New upstream version 1.4.0

author: Colin Watson <cjwatson@debian.org> 2020-04-17 20:57:17 +0100
committer: Colin Watson <cjwatson@debian.org> 2020-04-17 20:57:17 +0100
commit: 75073d0a8478441cc97a6efa10b566c5fb1dac81 (patch)
tree: b73bff259e1b16829ed8b19ee92df2bbbf36ef7d /fuzz/fuzz_assert.c
parent: c923f422b1e455bdd8ec3bdb10d005e3bfbacfe0 (diff)
1 files changed, 32 insertions, 229 deletions
diff --git a/fuzz/fuzz_assert.c b/fuzz/fuzz_assert.c
index 0395345..5b72658 100644
--- a/fuzz/fuzz_assert.c
+++ b/fuzz/fuzz_assert.c
@@ -12,6 +12,10 @@
 #include <stdio.h>
 #include "mutator_aux.h"
+#include "wiredata_fido2.h"
+#include "wiredata_u2f.h"
+#include "dummy.h"
 #include "fido.h"
 #include "fido/es256.h"
 #include "fido/rs256.h"
@@ -54,140 +58,16 @@ struct param {
        uint8_t         uv;
 };
-/* Example parameters. */
-static const char dummy_rp_id[] = "localhost";
-static const char dummy_pin[] = "9}4gT:8d=A37Dh}U";
-static const uint8_t dummy_cdh[] = {
-        0xec, 0x8d, 0x8f, 0x78, 0x42, 0x4a, 0x2b, 0xb7,
-        0x82, 0x34, 0xaa, 0xca, 0x07, 0xa1, 0xf6, 0x56,
-        0x42, 0x1c, 0xb6, 0xf6, 0xb3, 0x00, 0x86, 0x52,
-        0x35, 0x2d, 0xa2, 0x62, 0x4a, 0xbe, 0x89, 0x76,
-};
-static const uint8_t dummy_es256[] = {
-        0xcc, 0x1b, 0x50, 0xac, 0xc4, 0x19, 0xf8, 0x3a,
-        0xee, 0x0a, 0x77, 0xd6, 0xf3, 0x53, 0xdb, 0xef,
-        0xf2, 0xb9, 0x5c, 0x2d, 0x8b, 0x1e, 0x52, 0x58,
-        0x88, 0xf4, 0x0b, 0x85, 0x1f, 0x40, 0x6d, 0x18,
-        0x15, 0xb3, 0xcc, 0x25, 0x7c, 0x38, 0x3d, 0xec,
-        0xdf, 0xad, 0xbd, 0x46, 0x91, 0xc3, 0xac, 0x30,
-        0x94, 0x2a, 0xf7, 0x78, 0x35, 0x70, 0x59, 0x6f,
-        0x28, 0xcb, 0x8e, 0x07, 0x85, 0xb5, 0x91, 0x96,
-};
-static const uint8_t dummy_rs256[] = {
-        0xd2, 0xa8, 0xc0, 0x11, 0x82, 0x9e, 0x57, 0x2e,
-        0x60, 0xae, 0x8c, 0xb0, 0x09, 0xe1, 0x58, 0x2b,
-        0x99, 0xec, 0xc3, 0x11, 0x1b, 0xef, 0x81, 0x49,
-        0x34, 0x53, 0x6a, 0x01, 0x65, 0x2c, 0x24, 0x09,
-        0x30, 0x87, 0x98, 0x51, 0x6e, 0x30, 0x4f, 0x60,
-        0xbd, 0x54, 0xd2, 0x54, 0xbd, 0x94, 0x42, 0xdd,
-        0x63, 0xe5, 0x2c, 0xc6, 0x04, 0x32, 0xc0, 0x8f,
-        0x72, 0xd5, 0xb4, 0xf0, 0x4f, 0x42, 0xe5, 0xb0,
-        0xa2, 0x95, 0x11, 0xfe, 0xd8, 0xb0, 0x65, 0x34,
-        0xff, 0xfb, 0x44, 0x97, 0x52, 0xfc, 0x67, 0x23,
-        0x0b, 0xad, 0xf3, 0x3a, 0x82, 0xd4, 0x96, 0x10,
-        0x87, 0x6b, 0xfa, 0xd6, 0x51, 0x60, 0x3e, 0x1c,
-        0xae, 0x19, 0xb8, 0xce, 0x08, 0xae, 0x9a, 0xee,
-        0x78, 0x16, 0x22, 0xcc, 0x92, 0xcb, 0xa8, 0x95,
-        0x34, 0xe5, 0xb9, 0x42, 0x6a, 0xf0, 0x2e, 0x82,
-        0x1f, 0x4c, 0x7d, 0x84, 0x94, 0x68, 0x7b, 0x97,
-        0x2b, 0xf7, 0x7d, 0x67, 0x83, 0xbb, 0xc7, 0x8a,
-        0x31, 0x5a, 0xf3, 0x2a, 0x95, 0xdf, 0x63, 0xe7,
-        0x4e, 0xee, 0x26, 0xda, 0x87, 0x00, 0xe2, 0x23,
-        0x4a, 0x33, 0x9a, 0xa0, 0x1b, 0xce, 0x60, 0x1f,
-        0x98, 0xa1, 0xb0, 0xdb, 0xbf, 0x20, 0x59, 0x27,
-        0xf2, 0x06, 0xd9, 0xbe, 0x37, 0xa4, 0x03, 0x6b,
-        0x6a, 0x4e, 0xaf, 0x22, 0x68, 0xf3, 0xff, 0x28,
-        0x59, 0x05, 0xc9, 0xf1, 0x28, 0xf4, 0xbb, 0x35,
-        0xe0, 0xc2, 0x68, 0xc2, 0xaa, 0x54, 0xac, 0x8c,
-        0xc1, 0x69, 0x9e, 0x4b, 0x32, 0xfc, 0x53, 0x58,
-        0x85, 0x7d, 0x3f, 0x51, 0xd1, 0xc9, 0x03, 0x02,
-        0x13, 0x61, 0x62, 0xda, 0xf8, 0xfe, 0x3e, 0xc8,
-        0x95, 0x12, 0xfb, 0x0c, 0xdf, 0x06, 0x65, 0x6f,
-        0x23, 0xc7, 0x83, 0x7c, 0x50, 0x2d, 0x27, 0x25,
-        0x4d, 0xbf, 0x94, 0xf0, 0x89, 0x04, 0xb9, 0x2d,
-        0xc4, 0xa5, 0x32, 0xa9, 0x25, 0x0a, 0x99, 0x59,
-        0x01, 0x00, 0x01,
-};
-static const uint8_t dummy_eddsa[] = {
-        0xfe, 0x8b, 0x61, 0x50, 0x31, 0x7a, 0xe6, 0xdf,
-        0xb1, 0x04, 0x9d, 0x4d, 0xb5, 0x7a, 0x5e, 0x96,
-        0x4c, 0xb2, 0xf9, 0x5f, 0x72, 0x47, 0xb5, 0x18,
-        0xe2, 0x39, 0xdf, 0x2f, 0x87, 0x19, 0xb3, 0x02,
-};
 /*
 * Collection of HID reports from an authenticator issued with a FIDO2
 * get assertion using the example parameters above.
 */
 static const uint8_t dummy_wire_data_fido[] = {
-        0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0xf7,
+        WIREDATA_CTAP_INIT,
-        0x6f, 0xda, 0x52, 0xfd, 0xcb, 0xb6, 0x24, 0x00,
+        WIREDATA_CTAP_CBOR_INFO,
-        0x92, 0x00, 0x0e, 0x02, 0x05, 0x00, 0x02, 0x05,
+        WIREDATA_CTAP_CBOR_AUTHKEY,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        WIREDATA_CTAP_CBOR_PINTOKEN,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        WIREDATA_CTAP_CBOR_ASSERT,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0x51, 0x00,
-        0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18,
-        0x20, 0x01, 0x21, 0x58, 0x20, 0xe9, 0x1d, 0x9b,
-        0xac, 0x14, 0x25, 0x5f, 0xda, 0x1e, 0x11, 0xdb,
-        0xae, 0xc2, 0x90, 0x22, 0xca, 0x32, 0xec, 0x32,
-        0xe6, 0x05, 0x15, 0x44, 0xe5, 0xe8, 0xbc, 0x4f,
-        0x0a, 0xb6, 0x1a, 0xeb, 0x11, 0x22, 0x58, 0x20,
-        0xcc, 0x72, 0xf0, 0x22, 0xe8, 0x28, 0x82, 0xc5,
-        0x00, 0x92, 0x00, 0x0e, 0x00, 0xa6, 0x65, 0x6e,
-        0xff, 0x1e, 0xe3, 0x7f, 0x27, 0x44, 0x2d, 0xfb,
-        0x8d, 0x41, 0xfa, 0x85, 0x0e, 0xcb, 0xda, 0x95,
-        0x64, 0x64, 0x9b, 0x1f, 0x34, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0x14, 0x00,
-        0xa1, 0x02, 0x50, 0xee, 0x40, 0x4c, 0x85, 0xd7,
-        0xa1, 0x2f, 0x56, 0xc4, 0x4e, 0xc5, 0x93, 0x41,
-        0xd0, 0x3b, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0xcb, 0x00,
-        0xa3, 0x01, 0xa2, 0x62, 0x69, 0x64, 0x58, 0x40,
-        0x4a, 0x4c, 0x9e, 0xcc, 0x81, 0x7d, 0x42, 0x03,
-        0x2b, 0x41, 0xd1, 0x38, 0xd3, 0x49, 0xb4, 0xfc,
-        0xfb, 0xe4, 0x4e, 0xe4, 0xff, 0x76, 0x34, 0x16,
-        0x68, 0x06, 0x9d, 0xa6, 0x01, 0x32, 0xb9, 0xff,
-        0xc2, 0x35, 0x0d, 0x89, 0x43, 0x66, 0x12, 0xf8,
-        0x8e, 0x5b, 0xde, 0xf4, 0xcc, 0xec, 0x9d, 0x03,
-        0x00, 0x92, 0x00, 0x0e, 0x00, 0x85, 0xc2, 0xf5,
-        0xe6, 0x8e, 0xeb, 0x3f, 0x3a, 0xec, 0xc3, 0x1d,
-        0x04, 0x6e, 0xf3, 0x5b, 0x88, 0x64, 0x74, 0x79,
-        0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, 0x6c, 0x69,
-        0x63, 0x2d, 0x6b, 0x65, 0x79, 0x02, 0x58, 0x25,
-        0x49, 0x96, 0x0d, 0xe5, 0x88, 0x0e, 0x8c, 0x68,
-        0x74, 0x34, 0x17, 0x0f, 0x64, 0x76, 0x60, 0x5b,
-        0x8f, 0xe4, 0xae, 0xb9, 0xa2, 0x86, 0x32, 0xc7,
-        0x00, 0x92, 0x00, 0x0e, 0x01, 0x99, 0x5c, 0xf3,
-        0xba, 0x83, 0x1d, 0x97, 0x63, 0x04, 0x00, 0x00,
-        0x00, 0x09, 0x03, 0x58, 0x47, 0x30, 0x45, 0x02,
-        0x21, 0x00, 0xcf, 0x3f, 0x36, 0x0e, 0x1f, 0x6f,
-        0xd6, 0xa0, 0x9d, 0x13, 0xcf, 0x55, 0xf7, 0x49,
-        0x8f, 0xc8, 0xc9, 0x03, 0x12, 0x76, 0x41, 0x75,
-        0x7b, 0xb5, 0x0a, 0x90, 0xa5, 0x82, 0x26, 0xf1,
-        0x6b, 0x80, 0x02, 0x20, 0x34, 0x9b, 0x7a, 0x82,
-        0x00, 0x92, 0x00, 0x0e, 0x02, 0xd3, 0xe1, 0x79,
-        0x49, 0x55, 0x41, 0x9f, 0xa4, 0x06, 0x06, 0xbd,
-        0xc8, 0xb9, 0x2b, 0x5f, 0xe1, 0xa7, 0x99, 0x1c,
-        0xa1, 0xfc, 0x7e, 0x3e, 0xd5, 0x85, 0x2e, 0x11,
-        0x75, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
 };
 /*
@@ -195,102 +75,12 @@ static const uint8_t dummy_wire_data_fido[] = {
 * authentication using the example parameters above.
 */
 static const uint8_t dummy_wire_data_u2f[] = {
-        0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x0f,
+        WIREDATA_CTAP_INIT,
-        0x26, 0x9c, 0xd3, 0x87, 0x0d, 0x7b, 0xf6, 0x00,
+        WIREDATA_CTAP_U2F_6985,
-        0x00, 0x99, 0x01, 0x02, 0x01, 0x01, 0x00, 0x01,
+        WIREDATA_CTAP_U2F_6985,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        WIREDATA_CTAP_U2F_6985,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        WIREDATA_CTAP_U2F_6985,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        WIREDATA_CTAP_U2F_AUTH,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
-        0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x4e, 0x01,
-        0x00, 0x00, 0x00, 0x2c, 0x30, 0x45, 0x02, 0x20,
-        0x1c, 0xf5, 0x7c, 0xf6, 0xde, 0xbe, 0xe9, 0x86,
-        0xee, 0x97, 0xb7, 0x64, 0xa3, 0x4e, 0x7a, 0x70,
-        0x85, 0xd0, 0x66, 0xf9, 0xf0, 0xcd, 0x04, 0x5d,
-        0x97, 0xf2, 0x3c, 0x22, 0xe3, 0x0e, 0x61, 0xc8,
-        0x02, 0x21, 0x00, 0x97, 0xef, 0xae, 0x36, 0xe6,
-        0x17, 0x9f, 0x5e, 0x2d, 0xd7, 0x8c, 0x34, 0xa7,
-        0x00, 0x00, 0x99, 0x01, 0x00, 0xa1, 0xe9, 0xfb,
-        0x8f, 0x86, 0x8c, 0xe3, 0x1e, 0xde, 0x3f, 0x4e,
-        0x1b, 0xe1, 0x2f, 0x8f, 0x2f, 0xca, 0x42, 0x26,
-        0x90, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
 };
 int    LLVMFuzzerTestOneInput(const uint8_t *, size_t);
@@ -346,6 +136,13 @@ pack(uint8_t *ptr, size_t len, const struct param *p)
        return (max - len);
 }
+static size_t
+input_len(int max)
+{
+        return (5 * len_byte() + 2 * len_int() + 2 * len_string(max) +
+            6 * len_blob(max));
+}
 static void
 get_assert(fido_assert_t *assert, uint8_t u2f, const struct blob *cdh,
    const char *rp_id, int ext, uint8_t up, uint8_t uv, const char *pin,
@@ -354,6 +151,8 @@ get_assert(fido_assert_t *assert, uint8_t u2f, const struct blob *cdh,
        fido_dev_t      *dev;
        fido_dev_io_t    io;
+        memset(&io, 0, sizeof(io));
        io.open = dev_open;
        io.close = dev_close;
        io.read = dev_read;
@@ -478,12 +277,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
        memset(&p, 0, sizeof(p));
-        if (unpack(data, size, &p) < 0)
+        if (size < input_len(GETLEN_MIN) || size > input_len(GETLEN_MAX) ||
+            unpack(data, size, &p) < 0)
                return (0);
-        srandom((unsigned int)p.seed);
+        prng_init((unsigned int)p.seed);
-        fido_init(0);
+        fido_init(FIDO_DEBUG);
+        fido_set_log_handler(consume_str);
        switch (p.type & 3) {
        case 0:
@@ -577,18 +378,20 @@ pack_dummy(uint8_t *ptr, size_t len)
        memset(&dummy, 0, sizeof(dummy));
-        dummy.type = 1;
+        dummy.type = 1; /* rsa */
        dummy.ext = FIDO_EXT_HMAC_SECRET;
        strlcpy(dummy.pin, dummy_pin, sizeof(dummy.pin));
        strlcpy(dummy.rp_id, dummy_rp_id, sizeof(dummy.rp_id));
+        dummy.cred.len = sizeof(dummy_cdh); /* XXX */
        dummy.cdh.len = sizeof(dummy_cdh);
        dummy.es256.len = sizeof(dummy_es256);
        dummy.rs256.len = sizeof(dummy_rs256);
        dummy.eddsa.len = sizeof(dummy_eddsa);
        dummy.wire_data.len = sizeof(dummy_wire_data_fido);
+        memcpy(&dummy.cred.body, &dummy_cdh, dummy.cred.len); /* XXX */
        memcpy(&dummy.cdh.body, &dummy_cdh, dummy.cdh.len);
        memcpy(&dummy.wire_data.body, &dummy_wire_data_fido,
            dummy.wire_data.len);
author	Colin Watson <cjwatson@debian.org>	2020-04-17 20:57:17 +0100
committer	Colin Watson <cjwatson@debian.org>	2020-04-17 20:57:17 +0100
commit	75073d0a8478441cc97a6efa10b566c5fb1dac81 (patch)
tree	b73bff259e1b16829ed8b19ee92df2bbbf36ef7d /fuzz/fuzz_assert.c
parent	c923f422b1e455bdd8ec3bdb10d005e3bfbacfe0 (diff)

diff --git a/fuzz/fuzz_assert.c b/fuzz/fuzz_assert.c index 0395345..5b72658 100644 --- a/fuzz/fuzz_assert.c +++ b/fuzz/fuzz_assert.c
@@ -12,6 +12,10 @@
12	#include <stdio.h>	12	#include <stdio.h>
13		13
14	#include "mutator_aux.h"	14	#include "mutator_aux.h"
		15	#include "wiredata_fido2.h"
		16	#include "wiredata_u2f.h"
		17	#include "dummy.h"
		18
15	#include "fido.h"	19	#include "fido.h"
16	#include "fido/es256.h"	20	#include "fido/es256.h"
17	#include "fido/rs256.h"	21	#include "fido/rs256.h"
@@ -54,140 +58,16 @@ struct param {
54	uint8_t uv;	58	uint8_t uv;
55	};	59	};
56		60
57	/* Example parameters. */
58	static const char dummy_rp_id[] = "localhost";
59	static const char dummy_pin[] = "9}4gT:8d=A37Dh}U";
60
61	static const uint8_t dummy_cdh[] = {
62	0xec, 0x8d, 0x8f, 0x78, 0x42, 0x4a, 0x2b, 0xb7,
63	0x82, 0x34, 0xaa, 0xca, 0x07, 0xa1, 0xf6, 0x56,
64	0x42, 0x1c, 0xb6, 0xf6, 0xb3, 0x00, 0x86, 0x52,
65	0x35, 0x2d, 0xa2, 0x62, 0x4a, 0xbe, 0x89, 0x76,
66	};
67
68	static const uint8_t dummy_es256[] = {
69	0xcc, 0x1b, 0x50, 0xac, 0xc4, 0x19, 0xf8, 0x3a,
70	0xee, 0x0a, 0x77, 0xd6, 0xf3, 0x53, 0xdb, 0xef,
71	0xf2, 0xb9, 0x5c, 0x2d, 0x8b, 0x1e, 0x52, 0x58,
72	0x88, 0xf4, 0x0b, 0x85, 0x1f, 0x40, 0x6d, 0x18,
73	0x15, 0xb3, 0xcc, 0x25, 0x7c, 0x38, 0x3d, 0xec,
74	0xdf, 0xad, 0xbd, 0x46, 0x91, 0xc3, 0xac, 0x30,
75	0x94, 0x2a, 0xf7, 0x78, 0x35, 0x70, 0x59, 0x6f,
76	0x28, 0xcb, 0x8e, 0x07, 0x85, 0xb5, 0x91, 0x96,
77	};
78
79	static const uint8_t dummy_rs256[] = {
80	0xd2, 0xa8, 0xc0, 0x11, 0x82, 0x9e, 0x57, 0x2e,
81	0x60, 0xae, 0x8c, 0xb0, 0x09, 0xe1, 0x58, 0x2b,
82	0x99, 0xec, 0xc3, 0x11, 0x1b, 0xef, 0x81, 0x49,
83	0x34, 0x53, 0x6a, 0x01, 0x65, 0x2c, 0x24, 0x09,
84	0x30, 0x87, 0x98, 0x51, 0x6e, 0x30, 0x4f, 0x60,
85	0xbd, 0x54, 0xd2, 0x54, 0xbd, 0x94, 0x42, 0xdd,
86	0x63, 0xe5, 0x2c, 0xc6, 0x04, 0x32, 0xc0, 0x8f,
87	0x72, 0xd5, 0xb4, 0xf0, 0x4f, 0x42, 0xe5, 0xb0,
88	0xa2, 0x95, 0x11, 0xfe, 0xd8, 0xb0, 0x65, 0x34,
89	0xff, 0xfb, 0x44, 0x97, 0x52, 0xfc, 0x67, 0x23,
90	0x0b, 0xad, 0xf3, 0x3a, 0x82, 0xd4, 0x96, 0x10,
91	0x87, 0x6b, 0xfa, 0xd6, 0x51, 0x60, 0x3e, 0x1c,
92	0xae, 0x19, 0xb8, 0xce, 0x08, 0xae, 0x9a, 0xee,
93	0x78, 0x16, 0x22, 0xcc, 0x92, 0xcb, 0xa8, 0x95,
94	0x34, 0xe5, 0xb9, 0x42, 0x6a, 0xf0, 0x2e, 0x82,
95	0x1f, 0x4c, 0x7d, 0x84, 0x94, 0x68, 0x7b, 0x97,
96	0x2b, 0xf7, 0x7d, 0x67, 0x83, 0xbb, 0xc7, 0x8a,
97	0x31, 0x5a, 0xf3, 0x2a, 0x95, 0xdf, 0x63, 0xe7,
98	0x4e, 0xee, 0x26, 0xda, 0x87, 0x00, 0xe2, 0x23,
99	0x4a, 0x33, 0x9a, 0xa0, 0x1b, 0xce, 0x60, 0x1f,
100	0x98, 0xa1, 0xb0, 0xdb, 0xbf, 0x20, 0x59, 0x27,
101	0xf2, 0x06, 0xd9, 0xbe, 0x37, 0xa4, 0x03, 0x6b,
102	0x6a, 0x4e, 0xaf, 0x22, 0x68, 0xf3, 0xff, 0x28,
103	0x59, 0x05, 0xc9, 0xf1, 0x28, 0xf4, 0xbb, 0x35,
104	0xe0, 0xc2, 0x68, 0xc2, 0xaa, 0x54, 0xac, 0x8c,
105	0xc1, 0x69, 0x9e, 0x4b, 0x32, 0xfc, 0x53, 0x58,
106	0x85, 0x7d, 0x3f, 0x51, 0xd1, 0xc9, 0x03, 0x02,
107	0x13, 0x61, 0x62, 0xda, 0xf8, 0xfe, 0x3e, 0xc8,
108	0x95, 0x12, 0xfb, 0x0c, 0xdf, 0x06, 0x65, 0x6f,
109	0x23, 0xc7, 0x83, 0x7c, 0x50, 0x2d, 0x27, 0x25,
110	0x4d, 0xbf, 0x94, 0xf0, 0x89, 0x04, 0xb9, 0x2d,
111	0xc4, 0xa5, 0x32, 0xa9, 0x25, 0x0a, 0x99, 0x59,
112	0x01, 0x00, 0x01,
113	};
114
115	static const uint8_t dummy_eddsa[] = {
116	0xfe, 0x8b, 0x61, 0x50, 0x31, 0x7a, 0xe6, 0xdf,
117	0xb1, 0x04, 0x9d, 0x4d, 0xb5, 0x7a, 0x5e, 0x96,
118	0x4c, 0xb2, 0xf9, 0x5f, 0x72, 0x47, 0xb5, 0x18,
119	0xe2, 0x39, 0xdf, 0x2f, 0x87, 0x19, 0xb3, 0x02,
120	};
121
122	/*	61	/*
123	* Collection of HID reports from an authenticator issued with a FIDO2	62	* Collection of HID reports from an authenticator issued with a FIDO2
124	* get assertion using the example parameters above.	63	* get assertion using the example parameters above.
125	*/	64	*/
126	static const uint8_t dummy_wire_data_fido[] = {	65	static const uint8_t dummy_wire_data_fido[] = {
127	0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0xf7,	66	WIREDATA_CTAP_INIT,
128	0x6f, 0xda, 0x52, 0xfd, 0xcb, 0xb6, 0x24, 0x00,	67	WIREDATA_CTAP_CBOR_INFO,
129	0x92, 0x00, 0x0e, 0x02, 0x05, 0x00, 0x02, 0x05,	68	WIREDATA_CTAP_CBOR_AUTHKEY,
130	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	69	WIREDATA_CTAP_CBOR_PINTOKEN,
131	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	70	WIREDATA_CTAP_CBOR_ASSERT,
132	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
133	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
134	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
135	0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0x51, 0x00,
136	0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18,
137	0x20, 0x01, 0x21, 0x58, 0x20, 0xe9, 0x1d, 0x9b,
138	0xac, 0x14, 0x25, 0x5f, 0xda, 0x1e, 0x11, 0xdb,
139	0xae, 0xc2, 0x90, 0x22, 0xca, 0x32, 0xec, 0x32,
140	0xe6, 0x05, 0x15, 0x44, 0xe5, 0xe8, 0xbc, 0x4f,
141	0x0a, 0xb6, 0x1a, 0xeb, 0x11, 0x22, 0x58, 0x20,
142	0xcc, 0x72, 0xf0, 0x22, 0xe8, 0x28, 0x82, 0xc5,
143	0x00, 0x92, 0x00, 0x0e, 0x00, 0xa6, 0x65, 0x6e,
144	0xff, 0x1e, 0xe3, 0x7f, 0x27, 0x44, 0x2d, 0xfb,
145	0x8d, 0x41, 0xfa, 0x85, 0x0e, 0xcb, 0xda, 0x95,
146	0x64, 0x64, 0x9b, 0x1f, 0x34, 0x00, 0x00, 0x00,
147	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
148	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
149	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
150	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
151	0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0x14, 0x00,
152	0xa1, 0x02, 0x50, 0xee, 0x40, 0x4c, 0x85, 0xd7,
153	0xa1, 0x2f, 0x56, 0xc4, 0x4e, 0xc5, 0x93, 0x41,
154	0xd0, 0x3b, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00,
155	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
156	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
157	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
158	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
159	0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0xcb, 0x00,
160	0xa3, 0x01, 0xa2, 0x62, 0x69, 0x64, 0x58, 0x40,
161	0x4a, 0x4c, 0x9e, 0xcc, 0x81, 0x7d, 0x42, 0x03,
162	0x2b, 0x41, 0xd1, 0x38, 0xd3, 0x49, 0xb4, 0xfc,
163	0xfb, 0xe4, 0x4e, 0xe4, 0xff, 0x76, 0x34, 0x16,
164	0x68, 0x06, 0x9d, 0xa6, 0x01, 0x32, 0xb9, 0xff,
165	0xc2, 0x35, 0x0d, 0x89, 0x43, 0x66, 0x12, 0xf8,
166	0x8e, 0x5b, 0xde, 0xf4, 0xcc, 0xec, 0x9d, 0x03,
167	0x00, 0x92, 0x00, 0x0e, 0x00, 0x85, 0xc2, 0xf5,
168	0xe6, 0x8e, 0xeb, 0x3f, 0x3a, 0xec, 0xc3, 0x1d,
169	0x04, 0x6e, 0xf3, 0x5b, 0x88, 0x64, 0x74, 0x79,
170	0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, 0x6c, 0x69,
171	0x63, 0x2d, 0x6b, 0x65, 0x79, 0x02, 0x58, 0x25,
172	0x49, 0x96, 0x0d, 0xe5, 0x88, 0x0e, 0x8c, 0x68,
173	0x74, 0x34, 0x17, 0x0f, 0x64, 0x76, 0x60, 0x5b,
174	0x8f, 0xe4, 0xae, 0xb9, 0xa2, 0x86, 0x32, 0xc7,
175	0x00, 0x92, 0x00, 0x0e, 0x01, 0x99, 0x5c, 0xf3,
176	0xba, 0x83, 0x1d, 0x97, 0x63, 0x04, 0x00, 0x00,
177	0x00, 0x09, 0x03, 0x58, 0x47, 0x30, 0x45, 0x02,
178	0x21, 0x00, 0xcf, 0x3f, 0x36, 0x0e, 0x1f, 0x6f,
179	0xd6, 0xa0, 0x9d, 0x13, 0xcf, 0x55, 0xf7, 0x49,
180	0x8f, 0xc8, 0xc9, 0x03, 0x12, 0x76, 0x41, 0x75,
181	0x7b, 0xb5, 0x0a, 0x90, 0xa5, 0x82, 0x26, 0xf1,
182	0x6b, 0x80, 0x02, 0x20, 0x34, 0x9b, 0x7a, 0x82,
183	0x00, 0x92, 0x00, 0x0e, 0x02, 0xd3, 0xe1, 0x79,
184	0x49, 0x55, 0x41, 0x9f, 0xa4, 0x06, 0x06, 0xbd,
185	0xc8, 0xb9, 0x2b, 0x5f, 0xe1, 0xa7, 0x99, 0x1c,
186	0xa1, 0xfc, 0x7e, 0x3e, 0xd5, 0x85, 0x2e, 0x11,
187	0x75, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
188	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
189	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
190	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
191	};	71	};
192		72
193	/*	73	/*
@@ -195,102 +75,12 @@ static const uint8_t dummy_wire_data_fido[] = {
195	* authentication using the example parameters above.	75	* authentication using the example parameters above.
196	*/	76	*/
197	static const uint8_t dummy_wire_data_u2f[] = {	77	static const uint8_t dummy_wire_data_u2f[] = {
198	0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x0f,	78	WIREDATA_CTAP_INIT,
199	0x26, 0x9c, 0xd3, 0x87, 0x0d, 0x7b, 0xf6, 0x00,	79	WIREDATA_CTAP_U2F_6985,
200	0x00, 0x99, 0x01, 0x02, 0x01, 0x01, 0x00, 0x01,	80	WIREDATA_CTAP_U2F_6985,
201	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	81	WIREDATA_CTAP_U2F_6985,
202	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	82	WIREDATA_CTAP_U2F_6985,
203	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	83	WIREDATA_CTAP_U2F_AUTH,
204	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
205	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
206	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
207	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
208	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
209	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
210	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
211	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
212	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
213	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
214	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
215	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
216	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
217	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
218	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
219	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
220	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
221	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
222	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
223	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
224	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
225	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
226	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
227	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
228	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
229	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
230	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
231	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
232	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
233	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
234	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
235	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
236	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
237	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
238	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
239	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
240	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
241	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
242	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
243	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
244	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
245	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
246	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
247	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
248	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
249	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
250	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
251	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
252	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
253	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
254	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
255	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
256	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
257	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
258	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
259	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
260	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
261	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
262	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
263	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
264	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
265	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
266	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
267	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
268	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
269	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
270	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69,
271	0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
272	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
273	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
274	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
275	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
276	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
277	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
278	0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x4e, 0x01,
279	0x00, 0x00, 0x00, 0x2c, 0x30, 0x45, 0x02, 0x20,
280	0x1c, 0xf5, 0x7c, 0xf6, 0xde, 0xbe, 0xe9, 0x86,
281	0xee, 0x97, 0xb7, 0x64, 0xa3, 0x4e, 0x7a, 0x70,
282	0x85, 0xd0, 0x66, 0xf9, 0xf0, 0xcd, 0x04, 0x5d,
283	0x97, 0xf2, 0x3c, 0x22, 0xe3, 0x0e, 0x61, 0xc8,
284	0x02, 0x21, 0x00, 0x97, 0xef, 0xae, 0x36, 0xe6,
285	0x17, 0x9f, 0x5e, 0x2d, 0xd7, 0x8c, 0x34, 0xa7,
286	0x00, 0x00, 0x99, 0x01, 0x00, 0xa1, 0xe9, 0xfb,
287	0x8f, 0x86, 0x8c, 0xe3, 0x1e, 0xde, 0x3f, 0x4e,
288	0x1b, 0xe1, 0x2f, 0x8f, 0x2f, 0xca, 0x42, 0x26,
289	0x90, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
290	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
291	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
292	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
293	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
294	};	84	};
295		85
296	int LLVMFuzzerTestOneInput(const uint8_t *, size_t);	86	int LLVMFuzzerTestOneInput(const uint8_t *, size_t);
@@ -346,6 +136,13 @@ pack(uint8_t ptr, size_t len, const struct param p)
346	return (max - len);	136	return (max - len);
347	}	137	}
348		138
		139	static size_t
		140	input_len(int max)
		141	{
		142	return (5 * len_byte() + 2 * len_int() + 2 * len_string(max) +
		143	6 * len_blob(max));
		144	}
		145
349	static void	146	static void
350	get_assert(fido_assert_t assert, uint8_t u2f, const struct blob cdh,	147	get_assert(fido_assert_t assert, uint8_t u2f, const struct blob cdh,
351	const char rp_id, int ext, uint8_t up, uint8_t uv, const char pin,	148	const char rp_id, int ext, uint8_t up, uint8_t uv, const char pin,
@@ -354,6 +151,8 @@ get_assert(fido_assert_t assert, uint8_t u2f, const struct blob cdh,
354	fido_dev_t *dev;	151	fido_dev_t *dev;
355	fido_dev_io_t io;	152	fido_dev_io_t io;
356		153
		154	memset(&io, 0, sizeof(io));
		155
357	io.open = dev_open;	156	io.open = dev_open;
358	io.close = dev_close;	157	io.close = dev_close;
359	io.read = dev_read;	158	io.read = dev_read;
@@ -478,12 +277,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
478		277
479	memset(&p, 0, sizeof(p));	278	memset(&p, 0, sizeof(p));
480		279
481	if (unpack(data, size, &p) < 0)	280	if (size < input_len(GETLEN_MIN) \|\| size > input_len(GETLEN_MAX) \|\|
		281	unpack(data, size, &p) < 0)
482	return (0);	282	return (0);
483		283
484	srandom((unsigned int)p.seed);	284	prng_init((unsigned int)p.seed);
485		285
486	fido_init(0);	286	fido_init(FIDO_DEBUG);
		287	fido_set_log_handler(consume_str);
487		288
488	switch (p.type & 3) {	289	switch (p.type & 3) {
489	case 0:	290	case 0:
@@ -577,18 +378,20 @@ pack_dummy(uint8_t *ptr, size_t len)
577		378
578	memset(&dummy, 0, sizeof(dummy));	379	memset(&dummy, 0, sizeof(dummy));
579		380
580	dummy.type = 1;	381	dummy.type = 1; /* rsa */
581	dummy.ext = FIDO_EXT_HMAC_SECRET;	382	dummy.ext = FIDO_EXT_HMAC_SECRET;
582		383
583	strlcpy(dummy.pin, dummy_pin, sizeof(dummy.pin));	384	strlcpy(dummy.pin, dummy_pin, sizeof(dummy.pin));
584	strlcpy(dummy.rp_id, dummy_rp_id, sizeof(dummy.rp_id));	385	strlcpy(dummy.rp_id, dummy_rp_id, sizeof(dummy.rp_id));
585		386
		387	dummy.cred.len = sizeof(dummy_cdh); /* XXX */
586	dummy.cdh.len = sizeof(dummy_cdh);	388	dummy.cdh.len = sizeof(dummy_cdh);
587	dummy.es256.len = sizeof(dummy_es256);	389	dummy.es256.len = sizeof(dummy_es256);
588	dummy.rs256.len = sizeof(dummy_rs256);	390	dummy.rs256.len = sizeof(dummy_rs256);
589	dummy.eddsa.len = sizeof(dummy_eddsa);	391	dummy.eddsa.len = sizeof(dummy_eddsa);
590	dummy.wire_data.len = sizeof(dummy_wire_data_fido);	392	dummy.wire_data.len = sizeof(dummy_wire_data_fido);
591		393
		394	memcpy(&dummy.cred.body, &dummy_cdh, dummy.cred.len); /* XXX */
592	memcpy(&dummy.cdh.body, &dummy_cdh, dummy.cdh.len);	395	memcpy(&dummy.cdh.body, &dummy_cdh, dummy.cdh.len);
593	memcpy(&dummy.wire_data.body, &dummy_wire_data_fido,	396	memcpy(&dummy.wire_data.body, &dummy_wire_data_fido,
594	dummy.wire_data.len);	397	dummy.wire_data.len);