-
Notifications
You must be signed in to change notification settings - Fork 477
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add a basic fuzz testing harness for dilithium2
Co-authored-by: Spencer Wilson <[email protected]> Signed-off-by: Nathaniel Brough <[email protected]>
- Loading branch information
1 parent
a6e0bfc
commit 5e3baf6
Showing
5 changed files
with
207 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
# Fuzzing | ||
|
||
Fuzz testing is an automated software testing method that injects invalid, | ||
malformed, or unexpected inputs to reveal defects and vulnerabilities. A fuzzing | ||
tool monitors the system for exceptions like crashes, information leakage, or | ||
errors, helping developers identify and fix bugs and security loopholes. | ||
|
||
## Current state of fuzzing in liboqs | ||
- [ ] kem | ||
- [ ] bike.md | ||
- [ ] classic_mceliece.md | ||
- [ ] frodokem.md | ||
- [ ] hqc.md | ||
- [ ] kyber.md | ||
- [ ] ml_kem.md | ||
- [ ] ntruprime.md | ||
- [ ] sig | ||
- [x] dilithium.md | ||
- [ ] falcon.md | ||
- [ ] mayo.md | ||
- [ ] ml_dsa.md | ||
- [ ] sphincs.md | ||
- [ ] sig_stfl | ||
- [ ] lms.md | ||
- [ ] sig_stfl.md | ||
- [ ] xmss.md | ||
|
||
## Building and running fuzz tests | ||
|
||
Building fuzz tests is very similar to building normally with some optional | ||
steps to target different types of bugs. The most basic ways to build the | ||
fuzz tests is as follows; | ||
|
||
```bash | ||
mkdir build && cd build | ||
cmake -GNinja .. -DOQS_BUILD_FUZZ_TESTS=ON | ||
ninja -j$(nproc) | ||
``` | ||
|
||
You'll now be able to run a fuzz test e.g. | ||
```bash | ||
./tests/fuzz_test_dilithium2 | ||
#9764 NEW cov: 4 ft: 708 corp: 100/318b lim: 43 exec/s: 9764 rss: 362Mb L: 41/41 MS: 4 EraseBytes-InsertRepeatedBytes-CMP-ChangeBit- DE: "\0004m\372"- | ||
... | ||
``` | ||
The fuzzer will run indefinetely or; | ||
- until it finds a bug and crashes, | ||
- you manually stop the fuzzer i.e. CTRL-C | ||
- you set a timeout using the command line. | ||
|
||
For more details on the available command line args please consult the [libfuzzer docs](https://llvm.org/docs/LibFuzzer.html). | ||
|
||
## Sanitizers | ||
It is a common pattern to combine fuzzing with various sanitizers to catch different bugs. | ||
One of the simpler sanitizers is the fuzzing sanitizer, which will instrument the code | ||
for coverage driven fuzzing. To enable this simply add this to your environment variables | ||
before configuring cmake; | ||
|
||
``` | ||
export CFLAGS=-fsanitize=fuzzer-no-link | ||
``` | ||
|
||
It is common to combine the fuzzer sanitizer with either the [address](https://clang.llvm.org/docs/AddressSanitizer.html) | ||
or the [undefined behaviour sanitizer](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html). To | ||
add these simply add the relevant flags to BOTH the CFLAGS and LDFLAGS e.g. | ||
|
||
``` | ||
export CFLAGS=-fsanitize=fuzzer-no-link,address | ||
export LDFLAGS=-fsanitize=address | ||
``` | ||
|
||
Then rerun cmake as normal i.e. | ||
```bash | ||
mkdir build && cd build | ||
cmake -GNinja .. -DOQS_BUILD_FUZZ_TESTS=ON | ||
ninja -j$(nproc) | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
/* | ||
* fuzz_test_sig.c | ||
* | ||
* Minimal fuzz test for liboqs. | ||
* | ||
* SPDX-License-Identifier: MIT | ||
*/ | ||
|
||
#include <stdbool.h> | ||
#include <stdio.h> | ||
#include <stdlib.h> | ||
#include <string.h> | ||
#include <stdlib.h> | ||
|
||
#include <oqs/oqs.h> | ||
|
||
void cleanup_heap(uint8_t *public_key, uint8_t *secret_key, | ||
uint8_t *signature, | ||
OQS_SIG *sig); | ||
|
||
static OQS_STATUS fuzz_dilithium_2(const uint8_t *message, size_t message_len) { | ||
|
||
#ifdef OQS_ENABLE_SIG_dilithium_2 | ||
|
||
OQS_SIG *sig = NULL; | ||
uint8_t *public_key = NULL; | ||
uint8_t *secret_key = NULL; | ||
uint8_t *signature = NULL; | ||
size_t signature_len; | ||
OQS_STATUS rc; | ||
|
||
sig = OQS_SIG_new(OQS_SIG_alg_dilithium_2); | ||
if (sig == NULL) { | ||
printf("[example_heap] OQS_SIG_alg_dilithium_2 was not enabled at compile-time.\n"); | ||
return OQS_ERROR; | ||
} | ||
|
||
public_key = malloc(sig->length_public_key); | ||
secret_key = malloc(sig->length_secret_key); | ||
signature = malloc(sig->length_signature); | ||
if ((public_key == NULL) || (secret_key == NULL) || (message == NULL) || (signature == NULL)) { | ||
fprintf(stderr, "ERROR: malloc failed!\n"); | ||
cleanup_heap(public_key, secret_key, signature, sig); | ||
return OQS_ERROR; | ||
} | ||
|
||
rc = OQS_SIG_keypair(sig, public_key, secret_key); | ||
if (rc != OQS_SUCCESS) { | ||
fprintf(stderr, "ERROR: OQS_SIG_keypair failed!\n"); | ||
cleanup_heap(public_key, secret_key, signature, sig); | ||
return OQS_ERROR; | ||
} | ||
rc = OQS_SIG_sign(sig, signature, &signature_len, message, message_len, secret_key); | ||
if (rc != OQS_SUCCESS) { | ||
fprintf(stderr, "ERROR: OQS_SIG_sign failed!\n"); | ||
cleanup_heap(public_key, secret_key, signature, sig); | ||
return OQS_ERROR; | ||
} | ||
rc = OQS_SIG_verify(sig, message, message_len, signature, signature_len, public_key); | ||
if (rc != OQS_SUCCESS) { | ||
fprintf(stderr, "ERROR: OQS_SIG_verify failed!\n"); | ||
cleanup_heap(public_key, secret_key, signature, sig); | ||
exit(1); | ||
} | ||
|
||
cleanup_heap(public_key, secret_key, signature, sig); | ||
return OQS_SUCCESS; // success | ||
#else | ||
|
||
printf("[example_heap] OQS_SIG_dilithium_2 was not enabled at compile-time.\n"); | ||
return OQS_SUCCESS; | ||
|
||
#endif | ||
} | ||
|
||
void cleanup_heap(uint8_t *public_key, uint8_t *secret_key, | ||
uint8_t *signature, | ||
OQS_SIG *sig) { | ||
if (sig != NULL) { | ||
OQS_MEM_secure_free(secret_key, sig->length_secret_key); | ||
} | ||
OQS_MEM_insecure_free(public_key); | ||
OQS_MEM_insecure_free(signature); | ||
OQS_SIG_free(sig); | ||
} | ||
|
||
int LLVMFuzzerTestOneInput(const char *data, size_t size) { | ||
OQS_init(); | ||
if (OQS_ERROR == fuzz_dilithium_2((const uint8_t *)data, size)) { | ||
// If we get an error prune testcase from corpus. | ||
return -1; | ||
} | ||
OQS_destroy(); | ||
return 0; | ||
} | ||
|
||
|