summaryrefslogtreecommitdiffstats
path: root/src/fuzzing
diff options
context:
space:
mode:
Diffstat (limited to 'src/fuzzing')
-rw-r--r--src/fuzzing/CMakeLists.txt145
-rw-r--r--src/fuzzing/dump.c54
-rw-r--r--src/fuzzing/keyimport.c97
-rw-r--r--src/fuzzing/keyring.c52
-rw-r--r--src/fuzzing/keyring_g10.cpp51
-rw-r--r--src/fuzzing/keyring_kbx.c50
-rw-r--r--src/fuzzing/sigimport.c51
-rw-r--r--src/fuzzing/verify.c58
-rw-r--r--src/fuzzing/verify_detached.c59
9 files changed, 617 insertions, 0 deletions
diff --git a/src/fuzzing/CMakeLists.txt b/src/fuzzing/CMakeLists.txt
new file mode 100644
index 0000000..c177035
--- /dev/null
+++ b/src/fuzzing/CMakeLists.txt
@@ -0,0 +1,145 @@
+# Copyright (c) 2020 Ribose Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+
+if(NOT DEFINED ENV{LIB_FUZZING_ENGINE})
+ add_compile_options(-fsanitize=fuzzer-no-link)
+ add_link_options(-fsanitize=fuzzer)
+else()
+ # This section is used by OSS-Fuzz
+ add_link_options($ENV{LIB_FUZZING_ENGINE})
+ if($ENV{FUZZING_ENGINE} STREQUAL "afl")
+ link_libraries(-stdlib=libc++)
+ endif()
+endif()
+
+add_executable(fuzz_dump dump.c)
+
+target_include_directories(fuzz_dump
+ PRIVATE
+ "${PROJECT_SOURCE_DIR}/src"
+ "${PROJECT_SOURCE_DIR}/src/lib"
+)
+
+target_link_libraries(fuzz_dump
+ PRIVATE
+ librnp
+)
+
+add_executable(fuzz_keyring keyring.c)
+
+target_include_directories(fuzz_keyring
+ PRIVATE
+ "${PROJECT_SOURCE_DIR}/src"
+ "${PROJECT_SOURCE_DIR}/src/lib"
+)
+
+target_link_libraries(fuzz_keyring
+ PRIVATE
+ librnp
+)
+
+add_executable(fuzz_keyimport keyimport.c)
+
+target_include_directories(fuzz_keyimport
+ PRIVATE
+ "${PROJECT_SOURCE_DIR}/src"
+ "${PROJECT_SOURCE_DIR}/src/lib"
+)
+
+target_link_libraries(fuzz_keyimport
+ PRIVATE
+ librnp
+)
+
+add_executable(fuzz_sigimport sigimport.c)
+
+target_include_directories(fuzz_sigimport
+ PRIVATE
+ "${PROJECT_SOURCE_DIR}/src"
+ "${PROJECT_SOURCE_DIR}/src/lib"
+)
+
+target_link_libraries(fuzz_sigimport
+ PRIVATE
+ librnp
+)
+
+add_executable(fuzz_verify verify.c)
+
+target_include_directories(fuzz_verify
+ PRIVATE
+ "${PROJECT_SOURCE_DIR}/src"
+ "${PROJECT_SOURCE_DIR}/src/lib"
+)
+
+target_link_libraries(fuzz_verify
+ PRIVATE
+ librnp
+)
+
+add_executable(fuzz_verify_detached verify_detached.c)
+
+target_include_directories(fuzz_verify_detached
+ PRIVATE
+ "${PROJECT_SOURCE_DIR}/src"
+ "${PROJECT_SOURCE_DIR}/src/lib"
+)
+
+target_link_libraries(fuzz_verify_detached
+ PRIVATE
+ librnp
+)
+
+add_executable(fuzz_keyring_kbx keyring_kbx.c)
+
+target_include_directories(fuzz_keyring_kbx
+ PRIVATE
+ "${PROJECT_SOURCE_DIR}/src"
+ "${PROJECT_SOURCE_DIR}/src/lib"
+)
+
+target_link_libraries(fuzz_keyring_kbx
+ PRIVATE
+ librnp
+)
+
+add_executable(fuzz_keyring_g10 keyring_g10.cpp)
+
+target_include_directories(fuzz_keyring_g10
+ PRIVATE
+ "${PROJECT_SOURCE_DIR}/src"
+ "${PROJECT_SOURCE_DIR}/src/lib"
+)
+
+target_link_libraries(fuzz_keyring_g10
+ PRIVATE
+ librnp-static
+)
+
+if (ENABLE_SANITIZERS)
+ foreach(tgt fuzz_dump fuzz_keyring fuzz_keyimport fuzz_sigimport fuzz_verify fuzz_verify_detached fuzz_keyring_kbx fuzz_keyring_g10)
+ set_target_properties(${tgt} PROPERTIES LINKER_LANGUAGE CXX)
+ endforeach()
+endif()
diff --git a/src/fuzzing/dump.c b/src/fuzzing/dump.c
new file mode 100644
index 0000000..026bfc2
--- /dev/null
+++ b/src/fuzzing/dump.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2020, [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rnp/rnp.h>
+
+#ifdef RNP_RUN_TESTS
+int dump_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int
+dump_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#else
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#endif
+{
+ rnp_input_t input = NULL;
+ (void) rnp_input_from_memory(&input, data, size, false);
+ rnp_output_t output = NULL;
+ (void) rnp_output_to_null(&output);
+
+ (void) rnp_dump_packets_to_output(input, output, RNP_DUMP_RAW);
+ rnp_output_destroy(output);
+ rnp_input_destroy(input);
+
+ (void) rnp_input_from_memory(&input, data, size, false);
+ char *json = NULL;
+ (void) rnp_dump_packets_to_json(input, RNP_DUMP_RAW, &json);
+ rnp_buffer_destroy(json);
+ rnp_input_destroy(input);
+
+ return 0;
+}
diff --git a/src/fuzzing/keyimport.c b/src/fuzzing/keyimport.c
new file mode 100644
index 0000000..16e1272
--- /dev/null
+++ b/src/fuzzing/keyimport.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2020, [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rnp/rnp.h>
+#include <rnp/rnp_err.h>
+
+#ifdef RNP_RUN_TESTS
+int keyimport_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int
+keyimport_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#else
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#endif
+{
+ rnp_input_t input = NULL;
+ rnp_result_t ret = 0;
+ rnp_ffi_t ffi = NULL;
+
+ /* try non-permissive import */
+ ret = rnp_input_from_memory(&input, data, size, false);
+ ret = rnp_ffi_create(&ffi, "GPG", "GPG");
+ char *results = NULL;
+ ret = rnp_import_keys(
+ ffi, input, RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS, &results);
+ rnp_buffer_destroy(results);
+ rnp_input_destroy(input);
+ rnp_ffi_destroy(ffi);
+
+ /* try permissive import */
+ ret = rnp_input_from_memory(&input, data, size, false);
+ ret = rnp_ffi_create(&ffi, "GPG", "GPG");
+ results = NULL;
+ ret = rnp_import_keys(ffi,
+ input,
+ RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS |
+ RNP_LOAD_SAVE_PERMISSIVE,
+ &results);
+ rnp_buffer_destroy(results);
+ rnp_input_destroy(input);
+ rnp_ffi_destroy(ffi);
+
+ /* try non-permissive iterative import */
+ ret = rnp_input_from_memory(&input, data, size, false);
+ ret = rnp_ffi_create(&ffi, "GPG", "GPG");
+ do {
+ results = NULL;
+ ret = rnp_import_keys(ffi,
+ input,
+ RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS |
+ RNP_LOAD_SAVE_SINGLE,
+ &results);
+ rnp_buffer_destroy(results);
+ } while (!ret);
+ rnp_input_destroy(input);
+ rnp_ffi_destroy(ffi);
+
+ /* try permissive iterative import */
+ ret = rnp_input_from_memory(&input, data, size, false);
+ ret = rnp_ffi_create(&ffi, "GPG", "GPG");
+ do {
+ results = NULL;
+ ret = rnp_import_keys(ffi,
+ input,
+ RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS |
+ RNP_LOAD_SAVE_PERMISSIVE | RNP_LOAD_SAVE_SINGLE,
+ &results);
+ rnp_buffer_destroy(results);
+ } while (!ret);
+ rnp_input_destroy(input);
+ rnp_ffi_destroy(ffi);
+
+ return 0;
+}
diff --git a/src/fuzzing/keyring.c b/src/fuzzing/keyring.c
new file mode 100644
index 0000000..bac4e13
--- /dev/null
+++ b/src/fuzzing/keyring.c
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2020, [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rnp/rnp.h>
+
+#ifdef RNP_RUN_TESTS
+int keyring_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int
+keyring_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#else
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#endif
+{
+ rnp_input_t input = NULL;
+ rnp_result_t ret = 0;
+ rnp_ffi_t ffi = NULL;
+
+ ret = rnp_input_from_memory(&input, data, size, false);
+
+ ret = rnp_ffi_create(&ffi, "GPG", "GPG");
+ ret =
+ rnp_load_keys(ffi, "GPG", input, RNP_LOAD_SAVE_PUBLIC_KEYS | RNP_LOAD_SAVE_SECRET_KEYS);
+
+ rnp_input_destroy(input);
+ rnp_ffi_destroy(ffi);
+
+ return 0;
+}
diff --git a/src/fuzzing/keyring_g10.cpp b/src/fuzzing/keyring_g10.cpp
new file mode 100644
index 0000000..f2495a5
--- /dev/null
+++ b/src/fuzzing/keyring_g10.cpp
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2020, [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rnp/rnp.h>
+#include "../lib/pgp-key.h"
+#include "../librekey/key_store_g10.h"
+#include "../librepgp/stream-common.h"
+#include "../lib/sec_profile.hpp"
+
+#ifdef RNP_RUN_TESTS
+int keyring_g10_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int
+keyring_g10_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#else
+extern "C" RNP_API int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#endif
+{
+ rnp::SecurityContext ctx;
+ rnp_key_store_t ks(ctx);
+ pgp_source_t memsrc = {};
+
+ init_mem_src(&memsrc, data, size, false);
+ rnp_key_store_g10_from_src(&ks, &memsrc, NULL);
+ src_close(&memsrc);
+
+ return 0;
+}
diff --git a/src/fuzzing/keyring_kbx.c b/src/fuzzing/keyring_kbx.c
new file mode 100644
index 0000000..768e669
--- /dev/null
+++ b/src/fuzzing/keyring_kbx.c
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2020, [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rnp/rnp.h>
+
+#ifdef RNP_RUN_TESTS
+int keyring_kbx_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int
+keyring_kbx_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#else
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#endif
+{
+ rnp_input_t input = NULL;
+ rnp_result_t ret = 0;
+ rnp_ffi_t ffi = NULL;
+
+ ret = rnp_input_from_memory(&input, data, size, false);
+
+ ret = rnp_ffi_create(&ffi, "KBX", "G10");
+ ret = rnp_load_keys(ffi, "KBX", input, RNP_LOAD_SAVE_PUBLIC_KEYS);
+
+ rnp_input_destroy(input);
+ rnp_ffi_destroy(ffi);
+ return 0;
+}
diff --git a/src/fuzzing/sigimport.c b/src/fuzzing/sigimport.c
new file mode 100644
index 0000000..35adeb7
--- /dev/null
+++ b/src/fuzzing/sigimport.c
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2020, [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rnp/rnp.h>
+
+#ifdef RNP_RUN_TESTS
+int sigimport_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int
+sigimport_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#else
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#endif
+{
+ rnp_input_t input = NULL;
+ rnp_result_t ret = 0;
+ rnp_ffi_t ffi = NULL;
+
+ ret = rnp_input_from_memory(&input, data, size, false);
+ ret = rnp_ffi_create(&ffi, "GPG", "GPG");
+ char *results = NULL;
+ ret = rnp_import_signatures(ffi, input, 0, &results);
+ rnp_buffer_destroy(results);
+ rnp_input_destroy(input);
+ rnp_ffi_destroy(ffi);
+
+ return 0;
+}
diff --git a/src/fuzzing/verify.c b/src/fuzzing/verify.c
new file mode 100644
index 0000000..cd6c849
--- /dev/null
+++ b/src/fuzzing/verify.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2020, [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rnp/rnp.h>
+#include "stdio.h"
+
+#ifdef RNP_RUN_TESTS
+int verify_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int
+verify_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#else
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#endif
+{
+ rnp_ffi_t ffi = NULL;
+ rnp_input_t input = NULL;
+ rnp_output_t output = NULL;
+ rnp_result_t ret;
+
+ ret = rnp_ffi_create(&ffi, "GPG", "GPG");
+ ret = rnp_input_from_memory(&input, data, size, false);
+ ret = rnp_output_to_null(&output);
+
+ rnp_op_verify_t op = NULL;
+ ret = rnp_op_verify_create(&op, ffi, input, output);
+ ret = rnp_op_verify_execute(op);
+ ret = rnp_op_verify_destroy(op);
+
+ rnp_input_destroy(input);
+ rnp_output_destroy(output);
+ rnp_ffi_destroy(ffi);
+
+ return 0;
+}
diff --git a/src/fuzzing/verify_detached.c b/src/fuzzing/verify_detached.c
new file mode 100644
index 0000000..2afb59a
--- /dev/null
+++ b/src/fuzzing/verify_detached.c
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2020, [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <rnp/rnp.h>
+#include "string.h"
+
+#ifdef RNP_RUN_TESTS
+int verify_detached_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+int
+verify_detached_LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#else
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+#endif
+{
+ rnp_ffi_t ffi = NULL;
+ rnp_input_t input = NULL;
+ rnp_input_t msg_input = NULL;
+ rnp_result_t ret;
+
+ ret = rnp_ffi_create(&ffi, "GPG", "GPG");
+ ret = rnp_input_from_memory(&input, data, size, false);
+ const char *msg = "message";
+ ret = rnp_input_from_memory(&msg_input, (const uint8_t *) msg, strlen(msg), true);
+
+ rnp_op_verify_t verify = NULL;
+ ret = rnp_op_verify_detached_create(&verify, ffi, msg_input, input);
+ ret = rnp_op_verify_execute(verify);
+ ret = rnp_op_verify_destroy(verify);
+
+ rnp_input_destroy(input);
+ rnp_input_destroy(msg_input);
+ rnp_ffi_destroy(ffi);
+
+ return 0;
+}