Commit Graph

115 Commits

Author SHA1 Message Date
Richard Levitte
ac6bba6f6e Build: Change all _NO_INST to use attributes instead.
This means that all PROGRAMS_NO_INST, LIBS_NO_INST, ENGINES_NO_INST
and SCRIPTS_NO_INST are changed to be PROGRAM, LIBS, ENGINES and
SCRIPTS with the associated attribute 'noinst'.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7581)
2019-01-22 12:35:39 +01:00
Richard Levitte
0642931f30 Following the license change, modify the boilerplates in fuzz/
[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7833)
2018-12-06 15:37:38 +01:00
Richard Levitte
fcd2d5a612 Refactor the computation of API version limits
Previously, the API version limit was indicated with a numeric version
number.  This was "natural" in the pre-3.0.0 because the version was
this simple number.

With 3.0.0, the version is divided into three separate numbers, and
it's only the major number that counts, but we still need to be able
to support pre-3.0.0 version limits.

Therefore, we allow OPENSSL_API_COMPAT to be defined with a pre-3.0.0
style numeric version number or with a simple major number, i.e. can
be defined like this for any application:

    -D OPENSSL_API_COMPAT=0x10100000L
    -D OPENSSL_API_COMPAT=3

Since the pre-3.0.0 numerical version numbers are high, it's easy to
distinguish between a simple major number and a pre-3.0.0 numerical
version number and to thereby support both forms at the same time.

Internally, we define the following macros depending on the value of
OPENSSL_API_COMPAT:

    OPENSSL_API_0_9_8
    OPENSSL_API_1_0_0
    OPENSSL_API_1_1_0
    OPENSSL_API_3

They indicate that functions marked for deprecation in the
corresponding major release shall not be built if defined.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)
2018-12-06 12:24:48 +01:00
Richard Levitte
672f943ad6 Switch future deprecation version from 1.2.0 to 3.0
This is in preparation for a switch to MAJOR.MINOR.PATCH versioning
and calling the next major version 3.0.0.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)
2018-12-06 12:24:47 +01:00
Matt Caswell
c486283cb8 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7668)
2018-11-20 13:26:47 +00:00
Pauli
afc580b9b0 GMAC implementation
Remove GMAC demo program because it has been superceded by the EVP MAC one

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7548)
2018-11-05 08:09:41 +10:00
cclauss
83e4533a71 print() is a function in Python 3
CLA: trivial

Discovered via #7410 @ https://travis-ci.org/openssl/openssl/jobs/442003489#L440

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7403)
2018-10-17 07:31:25 +02:00
Brian 'geeknik' Carpenter
8e8fe187f1 Update README.md
Fixes a minor typo that would cause the linker to complain about not finding -lFuzzer

CLA: trivial

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7197)
2018-09-12 13:04:38 +02:00
Matt Caswell
1212818eb0 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7176)
2018-09-11 13:45:17 +01:00
Patrick Steuer
63c5ac801f fuzz/driver.c: appease -Wmissing-prototypes
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/7138)
2018-09-07 11:34:02 +03:00
Kurt Roeckx
0b89db6b2a Update fuzz corpora
Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #7033
2018-08-23 22:08:08 +02:00
Matt Caswell
345bee916a Fix no-comp
Commit 8839324 removed some NULL checks from the stack code. This caused
a no-comp build to fail in the client and server fuzzers.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6893)
2018-08-09 14:41:31 +01:00
Pauli
f52292be10 Add OIDs for HMAC SHA512/224 and HMAC SHA512/256.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6830)
2018-08-01 11:58:39 +10:00
Kurt Roeckx
07fc8d5207 Enable all protocols and ciphers in the fuzzer
The config file can override it.
In case of the server, it needs to be set on the ctx or some of the
other functions on the ctx might file.

Reviewed-by: Rich Salz <rsalz@openssl.org>
DH: #6718
2018-07-17 00:01:00 +02:00
Dmitry Belyavskiy
55fc247a69 New GOST identificators
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6438)
2018-06-08 12:06:40 -04:00
Matt Caswell
c4d3c19b4c Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5851)
2018-04-03 13:57:12 +01:00
Richard Levitte
9d74090959 Faster fuzz test: teach the fuzz test programs to handle directories
Instead of invoking the fuzz test programs once for every corpora
file, we invoke them once for each directory of corpora files.  This
dramatically reduces the number of program invikations, as well as the
time 99-test_fuzz.t takes to complete.

fuzz/test-corpus.c was enhanced to handle directories as well as
regular files.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5776)
2018-03-29 09:24:56 +02:00
Matt Caswell
273f7fe16a Add fuzz corpora file that found the ASN.1 stack depth issue
Reviewed-by: Rich Salz <rsalz@openssl.org>
2018-03-27 10:22:49 +01:00
Jack Lloyd
3d328a445c Add SM2 signature and ECIES schemes
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4793)
2018-03-19 14:33:25 +01:00
Pauli
5cd42251ba Missings OIDs for XTS added.
Added two missing OIDs for AES-{128,256}-XTS.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5622)
2018-03-15 11:09:20 +10:00
gmile
e45b4dd292 Add OIDs for DSTU-4145
Original source:
2c5fc4c92b

Full list of OIDs is available on related enactment page
at http://zakon2.rada.gov.ua/laws/show/z0423-17

CLA: trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5216)
2018-03-12 12:57:26 -04:00
Sergey Zhuravlev
3b5e517200 Add GOST OIDs for Edwards parameter sets
Add OIDs for parameter sets of Edwards elliptic curves.

CLA: trivial

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5380)
2018-03-07 13:14:59 -05:00
Matt Caswell
0d66475908 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-27 13:59:42 +00:00
Rich Salz
97d37b85d4 Generate copyright year properly
Output copyright year depends on any input file(s) and the script.
This is not perfect, but better than what we had.
Also run 'make update'

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5350)
2018-02-13 13:22:30 -05:00
Pauli
4bed94f0c1 SHA512/224 and SHA512/256
Support added for these two digests, available only via the EVP interface.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5093)
2018-01-24 07:09:46 +10:00
Ronald Tse
67e247fad1 SM3: restructure to EVP internal and update doc to right location
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4616)
2017-11-06 07:21:15 +08:00
Benjamin Kaduk
976b0388d0 Conditionalize fuzz tests on feature macros
Do not try to fuzz-test structures/routines that are compiled
out of the library due to library configuration.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4664)
2017-11-03 13:49:21 -05:00
Kurt Roeckx
ba24968dd1 Update asn1 and x509 corpora
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #4653
2017-11-03 10:58:09 +01:00
Kurt Roeckx
902f7d5c87 ASN1 fuzzer: Use d2i_TYPE / i2d_TYPE functions
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #4648
2017-11-03 10:58:03 +01:00
Kurt Roeckx
222cb307d4 Don't turn b2 negative
b2 being negative is ignored

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #4648
2017-11-03 10:58:02 +01:00
Kurt Roeckx
e8ff08f7bb Update location of the libfuzzer repository
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #4648
2017-11-03 10:58:02 +01:00
Richard Levitte
8d3363f2ce make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4637)
2017-10-31 20:10:40 +01:00
Richard Levitte
8e32e1abbc Generate a dictionary of OIDs for fuzzers
It turns out that (some?) fuzzers can read a dictionary of OIDs,
so we generate one as part of the usual 'make update'.

Fixes #4615

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4637)
2017-10-31 20:08:48 +01:00
Ben Laurie
cc1c473d70 Remove unused variable.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4367)
2017-10-16 15:18:24 -04:00
Pauli
d2ef6e4ecc Stack sorting safety
Use the defined typechecking stack method to sort the compression methods stack
rather than using the generic function and apply type casts.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4382)
2017-09-18 12:17:18 +10:00
gbrl
61389f0981 bndiv fuzzer: limit the size of the input to avoid timeout
CLA: trivial

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4119)
2017-08-16 10:05:40 -04:00
Rich Salz
710769f0a9 Move FuzzerSetRand to separate file.
Use an inline rand.inc; this fixes Google's OSS-Fuzz builds.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4141)
2017-08-11 08:23:07 -04:00
Rich Salz
9f08a1c63e Install custom RAND_METHOD for fuzzing
Instead of setting a "magic" global variable to force RAND to keep
consistent state and always generate the same bytestream, have
the fuzzing code install its own RAND_METHOD that does this.  For
BN_RAND_DEBUG, we just don't do it; that debugging was about mucking
with BN's internal representation, not requiring predictable rand
bytes.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4025)
2017-07-26 19:27:54 -04:00
Kurt Roeckx
515b124b8b Update fuzz corpora
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #3829
2017-07-02 18:21:19 +02:00
Andy Polyakov
b12ae4a912 fuzz/{client,server}.c: omit _time64 "overload method".
Approach was opportunistic in Windows context from its inception
and on top of that it was proven to be error-prone at link stage.
Correct answer is to introduce library-specific time function that
we can control in platform-neutral manner.  Meanwhile we just let
be attempts to override time on Windows.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3320)
2017-04-27 13:01:08 +02:00
Jon Spillett
424aa35245 Change 64-bit time type for windows
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3248)
2017-04-19 15:54:52 -04:00
Kurt Roeckx
ff54cd9beb Optionally check for early data
This adds a way to use the last byte of the buffer to change the
behavior of the server. The last byte is used so that the existing
corpus can be reused either without changing it, or just adding a single
byte, and that it can still be used by other projects.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
2017-04-16 19:30:15 +02:00
Kurt Roeckx
14a6570f31 Use a fixed time when fuzzing.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
2017-04-16 19:30:15 +02:00
Kurt Roeckx
930aa9eeed Document how to update the corpus.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
2017-04-16 19:30:14 +02:00
Kurt Roeckx
b534df96c9 Make x509 and asn1 fuzzer reproducible
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
2017-04-16 19:30:14 +02:00
Kurt Roeckx
644fb113a0 Switch libfuzzer to use trace-pc-guard
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2683
2017-04-16 19:30:14 +02:00
Richard Levitte
31ae516116 Act on deprecation of LONG and ZLONG, step 1
Don't compile code that still uses LONG when it's deprecated

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3126)
2017-04-10 12:11:00 +02:00
Richard Levitte
64f11ee888 Publish our INT32, UINT32, INT64, UINT64 ASN.1 types and Z variants
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3126)
2017-04-10 12:10:59 +02:00
Rich Salz
076fc55527 Make default_method mostly compile-time
Document thread-safety issues
Have RSA_null return NULL (always fails)

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2244)
2017-04-07 12:19:46 -04:00
Matt Caswell
8a585601fe Fix out-of-memory condition in conf
conf has the ability to expand variables in config files. Repeatedly doing
this can lead to an exponential increase in the amount of memory required.
This places a limit on the length of a value that can result from an
expansion.

Credit to OSS-Fuzz for finding this problem.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2894)
2017-03-12 00:19:14 +00:00