1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <cstddef>
17 #include <cstdint>
18 #include <memory>
19 #include "securec.h"
20 #include "../profile_resources.h"
21 
22 namespace OHOS {
23 namespace SignatureTools {
SignProfileTest001(const uint8_t* data, size_t size)24 bool SignProfileTest001(const uint8_t* data, size_t size)
25 {
26     std::string content(data, data + size);
27     Options options;
28     std::string mode = SIGN_PROFILE_MODE;
29     std::string keyAlias = SIGN_PROFILE_KEY_ALIAS;
30     std::string profileCertFile = SIGN_PROFILE_PROFILE_CERT_FILE;
31     std::string signAlg = SIGN_PROFILE_SIGN_ALG;
32     std::string keystoreFile = SIGN_PROFILE_KEY_STORE_FILE;
33     std::string outFile = SIGN_PROFILE_OUT_FILE;
34     std::string inFile = SIGN_PROFILE_IN_FILE;
35     char keyStorePwd[] = "123456";
36     char keypwd[] = "123456";
37     options[Options::KEY_ALIAS] = keyAlias;
38     options[Options::MODE] = mode;
39     options[Options::PROFILE_CERT_FILE] = profileCertFile;
40     options[Options::SIGN_ALG] = signAlg;
41     options[Options::KEY_STORE_FILE] = keystoreFile;
42     options[Options::OUT_FILE] = outFile;
43     options[Options::IN_FILE] = inFile;
44     options[Options::KEY_RIGHTS] = keypwd;
45     options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
46 
47     LocalizationAdapter adapter(&options);
48     SignerFactory factory;
49     std::shared_ptr<Signer> signer = factory.GetSigner(adapter);
50     PKCS7Data p7;
51     std::string p7b;
52     int result = p7.Sign(content, signer, signAlg, p7b);
53     return result == 0;
54 }
55 
SignProfileTest002(const uint8_t* data, size_t size)56 bool SignProfileTest002(const uint8_t* data, size_t size)
57 {
58     std::string content(data, data + size);
59     Options options;
60     std::string mode = SIGN_PROFILE_MODE;
61     std::string keyAlias = SIGN_PROFILE_KEY_ALIAS;
62     std::string profileCertFile = SIGN_PROFILE_PROFILE_CERT_FILE;
63     std::string signAlg = SIGN_PROFILE_SIGN_ALG;
64     std::string keystoreFile = SIGN_PROFILE_KEY_STORE_FILE;
65     std::string outFile = SIGN_PROFILE_OUT_FILE;
66     std::string inFile = SIGN_PROFILE_IN_FILE;
67     char keyStorePwd[] = "123456";
68     char keypwd[] = "123456";
69     options[Options::KEY_ALIAS] = keyAlias;
70     options[Options::MODE] = mode;
71     options[Options::PROFILE_CERT_FILE] = profileCertFile;
72     options[Options::SIGN_ALG] = signAlg;
73     options[Options::KEY_STORE_FILE] = keystoreFile;
74     options[Options::OUT_FILE] = outFile;
75     options[Options::IN_FILE] = inFile;
76     options[Options::KEY_RIGHTS] = keypwd;
77     options[Options::KEY_STORE_RIGHTS] = keyStorePwd;
78 
79     LocalizationAdapter adapter(&options);
80     SignerFactory factory;
81     std::shared_ptr<Signer> signer = factory.GetSigner(adapter);
82     STACK_OF(X509)* certs = signer->GetCertificates();
83     PKCS7Data::PrintCertChainSub(certs);
84     return true;
85 }
86 
SignProfileTest003(const uint8_t* data, size_t size)87 bool SignProfileTest003(const uint8_t* data, size_t size)
88 {
89     ASN1_TIME* time_ = ASN1_TIME_new();
90     time_t now;
91     if (time(&now) < 0) {
92         return false;
93     }
94     ASN1_TIME_set(time_, now);
95     std::string result = PKCS7Data::GetASN1Time(time_);
96     ASN1_TIME_free(time_);
97     return result.empty() == false;
98 }
99 
SignProfileTest004(const uint8_t* data, size_t size)100 bool SignProfileTest004(const uint8_t* data, size_t size)
101 {
102     ProfileInfo info;
103     info.type = ProvisionType::RELEASE;
104     ProfileInfo info2(info);
105     return true;
106 }
107 
SignProfileTest005(const uint8_t* data, size_t size)108 bool SignProfileTest005(const uint8_t* data, size_t size)
109 {
110     std::string  provision = "{\"app-distribution-type\": \"app_gallery\",\"b"
111         "undle-info\":{\"app-feature\":\"hos_system_app\",\"bundle-name\":\"com.Op"
112         "enHarmony.app.test\",\"developer-id\":\"OpenHarmony\",\"distribution-certif"
113         "icate\":\"-----BEGIN CERTIFICATE-----\\n"
114         "MIICMzCCAbegAwIBAgIEaOC/zDAMBggqhkjOPQQDAwUAMGMxCzAJBgNVBAYTAkNO\\n"
115         "MRQwEgYDVQQKEwtPcGVuSGFybW9ueTEZMBcGA1UECxMQT3Blbkhhcm1vbnkgVGVh\\n"
116         "bTEjMCEGA1UEAxMaT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gQ0EwHhcNMjEwMjAy\\n"
117         "MTIxOTMxWhcNNDkxMjMxMTIxOTMxWjBoMQswCQYDVQQGEwJDTjEUMBIGA1UEChML\\n"
118         "T3Blbkhhcm1vbnkxGTAXBgNVBAsTEE9wZW5IYXJtb255IFRlYW0xKDAmBgNVBAMT\\n"
119         "H09wZW5IYXJtb255IEFwcGxpY2F0aW9uIFJlbGVhc2UwWTATBgcqhkjOPQIBBggq\\n"
120         "hkjOPQMBBwNCAATbYOCQQpW5fdkYHN45v0X3AHax12jPBdEDosFRIZ1eXmxOYzSG\\n"
121         "JwMfsHhUU90E8lI0TXYZnNmgM1sovubeQqATo1IwUDAfBgNVHSMEGDAWgBTbhrci\\n"
122         "FtULoUu33SV7ufEFfaItRzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0OBBYEFPtxruhl\\n"
123         "cRBQsJdwcZqLu9oNUVgaMAwGCCqGSM49BAMDBQADaAAwZQIxAJta0PQ2p4DIu/ps\\n"
124         "LMdLCDgQ5UH1l0B4PGhBlMgdi2zf8nk9spazEQI/0XNwpft8QAIwHSuA2WelVi/o\\n"
125         "zAlF08DnbJrOOtOnQq5wHOPlDYB4OtUzOYJk9scotrEnJxJzGsh/\\n"
126         "-----END CERTIFICATE-----\\n"
127         "\"},\"debug-info\":{\"device-id-type\":\"udid\",\"device-ids\":[\"69C75"
128         "05BE341BDA5948C3C0CB44ABCD530296054159EFE0BD16A16CD0129CC42\",\"7EED0650"
129         "6FCE6325EB2E2FAA019458B856AB10493A6718C7679A73F958732865\"]},\"iss"
130         "uer\":\"pki_internal\",\"permissions\":{\"restricted-permissions\":"
131         "[\"\"]},\"type\":\"release\",\"uuid\":\"fe686e1b-3770-4824-a938-961b140"
132         "a7c98\",\"validity\":{\"not-after\":1705127532,\"not-before\":16105195"
133         "32},\"version-code\":1,\"version-name\":\"1.0.0\"}";
134     ProfileInfo info;
135     AppProvisionVerifyResult result = ParseAndVerify(provision, info);
136     return result == AppProvisionVerifyResult::PROVISION_OK;
137 }
138 
DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size)139 bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size)
140 {
141     SignProfileTest001(data, size);
142     SignProfileTest002(data, size);
143     SignProfileTest003(data, size);
144     SignProfileTest004(data, size);
145     SignProfileTest005(data, size);
146     return true;
147 }
148 }
149 }
150 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)151 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
152 {
153     /* Run your code on data */
154     OHOS::SignatureTools::DoSomethingInterestingWithMyAPI(data, size);
155     return 0;
156 }