1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <cstddef>
17 #include <cstdint>
18 #include <string>
19 #include <unistd.h>
20
21 #include "device_manager.h"
22 #include "device_manager_callback.h"
23 #include "device_manager_impl.h"
24 #include "accesstoken_kit.h"
25 #include "authenticate_device_fuzzer.h"
26 #include "nativetoken_kit.h"
27 #include "token_setproc.h"
28 #include "dm_constants.h"
29
30 namespace OHOS {
31 namespace DistributedHardware {
32 class AuthenticateCallbackTest : public AuthenticateCallback {
33 public:
~AuthenticateCallbackTest()34 virtual ~AuthenticateCallbackTest() {}
OnAuthResult(const std::string & deviceId,const std::string & token,int32_t status,int32_t reason)35 void OnAuthResult(const std::string &deviceId, const std::string &token, int32_t status,
36 int32_t reason) override {}
37 };
38
39 class DmInitCallbackTest : public DmInitCallback {
40 public:
DmInitCallbackTest()41 DmInitCallbackTest() : DmInitCallback() {}
~DmInitCallbackTest()42 virtual ~DmInitCallbackTest() {}
OnRemoteDied()43 void OnRemoteDied() override {}
44 };
45
46 class DeviceStateCallbackTest : public DeviceStateCallback {
47 public:
DeviceStateCallbackTest()48 DeviceStateCallbackTest() : DeviceStateCallback() {}
~DeviceStateCallbackTest()49 virtual ~DeviceStateCallbackTest() {}
OnDeviceOnline(const DmDeviceInfo & deviceInfo)50 void OnDeviceOnline(const DmDeviceInfo &deviceInfo) override {}
OnDeviceReady(const DmDeviceInfo & deviceInfo)51 void OnDeviceReady(const DmDeviceInfo &deviceInfo) override {}
OnDeviceOffline(const DmDeviceInfo & deviceInfo)52 void OnDeviceOffline(const DmDeviceInfo &deviceInfo) override {}
OnDeviceChanged(const DmDeviceInfo & deviceInfo)53 void OnDeviceChanged(const DmDeviceInfo &deviceInfo) override {}
54 };
55
56 class DeviceStatusCallbackTest : public DeviceStatusCallback {
57 public:
~DeviceStatusCallbackTest()58 virtual ~DeviceStatusCallbackTest() { }
OnDeviceOnline(const DmDeviceBasicInfo & deviceBasicInfo)59 void OnDeviceOnline(const DmDeviceBasicInfo &deviceBasicInfo) override {}
OnDeviceOffline(const DmDeviceBasicInfo & deviceBasicInfo)60 void OnDeviceOffline(const DmDeviceBasicInfo &deviceBasicInfo) override {}
OnDeviceChanged(const DmDeviceBasicInfo & deviceBasicInfo)61 void OnDeviceChanged(const DmDeviceBasicInfo &deviceBasicInfo) override {}
OnDeviceReady(const DmDeviceBasicInfo & deviceBasicInfo)62 void OnDeviceReady(const DmDeviceBasicInfo &deviceBasicInfo) override {}
63 };
64
65 class DeviceDiscoveryCallbackTest : public DiscoveryCallback {
66 public:
DeviceDiscoveryCallbackTest()67 DeviceDiscoveryCallbackTest() : DiscoveryCallback() {}
~DeviceDiscoveryCallbackTest()68 virtual ~DeviceDiscoveryCallbackTest() {}
OnDiscoverySuccess(uint16_t subscribeId)69 void OnDiscoverySuccess(uint16_t subscribeId) override {}
OnDiscoveryFailed(uint16_t subscribeId,int32_t failedReason)70 void OnDiscoveryFailed(uint16_t subscribeId, int32_t failedReason) override {}
OnDeviceFound(uint16_t subscribeId,const DmDeviceInfo & deviceInfo)71 void OnDeviceFound(uint16_t subscribeId, const DmDeviceInfo &deviceInfo) override {}
OnDeviceFound(uint16_t subscribeId,const DmDeviceBasicInfo & deviceBasicInfo)72 void OnDeviceFound(uint16_t subscribeId, const DmDeviceBasicInfo &deviceBasicInfo) override{}
73 };
74
75 class DevicePublishCallbackTest : public PublishCallback {
76 public:
DevicePublishCallbackTest()77 DevicePublishCallbackTest() : PublishCallback() {}
~DevicePublishCallbackTest()78 virtual ~DevicePublishCallbackTest() {}
OnPublishResult(int32_t publishId,int32_t failedReason)79 void OnPublishResult(int32_t publishId, int32_t failedReason) override {}
80 };
81
82 class DeviceManagerUiCallbackTest : public DeviceManagerUiCallback {
83 public:
~DeviceManagerUiCallbackTest()84 virtual ~DeviceManagerUiCallbackTest() {}
OnCall(const std::string & paramJson)85 void OnCall(const std::string ¶mJson) override {}
86 };
87
88 std::string g_returnStr;
89 std::string g_reqJsonStr = R"(
90 {
91 "userId":"4269DC28B639681698809A67EDAD08E39F207900038F91EFF95DD042FE2874E4"
92 }
93 )";
94
95 std::string g_credentialInfo = R"(
96 {
97 "processType" : 1,
98 "g_authType" : 1,
99 "userId" : "123",
100 "credentialData" :
101 [
102 {
103 "credentialType" : 1,
104 "credentialId" : "104",
105 "authCode" : "1234567812345678123456781234567812345678123456781234567812345678",
106 "serverPk" : "",
107 "pkInfoSignature" : "",
108 "pkInfo" : "",
109 "peerDeviceId" : ""
110 }
111 ]
112 }
113 )";
114
115 std::string g_deleteInfo = R"(
116 {
117 "processType" : 1,
118 "g_authType" : 1,
119 "userId" : "123"
120 }
121 )";
122
123 DmDeviceInfo g_deviceInfo = {
124 .deviceId = "123456789101112131415",
125 .deviceName = "deviceName",
126 .deviceTypeId = 1
127 };
128
129 DmSubscribeInfo g_subscribeInfo = {
130 .subscribeId = 0,
131 .mode = DmDiscoverMode::DM_DISCOVER_MODE_ACTIVE,
132 .medium = DmExchangeMedium::DM_AUTO,
133 .freq = DmExchangeFreq::DM_MID,
134 .isSameAccount = true,
135 .isWakeRemote = true,
136 };
137
138 DmPublishInfo g_publishInfo = {
139 .publishId = 1234,
140 .mode = DmDiscoverMode::DM_DISCOVER_MODE_ACTIVE,
141 .freq = DmExchangeFreq::DM_MID,
142 .ranging = true,
143 };
144
145 PeerTargetId g_targetId = {
146 .deviceId = "deviceId",
147 .brMac = "brMac",
148 .bleMac = "bleMac",
149 .wifiIp = "wifiIp",
150 };
151
152 DmDeviceInfo g_getDeviceInfo;
153 DmPinType g_pinType = DmPinType::SUPER_SONIC;
154
155 uint64_t g_tokenId = 1;
156 int32_t g_authType = -1;
157 int32_t g_action = 2;
158 int32_t g_eventId = 1;
159 int32_t g_bindType = 1;
160 int32_t g_securityLevel = 1;
161 int64_t g_accessControlId = 1;
162
163 bool g_isRefresh = false;
164
165 std::vector<DmDeviceInfo> g_deviceList;
166 std::vector<DmDeviceBasicInfo> g_deviceBasic;
167
168 std::shared_ptr<DmInitCallback> g_initcallback = std::make_shared<DmInitCallbackTest>();
169 std::shared_ptr<DeviceStateCallback> g_stateCallback = std::make_shared<DeviceStateCallbackTest>();
170 std::shared_ptr<AuthenticateCallback> g_callbackk = std::make_shared<AuthenticateCallbackTest>();
171 std::shared_ptr<DeviceStatusCallback> g_statusCallback = std::make_shared<DeviceStatusCallbackTest>();
172 std::shared_ptr<DiscoveryCallback> g_discoveryCallback = std::make_shared<DeviceDiscoveryCallbackTest>();
173 std::shared_ptr<PublishCallback> g_publishCallback = std::make_shared<DevicePublishCallbackTest>();
174 std::shared_ptr<DeviceManagerUiCallback> g_Uicallback = std::make_shared<DeviceManagerUiCallbackTest>();
175
AddPermission()176 void AddPermission()
177 {
178 const int32_t permsNum = 3;
179 const int32_t indexZero = 0;
180 const int32_t indexOne = 1;
181 const int32_t indexTwo = 2;
182 uint64_t tokenId;
183 const char *perms[permsNum];
184 perms[indexZero] = "ohos.permission.ACCESS_SERVICE_DM";
185 perms[indexOne] = "ohos.permission.DISTRIBUTED_DATASYNC";
186 perms[indexTwo] = "ohos.permission.DISTRIBUTED_SOFTBUS_CENTER";
187 NativeTokenInfoParams infoInstance = {
188 .dcapsNum = 0,
189 .permsNum = permsNum,
190 .aclsNum = 0,
191 .dcaps = NULL,
192 .perms = perms,
193 .acls = NULL,
194 .processName = "device_manager",
195 .aplStr = "system_core",
196 };
197 tokenId = GetAccessTokenId(&infoInstance);
198 SetSelfTokenID(tokenId);
199 OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo();
200 }
201
AuthenticateDeviceFirstFuzzTest(const uint8_t * data,size_t size)202 void AuthenticateDeviceFirstFuzzTest(const uint8_t* data, size_t size)
203 {
204 if ((data == nullptr) || (size == 0)) {
205 return;
206 }
207 AddPermission();
208 std::string str(reinterpret_cast<const char*>(data), size);
209
210 DeviceManagerImpl::GetInstance().ipcClientProxy_ =
211 std::make_shared<IpcClientProxy>(std::make_shared<IpcClientManager>());
212
213 DeviceManager::GetInstance().InitDeviceManager(str, g_initcallback);
214 DeviceManager::GetInstance().RegisterDevStateCallback(str, str, g_stateCallback);
215 DeviceManager::GetInstance().RegisterDevStatusCallback(str, str, g_statusCallback);
216 DeviceManager::GetInstance().RegisterDeviceManagerFaCallback(str, g_Uicallback);
217 std::string emptyStr = "";
218 DeviceManager::GetInstance().AuthenticateDevice(str, g_authType, g_deviceInfo, emptyStr, g_callbackk);
219 DeviceManager::GetInstance().UnAuthenticateDevice(str, g_deviceInfo);
220 std::string pkgName = "pkgName";
221 DeviceManager::GetInstance().StartDeviceDiscovery(pkgName, g_subscribeInfo, pkgName, g_discoveryCallback);
222 DeviceManager::GetInstance().StopDeviceDiscovery(str, g_subscribeInfo.subscribeId);
223 DeviceManager::GetInstance().StartDeviceDiscovery(pkgName, g_tokenId, pkgName, g_discoveryCallback);
224 DeviceManager::GetInstance().StopDeviceDiscovery(g_tokenId, str);
225 DeviceManager::GetInstance().PublishDeviceDiscovery(str, g_publishInfo, g_publishCallback);
226 DeviceManager::GetInstance().UnPublishDeviceDiscovery(str, g_publishInfo.publishId);
227 DeviceManager::GetInstance().UnInitDeviceManager(str);
228 }
229
AuthenticateDeviceSecondFuzzTest(const uint8_t * data,size_t size)230 void AuthenticateDeviceSecondFuzzTest(const uint8_t* data, size_t size)
231 {
232 if ((data == nullptr) || (size == 0)) {
233 return;
234 }
235 AddPermission();
236 std::string str(reinterpret_cast<const char*>(data), size);
237
238 DeviceManagerImpl::GetInstance().ipcClientProxy_ =
239 std::make_shared<IpcClientProxy>(std::make_shared<IpcClientManager>());
240
241 DeviceManager::GetInstance().GetTrustedDeviceList(str, str, g_deviceList);
242 DeviceManager::GetInstance().GetTrustedDeviceList(str, str, g_isRefresh, g_deviceList);
243 DeviceManager::GetInstance().GetAvailableDeviceList(str, g_deviceBasic);
244 DeviceManager::GetInstance().GetDeviceInfo(str, str, g_getDeviceInfo);
245 DeviceManager::GetInstance().GetLocalDeviceInfo(str, g_getDeviceInfo);
246 DeviceManager::GetInstance().GetUdidByNetworkId(str, str, g_returnStr);
247 DeviceManager::GetInstance().GetUuidByNetworkId(str, str, g_returnStr);
248 DeviceManager::GetInstance().DpAclAdd(g_accessControlId, str, g_bindType);
249 DeviceManager::GetInstance().CreatePinHolder(str, g_targetId, g_pinType, str);
250 DeviceManager::GetInstance().DestroyPinHolder(str, g_targetId, g_pinType, str);
251 DeviceManager::GetInstance().CheckAccessToTarget(g_tokenId, str);
252 DeviceManager::GetInstance().IsSameAccount(str);
253 }
254
AuthenticateDeviceThirdFuzzTest(const uint8_t * data,size_t size)255 void AuthenticateDeviceThirdFuzzTest(const uint8_t* data, size_t size)
256 {
257 if ((data == nullptr) || (size == 0)) {
258 return;
259 }
260 AddPermission();
261 std::string str(reinterpret_cast<const char*>(data), size);
262
263 DeviceManagerImpl::GetInstance().ipcClientProxy_ =
264 std::make_shared<IpcClientProxy>(std::make_shared<IpcClientManager>());
265
266 DeviceManager::GetInstance().SetUserOperation(str, g_action, str);
267 DeviceManager::GetInstance().RequestCredential(str, g_returnStr);
268 DeviceManager::GetInstance().RequestCredential(str, g_reqJsonStr, g_returnStr);
269 DeviceManager::GetInstance().ImportCredential(str, g_credentialInfo);
270 DeviceManager::GetInstance().DeleteCredential(str, g_deleteInfo);
271 DeviceManager::GetInstance().CheckCredential(str, g_reqJsonStr, g_returnStr);
272 DeviceManager::GetInstance().ImportCredential(str, g_reqJsonStr, g_returnStr);
273 DeviceManager::GetInstance().DeleteCredential(str, g_reqJsonStr, g_returnStr);
274 DeviceManager::GetInstance().NotifyEvent(str, g_eventId, str);
275 std::string emptyStr = "";
276 DeviceManager::GetInstance().BindDevice(str, g_authType, str, emptyStr, g_callbackk);
277 DeviceManager::GetInstance().UnBindDevice(str, g_deviceInfo.deviceId);
278 DeviceManager::GetInstance().UnRegisterDeviceManagerFaCallback(str);
279 DeviceManager::GetInstance().UnRegisterDevStateCallback(str);
280 DeviceManager::GetInstance().UnRegisterDevStatusCallback(str);
281 std::map<std::string, std::string> authParam;
282 authParam[DM_AUTHENTICATION_TYPE] = str;
283 DeviceManager::GetInstance().RegisterAuthenticationType(str, authParam);
284 }
285
AuthenticateDeviceFourthFuzzTest(const uint8_t * data,size_t size)286 void AuthenticateDeviceFourthFuzzTest(const uint8_t* data, size_t size)
287 {
288 if ((data == nullptr) || (size == 0)) {
289 return;
290 }
291 AddPermission();
292 std::string str(reinterpret_cast<const char*>(data), size);
293
294 DeviceManagerImpl::GetInstance().ipcClientProxy_ =
295 std::make_shared<IpcClientProxy>(std::make_shared<IpcClientManager>());
296 std::string emptyStr = "";
297 DmDeviceInfo info;
298 DmDeviceBasicInfo deviceBasicInfo;
299 int32_t indexTwo = 2;
300 int32_t numOne = 1;
301 int32_t numOneTwoTimes = 11;
302 int32_t numOneThreeTimes = 111;
303 int32_t numOneSixTimes = 111111;
304
305 DeviceManagerImpl::GetInstance().ConvertDeviceInfoToDeviceBasicInfo(info, deviceBasicInfo);
306 DeviceManagerImpl::GetInstance().GetTrustedDeviceList(str, emptyStr, g_deviceList);
307 DeviceManagerImpl::GetInstance().GetTrustedDeviceList(str, emptyStr, false, g_deviceList);
308 DeviceManagerImpl::GetInstance().GetDeviceInfo(str, emptyStr, info);
309 DeviceManagerImpl::GetInstance().RegisterDevStatusCallback(str, emptyStr, nullptr);
310 DeviceManagerImpl::GetInstance().UnRegisterDevStateCallback(str);
311 DeviceManagerImpl::GetInstance().UnRegisterDevStatusCallback(emptyStr);
312 DeviceManagerImpl::GetInstance().StartDeviceDiscovery(str, g_subscribeInfo, emptyStr, nullptr);
313 DeviceManagerImpl::GetInstance().StartDeviceDiscovery(str, numOneSixTimes, emptyStr, nullptr);
314 DeviceManagerImpl::GetInstance().StopDeviceDiscovery(str, numOneTwoTimes);
315 DeviceManagerImpl::GetInstance().StopDeviceDiscovery(numOneThreeTimes, "");
316 DeviceManagerImpl::GetInstance().PublishDeviceDiscovery(str, g_publishInfo, nullptr);
317 DeviceManagerImpl::GetInstance().UnPublishDeviceDiscovery(str, numOneTwoTimes);
318 DeviceManagerImpl::GetInstance().AuthenticateDevice(str, numOne, info, emptyStr, nullptr);
319 DeviceManagerImpl::GetInstance().RegisterDeviceManagerFaCallback(str, nullptr);
320 DeviceManagerImpl::GetInstance().UnRegisterDeviceManagerFaCallback(str);
321 DeviceManagerImpl::GetInstance().VerifyAuthentication(str, emptyStr, nullptr);
322 PeerTargetId targetId;
323 std::map<std::string, std::string> discoverParam;
324 DeviceManagerImpl::GetInstance().BindTarget(str, targetId, discoverParam, nullptr);
325 DeviceManagerImpl::GetInstance().UnbindTarget(str, targetId, discoverParam, nullptr);
326 DeviceManagerImpl::GetInstance().GetTrustedDeviceList(str, discoverParam, false, g_deviceList);
327 DeviceManagerImpl::GetInstance().RegisterDevStateCallback(str, discoverParam, nullptr);
328 DeviceManagerImpl::GetInstance().AddDiscoveryCallback("test", discoverParam, nullptr);
329 DeviceManagerImpl::GetInstance().RemoveDiscoveryCallback("test");
330 DeviceManagerImpl::GetInstance().AddPublishCallback("test");
331 DeviceManagerImpl::GetInstance().RemovePublishCallback("test");
332 DeviceManagerImpl::GetInstance().RegisterPinHolderCallback(str, nullptr);
333 DeviceManagerImpl::GetInstance().GetDeviceSecurityLevel(str, emptyStr, indexTwo);
334 DeviceManagerImpl::GetInstance().IsSameAccount(emptyStr);
335 }
336
AuthenticateDeviceFifthFuzzTest(const uint8_t * data,size_t size)337 void AuthenticateDeviceFifthFuzzTest(const uint8_t* data, size_t size)
338 {
339 if ((data == nullptr) || (size == 0)) {
340 return;
341 }
342 AddPermission();
343 std::string str(reinterpret_cast<const char*>(data), size);
344
345 DeviceManagerImpl::GetInstance().ipcClientProxy_ =
346 std::make_shared<IpcClientProxy>(std::make_shared<IpcClientManager>());
347 std::string emptyStr = "";
348 DmDeviceInfo info;
349 DmDeviceBasicInfo deviceBasicInfo;
350 int32_t indexTwo = 2;
351 DmAuthParam dmFaParam;
352 DeviceManagerImpl::GetInstance().GetFaParam(str, dmFaParam);
353 DeviceManagerImpl::GetInstance().SetUserOperation(str, 1, emptyStr);
354 DeviceManagerImpl::GetInstance().GetUdidByNetworkId(str, emptyStr, g_returnStr);
355 DeviceManagerImpl::GetInstance().GetUuidByNetworkId(str, emptyStr, g_returnStr);
356 DeviceManagerImpl::GetInstance().RegisterDevStateCallback(str, emptyStr);
357 DeviceManagerImpl::GetInstance().UnRegisterDevStateCallback(str, emptyStr);
358 DeviceManagerImpl::GetInstance().RegisterUiStateCallback(str);
359 DeviceManagerImpl::GetInstance().UnRegisterUiStateCallback(str);
360 DeviceManagerImpl::GetInstance().RequestCredential(str, g_reqJsonStr, g_returnStr);
361 DeviceManagerImpl::GetInstance().ImportCredential(str, emptyStr);
362 DeviceManagerImpl::GetInstance().DeleteCredential(str, emptyStr);
363 DeviceManagerImpl::GetInstance().RegisterCredentialCallback(str, nullptr);
364 DeviceManagerImpl::GetInstance().UnRegisterCredentialCallback(str);
365 DeviceManagerImpl::GetInstance().NotifyEvent(str, 1, emptyStr);
366 DeviceManagerImpl::GetInstance().RequestCredential(str, g_returnStr);
367 DeviceManagerImpl::GetInstance().CheckCredential(str, g_reqJsonStr, g_returnStr);
368 DeviceManagerImpl::GetInstance().GetEncryptedUuidByNetworkId(str, emptyStr, g_returnStr);
369 DeviceManagerImpl::GetInstance().GenerateEncryptedUuid(str, emptyStr, emptyStr, g_returnStr);
370 DeviceManagerImpl::GetInstance().BindDevice(str, 1, emptyStr, emptyStr, nullptr);
371 DeviceManagerImpl::GetInstance().UnBindDevice(str, emptyStr);
372 DeviceManagerImpl::GetInstance().GetNetworkTypeByNetworkId(str, emptyStr, indexTwo);
373 DeviceManagerImpl::GetInstance().ImportAuthCode(emptyStr, emptyStr);
374 DeviceManagerImpl::GetInstance().ExportAuthCode(g_returnStr);
375 std::map<std::string, std::string> discoverParam;
376 DeviceManagerImpl::GetInstance().StartDiscovering(str, discoverParam, discoverParam, nullptr);
377 DeviceManagerImpl::GetInstance().StopDiscovering(str, discoverParam);
378 DeviceManagerImpl::GetInstance().RegisterDiscoveryCallback(str, discoverParam, discoverParam, nullptr);
379 DeviceManagerImpl::GetInstance().UnRegisterDiscoveryCallback(str);
380 DeviceManagerImpl::GetInstance().StartAdvertising(str, discoverParam, nullptr);
381 DeviceManagerImpl::GetInstance().StopAdvertising(str, discoverParam);
382 DeviceManagerImpl::GetInstance().SetDnPolicy(str, discoverParam);
383 DeviceManagerImpl::GetInstance().RegisterDeviceScreenStatusCallback(emptyStr, nullptr);
384 DeviceManagerImpl::GetInstance().UnRegisterDeviceScreenStatusCallback(emptyStr);
385 DeviceManagerImpl::GetInstance().GetDeviceScreenStatus(emptyStr, emptyStr, indexTwo);
386 }
387 }
388 }
389
390 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)391 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
392 {
393 /* Run your code on data */
394 OHOS::DistributedHardware::AuthenticateDeviceFirstFuzzTest(data, size);
395 OHOS::DistributedHardware::AuthenticateDeviceSecondFuzzTest(data, size);
396 OHOS::DistributedHardware::AuthenticateDeviceThirdFuzzTest(data, size);
397 OHOS::DistributedHardware::AuthenticateDeviceFourthFuzzTest(data, size);
398 OHOS::DistributedHardware::AuthenticateDeviceFifthFuzzTest(data, size);
399 return 0;
400 }
401