]>
Commit | Line | Data |
---|---|---|
e1859d8d | 1 | /* |
da1c088f | 2 | * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. |
e1859d8d | 3 | * |
0642931f | 4 | * Licensed under the Apache License 2.0 (the "License"); |
e1859d8d KR |
5 | * you may not use this file except in compliance with the License. |
6 | * You may obtain a copy of the License at | |
7 | * https://www.openssl.org/source/license.html | |
8 | * or in the file LICENSE in the source distribution. | |
9 | */ | |
10 | ||
11 | #include <openssl/x509.h> | |
399c2da0 | 12 | #include <openssl/ocsp.h> |
e1859d8d | 13 | #include <openssl/bio.h> |
d69d8f90 | 14 | #include <openssl/err.h> |
b534df96 | 15 | #include <openssl/rand.h> |
e1859d8d KR |
16 | #include "fuzzer.h" |
17 | ||
f3e911d5 KR |
18 | int FuzzerInitialize(int *argc, char ***argv) |
19 | { | |
de2ea978 | 20 | FuzzerSetRand(); |
399c2da0 KR |
21 | OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
22 | | OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); | |
e5d4233f | 23 | ERR_clear_error(); |
d69d8f90 | 24 | CRYPTO_free_ex_index(0, -1); |
a05b0bcf KR |
25 | return 1; |
26 | } | |
27 | ||
399c2da0 KR |
28 | static int cb(int ok, X509_STORE_CTX *ctx) |
29 | { | |
30 | return 1; | |
31 | } | |
32 | ||
f3e911d5 KR |
33 | int FuzzerTestOneInput(const uint8_t *buf, size_t len) |
34 | { | |
e1859d8d | 35 | const unsigned char *p = buf; |
399c2da0 | 36 | size_t orig_len = len; |
e1859d8d | 37 | unsigned char *der = NULL; |
399c2da0 KR |
38 | BIO *bio = NULL; |
39 | X509 *x509_1 = NULL, *x509_2 = NULL; | |
40 | X509_STORE *store = NULL; | |
41 | X509_VERIFY_PARAM *param = NULL; | |
42 | X509_STORE_CTX *ctx = NULL; | |
43 | X509_CRL *crl = NULL; | |
44 | STACK_OF(X509_CRL) *crls = NULL; | |
45 | STACK_OF(X509) *certs = NULL; | |
46 | OCSP_RESPONSE *resp = NULL; | |
47 | OCSP_BASICRESP *bs = NULL; | |
48 | OCSP_CERTID *id = NULL; | |
49 | ||
50 | x509_1 = d2i_X509(NULL, &p, len); | |
51 | if (x509_1 == NULL) | |
52 | goto err; | |
53 | ||
54 | bio = BIO_new(BIO_s_null()); | |
55 | if (bio == NULL) | |
56 | goto err; | |
57 | ||
58 | /* This will load and print the public key as well as extensions */ | |
59 | X509_print(bio, x509_1); | |
60 | BIO_free(bio); | |
61 | ||
62 | X509_issuer_and_serial_hash(x509_1); | |
63 | ||
64 | i2d_X509(x509_1, &der); | |
65 | OPENSSL_free(der); | |
66 | ||
67 | len = orig_len - (p - buf); | |
68 | x509_2 = d2i_X509(NULL, &p, len); | |
69 | if (x509_2 == NULL) | |
70 | goto err; | |
71 | ||
72 | len = orig_len - (p - buf); | |
73 | crl = d2i_X509_CRL(NULL, &p, len); | |
74 | if (crl == NULL) | |
75 | goto err; | |
76 | ||
77 | len = orig_len - (p - buf); | |
78 | resp = d2i_OCSP_RESPONSE(NULL, &p, len); | |
79 | ||
80 | store = X509_STORE_new(); | |
81 | X509_STORE_add_cert(store, x509_2); | |
e1859d8d | 82 | |
399c2da0 KR |
83 | param = X509_VERIFY_PARAM_new(); |
84 | X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_NO_CHECK_TIME); | |
85 | X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_X509_STRICT); | |
86 | X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_PARTIAL_CHAIN); | |
87 | X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK); | |
e1859d8d | 88 | |
399c2da0 | 89 | X509_STORE_set1_param(store, param); |
55869f59 | 90 | |
399c2da0 | 91 | X509_STORE_set_verify_cb(store, cb); |
e1859d8d | 92 | |
399c2da0 KR |
93 | ctx = X509_STORE_CTX_new(); |
94 | if (ctx == NULL) | |
95 | goto err; | |
96 | ||
97 | X509_STORE_CTX_init(ctx, store, x509_1, NULL); | |
98 | ||
99 | if (crl != NULL) { | |
100 | crls = sk_X509_CRL_new_null(); | |
101 | if (crls == NULL) | |
102 | goto err; | |
103 | ||
104 | sk_X509_CRL_push(crls, crl); | |
105 | X509_STORE_CTX_set0_crls(ctx, crls); | |
e1859d8d | 106 | } |
399c2da0 KR |
107 | |
108 | X509_verify_cert(ctx); | |
109 | ||
110 | if (resp != NULL) | |
111 | bs = OCSP_response_get1_basic(resp); | |
112 | ||
113 | if (bs != NULL) { | |
114 | int status, reason; | |
115 | ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd; | |
116 | ||
117 | certs = sk_X509_new_null(); | |
118 | if (certs == NULL) | |
119 | goto err; | |
120 | ||
121 | sk_X509_push(certs, x509_1); | |
122 | sk_X509_push(certs, x509_2); | |
123 | ||
124 | OCSP_basic_verify(bs, certs, store, OCSP_PARTIAL_CHAIN); | |
125 | ||
126 | id = OCSP_cert_to_id(NULL, x509_1, x509_2); | |
127 | if (id == NULL) | |
128 | goto err; | |
129 | OCSP_resp_find_status(bs, id, &status, &reason, &revtime, &thisupd, | |
130 | &nextupd); | |
131 | } | |
132 | ||
133 | err: | |
134 | X509_STORE_CTX_free(ctx); | |
135 | X509_VERIFY_PARAM_free(param); | |
136 | X509_STORE_free(store); | |
137 | X509_free(x509_1); | |
138 | X509_free(x509_2); | |
139 | X509_CRL_free(crl); | |
140 | OCSP_CERTID_free(id); | |
141 | OCSP_BASICRESP_free(bs); | |
142 | OCSP_RESPONSE_free(resp); | |
143 | sk_X509_CRL_free(crls); | |
144 | sk_X509_free(certs); | |
145 | ||
d69d8f90 | 146 | ERR_clear_error(); |
e1859d8d KR |
147 | return 0; |
148 | } | |
ad4da7fb KR |
149 | |
150 | void FuzzerCleanup(void) | |
151 | { | |
de2ea978 | 152 | FuzzerClearRand(); |
ad4da7fb | 153 | } |