1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "ecspeke_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20
21 #include "device_auth_defines.h"
22 #include "hc_types.h"
23 #include "hks_api.h"
24 #include "hks_param.h"
25 #include "hks_type.h"
26 #include "ec_speke_protocol.h"
27 #include "json_utils.h"
28 #include "uint8buff_utils.h"
29 #include "device_auth.h"
30 #include "base/security/device_auth/services/session_manager/src/session/v2/auth_sub_session/protocol_lib/ec_speke_protocol.c"
31
32 namespace OHOS {
33 #define PSK_SIZE 32
34 #define INVALID_CURVE_TYPE 0
35 static const uint8_t PSK_VAL[PSK_SIZE] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19,
36 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 };
37 static const char *AUTH_ID_C_VAL = "5420459D93FE773F9945FD64277FBA2CAB8FB996DDC1D0B97676FBB1242B3930";
38 static const char *AUTH_ID_S_VAL = "52E2706717D5C39D736E134CC1E3BE1BAA2AA52DB7C76A37C749558BD2E6492C";
39 static const char *MSG_C_VAL = "client send msg";
40 static const char *MSG_S_VAL = "server send msg";
41 static const int32_t ERROR_CODE = 0;
42
43 static Uint8Buff g_psk = { (uint8_t *)PSK_VAL, PSK_SIZE };
44 static Uint8Buff g_authIdC = { (uint8_t *)AUTH_ID_C_VAL, 64 };
45 static Uint8Buff g_authIdS = { (uint8_t *)AUTH_ID_S_VAL, 64 };
46 static Uint8Buff g_msgC = { (uint8_t *)MSG_C_VAL, 16 };
47 static Uint8Buff g_msgS = { (uint8_t *)MSG_S_VAL, 16 };
48 static EcSpekeInitParams g_P256ParamsC = { CURVE_TYPE_256, g_authIdC, DEFAULT_OS_ACCOUNT };
49 static EcSpekeInitParams g_P256ParamsS = { CURVE_TYPE_256, g_authIdS, DEFAULT_OS_ACCOUNT };
50 static EcSpekeInitParams g_X25519ParamsC = { CURVE_TYPE_25519, g_authIdC, DEFAULT_OS_ACCOUNT };
51 static EcSpekeInitParams g_X25519ParamsS = { CURVE_TYPE_25519, g_authIdS, DEFAULT_OS_ACCOUNT };
52
ECSpekeTest01(void)53 static void ECSpekeTest01(void)
54 {
55 HksInitialize();
56 BaseProtocol *self;
57 CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
58 self->destroy(self);
59 }
60
ECSpekeTest02(void)61 static void ECSpekeTest02(void)
62 {
63 HksInitialize();
64 BaseProtocol *client;
65 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &client);
66
67 BaseProtocol *server;
68 res = CreateEcSpekeProtocol(&g_X25519ParamsS, false, &server);
69
70 res = client->setPsk(client, &g_psk);
71 res = server->setPsk(server, &g_psk);
72
73 CJson *clientOut = nullptr;
74 CJson *serverOut = nullptr;
75
76 res = client->setSelfProtectedMsg(client, &g_msgC);
77 res = client->setPeerProtectedMsg(client, &g_msgS);
78 res = server->setSelfProtectedMsg(server, &g_msgS);
79 res = server->setPeerProtectedMsg(server, &g_msgC);
80
81 res = client->start(client, &clientOut);
82
83 while (clientOut != nullptr || serverOut != nullptr) {
84 if (clientOut != nullptr) {
85 res = server->process(server, clientOut, &serverOut);
86 FreeJson(clientOut);
87 clientOut = nullptr;
88 } else {
89 res = client->process(client, serverOut, &clientOut);
90 FreeJson(serverOut);
91 serverOut = nullptr;
92 }
93 }
94 Uint8Buff clientKey = { nullptr, 0 };
95 res = client->getSessionKey(client, &clientKey);
96 FreeUint8Buff(&clientKey);
97 Uint8Buff serverKey = { nullptr, 0 };
98 res = server->getSessionKey(server, &serverKey);
99 FreeUint8Buff(&serverKey);
100
101 client->destroy(client);
102 server->destroy(server);
103 }
104
ECSpekeTest03(void)105 static void ECSpekeTest03(void)
106 {
107 HksInitialize();
108 BaseProtocol *client;
109 int32_t res = CreateEcSpekeProtocol(&g_P256ParamsC, true, &client);
110
111 BaseProtocol *server;
112 res = CreateEcSpekeProtocol(&g_P256ParamsS, false, &server);
113
114 res = client->setPsk(client, &g_psk);
115 res = server->setPsk(server, &g_psk);
116
117 CJson *clientOut = nullptr;
118 CJson *serverOut = nullptr;
119
120 res = client->setSelfProtectedMsg(client, &g_msgC);
121 res = client->setPeerProtectedMsg(client, &g_msgS);
122 res = server->setSelfProtectedMsg(server, &g_msgS);
123 res = server->setPeerProtectedMsg(server, &g_msgC);
124
125 res = client->start(client, &clientOut);
126
127 while (clientOut != nullptr || serverOut != nullptr) {
128 if (clientOut != nullptr) {
129 res = server->process(server, clientOut, &serverOut);
130 FreeJson(clientOut);
131 clientOut = nullptr;
132 } else {
133 res = client->process(client, serverOut, &clientOut);
134 FreeJson(serverOut);
135 serverOut = nullptr;
136 }
137 }
138 Uint8Buff clientKey = { nullptr, 0 };
139 res = client->getSessionKey(client, &clientKey);
140 FreeUint8Buff(&clientKey);
141 Uint8Buff serverKey = { nullptr, 0 };
142 res = server->getSessionKey(server, &serverKey);
143 FreeUint8Buff(&serverKey);
144
145 client->destroy(client);
146 server->destroy(server);
147 }
148
ECSpekeTest04(void)149 static void ECSpekeTest04(void)
150 {
151 HksInitialize();
152 BaseProtocol *client;
153 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &client);
154
155 BaseProtocol *server;
156 res = CreateEcSpekeProtocol(&g_X25519ParamsS, false, &server);
157
158 res = client->setPsk(client, &g_psk);
159 res = server->setPsk(server, &g_psk);
160
161 CJson *clientOut = nullptr;
162 CJson *serverOut = nullptr;
163
164 res = client->start(client, &clientOut);
165
166 while (clientOut != nullptr || serverOut != nullptr) {
167 if (clientOut != nullptr) {
168 res = server->process(server, clientOut, &serverOut);
169 FreeJson(clientOut);
170 clientOut = nullptr;
171 } else {
172 res = client->process(client, serverOut, &clientOut);
173 FreeJson(serverOut);
174 serverOut = nullptr;
175 }
176 }
177 Uint8Buff clientKey;
178 res = client->getSessionKey(client, &clientKey);
179 FreeUint8Buff(&clientKey);
180 Uint8Buff serverKey;
181 res = server->getSessionKey(server, &serverKey);
182 FreeUint8Buff(&serverKey);
183
184 client->destroy(client);
185 server->destroy(server);
186 }
187
ECSpekeTest05(void)188 static void ECSpekeTest05(void)
189 {
190 HksInitialize();
191 BaseProtocol *self;
192 CreateEcSpekeProtocol(nullptr, true, &self);
193 }
194
ECSpekeTest06(void)195 static void ECSpekeTest06(void)
196 {
197 HksInitialize();
198 CreateEcSpekeProtocol(&g_X25519ParamsC, true, nullptr);
199 }
200
ECSpekeTest07(void)201 static void ECSpekeTest07(void)
202 {
203 HksInitialize();
204 EcSpekeInitParams errParams = { INVALID_CURVE_TYPE, g_authIdC, DEFAULT_OS_ACCOUNT };
205 BaseProtocol *self;
206 CreateEcSpekeProtocol(&errParams, true, &self);
207 }
208
ECSpekeTest08(void)209 static void ECSpekeTest08(void)
210 {
211 HksInitialize();
212 EcSpekeInitParams errParams = { CURVE_TYPE_25519, { nullptr, 0 }, DEFAULT_OS_ACCOUNT };
213 BaseProtocol *self;
214 CreateEcSpekeProtocol(&errParams, true, &self);
215 }
216
ECSpekeTest09(void)217 static void ECSpekeTest09(void)
218 {
219 HksInitialize();
220 BaseProtocol *self;
221 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
222
223 res = self->setPsk(nullptr, &g_psk);
224
225 self->destroy(self);
226 }
227
ECSpekeTest10(void)228 static void ECSpekeTest10(void)
229 {
230 HksInitialize();
231 BaseProtocol *self;
232 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
233 res = self->setPsk(self, nullptr);
234 self->destroy(self);
235 }
236
ECSpekeTest11(void)237 static void ECSpekeTest11(void)
238 {
239 HksInitialize();
240 BaseProtocol *self;
241 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
242
243 Uint8Buff errParams = { nullptr, PSK_SIZE };
244 res = self->setPsk(self, &errParams);
245
246 self->destroy(self);
247 }
248
ECSpekeTest12(void)249 static void ECSpekeTest12(void)
250 {
251 HksInitialize();
252 BaseProtocol *self;
253 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
254
255 Uint8Buff errParams = { (uint8_t *)PSK_VAL, 0 };
256 res = self->setPsk(self, &errParams);
257
258 self->destroy(self);
259 }
260
ECSpekeTest13(void)261 static void ECSpekeTest13(void)
262 {
263 HksInitialize();
264 BaseProtocol *self;
265 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
266
267 CJson *out = nullptr;
268 res = self->start(nullptr, &out);
269
270 self->destroy(self);
271 }
272
ECSpekeTest14(void)273 static void ECSpekeTest14(void)
274 {
275 HksInitialize();
276 BaseProtocol *self;
277 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
278
279 res = self->start(self, nullptr);
280
281 self->destroy(self);
282 }
283
ECSpekeTest15(void)284 static void ECSpekeTest15(void)
285 {
286 HksInitialize();
287 BaseProtocol *self;
288 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
289
290 self->curState = self->finishState;
291
292 CJson *out = nullptr;
293 res = self->start(self, &out);
294
295 self->destroy(self);
296 }
297
ECSpekeTest16(void)298 static void ECSpekeTest16(void)
299 {
300 HksInitialize();
301 BaseProtocol *self;
302 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
303
304 self->curState = self->failState;
305
306 CJson *out = nullptr;
307 res = self->start(self, &out);
308
309 self->destroy(self);
310 }
311
ECSpekeTest17(void)312 static void ECSpekeTest17(void)
313 {
314 HksInitialize();
315 BaseProtocol *self;
316 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
317
318 CJson recvMsg;
319 CJson *sendMsg = nullptr;
320 res = self->process(nullptr, &recvMsg, &sendMsg);
321
322 self->destroy(self);
323 }
324
ECSpekeTest18(void)325 static void ECSpekeTest18(void)
326 {
327 HksInitialize();
328 BaseProtocol *self;
329 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
330
331 CJson *sendMsg = nullptr;
332 res = self->process(self, nullptr, &sendMsg);
333
334 self->destroy(self);
335 }
336
ECSpekeTest19(void)337 static void ECSpekeTest19(void)
338 {
339 HksInitialize();
340 BaseProtocol *self;
341 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
342
343 CJson recvMsg;
344 res = self->process(self, &recvMsg, nullptr);
345
346 self->destroy(self);
347 }
348
ECSpekeTest20(void)349 static void ECSpekeTest20(void)
350 {
351 HksInitialize();
352 BaseProtocol *self;
353 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
354
355 self->curState = self->finishState;
356
357 CJson recvMsg;
358 CJson *sendMsg = nullptr;
359 res = self->process(self, &recvMsg, &sendMsg);
360
361 self->destroy(self);
362 }
363
ECSpekeTest21(void)364 static void ECSpekeTest21(void)
365 {
366 HksInitialize();
367 BaseProtocol *self;
368 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
369
370 self->curState = self->failState;
371
372 CJson recvMsg;
373 CJson *sendMsg = nullptr;
374 res = self->process(self, &recvMsg, &sendMsg);
375
376 self->destroy(self);
377 }
378
ECSpekeTest22(void)379 static void ECSpekeTest22(void)
380 {
381 HksInitialize();
382 BaseProtocol *self;
383 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
384
385 res = self->setSelfProtectedMsg(nullptr, &g_msgC);
386
387 self->destroy(self);
388 }
389
ECSpekeTest23(void)390 static void ECSpekeTest23(void)
391 {
392 HksInitialize();
393 BaseProtocol *self;
394 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
395
396 res = self->setSelfProtectedMsg(self, nullptr);
397
398 self->destroy(self);
399 }
400
ECSpekeTest24(void)401 static void ECSpekeTest24(void)
402 {
403 HksInitialize();
404 BaseProtocol *self;
405 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
406
407 res = self->setPeerProtectedMsg(nullptr, &g_msgS);
408
409 self->destroy(self);
410 }
411
ECSpekeTest25(void)412 static void ECSpekeTest25(void)
413 {
414 HksInitialize();
415 BaseProtocol *self;
416 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
417
418 res = self->setPeerProtectedMsg(self, nullptr);
419
420 self->destroy(self);
421 }
422
ECSpekeTest26(void)423 static void ECSpekeTest26(void)
424 {
425 HksInitialize();
426 BaseProtocol *self;
427 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
428
429 Uint8Buff key = { nullptr, 0 };
430 res = self->getSessionKey(nullptr, &key);
431
432 self->destroy(self);
433 }
434
ECSpekeTest27(void)435 static void ECSpekeTest27(void)
436 {
437 HksInitialize();
438 BaseProtocol *self;
439 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
440
441 res = self->getSessionKey(self, nullptr);
442
443 self->destroy(self);
444 }
445
ECSpekeTest28(void)446 static void ECSpekeTest28(void)
447 {
448 HksInitialize();
449 BaseProtocol *self;
450 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
451
452 Uint8Buff key = { nullptr, 0 };
453 res = self->getSessionKey(self, &key);
454
455 self->destroy(self);
456 }
457
ECSpekeTest29(void)458 static void ECSpekeTest29(void)
459 {
460 HksInitialize();
461 BaseProtocol *self;
462 CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
463
464 self->destroy(nullptr);
465 self->destroy(self);
466 }
467
ECSpekeTest30(void)468 static void ECSpekeTest30(void)
469 {
470 CJson *json = CreateJson();
471 NotifyPeerError(ERROR_CODE, &json);
472 ReturnError(ERROR_CODE, nullptr);
473 ThrowException(nullptr, nullptr, nullptr);
474 FreeJson(json);
475 }
476
FuzzDoCallback(const uint8_t * data,size_t size)477 bool FuzzDoCallback(const uint8_t* data, size_t size)
478 {
479 (void)data;
480 (void)size;
481 (void)ECSpekeTest01();
482 (void)ECSpekeTest02();
483 (void)ECSpekeTest03();
484 (void)ECSpekeTest04();
485 (void)ECSpekeTest05();
486 (void)ECSpekeTest06();
487 (void)ECSpekeTest07();
488 (void)ECSpekeTest08();
489 (void)ECSpekeTest09();
490 (void)ECSpekeTest10();
491 (void)ECSpekeTest11();
492 (void)ECSpekeTest12();
493 (void)ECSpekeTest13();
494 (void)ECSpekeTest14();
495 (void)ECSpekeTest15();
496 (void)ECSpekeTest16();
497 (void)ECSpekeTest17();
498 (void)ECSpekeTest18();
499 (void)ECSpekeTest19();
500 (void)ECSpekeTest20();
501 (void)ECSpekeTest21();
502 (void)ECSpekeTest22();
503 (void)ECSpekeTest23();
504 (void)ECSpekeTest24();
505 (void)ECSpekeTest25();
506 (void)ECSpekeTest26();
507 (void)ECSpekeTest27();
508 (void)ECSpekeTest28();
509 (void)ECSpekeTest29();
510 (void)ECSpekeTest30();
511 return true;
512 }
513 }
514
515 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)516 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
517 {
518 /* Run your code on data */
519 OHOS::FuzzDoCallback(data, size);
520 return 0;
521 }
522
523