1#!/bin/bash -eu 2# Copyright 2019 Google Inc. 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15# 16################################################################################ 17 18# TODO(metzman): Switch this to LIB_FUZZING_ENGINE when it works. 19# https://github.com/google/oss-fuzz/issues/2336 20 21export GO111MODULE=off 22 23if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] 24then 25 # Install nodejs/npm 26 # It is required for building noble-bls12-381 27 cd $SRC/ 28 tar Jxf node-v14.17.1-linux-x64.tar.xz 29 export PATH="$PATH:$SRC/node-v14.17.1-linux-x64/bin/" 30fi 31 32# Compile xxd 33$CC $SRC/xxd.c -o /usr/bin/xxd 34 35# Copy the upstream checkout of xxHash over the old version 36rm -rf $SRC/cryptofuzz/modules/reference/xxHash/ 37cp -R $SRC/xxHash/ $SRC/cryptofuzz/modules/reference/ 38 39# Install Boost headers 40cd $SRC/ 41tar jxf boost_1_74_0.tar.bz2 42cd boost_1_74_0/ 43CFLAGS="" CXXFLAGS="" ./bootstrap.sh 44CFLAGS="" CXXFLAGS="" ./b2 headers 45cp -R boost/ /usr/include/ 46 47export LINK_FLAGS="" 48export INCLUDE_PATH_FLAGS="" 49 50# Generate lookup tables. This only needs to be done once. 51cd $SRC/cryptofuzz 52python gen_repository.py 53 54go get golang.org/x/crypto/blake2b 55go get golang.org/x/crypto/blake2s 56go get golang.org/x/crypto/md4 57go get golang.org/x/crypto/ripemd160 58 59# This enables runtime checks for C++-specific undefined behaviour. 60export CXXFLAGS="$CXXFLAGS -D_GLIBCXX_DEBUG" 61 62export CXXFLAGS="$CXXFLAGS -I $SRC/cryptofuzz/fuzzing-headers/include" 63if [[ $CFLAGS = *sanitize=memory* ]] 64then 65 export CXXFLAGS="$CXXFLAGS -DMSAN" 66fi 67 68if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] 69then 70 # Compile libfuzzer-js (required for all JavaScript libraries) 71 export LIBFUZZER_A_PATH="$LIB_FUZZING_ENGINE" 72 cd $SRC/libfuzzer-js/ 73 make 74 export LIBFUZZER_JS_PATH=$(realpath .) 75 export LINK_FLAGS="$LINK_FLAGS $LIBFUZZER_JS_PATH/js.o $LIBFUZZER_JS_PATH/quickjs/libquickjs.a" 76 77 # Compile bn.js module 78 export BN_JS_PATH="$SRC/bn.js/lib/bn.js" 79 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BN_JS" 80 cd $SRC/cryptofuzz/modules/bn.js/ 81 make 82 83 # Compile bignumber.js module 84 export BIGNUMBER_JS_PATH="$SRC/bignumber.js/bignumber.js" 85 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BIGNUMBER_JS" 86 cd $SRC/cryptofuzz/modules/bignumber.js/ 87 make 88 89 export CRYPTO_JS_PATH="$SRC/crypto-js/" 90 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_CRYPTO_JS" 91 cd $SRC/cryptofuzz/modules/crypto-js/ 92 make 93fi 94 95# Compile NSS 96#if [[ $CFLAGS != *-m32* ]] 97#then 98# mkdir $SRC/nss-nspr 99# mv $SRC/nss $SRC/nss-nspr/ 100# mv $SRC/nspr $SRC/nss-nspr/ 101# cd $SRC/nss-nspr/ 102# 103# CXX="$CXX -stdlib=libc++" LDFLAGS="$CFLAGS" nss/build.sh --enable-fips --static --disable-tests --fuzz=oss 104# 105# export NSS_NSPR_PATH=$(realpath $SRC/nss-nspr/) 106# export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NSS" 107# export LINK_FLAGS="$LINK_FLAGS -lsqlite3" 108# 109# # Compile Cryptofuzz NSS module 110# cd $SRC/cryptofuzz/modules/nss 111# make -B 112#fi 113 114# Compile Monocypher 115cd $SRC/Monocypher/ 116make CC="$CC" CFLAGS="$CFLAGS" 117export LIBMONOCYPHER_A_PATH=$(realpath lib/libmonocypher.a) 118export MONOCYPHER_INCLUDE_PATH=$(realpath src/) 119export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MONOCYPHER" 120 121# Compile Cryptofuzz monocypher module 122cd $SRC/cryptofuzz/modules/monocypher 123make -B 124 125# Rename blake2b_* functions to avoid symbol collisions with other libraries 126cd $SRC/trezor-firmware/crypto 127sed -i "s/\<blake2b_\([A-Za-z_]\)/trezor_blake2b_\1/g" *.c *.h 128sed -i 's/\<blake2b(/trezor_blake2b(/g' *.c *.h 129 130# Compile Cryptofuzz trezor module 131export TREZOR_FIRMWARE_PATH=$(realpath $SRC/trezor-firmware) 132export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_TREZOR_FIRMWARE" 133cd $SRC/cryptofuzz/modules/trezor 134make -B 135 136# Compile libtomcrypt 137cd $SRC/libtomcrypt 138if [[ $CFLAGS != *sanitize=memory* ]] 139then 140 make -j$(nproc) 141 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBTOMCRYPT" 142 export LIBTOMCRYPT_INCLUDE_PATH=$(realpath src/headers/) 143 export LIBTOMCRYPT_A_PATH=$(realpath libtomcrypt.a) 144 145 # Compile Cryptofuzz libtomcrypt module 146 cd $SRC/cryptofuzz/modules/libtomcrypt 147 make -B 148fi 149 150## Build blst 151#cd $SRC/blst/ 152## Patch to disable assembly 153## This is to prevent false positives, see: 154## https://github.com/google/oss-fuzz/issues/5914 155#touch new_no_asm.h 156#echo "#if LIMB_T_BITS==32" >>new_no_asm.h 157#echo "typedef unsigned long long llimb_t;" >>new_no_asm.h 158#echo "#else" >>new_no_asm.h 159#echo "typedef __uint128_t llimb_t;" >>new_no_asm.h 160#echo "#endif" >>new_no_asm.h 161#cat src/no_asm.h >>new_no_asm.h 162#mv new_no_asm.h src/no_asm.h 163#CFLAGS="$CFLAGS -D__BLST_NO_ASM__ -D__BLST_PORTABLE__" ./build.sh 164#export BLST_LIBBLST_A_PATH=$(realpath libblst.a) 165#export BLST_INCLUDE_PATH=$(realpath bindings/) 166#export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BLST" 167# 168## Compile Cryptofuzz blst module 169#cd $SRC/cryptofuzz/modules/blst/ 170#make -B -j$(nproc) 171 172# Build libsecp256k1 173cd $SRC/secp256k1/ 174autoreconf -ivf 175export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_SECP256K1" 176if [[ $CFLAGS = *sanitize=memory* ]] 177then 178 ./configure --enable-static --disable-tests --disable-benchmark --disable-exhaustive-tests --enable-module-recovery --enable-experimental --enable-module-schnorrsig --enable-module-ecdh --with-asm=no 179else 180 ./configure --enable-static --disable-tests --disable-benchmark --disable-exhaustive-tests --enable-module-recovery --enable-experimental --enable-module-schnorrsig --enable-module-ecdh 181fi 182make 183export SECP256K1_INCLUDE_PATH=$(realpath .) 184export LIBSECP256K1_A_PATH=$(realpath .libs/libsecp256k1.a) 185 186# Compile Cryptofuzz libsecp256k1 module 187cd $SRC/cryptofuzz/modules/secp256k1/ 188make -B -j$(nproc) 189 190if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] 191then 192 # noble-secp256k1 193 cd $SRC/cryptofuzz/modules/noble-secp256k1/ 194 export NOBLE_SECP256K1_PATH="$SRC/noble-secp256k1/index.js" 195 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NOBLE_SECP256K1" 196 make -B 197 198 # noble-bls12-381 199 cd $SRC/noble-bls12-381/ 200 cp math.ts new_index.ts 201 $(awk '/^export/ {print "tail -n +"FNR+1" index.ts"; exit}' index.ts) >>new_index.ts 202 mv new_index.ts index.ts 203 npm install && npm run build 204 export NOBLE_BLS12_381_PATH=$(realpath index.js) 205 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NOBLE_BLS12_381" 206 cd $SRC/cryptofuzz/modules/noble-bls12-381/ 207 make -B 208 209 # noble-ed25519 210 cd $SRC/cryptofuzz/modules/noble-ed25519/ 211 export NOBLE_ED25519_PATH="$SRC/noble-ed25519/index.js" 212 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NOBLE_ED25519" 213 make -B 214fi 215 216## Compile SymCrypt 217#cd $SRC/SymCrypt/ 218#if [[ $CFLAGS != *sanitize=array-bounds* ]] 219#then 220# # Unittests don't build with clang and are not needed anyway 221# sed -i "s/^add_subdirectory(unittest)$//g" CMakeLists.txt 222# 223# mkdir b/ 224# cd b/ 225# cmake ../ 226# make -j$(nproc) 227# 228# export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_SYMCRYPT" 229# export SYMCRYPT_INCLUDE_PATH=$(realpath ../inc/) 230# export LIBSYMCRYPT_COMMON_A_PATH=$(realpath lib/x86_64/Generic/libsymcrypt_common.a) 231# export SYMCRYPT_GENERIC_A_PATH=$(realpath lib/x86_64/Generic/symcrypt_generic.a) 232# 233# # Compile Cryptofuzz SymCrypt module 234# cd $SRC/cryptofuzz/modules/symcrypt 235# make -B 236#fi 237 238# Compile libgmp 239if [[ $CFLAGS != *sanitize=memory* ]] 240then 241 cd $SRC/libgmp/ 242 autoreconf -ivf 243 if [[ $CFLAGS != *-m32* ]] 244 then 245 ./configure --enable-maintainer-mode 246 else 247 setarch i386 ./configure --enable-maintainer-mode 248 fi 249 make -j$(nproc) 250 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBGMP" 251 export LIBGMP_INCLUDE_PATH=$(realpath .) 252 export LIBGMP_A_PATH=$(realpath .libs/libgmp.a) 253 # Compile Cryptofuzz libgmp module 254 cd $SRC/cryptofuzz/modules/libgmp 255 make -B 256fi 257 258# Compile mpdecimal 259cd $SRC/ 260tar zxf mpdecimal-2.5.1.tar.gz 261cd mpdecimal-2.5.1/ 262./configure 263cd libmpdec/ 264make libmpdec.a -j$(nproc) 265cd ../ 266export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MPDECIMAL" 267export LIBMPDEC_A_PATH=$(realpath libmpdec/libmpdec.a) 268export LIBMPDEC_INCLUDE_PATH=$(realpath libmpdec/) 269# Compile Cryptofuzz mpdecimal module 270cd $SRC/cryptofuzz/modules/mpdecimal 271make -B 272 273# Compile Cityhash 274cd $SRC/cityhash 275if [[ $CFLAGS != *-m32* ]] 276then 277 CXXFLAGS="$CXXFLAGS -msse4.2" ./configure --disable-shared >/dev/null 2>&1 278else 279 ./configure --disable-shared >/dev/null 2>&1 280fi 281make -j$(nproc) >/dev/null 2>&1 282 283export CXXFLAGS="$CXXFLAGS -I$SRC/cityhash/src" 284export CRYPTOFUZZ_REFERENCE_CITY_O_PATH="$SRC/cityhash/src/city.o" 285 286############################################################################## 287# Compile cryptopp 288cd $SRC/cryptopp 289if [[ $CFLAGS != *sanitize=memory* ]] 290then 291 make libcryptopp.a -j$(nproc) >/dev/null 2>&1 292else 293 export CXXFLAGS="$CXXFLAGS -DCRYPTOPP_DISABLE_ASM=1" 294 make libcryptopp.a -j$(nproc) >/dev/null 2>&1 295fi 296 297export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_CRYPTOPP" 298export LIBCRYPTOPP_A_PATH="$SRC/cryptopp/libcryptopp.a" 299export CRYPTOPP_INCLUDE_PATH="$SRC/cryptopp" 300 301# Compile Cryptofuzz cryptopp module 302cd $SRC/cryptofuzz/modules/cryptopp 303make -B 304 305############################################################################## 306# Compile mbed TLS 307cd $SRC/mbedtls/ 308scripts/config.pl set MBEDTLS_PLATFORM_MEMORY 309scripts/config.pl set MBEDTLS_CMAC_C 310scripts/config.pl set MBEDTLS_NIST_KW_C 311scripts/config.pl set MBEDTLS_ARIA_C 312scripts/config.pl set MBEDTLS_MD2_C 313scripts/config.pl set MBEDTLS_MD4_C 314if [[ $CFLAGS == *sanitize=memory* ]] 315then 316 scripts/config.pl unset MBEDTLS_HAVE_ASM 317 scripts/config.pl unset MBEDTLS_PADLOCK_C 318 scripts/config.pl unset MBEDTLS_AESNI_C 319fi 320mkdir build/ 321cd build/ 322cmake .. -DENABLE_PROGRAMS=0 -DENABLE_TESTING=0 323make -j$(nproc) >/dev/null 2>&1 324export MBEDTLS_LIBMBEDCRYPTO_A_PATH="$SRC/mbedtls/build/library/libmbedcrypto.a" 325export MBEDTLS_INCLUDE_PATH="$SRC/mbedtls/include" 326export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MBEDTLS" 327# Compile Cryptofuzz mbed crypto module 328cd $SRC/cryptofuzz/modules/mbedtls 329make -B 330 331############################################################################## 332# Compile Botan 333cd $SRC/botan 334if [[ $CFLAGS != *-m32* ]] 335then 336 ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation 337else 338 ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation 339fi 340make -j$(nproc) 341 342export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN" 343export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" 344export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" 345 346# Compile Cryptofuzz Botan module 347cd $SRC/cryptofuzz/modules/botan 348make -B 349 350############################################################################## 351if [[ $CFLAGS != *sanitize=memory* ]] 352then 353 # Compile libgpg-error (dependency of libgcrypt) 354 cd $SRC/ 355 tar jxvf libgpg-error-1.36.tar.bz2 356 cd libgpg-error-1.36/ 357 if [[ $CFLAGS != *-m32* ]] 358 then 359 ./configure --enable-static 360 else 361 ./configure --enable-static --host=i386 362 fi 363 make -j$(nproc) >/dev/null 2>&1 364 make install 365 export LINK_FLAGS="$LINK_FLAGS $SRC/libgpg-error-1.36/src/.libs/libgpg-error.a" 366 367 # Compile libgcrypt 368 cd $SRC/libgcrypt 369 autoreconf -ivf 370 if [[ $CFLAGS = *-m32* ]] 371 then 372 ./configure --enable-static --disable-doc --host=i386 373 else 374 ./configure --enable-static --disable-doc 375 fi 376 make -j$(nproc) >/dev/null 2>&1 377 378 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBGCRYPT" 379 export LIBGCRYPT_A_PATH="$SRC/libgcrypt/src/.libs/libgcrypt.a" 380 export LIBGCRYPT_INCLUDE_PATH="$SRC/libgcrypt/src" 381 382 # Compile Cryptofuzz libgcrypt module 383 cd $SRC/cryptofuzz/modules/libgcrypt 384 make -B 385fi 386 387# Compile libsodium 388cd $SRC/libsodium 389autoreconf -ivf 390if [[ $CFLAGS != *sanitize=memory* ]] 391then 392 ./configure 393else 394 ./configure --disable-asm 395fi 396make -j$(nproc) >/dev/null 2>&1 397 398export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBSODIUM" 399export LIBSODIUM_A_PATH="$SRC/libsodium/src/libsodium/.libs/libsodium.a" 400export LIBSODIUM_INCLUDE_PATH="$SRC/libsodium/src/libsodium/include" 401 402# Compile Cryptofuzz libsodium module 403cd $SRC/cryptofuzz/modules/libsodium 404make -B 405 406if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] 407then 408 # Compile EverCrypt (with assembly) 409 cd $SRC/evercrypt/dist 410 make -C portable -j$(nproc) libevercrypt.a >/dev/null 2>&1 411 make -C kremlin/kremlib/dist/minimal -j$(nproc) >/dev/null 2>&1 412 413 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_EVERCRYPT" 414 export EVERCRYPT_A_PATH="$SRC/evercrypt/dist/portable/libevercrypt.a" 415 export KREMLIN_A_PATH="$SRC/evercrypt/dist/kremlin/kremlib/dist/minimal/*.o" 416 export EVERCRYPT_INCLUDE_PATH="$SRC/evercrypt/dist" 417 export KREMLIN_INCLUDE_PATH="$SRC/evercrypt/dist/kremlin/include" 418 export INCLUDE_PATH_FLAGS="$INCLUDE_PATH_FLAGS -I $EVERCRYPT_INCLUDE_PATH -I $KREMLIN_INCLUDE_PATH" 419 420 # Compile Cryptofuzz EverCrypt (with assembly) module 421 cd $SRC/cryptofuzz/modules/evercrypt 422 make -B 423fi 424 425############################################################################## 426# Compile Cryptofuzz reference (without assembly) module 427export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_REFERENCE" 428cd $SRC/cryptofuzz/modules/reference 429make -B 430 431############################################################################## 432# Compile Cryptofuzz Veracrypt (without assembly) module 433export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_VERACRYPT" 434cd $SRC/cryptofuzz/modules/veracrypt 435make -B 436 437############################################################################## 438# Compile Cryptofuzz Monero (without assembly) module 439export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MONERO" 440cd $SRC/cryptofuzz/modules/monero 441make -B 442 443############################################################################## 444# Compile Cryptofuzz Golang module 445if [[ $CFLAGS != *sanitize=memory* ]] 446then 447 export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_GOLANG" 448 cd $SRC/cryptofuzz/modules/golang 449 make -B 450fi 451 452#if [[ $CFLAGS != *-m32* ]] 453#then 454# # Compile Cryptofuzz (NSS-based) 455# cd $SRC/cryptofuzz 456# LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL $INCLUDE_PATH_FLAGS" make -B -j$(nproc) 457# 458# # Generate dictionary 459# ./generate_dict 460# 461# # Copy fuzzer 462# cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-nss 463# # Copy dictionary 464# cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-nss.dict 465# # Copy seed corpus 466# cp $SRC/cryptofuzz-corpora/libressl_latest.zip $OUT/cryptofuzz-nss_seed_corpus.zip 467# 468# rm $SRC/cryptofuzz/modules/nss/module.a 469# 470# CXXFLAGS=${CXXFLAGS//"-DCRYPTOFUZZ_NSS"/} 471# LINK_FLAGS=${LINK_FLAGS//"-lsqlite3"/} 472#fi 473 474if [[ $CFLAGS != *sanitize=memory* ]] 475then 476 # libtomcrypt can only be compiled with NSS, because OpenSSL, LibreSSL and 477 # BoringSSL have symbol collisions with libtomcrypt. 478 # 479 # So, now that NSS-based Cryptofuzz has been compiled, remove libtomcrypt 480 export CXXFLAGS=${CXXFLAGS/-DCRYPTOFUZZ_LIBTOMCRYPT/} 481 rm -rf "$LIBTOMCRYPT_A_PATH" 482fi 483 484############################################################################## 485# Compile wolfCrypt 486cd $SRC/wolfssl 487# Enable additional wolfCrypt features which cannot be activated through arguments to ./configure 488export CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" 489autoreconf -ivf 490 491export WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-rabbit --enable-aesccm --enable-aesctr --enable-hc128 --enable-xts --enable-des3 --enable-idea --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-shake256 --enable-curve25519 --enable-curve448 --disable-crypttests --disable-examples --enable-keygen --enable-compkey --enable-ed448 --enable-ed25519 --enable-ecccustcurves --enable-xchacha --enable-cryptocb --enable-eccencrypt" 492 493if [[ $CFLAGS = *sanitize=memory* ]] 494then 495 export WOLFCRYPT_CONFIGURE_PARAMS="$WOLFCRYPT_CONFIGURE_PARAMS -disable-asm" 496fi 497 498if [[ $CFLAGS = *-m32* ]] 499then 500 export WOLFCRYPT_CONFIGURE_PARAMS="$WOLFCRYPT_CONFIGURE_PARAMS -disable-fastmath" 501fi 502 503./configure $WOLFCRYPT_CONFIGURE_PARAMS 504make -j$(nproc) >/dev/null 2>&1 505 506export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_WOLFCRYPT" 507export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl/src/.libs/libwolfssl.a" 508export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl" 509 510# Compile Cryptofuzz wolfcrypt (without assembly) module 511cd $SRC/cryptofuzz/modules/wolfcrypt 512make -B 513 514 515############################################################################## 516if [[ $CFLAGS != *sanitize=memory* ]] 517then 518 # Compile LibreSSL (with assembly) 519 cd $SRC/libressl 520 rm -rf build ; mkdir build 521 cd build 522 if [[ $CFLAGS != *-m32* ]] 523 then 524 cmake -DCMAKE_C_COMPILER=$CC -DCMAKE_CXX_COMPILER=$CXX -DCMAKE_CXX_FLAGS="$CXXFLAGS" -DCMAKE_C_FLAGS="$CFLAGS" .. 525 else 526 setarch i386 cmake -DCMAKE_C_COMPILER=$CC -DCMAKE_CXX_COMPILER=$CXX -DCMAKE_CXX_FLAGS="$CXXFLAGS" -DCMAKE_C_FLAGS="$CFLAGS" .. 527 fi 528 make -j$(nproc) crypto >/dev/null 2>&1 529 530 # Compile Cryptofuzz LibreSSL (with assembly) module 531 cd $SRC/cryptofuzz/modules/openssl 532 OPENSSL_INCLUDE_PATH="$SRC/libressl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/libressl/build/crypto/libcrypto.a" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBRESSL" make -B 533 534 # Compile Cryptofuzz 535 cd $SRC/cryptofuzz 536 LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/libressl/include -DCRYPTOFUZZ_LIBRESSL $INCLUDE_PATH_FLAGS" make -B -j$(nproc) >/dev/null 2>&1 537 538 # Generate dictionary 539 ./generate_dict 540 541 # Copy fuzzer 542 cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-libressl 543 # Copy dictionary 544 cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-libressl.dict 545 # Copy seed corpus 546 cp $SRC/cryptofuzz-corpora/libressl_latest.zip $OUT/cryptofuzz-libressl_seed_corpus.zip 547fi 548 549if [[ $CFLAGS != *-m32* ]] 550then 551 # Compile LibreSSL (without assembly) 552 cd $SRC/libressl 553 rm -rf build ; mkdir build 554 cd build 555 cmake -DCMAKE_C_COMPILER=$CC -DCMAKE_CXX_COMPILER=$CXX -DCMAKE_CXX_FLAGS="$CXXFLAGS" -DCMAKE_C_FLAGS="$CFLAGS" -DENABLE_ASM=OFF .. 556 make -j$(nproc) crypto >/dev/null 2>&1 557 558 # Compile Cryptofuzz LibreSSL (without assembly) module 559 cd $SRC/cryptofuzz/modules/openssl 560 OPENSSL_INCLUDE_PATH="$SRC/libressl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/libressl/build/crypto/libcrypto.a" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBRESSL" make -B 561 562 # Compile Cryptofuzz 563 cd $SRC/cryptofuzz 564 LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/libressl/include -DCRYPTOFUZZ_LIBRESSL $INCLUDE_PATH_FLAGS" make -B -j$(nproc) >/dev/null 2>&1 565 566 # Generate dictionary 567 ./generate_dict 568 569 # Copy fuzzer 570 cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-libressl-noasm 571 # Copy dictionary 572 cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-libressl-noasm.dict 573 # Copy seed corpus 574 cp $SRC/cryptofuzz-corpora/libressl_latest.zip $OUT/cryptofuzz-libressl-noasm_seed_corpus.zip 575fi 576 577# OpenSSL can currently not be used together with wolfCrypt due to symbol collisions 578export SAVE_CXXFLAGS="$CXXFLAGS" 579export CXXFLAGS=${CXXFLAGS/-DCRYPTOFUZZ_WOLFCRYPT/} 580 581############################################################################## 582if [[ $CFLAGS != *sanitize=memory* ]] 583then 584 # Compile Openssl (with assembly) 585 cd $SRC/openssl 586 if [[ $CFLAGS != *-m32* ]] 587 then 588 ./config --debug enable-md2 enable-rc5 589 else 590 setarch i386 ./config --debug enable-md2 enable-rc5 591 fi 592 make -j$(nproc) >/dev/null 2>&1 593 594 # Compile Cryptofuzz OpenSSL (with assembly) module 595 cd $SRC/cryptofuzz/modules/openssl 596 OPENSSL_INCLUDE_PATH="$SRC/openssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/openssl/libcrypto.a" make -B 597 598 # Compile Cryptofuzz 599 cd $SRC/cryptofuzz 600 LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include $INCLUDE_PATH_FLAGS" make -B -j$(nproc) >/dev/null 2>&1 601 602 # Generate dictionary 603 ./generate_dict 604 605 # Copy fuzzer 606 cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-openssl 607 # Copy dictionary 608 cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-openssl.dict 609 # Copy seed corpus 610 cp $SRC/cryptofuzz-corpora/openssl_latest.zip $OUT/cryptofuzz-openssl_seed_corpus.zip 611fi 612 613############################################################################## 614# Compile Openssl (without assembly) 615cd $SRC/openssl 616if [[ $CFLAGS != *-m32* ]] 617then 618 ./config --debug no-asm enable-md2 enable-rc5 619else 620 setarch i386 ./config --debug no-asm enable-md2 enable-rc5 621fi 622make clean 623make -j$(nproc) >/dev/null 2>&1 624 625# Compile Cryptofuzz OpenSSL (without assembly) module 626cd $SRC/cryptofuzz/modules/openssl 627OPENSSL_INCLUDE_PATH="$SRC/openssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/openssl/libcrypto.a" make -B 628 629# Compile Cryptofuzz 630cd $SRC/cryptofuzz 631LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include $INCLUDE_PATH_FLAGS" make -B -j$(nproc) >/dev/null 2>&1 632 633# Generate dictionary 634./generate_dict 635 636# Copy fuzzer 637cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-openssl-noasm 638# Copy dictionary 639cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-openssl-noasm.dict 640# Copy seed corpus 641cp $SRC/cryptofuzz-corpora/openssl_latest.zip $OUT/cryptofuzz-openssl-noasm_seed_corpus.zip 642 643export CXXFLAGS="$SAVE_CXXFLAGS" 644 645############################################################################## 646if [[ $CFLAGS != *sanitize=memory* ]] 647then 648 # Compile BoringSSL (with assembly) 649 cd $SRC/boringssl 650 rm -rf build ; mkdir build 651 cd build 652 if [[ $CFLAGS = *-m32* ]] 653 then 654 setarch i386 cmake -DCMAKE_CXX_FLAGS="$CXXFLAGS" -DCMAKE_C_FLAGS="$CFLAGS" -DBORINGSSL_ALLOW_CXX_RUNTIME=1 -DCMAKE_ASM_FLAGS="-m32" .. 655 else 656 cmake -DCMAKE_CXX_FLAGS="$CXXFLAGS" -DCMAKE_C_FLAGS="$CFLAGS" -DBORINGSSL_ALLOW_CXX_RUNTIME=1 .. 657 fi 658 make -j$(nproc) crypto >/dev/null 2>&1 659 660 # Compile Cryptofuzz BoringSSL (with assembly) module 661 cd $SRC/cryptofuzz/modules/openssl 662 OPENSSL_INCLUDE_PATH="$SRC/boringssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/boringssl/build/crypto/libcrypto.a" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BORINGSSL" make -B 663 664 # Compile Cryptofuzz 665 cd $SRC/cryptofuzz 666 LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include $INCLUDE_PATH_FLAGS" make -B -j$(nproc) >/dev/null 2>&1 667 668 # Generate dictionary 669 ./generate_dict 670 671 # Copy fuzzer 672 cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-boringssl 673 # Copy dictionary 674 cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-boringssl.dict 675 # Copy seed corpus 676 cp $SRC/cryptofuzz-corpora/boringssl_latest.zip $OUT/cryptofuzz-boringssl_seed_corpus.zip 677fi 678 679############################################################################## 680# Compile BoringSSL (with assembly) 681cd $SRC/boringssl 682rm -rf build ; mkdir build 683cd build 684cmake -DCMAKE_CXX_FLAGS="$CXXFLAGS" -DCMAKE_C_FLAGS="$CFLAGS" -DBORINGSSL_ALLOW_CXX_RUNTIME=1 -DOPENSSL_NO_ASM=1 .. 685make -j$(nproc) crypto >/dev/null 2>&1 686 687# Compile Cryptofuzz BoringSSL (with assembly) module 688cd $SRC/cryptofuzz/modules/openssl 689OPENSSL_INCLUDE_PATH="$SRC/boringssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/boringssl/build/crypto/libcrypto.a" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BORINGSSL" make -B 690 691# Compile Cryptofuzz 692cd $SRC/cryptofuzz 693LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include $INCLUDE_PATH_FLAGS" make -B -j$(nproc) >/dev/null 2>&1 694 695# Generate dictionary 696./generate_dict 697 698# Copy fuzzer 699cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-boringssl-noasm 700# Copy dictionary 701cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-boringssl-noasm.dict 702# Copy seed corpus 703cp $SRC/cryptofuzz-corpora/boringssl_latest.zip $OUT/cryptofuzz-boringssl-noasm_seed_corpus.zip 704 705