Update X509 fuzzer to verify a chain

It add supports for verifying that it's been signed by a CA, and
checks the CRL and OCSP status

Can find CVE-2022-4203 and CVE-2023-0286

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20243)

(cherry picked from commit 399c2da08ab9c6a382f8e9950742a022e847fec0)

diff --git a/fuzz/build.info b/fuzz/build.info
index 7ba41a7a6ebdbf6fca7e570546503d5efeec8b23..890704fbfe7e836eed92712c898b7755f6bbb4db 100644 (file)
--- a/fuzz/build.info
+++ b/fuzz/build.info
@@ -9,7 +9,7 @@
 -}
 
 IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
-  PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server x509
+  PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server
   PROGRAMS{noinst}=punycode
 
   IF[{- !$disabled{"cmp"} -}]
@@ -24,6 +24,10 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
     PROGRAMS{noinst}=ct
   ENDIF
 
+  IF[{- !$disabled{"ocsp"} -}]
+    PROGRAMS{noinst}=x509
+  ENDIF
+
   SOURCE[asn1]=asn1.c driver.c fuzz_rand.c
   INCLUDE[asn1]=../include {- $ex_inc -}
   DEPEND[asn1]=../libcrypto ../libssl {- $ex_lib -}
@@ -78,7 +82,7 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
 ENDIF
 
 IF[{- !$disabled{tests} -}]
-  PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test x509-test
+  PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test
   PROGRAMS{noinst}=punycode-test
 
   IF[{- !$disabled{"cmp"} -}]
@@ -93,6 +97,10 @@ IF[{- !$disabled{tests} -}]
     PROGRAMS{noinst}=ct-test
   ENDIF
 
+  IF[{- !$disabled{"ocsp"} -}]
+    PROGRAMS{noinst}=x509-test
+  ENDIF
+
   SOURCE[asn1-test]=asn1.c test-corpus.c fuzz_rand.c
   INCLUDE[asn1-test]=../include
   DEPEND[asn1-test]=../libcrypto ../libssl

diff --git a/fuzz/x509.c b/fuzz/x509.c
index 78061d176af792f85d6174cec889caea57e6b74b..6293f1a5c547a55f2ef05b2cfcea326d8cbe4ef4 100644 (file)
--- a/fuzz/x509.c
+++ b/fuzz/x509.c
@@ -9,6 +9,7 @@
  */
 
 #include <openssl/x509.h>
+#include <openssl/ocsp.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
@@ -17,31 +18,131 @@
 int FuzzerInitialize(int *argc, char ***argv)
 {
     FuzzerSetRand();
-    OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
+    OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS
+       | OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
     ERR_clear_error();
     CRYPTO_free_ex_index(0, -1);
     return 1;
 }
 
+static int cb(int ok, X509_STORE_CTX *ctx)
+{
+    return 1;
+}
+
 int FuzzerTestOneInput(const uint8_t *buf, size_t len)
 {
     const unsigned char *p = buf;
+    size_t orig_len = len;
     unsigned char *der = NULL;
+    BIO *bio = NULL;
+    X509 *x509_1 = NULL, *x509_2 = NULL;
+    X509_STORE *store = NULL;
+    X509_VERIFY_PARAM *param = NULL;
+    X509_STORE_CTX *ctx = NULL;
+    X509_CRL *crl = NULL;
+    STACK_OF(X509_CRL) *crls = NULL;
+    STACK_OF(X509) *certs = NULL;
+    OCSP_RESPONSE *resp = NULL;
+    OCSP_BASICRESP *bs = NULL;
+    OCSP_CERTID *id = NULL;
+
+    x509_1 = d2i_X509(NULL, &p, len);
+    if (x509_1 == NULL)
+        goto err;
+
+    bio = BIO_new(BIO_s_null());
+    if (bio == NULL)
+        goto err;
+
+    /* This will load and print the public key as well as extensions */
+    X509_print(bio, x509_1);
+    BIO_free(bio);
+
+    X509_issuer_and_serial_hash(x509_1);
+
+    i2d_X509(x509_1, &der);
+    OPENSSL_free(der);
+
+    len = orig_len - (p - buf);
+    x509_2 = d2i_X509(NULL, &p, len);
+    if (x509_2 == NULL)
+        goto err;
+
+    len = orig_len - (p - buf);
+    crl = d2i_X509_CRL(NULL, &p, len);
+    if (crl == NULL)
+        goto err;
+
+    len = orig_len - (p - buf);
+    resp = d2i_OCSP_RESPONSE(NULL, &p, len);
+
+    store = X509_STORE_new();
+    X509_STORE_add_cert(store, x509_2);
 
-    X509 *x509 = d2i_X509(NULL, &p, len);
-    if (x509 != NULL) {
-        BIO *bio = BIO_new(BIO_s_null());
-        /* This will load and print the public key as well as extensions */
-        X509_print(bio, x509);
-        BIO_free(bio);
+    param = X509_VERIFY_PARAM_new();
+    X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_NO_CHECK_TIME);
+    X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_X509_STRICT);
+    X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_PARTIAL_CHAIN);
+    X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
 
-        X509_issuer_and_serial_hash(x509);
+    X509_STORE_set1_param(store, param);
 
-        i2d_X509(x509, &der);
-        OPENSSL_free(der);
+    X509_STORE_set_verify_cb(store, cb);
 
-        X509_free(x509);
+    ctx = X509_STORE_CTX_new();
+    if (ctx == NULL)
+        goto err;
+
+    X509_STORE_CTX_init(ctx, store, x509_1, NULL);
+
+    if (crl != NULL) {
+        crls = sk_X509_CRL_new_null();
+        if (crls == NULL)
+            goto err;
+
+        sk_X509_CRL_push(crls, crl);
+        X509_STORE_CTX_set0_crls(ctx, crls);
     }
+
+    X509_verify_cert(ctx);
+
+    if (resp != NULL)
+        bs = OCSP_response_get1_basic(resp);
+
+    if (bs != NULL) {
+        int status, reason;
+        ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd;
+
+        certs = sk_X509_new_null();
+        if (certs == NULL)
+            goto err;
+
+        sk_X509_push(certs, x509_1);
+        sk_X509_push(certs, x509_2);
+
+        OCSP_basic_verify(bs, certs, store, OCSP_PARTIAL_CHAIN);
+
+        id = OCSP_cert_to_id(NULL, x509_1, x509_2);
+        if (id == NULL)
+            goto err;
+        OCSP_resp_find_status(bs, id, &status, &reason, &revtime, &thisupd,
+                              &nextupd);
+    }
+
+err:
+    X509_STORE_CTX_free(ctx);
+    X509_VERIFY_PARAM_free(param);
+    X509_STORE_free(store);
+    X509_free(x509_1);
+    X509_free(x509_2);
+    X509_CRL_free(crl);
+    OCSP_CERTID_free(id);
+    OCSP_BASICRESP_free(bs);
+    OCSP_RESPONSE_free(resp);
+    sk_X509_CRL_free(crls);
+    sk_X509_free(certs);
+
     ERR_clear_error();
     return 0;
 }

diff --git a/test/recipes/99-test_fuzz_x509.t b/test/recipes/99-test_fuzz_x509.t
index 9a1e3a19cadce461e8fc58b730c58eb1974885b3..7ca3ee8ae7ca00df0a5d843c9e96793579589cb5 100644 (file)
--- a/test/recipes/99-test_fuzz_x509.t
+++ b/test/recipes/99-test_fuzz_x509.t
@@ -15,6 +15,9 @@ use OpenSSL::Test::Utils;
 my $fuzzer = "x509";
 setup("test_fuzz_${fuzzer}");
 
+plan skip_all => "This test requires ocsp support"
+    if disabled("ocsp");
+
 plan tests => 2; # one more due to below require_ok(...)
 
 require_ok(srctop_file('test','recipes','fuzz.pl'));