << "Normal uninstall CA cert list failed, recode:" << ret; + FreeCertList(certList023); + FreeCertList(certList024); +} +} \ No newline at end of file diff --git a/test/unittest/src/cm_test_common.cpp b/test/unittest/src/cm_test_common.cpp index d9a3abb359f7ba1cecab9df6c0ec449d59067603..0786a58a4966e9fae9773c496dd8fc9cba4b2fd7 100644 --- a/test/unittest/src/cm_test_common.cpp +++ b/test/unittest/src/cm_test_common.cpp @@ -88,13 +88,13 @@ int32_t InitCertList(struct CertList **cList) return CMR_ERROR_MALLOC_FAIL; } - uint32_t buffSize = MAX_COUNT_CERTIFICATE * sizeof(struct CertAbstract); + uint32_t buffSize = MAX_COUNT_CERTIFICATE_ALL * sizeof(struct CertAbstract); (*cList)->certAbstract = static_cast(CmMalloc(buffSize)); if ((*cList)->certAbstract == NULL) { return CMR_ERROR_MALLOC_FAIL; } (void)memset_s((*cList)->certAbstract, buffSize, 0, buffSize); - (*cList)->certsCount = MAX_COUNT_CERTIFICATE; + (*cList)->certsCount = MAX_COUNT_CERTIFICATE_ALL; return CM_SUCCESS; }