Separate KeysFuzzer

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
sigstore · Mar 29, 2024 · e5f92c4 · e5f92c4
1 parent 3845693
commit e5f92c4
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 9 deletions.
diff --git a/fuzzing/src/main/java/fuzzing/KeysParsingFuzzer.java b/fuzzing/src/main/java/fuzzing/KeysParsingFuzzer.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2023 The Sigstore Authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package fuzzing;
+
+import com.code_intelligence.jazzer.api.FuzzedDataProvider;
+import dev.sigstore.encryption.Keys;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
+
+public class KeysParsingFuzzer {
+  public static void fuzzerTestOneInput(FuzzedDataProvider data) {
+    try {
+      byte[] byteArray = data.consumeRemainingAsBytes();
+
+      Keys.parsePublicKey(byteArray);
+    } catch (IOException | InvalidKeySpecException | NoSuchAlgorithmException e) {
+      // known exceptions
+    }
+  }
+}
diff --git a/...ing/src/main/java/fuzzing/KeysFuzzer.java → .../src/main/java/fuzzing/TufKeysFuzzer.java b/...ing/src/main/java/fuzzing/KeysFuzzer.java → .../src/main/java/fuzzing/TufKeysFuzzer.java
@@ -17,24 +17,18 @@
 
 import com.code_intelligence.jazzer.api.FuzzedDataProvider;
 import dev.sigstore.encryption.Keys;
-import java.io.IOException;
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
 
-public class KeysFuzzer {
+public class TufKeysFuzzer {
   public static void fuzzerTestOneInput(FuzzedDataProvider data) {
     try {
       String[] schemes = {"rsassa-pss-sha256", "ed25519", "ecdsa-sha2-nistp256"};
       String scheme = data.pickValue(schemes);
-      Boolean choice = data.consumeBoolean();
       byte[] byteArray = data.consumeRemainingAsBytes();
 
-      if (choice) {
-        Keys.parsePublicKey(byteArray);
-      } else {
-        Keys.constructTufPublicKey(byteArray, scheme);
-      }
-    } catch (IOException | InvalidKeySpecException | NoSuchAlgorithmException e) {
+      Keys.constructTufPublicKey(byteArray, scheme);
+    } catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
       // known exceptions
     } catch (RuntimeException e) {
       if (!e.toString().contains("not currently supported")) {