1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "iso_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20
21 #include "device_auth_defines.h"
22 #include "hc_types.h"
23 #include "hks_api.h"
24 #include "hks_param.h"
25 #include "hks_type.h"
26 #include "iso_protocol.h"
27 #include "json_utils.h"
28 #include "uint8buff_utils.h"
29 #include "device_auth.h"
30 #include "base/security/device_auth/services/session_manager/src/session/v2/auth_sub_session/protocol_lib/iso_protocol.c"
31
32 namespace OHOS {
33 #define PSK_SIZE 32
34 static const uint8_t PSK_VAL[PSK_SIZE] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19,
35 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 };
36 static const char *AUTH_ID_C_VAL = "5420459D93FE773F9945FD64277FBA2CAB8FB996DDC1D0B97676FBB1242B3930";
37 static const char *AUTH_ID_S_VAL = "52E2706717D5C39D736E134CC1E3BE1BAA2AA52DB7C76A37C749558BD2E6492C";
38 static const char *MSG_C_VAL = "client send msg";
39 static const char *MSG_S_VAL = "server send msg";
40 static const int32_t ERROR_CODE = 0;
41
42 static Uint8Buff g_psk = { (uint8_t *)PSK_VAL, PSK_SIZE };
43 static Uint8Buff g_authIdC = { (uint8_t *)AUTH_ID_C_VAL, 64 };
44 static Uint8Buff g_authIdS = { (uint8_t *)AUTH_ID_S_VAL, 64 };
45 static Uint8Buff g_msgC = { (uint8_t *)MSG_C_VAL, 16 };
46 static Uint8Buff g_msgS = { (uint8_t *)MSG_S_VAL, 16 };
47 static IsoInitParams g_paramsC = { g_authIdC, DEFAULT_OS_ACCOUNT };
48 static IsoInitParams g_paramsS = { g_authIdS, DEFAULT_OS_ACCOUNT };
49
IsoTest01(void)50 static void IsoTest01(void)
51 {
52 HksInitialize();
53 BaseProtocol *self;
54 (void)CreateIsoProtocol(&g_paramsC, true, &self);
55 self->destroy(self);
56 }
57
IsoTest02(void)58 static void IsoTest02(void)
59 {
60 HksInitialize();
61 BaseProtocol *client;
62 int32_t res = CreateIsoProtocol(&g_paramsC, true, &client);
63
64 BaseProtocol *server;
65 res = CreateIsoProtocol(&g_paramsS, false, &server);
66
67 res = client->setPsk(client, &g_psk);
68 res = server->setPsk(server, &g_psk);
69
70 CJson *clientOut = nullptr;
71 CJson *serverOut = nullptr;
72
73 res = client->setSelfProtectedMsg(client, &g_msgC);
74 res = client->setPeerProtectedMsg(client, &g_msgS);
75 res = server->setSelfProtectedMsg(server, &g_msgS);
76 res = server->setPeerProtectedMsg(server, &g_msgC);
77
78 res = client->start(client, &clientOut);
79
80 while (clientOut != nullptr || serverOut != nullptr) {
81 if (clientOut != nullptr) {
82 res = server->process(server, clientOut, &serverOut);
83 FreeJson(clientOut);
84 clientOut = nullptr;
85 } else {
86 res = client->process(client, serverOut, &clientOut);
87 FreeJson(serverOut);
88 serverOut = nullptr;
89 }
90 }
91 Uint8Buff clientKey = { nullptr, 0 };
92 res = client->getSessionKey(client, &clientKey);
93 FreeUint8Buff(&clientKey);
94 Uint8Buff serverKey = { nullptr, 0 };
95 res = server->getSessionKey(server, &serverKey);
96 FreeUint8Buff(&serverKey);
97
98 client->destroy(client);
99 server->destroy(server);
100 }
101
IsoTest03(void)102 static void IsoTest03(void)
103 {
104 HksInitialize();
105 BaseProtocol *client;
106 int32_t res = CreateIsoProtocol(&g_paramsC, true, &client);
107
108 BaseProtocol *server;
109 res = CreateIsoProtocol(&g_paramsS, false, &server);
110
111 res = client->setPsk(client, &g_psk);
112 res = server->setPsk(server, &g_psk);
113
114 CJson *clientOut = nullptr;
115 CJson *serverOut = nullptr;
116
117 res = client->start(client, &clientOut);
118
119 while (clientOut != nullptr || serverOut != nullptr) {
120 if (clientOut != nullptr) {
121 res = server->process(server, clientOut, &serverOut);
122 FreeJson(clientOut);
123 clientOut = nullptr;
124 } else {
125 res = client->process(client, serverOut, &clientOut);
126 FreeJson(serverOut);
127 serverOut = nullptr;
128 }
129 }
130 Uint8Buff clientKey;
131 res = client->getSessionKey(client, &clientKey);
132 FreeUint8Buff(&clientKey);
133 Uint8Buff serverKey;
134 res = server->getSessionKey(server, &serverKey);
135 FreeUint8Buff(&serverKey);
136
137 client->destroy(client);
138 server->destroy(server);
139 }
140
IsoTest04(void)141 static void IsoTest04(void)
142 {
143 HksInitialize();
144 BaseProtocol *self;
145 (void)CreateIsoProtocol(nullptr, true, &self);
146 }
147
IsoTest05(void)148 static void IsoTest05(void)
149 {
150 HksInitialize();
151 (void)CreateIsoProtocol(&g_paramsC, true, nullptr);
152 }
153
IsoTest06(void)154 static void IsoTest06(void)
155 {
156 HksInitialize();
157 IsoInitParams errParams = { { nullptr, 32 }, DEFAULT_OS_ACCOUNT };
158 BaseProtocol *self;
159 (void)CreateIsoProtocol(&errParams, true, &self);
160 }
161
IsoTest07(void)162 static void IsoTest07(void)
163 {
164 HksInitialize();
165 IsoInitParams errParams = { { (uint8_t *)AUTH_ID_C_VAL, 0 }, DEFAULT_OS_ACCOUNT };
166 BaseProtocol *self;
167 (void)CreateIsoProtocol(&errParams, true, &self);
168 }
169
IsoTest08(void)170 static void IsoTest08(void)
171 {
172 HksInitialize();
173 BaseProtocol *self;
174 (void)CreateIsoProtocol(&g_paramsC, true, &self);
175 (void)self->setPsk(nullptr, &g_psk);
176 self->destroy(self);
177 }
178
IsoTest09(void)179 static void IsoTest09(void)
180 {
181 HksInitialize();
182 BaseProtocol *self;
183 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
184 res = self->setPsk(self, nullptr);
185 self->destroy(self);
186 }
187
IsoTest10(void)188 static void IsoTest10(void)
189 {
190 HksInitialize();
191 BaseProtocol *self;
192 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
193 Uint8Buff errParams = { nullptr, PSK_SIZE };
194 res = self->setPsk(self, &errParams);
195 self->destroy(self);
196 }
197
IsoTest11(void)198 static void IsoTest11(void)
199 {
200 HksInitialize();
201 BaseProtocol *self;
202 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
203 Uint8Buff errParams = { (uint8_t *)PSK_VAL, 0 };
204 res = self->setPsk(self, &errParams);
205 self->destroy(self);
206 }
207
IsoTest12(void)208 static void IsoTest12(void)
209 {
210 HksInitialize();
211 BaseProtocol *self;
212 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
213 CJson *out = nullptr;
214 res = self->start(nullptr, &out);
215 self->destroy(self);
216 }
217
IsoTest13(void)218 static void IsoTest13(void)
219 {
220 HksInitialize();
221 BaseProtocol *self;
222 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
223 res = self->start(self, nullptr);
224 self->destroy(self);
225 }
226
IsoTest14(void)227 static void IsoTest14(void)
228 {
229 HksInitialize();
230 BaseProtocol *self;
231 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
232 self->curState = self->finishState;
233 CJson *out = nullptr;
234 res = self->start(self, &out);
235 self->destroy(self);
236 }
237
IsoTest15(void)238 static void IsoTest15(void)
239 {
240 HksInitialize();
241 BaseProtocol *self;
242 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
243 self->curState = self->failState;
244 CJson *out = nullptr;
245 res = self->start(self, &out);
246 self->destroy(self);
247 }
248
IsoTest16(void)249 static void IsoTest16(void)
250 {
251 HksInitialize();
252 BaseProtocol *self;
253 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
254 CJson recvMsg;
255 CJson *sendMsg = nullptr;
256 res = self->process(nullptr, &recvMsg, &sendMsg);
257 self->destroy(self);
258 }
259
IsoTest17(void)260 static void IsoTest17(void)
261 {
262 HksInitialize();
263 BaseProtocol *self;
264 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
265 CJson *sendMsg = nullptr;
266 res = self->process(self, nullptr, &sendMsg);
267 self->destroy(self);
268 }
269
IsoTest18(void)270 static void IsoTest18(void)
271 {
272 HksInitialize();
273 BaseProtocol *self;
274 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
275 CJson recvMsg;
276 res = self->process(self, &recvMsg, nullptr);
277 self->destroy(self);
278 }
279
IsoTest19(void)280 static void IsoTest19(void)
281 {
282 HksInitialize();
283 BaseProtocol *self;
284 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
285 self->curState = self->finishState;
286 CJson recvMsg;
287 CJson *sendMsg = nullptr;
288 res = self->process(self, &recvMsg, &sendMsg);
289 self->destroy(self);
290 }
291
IsoTest20(void)292 static void IsoTest20(void)
293 {
294 HksInitialize();
295 BaseProtocol *self;
296 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
297 self->curState = self->failState;
298 CJson recvMsg;
299 CJson *sendMsg = nullptr;
300 res = self->process(self, &recvMsg, &sendMsg);
301 self->destroy(self);
302 }
303
IsoTest21(void)304 static void IsoTest21(void)
305 {
306 HksInitialize();
307 BaseProtocol *self;
308 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
309 res = self->setSelfProtectedMsg(nullptr, &g_msgC);
310 self->destroy(self);
311 }
312
IsoTest22(void)313 static void IsoTest22(void)
314 {
315 HksInitialize();
316 BaseProtocol *self;
317 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
318 res = self->setSelfProtectedMsg(self, nullptr);
319 self->destroy(self);
320 }
321
IsoTest23(void)322 static void IsoTest23(void)
323 {
324 HksInitialize();
325 BaseProtocol *self;
326 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
327 res = self->setPeerProtectedMsg(nullptr, &g_msgS);
328 self->destroy(self);
329 }
330
IsoTest24(void)331 static void IsoTest24(void)
332 {
333 HksInitialize();
334 BaseProtocol *self;
335 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
336 res = self->setPeerProtectedMsg(self, nullptr);
337 self->destroy(self);
338 }
339
IsoTest25(void)340 static void IsoTest25(void)
341 {
342 HksInitialize();
343 BaseProtocol *self;
344 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
345 Uint8Buff key = { nullptr, 0 };
346 res = self->getSessionKey(nullptr, &key);
347 self->destroy(self);
348 }
349
IsoTest26(void)350 static void IsoTest26(void)
351 {
352 HksInitialize();
353 BaseProtocol *self;
354 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
355 res = self->getSessionKey(self, nullptr);
356 self->destroy(self);
357 }
358
IsoTest27(void)359 static void IsoTest27(void)
360 {
361 HksInitialize();
362 BaseProtocol *self;
363 int32_t res = CreateIsoProtocol(&g_paramsC, true, &self);
364 Uint8Buff key = { nullptr, 0 };
365 res = self->getSessionKey(self, &key);
366 self->destroy(self);
367 }
368
IsoTest28(void)369 static void IsoTest28(void)
370 {
371 HksInitialize();
372 BaseProtocol *self;
373 (void)CreateIsoProtocol(&g_paramsC, true, &self);
374 self->destroy(nullptr);
375 self->destroy(self);
376 }
377
IsoTest29(void)378 static void IsoTest29(void)
379 {
380 CJson *json = CreateJson();
381 NotifyPeerError(ERROR_CODE, &json);
382 ReturnError(ERROR_CODE, nullptr);
383 ThrowException(nullptr, nullptr, nullptr);
384 FreeJson(json);
385 }
386
FuzzDoCallback(const uint8_t * data,size_t size)387 bool FuzzDoCallback(const uint8_t* data, size_t size)
388 {
389 (void)data;
390 (void)size;
391 (void)IsoTest01();
392 (void)IsoTest02();
393 (void)IsoTest03();
394 (void)IsoTest04();
395 (void)IsoTest05();
396 (void)IsoTest06();
397 (void)IsoTest07();
398 (void)IsoTest08();
399 (void)IsoTest09();
400 (void)IsoTest10();
401 (void)IsoTest11();
402 (void)IsoTest12();
403 (void)IsoTest13();
404 (void)IsoTest14();
405 (void)IsoTest15();
406 (void)IsoTest16();
407 (void)IsoTest17();
408 (void)IsoTest18();
409 (void)IsoTest19();
410 (void)IsoTest20();
411 (void)IsoTest21();
412 (void)IsoTest22();
413 (void)IsoTest23();
414 (void)IsoTest24();
415 (void)IsoTest25();
416 (void)IsoTest26();
417 (void)IsoTest27();
418 (void)IsoTest28();
419 (void)IsoTest29();
420 return true;
421 }
422 }
423
424 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)425 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
426 {
427 /* Run your code on data */
428 OHOS::FuzzDoCallback(data, size);
429 return 0;
430 }
431
432