rust-lightning/fuzz/src/peer_crypt.rs

// This file is Copyright its original authors, visible in version control
// history.
//
// This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
// or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
// You may not use this file except in accordance with one or both of these
// licenses.

use lightning::ln::peer_channel_encryptor::PeerChannelEncryptor;

use bitcoin::secp256k1::{Secp256k1, PublicKey, SecretKey};

use utils::test_logger;

#[inline]
fn slice_to_be16(v: &[u8]) -> u16 {
	((v[0] as u16) << 8*1) |
	((v[1] as u16) << 8*0)
}

#[inline]
pub fn do_test(data: &[u8]) {
	let mut read_pos = 0;
	macro_rules! get_slice {
		($len: expr) => {
			{
				let slice_len = $len as usize;
				if data.len() < read_pos + slice_len {
					return;
				}
				read_pos += slice_len;
				&data[read_pos - slice_len..read_pos]
			}
		}
	}

	let secp_ctx = Secp256k1::signing_only();

	let our_network_key = match SecretKey::from_slice(get_slice!(32)) {
		Ok(key) => key,
		Err(_) => return,
	};
	let ephemeral_key = match SecretKey::from_slice(get_slice!(32)) {
		Ok(key) => key,
		Err(_) => return,
	};

	let mut crypter = if get_slice!(1)[0] != 0 {
		let their_pubkey = match PublicKey::from_slice(get_slice!(33)) {
			Ok(key) => key,
			Err(_) => return,
		};
		let mut crypter = PeerChannelEncryptor::new_outbound(their_pubkey, ephemeral_key);
		crypter.get_act_one(&secp_ctx);
		match crypter.process_act_two(get_slice!(50), &our_network_key, &secp_ctx) {
			Ok(_) => {},
			Err(_) => return,
		}
		assert!(crypter.is_ready_for_encryption());
		crypter
	} else {
		let mut crypter = PeerChannelEncryptor::new_inbound(&our_network_key, &secp_ctx);
		match crypter.process_act_one_with_keys(get_slice!(50), &our_network_key, ephemeral_key, &secp_ctx) {
			Ok(_) => {},
			Err(_) => return,
		}
		match crypter.process_act_three(get_slice!(66)) {
			Ok(_) => {},
			Err(_) => return,
		}
		assert!(crypter.is_ready_for_encryption());
		crypter
	};
	loop {
		if get_slice!(1)[0] == 0 {
			crypter.encrypt_message(get_slice!(slice_to_be16(get_slice!(2))));
		} else {
			let len = match crypter.decrypt_length_header(get_slice!(16+2)) {
				Ok(len) => len,
				Err(_) => return,
			};
			match crypter.decrypt_message(get_slice!(len as usize + 16)) {
				Ok(_) => {},
				Err(_) => return,
			}
		}
	}
}

pub fn peer_crypt_test<Out: test_logger::Output>(data: &[u8], _out: Out) {
	do_test(data);
}

#[no_mangle]
pub extern "C" fn peer_crypt_run(data: *const u8, datalen: usize) {
	do_test(unsafe { std::slice::from_raw_parts(data, datalen) });
}
Relicense as dual Apache-2.0 + MIT This changes the LICENSE file and adds license headers to most files to relicense under dual Apache-2.0 and MIT. This is helpful in that we retain the patent grant issued under Apache-2.0-licensed work, avoiding some sticky patent issues, while still allowing users who are more comfortable with the simpler MIT license to use that. See https://github.com/rust-bitcoin/rust-lightning/issues/659 for relicensing statements from code authors. 2020-08-10 15:00:09 -04:00			`// This file is Copyright its original authors, visible in version control`
			`// history.`
			`//`
			`// This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE`
			`// or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license`
			`// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.`
			`// You may not use this file except in accordance with one or both of these`
			`// licenses.`

Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00			`use lightning::ln::peer_channel_encryptor::PeerChannelEncryptor;`

Pull secp256k1 contexts from per-peer to per-PeerManager Instead of including a `Secp256k1` context per `PeerChannelEncryptor`, which is relatively expensive memory-wise and nontrivial CPU-wise to construct, we should keep one for all peers and simply reuse it. This is relatively trivial so we do so in this commit. Since its trivial to do so, we also take this opportunity to randomize the new PeerManager context. 2022-05-09 23:03:50 +00:00			`use bitcoin::secp256k1::{Secp256k1, PublicKey, SecretKey};`
Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00
Thread fuzz test cases Adds threading (with logger capture) to fuzz targets so that we can more effeciently test a failing fuzz corpus on new code changes. 2020-02-20 20:11:40 -05:00			`use utils::test_logger;`

Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00			`#[inline]`
			`fn slice_to_be16(v: &[u8]) -> u16 {`
			`((v[0] as u16) << 8*1) \|`
			`((v[1] as u16) << 8*0)`
			`}`

			`#[inline]`
			`pub fn do_test(data: &[u8]) {`
			`let mut read_pos = 0;`
			`macro_rules! get_slice {`
			`($len: expr) => {`
			`{`
			`let slice_len = $len as usize;`
			`if data.len() < read_pos + slice_len {`
			`return;`
			`}`
			`read_pos += slice_len;`
			`&data[read_pos - slice_len..read_pos]`
			`}`
			`}`
			`}`

Pull secp256k1 contexts from per-peer to per-PeerManager Instead of including a `Secp256k1` context per `PeerChannelEncryptor`, which is relatively expensive memory-wise and nontrivial CPU-wise to construct, we should keep one for all peers and simply reuse it. This is relatively trivial so we do so in this commit. Since its trivial to do so, we also take this opportunity to randomize the new PeerManager context. 2022-05-09 23:03:50 +00:00			`let secp_ctx = Secp256k1::signing_only();`

Upgrade to secp256k1 v12, bitcoin v16, and crates bitcoin_hashes 2019-01-16 15:45:05 -05:00			`let our_network_key = match SecretKey::from_slice(get_slice!(32)) {`
Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00			`Ok(key) => key,`
			`Err(_) => return,`
			`};`
Stop using rng in peer_channel_encryptor to generate ephemeral keys This removes the bulk of our reliance on the rand crate in non-test envs, paving a way towards a syscall-less rust-lightning and WASM. Since this is a breaking change for full_stack_target (and several fuzz targets), go ahead and make other changes to make things more distinct. 2019-07-18 22:17:36 -04:00			`let ephemeral_key = match SecretKey::from_slice(get_slice!(32)) {`
			`Ok(key) => key,`
			`Err(_) => return,`
			`};`
Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00
			`let mut crypter = if get_slice!(1)[0] != 0 {`
Upgrade to secp256k1 v12, bitcoin v16, and crates bitcoin_hashes 2019-01-16 15:45:05 -05:00			`let their_pubkey = match PublicKey::from_slice(get_slice!(33)) {`
Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00			`Ok(key) => key,`
			`Err(_) => return,`
			`};`
Stop using rng in peer_channel_encryptor to generate ephemeral keys This removes the bulk of our reliance on the rand crate in non-test envs, paving a way towards a syscall-less rust-lightning and WASM. Since this is a breaking change for full_stack_target (and several fuzz targets), go ahead and make other changes to make things more distinct. 2019-07-18 22:17:36 -04:00			`let mut crypter = PeerChannelEncryptor::new_outbound(their_pubkey, ephemeral_key);`
Pull secp256k1 contexts from per-peer to per-PeerManager Instead of including a `Secp256k1` context per `PeerChannelEncryptor`, which is relatively expensive memory-wise and nontrivial CPU-wise to construct, we should keep one for all peers and simply reuse it. This is relatively trivial so we do so in this commit. Since its trivial to do so, we also take this opportunity to randomize the new PeerManager context. 2022-05-09 23:03:50 +00:00			`crypter.get_act_one(&secp_ctx);`
			`match crypter.process_act_two(get_slice!(50), &our_network_key, &secp_ctx) {`
Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00			`Ok(_) => {},`
			`Err(_) => return,`
			`}`
			`assert!(crypter.is_ready_for_encryption());`
			`crypter`
			`} else {`
Pull secp256k1 contexts from per-peer to per-PeerManager Instead of including a `Secp256k1` context per `PeerChannelEncryptor`, which is relatively expensive memory-wise and nontrivial CPU-wise to construct, we should keep one for all peers and simply reuse it. This is relatively trivial so we do so in this commit. Since its trivial to do so, we also take this opportunity to randomize the new PeerManager context. 2022-05-09 23:03:50 +00:00			`let mut crypter = PeerChannelEncryptor::new_inbound(&our_network_key, &secp_ctx);`
			`match crypter.process_act_one_with_keys(get_slice!(50), &our_network_key, ephemeral_key, &secp_ctx) {`
Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00			`Ok(_) => {},`
			`Err(_) => return,`
			`}`
			`match crypter.process_act_three(get_slice!(66)) {`
			`Ok(_) => {},`
			`Err(_) => return,`
			`}`
			`assert!(crypter.is_ready_for_encryption());`
			`crypter`
			`};`
			`loop {`
			`if get_slice!(1)[0] == 0 {`
			`crypter.encrypt_message(get_slice!(slice_to_be16(get_slice!(2))));`
			`} else {`
			`let len = match crypter.decrypt_length_header(get_slice!(16+2)) {`
			`Ok(len) => len,`
			`Err(_) => return,`
			`};`
			`match crypter.decrypt_message(get_slice!(len as usize + 16)) {`
			`Ok(_) => {},`
			`Err(_) => return,`
			`}`
			`}`
			`}`
			`}`

Thread fuzz test cases Adds threading (with logger capture) to fuzz targets so that we can more effeciently test a failing fuzz corpus on new code changes. 2020-02-20 20:11:40 -05:00			`pub fn peer_crypt_test<Out: test_logger::Output>(data: &[u8], _out: Out) {`
			`do_test(data);`
			`}`

Refactor fuzzing to be a C-callable library plus rust binaries This should help us avoid rust's at-load syscalls by calling the tests from a C program. 2019-12-11 13:18:43 -05:00			`#[no_mangle]`
			`pub extern "C" fn peer_crypt_run(data: *const u8, datalen: usize) {`
			`do_test(unsafe { std::slice::from_raw_parts(data, datalen) });`
Add some fuzz targets. Sadly none of them are really any good without some hand-holding to generate good input data, and unless sha256 gets stubbed out I'm not sure they're gonna get good without a symbolic execution fuzzer 2018-03-19 17:45:58 -04:00			`}`