1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "ecspeke_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20
21 #include "device_auth_defines.h"
22 #include "hc_types.h"
23 #include "hks_api.h"
24 #include "hks_param.h"
25 #include "hks_type.h"
26 #include "ec_speke_protocol.h"
27 #include "json_utils.h"
28 #include "uint8buff_utils.h"
29 #include "device_auth.h"
30
31 namespace OHOS {
32 #define PSK_SIZE 32
33 #define INVALID_CURVE_TYPE 0
34 static const uint8_t PSK_VAL[PSK_SIZE] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19,
35 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 };
36 static const char *AUTH_ID_C_VAL = "5420459D93FE773F9945FD64277FBA2CAB8FB996DDC1D0B97676FBB1242B3930";
37 static const char *AUTH_ID_S_VAL = "52E2706717D5C39D736E134CC1E3BE1BAA2AA52DB7C76A37C749558BD2E6492C";
38 static const char *MSG_C_VAL = "client send msg";
39 static const char *MSG_S_VAL = "server send msg";
40
41 static Uint8Buff g_psk = { (uint8_t *)PSK_VAL, PSK_SIZE };
42 static Uint8Buff g_authIdC = { (uint8_t *)AUTH_ID_C_VAL, 64 };
43 static Uint8Buff g_authIdS = { (uint8_t *)AUTH_ID_S_VAL, 64 };
44 static Uint8Buff g_msgC = { (uint8_t *)MSG_C_VAL, 16 };
45 static Uint8Buff g_msgS = { (uint8_t *)MSG_S_VAL, 16 };
46 static EcSpekeInitParams g_P256ParamsC = { CURVE_TYPE_256, g_authIdC, DEFAULT_OS_ACCOUNT };
47 static EcSpekeInitParams g_P256ParamsS = { CURVE_TYPE_256, g_authIdS, DEFAULT_OS_ACCOUNT };
48 static EcSpekeInitParams g_X25519ParamsC = { CURVE_TYPE_25519, g_authIdC, DEFAULT_OS_ACCOUNT };
49 static EcSpekeInitParams g_X25519ParamsS = { CURVE_TYPE_25519, g_authIdS, DEFAULT_OS_ACCOUNT };
50
ECSpekeTest01(void)51 static void ECSpekeTest01(void)
52 {
53 HksInitialize();
54 BaseProtocol *self;
55 CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
56 self->destroy(self);
57 }
58
ECSpekeTest02(void)59 static void ECSpekeTest02(void)
60 {
61 HksInitialize();
62 BaseProtocol *client;
63 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &client);
64
65 BaseProtocol *server;
66 res = CreateEcSpekeProtocol(&g_X25519ParamsS, false, &server);
67
68 res = client->setPsk(client, &g_psk);
69 res = server->setPsk(server, &g_psk);
70
71 CJson *clientOut = nullptr;
72 CJson *serverOut = nullptr;
73
74 res = client->setSelfProtectedMsg(client, &g_msgC);
75 res = client->setPeerProtectedMsg(client, &g_msgS);
76 res = server->setSelfProtectedMsg(server, &g_msgS);
77 res = server->setPeerProtectedMsg(server, &g_msgC);
78
79 res = client->start(client, &clientOut);
80
81 while (clientOut != nullptr || serverOut != nullptr) {
82 if (clientOut != nullptr) {
83 res = server->process(server, clientOut, &serverOut);
84 FreeJson(clientOut);
85 clientOut = nullptr;
86 } else {
87 res = client->process(client, serverOut, &clientOut);
88 FreeJson(serverOut);
89 serverOut = nullptr;
90 }
91 }
92 Uint8Buff clientKey = { nullptr, 0 };
93 res = client->getSessionKey(client, &clientKey);
94 FreeUint8Buff(&clientKey);
95 Uint8Buff serverKey = { nullptr, 0 };
96 res = server->getSessionKey(server, &serverKey);
97 FreeUint8Buff(&serverKey);
98
99 client->destroy(client);
100 server->destroy(server);
101 }
102
ECSpekeTest03(void)103 static void ECSpekeTest03(void)
104 {
105 HksInitialize();
106 BaseProtocol *client;
107 int32_t res = CreateEcSpekeProtocol(&g_P256ParamsC, true, &client);
108
109 BaseProtocol *server;
110 res = CreateEcSpekeProtocol(&g_P256ParamsS, false, &server);
111
112 res = client->setPsk(client, &g_psk);
113 res = server->setPsk(server, &g_psk);
114
115 CJson *clientOut = nullptr;
116 CJson *serverOut = nullptr;
117
118 res = client->setSelfProtectedMsg(client, &g_msgC);
119 res = client->setPeerProtectedMsg(client, &g_msgS);
120 res = server->setSelfProtectedMsg(server, &g_msgS);
121 res = server->setPeerProtectedMsg(server, &g_msgC);
122
123 res = client->start(client, &clientOut);
124
125 while (clientOut != nullptr || serverOut != nullptr) {
126 if (clientOut != nullptr) {
127 res = server->process(server, clientOut, &serverOut);
128 FreeJson(clientOut);
129 clientOut = nullptr;
130 } else {
131 res = client->process(client, serverOut, &clientOut);
132 FreeJson(serverOut);
133 serverOut = nullptr;
134 }
135 }
136 Uint8Buff clientKey = { nullptr, 0 };
137 res = client->getSessionKey(client, &clientKey);
138 FreeUint8Buff(&clientKey);
139 Uint8Buff serverKey = { nullptr, 0 };
140 res = server->getSessionKey(server, &serverKey);
141 FreeUint8Buff(&serverKey);
142
143 client->destroy(client);
144 server->destroy(server);
145 }
146
ECSpekeTest04(void)147 static void ECSpekeTest04(void)
148 {
149 HksInitialize();
150 BaseProtocol *client;
151 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &client);
152
153 BaseProtocol *server;
154 res = CreateEcSpekeProtocol(&g_X25519ParamsS, false, &server);
155
156 res = client->setPsk(client, &g_psk);
157 res = server->setPsk(server, &g_psk);
158
159 CJson *clientOut = nullptr;
160 CJson *serverOut = nullptr;
161
162 res = client->start(client, &clientOut);
163
164 while (clientOut != nullptr || serverOut != nullptr) {
165 if (clientOut != nullptr) {
166 res = server->process(server, clientOut, &serverOut);
167 FreeJson(clientOut);
168 clientOut = nullptr;
169 } else {
170 res = client->process(client, serverOut, &clientOut);
171 FreeJson(serverOut);
172 serverOut = nullptr;
173 }
174 }
175 Uint8Buff clientKey;
176 res = client->getSessionKey(client, &clientKey);
177 FreeUint8Buff(&clientKey);
178 Uint8Buff serverKey;
179 res = server->getSessionKey(server, &serverKey);
180 FreeUint8Buff(&serverKey);
181
182 client->destroy(client);
183 server->destroy(server);
184 }
185
ECSpekeTest05(void)186 static void ECSpekeTest05(void)
187 {
188 HksInitialize();
189 BaseProtocol *self;
190 CreateEcSpekeProtocol(nullptr, true, &self);
191 }
192
ECSpekeTest06(void)193 static void ECSpekeTest06(void)
194 {
195 HksInitialize();
196 CreateEcSpekeProtocol(&g_X25519ParamsC, true, nullptr);
197 }
198
ECSpekeTest07(void)199 static void ECSpekeTest07(void)
200 {
201 HksInitialize();
202 EcSpekeInitParams errParams = { INVALID_CURVE_TYPE, g_authIdC, DEFAULT_OS_ACCOUNT };
203 BaseProtocol *self;
204 CreateEcSpekeProtocol(&errParams, true, &self);
205 }
206
ECSpekeTest08(void)207 static void ECSpekeTest08(void)
208 {
209 HksInitialize();
210 EcSpekeInitParams errParams = { CURVE_TYPE_25519, { nullptr, 0 }, DEFAULT_OS_ACCOUNT };
211 BaseProtocol *self;
212 CreateEcSpekeProtocol(&errParams, true, &self);
213 }
214
ECSpekeTest09(void)215 static void ECSpekeTest09(void)
216 {
217 HksInitialize();
218 BaseProtocol *self;
219 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
220
221 res = self->setPsk(nullptr, &g_psk);
222
223 self->destroy(self);
224 }
225
ECSpekeTest10(void)226 static void ECSpekeTest10(void)
227 {
228 HksInitialize();
229 BaseProtocol *self;
230 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
231 res = self->setPsk(self, nullptr);
232 self->destroy(self);
233 }
234
ECSpekeTest11(void)235 static void ECSpekeTest11(void)
236 {
237 HksInitialize();
238 BaseProtocol *self;
239 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
240
241 Uint8Buff errParams = { nullptr, PSK_SIZE };
242 res = self->setPsk(self, &errParams);
243
244 self->destroy(self);
245 }
246
ECSpekeTest12(void)247 static void ECSpekeTest12(void)
248 {
249 HksInitialize();
250 BaseProtocol *self;
251 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
252
253 Uint8Buff errParams = { (uint8_t *)PSK_VAL, 0 };
254 res = self->setPsk(self, &errParams);
255
256 self->destroy(self);
257 }
258
ECSpekeTest13(void)259 static void ECSpekeTest13(void)
260 {
261 HksInitialize();
262 BaseProtocol *self;
263 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
264
265 CJson *out = nullptr;
266 res = self->start(nullptr, &out);
267
268 self->destroy(self);
269 }
270
ECSpekeTest14(void)271 static void ECSpekeTest14(void)
272 {
273 HksInitialize();
274 BaseProtocol *self;
275 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
276
277 res = self->start(self, nullptr);
278
279 self->destroy(self);
280 }
281
ECSpekeTest15(void)282 static void ECSpekeTest15(void)
283 {
284 HksInitialize();
285 BaseProtocol *self;
286 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
287
288 self->curState = self->finishState;
289
290 CJson *out = nullptr;
291 res = self->start(self, &out);
292
293 self->destroy(self);
294 }
295
ECSpekeTest16(void)296 static void ECSpekeTest16(void)
297 {
298 HksInitialize();
299 BaseProtocol *self;
300 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
301
302 self->curState = self->failState;
303
304 CJson *out = nullptr;
305 res = self->start(self, &out);
306
307 self->destroy(self);
308 }
309
ECSpekeTest17(void)310 static void ECSpekeTest17(void)
311 {
312 HksInitialize();
313 BaseProtocol *self;
314 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
315
316 CJson recvMsg;
317 CJson *sendMsg = nullptr;
318 res = self->process(nullptr, &recvMsg, &sendMsg);
319
320 self->destroy(self);
321 }
322
ECSpekeTest18(void)323 static void ECSpekeTest18(void)
324 {
325 HksInitialize();
326 BaseProtocol *self;
327 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
328
329 CJson *sendMsg = nullptr;
330 res = self->process(self, nullptr, &sendMsg);
331
332 self->destroy(self);
333 }
334
ECSpekeTest19(void)335 static void ECSpekeTest19(void)
336 {
337 HksInitialize();
338 BaseProtocol *self;
339 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
340
341 CJson recvMsg;
342 res = self->process(self, &recvMsg, nullptr);
343
344 self->destroy(self);
345 }
346
ECSpekeTest20(void)347 static void ECSpekeTest20(void)
348 {
349 HksInitialize();
350 BaseProtocol *self;
351 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
352
353 self->curState = self->finishState;
354
355 CJson recvMsg;
356 CJson *sendMsg = nullptr;
357 res = self->process(self, &recvMsg, &sendMsg);
358
359 self->destroy(self);
360 }
361
ECSpekeTest21(void)362 static void ECSpekeTest21(void)
363 {
364 HksInitialize();
365 BaseProtocol *self;
366 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
367
368 self->curState = self->failState;
369
370 CJson recvMsg;
371 CJson *sendMsg = nullptr;
372 res = self->process(self, &recvMsg, &sendMsg);
373
374 self->destroy(self);
375 }
376
ECSpekeTest22(void)377 static void ECSpekeTest22(void)
378 {
379 HksInitialize();
380 BaseProtocol *self;
381 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
382
383 res = self->setSelfProtectedMsg(nullptr, &g_msgC);
384
385 self->destroy(self);
386 }
387
ECSpekeTest23(void)388 static void ECSpekeTest23(void)
389 {
390 HksInitialize();
391 BaseProtocol *self;
392 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
393
394 res = self->setSelfProtectedMsg(self, nullptr);
395
396 self->destroy(self);
397 }
398
ECSpekeTest24(void)399 static void ECSpekeTest24(void)
400 {
401 HksInitialize();
402 BaseProtocol *self;
403 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
404
405 res = self->setPeerProtectedMsg(nullptr, &g_msgS);
406
407 self->destroy(self);
408 }
409
ECSpekeTest25(void)410 static void ECSpekeTest25(void)
411 {
412 HksInitialize();
413 BaseProtocol *self;
414 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
415
416 res = self->setPeerProtectedMsg(self, nullptr);
417
418 self->destroy(self);
419 }
420
ECSpekeTest26(void)421 static void ECSpekeTest26(void)
422 {
423 HksInitialize();
424 BaseProtocol *self;
425 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
426
427 Uint8Buff key = { nullptr, 0 };
428 res = self->getSessionKey(nullptr, &key);
429
430 self->destroy(self);
431 }
432
ECSpekeTest27(void)433 static void ECSpekeTest27(void)
434 {
435 HksInitialize();
436 BaseProtocol *self;
437 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
438
439 res = self->getSessionKey(self, nullptr);
440
441 self->destroy(self);
442 }
443
ECSpekeTest28(void)444 static void ECSpekeTest28(void)
445 {
446 HksInitialize();
447 BaseProtocol *self;
448 int32_t res = CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
449
450 Uint8Buff key = { nullptr, 0 };
451 res = self->getSessionKey(self, &key);
452
453 self->destroy(self);
454 }
455
ECSpekeTest29(void)456 static void ECSpekeTest29(void)
457 {
458 HksInitialize();
459 BaseProtocol *self;
460 CreateEcSpekeProtocol(&g_X25519ParamsC, true, &self);
461
462 self->destroy(nullptr);
463 self->destroy(self);
464 }
465
FuzzDoCallback(const uint8_t * data,size_t size)466 bool FuzzDoCallback(const uint8_t* data, size_t size)
467 {
468 (void)data;
469 (void)size;
470 (void)ECSpekeTest01();
471 (void)ECSpekeTest02();
472 (void)ECSpekeTest03();
473 (void)ECSpekeTest04();
474 (void)ECSpekeTest05();
475 (void)ECSpekeTest06();
476 (void)ECSpekeTest07();
477 (void)ECSpekeTest08();
478 (void)ECSpekeTest09();
479 (void)ECSpekeTest10();
480 (void)ECSpekeTest11();
481 (void)ECSpekeTest12();
482 (void)ECSpekeTest13();
483 (void)ECSpekeTest14();
484 (void)ECSpekeTest15();
485 (void)ECSpekeTest16();
486 (void)ECSpekeTest17();
487 (void)ECSpekeTest18();
488 (void)ECSpekeTest19();
489 (void)ECSpekeTest20();
490 (void)ECSpekeTest21();
491 (void)ECSpekeTest22();
492 (void)ECSpekeTest23();
493 (void)ECSpekeTest24();
494 (void)ECSpekeTest25();
495 (void)ECSpekeTest26();
496 (void)ECSpekeTest27();
497 (void)ECSpekeTest28();
498 (void)ECSpekeTest29();
499 return true;
500 }
501 }
502
503 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)504 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
505 {
506 /* Run your code on data */
507 OHOS::FuzzDoCallback(data, size);
508 return 0;
509 }
510
511