diff options
author | Guido Vranken <guidovranken@users.noreply.github.com> | 2020-10-28 07:17:32 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-27 23:17:32 -0700 |
commit | 250926a9a44b7a7315e416a872faa4d385d58b26 (patch) | |
tree | 4eded31469bbf2f765745c2bd0dad779e4fe2756 /projects/cryptofuzz | |
parent | 2b9e9e7bd0bed97c17fbcfe46b74836859b3fd2b (diff) | |
download | oss-fuzz-250926a9a44b7a7315e416a872faa4d385d58b26.tar.gz |
[cryptofuzz] Multiple updates (#4567)
* [wolfCrypt] Enable more wolfCrypt features
* [cryptofuzz] Add Monocypher
* [cryptofuzz] Update Boost to v1.74
* [cryptofuzz] Improve Botan build time
* [cryptofuzz] Improve Crypto++ build time
* [cryptofuzz] wolfCrypt: Add build option required for ECDSA signing
* [cryptofuzz] Reference Nettle's libhogweed.a
This is required for Nettle ECC operations.
* [cryptofuzz] wolfCrypt: Enable XCHACHA
Diffstat (limited to 'projects/cryptofuzz')
-rw-r--r-- | projects/cryptofuzz/Dockerfile | 4 | ||||
-rwxr-xr-x | projects/cryptofuzz/build.sh | 32 |
2 files changed, 30 insertions, 6 deletions
diff --git a/projects/cryptofuzz/Dockerfile b/projects/cryptofuzz/Dockerfile index 2ffe8329f..94b03c2cf 100644 --- a/projects/cryptofuzz/Dockerfile +++ b/projects/cryptofuzz/Dockerfile @@ -21,7 +21,7 @@ RUN apt-get update && \ wget -O - https://apt.kitware.com/keys/kitware-archive-latest.asc 2>/dev/null | apt-key add - && \ apt-add-repository 'deb https://apt.kitware.com/ubuntu/ xenial main' && \ apt-get update && \ - apt-get install -y software-properties-common python-software-properties make autoconf automake libtool build-essential cmake libboost-all-dev mercurial gyp ninja-build zlib1g-dev libsqlite3-dev bison flex texinfo + apt-get install -y software-properties-common python-software-properties make autoconf automake libtool build-essential cmake mercurial gyp ninja-build zlib1g-dev libsqlite3-dev bison flex texinfo # BoringSSL needs Go to build RUN add-apt-repository -y ppa:gophers/archive && apt-get update && apt-get install -y golang-1.9-go @@ -55,7 +55,9 @@ RUN git clone --depth 1 https://github.com/indutny/bn.js.git RUN git clone --depth 1 https://github.com/MikeMcl/bignumber.js.git RUN git clone --depth 1 https://github.com/guidovranken/libfuzzer-js.git RUN git clone --depth 1 https://github.com/brix/crypto-js.git +RUN git clone --depth 1 https://github.com/LoupVaillant/Monocypher.git RUN apt-get remove -y libunwind8 RUN apt-get install -y libssl-dev +RUN wget https://dl.bintray.com/boostorg/release/1.74.0/source/boost_1_74_0.tar.bz2 COPY build.sh xxd.c $SRC/ diff --git a/projects/cryptofuzz/build.sh b/projects/cryptofuzz/build.sh index 878bdd960..90134bde2 100755 --- a/projects/cryptofuzz/build.sh +++ b/projects/cryptofuzz/build.sh @@ -21,6 +21,14 @@ # Compile xxd $CC $SRC/xxd.c -o /usr/bin/xxd +# Install Boost headers +cd $SRC/ +tar jxf boost_1_74_0.tar.bz2 +cd boost_1_74_0/ +CFLAGS="" CXXFLAGS="" ./bootstrap.sh +CFLAGS="" CXXFLAGS="" ./b2 headers +cp -R boost/ /usr/include/ + export LINK_FLAGS="" export INCLUDE_PATH_FLAGS="" @@ -109,6 +117,16 @@ then make -B fi +# Compile Monocypher +cd $SRC/Monocypher/ +make CC="$CC" CFLAGS="$CFLAGS" +export LIBMONOCYPHER_A_PATH=$(realpath lib/libmonocypher.a) +export MONOCYPHER_INCLUDE_PATH=$(realpath src/) +export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MONOCYPHER" + +# Compile Cryptofuzz monocypher module +cd $SRC/cryptofuzz/modules/monocypher +make -B # Compile libtomcrypt cd $SRC/libtomcrypt @@ -161,8 +179,10 @@ make install if [[ $CFLAGS != *-m32* ]] then export LIBNETTLE_A_PATH=`realpath ../nettle-install/lib/libnettle.a` +export LIBHOGWEED_A_PATH=`realpath ../nettle-install/lib/libhogweed.a` else export LIBNETTLE_A_PATH=`realpath ../nettle-install/lib32/libnettle.a` +export LIBHOGWEED_A_PATH=`realpath ../nettle-install/lib32/libhogweed.a` fi export NETTLE_INCLUDE_PATH=`realpath ../nettle-install/include` export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NETTLE" @@ -223,9 +243,9 @@ export CRYPTOFUZZ_REFERENCE_CITY_O_PATH="$SRC/cityhash/src/city.o" cd $SRC/cryptopp if [[ $CFLAGS != *sanitize=memory* ]] then - make -j$(nproc) >/dev/null 2>&1 + make libcryptopp.a -j$(nproc) >/dev/null 2>&1 else - CXXFLAGS="$CXXFLAGS -DCRYPTOPP_DISABLE_ASM=1" make -j$(nproc) >/dev/null 2>&1 + CXXFLAGS="$CXXFLAGS -DCRYPTOPP_DISABLE_ASM=1" make libcryptopp.a -j$(nproc) >/dev/null 2>&1 fi export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_CRYPTOPP" @@ -267,9 +287,9 @@ make -B cd $SRC/botan if [[ $CFLAGS != *-m32* ]] then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator + ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator + ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation fi make -j$(nproc) @@ -418,9 +438,11 @@ fi ############################################################################## # Compile wolfCrypt cd $SRC/wolfssl +# Enable additional wolfCrypt features which cannot be activated through arguments to ./configure +export CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K" autoreconf -ivf -export WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-rabbit --enable-aesccm --enable-aesctr --enable-hc128 --enable-xts --enable-des3 --enable-idea --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-shake256 --enable-curve25519 --enable-curve448 --disable-crypttests --disable-examples --enable-keygen --enable-compkey --enable-ed448 --enable-ed25519" +export WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-rabbit --enable-aesccm --enable-aesctr --enable-hc128 --enable-xts --enable-des3 --enable-idea --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-shake256 --enable-curve25519 --enable-curve448 --disable-crypttests --disable-examples --enable-keygen --enable-compkey --enable-ed448 --enable-ed25519 --enable-ecccustcurves --enable-xchacha" if [[ $CFLAGS = *sanitize=memory* ]] then |