ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2025-05-25 11:34:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ParseEventLog fuzz target

Browse Source 
A go-fuzz target for the ParseEventLog function. It has been tested
with go-fuzz and go-fuzz + libFuzzer.

oss-fuzz requires a statically built fuzzer binary, so `gofuzz` build
tags are added to avoid building files that depend on go-tspi. A mock
tpm_other.go file is also included to satisfy the `platformTPM`
interface.
This commit is contained in:
Brandon Weeks 2019-10-08 04:38:05 +00:00
parent 73020b971b
commit 2bc8d58530
6 changed files with 110 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
attest/activation.go
View File

@ -31,21 +31,6 @@ const (
tpm20GeneratedMagic = 0xff544347 tpm20GeneratedMagic = 0xff544347
) )
func cryptoHash(h tpm2.Algorithm) (crypto.Hash, error) {
switch h {
case tpm2.AlgSHA1:
return crypto.SHA1, nil
case tpm2.AlgSHA256:
return crypto.SHA256, nil
case tpm2.AlgSHA384:
return crypto.SHA384, nil
case tpm2.AlgSHA512:
return crypto.SHA512, nil
default:
return crypto.Hash(0), fmt.Errorf("unsupported signature digest: %v", h)
}
}
// ActivationParameters encapsulates the inputs for activating an AK. // ActivationParameters encapsulates the inputs for activating an AK.
type ActivationParameters struct { type ActivationParameters struct {
// TPMVersion holds the version of the TPM, either 1.2 or 2.0. // TPMVersion holds the version of the TPM, either 1.2 or 2.0.

25
attest/eventlog_fuzz.go Normal file
View File

@ -0,0 +1,25 @@
// Copyright 2019 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may not
// use this file except in compliance with the License. You may obtain a copy of
// the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
// License for the specific language governing permissions and limitations under
// the License.
// +build gofuzz
package attest
func FuzzParseEventLog(data []byte) int {
_, err := ParseEventLog(data)
if err != nil {
return 0
}
return 1
}

2
attest/key_linux.go
View File

@ -12,7 +12,7 @@
// License for the specific language governing permissions and limitations under // License for the specific language governing permissions and limitations under
// the License. // the License.
// +build linux // +build linux,!gofuzz
package attest package attest

16
attest/tpm.go
View File

@ -16,6 +16,7 @@ package attest
import ( import (
"bytes" "bytes"
"crypto"
"crypto/rsa" "crypto/rsa"
"crypto/sha256" "crypto/sha256"
"encoding/base64" "encoding/base64"
@ -98,6 +99,21 @@ var (
} }
) )
func cryptoHash(h tpm2.Algorithm) (crypto.Hash, error) {
switch h {
case tpm2.AlgSHA1:
return crypto.SHA1, nil
case tpm2.AlgSHA256:
return crypto.SHA256, nil
case tpm2.AlgSHA384:
return crypto.SHA384, nil
case tpm2.AlgSHA512:
return crypto.SHA512, nil
default:
return crypto.Hash(0), fmt.Errorf("unsupported signature digest: %v", h)
}
}
type tpm20Info struct { type tpm20Info struct {
vendor string vendor string
manufacturer TCGVendorID manufacturer TCGVendorID

2
attest/tpm_linux.go
View File

@ -12,7 +12,7 @@
// License for the specific language governing permissions and limitations under // License for the specific language governing permissions and limitations under
// the License. // the License.
// +build linux // +build linux,!gofuzz
package attest package attest

67
attest/tpm_other.go Normal file
View File

@ -0,0 +1,67 @@
// Copyright 2019 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may not
// use this file except in compliance with the License. You may obtain a copy of
// the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
// License for the specific language governing permissions and limitations under
// the License.
// +build gofuzz !linux,!windows
package attest
import (
"errors"
)
var unsupportedError = errors.New("tpm operations not supported from given build parameters")
type platformTPM struct {
}
func probeSystemTPMs() ([]probedTPM, error) {
return nil, unsupportedError
}
func openTPM(tpm probedTPM) (*TPM, error) {
return nil, unsupportedError
}
func (t *platformTPM) tpmVersion() TPMVersion {
return TPMVersionAgnostic
}
func (t *platformTPM) close() error {
return unsupportedError
}
func (t *platformTPM) info() (*TPMInfo, error) {
return nil, unsupportedError
}
func (t *platformTPM) loadAK(opaqueBlob []byte) (*AK, error) {
return nil, unsupportedError
}
func (t *platformTPM) eks() ([]EK, error) {
return nil, unsupportedError
}
func (t *platformTPM) newAK(opts *AKConfig) (*AK, error) {
return nil, unsupportedError
}
func (t *platformTPM) pcrs(alg HashAlg) ([]PCR, error) {
return nil, unsupportedError
}
func (t *platformTPM) measurementLog() ([]byte, error) {
return nil, unsupportedError
}