From 0be5660a2a6509a38db0d1c203f341e0737f1ec3 Mon Sep 17 00:00:00 2001
From: nsa <elzeigel@gmail.com>
Date: Thu, 30 Jan 2020 13:43:54 -0500
Subject: [PATCH] fuzz/brontide: random+static encrypt harnesses

---
 fuzz/brontide/random_init_encrypt.go | 37 ++++++++++++++++++++++++++++
 fuzz/brontide/random_resp_encrypt.go | 37 ++++++++++++++++++++++++++++
 fuzz/brontide/static_init_encrypt.go | 37 ++++++++++++++++++++++++++++
 fuzz/brontide/static_resp_encrypt.go | 37 ++++++++++++++++++++++++++++
 4 files changed, 148 insertions(+)
 create mode 100644 fuzz/brontide/random_init_encrypt.go
 create mode 100644 fuzz/brontide/random_resp_encrypt.go
 create mode 100644 fuzz/brontide/static_init_encrypt.go
 create mode 100644 fuzz/brontide/static_resp_encrypt.go

diff --git a/fuzz/brontide/random_init_encrypt.go b/fuzz/brontide/random_init_encrypt.go
new file mode 100644
index 00000000..c041429e
--- /dev/null
+++ b/fuzz/brontide/random_init_encrypt.go
@@ -0,0 +1,37 @@
+// +build gofuzz
+
+package brontidefuzz
+
+import (
+	"bytes"
+	"math"
+)
+
+// Fuzz_random_init_encrypt is a go-fuzz harness that encrypts arbitrary data
+// with the initiator.
+func Fuzz_random_init_encrypt(data []byte) int {
+	// Ensure that length of message is not greater than max allowed size.
+	if len(data) > math.MaxUint16 {
+		return 0
+	}
+
+	// This will return brontide machines with random keys.
+	initiator, responder := getBrontideMachines()
+
+	// Complete the brontide handshake.
+	completeHandshake(initiator, responder)
+
+	var b bytes.Buffer
+
+	// Encrypt the message using WriteMessage w/ initiator machine.
+	if err := initiator.WriteMessage(data); err != nil {
+		nilAndPanic(initiator, responder, err)
+	}
+
+	// Flush the encrypted message w/ initiator machine.
+	if _, err := initiator.Flush(&b); err != nil {
+		nilAndPanic(initiator, responder, err)
+	}
+
+	return 1
+}
diff --git a/fuzz/brontide/random_resp_encrypt.go b/fuzz/brontide/random_resp_encrypt.go
new file mode 100644
index 00000000..691bcff5
--- /dev/null
+++ b/fuzz/brontide/random_resp_encrypt.go
@@ -0,0 +1,37 @@
+// +build gofuzz
+
+package brontidefuzz
+
+import (
+	"bytes"
+	"math"
+)
+
+// Fuzz_random_resp_encrypt is a go-fuzz harness that encrypts arbitrary data
+// with the responder.
+func Fuzz_random_resp_encrypt(data []byte) int {
+	// Ensure that length of message is not greater than max allowed size.
+	if len(data) > math.MaxUint16 {
+		return 0
+	}
+
+	// This will return brontide machines with random keys.
+	initiator, responder := getBrontideMachines()
+
+	// Complete the brontide handshake.
+	completeHandshake(initiator, responder)
+
+	var b bytes.Buffer
+
+	// Encrypt the message using WriteMessage w/ responder machine.
+	if err := responder.WriteMessage(data); err != nil {
+		nilAndPanic(initiator, responder, err)
+	}
+
+	// Flush the encrypted message w/ responder machine.
+	if _, err := responder.Flush(&b); err != nil {
+		nilAndPanic(initiator, responder, err)
+	}
+
+	return 1
+}
diff --git a/fuzz/brontide/static_init_encrypt.go b/fuzz/brontide/static_init_encrypt.go
new file mode 100644
index 00000000..96040e74
--- /dev/null
+++ b/fuzz/brontide/static_init_encrypt.go
@@ -0,0 +1,37 @@
+// +build gofuzz
+
+package brontidefuzz
+
+import (
+	"bytes"
+	"math"
+)
+
+// Fuzz_static_init_encrypt is a go-fuzz harness that encrypts arbitrary data
+// with the initiator.
+func Fuzz_static_init_encrypt(data []byte) int {
+	// Ensure that length of message is not greater than max allowed size.
+	if len(data) > math.MaxUint16 {
+		return 0
+	}
+
+	// This will return brontide machines with static keys.
+	initiator, responder := getStaticBrontideMachines()
+
+	// Complete the brontide handshake.
+	completeHandshake(initiator, responder)
+
+	var b bytes.Buffer
+
+	// Encrypt the message using WriteMessage w/ initiator machine.
+	if err := initiator.WriteMessage(data); err != nil {
+		nilAndPanic(initiator, responder, err)
+	}
+
+	// Flush the encrypted message w/ initiator machine.
+	if _, err := initiator.Flush(&b); err != nil {
+		nilAndPanic(initiator, responder, err)
+	}
+
+	return 1
+}
diff --git a/fuzz/brontide/static_resp_encrypt.go b/fuzz/brontide/static_resp_encrypt.go
new file mode 100644
index 00000000..b97a0390
--- /dev/null
+++ b/fuzz/brontide/static_resp_encrypt.go
@@ -0,0 +1,37 @@
+// +build gofuzz
+
+package brontidefuzz
+
+import (
+	"bytes"
+	"math"
+)
+
+// Fuzz_static_resp_encrypt is a go-fuzz harness that encrypts arbitrary data
+// with the responder.
+func Fuzz_static_resp_encrypt(data []byte) int {
+	// Ensure that length of message is not greater than max allowed size.
+	if len(data) > math.MaxUint16 {
+		return 0
+	}
+
+	// This will return brontide machines with static keys.
+	initiator, responder := getStaticBrontideMachines()
+
+	// Complete the brontide handshake.
+	completeHandshake(initiator, responder)
+
+	var b bytes.Buffer
+
+	// Encrypt the message using WriteMessage w/ responder machine.
+	if err := responder.WriteMessage(data); err != nil {
+		nilAndPanic(initiator, responder, err)
+	}
+
+	// Flush the encrypted message w/ responder machine.
+	if _, err := responder.Flush(&b); err != nil {
+		nilAndPanic(initiator, responder, err)
+	}
+
+	return 1
+}