Skip to content

Commit

Permalink
Separate KeysFuzzer
Browse files Browse the repository at this point in the history
Signed-off-by: Arthur Chan <[email protected]>
  • Loading branch information
arthurscchan authored and loosebazooka committed Mar 29, 2024
1 parent 3845693 commit e5f92c4
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 9 deletions.
34 changes: 34 additions & 0 deletions fuzzing/src/main/java/fuzzing/KeysParsingFuzzer.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
/*
* Copyright 2023 The Sigstore Authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package fuzzing;

import com.code_intelligence.jazzer.api.FuzzedDataProvider;
import dev.sigstore.encryption.Keys;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;

public class KeysParsingFuzzer {
public static void fuzzerTestOneInput(FuzzedDataProvider data) {
try {
byte[] byteArray = data.consumeRemainingAsBytes();

Keys.parsePublicKey(byteArray);
} catch (IOException | InvalidKeySpecException | NoSuchAlgorithmException e) {
// known exceptions
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -17,24 +17,18 @@

import com.code_intelligence.jazzer.api.FuzzedDataProvider;
import dev.sigstore.encryption.Keys;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;

public class KeysFuzzer {
public class TufKeysFuzzer {
public static void fuzzerTestOneInput(FuzzedDataProvider data) {
try {
String[] schemes = {"rsassa-pss-sha256", "ed25519", "ecdsa-sha2-nistp256"};
String scheme = data.pickValue(schemes);
Boolean choice = data.consumeBoolean();
byte[] byteArray = data.consumeRemainingAsBytes();

if (choice) {
Keys.parsePublicKey(byteArray);
} else {
Keys.constructTufPublicKey(byteArray, scheme);
}
} catch (IOException | InvalidKeySpecException | NoSuchAlgorithmException e) {
Keys.constructTufPublicKey(byteArray, scheme);
} catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
// known exceptions
} catch (RuntimeException e) {
if (!e.toString().contains("not currently supported")) {
Expand Down

0 comments on commit e5f92c4

Please sign in to comment.