1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "user_auth_client_fuzzer.h"
17
18 #include "parcel.h"
19
20 #include "user_auth_client_impl.h"
21 #include "user_auth_callback_service.h"
22 #include "iam_fuzz_test.h"
23 #include "iam_logger.h"
24 #include "iam_ptr.h"
25
26 #define LOG_LABEL OHOS::UserIam::Common::LABEL_USER_AUTH_SDK
27
28 namespace OHOS {
29 namespace UserIam {
30 namespace UserAuth {
31 namespace {
32 class DummyGetPropCallback final : public GetPropCallback {
33 public:
OnResult(int32_t result,const Attributes & extraInfo)34 void OnResult(int32_t result, const Attributes &extraInfo)
35 {
36 IAM_LOGI("start");
37 static_cast<void>(result);
38 static_cast<void>(extraInfo);
39 }
40 };
41
42 class DummySetPropCallback final : public SetPropCallback {
43 public:
OnResult(int32_t result,const Attributes & extraInfo)44 void OnResult(int32_t result, const Attributes &extraInfo)
45 {
46 IAM_LOGI("start");
47 static_cast<void>(result);
48 static_cast<void>(extraInfo);
49 }
50 };
51
52 class DummyAuthenticationCallback final : public AuthenticationCallback {
53 public:
OnAcquireInfo(int32_t module,uint32_t acquireInfo,const Attributes & extraInfo)54 void OnAcquireInfo(int32_t module, uint32_t acquireInfo, const Attributes &extraInfo)
55 {
56 IAM_LOGI("start");
57 static_cast<void>(module);
58 static_cast<void>(acquireInfo);
59 static_cast<void>(extraInfo);
60 }
61
OnResult(int32_t result,const Attributes & extraInfo)62 void OnResult(int32_t result, const Attributes &extraInfo)
63 {
64 IAM_LOGI("start");
65 static_cast<void>(result);
66 static_cast<void>(extraInfo);
67 }
68 };
69
70 class DummyIdentificationCallback final : public IdentificationCallback {
71 public:
OnAcquireInfo(int32_t module,uint32_t acquireInfo,const Attributes & extraInfo)72 void OnAcquireInfo(int32_t module, uint32_t acquireInfo, const Attributes &extraInfo)
73 {
74 IAM_LOGI("start");
75 static_cast<void>(module);
76 static_cast<void>(acquireInfo);
77 static_cast<void>(extraInfo);
78 }
79
OnResult(int32_t result,const Attributes & extraInfo)80 void OnResult(int32_t result, const Attributes &extraInfo)
81 {
82 IAM_LOGI("start");
83 static_cast<void>(result);
84 static_cast<void>(extraInfo);
85 }
86 };
87
88 class DummyIUserAuthWidgetCallback final : public IUserAuthWidgetCallback {
89 public:
SendCommand(const std::string & cmdData)90 void SendCommand(const std::string &cmdData)
91 {
92 IAM_LOGI("start");
93 static_cast<void>(cmdData);
94 }
95 };
96
FuzzClientGetAvailableStatus(Parcel & parcel)97 void FuzzClientGetAvailableStatus(Parcel &parcel)
98 {
99 IAM_LOGI("start");
100 auto authType = static_cast<AuthType>(parcel.ReadInt32());
101 auto atl = static_cast<AuthTrustLevel>(parcel.ReadUint32());
102 UserAuthClientImpl::Instance().GetAvailableStatus(authType, atl);
103 IAM_LOGI("end");
104 }
105
FuzzClientGetProperty(Parcel & parcel)106 void FuzzClientGetProperty(Parcel &parcel)
107 {
108 IAM_LOGI("start");
109 int32_t userId = parcel.ReadInt32();
110 GetPropertyRequest request = {};
111 request.authType = static_cast<AuthType>(parcel.ReadInt32());
112 request.keys.push_back(static_cast<Attributes::AttributeKey>(parcel.ReadUint32()));
113 auto callback = Common::MakeShared<DummyGetPropCallback>();
114 UserAuthClient::GetInstance().GetProperty(userId, request, callback);
115 IAM_LOGI("end");
116 }
117
FuzzClientSetProperty(Parcel & parcel)118 void FuzzClientSetProperty(Parcel &parcel)
119 {
120 IAM_LOGI("start");
121 int32_t userId = parcel.ReadInt32();
122 SetPropertyRequest request = {};
123 request.authType = static_cast<AuthType>(parcel.ReadInt32());
124 request.mode = static_cast<PropertyMode>(parcel.ReadUint32());
125 auto callback = Common::MakeShared<DummySetPropCallback>();
126 UserAuthClient::GetInstance().SetProperty(userId, request, callback);
127 IAM_LOGI("end");
128 }
129
FuzzClientBeginAuthentication001(Parcel & parcel)130 void FuzzClientBeginAuthentication001(Parcel &parcel)
131 {
132 IAM_LOGI("start");
133 int32_t userId = parcel.ReadInt32();
134 std::vector<uint8_t> challenge;
135 Common::FillFuzzUint8Vector(parcel, challenge);
136 auto authType = static_cast<AuthType>(parcel.ReadInt32());
137 auto atl = static_cast<AuthTrustLevel>(parcel.ReadUint32());
138 auto callback = Common::MakeShared<DummyAuthenticationCallback>();
139 UserAuthClient::GetInstance().BeginAuthentication(userId, challenge, authType, atl, callback);
140 IAM_LOGI("end");
141 }
142
FuzzClientBeginAuthentication002(Parcel & parcel)143 void FuzzClientBeginAuthentication002(Parcel &parcel)
144 {
145 IAM_LOGI("start");
146 int32_t apiVersion = parcel.ReadInt32();
147 std::vector<uint8_t> challenge;
148 Common::FillFuzzUint8Vector(parcel, challenge);
149 auto authType = static_cast<AuthType>(parcel.ReadInt32());
150 auto atl = static_cast<AuthTrustLevel>(parcel.ReadUint32());
151 auto callback = Common::MakeShared<DummyAuthenticationCallback>();
152 UserAuthClientImpl::Instance().BeginNorthAuthentication(apiVersion, challenge, authType, atl, callback);
153 IAM_LOGI("end");
154 }
155
FuzzClientCancelAuthentication(Parcel & parcel)156 void FuzzClientCancelAuthentication(Parcel &parcel)
157 {
158 IAM_LOGI("start");
159 uint64_t contextId = parcel.ReadUint64();
160 UserAuthClient::GetInstance().CancelAuthentication(contextId);
161 IAM_LOGI("end");
162 }
163
FuzzClientBeginIdentification(Parcel & parcel)164 void FuzzClientBeginIdentification(Parcel &parcel)
165 {
166 IAM_LOGI("start");
167 std::vector<uint8_t> challenge;
168 Common::FillFuzzUint8Vector(parcel, challenge);
169 auto authType = static_cast<AuthType>(parcel.ReadInt32());
170 auto callback = Common::MakeShared<DummyIdentificationCallback>();
171 UserAuthClient::GetInstance().BeginIdentification(challenge, authType, callback);
172 IAM_LOGI("end");
173 }
174
FuzzCancelIdentification(Parcel & parcel)175 void FuzzCancelIdentification(Parcel &parcel)
176 {
177 IAM_LOGI("start");
178 uint64_t contextId = parcel.ReadUint64();
179 UserAuthClient::GetInstance().CancelIdentification(contextId);
180 IAM_LOGI("end");
181 }
182
FuzzClientGetVersion(Parcel & parcel)183 void FuzzClientGetVersion(Parcel &parcel)
184 {
185 IAM_LOGI("start");
186 static_cast<void>(parcel.ReadInt32());
187 int32_t version = -1;
188 UserAuthClientImpl::Instance().GetVersion(version);
189 IAM_LOGI("end");
190 }
191
FuzzBeginWidgetAuth(Parcel & parcel)192 void FuzzBeginWidgetAuth(Parcel &parcel)
193 {
194 IAM_LOGI("start");
195 int32_t apiVersion = parcel.ReadInt32();
196 AuthParam authParam;
197 WidgetParam widgetParam;
198 Common::FillFuzzUint8Vector(parcel, authParam.challenge);
199 std::vector<int32_t> atList;
200 parcel.ReadInt32Vector(&atList);
201 for (auto at : atList) {
202 authParam.authType.push_back(static_cast<AuthType>(at));
203 }
204 authParam.authTrustLevel = static_cast<AuthTrustLevel>(parcel.ReadInt32());
205 widgetParam.title = parcel.ReadString();
206 widgetParam.navigationButtonText = parcel.ReadString();
207 widgetParam.windowMode = static_cast<WindowModeType>(parcel.ReadInt32());
208 auto callback = Common::MakeShared<DummyAuthenticationCallback>();
209 UserAuthClientImpl::Instance().BeginWidgetAuth(apiVersion, authParam, widgetParam, callback);
210 IAM_LOGI("end");
211 }
212
FuzzSetWidgetCallback(Parcel & parcel)213 void FuzzSetWidgetCallback(Parcel &parcel)
214 {
215 IAM_LOGI("start");
216 int32_t version = -1;
217 auto callback = Common::MakeShared<DummyIUserAuthWidgetCallback>();
218 UserAuthClientImpl::Instance().SetWidgetCallback(version, callback);
219 IAM_LOGI("end");
220 }
221
FuzzNotice(Parcel & parcel)222 void FuzzNotice(Parcel &parcel)
223 {
224 IAM_LOGI("start");
225 NoticeType noticeType = static_cast<NoticeType>(parcel.ReadInt32());
226 std::string eventData = parcel.ReadString();
227 UserAuthClientImpl::Instance().Notice(noticeType, eventData);
228 IAM_LOGI("end");
229 }
230
231 auto g_UserAuthCallbackService =
232 Common::MakeShared<UserAuthCallbackService>(Common::MakeShared<DummyAuthenticationCallback>());
233
234 auto g_GetPropCallbackService =
235 Common::MakeShared<GetExecutorPropertyCallbackService>(Common::MakeShared<DummyGetPropCallback>());
236
237 auto g_SetPropCallbackService =
238 Common::MakeShared<SetExecutorPropertyCallbackService>(Common::MakeShared<DummySetPropCallback>());
239
FuzzUserAuthCallbackServiceOnResult(Parcel & parcel)240 void FuzzUserAuthCallbackServiceOnResult(Parcel &parcel)
241 {
242 IAM_LOGI("start");
243 int32_t result = parcel.ReadInt32();
244 std::vector<uint8_t> attr;
245 Common::FillFuzzUint8Vector(parcel, attr);
246 Attributes extraInfo(attr);
247 if (g_UserAuthCallbackService != nullptr) {
248 g_UserAuthCallbackService->OnResult(result, extraInfo);
249 }
250 IAM_LOGI("end");
251 }
252
FuzzUserAuthCallbackServiceOnAcquireInfo(Parcel & parcel)253 void FuzzUserAuthCallbackServiceOnAcquireInfo(Parcel &parcel)
254 {
255 IAM_LOGI("start");
256 int32_t result = parcel.ReadInt32();
257 int32_t acquireInfo = parcel.ReadInt32();
258 std::vector<uint8_t> attr;
259 Common::FillFuzzUint8Vector(parcel, attr);
260 Attributes extraInfo(attr);
261 if (g_UserAuthCallbackService != nullptr) {
262 g_UserAuthCallbackService->OnAcquireInfo(result, acquireInfo, extraInfo);
263 }
264 IAM_LOGI("end");
265 }
266
FuzzGetPropCallbackServiceOnPropResult(Parcel & parcel)267 void FuzzGetPropCallbackServiceOnPropResult(Parcel &parcel)
268 {
269 IAM_LOGI("start");
270 int32_t result = parcel.ReadInt32();
271 std::vector<uint8_t> attr;
272 Common::FillFuzzUint8Vector(parcel, attr);
273 Attributes extraInfo(attr);
274 if (g_GetPropCallbackService != nullptr) {
275 g_GetPropCallbackService->OnGetExecutorPropertyResult(result, extraInfo);
276 }
277 IAM_LOGI("end");
278 }
279
FuzzSetPropCallbackServiceOnPropResult(Parcel & parcel)280 void FuzzSetPropCallbackServiceOnPropResult(Parcel &parcel)
281 {
282 IAM_LOGI("start");
283 int32_t result = parcel.ReadInt32();
284 if (g_SetPropCallbackService != nullptr) {
285 g_SetPropCallbackService->OnSetExecutorPropertyResult(result);
286 }
287 IAM_LOGI("end");
288 }
289
290 using FuzzFunc = decltype(FuzzClientGetAvailableStatus);
291 FuzzFunc *g_fuzzFuncs[] = {
292 FuzzClientGetAvailableStatus,
293 FuzzClientGetProperty,
294 FuzzClientSetProperty,
295 FuzzClientBeginAuthentication001,
296 FuzzClientBeginAuthentication002,
297 FuzzClientCancelAuthentication,
298 FuzzClientBeginIdentification,
299 FuzzCancelIdentification,
300 FuzzClientGetVersion,
301 FuzzBeginWidgetAuth,
302 FuzzSetWidgetCallback,
303 FuzzNotice,
304 FuzzUserAuthCallbackServiceOnResult,
305 FuzzUserAuthCallbackServiceOnAcquireInfo,
306 FuzzGetPropCallbackServiceOnPropResult,
307 FuzzSetPropCallbackServiceOnPropResult,
308 };
309
UserAuthClientFuzzTest(const uint8_t * data,size_t size)310 void UserAuthClientFuzzTest(const uint8_t *data, size_t size)
311 {
312 Parcel parcel;
313 parcel.WriteBuffer(data, size);
314 parcel.RewindRead(0);
315 uint32_t index = parcel.ReadUint32() % (sizeof(g_fuzzFuncs) / sizeof(FuzzFunc *));
316 auto fuzzFunc = g_fuzzFuncs[index];
317 fuzzFunc(parcel);
318 return;
319 }
320 } // namespace
321 } // namespace UserAuth
322 } // namespace UserIam
323 } // namespace OHOS
324
325 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)326 extern "C" int32_t LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
327 {
328 OHOS::UserIam::UserAuth::UserAuthClientFuzzTest(data, size);
329 return 0;
330 }
331