1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "co_auth_client_fuzzer.h"
17
18 #include "parcel.h"
19
20 #include "co_auth_client.h"
21 #include "executor_callback_service.h"
22 #include "executor_messenger_client.h"
23 #include "iam_fuzz_test.h"
24 #include "iam_logger.h"
25 #include "iam_ptr.h"
26
27 #define LOG_LABEL OHOS::UserIam::Common::LABEL_USER_AUTH_SDK
28
29 namespace OHOS {
30 namespace UserIam {
31 namespace UserAuth {
32 namespace {
33 class DummyExecutorRegisterCallback final : public ExecutorRegisterCallback {
34 public:
OnMessengerReady(const std::shared_ptr<ExecutorMessenger> & messenger,const std::vector<uint8_t> & publicKey,const std::vector<uint64_t> & templateIds)35 void OnMessengerReady(const std::shared_ptr<ExecutorMessenger> &messenger,
36 const std::vector<uint8_t> &publicKey, const std::vector<uint64_t> &templateIds)
37 {
38 IAM_LOGI("start");
39 static_cast<void>(messenger);
40 static_cast<void>(publicKey);
41 static_cast<void>(templateIds);
42 }
43
OnBeginExecute(uint64_t scheduleId,const std::vector<uint8_t> & publicKey,const Attributes & commandAttrs)44 int32_t OnBeginExecute(uint64_t scheduleId, const std::vector<uint8_t> &publicKey,
45 const Attributes &commandAttrs)
46 {
47 IAM_LOGI("start");
48 static_cast<void>(scheduleId);
49 static_cast<void>(publicKey);
50 static_cast<void>(commandAttrs);
51 return SUCCESS;
52 }
53
OnEndExecute(uint64_t scheduleId,const Attributes & commandAttrs)54 int32_t OnEndExecute(uint64_t scheduleId, const Attributes &commandAttrs)
55 {
56 IAM_LOGI("start");
57 static_cast<void>(scheduleId);
58 static_cast<void>(commandAttrs);
59 return SUCCESS;
60 }
61
OnSetProperty(const Attributes & properties)62 int32_t OnSetProperty(const Attributes &properties)
63 {
64 IAM_LOGI("start");
65 static_cast<void>(properties);
66 return SUCCESS;
67 }
68
OnGetProperty(const Attributes & conditions,Attributes & results)69 int32_t OnGetProperty(const Attributes &conditions, Attributes &results)
70 {
71 IAM_LOGI("start");
72 static_cast<void>(conditions);
73 static_cast<void>(results);
74 return SUCCESS;
75 }
76 };
77
78 class DummyExecutorMessengerInterface final : public ExecutorMessengerInterface {
79 public:
SendData(uint64_t scheduleId,uint64_t transNum,ExecutorRole srcRole,ExecutorRole dstRole,const std::vector<uint8_t> & msg)80 int32_t SendData(uint64_t scheduleId, uint64_t transNum, ExecutorRole srcRole, ExecutorRole dstRole,
81 const std::vector<uint8_t> &msg) override
82 {
83 IAM_LOGI("start");
84 static_cast<void>(scheduleId);
85 static_cast<void>(transNum);
86 static_cast<void>(srcRole);
87 static_cast<void>(dstRole);
88 static_cast<void>(msg);
89 return SUCCESS;
90 }
91
Finish(uint64_t scheduleId,ExecutorRole srcRole,ResultCode resultCode,const std::shared_ptr<Attributes> & finalResult)92 int32_t Finish(uint64_t scheduleId, ExecutorRole srcRole, ResultCode resultCode,
93 const std::shared_ptr<Attributes> &finalResult) override
94 {
95 IAM_LOGI("start");
96 static_cast<void>(scheduleId);
97 static_cast<void>(srcRole);
98 static_cast<void>(resultCode);
99 static_cast<void>(finalResult);
100 return SUCCESS;
101 }
102
AsObject()103 sptr<IRemoteObject> AsObject() override
104 {
105 sptr<IRemoteObject> tmp(nullptr);
106 return tmp;
107 }
108 };
109
FillExecutorInfo(Parcel & parcel,ExecutorInfo & info)110 void FillExecutorInfo(Parcel &parcel, ExecutorInfo &info)
111 {
112 info.authType = static_cast<AuthType>(parcel.ReadInt32());
113 info.executorRole = static_cast<ExecutorRole>(parcel.ReadInt32());
114 info.executorMatcher = parcel.ReadUint32();
115 info.executorSensorHint = parcel.ReadUint32();
116 info.esl = static_cast<ExecutorSecureLevel>(parcel.ReadInt32());
117 Common::FillFuzzUint8Vector(parcel, info.publicKey);
118 }
119
FuzzCoAuthClientRegister(Parcel & parcel)120 void FuzzCoAuthClientRegister(Parcel &parcel)
121 {
122 IAM_LOGI("start");
123 ExecutorInfo info = {};
124 FillExecutorInfo(parcel, info);
125 auto callback = Common::MakeShared<DummyExecutorRegisterCallback>();
126 CoAuthClient::GetInstance().Register(info, callback);
127 IAM_LOGI("end");
128 }
129
FuzzCoAuthClientUnregister(Parcel & parcel)130 void FuzzCoAuthClientUnregister(Parcel &parcel)
131 {
132 IAM_LOGI("start");
133 ExecutorInfo info = {};
134 FillExecutorInfo(parcel, info);
135 CoAuthClient::GetInstance().Unregister(info);
136 IAM_LOGI("end");
137 }
138
139 auto g_ExecutorCallbackService =
140 Common::MakeShared<ExecutorCallbackService>(Common::MakeShared<DummyExecutorRegisterCallback>());
141
142 auto g_ExecutorMessengerClient =
143 Common::MakeShared<ExecutorMessengerClient>(new (std::nothrow) DummyExecutorMessengerInterface());
144
FuzzExecutorCallbackServiceOnMessengerReady(Parcel & parcel)145 void FuzzExecutorCallbackServiceOnMessengerReady(Parcel &parcel)
146 {
147 IAM_LOGI("start");
148 sptr<ExecutorMessengerInterface> messenger(new (std::nothrow) DummyExecutorMessengerInterface());
149 std::vector<uint8_t> publicKey;
150 Common::FillFuzzUint8Vector(parcel, publicKey);
151 std::vector<uint64_t> templateIdList;
152 Common::FillFuzzUint64Vector(parcel, templateIdList);
153 if (g_ExecutorCallbackService != nullptr) {
154 g_ExecutorCallbackService->OnMessengerReady(messenger, publicKey, templateIdList);
155 }
156 IAM_LOGI("end");
157 }
158
FuzzExecutorCallbackServiceOnBeginExecute(Parcel & parcel)159 void FuzzExecutorCallbackServiceOnBeginExecute(Parcel &parcel)
160 {
161 IAM_LOGI("start");
162 uint64_t scheduleId = parcel.ReadUint64();
163 std::vector<uint8_t> publicKey;
164 Common::FillFuzzUint8Vector(parcel, publicKey);
165 std::vector<uint8_t> attr;
166 Common::FillFuzzUint8Vector(parcel, attr);
167 Attributes command(attr);
168 if (g_ExecutorCallbackService != nullptr) {
169 g_ExecutorCallbackService->OnBeginExecute(scheduleId, publicKey, command);
170 }
171 IAM_LOGI("end");
172 }
173
FuzzExecutorCallbackServiceOnEndExecute(Parcel & parcel)174 void FuzzExecutorCallbackServiceOnEndExecute(Parcel &parcel)
175 {
176 IAM_LOGI("start");
177 uint64_t scheduleId = parcel.ReadUint64();
178 std::vector<uint8_t> attr;
179 Common::FillFuzzUint8Vector(parcel, attr);
180 Attributes command(attr);
181 if (g_ExecutorCallbackService != nullptr) {
182 g_ExecutorCallbackService->OnEndExecute(scheduleId, command);
183 }
184 IAM_LOGI("end");
185 }
186
FuzzExecutorCallbackServiceOnSetProperty(Parcel & parcel)187 void FuzzExecutorCallbackServiceOnSetProperty(Parcel &parcel)
188 {
189 IAM_LOGI("start");
190 std::vector<uint8_t> attr;
191 Common::FillFuzzUint8Vector(parcel, attr);
192 Attributes properties(attr);
193 if (g_ExecutorCallbackService != nullptr) {
194 g_ExecutorCallbackService->OnSetProperty(properties);
195 }
196 IAM_LOGI("end");
197 }
198
FuzzExecutorCallbackServiceOnGetProperty(Parcel & parcel)199 void FuzzExecutorCallbackServiceOnGetProperty(Parcel &parcel)
200 {
201 IAM_LOGI("start");
202 std::vector<uint8_t> attr;
203 Common::FillFuzzUint8Vector(parcel, attr);
204 Attributes condition(attr);
205 Attributes values;
206 if (g_ExecutorCallbackService != nullptr) {
207 g_ExecutorCallbackService->OnGetProperty(condition, values);
208 }
209 IAM_LOGI("end");
210 }
211
FuzzExecutorMessengerClientSendData(Parcel & parcel)212 void FuzzExecutorMessengerClientSendData(Parcel &parcel)
213 {
214 IAM_LOGI("start");
215 uint64_t scheduleId = parcel.ReadUint64();
216 uint64_t transNum = parcel.ReadUint64();
217 auto srcRole = static_cast<ExecutorRole>(parcel.ReadInt32());
218 auto dstRole = static_cast<ExecutorRole>(parcel.ReadInt32());
219 std::vector<uint8_t> testMessage;
220 Common::FillFuzzUint8Vector(parcel, testMessage);
221 auto msg = AuthMessage::As(testMessage);
222 if (g_ExecutorMessengerClient != nullptr) {
223 g_ExecutorMessengerClient->SendData(scheduleId, transNum, srcRole, dstRole, msg);
224 }
225 IAM_LOGI("end");
226 }
227
FuzzExecutorMessengerClientFinish(Parcel & parcel)228 void FuzzExecutorMessengerClientFinish(Parcel &parcel)
229 {
230 IAM_LOGI("start");
231 uint64_t scheduleId = parcel.ReadUint64();
232 auto srcRole = static_cast<ExecutorRole>(parcel.ReadInt32());
233 int32_t resultCode = parcel.ReadInt32();
234 std::vector<uint8_t> attr;
235 Common::FillFuzzUint8Vector(parcel, attr);
236 Attributes finalResult(attr);
237 if (g_ExecutorMessengerClient != nullptr) {
238 g_ExecutorMessengerClient->Finish(scheduleId, srcRole, resultCode, finalResult);
239 }
240 IAM_LOGI("end");
241 }
242
243 using FuzzFunc = decltype(FuzzCoAuthClientRegister);
244 FuzzFunc *g_fuzzFuncs[] = {
245 FuzzCoAuthClientRegister,
246 FuzzCoAuthClientUnregister,
247 FuzzExecutorCallbackServiceOnMessengerReady,
248 FuzzExecutorCallbackServiceOnBeginExecute,
249 FuzzExecutorCallbackServiceOnEndExecute,
250 FuzzExecutorCallbackServiceOnSetProperty,
251 FuzzExecutorCallbackServiceOnGetProperty,
252 FuzzExecutorMessengerClientSendData,
253 FuzzExecutorMessengerClientFinish,
254 };
255
CoAuthClientFuzzTest(const uint8_t * data,size_t size)256 void CoAuthClientFuzzTest(const uint8_t *data, size_t size)
257 {
258 Parcel parcel;
259 parcel.WriteBuffer(data, size);
260 parcel.RewindRead(0);
261 uint32_t index = parcel.ReadUint32() % (sizeof(g_fuzzFuncs) / sizeof(FuzzFunc *));
262 auto fuzzFunc = g_fuzzFuncs[index];
263 fuzzFunc(parcel);
264 return;
265 }
266 } // namespace
267 } // namespace UserAuth
268 } // namespace UserIam
269 } // namespace OHOS
270
271 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)272 extern "C" int32_t LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
273 {
274 OHOS::UserIam::UserAuth::CoAuthClientFuzzTest(data, size);
275 return 0;
276 }
277