kris
/
boringssl
1
0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Toiminta
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5405 Commitit
12 Branchit
38 MiB
 
 
 
 
 
 
Puu: 6855e0a470
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '6855e0a470'
${ noResults }
boringssl/ssl/test/fuzzer.h

597 rivejä
25 KiB
Raaka Blame Historia 

  1. /* Copyright (c) 2017, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #ifndef HEADER_SSL_TEST_FUZZER

  16. #define HEADER_SSL_TEST_FUZZER

  17. 

  18. #include <assert.h>

  19. #include <stdlib.h>

  20. #include <string.h>

  21. 

  22. #include <algorithm>

  23. 

  24. #include <openssl/bio.h>

  25. #include <openssl/bytestring.h>

  26. #include <openssl/err.h>

  27. #include <openssl/evp.h>

  28. #include <openssl/rand.h>

  29. #include <openssl/rsa.h>

  30. #include <openssl/ssl.h>

  31. #include <openssl/x509.h>

  32. 

  33. #include "../internal.h"

  34. #include "./fuzzer_tags.h"

  35. 

  36. namespace {

  37. 

  38. const uint8_t kP256KeyPKCS8[] = {

  39.     0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,

  40.     0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,

  41.     0x03, 0x01, 0x07, 0x04, 0x6d, 0x30, 0x6b, 0x02, 0x01, 0x01, 0x04, 0x20,

  42.     0x43, 0x09, 0xc0, 0x67, 0x75, 0x21, 0x47, 0x9d, 0xa8, 0xfa, 0x16, 0xdf,

  43.     0x15, 0x73, 0x61, 0x34, 0x68, 0x6f, 0xe3, 0x8e, 0x47, 0x91, 0x95, 0xab,

  44.     0x79, 0x4a, 0x72, 0x14, 0xcb, 0xe2, 0x49, 0x4f, 0xa1, 0x44, 0x03, 0x42,

  45.     0x00, 0x04, 0xde, 0x09, 0x08, 0x07, 0x03, 0x2e, 0x8f, 0x37, 0x9a, 0xd5,

  46.     0xad, 0xe5, 0xc6, 0x9d, 0xd4, 0x63, 0xc7, 0x4a, 0xe7, 0x20, 0xcb, 0x90,

  47.     0xa0, 0x1f, 0x18, 0x18, 0x72, 0xb5, 0x21, 0x88, 0x38, 0xc0, 0xdb, 0xba,

  48.     0xf6, 0x99, 0xd8, 0xa5, 0x3b, 0x83, 0xe9, 0xe3, 0xd5, 0x61, 0x99, 0x73,

  49.     0x42, 0xc6, 0x6c, 0xe8, 0x0a, 0x95, 0x40, 0x41, 0x3b, 0x0d, 0x10, 0xa7,

  50.     0x4a, 0x93, 0xdb, 0x5a, 0xe7, 0xec,

  51. };

  52. 

  53. const uint8_t kOCSPResponse[] = {0x01, 0x02, 0x03, 0x04};

  54. 

  55. const uint8_t kSCT[] = {0x00, 0x06, 0x00, 0x04, 0x05, 0x06, 0x07, 0x08};

  56. 

  57. const uint8_t kCertificateDER[] = {

  58.     0x30, 0x82, 0x02, 0xff, 0x30, 0x82, 0x01, 0xe7, 0xa0, 0x03, 0x02, 0x01,

  59.     0x02, 0x02, 0x11, 0x00, 0xb1, 0x84, 0xee, 0x34, 0x99, 0x98, 0x76, 0xfb,

  60.     0x6f, 0xb2, 0x15, 0xc8, 0x47, 0x79, 0x05, 0x9b, 0x30, 0x0d, 0x06, 0x09,

  61.     0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30,

  62.     0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x07,

  63.     0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x30, 0x1e, 0x17, 0x0d, 0x31,

  64.     0x35, 0x31, 0x31, 0x30, 0x37, 0x30, 0x30, 0x32, 0x34, 0x35, 0x36, 0x5a,

  65.     0x17, 0x0d, 0x31, 0x36, 0x31, 0x31, 0x30, 0x36, 0x30, 0x30, 0x32, 0x34,

  66.     0x35, 0x36, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,

  67.     0x04, 0x0a, 0x13, 0x07, 0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x30,

  68.     0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,

  69.     0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30,

  70.     0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xce, 0x47, 0xcb, 0x11,

  71.     0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14, 0xaf, 0xc7, 0xea, 0xb6,

  72.     0xc9, 0x38, 0x2a, 0x6f, 0xb3, 0x7e, 0xfb, 0xbc, 0xfc, 0x59, 0x42, 0xb9,

  73.     0x56, 0xf0, 0x4c, 0x3f, 0xf7, 0x31, 0x84, 0xbe, 0xac, 0x03, 0x9e, 0x71,

  74.     0x91, 0x85, 0xd8, 0x32, 0xbd, 0x00, 0xea, 0xac, 0x65, 0xf6, 0x03, 0xc8,

  75.     0x0f, 0x8b, 0xfd, 0x6e, 0x58, 0x88, 0x04, 0x41, 0x92, 0x74, 0xa6, 0x57,

  76.     0x2e, 0x8e, 0x88, 0xd5, 0x3d, 0xda, 0x14, 0x3e, 0x63, 0x88, 0x22, 0xe3,

  77.     0x53, 0xe9, 0xba, 0x39, 0x09, 0xac, 0xfb, 0xd0, 0x4c, 0xf2, 0x3c, 0x20,

  78.     0xd6, 0x97, 0xe6, 0xed, 0xf1, 0x62, 0x1e, 0xe5, 0xc9, 0x48, 0xa0, 0xca,

  79.     0x2e, 0x3c, 0x14, 0x5a, 0x82, 0xd4, 0xed, 0xb1, 0xe3, 0x43, 0xc1, 0x2a,

  80.     0x59, 0xa5, 0xb9, 0xc8, 0x48, 0xa7, 0x39, 0x23, 0x74, 0xa7, 0x37, 0xb0,

  81.     0x6f, 0xc3, 0x64, 0x99, 0x6c, 0xa2, 0x82, 0xc8, 0xf6, 0xdb, 0x86, 0x40,

  82.     0xce, 0xd1, 0x85, 0x9f, 0xce, 0x69, 0xf4, 0x15, 0x2a, 0x23, 0xca, 0xea,

  83.     0xb7, 0x7b, 0xdf, 0xfb, 0x43, 0x5f, 0xff, 0x7a, 0x49, 0x49, 0x0e, 0xe7,

  84.     0x02, 0x51, 0x45, 0x13, 0xe8, 0x90, 0x64, 0x21, 0x0c, 0x26, 0x2b, 0x5d,

  85.     0xfc, 0xe4, 0xb5, 0x86, 0x89, 0x43, 0x22, 0x4c, 0xf3, 0x3b, 0xf3, 0x09,

  86.     0xc4, 0xa4, 0x10, 0x80, 0xf2, 0x46, 0xe2, 0x46, 0x8f, 0x76, 0x50, 0xbf,

  87.     0xaf, 0x2b, 0x90, 0x1b, 0x78, 0xc7, 0xcf, 0xc1, 0x77, 0xd0, 0xfb, 0xa9,

  88.     0xfb, 0xc9, 0x66, 0x5a, 0xc5, 0x9b, 0x31, 0x41, 0x67, 0x01, 0xbe, 0x33,

  89.     0x10, 0xba, 0x05, 0x58, 0xed, 0x76, 0x53, 0xde, 0x5d, 0xc1, 0xe8, 0xbb,

  90.     0x9f, 0xf1, 0xcd, 0xfb, 0xdf, 0x64, 0x7f, 0xd7, 0x18, 0xab, 0x0f, 0x94,

  91.     0x28, 0x95, 0x4a, 0xcc, 0x6a, 0xa9, 0x50, 0xc7, 0x05, 0x47, 0x10, 0x41,

  92.     0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0e, 0x06,

  93.     0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x05,

  94.     0xa0, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, 0x30, 0x0a,

  95.     0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x0c,

  96.     0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00,

  97.     0x30, 0x19, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x12, 0x30, 0x10, 0x82,

  98.     0x0e, 0x66, 0x75, 0x7a, 0x7a, 0x2e, 0x62, 0x6f, 0x72, 0x69, 0x6e, 0x67,

  99.     0x73, 0x73, 0x6c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,

  100.     0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x92,

  101.     0xde, 0xef, 0x96, 0x06, 0x7b, 0xff, 0x71, 0x7d, 0x4e, 0xa0, 0x7d, 0xae,

  102.     0xb8, 0x22, 0xb4, 0x2c, 0xf7, 0x96, 0x9c, 0x37, 0x1d, 0x8f, 0xe7, 0xd9,

  103.     0x47, 0xff, 0x3f, 0xe9, 0x35, 0x95, 0x0e, 0xdd, 0xdc, 0x7f, 0xc8, 0x8a,

  104.     0x1e, 0x36, 0x1d, 0x38, 0x47, 0xfc, 0x76, 0xd2, 0x1f, 0x98, 0xa1, 0x36,

  105.     0xac, 0xc8, 0x70, 0x38, 0x0a, 0x3d, 0x51, 0x8d, 0x0f, 0x03, 0x1b, 0xef,

  106.     0x62, 0xa1, 0xcb, 0x2b, 0x4a, 0x8c, 0x12, 0x2b, 0x54, 0x50, 0x9a, 0x6b,

  107.     0xfe, 0xaf, 0xd9, 0xf6, 0xbf, 0x58, 0x11, 0x58, 0x5e, 0xe5, 0x86, 0x1e,

  108.     0x3b, 0x6b, 0x30, 0x7e, 0x72, 0x89, 0xe8, 0x6b, 0x7b, 0xb7, 0xaf, 0xef,

  109.     0x8b, 0xa9, 0x3e, 0xb0, 0xcd, 0x0b, 0xef, 0xb0, 0x0c, 0x96, 0x2b, 0xc5,

  110.     0x3b, 0xd5, 0xf1, 0xc2, 0xae, 0x3a, 0x60, 0xd9, 0x0f, 0x75, 0x37, 0x55,

  111.     0x4d, 0x62, 0xd2, 0xed, 0x96, 0xac, 0x30, 0x6b, 0xda, 0xa1, 0x48, 0x17,

  112.     0x96, 0x23, 0x85, 0x9a, 0x57, 0x77, 0xe9, 0x22, 0xa2, 0x37, 0x03, 0xba,

  113.     0x49, 0x77, 0x40, 0x3b, 0x76, 0x4b, 0xda, 0xc1, 0x04, 0x57, 0x55, 0x34,

  114.     0x22, 0x83, 0x45, 0x29, 0xab, 0x2e, 0x11, 0xff, 0x0d, 0xab, 0x55, 0xb1,

  115.     0xa7, 0x58, 0x59, 0x05, 0x25, 0xf9, 0x1e, 0x3d, 0xb7, 0xac, 0x04, 0x39,

  116.     0x2c, 0xf9, 0xaf, 0xb8, 0x68, 0xfb, 0x8e, 0x35, 0x71, 0x32, 0xff, 0x70,

  117.     0xe9, 0x46, 0x6d, 0x5c, 0x06, 0x90, 0x88, 0x23, 0x48, 0x0c, 0x50, 0xeb,

  118.     0x0a, 0xa9, 0xae, 0xe8, 0xfc, 0xbe, 0xa5, 0x76, 0x94, 0xd7, 0x64, 0x22,

  119.     0x38, 0x98, 0x17, 0xa4, 0x3a, 0xa7, 0x59, 0x9f, 0x1d, 0x3b, 0x75, 0x90,

  120.     0x1a, 0x81, 0xef, 0x19, 0xfb, 0x2b, 0xb7, 0xa7, 0x64, 0x61, 0x22, 0xa4,

  121.     0x6f, 0x7b, 0xfa, 0x58, 0xbb, 0x8c, 0x4e, 0x77, 0x67, 0xd0, 0x5d, 0x58,

  122.     0x76, 0x8a, 0xbb,

  123. };

  124. 

  125. const uint8_t kRSAPrivateKeyDER[] = {

  126.     0x30, 0x82, 0x04, 0xa5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,

  127.     0xce, 0x47, 0xcb, 0x11, 0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14,

  128.     0xaf, 0xc7, 0xea, 0xb6, 0xc9, 0x38, 0x2a, 0x6f, 0xb3, 0x7e, 0xfb, 0xbc,

  129.     0xfc, 0x59, 0x42, 0xb9, 0x56, 0xf0, 0x4c, 0x3f, 0xf7, 0x31, 0x84, 0xbe,

  130.     0xac, 0x03, 0x9e, 0x71, 0x91, 0x85, 0xd8, 0x32, 0xbd, 0x00, 0xea, 0xac,

  131.     0x65, 0xf6, 0x03, 0xc8, 0x0f, 0x8b, 0xfd, 0x6e, 0x58, 0x88, 0x04, 0x41,

  132.     0x92, 0x74, 0xa6, 0x57, 0x2e, 0x8e, 0x88, 0xd5, 0x3d, 0xda, 0x14, 0x3e,

  133.     0x63, 0x88, 0x22, 0xe3, 0x53, 0xe9, 0xba, 0x39, 0x09, 0xac, 0xfb, 0xd0,

  134.     0x4c, 0xf2, 0x3c, 0x20, 0xd6, 0x97, 0xe6, 0xed, 0xf1, 0x62, 0x1e, 0xe5,

  135.     0xc9, 0x48, 0xa0, 0xca, 0x2e, 0x3c, 0x14, 0x5a, 0x82, 0xd4, 0xed, 0xb1,

  136.     0xe3, 0x43, 0xc1, 0x2a, 0x59, 0xa5, 0xb9, 0xc8, 0x48, 0xa7, 0x39, 0x23,

  137.     0x74, 0xa7, 0x37, 0xb0, 0x6f, 0xc3, 0x64, 0x99, 0x6c, 0xa2, 0x82, 0xc8,

  138.     0xf6, 0xdb, 0x86, 0x40, 0xce, 0xd1, 0x85, 0x9f, 0xce, 0x69, 0xf4, 0x15,

  139.     0x2a, 0x23, 0xca, 0xea, 0xb7, 0x7b, 0xdf, 0xfb, 0x43, 0x5f, 0xff, 0x7a,

  140.     0x49, 0x49, 0x0e, 0xe7, 0x02, 0x51, 0x45, 0x13, 0xe8, 0x90, 0x64, 0x21,

  141.     0x0c, 0x26, 0x2b, 0x5d, 0xfc, 0xe4, 0xb5, 0x86, 0x89, 0x43, 0x22, 0x4c,

  142.     0xf3, 0x3b, 0xf3, 0x09, 0xc4, 0xa4, 0x10, 0x80, 0xf2, 0x46, 0xe2, 0x46,

  143.     0x8f, 0x76, 0x50, 0xbf, 0xaf, 0x2b, 0x90, 0x1b, 0x78, 0xc7, 0xcf, 0xc1,

  144.     0x77, 0xd0, 0xfb, 0xa9, 0xfb, 0xc9, 0x66, 0x5a, 0xc5, 0x9b, 0x31, 0x41,

  145.     0x67, 0x01, 0xbe, 0x33, 0x10, 0xba, 0x05, 0x58, 0xed, 0x76, 0x53, 0xde,

  146.     0x5d, 0xc1, 0xe8, 0xbb, 0x9f, 0xf1, 0xcd, 0xfb, 0xdf, 0x64, 0x7f, 0xd7,

  147.     0x18, 0xab, 0x0f, 0x94, 0x28, 0x95, 0x4a, 0xcc, 0x6a, 0xa9, 0x50, 0xc7,

  148.     0x05, 0x47, 0x10, 0x41, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,

  149.     0x01, 0x00, 0xa8, 0x47, 0xb9, 0x4a, 0x06, 0x47, 0x93, 0x71, 0x3d, 0xef,

  150.     0x7b, 0xca, 0xb4, 0x7c, 0x0a, 0xe6, 0x82, 0xd0, 0xe7, 0x0d, 0xa9, 0x08,

  151.     0xf6, 0xa4, 0xfd, 0xd8, 0x73, 0xae, 0x6f, 0x56, 0x29, 0x5e, 0x25, 0x72,

  152.     0xa8, 0x30, 0x44, 0x73, 0xcf, 0x56, 0x26, 0xb9, 0x61, 0xde, 0x42, 0x81,

  153.     0xf4, 0xf0, 0x1f, 0x5d, 0xcb, 0x47, 0xf2, 0x26, 0xe9, 0xe0, 0x93, 0x28,

  154.     0xa3, 0x10, 0x3b, 0x42, 0x1e, 0x51, 0x11, 0x12, 0x06, 0x5e, 0xaf, 0xce,

  155.     0xb0, 0xa5, 0x14, 0xdd, 0x82, 0x58, 0xa1, 0xa4, 0x12, 0xdf, 0x65, 0x1d,

  156.     0x51, 0x70, 0x64, 0xd5, 0x58, 0x68, 0x11, 0xa8, 0x6a, 0x23, 0xc2, 0xbf,

  157.     0xa1, 0x25, 0x24, 0x47, 0xb3, 0xa4, 0x3c, 0x83, 0x96, 0xb7, 0x1f, 0xf4,

  158.     0x44, 0xd4, 0xd1, 0xe9, 0xfc, 0x33, 0x68, 0x5e, 0xe2, 0x68, 0x99, 0x9c,

  159.     0x91, 0xe8, 0x72, 0xc9, 0xd7, 0x8c, 0x80, 0x20, 0x8e, 0x77, 0x83, 0x4d,

  160.     0xe4, 0xab, 0xf9, 0x74, 0xa1, 0xdf, 0xd3, 0xc0, 0x0d, 0x5b, 0x05, 0x51,

  161.     0xc2, 0x6f, 0xb2, 0x91, 0x02, 0xec, 0xc0, 0x02, 0x1a, 0x5c, 0x91, 0x05,

  162.     0xf1, 0xe3, 0xfa, 0x65, 0xc2, 0xad, 0x24, 0xe6, 0xe5, 0x3c, 0xb6, 0x16,

  163.     0xf1, 0xa1, 0x67, 0x1a, 0x9d, 0x37, 0x56, 0xbf, 0x01, 0xd7, 0x3b, 0x35,

  164.     0x30, 0x57, 0x73, 0xf4, 0xf0, 0x5e, 0xa7, 0xe8, 0x0a, 0xc1, 0x94, 0x17,

  165.     0xcf, 0x0a, 0xbd, 0xf5, 0x31, 0xa7, 0x2d, 0xf7, 0xf5, 0xd9, 0x8c, 0xc2,

  166.     0x01, 0xbd, 0xda, 0x16, 0x8e, 0xb9, 0x30, 0x40, 0xa6, 0x6e, 0xbd, 0xcd,

  167.     0x4d, 0x84, 0x67, 0x4e, 0x0b, 0xce, 0xd5, 0xef, 0xf8, 0x08, 0x63, 0x02,

  168.     0xc6, 0xc7, 0xf7, 0x67, 0x92, 0xe2, 0x23, 0x9d, 0x27, 0x22, 0x1d, 0xc6,

  169.     0x67, 0x5e, 0x66, 0xbf, 0x03, 0xb8, 0xa9, 0x67, 0xd4, 0x39, 0xd8, 0x75,

  170.     0xfa, 0xe8, 0xed, 0x56, 0xb8, 0x81, 0x02, 0x81, 0x81, 0x00, 0xf7, 0x46,

  171.     0x68, 0xc6, 0x13, 0xf8, 0xba, 0x0f, 0x83, 0xdb, 0x05, 0xa8, 0x25, 0x00,

  172.     0x70, 0x9c, 0x9e, 0x8b, 0x12, 0x34, 0x0d, 0x96, 0xcf, 0x0d, 0x98, 0x9b,

  173.     0x8d, 0x9c, 0x96, 0x78, 0xd1, 0x3c, 0x01, 0x8c, 0xb9, 0x35, 0x5c, 0x20,

  174.     0x42, 0xb4, 0x38, 0xe3, 0xd6, 0x54, 0xe7, 0x55, 0xd6, 0x26, 0x8a, 0x0c,

  175.     0xf6, 0x1f, 0xe0, 0x04, 0xc1, 0x22, 0x42, 0x19, 0x61, 0xc4, 0x94, 0x7c,

  176.     0x07, 0x2e, 0x80, 0x52, 0xfe, 0x8d, 0xe6, 0x92, 0x3a, 0x91, 0xfe, 0x72,

  177.     0x99, 0xe1, 0x2a, 0x73, 0x76, 0xb1, 0x24, 0x20, 0x67, 0xde, 0x28, 0xcb,

  178.     0x0e, 0xe6, 0x52, 0xb5, 0xfa, 0xfb, 0x8b, 0x1e, 0x6a, 0x1d, 0x09, 0x26,

  179.     0xb9, 0xa7, 0x61, 0xba, 0xf8, 0x79, 0xd2, 0x66, 0x57, 0x28, 0xd7, 0x31,

  180.     0xb5, 0x0b, 0x27, 0x19, 0x1e, 0x6f, 0x46, 0xfc, 0x54, 0x95, 0xeb, 0x78,

  181.     0x01, 0xb6, 0xd9, 0x79, 0x5a, 0x4d, 0x02, 0x81, 0x81, 0x00, 0xd5, 0x8f,

  182.     0x16, 0x53, 0x2f, 0x57, 0x93, 0xbf, 0x09, 0x75, 0xbf, 0x63, 0x40, 0x3d,

  183.     0x27, 0xfd, 0x23, 0x21, 0xde, 0x9b, 0xe9, 0x73, 0x3f, 0x49, 0x02, 0xd2,

  184.     0x38, 0x96, 0xcf, 0xc3, 0xba, 0x92, 0x07, 0x87, 0x52, 0xa9, 0x35, 0xe3,

  185.     0x0c, 0xe4, 0x2f, 0x05, 0x7b, 0x37, 0xa5, 0x40, 0x9c, 0x3b, 0x94, 0xf7,

  186.     0xad, 0xa0, 0xee, 0x3a, 0xa8, 0xfb, 0x1f, 0x11, 0x1f, 0xd8, 0x9a, 0x80,

  187.     0x42, 0x3d, 0x7f, 0xa4, 0xb8, 0x9a, 0xaa, 0xea, 0x72, 0xc1, 0xe3, 0xed,

  188.     0x06, 0x60, 0x92, 0x37, 0xf9, 0xba, 0xfb, 0x9e, 0xed, 0x05, 0xa6, 0xd4,

  189.     0x72, 0x68, 0x4f, 0x63, 0xfe, 0xd6, 0x10, 0x0d, 0x4f, 0x0a, 0x93, 0xc6,

  190.     0xb9, 0xd7, 0xaf, 0xfd, 0xd9, 0x57, 0x7d, 0xcb, 0x75, 0xe8, 0x93, 0x2b,

  191.     0xae, 0x4f, 0xea, 0xd7, 0x30, 0x0b, 0x58, 0x44, 0x82, 0x0f, 0x84, 0x5d,

  192.     0x62, 0x11, 0x78, 0xea, 0x5f, 0xc5, 0x02, 0x81, 0x81, 0x00, 0x82, 0x0c,

  193.     0xc1, 0xe6, 0x0b, 0x72, 0xf1, 0x48, 0x5f, 0xac, 0xbd, 0x98, 0xe5, 0x7d,

  194.     0x09, 0xbd, 0x15, 0x95, 0x47, 0x09, 0xa1, 0x6c, 0x03, 0x91, 0xbf, 0x05,

  195.     0x70, 0xc1, 0x3e, 0x52, 0x64, 0x99, 0x0e, 0xa7, 0x98, 0x70, 0xfb, 0xf6,

  196.     0xeb, 0x9e, 0x25, 0x9d, 0x8e, 0x88, 0x30, 0xf2, 0xf0, 0x22, 0x6c, 0xd0,

  197.     0xcc, 0x51, 0x8f, 0x5c, 0x70, 0xc7, 0x37, 0xc4, 0x69, 0xab, 0x1d, 0xfc,

  198.     0xed, 0x3a, 0x03, 0xbb, 0xa2, 0xad, 0xb6, 0xea, 0x89, 0x6b, 0x67, 0x4b,

  199.     0x96, 0xaa, 0xd9, 0xcc, 0xc8, 0x4b, 0xfa, 0x18, 0x21, 0x08, 0xb2, 0xa3,

  200.     0xb9, 0x3e, 0x61, 0x99, 0xdc, 0x5a, 0x97, 0x9c, 0x73, 0x6a, 0xb9, 0xf9,

  201.     0x68, 0x03, 0x24, 0x5f, 0x55, 0x77, 0x9c, 0xb4, 0xbe, 0x7a, 0x78, 0x53,

  202.     0x68, 0x48, 0x69, 0x53, 0xc8, 0xb1, 0xf5, 0xbf, 0x98, 0x2d, 0x11, 0x1e,

  203.     0x98, 0xa8, 0x36, 0x50, 0xa0, 0xb1, 0x02, 0x81, 0x81, 0x00, 0x90, 0x88,

  204.     0x30, 0x71, 0xc7, 0xfe, 0x9b, 0x6d, 0x95, 0x37, 0x6d, 0x79, 0xfc, 0x85,

  205.     0xe7, 0x44, 0x78, 0xbc, 0x79, 0x6e, 0x47, 0x86, 0xc9, 0xf3, 0xdd, 0xc6,

  206.     0xec, 0xa9, 0x94, 0x9f, 0x40, 0xeb, 0x87, 0xd0, 0xdb, 0xee, 0xcd, 0x1b,

  207.     0x87, 0x23, 0xff, 0x76, 0xd4, 0x37, 0x8a, 0xcd, 0xb9, 0x6e, 0xd1, 0x98,

  208.     0xf6, 0x97, 0x8d, 0xe3, 0x81, 0x6d, 0xc3, 0x4e, 0xd1, 0xa0, 0xc4, 0x9f,

  209.     0xbd, 0x34, 0xe5, 0xe8, 0x53, 0x4f, 0xca, 0x10, 0xb5, 0xed, 0xe7, 0x16,

  210.     0x09, 0x54, 0xde, 0x60, 0xa7, 0xd1, 0x16, 0x6e, 0x2e, 0xb7, 0xbe, 0x7a,

  211.     0xd5, 0x9b, 0x26, 0xef, 0xe4, 0x0e, 0x77, 0xfa, 0xa9, 0xdd, 0xdc, 0xb9,

  212.     0x88, 0x19, 0x23, 0x70, 0xc7, 0xe1, 0x60, 0xaf, 0x8c, 0x73, 0x04, 0xf7,

  213.     0x71, 0x17, 0x81, 0x36, 0x75, 0xbb, 0x97, 0xd7, 0x75, 0xb6, 0x8e, 0xbc,

  214.     0xac, 0x9c, 0x6a, 0x9b, 0x24, 0x89, 0x02, 0x81, 0x80, 0x5a, 0x2b, 0xc7,

  215.     0x6b, 0x8c, 0x65, 0xdb, 0x04, 0x73, 0xab, 0x25, 0xe1, 0x5b, 0xbc, 0x3c,

  216.     0xcf, 0x5a, 0x3c, 0x04, 0xae, 0x97, 0x2e, 0xfd, 0xa4, 0x97, 0x1f, 0x05,

  217.     0x17, 0x27, 0xac, 0x7c, 0x30, 0x85, 0xb4, 0x82, 0x3f, 0x5b, 0xb7, 0x94,

  218.     0x3b, 0x7f, 0x6c, 0x0c, 0xc7, 0x16, 0xc6, 0xa0, 0xbd, 0x80, 0xb0, 0x81,

  219.     0xde, 0xa0, 0x23, 0xa6, 0xf6, 0x75, 0x33, 0x51, 0x35, 0xa2, 0x75, 0x55,

  220.     0x70, 0x4d, 0x42, 0xbb, 0xcf, 0x54, 0xe4, 0xdb, 0x2d, 0x88, 0xa0, 0x7a,

  221.     0xf2, 0x17, 0xa7, 0xdd, 0x13, 0x44, 0x9f, 0x5f, 0x6b, 0x2c, 0x42, 0x42,

  222.     0x8b, 0x13, 0x4d, 0xf9, 0x5b, 0xf8, 0x33, 0x42, 0xd9, 0x9e, 0x50, 0x1c,

  223.     0x7c, 0xbc, 0xfa, 0x62, 0x85, 0x0b, 0xcf, 0x99, 0xda, 0x9e, 0x04, 0x90,

  224.     0xb2, 0xc6, 0xb2, 0x0a, 0x2a, 0x7c, 0x6d, 0x6a, 0x40, 0xfc, 0xf5, 0x50,

  225.     0x98, 0x46, 0x89, 0x82, 0x40,

  226. };

  227. 

  228. const uint8_t kALPNProtocols[] = {

  229.     0x01, 'a', 0x02, 'a', 'a', 0x03, 'a', 'a', 'a',

  230. };

  231. 

  232. int ALPNSelectCallback(SSL *ssl, const uint8_t **out, uint8_t *out_len,

  233.                        const uint8_t *in, unsigned in_len, void *arg) {

  234.   static const uint8_t kProtocol[] = {'a', 'a'};

  235.   *out = kProtocol;

  236.   *out_len = sizeof(kProtocol);

  237.   return SSL_TLSEXT_ERR_OK;

  238. }

  239. 

  240. int NPNSelectCallback(SSL *ssl, uint8_t **out, uint8_t *out_len,

  241.                       const uint8_t *in, unsigned in_len, void *arg) {

  242.   static const uint8_t kProtocol[] = {'a', 'a'};

  243.   *out = const_cast<uint8_t *>(kProtocol);

  244.   *out_len = sizeof(kProtocol);

  245.   return SSL_TLSEXT_ERR_OK;

  246. }

  247. 

  248. int NPNAdvertiseCallback(SSL *ssl, const uint8_t **out, unsigned *out_len,

  249.                          void *arg) {

  250.   static const uint8_t kProtocols[] = {

  251.       0x01, 'a', 0x02, 'a', 'a', 0x03, 'a', 'a', 'a',

  252.   };

  253.   *out = kProtocols;

  254.   *out_len = sizeof(kProtocols);

  255.   return SSL_TLSEXT_ERR_OK;

  256. }

  257. 

  258. class TLSFuzzer {

  259.  public:

  260.   enum Protocol {

  261.     kTLS,

  262.     kDTLS,

  263.   };

  264. 

  265.   enum Role {

  266.     kClient,

  267.     kServer,

  268.   };

  269. 

  270.   TLSFuzzer(Protocol protocol, Role role)

  271.       : debug_(getenv("BORINGSSL_FUZZER_DEBUG") != nullptr),

  272.         protocol_(protocol),

  273.         role_(role) {

  274.     if (!Init()) {

  275.       abort();

  276.     }

  277.   }

  278. 

  279.   static void MoveBIOs(SSL *dest, SSL *src) {

  280.     BIO *rbio = SSL_get_rbio(src);

  281.     BIO_up_ref(rbio);

  282.     SSL_set0_rbio(dest, rbio);

  283. 

  284.     BIO *wbio = SSL_get_wbio(src);

  285.     BIO_up_ref(wbio);

  286.     SSL_set0_wbio(dest, wbio);

  287. 

  288.     SSL_set0_rbio(src, nullptr);

  289.     SSL_set0_wbio(src, nullptr);

  290.   }

  291. 

  292.   int TestOneInput(const uint8_t *buf, size_t len) {

  293.     RAND_reset_for_fuzzing();

  294. 

  295.     CBS cbs;

  296.     CBS_init(&cbs, buf, len);

  297.     bssl::UniquePtr<SSL> ssl = SetupTest(&cbs);

  298.     if (!ssl) {

  299.       if (debug_) {

  300.         fprintf(stderr, "Error parsing parameters.\n");

  301.       }

  302.       return 0;

  303.     }

  304. 

  305.     if (role_ == kClient) {

  306.       SSL_set_renegotiate_mode(ssl.get(), ssl_renegotiate_freely);

  307.       SSL_set_tlsext_host_name(ssl.get(), "hostname");

  308.     }

  309. 

  310.     // ssl_handoff may or may not be used.

  311.     bssl::UniquePtr<SSL> ssl_handoff(SSL_new(ctx_.get()));

  312.     bssl::UniquePtr<SSL> ssl_handback(SSL_new(ctx_.get()));

  313.     SSL_set_accept_state(ssl_handoff.get());

  314. 

  315.     SSL_set0_rbio(ssl.get(), MakeBIO(CBS_data(&cbs), CBS_len(&cbs)).release());

  316.     SSL_set0_wbio(ssl.get(), BIO_new(BIO_s_mem()));

  317. 

  318.     SSL *ssl_handshake = ssl.get();

  319.     bool handshake_successful = false;

  320.     bool handback_successful = false;

  321.     for (;;) {

  322.       int ret = SSL_do_handshake(ssl_handshake);

  323.       if (ret < 0 && SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDOFF) {

  324.         MoveBIOs(ssl_handoff.get(), ssl.get());

  325.         // Ordinarily we would call SSL_serialize_handoff(ssl.get().  But for

  326.         // fuzzing, use the serialized handoff that's getting fuzzed.

  327.         if (!SSL_apply_handoff(ssl_handoff.get(), handoff_)) {

  328.           if (debug_) {

  329.             fprintf(stderr, "Handoff failed.\n");

  330.           }

  331.           break;

  332.         }

  333.         ssl_handshake = ssl_handoff.get();

  334.       } else if (ret < 0 &&

  335.                  SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDBACK) {

  336.         MoveBIOs(ssl_handback.get(), ssl_handoff.get());

  337.         if (!SSL_apply_handback(ssl_handback.get(), handback_)) {

  338.           if (debug_) {

  339.             fprintf(stderr, "Handback failed.\n");

  340.           }

  341.           break;

  342.         }

  343.         handback_successful = true;

  344.         ssl_handshake = ssl_handback.get();

  345.       } else {

  346.         handshake_successful = ret == 1;

  347.         break;

  348.       }

  349.     }

  350. 

  351.     if (debug_) {

  352.       if (!handshake_successful) {

  353.         fprintf(stderr, "Handshake failed.\n");

  354.       } else if (handback_successful) {

  355.         fprintf(stderr, "Handback successful.\n");

  356.       }

  357.     }

  358. 

  359.     if (handshake_successful) {

  360.       // Keep reading application data until error or EOF.

  361.       uint8_t tmp[1024];

  362.       for (;;) {

  363.         if (SSL_read(ssl_handshake, tmp, sizeof(tmp)) <= 0) {

  364.           break;

  365.         }

  366.       }

  367.     }

  368. 

  369.     if (debug_) {

  370.       ERR_print_errors_fp(stderr);

  371.     }

  372.     ERR_clear_error();

  373.     return 0;

  374.   }

  375. 

  376.  private:

  377.   // Init initializes |ctx_| with settings common to all inputs.

  378.   bool Init() {

  379.     ctx_.reset(SSL_CTX_new(protocol_ == kDTLS ? DTLS_method() : TLS_method()));

  380.     bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());

  381.     bssl::UniquePtr<RSA> privkey(RSA_private_key_from_bytes(

  382.         kRSAPrivateKeyDER, sizeof(kRSAPrivateKeyDER)));

  383.     if (!ctx_ || !privkey || !pkey ||

  384.         !EVP_PKEY_set1_RSA(pkey.get(), privkey.get()) ||

  385.         !SSL_CTX_use_PrivateKey(ctx_.get(), pkey.get())) {

  386.       return false;

  387.     }

  388. 

  389.     const uint8_t *bufp = kCertificateDER;

  390.     bssl::UniquePtr<X509> cert(d2i_X509(NULL, &bufp, sizeof(kCertificateDER)));

  391.     if (!cert ||

  392.         !SSL_CTX_use_certificate(ctx_.get(), cert.get()) ||

  393.         !SSL_CTX_set_ocsp_response(ctx_.get(), kOCSPResponse,

  394.                                    sizeof(kOCSPResponse)) ||

  395.         !SSL_CTX_set_signed_cert_timestamp_list(ctx_.get(), kSCT,

  396.                                                 sizeof(kSCT))) {

  397.       return false;

  398.     }

  399. 

  400.     // When accepting peer certificates, allow any certificate.

  401.     SSL_CTX_set_cert_verify_callback(

  402.         ctx_.get(),

  403.         [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);

  404. 

  405.     SSL_CTX_enable_signed_cert_timestamps(ctx_.get());

  406.     SSL_CTX_enable_ocsp_stapling(ctx_.get());

  407. 

  408.     // Enable versions and ciphers that are off by default.

  409.     if (!SSL_CTX_set_strict_cipher_list(ctx_.get(), "ALL:NULL-SHA")) {

  410.       return false;

  411.     }

  412.     if (protocol_ == kTLS &&

  413.         !SSL_CTX_set_max_proto_version(ctx_.get(), TLS1_3_VERSION)) {

  414.       return false;

  415.     }

  416. 

  417.     SSL_CTX_set_early_data_enabled(ctx_.get(), 1);

  418. 

  419.     SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);

  420.     SSL_CTX_set_next_protos_advertised_cb(ctx_.get(), NPNAdvertiseCallback,

  421.                                           nullptr);

  422. 

  423.     SSL_CTX_set_alpn_select_cb(ctx_.get(), ALPNSelectCallback, nullptr);

  424.     if (SSL_CTX_set_alpn_protos(ctx_.get(), kALPNProtocols,

  425.                                 sizeof(kALPNProtocols)) != 0) {

  426.       return false;

  427.     }

  428. 

  429.     CBS cbs;

  430.     CBS_init(&cbs, kP256KeyPKCS8, sizeof(kP256KeyPKCS8));

  431.     pkey.reset(EVP_parse_private_key(&cbs));

  432.     if (!pkey || !SSL_CTX_set1_tls_channel_id(ctx_.get(), pkey.get())) {

  433.       return false;

  434.     }

  435.     SSL_CTX_set_tls_channel_id_enabled(ctx_.get(), 1);

  436. 

  437.     return true;

  438.   }

  439. 

  440.   // SetupTest parses parameters from |cbs| and returns a newly-configured |SSL|

  441.   // object or nullptr on error. On success, the caller should feed the

  442.   // remaining input in |cbs| to the SSL stack.

  443.   bssl::UniquePtr<SSL> SetupTest(CBS *cbs) {

  444.     // |ctx| is shared between runs, so we must clear any modifications to it

  445.     // made later on in this function.

  446.     SSL_CTX_flush_sessions(ctx_.get(), 0);

  447.     handoff_ = {};

  448.     handback_ = {};

  449. 

  450.     bssl::UniquePtr<SSL> ssl(SSL_new(ctx_.get()));

  451.     if (role_ == kServer) {

  452.       SSL_set_accept_state(ssl.get());

  453.     } else {

  454.       SSL_set_connect_state(ssl.get());

  455.     }

  456. 

  457.     for (;;) {

  458.       uint16_t tag;

  459.       if (!CBS_get_u16(cbs, &tag)) {

  460.         return nullptr;

  461.       }

  462.       switch (tag) {

  463.         case kDataTag:

  464.           return ssl;

  465. 

  466.         case kSessionTag: {

  467.           CBS data;

  468.           if (!CBS_get_u24_length_prefixed(cbs, &data)) {

  469.             return nullptr;

  470.           }

  471.           bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(

  472.               CBS_data(&data), CBS_len(&data), ctx_.get()));

  473.           if (!session) {

  474.             return nullptr;

  475.           }

  476. 

  477.           if (role_ == kServer) {

  478.             SSL_CTX_add_session(ctx_.get(), session.get());

  479.           } else {

  480.             SSL_set_session(ssl.get(), session.get());

  481.           }

  482.           break;

  483.         }

  484. 

  485.         case kRequestClientCert:

  486.           if (role_ == kClient) {

  487.             return nullptr;

  488.           }

  489.           SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);

  490.           break;

  491. 

  492.         case kTLS13Variant: {

  493.           uint8_t variant;

  494.           if (!CBS_get_u8(cbs, &variant)) {

  495.             return nullptr;

  496.           }

  497.           SSL_set_tls13_variant(ssl.get(),

  498.                                 static_cast<tls13_variant_t>(variant));

  499.           break;

  500.         }

  501. 

  502.         case kHandoffTag: {

  503.           CBS handoff;

  504.           if (!CBS_get_u24_length_prefixed(cbs, &handoff)) {

  505.             return nullptr;

  506.           }

  507.           handoff_.CopyFrom(handoff);

  508.           bssl::SSL_set_handoff_mode(ssl.get(), 1);

  509.           break;

  510.         }

  511. 

  512.         case kHandbackTag: {

  513.           CBS handback;

  514.           if (!CBS_get_u24_length_prefixed(cbs, &handback)) {

  515.             return nullptr;

  516.           }

  517.           handback_.CopyFrom(handback);

  518.           bssl::SSL_set_handoff_mode(ssl.get(), 1);

  519.           break;

  520.         }

  521. 

  522.         default:

  523.           return nullptr;

  524.       }

  525.     }

  526.   }

  527. 

  528.   struct BIOData {

  529.     Protocol protocol;

  530.     CBS cbs;

  531.   };

  532. 

  533.   bssl::UniquePtr<BIO> MakeBIO(const uint8_t *in, size_t len) {

  534.     BIOData *b = new BIOData;

  535.     b->protocol = protocol_;

  536.     CBS_init(&b->cbs, in, len);

  537. 

  538.     bssl::UniquePtr<BIO> bio(BIO_new(&kBIOMethod));

  539.     bio->init = 1;

  540.     bio->ptr = b;

  541.     return bio;

  542.   }

  543. 

  544.   static int BIORead(BIO *bio, char *out, int len) {

  545.     assert(bio->method == &kBIOMethod);

  546.     BIOData *b = reinterpret_cast<BIOData *>(bio->ptr);

  547.     if (b->protocol == kTLS) {

  548.       len = std::min(static_cast<size_t>(len), CBS_len(&b->cbs));

  549.       memcpy(out, CBS_data(&b->cbs), len);

  550.       CBS_skip(&b->cbs, len);

  551.       return len;

  552.     }

  553. 

  554.     // Preserve packet boundaries for DTLS.

  555.     CBS packet;

  556.     if (!CBS_get_u24_length_prefixed(&b->cbs, &packet)) {

  557.       return -1;

  558.     }

  559.     len = std::min(static_cast<size_t>(len), CBS_len(&packet));

  560.     memcpy(out, CBS_data(&packet), len);

  561.     return len;

  562.   }

  563. 

  564.   static int BIODestroy(BIO *bio) {

  565.     assert(bio->method == &kBIOMethod);

  566.     BIOData *b = reinterpret_cast<BIOData *>(bio->ptr);

  567.     delete b;

  568.     return 1;

  569.   }

  570. 

  571.   static const BIO_METHOD kBIOMethod;

  572. 

  573.   bool debug_;

  574.   Protocol protocol_;

  575.   Role role_;

  576.   bssl::UniquePtr<SSL_CTX> ctx_;

  577.   bssl::Array<uint8_t> handoff_, handback_;

  578. };

  579. 

  580. const BIO_METHOD TLSFuzzer::kBIOMethod = {

  581.     0,        // type

  582.     nullptr,  // name

  583.     nullptr,  // bwrite

  584.     TLSFuzzer::BIORead,

  585.     nullptr,  // bputs

  586.     nullptr,  // bgets

  587.     nullptr,  // ctrl

  588.     nullptr,  // create

  589.     TLSFuzzer::BIODestroy,

  590.     nullptr,  // callback_ctrl

  591. };

  592. 

  593. }  // namespace

  594. 

  595. 

  596. #endif  // HEADER_SSL_TEST_FUZZER