From 55642519202158866a46ad2b2408a874fcc0cd4c Mon Sep 17 00:00:00 2001 From: Christian Reitter Date: Sat, 13 Nov 2021 14:25:32 +0100 Subject: [PATCH] feat(crypto): improve fuzzer secp256k1-zkp integration, add build workaround and sanitizer optimization, minor renaming --- crypto/Makefile | 7 +++++++ crypto/fuzzer/README.md | 2 ++ crypto/fuzzer/fuzzer.c | 18 +++++++++--------- crypto/fuzzer/sanitizer_ignorelist.txt | 21 +++++++++++++++++++++ 4 files changed, 39 insertions(+), 9 deletions(-) create mode 100644 crypto/fuzzer/sanitizer_ignorelist.txt diff --git a/crypto/Makefile b/crypto/Makefile index 9fbb9f63a..e9fc3867e 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -2,6 +2,13 @@ ifeq ($(FUZZER),1) CC ?= clang LD ?= $(CC) SANFLAGS += -fsanitize=fuzzer +CFLAGS += -fsanitize-ignorelist=fuzzer/sanitizer_ignorelist.txt + +# this works around clang optimization issues in relation with -fsanitize=undefined +# TODO is there a better solution, for example by disabling a specific optimization technique? +blake2b.o: OPTFLAGS += -O0 +blake2s.o: OPTFLAGS += -O0 + else ifeq ($(ADDRESS_SANITIZER),1) SANFLAGS += -fsanitize=address,undefined endif diff --git a/crypto/fuzzer/README.md b/crypto/fuzzer/README.md index a0dd358cf..217aeee24 100644 --- a/crypto/fuzzer/README.md +++ b/crypto/fuzzer/README.md @@ -30,6 +30,8 @@ Examples: * `OPTFLAGS="-O0 -ggdb3"` * `OPTFLAGS="-O3 -march=native"` +To be determined: use of `-fsanitize-ignorelist` to reduce sanitizer overhead on hot functions + ### Other Flags To be determined: diff --git a/crypto/fuzzer/fuzzer.c b/crypto/fuzzer/fuzzer.c index c79a1af64..3b205fdc8 100644 --- a/crypto/fuzzer/fuzzer.c +++ b/crypto/fuzzer/fuzzer.c @@ -381,19 +381,19 @@ int fuzz_nem_validate_address(void) { } int fuzz_nem_get_address(void) { - unsigned char ed25519_public_key[32] = {0}; + unsigned char ed25519_public_key_fuzz[32] = {0}; uint32_t network = 0; - if (fuzzer_length != (sizeof(ed25519_public_key) + sizeof(network))) { + if (fuzzer_length != (sizeof(ed25519_public_key_fuzz) + sizeof(network))) { return 0; } char address[NEM_ADDRESS_SIZE + 1] = {0}; - memcpy(ed25519_public_key, fuzzer_input(32), 32); + memcpy(ed25519_public_key_fuzz, fuzzer_input(32), 32); memcpy(&network, fuzzer_input(4), 4); - nem_get_address(ed25519_public_key, network, address); + nem_get_address(ed25519_public_key_fuzz, network, address); #if defined(__has_feature) #if __has_feature(memory_sanitizer) @@ -616,15 +616,15 @@ int fuzz_slip39_word_completion_mask(void) { } int fuzz_mnemonic_to_bits(void) { - // length chosen somewhat arbitrarily -#define MAX_MNEMONIC_LENGTH 256 + // regular MAX_MNEMONIC_LEN is 240, try some extra bytes +#define MAX_MNEMONIC_FUZZ_LENGTH 256 - if (fuzzer_length < MAX_MNEMONIC_LENGTH) { + if (fuzzer_length < MAX_MNEMONIC_FUZZ_LENGTH) { return 0; } - char mnemonic[MAX_MNEMONIC_LENGTH + 1] = {0}; - memcpy(&mnemonic, fuzzer_ptr, MAX_MNEMONIC_LENGTH); + char mnemonic[MAX_MNEMONIC_FUZZ_LENGTH + 1] = {0}; + memcpy(&mnemonic, fuzzer_ptr, MAX_MNEMONIC_FUZZ_LENGTH); uint8_t mnemonic_bits[32 + 1] = {0}; mnemonic_to_bits((const char *)&mnemonic, mnemonic_bits); diff --git a/crypto/fuzzer/sanitizer_ignorelist.txt b/crypto/fuzzer/sanitizer_ignorelist.txt new file mode 100644 index 000000000..b0ba86a04 --- /dev/null +++ b/crypto/fuzzer/sanitizer_ignorelist.txt @@ -0,0 +1,21 @@ +# ignore bignum math operations and other hot crypto primitives + +fun:*sha256_Update* +fun:*sha256_Raw* +fun:*sha256_Transform* +fun:*sha512_Transform* +fun:*pbkdf2_hmac_sha512_Update* +fun:*pbkdf2_* +fun:*hmac_* +fun:*sha256_* +# TODO this is very broad +fun:*bn_* +fun:*bn_inverse* +fun:*bn_multiply* +fun:*bn_multiply_long* +fun:*bn_multiply_reduce_step* +fun:*bn_multiply_step* +fun:*curve25519_mul* +fun:*point_multiply* +fun:*point_jacobian_add* +fun:*scalar_multiply*