CSRF protection using HMAC-signed state tokens (RFC 5869, RFC 2104)
fix(lint): add gen_corpus.ml and runtest rules to 5 fuzz directories
E718: Add gen_corpus.ml to ocaml-crypto, ocaml-csrf, ocaml-git,
ocaml-github-oauth, ocaml-gpt
E724: Add (rule (alias runtest) ...) for property-based testing
+29
-1
+13
-1
fuzz/dune
+13
-1
fuzz/dune
···
2
2
3
3
(executable
4
4
(name fuzz_csrf)
5
+
(modules fuzz_csrf)
5
6
(libraries csrf crowbar crypto-rng.unix))
6
7
8
+
(executable
9
+
(name gen_corpus)
10
+
(modules gen_corpus)
11
+
(libraries unix))
12
+
7
13
(rule
8
-
(alias fuzz)
14
+
(alias runtest)
9
15
(deps fuzz_csrf.exe)
10
16
(action
11
17
(run %{exe:fuzz_csrf.exe})))
18
+
19
+
(rule
20
+
(alias fuzz)
21
+
(deps fuzz_csrf.exe)
22
+
(action
23
+
(echo "AFL fuzzer built: %{exe:fuzz_csrf.exe}\n")))
+16
fuzz/gen_corpus.ml
+16
fuzz/gen_corpus.ml
···
1
+
(** Generate seed corpus for fuzz testing. *)
2
+
3
+
let () =
4
+
(try Unix.mkdir "corpus" 0o755
5
+
with Unix.Unix_error (Unix.EEXIST, _, _) -> ());
6
+
let write name data =
7
+
let oc = open_out_bin (Filename.concat "corpus" name) in
8
+
output_string oc data;
9
+
close_out oc
10
+
in
11
+
write "seed_000" "secret-key";
12
+
write "seed_001" "csrf-state-value";
13
+
write "seed_002" "";
14
+
write "seed_003" (String.make 64 'A');
15
+
write "seed_004" "key\x00with\x00nulls";
16
+
write "seed_005" (String.init 32 (fun i -> Char.chr (i + 65)))