diff --git a/.gitignore b/.gitignore index 96a5578d..1ce9f38e 100644 --- a/.gitignore +++ b/.gitignore @@ -34,4 +34,4 @@ push_html.sh node_modules -*/.cifuzz-corpus/* +pgpainless-sop/.cifuzz-corpus/* diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt index 9112273e..5524dcae 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt @@ -347,7 +347,12 @@ class OpenPgpMessageInputStream( "Symmetrically Encrypted Data Packet at depth ${layerMetadata.depth} encountered.") syntaxVerifier.next(InputSymbol.ENCRYPTED_DATA) val encDataList = packetInputStream!!.readEncryptedDataList() - if (!encDataList.isIntegrityProtected && !encDataList.isEmpty && !encDataList.get(0).isAEAD) { + if (encDataList.isEmpty) { + LOGGER.debug( + "Missing encrypted session key packet.") + return false + } + if (!encDataList.isIntegrityProtected && !encDataList.get(0).isAEAD) { LOGGER.warn("Symmetrically Encrypted Data Packet is not integrity-protected.") if (!options.isIgnoreMDCErrors()) { throw MessageNotIntegrityProtectedException() diff --git a/pgpainless-sop/build.gradle b/pgpainless-sop/build.gradle index 70a4a743..adcbd283 100644 --- a/pgpainless-sop/build.gradle +++ b/pgpainless-sop/build.gradle @@ -19,7 +19,7 @@ dependencies { testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion" // Jazzer for Fuzzing - testImplementation "com.code-intelligence:jazzer-junit:$jazzerVersion" + testImplementation "com.code-intelligence:jazzer-junit:0.24.0" // Logging testImplementation "ch.qos.logback:logback-classic:$logbackVersion" diff --git a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/AsciiArmorFuzzTest.java b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/AsciiArmorFuzzTest.java index ead6098a..7f068506 100644 --- a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/AsciiArmorFuzzTest.java +++ b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/AsciiArmorFuzzTest.java @@ -22,7 +22,7 @@ public class AsciiArmorFuzzTest { maxDuration = "60s" ) public void armorAndDearmorData(FuzzedDataProvider data) throws IOException { - byte[] bytes = data.consumeRemainingAsBytes(); + byte[] bytes = data.consumeBytes(1024); byte[] armored = sop.armor().data(bytes).getBytes(); if (Arrays.areEqual(bytes, armored)) { diff --git a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/EncryptedMessageFuzzingTest.java b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/EncryptedMessageFuzzingTest.java index 5277cac2..4cc2daa0 100644 --- a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/EncryptedMessageFuzzingTest.java +++ b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/EncryptedMessageFuzzingTest.java @@ -10,7 +10,6 @@ import org.bouncycastle.util.encoders.Hex; import org.bouncycastle.util.io.Streams; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; -import org.pgpainless.exception.MissingDecryptionMethodException; import org.pgpainless.exception.ModificationDetectionException; import org.pgpainless.sop.SOPImpl; import sop.SOP; @@ -76,7 +75,7 @@ public class EncryptedMessageFuzzingTest { maxDuration = "60s" ) public void decryptFuzzedMessage(FuzzedDataProvider provider) { - byte[] ciphertext = provider.consumeRemainingAsBytes(); + byte[] ciphertext = provider.consumeBytes(8192); if (ciphertext.length == 0) { return; } diff --git a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/ParseCertFuzzTest.java b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/ParseCertFuzzTest.java index 97324535..39296126 100644 --- a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/ParseCertFuzzTest.java +++ b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/ParseCertFuzzTest.java @@ -22,7 +22,7 @@ public class ParseCertFuzzTest { @FuzzTest(maxDuration = "30s") public void parseOpenPGPCert(FuzzedDataProvider data) throws IOException { - byte[] certEncoding = data.consumeRemainingAsBytes(); + byte[] certEncoding = data.consumeBytes(8192); if (certEncoding.length == 0) { return; } diff --git a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTest.java b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTest.java index ab961811..bbd7e662 100644 --- a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTest.java +++ b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/PublicKeyPacketFuzzTest.java @@ -6,24 +6,33 @@ package org.pgpainless.sop.fuzzing; import com.code_intelligence.jazzer.api.FuzzedDataProvider; import com.code_intelligence.jazzer.junit.FuzzTest; +import org.bouncycastle.bcpg.BCPGInputStream; import org.bouncycastle.bcpg.UnsupportedPacketVersionException; -import org.bouncycastle.openpgp.api.OpenPGPKeyReader; +import org.bouncycastle.openpgp.PGPObjectFactory; +import org.bouncycastle.openpgp.PGPPublicKeyRing; +import org.bouncycastle.openpgp.bc.BcPGPObjectFactory; +import java.io.ByteArrayInputStream; import java.io.IOException; public class PublicKeyPacketFuzzTest { - private final OpenPGPKeyReader reader = new OpenPGPKeyReader(); - - @FuzzTest(maxDuration = "60s") - public void parsePublicKeyPacket(FuzzedDataProvider provider) { - byte[] encoding = provider.consumeRemainingAsBytes(); + @FuzzTest(maxDuration = "30m") + public void parsePublicKeyPacket(FuzzedDataProvider provider) + { + byte[] encoding = provider.consumeBytes(8192); if (encoding.length == 0) { return; } + ByteArrayInputStream bIn = new ByteArrayInputStream(encoding); + BCPGInputStream pIn = new BCPGInputStream(bIn); + PGPObjectFactory objFac = new BcPGPObjectFactory(pIn); try { - reader.parseCertificate(encoding); + Object next = objFac.nextObject(); + if (next == null) return; + + PGPPublicKeyRing pubKey = (PGPPublicKeyRing) next; } catch (IOException e) { // ignore } catch (UnsupportedPacketVersionException e) { diff --git a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTest.java b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTest.java index cb3cfd9a..2d0e94b5 100644 --- a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTest.java +++ b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SecretKeyPacketFuzzTest.java @@ -6,25 +6,33 @@ package org.pgpainless.sop.fuzzing; import com.code_intelligence.jazzer.api.FuzzedDataProvider; import com.code_intelligence.jazzer.junit.FuzzTest; +import org.bouncycastle.bcpg.BCPGInputStream; import org.bouncycastle.bcpg.UnsupportedPacketVersionException; -import org.bouncycastle.openpgp.api.OpenPGPKeyReader; +import org.bouncycastle.openpgp.PGPObjectFactory; +import org.bouncycastle.openpgp.PGPSecretKeyRing; +import org.bouncycastle.openpgp.bc.BcPGPObjectFactory; +import java.io.ByteArrayInputStream; import java.io.IOException; public class SecretKeyPacketFuzzTest { - private final OpenPGPKeyReader reader = new OpenPGPKeyReader(); - - @FuzzTest(maxDuration = "6ßs") + @FuzzTest(maxDuration = "30m") public void parseSecretKeyPacket(FuzzedDataProvider provider) { - byte[] encoding = provider.consumeRemainingAsBytes(); + byte[] encoding = provider.consumeBytes(8192); if (encoding.length == 0) { return; } + ByteArrayInputStream bIn = new ByteArrayInputStream(encoding); + BCPGInputStream pIn = new BCPGInputStream(bIn); + PGPObjectFactory objFac = new BcPGPObjectFactory(pIn); try { - reader.parseKey(encoding); + Object next = objFac.nextObject(); + if (next == null) return; + + PGPSecretKeyRing secKey = (PGPSecretKeyRing) next; } catch (IOException e) { // ignore } catch (UnsupportedPacketVersionException e) { diff --git a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SignatureFuzzTest.java b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SignatureFuzzTest.java index c13057b0..6d1be4a2 100644 --- a/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SignatureFuzzTest.java +++ b/pgpainless-sop/src/test/java/org/pgpainless/sop/fuzzing/SignatureFuzzTest.java @@ -273,7 +273,7 @@ public class SignatureFuzzTest { maxDuration = "60s" ) public void verifyFuzzedSig(FuzzedDataProvider provider) throws IOException { - byte[] sig = provider.consumeRemainingAsBytes(); + byte[] sig = provider.consumeBytes(1024); if (sig.length == 0) { return; } diff --git a/version.gradle b/version.gradle index 2ba79714..c50556ac 100644 --- a/version.gradle +++ b/version.gradle @@ -10,7 +10,6 @@ allprojects { bouncyCastleVersion = '1.82-SNAPSHOT' bouncyPgVersion = bouncyCastleVersion junitVersion = '5.8.2' - jazzerVersion = '0.24.0' logbackVersion = '1.5.13' mockitoVersion = '4.5.1' slf4jVersion = '1.7.36'