Merge all fuzz targets into one

RustCrypto · Oct 23, 2024 · 93a83f1 · 93a83f1
1 parent a65d634
commit 93a83f1
Show file tree

Hide file tree

Showing 6 changed files with 52 additions and 79 deletions.
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -12,22 +12,8 @@ libfuzzer-sys = "0.4"
 scrypt = { path = "../scrypt", features = ["simple"]}
 
 [[bin]]
-name = "scrypt_hash"
-path = "fuzz_targets/scrypt_hash.rs"
-test = false
-doc = false
-bench = false
-
-[[bin]]
-name = "scrypt_phc_verify"
-path = "fuzz_targets/scrypt_phc_verify.rs"
-test = false
-doc = false
-bench = false
-
-[[bin]]
-name = "scrypt_phc_hash"
-path = "fuzz_targets/scrypt_phc_hash.rs"
+name = "scrypt"
+path = "fuzz_targets/scrypt.rs"
 test = false
 doc = false
 bench = false
diff --git a/fuzz/fuzz_targets/scrypt.rs b/fuzz/fuzz_targets/scrypt.rs
@@ -0,0 +1,50 @@
+#![no_main]
+use libfuzzer_sys::arbitrary::{Arbitrary, Result, Unstructured};
+use libfuzzer_sys::fuzz_target;
+use scrypt::password_hash::{
+    Ident, PasswordHash, PasswordHasher, PasswordVerifier, Salt, SaltString,
+};
+use scrypt::{scrypt, Scrypt};
+
+#[derive(Debug)]
+pub struct ScryptRandParams(pub scrypt::Params);
+
+impl<'a> Arbitrary<'a> for ScryptRandParams {
+    fn arbitrary(u: &mut Unstructured<'a>) -> Result<Self> {
+        let log_n = u.int_in_range(0..=15)?;
+        let r = u.int_in_range(1..=32)?;
+        let p = u.int_in_range(1..=16)?;
+        let len = u.int_in_range(10..=64)?;
+
+        let params = scrypt::Params::new(log_n, r, p, len).unwrap();
+        Ok(Self(params))
+    }
+}
+
+fuzz_target!(|data: (&[u8], &[u8], ScryptRandParams)| {
+    let (password, salt, ScryptRandParams(params)) = data;
+
+    // Check direct hashing
+    let mut result = [0u8; 64];
+    scrypt(password, salt, &params, &mut result).unwrap();
+
+    // Check PHC hashing
+    if salt.len() < Salt::MIN_LENGTH {
+        return;
+    }
+    let salt_string = SaltString::encode_b64(salt).unwrap();
+    let phc_hash = Scrypt
+        .hash_password_customized(
+            password,
+            Some(Ident::new_unwrap("scrypt")),
+            None,
+            params,
+            &salt_string,
+        )
+        .unwrap()
+        .to_string();
+
+    // Check PHC verification
+    let hash = PasswordHash::new(&phc_hash).unwrap();
+    Scrypt.verify_password(password, &hash).unwrap();
+});
diff --git a/fuzz/fuzz_targets/scrypt_hash.rs b/fuzz/fuzz_targets/scrypt_hash.rs
diff --git a/fuzz/fuzz_targets/scrypt_phc_hash.rs b/fuzz/fuzz_targets/scrypt_phc_hash.rs
diff --git a/fuzz/fuzz_targets/scrypt_phc_verify.rs b/fuzz/fuzz_targets/scrypt_phc_verify.rs
diff --git a/fuzz/src/lib.rs b/fuzz/src/lib.rs