Mercurial > dropbear
annotate fuzzer-pubkey.c @ 1659:d32bcb5c557d
Add Ed25519 support (#91)
* Add support for Ed25519 as a public key type
Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.
OpenSSH key import and fuzzer are not supported yet.
Initially inspired by Peter Szabo.
* Add curve25519 and ed25519 fuzzers
* Add import and export of Ed25519 keys
| author | Vladislav Grishenko <themiron@users.noreply.github.com> |
|---|---|
| date | Wed, 11 Mar 2020 21:09:45 +0500 |
| parents | 252b406d0e9a |
| children | ba6fc7afe1c5 |
| rev | line source |
|---|---|
| 1369 | 1 #include "fuzz.h" |
| 2 #include "session.h" | |
| 3 #include "fuzz-wrapfd.h" | |
| 4 #include "debug.h" | |
| 5 | |
| 6 static void setup_fuzzer(void) { | |
|
1456
a90fdd2d2ed8
add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents:
1383
diff
changeset
|
7 fuzz_common_setup(); |
| 1369 | 8 } |
| 9 | |
| 10 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { | |
| 11 static int once = 0; | |
| 12 if (!once) { | |
| 13 setup_fuzzer(); | |
| 14 once = 1; | |
| 15 } | |
| 16 | |
|
1456
a90fdd2d2ed8
add fuzzer-preauth_nomaths
Matt Johnston <matt@ucc.asn.au>
parents:
1383
diff
changeset
|
17 if (fuzz_set_input(Data, Size) == DROPBEAR_FAILURE) { |
|
1377
d4cc85e6c569
rearrange, all fuzzers now call fuzzer_set_input()
Matt Johnston <matt@ucc.asn.au>
parents:
1369
diff
changeset
|
18 return 0; |
|
d4cc85e6c569
rearrange, all fuzzers now call fuzzer_set_input()
Matt Johnston <matt@ucc.asn.au>
parents:
1369
diff
changeset
|
19 } |
|
d4cc85e6c569
rearrange, all fuzzers now call fuzzer_set_input()
Matt Johnston <matt@ucc.asn.au>
parents:
1369
diff
changeset
|
20 |
| 1369 | 21 m_malloc_set_epoch(1); |
| 22 | |
|
1584
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
23 if (setjmp(fuzz.jmp) == 0) { |
|
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
24 buffer *line = buf_getstringbuf(fuzz.input); |
|
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
25 buffer *keyblob = buf_getstringbuf(fuzz.input); |
|
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
26 |
|
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
27 unsigned int algolen; |
|
1586
e6a5e51a29c9
- fuzzer-pubkey needs to free algoname, fix build
Matt Johnston <matt@ucc.asn.au>
parents:
1584
diff
changeset
|
28 char* algoname = buf_getstring(keyblob, &algolen); |
| 1369 | 29 |
|
1586
e6a5e51a29c9
- fuzzer-pubkey needs to free algoname, fix build
Matt Johnston <matt@ucc.asn.au>
parents:
1584
diff
changeset
|
30 if (have_algo(algoname, algolen, sshhostkey) == DROPBEAR_FAILURE) { |
|
1584
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
31 dropbear_exit("fuzzer imagined a bogus algorithm"); |
|
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
32 } |
|
1598
252b406d0e9a
avoid leak of pubkey_options
Matt Johnston <matt@ucc.asn.au>
parents:
1586
diff
changeset
|
33 |
|
252b406d0e9a
avoid leak of pubkey_options
Matt Johnston <matt@ucc.asn.au>
parents:
1586
diff
changeset
|
34 int ret = fuzz_checkpubkey_line(line, 5, "/home/me/authorized_keys", |
|
1584
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
35 algoname, algolen, |
|
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
36 keyblob->data, keyblob->len); |
|
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
37 |
|
1598
252b406d0e9a
avoid leak of pubkey_options
Matt Johnston <matt@ucc.asn.au>
parents:
1586
diff
changeset
|
38 if (ret == DROPBEAR_SUCCESS) { |
|
252b406d0e9a
avoid leak of pubkey_options
Matt Johnston <matt@ucc.asn.au>
parents:
1586
diff
changeset
|
39 /* fuzz_checkpubkey_line() should have cleaned up for failure */ |
|
252b406d0e9a
avoid leak of pubkey_options
Matt Johnston <matt@ucc.asn.au>
parents:
1586
diff
changeset
|
40 svr_pubkey_options_cleanup(); |
|
252b406d0e9a
avoid leak of pubkey_options
Matt Johnston <matt@ucc.asn.au>
parents:
1586
diff
changeset
|
41 } |
|
252b406d0e9a
avoid leak of pubkey_options
Matt Johnston <matt@ucc.asn.au>
parents:
1586
diff
changeset
|
42 |
|
1584
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
43 buf_free(line); |
|
cdfab509c392
use random keyblob from the fuzzer instead
Matt Johnston <matt@ucc.asn.au>
parents:
1559
diff
changeset
|
44 buf_free(keyblob); |
|
1586
e6a5e51a29c9
- fuzzer-pubkey needs to free algoname, fix build
Matt Johnston <matt@ucc.asn.au>
parents:
1584
diff
changeset
|
45 m_free(algoname); |
|
1383
f03cfe9c76ac
Disable setnonblocking(), get_socket_address(), set_sock_priority()
Matt Johnston <matt@ucc.asn.au>
parents:
1378
diff
changeset
|
46 m_malloc_free_epoch(1, 0); |
| 1369 | 47 } else { |
| 1378 | 48 m_malloc_free_epoch(1, 1); |
| 1369 | 49 TRACE(("dropbear_exit longjmped")) |
|
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1456
diff
changeset
|
50 /* dropbear_exit jumped here */ |
| 1369 | 51 } |
| 52 | |
| 53 return 0; | |
| 54 } |