phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-01-10 20:03:34 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

fuzz: BIP324: damage ciphertext/aad in full byte range

Browse source 
Currently the damaging of input data for decryption (either ciphertext
or aad) only ever happens in the lower nibble within the byte at the
damage position, as the bit position for the `damage_val` byte was
calculated with `damage_bit & 3` (corresponding to `% 4`) rather than
`damage_bit & 7` (corresponding to the expected `% 8`).
This commit is contained in:
Sebastian Falbesoner 2023-11-28 02:08:57 +01:00
parent 794f971607
commit e67634ef19
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/test/fuzz/bip324.cpp
View file

@ -98,7 +98,7 @@ FUZZ_TARGET(bip324_cipher_roundtrip, .init=Initialize)
unsigned damage_bit = provider.ConsumeIntegralInRange<unsigned>(0, unsigned damage_bit = provider.ConsumeIntegralInRange<unsigned>(0,
(ciphertext.size() + aad.size()) * 8U - 1U); (ciphertext.size() + aad.size()) * 8U - 1U);
unsigned damage_pos = damage_bit >> 3; unsigned damage_pos = damage_bit >> 3;
std::byte damage_val{(uint8_t)(1U << (damage_bit & 3))}; std::byte damage_val{(uint8_t)(1U << (damage_bit & 7))};
if (damage_pos >= ciphertext.size()) { if (damage_pos >= ciphertext.size()) {
aad[damage_pos - ciphertext.size()] ^= damage_val; aad[damage_pos - ciphertext.size()] ^= damage_val;
} else { } else {