未验证 提交 56c164e7 编写于 作者: O openharmony_ci 提交者: Gitee

!5367 修改一些问题

Merge pull request !5367 from 伞木希美/master
......@@ -16,27 +16,29 @@ import huks from "@ohos.security.huks";
import systemTime from "@ohos.systemTime";
import { describe, it, expect } from "@ohos/hypium";
let hks_default_auth_token_key = "huks_default_user_auth_token_key";
const authTokenSize = 116;
let authToken = new Uint8Array(authTokenSize);
let authTokenData = new Uint8Array(authTokenSize - 32);
let aes256Key = new Uint8Array([
0x00, 0x00, 0x00, 0x00, 0x9c, 0xf6, 0x7a, 0x8d, 0xce, 0xc2, 0x7f, 0xa7, 0xd9,
0xfd, 0xf1, 0xad, 0xac, 0xf0, 0xb3, 0x8c, 0xe8, 0x16, 0xa2, 0x65, 0xcc, 0x18,
0x55, 0x60, 0xcd, 0x2f, 0xf5, 0xe5,
]);
let securityLevel = stringToUint8Array("sec_level");
let challenge = stringToUint8Array("challenge_data");
let versionInfo = stringToUint8Array("version_info");
let keyAliasString = "key attest";
function stringToArray(str) {
let arr = [];
for (let i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i));
function attestKey(str) {
return new Promise((resolve, reject) => {
huks.attestKey(srcKeyAlies, HuksOptions, function (err, data) {
try {
if (err.code !== 0) {
console.log(
"test generateKey err information: " + JSON.stringify(err)
);
reject(err);
} else {
resolve(data);
}
return arr;
} catch (e) {
console.log("test generateKey err information: " + JSON.stringify(e));
reject(e);
}
});
});
}
function stringToUint8Array(str) {
......@@ -48,482 +50,6 @@ function stringToUint8Array(str) {
return tmpUint8Array;
}
function makeEmptyOption() {
let emptyOption = {
properties: [],
};
return emptyOption;
}
function uintXToBytes(value, Xbit, buffer, index) {
let bytes = Xbit / 8;
for (let i = 1; i <= bytes; i++) {
buffer[index++] = (value >> ((i - 1) * 8)) & 0xff;
}
}
function copyBytes(bytesBuffer, byteLen, buffer, index) {
for (let i = 0; i < byteLen; i++) {
buffer[index++] = bytesBuffer[i];
}
}
function copyByteTo(bytesBuffer, pos, start, end) {
for (let i = start; i <= end; i++) {
pos[i] = bytesBuffer[i];
}
}
function makeAESKeyOptions() {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES,
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256,
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT,
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_NONE,
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_CBC,
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_IV,
value: new Uint8Array(16),
};
let options = {
properties: properties,
};
return options;
}
function makeAESKeyOptionsWithAuthToken(authToken) {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_AES,
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256,
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT,
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_PADDING,
value: huks.HuksKeyPadding.HUKS_PADDING_NONE,
};
properties[4] = {
tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE,
value: huks.HuksCipherMode.HUKS_MODE_CBC,
};
properties[5] = {
tag: huks.HuksTag.HUKS_TAG_AUTH_TOKEN,
value: authToken,
};
let options = {
properties: properties,
};
return options;
}
async function generateAuthToken(
importAliasHmac,
importHmacOption,
challenge,
secureUid,
authType,
enrollId,
time
) {
uintXToBytes(0, 32, authTokenData, 0); // version
uintXToBytes(secureUid, 32, authTokenData, 36);
uintXToBytes(0, 32, authTokenData, 40);
uintXToBytes(enrollId, 32, authTokenData, 44);
uintXToBytes(0, 32, authTokenData, 48);
uintXToBytes(0, 64, authTokenData, 52);
uintXToBytes(time, 32, authTokenData, 60);
uintXToBytes(0, 32, authTokenData, 64);
uintXToBytes(0, 32, authTokenData, 68);
uintXToBytes(authType, 32, authTokenData, 72);
uintXToBytes(0, 32, authTokenData, 76);
uintXToBytes(0, 32, authTokenData, 80);
// 导入Hmac key
await huks
.importKey(importAliasHmac, importHmacOption)
.then(async (data) => {
console.error(`generateAuthToken importKey data ${JSON.stringify(data)}`);
})
.catch((err) => {
console.error(
`generateAuthToken importKey err: " + ${JSON.stringify(err)}`
);
});
// 使用三段式对Authtoken进行HMAC
let handle;
// HksInit初始化key
let initHmacOption = makeHmacKeyOption(false, null);
await huks
.init(importAliasHmac, initHmacOption)
.then(async (data) => {
handle = data.handle;
})
.catch((err) => {
console.error(
`generateAuthToken test init err: " + ${JSON.stringify(err)}`
);
});
copyBytes(challenge, 32, authTokenData, 4);
// finish完成签名
let finishHmacOption = makeHmacKeyOption(true, authTokenData);
await huks
.finish(handle, finishHmacOption)
.then((data) => {
console.error(
`generateAuthToken test finish data ${JSON.stringify(data)}`
);
copyBytes(data.outData, 32, authToken, 84); // copy sign to authToken
copyBytes(authTokenData, 84, authToken, 0); // copy authToken data to authToken
})
.catch((err) => {
console.error("generateAuthToken test finish err information: " + err);
});
}
function makeHmacKeyOption(isImportKey, inKey) {
let properties = new Array();
properties[0] = {
tag: huks.HuksTag.HUKS_TAG_ALGORITHM,
value: huks.HuksKeyAlg.HUKS_ALG_HMAC,
};
properties[1] = {
tag: huks.HuksTag.HUKS_TAG_KEY_SIZE,
value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_256,
};
properties[2] = {
tag: huks.HuksTag.HUKS_TAG_PURPOSE,
value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_MAC,
};
properties[3] = {
tag: huks.HuksTag.HUKS_TAG_DIGEST,
value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256,
};
if (isImportKey) {
let optionsWithIndata = {
properties: properties,
inData: inKey,
};
return optionsWithIndata;
} else {
let optionsWithoutIndata = {
properties: properties,
};
return optionsWithoutIndata;
}
}
async function generateAndInit(mode, alies, aes256) {
console.error(`${alies} sudato!`);
if (mode == "generate") {
await huks
.generateKey(alies, aes256)
.then(async (data) => {
console.error(`generateKey success ${JSON.stringify(data)}`);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error(`generateKey err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
}
if (mode == "import") {
await huks
.importKey(alies, aes256)
.then(async (data) => {
console.error(`generateKey success ${JSON.stringify(data)}`);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error(`generateKey err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
}
await huks
.getKeyProperties(alies, makeEmptyOption())
.then(async (data) => {
console.error(`test finish data ${JSON.stringify(data)}`);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error(`test init err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
let initAesOption = makeAESKeyOptions();
// HksInit初始化key
let data = await huks
.init(alies, initAesOption)
.then(async (data) => {
console.error(
`HuksTest_AlgCompletion_AccessControl test init success ${JSON.stringify(
data
)}`
);
return data;
})
.catch((err) => {
console.error(`test init err: " + ${JSON.stringify(err)}`);
return err;
});
console.error(`${alies} doing!`);
return data;
}
async function multiIdentify(
importAliasHmac,
importHmacOption,
alies,
aes256,
authMode
) {
await huks
.generateKey(alies, aes256)
.then(async (data) => {
console.error(`generateKey success ${JSON.stringify(data)}`);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error(`generateKey err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
let challengeAll = new Uint8Array(32);
let handle1, challenge1;
let handle2, challenge2;
let handle3, challenge3;
let handle4, challenge4;
let initAesOption = makeAESKeyOptions();
await huks
.init(alies, initAesOption)
.then(async (data) => {
handle1 = data.handle;
challenge1 = data.token;
copyByteTo(challenge1, challengeAll, 0, 7);
console.error(
`HuksTest_AlgCompletion_AccessControl test init success ${JSON.stringify(
data
)}`
);
})
.catch((err) => {
console.error(`test init err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
await huks
.init(alies, initAesOption)
.then(async (data) => {
handle2 = data.handle;
challenge2 = data.token;
copyByteTo(challenge2, challengeAll, 8, 16);
console.error(
`HuksTest_AlgCompletion_AccessControl test init success ${JSON.stringify(
data
)}`
);
})
.catch((err) => {
console.error(`test init err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
await huks
.init(alies, initAesOption)
.then(async (data) => {
handle3 = data.handle;
challenge3 = data.token;
copyByteTo(challenge3, challengeAll, 17, 24);
console.error(
`HuksTest_AlgCompletion_AccessControl test init success ${JSON.stringify(
data
)}`
);
})
.catch((err) => {
console.error(`test init err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
await huks
.init(alies, initAesOption)
.then(async (data) => {
handle4 = data.handle;
challenge4 = data.token;
copyByteTo(challenge4, challengeAll, 25, 32);
console.error(
`HuksTest_AlgCompletion_AccessControl test init success ${JSON.stringify(
data
)}`
);
})
.catch((err) => {
console.error(`test init err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
if (authMode == "pin") {
await generateAuthToken(
importAliasHmac,
importHmacOption,
challengeAll,
1,
1,
1,
0
);
}
if (authMode == "face") {
await generateAuthToken(
importAliasHmac,
importHmacOption,
challengeAll,
1,
2,
3,
0
);
}
if (authMode == "finger") {
await generateAuthToken(
importAliasHmac,
importHmacOption,
challengeAll,
1,
4,
2,
0
);
}
let finishOption = makeAESKeyOptionsWithAuthToken(authToken);
await huks
.finish(handle1, finishOption)
.then((data) => {
console.error(
`HuksTest_AlgCompletion_AccessControl test finish data ${JSON.stringify(
data
)}`
);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error("test finish err information: " + err);
expect(null).assertFail();
});
await huks
.finish(handle2, finishOption)
.then((data) => {
console.error(
`HuksTest_AlgCompletion_AccessControl test finish data ${JSON.stringify(
data
)}`
);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error("test finish err information: " + err);
expect(null).assertFail();
});
await huks
.finish(handle3, finishOption)
.then((data) => {
console.error(
`HuksTest_AlgCompletion_AccessControl test finish data ${JSON.stringify(
data
)}`
);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error("test finish err information: " + err);
expect(null).assertFail();
});
await huks
.finish(handle4, finishOption)
.then((data) => {
console.error(
`HuksTest_AlgCompletion_AccessControl test finish data ${JSON.stringify(
data
)}`
);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error("test finish err information: " + err);
expect(null).assertFail();
});
let deleteKeyOption = makeEmptyOption();
await huks
.deleteKey(alies, deleteKeyOption)
.then(async (data) => {
console.error(
`HuksTest_AlgCompletion_AccessControl deleteKey success ${JSON.stringify(
data
)}`
);
})
.catch((err) => {
console.error(`deleteKey err: " + ${JSON.stringify(err)}`);
});
}
async function finishStep(handle, alies, errCode) {
let finishOption = makeAESKeyOptionsWithAuthToken(authToken);
await huks
.finish(handle, finishOption)
.then((data) => {
console.error(
`HuksTest_AlgCompletion_AccessControl test finish data ${JSON.stringify(
data
)}`
);
expect(data.errorCode == errCode).assertTrue();
})
.catch((err) => {
console.error("test finish err information: " + err);
expect(err.code == errCode).assertTrue();
});
let deleteKeyOption = makeEmptyOption();
await huks
.deleteKey(alies, deleteKeyOption)
.then(async (data) => {
console.error(
`HuksTest_AlgCompletion_AccessControl deleteKey success ${JSON.stringify(
data
)}`
);
})
.catch((err) => {
console.error(`deleteKey err: " + ${JSON.stringify(err)}`);
});
console.error(`${alies} end!`);
}
function usePinNormal(inData) {
let propertiesWithPin = new Array();
propertiesWithPin[0] = {
......@@ -1186,75 +712,6 @@ async function generateKeyAttest(alias) {
export default function SecurityHuksFaceFingerNormalJsunit() {
describe("SecurityHuksFaceFingerNormalJsunit", function () {
/**
* @tc.number HUKS_Cipher_AuthToken_1300
* @tc.name HUKS_Cipher_AuthToken_1300.
* @tc.desc verify once and multi authorize with PIN.
*/
it("HUKS_Cipher_AuthToken_1300", 0, async function (done) {
let alias = "HUKS_Cipher_AuthToken_1300";
let aliasHMAC = "HUKS_Cipher_AuthToken_1300_HMAC";
let inData = new Uint8Array(new Array());
let importHmacOption = makeHmacKeyOption(
true,
stringToUint8Array(hks_default_auth_token_key)
);
multiIdentify(
aliasHMAC,
importHmacOption,
alias,
usePinMulti(inData),
"pin"
);
done();
});
/**
* @tc.number HUKS_Cipher_AuthToken_1400
* @tc.name HUKS_Cipher_AuthToken_1400.
* @tc.desc verify once and multi authorize with finger.
*/
it("HUKS_Cipher_AuthToken_1400", 0, async function (done) {
let alias = "HUKS_Cipher_AuthToken_1400";
let aliasHMAC = "HUKS_Cipher_AuthToken_1400_HMAC";
let inData = new Uint8Array(new Array());
let importHmacOption = makeHmacKeyOption(
true,
stringToUint8Array(hks_default_auth_token_key)
);
multiIdentify(
aliasHMAC,
importHmacOption,
alias,
useFingerMulti(inData),
"finger"
);
done();
});
/**
* @tc.number HUKS_Cipher_AuthToken_1500
* @tc.name HUKS_Cipher_AuthToken_1500.
* @tc.desc verify once and multi authorize with face.
*/
it("HUKS_Cipher_AuthToken_1500", 0, async function (done) {
let alias = "HUKS_Cipher_AuthToken_1500";
let aliasHMAC = "HUKS_Cipher_AuthToken_1500_HMAC";
let inData = new Uint8Array(new Array());
let importHmacOption = makeHmacKeyOption(
true,
stringToUint8Array(hks_default_auth_token_key)
);
multiIdentify(
aliasHMAC,
importHmacOption,
alias,
useFaceMulti(inData),
"face"
);
done();
});
/**
* @tc.number HUKS_Cipher_AuthToken_2900
* @tc.name HUKS_Cipher_AuthToken_2900.
......@@ -1282,6 +739,33 @@ export default function SecurityHuksFaceFingerNormalJsunit() {
done();
});
/**
* @tc.number HUKS_Cipher_AuthToken_3000
* @tc.name HUKS_Cipher_AuthToken_3000.
* @tc.desc HUKS_TAG_KEY_AUTH_ACCESS_TYPE invalid and generate.
*/
it("HUKS_Cipher_AuthToken_3000", 0, async function (done) {
let alias = "HUKS_Cipher_AuthToken_3000";
let inData = new Uint8Array(new Array());
let option = usePinNormal(inData);
let err = {
tag: huks.HuksTag.HUKS_TAG_KEY_AUTH_ACCESS_TYPE,
value: -1,
};
option.properties.splice(6, 1, err);
await huks
.generateKey(alias, option)
.then(async (data) => {
console.error(`generateKey success ${JSON.stringify(data)}`);
expect(data.errorCode == -4).assertTrue();
})
.catch((err) => {
console.error(`generateKey err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
done();
});
/**
* @tc.number HUKS_Cipher_AuthToken_3100
* @tc.name HUKS_Cipher_AuthToken_3100.
......@@ -1309,6 +793,33 @@ export default function SecurityHuksFaceFingerNormalJsunit() {
done();
});
/**
* @tc.number HUKS_Cipher_AuthToken_3200
* @tc.name HUKS_Cipher_AuthToken_3200.
* @tc.desc HUKS_TAG_CHALLENGE_POS invalid and generate.
*/
it("HUKS_Cipher_AuthToken_3200", 0, async function (done) {
let alias = "HUKS_Cipher_AuthToken_3200";
let inData = new Uint8Array(new Array());
let option = usePinNormal(inData);
let err = {
tag: huks.HuksTag.HUKS_TAG_CHALLENGE_POS,
value: -1,
};
option.properties.splice(8, 1, err);
await huks
.generateKey(alias, option)
.then(async (data) => {
console.error(`generateKey success ${JSON.stringify(data)}`);
expect(data.errorCode == -4).assertTrue();
})
.catch((err) => {
console.error(`generateKey err: " + ${JSON.stringify(err)}`);
expect(null).assertFail();
});
done();
});
/**
* @tc.number HUKS_Cipher_AuthToken_3300
* @tc.name HUKS_Cipher_AuthToken_3300.
......@@ -1395,13 +906,25 @@ export default function SecurityHuksFaceFingerNormalJsunit() {
await huks
.attestKey(aliasString, options)
.then((data) => {
console.error(`attest key data: ${JSON.stringify(data)}`);
console.log(`attest key data: ${JSON.stringify(data)}`);
expect(data.certChains.length > 0).assertTrue();
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error(`attest key data: ${JSON.stringify(err)}`);
expect(null).assertFail();
});
await attestKey(aliasString, options)
.then((data) => {
console.log("test generateKey data: " + JSON.stringify(data));
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error(`test init err: ${JSON.stringify(err)}`);
expect(null).assertFail();
});
done();
});
});
......
......@@ -22,6 +22,7 @@ import { stringToArray } from "../../../../../../utils/param/publicFunc.js";
var handle;
let srcData63Kb = Data.Date63KB;
let srcData65Kb = Data.Date65KB;
let emptyOptions = { properties: [] };
async function publicHmacGenFunc(srcKeyAlies, HuksOptions) {
HuksOptions.properties.splice(1, 0, HuksHmac.HuksKeySIZE);
......@@ -32,12 +33,96 @@ async function publicHmacGenFunc(srcKeyAlies, HuksOptions) {
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.log("test generateKey err information: " + JSON.stringify(err));
console.error("test generateKey err information: " + JSON.stringify(err));
expect(null).assertFail();
});
await huks
.getKeyProperties(srcKeyAlies, HuksOptions)
.then(async (data) => {
console.log(`test finish data ${JSON.stringify(data)}`);
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error("test init err: " + JSON.stringify(err));
expect(null).assertFail();
});
await getKeyProperties(srcKeyAlies, HuksOptions)
.then((data) => {
console.log("test generateKey data: " + JSON.stringify(data));
expect(data.errorCode == 0).assertTrue();
})
.catch((err) => {
console.error("test init err: " + JSON.stringify(err));
expect(null).assertFail();
});
await huks
.isKeyExist(srcKeyAlies, emptyOptions)
.then(async (data) => {
console.log("isKeyExist data: " + JSON.stringify(data));
expect(data == true).assertTrue();
})
.catch((err) => {
console.error("isKeyExist err: " + JSON.stringify(err));
expect(null).assertFail();
});
await isKeyExist(srcKeyAlies, emptyOptions)
.then((data) => {
console.log("isKeyExist data: " + JSON.stringify(data));
expect(data == true).assertTrue();
})
.catch((err) => {
console.error("isKeyExist err: " + JSON.stringify(err));
expect(null).assertFail();
});
HuksOptions.properties.splice(1, 1);
}
function getKeyProperties(srcKeyAlies, HuksOptions) {
return new Promise((resolve, reject) => {
huks.getKeyProperties(srcKeyAlies, HuksOptions, function (err, data) {
try {
if (err.code != 0) {
console.error(
"test generateKey err information: " + JSON.stringify(err)
);
reject(err);
} else {
resolve(data);
}
} catch (e) {
console.error(
"test generateKey err information:: " + JSON.stringify(e)
);
reject(e);
}
});
});
}
function isKeyExist(srcKeyAlies, emptyOptions) {
return new Promise((resolve, reject) => {
huks.isKeyExist(srcKeyAlies, emptyOptions, function (err, data) {
try {
if (err.code != 0) {
console.error(
"test isKeyExist err information: " + JSON.stringify(err)
);
reject(err);
} else {
resolve(data);
}
} catch (e) {
console.error("test isKeyExist err information: " + JSON.stringify(e));
reject(e);
}
});
});
}
async function publicHmacInitFunc(srcKeyAlies, HuksOptions) {
await huks
.init(srcKeyAlies, HuksOptions)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册