Mercurial > dropbear
comparison fuzzer-verify.c @ 1675:ae41624c2198
split signkey_type and signature_type for RSA sha1 vs sha256
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sun, 17 May 2020 23:58:31 +0800 |
parents | f52919ffd3b1 |
children | d5cdc60db08e |
comparison
equal
deleted
inserted
replaced
1674:ba6fc7afe1c5 | 1675:ae41624c2198 |
---|---|
25 | 25 |
26 m_malloc_set_epoch(1); | 26 m_malloc_set_epoch(1); |
27 | 27 |
28 if (setjmp(fuzz.jmp) == 0) { | 28 if (setjmp(fuzz.jmp) == 0) { |
29 sign_key *key = new_sign_key(); | 29 sign_key *key = new_sign_key(); |
30 enum signkey_type type = DROPBEAR_SIGNKEY_ANY; | 30 enum signkey_type keytype = DROPBEAR_SIGNKEY_ANY; |
31 if (buf_get_pub_key(fuzz.input, key, &type) == DROPBEAR_SUCCESS) { | 31 if (buf_get_pub_key(fuzz.input, key, &keytype) == DROPBEAR_SUCCESS) { |
32 if (buf_verify(fuzz.input, key, verifydata) == DROPBEAR_SUCCESS) { | 32 enum signature_type sigtype = (enum signature_type)keytype; |
33 if (keytype == DROPBEAR_SIGNKEY_RSA) { | |
34 /* Flip a coin to decide rsa signature type */ | |
35 int flag = buf_getbyte(fuzz_input); | |
36 if (flag & 0x01) { | |
37 sigtype = DROPBEAR_SIGNATURE_RSA_SHA256; | |
38 } else { | |
39 sigtype = DROPBEAR_SIGNATURE_RSA_SHA1; | |
40 } | |
41 } | |
42 if (buf_verify(fuzz.input, key, sigtype, verifydata) == DROPBEAR_SUCCESS) { | |
33 /* The fuzzer is capable of generating keys with a signature to match. | 43 /* The fuzzer is capable of generating keys with a signature to match. |
34 We don't want false positives if the key is bogus, since a client/server | 44 We don't want false positives if the key is bogus, since a client/server |
35 wouldn't be trusting a bogus key anyway */ | 45 wouldn't be trusting a bogus key anyway */ |
36 int boguskey = 0; | 46 int boguskey = 0; |
37 | 47 |
38 if (type == DROPBEAR_SIGNKEY_DSS) { | 48 if (keytype == DROPBEAR_SIGNKEY_DSS) { |
39 /* So far have seen dss keys with bad p/q/g domain parameters */ | 49 /* So far have seen dss keys with bad p/q/g domain parameters */ |
40 int pprime, qprime, trials; | 50 int pprime, qprime, trials; |
41 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->dsskey->p)); | 51 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->dsskey->p)); |
42 assert(mp_prime_is_prime(key->dsskey->p, trials, &pprime) == MP_OKAY); | 52 assert(mp_prime_is_prime(key->dsskey->p, trials, &pprime) == MP_OKAY); |
43 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->dsskey->q)); | 53 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->dsskey->q)); |