[Cryptofuzz] Several updates (#4715)

* [cryptofuzz] Add trezor

* [cryptofuzz] Disable SymCrypt UBSAN build

* [cryptofuzz] wolfCrypt: Enable cryptocb

* [cryptofuzz] wolfCrypt: Enable ECIES

* [cryptofuzz] Fix symbol collision

2 files changed, 14 insertions, 2 deletions

diff --git a/projects/cryptofuzz/Dockerfile b/projects/cryptofuzz/Dockerfile
index 94b03c2c..4d4db367 100644
--- a/projects/cryptofuzz/Dockerfile
+++ b/projects/cryptofuzz/Dockerfile
@@ -56,6 +56,7 @@ RUN git clone --depth 1 https://github.com/MikeMcl/bignumber.js.git
 RUN git clone --depth 1 https://github.com/guidovranken/libfuzzer-js.git
 RUN git clone --depth 1 https://github.com/brix/crypto-js.git
 RUN git clone --depth 1 https://github.com/LoupVaillant/Monocypher.git
+RUN git clone --depth 1 https://github.com/trezor/trezor-firmware.git
 RUN apt-get remove -y libunwind8
 RUN apt-get install -y libssl-dev
 RUN wget https://dl.bintray.com/boostorg/release/1.74.0/source/boost_1_74_0.tar.bz2
diff --git a/projects/cryptofuzz/build.sh b/projects/cryptofuzz/build.sh
index d5d3c6a1..b99caf49 100755
--- a/projects/cryptofuzz/build.sh
+++ b/projects/cryptofuzz/build.sh
@@ -128,6 +128,17 @@ export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MONOCYPHER"
 cd $SRC/cryptofuzz/modules/monocypher
 make -B
 
+# Rename blake2b_* functions to avoid symbol collisions with other libraries
+cd $SRC/trezor-firmware/crypto
+sed -i "s/\<blake2b_\([A-Za-z_]\)/trezor_blake2b_\1/g" *.c *.h
+sed -i 's/\<blake2b(/trezor_blake2b(/g' *.c *.h
+
+# Compile Cryptofuzz trezor module
+export TREZOR_FIRMWARE_PATH=$(realpath $SRC/trezor-firmware)
+export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_TREZOR_FIRMWARE"
+cd $SRC/cryptofuzz/modules/trezor
+make -B
+
 # Compile libtomcrypt
 cd $SRC/libtomcrypt
 if [[ $CFLAGS != *sanitize=memory* ]]
@@ -144,7 +155,7 @@ fi
 
 # Compile SymCrypt
 cd $SRC/SymCrypt/
-if [[ $CFLAGS != *sanitize=undefined* ]]
+if [[ $CFLAGS != *sanitize=array-bounds* ]]
 then
     # Unittests don't build with clang and are not needed anyway
     sed -i "s/^add_subdirectory(unittest)$//g" CMakeLists.txt
@@ -442,7 +453,7 @@ cd $SRC/wolfssl
 export CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K"
 autoreconf -ivf
 
-export WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-rabbit --enable-aesccm --enable-aesctr --enable-hc128 --enable-xts --enable-des3 --enable-idea --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-shake256 --enable-curve25519 --enable-curve448 --disable-crypttests --disable-examples --enable-keygen --enable-compkey --enable-ed448 --enable-ed25519 --enable-ecccustcurves --enable-xchacha"
+export WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-rabbit --enable-aesccm --enable-aesctr --enable-hc128 --enable-xts --enable-des3 --enable-idea --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-shake256 --enable-curve25519 --enable-curve448 --disable-crypttests --disable-examples --enable-keygen --enable-compkey --enable-ed448 --enable-ed25519 --enable-ecccustcurves --enable-xchacha --enable-cryptocb --enable-eccencrypt"
 
 if [[ $CFLAGS = *sanitize=memory* ]]
 then