From 7ae1ba91a860c9fe11d29500bd213359f81dea06 Mon Sep 17 00:00:00 2001 From: Nym Seddon Date: Wed, 30 Dec 2020 01:56:42 +0000 Subject: [PATCH] Add CLSAG fuzz tests Add basic fuzz drivers for CLSAG signature algorithm --- contrib/fuzz_testing/fuzz.sh | 6 +-- tests/data/fuzz/clsag/clsag0 | 0 tests/data/fuzz/clsag/clsag1 | Bin 0 -> 417 bytes tests/data/fuzz/clsag_cout/clsag0 | 0 tests/data/fuzz/clsag_cout/clsag1 | 1 + tests/data/fuzz/clsag_message/clsag0 | 0 tests/data/fuzz/clsag_message/clsag1 | Bin 0 -> 32 bytes tests/fuzz/CMakeLists.txt | 40 ++++++++++++++ tests/fuzz/clsag.cpp | 47 ++++++++++++++++ tests/fuzz/clsag_corpus.cpp | 70 ++++++++++++++++++++++++ tests/fuzz/clsag_cout.cpp | 45 ++++++++++++++++ tests/fuzz/clsag_init.h | 77 +++++++++++++++++++++++++++ tests/fuzz/clsag_message.cpp | 46 ++++++++++++++++ 13 files changed, 329 insertions(+), 3 deletions(-) create mode 100644 tests/data/fuzz/clsag/clsag0 create mode 100644 tests/data/fuzz/clsag/clsag1 create mode 100644 tests/data/fuzz/clsag_cout/clsag0 create mode 100644 tests/data/fuzz/clsag_cout/clsag1 create mode 100644 tests/data/fuzz/clsag_message/clsag0 create mode 100644 tests/data/fuzz/clsag_message/clsag1 create mode 100644 tests/fuzz/clsag.cpp create mode 100644 tests/fuzz/clsag_corpus.cpp create mode 100644 tests/fuzz/clsag_cout.cpp create mode 100644 tests/fuzz/clsag_init.h create mode 100644 tests/fuzz/clsag_message.cpp diff --git a/contrib/fuzz_testing/fuzz.sh b/contrib/fuzz_testing/fuzz.sh index 5c88c3727..437dcb7e1 100755 --- a/contrib/fuzz_testing/fuzz.sh +++ b/contrib/fuzz_testing/fuzz.sh @@ -10,12 +10,12 @@ fi type="$1" if test -z "$type" then - echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin|bulletproof" + echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin|bulletproof|utf8|clsag|clsag_cout|clsag_message" exit 1 fi case "$type" in - block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin|bulletproof|utf8) ;; - *) echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin|bulletproof|utf8"; exit 1 ;; + block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin|bulletproof|utf8|clsag|clsag_cout|clsag_message) ;; + *) echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin|bulletproof|utf8|clsag|clsag_cout|clsag_message"; exit 1 ;; esac if test -d "fuzz-out/$type" diff --git a/tests/data/fuzz/clsag/clsag0 b/tests/data/fuzz/clsag/clsag0 new file mode 100644 index 000000000..e69de29bb diff --git a/tests/data/fuzz/clsag/clsag1 b/tests/data/fuzz/clsag/clsag1 new file mode 100644 index 0000000000000000000000000000000000000000..36205eed58b1423af216ee707c7feb00d5d63fbc GIT binary patch literal 417 zcmV;S0bc$KPP=Y=>ESx$6K^2K^neityB4H8mUKQc0iRJ#$Z;zQ{+w!uqs)jo%UCwn z#x3TY{;k2fSf!0j-SPUAlY>kNcjUg{a7V7<2^vzhjh8V9v4ZsmrrG(mQsWQ!_SDb= z=Y|gX$fqJEv`9SGS8f&zs*7hd=ke_97Jh-fZO_^U!tTsirb~xtrwFkA zN7ubrkk&WLQA8O6jr91|ot(M!>-<^ z5i+|RfP!)(FTJfPwJlx79DE_8syj|(Ji`A=n4@G8}>a0b`7waleN*SQlg8UPcOj!0CMXs L*+|myibc(-h)>yX literal 0 HcmV?d00001 diff --git a/tests/data/fuzz/clsag_cout/clsag0 b/tests/data/fuzz/clsag_cout/clsag0 new file mode 100644 index 000000000..e69de29bb diff --git a/tests/data/fuzz/clsag_cout/clsag1 b/tests/data/fuzz/clsag_cout/clsag1 new file mode 100644 index 000000000..31cc17d65 --- /dev/null +++ b/tests/data/fuzz/clsag_cout/clsag1 @@ -0,0 +1 @@ +7kq>}`΄j@#]d| 5n \ No newline at end of file diff --git a/tests/data/fuzz/clsag_message/clsag0 b/tests/data/fuzz/clsag_message/clsag0 new file mode 100644 index 000000000..e69de29bb diff --git a/tests/data/fuzz/clsag_message/clsag1 b/tests/data/fuzz/clsag_message/clsag1 new file mode 100644 index 0000000000000000000000000000000000000000..9870828e3938f3276a5cd4a38d05b7281f0cd502 GIT binary patch literal 32 KcmZQ%zz+ZbKmY;& literal 0 HcmV?d00001 diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt index 0cf1740ad..53f589134 100644 --- a/tests/fuzz/CMakeLists.txt +++ b/tests/fuzz/CMakeLists.txt @@ -228,3 +228,43 @@ target_link_libraries(utf8_fuzz_tests ${CMAKE_THREAD_LIBS_INIT} ${EXTRA_LIBRARIES} $ENV{LIB_FUZZING_ENGINE}) + +monero_add_minimal_executable(clsag_fuzz_tests clsag.cpp clsag_init.h fuzzer.cpp) +target_link_libraries(clsag_fuzz_tests + PRIVATE + cryptonote_core + serialization + ${CMAKE_THREAD_LIBS_INIT}) +set_property(TARGET clsag_fuzz_tests + PROPERTY + FOLDER "tests") + +monero_add_minimal_executable(clsag_cout_fuzz_tests clsag_cout.cpp clsag_init.h fuzzer.cpp) +target_link_libraries(clsag_cout_fuzz_tests + PRIVATE + cryptonote_core + serialization + ${CMAKE_THREAD_LIBS_INIT}) +set_property(TARGET clsag_cout_fuzz_tests + PROPERTY + FOLDER "tests") + +monero_add_minimal_executable(clsag_message_fuzz_tests clsag_message.cpp clsag_init.h fuzzer.cpp) +target_link_libraries(clsag_message_fuzz_tests + PRIVATE + cryptonote_core + serialization + ${CMAKE_THREAD_LIBS_INIT}) +set_property(TARGET clsag_message_fuzz_tests + PROPERTY + FOLDER "tests") + +monero_add_minimal_executable(clsag_corpus_fuzz_tests clsag_corpus.cpp fuzzer.cpp) +target_link_libraries(clsag_corpus_fuzz_tests + PRIVATE + cryptonote_core + serialization + ${CMAKE_THREAD_LIBS_INIT}) +set_property(TARGET clsag_corpus_fuzz_tests + PROPERTY + FOLDER "tests") diff --git a/tests/fuzz/clsag.cpp b/tests/fuzz/clsag.cpp new file mode 100644 index 000000000..7cce1c206 --- /dev/null +++ b/tests/fuzz/clsag.cpp @@ -0,0 +1,47 @@ +// Copyright (c) 2017-2020, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include "cryptonote_basic/blobdatatype.h" +#include "cryptonote_basic/cryptonote_format_utils.h" +#include "serialization/binary_archive.h" +#include "serialization/binary_utils.h" +#include "fuzzer.h" +#include "clsag_init.h" + +using namespace rct; + +BEGIN_INIT_SIMPLE_FUZZER() + clsag_init(); +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + // fuzz deserialization + serialization::parse_binary(s, clsag_s); + + verRctCLSAGSimple(message,clsag_s,pubs,Cout); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/clsag_corpus.cpp b/tests/fuzz/clsag_corpus.cpp new file mode 100644 index 000000000..4b9c720f2 --- /dev/null +++ b/tests/fuzz/clsag_corpus.cpp @@ -0,0 +1,70 @@ +// Copyright (c) 2017-2020, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include +#include + +#include "include_base_utils.h" +#include "cryptonote_basic/blobdatatype.h" +#include "cryptonote_basic/cryptonote_basic.h" +#include "cryptonote_basic/cryptonote_format_utils.h" +#include "ringct/rctSigs.h" +#include "serialization/binary_archive.h" +#include "serialization/binary_utils.h" +#include "fuzzer.h" +#include "clsag_init.h" + +using namespace crypto; +using namespace rct; + +BEGIN_INIT_SIMPLE_FUZZER() + clsag_init(); +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + std::cout << "Generating corpus seeds: clsag1 clsag_cout1 clsag_deserialize1 clsag_message1" << std::endl; + + std::vector corpus_paths = { + std::string("clsag1"), + std::string("clsag_cout1"), + std::string("clsag_deserialize1"), + std::string("clsag_message1"), + }; + + std::vector corpus_bins(corpus_paths.size()); + + serialization::dump_binary(clsag_s, corpus_bins[0]); + serialization::dump_binary(Cout, corpus_bins[1]); + serialization::dump_binary(clsag_s, corpus_bins[2]); + serialization::dump_binary(message, corpus_bins[3]); + + // write CLSAG binary dumps to files + for (std::size_t i=0; i < corpus_paths.size(); ++i) { + epee::file_io_utils::save_string_to_file(corpus_paths[i], corpus_bins[i]); + } +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/clsag_cout.cpp b/tests/fuzz/clsag_cout.cpp new file mode 100644 index 000000000..9a491c303 --- /dev/null +++ b/tests/fuzz/clsag_cout.cpp @@ -0,0 +1,45 @@ +// Copyright (c) 2017-2020, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include "fuzzer.h" +#include "clsag_init.h" + +using namespace rct; + +BEGIN_INIT_SIMPLE_FUZZER() + clsag_init(); +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + if (sizeof(Cout) > s.size()) + return 0; + + // fuzz Cout + memcpy(&Cout, (uint8_t*)s.c_str(), sizeof(Cout)); + verRctCLSAGSimple(message,clsag_s,pubs,Cout); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/clsag_init.h b/tests/fuzz/clsag_init.h new file mode 100644 index 000000000..06b06f118 --- /dev/null +++ b/tests/fuzz/clsag_init.h @@ -0,0 +1,77 @@ +// Copyright (c) 2017-2020, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include "cryptonote_basic/cryptonote_basic.h" +#include "ringct/rctSigs.h" + +using namespace crypto; +using namespace rct; + +static key message; +static ctkeyV pubs; +static key p, t, t2, u; +static ctkey backup; +static key Cout; +static ctkey insk; +static clsag clsag_s; + +inline static void clsag_init() { + message = identity(); + + const size_t N = 11; + const size_t idx = 5; + + for (size_t i = 0; i < N; ++i) + { + key sk; + ctkey tmp; + + skpkGen(sk, tmp.dest); + skpkGen(sk, tmp.mask); + + pubs.push_back(tmp); + } + + // Set P[idx] + skpkGen(p, pubs[idx].dest); + + // Set C[idx] + t = skGen(); + u = skGen(); + addKeys2(pubs[idx].mask,t,u,H); + + // Set commitment offset + t2 = skGen(); + addKeys2(Cout,t2,u,H); + + // Prepare generation inputs + insk.dest = p; + insk.mask = t; + + clsag_s = proveRctCLSAGSimple(message,pubs,insk,t2,Cout,NULL,NULL,NULL,idx,hw::get_device("default")); +} diff --git a/tests/fuzz/clsag_message.cpp b/tests/fuzz/clsag_message.cpp new file mode 100644 index 000000000..f9f1dc523 --- /dev/null +++ b/tests/fuzz/clsag_message.cpp @@ -0,0 +1,46 @@ +// Copyright (c) 2017-2020, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include "fuzzer.h" +#include "clsag_init.h" + +using namespace crypto; +using namespace rct; + +BEGIN_INIT_SIMPLE_FUZZER() + clsag_init(); +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + if (sizeof(message) > s.size()) + return 0; + + // fuzz message + memcpy(&message, (uint8_t*)s.c_str(), sizeof(message)); + auto valid = verRctCLSAGSimple(message,clsag_s,pubs,Cout); +END_SIMPLE_FUZZER()