annotate fuzz/fuzzer-verify.c @ 1885:5d8dbb6fdab7

Fix SSH_PUBKEYINFO, limit characters, add tests We fix a bad_bufptr() failure from a previous commit. We now limit the allowed characters to those that will definitely be safe in a shell. Some scripts/programs may use arbitrary environment variables without escaping correctly - that could be a problem in a restricted environment. The current allowed set is a-z A-Z 0-9 .,_-+@ This also adds a test for SSH_PUBKEYINFO, by default it only runs under github actions (or "act -j build").
author Matt Johnston <matt@ucc.asn.au>
date Wed, 16 Mar 2022 17:17:23 +0800
parents d5680e12ac33
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1380
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 #include "fuzz.h"
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 #include "session.h"
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 #include "fuzz-wrapfd.h"
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 #include "debug.h"
1688
e01f9ec6d177 Fix untested rsa-sha256 change to fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
5 #include "dss.h"
1380
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 static void setup_fuzzer(void) {
1456
a90fdd2d2ed8 add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents: 1380
diff changeset
8 fuzz_common_setup();
1380
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 }
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 static buffer *verifydata;
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 /* Tests reading a public key and verifying a signature */
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 static int once = 0;
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 if (!once) {
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 setup_fuzzer();
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 verifydata = buf_new(30);
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 buf_putstring(verifydata, "x", 1);
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 once = 1;
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 }
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22
1456
a90fdd2d2ed8 add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents: 1380
diff changeset
23 if (fuzz_set_input(Data, Size) == DROPBEAR_FAILURE) {
1380
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24 return 0;
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25 }
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 m_malloc_set_epoch(1);
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 if (setjmp(fuzz.jmp) == 0) {
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 sign_key *key = new_sign_key();
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
31 enum signkey_type keytype = DROPBEAR_SIGNKEY_ANY;
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
32 if (buf_get_pub_key(fuzz.input, key, &keytype) == DROPBEAR_SUCCESS) {
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
33 enum signature_type sigtype;
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
34 if (keytype == DROPBEAR_SIGNKEY_RSA) {
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
35 /* Flip a coin to decide rsa signature type */
1688
e01f9ec6d177 Fix untested rsa-sha256 change to fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
36 int flag = buf_getbyte(fuzz.input);
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
37 if (flag & 0x01) {
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
38 sigtype = DROPBEAR_SIGNATURE_RSA_SHA256;
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
39 } else {
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
40 sigtype = DROPBEAR_SIGNATURE_RSA_SHA1;
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
41 }
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
42 } else {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
43 sigtype = signature_type_from_signkey(keytype);
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
44 }
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
45 if (buf_verify(fuzz.input, key, sigtype, verifydata) == DROPBEAR_SUCCESS) {
1529
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
46 /* The fuzzer is capable of generating keys with a signature to match.
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
47 We don't want false positives if the key is bogus, since a client/server
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
48 wouldn't be trusting a bogus key anyway */
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
49 int boguskey = 0;
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
50
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1655
diff changeset
51 if (keytype == DROPBEAR_SIGNKEY_DSS) {
1529
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
52 /* So far have seen dss keys with bad p/q/g domain parameters */
1655
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)
Steffen Jaeckel <s_jaeckel@gmx.de>
parents: 1559
diff changeset
53 int pprime, qprime, trials;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)
Steffen Jaeckel <s_jaeckel@gmx.de>
parents: 1559
diff changeset
54 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->dsskey->p));
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)
Steffen Jaeckel <s_jaeckel@gmx.de>
parents: 1559
diff changeset
55 assert(mp_prime_is_prime(key->dsskey->p, trials, &pprime) == MP_OKAY);
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)
Steffen Jaeckel <s_jaeckel@gmx.de>
parents: 1559
diff changeset
56 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->dsskey->q));
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)
Steffen Jaeckel <s_jaeckel@gmx.de>
parents: 1559
diff changeset
57 assert(mp_prime_is_prime(key->dsskey->q, trials, &qprime) == MP_OKAY);
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)
Steffen Jaeckel <s_jaeckel@gmx.de>
parents: 1559
diff changeset
58 boguskey = !(pprime && qprime);
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)
Steffen Jaeckel <s_jaeckel@gmx.de>
parents: 1559
diff changeset
59 /* Could also check g**q mod p == 1 */
1529
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
60 }
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
61
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
62 if (!boguskey) {
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
63 printf("Random key/signature managed to verify!\n");
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
64 abort();
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
65 }
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
66
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
67
66a1a2547133 The fuzzer has managed to generated DSS key/signature pairs that
Matt Johnston <matt@ucc.asn.au>
parents: 1456
diff changeset
68 }
1380
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
69 }
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
70 sign_key_free(key);
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
71 m_malloc_free_epoch(1, 0);
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
72 } else {
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
73 m_malloc_free_epoch(1, 1);
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
74 TRACE(("dropbear_exit longjmped"))
1559
92c93b4a3646 Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents: 1529
diff changeset
75 /* dropbear_exit jumped here */
1380
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
76 }
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
77
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
78 return 0;
d201105df2ed add fuzzer-verify
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79 }