mirror of
https://github.com/lightningnetwork/lnd.git
synced 2024-11-19 09:53:54 +01:00
bad4a66279
It is best to have deterministic fuzz targets, so that if a failure occurs, it can be easily reproduced. This commit swaps the cryptographically secure RNG for a deterministic one seeded from fuzzer input.
725 lines
21 KiB
Go
725 lines
21 KiB
Go
package brontide
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/ecdsa"
|
|
"encoding/hex"
|
|
"io"
|
|
"math"
|
|
"math/rand"
|
|
"testing"
|
|
|
|
"github.com/btcsuite/btcd/btcec/v2"
|
|
"github.com/davecgh/go-spew/spew"
|
|
"github.com/decred/dcrd/dcrec/secp256k1/v4"
|
|
"github.com/lightningnetwork/lnd/keychain"
|
|
)
|
|
|
|
var (
|
|
initBytes = []byte{
|
|
0x81, 0xb6, 0x37, 0xd8, 0xfc, 0xd2, 0xc6, 0xda,
|
|
0x63, 0x59, 0xe6, 0x96, 0x31, 0x13, 0xa1, 0x17,
|
|
0xd, 0xe7, 0x95, 0xe4, 0xb7, 0x25, 0xb8, 0x4d,
|
|
0x1e, 0xb, 0x4c, 0xfd, 0x9e, 0xc5, 0x8c, 0xe9,
|
|
}
|
|
|
|
respBytes = []byte{
|
|
0xaa, 0xb6, 0x37, 0xd9, 0xfc, 0xd2, 0xc6, 0xda,
|
|
0x63, 0x59, 0xe6, 0x99, 0x31, 0x13, 0xa1, 0x17,
|
|
0xd, 0xe7, 0x95, 0xe9, 0xb7, 0x25, 0xb8, 0x4d,
|
|
0x1e, 0xb, 0x4c, 0xf9, 0x9e, 0xc5, 0x8c, 0xe9,
|
|
}
|
|
|
|
// Returns the initiator's ephemeral private key.
|
|
initEphemeral = EphemeralGenerator(func() (*btcec.PrivateKey, error) {
|
|
e := "121212121212121212121212121212121212121212121212121212" +
|
|
"1212121212"
|
|
eBytes, err := hex.DecodeString(e)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
priv, _ := btcec.PrivKeyFromBytes(eBytes)
|
|
|
|
return priv, nil
|
|
})
|
|
|
|
// Returns the responder's ephemeral private key.
|
|
respEphemeral = EphemeralGenerator(func() (*btcec.PrivateKey, error) {
|
|
e := "222222222222222222222222222222222222222222222222222" +
|
|
"2222222222222"
|
|
eBytes, err := hex.DecodeString(e)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
priv, _ := btcec.PrivKeyFromBytes(eBytes)
|
|
|
|
return priv, nil
|
|
})
|
|
)
|
|
|
|
// completeHandshake takes two brontide machines (initiator, responder)
|
|
// and completes the brontide handshake between them. If any part of the
|
|
// handshake fails, this function will panic.
|
|
func completeHandshake(t *testing.T, initiator, responder *Machine) {
|
|
// Generate ActOne and send to the responder.
|
|
actOne, err := initiator.GenActOne()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
if err := responder.RecvActOne(actOne); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Generate ActTwo and send to initiator.
|
|
actTwo, err := responder.GenActTwo()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
if err := initiator.RecvActTwo(actTwo); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Generate ActThree and send to responder.
|
|
actThree, err := initiator.GenActThree()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
if err := responder.RecvActThree(actThree); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
}
|
|
|
|
// dumpAndFail dumps the initiator and responder Machines and fails.
|
|
func dumpAndFail(t *testing.T, initiator, responder *Machine, err error) {
|
|
t.Helper()
|
|
|
|
t.Fatalf("error: %v, initiator: %v, responder: %v", err,
|
|
spew.Sdump(initiator), spew.Sdump(responder))
|
|
}
|
|
|
|
// newInsecurePrivateKey returns a private key that is generated using a
|
|
// cryptographically insecure RNG. This function should only be used for testing
|
|
// where reproducibility is required.
|
|
func newInsecurePrivateKey(t *testing.T,
|
|
insecureRNG io.Reader) *btcec.PrivateKey {
|
|
|
|
key, err := ecdsa.GenerateKey(secp256k1.S256(), insecureRNG)
|
|
if err != nil {
|
|
t.Fatalf("error generating private key: %v", err)
|
|
}
|
|
|
|
return secp256k1.PrivKeyFromBytes(key.D.Bytes())
|
|
}
|
|
|
|
// getBrontideMachines returns two brontide machines that use pseudorandom keys
|
|
// everywhere, generated from seed.
|
|
func getBrontideMachines(t *testing.T, seed int64) (*Machine, *Machine) {
|
|
rng := rand.New(rand.NewSource(seed))
|
|
|
|
initPriv := newInsecurePrivateKey(t, rng)
|
|
respPriv := newInsecurePrivateKey(t, rng)
|
|
respPub := respPriv.PubKey()
|
|
|
|
initPrivECDH := &keychain.PrivKeyECDH{PrivKey: initPriv}
|
|
respPrivECDH := &keychain.PrivKeyECDH{PrivKey: respPriv}
|
|
|
|
ephGen := EphemeralGenerator(func() (*btcec.PrivateKey, error) {
|
|
return newInsecurePrivateKey(t, rng), nil
|
|
})
|
|
|
|
initiator := NewBrontideMachine(true, initPrivECDH, respPub, ephGen)
|
|
responder := NewBrontideMachine(false, respPrivECDH, nil, ephGen)
|
|
|
|
return initiator, responder
|
|
}
|
|
|
|
// getStaticBrontideMachines returns two brontide machines that use static keys
|
|
// everywhere.
|
|
func getStaticBrontideMachines() (*Machine, *Machine) {
|
|
initPriv, _ := btcec.PrivKeyFromBytes(initBytes)
|
|
respPriv, respPub := btcec.PrivKeyFromBytes(respBytes)
|
|
|
|
initPrivECDH := &keychain.PrivKeyECDH{PrivKey: initPriv}
|
|
respPrivECDH := &keychain.PrivKeyECDH{PrivKey: respPriv}
|
|
|
|
initiator := NewBrontideMachine(
|
|
true, initPrivECDH, respPub, initEphemeral,
|
|
)
|
|
responder := NewBrontideMachine(
|
|
false, respPrivECDH, nil, respEphemeral,
|
|
)
|
|
|
|
return initiator, responder
|
|
}
|
|
|
|
// FuzzRandomActOne fuzz tests ActOne in the brontide handshake.
|
|
func FuzzRandomActOne(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// Check if data is large enough.
|
|
if len(data) < ActOneSize {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with random keys.
|
|
_, responder := getBrontideMachines(t, seed)
|
|
|
|
// Copy data into [ActOneSize]byte.
|
|
var actOne [ActOneSize]byte
|
|
copy(actOne[:], data)
|
|
|
|
// Responder receives ActOne, should fail on the MAC check.
|
|
if err := responder.RecvActOne(actOne); err == nil {
|
|
dumpAndFail(t, nil, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzRandomActThree fuzz tests ActThree in the brontide handshake.
|
|
func FuzzRandomActThree(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// Check if data is large enough.
|
|
if len(data) < ActThreeSize {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with random keys.
|
|
initiator, responder := getBrontideMachines(t, seed)
|
|
|
|
// Generate ActOne and send to the responder.
|
|
actOne, err := initiator.GenActOne()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Receiving ActOne should succeed, so we panic on error.
|
|
if err := responder.RecvActOne(actOne); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Generate ActTwo - this is not sent to the initiator because
|
|
// nothing is done with the initiator after this point and it
|
|
// would slow down fuzzing. GenActTwo needs to be called to set
|
|
// the appropriate state in the responder machine.
|
|
_, err = responder.GenActTwo()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Copy data into [ActThreeSize]byte.
|
|
var actThree [ActThreeSize]byte
|
|
copy(actThree[:], data)
|
|
|
|
// Responder receives ActThree, should fail on the MAC check.
|
|
if err := responder.RecvActThree(actThree); err == nil {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzRandomActTwo fuzz tests ActTwo in the brontide handshake.
|
|
func FuzzRandomActTwo(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// Check if data is large enough.
|
|
if len(data) < ActTwoSize {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with random keys.
|
|
initiator, _ := getBrontideMachines(t, seed)
|
|
|
|
// Generate ActOne - this isn't sent to the responder because
|
|
// nothing is done with the responder machine and this would
|
|
// slow down fuzzing. GenActOne needs to be called to set the
|
|
// appropriate state in the initiator machine.
|
|
_, err := initiator.GenActOne()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, nil, err)
|
|
}
|
|
|
|
// Copy data into [ActTwoSize]byte.
|
|
var actTwo [ActTwoSize]byte
|
|
copy(actTwo[:], data)
|
|
|
|
// Initiator receives ActTwo, should fail.
|
|
if err := initiator.RecvActTwo(actTwo); err == nil {
|
|
dumpAndFail(t, initiator, nil, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzRandomInitDecrypt fuzz tests decrypting arbitrary data with the
|
|
// initiator.
|
|
func FuzzRandomInitDecrypt(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// This will return brontide machines with random keys.
|
|
initiator, responder := getBrontideMachines(t, seed)
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
// Create a reader with the byte array.
|
|
r := bytes.NewReader(data)
|
|
|
|
// Decrypt the encrypted message using ReadMessage w/ initiator
|
|
// machine.
|
|
if _, err := initiator.ReadMessage(r); err == nil {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzRandomInitEncDec fuzz tests round-trip encryption and decryption between
|
|
// the initiator and the responder.
|
|
func FuzzRandomInitEncDec(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// Ensure that length of message is not greater than max allowed
|
|
// size.
|
|
if len(data) > math.MaxUint16 {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with random keys.
|
|
initiator, responder := getBrontideMachines(t, seed)
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
var b bytes.Buffer
|
|
|
|
// Encrypt the message using WriteMessage w/ initiator machine.
|
|
if err := initiator.WriteMessage(data); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Flush the encrypted message w/ initiator machine.
|
|
if _, err := initiator.Flush(&b); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Decrypt the ciphertext using ReadMessage w/ responder
|
|
// machine.
|
|
plaintext, err := responder.ReadMessage(&b)
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Check that the decrypted message and the original message are
|
|
// equal.
|
|
if !bytes.Equal(data, plaintext) {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzRandomInitEncrypt fuzz tests the encryption of arbitrary data with the
|
|
// initiator.
|
|
func FuzzRandomInitEncrypt(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// Ensure that length of message is not greater than max allowed
|
|
// size.
|
|
if len(data) > math.MaxUint16 {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with random keys.
|
|
initiator, responder := getBrontideMachines(t, seed)
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
var b bytes.Buffer
|
|
|
|
// Encrypt the message using WriteMessage w/ initiator machine.
|
|
if err := initiator.WriteMessage(data); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Flush the encrypted message w/ initiator machine.
|
|
if _, err := initiator.Flush(&b); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzRandomRespDecrypt fuzz tests the decryption of arbitrary data with the
|
|
// responder.
|
|
func FuzzRandomRespDecrypt(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// This will return brontide machines with random keys.
|
|
initiator, responder := getBrontideMachines(t, seed)
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
// Create a reader with the byte array.
|
|
r := bytes.NewReader(data)
|
|
|
|
// Decrypt the encrypted message using ReadMessage w/ responder
|
|
// machine.
|
|
if _, err := responder.ReadMessage(r); err == nil {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzRandomRespEncDec fuzz tests round-trip encryption and decryption between
|
|
// the responder and the initiator.
|
|
func FuzzRandomRespEncDec(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// Ensure that length of message is not greater than max allowed
|
|
// size.
|
|
if len(data) > math.MaxUint16 {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with random keys.
|
|
initiator, responder := getBrontideMachines(t, seed)
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
var b bytes.Buffer
|
|
|
|
// Encrypt the message using WriteMessage w/ responder machine.
|
|
if err := responder.WriteMessage(data); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Flush the encrypted message w/ responder machine.
|
|
if _, err := responder.Flush(&b); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Decrypt the ciphertext using ReadMessage w/ initiator
|
|
// machine.
|
|
plaintext, err := initiator.ReadMessage(&b)
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Check that the decrypted message and the original message are
|
|
// equal.
|
|
if !bytes.Equal(data, plaintext) {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzRandomRespEncrypt fuzz tests encryption of arbitrary data with the
|
|
// responder.
|
|
func FuzzRandomRespEncrypt(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, seed int64, data []byte) {
|
|
// Ensure that length of message is not greater than max allowed
|
|
// size.
|
|
if len(data) > math.MaxUint16 {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with random keys.
|
|
initiator, responder := getBrontideMachines(t, seed)
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
var b bytes.Buffer
|
|
|
|
// Encrypt the message using WriteMessage w/ responder machine.
|
|
if err := responder.WriteMessage(data); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Flush the encrypted message w/ responder machine.
|
|
if _, err := responder.Flush(&b); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticActOne fuzz tests ActOne in the brontide handshake.
|
|
func FuzzStaticActOne(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// Check if data is large enough.
|
|
if len(data) < ActOneSize {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with static keys.
|
|
_, responder := getStaticBrontideMachines()
|
|
|
|
// Copy data into [ActOneSize]byte.
|
|
var actOne [ActOneSize]byte
|
|
copy(actOne[:], data)
|
|
|
|
// Responder receives ActOne, should fail.
|
|
if err := responder.RecvActOne(actOne); err == nil {
|
|
dumpAndFail(t, nil, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticActThree fuzz tests ActThree in the brontide handshake.
|
|
func FuzzStaticActThree(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// Check if data is large enough.
|
|
if len(data) < ActThreeSize {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with static keys.
|
|
initiator, responder := getStaticBrontideMachines()
|
|
|
|
// Generate ActOne and send to the responder.
|
|
actOne, err := initiator.GenActOne()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Receiving ActOne should succeed, so we panic on error.
|
|
if err := responder.RecvActOne(actOne); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Generate ActTwo - this is not sent to the initiator because
|
|
// nothing is done with the initiator after this point and it
|
|
// would slow down fuzzing. GenActTwo needs to be called to set
|
|
// the appropriate state in the responder machine.
|
|
_, err = responder.GenActTwo()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Copy data into [ActThreeSize]byte.
|
|
var actThree [ActThreeSize]byte
|
|
copy(actThree[:], data)
|
|
|
|
// Responder receives ActThree, should fail.
|
|
if err := responder.RecvActThree(actThree); err == nil {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticActTwo fuzz tests ActTwo in the brontide handshake.
|
|
func FuzzStaticActTwo(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// Check if data is large enough.
|
|
if len(data) < ActTwoSize {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with static keys.
|
|
initiator, _ := getStaticBrontideMachines()
|
|
|
|
// Generate ActOne - this isn't sent to the responder because
|
|
// nothing is done with the responder machine and this would
|
|
// slow down fuzzing. GenActOne needs to be called to set the
|
|
// appropriate state in the initiator machine.
|
|
_, err := initiator.GenActOne()
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, nil, err)
|
|
}
|
|
|
|
// Copy data into [ActTwoSize]byte.
|
|
var actTwo [ActTwoSize]byte
|
|
copy(actTwo[:], data)
|
|
|
|
// Initiator receives ActTwo, should fail.
|
|
if err := initiator.RecvActTwo(actTwo); err == nil {
|
|
dumpAndFail(t, initiator, nil, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticInitDecrypt fuzz tests the decryption of arbitrary data with the
|
|
// initiator.
|
|
func FuzzStaticInitDecrypt(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// This will return brontide machines with static keys.
|
|
initiator, responder := getStaticBrontideMachines()
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
// Create a reader with the byte array.
|
|
r := bytes.NewReader(data)
|
|
|
|
// Decrypt the encrypted message using ReadMessage w/ initiator
|
|
// machine.
|
|
if _, err := initiator.ReadMessage(r); err == nil {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticInitEncDec fuzz tests round-trip encryption and decryption between
|
|
// the initiator and the responder.
|
|
func FuzzStaticInitEncDec(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// Ensure that length of message is not greater than max allowed
|
|
// size.
|
|
if len(data) > math.MaxUint16 {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with static keys.
|
|
initiator, responder := getStaticBrontideMachines()
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
var b bytes.Buffer
|
|
|
|
// Encrypt the message using WriteMessage w/ initiator machine.
|
|
if err := initiator.WriteMessage(data); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Flush the encrypted message w/ initiator machine.
|
|
if _, err := initiator.Flush(&b); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Decrypt the ciphertext using ReadMessage w/ responder
|
|
// machine.
|
|
plaintext, err := responder.ReadMessage(&b)
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Check that the decrypted message and the original message are
|
|
// equal.
|
|
if !bytes.Equal(data, plaintext) {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticInitEncrypt fuzz tests the encryption of arbitrary data with the
|
|
// initiator.
|
|
func FuzzStaticInitEncrypt(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// Ensure that length of message is not greater than max allowed
|
|
// size.
|
|
if len(data) > math.MaxUint16 {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with static keys.
|
|
initiator, responder := getStaticBrontideMachines()
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
var b bytes.Buffer
|
|
|
|
// Encrypt the message using WriteMessage w/ initiator machine.
|
|
if err := initiator.WriteMessage(data); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Flush the encrypted message w/ initiator machine.
|
|
if _, err := initiator.Flush(&b); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticRespDecrypt fuzz tests the decryption of arbitrary data with the
|
|
// responder.
|
|
func FuzzStaticRespDecrypt(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// This will return brontide machines with static keys.
|
|
initiator, responder := getStaticBrontideMachines()
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
// Create a reader with the byte array.
|
|
r := bytes.NewReader(data)
|
|
|
|
// Decrypt the encrypted message using ReadMessage w/ responder
|
|
// machine.
|
|
if _, err := responder.ReadMessage(r); err == nil {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticRespEncDec fuzz tests the round-trip encryption and decryption
|
|
// between the responder and the initiator.
|
|
func FuzzStaticRespEncDec(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// Ensure that length of message is not greater than max allowed
|
|
// size.
|
|
if len(data) > math.MaxUint16 {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with static keys.
|
|
initiator, responder := getStaticBrontideMachines()
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
var b bytes.Buffer
|
|
|
|
// Encrypt the message using WriteMessage w/ responder machine.
|
|
if err := responder.WriteMessage(data); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Flush the encrypted message w/ responder machine.
|
|
if _, err := responder.Flush(&b); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Decrypt the ciphertext using ReadMessage w/ initiator
|
|
// machine.
|
|
plaintext, err := initiator.ReadMessage(&b)
|
|
if err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Check that the decrypted message and the original message are
|
|
// equal.
|
|
if !bytes.Equal(data, plaintext) {
|
|
dumpAndFail(t, initiator, responder, nil)
|
|
}
|
|
})
|
|
}
|
|
|
|
// FuzzStaticRespEncrypt fuzz tests the encryption of arbitrary data with the
|
|
// responder.
|
|
func FuzzStaticRespEncrypt(f *testing.F) {
|
|
f.Fuzz(func(t *testing.T, data []byte) {
|
|
// Ensure that length of message is not greater than max allowed
|
|
// size.
|
|
if len(data) > math.MaxUint16 {
|
|
return
|
|
}
|
|
|
|
// This will return brontide machines with static keys.
|
|
initiator, responder := getStaticBrontideMachines()
|
|
|
|
// Complete the brontide handshake.
|
|
completeHandshake(t, initiator, responder)
|
|
|
|
var b bytes.Buffer
|
|
|
|
// Encrypt the message using WriteMessage w/ responder machine.
|
|
if err := responder.WriteMessage(data); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
|
|
// Flush the encrypted message w/ responder machine.
|
|
if _, err := responder.Flush(&b); err != nil {
|
|
dumpAndFail(t, initiator, responder, err)
|
|
}
|
|
})
|
|
}
|