fuzz/brontide: random+static round-trip encrypt+decrypt harnesses
This commit is contained in:
parent
0be5660a2a
commit
0d42da0cb3
48
fuzz/brontide/random_init_enc_dec.go
Normal file
48
fuzz/brontide/random_init_enc_dec.go
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
// +build gofuzz
|
||||||
|
|
||||||
|
package brontidefuzz
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"math"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Fuzz_random_init_enc_dec is a go-fuzz harness that tests round-trip
|
||||||
|
// encryption and decryption between the initiator and the responder.
|
||||||
|
func Fuzz_random_init_enc_dec(data []byte) int {
|
||||||
|
// Ensure that length of message is not greater than max allowed size.
|
||||||
|
if len(data) > math.MaxUint16 {
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
// This will return brontide machines with random keys.
|
||||||
|
initiator, responder := getBrontideMachines()
|
||||||
|
|
||||||
|
// Complete the brontide handshake.
|
||||||
|
completeHandshake(initiator, responder)
|
||||||
|
|
||||||
|
var b bytes.Buffer
|
||||||
|
|
||||||
|
// Encrypt the message using WriteMessage w/ initiator machine.
|
||||||
|
if err := initiator.WriteMessage(data); err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Flush the encrypted message w/ initiator machine.
|
||||||
|
if _, err := initiator.Flush(&b); err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decrypt the ciphertext using ReadMessage w/ responder machine.
|
||||||
|
plaintext, err := responder.ReadMessage(&b)
|
||||||
|
if err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that the decrypted message and the original message are equal.
|
||||||
|
if !bytes.Equal(data, plaintext) {
|
||||||
|
nilAndPanic(initiator, responder, nil)
|
||||||
|
}
|
||||||
|
|
||||||
|
return 1
|
||||||
|
}
|
48
fuzz/brontide/random_resp_enc_dec.go
Normal file
48
fuzz/brontide/random_resp_enc_dec.go
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
// +build gofuzz
|
||||||
|
|
||||||
|
package brontidefuzz
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"math"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Fuzz_random_resp_enc_dec is a go-fuzz harness that tests round-trip
|
||||||
|
// encryption and decryption between the responder and the initiator.
|
||||||
|
func Fuzz_random_resp_enc_dec(data []byte) int {
|
||||||
|
// Ensure that length of message is not greater than max allowed size.
|
||||||
|
if len(data) > math.MaxUint16 {
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
// This will return brontide machines with random keys.
|
||||||
|
initiator, responder := getBrontideMachines()
|
||||||
|
|
||||||
|
// Complete the brontide handshake.
|
||||||
|
completeHandshake(initiator, responder)
|
||||||
|
|
||||||
|
var b bytes.Buffer
|
||||||
|
|
||||||
|
// Encrypt the message using WriteMessage w/ responder machine.
|
||||||
|
if err := responder.WriteMessage(data); err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Flush the encrypted message w/ responder machine.
|
||||||
|
if _, err := responder.Flush(&b); err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decrypt the ciphertext using ReadMessage w/ initiator machine.
|
||||||
|
plaintext, err := initiator.ReadMessage(&b)
|
||||||
|
if err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that the decrypted message and the original message are equal.
|
||||||
|
if !bytes.Equal(data, plaintext) {
|
||||||
|
nilAndPanic(initiator, responder, nil)
|
||||||
|
}
|
||||||
|
|
||||||
|
return 1
|
||||||
|
}
|
49
fuzz/brontide/static_init_enc_dec.go
Normal file
49
fuzz/brontide/static_init_enc_dec.go
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
// +build gofuzz
|
||||||
|
|
||||||
|
package brontidefuzz
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"math"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Fuzz_static_init_enc_dec is a go-fuzz harness that tests round-trip
|
||||||
|
// encryption and decryption
|
||||||
|
// between the initiator and the responder.
|
||||||
|
func Fuzz_static_init_enc_dec(data []byte) int {
|
||||||
|
// Ensure that length of message is not greater than max allowed size.
|
||||||
|
if len(data) > math.MaxUint16 {
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
// This will return brontide machines with static keys.
|
||||||
|
initiator, responder := getStaticBrontideMachines()
|
||||||
|
|
||||||
|
// Complete the brontide handshake.
|
||||||
|
completeHandshake(initiator, responder)
|
||||||
|
|
||||||
|
var b bytes.Buffer
|
||||||
|
|
||||||
|
// Encrypt the message using WriteMessage w/ initiator machine.
|
||||||
|
if err := initiator.WriteMessage(data); err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Flush the encrypted message w/ initiator machine.
|
||||||
|
if _, err := initiator.Flush(&b); err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decrypt the ciphertext using ReadMessage w/ responder machine.
|
||||||
|
plaintext, err := responder.ReadMessage(&b)
|
||||||
|
if err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that the decrypted message and the original message are equal.
|
||||||
|
if !bytes.Equal(data, plaintext) {
|
||||||
|
nilAndPanic(initiator, responder, nil)
|
||||||
|
}
|
||||||
|
|
||||||
|
return 1
|
||||||
|
}
|
48
fuzz/brontide/static_resp_enc_dec.go
Normal file
48
fuzz/brontide/static_resp_enc_dec.go
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
// +build gofuzz
|
||||||
|
|
||||||
|
package brontidefuzz
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"math"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Fuzz_static_resp_enc_dec is a go-fuzz harness that tests round-trip
|
||||||
|
// encryption and decryption between the responder and the initiator.
|
||||||
|
func Fuzz_static_resp_enc_dec(data []byte) int {
|
||||||
|
// Ensure that length of message is not greater than max allowed size.
|
||||||
|
if len(data) > math.MaxUint16 {
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
// This will return brontide machines with static keys.
|
||||||
|
initiator, responder := getStaticBrontideMachines()
|
||||||
|
|
||||||
|
// Complete the brontide handshake.
|
||||||
|
completeHandshake(initiator, responder)
|
||||||
|
|
||||||
|
var b bytes.Buffer
|
||||||
|
|
||||||
|
// Encrypt the message using WriteMessage w/ responder machine.
|
||||||
|
if err := responder.WriteMessage(data); err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Flush the encrypted message w/ responder machine.
|
||||||
|
if _, err := responder.Flush(&b); err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decrypt the ciphertext using ReadMessage w/ initiator machine.
|
||||||
|
plaintext, err := initiator.ReadMessage(&b)
|
||||||
|
if err != nil {
|
||||||
|
nilAndPanic(initiator, responder, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that the decrypted message and the original message are equal.
|
||||||
|
if !bytes.Equal(data, plaintext) {
|
||||||
|
nilAndPanic(initiator, responder, nil)
|
||||||
|
}
|
||||||
|
|
||||||
|
return 1
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user