PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-09 10:19:39 +02:00
Code Issues Releases Wiki Activity

More fuzzing tests and vectors

Browse source
This commit is contained in:
Paul Schaub 2025-07-12 11:29:07 +02:00
parent 1560980c7e
commit 42e6bb483f
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
70 changed files with 113 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/AsciiArmorFuzzTest.java
View file

@ -18,7 +18,9 @@ public class AsciiArmorFuzzTest {
private final SOP sop = new SOPImpl(); private final SOP sop = new SOPImpl();
@FuzzTest() @FuzzTest(
maxDuration = "60s"
)
public void armorAndDearmorData(FuzzedDataProvider data) throws IOException { public void armorAndDearmorData(FuzzedDataProvider data) throws IOException {
byte[] bytes = data.consumeBytes(1024); byte[] bytes = data.consumeBytes(1024);

8
pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/EncryptedMessageFuzzingTest.java
View file

@ -1,3 +1,7 @@
// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.sop.fuzzing; package org.pgpainless.sop.fuzzing;
import com.code_intelligence.jazzer.api.FuzzedDataProvider; import com.code_intelligence.jazzer.api.FuzzedDataProvider;
@ -67,7 +71,9 @@ public class EncryptedMessageFuzzingTest {
return keys; return keys;
} }
@FuzzTest @FuzzTest(
maxDuration = "60s"
)
public void decryptFuzzedMessage(FuzzedDataProvider provider) { public void decryptFuzzedMessage(FuzzedDataProvider provider) {
byte[] ciphertext = provider.consumeBytes(8192); byte[] ciphertext = provider.consumeBytes(8192);
if (ciphertext.length == 0) { if (ciphertext.length == 0) {

44
pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTest.java Normal file
View file

@ -0,0 +1,44 @@
// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.sop.fuzzing;
import com.code_intelligence.jazzer.api.FuzzedDataProvider;
import com.code_intelligence.jazzer.junit.FuzzTest;
import org.bouncycastle.bcpg.BCPGInputStream;
import org.bouncycastle.bcpg.UnsupportedPacketVersionException;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
import java.io.ByteArrayInputStream;
import java.io.IOException;
public class PublicKeyPacketFuzzTest {
@FuzzTest(maxDuration = "30m")
public void parsePublicKeyPacket(FuzzedDataProvider provider)
{
byte[] encoding = provider.consumeBytes(8192);
if (encoding.length == 0) {
return;
}
ByteArrayInputStream bIn = new ByteArrayInputStream(encoding);
BCPGInputStream pIn = new BCPGInputStream(bIn);
PGPObjectFactory objFac = new BcPGPObjectFactory(pIn);
try {
Object next = objFac.nextObject();
if (next == null) return;
PGPPublicKeyRing pubKey = (PGPPublicKeyRing) next;
} catch (IOException e) {
// ignore
} catch (UnsupportedPacketVersionException e) {
// ignore
} catch (ClassCastException e) {
// ignore
}
}
}

44
pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTest.java Normal file
View file

@ -0,0 +1,44 @@
// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.sop.fuzzing;
import com.code_intelligence.jazzer.api.FuzzedDataProvider;
import com.code_intelligence.jazzer.junit.FuzzTest;
import org.bouncycastle.bcpg.BCPGInputStream;
import org.bouncycastle.bcpg.UnsupportedPacketVersionException;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
import java.io.ByteArrayInputStream;
import java.io.IOException;
public class SecretKeyPacketFuzzTest {
@FuzzTest(maxDuration = "30m")
public void parseSecretKeyPacket(FuzzedDataProvider provider)
{
byte[] encoding = provider.consumeBytes(8192);
if (encoding.length == 0) {
return;
}
ByteArrayInputStream bIn = new ByteArrayInputStream(encoding);
BCPGInputStream pIn = new BCPGInputStream(bIn);
PGPObjectFactory objFac = new BcPGPObjectFactory(pIn);
try {
Object next = objFac.nextObject();
if (next == null) return;
PGPSecretKeyRing secKey = (PGPSecretKeyRing) next;
} catch (IOException e) {
// ignore
} catch (UnsupportedPacketVersionException e) {
// ignore
} catch (ClassCastException e) {
// ignore
}
}
}

2
pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SignatureFuzzTest.java
View file

@ -270,7 +270,7 @@ public class SignatureFuzzTest {
"-----END PGP PUBLIC KEY BLOCK-----\n"; "-----END PGP PUBLIC KEY BLOCK-----\n";
@FuzzTest( @FuzzTest(
//maxDuration = "60s" maxDuration = "60s"
) )
public void verifyFuzzedSig(FuzzedDataProvider provider) throws IOException { public void verifyFuzzedSig(FuzzedDataProvider provider) throws IOException {
byte[] sig = provider.consumeBytes(1024); byte[] sig = provider.consumeBytes(1024);

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/EncryptedMessageFuzzingTestInputs/decryptFuzzedMessage/crash-72aacd2d82d3c3fa750807ad1138e6a566996f04 Normal file
View file

@ -0,0 +1 @@
ÃÑóæqP\Ù±!J]÷µ,Ê¥‡ ¶Ò@:¨0.sd³±Ÿ¢å$X“<58>úÝ, ·bc«v7îG‡

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/ed25519Legacy_v4.pgp Normal file
View file

Binary file not shown.

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/ed25519_v4.pgp Normal file
View file

@ -0,0 +1 @@
Ζ&hpΥΗΊ›Σπ"µϋ^<5E><11>Έh­κεeh„(ΐύ

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/ed25519_v6.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/ed448_v4.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/ed448_v6.pgp Normal file
View file

Binary file not shown.

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP256ECDH_v4.pgp Normal file
View file

@ -0,0 +1 @@
фVhp*├Hн=$И■;а*вnх(У╧²cчЩy▐╨╝НЭ4 ,▒sU;хТь эй#!┘прA╩gДjL< ▐B▌7?

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP256ECDH_v6.pgp Normal file
View file

Binary file not shown.

2
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP256ECDSA_v4.pgp Normal file
View file

@ -0,0 +1,2 @@
ÆRhp*†HÎ=-ä $öí5?» <0C>¡¥xÄH4—ÅÌt?“Ïè’%<25>[sTpXý
8ãG:I)I/a¥¦"‡ÌyA9

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP256ECDSA_v6.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP384ECDH_v4.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP384ECDH_v6.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP384ECDSA_v4.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP384ECDSA_v6.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP521ECDH_v4.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP521ECDH_v6.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP521ECDSA_v4.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/nistP521ECDSA_v6.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/parsePublicKeyPacket/crash-40b0e946bfad779a720ffb4ddf3afda127c381e0 Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/parsePublicKeyPacket/crash-6ff0478f8c84828619d721a9c582cf0dc048198d Normal file
View file

Binary file not shown.

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/parsePublicKeyPacket/crash-972998632851a93af5c647ad0f8f684afbb6e788 Normal file
View file

@ -0,0 +1 @@
<EFBFBD><03>vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/parsePublicKeyPacket/crash-b2703b347fec497f13d319cfd5e337052683f853 Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/parsePublicKeyPacket/crash-b47757e7135bbaf31049992ed13461a1c95255c9 Normal file
View file

Binary file not shown.

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/parsePublicKeyPacket/crash-fd8f91587a20a22513ee536aec3411052e5b3217 Normal file
View file

@ -0,0 +1 @@
<EFBFBD>+

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/rsa2048_v4.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/rsa2048_v6.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/rsa4096_v4.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/rsa4096_v6.pgp Normal file
View file

Binary file not shown.

2
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/x25519Legacy_v4.pgp Normal file
View file

@ -0,0 +1,2 @@
Æ8hp
+—U@Vë‡Iü¹Ðˆæ¨£1]ŠýÀêøÙ<E280B9>¸_l‰4J 

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/x25519_v4.pgp Normal file
View file

@ -0,0 +1 @@
Æ&hpó^ñöoƒÈëuGɤo"C8|±¸šC‡Ë<Qö£H

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/x25519_v6.pgp Normal file
View file

Binary file not shown.

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/x448_v4.pgp Normal file
View file

@ -0,0 +1 @@
Æ>hpEN¸¤âú.-<2D>†?þFÏB­MÚ_-'ň[k® ùq<C3B9>nù³Q»ÐêԪ࣊³&[Òm¦YËÓ

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTestInputs/x448_v6.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/ed25519Legacy_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/ed25519_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/ed25519_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/ed448_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/ed448_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP256ECDH_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP256ECDH_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP256ECDSA_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP256ECDSA_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP384ECDH_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP384ECDH_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP384ECDSA_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP384ECDSA_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP521ECDH_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP521ECDH_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP521ECDSA_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/nistP521ECDSA_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/parseSecretKeyPacket/crash-28f2677523ed3043117ea46f27bf8b9b990c4e3a Normal file
View file

Binary file not shown.

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/parseSecretKeyPacket/crash-4fbc082c98d268e4495e09d40912053a9c08b896 Normal file
View file

@ -0,0 +1 @@
「ョ

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/parseSecretKeyPacket/crash-56fb7129479f381d7cfd4598b540d3b753730ffc Normal file
View file

@ -0,0 +1 @@
<EFBFBD>

1
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/parseSecretKeyPacket/crash-6c04193b9d8991eec00fdef05735bfed376c0f6c Normal file
View file

@ -0,0 +1 @@
:<3A>:

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/parseSecretKeyPacket/crash-8eb418bf4e4721c572e13bd11313a1d29de247a9 Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/parseSecretKeyPacket/crash-e3411c8a800f1d8d38cd62027ff5c51f51ab5224 Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/rsa2048_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/rsa2048_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/rsa4096_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/rsa4096_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/x25519Legacy_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/x25519_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/x25519_v6.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/x448_v4.key.pgp Normal file
View file

Binary file not shown.

BIN
pgpainless-sop/src/test/resources/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTestInputs/x448_v6.key.pgp Normal file
View file

Binary file not shown.