/src/cryptofuzz/builtin_tests_importer.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | #include <cryptofuzz/builtin_tests_importer.h> |
2 | | #include <cryptofuzz/repository.h> |
3 | | #include <cryptofuzz/operations.h> |
4 | | #include <cryptofuzz/util.h> |
5 | | #include <cryptofuzz/crypto.h> |
6 | | #include <stdio.h> |
7 | | #include <fstream> |
8 | | #include "config.h" |
9 | | |
10 | | namespace cryptofuzz { |
11 | | |
12 | | Builtin_tests_importer::Builtin_tests_importer(const std::string outDir) : |
13 | 0 | outDir(outDir) { |
14 | 0 | } |
15 | | |
16 | 0 | void Builtin_tests_importer::ecdsa_verify_tests(void) { |
17 | | /* Test ECDSA_Verify with valid pubkey, null signature and bogus msg */ |
18 | | /* Java CVE-2022-21449 */ |
19 | |
|
20 | 0 | constexpr std::array<uint64_t, 3> digests{ |
21 | 0 | CF_DIGEST("NULL"), |
22 | 0 | CF_DIGEST("SHA1"), |
23 | 0 | CF_DIGEST("SHA256"), |
24 | 0 | }; |
25 | |
|
26 | 0 | for (size_t i = 0; i < (sizeof(repository::ECC_CurveLUT) / sizeof(repository::ECC_CurveLUT[0])); i++) { |
27 | 0 | const uint64_t curveType = repository::ECC_CurveLUT[i].id; |
28 | |
|
29 | 0 | const auto x = cryptofuzz::repository::ECC_CurveToX(curveType); |
30 | 0 | if ( x == std::nullopt ) { |
31 | 0 | continue; |
32 | 0 | } |
33 | | |
34 | 0 | const auto y = cryptofuzz::repository::ECC_CurveToY(curveType); |
35 | 0 | if ( y == std::nullopt ) { |
36 | 0 | continue; |
37 | 0 | } |
38 | | |
39 | 0 | const auto bits = cryptofuzz::repository::ECC_CurveToBits(curveType); |
40 | 0 | if ( bits == std::nullopt ) { |
41 | 0 | continue; |
42 | 0 | } |
43 | | |
44 | 0 | for (const auto& digestType : digests) { |
45 | 0 | nlohmann::json parameters; |
46 | |
|
47 | 0 | parameters["modifier"] = ""; |
48 | 0 | parameters["curveType"] = curveType; |
49 | 0 | parameters["signature"]["pub"][0] = *x; |
50 | 0 | parameters["signature"]["pub"][1] = *y; |
51 | 0 | parameters["signature"]["signature"][0] = "0"; |
52 | 0 | parameters["signature"]["signature"][1] = "0"; |
53 | |
|
54 | 0 | std::string cleartext; |
55 | 0 | const size_t bytes = ((*bits) + 7) / 8; |
56 | 0 | for (size_t j = 0; j < bytes; j++) { |
57 | 0 | cleartext += std::string("ab"); |
58 | 0 | } |
59 | 0 | parameters["cleartext"] = cleartext; |
60 | |
|
61 | 0 | parameters["digestType"] = digestType; |
62 | |
|
63 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
64 | 0 | cryptofuzz::operation::ECDSA_Verify op(parameters); |
65 | 0 | op.Serialize(dsOut2); |
66 | 0 | write(CF_OPERATION("ECDSA_Verify"), dsOut2); |
67 | 0 | } |
68 | 0 | } |
69 | 0 | } |
70 | | |
71 | 0 | void Builtin_tests_importer::ecc_point_add_tests(void) { |
72 | | /* Create inputs which add/cmp (0, Y) to (P, Y) on every curve */ |
73 | |
|
74 | 0 | for (size_t i = 0; i < (sizeof(repository::ECC_CurveLUT) / sizeof(repository::ECC_CurveLUT[0])); i++) { |
75 | 0 | const uint64_t curveType = repository::ECC_CurveLUT[i].id; |
76 | |
|
77 | 0 | const auto a = cryptofuzz::repository::ECC_CurveToA(curveType); |
78 | 0 | if ( a == std::nullopt ) { |
79 | 0 | continue; |
80 | 0 | } |
81 | | |
82 | 0 | const auto b = cryptofuzz::repository::ECC_CurveToB(curveType); |
83 | 0 | if ( b == std::nullopt ) { |
84 | 0 | continue; |
85 | 0 | } |
86 | | |
87 | 0 | const auto p = cryptofuzz::repository::ECC_CurveToPrime(curveType); |
88 | 0 | if ( p == std::nullopt ) { |
89 | 0 | continue; |
90 | 0 | } |
91 | | |
92 | 0 | const auto y = util::Find_ECC_Y("0", *a, *b, *p, "0", false); |
93 | |
|
94 | 0 | if ( y == "0" ) { |
95 | 0 | continue; |
96 | 0 | } |
97 | | |
98 | 0 | nlohmann::json parameters; |
99 | |
|
100 | 0 | parameters["modifier"] = ""; |
101 | 0 | parameters["a_x"] = "0"; |
102 | 0 | parameters["a_y"] = y; |
103 | 0 | parameters["b_x"] = *p; |
104 | 0 | parameters["b_y"] = y; |
105 | 0 | parameters["curveType"] = curveType; |
106 | |
|
107 | 0 | { |
108 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
109 | 0 | cryptofuzz::operation::ECC_Point_Add op(parameters); |
110 | 0 | op.Serialize(dsOut2); |
111 | 0 | write(CF_OPERATION("ECC_Point_Add"), dsOut2); |
112 | 0 | } |
113 | 0 | { |
114 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
115 | 0 | cryptofuzz::operation::ECC_Point_Cmp op(parameters); |
116 | 0 | op.Serialize(dsOut2); |
117 | 0 | write(CF_OPERATION("ECC_Point_Cmp"), dsOut2); |
118 | 0 | } |
119 | 0 | } |
120 | 0 | } |
121 | | |
122 | 0 | void Builtin_tests_importer::Run(void) { |
123 | 0 | { |
124 | | /* https://lists.gnupg.org/pipermail/gcrypt-devel/2022-April/005303.html */ |
125 | |
|
126 | 0 | nlohmann::json parameters; |
127 | |
|
128 | 0 | parameters["modifier"] = ""; |
129 | 0 | parameters["calcOp"] = CF_CALCOP("InvMod(A,B)"); |
130 | 0 | parameters["bn1"] = "18446744073709551615"; |
131 | 0 | parameters["bn2"] = "340282366762482138434845932244680310781"; |
132 | 0 | parameters["bn3"] = ""; |
133 | 0 | parameters["bn4"] = ""; |
134 | |
|
135 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
136 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
137 | 0 | op.Serialize(dsOut2); |
138 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
139 | 0 | } |
140 | |
|
141 | 0 | { |
142 | | /* OpenSSL CVE-2019-1551 */ |
143 | |
|
144 | 0 | nlohmann::json parameters; |
145 | |
|
146 | 0 | parameters["modifier"] = ""; |
147 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
148 | 0 | parameters["bn1"] = "40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000176079519223"; |
149 | 0 | parameters["bn2"] = "8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"; |
150 | 0 | parameters["bn3"] = "13407807926845237209807376456131917626043958556151178674833163543294276330515137663421134775482798690129946803802212663956180562088664022929883876655300863"; |
151 | 0 | parameters["bn4"] = ""; |
152 | |
|
153 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
154 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
155 | 0 | op.Serialize(dsOut2); |
156 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
157 | 0 | } |
158 | |
|
159 | 0 | { |
160 | | /* https://github.com/randombit/botan/issues/2424 */ |
161 | 0 | nlohmann::json parameters; |
162 | |
|
163 | 0 | parameters["modifier"] = ""; |
164 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256k1"); |
165 | 0 | parameters["signature"]["pub"][0] = "55066263022277343669578718895168534326250603453777594175500187360389116729240"; |
166 | 0 | parameters["signature"]["pub"][1] = "83121579216557378445487899878180864668798711284981320763518679672151497189239"; |
167 | 0 | parameters["signature"]["signature"][0] = "110618813224107091100351766566588261013518646361399424304146461958647130377927"; |
168 | 0 | parameters["signature"]["signature"][1] = "56528019055117870811188539769759161932852696818058491284544029456598522370972"; |
169 | 0 | parameters["cleartext"] = "1111111111111111111111111111111111111111111111111111111111111111"; |
170 | 0 | parameters["digestType"] = CF_DIGEST("NULL"); |
171 | |
|
172 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
173 | 0 | cryptofuzz::operation::ECDSA_Verify op(parameters); |
174 | 0 | op.Serialize(dsOut2); |
175 | 0 | write(CF_OPERATION("ECDSA_Verify"), dsOut2); |
176 | 0 | } |
177 | |
|
178 | 0 | { |
179 | | /* https://www.bearssl.org/gitweb/?p=BearSSL;a=commit;h=b2ec2030e40acf5e9e4cd0f2669aacb27eadb540 */ |
180 | 0 | nlohmann::json parameters; |
181 | |
|
182 | 0 | parameters["modifier"] = ""; |
183 | 0 | parameters["priv"] = "11649127978725198960843318989712164899186848538742274787971553381990000200000"; |
184 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256r1"); |
185 | |
|
186 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
187 | 0 | cryptofuzz::operation::ECC_PrivateToPublic op(parameters); |
188 | 0 | op.Serialize(dsOut2); |
189 | 0 | write(CF_OPERATION("ECC_PrivateToPublic"), dsOut2); |
190 | 0 | } |
191 | |
|
192 | 0 | { |
193 | | /* https://marc.info/?l=nettle-bugs&m=161588207403125&w=2 */ |
194 | 0 | nlohmann::json parameters; |
195 | |
|
196 | 0 | parameters["modifier"] = ""; |
197 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp192r1"); |
198 | 0 | parameters["signature"]["pub"][0] = "500377950244489656127360156902133231713860962293873817256"; |
199 | 0 | parameters["signature"]["pub"][1] = "2887465644744983053966665723554787622533253210326340420"; |
200 | 0 | parameters["signature"]["signature"][0] = "3657300785385429136677758856499483929823439200989267186171"; |
201 | 0 | parameters["signature"]["signature"][1] = "5795269996949228740681694823296899082100201373875130732539"; |
202 | 0 | parameters["cleartext"] = "000000000000000000000000000000000000000000000000000000000000000000000000000000"; |
203 | 0 | parameters["digestType"] = CF_DIGEST("NULL"); |
204 | |
|
205 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
206 | 0 | cryptofuzz::operation::ECDSA_Verify op(parameters); |
207 | 0 | op.Serialize(dsOut2); |
208 | 0 | write(CF_OPERATION("ECDSA_Verify"), dsOut2); |
209 | 0 | } |
210 | |
|
211 | 0 | { |
212 | | /* https://github.com/rust-num/num-bigint/security/advisories/GHSA-v935-pqmr-g8v9 */ |
213 | 0 | nlohmann::json parameters; |
214 | |
|
215 | 0 | parameters["modifier"] = ""; |
216 | 0 | parameters["calcOp"] = CF_CALCOP("Mul(A,B)"); |
217 | 0 | parameters["bn1"] = "1751908409537131537125538500170898456284834247157226603003757506211271703008740660271983629972621394589319817814743260788037132573827375525768352614087001005973802118154315411144459973145211065030321955006454014747636302404860000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005110000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000017519084095371315371255385001708984562848342471572266030037575062112717030087406602719836299726213963412282273518747979135756327447258318106026112550732285256285341873308870401245011922173311532720992339567250443769103127370206566800699963015941470784067816158765837377194325829065445567624503706135491647268992491738224567951239668590312737604150673060666707559622638573001000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000001000032775000000000000000000000000000000000006555000000000000000000000000000000000051100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000051100000000000000000000000000000000000000000334960500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"; |
218 | 0 | parameters["bn2"] = "2797679189209576882232471079282971466667503264695828071922995641071553787114128836633873598351674085412524450747325287506043932037609877791269972006279405783477282972574002592470898217439108291870425066016929898298595568441821391851338153520189124937000565863108757585688943794492548250171920749281854240014451605847638308528814193114137174934617873035855507692132353288378935151545324567224127084761100635590318246430281864531717115971821522869960800772154013870410713514817263603701256831934923596376750827057084391388579414322761092445019958287929785367190409859424282514607161384750248744246894267400334126527666192347048382861608676859583794215545946135426985605162029699661309148361935835838049147613132815547172177034415188811380575232915936892286852306218747063936830081482936433912398871780577119329222967918013689901263150859065930010876527512050816694384495830387130178631327813690427892424009174422792234729109457869209992122111016632739872116262169954918148565743431705375512533964199931883897031598613783513129869760207318140696855650264608969668036324091587995120791606398816403750416274638670130467935818571573416233004761481486095485357525770359044716973345541886530849184417147724179886510430719371803767195605138456576869771931973189069862778685846454471080918610604506088244933811564103358698361193309937783984537245720666353471340910628393719442804519413835410769736189301882336408437075316380072193858417997872601742886028967223450825996866132982238787108062128981531579203425536924928393487168186764812389187591"; |
219 | 0 | parameters["bn3"] = ""; |
220 | 0 | parameters["bn4"] = ""; |
221 | |
|
222 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
223 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
224 | 0 | op.Serialize(dsOut2); |
225 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
226 | 0 | } |
227 | |
|
228 | 0 | { |
229 | | /* https://github.com/rust-num/num-bigint/security/advisories/GHSA-v935-pqmr-g8v9 */ |
230 | 0 | nlohmann::json parameters; |
231 | |
|
232 | 0 | parameters["modifier"] = ""; |
233 | 0 | parameters["calcOp"] = CF_CALCOP("Mul(A,B)"); |
234 | 0 | parameters["bn1"] = "69028706008097653771008759296007733009090437432200025025774332354052705068741683083925775765002579732651683277123414663533794063382101216667914920854067079940588879071753405904943465107319997191327289490310033427256626904851969819564163980348615183249987499158200260912636796181965630156324904015264940261382669817217063182855468061831703661150949748964560506936438414791056738678154278474357849275113970992550797225373462256934563774924633262320452003642790959047667172173004977718438718090000810281014032489334505868728062867212581466354467036853674670077958664386535446506001630130550879693857011833688104597330112388773667398881554542147364887816637152918514129094650097764846899476825554852205351307738873855"; |
235 | 0 | parameters["bn2"] = "69028706008097653771008759296007733009090437432200025025774332354052705068741683083925775765002579732651683277123414663533794063382101216667914920854067079940588879071753405904943465107319997191327289490310033427256626904851969819564163980348615183249987499158200260912636796181965630156324904015264940261382669817217063182855468061831703661150949748964560506936438414791056738678154278474357849275113970992550797225373462256934563774924633262320452003642790959047667172173004977718438718090000810281014032489334505868728062867212581466354467036853674670077958664386535446506001630130550879693857011833688104597330112388773667398881554542147364887816637152918514129094650097764846899476825554852205351307738873855"; |
236 | 0 | parameters["bn3"] = ""; |
237 | 0 | parameters["bn4"] = ""; |
238 | |
|
239 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
240 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
241 | 0 | op.Serialize(dsOut2); |
242 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
243 | 0 | } |
244 | |
|
245 | 0 | { |
246 | | /* Golang CVE-2020-28362 */ |
247 | 0 | nlohmann::json parameters; |
248 | |
|
249 | 0 | parameters["modifier"] = ""; |
250 | 0 | parameters["calcOp"] = CF_CALCOP("Div(A,B)"); |
251 | 0 | parameters["bn1"] = "358584519483312945644489792915316013339044213602710057025378519713093403775367136811193552946833977964852518126323811094171558766538930477294102352202754014047364502074282733465406304420098300938956566223447604825044653165378660808654220934140317386797436605647547035344251783388681175309878896312462399123638673023164006870682291688559849045866459882379320156562785922188068315473675422884081282545585551825614880625446167289218701394762051695330313268350329794670812948253161408451292594274399739014207334417010637468928423812230184276456744239174379249933197618878593848583094470518068468475726232163738251342097310131905930680849272841028310664578746119939063442765402231456939008950869322974938151228522534139372358492400367498961062887558755690449895613873241293596533751769714345671099601805085450175971895168494532362861762934814864428824254852204206617143500938338181117207880503616725299211127546512818115025162590876618636137113052173104416742502737370368561596863399736140020047330555882318083963391058248166526086306611168546208630336470221867761274649438920040568240355586672364041369629766988259672325376650178190401608867559277691476127260253790633028606347115233006648630520749773904572753178889043306410896719481572103343151257984559179126182952864654671975108029265900253271279260727300581558603833473001393454378263888146034670369648665677332387305233636144636820609542552307297712575326282483088219364797533195447769892283665149403243048734442559060379708810893453009404035139630200988165163293459771147369671507353091036915501580344363703556650202292247902549540396387945135516860171484083732331686535327533515291973835390950002074616588957299230950697588081418292226086963178976935282629084335080571441914455808103825957199068010958996277462617927335718501285237045919758104196981999105518858251126327564147190086701668929297090121373535663609818681419563075950912216202332424883068817853033496499555250307990801867571088564005161664673851694229256378115638648711967528318552466672802110330008059638067066747110516351292340621738471081023538752239974534759950969642034030534106863317181567644921956697308425095871487425542259145473032249204703959073782781409685501205242565733194139385668548679372590671175855746161005301195684973904275031298698413622895419134796753780584005400540701887874140721503247382731199473767225405047398400665892466961323377904735289306649375970695412037370248078233160600982879621588651277122758167886610061589913754157729001992275704104029729771707872079834966270939433642806206561342677692311109263950694638483652945640442464312262166385467894441744878177991237719191592195607608010968428224996795182545652439560872863894777412299579640840660951585744739521620917567421859910971325810482806189011139581218197219166242252251855118549850046046453651591153201074401132761041294786520068923893446820885001484255943824367916739172500995608700812841219561395770641417061810303000385143703697529057598332943524416497066285977920802005198594416397501518528498652367107112055866928178996003742123437324727163112165590276736110279024667065966850377340712167466237741461559888221967513797884827358475696380933541024632966766947587059450560759115100093576469861745467102088463860983605675390140416"; |
252 | 0 | parameters["bn2"] = "3116993790579457447112748375893042185883167398101478500044008951038414813546166554193604781689483905113745086116961413538364549101826535278749528984539434150825232146580662992015104392219577709281905691600684304610994639362514232471635777137096483775692374282322321416347358625601198719838192872763284693327095548585209030652989125767665945751666251666781249228208446710065016892365364036009771822392156104220019925598210296323427693657536087760841942816372079251507563423637977322478084880856956309918941946307771998189102380977934814707818456810189379347891226469007943997345786155503820059890434979939600837568201858480321503830361948946705331241965703035668559654425406269872970231035411704377372746951809528608629300945476754956955805938623351575043073752500871558991234379742909928964581409819479085944051368873563373837009101846833339984480560976752809053961770671434338978398388560204645447703724199984475770945558793845347311457128529826632524332764651151104056195862097834702989475195228699072591076643639956271557249798825124879923081240336104893239982314449426399919355106156729480992170277085428429494273862436861040694446848521568697842837821998525586760233035088260864960481620272267809178052686378651882742418710867941520497113265858736038442030674995350240215192932908040888484500094808109360042377787113853444193499624184022297844268211937472606388538142811709531473149974848425977946807173749380686205613155711460512933223334354555134039937460678031886669908081061972278020739411427328481877058901237776006124858876541489371779404732971736692599100045053044164541684533206538666952910343024817905960904473619121303855813056898229851718917041124821367390414718959907062721395423081504744782211017626663433965451804736669946279503523096053536013393926631027386543457280075815030981602365425356343807003128627861605719797723429244794283621870099180363787018874917551205103597787288212344182555953097750744619054215939539365118656189233648808439420256994775740283818416263400942546666498452648195317344939713935608853131174929552803443522193418462837588504730243153990068880453046833861795895402331014869639709627204788524884524271080365359104"; |
253 | 0 | parameters["bn3"] = ""; |
254 | 0 | parameters["bn4"] = ""; |
255 | |
|
256 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
257 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
258 | 0 | op.Serialize(dsOut2); |
259 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
260 | 0 | } |
261 | |
|
262 | 0 | { |
263 | | /* SHA256 hash with 8 trailing zero bytes */ |
264 | | /* Bitcoin block 125552 */ |
265 | 0 | nlohmann::json parameters; |
266 | |
|
267 | 0 | parameters["modifier"] = ""; |
268 | 0 | parameters["cleartext"] = "b9d751533593ac10cdfb7b8e03cad8babc67d8eaeac0a3699b82857dacac9390"; |
269 | 0 | parameters["digestType"] = CF_DIGEST("SHA256"); |
270 | |
|
271 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
272 | 0 | cryptofuzz::operation::Digest op(parameters); |
273 | 0 | op.Serialize(dsOut2); |
274 | 0 | write(CF_OPERATION("Digest"), dsOut2); |
275 | 0 | } |
276 | |
|
277 | 0 | { |
278 | | /* https://github.com/supranational/blst/commit/fd453524b12cc438adc65636fc52375b0f47b17e */ |
279 | 0 | nlohmann::json parameters; |
280 | |
|
281 | 0 | parameters["modifier"] = ""; |
282 | 0 | parameters["calcOp"] = CF_CALCOP("InvMod(A,B)"); |
283 | 0 | parameters["bn1"] = "2277032426030151018417255337824965917622007080189340990097450826378373618725"; |
284 | 0 | parameters["bn2"] = ""; |
285 | 0 | parameters["bn3"] = ""; |
286 | 0 | parameters["bn4"] = ""; |
287 | |
|
288 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
289 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
290 | 0 | op.Serialize(dsOut2); |
291 | 0 | write(CF_OPERATION("BignumCalc_Mod_BLS12_381_R"), dsOut2); |
292 | 0 | } |
293 | |
|
294 | 0 | { |
295 | | /* https://github.com/Uniswap/v3-core/pull/430/files */ |
296 | |
|
297 | 0 | nlohmann::json parameters; |
298 | |
|
299 | 0 | parameters["modifier"] = ""; |
300 | 0 | parameters["calcOp"] = CF_CALCOP("MulDivCeil(A,B,C)"); |
301 | 0 | parameters["bn1"] = "535006138814359"; |
302 | 0 | parameters["bn2"] = "432862656469423142931042426214547535783388063929571229938474969"; |
303 | 0 | parameters["bn3"] = "2"; |
304 | 0 | parameters["bn4"] = ""; |
305 | |
|
306 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
307 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
308 | 0 | op.Serialize(dsOut2); |
309 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
310 | 0 | } |
311 | |
|
312 | 0 | { |
313 | | /* https://github.com/Uniswap/v3-core/pull/430/files */ |
314 | |
|
315 | 0 | nlohmann::json parameters; |
316 | |
|
317 | 0 | parameters["modifier"] = ""; |
318 | 0 | parameters["calcOp"] = CF_CALCOP("MulDivCeil(A,B,C)"); |
319 | 0 | parameters["bn1"] = "115792089237316195423570985008687907853269984659341747863450311749907997002549"; |
320 | 0 | parameters["bn2"] = "115792089237316195423570985008687907853269984659341747863450311749907997002550"; |
321 | 0 | parameters["bn3"] = "115792089237316195423570985008687907853269984653042931687443039491902864365164"; |
322 | 0 | parameters["bn4"] = ""; |
323 | |
|
324 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
325 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
326 | 0 | op.Serialize(dsOut2); |
327 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
328 | 0 | } |
329 | |
|
330 | 0 | { |
331 | | /* https://github.com/golang/go/issues/13907 */ |
332 | |
|
333 | 0 | nlohmann::json parameters; |
334 | |
|
335 | 0 | parameters["modifier"] = ""; |
336 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
337 | 0 | parameters["bn1"] = "1418360838713368667673807608798633154828274469458715950611059785834896527805417690789085638300131733678557961471105072833995051220886345238821026486295638442178801657267589731675776768680818543717651764266249120652633454343279113442582851856718699632320662426034208552957619670868361214955417792445559533666359913945094075526318633083339086293805242149773290515790029160349974149916049663724954402278771033515686640812594645899824402214411681144291057738782901589752407152546285500325727790648656476961831729737057388660643870936505482616729051729211477578353666989142857840895914122409544353738887054069413559429260476984056256590108364746161559530999482171745955856981696365351935611637940187291993977926536851499719922938174726202303844116951741128343669136727739112988600360076754991850627780768639329676710328504497510310153216648615854324605429493776944146392167255062895811127002608360939239504886537408994527412223"; |
338 | 0 | parameters["bn2"] = "1418360838713368667673807608798633154828274469458715950611059785834896527805417690789085638300131733678557961471105072833995051220886345238821026486295638442178801657267589731675776768680818543717651764266249120652633454343279113442582851856718699632320662426034208552957619670868361214955417792445559533666359913945094075526318633083339086293805242149773290515790029160349974149916049663724954402278771033515686640812594645899824402214411681144291057738782901589752407152546285500325727790648656476961831729737057388660643870936505482616729051729211477578353666989142857840895914122409544353738887054069413559429260476984056256590108364746161559530999482171745955856981696365351935611637940187291993977926536851499719922938174726202303844116951741128343669136727739112988600360076754991850627780768639329676710328504497510310153216648615854324605429493776944146392167255062895811127002608360939239504886537408994527412223"; |
339 | 0 | parameters["bn3"] = "1418360838713368667673807608798633154828274469458715950611059785834896527805417690789085638300131733678557961471105072833995051220886345238821026486295638442178801657267589731675776768680818543717651764266249120652633454343279113442582851856718699632320662426034208552957619670868361214955417792445559533666359913945094075526318633083339086293805242149773290515790029160349974149916049663724954402278771033515686640812594645899824402214411681144291057738782901589752407152546285500325727790648656476961831729737057388660643870936505482616729051729211477578353666989142857840895914122409544353738887054069413559429260476984056256590108364746161559530999482171745955856981696365351935611637940187291993977926536851499719922938174726202303844116951741128343669136727739112988600360076754991850627780768639329676710328504497510310153216648615854324605429493776944146392167255062895811127002608360939239504886537408994527412223"; |
340 | 0 | parameters["bn4"] = ""; |
341 | |
|
342 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
343 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
344 | 0 | op.Serialize(dsOut2); |
345 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
346 | 0 | } |
347 | |
|
348 | 0 | { |
349 | | /* https://boringssl.googlesource.com/boringssl/+/13c9d5c69d04485a7a8840c12185c832026c8315 */ |
350 | |
|
351 | 0 | nlohmann::json parameters; |
352 | |
|
353 | 0 | parameters["modifier"] = ""; |
354 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
355 | 0 | parameters["bn1"] = "20602718629153394716678609007360754677019714782193251481833419525142182531659985037375070145510293237451017584368188091022126870685458069386237266432"; |
356 | 0 | parameters["bn2"] = "20602718629153394716678609007360754677019714782193251481833419525142182531659985037375070145510293237451017584368188091022126870685458069386237266432"; |
357 | 0 | parameters["bn3"] = "65217794507498284936929595904182101586640070918206415302952825748181333802289344613133621268930484603009814379302693417284819444828923226393652383809"; |
358 | 0 | parameters["bn4"] = ""; |
359 | |
|
360 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
361 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
362 | 0 | op.Serialize(dsOut2); |
363 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
364 | 0 | } |
365 | |
|
366 | 0 | { |
367 | | /* https://boringssl.googlesource.com/boringssl/+/801a801024febe1a33add5ddaa719e257d97aba5 */ |
368 | |
|
369 | 0 | nlohmann::json parameters; |
370 | |
|
371 | 0 | parameters["modifier"] = ""; |
372 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
373 | 0 | parameters["bn1"] = "89884656743115795386465259539451236680898848947115328636715040578866337902750481566354238661203768010560056939935696678829394884407208311246423715319737062188883946712432742638151109800623047059726541476042502884419075341171231440736956555270413618581675255342293149119973622969239858152417678164812112068655"; |
374 | 0 | parameters["bn2"] = "89884656743115795386465259539451236680898848947115328636715040578866337902750481566354238661203768010560056939935696678829394884407208311246423715319737062188883946712432742638151109800623047059726541476042502884419075341171231440736956555270413618581675255342293149119973622969239858152417678164812112068655"; |
375 | 0 | parameters["bn3"] = "110712342659234704809244035008539225969130598408797005845753716999319814214739296549114375241509614852298035339711279727177173735185255364464495383658836380542690091228961831375338481258508265201612357782400124208382831563085709077734915006403595639818924209530864150551054958526719929068349301815032958984375"; |
376 | 0 | parameters["bn4"] = ""; |
377 | |
|
378 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
379 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
380 | 0 | op.Serialize(dsOut2); |
381 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
382 | 0 | } |
383 | |
|
384 | 0 | { |
385 | | /* 512 bit inputs yielding 2**64-1 */ |
386 | 0 | nlohmann::json parameters; |
387 | |
|
388 | 0 | parameters["modifier"] = ""; |
389 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
390 | 0 | parameters["bn1"] = "8857680208213208509443553580592817279107514610654747966428883303770450045061809795764801319828357860402334295927798779929296899829050529494276811105535740"; |
391 | 0 | parameters["bn2"] = "6703903964971298549787012499102923063739682910296196688861780721860882015036773488400937149083451713845015929093243025426876941405973284973216824503042049"; |
392 | 0 | parameters["bn3"] = "13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006083527"; |
393 | 0 | parameters["bn4"] = ""; |
394 | |
|
395 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
396 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
397 | 0 | op.Serialize(dsOut2); |
398 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
399 | 0 | } |
400 | |
|
401 | 0 | { |
402 | | /* 512 bit inputs yielding 2**64+1 */ |
403 | 0 | nlohmann::json parameters; |
404 | |
|
405 | 0 | parameters["modifier"] = ""; |
406 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
407 | 0 | parameters["bn1"] = "10204275329685018288440986110192577709537908906243621545783045708979843711237025920291739990009664202518790138641499595280669022981609615550964238785177371"; |
408 | 0 | parameters["bn2"] = "6703903964971298549787012499102923063739682910296196688861780721860882015036773488400937149083451713845015929093243025426876941405973284973216824503042049"; |
409 | 0 | parameters["bn3"] = "13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006083527"; |
410 | 0 | parameters["bn4"] = ""; |
411 | |
|
412 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
413 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
414 | 0 | op.Serialize(dsOut2); |
415 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
416 | 0 | } |
417 | |
|
418 | 0 | { |
419 | | /* 512 bit inputs yielding 2**64 */ |
420 | 0 | nlohmann::json parameters; |
421 | |
|
422 | 0 | parameters["modifier"] = ""; |
423 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
424 | 0 | parameters["bn1"] = "7883116657589281974271912623637700107012187748714288892978317742749330820363436618231507443222736815405757624205390521540488152726116425414697649638915851"; |
425 | 0 | parameters["bn2"] = "6703903964971298549787012499102923063739682910296196688861780721860882015036773488400937149083451713845015929093243025426876941405973284973216824503042051"; |
426 | 0 | parameters["bn3"] = "13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006084171"; |
427 | 0 | parameters["bn4"] = ""; |
428 | |
|
429 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
430 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
431 | 0 | op.Serialize(dsOut2); |
432 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
433 | 0 | } |
434 | |
|
435 | 0 | { |
436 | | /* 1024 bit inputs yielding 2**64-1 */ |
437 | 0 | nlohmann::json parameters; |
438 | |
|
439 | 0 | parameters["modifier"] = ""; |
440 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
441 | 0 | parameters["bn1"] = "110021198500991967651473336073512924367198080280993801155862175687208955447876903306056316802924356113531362673660885844479984811437416689853419575919456216600834216594364521611307242122099434481902932110150549263997297289055570951695734720650565352979270674449771645079830419587778176208091486492269276625052"; |
442 | 0 | parameters["bn2"] = "89884656743115795386465259539451236680898848947115328636715040578866337902750481566354238661203768010560056939935696678829394884407208311246423715319737062188883946712432742638151109800623047059726541476042502884419075341171231440736956555270413618581675255342293149119973622969239858152417678164812112068609"; |
443 | 0 | parameters["bn3"] = "179769313486231590772930519078902473361797697894230657273430081157732675805500963132708477322407536021120113879871393357658789768814416622492847430639474124377767893424865485276302219601246094119453082952085005768838150682342462881473913110540827237163350510684586298239947245938479716304835356329624224137037"; |
444 | 0 | parameters["bn4"] = ""; |
445 | |
|
446 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
447 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
448 | 0 | op.Serialize(dsOut2); |
449 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
450 | 0 | } |
451 | |
|
452 | 0 | { |
453 | | /* 1024 bit inputs yielding 2**64+1 */ |
454 | 0 | nlohmann::json parameters; |
455 | |
|
456 | 0 | parameters["modifier"] = ""; |
457 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
458 | 0 | parameters["bn1"] = "138410589331258564638748296036783696227294962567186300676459344541571361815053804625909677099447790672592370729455096609650139539565024626012507071092207784473803413938741074607148467420052958140679341422106167520452014781761894178531214995987524986814991021604189840198271286245691479388062392791077956993027"; |
459 | 0 | parameters["bn2"] = "89884656743115795386465259539451236680898848947115328636715040578866337902750481566354238661203768010560056939935696678829394884407208311246423715319737062188883946712432742638151109800623047059726541476042502884419075341171231440736956555270413618581675255342293149119973622969239858152417678164812112068609"; |
460 | 0 | parameters["bn3"] = "179769313486231590772930519078902473361797697894230657273430081157732675805500963132708477322407536021120113879871393357658789768814416622492847430639474124377767893424865485276302219601246094119453082952085005768838150682342462881473913110540827237163350510684586298239947245938479716304835356329624224137037"; |
461 | 0 | parameters["bn4"] = ""; |
462 | |
|
463 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
464 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
465 | 0 | op.Serialize(dsOut2); |
466 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
467 | 0 | } |
468 | |
|
469 | 0 | { |
470 | | /* 1024 bit inputs yielding 2**64 */ |
471 | 0 | nlohmann::json parameters; |
472 | |
|
473 | 0 | parameters["modifier"] = ""; |
474 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
475 | 0 | parameters["bn1"] = "96140176794786042540881117365913614929332473599594543813015078247626462630063942904834778278554686465332846117127424814467831005328876422538408607223040418172986545355989261170028333879457384674630957359078099386975063368055999862340142799924547016668876836154665794866224612287640504502622973635534306776009"; |
476 | 0 | parameters["bn2"] = "89884656743115795386465259539451236680898848947115328636715040578866337902750481566354238661203768010560056939935696678829394884407208311246423715319737062188883946712432742638151109800623047059726541476042502884419075341171231440736956555270413618581675255342293149119973622969239858152417678164812112068609"; |
477 | 0 | parameters["bn3"] = "179769313486231590772930519078902473361797697894230657273430081157732675805500963132708477322407536021120113879871393357658789768814416622492847430639474124377767893424865485276302219601246094119453082952085005768838150682342462881473913110540827237163350510684586298239947245938479716304835356329624224137859"; |
478 | 0 | parameters["bn4"] = ""; |
479 | |
|
480 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
481 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
482 | 0 | op.Serialize(dsOut2); |
483 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
484 | 0 | } |
485 | |
|
486 | 0 | { |
487 | | /* https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52254 */ |
488 | | /* https://github.com/wolfSSL/wolfssl/pull/5678 */ |
489 | |
|
490 | 0 | nlohmann::json parameters; |
491 | |
|
492 | 0 | parameters["modifier"] = ""; |
493 | 0 | parameters["priv"] = "11585786163492885056380767646980529820642384438006324781887073210690758323606587537816654998335339085556313855093008"; |
494 | 0 | parameters["curveType"] = CF_ECC_CURVE("x448"); |
495 | |
|
496 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
497 | 0 | cryptofuzz::operation::ECC_PrivateToPublic op(parameters); |
498 | 0 | op.Serialize(dsOut2); |
499 | 0 | write(CF_OPERATION("ECC_PrivateToPublic"), dsOut2); |
500 | 0 | } |
501 | |
|
502 | 0 | { |
503 | | /* https://github.com/wolfSSL/wolfssl/pull/6003 */ |
504 | |
|
505 | 0 | nlohmann::json parameters; |
506 | |
|
507 | 0 | parameters["modifier"] = ""; |
508 | 0 | parameters["a_x"] = "1461501637330902918203684832716283019655932542975"; |
509 | 0 | parameters["a_y"] = "11609380572034919287886309116126653411323965359192156722598435656797507005828"; |
510 | 0 | parameters["b"] = "269915374621615810086997776176285181565415955270619529150241"; |
511 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256r1"); |
512 | |
|
513 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
514 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
515 | 0 | op.Serialize(dsOut2); |
516 | 0 | write(CF_OPERATION("ECC_Point_Mul"), dsOut2); |
517 | 0 | } |
518 | |
|
519 | 0 | { |
520 | | /* http://blog.intothesymmetry.com/2017/08/cve-2017-7781cve-2017-10176-issue-with.html */ |
521 | |
|
522 | 0 | nlohmann::json parameters; |
523 | |
|
524 | 0 | parameters["modifier"] = ""; |
525 | 0 | parameters["a_x"] = "2661740802050217063228768716723360960729859168756973147706671368418802944996427808491545080627771902352094241225065558662157113545570916814161637315895999846"; |
526 | 0 | parameters["a_y"] = "3757180025770020463545507224491183603594455134769762486694567779615544477440556316691234405012945539562144444537289428522585666729196580810124344277578376784"; |
527 | 0 | parameters["b"] = "6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005431"; |
528 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp521r1"); |
529 | |
|
530 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
531 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
532 | 0 | op.Serialize(dsOut2); |
533 | 0 | write(CF_OPERATION("ECC_Point_Mul"), dsOut2); |
534 | 0 | } |
535 | |
|
536 | 0 | { |
537 | | /* Golang CVE-2021-3114 */ |
538 | | /* https://github.com/golang/go/issues/43786 */ |
539 | |
|
540 | 0 | nlohmann::json parameters; |
541 | |
|
542 | 0 | parameters["modifier"] = ""; |
543 | 0 | parameters["a_x"] = "10211801120651255508388282367"; |
544 | 0 | parameters["a_y"] = "17794997632729865045905302536719945017659653925093423468305170213703"; |
545 | 0 | parameters["b"] = "1"; |
546 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp224r1"); |
547 | |
|
548 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
549 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
550 | 0 | op.Serialize(dsOut2); |
551 | 0 | write(CF_OPERATION("ECC_Point_Mul"), dsOut2); |
552 | 0 | } |
553 | |
|
554 | 0 | { |
555 | | /* OSS-Fuzz #56024 / wolfSSL ZD 15677 */ |
556 | | /* Scalar which causes X to be 0 */ |
557 | |
|
558 | 0 | { |
559 | 0 | nlohmann::json parameters; |
560 | |
|
561 | 0 | parameters["modifier"] = ""; |
562 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp521r1"); |
563 | 0 | parameters["priv"] = "1"; |
564 | 0 | parameters["nonce"] = "6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005431"; |
565 | 0 | parameters["cleartext"] = "FF"; |
566 | 0 | parameters["nonceSource"] = 2; |
567 | 0 | parameters["digestType"] = CF_DIGEST("NULL"); |
568 | |
|
569 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
570 | 0 | cryptofuzz::operation::ECDSA_Sign op(parameters); |
571 | 0 | op.Serialize(dsOut2); |
572 | 0 | write(CF_OPERATION("ECDSA_Sign"), dsOut2); |
573 | 0 | } |
574 | 0 | { |
575 | 0 | nlohmann::json parameters; |
576 | |
|
577 | 0 | parameters["modifier"] = ""; |
578 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp521r1"); |
579 | 0 | parameters["a_x"] = "2661740802050217063228768716723360960729859168756973147706671368418802944996427808491545080627771902352094241225065558662157113545570916814161637315895999846"; |
580 | 0 | parameters["a_y"] = "3757180025770020463545507224491183603594455134769762486694567779615544477440556316691234405012945539562144444537289428522585666729196580810124344277578376784"; |
581 | 0 | parameters["b"] = "6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005431"; |
582 | |
|
583 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
584 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
585 | 0 | op.Serialize(dsOut2); |
586 | 0 | write(CF_OPERATION("ECC_Point_Mul"), dsOut2); |
587 | 0 | } |
588 | 0 | { |
589 | 0 | nlohmann::json parameters; |
590 | |
|
591 | 0 | parameters["modifier"] = ""; |
592 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp521r1"); |
593 | 0 | parameters["priv"] = "6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005431"; |
594 | |
|
595 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
596 | 0 | cryptofuzz::operation::ECC_PrivateToPublic op(parameters); |
597 | 0 | op.Serialize(dsOut2); |
598 | 0 | write(CF_OPERATION("ECC_PrivateToPublic"), dsOut2); |
599 | 0 | } |
600 | 0 | } |
601 | |
|
602 | 0 | { |
603 | | /* https://github.com/golang/go/issues/58647 */ |
604 | |
|
605 | 0 | nlohmann::json parameters; |
606 | |
|
607 | 0 | parameters["modifier"] = ""; |
608 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256r1"); |
609 | 0 | parameters["a_x"] = "48439561293906451759052585252797914202762949526041747995844080717082404635286"; |
610 | 0 | parameters["a_y"] = "36134250956749795798585127919587881956611106672985015071877198253568414405109"; |
611 | 0 | parameters["b"] = "115792089210356248762697446949407573529996955224135760342422259061068512044399"; |
612 | |
|
613 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
614 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
615 | 0 | op.Serialize(dsOut2); |
616 | 0 | write(CF_OPERATION("ECC_Point_Mul"), dsOut2); |
617 | 0 | } |
618 | |
|
619 | 0 | { |
620 | | /* Scalar such that k1_neg is true and k2_neg is false */ |
621 | | /* https://github.com/AleoHQ/snarkVM/blob/9ade8409432ff4d8cbc3ba5ac6dde97655beac6b/fields/src/fp_256.rs#L496-L504 */ |
622 | 0 | nlohmann::json parameters; |
623 | |
|
624 | 0 | parameters["modifier"] = ""; |
625 | 0 | parameters["a_x"] = "89363714989903307245735717098563574705733591463163614225748337416674727625843187853442697973404985688481508350822"; |
626 | 0 | parameters["a_y"] = "3702177272937190650578065972808860481433820514072818216637796320125658674906330993856598323293086021583822603349"; |
627 | 0 | parameters["b"] = "4453541893742930593214268654180304148230257050803212829091857752531601981440"; |
628 | 0 | parameters["curveType"] = CF_ECC_CURVE("BLS12_377"); |
629 | |
|
630 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
631 | 0 | cryptofuzz::operation::BLS_G1_Mul op(parameters); |
632 | 0 | op.Serialize(dsOut2); |
633 | 0 | write(CF_OPERATION("BLS_G1_Mul"), dsOut2); |
634 | 0 | } |
635 | |
|
636 | 0 | { |
637 | | /* Scalar such that k1_neg is false and k2_neg is true */ |
638 | | /* https://github.com/AleoHQ/snarkVM/blob/9ade8409432ff4d8cbc3ba5ac6dde97655beac6b/fields/src/fp_256.rs#L496-L504 */ |
639 | 0 | nlohmann::json parameters; |
640 | |
|
641 | 0 | parameters["modifier"] = ""; |
642 | 0 | parameters["a_x"] = "89363714989903307245735717098563574705733591463163614225748337416674727625843187853442697973404985688481508350822"; |
643 | 0 | parameters["a_y"] = "3702177272937190650578065972808860481433820514072818216637796320125658674906330993856598323293086021583822603349"; |
644 | 0 | parameters["b"] = "91893752504881257701523279626832445440"; |
645 | 0 | parameters["curveType"] = CF_ECC_CURVE("BLS12_377"); |
646 | |
|
647 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
648 | 0 | cryptofuzz::operation::BLS_G1_Mul op(parameters); |
649 | 0 | op.Serialize(dsOut2); |
650 | 0 | write(CF_OPERATION("BLS_G1_Mul"), dsOut2); |
651 | 0 | } |
652 | |
|
653 | 0 | { |
654 | | /* Scalar such that k1_neg is true and k2_neg is true */ |
655 | | /* https://github.com/AleoHQ/snarkVM/blob/9ade8409432ff4d8cbc3ba5ac6dde97655beac6b/fields/src/fp_256.rs#L496-L504 */ |
656 | 0 | nlohmann::json parameters; |
657 | |
|
658 | 0 | parameters["modifier"] = ""; |
659 | 0 | parameters["a_x"] = "89363714989903307245735717098563574705733591463163614225748337416674727625843187853442697973404985688481508350822"; |
660 | 0 | parameters["a_y"] = "3702177272937190650578065972808860481433820514072818216637796320125658674906330993856598323293086021583822603349"; |
661 | 0 | parameters["b"] = "4453541893742930593214268654180304148185019842427544528882691061914575669721"; |
662 | 0 | parameters["curveType"] = CF_ECC_CURVE("BLS12_377"); |
663 | |
|
664 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
665 | 0 | cryptofuzz::operation::BLS_G1_Mul op(parameters); |
666 | 0 | op.Serialize(dsOut2); |
667 | 0 | write(CF_OPERATION("BLS_G1_Mul"), dsOut2); |
668 | 0 | } |
669 | |
|
670 | 0 | { |
671 | | /* Scalar such that k1neg is true and k2neg is false */ |
672 | | /* https://github.com/paulmillr/noble-curves/blob/1c6aa07ff702815b52080d6d9772cb2d1ab84bcc/src/secp256k1.ts#L79-L80 */ |
673 | 0 | nlohmann::json parameters; |
674 | |
|
675 | 0 | parameters["modifier"] = ""; |
676 | 0 | parameters["a_x"] = "55066263022277343669578718895168534326250603453777594175500187360389116729240"; |
677 | 0 | parameters["a_y"] = "32670510020758816978083085130507043184471273380659243275938904335757337482424"; |
678 | 0 | parameters["b"] = "2704427838213584814824020837927043695889"; |
679 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256k1"); |
680 | |
|
681 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
682 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
683 | 0 | op.Serialize(dsOut2); |
684 | 0 | write(CF_OPERATION("ECC_Point_Mul"), dsOut2); |
685 | 0 | } |
686 | |
|
687 | 0 | { |
688 | | /* Scalar such that k1neg is false and k2neg is true */ |
689 | | /* https://github.com/paulmillr/noble-curves/blob/1c6aa07ff702815b52080d6d9772cb2d1ab84bcc/src/secp256k1.ts#L79-L80 */ |
690 | 0 | nlohmann::json parameters; |
691 | |
|
692 | 0 | parameters["modifier"] = ""; |
693 | 0 | parameters["a_x"] = "55066263022277343669578718895168534326250603453777594175500187360389116729240"; |
694 | 0 | parameters["a_y"] = "32670510020758816978083085130507043184471273380659243275938904335757337482424"; |
695 | 0 | parameters["b"] = "367917413016453100223835821029139468248"; |
696 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256k1"); |
697 | |
|
698 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
699 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
700 | 0 | op.Serialize(dsOut2); |
701 | 0 | write(CF_OPERATION("ECC_Point_Mul"), dsOut2); |
702 | 0 | } |
703 | |
|
704 | 0 | { |
705 | | /* Scalar such that k1neg is true and k2neg is true */ |
706 | | /* https://github.com/paulmillr/noble-curves/blob/1c6aa07ff702815b52080d6d9772cb2d1ab84bcc/src/secp256k1.ts#L79-L80 */ |
707 | 0 | nlohmann::json parameters; |
708 | |
|
709 | 0 | parameters["modifier"] = ""; |
710 | 0 | parameters["a_x"] = "55066263022277343669578718895168534326250603453777594175500187360389116729240"; |
711 | 0 | parameters["a_y"] = "32670510020758816978083085130507043184471273380659243275938904335757337482424"; |
712 | 0 | parameters["b"] = "3808180077262944115495528301014462100633"; |
713 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256k1"); |
714 | |
|
715 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
716 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
717 | 0 | op.Serialize(dsOut2); |
718 | 0 | write(CF_OPERATION("ECC_Point_Mul"), dsOut2); |
719 | 0 | } |
720 | |
|
721 | 0 | { |
722 | | /* https://github.com/golang/go/issues/60717 */ |
723 | |
|
724 | 0 | nlohmann::json parameters; |
725 | |
|
726 | 0 | parameters["modifier"] = ""; |
727 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256r1"); |
728 | 0 | parameters["priv"] = "115792089210356248762697446949407573529996955224135760342422259061068512044335"; |
729 | |
|
730 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
731 | 0 | cryptofuzz::operation::ECC_PrivateToPublic op(parameters); |
732 | 0 | op.Serialize(dsOut2); |
733 | 0 | write(CF_OPERATION("ECC_PrivateToPublic"), dsOut2); |
734 | 0 | } |
735 | |
|
736 | 0 | { |
737 | | /* https://github.com/ziglang/zig/issues/16015 */ |
738 | 0 | nlohmann::json parameters; |
739 | |
|
740 | 0 | parameters["modifier"] = ""; |
741 | 0 | parameters["a_x"] = "0"; |
742 | 0 | parameters["a_y"] = "69528327468847610065686496900697922508397251637412376320436699849860351814667"; |
743 | 0 | parameters["b_x"] = "87812602023915091554008014672837927937550987992501844572273008327590008072628"; |
744 | 0 | parameters["b_y"] = "30362411217190829796407765600294096177413203619928371208700569416610654782886"; |
745 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256r1"); |
746 | |
|
747 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
748 | 0 | cryptofuzz::operation::ECC_Point_Add op(parameters); |
749 | 0 | op.Serialize(dsOut2); |
750 | 0 | write(CF_OPERATION("ECC_Point_Add"), dsOut2); |
751 | 0 | } |
752 | |
|
753 | 0 | { |
754 | | /* https://github.com/ziglang/zig/issues/16015 */ |
755 | 0 | nlohmann::json parameters; |
756 | |
|
757 | 0 | parameters["modifier"] = ""; |
758 | 0 | parameters["a_x"] = "0"; |
759 | 0 | parameters["a_y"] = "69528327468847610065686496900697922508397251637412376320436699849860351814667"; |
760 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256r1"); |
761 | |
|
762 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
763 | 0 | cryptofuzz::operation::ECC_Point_Neg op(parameters); |
764 | 0 | op.Serialize(dsOut2); |
765 | 0 | write(CF_OPERATION("ECC_Point_Neg"), dsOut2); |
766 | 0 | } |
767 | |
|
768 | 0 | { |
769 | | /* Constantine reduction bug |
770 | | * See: https://github.com/mratsim/constantine/pull/246 |
771 | | * |
772 | | * The value 99991354... is not correctly reduced. |
773 | | * It should be reduced to: |
774 | | * |
775 | | * 12438382621792666829867546060348789607499334696836705804942116422219107371996 |
776 | | * |
777 | | * but instead it's reduced to: |
778 | | * |
779 | | * 15799706753741153944312733465658775401912183027931573190983152910194379930064 |
780 | | * |
781 | | * (12438382..., 19477683...) is a point on the curve, hence the BLS_IsG1OnCurve |
782 | | * operation should return true, but Constantine returns false if the reduction |
783 | | * goes wrong. |
784 | | */ |
785 | 0 | nlohmann::json parameters; |
786 | |
|
787 | 0 | parameters["modifier"] = ""; |
788 | 0 | parameters["g1_x"] = "99991354109149767718853169041377889962284579326028000455698268000800012206328"; |
789 | 0 | parameters["g1_y"] = "19477683966075399121106742794884590508635870985837037700497071177979691234489"; |
790 | 0 | parameters["curveType"] = CF_ECC_CURVE("alt_bn128"); |
791 | |
|
792 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
793 | 0 | cryptofuzz::operation::BLS_IsG1OnCurve op(parameters); |
794 | 0 | op.Serialize(dsOut2); |
795 | 0 | write(CF_OPERATION("BLS_IsG1OnCurve"), dsOut2); |
796 | 0 | } |
797 | |
|
798 | 0 | { |
799 | | /* Constantine modular exponentiation crash */ |
800 | | /* https://github.com/mratsim/constantine/pull/251 */ |
801 | |
|
802 | 0 | nlohmann::json parameters; |
803 | |
|
804 | 0 | parameters["modifier"] = ""; |
805 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
806 | 0 | parameters["bn1"] = "174050332293622031404857552280219410364023488927386650641"; |
807 | 0 | parameters["bn2"] = "6612720053854191978412609357563545875491153188501906352980899759345275170452624446196"; |
808 | 0 | parameters["bn3"] = "75943471580235788919365009217869974981188866964726753486351395808039716718239878128412997724308541139386707755089002519127084628967424"; |
809 | 0 | parameters["bn4"] = ""; |
810 | |
|
811 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
812 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
813 | 0 | op.Serialize(dsOut2); |
814 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
815 | 0 | } |
816 | |
|
817 | 0 | { |
818 | | /* libtommath mp_exptmod incorrect result (64 bit) */ |
819 | | /* https://github.com/libtom/libtommath/issues/563 */ |
820 | |
|
821 | 0 | nlohmann::json parameters; |
822 | |
|
823 | 0 | parameters["modifier"] = ""; |
824 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
825 | 0 | parameters["bn1"] = "24"; |
826 | 0 | parameters["bn2"] = "9223372036854775808"; |
827 | 0 | parameters["bn3"] = "75556710804409716572160"; |
828 | 0 | parameters["bn4"] = ""; |
829 | |
|
830 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
831 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
832 | 0 | op.Serialize(dsOut2); |
833 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
834 | 0 | } |
835 | |
|
836 | 0 | { |
837 | | /* libtommath mp_exptmod incorrect result (32 bit) */ |
838 | | /* https://github.com/libtom/libtommath/issues/563 */ |
839 | |
|
840 | 0 | nlohmann::json parameters; |
841 | |
|
842 | 0 | parameters["modifier"] = ""; |
843 | 0 | parameters["calcOp"] = CF_CALCOP("ExpMod(A,B,C)"); |
844 | 0 | parameters["bn1"] = "67927325822352824469517479013"; |
845 | 0 | parameters["bn2"] = "2147483648"; |
846 | 0 | parameters["bn3"] = "1879048192"; |
847 | 0 | parameters["bn4"] = ""; |
848 | |
|
849 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
850 | 0 | cryptofuzz::operation::BignumCalc op(parameters); |
851 | 0 | op.Serialize(dsOut2); |
852 | 0 | write(CF_OPERATION("BignumCalc"), dsOut2); |
853 | 0 | } |
854 | |
|
855 | 0 | { |
856 | | /* Point with invalid order */ |
857 | 0 | nlohmann::json parameters; |
858 | |
|
859 | 0 | parameters["modifier"] = ""; |
860 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp112r2"); |
861 | 0 | parameters["pub_x"] = "3442185213147111329368355265766312"; |
862 | 0 | parameters["pub_y"] = "3035790070451486434651648738331985"; |
863 | |
|
864 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
865 | 0 | cryptofuzz::operation::ECC_ValidatePubkey op(parameters); |
866 | 0 | op.Serialize(dsOut2); |
867 | 0 | write(CF_OPERATION("ECC_ValidatePubkey"), dsOut2); |
868 | 0 | } |
869 | |
|
870 | 0 | { |
871 | | /* Point with invalid order */ |
872 | 0 | nlohmann::json parameters; |
873 | |
|
874 | 0 | parameters["modifier"] = ""; |
875 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp128r2"); |
876 | 0 | parameters["pub_x"] = "23803343267601279673768051194421002560"; |
877 | 0 | parameters["pub_y"] = "182978486853283131272443761147132517897"; |
878 | |
|
879 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
880 | 0 | cryptofuzz::operation::ECC_ValidatePubkey op(parameters); |
881 | 0 | op.Serialize(dsOut2); |
882 | 0 | write(CF_OPERATION("ECC_ValidatePubkey"), dsOut2); |
883 | 0 | } |
884 | |
|
885 | 0 | { |
886 | | /* secp112r2, secp128r2 "exceptional pair"s. |
887 | | * May produce incorrect result in implementations |
888 | | * that have an otherwise adequate order check. |
889 | | * |
890 | | * X = -sqrt((1 - a)/3) over GF(P), Y = 0 |
891 | | */ |
892 | |
|
893 | 0 | static const std::vector< std::pair<uint64_t, std::string> > curve_point_x{ |
894 | 0 | {CF_ECC_CURVE("secp112r2"), "3610075134545239076002374364665933"}, |
895 | 0 | {CF_ECC_CURVE("secp128r2"), "311198077076599516590082177721943503641"}, |
896 | 0 | }; |
897 | |
|
898 | 0 | static const std::vector<uint64_t> operations{ |
899 | 0 | CF_OPERATION("ECC_ValidatePubkey"), |
900 | 0 | CF_OPERATION("ECC_Point_Add"), |
901 | 0 | CF_OPERATION("ECC_Point_Dbl"), |
902 | 0 | CF_OPERATION("ECC_Point_Mul"), |
903 | 0 | CF_OPERATION("ECC_Point_Neg"), |
904 | 0 | CF_OPERATION("ECC_Point_Cmp"), |
905 | 0 | CF_OPERATION("ECC_Point_Sub"), |
906 | 0 | }; |
907 | |
|
908 | 0 | for (const auto& cpx : curve_point_x) { |
909 | 0 | for (const auto& operation : operations) { |
910 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
911 | |
|
912 | 0 | nlohmann::json parameters; |
913 | |
|
914 | 0 | parameters["modifier"] = ""; |
915 | 0 | parameters["curveType"] = cpx.first; |
916 | |
|
917 | 0 | switch ( operation ) { |
918 | 0 | case CF_OPERATION("ECC_ValidatePubkey"): |
919 | 0 | { |
920 | 0 | parameters["pub_x"] = cpx.second; |
921 | 0 | parameters["pub_y"] = "0"; |
922 | 0 | cryptofuzz::operation::ECC_ValidatePubkey op(parameters); |
923 | 0 | op.Serialize(dsOut2); |
924 | 0 | } |
925 | 0 | break; |
926 | 0 | case CF_OPERATION("ECC_Point_Add"): |
927 | 0 | { |
928 | 0 | parameters["a_x"] = cpx.second; |
929 | 0 | parameters["a_y"] = "0"; |
930 | 0 | parameters["b_x"] = cpx.second; |
931 | 0 | parameters["b_y"] = "0"; |
932 | 0 | cryptofuzz::operation::ECC_Point_Add op(parameters); |
933 | 0 | op.Serialize(dsOut2); |
934 | 0 | } |
935 | 0 | break; |
936 | 0 | case CF_OPERATION("ECC_Point_Dbl"): |
937 | 0 | { |
938 | 0 | parameters["a_x"] = cpx.second; |
939 | 0 | parameters["a_y"] = "0"; |
940 | 0 | cryptofuzz::operation::ECC_Point_Dbl op(parameters); |
941 | 0 | op.Serialize(dsOut2); |
942 | 0 | } |
943 | 0 | break; |
944 | 0 | case CF_OPERATION("ECC_Point_Mul"): |
945 | 0 | { |
946 | 0 | parameters["a_x"] = cpx.second; |
947 | 0 | parameters["a_y"] = "0"; |
948 | 0 | parameters["b"] = "123"; |
949 | 0 | cryptofuzz::operation::ECC_Point_Mul op(parameters); |
950 | 0 | op.Serialize(dsOut2); |
951 | 0 | } |
952 | 0 | break; |
953 | 0 | case CF_OPERATION("ECC_Point_Neg"): |
954 | 0 | { |
955 | 0 | parameters["a_x"] = cpx.second; |
956 | 0 | parameters["a_y"] = "0"; |
957 | 0 | cryptofuzz::operation::ECC_Point_Neg op(parameters); |
958 | 0 | op.Serialize(dsOut2); |
959 | 0 | } |
960 | 0 | break; |
961 | 0 | case CF_OPERATION("ECC_Point_Cmp"): |
962 | 0 | { |
963 | 0 | parameters["a_x"] = cpx.second; |
964 | 0 | parameters["a_y"] = "0"; |
965 | 0 | parameters["b_x"] = cpx.second; |
966 | 0 | parameters["b_y"] = "0"; |
967 | 0 | cryptofuzz::operation::ECC_Point_Cmp op(parameters); |
968 | 0 | op.Serialize(dsOut2); |
969 | 0 | } |
970 | 0 | break; |
971 | 0 | case CF_OPERATION("ECC_Point_Sub"): |
972 | 0 | { |
973 | 0 | parameters["a_x"] = cpx.second; |
974 | 0 | parameters["a_y"] = "0"; |
975 | 0 | parameters["b_x"] = cpx.second; |
976 | 0 | parameters["b_y"] = "0"; |
977 | 0 | cryptofuzz::operation::ECC_Point_Sub op(parameters); |
978 | 0 | op.Serialize(dsOut2); |
979 | 0 | } |
980 | 0 | break; |
981 | 0 | default: |
982 | 0 | CF_UNREACHABLE(); |
983 | 0 | } |
984 | | |
985 | 0 | write(operation, dsOut2); |
986 | 0 | } |
987 | 0 | } |
988 | 0 | } |
989 | | |
990 | 0 | { |
991 | | /* https://github.com/Consensys/gnark-crypto/security/advisories/GHSA-pffg-92cg-xf5c */ |
992 | 0 | nlohmann::json parameters; |
993 | |
|
994 | 0 | parameters["modifier"] = "FF"; |
995 | 0 | parameters["calcOp"] = CF_CALCOP("Exp(A,B)"); |
996 | 0 | for (size_t i = 0; i < 12; i++) { |
997 | 0 | parameters["bn2"][i] = ""; |
998 | 0 | parameters["bn3"][i] = ""; |
999 | 0 | parameters["bn4"][i] = ""; |
1000 | 0 | } |
1001 | |
|
1002 | 0 | parameters["bn1"][0] = "2626087095966346280136331467821624713670076110047241834968556356777719820596817098542957361484700796833814656818212"; |
1003 | 0 | parameters["bn1"][1] = "2226935965816683899051549766499867769781721210859839055444218092320249432234914401718277560147546261846149731584833"; |
1004 | 0 | parameters["bn1"][2] = "539346005041174036257723625890455861233448349646800134038985099682814019019831776424444060585073010575626131979209"; |
1005 | 0 | parameters["bn1"][3] = "672937302133669310002460791420796717675669494603877895965087443227286139222277088407378521554067388375664187464749"; |
1006 | 0 | parameters["bn1"][4] = "745115694495605450154583030600159075847816911801368426005326623108850854422996317744722693764943195976395905622629"; |
1007 | 0 | parameters["bn1"][5] = "3193553919078618890647897169163215648084335859312668599095575999979721958351667443274459248029394656801777364634704"; |
1008 | 0 | parameters["bn1"][6] = "869335622719396378765621131339525816620648753103303983183872382618679101431626901481620494702997311005087184078579"; |
1009 | 0 | parameters["bn1"][7] = "3648816144715573370211138746483665498261639619750176995645272129148625186151821175281396331096036730004256785284954"; |
1010 | 0 | parameters["bn1"][8] = "3817234632364568477098935136267834171677408694388094738630566201239999711113287864886234857499013874770132511457356"; |
1011 | 0 | parameters["bn1"][9] = "1319781210985284920798582185323180740499971260321964884351147191496156702587295724628285581294021383187207075688907"; |
1012 | 0 | parameters["bn1"][10] = "1178407576865501590094907506798905838275621077557290606327022494655426258931127284947424086449226995592112218504900"; |
1013 | 0 | parameters["bn1"][11] = "3856614646892934948430841720966958962411860483604704572193098808168490071843665511871921847699871807381010444462821"; |
1014 | | |
1015 | | /* Exponent */ |
1016 | 0 | parameters["bn2"][0] = "169893631828481842931290008859743243489098146141979830311893424751855271950692001433356165550548410610101138388623573573742608490725625288296502860183437011025036209791574001140592327223981416956942076610555083128655330944007957223952510233203018053264066056080064687038560794652180979019775788172491868553073169893631828481842931290008859743243489098146141979830311893424751855271950692001433356165550548410610101138388623573573742608490725625288296502860183437011025036209791574001140592327223981416956942076610555083128655330944007957223952510233203018053264066056080064687038560794652180979019775788172491868553073"; |
1017 | |
|
1018 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
1019 | 0 | cryptofuzz::operation::BignumCalc_Fp12 op(parameters); |
1020 | 0 | op.Serialize(dsOut2); |
1021 | 0 | write(CF_OPERATION("BignumCalc_Fp12"), dsOut2, true); |
1022 | 0 | } |
1023 | |
|
1024 | 0 | { |
1025 | | /* Private key + msg such that secp256r1+SHA256+ECDSA+RFC6979 initially generates |
1026 | | * a nonce larger than the curve order, necessitating a second iteration. |
1027 | | * |
1028 | | * SHA256(msg) = E6790061637A5E15DB824D264C38B1985C5967039D75197639695C97F165A7B5 |
1029 | | * 1st nonce: 115792089222723290336929034212806201679256150086579264972334144142676277236044 |
1030 | | * 2nd nonce: 13371279309968744249919158834651416434798111428889265518135159131744736131709 |
1031 | | * R: 951562768829913217168991902851290818048490544125739820379426260295723095827 |
1032 | | * S: 6496266836069715028068417861118626967134037479105812216027316293116295558284 |
1033 | | */ |
1034 | 0 | nlohmann::json parameters; |
1035 | |
|
1036 | 0 | parameters["modifier"] = ""; |
1037 | 0 | parameters["curveType"] = CF_ECC_CURVE("secp256r1"); |
1038 | 0 | parameters["priv"] = "1"; |
1039 | 0 | parameters["nonce"] = "0"; /* Unused for RFC 6979 */ |
1040 | 0 | parameters["cleartext"] = "C4BB436F"; |
1041 | 0 | parameters["nonceSource"] = 1; /* RFC 6979 */ |
1042 | 0 | parameters["digestType"] = CF_DIGEST("SHA256"); |
1043 | |
|
1044 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
1045 | 0 | cryptofuzz::operation::ECDSA_Sign op(parameters); |
1046 | 0 | op.Serialize(dsOut2); |
1047 | 0 | write(CF_OPERATION("ECDSA_Sign"), dsOut2); |
1048 | 0 | } |
1049 | |
|
1050 | 0 | { |
1051 | | /* DSA verification which succeeds in Botan (because P is not prime) |
1052 | | * if group parameters are not verified (group.verify_group(rng)). |
1053 | | */ |
1054 | 0 | nlohmann::json parameters; |
1055 | |
|
1056 | 0 | parameters["modifier"] = ""; |
1057 | 0 | nlohmann::json parameters_; |
1058 | 0 | parameters_["p"] = "39"; |
1059 | 0 | parameters_["q"] = "103445297639227515900306925866938644023535590568056190636363003089459430453659"; |
1060 | 0 | parameters_["g"] = "1"; |
1061 | 0 | parameters["parameters"] = parameters_; |
1062 | 0 | parameters["signature"][0] = "1"; |
1063 | 0 | parameters["signature"][1] = "4313887950269461199253920588349192171833521845638"; |
1064 | 0 | parameters["pub"] = "3754147779781271845379928107568467997185228935021891714724352939945759369813"; |
1065 | 0 | parameters["cleartext"] = "20"; |
1066 | |
|
1067 | 0 | fuzzing::datasource::Datasource dsOut2(nullptr, 0); |
1068 | 0 | cryptofuzz::operation::DSA_Verify op(parameters); |
1069 | 0 | op.Serialize(dsOut2); |
1070 | 0 | write(CF_OPERATION("DSA_Verify"), dsOut2); |
1071 | 0 | } |
1072 | |
|
1073 | 0 | ecdsa_verify_tests(); |
1074 | 0 | ecc_point_add_tests(); |
1075 | 0 | } |
1076 | | |
1077 | | void Builtin_tests_importer::write( |
1078 | | const uint64_t operation, |
1079 | | fuzzing::datasource::Datasource& dsOut2, |
1080 | 0 | const bool twice) { |
1081 | 0 | fuzzing::datasource::Datasource dsOut(nullptr, 0); |
1082 | |
|
1083 | 0 | if ( twice == false ) { |
1084 | | /* Operation ID */ |
1085 | 0 | dsOut.Put<uint64_t>(operation); |
1086 | |
|
1087 | 0 | dsOut.PutData(dsOut2.GetOut()); |
1088 | | |
1089 | | /* Modifier */ |
1090 | 0 | dsOut.PutData(std::vector<uint8_t>(0)); |
1091 | | |
1092 | | /* Module ID */ |
1093 | 0 | dsOut.Put<uint64_t>(CF_MODULE("OpenSSL")); |
1094 | | |
1095 | | /* Terminator */ |
1096 | 0 | dsOut.Put<bool>(false); |
1097 | 0 | } else { |
1098 | 0 | dsOut.Put<uint64_t>(operation); |
1099 | |
|
1100 | 0 | dsOut.PutData(dsOut2.GetOut()); |
1101 | | |
1102 | | /* Modifier */ |
1103 | 0 | dsOut.PutData(std::vector<uint8_t>(0)); |
1104 | | |
1105 | | /* Module ID */ |
1106 | 0 | dsOut.Put<uint64_t>(CF_MODULE("OpenSSL")); |
1107 | | |
1108 | | /* Terminator */ |
1109 | 0 | dsOut.Put<bool>(true); |
1110 | | |
1111 | | /* Modifier */ |
1112 | 0 | dsOut.PutData(std::vector<uint8_t>(0)); |
1113 | | |
1114 | | /* Module ID */ |
1115 | 0 | dsOut.Put<uint64_t>(CF_MODULE("OpenSSL")); |
1116 | | |
1117 | | /* Terminator */ |
1118 | 0 | dsOut.Put<bool>(false); |
1119 | 0 | } |
1120 | |
|
1121 | 0 | { |
1122 | 0 | std::string filename = outDir + std::string("/") + util::SHA1(dsOut.GetOut()); |
1123 | 0 | FILE* fp = fopen(filename.c_str(), "wb"); |
1124 | 0 | fwrite(dsOut.GetOut().data(), dsOut.GetOut().size(), 1, fp); |
1125 | 0 | fclose(fp); |
1126 | 0 | } |
1127 | 0 | } |
1128 | | |
1129 | | } /* namespace cryptofuzz */ |