From: Jakub Wlostowski Date: Fri, 16 May 2025 13:09:53 +0000 (+0200) Subject: Add additional checks to HAL security-certs tests X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=fa5e85da4c1ff6238b72e84184262ad2da56481f;p=platform%2Fhal%2Fapi%2Fsecurity.git Add additional checks to HAL security-certs tests Change-Id: I774ecf765a3d016a5b05de1de61f50c7225ed4b7 --- diff --git a/haltest/security-certs.cpp b/haltest/security-certs.cpp index a56f9a7..da3eefb 100644 --- a/haltest/security-certs.cpp +++ b/haltest/security-certs.cpp @@ -16,6 +16,7 @@ #include #include +#include #include #include "hal-security-certs.h" @@ -67,18 +68,23 @@ TEST_F(SECURITY_CERTS, CreateAndFreeKeyContextPositive) int ret; hal_security_certs_context_s context; - std::string correct_key_type = "RSA"; - hal_security_certs_data_s correct_key_type_data_s = - { - const_cast(correct_key_type.c_str()), - correct_key_type.size() - }; + for (const std::string key_type : {"RSA", "ECDSA"}) { + hal_security_certs_data_s correct_key_type_data_s = + { + const_cast(key_type.c_str()), + key_type.size() + }; - ret = hal_security_certs_create_key_context(&context, correct_key_type_data_s); - EXPECT_EQ(ret, 0) << "Failed to create key context (" << ret << ")"; + ret = hal_security_certs_create_key_context(&context, correct_key_type_data_s); + if (ret == -ENODATA) { + GTEST_LOG_(WARNING) << "Key type not supported by backend: " << key_type <<". Skipping."; + continue; + } + EXPECT_EQ(ret, 0) << "Failed to create key context (" << ret << ")"; - ret = hal_security_certs_free_key_context(&context); - EXPECT_EQ(ret, 0) << "Failed to free key context (" << ret << ")"; + ret = hal_security_certs_free_key_context(&context); + EXPECT_EQ(ret, 0) << "Failed to free key context (" << ret << ")"; + } } TEST_F(SECURITY_CERTS, CreateKeyContextNegative) @@ -112,6 +118,10 @@ TEST_F(SECURITY_CERTS, RequestCertificateChainContextPositive) }; ret = hal_security_certs_create_key_context(&context, key_type_data_s); + if (ret == -ENODATA) { + GTEST_LOG_(WARNING) << "Key type not supported by backend: " << key_type <<". Skipping."; + continue; + } EXPECT_EQ(ret, 0) << "Failed to create key context (" << ret << ")"; hal_security_certs_data_s chain; @@ -153,6 +163,10 @@ TEST_F(SECURITY_CERTS, SignCryptoDataPositive) }; ret = hal_security_certs_create_key_context(&context, key_type_data_s); + if (ret == -ENODATA) { + GTEST_LOG_(WARNING) << "Key type not supported by backend: " << key_type <<". Skipping."; + continue; + } EXPECT_EQ(ret, 0) << "Failed to create key context (" << ret << ")"; for (auto &digest : digest_length_map) { @@ -166,6 +180,10 @@ TEST_F(SECURITY_CERTS, SignCryptoDataPositive) hal_security_certs_data_s signature; hal_security_certs_digest_type_e digest_type = static_cast(digest.first); ret = hal_security_certs_sign_crypto_data(&context, digest_type, message_data_s, &signature); + if (ret == -ENODATA) { + GTEST_LOG_(WARNING) << "Digest type not supported by backend: " << digest.first <<". Skipping."; + continue; + } EXPECT_EQ(ret, 0) << "Failed to sign crypto data (" << ret << ")"; EXPECT_TRUE(signature.length > 0) << "Signature length is zero"; free(signature.buffer); @@ -181,34 +199,39 @@ TEST_F(SECURITY_CERTS, SignCryptoDataNegative) int ret; hal_security_certs_context_s context; - std::string key_type = "RSA"; - hal_security_certs_data_s key_type_data_s = - { - const_cast(key_type.c_str()), - key_type.size() - }; + for (const std::string key_type : {"RSA", "ECDSA"}) { + hal_security_certs_data_s key_type_data_s = + { + const_cast(key_type.c_str()), + key_type.size() + }; - ret = hal_security_certs_create_key_context(&context, key_type_data_s); - EXPECT_EQ(ret, 0) << "Failed to create key context (" << ret << ")"; + ret = hal_security_certs_create_key_context(&context, key_type_data_s); + if (ret == -ENODATA) { + GTEST_LOG_(WARNING) << "Key type not supported by backend: " << key_type <<". Skipping."; + continue; + } + EXPECT_EQ(ret, 0) << "Failed to create key context (" << ret << ")"; - char data[20] = {0,}; - hal_security_certs_data_s message_data_s = - { - data, - sizeof(data) - }; + char data[20] = {0,}; + hal_security_certs_data_s message_data_s = + { + data, + sizeof(data) + }; - hal_security_certs_data_s signature; - ret = hal_security_certs_sign_crypto_data( - &context, HAL_SECURITY_CERTS_DIGEST_TYPE_SHA256, message_data_s, &signature); - EXPECT_EQ(ret, -EINVAL) << "Succeded with wrong size of crypto data to sign (" << ret << ")"; + hal_security_certs_data_s signature; + ret = hal_security_certs_sign_crypto_data( + &context, HAL_SECURITY_CERTS_DIGEST_TYPE_SHA256, message_data_s, &signature); + EXPECT_EQ(ret, -EINVAL) << "Succeded with wrong size of crypto data to sign (" << ret << ")"; - hal_security_certs_digest_type_e wrong_digest_type = static_cast(-1); - ret = hal_security_certs_sign_crypto_data(&context, wrong_digest_type, message_data_s, &signature); - EXPECT_EQ(ret, -EINVAL) << "Succeded with wrong digest type to sign crypto data (" << ret << ")"; + hal_security_certs_digest_type_e wrong_digest_type = static_cast(-1); + ret = hal_security_certs_sign_crypto_data(&context, wrong_digest_type, message_data_s, &signature); + EXPECT_EQ(ret, -ENODATA) << "Succeded with wrong digest type to sign crypto data (" << ret << ")"; - ret = hal_security_certs_free_key_context(&context); - EXPECT_EQ(ret, 0) << "Failed to free key context (" << ret << ")"; + ret = hal_security_certs_free_key_context(&context); + EXPECT_EQ(ret, 0) << "Failed to free key context (" << ret << ")"; + } } TEST_F(SECURITY_CERTS, GetKeyTypeAndLengthPositive) @@ -236,6 +259,10 @@ TEST_F(SECURITY_CERTS, GetKeyTypeAndLengthPositive) hal_security_certs_context_s context; ret = hal_security_certs_create_key_context(&context, key_type_data_s); + if (ret == -ENODATA) { + GTEST_LOG_(WARNING) << "Key type not supported by backend: " << key_type <<". Skipping."; + continue; + } EXPECT_EQ(ret, 0) << "Failed to create key context (" << ret << ")"; ret = hal_security_certs_get_key_type(&context, &ret_key_type_enum); @@ -256,7 +283,7 @@ TEST_F(SECURITY_CERTS, ExtCallApiNegative) { int ret; - std::string method_name = "test-method-name"; + std::string method_name = "method-with-a-privilege-not-granted"; hal_security_certs_data_s method_name_data_s = { const_cast(method_name.c_str()), @@ -267,14 +294,17 @@ TEST_F(SECURITY_CERTS, ExtCallApiNegative) hal_security_certs_data_s output_data_s; ret = hal_security_certs_ext_call_api(method_name_data_s, input_data_s, &output_data_s); - EXPECT_EQ(ret, -EINVAL) << "Executesd not exisitng external call api method (" << ret << ")"; + if (ret == -EINVAL) + GTEST_LOG_(WARNING) << "Method not supported by backend: \"" << method_name <<"\". Skipping."; + else + EXPECT_EQ(ret, 0) << "Failed to call external api method (" << ret << ")"; } TEST_F(SECURITY_CERTS, ExtGetApiPrivilegeNegative) { int ret; - std::string method_name = "test-method-name"; + std::string method_name = "method-with-a-privilege-not-granted"; hal_security_certs_data_s method_name_data_s = { const_cast(method_name.c_str()), @@ -284,5 +314,8 @@ TEST_F(SECURITY_CERTS, ExtGetApiPrivilegeNegative) hal_security_certs_data_s privilege; ret = hal_security_certs_ext_get_api_privilege(method_name_data_s, &privilege); - EXPECT_EQ(ret, -EINVAL) << "Executesd not exisitng external call api method (" << ret << ")"; + if (ret == -EINVAL) + GTEST_LOG_(WARNING) << "Method not supported by backend: \"" << method_name <<"\". Skipping."; + else + EXPECT_EQ(ret, 0) << "Failed to call external api method (" << ret << ")"; }