aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-12-08 22:39:57 -0500
committerJack Lloyd <[email protected]>2016-12-08 22:41:39 -0500
commitb9de14fd8ce50064870d57e366ce99720ae9f4b8 (patch)
tree328bef42ff9a65738a26671db5d8e3ea94e17bb7
parent047e3f3cdc2720ba6ce38af2b4911ace9d5de27b (diff)
Avoid use of system RNG in fuzzers
Seemingly /dev/urandom not accessible in ClusterFuzz env [ci skip]
-rw-r--r--src/extra_tests/fuzzers/jigs/driver.h33
-rw-r--r--src/extra_tests/fuzzers/jigs/ecc_helper.h7
-rw-r--r--src/extra_tests/fuzzers/jigs/pkcs8.cpp4
-rw-r--r--src/extra_tests/fuzzers/jigs/ressol.cpp3
-rw-r--r--src/extra_tests/fuzzers/jigs/tls_client.cpp4
-rw-r--r--src/extra_tests/fuzzers/jigs/tls_server.cpp6
6 files changed, 41 insertions, 16 deletions
diff --git a/src/extra_tests/fuzzers/jigs/driver.h b/src/extra_tests/fuzzers/jigs/driver.h
index 530cc80b7..aea7274a1 100644
--- a/src/extra_tests/fuzzers/jigs/driver.h
+++ b/src/extra_tests/fuzzers/jigs/driver.h
@@ -12,6 +12,7 @@
#include <vector>
#include <stdlib.h> // for setenv
#include <botan/exceptn.h>
+#include <botan/rng.h>
using namespace Botan;
@@ -71,6 +72,38 @@ int main(int argc, char* argv[])
// Some helpers for the fuzzer jigs
+Botan::RandomNumberGenerator& fuzzer_rng()
+ {
+ class ChaCha20_RNG : public Botan::RandomNumberGenerator
+ {
+ public:
+ std::string name() const override { return "ChaCha20_RNG"; }
+ void clear() override { /* ignored */ }
+
+ void randomize(uint8_t out[], size_t len) override
+ {
+ Botan::clear_mem(out, len);
+ m_chacha.cipher1(out, len);
+ }
+
+ bool is_seeded() const override { return true; }
+
+ void add_entropy(const uint8_t[], size_t) override { /* ignored */ }
+
+ ChaCha20_RNG()
+ {
+ std::vector<uint8_t> seed(32, 0x82);
+ m_chacha.set_key(seed);
+ }
+
+ private:
+ Botan::ChaCha m_chacha;
+ };
+
+ static ChaCha20_RNG rng;
+ return rng;
+ }
+
#define FUZZER_ASSERT_EQUAL(x, y) do { \
if(x != y) { \
std::cerr << #x << " = " << x << " !=\n" << #y << " = " << y \
diff --git a/src/extra_tests/fuzzers/jigs/ecc_helper.h b/src/extra_tests/fuzzers/jigs/ecc_helper.h
index 9848e6a9e..9b1774ee4 100644
--- a/src/extra_tests/fuzzers/jigs/ecc_helper.h
+++ b/src/extra_tests/fuzzers/jigs/ecc_helper.h
@@ -10,7 +10,6 @@
#include <botan/curve_gfp.h>
#include <botan/ec_group.h>
#include <botan/reducer.h>
-#include <botan/system_rng.h>
void check_redc(std::function<void (BigInt&, secure_vector<word>&)> redc_fn,
const Modular_Reducer& redc,
@@ -60,9 +59,9 @@ void check_ecc_math(const EC_Group& group, const uint8_t in[], size_t len)
Botan::Blinded_Point_Multiply blind(base_point, group_order, 4);
- const Botan::PointGFp P1 = blind.blinded_multiply(a, system_rng());
- const Botan::PointGFp Q1 = blind.blinded_multiply(b, system_rng());
- const Botan::PointGFp R1 = blind.blinded_multiply(c, system_rng());
+ const Botan::PointGFp P1 = blind.blinded_multiply(a, fuzzer_rng());
+ const Botan::PointGFp Q1 = blind.blinded_multiply(b, fuzzer_rng());
+ const Botan::PointGFp R1 = blind.blinded_multiply(c, fuzzer_rng());
const Botan::PointGFp S1 = P1 + Q1;
const Botan::PointGFp S2 = Q1 + P1;
diff --git a/src/extra_tests/fuzzers/jigs/pkcs8.cpp b/src/extra_tests/fuzzers/jigs/pkcs8.cpp
index 69e2c193f..47c0068ad 100644
--- a/src/extra_tests/fuzzers/jigs/pkcs8.cpp
+++ b/src/extra_tests/fuzzers/jigs/pkcs8.cpp
@@ -6,15 +6,13 @@
#include "driver.h"
#include <botan/pkcs8.h>
-#include <botan/system_rng.h>
void fuzz(const uint8_t in[], size_t len)
{
try
{
- System_RNG rng;
DataSource_Memory input(in, len);
- std::unique_ptr<Private_Key> key(PKCS8::load_key(input, rng));
+ std::unique_ptr<Private_Key> key(PKCS8::load_key(input, fuzzer_rng()));
}
catch(Botan::Exception& e) { }
}
diff --git a/src/extra_tests/fuzzers/jigs/ressol.cpp b/src/extra_tests/fuzzers/jigs/ressol.cpp
index 011194866..4c3f8df69 100644
--- a/src/extra_tests/fuzzers/jigs/ressol.cpp
+++ b/src/extra_tests/fuzzers/jigs/ressol.cpp
@@ -6,7 +6,6 @@
#include "driver.h"
#include <botan/numthry.h>
-#include <botan/system_rng.h>
void fuzz(const uint8_t in[], size_t len)
{
@@ -32,7 +31,7 @@ void fuzz(const uint8_t in[], size_t len)
BigInt a_redc = a % n;
if(z != a_redc)
{
- if(is_prime(n, system_rng(), 64))
+ if(is_prime(n, fuzzer_rng(), 64))
{
std::cout << "A = " << a << "\n";
std::cout << "Ressol = " << a_sqrt << "\n";
diff --git a/src/extra_tests/fuzzers/jigs/tls_client.cpp b/src/extra_tests/fuzzers/jigs/tls_client.cpp
index c176667d4..f70e1eb75 100644
--- a/src/extra_tests/fuzzers/jigs/tls_client.cpp
+++ b/src/extra_tests/fuzzers/jigs/tls_client.cpp
@@ -6,7 +6,6 @@
#include "driver.h"
#include <botan/tls_client.h>
-#include <botan/system_rng.h>
class Fuzzer_TLS_Client_Creds : public Credentials_Manager
{
@@ -29,7 +28,6 @@ void fuzz(const uint8_t in[], size_t len)
auto ignore_alerts = [](TLS::Alert, const byte[], size_t) {};
auto ignore_hs = [](const TLS::Session&) { abort(); return true; };
- Botan::System_RNG rng;
TLS::Session_Manager_Noop session_manager;
TLS::Policy policy;
TLS::Protocol_Version client_offer = TLS::Protocol_Version::TLS_V12;
@@ -44,7 +42,7 @@ void fuzz(const uint8_t in[], size_t len)
session_manager,
creds,
policy,
- rng,
+ fuzzer_rng(),
info,
client_offer,
protocols_to_offer);
diff --git a/src/extra_tests/fuzzers/jigs/tls_server.cpp b/src/extra_tests/fuzzers/jigs/tls_server.cpp
index dea885de3..acf7ce08e 100644
--- a/src/extra_tests/fuzzers/jigs/tls_server.cpp
+++ b/src/extra_tests/fuzzers/jigs/tls_server.cpp
@@ -6,7 +6,6 @@
#include "driver.h"
#include <botan/tls_server.h>
-#include <botan/system_rng.h>
const char* fixed_rsa_key =
"-----BEGIN PRIVATE KEY-----\n"
@@ -69,7 +68,7 @@ class Fuzzer_TLS_Server_Creds : public Credentials_Manager
DataSource_Memory key_in(fixed_rsa_key);
m_rsa_cert.reset(new Botan::X509_Certificate(cert_in));
- //m_rsa_key.reset(Botan::PKCS8::load_key(key_in, Botan::system_rng()));
+ //m_rsa_key.reset(Botan::PKCS8::load_key(key_in, fuzzer_rng());
}
std::vector<Botan::X509_Certificate> cert_chain(
@@ -119,7 +118,6 @@ void fuzz(const uint8_t in[], size_t len)
auto ignore_alerts = [](TLS::Alert, const byte[], size_t) {};
auto ignore_hs = [](const TLS::Session&) { return true; };
- Botan::System_RNG rng;
TLS::Session_Manager_Noop session_manager;
TLS::Policy policy;
TLS::Server_Information info("server.name", 443);
@@ -141,7 +139,7 @@ void fuzz(const uint8_t in[], size_t len)
session_manager,
creds,
policy,
- rng,
+ fuzzer_rng(),
next_proto_fn,
is_datagram);