• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "generatecert_fuzzer.h"
17 #include <iostream>
18 #include <openssl/rand.h>
19 #include <string>
20 #include <vector>
21 #include <thread>
22 #include "accesstoken_kit.h"
23 #include "dlp_permission.h"
24 #include "dlp_permission_log.h"
25 #include "securec.h"
26 #include "token_setproc.h"
27 
28 using namespace OHOS::Security::DlpPermission;
29 using namespace OHOS::Security::AccessToken;
30 namespace OHOS {
Uint8ArrayToString(const uint8_t * buff,size_t size)31 static std::string Uint8ArrayToString(const uint8_t* buff, size_t size)
32 {
33     std::string str = "";
34     for (size_t i = 0; i < size; i++) {
35         str += (33 + buff[i] % (126 - 33));  // Visible Character Range 33 - 126
36     }
37     return str;
38 }
39 
FuzzTest(const uint8_t * data,size_t size)40 static void FuzzTest(const uint8_t* data, size_t size)
41 {
42     uint64_t curTime = static_cast<uint64_t>(
43         std::chrono::duration_cast<std::chrono::seconds>(std::chrono::system_clock::now().time_since_epoch()).count());
44     PermissionPolicy encPolicy;
45     encPolicy.ownerAccount_ = Uint8ArrayToString(data, size);
46     encPolicy.ownerAccountType_ = DOMAIN_ACCOUNT;
47     encPolicy.SetAeskey(data, size);
48     encPolicy.SetIv(data, size);
49     const uint8_t* userNum = reinterpret_cast<const uint8_t*>(data);
50     for (int user = 0; user < *userNum; ++user) {
51         AuthUserInfo perminfo;
52         perminfo.authAccount = Uint8ArrayToString(data, size);
53         const uint8_t* temp1 = reinterpret_cast<const uint8_t*>(data);
54         perminfo.authPerm = static_cast<DLPFileAccess>(1 + *temp1 % 3);  // perm type 1 to 3
55         const uint8_t* temp2 = reinterpret_cast<const uint8_t*>(data);
56         perminfo.permExpiryTime = curTime + *temp2 % 200;               // time range 0 to 200
57         perminfo.authAccountType = DOMAIN_ACCOUNT;
58         encPolicy.authUsers_.emplace_back(perminfo);
59     }
60     std::vector<uint8_t> cert;
61     DlpPermissionKit::GenerateDlpCertificate(encPolicy, cert);
62 }
63 
GenerateCertFuzzTest(const uint8_t * data,size_t size)64 bool GenerateCertFuzzTest(const uint8_t* data, size_t size)
65 {
66     int selfTokenId = GetSelfTokenID();
67     AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.dlpmanager", 0);  // user_id = 100
68     SetSelfTokenID(tokenId);
69     FuzzTest(data, size);
70     SetSelfTokenID(selfTokenId);
71     return true;
72 }
73 }  // namespace OHOS
74 
75 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)76 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
77 {
78     /* Run your code on data */
79     OHOS::GenerateCertFuzzTest(data, size);
80     return 0;
81 }
82