| 
									
										
										
										
											2020-11-27 11:13:54 +00:00
										 |  |  | // Copyright 2020 The go-ethereum Authors | 
					
						
							|  |  |  | // This file is part of the go-ethereum library. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // The go-ethereum library is free software: you can redistribute it and/or modify | 
					
						
							|  |  |  | // it under the terms of the GNU Lesser General Public License as published by | 
					
						
							|  |  |  | // the Free Software Foundation, either version 3 of the License, or | 
					
						
							|  |  |  | // (at your option) any later version. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // The go-ethereum library is distributed in the hope that it will be useful, | 
					
						
							|  |  |  | // but WITHOUT ANY WARRANTY; without even the implied warranty of | 
					
						
							|  |  |  | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 
					
						
							|  |  |  | // GNU Lesser General Public License for more details. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // You should have received a copy of the GNU Lesser General Public License | 
					
						
							|  |  |  | // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>. | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-25 18:46:29 +02:00
										 |  |  | //go:build gofuzz | 
					
						
							| 
									
										
										
										
											2020-11-27 11:13:54 +00:00
										 |  |  | // +build gofuzz | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | package signify | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							|  |  |  | 	"bufio" | 
					
						
							|  |  |  | 	"fmt" | 
					
						
							|  |  |  | 	"io/ioutil" | 
					
						
							|  |  |  | 	"log" | 
					
						
							|  |  |  | 	"os" | 
					
						
							|  |  |  | 	"os/exec" | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	fuzz "github.com/google/gofuzz" | 
					
						
							|  |  |  | 	"github.com/jedisct1/go-minisign" | 
					
						
							|  |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func Fuzz(data []byte) int { | 
					
						
							|  |  |  | 	if len(data) < 32 { | 
					
						
							|  |  |  | 		return -1 | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	tmpFile, err := ioutil.TempFile("", "") | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	defer os.Remove(tmpFile.Name()) | 
					
						
							|  |  |  | 	defer tmpFile.Close() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	testSecKey, testPubKey := createKeyPair() | 
					
						
							|  |  |  | 	// Create message | 
					
						
							|  |  |  | 	tmpFile.Write(data) | 
					
						
							|  |  |  | 	if err = tmpFile.Close(); err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	// Fuzz comments | 
					
						
							|  |  |  | 	var untrustedComment string | 
					
						
							|  |  |  | 	var trustedComment string | 
					
						
							|  |  |  | 	f := fuzz.NewFromGoFuzz(data) | 
					
						
							|  |  |  | 	f.Fuzz(&untrustedComment) | 
					
						
							|  |  |  | 	f.Fuzz(&trustedComment) | 
					
						
							|  |  |  | 	fmt.Printf("untrusted: %v\n", untrustedComment) | 
					
						
							|  |  |  | 	fmt.Printf("trusted: %v\n", trustedComment) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	err = SignifySignFile(tmpFile.Name(), tmpFile.Name()+".sig", testSecKey, untrustedComment, trustedComment) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	defer os.Remove(tmpFile.Name() + ".sig") | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	signify := "signify" | 
					
						
							|  |  |  | 	path := os.Getenv("SIGNIFY") | 
					
						
							|  |  |  | 	if path != "" { | 
					
						
							|  |  |  | 		signify = path | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	_, err := exec.LookPath(signify) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// Write the public key into the file to pass it as | 
					
						
							|  |  |  | 	// an argument to signify-openbsd | 
					
						
							|  |  |  | 	pubKeyFile, err := ioutil.TempFile("", "") | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	defer os.Remove(pubKeyFile.Name()) | 
					
						
							|  |  |  | 	defer pubKeyFile.Close() | 
					
						
							|  |  |  | 	pubKeyFile.WriteString("untrusted comment: signify public key\n") | 
					
						
							|  |  |  | 	pubKeyFile.WriteString(testPubKey) | 
					
						
							|  |  |  | 	pubKeyFile.WriteString("\n") | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	cmd := exec.Command(signify, "-V", "-p", pubKeyFile.Name(), "-x", tmpFile.Name()+".sig", "-m", tmpFile.Name()) | 
					
						
							|  |  |  | 	if output, err := cmd.CombinedOutput(); err != nil { | 
					
						
							|  |  |  | 		panic(fmt.Sprintf("could not verify the file: %v, output: \n%s", err, output)) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// Verify the signature using a golang library | 
					
						
							|  |  |  | 	sig, err := minisign.NewSignatureFromFile(tmpFile.Name() + ".sig") | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	pKey, err := minisign.NewPublicKey(testPubKey) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	valid, err := pKey.VerifyFromFile(tmpFile.Name(), sig) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !valid { | 
					
						
							|  |  |  | 		panic("invalid signature") | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return 1 | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func getKey(fileS string) (string, error) { | 
					
						
							|  |  |  | 	file, err := os.Open(fileS) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		log.Fatal(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	defer file.Close() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	scanner := bufio.NewScanner(file) | 
					
						
							|  |  |  | 	// Discard the first line | 
					
						
							|  |  |  | 	scanner.Scan() | 
					
						
							|  |  |  | 	scanner.Scan() | 
					
						
							|  |  |  | 	return scanner.Text(), scanner.Err() | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func createKeyPair() (string, string) { | 
					
						
							|  |  |  | 	// Create key and put it in correct format | 
					
						
							|  |  |  | 	tmpKey, err := ioutil.TempFile("", "") | 
					
						
							| 
									
										
										
										
											2021-01-06 12:06:44 +01:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-11-27 11:13:54 +00:00
										 |  |  | 	defer os.Remove(tmpKey.Name()) | 
					
						
							|  |  |  | 	defer os.Remove(tmpKey.Name() + ".pub") | 
					
						
							|  |  |  | 	defer os.Remove(tmpKey.Name() + ".sec") | 
					
						
							|  |  |  | 	cmd := exec.Command("signify", "-G", "-n", "-p", tmpKey.Name()+".pub", "-s", tmpKey.Name()+".sec") | 
					
						
							|  |  |  | 	if output, err := cmd.CombinedOutput(); err != nil { | 
					
						
							|  |  |  | 		panic(fmt.Sprintf("could not verify the file: %v, output: \n%s", err, output)) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	secKey, err := getKey(tmpKey.Name() + ".sec") | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	pubKey, err := getKey(tmpKey.Name() + ".pub") | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return secKey, pubKey | 
					
						
							|  |  |  | } |