Skip to content

Commit cca7c57

Browse files
practicalswiftpracticalswift
committed
tests: Add fuzzing harness for ChaCha20Poly1305AEAD
1 parent 2fc4e59 commit cca7c57

File tree

2 files changed

+79
-0
lines changed

2 files changed

+79
-0
lines changed

src/Makefile.test.include

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ FUZZ_TARGETS = \
3636
test/fuzz/crypto_aes256 \
3737
test/fuzz/crypto_aes256cbc \
3838
test/fuzz/crypto_chacha20 \
39+
test/fuzz/crypto_chacha20_poly1305_aead \
3940
test/fuzz/crypto_common \
4041
test/fuzz/crypto_hkdf_hmac_sha256_l32 \
4142
test/fuzz/crypto_poly1305 \
@@ -509,6 +510,12 @@ test_fuzz_crypto_chacha20_LDADD = $(FUZZ_SUITE_LD_COMMON)
509510
test_fuzz_crypto_chacha20_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
510511
test_fuzz_crypto_chacha20_SOURCES = test/fuzz/crypto_chacha20.cpp
511512

513+
test_fuzz_crypto_chacha20_poly1305_aead_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
514+
test_fuzz_crypto_chacha20_poly1305_aead_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
515+
test_fuzz_crypto_chacha20_poly1305_aead_LDADD = $(FUZZ_SUITE_LD_COMMON)
516+
test_fuzz_crypto_chacha20_poly1305_aead_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
517+
test_fuzz_crypto_chacha20_poly1305_aead_SOURCES = test/fuzz/crypto_chacha20_poly1305_aead.cpp
518+
512519
test_fuzz_crypto_common_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
513520
test_fuzz_crypto_common_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
514521
test_fuzz_crypto_common_LDADD = $(FUZZ_SUITE_LD_COMMON)

src/test/fuzz/crypto_chacha20_poly1305_aead.cpp

Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
// Copyright (c) 2020 The Bitcoin Core developers
2+
// Distributed under the MIT software license, see the accompanying
3+
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4+
5+
#include <crypto/chacha_poly_aead.h>
6+
#include <crypto/poly1305.h>
7+
#include <test/fuzz/FuzzedDataProvider.h>
8+
#include <test/fuzz/fuzz.h>
9+
#include <test/fuzz/util.h>
10+
11+
#include <cassert>
12+
#include <cstdint>
13+
#include <limits>
14+
#include <vector>
15+
16+
void test_one_input(const std::vector<uint8_t>& buffer)
17+
{
18+
FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};
19+
20+
const std::vector<uint8_t> k1 = ConsumeFixedLengthByteVector(fuzzed_data_provider, CHACHA20_POLY1305_AEAD_KEY_LEN);
21+
const std::vector<uint8_t> k2 = ConsumeFixedLengthByteVector(fuzzed_data_provider, CHACHA20_POLY1305_AEAD_KEY_LEN);
22+
23+
ChaCha20Poly1305AEAD aead(k1.data(), k1.size(), k2.data(), k2.size());
24+
uint64_t seqnr_payload = 0;
25+
uint64_t seqnr_aad = 0;
26+
int aad_pos = 0;
27+
size_t buffer_size = fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, 4096);
28+
std::vector<uint8_t> in(buffer_size + CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN, 0);
29+
std::vector<uint8_t> out(buffer_size + CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN, 0);
30+
bool is_encrypt = fuzzed_data_provider.ConsumeBool();
31+
while (fuzzed_data_provider.ConsumeBool()) {
32+
switch (fuzzed_data_provider.ConsumeIntegralInRange<int>(0, 6)) {
33+
case 0: {
34+
buffer_size = fuzzed_data_provider.ConsumeIntegralInRange<size_t>(64, 4096);
35+
in = std::vector<uint8_t>(buffer_size + CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN, 0);
36+
out = std::vector<uint8_t>(buffer_size + CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN, 0);
37+
break;
38+
}
39+
case 1: {
40+
(void)aead.Crypt(seqnr_payload, seqnr_aad, aad_pos, out.data(), out.size(), in.data(), buffer_size, is_encrypt);
41+
break;
42+
}
43+
case 2: {
44+
uint32_t len = 0;
45+
const bool ok = aead.GetLength(&len, seqnr_aad, aad_pos, in.data());
46+
assert(ok);
47+
break;
48+
}
49+
case 3: {
50+
seqnr_payload += 1;
51+
aad_pos += CHACHA20_POLY1305_AEAD_AAD_LEN;
52+
if (aad_pos + CHACHA20_POLY1305_AEAD_AAD_LEN > CHACHA20_ROUND_OUTPUT) {
53+
aad_pos = 0;
54+
seqnr_aad += 1;
55+
}
56+
break;
57+
}
58+
case 4: {
59+
seqnr_payload = fuzzed_data_provider.ConsumeIntegral<int>();
60+
break;
61+
}
62+
case 5: {
63+
seqnr_aad = fuzzed_data_provider.ConsumeIntegral<int>();
64+
break;
65+
}
66+
case 6: {
67+
is_encrypt = fuzzed_data_provider.ConsumeBool();
68+
break;
69+
}
70+
}
71+
}
72+
}

0 commit comments

Comments
 (0)