cryptofuzz

module

v0.0.0-...-b27285a Latest Latest Go to latest Published: Apr 3, 2019 License: BSD-3-Clause

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mmcloughlin/cryptofuzz

Links

Open Source Insights

README ¶

cryptofuzz

Fuzzing Go crypto with go-fuzz.

Discoveries

salsa20 counter increment vulnerability: announcement, patch, investigation, discussion, rebuttal
curve25519 missing input mask: #30095, patch

Targets

Fuzzers compare assembly implementations to the corresponding pure Go versions.

aesgcm: crypto/aes GCM mode
chacha20poly1305: x/crypto/chacha20poly1305
curve25519: x/crypto/curve25519
p256: crypto/elliptic P-256 curve
sha1: crypto/sha1
sha256: crypto/sha256
sha512: crypto/sha512
sha3: x/crypto/sha3
blake2b: x/crypto/blake2b
blake2s: x/crypto/blake2s
argon2: x/crypto/argon2
poly1305: x/crypto/poly1305
salsa20: x/crypto/salsa20

Experimental:

exp/litpoly1305: Filippo Valsorda's "literate" poly1305 (CL #169037)

Quick Start

Install dependencies with

$ ./script/bootstrap

Then start a fuzzer with ./script/fuzz <target> where <target> is one of the subdirectories of target/, for example

$ ./script/fuzz sha1
...
2019/02/05 22:37:37 workers: 4, corpus: 56 (3s ago), crashers: 0, restarts: 1/0, execs: 0 (0/sec), cover: 0, uptime: 3s
2019/02/05 22:37:40 workers: 4, corpus: 56 (6s ago), crashers: 0, restarts: 1/4459, execs: 40139 (6666/sec), cover: 124, uptime: 6s
2019/02/05 22:37:43 workers: 4, corpus: 56 (9s ago), crashers: 0, restarts: 1/4349, execs: 52191 (5787/sec), cover: 124, uptime: 9s
2019/02/05 22:37:46 workers: 4, corpus: 56 (12s ago), crashers: 0, restarts: 1/6450, execs: 103200 (8588/sec), cover: 124, uptime: 12s
...

Infrastructure

The infra/ directory contains Terraform configuration to run fuzzers on EC2 spot fleets (to minimize cost). Before you proceed note that this will cost you money.

To utilize this infrastructure, first build an archive to distribute to the boxes

$ GOOS=linux GOARCH=amd64 ./script/dist

This should build an archive of all files required to run the fuzzers on EC2 boxes. To setup the infrastructure:

$ cd infra/
$ terraform init
$ terraform apply -var 'package_path=<path to dist archive>' -var 'targets=["p256", "sha3"]'

Note this expects to find AWS credentials in ~/.aws/credentials. For each specified target, this will setup a coordinator node and a worker fleet. See variables.tf to configure the size of the worker fleet.

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
fuzz Package fuzz provides generic fuzzers for crypto interfaces.	Package fuzz provides generic fuzzers for crypto interfaces.
target
aesgcm
argon2
argon2/fork/asm Package argon2 implements the key derivation function Argon2.	Package argon2 implements the key derivation function Argon2.
argon2/fork/noasm Package argon2 implements the key derivation function Argon2.	Package argon2 implements the key derivation function Argon2.
blake2b
blake2b/fork Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.	Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.
blake2s
blake2s/fork Package blake2s implements the BLAKE2s hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xs.	Package blake2s implements the BLAKE2s hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xs.
chacha20poly1305
chacha20poly1305/fork/asm Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539, and its extended nonce variant XChaCha20-Poly1305.	Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539, and its extended nonce variant XChaCha20-Poly1305.
chacha20poly1305/fork/internal/chacha20 Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3.	Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3.
chacha20poly1305/fork/internal/subtle Package subtle implements functions that are often useful in cryptographic code but require careful thought to use correctly.	Package subtle implements functions that are often useful in cryptographic code but require careful thought to use correctly.
chacha20poly1305/fork/noasm Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539, and its extended nonce variant XChaCha20-Poly1305.	Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539, and its extended nonce variant XChaCha20-Poly1305.
curve25519
curve25519/fork/asm Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.	Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
curve25519/fork/noasm Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.	Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
exp/litpoly1305
exp/litpoly1305/fork Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.	Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.
p256
poly1305
poly1305/fork/asm Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.	Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.
poly1305/fork/noasm Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.	Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.
salsa20
salsa20/fork/asm Package salsa provides low-level access to functions in the Salsa family.	Package salsa provides low-level access to functions in the Salsa family.
salsa20/fork/noasm Package salsa provides low-level access to functions in the Salsa family.	Package salsa provides low-level access to functions in the Salsa family.
sha1
sha1/fork/asm Package sha1 implements the SHA-1 hash algorithm as defined in RFC 3174.	Package sha1 implements the SHA-1 hash algorithm as defined in RFC 3174.
sha1/fork/internal/cpu Package cpu implements processor feature detection used by the Go standard library.	Package cpu implements processor feature detection used by the Go standard library.
sha1/fork/noasm Package sha1 implements the SHA-1 hash algorithm as defined in RFC 3174.	Package sha1 implements the SHA-1 hash algorithm as defined in RFC 3174.
sha256
sha256/fork/asm Package sha256 implements the SHA224 and SHA256 hash algorithms as defined in FIPS 180-4.	Package sha256 implements the SHA224 and SHA256 hash algorithms as defined in FIPS 180-4.
sha256/fork/internal/cpu Package cpu implements processor feature detection used by the Go standard library.	Package cpu implements processor feature detection used by the Go standard library.
sha256/fork/noasm Package sha256 implements the SHA224 and SHA256 hash algorithms as defined in FIPS 180-4.	Package sha256 implements the SHA224 and SHA256 hash algorithms as defined in FIPS 180-4.
sha3
sha3/fork/asm Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.	Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
sha3/fork/noasm Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.	Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
sha512
sha512/fork/asm Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 hash algorithms as defined in FIPS 180-4.	Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 hash algorithms as defined in FIPS 180-4.
sha512/fork/internal/cpu Package cpu implements processor feature detection used by the Go standard library.	Package cpu implements processor feature detection used by the Go standard library.
sha512/fork/noasm Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 hash algorithms as defined in FIPS 180-4.	Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 hash algorithms as defined in FIPS 180-4.