From 9352c3232594f953d2db11c1e140be3f7f9fbae4 Mon Sep 17 00:00:00 2001
From: practicalswift <practicalswift@users.noreply.github.com>
Date: Tue, 16 Jun 2020 13:03:01 +0000
Subject: [PATCH] tests: Add fuzzing harness for AES256Encrypt/AES256Decrypt

---
 src/Makefile.test.include       |  7 +++++++
 src/test/fuzz/crypto_aes256.cpp | 30 ++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 src/test/fuzz/crypto_aes256.cpp

diff --git a/src/Makefile.test.include b/src/Makefile.test.include
index 472382c7d25..e0351c1c815 100644
--- a/src/Makefile.test.include
+++ b/src/Makefile.test.include
@@ -33,6 +33,7 @@ FUZZ_TARGETS = \
   test/fuzz/coins_deserialize \
   test/fuzz/coins_view \
   test/fuzz/crypto \
+  test/fuzz/crypto_aes256 \
   test/fuzz/crypto_common \
   test/fuzz/cuckoocache \
   test/fuzz/decode_tx \
@@ -486,6 +487,12 @@ test_fuzz_crypto_LDADD = $(FUZZ_SUITE_LD_COMMON)
 test_fuzz_crypto_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
 test_fuzz_crypto_SOURCES = test/fuzz/crypto.cpp
 
+test_fuzz_crypto_aes256_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
+test_fuzz_crypto_aes256_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
+test_fuzz_crypto_aes256_LDADD = $(FUZZ_SUITE_LD_COMMON)
+test_fuzz_crypto_aes256_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
+test_fuzz_crypto_aes256_SOURCES = test/fuzz/crypto_aes256.cpp
+
 test_fuzz_crypto_common_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
 test_fuzz_crypto_common_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
 test_fuzz_crypto_common_LDADD = $(FUZZ_SUITE_LD_COMMON)
diff --git a/src/test/fuzz/crypto_aes256.cpp b/src/test/fuzz/crypto_aes256.cpp
new file mode 100644
index 00000000000..ae14073c96d
--- /dev/null
+++ b/src/test/fuzz/crypto_aes256.cpp
@@ -0,0 +1,30 @@
+// Copyright (c) 2020 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <crypto/aes.h>
+#include <test/fuzz/FuzzedDataProvider.h>
+#include <test/fuzz/fuzz.h>
+#include <test/fuzz/util.h>
+
+#include <cassert>
+#include <cstdint>
+#include <vector>
+
+void test_one_input(const std::vector<uint8_t>& buffer)
+{
+    FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};
+    const std::vector<uint8_t> key = ConsumeFixedLengthByteVector(fuzzed_data_provider, AES256_KEYSIZE);
+
+    AES256Encrypt encrypt{key.data()};
+    AES256Decrypt decrypt{key.data()};
+
+    while (fuzzed_data_provider.ConsumeBool()) {
+        const std::vector<uint8_t> plaintext = ConsumeFixedLengthByteVector(fuzzed_data_provider, AES_BLOCKSIZE);
+        std::vector<uint8_t> ciphertext(AES_BLOCKSIZE);
+        encrypt.Encrypt(ciphertext.data(), plaintext.data());
+        std::vector<uint8_t> decrypted_plaintext(AES_BLOCKSIZE);
+        decrypt.Decrypt(decrypted_plaintext.data(), ciphertext.data());
+        assert(decrypted_plaintext == plaintext);
+    }
+}