12280145220

Committed 11 Dec 2024 03:59PM UTC coverage: 91.257% (-0.004%) from 91.261%

Build # 12280145220

Build Type

Pull #3867

github

Committed by

web-flow

Commit Message

Merge 1d9b549cd into 281c77941

Pull Request Pull Request #3867: Use of none botan private keys for signing certificates.

Run Details

93389 of 102336 relevant lines covered (91.26%)

11422775.74 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

94.12

/src/fuzzer/mode_padding.cpp

/*
* (C) 2018 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "fuzzers.h"

#include <botan/internal/mode_pad.h>
#include <botan/internal/tls_cbc.h>

namespace {

size_t ref_pkcs7_unpad(std::span<const uint8_t> in) {
   if(in.size() <= 2) {
      return in.size();
   }
   size_t len = in.size();

   const size_t padding_length = in[len - 1];

   if(padding_length == 0 || padding_length > len) {
      return len;
   }

   const size_t padding_start = len - padding_length;

   for(size_t i = padding_start; i != len; ++i) {
      if(in[i] != padding_length) {
         return len;
      }
   }

   return len - padding_length;
}

size_t ref_x923_unpad(std::span<const uint8_t> in) {
   size_t len = in.size();
   if(len <= 2) {
      return len;
   }

   const size_t padding_length = in[len - 1];

   if(padding_length == 0 || padding_length > len) {
      return len;
   }
   const size_t padding_start = len - padding_length;

   for(size_t i = padding_start; i != len - 1; ++i) {
      if(in[i] != 0) {
         return len;
      }
   }

   return len - padding_length;
}

size_t ref_oneandzero_unpad(std::span<const uint8_t> in) {
   size_t len = in.size();
   if(len <= 2) {
      return len;
   }

   size_t idx = len - 1;

   for(;;) {
      if(in[idx] == 0) {
         if(idx == 0) {
            return len;
         }
         idx -= 1;
         continue;
      } else if(in[idx] == 0x80) {
         return idx;
      } else {
         return len;
      }
   }

   return len;
}

size_t ref_esp_unpad(std::span<const uint8_t> in) {
   size_t len = in.size();
   if(len <= 2) {
      return len;
   }

   const size_t padding_bytes = in[len - 1];

   if(padding_bytes == 0 || padding_bytes > len) {
      return len;
   }

   const size_t padding_start = len - padding_bytes;
   for(size_t i = padding_start; i != len; ++i) {
      if(in[i] != (i - padding_start + 1)) {
         return len;
      }
   }

   return len - padding_bytes;
}

uint16_t ref_tls_cbc_unpad(std::span<const uint8_t> in) {
   size_t len = in.size();
   if(len == 0) {
      return 0;
   }

   const size_t padding_length = in[(len - 1)];

   if(padding_length >= len) {
      return 0;
   }

   /*
   * TLS v1.0 and up require all the padding bytes be the same value
   * and allows up to 255 bytes.
   */
   for(size_t i = 0; i != 1 + padding_length; ++i) {
      if(in[(len - i - 1)] != padding_length) {
         return 0;
      }
   }
   return padding_length + 1;
}

}  // namespace

void fuzz(std::span<const uint8_t> in) {
   static Botan::PKCS7_Padding pkcs7;
   static Botan::ANSI_X923_Padding x923;
   static Botan::OneAndZeros_Padding oneandzero;
   static Botan::ESP_Padding esp;

   size_t len = in.size();

   if(pkcs7.valid_blocksize(len)) {
      const size_t ct_pkcs7 = pkcs7.unpad(in.data(), len);
      const size_t ref_pkcs7 = ref_pkcs7_unpad(in);
      FUZZER_ASSERT_EQUAL(ct_pkcs7, ref_pkcs7);
   }

   if(x923.valid_blocksize(len)) {
      const size_t ct_x923 = x923.unpad(in.data(), len);
      const size_t ref_x923 = ref_x923_unpad(in);
      FUZZER_ASSERT_EQUAL(ct_x923, ref_x923);
   }

   if(oneandzero.valid_blocksize(len)) {
      const size_t ct_oneandzero = oneandzero.unpad(in.data(), len);
      const size_t ref_oneandzero = ref_oneandzero_unpad(in);
      FUZZER_ASSERT_EQUAL(ct_oneandzero, ref_oneandzero);
   }

   if(esp.valid_blocksize(len)) {
      const size_t ct_esp = esp.unpad(in.data(), len);
      const size_t ref_esp = ref_esp_unpad(in);
      FUZZER_ASSERT_EQUAL(ct_esp, ref_esp);
   }

   const uint16_t ct_cbc = Botan::TLS::check_tls_cbc_padding(in.data(), len);
   const uint16_t ref_cbc = ref_tls_cbc_unpad(in);
   FUZZER_ASSERT_EQUAL(ct_cbc, ref_cbc);
}

1	/*
2	* (C) 2018 Jack Lloyd
3	*
4	* Botan is released under the Simplified BSD License (see license.txt)
5	*/
6
7	#include "fuzzers.h"
8
9	#include <botan/internal/mode_pad.h>
10	#include <botan/internal/tls_cbc.h>
11
12	namespace {
13
14	size_t ref_pkcs7_unpad(std::span<const uint8_t> in) {	253✔
15	if(in.size() <= 2) {	253✔
16	return in.size();
17	}
18	size_t len = in.size();	253✔
19
20	const size_t padding_length = in[len - 1];	253✔
21
22	if(padding_length == 0 \|\| padding_length > len) {	253✔
23	return len;
24	}
25
26	const size_t padding_start = len - padding_length;	141✔
27
28	for(size_t i = padding_start; i != len; ++i) {	141✔
29	if(in[i] != padding_length) {	141✔
30	return len;
31	}
32	}
33
34	return len - padding_length;
35	}
36
37	size_t ref_x923_unpad(std::span<const uint8_t> in) {	253✔
38	size_t len = in.size();	253✔
39	if(len <= 2) {	253✔
40	return len;
41	}
42
43	const size_t padding_length = in[len - 1];	253✔
44
45	if(padding_length == 0 \|\| padding_length > len) {	253✔
46	return len;
47	}
48	const size_t padding_start = len - padding_length;	141✔
49
50	for(size_t i = padding_start; i != len - 1; ++i) {	141✔
51	if(in[i] != 0) {	141✔
52	return len;
53	}
54	}
55
56	return len - padding_length;
57	}
58
59	size_t ref_oneandzero_unpad(std::span<const uint8_t> in) {	997✔
60	size_t len = in.size();	997✔
61	if(len <= 2) {	997✔
62	return len;
63	}
64
65	size_t idx = len - 1;	997✔
66
67	for(;;) {	997✔
68	if(in[idx] == 0) {	997✔
69	if(idx == 0) {	×
70	return len;
71	}
72	idx -= 1;	×
73	continue;	×
74	} else if(in[idx] == 0x80) {	997✔
75	return idx;
76	} else {
77	return len;
78	}
79	}
80
81	return len;
82	}
83
84	size_t ref_esp_unpad(std::span<const uint8_t> in) {	253✔
85	size_t len = in.size();	253✔
86	if(len <= 2) {	253✔
87	return len;
88	}
89
90	const size_t padding_bytes = in[len - 1];	253✔
91
92	if(padding_bytes == 0 \|\| padding_bytes > len) {	253✔
93	return len;
94	}
95
96	const size_t padding_start = len - padding_bytes;	141✔
97	for(size_t i = padding_start; i != len; ++i) {	142✔
98	if(in[i] != (i - padding_start + 1)) {	142✔
99	return len;
100	}
101	}
102
103	return len - padding_bytes;
104	}
105
106	uint16_t ref_tls_cbc_unpad(std::span<const uint8_t> in) {	1,000✔
107	size_t len = in.size();	1,000✔
108	if(len == 0) {	1,000✔
109	return 0;
110	}
111
112	const size_t padding_length = in[(len - 1)];	999✔
113
114	if(padding_length >= len) {	999✔
115	return 0;
116	}
117
118	/*
119	* TLS v1.0 and up require all the padding bytes be the same value
120	* and allows up to 255 bytes.
121	*/
122	for(size_t i = 0; i != 1 + padding_length; ++i) {	1,767✔
123	if(in[(len - i - 1)] != padding_length) {	1,767✔
124	return 0;
125	}
126	}
127	return padding_length + 1;	×
128	}
129
130	} // namespace
131
132	void fuzz(std::span<const uint8_t> in) {	1,000✔
133	static Botan::PKCS7_Padding pkcs7;	1,000✔
134	static Botan::ANSI_X923_Padding x923;	1,000✔
135	static Botan::OneAndZeros_Padding oneandzero;	1,000✔
136	static Botan::ESP_Padding esp;	1,000✔
137
138	size_t len = in.size();	1,000✔
139
140	if(pkcs7.valid_blocksize(len)) {	1,000✔
141	const size_t ct_pkcs7 = pkcs7.unpad(in.data(), len);	253✔
142	const size_t ref_pkcs7 = ref_pkcs7_unpad(in);	253✔
143	FUZZER_ASSERT_EQUAL(ct_pkcs7, ref_pkcs7);	253✔
144	}
145
146	if(x923.valid_blocksize(len)) {	1,000✔
147	const size_t ct_x923 = x923.unpad(in.data(), len);	253✔
148	const size_t ref_x923 = ref_x923_unpad(in);	253✔
149	FUZZER_ASSERT_EQUAL(ct_x923, ref_x923);	253✔
150	}
151
152	if(oneandzero.valid_blocksize(len)) {	1,000✔
153	const size_t ct_oneandzero = oneandzero.unpad(in.data(), len);	997✔
154	const size_t ref_oneandzero = ref_oneandzero_unpad(in);	997✔
155	FUZZER_ASSERT_EQUAL(ct_oneandzero, ref_oneandzero);	997✔
156	}
157
158	if(esp.valid_blocksize(len)) {	1,000✔
159	const size_t ct_esp = esp.unpad(in.data(), len);	253✔
160	const size_t ref_esp = ref_esp_unpad(in);	253✔
161	FUZZER_ASSERT_EQUAL(ct_esp, ref_esp);	253✔
162	}
163
164	const uint16_t ct_cbc = Botan::TLS::check_tls_cbc_padding(in.data(), len);	1,000✔
165	const uint16_t ref_cbc = ref_tls_cbc_unpad(in);	1,000✔
166	FUZZER_ASSERT_EQUAL(ct_cbc, ref_cbc);	1,000✔
167	}	1,000✔

randombit / botan / 12280145220

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous