Mercurial > dropbear-fuzzcorpus

changeset 2:e5383cd558e5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fuzzer-verify corpus
author Matt Johnston <matt@ucc.asn.au>
date Fri, 26 May 2017 00:20:12 +0800
parents 60619c0e8ac6
children 5e4454cc7b17
files Makefile fuzzer-verify/dss-1 fuzzer-verify/ecdsa256-1 fuzzer-verify/ecdsa384-1 fuzzer-verify/ecdsa521-1 fuzzer-verify/rsa-1 make_verify.py
diffstat 7 files changed, 30 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/Makefile	Thu May 25 22:18:44 2017 +0800
+++ b/Makefile	Fri May 26 00:20:12 2017 +0800
@@ -1,4 +1,4 @@
-FUZZ_TARGETS=fuzzer-preauth
+FUZZ_TARGETS=fuzzer-preauth fuzzer-pubkey fuzzer-verify
 
 CORPUSES = $(addsuffix _seed_corpus.zip, $(FUZZ_TARGETS))
 
Binary file fuzzer-verify/dss-1 has changed
Binary file fuzzer-verify/ecdsa256-1 has changed
Binary file fuzzer-verify/ecdsa384-1 has changed
Binary file fuzzer-verify/ecdsa521-1 has changed
Binary file fuzzer-verify/rsa-1 has changed
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make_verify.py	Fri May 26 00:20:12 2017 +0800
@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+
+""" takes a pubkey, turns it into fuzzer-verify input """
+
+import sys
+import struct
+import re
+import binascii
+
+BLOB_RE=re.compile(r'(?:ssh-rsa|ecdsa-\S+|ssh-dss) ([a-zA-Z0-9/+=]+)')
+
+inp = sys.stdin.read()
+b64blob = BLOB_RE.search(inp).groups(1)[0]
+
+blob = binascii.a2b_base64(b64blob)
+
+sigtypelen = struct.unpack('>I', blob[:4])[0]
+sigtype = blob[4:4+sigtypelen]
+print("Type is %s" % sigtype, file=sys.stderr)
+
+# a bodgy key followed by signature
+# eg rfc4253
+#      string    "ssh-rsa"
+#      string    rsa_signature_blob
+sys.stdout.buffer.write(blob)
+sys.stdout.buffer.write(struct.pack('>I', sigtypelen))
+sys.stdout.buffer.write(sigtype)
+sys.stdout.buffer.write(struct.pack('>II', 4, 20))
+