Fuzz message
I had to move Verify function into separate file to tag it as `cgo` only build. go-fuzz doesn't work with cgo. License: MIT Signed-off-by: Jakub Sztandera <kubuxu@protonmail.ch>
This commit is contained in:
parent
bcedd87cfd
commit
5400547a5f
4
.gitignore
vendored
4
.gitignore
vendored
@ -7,3 +7,7 @@
|
||||
**/*.a
|
||||
**/*.pc
|
||||
build/.*
|
||||
/vendor
|
||||
|
||||
*-fuzz.zip
|
||||
/chain/types/work_msg/
|
||||
|
30
chain/types/message_fuzz.go
Normal file
30
chain/types/message_fuzz.go
Normal file
@ -0,0 +1,30 @@
|
||||
//+build gofuzz
|
||||
|
||||
package types
|
||||
|
||||
import "bytes"
|
||||
|
||||
func FuzzMessage(data []byte) int {
|
||||
var msg Message
|
||||
err := msg.UnmarshalCBOR(bytes.NewReader(data))
|
||||
if err != nil {
|
||||
return 0
|
||||
}
|
||||
reData, err := msg.Serialize()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
var msg2 Message
|
||||
err = msg2.UnmarshalCBOR(bytes.NewReader(data))
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
reData2, err := msg.Serialize()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
if !bytes.Equal(reData, reData2) {
|
||||
panic("reencoding not equal")
|
||||
}
|
||||
return 1
|
||||
}
|
@ -6,11 +6,7 @@ import (
|
||||
"fmt"
|
||||
"io"
|
||||
|
||||
bls "github.com/filecoin-project/go-bls-sigs"
|
||||
"github.com/filecoin-project/go-lotus/chain/address"
|
||||
"github.com/filecoin-project/go-lotus/lib/crypto"
|
||||
cbor "github.com/ipfs/go-ipld-cbor"
|
||||
"github.com/minio/blake2b-simd"
|
||||
"github.com/polydawn/refmt/obj/atlas"
|
||||
cbg "github.com/whyrusleeping/cbor-gen"
|
||||
)
|
||||
@ -70,49 +66,6 @@ func SignatureFromBytes(x []byte) (Signature, error) {
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *Signature) Verify(addr address.Address, msg []byte) error {
|
||||
if addr.Protocol() == address.ID {
|
||||
return fmt.Errorf("must resolve ID addresses before using them to verify a signature")
|
||||
}
|
||||
b2sum := blake2b.Sum256(msg)
|
||||
|
||||
switch s.Type {
|
||||
case KTSecp256k1:
|
||||
pubk, err := crypto.EcRecover(b2sum[:], s.Data)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
maybeaddr, err := address.NewSecp256k1Address(pubk)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if addr != maybeaddr {
|
||||
return fmt.Errorf("signature did not match")
|
||||
}
|
||||
|
||||
return nil
|
||||
case KTBLS:
|
||||
digests := []bls.Digest{bls.Hash(bls.Message(msg))}
|
||||
|
||||
var pubk bls.PublicKey
|
||||
copy(pubk[:], addr.Payload())
|
||||
pubkeys := []bls.PublicKey{pubk}
|
||||
|
||||
var sig bls.Signature
|
||||
copy(sig[:], s.Data)
|
||||
|
||||
if !bls.Verify(sig, digests, pubkeys) {
|
||||
return fmt.Errorf("bls signature failed to verify")
|
||||
}
|
||||
|
||||
return nil
|
||||
default:
|
||||
return fmt.Errorf("cannot verify signature of unsupported type: %s", s.Type)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *Signature) TypeCode() int {
|
||||
switch s.Type {
|
||||
case KTSecp256k1:
|
||||
|
55
chain/types/signature_cgo.go
Normal file
55
chain/types/signature_cgo.go
Normal file
@ -0,0 +1,55 @@
|
||||
//+build cgo
|
||||
|
||||
package types
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
bls "github.com/filecoin-project/go-bls-sigs"
|
||||
"github.com/filecoin-project/go-lotus/chain/address"
|
||||
"github.com/filecoin-project/go-lotus/lib/crypto"
|
||||
"github.com/minio/blake2b-simd"
|
||||
)
|
||||
|
||||
func (s *Signature) Verify(addr address.Address, msg []byte) error {
|
||||
if addr.Protocol() == address.ID {
|
||||
return fmt.Errorf("must resolve ID addresses before using them to verify a signature")
|
||||
}
|
||||
b2sum := blake2b.Sum256(msg)
|
||||
|
||||
switch s.Type {
|
||||
case KTSecp256k1:
|
||||
pubk, err := crypto.EcRecover(b2sum[:], s.Data)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
maybeaddr, err := address.NewSecp256k1Address(pubk)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if addr != maybeaddr {
|
||||
return fmt.Errorf("signature did not match")
|
||||
}
|
||||
|
||||
return nil
|
||||
case KTBLS:
|
||||
digests := []bls.Digest{bls.Hash(bls.Message(msg))}
|
||||
|
||||
var pubk bls.PublicKey
|
||||
copy(pubk[:], addr.Payload())
|
||||
pubkeys := []bls.PublicKey{pubk}
|
||||
|
||||
var sig bls.Signature
|
||||
copy(sig[:], s.Data)
|
||||
|
||||
if !bls.Verify(sig, digests, pubkeys) {
|
||||
return fmt.Errorf("bls signature failed to verify")
|
||||
}
|
||||
|
||||
return nil
|
||||
default:
|
||||
return fmt.Errorf("cannot verify signature of unsupported type: %s", s.Type)
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user