Skip to content
Browse files

[libfko/test suite] add the FUZZING_INTERFACES macro

Add a new fko_set_encoded_data() function gated by #define
FUZZING_INTERFACES to allow encryption and authentication to be bypassed
for fuzzing purposes (and only fuzzing purposes).  The fko-wrapper code
has been extended to process data in the
test/fko-wrapper/fuzz_spa_payloads file, which is created by the new
python fuzzer.  Typical workflow is:

$ cd test/fko-wrapper
$ ../spa_fuzzer.py > fuzz_spa_payloads
$ make fuzzing

(as root):

./test-fwknop.pl  --enable-profile-coverage --enable-fuzzing-interfaces --enable-all --include wrapper

[+] Starting the fwknop test suite...

    args: --enable-profile-coverage --enable-fuzzing-interfaces --enable-all --include wrapper

    Saved results from previous run to: output.last/

    Valgrind mode enabled, will import previous coverage from:
        output.last/valgrind-coverage/

[+] Total test buckets to execute: 2

[Rijndael] [fko-wrapper] multiple libfko calls (with valgrind)......pass (1)
[Rijndael] [fko-wrapper] multiple libfko calls......................pass (2)
[profile coverage] gcov profile coverage............................pass (3)
[valgrind output] [flagged functions] ..............................pass (4)

    Run time: 5.85 minutes

[+] 0/0/0 OpenSSL tests passed/failed/executed
[+] 0/0/0 OpenSSL HMAC tests passed/failed/executed
[+] 4/0/4 test buckets passed/failed/executed
  • Loading branch information...
1 parent e1dde17 commit 9901d8a76a75e8d2bb5088fe92cc370f084e85cb @mrash committed Apr 26, 2014
View
14 configure.ac
@@ -135,6 +135,20 @@ if test "x$want_profile_coverage" = "xyes"; then
FKO_CHECK_COMPILER_ARG_LDFLAGS_ONLY([-lgcov])
fi
+dnl Decide whether or not to compile in certain features that enable fuzzing
+dnl of fwknop code - this is for testing purposes only.
+dnl
+want_fuzzing_interfaces=no
+AC_ARG_ENABLE([fuzzing-interfaces],
+ [AS_HELP_STRING([--enable-fuzzing-interfaces],
+ [Build fwknop binaries with support for fuzzing interfaces @<:@default is to disable@:>@])],
+ [want_fuzzing_interfaces=$enableval],
+ [])
+
+if test "x$want_fuzzing_interfaces" = "xyes"; then
+ AC_DEFINE([FUZZING_INTERFACES], [1], [Define for fuzzing interfaces support])
+fi
+
dnl Decide whether or not to enable all warnings with -Wall
dnl
use_wall=yes
View
2 lib/fko.h
@@ -381,8 +381,10 @@ DLL_API int fko_set_spa_hmac(fko_ctx_t ctx, const char * const hmac_key,
DLL_API int fko_get_spa_hmac(fko_ctx_t ctx, char **enc_data);
DLL_API int fko_get_encoded_data(fko_ctx_t ctx, char **enc_data);
+#if FUZZING_INTERFACES
DLL_API int fko_set_encoded_data(fko_ctx_t ctx, const char * const encoded_msg,
const int msg_len, const int do_digest, const int digest_type);
+#endif
/* Get context data functions
*/
View
4 lib/fko_encode.c
@@ -244,6 +244,7 @@ fko_get_encoded_data(fko_ctx_t ctx, char **enc_msg)
/* Set the fko SPA encoded data (this is a convenience
* function mostly used for tests that involve fuzzing).
*/
+#if FUZZING_INTERFACES
int
fko_set_encoded_data(fko_ctx_t ctx,
const char * const encoded_msg, const int msg_len,
@@ -274,7 +275,7 @@ fko_set_encoded_data(fko_ctx_t ctx,
if(require_digest)
{
- fko_set_spa_digest_type(ctx, FKO_DIGEST_SHA256);
+ fko_set_spa_digest_type(ctx, digest_type);
if((res = fko_set_spa_digest(ctx)) != FKO_SUCCESS)
{
return res;
@@ -310,5 +311,6 @@ fko_set_encoded_data(fko_ctx_t ctx,
return(FKO_SUCCESS);
}
+#endif
/***EOF***/
View
BIN test/conf/client-gpg-no-pw/trustdb.gpg
Binary file not shown.
View
3 test/fko-wrapper/Makefile
@@ -2,5 +2,8 @@
all : fko_wrapper.c
gcc -Wall -g -I../../lib fko_wrapper.c -o fko_wrapper -L../../lib/.libs -lfko
+fuzzing: fko_wrapper.c
+ gcc -Wall -g -DFUZZING_INTERFACES -I../../lib fko_wrapper.c -o fko_wrapper -L../../lib/.libs -lfko
+
clean:
rm -f fko_wrapper
View
90 test/fko-wrapper/fko_wrapper.c
@@ -9,6 +9,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
+#include <string.h>
#include "fko.h"
#define ENABLE_GPG_TESTS 0
@@ -23,12 +24,20 @@
#define NO_DIGEST 0
#define DO_DIGEST 1
#define RAW_DIGEST 2
+#define MAX_LINE_LEN 3000 /* really long for fuzzing tests */
#define ENC_KEY "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" /* 32 bytes */
#define HMAC_KEY "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB" /* 32 bytes */
+#define IS_EMPTY_LINE(x) ( \
+ x == '#' || x == '\n' || x == '\r' || x == ';' || x == '\0' \
+)
+
static void display_ctx(fko_ctx_t ctx);
static void test_loop(int new_ctx_flag, int destroy_ctx_flag);
static void test_loop_compounded(void);
+#if FUZZING_INTERFACES
+static void spa_encoded_msg_fuzzing(void);
+#endif
static void ctx_update(fko_ctx_t *ctx, int new_ctx_flag,
int destroy_ctx_flag, int print_flag);
static void spa_default_ctx(fko_ctx_t *ctx);
@@ -67,9 +76,90 @@ int main(void) {
printf("[+] Total libfko function calls (after compounded tests): %d\n\n",
spa_calls);
+#if FUZZING_INTERFACES
+ printf("[+] libfko fuzzing by setting SPA buffer manually...\n");
+ spa_encoded_msg_fuzzing();
+#endif
+
return 0;
}
+#if FUZZING_INTERFACES
+static void
+spa_encoded_msg_fuzzing(void)
+{
+ fko_ctx_t decode_ctx = NULL;
+ int res = 0, pkt_id, require_success, require_digest, digest_type, msg_len;
+ int line_ctr = 0, spa_payload_ctr = 0;
+ FILE *fz = NULL;
+ char line[MAX_LINE_LEN] = {0};
+ char b64_encoded_msg[MAX_LINE_LEN] = {0};
+ unsigned char b64_decoded_msg[MAX_LINE_LEN] = {0};
+
+ /* fuzzing file contents (or from stdin) are formatted like this:
+ *
+ * <pkt_ID> <status: success|fail> <digest: yes|no> <digest type> <base64_SPA_payload>
+ */
+
+ if ((fz = fopen("fuzz_spa_payloads", "r")) == NULL)
+ return;
+
+ while ((fgets(line, MAX_LINE_LEN, fz)) != NULL)
+ {
+ line_ctr++;
+ line[MAX_LINE_LEN-1] = '\0';
+
+ if (line[strlen(line)-1] == '\n')
+ line[strlen(line)-1] = '\0';
+
+ if(IS_EMPTY_LINE(line[0]))
+ continue;
+
+ if(sscanf(line, "%d %d %d %d %s", &pkt_id, &require_success,
+ &require_digest, &digest_type, b64_encoded_msg) != 5)
+ {
+ printf("[+] fuzzing parsing error at line: %d\n", line_ctr);
+ continue;
+ }
+
+ msg_len = fko_base64_decode(b64_encoded_msg, b64_decoded_msg);
+
+ spa_payload_ctr++;
+
+ fko_new(&decode_ctx);
+
+ if ((res = fko_set_encoded_data(decode_ctx, (char *) b64_decoded_msg,
+ msg_len, require_digest, digest_type)) != FKO_SUCCESS) {
+ printf("[-] pkt_id: %d, fko_set_encoded_data(): %s\n", pkt_id, fko_errstr(res));
+ }
+
+ res = fko_decode_spa_data(decode_ctx);
+ if (require_success) {
+ if (res != FKO_SUCCESS) {
+ printf("[-] pkt_id: %d, expected decode success but: fko_decode_spa_data(): %s\n",
+ pkt_id, fko_errstr(res));
+ }
+ } else {
+ if (res == FKO_SUCCESS) {
+ printf("[-] pkt_id: %d, expected decode failure but: fko_decode_spa_data(): %s\n",
+ pkt_id, fko_errstr(res));
+ }
+ }
+
+ fko_destroy(decode_ctx);
+
+ memset(line, 0x0, MAX_LINE_LEN);
+ memset(b64_encoded_msg, 0x0, MAX_LINE_LEN);
+ }
+
+ fclose(fz);
+
+ printf("[+] Sent %d SPA payloads through libfko encode/decode cycle...\n",
+ spa_payload_ctr);
+ return;
+}
+#endif
+
static void
test_loop_compounded(void)
{

0 comments on commit 9901d8a

Please sign in to comment.
Something went wrong with that request. Please try again.