Ludvig Michaelsson
4c7dd494c8
assert: support the thirdPartyPayment extension
2025-12-08 09:50:01 +01:00
pedro martelletto
e184ea8c97
fuzz: undef NDEBUG
...
like regress/, fuzz/ needs working assertions
2025-09-01 10:42:47 +02:00
Ludvig Michaelsson
bc02c1c5fd
fuzz: exercise fido_assert_authdata_raw_{ptr,len}
2023-06-21 17:23:15 +02:00
pedro martelletto
c889d230d0
fuzz: explicitly check cbor_serialize_alloc()
...
explicitly check for cbor_serialize_alloc() failure; doing so
prevents us from passing NULL to memcmpy() with len=0, which is
undefined behaviour.
2023-01-02 09:58:23 +01:00
pedro martelletto
8377adaad8
fuzz: specify SPDX-License-Identifier; #623
2022-08-02 11:24:18 +02:00
pedro martelletto
6887457045
fuzz: cover es384 api
2022-07-18 08:54:31 +02:00
pedro martelletto
8bd8a34ac8
fuzz: crank max corpus size from 4096 to 8192 bytes
...
some of our seed corpora are dangerously close to the limit, so bump
it to give the harnesses more room. discussed with Ludvig. while
here, use a define instead of hardcoding constants everywhere.
2022-05-05 11:13:27 +03:00
pedro martelletto
e8a2cebb13
fuzz: reintroduce msan instrumentation
...
it turns out it is still needed; we just didn't see the problem
due to a combination of factors. this commits reverts a72273.
2021-10-15 14:50:35 +02:00
pedro martelletto
2bd5c962a2
fuzz: implement a deterministic random clock
...
this is needed to make fuzzing deterministic again, and allows
us to explore a few interesting edge cases.
2021-10-12 09:37:58 +02:00
pedro martelletto
a72273fcda
fuzz: drop no longer needed msan instrumentation
2021-09-15 14:54:43 +02:00
pedro martelletto
c6af197529
fuzz: suppress clang-14 warnings; oss-fuzz#38494
2021-09-12 08:22:41 +02:00
pedro martelletto
bd2087e55e
fuzz: revert 1cb08f1c
...
revert 1cb08f1c
2021-08-17 10:19:15 +02:00
pedro martelletto
d4afd9f30d
es256: define es256_pk_from_EVP_PKEY
...
The EC_KEY C type has been deprecated in OpenSSL 3.0, with EVP_PKEY
as its successor. As such, define es256_pk_from_EVP_PKEY so that
applications can migrate from es256_pk_from_EC_KEY.
Discussed with Dmitry Belyavskiy (@beldmit).
2021-08-10 08:41:30 +02:00
pedro martelletto
23c4778171
rs256: define rs256_pk_from_EVP_PKEY
...
The RSA C type has been deprecated in OpenSSL 3.0, with EVP_PKEY as
its successor. As such, define rs256_pk_from_EVP_PKEY so that
applications can migrate from rs256_pk_from_RSA.
Discussed with Dmitry Belyavskiy (@beldmit).
2021-08-05 15:33:41 +02:00
pedro martelletto
7da8524385
fuzz: switch to consume_str() for strings
2021-07-10 13:10:08 +02:00
pedro martelletto
b85599f8fa
fuzz: sanitise header inclusions
...
- pull fido headers directly from ../src;
- trim unnecessary includes.
2021-03-19 12:06:15 +01:00
Ludvig Michaelsson
cd04644399
fuzz: add fuzzing of largeBlobKeys
2021-03-09 10:35:33 +01:00
Ludvig Michaelsson
d80d93f208
fuzz: add fuzzing of credBlobs
2021-03-09 10:35:33 +01:00
pedro martelletto
3053319ecd
fuzz: enter nfc_linux.c from fuzz_{assert,cred}
2020-12-26 07:58:49 +01:00
pedro martelletto
1cb08f1c3f
fuzz: check fido_(assert|cred)_verify(self)?
...
when fuzzing, ensure fido_assert_verify(), fido_cred_verify(), and
fido_cred_verify_self() always fail.
2020-08-09 08:15:38 +02:00
pedro martelletto
731b82e10d
fuzz_{assert,cred}: trigger reallocations
2020-07-31 17:57:54 +02:00
pedro martelletto
4b71a74c27
fuzz_assert: exercise u2f with up set to false
2020-07-31 17:45:33 +02:00
pedro martelletto
776c27ccac
fuzz: allow partial corpus mutation
...
split the corpus into 'seed', 'param', and 'wiredata' logical
components, and allow them to be mutated separately. keep the default
behaviour of mutating the three parts.
2020-07-12 06:45:06 +02:00
pedro martelletto
e6db47bb31
fuzz_assert: treat strlen(pin) == 0 as no pin
2020-07-05 17:35:03 +02:00
pedro martelletto
5c75d4cfff
fuzz: switch harnesses to libcbor
...
allows for a compact, inspectable corpus. while here, move
libfuzzer-specific code to a separate file.
2020-06-07 09:57:25 +02:00
