Skip to content

fuzz-tests: Add differential test for HMAC-SHA256 #8185

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

fuzz-tests: Add differential test for HMAC-SHA256 #8185

wants to merge 2 commits into from

Conversation

Chand-ra
Copy link

Add a differential fuzz test for HMAC-SHA256, similar to those
for SHA256 and RIPEMD160, to verify CCAN’s implementation
against OpenSSL’s.

cdecker
cdecker reviewed Mar 30, 2025
View reviewed changes
Makefile Outdated
@@ -283,7 +283,7 @@ ifeq ($(STATIC),1)
# But that doesn't static link.
LDLIBS = -L$(CPATH) -Wl,-dn $(SQLITE3_LDLIBS) -Wl,-dy -lm -lpthread -ldl $(COVFLAGS)
else
LDLIBS = -L$(CPATH) -lm $(SQLITE3_LDLIBS) $(COVFLAGS)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question for the linker experts: does this end up linking CLN against openssl in release builds? If yes, we should reduce the linker arg changes to just impact the fuzz testing.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question for the linker experts: does this end up linking CLN against openssl in release builds? If yes, we should reduce the linker arg changes to just impact the fuzz testing.

You're right, that's an error on my part. I should've instead added this line in tests/fuzz/Makefile:
tests/fuzz/fuzz-hmac-sha256: LDLIBS += -lcrypto

which is similar to the linking routine for SHA256 and RIPEMD160 fuzz tests. I'll add this change in the next push.

@Chand-ra
Copy link
Author

Chand-ra commented Apr 16, 2025
edited
Loading

CC: @morehouse

Chandra Pratap added 2 commits April 16, 2025 12:00
fuzz-tests: Add differential test for HMAC-SHA256
3cb26fd 
Changelog-None: Add a differential fuzz test for
HMAC-SHA256, similar to those for SHA256 and RIPEMD160,
to verify CCAN’s implementation against OpenSSL’s.
fuzz-tests: Add a seed corpus for the new test
9f4a59e 
Add a minimal input set as a seed corpus for the newly introduced
test. This leads to discovery of interesting code paths faster.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cdecker cdecker cdecker left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Chand-ra @cdecker