Commit Graph

231 Commits

Author SHA1 Message Date
Hugo Landau
9eabb30ab4 QUIC RCIDM: Minor updates
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23022)
2024-01-11 11:16:27 +01:00
Hugo Landau
ad08c814d8 Update fuzz corpora
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23022)
2024-01-11 11:14:18 +01:00
Hugo Landau
8e1593e647 QUIC RCIDM: Update fuzz corpora
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23022)
2024-01-11 11:14:18 +01:00
Hugo Landau
d0bac943c9 QUIC RCIDM: Add fuzzer
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23022)
2024-01-11 11:14:18 +01:00
Dr. David von Oheimb
bedffe1731 crypto/cmp/,apps/lib/cmp_mock_srv.c: various improvements on delayed delivery
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20727)
2023-12-21 23:06:42 +01:00
Rajeev Ranjan
192bfec487 crypto/cmp/,apps/lib/cmp_mock_srv.c: add delayed delivery for all types of responses
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20727)
2023-12-21 22:53:35 +01:00
Hugo Landau
3d7f83ebdc QUIC LCIDM: Add fuzzer
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22673)
2023-12-06 10:40:11 +00:00
Hugo Landau
7fa47fe5b9 Update fuzz corpora
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22790)
2023-11-23 14:50:03 +00:00
Hugo Landau
5c71b7df91 QUIC SRTM: Update fuzz corpora
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22612)
2023-11-23 14:46:01 +00:00
Hugo Landau
d742badc3b Fuzzing: Fix helper shebang on NixOS
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22612)
2023-11-23 14:46:01 +00:00
Hugo Landau
f328adff43 QUIC SRTM: Add fuzzer for SRTM
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22612)
2023-11-23 14:46:01 +00:00
Kurt Roeckx
fe487609c1 Exclude more in the fuzz introspector report
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22707)
2023-11-14 17:00:07 +01:00
Matt Caswell
3fa274ca81 Add support for streams to the quic-client fuzzer
Enable the quic-client fuzzer to accept and create new streams

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22592)
2023-11-03 09:58:35 +00:00
Matt Caswell
d3dcf88cc5 Call SSL_write() in the quic-client-fuzzer
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22592)
2023-11-03 09:58:27 +00:00
Kurt Roeckx
3a29ac2684 Create a fuzz introspector exclude config file
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22532)
2023-10-30 08:01:03 +00:00
Kurt Roeckx
87bed01bdb Update to latest fuzz corpora
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22531)
2023-10-30 07:57:51 +00:00
Matt Caswell
49f5d95c05 Update the corpora files to include the new quic-client subdir
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
2023-10-23 10:08:22 +01:00
Matt Caswell
9252efdb8d Teach the quic-client fuzzer about time
We allow the fuzzer to influence the time between different packets using
the fake time capability.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
2023-10-23 10:08:22 +01:00
Matt Caswell
f762055518 Some cleanups in the quic-client fuzzer
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
2023-10-23 10:08:22 +01:00
Matt Caswell
3714a735ac Update the fuzz README to provide info about the stdc++ requirements
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
2023-10-23 10:08:12 +01:00
Matt Caswell
acee7d68e1 Updates to the quic client fuzzer
Handle retryable errors from SSL_read(). Also ensure the underlying BIO
handles the destination address capability.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
2023-10-23 10:08:12 +01:00
Kurt Roeckx
ee7729ed4c Add quic client fuzzer.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
2023-10-23 10:08:12 +01:00
Matt Caswell
da1c088f59 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-07 09:59:15 +01:00
Kurt Roeckx
72a0688552 Update fuzz corpora to latest commit
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21927)
2023-09-05 13:24:06 +02:00
Kurt Roeckx
399c2da08a Update X509 fuzzer to verify a chain
It add supports for verifying that it's been signed by a CA, and
checks the CRL and OCSP status

Can find CVE-2022-4203 and CVE-2023-0286

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20243)
2023-09-01 10:11:57 +01:00
Jonathan M. Wilbur
58cd83f83c fix: add fuzz oids
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21232)
2023-06-29 09:29:56 +10:00
Kurt Roeckx
a9e6100bc9 Add decoder fuzzer
This found CVE-2023-0217

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20269)
2023-06-23 15:54:54 +02:00
Tomas Mraz
26baecb28c Update fuzz/corpora submodule to latest data
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21118)
2023-06-02 16:08:28 +02:00
Kurt Roeckx
bc07d37186 Add PEM fuzzer
This fuzzer can find CVE-2022-4450

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20242)
2023-06-01 10:04:32 +10:00
Dragan Zuvic
f3afe15fb7 Adding some selected MS OIDs for #19630 added ms-corp alias for OID 1.3.6.1.4.1.311
and changed hopefully all occurences for that OID

Signed-off-by: Dragan Zuvic <dragan.zuvic@mercedes-benz.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20986)
2023-05-22 07:43:00 +01:00
Matt Caswell
3868807d2f Update the corpora submodule
We update the corpora submodule to include a fuzz testcase for the conf
timeout.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20839)
2023-05-08 10:33:48 +01:00
Matt Caswell
91d39be797 Update the corpora
Updated the fuzz corpora to include a testcase for the zero length
handshake fragment records issue fixed by the previous commit.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20824)
2023-05-01 09:54:39 +01:00
Irak Rigia
1e6bd31e58 Replaced '{ 0, NULL }' with OSSL_DISPATCH_END in OSSL_DISPATCH arrays
Fixes #20710

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20745)
2023-04-21 16:19:11 +02:00
Tomas Mraz
3565cc2c5b Add openssl/fuzz-corpora repository as submodule
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20683)
2023-04-11 10:41:56 +02:00
Tomas Mraz
0f73501196 Remove fuzz corpora data from the repository
To be replaced with a git submodule.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20683)
2023-04-11 10:41:56 +02:00
Hardik Shah
55aab29c1e Add fuzz test for v3name
v3name_fuzzer build modifications

create 99-test_fuzz_v3name_fuzzer.t

test corpus for cve-2023-0286

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20274)
2023-03-01 20:25:15 +11:00
Alex Gaynor
359d6a26d6 Added a fuzzer for SMIME
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20332)
2023-02-27 09:29:20 +00:00
Xu Yizhou
de8f6a3e29 obj: Add SM4 XTS OID
Add the following OID:

SM4-XTS: 1.2.156.10197.1.104.10

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19619)
2022-11-29 16:17:30 +01:00
Richard Levitte
7bc5ce4a79 Use <openssl/e_os2.h> rather than <stdint.h>
<stdint.h> is C99, which means that on older compiler, it can't be included.
We have code in <openssl/e_os2.h> that compensates.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19697)
2022-11-17 11:09:31 +01:00
Pauli
8aa82b3370 fuzz: add punycode decoder fuzz test
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19591)
2022-11-11 08:14:48 +11:00
Job Snijders
fcae2ae4f6 Add Content Type OID for RPKI id-ct-signedTAL
References: draft-ietf-sidrops-signed-tal
Title: "RPKI Signed Object for Trust Anchor Key"

OID permanently assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)'
https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19221)
2022-10-03 11:49:04 +11:00
Graham Woodward
e869c867c1 Allow PKCS12 export to set arbitrary bag attributes
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19025)
2022-09-23 17:40:02 +01:00
K1
48963ff6d0 Add support for PBE using hmacWithSM3
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19204)
2022-09-15 17:03:56 +02:00
Lutz Jaenicke
5f7d4e9111 Objects: Add OIDs needed for CAdES-Processing
Add objects from ETSI-specification(s) used in CAdES processing.
Main document referenced is ETSI EN 319 122-1 V1.2.1.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18655)
2022-06-28 17:12:06 +02:00
Jiasheng Jiang
1cb35ce06a fuzz/asn1.c: Add check for ASN1_item_i2d
As the potential failure of the ASN1_item_i2d,
it should be better to check the return value.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18647)
2022-06-28 17:10:11 +02:00
Dr. David von Oheimb
34959f7a22 objects.txt: Add newly registered OIDs according to CMP Updates, for use in extended CMPv2
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15778)
2022-05-04 13:23:31 +02:00
Matt Caswell
fecb3aae22 Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
2022-05-03 13:34:51 +01:00
tangyiqun
edba19760f check return value of functions that call BIO_new()
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17850)
2022-03-16 11:05:54 +01:00
Jiasheng Jiang
885d97fbf8 fuzz/fuzz_rand.c: Add check for OSSL_LIB_CTX_new
As the potential failure of the OPENSSL_zalloc(), the OSSL_LIB_CTX_new()
could return NULL.
Therefore, it should be better to check it and return error if fails in
order to guarantee the success of the initialization.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17738)
2022-02-28 12:15:41 +01:00
Jiasheng Jiang
d43597c718 fuzz/asn1.c: Add missing check for BIO_new
Since the BIO_new may fail, the 'bio' could be NULL pointer and be used.
Therefore, it should be better to check it and skip the print if fails.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17690)
2022-02-20 13:04:24 +01:00