Add standalone PKCS#8 and SPKI fuzzers.

We already had coverage for our new EVP_PKEY parsers, but it's good to have
some that cover them directly. The initial corpus was generated manually with
der-ascii and should cover most of the insanity around EC key serialization.

BUG=15

Change-Id: I7aaf56876680bfd5a89f5e365c5052eee03ba862
Reviewed-on: https://boringssl-review.googlesource.com/7728
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2016-04-22 00:43:20 -04:00 committed by Adam Langley
parent af18cdd733
commit 1fc7564ba7
29 changed files with 100 additions and 4 deletions

View File

@ -32,10 +32,12 @@ The recommended values of `max_len` for each test are:
| Test | `max_len` value |
|-----------|-----------------|
| `privkey` | 2048 |
| `cert` | 3072 |
| `server` | 4096 |
| `client` | 20000 |
| `pkcs8` | 2048 |
| `privkey` | 2048 |
| `server` | 4096 |
| `spki` | 1024 |
These were determined by rounding up the length of the largest case in the corpus.

View File

@ -166,7 +166,7 @@ add_library(
$<TARGET_OBJECTS:pem>
$<TARGET_OBJECTS:x509>
$<TARGET_OBJECTS:x509v3>
$<TARGET_OBJECTS:pkcs8>
$<TARGET_OBJECTS:pkcs8_lib>
)
if(NOT MSVC AND NOT ANDROID)

View File

@ -1,7 +1,7 @@
include_directories(../../include)
add_library(
pkcs8
pkcs8_lib
OBJECT

View File

@ -18,6 +18,24 @@ add_executable(
target_link_libraries(cert Fuzzer)
target_link_libraries(cert crypto)
add_executable(
spki
spki.cc
)
target_link_libraries(spki Fuzzer)
target_link_libraries(spki crypto)
add_executable(
pkcs8
pkcs8.cc
)
target_link_libraries(pkcs8 Fuzzer)
target_link_libraries(pkcs8 crypto)
add_executable(
server

38
fuzz/pkcs8.cc Normal file
View File

@ -0,0 +1,38 @@
/* Copyright (c) 2016, Google Inc.
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#include <openssl/bytestring.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
extern "C" int LLVMFuzzerTestOneInput(uint8_t *buf, size_t len) {
CBS cbs;
CBS_init(&cbs, buf, len);
EVP_PKEY *pkey = EVP_parse_private_key(&cbs);
if (pkey == NULL) {
return 0;
}
uint8_t *der;
size_t der_len;
CBB cbb;
if (CBB_init(&cbb, 0) &&
EVP_marshal_private_key(&cbb, pkey) &&
CBB_finish(&cbb, &der, &der_len)) {
OPENSSL_free(der);
}
CBB_cleanup(&cbb);
EVP_PKEY_free(pkey);
return 0;
}

38
fuzz/spki.cc Normal file
View File

@ -0,0 +1,38 @@
/* Copyright (c) 2016, Google Inc.
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#include <openssl/bytestring.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
extern "C" int LLVMFuzzerTestOneInput(uint8_t *buf, size_t len) {
CBS cbs;
CBS_init(&cbs, buf, len);
EVP_PKEY *pkey = EVP_parse_public_key(&cbs);
if (pkey == NULL) {
return 0;
}
uint8_t *der;
size_t der_len;
CBB cbb;
if (CBB_init(&cbb, 0) &&
EVP_marshal_public_key(&cbb, pkey) &&
CBB_finish(&cbb, &der, &der_len)) {
OPENSSL_free(der);
}
CBB_cleanup(&cbb);
EVP_PKEY_free(pkey);
return 0;
}