1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <cstddef>
17 #include <cstdint>
18 #include <cstdio>
19 #include <memory>
20 #include <unistd.h>
21
22 #include "sign_tool_service_impl.h"
23 #include "options.h"
24 #include "sign_provider.h"
25 #include "local_sign_provider.h"
26 #include "hap_signer_block_utils.h"
27 #include "remote_sign_provider.h"
28 #include "verify_hap.h"
29
30 namespace OHOS {
31 namespace SignatureTools {
HapSignTest001(const uint8_t * data,size_t size)32 bool HapSignTest001(const uint8_t* data, size_t size)
33 {
34 if (!data || !size) {
35 return true;
36 }
37 std::shared_ptr<Options> params = std::make_shared<Options>();
38
39 std::string mode = "localSign";
40 std::string keyAlias = "oh-app1-key-v1";
41 std::string signAlg = "SHA256w";
42 std::string signCode = "0";
43 std::string appCertFile = "./hapSign/app-release1.pem";
44 std::string profileFile = "./hapSign/signed-profile.p7b";
45 std::string inFile = "./hapSign/unsigned_with_cd_and_eocd.hap";
46 std::string keystoreFile = "./hapSign/ohtest.p12";
47 std::string outFile = "./hapSign/phone-default-signed.hap";
48 char keyPwd[] = "123456";
49 char keystorePwd[] = "123456";
50
51 (*params)["mode"] = mode;
52 (*params)["keyAlias"] = keyAlias;
53 (*params)["signAlg"] = signAlg;
54 (*params)["signCode"] = signCode;
55 (*params)["appCertFile"] = appCertFile;
56 (*params)["profileFile"] = profileFile;
57 (*params)["inFile"] = inFile;
58 (*params)["keystoreFile"] = keystoreFile;
59 (*params)["outFile"] = outFile;
60 (*params)["keyPwd"] = keyPwd;
61 (*params)["keystorePwd"] = keystorePwd;
62
63 SignerConfig signerConfig;
64 signerConfig.SetOptions(params.get());
65 signerConfig.GetOptions();
66
67 signerConfig.SetCertificates(nullptr);
68 signerConfig.GetCertificates();
69
70 STACK_OF(X509_CRL)* crls = sk_X509_CRL_new_null();
71 signerConfig.SetX509CRLs(crls);
72 signerConfig.GetX509CRLs();
73
74 signerConfig.GetSignParamMap();
75 return true;
76 }
77
HapSignTest002(const uint8_t * data,size_t size)78 bool HapSignTest002(const uint8_t* data, size_t size)
79 {
80 if (!data || !size) {
81 return true;
82 }
83
84 SignatureAlgorithmHelper::FindById(SignatureAlgorithmId::ECDSA_WITH_SHA256);
85 SignatureAlgorithmHelper::FindById(SignatureAlgorithmId::ECDSA_WITH_SHA384);
86 SignatureAlgorithmHelper::FindById(SignatureAlgorithmId::DSA_WITH_SHA256);
87
88 ContentDigestAlgorithm alg_tmp;
89 alg_tmp.GetDigestOutputByteSize();
90 DigestParameter digestParam;
91 DigestParameter digestParam1;
92 DigestParameter digestParam2(digestParam);
93 digestParam = digestParam1;
94 digestParam2 = digestParam;
95 return true;
96 }
97
HapSignTest003(const uint8_t * data,size_t size)98 bool HapSignTest003(const uint8_t* data, size_t size)
99 {
100 if (!data || !size) {
101 return true;
102 }
103 SIGNATURE_TOOLS_LOGI("hello world !!!");
104 std::unique_ptr<RemoteSignProvider> signProvider = std::make_unique<RemoteSignProvider>();
105
106 X509* cert = X509_new();
107 X509* cert1 = X509_new();
108 X509_REQ* issuerReq = X509_REQ_new();
109 std::string issuername = "C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN=Application Signature Service CA";
110 X509_NAME* issName = BuildDN(issuername, issuerReq);
111 CertTools::SetCertIssuerName(cert, issName);
112 CertTools::SetCertIssuerName(cert1, issName);
113
114 std::string subjectname = "C=CN,O=OpenHarmony,OU=OpenHarmony Community,CN=Application Signature Service CA";
115 X509_NAME* subName = BuildDN(subjectname, issuerReq);
116 X509_set_subject_name(cert, subName);
117 X509_set_subject_name(cert1, subName);
118 KeyStoreHelper stroe;
119 EVP_PKEY* key1 = stroe.GenerateKeyPair("ECC", 256);
120 EVP_PKEY* key2 = stroe.GenerateKeyPair("ECC", 256);
121
122 X509_set_pubkey(cert, key1);
123 X509_set_pubkey(cert1, key2);
124
125 signProvider->CheckInputCertMatchWithProfile(cert1, cert);
126 X509_free(cert);
127 X509_free(cert1);
128 X509_REQ_free(issuerReq);
129 EVP_PKEY_free(key1);
130 EVP_PKEY_free(key2);
131 return true;
132 }
HapSignTest004(const uint8_t * data,size_t size)133 bool HapSignTest004(const uint8_t* data, size_t size)
134 {
135 if (!data || !size) {
136 return true;
137 }
138
139 std::unique_ptr<SignProvider> signProvider = std::make_unique<LocalSignProvider>();
140 std::shared_ptr<Options> params = std::make_shared<Options>();
141
142 std::string mode = "localSign";
143 std::string keyAlias = "oh-app1-key-v1";
144 std::string signAlg = "SHA256withECDSA";
145 std::string signCode = "1";
146 std::string appCertFile = "./hapSign/app-release1.pem";
147 std::string profileFile = "./hapSign/signed-profile.p7b";
148 std::string profileSigned = "1";
149 std::string inFile = "./hapSign/phone-default-unsigned";
150 std::string keystoreFile = "./hapSign/ohtest.p12";
151 std::string outFile = "./hapSign/phone-default-signed.hap";
152 char keyPwd[] = "123456";
153 char keystorePwd[] = "123456";
154
155 (*params)["mode"] = mode;
156 (*params)["keyAlias"] = keyAlias;
157 (*params)["signAlg"] = signAlg;
158 (*params)["signCode"] = signCode;
159 (*params)["appCertFile"] = appCertFile;
160 (*params)["profileFile"] = profileFile;
161 (*params)["profileSigned"] = profileSigned;
162 (*params)["inFile"] = inFile;
163 (*params)["keystoreFile"] = keystoreFile;
164 (*params)["outFile"] = outFile;
165 (*params)["keyPwd"] = keyPwd;
166 (*params)["keystorePwd"] = keystorePwd;
167 signProvider->CheckInputCertMatchWithProfile(nullptr, nullptr);
168 signProvider->GetCrl();
169 bool ret = signProvider->Sign(params.get());
170 return ret;
171 }
172
HapSignTest005(const uint8_t * data,size_t size)173 bool HapSignTest005(const uint8_t* data, size_t size)
174 {
175 if (!data || !size) {
176 return true;
177 }
178 int capacity = 120;
179 std::vector<OptionalBlock> option;
180 OptionalBlock testblock;
181 testblock.optionalType = PROPERTY_BLOB;
182 testblock.optionalBlockValue.SetCapacity(capacity);
183 option.push_back(testblock);
184 return true;
185 }
186
HapSignTest006(const uint8_t * data,size_t size)187 bool HapSignTest006(const uint8_t* data, size_t size)
188 {
189 if (!data || !size) {
190 return true;
191 }
192 std::unique_ptr<RemoteSignProvider> signProvider = std::make_unique<RemoteSignProvider>();
193 std::shared_ptr<Options> params = std::make_shared<Options>();
194
195 std::string mode = "remoteSign";
196 std::string keyAlias = "oh-app1-key-v1";
197 std::string signAlg = "SHA256withECDSA";
198 std::string signCode = "1";
199 std::string profileFile = "./hapSign/signed-profile.p7b";
200 std::string inFile = "./hapSign/phone-default-unsigned.hap";
201 std::string outFile = "./hapSign/phone-default-signed.hap";
202 std::string onlineAuthMode = "/mnt/d/testcpuls/OpenHarmony.p12";
203 std::string compatibleVersion = "8";
204 std::string signerPlugin = "/mnt/d/libRemoteSigner.so";
205 std::string signServer = "/mnt/d/testcpuls/app-release1.pem";
206 std::string username = "test";
207 char userPwd[] = "123456";
208
209 (*params)["mode"] = mode;
210 (*params)["keyAlias"] = keyAlias;
211 (*params)["signAlg"] = signAlg;
212 (*params)["signCode"] = signCode;
213 (*params)["profileFile"] = profileFile;
214 (*params)["inFile"] = inFile;
215 (*params)["outFile"] = outFile;
216 (*params)["onlineAuthMode"] = onlineAuthMode;
217 (*params)["compatibleVersion"] = compatibleVersion;
218 (*params)["signerPlugin"] = signerPlugin;
219 (*params)["signServer"] = signServer;
220 (*params)["username"] = username;
221 (*params)["userPwd"] = userPwd;
222
223 signProvider->CheckParams(params.get());
224 return true;
225 }
226
HapSignTest007(const uint8_t * data,size_t size)227 bool HapSignTest007(const uint8_t* data, size_t size)
228 {
229 if (!data || !size) {
230 return true;
231 }
232
233 std::unique_ptr<SignProvider> signProvider = std::make_unique<SignProvider>();
234 std::shared_ptr<Options> params = std::make_shared<Options>();
235
236 std::string mode = "localSign";
237 std::string keyAlias = "oh-app1-key-v1";
238 std::string signAlg = "SHA256withECDSA";
239 std::string signCode = "1";
240 std::string appCertFile = "./hapSign/app-release1.pem";
241 std::string profileFile = "./hapSign/signed-profile.p7b";
242 std::string profileSigned = "1";
243 std::string inFile = "./hapSign/phone-default-unsigned";
244 std::string keystoreFile = "./hapSign/ohtest.p12";
245 std::string outFile = "./hapSign/phone-default-signed.hap";
246 char keyPwd[] = "123456";
247 char keystorePwd[] = "123456";
248
249 (*params)["mode"] = mode;
250 (*params)["keyAlias"] = keyAlias;
251 (*params)["signAlg"] = signAlg;
252 (*params)["signCode"] = signCode;
253 (*params)["appCertFile"] = appCertFile;
254 (*params)["profileFile"] = profileFile;
255 (*params)["profileSigned"] = profileSigned;
256 (*params)["inFile"] = inFile;
257 (*params)["keystoreFile"] = keystoreFile;
258 (*params)["outFile"] = outFile;
259 (*params)["keyPwd"] = keyPwd;
260 (*params)["keystorePwd"] = keystorePwd;
261 signProvider->GetCrl();
262 return true;
263 }
264
GenUnvaildFuzzHap(const std::string & path)265 void GenUnvaildFuzzHap(const std::string& path)
266 {
267 std::ofstream outfile(path);
268 if (!outfile) {
269 SIGNATURE_TOOLS_LOGE("Unable to open file: %s", path.c_str());
270 return;
271 }
272 outfile << "Hello, this is a Unvaild fuzz Hap.\n";
273 outfile.flush();
274 outfile.close();
275 return;
276 }
277 }
278 }
279
280 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)281 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
282 {
283 OHOS::SignatureTools::GenUnvaildFuzzHap("./hapSign/unsigned_with_cd_and_eocd.hap");
284 OHOS::SignatureTools::GenUnvaildFuzzHap("./hapSign/phone-default-unsigned");
285 OHOS::SignatureTools::GenUnvaildFuzzHap("./hapSign/phone-default-unsigned.hap");
286 sync();
287 /* Run your code on data */
288 OHOS::SignatureTools::HapSignTest001(data, size);
289 OHOS::SignatureTools::HapSignTest002(data, size);
290 OHOS::SignatureTools::HapSignTest003(data, size);
291 OHOS::SignatureTools::HapSignTest004(data, size);
292 OHOS::SignatureTools::HapSignTest005(data, size);
293 OHOS::SignatureTools::HapSignTest006(data, size);
294 OHOS::SignatureTools::HapSignTest007(data, size);
295 return 0;
296 }