diff options
-rw-r--r-- | regress/misc/fuzz-harness/Makefile | 2 | ||||
-rw-r--r-- | regress/misc/fuzz-harness/sig_fuzz.cc | 24 | ||||
-rw-r--r-- | regress/misc/fuzz-harness/sshsig_fuzz.cc | 4 |
3 files changed, 22 insertions, 8 deletions
diff --git a/regress/misc/fuzz-harness/Makefile b/regress/misc/fuzz-harness/Makefile index e164e8869..f02d6858c 100644 --- a/regress/misc/fuzz-harness/Makefile +++ b/regress/misc/fuzz-harness/Makefile | |||
@@ -5,7 +5,7 @@ FUZZ_LIBS=-lFuzzer | |||
5 | 5 | ||
6 | CXXFLAGS=-O2 -g -Wall -Wextra -I ../../.. $(FUZZ_FLAGS) | 6 | CXXFLAGS=-O2 -g -Wall -Wextra -I ../../.. $(FUZZ_FLAGS) |
7 | LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g $(FUZZ_FLAGS) | 7 | LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g $(FUZZ_FLAGS) |
8 | LIBS=-lssh -lopenbsd-compat -lcrypto $(FUZZ_LIBS) | 8 | LIBS=-lssh -lopenbsd-compat -lcrypto -lfido2 -lcbor $(FUZZ_LIBS) |
9 | 9 | ||
10 | TARGETS=pubkey_fuzz sig_fuzz authopt_fuzz sshsig_fuzz \ | 10 | TARGETS=pubkey_fuzz sig_fuzz authopt_fuzz sshsig_fuzz \ |
11 | sshsigopt_fuzz privkey_fuzz | 11 | sshsigopt_fuzz privkey_fuzz |
diff --git a/regress/misc/fuzz-harness/sig_fuzz.cc b/regress/misc/fuzz-harness/sig_fuzz.cc index dd1fda091..b32502ba0 100644 --- a/regress/misc/fuzz-harness/sig_fuzz.cc +++ b/regress/misc/fuzz-harness/sig_fuzz.cc | |||
@@ -31,19 +31,31 @@ int LLVMFuzzerTestOneInput(const uint8_t* sig, size_t slen) | |||
31 | static struct sshkey *ecdsa384 = generate_or_die(KEY_ECDSA, 384); | 31 | static struct sshkey *ecdsa384 = generate_or_die(KEY_ECDSA, 384); |
32 | static struct sshkey *ecdsa521 = generate_or_die(KEY_ECDSA, 521); | 32 | static struct sshkey *ecdsa521 = generate_or_die(KEY_ECDSA, 521); |
33 | #endif | 33 | #endif |
34 | struct sshkey_sig_details *details = NULL; | ||
34 | static struct sshkey *ed25519 = generate_or_die(KEY_ED25519, 0); | 35 | static struct sshkey *ed25519 = generate_or_die(KEY_ED25519, 0); |
35 | static const char *data = "If everyone started announcing his nose had " | 36 | static const char *data = "If everyone started announcing his nose had " |
36 | "run away, I don’t know how it would all end"; | 37 | "run away, I don’t know how it would all end"; |
37 | static const size_t dlen = strlen(data); | 38 | static const size_t dlen = strlen(data); |
38 | 39 | ||
39 | #ifdef WITH_OPENSSL | 40 | #ifdef WITH_OPENSSL |
40 | sshkey_verify(rsa, sig, slen, (const u_char *)data, dlen, NULL, 0); | 41 | sshkey_verify(rsa, sig, slen, (const u_char *)data, dlen, NULL, 0, &details); |
41 | sshkey_verify(dsa, sig, slen, (const u_char *)data, dlen, NULL, 0); | 42 | sshkey_sig_details_free(details); |
42 | sshkey_verify(ecdsa256, sig, slen, (const u_char *)data, dlen, NULL, 0); | 43 | details = NULL; |
43 | sshkey_verify(ecdsa384, sig, slen, (const u_char *)data, dlen, NULL, 0); | 44 | sshkey_verify(dsa, sig, slen, (const u_char *)data, dlen, NULL, 0, &details); |
44 | sshkey_verify(ecdsa521, sig, slen, (const u_char *)data, dlen, NULL, 0); | 45 | sshkey_sig_details_free(details); |
46 | details = NULL; | ||
47 | sshkey_verify(ecdsa256, sig, slen, (const u_char *)data, dlen, NULL, 0, &details); | ||
48 | sshkey_sig_details_free(details); | ||
49 | details = NULL; | ||
50 | sshkey_verify(ecdsa384, sig, slen, (const u_char *)data, dlen, NULL, 0, &details); | ||
51 | sshkey_sig_details_free(details); | ||
52 | details = NULL; | ||
53 | sshkey_verify(ecdsa521, sig, slen, (const u_char *)data, dlen, NULL, 0, &details); | ||
54 | sshkey_sig_details_free(details); | ||
55 | details = NULL; | ||
45 | #endif | 56 | #endif |
46 | sshkey_verify(ed25519, sig, slen, (const u_char *)data, dlen, NULL, 0); | 57 | sshkey_verify(ed25519, sig, slen, (const u_char *)data, dlen, NULL, 0, &details); |
58 | sshkey_sig_details_free(details); | ||
47 | return 0; | 59 | return 0; |
48 | } | 60 | } |
49 | 61 | ||
diff --git a/regress/misc/fuzz-harness/sshsig_fuzz.cc b/regress/misc/fuzz-harness/sshsig_fuzz.cc index fe09ccb87..02211a096 100644 --- a/regress/misc/fuzz-harness/sshsig_fuzz.cc +++ b/regress/misc/fuzz-harness/sshsig_fuzz.cc | |||
@@ -22,10 +22,12 @@ int LLVMFuzzerTestOneInput(const uint8_t* sig, size_t slen) | |||
22 | struct sshbuf *signature = sshbuf_from(sig, slen); | 22 | struct sshbuf *signature = sshbuf_from(sig, slen); |
23 | struct sshbuf *message = sshbuf_from(data, strlen(data)); | 23 | struct sshbuf *message = sshbuf_from(data, strlen(data)); |
24 | struct sshkey *k = NULL; | 24 | struct sshkey *k = NULL; |
25 | struct sshkey_sig_details *details = NULL; | ||
25 | extern char *__progname; | 26 | extern char *__progname; |
26 | 27 | ||
27 | log_init(__progname, SYSLOG_LEVEL_QUIET, SYSLOG_FACILITY_USER, 1); | 28 | log_init(__progname, SYSLOG_LEVEL_QUIET, SYSLOG_FACILITY_USER, 1); |
28 | sshsig_verifyb(signature, message, "castle", &k); | 29 | sshsig_verifyb(signature, message, "castle", &k, &details); |
30 | sshkey_sig_details_free(details); | ||
29 | sshkey_free(k); | 31 | sshkey_free(k); |
30 | sshbuf_free(signature); | 32 | sshbuf_free(signature); |
31 | sshbuf_free(message); | 33 | sshbuf_free(message); |