Coverage for /pythoncovmergedfiles/medio/medio/src/fuzz_jwt_roundtrip.py: 38%

Shortcuts on this page

r m x   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

50 statements  

1###### Coverage stub 

2import atexit 

3import coverage 

4cov = coverage.coverage(data_file='.coverage', cover_pylib=True) 

5cov.start() 

6# Register an exist handler that will print coverage 

7def exit_handler(): 

8 cov.stop() 

9 cov.save() 

10atexit.register(exit_handler) 

11####### End of coverage stub 

12#!/usr/bin/python3 

13# Copyright 2022 Google LLC 

14# 

15# Licensed under the Apache License, Version 2.0 (the "License"); 

16# you may not use this file except in compliance with the License. 

17# You may obtain a copy of the License at 

18# 

19# http://www.apache.org/licenses/LICENSE-2.0 

20# 

21# Unless required by applicable law or agreed to in writing, software 

22# distributed under the License is distributed on an "AS IS" BASIS, 

23# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 

24# See the License for the specific language governing permissions and 

25# limitations under the License. 

26 

27import os 

28import sys 

29import atheris 

30 

31bundle_dir = getattr(sys, '_MEIPASS', os.path.abspath(os.path.dirname(__file__))) 

32path_to_public_cert = os.path.abspath(os.path.join(bundle_dir, 'public_cert.pem')) 

33path_to_private_key = os.path.abspath(os.path.join(bundle_dir, 'privatekey.pem')) 

34 

35# We instrument all imports below 

36from google.auth import jwt 

37from google.auth import crypt 

38 

39if os.path.isfile(path_to_private_key): 

40 with open(path_to_private_key, "rb") as fh: 

41 PRIVATE_KEY_BYTES = fh.read() 

42else: 

43 raise Exception("Could not find private key") 

44 

45if os.path.isfile(path_to_public_cert): 

46 with open(path_to_public_cert, "rb") as fh: 

47 PUBLIC_CERT_BYTES = fh.read() 

48else: 

49 raise Exception("Could not find public cert") 

50 

51@atheris.instrument_func 

52def test_roundtrip_unverified(data): 

53 fdp = atheris.FuzzedDataProvider(data) 

54 signer = crypt.RSASigner.from_string(PRIVATE_KEY_BYTES, "1") 

55 

56 to_header = fdp.ConsumeIntInRange(1, 100) 

57 if to_header < 50: 

58 header = None 

59 else: 

60 header = { 

61 "alg" : fdp.ConsumeString(100), 

62 } 

63 to_keyid = fdp.ConsumeIntInRange(1, 100) 

64 raw_data = fdp.ConsumeString(200) 

65 

66 key_id = fdp.ConsumeString(50) if to_keyid < 50 else None 

67 encoded = jwt.encode(signer, raw_data, header = header, key_id = key_id) 

68 try: 

69 _, decoded_data, _, _ = jwt.decode(encoded, PUBLIC_CERT_BYTES) 

70 except ValueError as e: 

71 return 

72 

73 

74@atheris.instrument_func 

75def TestOneInput(data): 

76 test_roundtrip_unverified(data) 

77 

78 

79def main(): 

80 atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) 

81 atheris.instrument_all() 

82 atheris.Fuzz() 

83 

84 

85if __name__ == "__main__": 

86 main()