lib/flattening/flatten.go

-Original file line number
+Diff line change
@@ Expand Up / @@ -63,7 +63,7 @@ func flattenInterface(i interface{}) ([]Item, error) { @@
     	case bool, int, string, float64, float32:
     		o = append(o, Item{Key: "", Value: child})
     	default:
-    		return nil, errors.New("unrecognozed item in json")
+    		return nil, errors.New("unrecognized item in json")
     	}
     	return o, nil
     }

lib/flattening/flatten_test.go

-Original file line number
+Diff line change
@@ Expand Up / @@ -308,3 +308,43 @@ func TestListNoIndexValueExtraction(t *testing.T) { @@
     	assert.NotNil(t, actualOutput)
     	assert.ElementsMatch(t, expectedOutput, actualOutput)
     }
+    func TestFlattenInterfaceNoPanic(t *testing.T) {
+    	testCases := []struct {
+    		name  string
+    		value interface{}
+    	}{
+    		{
+    			name:  "nil",
+    			value: nil,
+    		},
+    		{
+    			name:  "intPtr",
+    			value: new(int),
+    		},
+    		{
+    			name:  "channel",
+    			value: make(chan int),
+    		},
+    		{
+    			name:  "func",
+    			value: func() {},
+    		},
+    		{
+    			name:  "interfaceValue",
+    			value: interface{}(123),
+    		},
+    		{
+    			name:  "interfaceEmptyValue",
+    			value: interface{}(nil),
+    		},
+    	}
+    	for _, tc := range testCases {
+    		t.Run(tc.name, func(t *testing.T) {
+    			require.NotPanics(t, func() {
+    				_, _ = flattenInterface(tc.value)
+    			})
+    		})
+    	}
+    }

lib/ocrypto/fuzz_test.go

-Original file line number
+Diff line change
@@ -0,0 +1,56 @@
+    package ocrypto
+    import (
+    	"crypto/elliptic"
+    	"testing"
+    	"github.com/stretchr/testify/require"
+    )
+    func makeCompressedZeroSeed(l int) []byte {
+    	seed := make([]byte, l)
+    	seed[0] = 3
+    	return seed
+    }
+    func makeCompressedRandomSeed(f *testing.F, mode ECCMode) []byte {
+    	curve, err := GetECCurveFromECCMode(mode)
+    	require.NoError(f, err)
+    	keyPair, err := NewECKeyPair(mode)
+    	require.NoError(f, err)
+    	pubKey := keyPair.PrivateKey.PublicKey
+    	return elliptic.MarshalCompressed(curve, pubKey.X, pubKey.Y)
+    }
+    func FuzzUncompressECPubKey(f *testing.F) {
+    	// real random key examples
+    	f.Add(makeCompressedRandomSeed(f, ECCModeSecp256r1))
+    	f.Add(makeCompressedRandomSeed(f, ECCModeSecp384r1))
+    	f.Add(makeCompressedRandomSeed(f, ECCModeSecp521r1))
+    	// zero examples
+    	f.Add(makeCompressedZeroSeed(curveByteLength(elliptic.P224())))
+    	f.Add(makeCompressedZeroSeed(curveByteLength(elliptic.P256())))
+    	f.Add(makeCompressedZeroSeed(curveByteLength(elliptic.P384())))
+    	f.Add(makeCompressedZeroSeed(curveByteLength(elliptic.P521())))
+    	f.Fuzz(func(t *testing.T, data []byte) {
+    		curve := elliptic.P256()
+    		switch len(data) { // check if other curves are a better fit
+    		case curveByteLength(elliptic.P224()):
+    			curve = elliptic.P224()
+    		case curveByteLength(elliptic.P384()):
+    			curve = elliptic.P384()
+    		case curveByteLength(elliptic.P521()):
+    			curve = elliptic.P521()
+    		}
+    		require.NotPanics(t, func() {
+    			_, _ = UncompressECPubKey(curve, data)
+    		})
+    	})
+    }
+    func curveByteLength(curve elliptic.Curve) int {
+    	return 1 + (curve.Params().BitSize+7)/8
+    }

sdk/internal/oauth/oauth.go

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -107,12 +107,13 @@ func setClientAuth(cc ClientCredentials, formData *url.Values, req *http.Request
  
    func getSignedToken(clientID, tokenEndpoint string, key jwk.Key) ([]byte, error) {

    	const tokenExpiration = 5 * time.Minute

    	now := time.Now()

    	tok, err := jwt.NewBuilder().

    		Issuer(clientID).

    		Subject(clientID).

    		Audience([]string{tokenEndpoint}).

    		IssuedAt(time.Now()).

    		Expiration(time.Now().Add(tokenExpiration)).

    		IssuedAt(now).

    		Expiration(now.Add(tokenExpiration)).

    		JwtID(uuid.NewString()).

    		Build()

    	if err != nil {

sdk/kas_client.go

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -126,10 +126,11 @@ func (k *KASClient) getNanoTDFRewrapRequest(header string, kasURL string, pubKey
  
    		return nil, fmt.Errorf("Error marshaling request body: %w", err)

    	}

    	now := time.Now()

    	tok, err := jwt.NewBuilder().

    		Claim("requestBody", string(requestBodyJSON)).

    		IssuedAt(time.Now()).

    		Expiration(time.Now().Add(secondsPerMinute * time.Second)).

    		IssuedAt(now).

    		Expiration(now.Add(secondsPerMinute * time.Second)).

    		Build()

    	if err != nil {

    		return nil, fmt.Errorf("failed to create jwt: %w", err)

    @@ -254,10 +255,11 @@ func (k *KASClient) getRewrapRequest(keyAccess KeyAccess, policy string) (*kas.R
  
    		return nil, fmt.Errorf("Error marshaling request body: %w", err)

    	}

    	now := time.Now()

    	tok, err := jwt.NewBuilder().

    		Claim("requestBody", string(requestBodyJSON)).

    		IssuedAt(time.Now()).

    		Expiration(time.Now().Add(secondsPerMinute * time.Second)).

    		IssuedAt(now).

    		Expiration(now.Add(secondsPerMinute * time.Second)).

    		Build()

    	if err != nil {

    		return nil, fmt.Errorf("failed to create jwt: %w", err)

service/internal/subjectmappingbuiltin/subject_mapping_builtin.go

-Original file line number
+Diff line change
@@ Expand Up @@
     }
     func EvaluateSubjectSet(subjectSet *policy.SubjectSet, entity flattening.Flattened) (bool, error) {
-    	// condition groups anded togethor
+    	// condition groups anded together
     	subjectSetConditionResult := true
     	for _, conditionGroup := range subjectSet.GetConditionGroups() {
     		conditionGroupResult, err := EvaluateConditionGroup(conditionGroup, entity)
@@ Expand Down @@

chore(sdk): Expand fuzz testing and minor spelling fixes #1473

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

jentfoo merged 1 commit into main from jent/expand_fuzz_testing

Sep 4, 2024

-Original file line number
+Diff line change
@@ Expand Up / @@ -63,7 +63,7 @@ func flattenInterface(i interface{}) ([]Item, error) { @@
     	case bool, int, string, float64, float32:
     		o = append(o, Item{Key: "", Value: child})
     	default:
-    		return nil, errors.New("unrecognozed item in json")
+    		return nil, errors.New("unrecognized item in json")
     	}
     	return o, nil
     }

-Original file line number
+Diff line change
@@ Expand Up / @@ -308,3 +308,43 @@ func TestListNoIndexValueExtraction(t *testing.T) { @@
     	assert.NotNil(t, actualOutput)
     	assert.ElementsMatch(t, expectedOutput, actualOutput)
     }
+    func TestFlattenInterfaceNoPanic(t *testing.T) {
+    	testCases := []struct {
+    		name  string
+    		value interface{}
+    	}{
+    		{
+    			name:  "nil",
+    			value: nil,
+    		},
+    		{
+    			name:  "intPtr",
+    			value: new(int),
+    		},
+    		{
+    			name:  "channel",
+    			value: make(chan int),
+    		},
+    		{
+    			name:  "func",
+    			value: func() {},
+    		},
+    		{
+    			name:  "interfaceValue",
+    			value: interface{}(123),
+    		},
+    		{
+    			name:  "interfaceEmptyValue",
+    			value: interface{}(nil),
+    		},
+    	}
+    	for _, tc := range testCases {
+    		t.Run(tc.name, func(t *testing.T) {
+    			require.NotPanics(t, func() {
+    				_, _ = flattenInterface(tc.value)
+    			})
+    		})
+    	}
+    }

-Original file line number
+Diff line change
@@ -0,0 +1,56 @@
+    package ocrypto
+    import (
+    	"crypto/elliptic"
+    	"testing"
+    	"github.com/stretchr/testify/require"
+    )
+    func makeCompressedZeroSeed(l int) []byte {
+    	seed := make([]byte, l)
+    	seed[0] = 3
+    	return seed
+    }
+    func makeCompressedRandomSeed(f *testing.F, mode ECCMode) []byte {
+    	curve, err := GetECCurveFromECCMode(mode)
+    	require.NoError(f, err)
+    	keyPair, err := NewECKeyPair(mode)
+    	require.NoError(f, err)
+    	pubKey := keyPair.PrivateKey.PublicKey
+    	return elliptic.MarshalCompressed(curve, pubKey.X, pubKey.Y)
+    }
+    func FuzzUncompressECPubKey(f *testing.F) {
+    	// real random key examples
+    	f.Add(makeCompressedRandomSeed(f, ECCModeSecp256r1))
+    	f.Add(makeCompressedRandomSeed(f, ECCModeSecp384r1))
+    	f.Add(makeCompressedRandomSeed(f, ECCModeSecp521r1))
+    	// zero examples
+    	f.Add(makeCompressedZeroSeed(curveByteLength(elliptic.P224())))
+    	f.Add(makeCompressedZeroSeed(curveByteLength(elliptic.P256())))
+    	f.Add(makeCompressedZeroSeed(curveByteLength(elliptic.P384())))
+    	f.Add(makeCompressedZeroSeed(curveByteLength(elliptic.P521())))
+    	f.Fuzz(func(t *testing.T, data []byte) {
+    		curve := elliptic.P256()
+    		switch len(data) { // check if other curves are a better fit
+    		case curveByteLength(elliptic.P224()):
+    			curve = elliptic.P224()
+    		case curveByteLength(elliptic.P384()):
+    			curve = elliptic.P384()
+    		case curveByteLength(elliptic.P521()):
+    			curve = elliptic.P521()
+    		}
+    		require.NotPanics(t, func() {
+    			_, _ = UncompressECPubKey(curve, data)
+    		})
+    	})
+    }
+    func curveByteLength(curve elliptic.Curve) int {
+    	return 1 + (curve.Params().BitSize+7)/8
+    }

-Original file line number
+Diff line change
@@ Expand Up @@
     }
     func EvaluateSubjectSet(subjectSet *policy.SubjectSet, entity flattening.Flattened) (bool, error) {
-    	// condition groups anded togethor
+    	// condition groups anded together
     	subjectSetConditionResult := true
     	for _, conditionGroup := range subjectSet.GetConditionGroups() {
     		conditionGroupResult, err := EvaluateConditionGroup(conditionGroup, entity)
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(sdk): Expand fuzz testing and minor spelling fixes #1473

Uh oh!

Diff view

Diff view

There are no files selected for viewing