/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL licenses, (the "License");
+ * Licensed under the Apache License 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* https://www.openssl.org/source/license.html
* asn1 <data structure>
*/
+/* We need to use some deprecated APIs */
+#define OPENSSL_SUPPRESS_DEPRECATED
+
#include <stdio.h>
#include <string.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/dh.h>
+#include <openssl/dsa.h>
#include <openssl/ec.h>
#include <openssl/ocsp.h>
#include <openssl/pkcs12.h>
#include <openssl/ts.h>
#include <openssl/x509v3.h>
#include <openssl/cms.h>
+#include <openssl/ess.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/ssl.h>
+#include "internal/nelem.h"
#include "fuzzer.h"
-#include "rand.inc"
-
static ASN1_ITEM_EXP *item_type[] = {
ASN1_ITEM_ref(ACCESS_DESCRIPTION),
#ifndef OPENSSL_NO_RFC3779
ASN1_ITEM_ref(DISPLAYTEXT),
ASN1_ITEM_ref(DIST_POINT),
ASN1_ITEM_ref(DIST_POINT_NAME),
-#ifndef OPENSSL_NO_EC
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
ASN1_ITEM_ref(ECPARAMETERS),
ASN1_ITEM_ref(ECPKPARAMETERS),
#endif
ASN1_ITEM_ref(IPAddressRange),
#endif
ASN1_ITEM_ref(ISSUING_DIST_POINT),
-#if OPENSSL_API_COMPAT < 0x30000000L
+#ifndef OPENSSL_NO_DEPRECATED_3_0
ASN1_ITEM_ref(LONG),
#endif
ASN1_ITEM_ref(NAME_CONSTRAINTS),
ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
ASN1_ITEM_ref(PROXY_POLICY),
ASN1_ITEM_ref(RSA_OAEP_PARAMS),
- ASN1_ITEM_ref(RSAPrivateKey),
ASN1_ITEM_ref(RSA_PSS_PARAMS),
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ ASN1_ITEM_ref(RSAPrivateKey),
ASN1_ITEM_ref(RSAPublicKey),
+#endif
ASN1_ITEM_ref(SXNET),
ASN1_ITEM_ref(SXNETID),
ASN1_ITEM_ref(USERNOTICE),
ASN1_ITEM_ref(X509_REVOKED),
ASN1_ITEM_ref(X509_SIG),
ASN1_ITEM_ref(X509_VAL),
-#if OPENSSL_API_COMPAT < 0x30000000L
+#ifndef OPENSSL_NO_DEPRECATED_3_0
ASN1_ITEM_ref(ZLONG),
#endif
ASN1_ITEM_ref(INT32),
int len2; \
BIO *bio = BIO_new(BIO_s_null()); \
\
- PRINT(bio, type); \
- BIO_free(bio); \
+ if (bio != NULL) { \
+ PRINT(bio, type); \
+ BIO_free(bio); \
+ } \
len2 = I2D(type, &der); \
if (len2 != 0) {} \
OPENSSL_free(der); \
if (type != NULL) { \
BIO *bio = BIO_new(BIO_s_null()); \
\
- PRINT(bio, type, 0); \
- BIO_free(bio); \
+ if (bio != NULL) { \
+ PRINT(bio, type, 0); \
+ BIO_free(bio); \
+ } \
I2D(type, &der); \
OPENSSL_free(der); \
TYPE ## _free(type); \
if (type != NULL) { \
BIO *bio = BIO_new(BIO_s_null()); \
\
- PRINT(bio, type, 0, pctx); \
- BIO_free(bio); \
+ if (bio != NULL) { \
+ PRINT(bio, type, 0, pctx); \
+ BIO_free(bio); \
+ } \
I2D(type, &der); \
OPENSSL_free(der); \
TYPE ## _free(type); \
int FuzzerInitialize(int *argc, char ***argv)
{
+ FuzzerSetRand();
pctx = ASN1_PCTX_new();
ASN1_PCTX_set_flags(pctx, ASN1_PCTX_FLAGS_SHOW_ABSENT |
ASN1_PCTX_FLAGS_SHOW_SEQUENCE | ASN1_PCTX_FLAGS_SHOW_SSOF |
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
- ERR_get_state();
+ ERR_clear_error();
CRYPTO_free_ex_index(0, -1);
- FuzzerSetRand();
return 1;
}
ASN1_VALUE *o = ASN1_item_d2i(NULL, &b, len, i);
if (o != NULL) {
- BIO *bio = BIO_new(BIO_s_null());
-
- ASN1_item_print(bio, o, 4, i, pctx);
- BIO_free(bio);
- ASN1_item_i2d(o, &der, i);
- OPENSSL_free(der);
+ /*
+ * Don't print excessively long output to prevent spurious fuzzer
+ * timeouts.
+ */
+ if (b - buf < 10000) {
+ BIO *bio = BIO_new(BIO_s_null());
+ if (bio != NULL) {
+ ASN1_item_print(bio, o, 4, i, pctx);
+ BIO_free(bio);
+ }
+ }
+ if (ASN1_item_i2d(o, &der, i) > 0) {
+ OPENSSL_free(der);
+ }
ASN1_item_free(o, i);
}
}
DO_TEST(TS_STATUS_INFO, d2i_TS_STATUS_INFO, i2d_TS_STATUS_INFO, TS_STATUS_INFO_print_bio);
DO_TEST(TS_TST_INFO, d2i_TS_TST_INFO, i2d_TS_TST_INFO, TS_TST_INFO_print_bio);
DO_TEST_NO_PRINT(TS_ACCURACY, d2i_TS_ACCURACY, i2d_TS_ACCURACY);
+#endif
DO_TEST_NO_PRINT(ESS_ISSUER_SERIAL, d2i_ESS_ISSUER_SERIAL, i2d_ESS_ISSUER_SERIAL);
DO_TEST_NO_PRINT(ESS_CERT_ID, d2i_ESS_CERT_ID, i2d_ESS_CERT_ID);
DO_TEST_NO_PRINT(ESS_SIGNING_CERT, d2i_ESS_SIGNING_CERT, i2d_ESS_SIGNING_CERT);
-#endif
-#ifndef OPENSSL_NO_DH
- DO_TEST(DH, d2i_DHparams, i2d_DHparams, DHparams_print);
- DO_TEST(DH, d2i_DHxparams, i2d_DHxparams, DHparams_print);
+ DO_TEST_NO_PRINT(ESS_CERT_ID_V2, d2i_ESS_CERT_ID_V2, i2d_ESS_CERT_ID_V2);
+ DO_TEST_NO_PRINT(ESS_SIGNING_CERT_V2, d2i_ESS_SIGNING_CERT_V2, i2d_ESS_SIGNING_CERT_V2);
+#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+ DO_TEST_NO_PRINT(DH, d2i_DHparams, i2d_DHparams);
+ DO_TEST_NO_PRINT(DH, d2i_DHxparams, i2d_DHxparams);
#endif
#ifndef OPENSSL_NO_DSA
DO_TEST_NO_PRINT(DSA_SIG, d2i_DSA_SIG, i2d_DSA_SIG);
- DO_TEST_PRINT_OFFSET(DSA, d2i_DSAPrivateKey, i2d_DSAPrivateKey, DSA_print);
- DO_TEST_PRINT_OFFSET(DSA, d2i_DSAPublicKey, i2d_DSAPublicKey, DSA_print);
- DO_TEST(DSA, d2i_DSAparams, i2d_DSAparams, DSAparams_print);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+ DO_TEST_NO_PRINT(DSA, d2i_DSAPrivateKey, i2d_DSAPrivateKey);
+ DO_TEST_NO_PRINT(DSA, d2i_DSAPublicKey, i2d_DSAPublicKey);
+ DO_TEST_NO_PRINT(DSA, d2i_DSAparams, i2d_DSAparams);
+# endif
+#endif
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ DO_TEST_NO_PRINT(RSA, d2i_RSAPublicKey, i2d_RSAPublicKey);
#endif
- DO_TEST_PRINT_OFFSET(RSA, d2i_RSAPublicKey, i2d_RSAPublicKey, RSA_print);
#ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_DEPRECATED_3_0
DO_TEST_PRINT_OFFSET(EC_GROUP, d2i_ECPKParameters, i2d_ECPKParameters, ECPKParameters_print);
DO_TEST_PRINT_OFFSET(EC_KEY, d2i_ECPrivateKey, i2d_ECPrivateKey, EC_KEY_print);
DO_TEST(EC_KEY, d2i_ECParameters, i2d_ECParameters, ECParameters_print);
DO_TEST_NO_PRINT(ECDSA_SIG, d2i_ECDSA_SIG, i2d_ECDSA_SIG);
+# endif
#endif
DO_TEST_PRINT_PCTX(EVP_PKEY, d2i_AutoPrivateKey, i2d_PrivateKey, EVP_PKEY_print_private);
DO_TEST(SSL_SESSION, d2i_SSL_SESSION, i2d_SSL_SESSION, SSL_SESSION_print);
void FuzzerCleanup(void)
{
ASN1_PCTX_free(pctx);
+ FuzzerClearRand();
}