TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 51a7679a8e1ec7e82cb7ff82faad43de70e830c3^! / . / programs / fuzz / fuzz_privkey.c
commit51a7679a8e1ec7e82cb7ff82faad43de70e830c3[log] [tgz]
authorPaul Elliott <paul.elliott@arm.com>Fri Feb 11 19:10:14 2022 +0000
committerPaul Elliott <paul.elliott@arm.com>Fri Feb 11 19:10:14 2022 +0000
tree205bd9fcb7cd22c644ccf10166c2728cf56b5dd2
parentbebeae942851d0c85a5664b38ceb616c63449f08 [diff] [blame]
Ensure context is passed in to dummy_rand

In fuzz_privkey, we switched over to using dummy_rand(), which uses
ctr_drbg internally, and thus requires an initialised ctr_drbg_context
to be passed in via p_rng when calling mbedtls_pk_parse_key().

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c
index b9a160e..e8e1d44 100644
--- a/programs/fuzz/fuzz_privkey.c
+++ b/programs/fuzz/fuzz_privkey.c

@@ -2,26 +2,41 @@
 
 #include <stdint.h>
 #include <stdlib.h>
+#include <string.h>
 #include "mbedtls/pk.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
 #include "common.h"
 
 //4 Kb should be enough for every bug ;-)
 #define MAX_LEN 0x1000
 
+#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_CTR_DRBG_C)
+const char *pers = "fuzz_privkey";
+#endif // MBEDTLS_PK_PARSE_C && MBEDTLS_CTR_DRBG_C
 
 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_PK_PARSE_C
+#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_CTR_DRBG_C)
     int ret;
     mbedtls_pk_context pk;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
 
     if (Size > MAX_LEN) {
         //only work on small inputs
         Size = MAX_LEN;
     }
 
+    mbedtls_ctr_drbg_init( &ctr_drbg );
+    mbedtls_entropy_init( &entropy );
+
+    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
+                               ( const unsigned char * ) pers, strlen( pers ) ) != 0 )
+        return 1;
+
     mbedtls_pk_init( &pk );
     ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0,
-                                dummy_random, NULL );
+                                dummy_random, &ctr_drbg );
     if (ret == 0) {
 #if defined(MBEDTLS_RSA_C)
         if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
@@ -73,7 +88,7 @@
 #else
     (void) Data;
     (void) Size;
-#endif //MBEDTLS_PK_PARSE_C
+#endif // MBEDTLS_PK_PARSE_C && MBEDTLS_CTR_DRBG_C
 
     return 0;
 }