1d99048c95
Some checks failed
CI / lint (push) Successful in 1m37s
CI / test-python (push) Successful in 1m49s
CI / test-zig (push) Successful in 1m39s
CI / test-wasm (push) Successful in 1m54s
CI / test (push) Successful in 14m44s
CI / miri (push) Successful in 14m18s
CI / build (push) Successful in 1m9s
CI / fuzz-regression (push) Successful in 9m9s
CI / publish (push) Failing after 1m10s
CI / publish-python (push) Failing after 1m46s
CI / publish-wasm (push) Has been cancelled
Signed-off-by: Kamal Tufekcic <kamal@lo.sh>
26 lines
1.1 KiB
Rust
26 lines
1.1 KiB
Rust
#![no_main]
|
|
use libfuzzer_sys::fuzz_target;
|
|
use soliton::storage::{decrypt_dm_queue_blob, StorageKey, StorageKeyRing};
|
|
|
|
// Distinct keys per version — catches version-routing bugs that identical keys would hide.
|
|
const FUZZ_KEY_V1: [u8; 32] = [0x42; 32];
|
|
const FUZZ_KEY_V2: [u8; 32] = [0x43; 32];
|
|
const FUZZ_KEY_V3: [u8; 32] = [0x44; 32];
|
|
|
|
fuzz_target!(|data: &[u8]| {
|
|
// Build a keyring with versions 1-3 so version routing is exercised.
|
|
let key1 = StorageKey::new(1, FUZZ_KEY_V1).unwrap();
|
|
let key2 = StorageKey::new(2, FUZZ_KEY_V2).unwrap();
|
|
let key3 = StorageKey::new(3, FUZZ_KEY_V3).unwrap();
|
|
let mut ring = StorageKeyRing::new(key1).unwrap();
|
|
let _ = ring.add_key(key2, false);
|
|
let _ = ring.add_key(key3, false);
|
|
|
|
let recipient_fp: [u8; 32] = [0xAA; 32];
|
|
|
|
// decrypt_dm_queue_blob must never panic regardless of input.
|
|
// Exercises: DM queue AAD construction (build_dm_queue_aad binds
|
|
// recipient_fp + batch_id), version routing, flag validation,
|
|
// decompression, length checks, AEAD decryption.
|
|
let _ = decrypt_dm_queue_blob(&ring, data, &recipient_fp, "fuzz-batch");
|
|
});
|