/src/crypto_sign_fuzzer.cc

Source
// Copyright 2026 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

#include <assert.h>
#include <stdlib.h>
#include <sodium.h>

#include "fake_random.h"

extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) {
  int initialized = sodium_init();
  assert(initialized >= 0);

  if (size < crypto_sign_SEEDBYTES) {
    return 0;
  }

  setup_fake_random(data, size);

  unsigned char pk[crypto_sign_PUBLICKEYBYTES];
  unsigned char sk[crypto_sign_SECRETKEYBYTES];

  const unsigned char *seed = data;
  const unsigned char *msg = data + crypto_sign_SEEDBYTES;
  size_t msg_len = size - crypto_sign_SEEDBYTES;

  crypto_sign_seed_keypair(pk, sk, seed);

  unsigned char *sig = (unsigned char *) malloc(crypto_sign_BYTES);
  unsigned long long sig_len;
  int err = crypto_sign_detached(sig, &sig_len, msg, msg_len, sk);
  assert(err == 0);
  assert(sig_len == crypto_sign_BYTES);

  err = crypto_sign_verify_detached(sig, msg, msg_len, pk);
  assert(err == 0);

  // Test multi-part signature
  crypto_sign_state state;
  crypto_sign_init(&state);
  crypto_sign_update(&state, msg, msg_len / 2);
  crypto_sign_update(&state, msg + msg_len / 2, msg_len - msg_len / 2);
  unsigned char sig2[crypto_sign_BYTES];
  err = crypto_sign_final_create(&state, sig2, &sig_len, sk);
  assert(err == 0);

  // For verification, we need a new state or re-initialized state
  crypto_sign_init(&state);
  crypto_sign_update(&state, msg, msg_len / 2);
  crypto_sign_update(&state, msg + msg_len / 2, msg_len - msg_len / 2);
  err = crypto_sign_final_verify(&state, sig2, pk);
  assert(err == 0);

  free(sig);

  return 0;
}

Line	Count	Source
1		// Copyright 2026 Google LLC
2		//
3		// Licensed under the Apache License, Version 2.0 (the "License");
4		// you may not use this file except in compliance with the License.
5		// You may obtain a copy of the License at
6		//
7		// http://www.apache.org/licenses/LICENSE-2.0
8		//
9		// Unless required by applicable law or agreed to in writing, software
10		// distributed under the License is distributed on an "AS IS" BASIS,
11		// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		// See the License for the specific language governing permissions and
13		// limitations under the License.
14
15		#include <assert.h>
16		#include <stdlib.h>
17		#include <sodium.h>
18
19		#include "fake_random.h"
20
21	236	extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) {
22	236	int initialized = sodium_init();
23	236	assert(initialized >= 0);
24
25	236	if (size < crypto_sign_SEEDBYTES) {
26	9	return 0;
27	9	}
28
29	227	setup_fake_random(data, size);
30
31	227	unsigned char pk[crypto_sign_PUBLICKEYBYTES];
32	227	unsigned char sk[crypto_sign_SECRETKEYBYTES];
33
34	227	const unsigned char *seed = data;
35	227	const unsigned char *msg = data + crypto_sign_SEEDBYTES;
36	227	size_t msg_len = size - crypto_sign_SEEDBYTES;
37
38	227	crypto_sign_seed_keypair(pk, sk, seed);
39
40	227	unsigned char sig = (unsigned char ) malloc(crypto_sign_BYTES);
41	227	unsigned long long sig_len;
42	227	int err = crypto_sign_detached(sig, &sig_len, msg, msg_len, sk);
43	227	assert(err == 0);
44	227	assert(sig_len == crypto_sign_BYTES);
45
46	227	err = crypto_sign_verify_detached(sig, msg, msg_len, pk);
47	227	assert(err == 0);
48
49		// Test multi-part signature
50	227	crypto_sign_state state;
51	227	crypto_sign_init(&state);
52	227	crypto_sign_update(&state, msg, msg_len / 2);
53	227	crypto_sign_update(&state, msg + msg_len / 2, msg_len - msg_len / 2);
54	227	unsigned char sig2[crypto_sign_BYTES];
55	227	err = crypto_sign_final_create(&state, sig2, &sig_len, sk);
56	227	assert(err == 0);
57
58		// For verification, we need a new state or re-initialized state
59	227	crypto_sign_init(&state);
60	227	crypto_sign_update(&state, msg, msg_len / 2);
61	227	crypto_sign_update(&state, msg + msg_len / 2, msg_len - msg_len / 2);
62	227	err = crypto_sign_final_verify(&state, sig2, pk);
63	227	assert(err == 0);
64
65	227	free(sig);
66
67	227	return 0;
68	227	}

Coverage Report

Created: 2026-06-07 06:38