test_2fuzz_2crypter_8cpp_source.html

// Copyright (c) 2022-present The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.


#include <test/fuzz/FuzzedDataProvider.h>

#include <test/fuzz/fuzz.h>

#include <test/fuzz/util.h>

#include <test/util/setup_common.h>

#include <wallet/crypter.h>


namespace wallet {

namespace {


void initialize_crypter()

{

    static const auto testing_setup = MakeNoLogFileContext<const TestingSetup>();

}


FUZZ_TARGET(crypter, .init = initialize_crypter)

{

    SeedRandomStateForTest(SeedRand::ZEROS);

    FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());

    bool good_data{true};


    CCrypter crypt;

    // These values are regularly updated within `CallOneOf`

    std::vector<unsigned char> cipher_text_ed;

    CKeyingMaterial plain_text_ed;

    const std::vector<unsigned char> random_key = ConsumeFixedLengthByteVector(fuzzed_data_provider, WALLET_CRYPTO_KEY_SIZE);


    if (fuzzed_data_provider.ConsumeBool()) {

        const std::string random_string = fuzzed_data_provider.ConsumeRandomLengthString(100);

        SecureString secure_string(random_string.begin(), random_string.end());


        const unsigned int derivation_method = fuzzed_data_provider.ConsumeBool() ? 0 : fuzzed_data_provider.ConsumeIntegral<unsigned int>();


        // Limiting the value of rounds since it is otherwise uselessly expensive and causes a timeout when fuzzing.

        crypt.SetKeyFromPassphrase(/*key_data=*/secure_string,

                                   /*salt=*/ConsumeFixedLengthByteVector(fuzzed_data_provider, WALLET_CRYPTO_SALT_SIZE),

                                   /*rounds=*/fuzzed_data_provider.ConsumeIntegralInRange<unsigned int>(0, CMasterKey::DEFAULT_DERIVE_ITERATIONS),

                                   /*derivation_method=*/derivation_method);

    }


    CKey random_ckey;

    random_ckey.Set(random_key.begin(), random_key.end(), /*fCompressedIn=*/fuzzed_data_provider.ConsumeBool());

    if (!random_ckey.IsValid()) return;

    CPubKey pubkey{random_ckey.GetPubKey()};


    LIMITED_WHILE(good_data && fuzzed_data_provider.ConsumeBool(), 100)

    {

        CallOneOf(

            fuzzed_data_provider,

            [&] {

                const std::vector<unsigned char> random_vector = ConsumeFixedLengthByteVector(fuzzed_data_provider, WALLET_CRYPTO_KEY_SIZE);

                plain_text_ed = CKeyingMaterial(random_vector.begin(), random_vector.end());

            },

            [&] {

                cipher_text_ed = ConsumeRandomLengthByteVector(fuzzed_data_provider, 64);

            },

            [&] {

                (void)crypt.Encrypt(plain_text_ed, cipher_text_ed);

            },

            [&] {

                (void)crypt.Decrypt(cipher_text_ed, plain_text_ed);

            },

            [&] {

                const CKeyingMaterial master_key(random_key.begin(), random_key.end());;

                (void)EncryptSecret(master_key, plain_text_ed, pubkey.GetHash(), cipher_text_ed);

            },

            [&] {

                std::optional<CPubKey> random_pub_key{ConsumeDeserializable<CPubKey>(fuzzed_data_provider)};

                if (!random_pub_key) {

                    good_data = false;

                    return;

                }

                pubkey = *random_pub_key;

            },

            [&] {

                const CKeyingMaterial master_key(random_key.begin(), random_key.end());

                CKey key;

                (void)DecryptKey(master_key, cipher_text_ed, pubkey, key);

            });

    }

}

} // namespace

} // namespace wallet

FuzzedDataProvider.h

CKey
An encapsulated private key.
Definition: key.h:36

CKey::IsValid
bool IsValid() const
Check whether this private key is valid.
Definition: key.h:124

CKey::GetPubKey
CPubKey GetPubKey() const
Compute the public key from a private key.
Definition: key.cpp:183

CKey::Set
void Set(const T pbegin, const T pend, bool fCompressedIn)
Initialize using begin and end iterators to byte data.
Definition: key.h:104

CPubKey
An encapsulated public key.
Definition: pubkey.h:34

FuzzedDataProvider
Definition: FuzzedDataProvider.h:32

FuzzedDataProvider::ConsumeRandomLengthString
std::string ConsumeRandomLengthString(size_t max_length)
Definition: FuzzedDataProvider.h:153

FuzzedDataProvider::ConsumeBool
bool ConsumeBool()
Definition: FuzzedDataProvider.h:289

FuzzedDataProvider::ConsumeIntegralInRange
T ConsumeIntegralInRange(T min, T max)
Definition: FuzzedDataProvider.h:205

FuzzedDataProvider::ConsumeIntegral
T ConsumeIntegral()
Definition: FuzzedDataProvider.h:195

wallet::CMasterKey::DEFAULT_DERIVE_ITERATIONS
static constexpr unsigned int DEFAULT_DERIVE_ITERATIONS
Default/minimum number of key derivation rounds.
Definition: crypter.h:48

crypter.h

fuzz.h

LIMITED_WHILE
#define LIMITED_WHILE(condition, limit)
Can be used to limit a theoretically unbounded loop.
Definition: fuzz.h:22

init
Definition: basic.cpp:8

wallet
Definition: wallet_balance.cpp:26

wallet::CKeyingMaterial
std::vector< unsigned char, secure_allocator< unsigned char > > CKeyingMaterial
Definition: crypter.h:63

wallet::WALLET_CRYPTO_KEY_SIZE
const unsigned int WALLET_CRYPTO_KEY_SIZE
Definition: crypter.h:14

wallet::FUZZ_TARGET
FUZZ_TARGET(coin_grinder)
Definition: coinselection.cpp:82

wallet::DecryptKey
bool DecryptKey(const CKeyingMaterial &master_key, const std::span< const unsigned char > crypted_secret, const CPubKey &pub_key, CKey &key)
Definition: crypter.cpp:132

wallet::WALLET_CRYPTO_SALT_SIZE
const unsigned int WALLET_CRYPTO_SALT_SIZE
Definition: crypter.h:15

wallet::EncryptSecret
bool EncryptSecret(const CKeyingMaterial &vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256 &nIV, std::vector< unsigned char > &vchCiphertext)
Definition: crypter.cpp:111

SecureString
std::basic_string< char, std::char_traits< char >, secure_allocator< char > > SecureString
Definition: secure.h:53

setup_common.h

util.h

ConsumeFixedLengthByteVector
std::vector< B > ConsumeFixedLengthByteVector(FuzzedDataProvider &fuzzed_data_provider, const size_t length) noexcept
Returns a byte vector of specified size regardless of the number of remaining bytes available from th...
Definition: util.h:261

CallOneOf
size_t CallOneOf(FuzzedDataProvider &fuzzed_data_provider, Callables... callables)
Definition: util.h:35

ConsumeRandomLengthByteVector
std::vector< B > ConsumeRandomLengthByteVector(FuzzedDataProvider &fuzzed_data_provider, const std::optional< size_t > &max_length=std::nullopt) noexcept
Definition: util.h:57

SeedRandomStateForTest
void SeedRandomStateForTest(SeedRand seedtype)
Seed the global RNG state for testing and log the seed value.
Definition: random.cpp:19

SeedRand::ZEROS
@ ZEROS
Seed with a compile time constant of zeros.

random_string
std::string random_string(uint32_t length)
Definition: test_kernel.cpp:29

fuzzed_data_provider
FuzzedDataProvider & fuzzed_data_provider
Definition: fees.cpp:39