From 38170182f7a7435afc37731423a90f20a7773976 Mon Sep 17 00:00:00 2001 From: iszubok Date: Sun, 31 Oct 2021 22:12:34 +0200 Subject: [PATCH 1/6] added secp256k1 fuzzer --- oss-fuzz.sh | 1 + tests/fuzzers/secp256k1/secp_fuzzer.go | 50 ++++++++++++++++++++++++++ tests/fuzzers/secp256k1/secp_test.go | 8 +++++ 3 files changed, 59 insertions(+) create mode 100644 tests/fuzzers/secp256k1/secp_fuzzer.go create mode 100644 tests/fuzzers/secp256k1/secp_test.go diff --git a/oss-fuzz.sh b/oss-fuzz.sh index ff3bec09943..a21aaf0db10 100755 --- a/oss-fuzz.sh +++ b/oss-fuzz.sh @@ -101,6 +101,7 @@ compile_fuzzer tests/fuzzers/stacktrie Fuzz fuzzStackTrie compile_fuzzer tests/fuzzers/difficulty Fuzz fuzzDifficulty compile_fuzzer tests/fuzzers/abi Fuzz fuzzAbi compile_fuzzer tests/fuzzers/les Fuzz fuzzLes +compile_fuzzer tests/fuzzers/secp256k1 Fuzz fuzzSecp256k1 compile_fuzzer tests/fuzzers/bls12381 FuzzG1Add fuzz_g1_add compile_fuzzer tests/fuzzers/bls12381 FuzzG1Mul fuzz_g1_mul diff --git a/tests/fuzzers/secp256k1/secp_fuzzer.go b/tests/fuzzers/secp256k1/secp_fuzzer.go new file mode 100644 index 00000000000..a6c7be0ec00 --- /dev/null +++ b/tests/fuzzers/secp256k1/secp_fuzzer.go @@ -0,0 +1,50 @@ +// Copyright 2021 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +// build +gofuzz + +package secp256k1 + +import ( + "fmt" + + "github.com/btcsuite/btcd/btcec" + fuzz "github.com/google/gofuzz" + "github.com/ledgerwatch/secp256k1" +) + +func Fuzz(input []byte) int { + var ( + fuzzer = fuzz.NewFromGoFuzz(input) + curveA = secp256k1.S256() + curveB = btcec.S256() + dataP1 []byte + dataP2 []byte + ) + // first point + fuzzer.Fuzz(&dataP1) + x1, y1 := curveB.ScalarBaseMult(dataP1) + // second point + fuzzer.Fuzz(&dataP2) + x2, y2 := curveB.ScalarBaseMult(dataP2) + resAX, resAY := curveA.Add(x1, y1, x2, y2) + resBX, resBY := curveB.Add(x1, y1, x2, y2) + if resAX.Cmp(resBX) != 0 || resAY.Cmp(resBY) != 0 { + fmt.Printf("%s %s %s %s\n", x1, y1, x2, y2) + panic(fmt.Sprintf("Addition failed: erigon: %s %s btcd: %s %s", resAX, resAY, resBX, resBY)) + } + return 0 +} diff --git a/tests/fuzzers/secp256k1/secp_test.go b/tests/fuzzers/secp256k1/secp_test.go new file mode 100644 index 00000000000..76bae87086f --- /dev/null +++ b/tests/fuzzers/secp256k1/secp_test.go @@ -0,0 +1,8 @@ +package secp256k1 + +import "testing" + +func TestFuzzer(t *testing.T) { + test := "00000000N0000000/R00000000000000000U0000S0000000mkhP000000000000000U" + Fuzz([]byte(test)) +} From 931ea8384e87a507ef8c18d5c0b1d420d35af7e3 Mon Sep 17 00:00:00 2001 From: iszubok Date: Wed, 3 Nov 2021 20:41:01 +0200 Subject: [PATCH 2/6] Updated references to secp256k1 and erigon-lib --- go.mod | 4 +++- go.sum | 8 ++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 0409c5628ab..656367f7ad0 100644 --- a/go.mod +++ b/go.mod @@ -38,7 +38,7 @@ require ( github.com/kevinburke/go-bindata v3.21.0+incompatible github.com/ledgerwatch/erigon-lib v0.0.0-20211102145739-607ab3a85bf7 github.com/ledgerwatch/log/v3 v3.4.0 - github.com/ledgerwatch/secp256k1 v0.0.0-20210626115225-cd5cd00ed72d + github.com/ledgerwatch/secp256k1 v1.0.0 github.com/logrusorgru/aurora/v3 v3.0.0 github.com/pelletier/go-toml v1.9.4 github.com/petar/GoLLRB v0.0.0-20190514000832-33fb24c13b99 @@ -68,3 +68,5 @@ require ( gotest.tools v2.2.0+incompatible // indirect pgregory.net/rapid v0.4.7 ) + +replace github.com/ledgerwatch/erigon-lib => github.com/iszubok/erigon-lib v0.0.0-20211103123001-12f30c032548 diff --git a/go.sum b/go.sum index 3032f8322a1..8a133e5623c 100644 --- a/go.sum +++ b/go.sum @@ -457,6 +457,8 @@ github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1: github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/iszubok/erigon-lib v0.0.0-20211103123001-12f30c032548 h1:MPC//9C/OWt1ItL1/QyGU2sOz5/+FqGdOF+zIPZsZJk= +github.com/iszubok/erigon-lib v0.0.0-20211103123001-12f30c032548/go.mod h1:JWVg1Eswt+TbNFByMk3pQ2OTefJi/vcUK8lJrYBaZws= github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus= github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc= github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU= @@ -497,12 +499,10 @@ github.com/kylelemons/godebug v0.0.0-20170224010052-a616ab194758 h1:0D5M2HQSGD3P github.com/kylelemons/godebug v0.0.0-20170224010052-a616ab194758/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/leanovate/gopter v0.2.9 h1:fQjYxZaynp97ozCzfOyOuAGOU4aU/z37zf/tOujFk7c= github.com/leanovate/gopter v0.2.9/go.mod h1:U2L/78B+KVFIx2VmW6onHJQzXtFb+p5y3y2Sh+Jxxv8= -github.com/ledgerwatch/erigon-lib v0.0.0-20211102145739-607ab3a85bf7 h1:9ivRlLmbUWAKNjoMfz3iBjCfKmT0GBRL1cu1NpaEekg= -github.com/ledgerwatch/erigon-lib v0.0.0-20211102145739-607ab3a85bf7/go.mod h1:tmLML7kM8BV92RBOUJ4FXmLY/gSqZ8AHW4kkoDQud8k= github.com/ledgerwatch/log/v3 v3.4.0 h1:SEIOcv5a2zkG3PmoT5jeTU9m/0nEUv0BJS5bzsjwKCI= github.com/ledgerwatch/log/v3 v3.4.0/go.mod h1:VXcz6Ssn6XEeU92dCMc39/g1F0OYAjw1Mt+dGP5DjXY= -github.com/ledgerwatch/secp256k1 v0.0.0-20210626115225-cd5cd00ed72d h1:/IKMrJdfRsoYNc36PXqP4xMH3vhW/8IQyBKGQbKZUno= -github.com/ledgerwatch/secp256k1 v0.0.0-20210626115225-cd5cd00ed72d/go.mod h1:SPmqJFciiF/Q0mPt2jVs2dTr/1TZBTIA+kPMmKgBAak= +github.com/ledgerwatch/secp256k1 v1.0.0 h1:Usvz87YoTG0uePIV8woOof5cQnLXGYa162rFf3YnwaQ= +github.com/ledgerwatch/secp256k1 v1.0.0/go.mod h1:SPmqJFciiF/Q0mPt2jVs2dTr/1TZBTIA+kPMmKgBAak= github.com/leodido/go-urn v1.1.0/go.mod h1:+cyI34gQWZcE1eQU7NVgKkkzdXDQHr1dBMtdAPozLkw= github.com/logrusorgru/aurora/v3 v3.0.0 h1:R6zcoZZbvVcGMvDCKo45A9U/lzYyzl5NfYIvznmDfE4= github.com/logrusorgru/aurora/v3 v3.0.0/go.mod h1:vsR12bk5grlLvLXAYrBsb5Oc/N+LxAlxggSjiwMnCUc= From 374ae18af12c833cdb867d02378bfaddb218787a Mon Sep 17 00:00:00 2001 From: ledgerwatch Date: Thu, 4 Nov 2021 08:42:31 +0000 Subject: [PATCH 3/6] Update go.sum --- go.sum | 2 -- 1 file changed, 2 deletions(-) diff --git a/go.sum b/go.sum index ac592ea9cfc..3a9f5fba623 100644 --- a/go.sum +++ b/go.sum @@ -457,8 +457,6 @@ github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1: github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/iszubok/erigon-lib v0.0.0-20211103123001-12f30c032548 h1:MPC//9C/OWt1ItL1/QyGU2sOz5/+FqGdOF+zIPZsZJk= -github.com/iszubok/erigon-lib v0.0.0-20211103123001-12f30c032548/go.mod h1:JWVg1Eswt+TbNFByMk3pQ2OTefJi/vcUK8lJrYBaZws= github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus= github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc= github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU= From ffb1af58984273203418eca8d947d196851ed660 Mon Sep 17 00:00:00 2001 From: ledgerwatch Date: Thu, 4 Nov 2021 08:43:20 +0000 Subject: [PATCH 4/6] Update go.mod --- go.mod | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c359e4eaa68..0f0099099e7 100644 --- a/go.mod +++ b/go.mod @@ -36,7 +36,7 @@ require ( github.com/json-iterator/go v1.1.12 github.com/julienschmidt/httprouter v1.3.0 github.com/kevinburke/go-bindata v3.21.0+incompatible - github.com/ledgerwatch/erigon-lib v0.0.0-20211104042003-182de9f4806b + github.com/ledgerwatch/erigon-lib v0.0.0-20211104083555-bf3ea94f7774 github.com/ledgerwatch/log/v3 v3.4.0 github.com/ledgerwatch/secp256k1 v1.0.0 github.com/logrusorgru/aurora/v3 v3.0.0 @@ -67,5 +67,3 @@ require ( gotest.tools v2.2.0+incompatible // indirect pgregory.net/rapid v0.4.7 ) - -replace github.com/ledgerwatch/erigon-lib => github.com/iszubok/erigon-lib v0.0.0-20211103123001-12f30c032548 From 3f476c7b92b434e68e84fb7def089e25fd506bd2 Mon Sep 17 00:00:00 2001 From: ledgerwatch Date: Thu, 4 Nov 2021 11:12:43 +0000 Subject: [PATCH 5/6] Update go.mod --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 0f0099099e7..232ff24da94 100644 --- a/go.mod +++ b/go.mod @@ -36,7 +36,7 @@ require ( github.com/json-iterator/go v1.1.12 github.com/julienschmidt/httprouter v1.3.0 github.com/kevinburke/go-bindata v3.21.0+incompatible - github.com/ledgerwatch/erigon-lib v0.0.0-20211104083555-bf3ea94f7774 + github.com/ledgerwatch/erigon-lib v0.0.0-20211104110507-597d0fbb01ab github.com/ledgerwatch/log/v3 v3.4.0 github.com/ledgerwatch/secp256k1 v1.0.0 github.com/logrusorgru/aurora/v3 v3.0.0 From 18972da5375901e3725cbc7143f2bf9163bd80ec Mon Sep 17 00:00:00 2001 From: ledgerwatch Date: Thu, 4 Nov 2021 11:13:33 +0000 Subject: [PATCH 6/6] Update go.sum --- go.sum | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/go.sum b/go.sum index 3a9f5fba623..fca5587059d 100644 --- a/go.sum +++ b/go.sum @@ -497,8 +497,8 @@ github.com/kylelemons/godebug v0.0.0-20170224010052-a616ab194758 h1:0D5M2HQSGD3P github.com/kylelemons/godebug v0.0.0-20170224010052-a616ab194758/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/leanovate/gopter v0.2.9 h1:fQjYxZaynp97ozCzfOyOuAGOU4aU/z37zf/tOujFk7c= github.com/leanovate/gopter v0.2.9/go.mod h1:U2L/78B+KVFIx2VmW6onHJQzXtFb+p5y3y2Sh+Jxxv8= -github.com/ledgerwatch/erigon-lib v0.0.0-20211104083555-bf3ea94f7774 h1:DBFwEJCsqvHcVkfhGQ+EfV88jZGJvojF4Lf8P8QXwkw= -github.com/ledgerwatch/erigon-lib v0.0.0-20211104083555-bf3ea94f7774/go.mod h1:CuEZROm43MykZT5CjCj02jw0FOwaDl8Nh+PZkTEGopg= +github.com/ledgerwatch/erigon-lib v0.0.0-20211104110507-597d0fbb01ab h1:CNIgX4Sw1uybwmLgLmWpAaNrm4ADo33BLpz4Zo3FnqI= +github.com/ledgerwatch/erigon-lib v0.0.0-20211104110507-597d0fbb01ab/go.mod h1:CuEZROm43MykZT5CjCj02jw0FOwaDl8Nh+PZkTEGopg= github.com/ledgerwatch/log/v3 v3.4.0 h1:SEIOcv5a2zkG3PmoT5jeTU9m/0nEUv0BJS5bzsjwKCI= github.com/ledgerwatch/log/v3 v3.4.0/go.mod h1:VXcz6Ssn6XEeU92dCMc39/g1F0OYAjw1Mt+dGP5DjXY= github.com/ledgerwatch/secp256k1 v1.0.0 h1:Usvz87YoTG0uePIV8woOof5cQnLXGYa162rFf3YnwaQ=