ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 02:46:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Ignore all-zero ed25519 keys in fuzzer-verify

Browse Source
This commit is contained in:
Matt Johnston 2022-11-09 17:00:18 +08:00
parent 561ef41230
commit b4c30b5e7e
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
fuzz/fuzzer-verify.c
View File

@ -3,6 +3,7 @@
#include "fuzz-wrapfd.h" #include "fuzz-wrapfd.h"
#include "debug.h" #include "debug.h"
#include "dss.h" #include "dss.h"
#include "ed25519.h"
static void setup_fuzzer(void) { static void setup_fuzzer(void) {
fuzz_common_setup(); fuzz_common_setup();
@ -59,6 +60,21 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
/* Could also check g**q mod p == 1 */ /* Could also check g**q mod p == 1 */
} }
if (keytype == DROPBEAR_SIGNKEY_SK_ED25519 || keytype == DROPBEAR_SIGNKEY_ED25519) {
dropbear_ed25519_key **eck = (dropbear_ed25519_key**)signkey_key_ptr(key, keytype);
if (eck && *eck) {
int i;
/* we've seen all-zero keys validate */
boguskey = 1;
for (i = 0; i < CURVE25519_LEN; i++) {
if ((*eck)->priv[i] != 0x00 || (*eck)->pub[i] != 0x00) {
boguskey = 0;
}
}
}
}
if (!boguskey) { if (!boguskey) {
printf("Random key/signature managed to verify!\n"); printf("Random key/signature managed to verify!\n");
abort(); abort();