1 #include <stdint.h>
2 #include <stdlib.h>
3 #include <string.h>
4 #include "mbedtls/pk.h"
5 #include "mbedtls/entropy.h"
6 #include "mbedtls/ctr_drbg.h"
7 #include "common.h"
8 
9 //4 Kb should be enough for every bug ;-)
10 #define MAX_LEN 0x1000
11 
12 #if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C)
13 const char *pers = "fuzz_privkey";
14 #endif // MBEDTLS_PK_PARSE_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C
15 
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)16 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
17 {
18 #if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C)
19     int ret;
20     mbedtls_pk_context pk;
21     mbedtls_ctr_drbg_context ctr_drbg;
22     mbedtls_entropy_context entropy;
23 
24     if (Size > MAX_LEN) {
25         //only work on small inputs
26         Size = MAX_LEN;
27     }
28 
29     mbedtls_ctr_drbg_init(&ctr_drbg);
30     mbedtls_entropy_init(&entropy);
31     mbedtls_pk_init(&pk);
32 
33 #if defined(MBEDTLS_USE_PSA_CRYPTO)
34     psa_status_t status = psa_crypto_init();
35     if (status != PSA_SUCCESS) {
36         goto exit;
37     }
38 #endif /* MBEDTLS_USE_PSA_CRYPTO */
39 
40     if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy,
41                               (const unsigned char *) pers, strlen(pers)) != 0) {
42         goto exit;
43     }
44 
45     ret = mbedtls_pk_parse_key(&pk, Data, Size, NULL, 0,
46                                dummy_random, &ctr_drbg);
47     if (ret == 0) {
48 #if defined(MBEDTLS_RSA_C)
49         if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
50             mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
51             mbedtls_rsa_context *rsa;
52 
53             mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
54             mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
55             mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
56 
57             rsa = mbedtls_pk_rsa(pk);
58             if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != 0) {
59                 abort();
60             }
61             if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != 0) {
62                 abort();
63             }
64 
65             mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
66             mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
67             mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
68         } else
69 #endif
70 #if defined(MBEDTLS_ECP_C)
71         if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY ||
72             mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) {
73             mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
74             mbedtls_ecp_group_id grp_id = mbedtls_ecp_keypair_get_group_id(ecp);
75             const mbedtls_ecp_curve_info *curve_info =
76                 mbedtls_ecp_curve_info_from_grp_id(grp_id);
77 
78             /* If the curve is not supported, the key should not have been
79              * accepted. */
80             if (curve_info == NULL) {
81                 abort();
82             }
83         } else
84 #endif
85         {
86             /* The key is valid but is not of a supported type.
87              * This should not happen. */
88             abort();
89         }
90     }
91 exit:
92     mbedtls_entropy_free(&entropy);
93     mbedtls_ctr_drbg_free(&ctr_drbg);
94     mbedtls_pk_free(&pk);
95 #if defined(MBEDTLS_USE_PSA_CRYPTO)
96     mbedtls_psa_crypto_free();
97 #endif /* MBEDTLS_USE_PSA_CRYPTO */
98 #else
99     (void) Data;
100     (void) Size;
101 #endif // MBEDTLS_PK_PARSE_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C
102 
103     return 0;
104 }
105