From: Matt Caswell <matt@openssl.org>
Date: Wed, 11 Oct 2023 09:46:46 +0000 (+0100)
Subject: Ignore a bad signature in a CertificateVerify message while fuzzing
X-Git-Tag: openssl-3.2.0-beta1~50
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=702bb16b9f38c4b17879b0d22bd08ea495c578e2;p=thirdparty%2Fopenssl.git

Ignore a bad signature in a CertificateVerify message while fuzzing

We ignore such a bad signature when fuzzing - it will never be correct.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
---

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index d979b6d5fc4..5693a1269df 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -575,6 +575,11 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL_CONNECTION *s, PACKET *pkt)
         }
     } else {
         j = EVP_DigestVerify(mctx, data, len, hdata, hdatalen);
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+        /* Ignore bad signatures when fuzzing */
+        if (SSL_IS_QUIC_HANDSHAKE(s))
+            j = 1;
+#endif
         if (j <= 0) {
             SSLfatal(s, SSL_AD_DECRYPT_ERROR, SSL_R_BAD_SIGNATURE);
             goto err;