Refactored keymaster4_utils_fuzzer
The following are the updates to the fuzzer:
1. Randomized order of apis.
Test: ./keymaster4_utils_fuzzer
exec/s: 4950
Bug: 302149569
Change-Id: Ie5d80a4e1d28ddd76a9c16609d20995d93710965
diff --git a/keymaster/4.0/support/fuzzer/keymaster4_utils_fuzzer.cpp b/keymaster/4.0/support/fuzzer/keymaster4_utils_fuzzer.cpp
index bf074e8..55c2630 100644
--- a/keymaster/4.0/support/fuzzer/keymaster4_utils_fuzzer.cpp
+++ b/keymaster/4.0/support/fuzzer/keymaster4_utils_fuzzer.cpp
@@ -46,33 +46,42 @@
support::getOsVersion();
support::getOsPatchlevel();
- VerificationToken token;
- token.challenge = mFdp->ConsumeIntegral<uint64_t>();
- token.timestamp = mFdp->ConsumeIntegral<uint64_t>();
- token.securityLevel = mFdp->PickValueInArray(kSecurityLevel);
- size_t vectorSize = mFdp->ConsumeIntegralInRange<size_t>(0, kMaxVectorSize);
- token.mac.resize(vectorSize);
- for (size_t n = 0; n < vectorSize; ++n) {
- token.mac[n] = n;
+ while (mFdp->remaining_bytes() > 0) {
+ auto keymaster_function = mFdp->PickValueInArray<const std::function<void()>>({
+ [&]() {
+ VerificationToken token;
+ token.challenge = mFdp->ConsumeIntegral<uint64_t>();
+ token.timestamp = mFdp->ConsumeIntegral<uint64_t>();
+ token.securityLevel = mFdp->PickValueInArray(kSecurityLevel);
+ size_t vectorSize = mFdp->ConsumeIntegralInRange<size_t>(0, kMaxVectorSize);
+ token.mac.resize(vectorSize);
+ for (size_t n = 0; n < vectorSize; ++n) {
+ token.mac[n] = mFdp->ConsumeIntegral<uint8_t>();
+ }
+ std::optional<std::vector<uint8_t>> serialized =
+ serializeVerificationToken(token);
+ if (serialized.has_value()) {
+ std::optional<VerificationToken> deserialized =
+ deserializeVerificationToken(serialized.value());
+ }
+ },
+ [&]() {
+ std::vector<uint8_t> dataVector;
+ size_t size = mFdp->ConsumeIntegralInRange<size_t>(0, sizeof(hw_auth_token_t));
+ dataVector = mFdp->ConsumeBytes<uint8_t>(size);
+ support::blob2hidlVec(dataVector.data(), dataVector.size());
+ support::blob2hidlVec(dataVector);
+ HardwareAuthToken authToken = support::hidlVec2AuthToken(dataVector);
+ hidl_vec<uint8_t> volatile hidlVector = support::authToken2HidlVec(authToken);
+ },
+ [&]() {
+ std::string str = mFdp->ConsumeRandomLengthString(kMaxCharacters);
+ support::blob2hidlVec(str);
+ },
+ });
+ keymaster_function();
}
- std::optional<std::vector<uint8_t>> serialized = serializeVerificationToken(token);
- if (serialized.has_value()) {
- std::optional<VerificationToken> deserialized =
- deserializeVerificationToken(serialized.value());
- }
-
- std::vector<uint8_t> dataVector;
- size_t size = mFdp->ConsumeIntegralInRange<size_t>(0, sizeof(hw_auth_token_t));
- dataVector = mFdp->ConsumeBytes<uint8_t>(size);
- support::blob2hidlVec(dataVector.data(), dataVector.size());
-
- support::blob2hidlVec(dataVector);
-
- std::string str = mFdp->ConsumeRandomLengthString(kMaxCharacters);
- support::blob2hidlVec(str);
-
- HardwareAuthToken authToken = support::hidlVec2AuthToken(dataVector);
- hidl_vec<uint8_t> volatile hidlVector = support::authToken2HidlVec(authToken);
+ return;
}
void KeyMaster4UtilsFuzzer::process(const uint8_t* data, size_t size) {