1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "co_auth_client_fuzzer.h"
17
18 #include "parcel.h"
19
20 #include "co_auth_client.h"
21 #include "executor_callback_service.h"
22 #include "executor_messenger_client.h"
23 #include "iam_fuzz_test.h"
24 #include "iam_logger.h"
25 #include "iam_ptr.h"
26
27 #define LOG_LABEL OHOS::UserIam::Common::LABEL_USER_AUTH_SDK
28
29 namespace OHOS {
30 namespace UserIam {
31 namespace UserAuth {
32 namespace {
33 class DummyExecutorRegisterCallback final : public ExecutorRegisterCallback {
34 public:
OnMessengerReady(const std::shared_ptr<ExecutorMessenger> & messenger,const std::vector<uint8_t> & publicKey,const std::vector<uint64_t> & templateIds)35 void OnMessengerReady(const std::shared_ptr<ExecutorMessenger> &messenger,
36 const std::vector<uint8_t> &publicKey, const std::vector<uint64_t> &templateIds)
37 {
38 IAM_LOGI("start");
39 static_cast<void>(messenger);
40 static_cast<void>(publicKey);
41 static_cast<void>(templateIds);
42 }
43
OnBeginExecute(uint64_t scheduleId,const std::vector<uint8_t> & publicKey,const Attributes & commandAttrs)44 int32_t OnBeginExecute(uint64_t scheduleId, const std::vector<uint8_t> &publicKey,
45 const Attributes &commandAttrs)
46 {
47 IAM_LOGI("start");
48 static_cast<void>(scheduleId);
49 static_cast<void>(publicKey);
50 static_cast<void>(commandAttrs);
51 return SUCCESS;
52 }
53
OnEndExecute(uint64_t scheduleId,const Attributes & commandAttrs)54 int32_t OnEndExecute(uint64_t scheduleId, const Attributes &commandAttrs)
55 {
56 IAM_LOGI("start");
57 static_cast<void>(scheduleId);
58 static_cast<void>(commandAttrs);
59 return SUCCESS;
60 }
61
OnSetProperty(const Attributes & properties)62 int32_t OnSetProperty(const Attributes &properties)
63 {
64 IAM_LOGI("start");
65 static_cast<void>(properties);
66 return SUCCESS;
67 }
68
OnGetProperty(const Attributes & conditions,Attributes & results)69 int32_t OnGetProperty(const Attributes &conditions, Attributes &results)
70 {
71 IAM_LOGI("start");
72 static_cast<void>(conditions);
73 static_cast<void>(results);
74 return SUCCESS;
75 }
76 };
77
78 class DummyExecutorMessengerInterface final : public ExecutorMessengerInterface {
79 public:
SendData(uint64_t scheduleId,uint64_t transNum,ExecutorRole srcRole,ExecutorRole dstRole,const std::vector<uint8_t> & msg)80 int32_t SendData(uint64_t scheduleId, uint64_t transNum, ExecutorRole srcRole, ExecutorRole dstRole,
81 const std::vector<uint8_t> &msg) override
82 {
83 IAM_LOGI("start");
84 static_cast<void>(scheduleId);
85 static_cast<void>(transNum);
86 static_cast<void>(srcRole);
87 static_cast<void>(dstRole);
88 static_cast<void>(msg);
89 return SUCCESS;
90 }
91
Finish(uint64_t scheduleId,ExecutorRole srcRole,ResultCode resultCode,const std::shared_ptr<Attributes> & finalResult)92 int32_t Finish(uint64_t scheduleId, ExecutorRole srcRole, ResultCode resultCode,
93 const std::shared_ptr<Attributes> &finalResult) override
94 {
95 IAM_LOGI("start");
96 static_cast<void>(scheduleId);
97 static_cast<void>(srcRole);
98 static_cast<void>(resultCode);
99 static_cast<void>(finalResult);
100 return SUCCESS;
101 }
102
AsObject()103 sptr<IRemoteObject> AsObject() override
104 {
105 return nullptr;
106 }
107 };
108
FillExecutorInfo(Parcel & parcel,ExecutorInfo & info)109 void FillExecutorInfo(Parcel &parcel, ExecutorInfo &info)
110 {
111 info.authType = static_cast<AuthType>(parcel.ReadInt32());
112 info.executorRole = static_cast<ExecutorRole>(parcel.ReadInt32());
113 info.executorMatcher = parcel.ReadUint32();
114 info.executorSensorHint = parcel.ReadUint32();
115 info.esl = static_cast<ExecutorSecureLevel>(parcel.ReadInt32());
116 Common::FillFuzzUint8Vector(parcel, info.publicKey);
117 }
118
FuzzCoAuthClientRegister(Parcel & parcel)119 void FuzzCoAuthClientRegister(Parcel &parcel)
120 {
121 IAM_LOGI("start");
122 ExecutorInfo info = {};
123 FillExecutorInfo(parcel, info);
124 auto callback = Common::MakeShared<DummyExecutorRegisterCallback>();
125 CoAuthClient::GetInstance().Register(info, callback);
126 IAM_LOGI("end");
127 }
128
FuzzCoAuthClientUnregister(Parcel & parcel)129 void FuzzCoAuthClientUnregister(Parcel &parcel)
130 {
131 IAM_LOGI("start");
132 ExecutorInfo info = {};
133 FillExecutorInfo(parcel, info);
134 CoAuthClient::GetInstance().Unregister(info);
135 IAM_LOGI("end");
136 }
137
138 auto g_ExecutorCallbackService =
139 Common::MakeShared<ExecutorCallbackService>(Common::MakeShared<DummyExecutorRegisterCallback>());
140
141 auto g_ExecutorMessengerClient =
142 Common::MakeShared<ExecutorMessengerClient>(new DummyExecutorMessengerInterface());
143
FuzzExecutorCallbackServiceOnMessengerReady(Parcel & parcel)144 void FuzzExecutorCallbackServiceOnMessengerReady(Parcel &parcel)
145 {
146 IAM_LOGI("start");
147 sptr<ExecutorMessengerInterface> messenger = new DummyExecutorMessengerInterface();
148 std::vector<uint8_t> publicKey;
149 Common::FillFuzzUint8Vector(parcel, publicKey);
150 std::vector<uint64_t> templateIdList;
151 Common::FillFuzzUint64Vector(parcel, templateIdList);
152 if (g_ExecutorCallbackService != nullptr) {
153 g_ExecutorCallbackService->OnMessengerReady(messenger, publicKey, templateIdList);
154 }
155 IAM_LOGI("end");
156 }
157
FuzzExecutorCallbackServiceOnBeginExecute(Parcel & parcel)158 void FuzzExecutorCallbackServiceOnBeginExecute(Parcel &parcel)
159 {
160 IAM_LOGI("start");
161 uint64_t scheduleId = parcel.ReadUint64();
162 std::vector<uint8_t> publicKey;
163 Common::FillFuzzUint8Vector(parcel, publicKey);
164 std::vector<uint8_t> attr;
165 Common::FillFuzzUint8Vector(parcel, attr);
166 Attributes command(attr);
167 if (g_ExecutorCallbackService != nullptr) {
168 g_ExecutorCallbackService->OnBeginExecute(scheduleId, publicKey, command);
169 }
170 IAM_LOGI("end");
171 }
172
FuzzExecutorCallbackServiceOnEndExecute(Parcel & parcel)173 void FuzzExecutorCallbackServiceOnEndExecute(Parcel &parcel)
174 {
175 IAM_LOGI("start");
176 uint64_t scheduleId = parcel.ReadUint64();
177 std::vector<uint8_t> attr;
178 Common::FillFuzzUint8Vector(parcel, attr);
179 Attributes command(attr);
180 if (g_ExecutorCallbackService != nullptr) {
181 g_ExecutorCallbackService->OnEndExecute(scheduleId, command);
182 }
183 IAM_LOGI("end");
184 }
185
FuzzExecutorCallbackServiceOnSetProperty(Parcel & parcel)186 void FuzzExecutorCallbackServiceOnSetProperty(Parcel &parcel)
187 {
188 IAM_LOGI("start");
189 std::vector<uint8_t> attr;
190 Common::FillFuzzUint8Vector(parcel, attr);
191 Attributes properties(attr);
192 if (g_ExecutorCallbackService != nullptr) {
193 g_ExecutorCallbackService->OnSetProperty(properties);
194 }
195 IAM_LOGI("end");
196 }
197
FuzzExecutorCallbackServiceOnGetProperty(Parcel & parcel)198 void FuzzExecutorCallbackServiceOnGetProperty(Parcel &parcel)
199 {
200 IAM_LOGI("start");
201 std::vector<uint8_t> attr;
202 Common::FillFuzzUint8Vector(parcel, attr);
203 Attributes condition(attr);
204 Attributes values;
205 if (g_ExecutorCallbackService != nullptr) {
206 g_ExecutorCallbackService->OnGetProperty(condition, values);
207 }
208 IAM_LOGI("end");
209 }
210
FuzzExecutorMessengerClientSendData(Parcel & parcel)211 void FuzzExecutorMessengerClientSendData(Parcel &parcel)
212 {
213 IAM_LOGI("start");
214 uint64_t scheduleId = parcel.ReadUint64();
215 uint64_t transNum = parcel.ReadUint64();
216 auto srcRole = static_cast<ExecutorRole>(parcel.ReadInt32());
217 auto dstRole = static_cast<ExecutorRole>(parcel.ReadInt32());
218 std::vector<uint8_t> testMessage;
219 Common::FillFuzzUint8Vector(parcel, testMessage);
220 auto msg = AuthMessage::As(testMessage);
221 if (g_ExecutorMessengerClient != nullptr) {
222 g_ExecutorMessengerClient->SendData(scheduleId, transNum, srcRole, dstRole, msg);
223 }
224 IAM_LOGI("end");
225 }
226
FuzzExecutorMessengerClientFinish(Parcel & parcel)227 void FuzzExecutorMessengerClientFinish(Parcel &parcel)
228 {
229 IAM_LOGI("start");
230 uint64_t scheduleId = parcel.ReadUint64();
231 auto srcRole = static_cast<ExecutorRole>(parcel.ReadInt32());
232 int32_t resultCode = parcel.ReadInt32();
233 std::vector<uint8_t> attr;
234 Common::FillFuzzUint8Vector(parcel, attr);
235 Attributes finalResult(attr);
236 if (g_ExecutorMessengerClient != nullptr) {
237 g_ExecutorMessengerClient->Finish(scheduleId, srcRole, resultCode, finalResult);
238 }
239 IAM_LOGI("end");
240 }
241
242 using FuzzFunc = decltype(FuzzCoAuthClientRegister);
243 FuzzFunc *g_fuzzFuncs[] = {
244 FuzzCoAuthClientRegister,
245 FuzzCoAuthClientUnregister,
246 FuzzExecutorCallbackServiceOnMessengerReady,
247 FuzzExecutorCallbackServiceOnBeginExecute,
248 FuzzExecutorCallbackServiceOnEndExecute,
249 FuzzExecutorCallbackServiceOnSetProperty,
250 FuzzExecutorCallbackServiceOnGetProperty,
251 FuzzExecutorMessengerClientSendData,
252 FuzzExecutorMessengerClientFinish,
253 };
254
CoAuthClientFuzzTest(const uint8_t * data,size_t size)255 void CoAuthClientFuzzTest(const uint8_t *data, size_t size)
256 {
257 Parcel parcel;
258 parcel.WriteBuffer(data, size);
259 parcel.RewindRead(0);
260 uint32_t index = parcel.ReadUint32() % (sizeof(g_fuzzFuncs) / sizeof(FuzzFunc *));
261 auto fuzzFunc = g_fuzzFuncs[index];
262 fuzzFunc(parcel);
263 return;
264 }
265 } // namespace
266 } // namespace UserAuth
267 } // namespace UserIam
268 } // namespace OHOS
269
270 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)271 extern "C" int32_t LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
272 {
273 OHOS::UserIam::UserAuth::CoAuthClientFuzzTest(data, size);
274 return 0;
275 }
276