openssl/fuzz/build.info
Kurt Roeckx 399c2da08a Update X509 fuzzer to verify a chain
It add supports for verifying that it's been signed by a CA, and
checks the CRL and OCSP status

Can find CVE-2022-4203 and CVE-2023-0286

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20243)
2023-09-01 10:11:57 +01:00

191 lines
5.5 KiB
Plaintext

{- use File::Spec::Functions;
our $ex_inc = $withargs{fuzzer_include} &&
(file_name_is_absolute($withargs{fuzzer_include}) ?
$withargs{fuzzer_include} : catdir(updir(), $withargs{fuzzer_include}));
our $ex_lib = $withargs{fuzzer_lib} &&
(file_name_is_absolute($withargs{fuzzer_lib}) ?
$withargs{fuzzer_lib} : catfile(updir(), $withargs{fuzzer_lib}));
""
-}
IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}]
PROGRAMS{noinst}=asn1 asn1parse bignum bndiv client conf crl server smime
PROGRAMS{noinst}=punycode pem decoder
PROGRAMS{noinst}=v3name
IF[{- !$disabled{"cmp"} -}]
PROGRAMS{noinst}=cmp
ENDIF
IF[{- !$disabled{"cms"} -}]
PROGRAMS{noinst}=cms
ENDIF
IF[{- !$disabled{"ct"} -}]
PROGRAMS{noinst}=ct
ENDIF
IF[{- !$disabled{"ocsp"} -}]
PROGRAMS{noinst}=x509
ENDIF
SOURCE[asn1]=asn1.c driver.c fuzz_rand.c
INCLUDE[asn1]=../include {- $ex_inc -}
DEPEND[asn1]=../libcrypto ../libssl {- $ex_lib -}
SOURCE[asn1parse]=asn1parse.c driver.c
INCLUDE[asn1parse]=../include {- $ex_inc -}
DEPEND[asn1parse]=../libcrypto {- $ex_lib -}
SOURCE[bignum]=bignum.c driver.c
INCLUDE[bignum]=../include {- $ex_inc -}
DEPEND[bignum]=../libcrypto {- $ex_lib -}
SOURCE[bndiv]=bndiv.c driver.c
INCLUDE[bndiv]=../include {- $ex_inc -}
DEPEND[bndiv]=../libcrypto {- $ex_lib -}
SOURCE[client]=client.c driver.c fuzz_rand.c
INCLUDE[client]=../include {- $ex_inc -}
DEPEND[client]=../libcrypto ../libssl {- $ex_lib -}
SOURCE[cmp]=cmp.c driver.c fuzz_rand.c
INCLUDE[cmp]=../include {- $ex_inc -}
DEPEND[cmp]=../libcrypto {- $ex_lib -}
SOURCE[cms]=cms.c driver.c
INCLUDE[cms]=../include {- $ex_inc -}
DEPEND[cms]=../libcrypto {- $ex_lib -}
SOURCE[conf]=conf.c driver.c
INCLUDE[conf]=../include {- $ex_inc -}
DEPEND[conf]=../libcrypto {- $ex_lib -}
SOURCE[crl]=crl.c driver.c
INCLUDE[crl]=../include {- $ex_inc -}
DEPEND[crl]=../libcrypto {- $ex_lib -}
SOURCE[ct]=ct.c driver.c
INCLUDE[ct]=../include {- $ex_inc -}
DEPEND[ct]=../libcrypto {- $ex_lib -}
SOURCE[pem]=pem.c driver.c
INCLUDE[pem]=../include {- $ex_inc -}
DEPEND[pem]=../libcrypto.a {- $ex_lib -}
SOURCE[decoder]=decoder.c driver.c fuzz_rand.c
INCLUDE[decoder]=../include {- $ex_inc -}
DEPEND[decoder]=../libcrypto {- $ex_lib -}
SOURCE[punycode]=punycode.c driver.c
INCLUDE[punycode]=../include {- $ex_inc -}
DEPEND[punycode]=../libcrypto.a {- $ex_lib -}
SOURCE[smime]=smime.c driver.c
INCLUDE[smime]=../include {- $ex_inc -}
DEPEND[smime]=../libcrypto ../libssl {- $ex_lib -}
SOURCE[v3name]=v3name.c driver.c
INCLUDE[v3name]=../include {- $ex_inc -}
DEPEND[v3name]=../libcrypto.a {- $ex_lib -}
SOURCE[server]=server.c driver.c fuzz_rand.c
INCLUDE[server]=../include {- $ex_inc -}
DEPEND[server]=../libcrypto ../libssl {- $ex_lib -}
SOURCE[x509]=x509.c driver.c fuzz_rand.c
INCLUDE[x509]=../include {- $ex_inc -}
DEPEND[x509]=../libcrypto {- $ex_lib -}
ENDIF
IF[{- !$disabled{tests} -}]
PROGRAMS{noinst}=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test smime-test
PROGRAMS{noinst}=punycode-test pem-test decoder-test
PROGRAMS{noinst}=v3name-test
IF[{- !$disabled{"cmp"} -}]
PROGRAMS{noinst}=cmp-test
ENDIF
IF[{- !$disabled{"cms"} -}]
PROGRAMS{noinst}=cms-test
ENDIF
IF[{- !$disabled{"ct"} -}]
PROGRAMS{noinst}=ct-test
ENDIF
IF[{- !$disabled{"ocsp"} -}]
PROGRAMS{noinst}=x509-test
ENDIF
SOURCE[asn1-test]=asn1.c test-corpus.c fuzz_rand.c
INCLUDE[asn1-test]=../include
DEPEND[asn1-test]=../libcrypto ../libssl
SOURCE[asn1parse-test]=asn1parse.c test-corpus.c
INCLUDE[asn1parse-test]=../include
DEPEND[asn1parse-test]=../libcrypto
SOURCE[bignum-test]=bignum.c test-corpus.c
INCLUDE[bignum-test]=../include
DEPEND[bignum-test]=../libcrypto
SOURCE[bndiv-test]=bndiv.c test-corpus.c
INCLUDE[bndiv-test]=../include
DEPEND[bndiv-test]=../libcrypto
SOURCE[client-test]=client.c test-corpus.c fuzz_rand.c
INCLUDE[client-test]=../include
DEPEND[client-test]=../libcrypto ../libssl
SOURCE[cmp-test]=cmp.c test-corpus.c fuzz_rand.c
INCLUDE[cmp-test]=../include
DEPEND[cmp-test]=../libcrypto.a
# referring to static lib allows using non-exported functions
SOURCE[cms-test]=cms.c test-corpus.c
INCLUDE[cms-test]=../include
DEPEND[cms-test]=../libcrypto
SOURCE[conf-test]=conf.c test-corpus.c
INCLUDE[conf-test]=../include
DEPEND[conf-test]=../libcrypto
SOURCE[crl-test]=crl.c test-corpus.c
INCLUDE[crl-test]=../include
DEPEND[crl-test]=../libcrypto
SOURCE[ct-test]=ct.c test-corpus.c
INCLUDE[ct-test]=../include
DEPEND[ct-test]=../libcrypto
SOURCE[pem-test]=pem.c test-corpus.c
INCLUDE[pem-test]=../include
DEPEND[pem-test]=../libcrypto.a
SOURCE[decoder-test]=decoder.c test-corpus.c fuzz_rand.c
INCLUDE[decoder-test]=../include
DEPEND[decoder-test]=../libcrypto
SOURCE[punycode-test]=punycode.c test-corpus.c
INCLUDE[punycode-test]=../include
DEPEND[punycode-test]=../libcrypto.a
SOURCE[smime-test]=smime.c test-corpus.c
INCLUDE[smime-test]=../include
DEPEND[smime-test]=../libcrypto ../libssl
SOURCE[v3name-test]=v3name.c test-corpus.c
INCLUDE[v3name-test]=../include
DEPEND[v3name-test]=../libcrypto.a
SOURCE[server-test]=server.c test-corpus.c fuzz_rand.c
INCLUDE[server-test]=../include
DEPEND[server-test]=../libcrypto ../libssl
SOURCE[x509-test]=x509.c test-corpus.c fuzz_rand.c
INCLUDE[x509-test]=../include
DEPEND[x509-test]=../libcrypto
ENDIF