Hi all,
My project is Cryptofuzz (https://github.com/guidovranken/cryptofuzz) which uses differential fuzzing to find correctness bugs (and memory bugs as well) in popular cryptographic libraries.
It has bindings for Nettle and it tests many of the library's features: https://github.com/guidovranken/cryptofuzz/blob/master/modules/nettle/module...
I've been running this on Google's OSS-Fuzz ( https://github.com/google/oss-fuzz) for a while, and today it found a bug in the blowfish key setter function.
Niels and other maintainers (if any), if you would like to be notified by e-mail of bugs found by Cryptofuzz, please send me your e-mail address and I will add you to the project. The e-mail address needs to be linked to a Google account in order to access the dashboard at oss-fuzz.com.
Bug reproducer below:
------- #include <nettle/blowfish.h>
int main(void) { const unsigned char key[] = {0xec, 0x00, 0x3a, 0x06, 0x73, 0x61, 0x74, 0x20, 0x74, 0xab, 0xe2, 0xc6, 0x61, 0x8b, 0x98, 0x89}; struct blowfish_ctx ctx; blowfish_set_key(&ctx, sizeof(key), key); return 0; } -------
If you compile with Clang and -fsanitize=undefined, this will print:
blowfish.c:388:22: runtime error: left shift of 236 by 24 places cannot be represented in type 'int'
Explicit casting around the shifted values will fix this.