1#include <stdint.h>
2#include <stdlib.h>
3#include <string.h>
4#include "mbedtls/pk.h"
5#include "mbedtls/entropy.h"
6#include "mbedtls/ctr_drbg.h"
7#include "common.h"
8
9//4 Kb should be enough for every bug ;-)
10#define MAX_LEN 0x1000
11
12#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C)
13const char *pers = "fuzz_privkey";
14#endif // MBEDTLS_PK_PARSE_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C
15
16int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
17{
18#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C)
19    int ret;
20    mbedtls_pk_context pk;
21    mbedtls_ctr_drbg_context ctr_drbg;
22    mbedtls_entropy_context entropy;
23
24    if (Size > MAX_LEN) {
25        //only work on small inputs
26        Size = MAX_LEN;
27    }
28
29    mbedtls_ctr_drbg_init(&ctr_drbg);
30    mbedtls_entropy_init(&entropy);
31    mbedtls_pk_init(&pk);
32
33#if defined(MBEDTLS_USE_PSA_CRYPTO)
34    psa_status_t status = psa_crypto_init();
35    if (status != PSA_SUCCESS) {
36        goto exit;
37    }
38#endif /* MBEDTLS_USE_PSA_CRYPTO */
39
40    if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy,
41                              (const unsigned char *) pers, strlen(pers)) != 0) {
42        goto exit;
43    }
44
45    ret = mbedtls_pk_parse_key(&pk, Data, Size, NULL, 0,
46                               dummy_random, &ctr_drbg);
47    if (ret == 0) {
48#if defined(MBEDTLS_RSA_C)
49        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
50            mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
51            mbedtls_rsa_context *rsa;
52
53            mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
54            mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
55            mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
56
57            rsa = mbedtls_pk_rsa(pk);
58            if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != 0) {
59                abort();
60            }
61            if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != 0) {
62                abort();
63            }
64
65            mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
66            mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
67            mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
68        } else
69#endif
70#if defined(MBEDTLS_ECP_C)
71        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY ||
72            mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) {
73            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
74            mbedtls_ecp_group_id grp_id = mbedtls_ecp_keypair_get_group_id(ecp);
75            const mbedtls_ecp_curve_info *curve_info =
76                mbedtls_ecp_curve_info_from_grp_id(grp_id);
77
78            /* If the curve is not supported, the key should not have been
79             * accepted. */
80            if (curve_info == NULL) {
81                abort();
82            }
83        } else
84#endif
85        {
86            /* The key is valid but is not of a supported type.
87             * This should not happen. */
88            abort();
89        }
90    }
91exit:
92    mbedtls_entropy_free(&entropy);
93    mbedtls_ctr_drbg_free(&ctr_drbg);
94    mbedtls_pk_free(&pk);
95#if defined(MBEDTLS_USE_PSA_CRYPTO)
96    mbedtls_psa_crypto_free();
97#endif /* MBEDTLS_USE_PSA_CRYPTO */
98#else
99    (void) Data;
100    (void) Size;
101#endif // MBEDTLS_PK_PARSE_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C
102
103    return 0;
104}
105