1/*
| 1/*
|
2 * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
| 2 * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
|
3 *
4 * Licensed under the Apache License 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 * https://www.openssl.org/source/license.html
8 * or in the file LICENSE in the source distribution.
9 */
10
11#include <openssl/x509.h>
| 3 *
4 * Licensed under the Apache License 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 * https://www.openssl.org/source/license.html
8 * or in the file LICENSE in the source distribution.
9 */
10
11#include <openssl/x509.h>
|
| 12#include <openssl/ocsp.h>
|
12#include <openssl/bio.h>
13#include <openssl/err.h>
14#include <openssl/rand.h>
15#include "fuzzer.h"
16
17int FuzzerInitialize(int *argc, char ***argv)
18{
19 FuzzerSetRand();
| 13#include <openssl/bio.h>
14#include <openssl/err.h>
15#include <openssl/rand.h>
16#include "fuzzer.h"
17
18int FuzzerInitialize(int *argc, char ***argv)
19{
20 FuzzerSetRand();
|
20 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
| 21 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS
22 | OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
|
21 ERR_clear_error();
22 CRYPTO_free_ex_index(0, -1);
23 return 1;
24}
25
| 23 ERR_clear_error();
24 CRYPTO_free_ex_index(0, -1);
25 return 1;
26}
27
|
| 28static int cb(int ok, X509_STORE_CTX *ctx)
29{
30 return 1;
31}
32
|
26int FuzzerTestOneInput(const uint8_t *buf, size_t len)
27{
28 const unsigned char *p = buf;
| 33int FuzzerTestOneInput(const uint8_t *buf, size_t len)
34{
35 const unsigned char *p = buf;
|
| 36 size_t orig_len = len;
|
29 unsigned char *der = NULL;
| 37 unsigned char *der = NULL;
|
| 38 BIO *bio = NULL;
39 X509 *x509_1 = NULL, *x509_2 = NULL;
40 X509_STORE *store = NULL;
41 X509_VERIFY_PARAM *param = NULL;
42 X509_STORE_CTX *ctx = NULL;
43 X509_CRL *crl = NULL;
44 STACK_OF(X509_CRL) *crls = NULL;
45 STACK_OF(X509) *certs = NULL;
46 OCSP_RESPONSE *resp = NULL;
47 OCSP_BASICRESP *bs = NULL;
48 OCSP_CERTID *id = NULL;
|
30
| 49
|
31 X509 *x509 = d2i_X509(NULL, &p, len);
32 if (x509 != NULL) {
33 BIO *bio = BIO_new(BIO_s_null());
34 /* This will load and print the public key as well as extensions */
35 X509_print(bio, x509);
36 BIO_free(bio);
| 50 x509_1 = d2i_X509(NULL, &p, len);
51 if (x509_1 == NULL)
52 goto err;
|
37
| 53
|
38 X509_issuer_and_serial_hash(x509);
| 54 bio = BIO_new(BIO_s_null());
55 if (bio == NULL)
56 goto err;
|
39
| 57
|
40 i2d_X509(x509, &der);
41 OPENSSL_free(der);
| 58 /* This will load and print the public key as well as extensions */
59 X509_print(bio, x509_1);
60 BIO_free(bio);
|
42
| 61
|
43 X509_free(x509);
| 62 X509_issuer_and_serial_hash(x509_1);
63
64 i2d_X509(x509_1, &der);
65 OPENSSL_free(der);
66
67 len = orig_len - (p - buf);
68 x509_2 = d2i_X509(NULL, &p, len);
69 if (x509_2 == NULL)
70 goto err;
71
72 len = orig_len - (p - buf);
73 crl = d2i_X509_CRL(NULL, &p, len);
74 if (crl == NULL)
75 goto err;
76
77 len = orig_len - (p - buf);
78 resp = d2i_OCSP_RESPONSE(NULL, &p, len);
79
80 store = X509_STORE_new();
81 X509_STORE_add_cert(store, x509_2);
82
83 param = X509_VERIFY_PARAM_new();
84 X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_NO_CHECK_TIME);
85 X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_X509_STRICT);
86 X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_PARTIAL_CHAIN);
87 X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
88
89 X509_STORE_set1_param(store, param);
90
91 X509_STORE_set_verify_cb(store, cb);
92
93 ctx = X509_STORE_CTX_new();
94 if (ctx == NULL)
95 goto err;
96
97 X509_STORE_CTX_init(ctx, store, x509_1, NULL);
98
99 if (crl != NULL) {
100 crls = sk_X509_CRL_new_null();
101 if (crls == NULL)
102 goto err;
103
104 sk_X509_CRL_push(crls, crl);
105 X509_STORE_CTX_set0_crls(ctx, crls);
|
44 }
| 106 }
|
| 107
108 X509_verify_cert(ctx);
109
110 if (resp != NULL)
111 bs = OCSP_response_get1_basic(resp);
112
113 if (bs != NULL) {
114 int status, reason;
115 ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd;
116
117 certs = sk_X509_new_null();
118 if (certs == NULL)
119 goto err;
120
121 sk_X509_push(certs, x509_1);
122 sk_X509_push(certs, x509_2);
123
124 OCSP_basic_verify(bs, certs, store, OCSP_PARTIAL_CHAIN);
125
126 id = OCSP_cert_to_id(NULL, x509_1, x509_2);
127 if (id == NULL)
128 goto err;
129 OCSP_resp_find_status(bs, id, &status, &reason, &revtime, &thisupd,
130 &nextupd);
131 }
132
133err:
134 X509_STORE_CTX_free(ctx);
135 X509_VERIFY_PARAM_free(param);
136 X509_STORE_free(store);
137 X509_free(x509_1);
138 X509_free(x509_2);
139 X509_CRL_free(crl);
140 OCSP_CERTID_free(id);
141 OCSP_BASICRESP_free(bs);
142 OCSP_RESPONSE_free(resp);
143 sk_X509_CRL_free(crls);
144 sk_X509_free(certs);
145
|
45 ERR_clear_error();
46 return 0;
47}
48
49void FuzzerCleanup(void)
50{
51 FuzzerClearRand();
52}
| 146 ERR_clear_error();
147 return 0;
148}
149
150void FuzzerCleanup(void)
151{
152 FuzzerClearRand();
153}
|