arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-29 08:40:57 +00:00
Code Issues Releases Wiki Activity

feat(crypto): improve fuzzer secp256k1-zkp integration, add build workaround and sanitizer optimization, minor renaming

Browse Source
This commit is contained in:
Christian Reitter 2021-11-13 14:25:32 +01:00 committed by Andrew Kozlik
parent aee864c7ee
commit 5564251920
4 changed files with 39 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
crypto/Makefile
View File

@ -2,6 +2,13 @@ ifeq ($(FUZZER),1)
CC ?= clang CC ?= clang
LD ?= $(CC) LD ?= $(CC)
SANFLAGS += -fsanitize=fuzzer SANFLAGS += -fsanitize=fuzzer
CFLAGS += -fsanitize-ignorelist=fuzzer/sanitizer_ignorelist.txt
# this works around clang optimization issues in relation with -fsanitize=undefined
# TODO is there a better solution, for example by disabling a specific optimization technique?
blake2b.o: OPTFLAGS += -O0
blake2s.o: OPTFLAGS += -O0
else ifeq ($(ADDRESS_SANITIZER),1) else ifeq ($(ADDRESS_SANITIZER),1)
SANFLAGS += -fsanitize=address,undefined SANFLAGS += -fsanitize=address,undefined
endif endif

2
crypto/fuzzer/README.md
View File

@ -30,6 +30,8 @@ Examples:
* `OPTFLAGS="-O0 -ggdb3"` * `OPTFLAGS="-O0 -ggdb3"`
* `OPTFLAGS="-O3 -march=native"` * `OPTFLAGS="-O3 -march=native"`
To be determined: use of `-fsanitize-ignorelist` to reduce sanitizer overhead on hot functions
### Other Flags ### Other Flags
To be determined: To be determined:

18
crypto/fuzzer/fuzzer.c
View File

@ -381,19 +381,19 @@ int fuzz_nem_validate_address(void) {
} }
int fuzz_nem_get_address(void) { int fuzz_nem_get_address(void) {
unsigned char ed25519_public_key[32] = {0}; unsigned char ed25519_public_key_fuzz[32] = {0};
uint32_t network = 0; uint32_t network = 0;
if (fuzzer_length != (sizeof(ed25519_public_key) + sizeof(network))) { if (fuzzer_length != (sizeof(ed25519_public_key_fuzz) + sizeof(network))) {
return 0; return 0;
} }
char address[NEM_ADDRESS_SIZE + 1] = {0}; char address[NEM_ADDRESS_SIZE + 1] = {0};
memcpy(ed25519_public_key, fuzzer_input(32), 32); memcpy(ed25519_public_key_fuzz, fuzzer_input(32), 32);
memcpy(&network, fuzzer_input(4), 4); memcpy(&network, fuzzer_input(4), 4);
nem_get_address(ed25519_public_key, network, address); nem_get_address(ed25519_public_key_fuzz, network, address);
#if defined(__has_feature) #if defined(__has_feature)
#if __has_feature(memory_sanitizer) #if __has_feature(memory_sanitizer)
@ -616,15 +616,15 @@ int fuzz_slip39_word_completion_mask(void) {
} }
int fuzz_mnemonic_to_bits(void) { int fuzz_mnemonic_to_bits(void) {
// length chosen somewhat arbitrarily // regular MAX_MNEMONIC_LEN is 240, try some extra bytes
#define MAX_MNEMONIC_LENGTH 256 #define MAX_MNEMONIC_FUZZ_LENGTH 256
if (fuzzer_length < MAX_MNEMONIC_LENGTH) { if (fuzzer_length < MAX_MNEMONIC_FUZZ_LENGTH) {
return 0; return 0;
} }
char mnemonic[MAX_MNEMONIC_LENGTH + 1] = {0}; char mnemonic[MAX_MNEMONIC_FUZZ_LENGTH + 1] = {0};
memcpy(&mnemonic, fuzzer_ptr, MAX_MNEMONIC_LENGTH); memcpy(&mnemonic, fuzzer_ptr, MAX_MNEMONIC_FUZZ_LENGTH);
uint8_t mnemonic_bits[32 + 1] = {0}; uint8_t mnemonic_bits[32 + 1] = {0};
mnemonic_to_bits((const char *)&mnemonic, mnemonic_bits); mnemonic_to_bits((const char *)&mnemonic, mnemonic_bits);

21
crypto/fuzzer/sanitizer_ignorelist.txt Normal file
View File

@ -0,0 +1,21 @@
# ignore bignum math operations and other hot crypto primitives
fun:*sha256_Update*
fun:*sha256_Raw*
fun:*sha256_Transform*
fun:*sha512_Transform*
fun:*pbkdf2_hmac_sha512_Update*
fun:*pbkdf2_*
fun:*hmac_*
fun:*sha256_*
# TODO this is very broad
fun:*bn_*
fun:*bn_inverse*
fun:*bn_multiply*
fun:*bn_multiply_long*
fun:*bn_multiply_reduce_step*
fun:*bn_multiply_step*
fun:*curve25519_mul*
fun:*point_multiply*
fun:*point_jacobian_add*
fun:*scalar_multiply*