OSX/sec/SOSCircle/Regressions/sc-31-peerinfo-simplefuzz.c

   1 /*
   2  *  sc-31-peerinfo.c
   3  *
   4  *  Copyright (c) 2012-2014 Apple Inc. All Rights Reserved.
   5  *
   6  */
   7
   8
   9 #include <Security/SecBase.h>
  10 #include <Security/SecItem.h>
  11 #include <Security/SecKey.h>
  12 #include <Security/SecKeyPriv.h>
  13 #include <SOSPeerInfoDER.h>
  14
  15 #include <Security/SecureObjectSync/SOSCircle.h>
  16 #include <Security/SecureObjectSync/SOSPeerInfo.h>
  17 #include <Security/SecureObjectSync/SOSPeerInfoCollections.h>
  18 #include <Security/SecureObjectSync/SOSInternal.h>
  19 #include <Security/SecureObjectSync/SOSUserKeygen.h>
  20
  21 #include <utilities/SecCFWrappers.h>
  22
  23 #include <CoreFoundation/CoreFoundation.h>
  24
  25 #include <stdlib.h>
  26 #include <unistd.h>
  27
  28 #include "SOSCircle_regressions.h"
  29
  30 #include "SOSRegressionUtilities.h"
  31
  32 #if TARGET_OS_IPHONE
  33 #include <MobileGestalt.h>
  34 #endif
  35
  36 static unsigned long kTestCount = 2;
  37 static unsigned long kTestFuzzerCount = 20000;
  38
  39 static void tests(void)
  40 {
  41     SecKeyRef signingKey = NULL;
  42     SecKeyRef octagonSigningKey = NULL;
  43     SecKeyRef octagonEncryptionKey = NULL;
  44     SOSFullPeerInfoRef fpi = SOSCreateFullPeerInfoFromName(CFSTR("Test Peer"), &signingKey, &octagonSigningKey, &octagonEncryptionKey, NULL);
  45     SOSPeerInfoRef pi = SOSFullPeerInfoGetPeerInfo(fpi);
  46     unsigned long count;
  47
  48     ok(NULL != pi, "info creation");
  49     size_t size = SOSPeerInfoGetDEREncodedSize(pi, NULL);
  50
  51     uint8_t buffer[size+100]; // make the buffer long enough to hold the DER + some room for the fuzzing
  52
  53     const uint8_t *buffer_p = SOSPeerInfoEncodeToDER(pi, NULL, buffer, buffer + sizeof(buffer));
  54
  55     ok(buffer_p != NULL, "encode");
  56
  57     size_t length = (buffer + sizeof(buffer)) - buffer_p;
  58     // diag("size %lu length %lu\n", size, length);
  59     uint8_t buffer2[length];
  60     if(buffer_p == NULL) goto errOut;
  61
  62         for (count = 0; count < kTestFuzzerCount; count++) {
  63             memcpy(buffer2, buffer_p, length);
  64
  65             const uint8_t *startp = buffer2;
  66             size_t offset = arc4random_uniform((u_int32_t)length);
  67             uint8_t value = arc4random() & 0xff;
  68             // diag("Offset %lu value %d\n", offset, value);
  69             buffer2[offset] = value;
  70
  71             SOSPeerInfoRef pi2 = SOSPeerInfoCreateFromDER(NULL, NULL, &startp, buffer2 + length);
  72             CFReleaseNull(pi2);
  73             ok(1, "fuzz");
  74         }
  75
  76 errOut:
  77     CFReleaseNull(signingKey);
  78     CFReleaseNull(octagonSigningKey);
  79     CFReleaseNull(octagonEncryptionKey);
  80     CFReleaseNull(fpi);
  81 }
  82
  83 int sc_31_peerinfo(int argc, char *const *argv)
  84 {
  85     plan_tests((int)(kTestCount + kTestFuzzerCount));
  86
  87     tests();
  88
  89         return 0;
  90 }