123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151 |
- // Copyright 2020 The go-ethereum Authors
- // This file is part of the go-ethereum library.
- //
- // The go-ethereum library is free software: you can redistribute it and/or modify
- // it under the terms of the GNU Lesser General Public License as published by
- // the Free Software Foundation, either version 3 of the License, or
- // (at your option) any later version.
- //
- // The go-ethereum library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- // GNU Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public License
- // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
- // +build gofuzz
- package signify
- import (
- "bufio"
- "fmt"
- "io/ioutil"
- "log"
- "os"
- "os/exec"
- "runtime"
- fuzz "github.com/google/gofuzz"
- "github.com/jedisct1/go-minisign"
- )
- func Fuzz(data []byte) int {
- if len(data) < 32 {
- return -1
- }
- tmpFile, err := ioutil.TempFile("", "")
- if err != nil {
- panic(err)
- }
- defer os.Remove(tmpFile.Name())
- defer tmpFile.Close()
- testSecKey, testPubKey := createKeyPair()
- // Create message
- tmpFile.Write(data)
- if err = tmpFile.Close(); err != nil {
- panic(err)
- }
- // Fuzz comments
- var untrustedComment string
- var trustedComment string
- f := fuzz.NewFromGoFuzz(data)
- f.Fuzz(&untrustedComment)
- f.Fuzz(&trustedComment)
- fmt.Printf("untrusted: %v\n", untrustedComment)
- fmt.Printf("trusted: %v\n", trustedComment)
- err = SignifySignFile(tmpFile.Name(), tmpFile.Name()+".sig", testSecKey, untrustedComment, trustedComment)
- if err != nil {
- panic(err)
- }
- defer os.Remove(tmpFile.Name() + ".sig")
- signify := "signify"
- path := os.Getenv("SIGNIFY")
- if path != "" {
- signify = path
- }
- _, err := exec.LookPath(signify)
- if err != nil {
- panic(err)
- }
- // Write the public key into the file to pass it as
- // an argument to signify-openbsd
- pubKeyFile, err := ioutil.TempFile("", "")
- if err != nil {
- panic(err)
- }
- defer os.Remove(pubKeyFile.Name())
- defer pubKeyFile.Close()
- pubKeyFile.WriteString("untrusted comment: signify public key\n")
- pubKeyFile.WriteString(testPubKey)
- pubKeyFile.WriteString("\n")
- cmd := exec.Command(signify, "-V", "-p", pubKeyFile.Name(), "-x", tmpFile.Name()+".sig", "-m", tmpFile.Name())
- if output, err := cmd.CombinedOutput(); err != nil {
- panic(fmt.Sprintf("could not verify the file: %v, output: \n%s", err, output))
- }
- // Verify the signature using a golang library
- sig, err := minisign.NewSignatureFromFile(tmpFile.Name() + ".sig")
- if err != nil {
- panic(err)
- }
- pKey, err := minisign.NewPublicKey(testPubKey)
- if err != nil {
- panic(err)
- }
- valid, err := pKey.VerifyFromFile(tmpFile.Name(), sig)
- if err != nil {
- panic(err)
- }
- if !valid {
- panic("invalid signature")
- }
- return 1
- }
- func getKey(fileS string) (string, error) {
- file, err := os.Open(fileS)
- if err != nil {
- log.Fatal(err)
- }
- defer file.Close()
- scanner := bufio.NewScanner(file)
- // Discard the first line
- scanner.Scan()
- scanner.Scan()
- return scanner.Text(), scanner.Err()
- }
- func createKeyPair() (string, string) {
- // Create key and put it in correct format
- tmpKey, err := ioutil.TempFile("", "")
- if err != nil {
- panic(err)
- }
- defer os.Remove(tmpKey.Name())
- defer os.Remove(tmpKey.Name() + ".pub")
- defer os.Remove(tmpKey.Name() + ".sec")
- cmd := exec.Command("signify", "-G", "-n", "-p", tmpKey.Name()+".pub", "-s", tmpKey.Name()+".sec")
- if output, err := cmd.CombinedOutput(); err != nil {
- panic(fmt.Sprintf("could not verify the file: %v, output: \n%s", err, output))
- }
- secKey, err := getKey(tmpKey.Name() + ".sec")
- if err != nil {
- panic(err)
- }
- pubKey, err := getKey(tmpKey.Name() + ".pub")
- if err != nil {
- panic(err)
- }
- return secKey, pubKey
- }
|