Add fuzzer files, make PBKDF2 function_f public to fuzz it, release p…

…rofile opt level 3

.gitignore

@@ -1,7 +1,6 @@
 # Generated by Cargo
 # will have compiled files and executables
 /target/
-/fuzz/
 
 # Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
 # More information here http://doc.crates.io/guide.html#cargotoml-vs-cargolock

Cargo.toml

@@ -25,4 +25,4 @@ ring = "0.12.1"
 opt-level = 2
 
 [profile.release]
-opt-level = 2
+opt-level = 3

fuzz/.gitignore

@@ -0,0 +1,4 @@
+
+target
+corpus
+artifacts

fuzz/Cargo.toml

@@ -0,0 +1,32 @@
+
+[package]
+name = "orion-fuzz"
+version = "0.0.1"
+authors = ["Automatically generated"]
+publish = false
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+rand = "0.5.0"
+
+[dependencies.orion]
+path = ".."
+[dependencies.libfuzzer-sys]
+git = "https://github.com/rust-fuzz/libfuzzer-sys.git"
+
+# Prevent this from interfering with workspaces
+[workspace]
+members = ["."]
+
+[[bin]]
+name = "pbkdf2_function_f"
+path = "fuzz_targets/pbkdf2_function_f.rs"
+[[bin]]
+name = "hmac_pad_key_blocks"
+path = "fuzz_targets/hmac_pad_key_blocks.rs"
+
+[[bin]]
+name = "hkdf_expand"
+path = "fuzz_targets/hkdf_expand.rs"

fuzz/fuzz_targets/hkdf_expand.rs

@@ -0,0 +1,39 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+extern crate orion;
+extern crate rand;
+
+use orion::hkdf::Hkdf;
+use orion::options::ShaVariantOption;
+use rand::prelude::*;
+
+
+fn make_hkdf(salt: &[u8], ikm: &[u8], info: &[u8]) -> Vec<u8> {
+
+    let mut rng = thread_rng();
+
+    let len = rng.gen_range(0, 8160);
+
+    let mut prk = Vec::new();
+
+    if rng.gen() {
+
+        let len = rng.gen_range(0, 8160);
+        let dk = Hkdf {
+            salt: salt.to_vec(),
+            ikm: ikm.to_vec(),
+            info: info.to_vec(),
+            hmac: ShaVariantOption::SHA256,
+            length: len,
+        };
+
+        let prk = dk.hkdf_extract(ikm, salt);
+
+        dk.hkdf_expand(&prk)
+    } else  { prk }
+
+}
+
+fuzz_target!(|data: &[u8]| {
+    make_hkdf(&data, &data, &data);
+});

fuzz/fuzz_targets/hmac_pad_key_blocks.rs

@@ -0,0 +1,23 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+extern crate orion;
+extern crate rand;
+
+use orion::hmac::Hmac;
+use orion::options::ShaVariantOption;
+
+fn make_hmac(secret_key: &[u8], message: &[u8]) -> (Vec<u8>, Vec<u8>)  {
+
+    let mac = Hmac {
+        secret_key: secret_key.to_vec(),
+        message: message.to_vec(),
+        sha2: ShaVariantOption::SHA256
+    };
+
+    mac.pad_key_blocks(secret_key)
+}
+
+
+fuzz_target!(|data: &[u8]| {
+    make_hmac(data, data);
+});

fuzz/fuzz_targets/pbkdf2_function_f.rs

@@ -0,0 +1,34 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+extern crate orion;
+extern crate rand;
+
+use orion::pbkdf2::Pbkdf2;
+use orion::options::ShaVariantOption;
+use rand::prelude::*;
+
+
+// Testing PBKDF2's function_f with focus on random index value
+fn make_pbkdf2(ipad: &[u8], 
+                opad: &[u8], password: &[u8], salt: &[u8]) -> Vec<u8> {
+
+    let mut rng = rand::thread_rng();
+
+    let len = rng.gen_range(1, 137438953440);
+
+    let dk = Pbkdf2 {
+        password: password.to_vec(),
+        salt: salt.to_vec(),
+        iterations: 0,
+        length: len,
+        hmac: ShaVariantOption::SHA256
+    };
+
+    let index = rand::random::<u32>();
+
+    dk.function_f(index, ipad, opad)
+}
+
+fuzz_target!(|data: &[u8]| {
+    make_pbkdf2(data, data, data, data);
+});

src/pbkdf2.rs

@@ -121,7 +121,7 @@ impl Pbkdf2 {
     }
 
     /// Function F as described in the RFC.
-    fn function_f(&self, index: u32, ipad: &[u8], opad: &[u8]) -> Vec<u8> {
+    pub fn function_f(&self, index: u32, ipad: &[u8], opad: &[u8]) -> Vec<u8> {
 
         let mut salt_extended = self.salt.clone();
         let mut index_buffer = [0u8; 4];