mirrors/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-02-20 14:05:23 +01:00
Code Issues Projects Releases Wiki Activity

Merge bitcoin/bitcoin#28951: fuzz: BIP324: damage ciphertext/aad in full byte range

Browse source 
e67634ef19 fuzz: BIP324: damage ciphertext/aad in full byte range (Sebastian Falbesoner)

Pull request description:

  This PR is a tiny improvement for the `bip324_cipher_roundtrip` fuzz target: currently the damaging of input data for decryption (either ciphertext or aad) only ever happens in the lower nibble within the byte at the damage position, as the bit position for the `damage_val` byte was calculated with `damage_bit & 3` (corresponding to `% 4`) rather than `damage_bit & 7` (corresponding to the expected `% 8`).

  Noticed while reviewing #28263 which uses similar constructs.

ACKs for top commit:
  stratospher:
    ACK e67634ef.
  dergoegge:
    utACK e67634ef19

Tree-SHA512: 1bab4df28708e079874feee939beef45eff235215375c339decc696f4c9aef04e4b417322b045491c8aec6e88ec8ec2db564e27ef1b0be352b6ff4ed38bad49a
This commit is contained in:
fanquake 2023-11-30 15:03:42 +00:00
commit 05d3f8e822
No known key found for this signature in database
GPG key ID: 2EEB9F5CC09526C1
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/test/fuzz/bip324.cpp
View file

@ -98,7 +98,7 @@ FUZZ_TARGET(bip324_cipher_roundtrip, .init=Initialize)
unsigned damage_bit = provider.ConsumeIntegralInRange<unsigned>(0,
(ciphertext.size() + aad.size()) * 8U - 1U);
unsigned damage_pos = damage_bit >> 3;
std::byte damage_val{(uint8_t)(1U << (damage_bit & 3))};
std::byte damage_val{(uint8_t)(1U << (damage_bit & 7))};
if (damage_pos >= ciphertext.size()) {
aad[damage_pos - ciphertext.size()] ^= damage_val;
} else {