PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-09 10:19:39 +02:00
Code Issues Releases Wiki Activity

key packet fuzzing tests: Use OpenPGPKey/OpenPGPCertificate API

Browse source
This commit is contained in:
Paul Schaub 2025-07-14 22:09:51 +02:00
parent 9f8ce475eb
commit 7656bcd101
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 11 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

21
pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTest.java
View file

@ -6,33 +6,24 @@ package org.pgpainless.sop.fuzzing;
import com.code_intelligence.jazzer.api.FuzzedDataProvider;
import com.code_intelligence.jazzer.junit.FuzzTest;
import org.bouncycastle.bcpg.BCPGInputStream;
import org.bouncycastle.bcpg.UnsupportedPacketVersionException;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
import org.bouncycastle.openpgp.api.OpenPGPKeyReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
public class PublicKeyPacketFuzzTest {
@FuzzTest(maxDuration = "30m")
public void parsePublicKeyPacket(FuzzedDataProvider provider)
{
private final OpenPGPKeyReader reader = new OpenPGPKeyReader();
@FuzzTest(maxDuration = "60s")
public void parsePublicKeyPacket(FuzzedDataProvider provider) {
byte[] encoding = provider.consumeRemainingAsBytes();
if (encoding.length == 0) {
return;
}
ByteArrayInputStream bIn = new ByteArrayInputStream(encoding);
BCPGInputStream pIn = new BCPGInputStream(bIn);
PGPObjectFactory objFac = new BcPGPObjectFactory(pIn);
try {
Object next = objFac.nextObject();
if (next == null) return;
PGPPublicKeyRing pubKey = (PGPPublicKeyRing) next;
reader.parseCertificate(encoding);
} catch (IOException e) {
// ignore
} catch (UnsupportedPacketVersionException e) {

18
pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTest.java
View file

@ -6,18 +6,16 @@ package org.pgpainless.sop.fuzzing;
import com.code_intelligence.jazzer.api.FuzzedDataProvider;
import com.code_intelligence.jazzer.junit.FuzzTest;
import org.bouncycastle.bcpg.BCPGInputStream;
import org.bouncycastle.bcpg.UnsupportedPacketVersionException;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
import org.bouncycastle.openpgp.api.OpenPGPKeyReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
public class SecretKeyPacketFuzzTest {
@FuzzTest(maxDuration = "30m")
private final OpenPGPKeyReader reader = new OpenPGPKeyReader();
@FuzzTest(maxDuration = "6ßs")
public void parseSecretKeyPacket(FuzzedDataProvider provider)
{
byte[] encoding = provider.consumeRemainingAsBytes();
@ -25,14 +23,8 @@ public class SecretKeyPacketFuzzTest {
return;
}
ByteArrayInputStream bIn = new ByteArrayInputStream(encoding);
BCPGInputStream pIn = new BCPGInputStream(bIn);
PGPObjectFactory objFac = new BcPGPObjectFactory(pIn);
try {
Object next = objFac.nextObject();
if (next == null) return;
PGPSecretKeyRing secKey = (PGPSecretKeyRing) next;
reader.parseKey(encoding);
} catch (IOException e) {
// ignore
} catch (UnsupportedPacketVersionException e) {