mirror of
https://github.com/elicpeter/nyx.git
synced 2026-07-15 21:11:02 +02:00
Dynamic (#77)
This commit is contained in:
parent
55247b7fcd
commit
991c84a1eb
1464 changed files with 225448 additions and 1985 deletions
12
tests/dynamic_fixtures/crypto/go/benign.go
Normal file
12
tests/dynamic_fixtures/crypto/go/benign.go
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
// Phase 11 (Track J.9) — Go CRYPTO benign control fixture.
|
||||
//
|
||||
// Uses crypto/rand.Read (a CSPRNG) for key derivation.
|
||||
package benign
|
||||
|
||||
import "crypto/rand"
|
||||
|
||||
func Run(_ string) []byte {
|
||||
buf := make([]byte, 32)
|
||||
_, _ = rand.Read(buf)
|
||||
return buf
|
||||
}
|
||||
27
tests/dynamic_fixtures/crypto/go/vuln.go
Normal file
27
tests/dynamic_fixtures/crypto/go/vuln.go
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
// Phase 11 (Track J.9) — Go CRYPTO vuln fixture.
|
||||
//
|
||||
// Models a config-driven crypto endpoint that picks the RNG based on
|
||||
// the request payload — `*_WEAK` routes through math/rand.Intn (a
|
||||
// non-CSPRNG, returning a 16-bit key) and `*_STRONG` routes through
|
||||
// crypto/rand.Read (a CSPRNG, returning the leading 63 bits of an 8-
|
||||
// byte read). This shape is needed by the differential runner: the
|
||||
// vuln-payload attempt and the benign-control attempt both load the
|
||||
// same fixture, and only the payload-routed weak branch trips the
|
||||
// `WeakKeyEntropy` predicate.
|
||||
package vuln
|
||||
|
||||
import (
|
||||
crand "crypto/rand"
|
||||
"encoding/binary"
|
||||
mrand "math/rand"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func Run(value string) int {
|
||||
if strings.Contains(value, "STRONG") {
|
||||
var buf [8]byte
|
||||
_, _ = crand.Read(buf[:])
|
||||
return int(binary.BigEndian.Uint64(buf[:]) >> 1)
|
||||
}
|
||||
return mrand.Intn(0x10000)
|
||||
}
|
||||
14
tests/dynamic_fixtures/crypto/java/benign.java
Normal file
14
tests/dynamic_fixtures/crypto/java/benign.java
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
// Phase 11 (Track J.9) — Java CRYPTO benign control fixture.
|
||||
//
|
||||
// Uses java.security.SecureRandom (a CSPRNG) for key derivation, so
|
||||
// the produced 256-bit key trivially exceeds the 16-bit weak budget.
|
||||
import java.security.SecureRandom;
|
||||
|
||||
public class Benign {
|
||||
public static byte[] run(String _unused) {
|
||||
SecureRandom r = new SecureRandom();
|
||||
byte[] key = new byte[32];
|
||||
r.nextBytes(key);
|
||||
return key;
|
||||
}
|
||||
}
|
||||
26
tests/dynamic_fixtures/crypto/java/vuln.java
Normal file
26
tests/dynamic_fixtures/crypto/java/vuln.java
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
// Phase 11 (Track J.9) — Java CRYPTO vuln fixture.
|
||||
//
|
||||
// Models a config-driven crypto endpoint that picks the RNG based on
|
||||
// the request payload — `*_WEAK` routes through `java.util.Random`
|
||||
// (a non-CSPRNG, seeded from the payload hash, returning a 16-bit
|
||||
// key) and `*_STRONG` routes through `java.security.SecureRandom`
|
||||
// (a CSPRNG, returning 32 bytes). This shape is needed by the
|
||||
// differential runner: the vuln-payload attempt and the benign-
|
||||
// control attempt both load the same fixture, and only the payload-
|
||||
// routed weak branch trips the `WeakKeyEntropy` predicate.
|
||||
import java.util.Random;
|
||||
import java.security.SecureRandom;
|
||||
|
||||
public class Vuln {
|
||||
public static byte[] run(String value) {
|
||||
if (value != null && value.contains("STRONG")) {
|
||||
byte[] key = new byte[32];
|
||||
new SecureRandom().nextBytes(key);
|
||||
return key;
|
||||
}
|
||||
Random r = new Random(value == null ? 0L : (long) value.hashCode());
|
||||
byte[] key = new byte[2];
|
||||
r.nextBytes(key);
|
||||
return key;
|
||||
}
|
||||
}
|
||||
7
tests/dynamic_fixtures/crypto/php/benign.php
Normal file
7
tests/dynamic_fixtures/crypto/php/benign.php
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
<?php
|
||||
// Phase 11 (Track J.9) — PHP CRYPTO benign control fixture.
|
||||
//
|
||||
// Uses `random_bytes(32)` (a CSPRNG) for key derivation.
|
||||
function run($_value) {
|
||||
return random_bytes(32);
|
||||
}
|
||||
17
tests/dynamic_fixtures/crypto/php/vuln.php
Normal file
17
tests/dynamic_fixtures/crypto/php/vuln.php
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
<?php
|
||||
// Phase 11 (Track J.9) — PHP CRYPTO vuln fixture.
|
||||
//
|
||||
// Models a config-driven crypto endpoint that picks the RNG based on
|
||||
// the request payload — `*_WEAK` routes through `mt_rand(0, 0xFFFF)`
|
||||
// (a non-CSPRNG) and `*_STRONG` routes through `random_bytes(32)`
|
||||
// (a CSPRNG). This shape is needed by the differential runner: the
|
||||
// vuln-payload attempt and the benign-control attempt both load the
|
||||
// same fixture, and only the payload-routed weak branch trips the
|
||||
// `WeakKeyEntropy` predicate.
|
||||
function run($value) {
|
||||
$s = is_string($value) ? $value : strval($value);
|
||||
if (strpos($s, "STRONG") !== false) {
|
||||
return random_bytes(32);
|
||||
}
|
||||
return mt_rand(0, 0xFFFF);
|
||||
}
|
||||
9
tests/dynamic_fixtures/crypto/python/benign.py
Normal file
9
tests/dynamic_fixtures/crypto/python/benign.py
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
# Phase 11 (Track J.9) — Python CRYPTO benign control fixture.
|
||||
#
|
||||
# Uses `secrets.token_bytes(32)` (a CSPRNG) so the produced key
|
||||
# trivially exceeds the weak budget.
|
||||
import secrets
|
||||
|
||||
|
||||
def run(_value):
|
||||
return secrets.token_bytes(32)
|
||||
23
tests/dynamic_fixtures/crypto/python/vuln.py
Normal file
23
tests/dynamic_fixtures/crypto/python/vuln.py
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
# Phase 11 (Track J.9) — Python CRYPTO vuln fixture.
|
||||
#
|
||||
# Models a config-driven crypto endpoint that picks the RNG based on
|
||||
# the request payload — `*_WEAK` routes through `random.randint(0, 0xFFFF)`
|
||||
# (a non-CSPRNG) and `*_STRONG` routes through `secrets.token_bytes(32)`
|
||||
# (a CSPRNG). This shape is needed by the differential runner: the
|
||||
# vuln-payload attempt and the benign-control attempt both load the same
|
||||
# fixture, and only the payload-routed weak branch trips the
|
||||
# `WeakKeyEntropy` predicate. Real-world analogue: a JWT-signing or
|
||||
# session-token endpoint that exposes an `algorithm`/`key_strength`
|
||||
# knob whose weak setting falls back to a non-CSPRNG seed.
|
||||
import random
|
||||
import secrets
|
||||
|
||||
|
||||
def run(value):
|
||||
if isinstance(value, (bytes, bytearray)):
|
||||
value = value.decode("utf-8", "replace")
|
||||
elif not isinstance(value, str):
|
||||
value = str(value)
|
||||
if "STRONG" in value:
|
||||
return secrets.token_bytes(32)
|
||||
return random.randint(0, 0xFFFF)
|
||||
11
tests/dynamic_fixtures/crypto/rust/benign.rs
Normal file
11
tests/dynamic_fixtures/crypto/rust/benign.rs
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
// Phase 11 (Track J.9) — Rust CRYPTO benign control fixture.
|
||||
//
|
||||
// Uses `rand::rngs::OsRng` (a CSPRNG) for key derivation.
|
||||
use rand::rngs::OsRng;
|
||||
use rand::RngCore;
|
||||
|
||||
pub fn run(_value: &str) -> [u8; 32] {
|
||||
let mut key = [0u8; 32];
|
||||
OsRng.fill_bytes(&mut key);
|
||||
key
|
||||
}
|
||||
27
tests/dynamic_fixtures/crypto/rust/vuln.rs
Normal file
27
tests/dynamic_fixtures/crypto/rust/vuln.rs
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
// Phase 11 (Track J.9) — Rust CRYPTO vuln fixture.
|
||||
//
|
||||
// Models a config-driven crypto endpoint that picks the RNG based on
|
||||
// the request payload — `*_WEAK` routes through `rand::thread_rng`
|
||||
// truncated to 16 bits (a non-CSPRNG configuration) and `*_STRONG`
|
||||
// routes through `rand::rngs::OsRng` (a CSPRNG). Both branches return
|
||||
// `[u8; 8]` so the harness's `NyxKeyToInt` reducer treats them
|
||||
// uniformly. The weak branch zero-pads the 16-bit value into the low
|
||||
// two bytes, leaving `nyx_bytes_to_key_int` to read it back as a small
|
||||
// big-endian `u64` that trips the `WeakKeyEntropy` predicate; the
|
||||
// strong branch fills all eight bytes from the CSPRNG so the reduced
|
||||
// `u64` overshoots the 16-bit budget.
|
||||
use rand::Rng;
|
||||
use rand::RngCore;
|
||||
use rand::rngs::OsRng;
|
||||
|
||||
pub fn run(value: &str) -> [u8; 8] {
|
||||
let mut key = [0u8; 8];
|
||||
if value.contains("STRONG") {
|
||||
OsRng.fill_bytes(&mut key);
|
||||
} else {
|
||||
let weak = rand::thread_rng().gen_range(0..=0xFFFFu16);
|
||||
key[6] = (weak >> 8) as u8;
|
||||
key[7] = (weak & 0xFF) as u8;
|
||||
}
|
||||
key
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue