kris
/
boringssl
1
0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
5667 коммитов
12 Ветки
38 MiB
Дерево: 9978f0a865
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из '9978f0a865'
${ noResults }
boringssl/fuzz/ssl_ctx_api.cc

ssl_ctx_api.cc 22 KiB
Исходник Обычный вид История

Add a fuzzer for the SSL_CTX API. This is not a complete fuzzer, even for SSL_CTX, but it's a start. Written in memory of c-ares[1]. [1] https://twitter.com/hanno/status/781506296906444800 Change-Id: I64b02c60f35b9057201df2cc325ebb7a84a0229d Reviewed-on: https://boringssl-review.googlesource.com/11423 Reviewed-by: Adam Langley <alangley@gmail.com> Commit-Queue: Adam Langley <alangley@gmail.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
8 лет назад
Adding mising <string> header. Fixing error: fuzz/ssl_ctx_api.cc:232:6: error: implicit instantiation of undefined template 'std::__1::basic_string.... BUG= Change-Id: I6d623dcca3e4edc52702d713fc948a0242bd4db8 Reviewed-on: https://boringssl-review.googlesource.com/11540 Reviewed-by: Adam Langley <agl@google.com>
8 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Add a fuzzer for the SSL_CTX API. This is not a complete fuzzer, even for SSL_CTX, but it's a start. Written in memory of c-ares[1]. [1] https://twitter.com/hanno/status/781506296906444800 Change-Id: I64b02c60f35b9057201df2cc325ebb7a84a0229d Reviewed-on: https://boringssl-review.googlesource.com/11423 Reviewed-by: Adam Langley <alangley@gmail.com> Commit-Queue: Adam Langley <alangley@gmail.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
8 лет назад
ERR_clear_error at the end of each fuzzer. Data allocated in one fuzzer iteration and then freed in the next complicates the leak checker. Avoid this by dropping hidden global state at the end of each run. Change-Id: Ice79704f2754a6b1f40e288df9b97ddd5b3b97d5 Reviewed-on: https://boringssl-review.googlesource.com/11600 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
8 лет назад
Add a fuzzer for the SSL_CTX API. This is not a complete fuzzer, even for SSL_CTX, but it's a start. Written in memory of c-ares[1]. [1] https://twitter.com/hanno/status/781506296906444800 Change-Id: I64b02c60f35b9057201df2cc325ebb7a84a0229d Reviewed-on: https://boringssl-review.googlesource.com/11423 Reviewed-by: Adam Langley <alangley@gmail.com> Commit-Queue: Adam Langley <alangley@gmail.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
8 лет назад
Add “bssl::” prefix to |UpRef| and |PushToStack| in fuzzer code. Change-Id: Ie3ed310869f3068d5be8292448a27679fa91a7a7 Reviewed-on: https://boringssl-review.googlesource.com/29624 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
6 лет назад
Add a fuzzer for the SSL_CTX API. This is not a complete fuzzer, even for SSL_CTX, but it's a start. Written in memory of c-ares[1]. [1] https://twitter.com/hanno/status/781506296906444800 Change-Id: I64b02c60f35b9057201df2cc325ebb7a84a0229d Reviewed-on: https://boringssl-review.googlesource.com/11423 Reviewed-by: Adam Langley <alangley@gmail.com> Commit-Queue: Adam Langley <alangley@gmail.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
8 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Bound ssl_ctx_api more aggressively. OpenSSL's d2i_X509 parser is amazingly slow. Only do about 10,000 of them, not 1,000,000. BUG=chromium:729419 Change-Id: I7034c3dde7d5c5681986af2ab5e516e54553d3c6 Reviewed-on: https://boringssl-review.googlesource.com/16905 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Add a fuzzer for the SSL_CTX API. This is not a complete fuzzer, even for SSL_CTX, but it's a start. Written in memory of c-ares[1]. [1] https://twitter.com/hanno/status/781506296906444800 Change-Id: I64b02c60f35b9057201df2cc325ebb7a84a0229d Reviewed-on: https://boringssl-review.googlesource.com/11423 Reviewed-by: Adam Langley <alangley@gmail.com> Commit-Queue: Adam Langley <alangley@gmail.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
8 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Add a fuzzer for the SSL_CTX API. This is not a complete fuzzer, even for SSL_CTX, but it's a start. Written in memory of c-ares[1]. [1] https://twitter.com/hanno/status/781506296906444800 Change-Id: I64b02c60f35b9057201df2cc325ebb7a84a0229d Reviewed-on: https://boringssl-review.googlesource.com/11423 Reviewed-by: Adam Langley <alangley@gmail.com> Commit-Queue: Adam Langley <alangley@gmail.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
8 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Support OpenSSL APIs SSL[_CTX]_set1_sigalgs[_list]. These functions can be used to configure the signature algorithms. One of them is a string mini-languaging parsing function, which we generally dislike because it defeats static analysis. However, some dependent projects (in this case TensorFlow) need it and we also dislike making people patch. Change-Id: I13f990c896a7f7332d78b1c351357d418ade8d11 Reviewed-on: https://boringssl-review.googlesource.com/30304 Reviewed-by: Steven Valdez <svaldez@google.com>
6 лет назад
Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe. The size of an int is 4, not 2. To avoid worrying about this, add a GetVector counterpart to GetString that handles all this. Apply this uniformly to avoid all the pointer casts. This is less important for vector<uint8_t>, but even then we'll now notice a 1-byte OOB read since std::string is NUL-terminated. Also it's shorter. Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585 Reviewed-on: https://boringssl-review.googlesource.com/30864 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Support OpenSSL APIs SSL[_CTX]_set1_sigalgs[_list]. These functions can be used to configure the signature algorithms. One of them is a string mini-languaging parsing function, which we generally dislike because it defeats static analysis. However, some dependent projects (in this case TensorFlow) need it and we also dislike making people patch. Change-Id: I13f990c896a7f7332d78b1c351357d418ade8d11 Reviewed-on: https://boringssl-review.googlesource.com/30304 Reviewed-by: Steven Valdez <svaldez@google.com>
6 лет назад
Fix SSL_CTX_set1_sigalgs_list fuzzer. SSL_CTX_set1_sigalgs_list wants a NUL-terminated string, so we need to use GetString to give it one. Bug: oss-fuzz:9808 Change-Id: Id7f676aa514c36de9dea900763db3cbbf5c79a4c Reviewed-on: https://boringssl-review.googlesource.com/30804 Reviewed-by: Adam Langley <agl@google.com>
6 лет назад
Support OpenSSL APIs SSL[_CTX]_set1_sigalgs[_list]. These functions can be used to configure the signature algorithms. One of them is a string mini-languaging parsing function, which we generally dislike because it defeats static analysis. However, some dependent projects (in this case TensorFlow) need it and we also dislike making people patch. Change-Id: I13f990c896a7f7332d78b1c351357d418ade8d11 Reviewed-on: https://boringssl-review.googlesource.com/30304 Reviewed-by: Steven Valdez <svaldez@google.com>
6 лет назад
Bound expensive opcodes in ssl_ctx_api. The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert and SSL_CTX_get0_chain_certs. In our current X509* caching implementation, this can be quadratic. As this is an API fuzzer, not an actual attack surface, this is not of much interest in itself, but bounding this will let the fuzzers fuzz faster. Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39 Reviewed-on: https://boringssl-review.googlesource.com/16887 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 лет назад
Add a fuzzer for the SSL_CTX API. This is not a complete fuzzer, even for SSL_CTX, but it's a start. Written in memory of c-ares[1]. [1] https://twitter.com/hanno/status/781506296906444800 Change-Id: I64b02c60f35b9057201df2cc325ebb7a84a0229d Reviewed-on: https://boringssl-review.googlesource.com/11423 Reviewed-by: Adam Langley <alangley@gmail.com> Commit-Queue: Adam Langley <alangley@gmail.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
8 лет назад
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517 
  1. /* Copyright (c) 2016, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #include <functional>

  16. #include <string>

  17. #include <type_traits>

  18. #include <vector>

  19. 

  20. #include <assert.h>

  21. 

  22. #include <openssl/bytestring.h>

  23. #include <openssl/err.h>

  24. #include <openssl/evp.h>

  25. #include <openssl/rsa.h>

  26. #include <openssl/ssl.h>

  27. #include <openssl/stack.h>

  28. #include <openssl/x509.h>

  29. 

  30. #include "../crypto/internal.h"

  31. 

  32. static const uint8_t kCertificateDER[] = {

  33.     0x30, 0x82, 0x02, 0xff, 0x30, 0x82, 0x01, 0xe7, 0xa0, 0x03, 0x02, 0x01,

  34.     0x02, 0x02, 0x11, 0x00, 0xb1, 0x84, 0xee, 0x34, 0x99, 0x98, 0x76, 0xfb,

  35.     0x6f, 0xb2, 0x15, 0xc8, 0x47, 0x79, 0x05, 0x9b, 0x30, 0x0d, 0x06, 0x09,

  36.     0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30,

  37.     0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x07,

  38.     0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x30, 0x1e, 0x17, 0x0d, 0x31,

  39.     0x35, 0x31, 0x31, 0x30, 0x37, 0x30, 0x30, 0x32, 0x34, 0x35, 0x36, 0x5a,

  40.     0x17, 0x0d, 0x31, 0x36, 0x31, 0x31, 0x30, 0x36, 0x30, 0x30, 0x32, 0x34,

  41.     0x35, 0x36, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,

  42.     0x04, 0x0a, 0x13, 0x07, 0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x30,

  43.     0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,

  44.     0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30,

  45.     0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xce, 0x47, 0xcb, 0x11,

  46.     0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14, 0xaf, 0xc7, 0xea, 0xb6,

  47.     0xc9, 0x38, 0x2a, 0x6f, 0xb3, 0x7e, 0xfb, 0xbc, 0xfc, 0x59, 0x42, 0xb9,

  48.     0x56, 0xf0, 0x4c, 0x3f, 0xf7, 0x31, 0x84, 0xbe, 0xac, 0x03, 0x9e, 0x71,

  49.     0x91, 0x85, 0xd8, 0x32, 0xbd, 0x00, 0xea, 0xac, 0x65, 0xf6, 0x03, 0xc8,

  50.     0x0f, 0x8b, 0xfd, 0x6e, 0x58, 0x88, 0x04, 0x41, 0x92, 0x74, 0xa6, 0x57,

  51.     0x2e, 0x8e, 0x88, 0xd5, 0x3d, 0xda, 0x14, 0x3e, 0x63, 0x88, 0x22, 0xe3,

  52.     0x53, 0xe9, 0xba, 0x39, 0x09, 0xac, 0xfb, 0xd0, 0x4c, 0xf2, 0x3c, 0x20,

  53.     0xd6, 0x97, 0xe6, 0xed, 0xf1, 0x62, 0x1e, 0xe5, 0xc9, 0x48, 0xa0, 0xca,

  54.     0x2e, 0x3c, 0x14, 0x5a, 0x82, 0xd4, 0xed, 0xb1, 0xe3, 0x43, 0xc1, 0x2a,

  55.     0x59, 0xa5, 0xb9, 0xc8, 0x48, 0xa7, 0x39, 0x23, 0x74, 0xa7, 0x37, 0xb0,

  56.     0x6f, 0xc3, 0x64, 0x99, 0x6c, 0xa2, 0x82, 0xc8, 0xf6, 0xdb, 0x86, 0x40,

  57.     0xce, 0xd1, 0x85, 0x9f, 0xce, 0x69, 0xf4, 0x15, 0x2a, 0x23, 0xca, 0xea,

  58.     0xb7, 0x7b, 0xdf, 0xfb, 0x43, 0x5f, 0xff, 0x7a, 0x49, 0x49, 0x0e, 0xe7,

  59.     0x02, 0x51, 0x45, 0x13, 0xe8, 0x90, 0x64, 0x21, 0x0c, 0x26, 0x2b, 0x5d,

  60.     0xfc, 0xe4, 0xb5, 0x86, 0x89, 0x43, 0x22, 0x4c, 0xf3, 0x3b, 0xf3, 0x09,

  61.     0xc4, 0xa4, 0x10, 0x80, 0xf2, 0x46, 0xe2, 0x46, 0x8f, 0x76, 0x50, 0xbf,

  62.     0xaf, 0x2b, 0x90, 0x1b, 0x78, 0xc7, 0xcf, 0xc1, 0x77, 0xd0, 0xfb, 0xa9,

  63.     0xfb, 0xc9, 0x66, 0x5a, 0xc5, 0x9b, 0x31, 0x41, 0x67, 0x01, 0xbe, 0x33,

  64.     0x10, 0xba, 0x05, 0x58, 0xed, 0x76, 0x53, 0xde, 0x5d, 0xc1, 0xe8, 0xbb,

  65.     0x9f, 0xf1, 0xcd, 0xfb, 0xdf, 0x64, 0x7f, 0xd7, 0x18, 0xab, 0x0f, 0x94,

  66.     0x28, 0x95, 0x4a, 0xcc, 0x6a, 0xa9, 0x50, 0xc7, 0x05, 0x47, 0x10, 0x41,

  67.     0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0e, 0x06,

  68.     0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x05,

  69.     0xa0, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, 0x30, 0x0a,

  70.     0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x0c,

  71.     0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00,

  72.     0x30, 0x19, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x12, 0x30, 0x10, 0x82,

  73.     0x0e, 0x66, 0x75, 0x7a, 0x7a, 0x2e, 0x62, 0x6f, 0x72, 0x69, 0x6e, 0x67,

  74.     0x73, 0x73, 0x6c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,

  75.     0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x92,

  76.     0xde, 0xef, 0x96, 0x06, 0x7b, 0xff, 0x71, 0x7d, 0x4e, 0xa0, 0x7d, 0xae,

  77.     0xb8, 0x22, 0xb4, 0x2c, 0xf7, 0x96, 0x9c, 0x37, 0x1d, 0x8f, 0xe7, 0xd9,

  78.     0x47, 0xff, 0x3f, 0xe9, 0x35, 0x95, 0x0e, 0xdd, 0xdc, 0x7f, 0xc8, 0x8a,

  79.     0x1e, 0x36, 0x1d, 0x38, 0x47, 0xfc, 0x76, 0xd2, 0x1f, 0x98, 0xa1, 0x36,

  80.     0xac, 0xc8, 0x70, 0x38, 0x0a, 0x3d, 0x51, 0x8d, 0x0f, 0x03, 0x1b, 0xef,

  81.     0x62, 0xa1, 0xcb, 0x2b, 0x4a, 0x8c, 0x12, 0x2b, 0x54, 0x50, 0x9a, 0x6b,

  82.     0xfe, 0xaf, 0xd9, 0xf6, 0xbf, 0x58, 0x11, 0x58, 0x5e, 0xe5, 0x86, 0x1e,

  83.     0x3b, 0x6b, 0x30, 0x7e, 0x72, 0x89, 0xe8, 0x6b, 0x7b, 0xb7, 0xaf, 0xef,

  84.     0x8b, 0xa9, 0x3e, 0xb0, 0xcd, 0x0b, 0xef, 0xb0, 0x0c, 0x96, 0x2b, 0xc5,

  85.     0x3b, 0xd5, 0xf1, 0xc2, 0xae, 0x3a, 0x60, 0xd9, 0x0f, 0x75, 0x37, 0x55,

  86.     0x4d, 0x62, 0xd2, 0xed, 0x96, 0xac, 0x30, 0x6b, 0xda, 0xa1, 0x48, 0x17,

  87.     0x96, 0x23, 0x85, 0x9a, 0x57, 0x77, 0xe9, 0x22, 0xa2, 0x37, 0x03, 0xba,

  88.     0x49, 0x77, 0x40, 0x3b, 0x76, 0x4b, 0xda, 0xc1, 0x04, 0x57, 0x55, 0x34,

  89.     0x22, 0x83, 0x45, 0x29, 0xab, 0x2e, 0x11, 0xff, 0x0d, 0xab, 0x55, 0xb1,

  90.     0xa7, 0x58, 0x59, 0x05, 0x25, 0xf9, 0x1e, 0x3d, 0xb7, 0xac, 0x04, 0x39,

  91.     0x2c, 0xf9, 0xaf, 0xb8, 0x68, 0xfb, 0x8e, 0x35, 0x71, 0x32, 0xff, 0x70,

  92.     0xe9, 0x46, 0x6d, 0x5c, 0x06, 0x90, 0x88, 0x23, 0x48, 0x0c, 0x50, 0xeb,

  93.     0x0a, 0xa9, 0xae, 0xe8, 0xfc, 0xbe, 0xa5, 0x76, 0x94, 0xd7, 0x64, 0x22,

  94.     0x38, 0x98, 0x17, 0xa4, 0x3a, 0xa7, 0x59, 0x9f, 0x1d, 0x3b, 0x75, 0x90,

  95.     0x1a, 0x81, 0xef, 0x19, 0xfb, 0x2b, 0xb7, 0xa7, 0x64, 0x61, 0x22, 0xa4,

  96.     0x6f, 0x7b, 0xfa, 0x58, 0xbb, 0x8c, 0x4e, 0x77, 0x67, 0xd0, 0x5d, 0x58,

  97.     0x76, 0x8a, 0xbb,

  98. };

  99. 

  100. static const uint8_t kRSAPrivateKeyDER[] = {

  101.     0x30, 0x82, 0x04, 0xa5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,

  102.     0xce, 0x47, 0xcb, 0x11, 0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14,

  103.     0xaf, 0xc7, 0xea, 0xb6, 0xc9, 0x38, 0x2a, 0x6f, 0xb3, 0x7e, 0xfb, 0xbc,

  104.     0xfc, 0x59, 0x42, 0xb9, 0x56, 0xf0, 0x4c, 0x3f, 0xf7, 0x31, 0x84, 0xbe,

  105.     0xac, 0x03, 0x9e, 0x71, 0x91, 0x85, 0xd8, 0x32, 0xbd, 0x00, 0xea, 0xac,

  106.     0x65, 0xf6, 0x03, 0xc8, 0x0f, 0x8b, 0xfd, 0x6e, 0x58, 0x88, 0x04, 0x41,

  107.     0x92, 0x74, 0xa6, 0x57, 0x2e, 0x8e, 0x88, 0xd5, 0x3d, 0xda, 0x14, 0x3e,

  108.     0x63, 0x88, 0x22, 0xe3, 0x53, 0xe9, 0xba, 0x39, 0x09, 0xac, 0xfb, 0xd0,

  109.     0x4c, 0xf2, 0x3c, 0x20, 0xd6, 0x97, 0xe6, 0xed, 0xf1, 0x62, 0x1e, 0xe5,

  110.     0xc9, 0x48, 0xa0, 0xca, 0x2e, 0x3c, 0x14, 0x5a, 0x82, 0xd4, 0xed, 0xb1,

  111.     0xe3, 0x43, 0xc1, 0x2a, 0x59, 0xa5, 0xb9, 0xc8, 0x48, 0xa7, 0x39, 0x23,

  112.     0x74, 0xa7, 0x37, 0xb0, 0x6f, 0xc3, 0x64, 0x99, 0x6c, 0xa2, 0x82, 0xc8,

  113.     0xf6, 0xdb, 0x86, 0x40, 0xce, 0xd1, 0x85, 0x9f, 0xce, 0x69, 0xf4, 0x15,

  114.     0x2a, 0x23, 0xca, 0xea, 0xb7, 0x7b, 0xdf, 0xfb, 0x43, 0x5f, 0xff, 0x7a,

  115.     0x49, 0x49, 0x0e, 0xe7, 0x02, 0x51, 0x45, 0x13, 0xe8, 0x90, 0x64, 0x21,

  116.     0x0c, 0x26, 0x2b, 0x5d, 0xfc, 0xe4, 0xb5, 0x86, 0x89, 0x43, 0x22, 0x4c,

  117.     0xf3, 0x3b, 0xf3, 0x09, 0xc4, 0xa4, 0x10, 0x80, 0xf2, 0x46, 0xe2, 0x46,

  118.     0x8f, 0x76, 0x50, 0xbf, 0xaf, 0x2b, 0x90, 0x1b, 0x78, 0xc7, 0xcf, 0xc1,

  119.     0x77, 0xd0, 0xfb, 0xa9, 0xfb, 0xc9, 0x66, 0x5a, 0xc5, 0x9b, 0x31, 0x41,

  120.     0x67, 0x01, 0xbe, 0x33, 0x10, 0xba, 0x05, 0x58, 0xed, 0x76, 0x53, 0xde,

  121.     0x5d, 0xc1, 0xe8, 0xbb, 0x9f, 0xf1, 0xcd, 0xfb, 0xdf, 0x64, 0x7f, 0xd7,

  122.     0x18, 0xab, 0x0f, 0x94, 0x28, 0x95, 0x4a, 0xcc, 0x6a, 0xa9, 0x50, 0xc7,

  123.     0x05, 0x47, 0x10, 0x41, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,

  124.     0x01, 0x00, 0xa8, 0x47, 0xb9, 0x4a, 0x06, 0x47, 0x93, 0x71, 0x3d, 0xef,

  125.     0x7b, 0xca, 0xb4, 0x7c, 0x0a, 0xe6, 0x82, 0xd0, 0xe7, 0x0d, 0xa9, 0x08,

  126.     0xf6, 0xa4, 0xfd, 0xd8, 0x73, 0xae, 0x6f, 0x56, 0x29, 0x5e, 0x25, 0x72,

  127.     0xa8, 0x30, 0x44, 0x73, 0xcf, 0x56, 0x26, 0xb9, 0x61, 0xde, 0x42, 0x81,

  128.     0xf4, 0xf0, 0x1f, 0x5d, 0xcb, 0x47, 0xf2, 0x26, 0xe9, 0xe0, 0x93, 0x28,

  129.     0xa3, 0x10, 0x3b, 0x42, 0x1e, 0x51, 0x11, 0x12, 0x06, 0x5e, 0xaf, 0xce,

  130.     0xb0, 0xa5, 0x14, 0xdd, 0x82, 0x58, 0xa1, 0xa4, 0x12, 0xdf, 0x65, 0x1d,

  131.     0x51, 0x70, 0x64, 0xd5, 0x58, 0x68, 0x11, 0xa8, 0x6a, 0x23, 0xc2, 0xbf,

  132.     0xa1, 0x25, 0x24, 0x47, 0xb3, 0xa4, 0x3c, 0x83, 0x96, 0xb7, 0x1f, 0xf4,

  133.     0x44, 0xd4, 0xd1, 0xe9, 0xfc, 0x33, 0x68, 0x5e, 0xe2, 0x68, 0x99, 0x9c,

  134.     0x91, 0xe8, 0x72, 0xc9, 0xd7, 0x8c, 0x80, 0x20, 0x8e, 0x77, 0x83, 0x4d,

  135.     0xe4, 0xab, 0xf9, 0x74, 0xa1, 0xdf, 0xd3, 0xc0, 0x0d, 0x5b, 0x05, 0x51,

  136.     0xc2, 0x6f, 0xb2, 0x91, 0x02, 0xec, 0xc0, 0x02, 0x1a, 0x5c, 0x91, 0x05,

  137.     0xf1, 0xe3, 0xfa, 0x65, 0xc2, 0xad, 0x24, 0xe6, 0xe5, 0x3c, 0xb6, 0x16,

  138.     0xf1, 0xa1, 0x67, 0x1a, 0x9d, 0x37, 0x56, 0xbf, 0x01, 0xd7, 0x3b, 0x35,

  139.     0x30, 0x57, 0x73, 0xf4, 0xf0, 0x5e, 0xa7, 0xe8, 0x0a, 0xc1, 0x94, 0x17,

  140.     0xcf, 0x0a, 0xbd, 0xf5, 0x31, 0xa7, 0x2d, 0xf7, 0xf5, 0xd9, 0x8c, 0xc2,

  141.     0x01, 0xbd, 0xda, 0x16, 0x8e, 0xb9, 0x30, 0x40, 0xa6, 0x6e, 0xbd, 0xcd,

  142.     0x4d, 0x84, 0x67, 0x4e, 0x0b, 0xce, 0xd5, 0xef, 0xf8, 0x08, 0x63, 0x02,

  143.     0xc6, 0xc7, 0xf7, 0x67, 0x92, 0xe2, 0x23, 0x9d, 0x27, 0x22, 0x1d, 0xc6,

  144.     0x67, 0x5e, 0x66, 0xbf, 0x03, 0xb8, 0xa9, 0x67, 0xd4, 0x39, 0xd8, 0x75,

  145.     0xfa, 0xe8, 0xed, 0x56, 0xb8, 0x81, 0x02, 0x81, 0x81, 0x00, 0xf7, 0x46,

  146.     0x68, 0xc6, 0x13, 0xf8, 0xba, 0x0f, 0x83, 0xdb, 0x05, 0xa8, 0x25, 0x00,

  147.     0x70, 0x9c, 0x9e, 0x8b, 0x12, 0x34, 0x0d, 0x96, 0xcf, 0x0d, 0x98, 0x9b,

  148.     0x8d, 0x9c, 0x96, 0x78, 0xd1, 0x3c, 0x01, 0x8c, 0xb9, 0x35, 0x5c, 0x20,

  149.     0x42, 0xb4, 0x38, 0xe3, 0xd6, 0x54, 0xe7, 0x55, 0xd6, 0x26, 0x8a, 0x0c,

  150.     0xf6, 0x1f, 0xe0, 0x04, 0xc1, 0x22, 0x42, 0x19, 0x61, 0xc4, 0x94, 0x7c,

  151.     0x07, 0x2e, 0x80, 0x52, 0xfe, 0x8d, 0xe6, 0x92, 0x3a, 0x91, 0xfe, 0x72,

  152.     0x99, 0xe1, 0x2a, 0x73, 0x76, 0xb1, 0x24, 0x20, 0x67, 0xde, 0x28, 0xcb,

  153.     0x0e, 0xe6, 0x52, 0xb5, 0xfa, 0xfb, 0x8b, 0x1e, 0x6a, 0x1d, 0x09, 0x26,

  154.     0xb9, 0xa7, 0x61, 0xba, 0xf8, 0x79, 0xd2, 0x66, 0x57, 0x28, 0xd7, 0x31,

  155.     0xb5, 0x0b, 0x27, 0x19, 0x1e, 0x6f, 0x46, 0xfc, 0x54, 0x95, 0xeb, 0x78,

  156.     0x01, 0xb6, 0xd9, 0x79, 0x5a, 0x4d, 0x02, 0x81, 0x81, 0x00, 0xd5, 0x8f,

  157.     0x16, 0x53, 0x2f, 0x57, 0x93, 0xbf, 0x09, 0x75, 0xbf, 0x63, 0x40, 0x3d,

  158.     0x27, 0xfd, 0x23, 0x21, 0xde, 0x9b, 0xe9, 0x73, 0x3f, 0x49, 0x02, 0xd2,

  159.     0x38, 0x96, 0xcf, 0xc3, 0xba, 0x92, 0x07, 0x87, 0x52, 0xa9, 0x35, 0xe3,

  160.     0x0c, 0xe4, 0x2f, 0x05, 0x7b, 0x37, 0xa5, 0x40, 0x9c, 0x3b, 0x94, 0xf7,

  161.     0xad, 0xa0, 0xee, 0x3a, 0xa8, 0xfb, 0x1f, 0x11, 0x1f, 0xd8, 0x9a, 0x80,

  162.     0x42, 0x3d, 0x7f, 0xa4, 0xb8, 0x9a, 0xaa, 0xea, 0x72, 0xc1, 0xe3, 0xed,

  163.     0x06, 0x60, 0x92, 0x37, 0xf9, 0xba, 0xfb, 0x9e, 0xed, 0x05, 0xa6, 0xd4,

  164.     0x72, 0x68, 0x4f, 0x63, 0xfe, 0xd6, 0x10, 0x0d, 0x4f, 0x0a, 0x93, 0xc6,

  165.     0xb9, 0xd7, 0xaf, 0xfd, 0xd9, 0x57, 0x7d, 0xcb, 0x75, 0xe8, 0x93, 0x2b,

  166.     0xae, 0x4f, 0xea, 0xd7, 0x30, 0x0b, 0x58, 0x44, 0x82, 0x0f, 0x84, 0x5d,

  167.     0x62, 0x11, 0x78, 0xea, 0x5f, 0xc5, 0x02, 0x81, 0x81, 0x00, 0x82, 0x0c,

  168.     0xc1, 0xe6, 0x0b, 0x72, 0xf1, 0x48, 0x5f, 0xac, 0xbd, 0x98, 0xe5, 0x7d,

  169.     0x09, 0xbd, 0x15, 0x95, 0x47, 0x09, 0xa1, 0x6c, 0x03, 0x91, 0xbf, 0x05,

  170.     0x70, 0xc1, 0x3e, 0x52, 0x64, 0x99, 0x0e, 0xa7, 0x98, 0x70, 0xfb, 0xf6,

  171.     0xeb, 0x9e, 0x25, 0x9d, 0x8e, 0x88, 0x30, 0xf2, 0xf0, 0x22, 0x6c, 0xd0,

  172.     0xcc, 0x51, 0x8f, 0x5c, 0x70, 0xc7, 0x37, 0xc4, 0x69, 0xab, 0x1d, 0xfc,

  173.     0xed, 0x3a, 0x03, 0xbb, 0xa2, 0xad, 0xb6, 0xea, 0x89, 0x6b, 0x67, 0x4b,

  174.     0x96, 0xaa, 0xd9, 0xcc, 0xc8, 0x4b, 0xfa, 0x18, 0x21, 0x08, 0xb2, 0xa3,

  175.     0xb9, 0x3e, 0x61, 0x99, 0xdc, 0x5a, 0x97, 0x9c, 0x73, 0x6a, 0xb9, 0xf9,

  176.     0x68, 0x03, 0x24, 0x5f, 0x55, 0x77, 0x9c, 0xb4, 0xbe, 0x7a, 0x78, 0x53,

  177.     0x68, 0x48, 0x69, 0x53, 0xc8, 0xb1, 0xf5, 0xbf, 0x98, 0x2d, 0x11, 0x1e,

  178.     0x98, 0xa8, 0x36, 0x50, 0xa0, 0xb1, 0x02, 0x81, 0x81, 0x00, 0x90, 0x88,

  179.     0x30, 0x71, 0xc7, 0xfe, 0x9b, 0x6d, 0x95, 0x37, 0x6d, 0x79, 0xfc, 0x85,

  180.     0xe7, 0x44, 0x78, 0xbc, 0x79, 0x6e, 0x47, 0x86, 0xc9, 0xf3, 0xdd, 0xc6,

  181.     0xec, 0xa9, 0x94, 0x9f, 0x40, 0xeb, 0x87, 0xd0, 0xdb, 0xee, 0xcd, 0x1b,

  182.     0x87, 0x23, 0xff, 0x76, 0xd4, 0x37, 0x8a, 0xcd, 0xb9, 0x6e, 0xd1, 0x98,

  183.     0xf6, 0x97, 0x8d, 0xe3, 0x81, 0x6d, 0xc3, 0x4e, 0xd1, 0xa0, 0xc4, 0x9f,

  184.     0xbd, 0x34, 0xe5, 0xe8, 0x53, 0x4f, 0xca, 0x10, 0xb5, 0xed, 0xe7, 0x16,

  185.     0x09, 0x54, 0xde, 0x60, 0xa7, 0xd1, 0x16, 0x6e, 0x2e, 0xb7, 0xbe, 0x7a,

  186.     0xd5, 0x9b, 0x26, 0xef, 0xe4, 0x0e, 0x77, 0xfa, 0xa9, 0xdd, 0xdc, 0xb9,

  187.     0x88, 0x19, 0x23, 0x70, 0xc7, 0xe1, 0x60, 0xaf, 0x8c, 0x73, 0x04, 0xf7,

  188.     0x71, 0x17, 0x81, 0x36, 0x75, 0xbb, 0x97, 0xd7, 0x75, 0xb6, 0x8e, 0xbc,

  189.     0xac, 0x9c, 0x6a, 0x9b, 0x24, 0x89, 0x02, 0x81, 0x80, 0x5a, 0x2b, 0xc7,

  190.     0x6b, 0x8c, 0x65, 0xdb, 0x04, 0x73, 0xab, 0x25, 0xe1, 0x5b, 0xbc, 0x3c,

  191.     0xcf, 0x5a, 0x3c, 0x04, 0xae, 0x97, 0x2e, 0xfd, 0xa4, 0x97, 0x1f, 0x05,

  192.     0x17, 0x27, 0xac, 0x7c, 0x30, 0x85, 0xb4, 0x82, 0x3f, 0x5b, 0xb7, 0x94,

  193.     0x3b, 0x7f, 0x6c, 0x0c, 0xc7, 0x16, 0xc6, 0xa0, 0xbd, 0x80, 0xb0, 0x81,

  194.     0xde, 0xa0, 0x23, 0xa6, 0xf6, 0x75, 0x33, 0x51, 0x35, 0xa2, 0x75, 0x55,

  195.     0x70, 0x4d, 0x42, 0xbb, 0xcf, 0x54, 0xe4, 0xdb, 0x2d, 0x88, 0xa0, 0x7a,

  196.     0xf2, 0x17, 0xa7, 0xdd, 0x13, 0x44, 0x9f, 0x5f, 0x6b, 0x2c, 0x42, 0x42,

  197.     0x8b, 0x13, 0x4d, 0xf9, 0x5b, 0xf8, 0x33, 0x42, 0xd9, 0x9e, 0x50, 0x1c,

  198.     0x7c, 0xbc, 0xfa, 0x62, 0x85, 0x0b, 0xcf, 0x99, 0xda, 0x9e, 0x04, 0x90,

  199.     0xb2, 0xc6, 0xb2, 0x0a, 0x2a, 0x7c, 0x6d, 0x6a, 0x40, 0xfc, 0xf5, 0x50,

  200.     0x98, 0x46, 0x89, 0x82, 0x40,

  201. };

  202. 

  203. struct GlobalState {

  204.   GlobalState() {

  205.     const uint8_t *bufp = kRSAPrivateKeyDER;

  206.     RSA *privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER));

  207.     assert(privkey != nullptr);

  208. 

  209.     pkey_.reset(EVP_PKEY_new());

  210.     EVP_PKEY_assign_RSA(pkey_.get(), privkey);

  211. 

  212.     bufp = kCertificateDER;

  213.     cert_.reset(d2i_X509(NULL, &bufp, sizeof(kCertificateDER)));

  214.     assert(cert_.get() != nullptr);

  215. 

  216.     certs_.reset(sk_X509_new_null());

  217.     bssl::PushToStack(certs_.get(), bssl::UpRef(cert_));

  218.   }

  219. 

  220.   bssl::UniquePtr<EVP_PKEY> pkey_;

  221.   bssl::UniquePtr<X509> cert_;

  222.   bssl::UniquePtr<STACK_OF(X509)> certs_;

  223. };

  224. 

  225. static GlobalState g_state;

  226. 

  227. static bool GetString(std::string *out, CBS *cbs) {

  228.   CBS str;

  229.   if (!CBS_get_u8_length_prefixed(cbs, &str)) {

  230.     return false;

  231.   }

  232. 

  233.   out->assign(reinterpret_cast<const char *>(CBS_data(&str)), CBS_len(&str));

  234.   return true;

  235. }

  236. 

  237. template <typename T>

  238. static bool GetVector(std::vector<T> *out, CBS *cbs) {

  239.   static_assert(std::is_pod<T>::value,

  240.                 "GetVector may only be called on POD types");

  241. 

  242.   CBS child;

  243.   if (!CBS_get_u8_length_prefixed(cbs, &child)) {

  244.     return false;

  245.   }

  246. 

  247.   size_t num = CBS_len(&child) / sizeof(T);

  248.   out->resize(num);

  249.   out->shrink_to_fit();  // Ensure ASan notices out-of-bounds reads.

  250.   OPENSSL_memcpy(out->data(), CBS_data(&child), num * sizeof(T));

  251.   return true;

  252. }

  253. 

  254. extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {

  255.   constexpr size_t kMaxExpensiveAPIs = 100;

  256.   unsigned expensive_api_count = 0;

  257. 

  258.   const std::function<void(SSL_CTX *, CBS *)> kAPIs[] = {

  259.       [](SSL_CTX *ctx, CBS *cbs) {

  260.         uint8_t b;

  261.         if (!CBS_get_u8(cbs, &b)) {

  262.           return;

  263.         }

  264.         SSL_CTX_set_quiet_shutdown(ctx, b);

  265.       },

  266.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_get_quiet_shutdown(ctx); },

  267.       [](SSL_CTX *ctx, CBS *cbs) {

  268.         uint16_t version;

  269.         if (!CBS_get_u16(cbs, &version)) {

  270.           return;

  271.         }

  272.         SSL_CTX_set_min_proto_version(ctx, version);

  273.       },

  274.       [](SSL_CTX *ctx, CBS *cbs) {

  275.         uint16_t version;

  276.         if (!CBS_get_u16(cbs, &version)) {

  277.           return;

  278.         }

  279.         SSL_CTX_set_max_proto_version(ctx, version);

  280.       },

  281.       [](SSL_CTX *ctx, CBS *cbs) {

  282.         uint32_t options;

  283.         if (!CBS_get_u32(cbs, &options)) {

  284.           return;

  285.         }

  286.         SSL_CTX_set_options(ctx, options);

  287.       },

  288.       [](SSL_CTX *ctx, CBS *cbs) {

  289.         uint32_t options;

  290.         if (!CBS_get_u32(cbs, &options)) {

  291.           return;

  292.         }

  293.         SSL_CTX_clear_options(ctx, options);

  294.       },

  295.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_get_options(ctx); },

  296.       [](SSL_CTX *ctx, CBS *cbs) {

  297.         uint32_t mode;

  298.         if (!CBS_get_u32(cbs, &mode)) {

  299.           return;

  300.         }

  301.         SSL_CTX_set_mode(ctx, mode);

  302.       },

  303.       [](SSL_CTX *ctx, CBS *cbs) {

  304.         uint32_t mode;

  305.         if (!CBS_get_u32(cbs, &mode)) {

  306.           return;

  307.         }

  308.         SSL_CTX_clear_mode(ctx, mode);

  309.       },

  310.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_get_mode(ctx); },

  311.       [](SSL_CTX *ctx, CBS *cbs) {

  312.         SSL_CTX_use_certificate(ctx, g_state.cert_.get());

  313.       },

  314.       [](SSL_CTX *ctx, CBS *cbs) {

  315.         SSL_CTX_use_PrivateKey(ctx, g_state.pkey_.get());

  316.       },

  317.       [](SSL_CTX *ctx, CBS *cbs) {

  318.         SSL_CTX_set1_chain(ctx, g_state.certs_.get());

  319.       },

  320.       [&](SSL_CTX *ctx, CBS *cbs) {

  321.         // Avoid an unbounded certificate chain.

  322.         if (++expensive_api_count >= kMaxExpensiveAPIs) {

  323.           return;

  324.         }

  325. 

  326.         SSL_CTX_add1_chain_cert(ctx, g_state.cert_.get());

  327.       },

  328.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_clear_chain_certs(ctx); },

  329.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_clear_extra_chain_certs(ctx); },

  330.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_check_private_key(ctx); },

  331.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_get0_certificate(ctx); },

  332.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_get0_privatekey(ctx); },

  333.       [](SSL_CTX *ctx, CBS *cbs) {

  334.         STACK_OF(X509) * chains;

  335.         SSL_CTX_get0_chain_certs(ctx, &chains);

  336.       },

  337.       [](SSL_CTX *ctx, CBS *cbs) {

  338.         std::vector<uint8_t> sct_data;

  339.         if (!GetVector(&sct_data, cbs)) {

  340.           return;

  341.         }

  342.         SSL_CTX_set_signed_cert_timestamp_list(ctx, sct_data.data(),

  343.                                                sct_data.size());

  344.       },

  345.       [](SSL_CTX *ctx, CBS *cbs) {

  346.         std::vector<uint8_t> ocsp_data;

  347.         if (!GetVector(&ocsp_data, cbs)) {

  348.           return;

  349.         }

  350.         SSL_CTX_set_ocsp_response(ctx, ocsp_data.data(), ocsp_data.size());

  351.       },

  352.       [](SSL_CTX *ctx, CBS *cbs) {

  353.         std::vector<uint16_t> algs;

  354.         if (!GetVector(&algs, cbs)) {

  355.           return;

  356.         }

  357.         SSL_CTX_set_signing_algorithm_prefs(ctx, algs.data(), algs.size());

  358.       },

  359.       [](SSL_CTX *ctx, CBS *cbs) {

  360.         std::string ciphers;

  361.         if (!GetString(&ciphers, cbs)) {

  362.           return;

  363.         }

  364.         SSL_CTX_set_strict_cipher_list(ctx, ciphers.c_str());

  365.       },

  366.       [](SSL_CTX *ctx, CBS *cbs) {

  367.         std::string ciphers;

  368.         if (!GetString(&ciphers, cbs)) {

  369.           return;

  370.         }

  371.         SSL_CTX_set_cipher_list(ctx, ciphers.c_str());

  372.       },

  373.       [](SSL_CTX *ctx, CBS *cbs) {

  374.         std::vector<uint16_t> algs;

  375.         if (!GetVector(&algs, cbs)) {

  376.           return;

  377.         }

  378.         SSL_CTX_set_verify_algorithm_prefs(ctx, algs.data(), algs.size());

  379.       },

  380.       [](SSL_CTX *ctx, CBS *cbs) {

  381.         std::vector<uint8_t> id_ctx;

  382.         if (!GetVector(&id_ctx, cbs)) {

  383.           return;

  384.         }

  385.         SSL_CTX_set_session_id_context(ctx, id_ctx.data(), id_ctx.size());

  386.       },

  387.       [](SSL_CTX *ctx, CBS *cbs) {

  388.         uint32_t size;

  389.         if (!CBS_get_u32(cbs, &size)) {

  390.           return;

  391.         }

  392.         SSL_CTX_sess_set_cache_size(ctx, size);

  393.       },

  394.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_sess_get_cache_size(ctx); },

  395.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_sess_number(ctx); },

  396.       [](SSL_CTX *ctx, CBS *cbs) {

  397.         uint32_t time;

  398.         if (!CBS_get_u32(cbs, &time)) {

  399.           return;

  400.         }

  401.         SSL_CTX_flush_sessions(ctx, time);

  402.       },

  403.       [](SSL_CTX *ctx, CBS *cbs) {

  404.         std::vector<uint8_t> keys;

  405.         if (!GetVector(&keys, cbs)) {

  406.           return;

  407.         }

  408.         SSL_CTX_set_tlsext_ticket_keys(ctx, keys.data(), keys.size());

  409.       },

  410.       [](SSL_CTX *ctx, CBS *cbs) {

  411.         std::vector<int> curves;

  412.         if (!GetVector(&curves, cbs)) {

  413.           return;

  414.         }

  415.         SSL_CTX_set1_curves(ctx, curves.data(), curves.size());

  416.       },

  417.       [](SSL_CTX *ctx, CBS *cbs) {

  418.         std::string curves;

  419.         if (!GetString(&curves, cbs)) {

  420.           return;

  421.         }

  422.         SSL_CTX_set1_curves_list(ctx, curves.c_str());

  423.       },

  424.       [](SSL_CTX *ctx, CBS *cbs) {

  425.         SSL_CTX_enable_signed_cert_timestamps(ctx);

  426.       },

  427.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_enable_ocsp_stapling(ctx); },

  428.       [&](SSL_CTX *ctx, CBS *cbs) {

  429.         // Avoid an unbounded client CA list.

  430.         if (++expensive_api_count >= kMaxExpensiveAPIs) {

  431.           return;

  432.         }

  433. 

  434.         SSL_CTX_add_client_CA(ctx, g_state.cert_.get());

  435.       },

  436.       [](SSL_CTX *ctx, CBS *cbs) {

  437.         std::vector<uint8_t> protos;

  438.         if (!GetVector(&protos, cbs)) {

  439.           return;

  440.         }

  441.         SSL_CTX_set_alpn_protos(ctx, protos.data(), protos.size());

  442.       },

  443.       [](SSL_CTX *ctx, CBS *cbs) {

  444.         std::string profiles;

  445.         if (!GetString(&profiles, cbs)) {

  446.           return;

  447.         }

  448.         SSL_CTX_set_srtp_profiles(ctx, profiles.c_str());

  449.       },

  450.       [](SSL_CTX *ctx, CBS *cbs) { SSL_CTX_get_max_cert_list(ctx); },

  451.       [](SSL_CTX *ctx, CBS *cbs) {

  452.         uint32_t size;

  453.         if (!CBS_get_u32(cbs, &size)) {

  454.           return;

  455.         }

  456.         SSL_CTX_set_max_cert_list(ctx, size);

  457.       },

  458.       [](SSL_CTX *ctx, CBS *cbs) {

  459.         uint32_t size;

  460.         if (!CBS_get_u32(cbs, &size)) {

  461.           return;

  462.         }

  463.         SSL_CTX_set_max_send_fragment(ctx, size);

  464.       },

  465.       [](SSL_CTX *ctx, CBS *cbs) {

  466.         uint8_t b;

  467.         if (!CBS_get_u8(cbs, &b)) {

  468.           return;

  469.         }

  470.         SSL_CTX_set_retain_only_sha256_of_client_certs(ctx, b);

  471.       },

  472.       [](SSL_CTX *ctx, CBS *cbs) {

  473.         uint8_t b;

  474.         if (!CBS_get_u8(cbs, &b)) {

  475.           return;

  476.         }

  477.         SSL_CTX_set_grease_enabled(ctx, b);

  478.       },

  479.       [](SSL_CTX *ctx, CBS *cbs) {

  480.         std::vector<int> sigalgs;

  481.         if (!GetVector(&sigalgs, cbs)) {

  482.           return;

  483.         }

  484.         SSL_CTX_set1_sigalgs(ctx, sigalgs.data(), sigalgs.size());

  485.       },

  486.       [](SSL_CTX *ctx, CBS *cbs) {

  487.         std::string sigalgs;

  488.         if (!GetString(&sigalgs, cbs)) {

  489.           return;

  490.         }

  491.         SSL_CTX_set1_sigalgs_list(ctx, sigalgs.c_str());

  492.       },

  493.   };

  494. 

  495.   bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));

  496. 

  497.   // If the number of functions exceeds this limit then the code needs to do

  498.   // more than sample a single uint8_t to pick the function.

  499.   static_assert(OPENSSL_ARRAY_SIZE(kAPIs) < 256, "kAPIs too large");

  500. 

  501.   CBS cbs;

  502.   CBS_init(&cbs, buf, len);

  503. 

  504.   for (;;) {

  505.     uint8_t index;

  506.     if (!CBS_get_u8(&cbs, &index)) {

  507.       break;

  508.     }

  509. 

  510.     kAPIs[index % OPENSSL_ARRAY_SIZE(kAPIs)](ctx.get(), &cbs);

  511.   }

  512. 

  513.   bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));

  514.   ERR_clear_error();

  515. 

  516.   return 0;

  517. }