[wolfssl] Several improvements (#6025)

* [wolfssl] Several improvements - Build additional target (normal math) - More cross-pollination (import from Botan and other wolfSSL corpora) * [wolfssl] Fix normal math 32 bit build
author: Guido Vranken <guidovranken@users.noreply.github.com> 2021-07-12 10:49:14 +0200
committer: GitHub <noreply@github.com> 2021-07-12 09:49:14 +0100
commit: fca42e9bfddcbce0210536c57d3c4f62a4f423a6 (patch)
tree: d0a5935d9117bec2c685476014f60b8d2db20bb2 /projects/wolfssl
parent: 6ae7009e003127afa9e49c90fd65b49fab18218f (diff)
download: oss-fuzz-fca42e9bfddcbce0210536c57d3c4f62a4f423a6.tar.gz
2 files changed, 72 insertions, 0 deletions
diff --git a/projects/wolfssl/Dockerfile b/projects/wolfssl/Dockerfile
index 5b8f90c99..83cbdf460 100644
--- a/projects/wolfssl/Dockerfile
+++ b/projects/wolfssl/Dockerfile
@@ -36,6 +36,16 @@ RUN gsutil cp gs://nettle-backup.clusterfuzz-external.appspot.com/corpus/libFuzz
 RUN gsutil cp gs://libecc-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/libecc_cryptofuzz-libecc/public.zip $SRC/corpus_libecc.zip
 RUN gsutil cp gs://relic-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/relic_cryptofuzz-relic/public.zip $SRC/corpus_relic.zip
 RUN gsutil cp gs://cryptofuzz-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/cryptofuzz_cryptofuzz-openssl/public.zip $SRC/corpus_cryptofuzz.zip
+RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math-all/public.zip $SRC/corpus_wolfssl_sp-math-all.zip
+RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math-all-8bit/public.zip $SRC/corpus_wolfssl_sp-math-all-8bit.zip
+RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math/public.zip $SRC/corpus_wolfssl_sp-math.zip
+RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-disable-fastmath/public.zip $SRC/corpus_wolfssl_disable-fastmath.zip
+
+# Botan corpora, which require a special import procedure
+RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p256/public.zip $SRC/corpus_botan_ecc_p256.zip
+RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p384/public.zip $SRC/corpus_botan_ecc_p384.zip
+RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p521/public.zip $SRC/corpus_botan_ecc_p521.zip
+RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_bp256/public.zip $SRC/corpus_botan_ecc_bp256.zip
 
 WORKDIR wolfssl
 
diff --git a/projects/wolfssl/build.sh b/projects/wolfssl/build.sh
index a1dbd65cb..7d3d7f003 100755
--- a/projects/wolfssl/build.sh
+++ b/projects/wolfssl/build.sh
@@ -107,6 +107,38 @@ then
     export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a"
     export BOTAN_INCLUDE_PATH="$SRC/botan/build/include"
 
+    # Build normal math fuzzer
+    cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-normal-math/
+    cp -R $SRC/wolfssl/ $SRC/wolfssl-normal-math/
+    cd $SRC/wolfssl-normal-math/
+    autoreconf -ivf
+    CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP"
+    if [[ $CFLAGS != *-m32* ]]
+    then
+        ./configure $WOLFCRYPT_CONFIGURE_PARAMS
+    else
+        # Compiling instrumented 32 bit normal math with asm is currently
+        # not possible because it results in Clang error messages such as:
+        #
+        # wolfcrypt/src/tfm.c:3154:11: error: inline assembly requires more registers than available
+        ./configure $WOLFCRYPT_CONFIGURE_PARAMS --disable-asm
+    fi
+    make -j$(nproc)
+    export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT -DCRYPTOFUZZ_BOTAN"
+    export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-normal-math/src/.libs/libwolfssl.a"
+    export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-normal-math/"
+    cd $SRC/cryptofuzz-normal-math/modules/wolfcrypt
+    make -j$(nproc)
+    cd $SRC/cryptofuzz-normal-math/modules/botan
+    make -j$(nproc)
+    cd $SRC/cryptofuzz-normal-math/
+    LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc)
+    cp cryptofuzz $OUT/cryptofuzz-normal-math
+    CFLAGS="$OLD_CFLAGS"
+    CXXFLAGS="$OLD_CXXFLAGS"
+    unset WOLFCRYPT_LIBWOLFSSL_A_PATH
+    unset WOLFCRYPT_INCLUDE_PATH
+
     # Build sp-math-all fuzzer
     cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-sp-math-all/
     cp -R $SRC/wolfssl/ $SRC/wolfssl-sp-math-all/
@@ -213,17 +245,47 @@ then
     unzip -n $SRC/corpus_libecc.zip -d $SRC/cryptofuzz_seed_corpus/
     unzip -n $SRC/corpus_relic.zip -d $SRC/cryptofuzz_seed_corpus/
     unzip -n $SRC/corpus_cryptofuzz.zip -d $SRC/cryptofuzz_seed_corpus/
+    unzip -n $SRC/corpus_wolfssl_sp-math-all.zip -d $SRC/cryptofuzz_seed_corpus/
+    unzip -n $SRC/corpus_wolfssl_sp-math-all-8bit.zip -d $SRC/cryptofuzz_seed_corpus/
+    unzip -n $SRC/corpus_wolfssl_sp-math.zip -d $SRC/cryptofuzz_seed_corpus/
+    unzip -n $SRC/corpus_wolfssl_disable-fastmath.zip -d $SRC/cryptofuzz_seed_corpus/
+
+    # Import Botan corpora
+    mkdir $SRC/botan-p256-corpus/
+    unzip $SRC/corpus_botan_ecc_p256.zip -d $SRC/botan-p256-corpus/
+    find $SRC/botan-p256-corpus/ -type f -exec $SRC/cryptofuzz-disable-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp256r1 \;
+
+    mkdir $SRC/botan-p384-corpus/
+    unzip $SRC/corpus_botan_ecc_p384.zip -d $SRC/botan-p384-corpus/
+    find $SRC/botan-p384-corpus/ -type f -exec $SRC/cryptofuzz-disable-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp384r1 \;
+
+    mkdir $SRC/botan-p521-corpus/
+    unzip $SRC/corpus_botan_ecc_p521.zip -d $SRC/botan-p521-corpus/
+    find $SRC/botan-p521-corpus/ -type f -exec $SRC/cryptofuzz-disable-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp521r1 \;
+
+    mkdir $SRC/botan-bp256-corpus/
+    unzip $SRC/corpus_botan_ecc_bp256.zip -d $SRC/botan-bp256-corpus/
+    find $SRC/botan-bp256-corpus/ -type f -exec $SRC/cryptofuzz-disable-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,brainpool256r1 \;
 
     # Pack it
     cd $SRC/cryptofuzz_seed_corpus
     zip -r $SRC/cryptofuzz_seed_corpus.zip .
 
     # Use it as the seed corpus for each Cryptofuzz-based fuzzer
+    cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-normal-math_seed_corpus.zip
     cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math-all_seed_corpus.zip
     cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math-all-8bit_seed_corpus.zip
     cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math_seed_corpus.zip
     cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-disable-fastmath_seed_corpus.zip
 
+    # Remove files that are no longer needed to prevent running out of disk space
+    rm -rf $SRC/botan-p256-corpus/
+    rm -rf $SRC/botan-p384-corpus/
+    rm -rf $SRC/botan-p521-corpus/
+    rm -rf $SRC/botan-bp256-corpus/
+    rm -rf $SRC/cryptofuzz_seed_corpus/
+    rm -rf $SRC/cryptofuzz_seed_corpus.zip
+
     # Build SSL/SSH fuzzers
     NEW_SRC=$SRC/wolf-ssl-ssh-fuzzers/oss-fuzz/projects/wolf-ssl-ssh/
     cp -R $SRC/wolfssl/ $NEW_SRC
author	Guido Vranken <guidovranken@users.noreply.github.com>	2021-07-12 10:49:14 +0200
committer	GitHub <noreply@github.com>	2021-07-12 09:49:14 +0100
commit	fca42e9bfddcbce0210536c57d3c4f62a4f423a6 (patch)
tree	d0a5935d9117bec2c685476014f60b8d2db20bb2 /projects/wolfssl
parent	6ae7009e003127afa9e49c90fd65b49fab18218f (diff)
download	oss-fuzz-fca42e9bfddcbce0210536c57d3c4f62a4f423a6.tar.gz