phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-01-25 10:43:19 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge bitcoin/bitcoin#30373: fuzz: fix key size in crypter

Browse source 
4383dc90ba fuzz: fix key size in crypter target (brunoerg)

Pull request description:

  Fixes #30251

  This PR:
  1. Limits `cipher_text_ed` and `random_string` (`SecureString`) size.
  2. Replace `ConsumeRandomLengthByteVector` for keys to `ConsumeFixedLengthByteVector` with `WALLET_CRYPTO_KEY_SIZE`.
  3. Replace `ConsumeRandomLengthByteVector` for `chSalt` to `ConsumeFixedLengthByteVector` with `WALLET_CRYPTO_SALT_SIZE`.

ACKs for top commit:
  marcofleon:
    Tested ACK 4383dc90ba. I ran this:
  dergoegge:
    utACK 4383dc90ba

Tree-SHA512: 6f09cca0b4627f49152b685ac03659c01004f2131c6aada7654606ea01f6619b1611b1d17624d2cddce277c1afdddda5f656d99f6ca8f72a22f5c0541762c964
This commit is contained in:
merge-script 2024-07-15 11:40:11 +01:00
commit 35102d4928
No known key found for this signature in database
GPG key ID: 2EEB9F5CC09526C1
1 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/wallet/test/fuzz/crypter.cpp
View file

@ -27,36 +27,36 @@ FUZZ_TARGET(crypter, .init = initialize_crypter)
// These values are regularly updated within `CallOneOf` // These values are regularly updated within `CallOneOf`
std::vector<unsigned char> cipher_text_ed; std::vector<unsigned char> cipher_text_ed;
CKeyingMaterial plain_text_ed; CKeyingMaterial plain_text_ed;
const std::vector<unsigned char> random_key = ConsumeRandomLengthByteVector(fuzzed_data_provider); const std::vector<unsigned char> random_key = ConsumeFixedLengthByteVector(fuzzed_data_provider, WALLET_CRYPTO_KEY_SIZE);
LIMITED_WHILE(good_data && fuzzed_data_provider.ConsumeBool(), 10000) LIMITED_WHILE(good_data && fuzzed_data_provider.ConsumeBool(), 10000)
{ {
CallOneOf( CallOneOf(
fuzzed_data_provider, fuzzed_data_provider,
[&] { [&] {
const std::string random_string = fuzzed_data_provider.ConsumeRandomLengthString(); const std::string random_string = fuzzed_data_provider.ConsumeRandomLengthString(100);
SecureString secure_string(random_string.begin(), random_string.end()); SecureString secure_string(random_string.begin(), random_string.end());
const unsigned int derivation_method = fuzzed_data_provider.ConsumeBool() ? 0 : fuzzed_data_provider.ConsumeIntegral<unsigned int>(); const unsigned int derivation_method = fuzzed_data_provider.ConsumeBool() ? 0 : fuzzed_data_provider.ConsumeIntegral<unsigned int>();
// Limiting the value of nRounds since it is otherwise uselessly expensive and causes a timeout when fuzzing. // Limiting the value of nRounds since it is otherwise uselessly expensive and causes a timeout when fuzzing.
crypt.SetKeyFromPassphrase(/*strKeyData=*/secure_string, crypt.SetKeyFromPassphrase(/*strKeyData=*/secure_string,
/*chSalt=*/ConsumeRandomLengthByteVector(fuzzed_data_provider), /*chSalt=*/ConsumeFixedLengthByteVector(fuzzed_data_provider, WALLET_CRYPTO_SALT_SIZE),
/*nRounds=*/fuzzed_data_provider.ConsumeIntegralInRange<unsigned int>(0, 25000), /*nRounds=*/fuzzed_data_provider.ConsumeIntegralInRange<unsigned int>(0, 25000),
/*nDerivationMethod=*/derivation_method); /*nDerivationMethod=*/derivation_method);
}, },
[&] { [&] {
const std::vector<unsigned char> random_vector = ConsumeFixedLengthByteVector(fuzzed_data_provider, 32); const std::vector<unsigned char> random_vector = ConsumeFixedLengthByteVector(fuzzed_data_provider, WALLET_CRYPTO_KEY_SIZE);
const CKeyingMaterial new_key(random_vector.begin(), random_vector.end()); const CKeyingMaterial new_key(random_vector.begin(), random_vector.end());
const std::vector<unsigned char>& new_IV = ConsumeFixedLengthByteVector(fuzzed_data_provider, 16); const std::vector<unsigned char>& new_IV = ConsumeFixedLengthByteVector(fuzzed_data_provider, WALLET_CRYPTO_IV_SIZE);
crypt.SetKey(new_key, new_IV); crypt.SetKey(new_key, new_IV);
}, },
[&] { [&] {
const std::vector<unsigned char> random_vector = ConsumeRandomLengthByteVector(fuzzed_data_provider); const std::vector<unsigned char> random_vector = ConsumeFixedLengthByteVector(fuzzed_data_provider, WALLET_CRYPTO_KEY_SIZE);
plain_text_ed = CKeyingMaterial(random_vector.begin(), random_vector.end()); plain_text_ed = CKeyingMaterial(random_vector.begin(), random_vector.end());
}, },
[&] { [&] {
cipher_text_ed = ConsumeRandomLengthByteVector(fuzzed_data_provider); cipher_text_ed = ConsumeRandomLengthByteVector(fuzzed_data_provider, 64);
}, },
[&] { [&] {
(void)crypt.Encrypt(plain_text_ed, cipher_text_ed); (void)crypt.Encrypt(plain_text_ed, cipher_text_ed);
@ -82,7 +82,7 @@ FUZZ_TARGET(crypter, .init = initialize_crypter)
} }
const CPubKey pub_key = *random_pub_key; const CPubKey pub_key = *random_pub_key;
const CKeyingMaterial master_key(random_key.begin(), random_key.end()); const CKeyingMaterial master_key(random_key.begin(), random_key.end());
const std::vector<unsigned char> crypted_secret = ConsumeRandomLengthByteVector(fuzzed_data_provider); const std::vector<unsigned char> crypted_secret = ConsumeRandomLengthByteVector(fuzzed_data_provider, 64);
CKey key; CKey key;
DecryptKey(master_key, crypted_secret, pub_key, key); DecryptKey(master_key, crypted_secret, pub_key, key);
}); });