Skip to content

Commit

Permalink
fuzz: Provide correct MAC tag to assist v2 transport fuzzing
Browse files Browse the repository at this point in the history
before commit:
131072 pulse  cov: 1734 ft: 1993 corp: 19/107b lim: 1260 exec/s: 757 rss: 465Mb

after commit:
131072 pulse  cov: 1888 ft: 2708 corp: 50/4004b lim: 1100 exec/s: 762 rss: 467Mb
  • Loading branch information
dhruv committed Feb 22, 2022
1 parent 8e55558 commit deeceeb
Showing 1 changed file with 31 additions and 7 deletions.
38 changes: 31 additions & 7 deletions src/test/fuzz/p2p_v2_transport_serialization.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

#include <compat/endian.h>
#include <crypto/chacha_poly_aead.h>
#include <crypto/poly1305.h>
#include <key.h>
#include <net.h>
#include <netmessagemaker.h>
Expand All @@ -14,22 +15,36 @@

FUZZ_TARGET(p2p_v2_transport_serialization)
{
CPrivKey k1(32, 0);
CPrivKey k2(32, 0);
CPrivKey k1(CHACHA20_POLY1305_AEAD_KEY_LEN, 0);
CPrivKey k2(CHACHA20_POLY1305_AEAD_KEY_LEN, 0);

// Construct deserializer, with a dummy NodeId
V2TransportDeserializer deserializer{(NodeId)0, k1, k2};
V2TransportSerializer serializer{k1, k2};
FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};

bool length_assist = fuzzed_data_provider.ConsumeBool();

// There is no sense in providing a mac assist if the length is incorrect.
bool mac_assist = length_assist && fuzzed_data_provider.ConsumeBool();
auto payload_bytes = fuzzed_data_provider.ConsumeRemainingBytes<uint8_t>();

if (length_assist && payload_bytes.size() >= CHACHA20_POLY1305_AEAD_AAD_LEN + CHACHA20_POLY1305_AEAD_TAG_LEN) {
uint32_t packet_length = payload_bytes.size() - CHACHA20_POLY1305_AEAD_AAD_LEN - CHACHA20_POLY1305_AEAD_TAG_LEN;
payload_bytes[0] = packet_length & 0xff;
payload_bytes[1] = (packet_length >> 8) & 0xff;
payload_bytes[2] = (packet_length >> 16) & 0xff;
if (payload_bytes.size() >= CHACHA20_POLY1305_AEAD_AAD_LEN + CHACHA20_POLY1305_AEAD_TAG_LEN) {
if (length_assist) {
uint32_t packet_length = payload_bytes.size() - CHACHA20_POLY1305_AEAD_AAD_LEN - CHACHA20_POLY1305_AEAD_TAG_LEN;
payload_bytes[0] = packet_length & 0xff;
payload_bytes[1] = (packet_length >> 8) & 0xff;
payload_bytes[2] = (packet_length >> 16) & 0xff;
}

if (mac_assist) {
unsigned char pseudorandom_bytes[CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_KEYLEN];
memset(pseudorandom_bytes, 0, sizeof(pseudorandom_bytes));
ChaCha20Forward4064 chacha{k1};
chacha.Crypt(pseudorandom_bytes, pseudorandom_bytes, CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_KEYLEN);

poly1305_auth(payload_bytes.data() + (payload_bytes.size() - POLY1305_TAGLEN), payload_bytes.data(), (payload_bytes.size() - POLY1305_TAGLEN), pseudorandom_bytes + CHACHA20_POLY1305_AEAD_AAD_LEN);
}
}

Span<const uint8_t> msg_bytes{payload_bytes};
Expand All @@ -43,6 +58,15 @@ FUZZ_TARGET(p2p_v2_transport_serialization)
bool reject_message{true};
bool disconnect{true};
CNetMessage result{deserializer.GetMessage(m_time, reject_message, disconnect)};

if (mac_assist) {
assert(!disconnect);
}

if (length_assist && mac_assist) {
assert(!reject_message);
}

if (!reject_message) {
assert(result.m_type.size() <= CMessageHeader::COMMAND_SIZE);
assert(result.m_raw_message_size <= buffer.size());
Expand Down

0 comments on commit deeceeb

Please sign in to comment.