Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[wolfssl] Several improvements (#6025) 

* [wolfssl] Several improvements

- Build additional target (normal math)
- More cross-pollination (import from Botan and other wolfSSL corpora)

* [wolfssl] Fix normal math 32 bit build
This commit is contained in:
Guido Vranken 2021-07-12 10:49:14 +02:00 committed by GitHub
parent 6ae7009e00
commit fca42e9bfd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 72 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
projects/wolfssl/Dockerfile
View File

@ -36,6 +36,16 @@ RUN gsutil cp gs://nettle-backup.clusterfuzz-external.appspot.com/corpus/libFuzz
RUN gsutil cp gs://libecc-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/libecc_cryptofuzz-libecc/public.zip $SRC/corpus_libecc.zip RUN gsutil cp gs://libecc-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/libecc_cryptofuzz-libecc/public.zip $SRC/corpus_libecc.zip
RUN gsutil cp gs://relic-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/relic_cryptofuzz-relic/public.zip $SRC/corpus_relic.zip RUN gsutil cp gs://relic-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/relic_cryptofuzz-relic/public.zip $SRC/corpus_relic.zip
RUN gsutil cp gs://cryptofuzz-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/cryptofuzz_cryptofuzz-openssl/public.zip $SRC/corpus_cryptofuzz.zip RUN gsutil cp gs://cryptofuzz-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/cryptofuzz_cryptofuzz-openssl/public.zip $SRC/corpus_cryptofuzz.zip
RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math-all/public.zip $SRC/corpus_wolfssl_sp-math-all.zip
RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math-all-8bit/public.zip $SRC/corpus_wolfssl_sp-math-all-8bit.zip
RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math/public.zip $SRC/corpus_wolfssl_sp-math.zip
RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-disable-fastmath/public.zip $SRC/corpus_wolfssl_disable-fastmath.zip
# Botan corpora, which require a special import procedure
RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p256/public.zip $SRC/corpus_botan_ecc_p256.zip
RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p384/public.zip $SRC/corpus_botan_ecc_p384.zip
RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p521/public.zip $SRC/corpus_botan_ecc_p521.zip
RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_bp256/public.zip $SRC/corpus_botan_ecc_bp256.zip
WORKDIR wolfssl WORKDIR wolfssl

62
projects/wolfssl/build.sh
View File

@ -107,6 +107,38 @@ then
export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a"
export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" export BOTAN_INCLUDE_PATH="$SRC/botan/build/include"
# Build normal math fuzzer
cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-normal-math/
cp -R $SRC/wolfssl/ $SRC/wolfssl-normal-math/
cd $SRC/wolfssl-normal-math/
autoreconf -ivf
CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP"
if [[ $CFLAGS != *-m32* ]]
then
./configure $WOLFCRYPT_CONFIGURE_PARAMS
else
# Compiling instrumented 32 bit normal math with asm is currently
# not possible because it results in Clang error messages such as:
#
# wolfcrypt/src/tfm.c:3154:11: error: inline assembly requires more registers than available
./configure $WOLFCRYPT_CONFIGURE_PARAMS --disable-asm
fi
make -j$(nproc)
export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT -DCRYPTOFUZZ_BOTAN"
export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-normal-math/src/.libs/libwolfssl.a"
export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-normal-math/"
cd $SRC/cryptofuzz-normal-math/modules/wolfcrypt
make -j$(nproc)
cd $SRC/cryptofuzz-normal-math/modules/botan
make -j$(nproc)
cd $SRC/cryptofuzz-normal-math/
LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc)
cp cryptofuzz $OUT/cryptofuzz-normal-math
CFLAGS="$OLD_CFLAGS"
CXXFLAGS="$OLD_CXXFLAGS"
unset WOLFCRYPT_LIBWOLFSSL_A_PATH
unset WOLFCRYPT_INCLUDE_PATH
# Build sp-math-all fuzzer # Build sp-math-all fuzzer
cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-sp-math-all/ cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-sp-math-all/
cp -R $SRC/wolfssl/ $SRC/wolfssl-sp-math-all/ cp -R $SRC/wolfssl/ $SRC/wolfssl-sp-math-all/
@ -213,17 +245,47 @@ then
unzip -n $SRC/corpus_libecc.zip -d $SRC/cryptofuzz_seed_corpus/ unzip -n $SRC/corpus_libecc.zip -d $SRC/cryptofuzz_seed_corpus/
unzip -n $SRC/corpus_relic.zip -d $SRC/cryptofuzz_seed_corpus/ unzip -n $SRC/corpus_relic.zip -d $SRC/cryptofuzz_seed_corpus/
unzip -n $SRC/corpus_cryptofuzz.zip -d $SRC/cryptofuzz_seed_corpus/ unzip -n $SRC/corpus_cryptofuzz.zip -d $SRC/cryptofuzz_seed_corpus/
unzip -n $SRC/corpus_wolfssl_sp-math-all.zip -d $SRC/cryptofuzz_seed_corpus/
unzip -n $SRC/corpus_wolfssl_sp-math-all-8bit.zip -d $SRC/cryptofuzz_seed_corpus/
unzip -n $SRC/corpus_wolfssl_sp-math.zip -d $SRC/cryptofuzz_seed_corpus/
unzip -n $SRC/corpus_wolfssl_disable-fastmath.zip -d $SRC/cryptofuzz_seed_corpus/
# Import Botan corpora
mkdir $SRC/botan-p256-corpus/
unzip $SRC/corpus_botan_ecc_p256.zip -d $SRC/botan-p256-corpus/
find $SRC/botan-p256-corpus/ -type f -exec $SRC/cryptofuzz-disable-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp256r1 \;
mkdir $SRC/botan-p384-corpus/
unzip $SRC/corpus_botan_ecc_p384.zip -d $SRC/botan-p384-corpus/
find $SRC/botan-p384-corpus/ -type f -exec $SRC/cryptofuzz-disable-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp384r1 \;
mkdir $SRC/botan-p521-corpus/
unzip $SRC/corpus_botan_ecc_p521.zip -d $SRC/botan-p521-corpus/
find $SRC/botan-p521-corpus/ -type f -exec $SRC/cryptofuzz-disable-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp521r1 \;
mkdir $SRC/botan-bp256-corpus/
unzip $SRC/corpus_botan_ecc_bp256.zip -d $SRC/botan-bp256-corpus/
find $SRC/botan-bp256-corpus/ -type f -exec $SRC/cryptofuzz-disable-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,brainpool256r1 \;
# Pack it # Pack it
cd $SRC/cryptofuzz_seed_corpus cd $SRC/cryptofuzz_seed_corpus
zip -r $SRC/cryptofuzz_seed_corpus.zip . zip -r $SRC/cryptofuzz_seed_corpus.zip .
# Use it as the seed corpus for each Cryptofuzz-based fuzzer # Use it as the seed corpus for each Cryptofuzz-based fuzzer
cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-normal-math_seed_corpus.zip
cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math-all_seed_corpus.zip cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math-all_seed_corpus.zip
cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math-all-8bit_seed_corpus.zip cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math-all-8bit_seed_corpus.zip
cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math_seed_corpus.zip cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math_seed_corpus.zip
cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-disable-fastmath_seed_corpus.zip cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-disable-fastmath_seed_corpus.zip
# Remove files that are no longer needed to prevent running out of disk space
rm -rf $SRC/botan-p256-corpus/
rm -rf $SRC/botan-p384-corpus/
rm -rf $SRC/botan-p521-corpus/
rm -rf $SRC/botan-bp256-corpus/
rm -rf $SRC/cryptofuzz_seed_corpus/
rm -rf $SRC/cryptofuzz_seed_corpus.zip
# Build SSL/SSH fuzzers # Build SSL/SSH fuzzers
NEW_SRC=$SRC/wolf-ssl-ssh-fuzzers/oss-fuzz/projects/wolf-ssl-ssh/ NEW_SRC=$SRC/wolf-ssl-ssh-fuzzers/oss-fuzz/projects/wolf-ssl-ssh/
cp -R $SRC/wolfssl/ $NEW_SRC cp -R $SRC/wolfssl/ $NEW_SRC