Mercurial > dropbear
view fuzzer-pubkey.c @ 1638:315fcba6960e
dropbearconvert: keyimport.c: fix BER encoding of secp521r1 keys (#69)
keysizes >= 128 octets will be encoded with a 3 byte header
which must be accounted by the optional-header
Reproduce:
master:~/build/dropbear$ ./dropbearkey -t ecdsa -s 521 -f K
Generating 521 bit ecdsa key, this may take a while...
master:~/build/dropbear$ ./dropbearconvert d o K L
Key is a ecdsa-sha2-nistp521 key
Wrote key to 'L'
master:~/build/dropbear$ openssl ec < L
read EC key
unable to load Key
139769806448384:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:crypto/asn1/asn1_lib.c:91:
| author | Christian Hohnstädt <christian@hohnstaedt.de> |
|---|---|
| date | Wed, 20 Mar 2019 16:42:47 +0100 |
| parents | 252b406d0e9a |
| children | ba6fc7afe1c5 |
line wrap: on
line source
#include "fuzz.h" #include "session.h" #include "fuzz-wrapfd.h" #include "debug.h" static void setup_fuzzer(void) { fuzz_common_setup(); } int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { static int once = 0; if (!once) { setup_fuzzer(); once = 1; } if (fuzz_set_input(Data, Size) == DROPBEAR_FAILURE) { return 0; } m_malloc_set_epoch(1); if (setjmp(fuzz.jmp) == 0) { buffer *line = buf_getstringbuf(fuzz.input); buffer *keyblob = buf_getstringbuf(fuzz.input); unsigned int algolen; char* algoname = buf_getstring(keyblob, &algolen); if (have_algo(algoname, algolen, sshhostkey) == DROPBEAR_FAILURE) { dropbear_exit("fuzzer imagined a bogus algorithm"); } int ret = fuzz_checkpubkey_line(line, 5, "/home/me/authorized_keys", algoname, algolen, keyblob->data, keyblob->len); if (ret == DROPBEAR_SUCCESS) { /* fuzz_checkpubkey_line() should have cleaned up for failure */ svr_pubkey_options_cleanup(); } buf_free(line); buf_free(keyblob); m_free(algoname); m_malloc_free_epoch(1, 0); } else { m_malloc_free_epoch(1, 1); TRACE(("dropbear_exit longjmped")) /* dropbear_exit jumped here */ } return 0; }