initial commit

Signed-off-by: Kamal Tufekcic <kamal@lo.sh>
2026-04-02 23:48:10 +03:00 · 2026-04-02 23:48:10 +03:00 · 1d99048c95
commit 1d99048c95
165830 changed files with 79062 additions and 0 deletions
--- a/soliton/fuzz/fuzz_targets/fuzz_dm_queue_decrypt_blob.rs
+++ b/soliton/fuzz/fuzz_targets/fuzz_dm_queue_decrypt_blob.rs
@ -0,0 +1,26 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+use soliton::storage::{decrypt_dm_queue_blob, StorageKey, StorageKeyRing};
+
+// Distinct keys per version — catches version-routing bugs that identical keys would hide.
+const FUZZ_KEY_V1: [u8; 32] = [0x42; 32];
+const FUZZ_KEY_V2: [u8; 32] = [0x43; 32];
+const FUZZ_KEY_V3: [u8; 32] = [0x44; 32];
+
+fuzz_target!(|data: &[u8]| {
+    // Build a keyring with versions 1-3 so version routing is exercised.
+    let key1 = StorageKey::new(1, FUZZ_KEY_V1).unwrap();
+    let key2 = StorageKey::new(2, FUZZ_KEY_V2).unwrap();
+    let key3 = StorageKey::new(3, FUZZ_KEY_V3).unwrap();
+    let mut ring = StorageKeyRing::new(key1).unwrap();
+    let _ = ring.add_key(key2, false);
+    let _ = ring.add_key(key3, false);
+
+    let recipient_fp: [u8; 32] = [0xAA; 32];
+
+    // decrypt_dm_queue_blob must never panic regardless of input.
+    // Exercises: DM queue AAD construction (build_dm_queue_aad binds
+    // recipient_fp + batch_id), version routing, flag validation,
+    // decompression, length checks, AEAD decryption.
+    let _ = decrypt_dm_queue_blob(&ring, data, &recipient_fp, "fuzz-batch");
+});