aboutsummaryrefslogtreecommitdiffstats
path: root/src/fuzzer
Commit message (Collapse)AuthorAgeFilesLines
* Merge X.509 header filesJack Lloyd2020-10-311-1/+1
|
* Fix underflow bug in modular inverseJack Lloyd2020-03-081-5/+5
| | | | OSS-Fuzz 21115
* Fuzzer improvementsJack Lloyd2020-03-032-19/+23
|
* Remove use of Binary Extended Euclidean Algorithm for inversionJack Lloyd2020-03-011-10/+53
| | | | | Instead use two specialized algorithms, one for odd modulus and the other for power of 2 modulus, then combine the results using CRT.
* In X509 DN fuzzer allow the names to be different lengthsJack Lloyd2020-02-181-8/+3
| | | | | No reason to restrict them to have the same length here since the encodings can differ (UTF-8 vs UCS-4, etc)
* Avoid creating secure_vector each time during OAEP fuzzerJack Lloyd2019-11-101-1/+1
|
* Enhance ECC fuzzers to also test variable point scalar multJack Lloyd2019-11-101-0/+37
|
* Add URI class to parse IPv4, IPv6 and domain names together with port numberNuno Goncalves2019-10-141-0/+20
| | | | Signed-off-by: Nuno Goncalves <[email protected]>
* Remove unused includeJack Lloyd2019-08-231-1/+0
|
* Fix X509_DN comparisonJack Lloyd2019-05-081-0/+46
| | | | | | An issue in #1936 indicated that X509_DN operator< was not behaving correctly. Indeed, DNs could compare in such a way that DN1 < DN2 && DN2 < DN1. STL containers do not like this.
* Allow any ciphersuite in TLS fuzzersJack Lloyd2019-04-082-2/+72
| | | | Fixes #1883
* In fuzzer remove debug print and check return value of posix_memalignJack Lloyd2019-02-211-2/+2
|
* Allocate aligned pages in mem pool fuzzerJack Lloyd2019-01-131-11/+68
| | | | | | | Otherwise the alignment tests can fail. OSS-Fuzz 12412 And also free the pages on exit otherwise OSS-Fuzz detects it as a leak. OSS-Fuzz 12413
* Split up allocations into pagesJack Lloyd2019-01-051-3/+6
|
* Update fuzzer for new Memory_Pool behavior and constructorJack Lloyd2019-01-041-7/+26
|
* Fix Memory_Pool fuzzer [ci skip]Jack Lloyd2018-12-291-1/+1
|
* Add a fuzzer for Memory_PoolJack Lloyd2018-12-291-0/+114
| | | | | | | | | Basically, test that it works. Accepts a sequence of alloc+free operations and verify that each pointer returned does not overlap with any other outstanding allocation, that the memory returned is zeroed, and that alignment is respected. Intended for testing #1800 but no reason not to land this first.
* Correct read in test fuzzersJack Lloyd2018-12-231-1/+1
|
* Add a multi-file input mode for test fuzzersJack Lloyd2018-12-231-0/+38
| | | | | | | | | | The test_fuzzers.py script is very slow especially on CI. Add a mode to the test fuzzers where it will accept many files on the command line and test each of them in turn. This is 100s of times faster, as it avoids all overhead from fork/exec. It has the downside that you can't tell which input caused a crash, so retain the old mode with --one-at-a-time option for debugging work.
* Add a constant time divide variant for dividing by uint8_tJack Lloyd2018-12-021-5/+22
| | | | | | | | | Originally wrote it for div-by-word but that ends up requiring a dword type which we don't always have. And uint8_t covers the most important cases of n = 10 and n = 58 (whenever I get around to writing base58). We could portably support up to div-by-uint32, but I don't think we need it. Nicely for n = 10, this is actually faster than the variable time division.
* Add a const-time division algorithmJack Lloyd2018-12-021-1/+7
| | | | | | | | It is stupid and slow (~50-100x slower than variable time version) but still useful for protecting critical algorithms. Not currently used, waiting for OSS-Fuzz to test it for a while before we commit to it.
* Fix a bug in OneAndZeros unpaddingJack Lloyd2018-11-301-19/+32
| | | | | | | Introduced in b13c0cc8590199d, it could only trigger if the block size was more than 256 bytes. In that case an invalid padding could be accepted. OSS-Fuzz 11608 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11608)
* No need for an RNG object here [ci skip]Jack Lloyd2018-09-251-2/+1
|
* Avoid some gcc warnings in mode padding fuzzer [ci skip]Jack Lloyd2018-09-231-1/+5
|
* Fix a crash in the mode padding fuzzerJack Lloyd2018-09-231-0/+2
| | | | | | The reference version of 1and0 padding would crash on an all-zero input. OSS-Fuzz 10628
* Add a fuzzer for OAEP unpaddingJack Lloyd2018-09-221-0/+102
| | | | This tests the delim scanning section which must be const time.
* Add fuzzer for mode unpadding, and fix bugs found therebyJack Lloyd2018-09-221-0/+150
| | | | | | | Both PKCS7 and X9.23 padding modes did not examine the first byte of the purported padding if the padding took an entire block. So for example for a 64-bit cipher, PKCS7 would accept XX08080808080808 as a valid padding for any byte value.
* Fix a bug in Barrett reductionJack Lloyd2018-06-051-4/+8
| | | | | | -x*n % n would reduce to n instead of zero. Also some small optimizations and cleanups.
* Add missing override annotations in fuzzers [ci skip]Jack Lloyd2018-04-062-2/+2
|
* Modify tls_server fuzzer to use callbacks interface, skip validationJack Lloyd2018-04-011-25/+63
|
* Update tls_client fuzzer to skip validation resultsJack Lloyd2018-04-011-15/+53
| | | | | Currently OSS-Fuzz stops cold at receiving the certificate message since the odds of libFuzzer forging an RSA signature are not high.
* Add EC_Group::clear_registered_curve_dataJack Lloyd2018-03-191-0/+7
| | | | | | Needed for OSS-Fuzz (OOMing a lot) and maybe very occasionally useful in some weird application that has to deal with 100s of different curves.
* Add mixed (J+A) point addition, new scalar mul for base pointsJack Lloyd2018-03-081-15/+25
| | | | | | | | | Adds PointGFp::force_affine(), ::add_affine(), and ::is_affine() Use a (very simple) technique for base point precomputations. Stick with fixed window for variable point inputs. Scalar blinding is now always enabled
* Simplify modular inversion fuzzerJack Lloyd2018-03-011-50/+6
| | | | | Now binary ext gcd algorithm has an exposed API so no need to duplicate the code here.
* Remove use of redc_helper in fuzzersJack Lloyd2018-02-266-54/+48
| | | | This runs into the same weird UbSan issue as in #1370
* Optimize Barrett reductionJack Lloyd2018-02-261-0/+41
| | | | | | | | | | OSS-Fuzz 6570 flagged an issue with slow modular exponentation. It turned out the problem was not in the library version but the simple square-and-multiply algorithm. Computing g^x % p with all three integers being dense (high Hamming weight) numbers took about 1.5 seconds on a fast machine with almost all of the time taken by the Barrett reductions. With these changes, same testcase now takes only a tiny fraction of a second.
* Change pow_mod fuzzer to also accept p from inputJack Lloyd2018-02-251-11/+15
| | | | | Previously it used a hardcoded (random) prime, but accepting all three inputs allows much better coverage of corner cases.
* Fix fuzzer buildJack Lloyd2018-02-221-3/+6
|
* Minimize header dependenciesJack Lloyd2018-02-211-1/+0
|
* New API for blinded ECC point multiplicationJack Lloyd2018-02-211-4/+4
| | | | No shared state
* Use shared representation of EC_GroupJack Lloyd2018-01-311-1/+1
| | | | Hide CurveGFp with an eye for eventual removal
* Update ASN.1 fuzzerJack Lloyd2018-01-151-1/+1
|
* Refactor ASN1_Pretty_PrinterJack Lloyd2017-12-281-1/+20
| | | | | | Now the base class ASN1_Formatter parses the data and calls virtuals to format. This allows custom formatting, or in the case of the fuzzer skipping the overhead of formatting entirely.
* Update ASN.1 fuzzerJack Lloyd2017-11-151-9/+9
|
* Fix fuzzer buildJack Lloyd2017-09-291-0/+1
|
* Fix building fuzzersJack Lloyd2017-09-215-1/+6
|
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-203-6/+6
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* Clean up fuzzer code a bitJack Lloyd2017-09-025-46/+34
| | | | | If we ever output something to the terminal it should be because we are crashing.
* Add support for fuzzing with KLEEJack Lloyd2017-08-301-0/+16
| | | | | | For the fuzzers, builds an object and then links in a second step, because we need that to link the fuzzer binaries for LLVM. (Clang will emit bitcode for us, but doesn't want to link it.)
* Create new fuzzer build modeJack Lloyd2017-08-2527-0/+1082