test(fuzz): turn everything into esm

since coverage does not work as expected at all, we can use esm. So if jazzer at some point, add esm support for esm, we can easily add it

package.json

@@ -47,7 +47,7 @@
     "prepare": "npm run build",
     "test": "mocha --timeout 120000 test/unittests.js",
     "test-type-definitions": "node --loader ts-node/esm test/typescript/definitions.ts",
-    "fuzz": "jazzer test/fuzz/$TARGET.cjs -- -artifact_prefix=test/fuzz/reports/",
+    "fuzz": "jazzer test/fuzz/$TARGET -- -artifact_prefix=test/fuzz/reports/",
     "benchmark-time": "node test/benchmarks/time.js",
     "benchmark-memory-usage": "node test/benchmarks/memory_usage.js",
     "start": "http-server",

test/fuzz/createCleartextMessage.cjs

@@ -1,15 +0,0 @@
-const { FuzzedDataProvider } = require('@jazzer.js/core');
-
-const MAX_MESSAGE_LENGTH = 9000;
-/**
- * @param { Buffer } inputData
- */
-module.exports.fuzz = function(inputData) {
-  import('../initOpenpgp.js').then(openpgp => {
-    const data = new FuzzedDataProvider(inputData);
-    const text = data.bufToPrintableString(inputData, 2, MAX_MESSAGE_LENGTH, 'utf-8');
-    return openpgp.default.createCleartextMessage({ text });
-  });
-
-};
-

test/fuzz/createCleartextMessage.js

@@ -0,0 +1,15 @@
+import { FuzzedDataProvider } from '@jazzer.js/core';
+
+import openpgp from '../initOpenpgp.js';
+
+const MAX_MESSAGE_LENGTH = 9000;
+
+/**
+ * @param { Buffer } inputData
+ */
+export function fuzz (inputData) {
+  const data = new FuzzedDataProvider(inputData);
+  const text = data.bufToPrintableString(inputData, 2, MAX_MESSAGE_LENGTH, 'utf-8');
+  return openpgp.createCleartextMessage({ text });
+}
+

test/fuzz/createMessageBinary.cjs

@@ -1,9 +0,0 @@
-/**
- * @param { Buffer } inputData
- */
-module.exports.fuzz = function(inputData) {
-  import('../initOpenpgp.js').then(openpgp => {
-    return openpgp.default.createMessage({ binary: new Uint8Array(inputData) });
-  });
-};
-

test/fuzz/createMessageBinary.js

@@ -0,0 +1,9 @@
+import openpgp from '../initOpenpgp.js';
+
+/**
+ * @param { Buffer } inputData
+ */
+export function fuzz (inputData) {
+  return openpgp.createMessage({ binary: new Uint8Array(inputData) });
+}
+

test/fuzz/createMessageText.cjs

@@ -1,13 +0,0 @@
-const { FuzzedDataProvider } = require('@jazzer.js/core');
-
-const MAX_MESSAGE_LENGTH = 9000;
-
-/**
- * @param { Buffer } inputData
- */
-module.exports.fuzz = function(inputData) {
-  import('../initOpenpgp.js').then(openpgp => {
-    const data = new FuzzedDataProvider(inputData);
-    return openpgp.default.createMessage({ text: data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8') });
-  });
-};

test/fuzz/createMessageText.js

@@ -0,0 +1,13 @@
+import { FuzzedDataProvider } from '@jazzer.js/core';
+
+import openpgp from '../initOpenpgp.js';
+
+const MAX_MESSAGE_LENGTH = 9000;
+
+/**
+ * @param { Buffer } inputData
+ */
+export function fuzz (inputData) {
+  const data = new FuzzedDataProvider(inputData);
+  return openpgp.createMessage({ text: data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8') });
+}

test/fuzz/generateKey.cjs

@@ -1,25 +0,0 @@
-const { FuzzedDataProvider } = require('@jazzer.js/core');
-
-const MAX_NAME_LENGTH = 30;
-const MAX_COMMENT_LENGTH = 500;
-
-/**
- * @param { Buffer } inputData
- */
-module.exports.fuzz = function(inputData) {
-  import('../initOpenpgp.js').then(openpgp => {
-    const data = new FuzzedDataProvider(inputData);
-    const asciiString = data.consumeString(MAX_COMMENT_LENGTH);
-    const utf8String = data.consumeString(MAX_NAME_LENGTH, 'utf-8');
-
-    return openpgp.default.generateKey({ userIDs: [
-      { name: utf8String },
-      { email: utf8String },
-      { comment: asciiString },
-      { name: utf8String, email: utf8String, comment: asciiString }
-    ],
-    passphrase: asciiString,
-    format: 'object' });
-  });
-};
-

test/fuzz/generateKey.js

@@ -0,0 +1,26 @@
+import { FuzzedDataProvider } from '@jazzer.js/core';
+
+import openpgp from '../initOpenpgp.js';
+
+const MAX_NAME_LENGTH = 30;
+const MAX_COMMENT_LENGTH = 500;
+
+/**
+ * @param { Buffer } inputData
+ */
+export function fuzz (inputData) {
+
+  const data = new FuzzedDataProvider(inputData);
+  const asciiString = data.consumeString(MAX_COMMENT_LENGTH);
+  const utf8String = data.consumeString(MAX_NAME_LENGTH, 'utf-8');
+
+  return openpgp.generateKey({ userIDs: [
+    { name: utf8String },
+    { email: utf8String },
+    { comment: asciiString },
+    { name: utf8String, email: utf8String, comment: asciiString }
+  ],
+  passphrase: asciiString,
+  format: 'object' });
+}
+

test/fuzz/readKeyArmored.cjs

@@ -1,27 +0,0 @@
-const { FuzzedDataProvider } = require('@jazzer.js/core');
-
-const ignored = ['Misformed armored text'];
-const MAX_MESSAGE_LENGTH = 9000;
-
-function ignoredError(error) {
-  return ignored.some(message => error.message.includes(message));
-}
-
-/**
- * @param { Buffer } inputData
- */
-module.exports.fuzz = function(inputData) {
-  import('../initOpenpgp.js').then(openpgp => {
-    const data = new FuzzedDataProvider(inputData);
-    const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8');
-    const armoredKey = `-----BEGIN PGP PRIVATE KEY BLOCK----- ${fuzzedText} -----END PGP PRIVATE KEY BLOCK-----`;
-
-    return openpgp.default.readKey({ armoredKey })
-      .catch(error => {
-        if (error.message && !ignoredError(error)) {
-          throw error;
-        }
-      });
-  });
-};
-

test/fuzz/readKeyArmored.js

@@ -0,0 +1,28 @@
+import { FuzzedDataProvider } from '@jazzer.js/core';
+
+import openpgp from '../initOpenpgp.js';
+
+const ignored = ['Misformed armored text'];
+const MAX_MESSAGE_LENGTH = 9000;
+
+function ignoredError(error) {
+  return ignored.some(message => error.message.includes(message));
+}
+
+/**
+ * @param { Buffer } inputData
+ */
+export function fuzz (inputData) {
+
+  const data = new FuzzedDataProvider(inputData);
+  const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8');
+  const armoredKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----\n ${fuzzedText} -----END PGP PRIVATE KEY BLOCK-----`;
+
+  return openpgp.readKey({ armoredKey })
+    .catch(error => {
+      if (error.message && !ignoredError(error)) {
+        throw error;
+      }
+    });
+}
+

test/fuzz/readKeyBinary.cjs

@@ -1,22 +0,0 @@
-const ignored = ['This message / key probably does not conform to a valid OpenPGP format'];
-
-function ignoredError(error) {
-  return ignored.some(message => error.message.includes(message));
-}
-
-/**
- * @param { Buffer } inputData
- */
-module.exports.fuzz = function(inputData) {
-  import('../initOpenpgp.js').then(openpgp => {
-    const binaryKey = new Uint8Array(`-----BEGIN PGP PRIVATE KEY BLOCK----- ${inputData} -----END PGP PRIVATE KEY BLOCK-----`);
-
-    return openpgp.default.readKey({ binaryKey })
-      .catch(error => {
-        if (error.message && !ignoredError(error)) {
-          throw error;
-        }
-      });
-  });
-};
-

test/fuzz/readKeyBinary.js

@@ -0,0 +1,22 @@
+import openpgp from '../initOpenpgp.js';
+
+const ignored = ['This message / key probably does not conform to a valid OpenPGP format'];
+
+function ignoredError(error) {
+  return ignored.some(message => error.message.includes(message));
+}
+
+/**
+ * @param { Buffer } inputData
+ */
+export function fuzz (inputData) {
+  const binaryKey = new Uint8Array(`-----BEGIN PGP PRIVATE KEY BLOCK-----\n ${inputData.toString('base64')} -----END PGP PRIVATE KEY BLOCK-----`);
+
+  return openpgp.readKey({ binaryKey })
+    .catch(error => {
+      if (error.message && !ignoredError(error)) {
+        throw error;
+      }
+    });
+}
+

test/fuzz/readMessageBinary.cjs

@@ -1,22 +0,0 @@
-const ignored = ['This message / key probably does not conform to a valid OpenPGP format'];
-
-function ignoredError(error) {
-  return ignored.some(message => error.message.includes(message));
-}
-
-/**
- * @param { Buffer } inputData
- */
-module.exports.fuzz = function(inputData) {
-  import('../initOpenpgp.js').then(openpgp => {
-    const binaryMessage = new Uint8Array(`-----BEGIN PGP MESSAGE----- ${inputData} -----END PGP MESSAGE-----`);
-
-    return openpgp.default.readMessage({ binaryMessage })
-      .catch(error => {
-        if (error.message && !ignoredError(error)) {
-          throw error;
-        }
-      });
-  });
-};
-

test/fuzz/readMessageBinary.js

@@ -0,0 +1,22 @@
+import openpgp from '../initOpenpgp.js';
+
+const ignored = ['This message / key probably does not conform to a valid OpenPGP format'];
+
+function ignoredError(error) {
+  return ignored.some(message => error.message.includes(message));
+}
+
+/**
+ * @param { Buffer } inputData
+ */
+export function fuzz (inputData) {
+  const binaryMessage = new Uint8Array(`-----BEGIN PGP MESSAGE-----\n ${inputData.toString('base64')} -----END PGP MESSAGE-----`);
+
+  return openpgp.readMessage({ binaryMessage })
+    .catch(error => {
+      if (error.message && !ignoredError(error)) {
+        throw error;
+      }
+    });
+}
+

test/fuzz/readMessageText.cjs

@@ -1,27 +0,0 @@
-const { FuzzedDataProvider } = require('@jazzer.js/core');
-
-const ignored = ['Misformed armored text'];
-const MAX_MESSAGE_LENGTH = 9000;
-
-function ignoredError(error) {
-  return ignored.some(message => error.message.includes(message));
-}
-
-/**
- * @param { Buffer } inputData
- */
-module.exports.fuzz = function(inputData) {
-  import('../initOpenpgp.js').then(openpgp => {
-    const data = new FuzzedDataProvider(inputData);
-    const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8');
-    const armoredMessage = `-----BEGIN PGP MESSAGE----- ${fuzzedText} -----END PGP MESSAGE-----`;
-
-    return openpgp.default.readMessage({ armoredMessage })
-      .catch(error => {
-        if (error.message && !ignoredError(error)) {
-          throw error;
-        }
-      });
-  });
-};
-

test/fuzz/readMessageText.js

@@ -0,0 +1,27 @@
+import { FuzzedDataProvider } from '@jazzer.js/core';
+
+import openpgp from '../initOpenpgp.js';
+
+const ignored = ['Misformed armored text'];
+const MAX_MESSAGE_LENGTH = 9000;
+
+function ignoredError(error) {
+  return ignored.some(message => error.message.includes(message));
+}
+
+/**
+ * @param { Buffer } inputData
+ */
+export function fuzz (inputData) {
+  const data = new FuzzedDataProvider(inputData);
+  const fuzzedText = data.consumeString(MAX_MESSAGE_LENGTH, 'utf-8');
+  const armoredMessage = `-----BEGIN PGP MESSAGE-----\n ${fuzzedText} -----END PGP MESSAGE-----`;
+
+  return openpgp.readMessage({ armoredMessage })
+    .catch(error => {
+      if (error.message && !ignoredError(error)) {
+        throw error;
+      }
+    });
+}
+

test/fuzz/readme.md

@@ -11,14 +11,7 @@ To generate and run fuzz tests, we use the [Jazzer.js](https://github.com/CodeIn
 
 This directory contains fuzz targets like for example `createMessageBinary`.
 
-You can run this fuzz target without options:
-```sh
-npx jazzer test/fuzz/createMessageBinary.cjs
-```
-(You will notice the `.cjs` file ending. This is because jazzer does not support esm, yet)
-
-or with the given settings at your package.json:
-
+You can run this fuzz target:
 ```sh
 TARGET=createMessageBinary npm run fuzz
 ```
@@ -50,12 +43,12 @@ See further details in [Fuzzing using fuzz targets and the CLI](https://github.c
 
 ### Run limitations
 
-You can pass the `-max_total_time` flag to the internal fuzzing engine to stop the fuzzing run after 10 seconds.
+You can edit the npm command and pass the `-max_total_time` flag to the internal fuzzing engine to stop the fuzzing run after 10 seconds.
 ```sh
-npx jazzer test/fuzz/createMessageBinary.cjs -- -max_total_time=10
+jazzer test/fuzz/$TARGET -- -max_total_time=10
 ```
 
 Or you can limit the number of runs:
 ```sh
-npx jazzer test/fuzz/createMessageBinary.cjs -- -runs=4000000
+jazzer test/fuzz/$TARGET -- -runs=4000000
 ```