X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=fuzz%2Fasn1.c;h=83a1e7ae6c9254986a2f2e79e5ebe9c8fcdcd5bf;hp=c45fd7932832fb8c1ee9c39f699c881cc5dc64b6;hb=705a27f7e07c006b167b59070ff635a61f8e0407;hpb=b534df96c99b7f6103188005a688944645e2ec7b diff --git a/fuzz/asn1.c b/fuzz/asn1.c index c45fd79328..83a1e7ae6c 100644 --- a/fuzz/asn1.c +++ b/fuzz/asn1.c @@ -1,7 +1,7 @@ /* * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. * - * Licensed under the OpenSSL licenses, (the "License"); + * Licensed under the Apache License 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * https://www.openssl.org/source/license.html @@ -29,12 +29,12 @@ #include #include #include +#include +#include +#include #include "fuzzer.h" -#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -extern int rand_predictable; -#endif -#define ENTROPY_NEEDED 32 +#include "rand.inc" static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(ACCESS_DESCRIPTION), @@ -106,7 +106,7 @@ static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(IPAddressRange), #endif ASN1_ITEM_ref(ISSUING_DIST_POINT), -#if OPENSSL_API_COMPAT < 0x10200000L +#if !OPENSSL_API_3 ASN1_ITEM_ref(LONG), #endif ASN1_ITEM_ref(NAME_CONSTRAINTS), @@ -168,7 +168,6 @@ static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(RSAPublicKey), ASN1_ITEM_ref(SXNET), ASN1_ITEM_ref(SXNETID), - /*ASN1_ITEM_ref(TS_RESP), want to do this, but type is hidden, however d2i exists... */ ASN1_ITEM_ref(USERNOTICE), ASN1_ITEM_ref(X509), ASN1_ITEM_ref(X509_ALGOR), @@ -188,7 +187,7 @@ static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(X509_REVOKED), ASN1_ITEM_ref(X509_SIG), ASN1_ITEM_ref(X509_VAL), -#if OPENSSL_API_COMPAT < 0x10200000L +#if !OPENSSL_API_3 ASN1_ITEM_ref(ZLONG), #endif ASN1_ITEM_ref(INT32), @@ -204,6 +203,73 @@ static ASN1_ITEM_EXP *item_type[] = { static ASN1_PCTX *pctx; +#define DO_TEST(TYPE, D2I, I2D, PRINT) { \ + const unsigned char *p = buf; \ + unsigned char *der = NULL; \ + TYPE *type = D2I(NULL, &p, len); \ + \ + if (type != NULL) { \ + int len2; \ + BIO *bio = BIO_new(BIO_s_null()); \ + \ + PRINT(bio, type); \ + BIO_free(bio); \ + len2 = I2D(type, &der); \ + if (len2 != 0) {} \ + OPENSSL_free(der); \ + TYPE ## _free(type); \ + } \ +} + +#define DO_TEST_PRINT_OFFSET(TYPE, D2I, I2D, PRINT) { \ + const unsigned char *p = buf; \ + unsigned char *der = NULL; \ + TYPE *type = D2I(NULL, &p, len); \ + \ + if (type != NULL) { \ + BIO *bio = BIO_new(BIO_s_null()); \ + \ + PRINT(bio, type, 0); \ + BIO_free(bio); \ + I2D(type, &der); \ + OPENSSL_free(der); \ + TYPE ## _free(type); \ + } \ +} + +#define DO_TEST_PRINT_PCTX(TYPE, D2I, I2D, PRINT) { \ + const unsigned char *p = buf; \ + unsigned char *der = NULL; \ + TYPE *type = D2I(NULL, &p, len); \ + \ + if (type != NULL) { \ + BIO *bio = BIO_new(BIO_s_null()); \ + \ + PRINT(bio, type, 0, pctx); \ + BIO_free(bio); \ + I2D(type, &der); \ + OPENSSL_free(der); \ + TYPE ## _free(type); \ + } \ +} + + +#define DO_TEST_NO_PRINT(TYPE, D2I, I2D) { \ + const unsigned char *p = buf; \ + unsigned char *der = NULL; \ + TYPE *type = D2I(NULL, &p, len); \ + \ + if (type != NULL) { \ + BIO *bio = BIO_new(BIO_s_null()); \ + \ + BIO_free(bio); \ + I2D(type, &der); \ + OPENSSL_free(der); \ + TYPE ## _free(type); \ + } \ +} + + int FuzzerInitialize(int *argc, char ***argv) { pctx = ASN1_PCTX_new(); @@ -214,14 +280,10 @@ int FuzzerInitialize(int *argc, char ***argv) ASN1_STRFLGS_SHOW_TYPE | ASN1_STRFLGS_DUMP_ALL); OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); ERR_get_state(); CRYPTO_free_ex_index(0, -1); - RAND_add("", 1, ENTROPY_NEEDED); - RAND_status(); - -#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - rand_predictable = 1; -#endif + FuzzerSetRand(); return 1; } @@ -239,16 +301,46 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) if (o != NULL) { BIO *bio = BIO_new(BIO_s_null()); + ASN1_item_print(bio, o, 4, i, pctx); BIO_free(bio); - ASN1_item_i2d(o, &der, i); OPENSSL_free(der); - ASN1_item_free(o, i); } } +#ifndef OPENSSL_NO_TS + DO_TEST(TS_REQ, d2i_TS_REQ, i2d_TS_REQ, TS_REQ_print_bio); + DO_TEST(TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, TS_MSG_IMPRINT_print_bio); + DO_TEST(TS_RESP, d2i_TS_RESP, i2d_TS_RESP, TS_RESP_print_bio); + DO_TEST(TS_STATUS_INFO, d2i_TS_STATUS_INFO, i2d_TS_STATUS_INFO, TS_STATUS_INFO_print_bio); + DO_TEST(TS_TST_INFO, d2i_TS_TST_INFO, i2d_TS_TST_INFO, TS_TST_INFO_print_bio); + DO_TEST_NO_PRINT(TS_ACCURACY, d2i_TS_ACCURACY, i2d_TS_ACCURACY); + DO_TEST_NO_PRINT(ESS_ISSUER_SERIAL, d2i_ESS_ISSUER_SERIAL, i2d_ESS_ISSUER_SERIAL); + DO_TEST_NO_PRINT(ESS_CERT_ID, d2i_ESS_CERT_ID, i2d_ESS_CERT_ID); + DO_TEST_NO_PRINT(ESS_SIGNING_CERT, d2i_ESS_SIGNING_CERT, i2d_ESS_SIGNING_CERT); +#endif +#ifndef OPENSSL_NO_DH + DO_TEST(DH, d2i_DHparams, i2d_DHparams, DHparams_print); + DO_TEST(DH, d2i_DHxparams, i2d_DHxparams, DHparams_print); +#endif +#ifndef OPENSSL_NO_DSA + DO_TEST_NO_PRINT(DSA_SIG, d2i_DSA_SIG, i2d_DSA_SIG); + DO_TEST_PRINT_OFFSET(DSA, d2i_DSAPrivateKey, i2d_DSAPrivateKey, DSA_print); + DO_TEST_PRINT_OFFSET(DSA, d2i_DSAPublicKey, i2d_DSAPublicKey, DSA_print); + DO_TEST(DSA, d2i_DSAparams, i2d_DSAparams, DSAparams_print); +#endif + DO_TEST_PRINT_OFFSET(RSA, d2i_RSAPublicKey, i2d_RSAPublicKey, RSA_print); +#ifndef OPENSSL_NO_EC + DO_TEST_PRINT_OFFSET(EC_GROUP, d2i_ECPKParameters, i2d_ECPKParameters, ECPKParameters_print); + DO_TEST_PRINT_OFFSET(EC_KEY, d2i_ECPrivateKey, i2d_ECPrivateKey, EC_KEY_print); + DO_TEST(EC_KEY, d2i_ECParameters, i2d_ECParameters, ECParameters_print); + DO_TEST_NO_PRINT(ECDSA_SIG, d2i_ECDSA_SIG, i2d_ECDSA_SIG); +#endif + DO_TEST_PRINT_PCTX(EVP_PKEY, d2i_AutoPrivateKey, i2d_PrivateKey, EVP_PKEY_print_private); + DO_TEST(SSL_SESSION, d2i_SSL_SESSION, i2d_SSL_SESSION, SSL_SESSION_print); + ERR_clear_error(); return 0;