From 5e47b6711935bde82e2c27d7de6467e82bf4b61b Mon Sep 17 00:00:00 2001 From: panjie Date: Thu, 21 Aug 2025 15:34:07 +0800 Subject: [PATCH] support gmssl Signed-off-by: panjie Change-Id: Ic3f0a66c8a5edb5c5b1d48ce929938700f19ddf6 --- .../async_context/include/request_context.h | 4 + .../async_context/src/request_context.cpp | 36 +++++++++ .../js/napi/http/constant/include/constant.h | 3 + .../js/napi/http/constant/src/constant.cpp | 3 + .../napi/http/http_exec/include/http_exec.h | 2 + .../js/napi/http/http_exec/src/http_exec.cpp | 69 +++++++++++++---- .../http/http_module/include/http_module.h | 6 ++ .../napi/http/http_module/src/http_module.cpp | 29 +++++++ .../options/include/http_request_options.h | 18 +++++ .../http/options/src/http_request_options.cpp | 35 ++++++++- .../http/http_client/http_client_request.cpp | 24 +++++- .../http/http_client/http_client_task.cpp | 32 +++++++- .../http_client/include/http_client_request.h | 31 ++++++++ .../http_client/include/http_client_task.h | 6 ++ interfaces/kits/js/@ohos.net.http.d.ts | 26 +++++++ test/unittest/http/HttpExecTest.cpp | 25 +++++++ test/unittest/http/HttpRequestOptionsTest.cpp | 75 +++++++++++++++++++ .../http_client/HttpClientRequestTest.cpp | 60 +++++++++++++++ .../http_client/HttpClientTaskTest.cpp | 26 +++++++ .../HttpClientRequestTest.cpp | 61 +++++++++++++++ .../http_client_test/HttpClientTaskTest.cpp | 26 +++++++ .../http_test/HttpClientRequestTest.cpp | 61 +++++++++++++++ 22 files changed, 642 insertions(+), 16 deletions(-) diff --git a/frameworks/js/napi/http/async_context/include/request_context.h b/frameworks/js/napi/http/async_context/include/request_context.h index ee101fd95..74ed9eca4 100644 --- a/frameworks/js/napi/http/async_context/include/request_context.h +++ b/frameworks/js/napi/http/async_context/include/request_context.h @@ -244,6 +244,10 @@ private: void SaveFormData(napi_env env, napi_value dataValue, MultiFormData &multiFormData); void ParseAddressFamily(napi_value optionsValue); + + void ParseSslType(napi_value optionsValue); + + void ParseClientEncCert(napi_value optionsValue); }; } // namespace OHOS::NetStack::Http diff --git a/frameworks/js/napi/http/async_context/src/request_context.cpp b/frameworks/js/napi/http/async_context/src/request_context.cpp index eaf3013a3..9fbfb8a7c 100755 --- a/frameworks/js/napi/http/async_context/src/request_context.cpp +++ b/frameworks/js/napi/http/async_context/src/request_context.cpp @@ -562,6 +562,8 @@ void RequestContext::UrlAndOptions(napi_value urlValue, napi_value optionsValue) ParseServerAuthentication(optionsValue); SetParseOK(true); ParseAddressFamily(optionsValue); + ParseSslType(optionsValue); + ParseClientEncCert(optionsValue); } bool RequestContext::IsUsingCache() const @@ -1097,4 +1099,38 @@ void RequestContext::ParseAddressFamily(napi_value optionsValue) options.SetAddressFamily(addressFamily); } } + +void RequestContext::ParseSslType(napi_value optionsValue) +{ + napi_env env = GetEnv(); + SslType sslType; + auto sType = NapiUtils::GetStringPropertyUtf8(env, optionsValue, HttpConstant::SSL_TYPE_TLCP); + if (sType == "TLCP") { + sslType = SslType::TLCP; + } else { + sslType = SslType::TLS; + } + options.SetSslType(sslType); +} + +void RequestContext::ParseClientEncCert(napi_value optionsValue) +{ + if (!NapiUtils::HasNamedProperty(GetEnv(), optionsValue, HttpConstant::PARAM_KEY_CLIENT_ENC_CERT)) { + return; + } + napi_value clientCertValue = + NapiUtils::GetNamedProperty(GetEnv(), optionsValue, HttpConstant::PARAM_KEY_CLIENT_ENC_CERT); + napi_valuetype type = NapiUtils::GetValueType(GetEnv(), clientCertValue); + if (type != napi_object) { + return; + } + std::string cert = NapiUtils::GetStringPropertyUtf8(GetEnv(), clientCertValue, HttpConstant::HTTP_CLIENT_CERT); + std::string certType = + NapiUtils::GetStringPropertyUtf8(GetEnv(), clientCertValue, HttpConstant::HTTP_CLIENT_CERT_TYPE); + std::string key = NapiUtils::GetStringPropertyUtf8(GetEnv(), clientCertValue, HttpConstant::HTTP_CLIENT_KEY); + Secure::SecureChar keyPasswd = Secure::SecureChar( + NapiUtils::GetStringPropertyUtf8(GetEnv(), clientCertValue, HttpConstant::HTTP_CLIENT_KEY_PASSWD)); + options.SetClientEncCert(cert, certType, key, keyPasswd); +} + } // namespace OHOS::NetStack::Http diff --git a/frameworks/js/napi/http/constant/include/constant.h b/frameworks/js/napi/http/constant/include/constant.h index 5fa1da25b..27601cc73 100644 --- a/frameworks/js/napi/http/constant/include/constant.h +++ b/frameworks/js/napi/http/constant/include/constant.h @@ -237,6 +237,9 @@ public: static const char *const HTTP_ADDRESS_FAMILY_UNSPEC; static const char *const HTTP_ADDRESS_FAMILY_ONLYV4; static const char *const HTTP_ADDRESS_FAMILY_ONLYV6; + + static const char *const SSL_TYPE_TLCP; + static const char *const PARAM_KEY_CLIENT_ENC_CERT; }; } // namespace OHOS::NetStack::Http diff --git a/frameworks/js/napi/http/constant/src/constant.cpp b/frameworks/js/napi/http/constant/src/constant.cpp index b094bace8..f8b43cb87 100644 --- a/frameworks/js/napi/http/constant/src/constant.cpp +++ b/frameworks/js/napi/http/constant/src/constant.cpp @@ -134,4 +134,7 @@ const char *const HttpConstant::PARAM_KEY_ADDRESS_FAMILY = "addressFamily"; const char *const HttpConstant::HTTP_ADDRESS_FAMILY_UNSPEC = "DEFAULT"; const char *const HttpConstant::HTTP_ADDRESS_FAMILY_ONLYV4 = "ONLY_V4"; const char *const HttpConstant::HTTP_ADDRESS_FAMILY_ONLYV6 = "ONLY_V6"; + +const char *const HttpConstant::SSL_TYPE_TLCP = "sslType"; +const char *const HttpConstant::PARAM_KEY_CLIENT_ENC_CERT = "clientEncCert"; } // namespace OHOS::NetStack::Http diff --git a/frameworks/js/napi/http/http_exec/include/http_exec.h b/frameworks/js/napi/http/http_exec/include/http_exec.h index 6b0ca2af6..54ce0a99e 100644 --- a/frameworks/js/napi/http/http_exec/include/http_exec.h +++ b/frameworks/js/napi/http/http_exec/include/http_exec.h @@ -144,6 +144,8 @@ private: static curl_off_t GetSizeFromCurl(CURL *handle, RequestContext *context); + static bool SetSslTypeAndClientEncCert(CURL *curl, RequestContext *context); + #if !HAS_NETMANAGER_BASE static void RunThread(); diff --git a/frameworks/js/napi/http/http_exec/src/http_exec.cpp b/frameworks/js/napi/http/http_exec/src/http_exec.cpp index 8037af626..9b0513122 100755 --- a/frameworks/js/napi/http/http_exec/src/http_exec.cpp +++ b/frameworks/js/napi/http/http_exec/src/http_exec.cpp @@ -298,17 +298,19 @@ bool SetTraceOptions(CURL *curl, RequestContext *context) }, context); //this option may be overriden if HTTP_MULTIPATH_CERT_ENABLE enabled - NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_CTX_DATA, context, context); - NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_CTX_FUNCTION, - +[](CURL *, void *, void *clientp) { - if (!clientp) { - NETSTACK_LOGE("ssl_ctx func clientp pointer is null"); - return 0; - } - auto ctx = reinterpret_cast(clientp); - ctx->GetTrace().Tracepoint(TraceEvents::TLS); - return CURL_SOCKOPT_OK; - }, context); + if (context->options.GetSslType() != SslType::TLCP) { + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_CTX_DATA, context, context); + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_CTX_FUNCTION, + +[](CURL *, void *, void *clientp) { + if (!clientp) { + NETSTACK_LOGE("ssl_ctx func clientp pointer is null"); + return 0; + } + auto ctx = reinterpret_cast(clientp); + ctx->GetTrace().Tracepoint(TraceEvents::TLS); + return CURL_SOCKOPT_OK; + }, context); + } NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_PREREQDATA, context, context); NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_PREREQFUNCTION, @@ -1366,8 +1368,10 @@ bool HttpExec::SetServerSSLCertOption(CURL *curl, OHOS::NetStack::Http::RequestC } } #if defined(HTTP_MULTIPATH_CERT_ENABLE) || defined(HTTP_ONLY_VERIFY_ROOT_CA_ENABLE) - NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_CTX_FUNCTION, SslCtxFunction, context); - NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_CTX_DATA, context, context); + if (context->options.GetSslType() != SslType::TLCP) { + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_CTX_FUNCTION, SslCtxFunction, context); + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_CTX_DATA, context, context); + } #endif #else NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_CAINFO, nullptr, context); @@ -1379,6 +1383,9 @@ bool HttpExec::SetServerSSLCertOption(CURL *curl, OHOS::NetStack::Http::RequestC NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_VERIFYHOST, 0L, context); NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSL_VERIFYPEER, 0L, context); #endif // NO_SSL_CERTIFICATION + if (!SetSslTypeAndClientEncCert(curl, context)) { + return false; + } return true; } @@ -2070,4 +2077,40 @@ bool HttpExec::SetIpResolve(CURL *curl, RequestContext *context) } return true; } + +bool HttpExec::SetSslTypeAndClientEncCert(CURL *curl, RequestContext *context) +{ + auto sslType = context->options.GetSslType(); + if (sslType != SslType::TLCP) { + return true; + } else { + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLCPv1_1, context); + + if (!context->options.GetCaPath().empty()) { + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_CAINFO, context->options.GetCaPath().c_str(), context); + } + + std::string encCert; + std::string encCertType; + std::string encKey; + Secure::SecureChar encKeyPasswd; + context->options.GetClientEncCert(encCert, encCertType, encKey, encKeyPasswd); + + if (encCert.empty()) { + return false; + } + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSLENCCERT, encCert.c_str(), context); + if (!encKey.empty()) { + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSLENCKEY, encKey.c_str(), context); + } + if (!encCertType.empty()) { + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_SSLCERTTYPE, encCertType.c_str(), context); + } + if (encKeyPasswd.Length() > 0) { + NETSTACK_CURL_EASY_SET_OPTION(curl, CURLOPT_KEYPASSWD, encKeyPasswd.Data(), context); + } + } + return true; +} + } // namespace OHOS::NetStack::Http diff --git a/frameworks/js/napi/http/http_module/include/http_module.h b/frameworks/js/napi/http/http_module/include/http_module.h index 9f16542cd..9ca1ae3c2 100644 --- a/frameworks/js/napi/http/http_module/include/http_module.h +++ b/frameworks/js/napi/http/http_module/include/http_module.h @@ -58,6 +58,8 @@ public: static constexpr const char *INTERFACE_HTTP_DATA_TYPE = "HttpDataType"; static constexpr const char *INTERFACE_TLS_VERSION = "TlsVersion"; static constexpr const char *INTERFACE_ADDRESS_FAMILY = "AddressFamily"; + static constexpr const char *INTERFACE_SSL_TYPE = "SslType"; + static constexpr const char *INTERFACE_CLIENT_ENC_CERT = "CertType"; static napi_value InitHttpModule(napi_env env, napi_value exports); @@ -85,6 +87,10 @@ private: static void InitHttpDataType(napi_env env, napi_value exports); static void InitAddressFamily(napi_env env, napi_value exports); + + static void InitSslType(napi_env env, napi_value exports); + + static void InitClientEncCert(napi_env env, napi_value exports); }; } // namespace OHOS::NetStack::Http #endif // COMMUNICATIONNETSTACK_HTTP_MODULE_H \ No newline at end of file diff --git a/frameworks/js/napi/http/http_module/src/http_module.cpp b/frameworks/js/napi/http/http_module/src/http_module.cpp index c32614bdc..24bebdbda 100644 --- a/frameworks/js/napi/http/http_module/src/http_module.cpp +++ b/frameworks/js/napi/http/http_module/src/http_module.cpp @@ -138,6 +138,8 @@ void HttpModuleExports::InitHttpProperties(napi_env env, napi_value exports) InitHttpDataType(env, exports); InitTlsVersion(env, exports); InitAddressFamily(env, exports); + InitSslType(env, exports); + InitClientEncCert(env, exports); } void HttpModuleExports::InitRequestMethod(napi_env env, napi_value exports) @@ -399,4 +401,31 @@ void HttpModuleExports::InitAddressFamily(napi_env env, napi_value exports) NapiUtils::DefineProperties(env, httpAddressFamily, properties); NapiUtils::SetNamedProperty(env, exports, INTERFACE_ADDRESS_FAMILY, httpAddressFamily); } + +void HttpModuleExports::InitSslType(napi_env env, napi_value exports) +{ + std::initializer_list properties = { + DECLARE_NAPI_STATIC_PROPERTY("TLS", NapiUtils::CreateUint32(env, static_cast(SslType::TLS))), + DECLARE_NAPI_STATIC_PROPERTY("TLCP", NapiUtils::CreateUint32(env, static_cast(SslType::TLCP))) + }; + + napi_value sslType = NapiUtils::CreateObject(env); + NapiUtils::DefineProperties(env, sslType, properties); + NapiUtils::SetNamedProperty(env, exports, INTERFACE_SSL_TYPE, sslType); +} + +void HttpModuleExports::InitClientEncCert(napi_env env, napi_value exports) +{ + std::initializer_list properties = { + DECLARE_NAPI_STATIC_PROPERTY(HttpConstant::HTTP_CERT_TYPE_PEM, + NapiUtils::CreateStringUtf8(env, HttpConstant::HTTP_CERT_TYPE_PEM)), + DECLARE_NAPI_STATIC_PROPERTY(HttpConstant::HTTP_CERT_TYPE_DER, + NapiUtils::CreateStringUtf8(env, HttpConstant::HTTP_CERT_TYPE_DER)), + DECLARE_NAPI_STATIC_PROPERTY(HttpConstant::HTTP_CERT_TYPE_P12, + NapiUtils::CreateStringUtf8(env, HttpConstant::HTTP_CERT_TYPE_P12)), + }; + napi_value httpEncCertType = NapiUtils::CreateObject(env); + NapiUtils::DefineProperties(env, httpEncCertType, properties); + NapiUtils::SetNamedProperty(env, exports, INTERFACE_CLIENT_ENC_CERT, httpEncCertType); +} } // namespace OHOS::NetStack::Http diff --git a/frameworks/js/napi/http/options/include/http_request_options.h b/frameworks/js/napi/http/options/include/http_request_options.h index 8e34945fd..874b7a04e 100644 --- a/frameworks/js/napi/http/options/include/http_request_options.h +++ b/frameworks/js/napi/http/options/include/http_request_options.h @@ -82,6 +82,11 @@ struct CertificatePinning { std::string publicKeyHash; }; +enum class SslType { + TLS, + TLCP, +}; + class HttpRequestOptions final { public: HttpRequestOptions(); @@ -256,6 +261,13 @@ public: void SetAddressFamily(std::string addressFamily); [[nodiscard]] std::string GetAddressFamily() const; + + void SetSslType(SslType sslType); + [[nodiscard]] SslType GetSslType() const; + + void SetClientEncCert(std::string &cert, std::string &certType, std::string &key, Secure::SecureChar &keyPasswd); + void GetClientEncCert(std::string &cert, std::string &certType, std::string &key, Secure::SecureChar &keyPasswd); + private: std::string url_; @@ -319,6 +331,12 @@ private: std::string addressFamily_; + SslType sslTypeEnc_; + std::string certEnc_; + std::string certTypeEnc_; + std::string keyEnc_; + Secure::SecureChar keyPasswdEnc_; + TcpConfiguration tcpOption_; }; } // namespace OHOS::NetStack::Http diff --git a/frameworks/js/napi/http/options/src/http_request_options.cpp b/frameworks/js/napi/http/options/src/http_request_options.cpp index 8ae4e473f..81ec6c611 100644 --- a/frameworks/js/napi/http/options/src/http_request_options.cpp +++ b/frameworks/js/napi/http/options/src/http_request_options.cpp @@ -42,7 +42,11 @@ HttpRequestOptions::HttpRequestOptions() usingHttpProxyType_(UsingHttpProxyType::USE_DEFAULT), httpProxyPort_(0), resumeFromNumber_(0), - resumeToNumber_(0) + resumeToNumber_(0), + sslTypeEnc_(SslType::TLS), + certEnc_(""), + certTypeEnc_(""), + keyEnc_("") { } @@ -434,4 +438,33 @@ void HttpRequestOptions::TcpConfiguration::SetTcpUserTimeout(const uint32_t &tim { userTimeout_ = timeout; } + +void HttpRequestOptions::SetSslType(SslType sslType) +{ + sslTypeEnc_ = sslType; +} + +SslType HttpRequestOptions::GetSslType() const +{ + return sslTypeEnc_; +} + +void HttpRequestOptions::SetClientEncCert( + std::string &cert, std::string &certType, std::string &key, Secure::SecureChar &keyPasswd) +{ + certEnc_ = cert; + certTypeEnc_ = certType; + keyEnc_ = key; + keyPasswdEnc_ = keyPasswd; +} + +void HttpRequestOptions::GetClientEncCert( + std::string &cert, std::string &certType, std::string &key, Secure::SecureChar &keyPasswd) +{ + cert = certEnc_; + certType = certTypeEnc_; + key = keyEnc_; + keyPasswd = keyPasswdEnc_; +} + } // namespace OHOS::NetStack::Http \ No newline at end of file diff --git a/frameworks/native/http/http_client/http_client_request.cpp b/frameworks/native/http/http_client/http_client_request.cpp index ab383bea3..0658252ed 100644 --- a/frameworks/native/http/http_client/http_client_request.cpp +++ b/frameworks/native/http/http_client/http_client_request.cpp @@ -39,7 +39,8 @@ HttpClientRequest::HttpClientRequest() proxyType_(HttpProxyType::NOT_USE), priority_(HTTP_DEFAULT_PRIORITY), resumeFrom_(HTTP_DEFAULT_RANGE), - resumeTo_(HTTP_DEFAULT_RANGE) + resumeTo_(HTTP_DEFAULT_RANGE), + sslType_(SslType::TLS) { } @@ -231,6 +232,27 @@ const std::string &HttpClientRequest::GetAddressFamily() const { return addressFamily_; } + +void HttpClientRequest::SetSslType(SslType sslType) +{ + sslType_ = sslType; +} + +const SslType &HttpClientRequest::GetSslType() const +{ + return sslType_; +} + +void HttpClientRequest::SetClientEncCert(const HttpClientCert &clientEncCert) +{ + clientEncCert_ = clientEncCert; +} + +const HttpClientCert &HttpClientRequest::GetClientEncCert() const +{ + return clientEncCert_; +} + } // namespace HttpClient } // namespace NetStack } // namespace OHOS diff --git a/frameworks/native/http/http_client/http_client_task.cpp b/frameworks/native/http/http_client/http_client_task.cpp index 807b899c1..4dabf9d9f 100644 --- a/frameworks/native/http/http_client/http_client_task.cpp +++ b/frameworks/native/http/http_client/http_client_task.cpp @@ -306,7 +306,9 @@ bool HttpClientTask::SetOtherCurlOption(CURL *handle) #ifndef WINDOWS_PLATFORM NETSTACK_CURL_EASY_SET_OPTION(handle, CURLOPT_ACCEPT_ENCODING, ""); #endif - + if (!SetSslTypeAndClientEncCert(curlHandle_)) { + return false; + } return true; } @@ -995,6 +997,34 @@ std::string HttpClientTask::GetRequestHandoverInfo() return requestHandoverInfo; } #endif + +bool HttpClientTask::SetSslTypeAndClientEncCert(CURL *handle) +{ + auto sslType = request_.GetSslType(); + if (sslType != SslType::TLCP) { + return true; + } else { + NETSTACK_CURL_EASY_SET_OPTION(handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLCPv1_1); + if (!request_.GetCaPath().empty()) { + NETSTACK_CURL_EASY_SET_OPTION(handle, CURLOPT_CAINFO, request_.GetCaPath().c_str()); + } + HttpClientCert clientEncCert = request_.GetClientEncCert(); + if (!clientEncCert.certPath.empty()) { + NETSTACK_CURL_EASY_SET_OPTION(handle, CURLOPT_SSLENCCERT, clientEncCert.certPath.c_str()); + } + if (!clientEncCert.keyPath.empty()) { + NETSTACK_CURL_EASY_SET_OPTION(handle, CURLOPT_SSLENCKEY, clientEncCert.keyPath.c_str()); + } + if (!clientEncCert.certType.empty()) { + NETSTACK_CURL_EASY_SET_OPTION(handle, CURLOPT_SSLCERTTYPE, clientEncCert.certType.c_str()); + } + if (clientEncCert.keyPassword.length() > 0) { + NETSTACK_CURL_EASY_SET_OPTION(handle, CURLOPT_KEYPASSWD, clientEncCert.keyPassword.c_str()); + } + } + return true; +} + } // namespace HttpClient } // namespace NetStack } // namespace OHOS diff --git a/interfaces/innerkits/http_client/include/http_client_request.h b/interfaces/innerkits/http_client/include/http_client_request.h index dc094e19d..43e480663 100644 --- a/interfaces/innerkits/http_client/include/http_client_request.h +++ b/interfaces/innerkits/http_client/include/http_client_request.h @@ -55,6 +55,11 @@ struct HttpClientCert { std::string keyPassword; }; +enum SslType { + TLS, + TLCP +}; + class HttpClientRequest { public: /** @@ -269,6 +274,30 @@ public: * @return The request time. */ const std::string &GetRequestTime() const; + + /** + * Set the sslType for the HTTP request. + * @param sslType The sslType value to be set. + */ + void SetSslType(SslType sslType); + + /** + * Retrieves the request time from the object. + * @return The SslType of the request. + */ + const SslType &GetSslType() const; + + /** + * Set the clientEncCert for the HTTP request. + * @param clientEncCert The clientEncCert value to be set. + */ + void SetClientEncCert(const HttpClientCert &clientEncCert); + + /** + * Get the clientEncCert for the HTTP request. + * @param clientEncCert The clientEncCert value to be set. + */ + [[nodiscard]] const HttpClientCert &GetClientEncCert() const; private: std::string url_; @@ -287,6 +316,8 @@ private: int64_t resumeTo_; HttpClientCert clientCert_; std::string addressFamily_; + SslType sslType_; + HttpClientCert clientEncCert_; }; } // namespace HttpClient } // namespace NetStack diff --git a/interfaces/innerkits/http_client/include/http_client_task.h b/interfaces/innerkits/http_client/include/http_client_task.h index 9e359de05..797c33c0a 100644 --- a/interfaces/innerkits/http_client/include/http_client_task.h +++ b/interfaces/innerkits/http_client/include/http_client_task.h @@ -402,6 +402,12 @@ private: */ AddressFamily ConvertSaFamily(int saFamily); + /** + * Sets the ssl type and client encryption certificate for the HTTP request. + * @return Returns true if the set options are set successfully, false otherwise. + */ + bool SetSslTypeAndClientEncCert(CURL *handle); + std::function onSucceeded_; std::function onCanceled_; std::function(); + OHOS::NetStack::Http::RequestContext context(env, manager); + + context.options.SetSslType(SslType::TLS); + EXPECT_TRUE(HttpExec::SetSslTypeAndClientEncCert(handle.get(), &context)); +} + +HWTEST_F(HttpExecTest, SetSslTypeAndClientEncCert002, TestSize.Level1) +{ + unique_CURL handle(curl_easy_init()); + + napi_env env = nullptr; + auto manager = std::make_shared(); + OHOS::NetStack::Http::RequestContext context(env, manager); + + context.options.SetSslType(SslType::TLCP); + EXPECT_FALSE(HttpExec::SetSslTypeAndClientEncCert(handle.get(), &context)); +} + } // namespace \ No newline at end of file diff --git a/test/unittest/http/HttpRequestOptionsTest.cpp b/test/unittest/http/HttpRequestOptionsTest.cpp index 1d993fae0..3229df9b8 100644 --- a/test/unittest/http/HttpRequestOptionsTest.cpp +++ b/test/unittest/http/HttpRequestOptionsTest.cpp @@ -365,4 +365,79 @@ HWTEST_F(HttpRequestOptionsTest, TlvEncodeDecodeTest001, TestSize.Level1) EXPECT_EQ(msg.responseStatusCode_, result.responseStatusCode_); EXPECT_EQ(msg.responseHttpVersion_, result.responseHttpVersion_); } + +HWTEST_F(HttpRequestOptionsTest, SetSslTypeTest001, TestSize.Level1) +{ + HttpRequestOptions req; + + req.SetSslType(SslType::TLS); + SslType sslType = req.GetSslType(); + EXPECT_EQ(sslType, SslType::TLS); +} + +HWTEST_F(HttpRequestOptionsTest, SetSslTypeTest002, TestSize.Level1) +{ + HttpRequestOptions req; + + req.SetSslType(SslType::TLCP); + SslType sslType = req.GetSslType(); + EXPECT_EQ(sslType, SslType::TLCP); +} + +HWTEST_F(HttpRequestOptionsTest, GetClientEncCertTest001, TestSize.Level1) +{ + HttpRequestOptions req; + + std::string certEnc_ = ""; + std::string certTypeEnc_ = ""; + std::string keyEnc_ = ""; + Secure::SecureChar keyPasswdEnc_ ; + req.GetClientEncCert(certEnc_, certTypeEnc_, keyEnc_, keyPasswdEnc_); + EXPECT_EQ(certEnc_, ""); + EXPECT_EQ(certTypeEnc_, ""); + EXPECT_EQ(keyEnc_, ""); + EXPECT_EQ(keyPasswdEnc_.Length(), 0); +} + +HWTEST_F(HttpRequestOptionsTest, SetClientEncCertTest001, TestSize.Level1) +{ + HttpRequestOptions req; + + std::string certEnc = "/path/to/client.pem"; + std::string certTypeEnc = "PEM"; + std::string keyEnc = "/path/to/client.key"; + Secure::SecureChar keyPasswdEnc("passwordToKey"); + req.SetClientEncCert(certEnc, certTypeEnc, keyEnc, keyPasswdEnc); + + std::string certEnc_ = ""; + std::string certTypeEnc_ = ""; + std::string keyEnc_ = ""; + Secure::SecureChar keyPasswdEnc_ ; + req.GetClientEncCert(certEnc_, certTypeEnc_, keyEnc_, keyPasswdEnc_); + EXPECT_EQ(certEnc_, "/path/to/client.pem"); + EXPECT_EQ(certTypeEnc_, "PEM"); + EXPECT_EQ(keyEnc_, "/path/to/client.key"); + EXPECT_EQ(strcmp(keyPasswdEnc_.Data(), keyPasswdEnc.Data()), 0); +} + +HWTEST_F(HttpRequestOptionsTest, SetClientEncCertTest002, TestSize.Level1) +{ + HttpRequestOptions req; + + std::string certEnc = ""; + std::string certTypeEnc = ""; + std::string keyEnc = ""; + Secure::SecureChar keyPasswdEnc; + req.SetClientEncCert(certEnc, certTypeEnc, keyEnc, keyPasswdEnc); + + std::string certEnc_ = ""; + std::string certTypeEnc_ = ""; + std::string keyEnc_ = ""; + Secure::SecureChar keyPasswdEnc_ ; + req.GetClientEncCert(certEnc_, certTypeEnc_, keyEnc_, keyPasswdEnc_); + EXPECT_EQ(certEnc_, ""); + EXPECT_EQ(certTypeEnc_, ""); + EXPECT_EQ(keyEnc_, ""); + EXPECT_EQ(keyPasswdEnc_.Length(), 0); +} } // namespace \ No newline at end of file diff --git a/test/unittest/http_client/HttpClientRequestTest.cpp b/test/unittest/http_client/HttpClientRequestTest.cpp index ac7400b3e..cfd584eef 100644 --- a/test/unittest/http_client/HttpClientRequestTest.cpp +++ b/test/unittest/http_client/HttpClientRequestTest.cpp @@ -411,4 +411,64 @@ HWTEST_F(HttpClientRequestTest, SetClientCertTest002, TestSize.Level1) HttpClientCert client = req.GetClientCert(); EXPECT_EQ(client.keyPassword, ""); } + +HWTEST_F(HttpClientRequestTest, SetSslTypeTest001, TestSize.Level1) +{ + HttpClientRequest req; + + req.SetSslType(SslType::TLS); + SslType sslType = req.GetSslType(); + EXPECT_EQ(sslType, SslType::TLS); +} + +HWTEST_F(HttpClientRequestTest, SetSslTypeTest002, TestSize.Level1) +{ + HttpClientRequest req; + + req.SetSslType(SslType::TLCP); + SslType sslType = req.GetSslType(); + EXPECT_EQ(sslType, SslType::TLCP); +} + +HWTEST_F(HttpClientRequestTest, GetClientEncCertTest001, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert clientEncCert = req.GetClientEncCert(); + EXPECT_EQ(clientEncCert.certPath, ""); + EXPECT_EQ(clientEncCert.certType, ""); + EXPECT_EQ(clientEncCert.keyPath, ""); + EXPECT_EQ(clientEncCert.keyPassword, ""); +} + +HWTEST_F(HttpClientRequestTest, SetClientEncCertTest001, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert clientCert; + clientCert.certPath = "/path/to/client.pem"; + clientCert.certType = "PEM"; + clientCert.keyPath = "/path/to/client.key"; + clientCert.keyPassword = "passwordToKey"; + req.SetClientEncCert(clientCert); + HttpClientCert client = req.GetClientEncCert(); + EXPECT_EQ(client.certPath, "/path/to/client.pem"); + EXPECT_EQ(client.certType, "PEM"); + EXPECT_EQ(client.keyPath, "/path/to/client.key"); + EXPECT_EQ(client.keyPassword, "passwordToKey"); +} + +HWTEST_F(HttpClientRequestTest, SetClientEncCertTest002, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert clientCert; + clientCert.certPath = "/path/to/client.pem"; + req.SetClientEncCert(clientCert); + HttpClientCert client = req.GetClientEncCert(); + EXPECT_EQ(client.certPath, "/path/to/client.pem"); + EXPECT_EQ(client.certType, ""); + EXPECT_EQ(client.keyPath, ""); + EXPECT_EQ(client.keyPassword, ""); +} } // namespace diff --git a/test/unittest/http_client/HttpClientTaskTest.cpp b/test/unittest/http_client/HttpClientTaskTest.cpp index ee98440dc..ba6671562 100644 --- a/test/unittest/http_client/HttpClientTaskTest.cpp +++ b/test/unittest/http_client/HttpClientTaskTest.cpp @@ -1376,4 +1376,30 @@ HWTEST_F(HttpClientTaskTest, HandoverInfoTest, TestSize.Level1) handoverInfo = task->GetRequestHandoverInfo(); EXPECT_TRUE(task->Start()); } + +HWTEST_F(HttpClientTaskTest, SetSslTypeAndClientEncCertTest001, TestSize.Level1) +{ + HttpClientRequest httpReq; + std::string url = "https://www.baidu.com"; + httpReq.SetURL(url); + httpReq.SetSslType(SslType::TLS); + HttpSession &session = HttpSession::GetInstance(); + auto task = session.CreateTask(httpReq); + + bool result = task->SetSslTypeAndClientEncCert(task->curlHandle_); + EXPECT_TRUE(result); +} + +HWTEST_F(HttpClientTaskTest, SetSslTypeAndClientEncCertTest002, TestSize.Level1) +{ + HttpClientRequest httpReq; + std::string url = "https://www.baidu.com"; + httpReq.SetURL(url); + httpReq.SetSslType(SslType::TLCP); + HttpSession &session = HttpSession::GetInstance(); + auto task = session.CreateTask(httpReq); + + bool result = task->SetSslTypeAndClientEncCert(task->curlHandle_); + EXPECT_TRUE(result); +} } // namespace diff --git a/test/unittest/http_client_test/HttpClientRequestTest.cpp b/test/unittest/http_client_test/HttpClientRequestTest.cpp index 6ef727259..04c17d2ce 100644 --- a/test/unittest/http_client_test/HttpClientRequestTest.cpp +++ b/test/unittest/http_client_test/HttpClientRequestTest.cpp @@ -292,4 +292,65 @@ HWTEST_F(HttpClientRequestTest, MethodForPostTest002, TestSize.Level1) EXPECT_EQ(method, true); } +HWTEST_F(HttpClientRequestTest, SetSslTypeTest001, TestSize.Level1) +{ + HttpClientRequest req; + + req.SetSslType(SslType::TLS); + SslType sslType = req.GetSslType(); + EXPECT_EQ(sslType, SslType::TLS); +} + +HWTEST_F(HttpClientRequestTest, SetSslTypeTest002, TestSize.Level1) +{ + HttpClientRequest req; + + req.SetSslType(SslType::TLCP); + SslType sslType = req.GetSslType(); + EXPECT_EQ(sslType, SslType::TLCP); +} + +HWTEST_F(HttpClientRequestTest, GetClientEncCertTest001, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert clientEncCert = req.GetClientEncCert(); + EXPECT_EQ(clientEncCert.certPath, ""); + EXPECT_EQ(clientEncCert.certType, ""); + EXPECT_EQ(clientEncCert.keyPath, ""); + EXPECT_EQ(clientEncCert.keyPassword, ""); +} + +HWTEST_F(HttpClientRequestTest, SetClientEncCertTest001, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert clientEncCert; + clientEncCert.certPath = "/path/to/client.pem"; + clientEncCert.certType = "PEM"; + clientEncCert.keyPath = "/path/to/client.key"; + clientEncCert.keyPassword = "passwordToKey"; + req.SetClientEncCert(clientEncCert); + + HttpClientCert clientEnc =req.GetClientEncCert(); + EXPECT_EQ(clientEnc.certPath, "/path/to/client.pem"); + EXPECT_EQ(clientEnc.certType, "PEM"); + EXPECT_EQ(clientEnc.keyPath, "/path/to/client.key"); + EXPECT_EQ(clientEnc.keyPassword, "passwordToKey"); +} + +HWTEST_F(HttpClientRequestTest, SetClientEncCertTest002, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert clientEncCert; + clientEncCert.certPath = "/path/to/client.pem"; + req.SetClientEncCert(clientEncCert); + + HttpClientCert clientEnc = req.GetClientEncCert(); + EXPECT_EQ(clientEnc.certPath, "/path/to/client.pem"); + EXPECT_EQ(clientEnc.certType, ""); + EXPECT_EQ(clientEnc.keyPath, ""); + EXPECT_EQ(clientEnc.keyPassword, ""); +} } // namespace diff --git a/test/unittest/http_client_test/HttpClientTaskTest.cpp b/test/unittest/http_client_test/HttpClientTaskTest.cpp index 287651bfc..8d985ba0d 100644 --- a/test/unittest/http_client_test/HttpClientTaskTest.cpp +++ b/test/unittest/http_client_test/HttpClientTaskTest.cpp @@ -920,4 +920,30 @@ HWTEST_F(HttpClientTaskTest, ProcessErrorTest001, TestSize.Level1) EXPECT_NE(error.GetErrorCode(), 0); EXPECT_FALSE(error.GetErrorMessage().empty()); } + +HWTEST_F(HttpClientTaskTest, SetSslTypeAndClientEncCertTest001, TestSize.Level1) +{ + HttpClientRequest httpReq; + std::string url = "https://www.baidu.com"; + httpReq.SetURL(url); + httpReq.SetSslType(SslType::TLS); + HttpSession &session = HttpSession::GetInstance(); + auto task = session.CreateTask(httpReq); + + bool result = task->SetSslTypeAndClientEncCert(task->curlHandle_); + EXPECT_TRUE(result); +} + +HWTEST_F(HttpClientTaskTest, SetSslTypeAndClientEncCertTest002, TestSize.Level1) +{ + HttpClientRequest httpReq; + std::string url = "https://www.baidu.com"; + httpReq.SetURL(url); + httpReq.SetSslType(SslType::TLCP); + HttpSession &session = HttpSession::GetInstance(); + auto task = session.CreateTask(httpReq); + + bool result = task->SetSslTypeAndClientEncCert(task->curlHandle_); + EXPECT_TRUE(result); +} } // namespace diff --git a/test/unittest/http_test/HttpClientRequestTest.cpp b/test/unittest/http_test/HttpClientRequestTest.cpp index 4a255af10..3e7929d6c 100644 --- a/test/unittest/http_test/HttpClientRequestTest.cpp +++ b/test/unittest/http_test/HttpClientRequestTest.cpp @@ -292,4 +292,65 @@ HWTEST_F(HttpClientRequestTest, MethodForPostTest002, TestSize.Level1) EXPECT_EQ(method, true); } +HWTEST_F(HttpClientRequestTest, SetSslTypeTest001, TestSize.Level1) +{ + HttpClientRequest req; + + req.SetSslType(SslType::TLS); + SslType sslType = req.GetSslType(); + EXPECT_EQ(sslType, SslType::TLS); +} + +HWTEST_F(HttpClientRequestTest, SetSslTypeTest002, TestSize.Level1) +{ + HttpClientRequest req; + + req.SetSslType(SslType::TLCP); + SslType sslType = req.GetSslType(); + EXPECT_EQ(sslType, SslType::TLCP); +} + +HWTEST_F(HttpClientRequestTest, GetClientEncCertTest001, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert clientEncCert = req.GetClientEncCert(); + EXPECT_EQ(clientEncCert.certPath, ""); + EXPECT_EQ(clientEncCert.certType, ""); + EXPECT_EQ(clientEncCert.keyPath, ""); + EXPECT_EQ(clientEncCert.keyPassword.length(), 0); +} + +HWTEST_F(HttpClientRequestTest, SetClientEncCertTest001, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert client; + client.certPath = "/path/to/client.pem"; + req.SetClientEncCert(client); + + HttpClientCert clientRes = req.GetClientEncCert(); + EXPECT_EQ(clientRes.certPath, "/path/to/client.pem"); + EXPECT_EQ(clientRes.certType, ""); + EXPECT_EQ(clientRes.keyPath, ""); + EXPECT_EQ(clientRes.keyPassword.length(), 0); +} + +HWTEST_F(HttpClientRequestTest, SetClientEncCertTest002, TestSize.Level1) +{ + HttpClientRequest req; + + HttpClientCert client; + client.certPath = "/path/to/client.pem"; + client.certType = "PEM"; + client.keyPath = "/path/to/client.key"; + client.keyPassword = "password"; + req.SetClientEncCert(client); + + HttpClientCert clientRes = req.GetClientEncCert(); + EXPECT_EQ(clientRes.certPath, "/path/to/client.pem"); + EXPECT_EQ(clientRes.certType, "PEM"); + EXPECT_EQ(clientRes.keyPath, "/path/to/client.key"); + EXPECT_EQ(clientRes.keyPassword, "password"); +} } // namespace -- Gitee