Coverage Report

Created: 2026-04-30 06:12

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/boringssl/ssl/test/fuzzer.h
Line
Count
Source
1
// Copyright 2017 The BoringSSL Authors
2
//
3
// Licensed under the Apache License, Version 2.0 (the "License");
4
// you may not use this file except in compliance with the License.
5
// You may obtain a copy of the License at
6
//
7
//     https://www.apache.org/licenses/LICENSE-2.0
8
//
9
// Unless required by applicable law or agreed to in writing, software
10
// distributed under the License is distributed on an "AS IS" BASIS,
11
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
// See the License for the specific language governing permissions and
13
// limitations under the License.
14
15
#ifndef HEADER_SSL_TEST_FUZZER
16
#define HEADER_SSL_TEST_FUZZER
17
18
#include <assert.h>
19
#include <stdlib.h>
20
#include <string.h>
21
22
#include <algorithm>
23
#include <iterator>
24
#include <vector>
25
26
#include <openssl/bio.h>
27
#include <openssl/bytestring.h>
28
#include <openssl/crypto.h>
29
#include <openssl/err.h>
30
#include <openssl/evp.h>
31
#include <openssl/hpke.h>
32
#include <openssl/rand.h>
33
#include <openssl/rsa.h>
34
#include <openssl/ssl.h>
35
#include <openssl/x509.h>
36
37
#include "../../crypto/internal.h"
38
#include "./fuzzer_tags.h"
39
40
#if defined(OPENSSL_WINDOWS)
41
// Windows defines struct timeval in winsock2.h.
42
#include <winsock2.h>
43
#else
44
#include <sys/time.h>
45
#endif
46
47
namespace {
48
49
const uint8_t kP256KeyPKCS8[] = {
50
    0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
51
    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
52
    0x03, 0x01, 0x07, 0x04, 0x6d, 0x30, 0x6b, 0x02, 0x01, 0x01, 0x04, 0x20,
53
    0x43, 0x09, 0xc0, 0x67, 0x75, 0x21, 0x47, 0x9d, 0xa8, 0xfa, 0x16, 0xdf,
54
    0x15, 0x73, 0x61, 0x34, 0x68, 0x6f, 0xe3, 0x8e, 0x47, 0x91, 0x95, 0xab,
55
    0x79, 0x4a, 0x72, 0x14, 0xcb, 0xe2, 0x49, 0x4f, 0xa1, 0x44, 0x03, 0x42,
56
    0x00, 0x04, 0xde, 0x09, 0x08, 0x07, 0x03, 0x2e, 0x8f, 0x37, 0x9a, 0xd5,
57
    0xad, 0xe5, 0xc6, 0x9d, 0xd4, 0x63, 0xc7, 0x4a, 0xe7, 0x20, 0xcb, 0x90,
58
    0xa0, 0x1f, 0x18, 0x18, 0x72, 0xb5, 0x21, 0x88, 0x38, 0xc0, 0xdb, 0xba,
59
    0xf6, 0x99, 0xd8, 0xa5, 0x3b, 0x83, 0xe9, 0xe3, 0xd5, 0x61, 0x99, 0x73,
60
    0x42, 0xc6, 0x6c, 0xe8, 0x0a, 0x95, 0x40, 0x41, 0x3b, 0x0d, 0x10, 0xa7,
61
    0x4a, 0x93, 0xdb, 0x5a, 0xe7, 0xec,
62
};
63
64
const uint8_t kOCSPResponse[] = {0x01, 0x02, 0x03, 0x04};
65
66
const uint8_t kSCT[] = {0x00, 0x06, 0x00, 0x04, 0x05, 0x06, 0x07, 0x08};
67
68
const uint8_t kCertificateDER[] = {
69
    0x30, 0x82, 0x02, 0xff, 0x30, 0x82, 0x01, 0xe7, 0xa0, 0x03, 0x02, 0x01,
70
    0x02, 0x02, 0x11, 0x00, 0xb1, 0x84, 0xee, 0x34, 0x99, 0x98, 0x76, 0xfb,
71
    0x6f, 0xb2, 0x15, 0xc8, 0x47, 0x79, 0x05, 0x9b, 0x30, 0x0d, 0x06, 0x09,
72
    0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30,
73
    0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x07,
74
    0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x30, 0x1e, 0x17, 0x0d, 0x31,
75
    0x35, 0x31, 0x31, 0x30, 0x37, 0x30, 0x30, 0x32, 0x34, 0x35, 0x36, 0x5a,
76
    0x17, 0x0d, 0x31, 0x36, 0x31, 0x31, 0x30, 0x36, 0x30, 0x30, 0x32, 0x34,
77
    0x35, 0x36, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
78
    0x04, 0x0a, 0x13, 0x07, 0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x30,
79
    0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
80
    0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30,
81
    0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xce, 0x47, 0xcb, 0x11,
82
    0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14, 0xaf, 0xc7, 0xea, 0xb6,
83
    0xc9, 0x38, 0x2a, 0x6f, 0xb3, 0x7e, 0xfb, 0xbc, 0xfc, 0x59, 0x42, 0xb9,
84
    0x56, 0xf0, 0x4c, 0x3f, 0xf7, 0x31, 0x84, 0xbe, 0xac, 0x03, 0x9e, 0x71,
85
    0x91, 0x85, 0xd8, 0x32, 0xbd, 0x00, 0xea, 0xac, 0x65, 0xf6, 0x03, 0xc8,
86
    0x0f, 0x8b, 0xfd, 0x6e, 0x58, 0x88, 0x04, 0x41, 0x92, 0x74, 0xa6, 0x57,
87
    0x2e, 0x8e, 0x88, 0xd5, 0x3d, 0xda, 0x14, 0x3e, 0x63, 0x88, 0x22, 0xe3,
88
    0x53, 0xe9, 0xba, 0x39, 0x09, 0xac, 0xfb, 0xd0, 0x4c, 0xf2, 0x3c, 0x20,
89
    0xd6, 0x97, 0xe6, 0xed, 0xf1, 0x62, 0x1e, 0xe5, 0xc9, 0x48, 0xa0, 0xca,
90
    0x2e, 0x3c, 0x14, 0x5a, 0x82, 0xd4, 0xed, 0xb1, 0xe3, 0x43, 0xc1, 0x2a,
91
    0x59, 0xa5, 0xb9, 0xc8, 0x48, 0xa7, 0x39, 0x23, 0x74, 0xa7, 0x37, 0xb0,
92
    0x6f, 0xc3, 0x64, 0x99, 0x6c, 0xa2, 0x82, 0xc8, 0xf6, 0xdb, 0x86, 0x40,
93
    0xce, 0xd1, 0x85, 0x9f, 0xce, 0x69, 0xf4, 0x15, 0x2a, 0x23, 0xca, 0xea,
94
    0xb7, 0x7b, 0xdf, 0xfb, 0x43, 0x5f, 0xff, 0x7a, 0x49, 0x49, 0x0e, 0xe7,
95
    0x02, 0x51, 0x45, 0x13, 0xe8, 0x90, 0x64, 0x21, 0x0c, 0x26, 0x2b, 0x5d,
96
    0xfc, 0xe4, 0xb5, 0x86, 0x89, 0x43, 0x22, 0x4c, 0xf3, 0x3b, 0xf3, 0x09,
97
    0xc4, 0xa4, 0x10, 0x80, 0xf2, 0x46, 0xe2, 0x46, 0x8f, 0x76, 0x50, 0xbf,
98
    0xaf, 0x2b, 0x90, 0x1b, 0x78, 0xc7, 0xcf, 0xc1, 0x77, 0xd0, 0xfb, 0xa9,
99
    0xfb, 0xc9, 0x66, 0x5a, 0xc5, 0x9b, 0x31, 0x41, 0x67, 0x01, 0xbe, 0x33,
100
    0x10, 0xba, 0x05, 0x58, 0xed, 0x76, 0x53, 0xde, 0x5d, 0xc1, 0xe8, 0xbb,
101
    0x9f, 0xf1, 0xcd, 0xfb, 0xdf, 0x64, 0x7f, 0xd7, 0x18, 0xab, 0x0f, 0x94,
102
    0x28, 0x95, 0x4a, 0xcc, 0x6a, 0xa9, 0x50, 0xc7, 0x05, 0x47, 0x10, 0x41,
103
    0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0e, 0x06,
104
    0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x05,
105
    0xa0, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, 0x30, 0x0a,
106
    0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x0c,
107
    0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00,
108
    0x30, 0x19, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x12, 0x30, 0x10, 0x82,
109
    0x0e, 0x66, 0x75, 0x7a, 0x7a, 0x2e, 0x62, 0x6f, 0x72, 0x69, 0x6e, 0x67,
110
    0x73, 0x73, 0x6c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
111
    0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x92,
112
    0xde, 0xef, 0x96, 0x06, 0x7b, 0xff, 0x71, 0x7d, 0x4e, 0xa0, 0x7d, 0xae,
113
    0xb8, 0x22, 0xb4, 0x2c, 0xf7, 0x96, 0x9c, 0x37, 0x1d, 0x8f, 0xe7, 0xd9,
114
    0x47, 0xff, 0x3f, 0xe9, 0x35, 0x95, 0x0e, 0xdd, 0xdc, 0x7f, 0xc8, 0x8a,
115
    0x1e, 0x36, 0x1d, 0x38, 0x47, 0xfc, 0x76, 0xd2, 0x1f, 0x98, 0xa1, 0x36,
116
    0xac, 0xc8, 0x70, 0x38, 0x0a, 0x3d, 0x51, 0x8d, 0x0f, 0x03, 0x1b, 0xef,
117
    0x62, 0xa1, 0xcb, 0x2b, 0x4a, 0x8c, 0x12, 0x2b, 0x54, 0x50, 0x9a, 0x6b,
118
    0xfe, 0xaf, 0xd9, 0xf6, 0xbf, 0x58, 0x11, 0x58, 0x5e, 0xe5, 0x86, 0x1e,
119
    0x3b, 0x6b, 0x30, 0x7e, 0x72, 0x89, 0xe8, 0x6b, 0x7b, 0xb7, 0xaf, 0xef,
120
    0x8b, 0xa9, 0x3e, 0xb0, 0xcd, 0x0b, 0xef, 0xb0, 0x0c, 0x96, 0x2b, 0xc5,
121
    0x3b, 0xd5, 0xf1, 0xc2, 0xae, 0x3a, 0x60, 0xd9, 0x0f, 0x75, 0x37, 0x55,
122
    0x4d, 0x62, 0xd2, 0xed, 0x96, 0xac, 0x30, 0x6b, 0xda, 0xa1, 0x48, 0x17,
123
    0x96, 0x23, 0x85, 0x9a, 0x57, 0x77, 0xe9, 0x22, 0xa2, 0x37, 0x03, 0xba,
124
    0x49, 0x77, 0x40, 0x3b, 0x76, 0x4b, 0xda, 0xc1, 0x04, 0x57, 0x55, 0x34,
125
    0x22, 0x83, 0x45, 0x29, 0xab, 0x2e, 0x11, 0xff, 0x0d, 0xab, 0x55, 0xb1,
126
    0xa7, 0x58, 0x59, 0x05, 0x25, 0xf9, 0x1e, 0x3d, 0xb7, 0xac, 0x04, 0x39,
127
    0x2c, 0xf9, 0xaf, 0xb8, 0x68, 0xfb, 0x8e, 0x35, 0x71, 0x32, 0xff, 0x70,
128
    0xe9, 0x46, 0x6d, 0x5c, 0x06, 0x90, 0x88, 0x23, 0x48, 0x0c, 0x50, 0xeb,
129
    0x0a, 0xa9, 0xae, 0xe8, 0xfc, 0xbe, 0xa5, 0x76, 0x94, 0xd7, 0x64, 0x22,
130
    0x38, 0x98, 0x17, 0xa4, 0x3a, 0xa7, 0x59, 0x9f, 0x1d, 0x3b, 0x75, 0x90,
131
    0x1a, 0x81, 0xef, 0x19, 0xfb, 0x2b, 0xb7, 0xa7, 0x64, 0x61, 0x22, 0xa4,
132
    0x6f, 0x7b, 0xfa, 0x58, 0xbb, 0x8c, 0x4e, 0x77, 0x67, 0xd0, 0x5d, 0x58,
133
    0x76, 0x8a, 0xbb,
134
};
135
136
const uint8_t kRSAPrivateKeyDER[] = {
137
    0x30, 0x82, 0x04, 0xa5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
138
    0xce, 0x47, 0xcb, 0x11, 0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14,
139
    0xaf, 0xc7, 0xea, 0xb6, 0xc9, 0x38, 0x2a, 0x6f, 0xb3, 0x7e, 0xfb, 0xbc,
140
    0xfc, 0x59, 0x42, 0xb9, 0x56, 0xf0, 0x4c, 0x3f, 0xf7, 0x31, 0x84, 0xbe,
141
    0xac, 0x03, 0x9e, 0x71, 0x91, 0x85, 0xd8, 0x32, 0xbd, 0x00, 0xea, 0xac,
142
    0x65, 0xf6, 0x03, 0xc8, 0x0f, 0x8b, 0xfd, 0x6e, 0x58, 0x88, 0x04, 0x41,
143
    0x92, 0x74, 0xa6, 0x57, 0x2e, 0x8e, 0x88, 0xd5, 0x3d, 0xda, 0x14, 0x3e,
144
    0x63, 0x88, 0x22, 0xe3, 0x53, 0xe9, 0xba, 0x39, 0x09, 0xac, 0xfb, 0xd0,
145
    0x4c, 0xf2, 0x3c, 0x20, 0xd6, 0x97, 0xe6, 0xed, 0xf1, 0x62, 0x1e, 0xe5,
146
    0xc9, 0x48, 0xa0, 0xca, 0x2e, 0x3c, 0x14, 0x5a, 0x82, 0xd4, 0xed, 0xb1,
147
    0xe3, 0x43, 0xc1, 0x2a, 0x59, 0xa5, 0xb9, 0xc8, 0x48, 0xa7, 0x39, 0x23,
148
    0x74, 0xa7, 0x37, 0xb0, 0x6f, 0xc3, 0x64, 0x99, 0x6c, 0xa2, 0x82, 0xc8,
149
    0xf6, 0xdb, 0x86, 0x40, 0xce, 0xd1, 0x85, 0x9f, 0xce, 0x69, 0xf4, 0x15,
150
    0x2a, 0x23, 0xca, 0xea, 0xb7, 0x7b, 0xdf, 0xfb, 0x43, 0x5f, 0xff, 0x7a,
151
    0x49, 0x49, 0x0e, 0xe7, 0x02, 0x51, 0x45, 0x13, 0xe8, 0x90, 0x64, 0x21,
152
    0x0c, 0x26, 0x2b, 0x5d, 0xfc, 0xe4, 0xb5, 0x86, 0x89, 0x43, 0x22, 0x4c,
153
    0xf3, 0x3b, 0xf3, 0x09, 0xc4, 0xa4, 0x10, 0x80, 0xf2, 0x46, 0xe2, 0x46,
154
    0x8f, 0x76, 0x50, 0xbf, 0xaf, 0x2b, 0x90, 0x1b, 0x78, 0xc7, 0xcf, 0xc1,
155
    0x77, 0xd0, 0xfb, 0xa9, 0xfb, 0xc9, 0x66, 0x5a, 0xc5, 0x9b, 0x31, 0x41,
156
    0x67, 0x01, 0xbe, 0x33, 0x10, 0xba, 0x05, 0x58, 0xed, 0x76, 0x53, 0xde,
157
    0x5d, 0xc1, 0xe8, 0xbb, 0x9f, 0xf1, 0xcd, 0xfb, 0xdf, 0x64, 0x7f, 0xd7,
158
    0x18, 0xab, 0x0f, 0x94, 0x28, 0x95, 0x4a, 0xcc, 0x6a, 0xa9, 0x50, 0xc7,
159
    0x05, 0x47, 0x10, 0x41, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
160
    0x01, 0x00, 0xa8, 0x47, 0xb9, 0x4a, 0x06, 0x47, 0x93, 0x71, 0x3d, 0xef,
161
    0x7b, 0xca, 0xb4, 0x7c, 0x0a, 0xe6, 0x82, 0xd0, 0xe7, 0x0d, 0xa9, 0x08,
162
    0xf6, 0xa4, 0xfd, 0xd8, 0x73, 0xae, 0x6f, 0x56, 0x29, 0x5e, 0x25, 0x72,
163
    0xa8, 0x30, 0x44, 0x73, 0xcf, 0x56, 0x26, 0xb9, 0x61, 0xde, 0x42, 0x81,
164
    0xf4, 0xf0, 0x1f, 0x5d, 0xcb, 0x47, 0xf2, 0x26, 0xe9, 0xe0, 0x93, 0x28,
165
    0xa3, 0x10, 0x3b, 0x42, 0x1e, 0x51, 0x11, 0x12, 0x06, 0x5e, 0xaf, 0xce,
166
    0xb0, 0xa5, 0x14, 0xdd, 0x82, 0x58, 0xa1, 0xa4, 0x12, 0xdf, 0x65, 0x1d,
167
    0x51, 0x70, 0x64, 0xd5, 0x58, 0x68, 0x11, 0xa8, 0x6a, 0x23, 0xc2, 0xbf,
168
    0xa1, 0x25, 0x24, 0x47, 0xb3, 0xa4, 0x3c, 0x83, 0x96, 0xb7, 0x1f, 0xf4,
169
    0x44, 0xd4, 0xd1, 0xe9, 0xfc, 0x33, 0x68, 0x5e, 0xe2, 0x68, 0x99, 0x9c,
170
    0x91, 0xe8, 0x72, 0xc9, 0xd7, 0x8c, 0x80, 0x20, 0x8e, 0x77, 0x83, 0x4d,
171
    0xe4, 0xab, 0xf9, 0x74, 0xa1, 0xdf, 0xd3, 0xc0, 0x0d, 0x5b, 0x05, 0x51,
172
    0xc2, 0x6f, 0xb2, 0x91, 0x02, 0xec, 0xc0, 0x02, 0x1a, 0x5c, 0x91, 0x05,
173
    0xf1, 0xe3, 0xfa, 0x65, 0xc2, 0xad, 0x24, 0xe6, 0xe5, 0x3c, 0xb6, 0x16,
174
    0xf1, 0xa1, 0x67, 0x1a, 0x9d, 0x37, 0x56, 0xbf, 0x01, 0xd7, 0x3b, 0x35,
175
    0x30, 0x57, 0x73, 0xf4, 0xf0, 0x5e, 0xa7, 0xe8, 0x0a, 0xc1, 0x94, 0x17,
176
    0xcf, 0x0a, 0xbd, 0xf5, 0x31, 0xa7, 0x2d, 0xf7, 0xf5, 0xd9, 0x8c, 0xc2,
177
    0x01, 0xbd, 0xda, 0x16, 0x8e, 0xb9, 0x30, 0x40, 0xa6, 0x6e, 0xbd, 0xcd,
178
    0x4d, 0x84, 0x67, 0x4e, 0x0b, 0xce, 0xd5, 0xef, 0xf8, 0x08, 0x63, 0x02,
179
    0xc6, 0xc7, 0xf7, 0x67, 0x92, 0xe2, 0x23, 0x9d, 0x27, 0x22, 0x1d, 0xc6,
180
    0x67, 0x5e, 0x66, 0xbf, 0x03, 0xb8, 0xa9, 0x67, 0xd4, 0x39, 0xd8, 0x75,
181
    0xfa, 0xe8, 0xed, 0x56, 0xb8, 0x81, 0x02, 0x81, 0x81, 0x00, 0xf7, 0x46,
182
    0x68, 0xc6, 0x13, 0xf8, 0xba, 0x0f, 0x83, 0xdb, 0x05, 0xa8, 0x25, 0x00,
183
    0x70, 0x9c, 0x9e, 0x8b, 0x12, 0x34, 0x0d, 0x96, 0xcf, 0x0d, 0x98, 0x9b,
184
    0x8d, 0x9c, 0x96, 0x78, 0xd1, 0x3c, 0x01, 0x8c, 0xb9, 0x35, 0x5c, 0x20,
185
    0x42, 0xb4, 0x38, 0xe3, 0xd6, 0x54, 0xe7, 0x55, 0xd6, 0x26, 0x8a, 0x0c,
186
    0xf6, 0x1f, 0xe0, 0x04, 0xc1, 0x22, 0x42, 0x19, 0x61, 0xc4, 0x94, 0x7c,
187
    0x07, 0x2e, 0x80, 0x52, 0xfe, 0x8d, 0xe6, 0x92, 0x3a, 0x91, 0xfe, 0x72,
188
    0x99, 0xe1, 0x2a, 0x73, 0x76, 0xb1, 0x24, 0x20, 0x67, 0xde, 0x28, 0xcb,
189
    0x0e, 0xe6, 0x52, 0xb5, 0xfa, 0xfb, 0x8b, 0x1e, 0x6a, 0x1d, 0x09, 0x26,
190
    0xb9, 0xa7, 0x61, 0xba, 0xf8, 0x79, 0xd2, 0x66, 0x57, 0x28, 0xd7, 0x31,
191
    0xb5, 0x0b, 0x27, 0x19, 0x1e, 0x6f, 0x46, 0xfc, 0x54, 0x95, 0xeb, 0x78,
192
    0x01, 0xb6, 0xd9, 0x79, 0x5a, 0x4d, 0x02, 0x81, 0x81, 0x00, 0xd5, 0x8f,
193
    0x16, 0x53, 0x2f, 0x57, 0x93, 0xbf, 0x09, 0x75, 0xbf, 0x63, 0x40, 0x3d,
194
    0x27, 0xfd, 0x23, 0x21, 0xde, 0x9b, 0xe9, 0x73, 0x3f, 0x49, 0x02, 0xd2,
195
    0x38, 0x96, 0xcf, 0xc3, 0xba, 0x92, 0x07, 0x87, 0x52, 0xa9, 0x35, 0xe3,
196
    0x0c, 0xe4, 0x2f, 0x05, 0x7b, 0x37, 0xa5, 0x40, 0x9c, 0x3b, 0x94, 0xf7,
197
    0xad, 0xa0, 0xee, 0x3a, 0xa8, 0xfb, 0x1f, 0x11, 0x1f, 0xd8, 0x9a, 0x80,
198
    0x42, 0x3d, 0x7f, 0xa4, 0xb8, 0x9a, 0xaa, 0xea, 0x72, 0xc1, 0xe3, 0xed,
199
    0x06, 0x60, 0x92, 0x37, 0xf9, 0xba, 0xfb, 0x9e, 0xed, 0x05, 0xa6, 0xd4,
200
    0x72, 0x68, 0x4f, 0x63, 0xfe, 0xd6, 0x10, 0x0d, 0x4f, 0x0a, 0x93, 0xc6,
201
    0xb9, 0xd7, 0xaf, 0xfd, 0xd9, 0x57, 0x7d, 0xcb, 0x75, 0xe8, 0x93, 0x2b,
202
    0xae, 0x4f, 0xea, 0xd7, 0x30, 0x0b, 0x58, 0x44, 0x82, 0x0f, 0x84, 0x5d,
203
    0x62, 0x11, 0x78, 0xea, 0x5f, 0xc5, 0x02, 0x81, 0x81, 0x00, 0x82, 0x0c,
204
    0xc1, 0xe6, 0x0b, 0x72, 0xf1, 0x48, 0x5f, 0xac, 0xbd, 0x98, 0xe5, 0x7d,
205
    0x09, 0xbd, 0x15, 0x95, 0x47, 0x09, 0xa1, 0x6c, 0x03, 0x91, 0xbf, 0x05,
206
    0x70, 0xc1, 0x3e, 0x52, 0x64, 0x99, 0x0e, 0xa7, 0x98, 0x70, 0xfb, 0xf6,
207
    0xeb, 0x9e, 0x25, 0x9d, 0x8e, 0x88, 0x30, 0xf2, 0xf0, 0x22, 0x6c, 0xd0,
208
    0xcc, 0x51, 0x8f, 0x5c, 0x70, 0xc7, 0x37, 0xc4, 0x69, 0xab, 0x1d, 0xfc,
209
    0xed, 0x3a, 0x03, 0xbb, 0xa2, 0xad, 0xb6, 0xea, 0x89, 0x6b, 0x67, 0x4b,
210
    0x96, 0xaa, 0xd9, 0xcc, 0xc8, 0x4b, 0xfa, 0x18, 0x21, 0x08, 0xb2, 0xa3,
211
    0xb9, 0x3e, 0x61, 0x99, 0xdc, 0x5a, 0x97, 0x9c, 0x73, 0x6a, 0xb9, 0xf9,
212
    0x68, 0x03, 0x24, 0x5f, 0x55, 0x77, 0x9c, 0xb4, 0xbe, 0x7a, 0x78, 0x53,
213
    0x68, 0x48, 0x69, 0x53, 0xc8, 0xb1, 0xf5, 0xbf, 0x98, 0x2d, 0x11, 0x1e,
214
    0x98, 0xa8, 0x36, 0x50, 0xa0, 0xb1, 0x02, 0x81, 0x81, 0x00, 0x90, 0x88,
215
    0x30, 0x71, 0xc7, 0xfe, 0x9b, 0x6d, 0x95, 0x37, 0x6d, 0x79, 0xfc, 0x85,
216
    0xe7, 0x44, 0x78, 0xbc, 0x79, 0x6e, 0x47, 0x86, 0xc9, 0xf3, 0xdd, 0xc6,
217
    0xec, 0xa9, 0x94, 0x9f, 0x40, 0xeb, 0x87, 0xd0, 0xdb, 0xee, 0xcd, 0x1b,
218
    0x87, 0x23, 0xff, 0x76, 0xd4, 0x37, 0x8a, 0xcd, 0xb9, 0x6e, 0xd1, 0x98,
219
    0xf6, 0x97, 0x8d, 0xe3, 0x81, 0x6d, 0xc3, 0x4e, 0xd1, 0xa0, 0xc4, 0x9f,
220
    0xbd, 0x34, 0xe5, 0xe8, 0x53, 0x4f, 0xca, 0x10, 0xb5, 0xed, 0xe7, 0x16,
221
    0x09, 0x54, 0xde, 0x60, 0xa7, 0xd1, 0x16, 0x6e, 0x2e, 0xb7, 0xbe, 0x7a,
222
    0xd5, 0x9b, 0x26, 0xef, 0xe4, 0x0e, 0x77, 0xfa, 0xa9, 0xdd, 0xdc, 0xb9,
223
    0x88, 0x19, 0x23, 0x70, 0xc7, 0xe1, 0x60, 0xaf, 0x8c, 0x73, 0x04, 0xf7,
224
    0x71, 0x17, 0x81, 0x36, 0x75, 0xbb, 0x97, 0xd7, 0x75, 0xb6, 0x8e, 0xbc,
225
    0xac, 0x9c, 0x6a, 0x9b, 0x24, 0x89, 0x02, 0x81, 0x80, 0x5a, 0x2b, 0xc7,
226
    0x6b, 0x8c, 0x65, 0xdb, 0x04, 0x73, 0xab, 0x25, 0xe1, 0x5b, 0xbc, 0x3c,
227
    0xcf, 0x5a, 0x3c, 0x04, 0xae, 0x97, 0x2e, 0xfd, 0xa4, 0x97, 0x1f, 0x05,
228
    0x17, 0x27, 0xac, 0x7c, 0x30, 0x85, 0xb4, 0x82, 0x3f, 0x5b, 0xb7, 0x94,
229
    0x3b, 0x7f, 0x6c, 0x0c, 0xc7, 0x16, 0xc6, 0xa0, 0xbd, 0x80, 0xb0, 0x81,
230
    0xde, 0xa0, 0x23, 0xa6, 0xf6, 0x75, 0x33, 0x51, 0x35, 0xa2, 0x75, 0x55,
231
    0x70, 0x4d, 0x42, 0xbb, 0xcf, 0x54, 0xe4, 0xdb, 0x2d, 0x88, 0xa0, 0x7a,
232
    0xf2, 0x17, 0xa7, 0xdd, 0x13, 0x44, 0x9f, 0x5f, 0x6b, 0x2c, 0x42, 0x42,
233
    0x8b, 0x13, 0x4d, 0xf9, 0x5b, 0xf8, 0x33, 0x42, 0xd9, 0x9e, 0x50, 0x1c,
234
    0x7c, 0xbc, 0xfa, 0x62, 0x85, 0x0b, 0xcf, 0x99, 0xda, 0x9e, 0x04, 0x90,
235
    0xb2, 0xc6, 0xb2, 0x0a, 0x2a, 0x7c, 0x6d, 0x6a, 0x40, 0xfc, 0xf5, 0x50,
236
    0x98, 0x46, 0x89, 0x82, 0x40,
237
};
238
239
const uint8_t kALPNProtocols[] = {
240
    0x01, 'a', 0x02, 'a', 'a', 0x03, 'a', 'a', 'a',
241
};
242
243
const uint8_t kECHKey[] = {
244
    0x35, 0x6d, 0x45, 0x06, 0xb3, 0x88, 0x89, 0x2e, 0xd6, 0x87, 0x84,
245
    0xd2, 0x2d, 0x6f, 0x83, 0x48, 0xad, 0xf2, 0xfd, 0x08, 0x51, 0x73,
246
    0x10, 0xa0, 0xb8, 0xdd, 0xe9, 0x96, 0x6a, 0xde, 0xbc, 0x82,
247
};
248
249
int ALPNSelectCallback(SSL *ssl, const uint8_t **out, uint8_t *out_len,
250
137
                       const uint8_t *in, unsigned in_len, void *arg) {
251
137
  static const uint8_t kProtocol[] = {'a', 'a'};
252
137
  *out = kProtocol;
253
137
  *out_len = sizeof(kProtocol);
254
137
  return SSL_TLSEXT_ERR_OK;
255
137
}
server_no_fuzzer_mode.cc:(anonymous namespace)::ALPNSelectCallback(ssl_st*, unsigned char const**, unsigned char*, unsigned char const*, unsigned int, void*)
Line
Count
Source
250
50
                       const uint8_t *in, unsigned in_len, void *arg) {
251
50
  static const uint8_t kProtocol[] = {'a', 'a'};
252
50
  *out = kProtocol;
253
50
  *out_len = sizeof(kProtocol);
254
50
  return SSL_TLSEXT_ERR_OK;
255
50
}
Unexecuted instantiation: dtls_client.cc:(anonymous namespace)::ALPNSelectCallback(ssl_st*, unsigned char const**, unsigned char*, unsigned char const*, unsigned int, void*)
dtls_server.cc:(anonymous namespace)::ALPNSelectCallback(ssl_st*, unsigned char const**, unsigned char*, unsigned char const*, unsigned int, void*)
Line
Count
Source
250
47
                       const uint8_t *in, unsigned in_len, void *arg) {
251
47
  static const uint8_t kProtocol[] = {'a', 'a'};
252
47
  *out = kProtocol;
253
47
  *out_len = sizeof(kProtocol);
254
47
  return SSL_TLSEXT_ERR_OK;
255
47
}
server.cc:(anonymous namespace)::ALPNSelectCallback(ssl_st*, unsigned char const**, unsigned char*, unsigned char const*, unsigned int, void*)
Line
Count
Source
250
40
                       const uint8_t *in, unsigned in_len, void *arg) {
251
40
  static const uint8_t kProtocol[] = {'a', 'a'};
252
40
  *out = kProtocol;
253
40
  *out_len = sizeof(kProtocol);
254
40
  return SSL_TLSEXT_ERR_OK;
255
40
}
Unexecuted instantiation: client_no_fuzzer_mode.cc:(anonymous namespace)::ALPNSelectCallback(ssl_st*, unsigned char const**, unsigned char*, unsigned char const*, unsigned int, void*)
Unexecuted instantiation: client.cc:(anonymous namespace)::ALPNSelectCallback(ssl_st*, unsigned char const**, unsigned char*, unsigned char const*, unsigned int, void*)
256
257
int NPNSelectCallback(SSL *ssl, uint8_t **out, uint8_t *out_len,
258
64
                      const uint8_t *in, unsigned in_len, void *arg) {
259
64
  static const uint8_t kProtocol[] = {'a', 'a'};
260
64
  *out = const_cast<uint8_t *>(kProtocol);
261
64
  *out_len = sizeof(kProtocol);
262
64
  return SSL_TLSEXT_ERR_OK;
263
64
}
Unexecuted instantiation: server_no_fuzzer_mode.cc:(anonymous namespace)::NPNSelectCallback(ssl_st*, unsigned char**, unsigned char*, unsigned char const*, unsigned int, void*)
Unexecuted instantiation: dtls_client.cc:(anonymous namespace)::NPNSelectCallback(ssl_st*, unsigned char**, unsigned char*, unsigned char const*, unsigned int, void*)
Unexecuted instantiation: dtls_server.cc:(anonymous namespace)::NPNSelectCallback(ssl_st*, unsigned char**, unsigned char*, unsigned char const*, unsigned int, void*)
Unexecuted instantiation: server.cc:(anonymous namespace)::NPNSelectCallback(ssl_st*, unsigned char**, unsigned char*, unsigned char const*, unsigned int, void*)
client_no_fuzzer_mode.cc:(anonymous namespace)::NPNSelectCallback(ssl_st*, unsigned char**, unsigned char*, unsigned char const*, unsigned int, void*)
Line
Count
Source
258
58
                      const uint8_t *in, unsigned in_len, void *arg) {
259
58
  static const uint8_t kProtocol[] = {'a', 'a'};
260
58
  *out = const_cast<uint8_t *>(kProtocol);
261
58
  *out_len = sizeof(kProtocol);
262
58
  return SSL_TLSEXT_ERR_OK;
263
58
}
client.cc:(anonymous namespace)::NPNSelectCallback(ssl_st*, unsigned char**, unsigned char*, unsigned char const*, unsigned int, void*)
Line
Count
Source
258
6
                      const uint8_t *in, unsigned in_len, void *arg) {
259
6
  static const uint8_t kProtocol[] = {'a', 'a'};
260
6
  *out = const_cast<uint8_t *>(kProtocol);
261
6
  *out_len = sizeof(kProtocol);
262
6
  return SSL_TLSEXT_ERR_OK;
263
6
}
264
265
int NPNAdvertiseCallback(SSL *ssl, const uint8_t **out, unsigned *out_len,
266
51
                         void *arg) {
267
51
  static const uint8_t kProtocols[] = {
268
51
      0x01, 'a', 0x02, 'a', 'a', 0x03, 'a', 'a', 'a',
269
51
  };
270
51
  *out = kProtocols;
271
51
  *out_len = sizeof(kProtocols);
272
51
  return SSL_TLSEXT_ERR_OK;
273
51
}
server_no_fuzzer_mode.cc:(anonymous namespace)::NPNAdvertiseCallback(ssl_st*, unsigned char const**, unsigned int*, void*)
Line
Count
Source
266
35
                         void *arg) {
267
35
  static const uint8_t kProtocols[] = {
268
35
      0x01, 'a', 0x02, 'a', 'a', 0x03, 'a', 'a', 'a',
269
35
  };
270
35
  *out = kProtocols;
271
35
  *out_len = sizeof(kProtocols);
272
35
  return SSL_TLSEXT_ERR_OK;
273
35
}
Unexecuted instantiation: dtls_client.cc:(anonymous namespace)::NPNAdvertiseCallback(ssl_st*, unsigned char const**, unsigned int*, void*)
Unexecuted instantiation: dtls_server.cc:(anonymous namespace)::NPNAdvertiseCallback(ssl_st*, unsigned char const**, unsigned int*, void*)
server.cc:(anonymous namespace)::NPNAdvertiseCallback(ssl_st*, unsigned char const**, unsigned int*, void*)
Line
Count
Source
266
16
                         void *arg) {
267
16
  static const uint8_t kProtocols[] = {
268
16
      0x01, 'a', 0x02, 'a', 'a', 0x03, 'a', 'a', 'a',
269
16
  };
270
16
  *out = kProtocols;
271
16
  *out_len = sizeof(kProtocols);
272
16
  return SSL_TLSEXT_ERR_OK;
273
16
}
Unexecuted instantiation: client_no_fuzzer_mode.cc:(anonymous namespace)::NPNAdvertiseCallback(ssl_st*, unsigned char const**, unsigned int*, void*)
Unexecuted instantiation: client.cc:(anonymous namespace)::NPNAdvertiseCallback(ssl_st*, unsigned char const**, unsigned int*, void*)
274
275
class TLSFuzzer {
276
 public:
277
  enum Protocol {
278
    kTLS,
279
    kDTLS,
280
  };
281
282
  enum Role {
283
    kClient,
284
    kServer,
285
  };
286
287
  enum FuzzerMode {
288
    kFuzzerModeOn,
289
    kFuzzerModeOff,
290
  };
291
292
  TLSFuzzer(Protocol protocol, Role role, FuzzerMode fuzzer_mode)
293
12
      : debug_(getenv("BORINGSSL_FUZZER_DEBUG") != nullptr),
294
12
        protocol_(protocol),
295
12
        role_(role) {
296
12
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
297
12
    if (fuzzer_mode == kFuzzerModeOn) {
298
8
      CRYPTO_set_fuzzer_mode(1);
299
8
    }
300
12
#endif
301
12
    if (!Init()) {
302
0
      abort();
303
0
    }
304
12
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::TLSFuzzer((anonymous namespace)::TLSFuzzer::Protocol, (anonymous namespace)::TLSFuzzer::Role, (anonymous namespace)::TLSFuzzer::FuzzerMode)
Line
Count
Source
293
2
      : debug_(getenv("BORINGSSL_FUZZER_DEBUG") != nullptr),
294
2
        protocol_(protocol),
295
2
        role_(role) {
296
2
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
297
2
    if (fuzzer_mode == kFuzzerModeOn) {
298
0
      CRYPTO_set_fuzzer_mode(1);
299
0
    }
300
2
#endif
301
2
    if (!Init()) {
302
0
      abort();
303
0
    }
304
2
  }
dtls_client.cc:(anonymous namespace)::TLSFuzzer::TLSFuzzer((anonymous namespace)::TLSFuzzer::Protocol, (anonymous namespace)::TLSFuzzer::Role, (anonymous namespace)::TLSFuzzer::FuzzerMode)
Line
Count
Source
293
2
      : debug_(getenv("BORINGSSL_FUZZER_DEBUG") != nullptr),
294
2
        protocol_(protocol),
295
2
        role_(role) {
296
2
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
297
2
    if (fuzzer_mode == kFuzzerModeOn) {
298
2
      CRYPTO_set_fuzzer_mode(1);
299
2
    }
300
2
#endif
301
2
    if (!Init()) {
302
0
      abort();
303
0
    }
304
2
  }
dtls_server.cc:(anonymous namespace)::TLSFuzzer::TLSFuzzer((anonymous namespace)::TLSFuzzer::Protocol, (anonymous namespace)::TLSFuzzer::Role, (anonymous namespace)::TLSFuzzer::FuzzerMode)
Line
Count
Source
293
2
      : debug_(getenv("BORINGSSL_FUZZER_DEBUG") != nullptr),
294
2
        protocol_(protocol),
295
2
        role_(role) {
296
2
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
297
2
    if (fuzzer_mode == kFuzzerModeOn) {
298
2
      CRYPTO_set_fuzzer_mode(1);
299
2
    }
300
2
#endif
301
2
    if (!Init()) {
302
0
      abort();
303
0
    }
304
2
  }
server.cc:(anonymous namespace)::TLSFuzzer::TLSFuzzer((anonymous namespace)::TLSFuzzer::Protocol, (anonymous namespace)::TLSFuzzer::Role, (anonymous namespace)::TLSFuzzer::FuzzerMode)
Line
Count
Source
293
2
      : debug_(getenv("BORINGSSL_FUZZER_DEBUG") != nullptr),
294
2
        protocol_(protocol),
295
2
        role_(role) {
296
2
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
297
2
    if (fuzzer_mode == kFuzzerModeOn) {
298
2
      CRYPTO_set_fuzzer_mode(1);
299
2
    }
300
2
#endif
301
2
    if (!Init()) {
302
0
      abort();
303
0
    }
304
2
  }
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::TLSFuzzer((anonymous namespace)::TLSFuzzer::Protocol, (anonymous namespace)::TLSFuzzer::Role, (anonymous namespace)::TLSFuzzer::FuzzerMode)
Line
Count
Source
293
2
      : debug_(getenv("BORINGSSL_FUZZER_DEBUG") != nullptr),
294
2
        protocol_(protocol),
295
2
        role_(role) {
296
2
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
297
2
    if (fuzzer_mode == kFuzzerModeOn) {
298
0
      CRYPTO_set_fuzzer_mode(1);
299
0
    }
300
2
#endif
301
2
    if (!Init()) {
302
0
      abort();
303
0
    }
304
2
  }
client.cc:(anonymous namespace)::TLSFuzzer::TLSFuzzer((anonymous namespace)::TLSFuzzer::Protocol, (anonymous namespace)::TLSFuzzer::Role, (anonymous namespace)::TLSFuzzer::FuzzerMode)
Line
Count
Source
293
2
      : debug_(getenv("BORINGSSL_FUZZER_DEBUG") != nullptr),
294
2
        protocol_(protocol),
295
2
        role_(role) {
296
2
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
297
2
    if (fuzzer_mode == kFuzzerModeOn) {
298
2
      CRYPTO_set_fuzzer_mode(1);
299
2
    }
300
2
#endif
301
2
    if (!Init()) {
302
0
      abort();
303
0
    }
304
2
  }
305
306
5
  static void MoveBIOs(SSL *dest, SSL *src) {
307
5
    BIO *rbio = SSL_get_rbio(src);
308
5
    BIO_up_ref(rbio);
309
5
    SSL_set0_rbio(dest, rbio);
310
311
5
    BIO *wbio = SSL_get_wbio(src);
312
5
    BIO_up_ref(wbio);
313
5
    SSL_set0_wbio(dest, wbio);
314
315
5
    SSL_set0_rbio(src, nullptr);
316
5
    SSL_set0_wbio(src, nullptr);
317
5
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::MoveBIOs(ssl_st*, ssl_st*)
Line
Count
Source
306
2
  static void MoveBIOs(SSL *dest, SSL *src) {
307
2
    BIO *rbio = SSL_get_rbio(src);
308
2
    BIO_up_ref(rbio);
309
2
    SSL_set0_rbio(dest, rbio);
310
311
2
    BIO *wbio = SSL_get_wbio(src);
312
2
    BIO_up_ref(wbio);
313
2
    SSL_set0_wbio(dest, wbio);
314
315
2
    SSL_set0_rbio(src, nullptr);
316
2
    SSL_set0_wbio(src, nullptr);
317
2
  }
Unexecuted instantiation: dtls_client.cc:(anonymous namespace)::TLSFuzzer::MoveBIOs(ssl_st*, ssl_st*)
dtls_server.cc:(anonymous namespace)::TLSFuzzer::MoveBIOs(ssl_st*, ssl_st*)
Line
Count
Source
306
1
  static void MoveBIOs(SSL *dest, SSL *src) {
307
1
    BIO *rbio = SSL_get_rbio(src);
308
1
    BIO_up_ref(rbio);
309
1
    SSL_set0_rbio(dest, rbio);
310
311
1
    BIO *wbio = SSL_get_wbio(src);
312
1
    BIO_up_ref(wbio);
313
1
    SSL_set0_wbio(dest, wbio);
314
315
1
    SSL_set0_rbio(src, nullptr);
316
1
    SSL_set0_wbio(src, nullptr);
317
1
  }
server.cc:(anonymous namespace)::TLSFuzzer::MoveBIOs(ssl_st*, ssl_st*)
Line
Count
Source
306
2
  static void MoveBIOs(SSL *dest, SSL *src) {
307
2
    BIO *rbio = SSL_get_rbio(src);
308
2
    BIO_up_ref(rbio);
309
2
    SSL_set0_rbio(dest, rbio);
310
311
2
    BIO *wbio = SSL_get_wbio(src);
312
2
    BIO_up_ref(wbio);
313
2
    SSL_set0_wbio(dest, wbio);
314
315
2
    SSL_set0_rbio(src, nullptr);
316
2
    SSL_set0_wbio(src, nullptr);
317
2
  }
Unexecuted instantiation: client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::MoveBIOs(ssl_st*, ssl_st*)
Unexecuted instantiation: client.cc:(anonymous namespace)::TLSFuzzer::MoveBIOs(ssl_st*, ssl_st*)
318
319
52.1k
  int TestOneInput(const uint8_t *buf, size_t len) {
320
52.1k
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
321
52.1k
    RAND_reset_for_fuzzing();
322
52.1k
#endif
323
324
52.1k
    CBS cbs;
325
52.1k
    CBS_init(&cbs, buf, len);
326
52.1k
    bssl::UniquePtr<SSL> ssl = SetupTest(&cbs);
327
52.1k
    if (!ssl) {
328
21.9k
      if (debug_) {
329
0
        fprintf(stderr, "Error parsing parameters.\n");
330
0
      }
331
21.9k
      return 0;
332
21.9k
    }
333
334
30.1k
    if (role_ == kClient) {
335
13.4k
      SSL_set_renegotiate_mode(ssl.get(), ssl_renegotiate_freely);
336
13.4k
      SSL_set_tlsext_host_name(ssl.get(), "hostname");
337
13.4k
    }
338
339
    // ssl_handoff may or may not be used.
340
30.1k
    bssl::UniquePtr<SSL> ssl_handoff(SSL_new(ctx_.get()));
341
30.1k
    bssl::UniquePtr<SSL> ssl_handback(SSL_new(ctx_.get()));
342
30.1k
    SSL_set_accept_state(ssl_handoff.get());
343
344
30.1k
    SSL_set0_rbio(ssl.get(), MakeBIO(CBS_data(&cbs), CBS_len(&cbs)).release());
345
30.1k
    SSL_set0_wbio(ssl.get(), BIO_new(BIO_s_mem()));
346
347
30.1k
    SSL *ssl_handshake = ssl.get();
348
30.1k
    bool handshake_successful = false;
349
30.1k
    bool handback_successful = false;
350
30.1k
    for (;;) {
351
30.1k
      int ret = SSL_do_handshake(ssl_handshake);
352
30.1k
      if (ret < 0 && SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDOFF) {
353
5
        MoveBIOs(ssl_handoff.get(), ssl.get());
354
        // Ordinarily we would call SSL_serialize_handoff(ssl.get().  But for
355
        // fuzzing, use the serialized handoff that's getting fuzzed.
356
5
        if (!bssl::SSL_apply_handoff(ssl_handoff.get(), handoff_)) {
357
5
          if (debug_) {
358
0
            fprintf(stderr, "Handoff failed.\n");
359
0
          }
360
5
          break;
361
5
        }
362
0
        ssl_handshake = ssl_handoff.get();
363
30.1k
      } else if (ret < 0 &&
364
18.8k
                 SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDBACK) {
365
0
        MoveBIOs(ssl_handback.get(), ssl_handoff.get());
366
0
        if (!bssl::SSL_apply_handback(ssl_handback.get(), handback_)) {
367
0
          if (debug_) {
368
0
            fprintf(stderr, "Handback failed.\n");
369
0
          }
370
0
          break;
371
0
        }
372
0
        handback_successful = true;
373
0
        ssl_handshake = ssl_handback.get();
374
30.1k
      } else {
375
30.1k
        handshake_successful = ret == 1;
376
30.1k
        break;
377
30.1k
      }
378
30.1k
    }
379
380
30.1k
    if (debug_) {
381
0
      if (!handshake_successful) {
382
0
        fprintf(stderr, "Handshake failed.\n");
383
0
      } else if (handback_successful) {
384
0
        fprintf(stderr, "Handback successful.\n");
385
0
      }
386
0
    }
387
388
30.1k
    if (handshake_successful) {
389
      // Keep reading application data until error or EOF.
390
5.07k
      uint8_t tmp[1024];
391
41.5k
      for (;;) {
392
41.5k
        if (SSL_read(ssl_handshake, tmp, sizeof(tmp)) <= 0) {
393
5.07k
          break;
394
5.07k
        }
395
41.5k
      }
396
5.07k
    }
397
398
30.1k
    if (debug_) {
399
0
      ERR_print_errors_fp(stderr);
400
0
    }
401
30.1k
    ERR_clear_error();
402
30.1k
    return 0;
403
52.1k
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::TestOneInput(unsigned char const*, unsigned long)
Line
Count
Source
319
9.07k
  int TestOneInput(const uint8_t *buf, size_t len) {
320
9.07k
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
321
9.07k
    RAND_reset_for_fuzzing();
322
9.07k
#endif
323
324
9.07k
    CBS cbs;
325
9.07k
    CBS_init(&cbs, buf, len);
326
9.07k
    bssl::UniquePtr<SSL> ssl = SetupTest(&cbs);
327
9.07k
    if (!ssl) {
328
4.15k
      if (debug_) {
329
0
        fprintf(stderr, "Error parsing parameters.\n");
330
0
      }
331
4.15k
      return 0;
332
4.15k
    }
333
334
4.92k
    if (role_ == kClient) {
335
0
      SSL_set_renegotiate_mode(ssl.get(), ssl_renegotiate_freely);
336
0
      SSL_set_tlsext_host_name(ssl.get(), "hostname");
337
0
    }
338
339
    // ssl_handoff may or may not be used.
340
4.92k
    bssl::UniquePtr<SSL> ssl_handoff(SSL_new(ctx_.get()));
341
4.92k
    bssl::UniquePtr<SSL> ssl_handback(SSL_new(ctx_.get()));
342
4.92k
    SSL_set_accept_state(ssl_handoff.get());
343
344
4.92k
    SSL_set0_rbio(ssl.get(), MakeBIO(CBS_data(&cbs), CBS_len(&cbs)).release());
345
4.92k
    SSL_set0_wbio(ssl.get(), BIO_new(BIO_s_mem()));
346
347
4.92k
    SSL *ssl_handshake = ssl.get();
348
4.92k
    bool handshake_successful = false;
349
4.92k
    bool handback_successful = false;
350
4.92k
    for (;;) {
351
4.92k
      int ret = SSL_do_handshake(ssl_handshake);
352
4.92k
      if (ret < 0 && SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDOFF) {
353
2
        MoveBIOs(ssl_handoff.get(), ssl.get());
354
        // Ordinarily we would call SSL_serialize_handoff(ssl.get().  But for
355
        // fuzzing, use the serialized handoff that's getting fuzzed.
356
2
        if (!bssl::SSL_apply_handoff(ssl_handoff.get(), handoff_)) {
357
2
          if (debug_) {
358
0
            fprintf(stderr, "Handoff failed.\n");
359
0
          }
360
2
          break;
361
2
        }
362
0
        ssl_handshake = ssl_handoff.get();
363
4.92k
      } else if (ret < 0 &&
364
3.23k
                 SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDBACK) {
365
0
        MoveBIOs(ssl_handback.get(), ssl_handoff.get());
366
0
        if (!bssl::SSL_apply_handback(ssl_handback.get(), handback_)) {
367
0
          if (debug_) {
368
0
            fprintf(stderr, "Handback failed.\n");
369
0
          }
370
0
          break;
371
0
        }
372
0
        handback_successful = true;
373
0
        ssl_handshake = ssl_handback.get();
374
4.92k
      } else {
375
4.92k
        handshake_successful = ret == 1;
376
4.92k
        break;
377
4.92k
      }
378
4.92k
    }
379
380
4.92k
    if (debug_) {
381
0
      if (!handshake_successful) {
382
0
        fprintf(stderr, "Handshake failed.\n");
383
0
      } else if (handback_successful) {
384
0
        fprintf(stderr, "Handback successful.\n");
385
0
      }
386
0
    }
387
388
4.92k
    if (handshake_successful) {
389
      // Keep reading application data until error or EOF.
390
80
      uint8_t tmp[1024];
391
116
      for (;;) {
392
116
        if (SSL_read(ssl_handshake, tmp, sizeof(tmp)) <= 0) {
393
80
          break;
394
80
        }
395
116
      }
396
80
    }
397
398
4.92k
    if (debug_) {
399
      ERR_print_errors_fp(stderr);
400
0
    }
401
4.92k
    ERR_clear_error();
402
4.92k
    return 0;
403
9.07k
  }
dtls_client.cc:(anonymous namespace)::TLSFuzzer::TestOneInput(unsigned char const*, unsigned long)
Line
Count
Source
319
8.01k
  int TestOneInput(const uint8_t *buf, size_t len) {
320
8.01k
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
321
8.01k
    RAND_reset_for_fuzzing();
322
8.01k
#endif
323
324
8.01k
    CBS cbs;
325
8.01k
    CBS_init(&cbs, buf, len);
326
8.01k
    bssl::UniquePtr<SSL> ssl = SetupTest(&cbs);
327
8.01k
    if (!ssl) {
328
3.01k
      if (debug_) {
329
0
        fprintf(stderr, "Error parsing parameters.\n");
330
0
      }
331
3.01k
      return 0;
332
3.01k
    }
333
334
5.00k
    if (role_ == kClient) {
335
5.00k
      SSL_set_renegotiate_mode(ssl.get(), ssl_renegotiate_freely);
336
5.00k
      SSL_set_tlsext_host_name(ssl.get(), "hostname");
337
5.00k
    }
338
339
    // ssl_handoff may or may not be used.
340
5.00k
    bssl::UniquePtr<SSL> ssl_handoff(SSL_new(ctx_.get()));
341
5.00k
    bssl::UniquePtr<SSL> ssl_handback(SSL_new(ctx_.get()));
342
5.00k
    SSL_set_accept_state(ssl_handoff.get());
343
344
5.00k
    SSL_set0_rbio(ssl.get(), MakeBIO(CBS_data(&cbs), CBS_len(&cbs)).release());
345
5.00k
    SSL_set0_wbio(ssl.get(), BIO_new(BIO_s_mem()));
346
347
5.00k
    SSL *ssl_handshake = ssl.get();
348
5.00k
    bool handshake_successful = false;
349
5.00k
    bool handback_successful = false;
350
5.00k
    for (;;) {
351
5.00k
      int ret = SSL_do_handshake(ssl_handshake);
352
5.00k
      if (ret < 0 && SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDOFF) {
353
0
        MoveBIOs(ssl_handoff.get(), ssl.get());
354
        // Ordinarily we would call SSL_serialize_handoff(ssl.get().  But for
355
        // fuzzing, use the serialized handoff that's getting fuzzed.
356
0
        if (!bssl::SSL_apply_handoff(ssl_handoff.get(), handoff_)) {
357
0
          if (debug_) {
358
0
            fprintf(stderr, "Handoff failed.\n");
359
0
          }
360
0
          break;
361
0
        }
362
0
        ssl_handshake = ssl_handoff.get();
363
5.00k
      } else if (ret < 0 &&
364
4.37k
                 SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDBACK) {
365
0
        MoveBIOs(ssl_handback.get(), ssl_handoff.get());
366
0
        if (!bssl::SSL_apply_handback(ssl_handback.get(), handback_)) {
367
0
          if (debug_) {
368
0
            fprintf(stderr, "Handback failed.\n");
369
0
          }
370
0
          break;
371
0
        }
372
0
        handback_successful = true;
373
0
        ssl_handshake = ssl_handback.get();
374
5.00k
      } else {
375
5.00k
        handshake_successful = ret == 1;
376
5.00k
        break;
377
5.00k
      }
378
5.00k
    }
379
380
5.00k
    if (debug_) {
381
0
      if (!handshake_successful) {
382
0
        fprintf(stderr, "Handshake failed.\n");
383
0
      } else if (handback_successful) {
384
0
        fprintf(stderr, "Handback successful.\n");
385
0
      }
386
0
    }
387
388
5.00k
    if (handshake_successful) {
389
      // Keep reading application data until error or EOF.
390
561
      uint8_t tmp[1024];
391
15.7k
      for (;;) {
392
15.7k
        if (SSL_read(ssl_handshake, tmp, sizeof(tmp)) <= 0) {
393
561
          break;
394
561
        }
395
15.7k
      }
396
561
    }
397
398
5.00k
    if (debug_) {
399
      ERR_print_errors_fp(stderr);
400
0
    }
401
5.00k
    ERR_clear_error();
402
5.00k
    return 0;
403
8.01k
  }
dtls_server.cc:(anonymous namespace)::TLSFuzzer::TestOneInput(unsigned char const*, unsigned long)
Line
Count
Source
319
9.43k
  int TestOneInput(const uint8_t *buf, size_t len) {
320
9.43k
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
321
9.43k
    RAND_reset_for_fuzzing();
322
9.43k
#endif
323
324
9.43k
    CBS cbs;
325
9.43k
    CBS_init(&cbs, buf, len);
326
9.43k
    bssl::UniquePtr<SSL> ssl = SetupTest(&cbs);
327
9.43k
    if (!ssl) {
328
3.09k
      if (debug_) {
329
0
        fprintf(stderr, "Error parsing parameters.\n");
330
0
      }
331
3.09k
      return 0;
332
3.09k
    }
333
334
6.34k
    if (role_ == kClient) {
335
0
      SSL_set_renegotiate_mode(ssl.get(), ssl_renegotiate_freely);
336
0
      SSL_set_tlsext_host_name(ssl.get(), "hostname");
337
0
    }
338
339
    // ssl_handoff may or may not be used.
340
6.34k
    bssl::UniquePtr<SSL> ssl_handoff(SSL_new(ctx_.get()));
341
6.34k
    bssl::UniquePtr<SSL> ssl_handback(SSL_new(ctx_.get()));
342
6.34k
    SSL_set_accept_state(ssl_handoff.get());
343
344
6.34k
    SSL_set0_rbio(ssl.get(), MakeBIO(CBS_data(&cbs), CBS_len(&cbs)).release());
345
6.34k
    SSL_set0_wbio(ssl.get(), BIO_new(BIO_s_mem()));
346
347
6.34k
    SSL *ssl_handshake = ssl.get();
348
6.34k
    bool handshake_successful = false;
349
6.34k
    bool handback_successful = false;
350
6.34k
    for (;;) {
351
6.34k
      int ret = SSL_do_handshake(ssl_handshake);
352
6.34k
      if (ret < 0 && SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDOFF) {
353
1
        MoveBIOs(ssl_handoff.get(), ssl.get());
354
        // Ordinarily we would call SSL_serialize_handoff(ssl.get().  But for
355
        // fuzzing, use the serialized handoff that's getting fuzzed.
356
1
        if (!bssl::SSL_apply_handoff(ssl_handoff.get(), handoff_)) {
357
1
          if (debug_) {
358
0
            fprintf(stderr, "Handoff failed.\n");
359
0
          }
360
1
          break;
361
1
        }
362
0
        ssl_handshake = ssl_handoff.get();
363
6.33k
      } else if (ret < 0 &&
364
3.82k
                 SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDBACK) {
365
0
        MoveBIOs(ssl_handback.get(), ssl_handoff.get());
366
0
        if (!bssl::SSL_apply_handback(ssl_handback.get(), handback_)) {
367
0
          if (debug_) {
368
0
            fprintf(stderr, "Handback failed.\n");
369
0
          }
370
0
          break;
371
0
        }
372
0
        handback_successful = true;
373
0
        ssl_handshake = ssl_handback.get();
374
6.33k
      } else {
375
6.33k
        handshake_successful = ret == 1;
376
6.33k
        break;
377
6.33k
      }
378
6.34k
    }
379
380
6.34k
    if (debug_) {
381
0
      if (!handshake_successful) {
382
0
        fprintf(stderr, "Handshake failed.\n");
383
0
      } else if (handback_successful) {
384
0
        fprintf(stderr, "Handback successful.\n");
385
0
      }
386
0
    }
387
388
6.34k
    if (handshake_successful) {
389
      // Keep reading application data until error or EOF.
390
2.47k
      uint8_t tmp[1024];
391
19.1k
      for (;;) {
392
19.1k
        if (SSL_read(ssl_handshake, tmp, sizeof(tmp)) <= 0) {
393
2.47k
          break;
394
2.47k
        }
395
19.1k
      }
396
2.47k
    }
397
398
6.34k
    if (debug_) {
399
      ERR_print_errors_fp(stderr);
400
0
    }
401
6.34k
    ERR_clear_error();
402
6.34k
    return 0;
403
9.43k
  }
server.cc:(anonymous namespace)::TLSFuzzer::TestOneInput(unsigned char const*, unsigned long)
Line
Count
Source
319
9.41k
  int TestOneInput(const uint8_t *buf, size_t len) {
320
9.41k
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
321
9.41k
    RAND_reset_for_fuzzing();
322
9.41k
#endif
323
324
9.41k
    CBS cbs;
325
9.41k
    CBS_init(&cbs, buf, len);
326
9.41k
    bssl::UniquePtr<SSL> ssl = SetupTest(&cbs);
327
9.41k
    if (!ssl) {
328
3.96k
      if (debug_) {
329
0
        fprintf(stderr, "Error parsing parameters.\n");
330
0
      }
331
3.96k
      return 0;
332
3.96k
    }
333
334
5.45k
    if (role_ == kClient) {
335
0
      SSL_set_renegotiate_mode(ssl.get(), ssl_renegotiate_freely);
336
0
      SSL_set_tlsext_host_name(ssl.get(), "hostname");
337
0
    }
338
339
    // ssl_handoff may or may not be used.
340
5.45k
    bssl::UniquePtr<SSL> ssl_handoff(SSL_new(ctx_.get()));
341
5.45k
    bssl::UniquePtr<SSL> ssl_handback(SSL_new(ctx_.get()));
342
5.45k
    SSL_set_accept_state(ssl_handoff.get());
343
344
5.45k
    SSL_set0_rbio(ssl.get(), MakeBIO(CBS_data(&cbs), CBS_len(&cbs)).release());
345
5.45k
    SSL_set0_wbio(ssl.get(), BIO_new(BIO_s_mem()));
346
347
5.45k
    SSL *ssl_handshake = ssl.get();
348
5.45k
    bool handshake_successful = false;
349
5.45k
    bool handback_successful = false;
350
5.45k
    for (;;) {
351
5.45k
      int ret = SSL_do_handshake(ssl_handshake);
352
5.45k
      if (ret < 0 && SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDOFF) {
353
2
        MoveBIOs(ssl_handoff.get(), ssl.get());
354
        // Ordinarily we would call SSL_serialize_handoff(ssl.get().  But for
355
        // fuzzing, use the serialized handoff that's getting fuzzed.
356
2
        if (!bssl::SSL_apply_handoff(ssl_handoff.get(), handoff_)) {
357
2
          if (debug_) {
358
0
            fprintf(stderr, "Handoff failed.\n");
359
0
          }
360
2
          break;
361
2
        }
362
0
        ssl_handshake = ssl_handoff.get();
363
5.44k
      } else if (ret < 0 &&
364
2.73k
                 SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDBACK) {
365
0
        MoveBIOs(ssl_handback.get(), ssl_handoff.get());
366
0
        if (!bssl::SSL_apply_handback(ssl_handback.get(), handback_)) {
367
0
          if (debug_) {
368
0
            fprintf(stderr, "Handback failed.\n");
369
0
          }
370
0
          break;
371
0
        }
372
0
        handback_successful = true;
373
0
        ssl_handshake = ssl_handback.get();
374
5.44k
      } else {
375
5.44k
        handshake_successful = ret == 1;
376
5.44k
        break;
377
5.44k
      }
378
5.45k
    }
379
380
5.45k
    if (debug_) {
381
0
      if (!handshake_successful) {
382
0
        fprintf(stderr, "Handshake failed.\n");
383
0
      } else if (handback_successful) {
384
0
        fprintf(stderr, "Handback successful.\n");
385
0
      }
386
0
    }
387
388
5.45k
    if (handshake_successful) {
389
      // Keep reading application data until error or EOF.
390
472
      uint8_t tmp[1024];
391
3.02k
      for (;;) {
392
3.02k
        if (SSL_read(ssl_handshake, tmp, sizeof(tmp)) <= 0) {
393
472
          break;
394
472
        }
395
3.02k
      }
396
472
    }
397
398
5.45k
    if (debug_) {
399
      ERR_print_errors_fp(stderr);
400
0
    }
401
5.45k
    ERR_clear_error();
402
5.45k
    return 0;
403
9.41k
  }
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::TestOneInput(unsigned char const*, unsigned long)
Line
Count
Source
319
7.80k
  int TestOneInput(const uint8_t *buf, size_t len) {
320
7.80k
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
321
7.80k
    RAND_reset_for_fuzzing();
322
7.80k
#endif
323
324
7.80k
    CBS cbs;
325
7.80k
    CBS_init(&cbs, buf, len);
326
7.80k
    bssl::UniquePtr<SSL> ssl = SetupTest(&cbs);
327
7.80k
    if (!ssl) {
328
4.03k
      if (debug_) {
329
0
        fprintf(stderr, "Error parsing parameters.\n");
330
0
      }
331
4.03k
      return 0;
332
4.03k
    }
333
334
3.77k
    if (role_ == kClient) {
335
3.77k
      SSL_set_renegotiate_mode(ssl.get(), ssl_renegotiate_freely);
336
3.77k
      SSL_set_tlsext_host_name(ssl.get(), "hostname");
337
3.77k
    }
338
339
    // ssl_handoff may or may not be used.
340
3.77k
    bssl::UniquePtr<SSL> ssl_handoff(SSL_new(ctx_.get()));
341
3.77k
    bssl::UniquePtr<SSL> ssl_handback(SSL_new(ctx_.get()));
342
3.77k
    SSL_set_accept_state(ssl_handoff.get());
343
344
3.77k
    SSL_set0_rbio(ssl.get(), MakeBIO(CBS_data(&cbs), CBS_len(&cbs)).release());
345
3.77k
    SSL_set0_wbio(ssl.get(), BIO_new(BIO_s_mem()));
346
347
3.77k
    SSL *ssl_handshake = ssl.get();
348
3.77k
    bool handshake_successful = false;
349
3.77k
    bool handback_successful = false;
350
3.77k
    for (;;) {
351
3.77k
      int ret = SSL_do_handshake(ssl_handshake);
352
3.77k
      if (ret < 0 && SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDOFF) {
353
0
        MoveBIOs(ssl_handoff.get(), ssl.get());
354
        // Ordinarily we would call SSL_serialize_handoff(ssl.get().  But for
355
        // fuzzing, use the serialized handoff that's getting fuzzed.
356
0
        if (!bssl::SSL_apply_handoff(ssl_handoff.get(), handoff_)) {
357
0
          if (debug_) {
358
0
            fprintf(stderr, "Handoff failed.\n");
359
0
          }
360
0
          break;
361
0
        }
362
0
        ssl_handshake = ssl_handoff.get();
363
3.77k
      } else if (ret < 0 &&
364
2.75k
                 SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDBACK) {
365
0
        MoveBIOs(ssl_handback.get(), ssl_handoff.get());
366
0
        if (!bssl::SSL_apply_handback(ssl_handback.get(), handback_)) {
367
0
          if (debug_) {
368
0
            fprintf(stderr, "Handback failed.\n");
369
0
          }
370
0
          break;
371
0
        }
372
0
        handback_successful = true;
373
0
        ssl_handshake = ssl_handback.get();
374
3.77k
      } else {
375
3.77k
        handshake_successful = ret == 1;
376
3.77k
        break;
377
3.77k
      }
378
3.77k
    }
379
380
3.77k
    if (debug_) {
381
0
      if (!handshake_successful) {
382
0
        fprintf(stderr, "Handshake failed.\n");
383
0
      } else if (handback_successful) {
384
0
        fprintf(stderr, "Handback successful.\n");
385
0
      }
386
0
    }
387
388
3.77k
    if (handshake_successful) {
389
      // Keep reading application data until error or EOF.
390
55
      uint8_t tmp[1024];
391
55
      for (;;) {
392
55
        if (SSL_read(ssl_handshake, tmp, sizeof(tmp)) <= 0) {
393
55
          break;
394
55
        }
395
55
      }
396
55
    }
397
398
3.77k
    if (debug_) {
399
      ERR_print_errors_fp(stderr);
400
0
    }
401
3.77k
    ERR_clear_error();
402
3.77k
    return 0;
403
7.80k
  }
client.cc:(anonymous namespace)::TLSFuzzer::TestOneInput(unsigned char const*, unsigned long)
Line
Count
Source
319
8.40k
  int TestOneInput(const uint8_t *buf, size_t len) {
320
8.40k
#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
321
8.40k
    RAND_reset_for_fuzzing();
322
8.40k
#endif
323
324
8.40k
    CBS cbs;
325
8.40k
    CBS_init(&cbs, buf, len);
326
8.40k
    bssl::UniquePtr<SSL> ssl = SetupTest(&cbs);
327
8.40k
    if (!ssl) {
328
3.73k
      if (debug_) {
329
0
        fprintf(stderr, "Error parsing parameters.\n");
330
0
      }
331
3.73k
      return 0;
332
3.73k
    }
333
334
4.66k
    if (role_ == kClient) {
335
4.66k
      SSL_set_renegotiate_mode(ssl.get(), ssl_renegotiate_freely);
336
4.66k
      SSL_set_tlsext_host_name(ssl.get(), "hostname");
337
4.66k
    }
338
339
    // ssl_handoff may or may not be used.
340
4.66k
    bssl::UniquePtr<SSL> ssl_handoff(SSL_new(ctx_.get()));
341
4.66k
    bssl::UniquePtr<SSL> ssl_handback(SSL_new(ctx_.get()));
342
4.66k
    SSL_set_accept_state(ssl_handoff.get());
343
344
4.66k
    SSL_set0_rbio(ssl.get(), MakeBIO(CBS_data(&cbs), CBS_len(&cbs)).release());
345
4.66k
    SSL_set0_wbio(ssl.get(), BIO_new(BIO_s_mem()));
346
347
4.66k
    SSL *ssl_handshake = ssl.get();
348
4.66k
    bool handshake_successful = false;
349
4.66k
    bool handback_successful = false;
350
4.66k
    for (;;) {
351
4.66k
      int ret = SSL_do_handshake(ssl_handshake);
352
4.66k
      if (ret < 0 && SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDOFF) {
353
0
        MoveBIOs(ssl_handoff.get(), ssl.get());
354
        // Ordinarily we would call SSL_serialize_handoff(ssl.get().  But for
355
        // fuzzing, use the serialized handoff that's getting fuzzed.
356
0
        if (!bssl::SSL_apply_handoff(ssl_handoff.get(), handoff_)) {
357
0
          if (debug_) {
358
0
            fprintf(stderr, "Handoff failed.\n");
359
0
          }
360
0
          break;
361
0
        }
362
0
        ssl_handshake = ssl_handoff.get();
363
4.66k
      } else if (ret < 0 &&
364
1.92k
                 SSL_get_error(ssl_handshake, ret) == SSL_ERROR_HANDBACK) {
365
0
        MoveBIOs(ssl_handback.get(), ssl_handoff.get());
366
0
        if (!bssl::SSL_apply_handback(ssl_handback.get(), handback_)) {
367
0
          if (debug_) {
368
0
            fprintf(stderr, "Handback failed.\n");
369
0
          }
370
0
          break;
371
0
        }
372
0
        handback_successful = true;
373
0
        ssl_handshake = ssl_handback.get();
374
4.66k
      } else {
375
4.66k
        handshake_successful = ret == 1;
376
4.66k
        break;
377
4.66k
      }
378
4.66k
    }
379
380
4.66k
    if (debug_) {
381
0
      if (!handshake_successful) {
382
0
        fprintf(stderr, "Handshake failed.\n");
383
0
      } else if (handback_successful) {
384
0
        fprintf(stderr, "Handback successful.\n");
385
0
      }
386
0
    }
387
388
4.66k
    if (handshake_successful) {
389
      // Keep reading application data until error or EOF.
390
1.42k
      uint8_t tmp[1024];
391
3.39k
      for (;;) {
392
3.39k
        if (SSL_read(ssl_handshake, tmp, sizeof(tmp)) <= 0) {
393
1.42k
          break;
394
1.42k
        }
395
3.39k
      }
396
1.42k
    }
397
398
4.66k
    if (debug_) {
399
      ERR_print_errors_fp(stderr);
400
0
    }
401
4.66k
    ERR_clear_error();
402
4.66k
    return 0;
403
8.40k
  }
404
405
 private:
406
  // Init initializes |ctx_| with settings common to all inputs.
407
12
  bool Init() {
408
12
    ctx_.reset(SSL_CTX_new(protocol_ == kDTLS ? DTLS_method() : TLS_method()));
409
12
    bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
410
12
    bssl::UniquePtr<RSA> privkey(RSA_private_key_from_bytes(
411
12
        kRSAPrivateKeyDER, sizeof(kRSAPrivateKeyDER)));
412
12
    if (!ctx_ || !privkey || !pkey ||
413
12
        !EVP_PKEY_set1_RSA(pkey.get(), privkey.get()) ||
414
12
        !SSL_CTX_use_PrivateKey(ctx_.get(), pkey.get())) {
415
0
      return false;
416
0
    }
417
418
12
    const uint8_t *bufp = kCertificateDER;
419
12
    bssl::UniquePtr<X509> cert(
420
12
        d2i_X509(nullptr, &bufp, sizeof(kCertificateDER)));
421
12
    if (!cert ||
422
12
        !SSL_CTX_use_certificate(ctx_.get(), cert.get()) ||
423
12
        !SSL_CTX_set_ocsp_response(ctx_.get(), kOCSPResponse,
424
12
                                   sizeof(kOCSPResponse)) ||
425
12
        !SSL_CTX_set_signed_cert_timestamp_list(ctx_.get(), kSCT,
426
12
                                                sizeof(kSCT))) {
427
0
      return false;
428
0
    }
429
430
    // Use a constant clock.
431
12
    SSL_CTX_set_current_time_cb(ctx_.get(),
432
246k
                                [](const SSL *ssl, timeval *out_clock) {
433
246k
                                  *out_clock = {1234, 1234};
434
246k
                                });
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(ssl_st const*, timeval*)#1}::operator()(ssl_st const*, timeval*) const
Line
Count
Source
432
6.94k
                                [](const SSL *ssl, timeval *out_clock) {
433
6.94k
                                  *out_clock = {1234, 1234};
434
6.94k
                                });
dtls_client.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(ssl_st const*, timeval*)#1}::operator()(ssl_st const*, timeval*) const
Line
Count
Source
432
77.3k
                                [](const SSL *ssl, timeval *out_clock) {
433
77.3k
                                  *out_clock = {1234, 1234};
434
77.3k
                                });
dtls_server.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(ssl_st const*, timeval*)#1}::operator()(ssl_st const*, timeval*) const
Line
Count
Source
432
71.8k
                                [](const SSL *ssl, timeval *out_clock) {
433
71.8k
                                  *out_clock = {1234, 1234};
434
71.8k
                                });
server.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(ssl_st const*, timeval*)#1}::operator()(ssl_st const*, timeval*) const
Line
Count
Source
432
8.22k
                                [](const SSL *ssl, timeval *out_clock) {
433
8.22k
                                  *out_clock = {1234, 1234};
434
8.22k
                                });
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(ssl_st const*, timeval*)#1}::operator()(ssl_st const*, timeval*) const
Line
Count
Source
432
3.54k
                                [](const SSL *ssl, timeval *out_clock) {
433
3.54k
                                  *out_clock = {1234, 1234};
434
3.54k
                                });
client.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(ssl_st const*, timeval*)#1}::operator()(ssl_st const*, timeval*) const
Line
Count
Source
432
78.8k
                                [](const SSL *ssl, timeval *out_clock) {
433
78.8k
                                  *out_clock = {1234, 1234};
434
78.8k
                                });
435
436
    // When accepting peer certificates, allow any certificate.
437
12
    SSL_CTX_set_cert_verify_callback(
438
12
        ctx_.get(),
439
7.96k
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(x509_store_ctx_st*, void*)#1}::operator()(x509_store_ctx_st*, void*) const
Line
Count
Source
439
915
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
dtls_client.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(x509_store_ctx_st*, void*)#1}::operator()(x509_store_ctx_st*, void*) const
Line
Count
Source
439
1.46k
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
dtls_server.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(x509_store_ctx_st*, void*)#1}::operator()(x509_store_ctx_st*, void*) const
Line
Count
Source
439
537
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
server.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(x509_store_ctx_st*, void*)#1}::operator()(x509_store_ctx_st*, void*) const
Line
Count
Source
439
810
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(x509_store_ctx_st*, void*)#1}::operator()(x509_store_ctx_st*, void*) const
Line
Count
Source
439
1.64k
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
client.cc:(anonymous namespace)::TLSFuzzer::Init()::{lambda(x509_store_ctx_st*, void*)#1}::operator()(x509_store_ctx_st*, void*) const
Line
Count
Source
439
2.59k
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
440
441
12
    SSL_CTX_enable_signed_cert_timestamps(ctx_.get());
442
12
    SSL_CTX_enable_ocsp_stapling(ctx_.get());
443
444
    // Enable versions and ciphers that are off by default.
445
12
    uint16_t min_version = protocol_ == kDTLS ? DTLS1_VERSION : TLS1_VERSION;
446
12
    uint16_t max_version =
447
12
        protocol_ == kDTLS ? DTLS1_3_VERSION : TLS1_3_VERSION;
448
12
    if (!SSL_CTX_set_min_proto_version(ctx_.get(), min_version) ||
449
12
        !SSL_CTX_set_max_proto_version(ctx_.get(), max_version) ||
450
12
        !SSL_CTX_set_strict_cipher_list(ctx_.get(), "ALL:3DES")) {
451
0
      return false;
452
0
    }
453
454
12
    static const uint16_t kGroups[] = {
455
12
        SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
456
12
        SSL_GROUP_MLKEM1024,       SSL_GROUP_X25519,
457
12
        SSL_GROUP_SECP256R1,       SSL_GROUP_SECP384R1,
458
12
        SSL_GROUP_SECP521R1};
459
12
    if (!SSL_CTX_set1_group_ids(ctx_.get(), kGroups, std::size(kGroups))) {
460
0
      return false;
461
0
    }
462
463
12
    SSL_CTX_set_early_data_enabled(ctx_.get(), 1);
464
465
12
    SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);
466
12
    SSL_CTX_set_next_protos_advertised_cb(ctx_.get(), NPNAdvertiseCallback,
467
12
                                          nullptr);
468
469
12
    SSL_CTX_set_alpn_select_cb(ctx_.get(), ALPNSelectCallback, nullptr);
470
12
    if (SSL_CTX_set_alpn_protos(ctx_.get(), kALPNProtocols,
471
12
                                sizeof(kALPNProtocols)) != 0) {
472
0
      return false;
473
0
    }
474
475
12
    CBS cbs;
476
12
    CBS_init(&cbs, kP256KeyPKCS8, sizeof(kP256KeyPKCS8));
477
12
    pkey.reset(EVP_parse_private_key(&cbs));
478
12
    if (!pkey || !SSL_CTX_set1_tls_channel_id(ctx_.get(), pkey.get())) {
479
0
      return false;
480
0
    }
481
12
    SSL_CTX_set_tls_channel_id_enabled(ctx_.get(), 1);
482
483
12
    if (role_ == kServer) {
484
6
      bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new());
485
6
      bssl::ScopedEVP_HPKE_KEY key;
486
6
      uint8_t *ech_config;
487
6
      size_t ech_config_len;
488
6
      if (!keys ||
489
6
          !EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), kECHKey,
490
6
                             sizeof(kECHKey)) ||
491
          // Match |echConfig| in |addEncryptedClientHelloTests| from runner.go.
492
6
          !SSL_marshal_ech_config(&ech_config, &ech_config_len,
493
6
                                  /*config_id=*/42, key.get(), "public.example",
494
6
                                  /*max_name_len=*/64)) {
495
0
        return false;
496
0
      }
497
6
      bssl::UniquePtr<uint8_t> free_ech_config(ech_config);
498
6
      if (!SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, ech_config,
499
6
                            ech_config_len, key.get()) ||
500
6
          !SSL_CTX_set1_ech_keys(ctx_.get(), keys.get())) {
501
0
        return false;
502
0
      }
503
6
    }
504
505
12
    return true;
506
12
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::Init()
Line
Count
Source
407
2
  bool Init() {
408
2
    ctx_.reset(SSL_CTX_new(protocol_ == kDTLS ? DTLS_method() : TLS_method()));
409
2
    bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
410
2
    bssl::UniquePtr<RSA> privkey(RSA_private_key_from_bytes(
411
2
        kRSAPrivateKeyDER, sizeof(kRSAPrivateKeyDER)));
412
2
    if (!ctx_ || !privkey || !pkey ||
413
2
        !EVP_PKEY_set1_RSA(pkey.get(), privkey.get()) ||
414
2
        !SSL_CTX_use_PrivateKey(ctx_.get(), pkey.get())) {
415
0
      return false;
416
0
    }
417
418
2
    const uint8_t *bufp = kCertificateDER;
419
2
    bssl::UniquePtr<X509> cert(
420
2
        d2i_X509(nullptr, &bufp, sizeof(kCertificateDER)));
421
2
    if (!cert ||
422
2
        !SSL_CTX_use_certificate(ctx_.get(), cert.get()) ||
423
2
        !SSL_CTX_set_ocsp_response(ctx_.get(), kOCSPResponse,
424
2
                                   sizeof(kOCSPResponse)) ||
425
2
        !SSL_CTX_set_signed_cert_timestamp_list(ctx_.get(), kSCT,
426
2
                                                sizeof(kSCT))) {
427
0
      return false;
428
0
    }
429
430
    // Use a constant clock.
431
2
    SSL_CTX_set_current_time_cb(ctx_.get(),
432
2
                                [](const SSL *ssl, timeval *out_clock) {
433
2
                                  *out_clock = {1234, 1234};
434
2
                                });
435
436
    // When accepting peer certificates, allow any certificate.
437
2
    SSL_CTX_set_cert_verify_callback(
438
2
        ctx_.get(),
439
2
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
440
441
2
    SSL_CTX_enable_signed_cert_timestamps(ctx_.get());
442
2
    SSL_CTX_enable_ocsp_stapling(ctx_.get());
443
444
    // Enable versions and ciphers that are off by default.
445
2
    uint16_t min_version = protocol_ == kDTLS ? DTLS1_VERSION : TLS1_VERSION;
446
2
    uint16_t max_version =
447
2
        protocol_ == kDTLS ? DTLS1_3_VERSION : TLS1_3_VERSION;
448
2
    if (!SSL_CTX_set_min_proto_version(ctx_.get(), min_version) ||
449
2
        !SSL_CTX_set_max_proto_version(ctx_.get(), max_version) ||
450
2
        !SSL_CTX_set_strict_cipher_list(ctx_.get(), "ALL:3DES")) {
451
0
      return false;
452
0
    }
453
454
2
    static const uint16_t kGroups[] = {
455
2
        SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
456
2
        SSL_GROUP_MLKEM1024,       SSL_GROUP_X25519,
457
2
        SSL_GROUP_SECP256R1,       SSL_GROUP_SECP384R1,
458
2
        SSL_GROUP_SECP521R1};
459
2
    if (!SSL_CTX_set1_group_ids(ctx_.get(), kGroups, std::size(kGroups))) {
460
0
      return false;
461
0
    }
462
463
2
    SSL_CTX_set_early_data_enabled(ctx_.get(), 1);
464
465
2
    SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);
466
2
    SSL_CTX_set_next_protos_advertised_cb(ctx_.get(), NPNAdvertiseCallback,
467
2
                                          nullptr);
468
469
2
    SSL_CTX_set_alpn_select_cb(ctx_.get(), ALPNSelectCallback, nullptr);
470
2
    if (SSL_CTX_set_alpn_protos(ctx_.get(), kALPNProtocols,
471
2
                                sizeof(kALPNProtocols)) != 0) {
472
0
      return false;
473
0
    }
474
475
2
    CBS cbs;
476
2
    CBS_init(&cbs, kP256KeyPKCS8, sizeof(kP256KeyPKCS8));
477
2
    pkey.reset(EVP_parse_private_key(&cbs));
478
2
    if (!pkey || !SSL_CTX_set1_tls_channel_id(ctx_.get(), pkey.get())) {
479
0
      return false;
480
0
    }
481
2
    SSL_CTX_set_tls_channel_id_enabled(ctx_.get(), 1);
482
483
2
    if (role_ == kServer) {
484
2
      bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new());
485
2
      bssl::ScopedEVP_HPKE_KEY key;
486
2
      uint8_t *ech_config;
487
2
      size_t ech_config_len;
488
2
      if (!keys ||
489
2
          !EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), kECHKey,
490
2
                             sizeof(kECHKey)) ||
491
          // Match |echConfig| in |addEncryptedClientHelloTests| from runner.go.
492
2
          !SSL_marshal_ech_config(&ech_config, &ech_config_len,
493
2
                                  /*config_id=*/42, key.get(), "public.example",
494
2
                                  /*max_name_len=*/64)) {
495
0
        return false;
496
0
      }
497
2
      bssl::UniquePtr<uint8_t> free_ech_config(ech_config);
498
2
      if (!SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, ech_config,
499
2
                            ech_config_len, key.get()) ||
500
2
          !SSL_CTX_set1_ech_keys(ctx_.get(), keys.get())) {
501
0
        return false;
502
0
      }
503
2
    }
504
505
2
    return true;
506
2
  }
dtls_client.cc:(anonymous namespace)::TLSFuzzer::Init()
Line
Count
Source
407
2
  bool Init() {
408
2
    ctx_.reset(SSL_CTX_new(protocol_ == kDTLS ? DTLS_method() : TLS_method()));
409
2
    bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
410
2
    bssl::UniquePtr<RSA> privkey(RSA_private_key_from_bytes(
411
2
        kRSAPrivateKeyDER, sizeof(kRSAPrivateKeyDER)));
412
2
    if (!ctx_ || !privkey || !pkey ||
413
2
        !EVP_PKEY_set1_RSA(pkey.get(), privkey.get()) ||
414
2
        !SSL_CTX_use_PrivateKey(ctx_.get(), pkey.get())) {
415
0
      return false;
416
0
    }
417
418
2
    const uint8_t *bufp = kCertificateDER;
419
2
    bssl::UniquePtr<X509> cert(
420
2
        d2i_X509(nullptr, &bufp, sizeof(kCertificateDER)));
421
2
    if (!cert ||
422
2
        !SSL_CTX_use_certificate(ctx_.get(), cert.get()) ||
423
2
        !SSL_CTX_set_ocsp_response(ctx_.get(), kOCSPResponse,
424
2
                                   sizeof(kOCSPResponse)) ||
425
2
        !SSL_CTX_set_signed_cert_timestamp_list(ctx_.get(), kSCT,
426
2
                                                sizeof(kSCT))) {
427
0
      return false;
428
0
    }
429
430
    // Use a constant clock.
431
2
    SSL_CTX_set_current_time_cb(ctx_.get(),
432
2
                                [](const SSL *ssl, timeval *out_clock) {
433
2
                                  *out_clock = {1234, 1234};
434
2
                                });
435
436
    // When accepting peer certificates, allow any certificate.
437
2
    SSL_CTX_set_cert_verify_callback(
438
2
        ctx_.get(),
439
2
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
440
441
2
    SSL_CTX_enable_signed_cert_timestamps(ctx_.get());
442
2
    SSL_CTX_enable_ocsp_stapling(ctx_.get());
443
444
    // Enable versions and ciphers that are off by default.
445
2
    uint16_t min_version = protocol_ == kDTLS ? DTLS1_VERSION : TLS1_VERSION;
446
2
    uint16_t max_version =
447
2
        protocol_ == kDTLS ? DTLS1_3_VERSION : TLS1_3_VERSION;
448
2
    if (!SSL_CTX_set_min_proto_version(ctx_.get(), min_version) ||
449
2
        !SSL_CTX_set_max_proto_version(ctx_.get(), max_version) ||
450
2
        !SSL_CTX_set_strict_cipher_list(ctx_.get(), "ALL:3DES")) {
451
0
      return false;
452
0
    }
453
454
2
    static const uint16_t kGroups[] = {
455
2
        SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
456
2
        SSL_GROUP_MLKEM1024,       SSL_GROUP_X25519,
457
2
        SSL_GROUP_SECP256R1,       SSL_GROUP_SECP384R1,
458
2
        SSL_GROUP_SECP521R1};
459
2
    if (!SSL_CTX_set1_group_ids(ctx_.get(), kGroups, std::size(kGroups))) {
460
0
      return false;
461
0
    }
462
463
2
    SSL_CTX_set_early_data_enabled(ctx_.get(), 1);
464
465
2
    SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);
466
2
    SSL_CTX_set_next_protos_advertised_cb(ctx_.get(), NPNAdvertiseCallback,
467
2
                                          nullptr);
468
469
2
    SSL_CTX_set_alpn_select_cb(ctx_.get(), ALPNSelectCallback, nullptr);
470
2
    if (SSL_CTX_set_alpn_protos(ctx_.get(), kALPNProtocols,
471
2
                                sizeof(kALPNProtocols)) != 0) {
472
0
      return false;
473
0
    }
474
475
2
    CBS cbs;
476
2
    CBS_init(&cbs, kP256KeyPKCS8, sizeof(kP256KeyPKCS8));
477
2
    pkey.reset(EVP_parse_private_key(&cbs));
478
2
    if (!pkey || !SSL_CTX_set1_tls_channel_id(ctx_.get(), pkey.get())) {
479
0
      return false;
480
0
    }
481
2
    SSL_CTX_set_tls_channel_id_enabled(ctx_.get(), 1);
482
483
2
    if (role_ == kServer) {
484
0
      bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new());
485
0
      bssl::ScopedEVP_HPKE_KEY key;
486
0
      uint8_t *ech_config;
487
0
      size_t ech_config_len;
488
0
      if (!keys ||
489
0
          !EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), kECHKey,
490
0
                             sizeof(kECHKey)) ||
491
          // Match |echConfig| in |addEncryptedClientHelloTests| from runner.go.
492
0
          !SSL_marshal_ech_config(&ech_config, &ech_config_len,
493
0
                                  /*config_id=*/42, key.get(), "public.example",
494
0
                                  /*max_name_len=*/64)) {
495
0
        return false;
496
0
      }
497
0
      bssl::UniquePtr<uint8_t> free_ech_config(ech_config);
498
0
      if (!SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, ech_config,
499
0
                            ech_config_len, key.get()) ||
500
0
          !SSL_CTX_set1_ech_keys(ctx_.get(), keys.get())) {
501
0
        return false;
502
0
      }
503
0
    }
504
505
2
    return true;
506
2
  }
dtls_server.cc:(anonymous namespace)::TLSFuzzer::Init()
Line
Count
Source
407
2
  bool Init() {
408
2
    ctx_.reset(SSL_CTX_new(protocol_ == kDTLS ? DTLS_method() : TLS_method()));
409
2
    bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
410
2
    bssl::UniquePtr<RSA> privkey(RSA_private_key_from_bytes(
411
2
        kRSAPrivateKeyDER, sizeof(kRSAPrivateKeyDER)));
412
2
    if (!ctx_ || !privkey || !pkey ||
413
2
        !EVP_PKEY_set1_RSA(pkey.get(), privkey.get()) ||
414
2
        !SSL_CTX_use_PrivateKey(ctx_.get(), pkey.get())) {
415
0
      return false;
416
0
    }
417
418
2
    const uint8_t *bufp = kCertificateDER;
419
2
    bssl::UniquePtr<X509> cert(
420
2
        d2i_X509(nullptr, &bufp, sizeof(kCertificateDER)));
421
2
    if (!cert ||
422
2
        !SSL_CTX_use_certificate(ctx_.get(), cert.get()) ||
423
2
        !SSL_CTX_set_ocsp_response(ctx_.get(), kOCSPResponse,
424
2
                                   sizeof(kOCSPResponse)) ||
425
2
        !SSL_CTX_set_signed_cert_timestamp_list(ctx_.get(), kSCT,
426
2
                                                sizeof(kSCT))) {
427
0
      return false;
428
0
    }
429
430
    // Use a constant clock.
431
2
    SSL_CTX_set_current_time_cb(ctx_.get(),
432
2
                                [](const SSL *ssl, timeval *out_clock) {
433
2
                                  *out_clock = {1234, 1234};
434
2
                                });
435
436
    // When accepting peer certificates, allow any certificate.
437
2
    SSL_CTX_set_cert_verify_callback(
438
2
        ctx_.get(),
439
2
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
440
441
2
    SSL_CTX_enable_signed_cert_timestamps(ctx_.get());
442
2
    SSL_CTX_enable_ocsp_stapling(ctx_.get());
443
444
    // Enable versions and ciphers that are off by default.
445
2
    uint16_t min_version = protocol_ == kDTLS ? DTLS1_VERSION : TLS1_VERSION;
446
2
    uint16_t max_version =
447
2
        protocol_ == kDTLS ? DTLS1_3_VERSION : TLS1_3_VERSION;
448
2
    if (!SSL_CTX_set_min_proto_version(ctx_.get(), min_version) ||
449
2
        !SSL_CTX_set_max_proto_version(ctx_.get(), max_version) ||
450
2
        !SSL_CTX_set_strict_cipher_list(ctx_.get(), "ALL:3DES")) {
451
0
      return false;
452
0
    }
453
454
2
    static const uint16_t kGroups[] = {
455
2
        SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
456
2
        SSL_GROUP_MLKEM1024,       SSL_GROUP_X25519,
457
2
        SSL_GROUP_SECP256R1,       SSL_GROUP_SECP384R1,
458
2
        SSL_GROUP_SECP521R1};
459
2
    if (!SSL_CTX_set1_group_ids(ctx_.get(), kGroups, std::size(kGroups))) {
460
0
      return false;
461
0
    }
462
463
2
    SSL_CTX_set_early_data_enabled(ctx_.get(), 1);
464
465
2
    SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);
466
2
    SSL_CTX_set_next_protos_advertised_cb(ctx_.get(), NPNAdvertiseCallback,
467
2
                                          nullptr);
468
469
2
    SSL_CTX_set_alpn_select_cb(ctx_.get(), ALPNSelectCallback, nullptr);
470
2
    if (SSL_CTX_set_alpn_protos(ctx_.get(), kALPNProtocols,
471
2
                                sizeof(kALPNProtocols)) != 0) {
472
0
      return false;
473
0
    }
474
475
2
    CBS cbs;
476
2
    CBS_init(&cbs, kP256KeyPKCS8, sizeof(kP256KeyPKCS8));
477
2
    pkey.reset(EVP_parse_private_key(&cbs));
478
2
    if (!pkey || !SSL_CTX_set1_tls_channel_id(ctx_.get(), pkey.get())) {
479
0
      return false;
480
0
    }
481
2
    SSL_CTX_set_tls_channel_id_enabled(ctx_.get(), 1);
482
483
2
    if (role_ == kServer) {
484
2
      bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new());
485
2
      bssl::ScopedEVP_HPKE_KEY key;
486
2
      uint8_t *ech_config;
487
2
      size_t ech_config_len;
488
2
      if (!keys ||
489
2
          !EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), kECHKey,
490
2
                             sizeof(kECHKey)) ||
491
          // Match |echConfig| in |addEncryptedClientHelloTests| from runner.go.
492
2
          !SSL_marshal_ech_config(&ech_config, &ech_config_len,
493
2
                                  /*config_id=*/42, key.get(), "public.example",
494
2
                                  /*max_name_len=*/64)) {
495
0
        return false;
496
0
      }
497
2
      bssl::UniquePtr<uint8_t> free_ech_config(ech_config);
498
2
      if (!SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, ech_config,
499
2
                            ech_config_len, key.get()) ||
500
2
          !SSL_CTX_set1_ech_keys(ctx_.get(), keys.get())) {
501
0
        return false;
502
0
      }
503
2
    }
504
505
2
    return true;
506
2
  }
server.cc:(anonymous namespace)::TLSFuzzer::Init()
Line
Count
Source
407
2
  bool Init() {
408
2
    ctx_.reset(SSL_CTX_new(protocol_ == kDTLS ? DTLS_method() : TLS_method()));
409
2
    bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
410
2
    bssl::UniquePtr<RSA> privkey(RSA_private_key_from_bytes(
411
2
        kRSAPrivateKeyDER, sizeof(kRSAPrivateKeyDER)));
412
2
    if (!ctx_ || !privkey || !pkey ||
413
2
        !EVP_PKEY_set1_RSA(pkey.get(), privkey.get()) ||
414
2
        !SSL_CTX_use_PrivateKey(ctx_.get(), pkey.get())) {
415
0
      return false;
416
0
    }
417
418
2
    const uint8_t *bufp = kCertificateDER;
419
2
    bssl::UniquePtr<X509> cert(
420
2
        d2i_X509(nullptr, &bufp, sizeof(kCertificateDER)));
421
2
    if (!cert ||
422
2
        !SSL_CTX_use_certificate(ctx_.get(), cert.get()) ||
423
2
        !SSL_CTX_set_ocsp_response(ctx_.get(), kOCSPResponse,
424
2
                                   sizeof(kOCSPResponse)) ||
425
2
        !SSL_CTX_set_signed_cert_timestamp_list(ctx_.get(), kSCT,
426
2
                                                sizeof(kSCT))) {
427
0
      return false;
428
0
    }
429
430
    // Use a constant clock.
431
2
    SSL_CTX_set_current_time_cb(ctx_.get(),
432
2
                                [](const SSL *ssl, timeval *out_clock) {
433
2
                                  *out_clock = {1234, 1234};
434
2
                                });
435
436
    // When accepting peer certificates, allow any certificate.
437
2
    SSL_CTX_set_cert_verify_callback(
438
2
        ctx_.get(),
439
2
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
440
441
2
    SSL_CTX_enable_signed_cert_timestamps(ctx_.get());
442
2
    SSL_CTX_enable_ocsp_stapling(ctx_.get());
443
444
    // Enable versions and ciphers that are off by default.
445
2
    uint16_t min_version = protocol_ == kDTLS ? DTLS1_VERSION : TLS1_VERSION;
446
2
    uint16_t max_version =
447
2
        protocol_ == kDTLS ? DTLS1_3_VERSION : TLS1_3_VERSION;
448
2
    if (!SSL_CTX_set_min_proto_version(ctx_.get(), min_version) ||
449
2
        !SSL_CTX_set_max_proto_version(ctx_.get(), max_version) ||
450
2
        !SSL_CTX_set_strict_cipher_list(ctx_.get(), "ALL:3DES")) {
451
0
      return false;
452
0
    }
453
454
2
    static const uint16_t kGroups[] = {
455
2
        SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
456
2
        SSL_GROUP_MLKEM1024,       SSL_GROUP_X25519,
457
2
        SSL_GROUP_SECP256R1,       SSL_GROUP_SECP384R1,
458
2
        SSL_GROUP_SECP521R1};
459
2
    if (!SSL_CTX_set1_group_ids(ctx_.get(), kGroups, std::size(kGroups))) {
460
0
      return false;
461
0
    }
462
463
2
    SSL_CTX_set_early_data_enabled(ctx_.get(), 1);
464
465
2
    SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);
466
2
    SSL_CTX_set_next_protos_advertised_cb(ctx_.get(), NPNAdvertiseCallback,
467
2
                                          nullptr);
468
469
2
    SSL_CTX_set_alpn_select_cb(ctx_.get(), ALPNSelectCallback, nullptr);
470
2
    if (SSL_CTX_set_alpn_protos(ctx_.get(), kALPNProtocols,
471
2
                                sizeof(kALPNProtocols)) != 0) {
472
0
      return false;
473
0
    }
474
475
2
    CBS cbs;
476
2
    CBS_init(&cbs, kP256KeyPKCS8, sizeof(kP256KeyPKCS8));
477
2
    pkey.reset(EVP_parse_private_key(&cbs));
478
2
    if (!pkey || !SSL_CTX_set1_tls_channel_id(ctx_.get(), pkey.get())) {
479
0
      return false;
480
0
    }
481
2
    SSL_CTX_set_tls_channel_id_enabled(ctx_.get(), 1);
482
483
2
    if (role_ == kServer) {
484
2
      bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new());
485
2
      bssl::ScopedEVP_HPKE_KEY key;
486
2
      uint8_t *ech_config;
487
2
      size_t ech_config_len;
488
2
      if (!keys ||
489
2
          !EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), kECHKey,
490
2
                             sizeof(kECHKey)) ||
491
          // Match |echConfig| in |addEncryptedClientHelloTests| from runner.go.
492
2
          !SSL_marshal_ech_config(&ech_config, &ech_config_len,
493
2
                                  /*config_id=*/42, key.get(), "public.example",
494
2
                                  /*max_name_len=*/64)) {
495
0
        return false;
496
0
      }
497
2
      bssl::UniquePtr<uint8_t> free_ech_config(ech_config);
498
2
      if (!SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, ech_config,
499
2
                            ech_config_len, key.get()) ||
500
2
          !SSL_CTX_set1_ech_keys(ctx_.get(), keys.get())) {
501
0
        return false;
502
0
      }
503
2
    }
504
505
2
    return true;
506
2
  }
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::Init()
Line
Count
Source
407
2
  bool Init() {
408
2
    ctx_.reset(SSL_CTX_new(protocol_ == kDTLS ? DTLS_method() : TLS_method()));
409
2
    bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
410
2
    bssl::UniquePtr<RSA> privkey(RSA_private_key_from_bytes(
411
2
        kRSAPrivateKeyDER, sizeof(kRSAPrivateKeyDER)));
412
2
    if (!ctx_ || !privkey || !pkey ||
413
2
        !EVP_PKEY_set1_RSA(pkey.get(), privkey.get()) ||
414
2
        !SSL_CTX_use_PrivateKey(ctx_.get(), pkey.get())) {
415
0
      return false;
416
0
    }
417
418
2
    const uint8_t *bufp = kCertificateDER;
419
2
    bssl::UniquePtr<X509> cert(
420
2
        d2i_X509(nullptr, &bufp, sizeof(kCertificateDER)));
421
2
    if (!cert ||
422
2
        !SSL_CTX_use_certificate(ctx_.get(), cert.get()) ||
423
2
        !SSL_CTX_set_ocsp_response(ctx_.get(), kOCSPResponse,
424
2
                                   sizeof(kOCSPResponse)) ||
425
2
        !SSL_CTX_set_signed_cert_timestamp_list(ctx_.get(), kSCT,
426
2
                                                sizeof(kSCT))) {
427
0
      return false;
428
0
    }
429
430
    // Use a constant clock.
431
2
    SSL_CTX_set_current_time_cb(ctx_.get(),
432
2
                                [](const SSL *ssl, timeval *out_clock) {
433
2
                                  *out_clock = {1234, 1234};
434
2
                                });
435
436
    // When accepting peer certificates, allow any certificate.
437
2
    SSL_CTX_set_cert_verify_callback(
438
2
        ctx_.get(),
439
2
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
440
441
2
    SSL_CTX_enable_signed_cert_timestamps(ctx_.get());
442
2
    SSL_CTX_enable_ocsp_stapling(ctx_.get());
443
444
    // Enable versions and ciphers that are off by default.
445
2
    uint16_t min_version = protocol_ == kDTLS ? DTLS1_VERSION : TLS1_VERSION;
446
2
    uint16_t max_version =
447
2
        protocol_ == kDTLS ? DTLS1_3_VERSION : TLS1_3_VERSION;
448
2
    if (!SSL_CTX_set_min_proto_version(ctx_.get(), min_version) ||
449
2
        !SSL_CTX_set_max_proto_version(ctx_.get(), max_version) ||
450
2
        !SSL_CTX_set_strict_cipher_list(ctx_.get(), "ALL:3DES")) {
451
0
      return false;
452
0
    }
453
454
2
    static const uint16_t kGroups[] = {
455
2
        SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
456
2
        SSL_GROUP_MLKEM1024,       SSL_GROUP_X25519,
457
2
        SSL_GROUP_SECP256R1,       SSL_GROUP_SECP384R1,
458
2
        SSL_GROUP_SECP521R1};
459
2
    if (!SSL_CTX_set1_group_ids(ctx_.get(), kGroups, std::size(kGroups))) {
460
0
      return false;
461
0
    }
462
463
2
    SSL_CTX_set_early_data_enabled(ctx_.get(), 1);
464
465
2
    SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);
466
2
    SSL_CTX_set_next_protos_advertised_cb(ctx_.get(), NPNAdvertiseCallback,
467
2
                                          nullptr);
468
469
2
    SSL_CTX_set_alpn_select_cb(ctx_.get(), ALPNSelectCallback, nullptr);
470
2
    if (SSL_CTX_set_alpn_protos(ctx_.get(), kALPNProtocols,
471
2
                                sizeof(kALPNProtocols)) != 0) {
472
0
      return false;
473
0
    }
474
475
2
    CBS cbs;
476
2
    CBS_init(&cbs, kP256KeyPKCS8, sizeof(kP256KeyPKCS8));
477
2
    pkey.reset(EVP_parse_private_key(&cbs));
478
2
    if (!pkey || !SSL_CTX_set1_tls_channel_id(ctx_.get(), pkey.get())) {
479
0
      return false;
480
0
    }
481
2
    SSL_CTX_set_tls_channel_id_enabled(ctx_.get(), 1);
482
483
2
    if (role_ == kServer) {
484
0
      bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new());
485
0
      bssl::ScopedEVP_HPKE_KEY key;
486
0
      uint8_t *ech_config;
487
0
      size_t ech_config_len;
488
0
      if (!keys ||
489
0
          !EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), kECHKey,
490
0
                             sizeof(kECHKey)) ||
491
          // Match |echConfig| in |addEncryptedClientHelloTests| from runner.go.
492
0
          !SSL_marshal_ech_config(&ech_config, &ech_config_len,
493
0
                                  /*config_id=*/42, key.get(), "public.example",
494
0
                                  /*max_name_len=*/64)) {
495
0
        return false;
496
0
      }
497
0
      bssl::UniquePtr<uint8_t> free_ech_config(ech_config);
498
0
      if (!SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, ech_config,
499
0
                            ech_config_len, key.get()) ||
500
0
          !SSL_CTX_set1_ech_keys(ctx_.get(), keys.get())) {
501
0
        return false;
502
0
      }
503
0
    }
504
505
2
    return true;
506
2
  }
client.cc:(anonymous namespace)::TLSFuzzer::Init()
Line
Count
Source
407
2
  bool Init() {
408
2
    ctx_.reset(SSL_CTX_new(protocol_ == kDTLS ? DTLS_method() : TLS_method()));
409
2
    bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
410
2
    bssl::UniquePtr<RSA> privkey(RSA_private_key_from_bytes(
411
2
        kRSAPrivateKeyDER, sizeof(kRSAPrivateKeyDER)));
412
2
    if (!ctx_ || !privkey || !pkey ||
413
2
        !EVP_PKEY_set1_RSA(pkey.get(), privkey.get()) ||
414
2
        !SSL_CTX_use_PrivateKey(ctx_.get(), pkey.get())) {
415
0
      return false;
416
0
    }
417
418
2
    const uint8_t *bufp = kCertificateDER;
419
2
    bssl::UniquePtr<X509> cert(
420
2
        d2i_X509(nullptr, &bufp, sizeof(kCertificateDER)));
421
2
    if (!cert ||
422
2
        !SSL_CTX_use_certificate(ctx_.get(), cert.get()) ||
423
2
        !SSL_CTX_set_ocsp_response(ctx_.get(), kOCSPResponse,
424
2
                                   sizeof(kOCSPResponse)) ||
425
2
        !SSL_CTX_set_signed_cert_timestamp_list(ctx_.get(), kSCT,
426
2
                                                sizeof(kSCT))) {
427
0
      return false;
428
0
    }
429
430
    // Use a constant clock.
431
2
    SSL_CTX_set_current_time_cb(ctx_.get(),
432
2
                                [](const SSL *ssl, timeval *out_clock) {
433
2
                                  *out_clock = {1234, 1234};
434
2
                                });
435
436
    // When accepting peer certificates, allow any certificate.
437
2
    SSL_CTX_set_cert_verify_callback(
438
2
        ctx_.get(),
439
2
        [](X509_STORE_CTX *store_ctx, void *arg) -> int { return 1; }, nullptr);
440
441
2
    SSL_CTX_enable_signed_cert_timestamps(ctx_.get());
442
2
    SSL_CTX_enable_ocsp_stapling(ctx_.get());
443
444
    // Enable versions and ciphers that are off by default.
445
2
    uint16_t min_version = protocol_ == kDTLS ? DTLS1_VERSION : TLS1_VERSION;
446
2
    uint16_t max_version =
447
2
        protocol_ == kDTLS ? DTLS1_3_VERSION : TLS1_3_VERSION;
448
2
    if (!SSL_CTX_set_min_proto_version(ctx_.get(), min_version) ||
449
2
        !SSL_CTX_set_max_proto_version(ctx_.get(), max_version) ||
450
2
        !SSL_CTX_set_strict_cipher_list(ctx_.get(), "ALL:3DES")) {
451
0
      return false;
452
0
    }
453
454
2
    static const uint16_t kGroups[] = {
455
2
        SSL_GROUP_X25519_MLKEM768, SSL_GROUP_X25519_KYBER768_DRAFT00,
456
2
        SSL_GROUP_MLKEM1024,       SSL_GROUP_X25519,
457
2
        SSL_GROUP_SECP256R1,       SSL_GROUP_SECP384R1,
458
2
        SSL_GROUP_SECP521R1};
459
2
    if (!SSL_CTX_set1_group_ids(ctx_.get(), kGroups, std::size(kGroups))) {
460
0
      return false;
461
0
    }
462
463
2
    SSL_CTX_set_early_data_enabled(ctx_.get(), 1);
464
465
2
    SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);
466
2
    SSL_CTX_set_next_protos_advertised_cb(ctx_.get(), NPNAdvertiseCallback,
467
2
                                          nullptr);
468
469
2
    SSL_CTX_set_alpn_select_cb(ctx_.get(), ALPNSelectCallback, nullptr);
470
2
    if (SSL_CTX_set_alpn_protos(ctx_.get(), kALPNProtocols,
471
2
                                sizeof(kALPNProtocols)) != 0) {
472
0
      return false;
473
0
    }
474
475
2
    CBS cbs;
476
2
    CBS_init(&cbs, kP256KeyPKCS8, sizeof(kP256KeyPKCS8));
477
2
    pkey.reset(EVP_parse_private_key(&cbs));
478
2
    if (!pkey || !SSL_CTX_set1_tls_channel_id(ctx_.get(), pkey.get())) {
479
0
      return false;
480
0
    }
481
2
    SSL_CTX_set_tls_channel_id_enabled(ctx_.get(), 1);
482
483
2
    if (role_ == kServer) {
484
0
      bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new());
485
0
      bssl::ScopedEVP_HPKE_KEY key;
486
0
      uint8_t *ech_config;
487
0
      size_t ech_config_len;
488
0
      if (!keys ||
489
0
          !EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), kECHKey,
490
0
                             sizeof(kECHKey)) ||
491
          // Match |echConfig| in |addEncryptedClientHelloTests| from runner.go.
492
0
          !SSL_marshal_ech_config(&ech_config, &ech_config_len,
493
0
                                  /*config_id=*/42, key.get(), "public.example",
494
0
                                  /*max_name_len=*/64)) {
495
0
        return false;
496
0
      }
497
0
      bssl::UniquePtr<uint8_t> free_ech_config(ech_config);
498
0
      if (!SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, ech_config,
499
0
                            ech_config_len, key.get()) ||
500
0
          !SSL_CTX_set1_ech_keys(ctx_.get(), keys.get())) {
501
0
        return false;
502
0
      }
503
0
    }
504
505
2
    return true;
506
2
  }
507
508
  // SetupTest parses parameters from |cbs| and returns a newly-configured |SSL|
509
  // object or nullptr on error. On success, the caller should feed the
510
  // remaining input in |cbs| to the SSL stack.
511
52.1k
  bssl::UniquePtr<SSL> SetupTest(CBS *cbs) {
512
    // |ctx| is shared between runs, so we must clear any modifications to it
513
    // made later on in this function.
514
52.1k
    SSL_CTX_flush_sessions(ctx_.get(), 0);
515
52.1k
    handoff_ = {};
516
52.1k
    handback_ = {};
517
518
52.1k
    bssl::UniquePtr<SSL> ssl(SSL_new(ctx_.get()));
519
52.1k
    if (role_ == kServer) {
520
27.9k
      SSL_set_accept_state(ssl.get());
521
27.9k
    } else {
522
24.2k
      SSL_set_connect_state(ssl.get());
523
24.2k
    }
524
525
268k
    for (;;) {
526
268k
      uint16_t tag;
527
268k
      if (!CBS_get_u16(cbs, &tag)) {
528
8.09k
        return nullptr;
529
8.09k
      }
530
260k
      switch (tag) {
531
30.1k
        case kDataTag:
532
30.1k
          return ssl;
533
534
124k
        case kSessionTag: {
535
124k
          CBS data;
536
124k
          if (!CBS_get_u24_length_prefixed(cbs, &data)) {
537
1.31k
            return nullptr;
538
1.31k
          }
539
122k
          bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
540
122k
              CBS_data(&data), CBS_len(&data), ctx_.get()));
541
122k
          if (!session) {
542
11.5k
            return nullptr;
543
11.5k
          }
544
545
111k
          if (role_ == kServer) {
546
60.0k
            SSL_CTX_add_session(ctx_.get(), session.get());
547
60.0k
          } else {
548
51.3k
            SSL_set_session(ssl.get(), session.get());
549
51.3k
          }
550
111k
          break;
551
122k
        }
552
553
9.00k
        case kRequestClientCert:
554
9.00k
          if (role_ == kClient) {
555
5
            return nullptr;
556
5
          }
557
8.99k
          SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);
558
8.99k
          break;
559
560
10.0k
        case kHandoffTag: {
561
10.0k
          CBS handoff;
562
10.0k
          if (!CBS_get_u24_length_prefixed(cbs, &handoff)) {
563
46
            return nullptr;
564
46
          }
565
9.96k
          handoff_.assign(CBS_data(&handoff),
566
9.96k
                          CBS_data(&handoff) + CBS_len(&handoff));
567
9.96k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
568
9.96k
          break;
569
10.0k
        }
570
571
6.16k
        case kHandbackTag: {
572
6.16k
          CBS handback;
573
6.16k
          if (!CBS_get_u24_length_prefixed(cbs, &handback)) {
574
37
            return nullptr;
575
37
          }
576
6.12k
          handback_.assign(CBS_data(&handback),
577
6.12k
                           CBS_data(&handback) + CBS_len(&handback));
578
6.12k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
579
6.12k
          break;
580
6.16k
        }
581
582
79.7k
        case kHintsTag: {
583
79.7k
          CBS hints;
584
79.7k
          if (!CBS_get_u24_length_prefixed(cbs, &hints)) {
585
154
            return nullptr;
586
154
          }
587
79.6k
          SSL_set_handshake_hints(ssl.get(), CBS_data(&hints), CBS_len(&hints));
588
79.6k
          break;
589
79.7k
        }
590
591
793
        default:
592
793
          return nullptr;
593
260k
      }
594
260k
    }
595
52.1k
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::SetupTest(cbs_st*)
Line
Count
Source
511
9.07k
  bssl::UniquePtr<SSL> SetupTest(CBS *cbs) {
512
    // |ctx| is shared between runs, so we must clear any modifications to it
513
    // made later on in this function.
514
9.07k
    SSL_CTX_flush_sessions(ctx_.get(), 0);
515
9.07k
    handoff_ = {};
516
9.07k
    handback_ = {};
517
518
9.07k
    bssl::UniquePtr<SSL> ssl(SSL_new(ctx_.get()));
519
9.07k
    if (role_ == kServer) {
520
9.07k
      SSL_set_accept_state(ssl.get());
521
9.07k
    } else {
522
0
      SSL_set_connect_state(ssl.get());
523
0
    }
524
525
55.1k
    for (;;) {
526
55.1k
      uint16_t tag;
527
55.1k
      if (!CBS_get_u16(cbs, &tag)) {
528
1.98k
        return nullptr;
529
1.98k
      }
530
53.1k
      switch (tag) {
531
4.92k
        case kDataTag:
532
4.92k
          return ssl;
533
534
18.6k
        case kSessionTag: {
535
18.6k
          CBS data;
536
18.6k
          if (!CBS_get_u24_length_prefixed(cbs, &data)) {
537
191
            return nullptr;
538
191
          }
539
18.4k
          bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
540
18.4k
              CBS_data(&data), CBS_len(&data), ctx_.get()));
541
18.4k
          if (!session) {
542
1.74k
            return nullptr;
543
1.74k
          }
544
545
16.7k
          if (role_ == kServer) {
546
16.7k
            SSL_CTX_add_session(ctx_.get(), session.get());
547
16.7k
          } else {
548
0
            SSL_set_session(ssl.get(), session.get());
549
0
          }
550
16.7k
          break;
551
18.4k
        }
552
553
5.37k
        case kRequestClientCert:
554
5.37k
          if (role_ == kClient) {
555
0
            return nullptr;
556
0
          }
557
5.37k
          SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);
558
5.37k
          break;
559
560
1.99k
        case kHandoffTag: {
561
1.99k
          CBS handoff;
562
1.99k
          if (!CBS_get_u24_length_prefixed(cbs, &handoff)) {
563
11
            return nullptr;
564
11
          }
565
1.98k
          handoff_.assign(CBS_data(&handoff),
566
1.98k
                          CBS_data(&handoff) + CBS_len(&handoff));
567
1.98k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
568
1.98k
          break;
569
1.99k
        }
570
571
550
        case kHandbackTag: {
572
550
          CBS handback;
573
550
          if (!CBS_get_u24_length_prefixed(cbs, &handback)) {
574
7
            return nullptr;
575
7
          }
576
543
          handback_.assign(CBS_data(&handback),
577
543
                           CBS_data(&handback) + CBS_len(&handback));
578
543
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
579
543
          break;
580
550
        }
581
582
21.4k
        case kHintsTag: {
583
21.4k
          CBS hints;
584
21.4k
          if (!CBS_get_u24_length_prefixed(cbs, &hints)) {
585
42
            return nullptr;
586
42
          }
587
21.3k
          SSL_set_handshake_hints(ssl.get(), CBS_data(&hints), CBS_len(&hints));
588
21.3k
          break;
589
21.4k
        }
590
591
164
        default:
592
164
          return nullptr;
593
53.1k
      }
594
53.1k
    }
595
9.07k
  }
dtls_client.cc:(anonymous namespace)::TLSFuzzer::SetupTest(cbs_st*)
Line
Count
Source
511
8.01k
  bssl::UniquePtr<SSL> SetupTest(CBS *cbs) {
512
    // |ctx| is shared between runs, so we must clear any modifications to it
513
    // made later on in this function.
514
8.01k
    SSL_CTX_flush_sessions(ctx_.get(), 0);
515
8.01k
    handoff_ = {};
516
8.01k
    handback_ = {};
517
518
8.01k
    bssl::UniquePtr<SSL> ssl(SSL_new(ctx_.get()));
519
8.01k
    if (role_ == kServer) {
520
0
      SSL_set_accept_state(ssl.get());
521
8.01k
    } else {
522
8.01k
      SSL_set_connect_state(ssl.get());
523
8.01k
    }
524
525
32.0k
    for (;;) {
526
32.0k
      uint16_t tag;
527
32.0k
      if (!CBS_get_u16(cbs, &tag)) {
528
319
        return nullptr;
529
319
      }
530
31.6k
      switch (tag) {
531
5.00k
        case kDataTag:
532
5.00k
          return ssl;
533
534
23.6k
        case kSessionTag: {
535
23.6k
          CBS data;
536
23.6k
          if (!CBS_get_u24_length_prefixed(cbs, &data)) {
537
222
            return nullptr;
538
222
          }
539
23.4k
          bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
540
23.4k
              CBS_data(&data), CBS_len(&data), ctx_.get()));
541
23.4k
          if (!session) {
542
2.37k
            return nullptr;
543
2.37k
          }
544
545
21.0k
          if (role_ == kServer) {
546
0
            SSL_CTX_add_session(ctx_.get(), session.get());
547
21.0k
          } else {
548
21.0k
            SSL_set_session(ssl.get(), session.get());
549
21.0k
          }
550
21.0k
          break;
551
23.4k
        }
552
553
2
        case kRequestClientCert:
554
2
          if (role_ == kClient) {
555
2
            return nullptr;
556
2
          }
557
0
          SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);
558
0
          break;
559
560
1.36k
        case kHandoffTag: {
561
1.36k
          CBS handoff;
562
1.36k
          if (!CBS_get_u24_length_prefixed(cbs, &handoff)) {
563
4
            return nullptr;
564
4
          }
565
1.36k
          handoff_.assign(CBS_data(&handoff),
566
1.36k
                          CBS_data(&handoff) + CBS_len(&handoff));
567
1.36k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
568
1.36k
          break;
569
1.36k
        }
570
571
945
        case kHandbackTag: {
572
945
          CBS handback;
573
945
          if (!CBS_get_u24_length_prefixed(cbs, &handback)) {
574
1
            return nullptr;
575
1
          }
576
944
          handback_.assign(CBS_data(&handback),
577
944
                           CBS_data(&handback) + CBS_len(&handback));
578
944
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
579
944
          break;
580
945
        }
581
582
638
        case kHintsTag: {
583
638
          CBS hints;
584
638
          if (!CBS_get_u24_length_prefixed(cbs, &hints)) {
585
2
            return nullptr;
586
2
          }
587
636
          SSL_set_handshake_hints(ssl.get(), CBS_data(&hints), CBS_len(&hints));
588
636
          break;
589
638
        }
590
591
86
        default:
592
86
          return nullptr;
593
31.6k
      }
594
31.6k
    }
595
8.01k
  }
dtls_server.cc:(anonymous namespace)::TLSFuzzer::SetupTest(cbs_st*)
Line
Count
Source
511
9.43k
  bssl::UniquePtr<SSL> SetupTest(CBS *cbs) {
512
    // |ctx| is shared between runs, so we must clear any modifications to it
513
    // made later on in this function.
514
9.43k
    SSL_CTX_flush_sessions(ctx_.get(), 0);
515
9.43k
    handoff_ = {};
516
9.43k
    handback_ = {};
517
518
9.43k
    bssl::UniquePtr<SSL> ssl(SSL_new(ctx_.get()));
519
9.43k
    if (role_ == kServer) {
520
9.43k
      SSL_set_accept_state(ssl.get());
521
9.43k
    } else {
522
0
      SSL_set_connect_state(ssl.get());
523
0
    }
524
525
34.8k
    for (;;) {
526
34.8k
      uint16_t tag;
527
34.8k
      if (!CBS_get_u16(cbs, &tag)) {
528
418
        return nullptr;
529
418
      }
530
34.4k
      switch (tag) {
531
6.34k
        case kDataTag:
532
6.34k
          return ssl;
533
534
23.3k
        case kSessionTag: {
535
23.3k
          CBS data;
536
23.3k
          if (!CBS_get_u24_length_prefixed(cbs, &data)) {
537
244
            return nullptr;
538
244
          }
539
23.0k
          bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
540
23.0k
              CBS_data(&data), CBS_len(&data), ctx_.get()));
541
23.0k
          if (!session) {
542
2.33k
            return nullptr;
543
2.33k
          }
544
545
20.7k
          if (role_ == kServer) {
546
20.7k
            SSL_CTX_add_session(ctx_.get(), session.get());
547
20.7k
          } else {
548
0
            SSL_set_session(ssl.get(), session.get());
549
0
          }
550
20.7k
          break;
551
23.0k
        }
552
553
1.41k
        case kRequestClientCert:
554
1.41k
          if (role_ == kClient) {
555
0
            return nullptr;
556
0
          }
557
1.41k
          SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);
558
1.41k
          break;
559
560
1.87k
        case kHandoffTag: {
561
1.87k
          CBS handoff;
562
1.87k
          if (!CBS_get_u24_length_prefixed(cbs, &handoff)) {
563
5
            return nullptr;
564
5
          }
565
1.86k
          handoff_.assign(CBS_data(&handoff),
566
1.86k
                          CBS_data(&handoff) + CBS_len(&handoff));
567
1.86k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
568
1.86k
          break;
569
1.87k
        }
570
571
858
        case kHandbackTag: {
572
858
          CBS handback;
573
858
          if (!CBS_get_u24_length_prefixed(cbs, &handback)) {
574
6
            return nullptr;
575
6
          }
576
852
          handback_.assign(CBS_data(&handback),
577
852
                           CBS_data(&handback) + CBS_len(&handback));
578
852
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
579
852
          break;
580
858
        }
581
582
566
        case kHintsTag: {
583
566
          CBS hints;
584
566
          if (!CBS_get_u24_length_prefixed(cbs, &hints)) {
585
2
            return nullptr;
586
2
          }
587
564
          SSL_set_handshake_hints(ssl.get(), CBS_data(&hints), CBS_len(&hints));
588
564
          break;
589
566
        }
590
591
94
        default:
592
94
          return nullptr;
593
34.4k
      }
594
34.4k
    }
595
9.43k
  }
server.cc:(anonymous namespace)::TLSFuzzer::SetupTest(cbs_st*)
Line
Count
Source
511
9.41k
  bssl::UniquePtr<SSL> SetupTest(CBS *cbs) {
512
    // |ctx| is shared between runs, so we must clear any modifications to it
513
    // made later on in this function.
514
9.41k
    SSL_CTX_flush_sessions(ctx_.get(), 0);
515
9.41k
    handoff_ = {};
516
9.41k
    handback_ = {};
517
518
9.41k
    bssl::UniquePtr<SSL> ssl(SSL_new(ctx_.get()));
519
9.41k
    if (role_ == kServer) {
520
9.41k
      SSL_set_accept_state(ssl.get());
521
9.41k
    } else {
522
0
      SSL_set_connect_state(ssl.get());
523
0
    }
524
525
56.8k
    for (;;) {
526
56.8k
      uint16_t tag;
527
56.8k
      if (!CBS_get_u16(cbs, &tag)) {
528
1.96k
        return nullptr;
529
1.96k
      }
530
54.8k
      switch (tag) {
531
5.45k
        case kDataTag:
532
5.45k
          return ssl;
533
534
24.3k
        case kSessionTag: {
535
24.3k
          CBS data;
536
24.3k
          if (!CBS_get_u24_length_prefixed(cbs, &data)) {
537
251
            return nullptr;
538
251
          }
539
24.0k
          bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
540
24.0k
              CBS_data(&data), CBS_len(&data), ctx_.get()));
541
24.0k
          if (!session) {
542
1.55k
            return nullptr;
543
1.55k
          }
544
545
22.5k
          if (role_ == kServer) {
546
22.5k
            SSL_CTX_add_session(ctx_.get(), session.get());
547
22.5k
          } else {
548
0
            SSL_set_session(ssl.get(), session.get());
549
0
          }
550
22.5k
          break;
551
24.0k
        }
552
553
2.20k
        case kRequestClientCert:
554
2.20k
          if (role_ == kClient) {
555
0
            return nullptr;
556
0
          }
557
2.20k
          SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);
558
2.20k
          break;
559
560
1.71k
        case kHandoffTag: {
561
1.71k
          CBS handoff;
562
1.71k
          if (!CBS_get_u24_length_prefixed(cbs, &handoff)) {
563
7
            return nullptr;
564
7
          }
565
1.71k
          handoff_.assign(CBS_data(&handoff),
566
1.71k
                          CBS_data(&handoff) + CBS_len(&handoff));
567
1.71k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
568
1.71k
          break;
569
1.71k
        }
570
571
1.27k
        case kHandbackTag: {
572
1.27k
          CBS handback;
573
1.27k
          if (!CBS_get_u24_length_prefixed(cbs, &handback)) {
574
6
            return nullptr;
575
6
          }
576
1.26k
          handback_.assign(CBS_data(&handback),
577
1.26k
                           CBS_data(&handback) + CBS_len(&handback));
578
1.26k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
579
1.26k
          break;
580
1.27k
        }
581
582
19.7k
        case kHintsTag: {
583
19.7k
          CBS hints;
584
19.7k
          if (!CBS_get_u24_length_prefixed(cbs, &hints)) {
585
29
            return nullptr;
586
29
          }
587
19.7k
          SSL_set_handshake_hints(ssl.get(), CBS_data(&hints), CBS_len(&hints));
588
19.7k
          break;
589
19.7k
        }
590
591
151
        default:
592
151
          return nullptr;
593
54.8k
      }
594
54.8k
    }
595
9.41k
  }
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::SetupTest(cbs_st*)
Line
Count
Source
511
7.80k
  bssl::UniquePtr<SSL> SetupTest(CBS *cbs) {
512
    // |ctx| is shared between runs, so we must clear any modifications to it
513
    // made later on in this function.
514
7.80k
    SSL_CTX_flush_sessions(ctx_.get(), 0);
515
7.80k
    handoff_ = {};
516
7.80k
    handback_ = {};
517
518
7.80k
    bssl::UniquePtr<SSL> ssl(SSL_new(ctx_.get()));
519
7.80k
    if (role_ == kServer) {
520
0
      SSL_set_accept_state(ssl.get());
521
7.80k
    } else {
522
7.80k
      SSL_set_connect_state(ssl.get());
523
7.80k
    }
524
525
52.6k
    for (;;) {
526
52.6k
      uint16_t tag;
527
52.6k
      if (!CBS_get_u16(cbs, &tag)) {
528
1.78k
        return nullptr;
529
1.78k
      }
530
50.9k
      switch (tag) {
531
3.77k
        case kDataTag:
532
3.77k
          return ssl;
533
534
22.6k
        case kSessionTag: {
535
22.6k
          CBS data;
536
22.6k
          if (!CBS_get_u24_length_prefixed(cbs, &data)) {
537
192
            return nullptr;
538
192
          }
539
22.4k
          bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
540
22.4k
              CBS_data(&data), CBS_len(&data), ctx_.get()));
541
22.4k
          if (!session) {
542
1.84k
            return nullptr;
543
1.84k
          }
544
545
20.6k
          if (role_ == kServer) {
546
0
            SSL_CTX_add_session(ctx_.get(), session.get());
547
20.6k
          } else {
548
20.6k
            SSL_set_session(ssl.get(), session.get());
549
20.6k
          }
550
20.6k
          break;
551
22.4k
        }
552
553
2
        case kRequestClientCert:
554
2
          if (role_ == kClient) {
555
2
            return nullptr;
556
2
          }
557
0
          SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);
558
0
          break;
559
560
2.54k
        case kHandoffTag: {
561
2.54k
          CBS handoff;
562
2.54k
          if (!CBS_get_u24_length_prefixed(cbs, &handoff)) {
563
11
            return nullptr;
564
11
          }
565
2.53k
          handoff_.assign(CBS_data(&handoff),
566
2.53k
                          CBS_data(&handoff) + CBS_len(&handoff));
567
2.53k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
568
2.53k
          break;
569
2.54k
        }
570
571
653
        case kHandbackTag: {
572
653
          CBS handback;
573
653
          if (!CBS_get_u24_length_prefixed(cbs, &handback)) {
574
7
            return nullptr;
575
7
          }
576
646
          handback_.assign(CBS_data(&handback),
577
646
                           CBS_data(&handback) + CBS_len(&handback));
578
646
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
579
646
          break;
580
653
        }
581
582
21.1k
        case kHintsTag: {
583
21.1k
          CBS hints;
584
21.1k
          if (!CBS_get_u24_length_prefixed(cbs, &hints)) {
585
35
            return nullptr;
586
35
          }
587
21.0k
          SSL_set_handshake_hints(ssl.get(), CBS_data(&hints), CBS_len(&hints));
588
21.0k
          break;
589
21.1k
        }
590
591
151
        default:
592
151
          return nullptr;
593
50.9k
      }
594
50.9k
    }
595
7.80k
  }
client.cc:(anonymous namespace)::TLSFuzzer::SetupTest(cbs_st*)
Line
Count
Source
511
8.40k
  bssl::UniquePtr<SSL> SetupTest(CBS *cbs) {
512
    // |ctx| is shared between runs, so we must clear any modifications to it
513
    // made later on in this function.
514
8.40k
    SSL_CTX_flush_sessions(ctx_.get(), 0);
515
8.40k
    handoff_ = {};
516
8.40k
    handback_ = {};
517
518
8.40k
    bssl::UniquePtr<SSL> ssl(SSL_new(ctx_.get()));
519
8.40k
    if (role_ == kServer) {
520
0
      SSL_set_accept_state(ssl.get());
521
8.40k
    } else {
522
8.40k
      SSL_set_connect_state(ssl.get());
523
8.40k
    }
524
525
36.7k
    for (;;) {
526
36.7k
      uint16_t tag;
527
36.7k
      if (!CBS_get_u16(cbs, &tag)) {
528
1.61k
        return nullptr;
529
1.61k
      }
530
35.1k
      switch (tag) {
531
4.66k
        case kDataTag:
532
4.66k
          return ssl;
533
534
11.6k
        case kSessionTag: {
535
11.6k
          CBS data;
536
11.6k
          if (!CBS_get_u24_length_prefixed(cbs, &data)) {
537
217
            return nullptr;
538
217
          }
539
11.4k
          bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
540
11.4k
              CBS_data(&data), CBS_len(&data), ctx_.get()));
541
11.4k
          if (!session) {
542
1.69k
            return nullptr;
543
1.69k
          }
544
545
9.71k
          if (role_ == kServer) {
546
0
            SSL_CTX_add_session(ctx_.get(), session.get());
547
9.71k
          } else {
548
9.71k
            SSL_set_session(ssl.get(), session.get());
549
9.71k
          }
550
9.71k
          break;
551
11.4k
        }
552
553
1
        case kRequestClientCert:
554
1
          if (role_ == kClient) {
555
1
            return nullptr;
556
1
          }
557
0
          SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);
558
0
          break;
559
560
507
        case kHandoffTag: {
561
507
          CBS handoff;
562
507
          if (!CBS_get_u24_length_prefixed(cbs, &handoff)) {
563
8
            return nullptr;
564
8
          }
565
499
          handoff_.assign(CBS_data(&handoff),
566
499
                          CBS_data(&handoff) + CBS_len(&handoff));
567
499
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
568
499
          break;
569
507
        }
570
571
1.88k
        case kHandbackTag: {
572
1.88k
          CBS handback;
573
1.88k
          if (!CBS_get_u24_length_prefixed(cbs, &handback)) {
574
10
            return nullptr;
575
10
          }
576
1.87k
          handback_.assign(CBS_data(&handback),
577
1.87k
                           CBS_data(&handback) + CBS_len(&handback));
578
1.87k
          bssl::SSL_set_handoff_mode(ssl.get(), 1);
579
1.87k
          break;
580
1.88k
        }
581
582
16.2k
        case kHintsTag: {
583
16.2k
          CBS hints;
584
16.2k
          if (!CBS_get_u24_length_prefixed(cbs, &hints)) {
585
44
            return nullptr;
586
44
          }
587
16.2k
          SSL_set_handshake_hints(ssl.get(), CBS_data(&hints), CBS_len(&hints));
588
16.2k
          break;
589
16.2k
        }
590
591
147
        default:
592
147
          return nullptr;
593
35.1k
      }
594
35.1k
    }
595
8.40k
  }
596
597
  struct BIOData {
598
    Protocol protocol;
599
    CBS cbs;
600
  };
601
602
30.1k
  bssl::UniquePtr<BIO> MakeBIO(const uint8_t *in, size_t len) {
603
30.1k
    BIOData *b = new BIOData;
604
30.1k
    b->protocol = protocol_;
605
30.1k
    CBS_init(&b->cbs, in, len);
606
607
30.1k
    bssl::UniquePtr<BIO> bio(BIO_new(BIOMethod()));
608
30.1k
    BIO_set_init(bio.get(), 1);
609
30.1k
    BIO_set_data(bio.get(), b);
610
30.1k
    return bio;
611
30.1k
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::MakeBIO(unsigned char const*, unsigned long)
Line
Count
Source
602
4.92k
  bssl::UniquePtr<BIO> MakeBIO(const uint8_t *in, size_t len) {
603
4.92k
    BIOData *b = new BIOData;
604
4.92k
    b->protocol = protocol_;
605
4.92k
    CBS_init(&b->cbs, in, len);
606
607
4.92k
    bssl::UniquePtr<BIO> bio(BIO_new(BIOMethod()));
608
4.92k
    BIO_set_init(bio.get(), 1);
609
4.92k
    BIO_set_data(bio.get(), b);
610
4.92k
    return bio;
611
4.92k
  }
dtls_client.cc:(anonymous namespace)::TLSFuzzer::MakeBIO(unsigned char const*, unsigned long)
Line
Count
Source
602
5.00k
  bssl::UniquePtr<BIO> MakeBIO(const uint8_t *in, size_t len) {
603
5.00k
    BIOData *b = new BIOData;
604
5.00k
    b->protocol = protocol_;
605
5.00k
    CBS_init(&b->cbs, in, len);
606
607
5.00k
    bssl::UniquePtr<BIO> bio(BIO_new(BIOMethod()));
608
5.00k
    BIO_set_init(bio.get(), 1);
609
5.00k
    BIO_set_data(bio.get(), b);
610
5.00k
    return bio;
611
5.00k
  }
dtls_server.cc:(anonymous namespace)::TLSFuzzer::MakeBIO(unsigned char const*, unsigned long)
Line
Count
Source
602
6.34k
  bssl::UniquePtr<BIO> MakeBIO(const uint8_t *in, size_t len) {
603
6.34k
    BIOData *b = new BIOData;
604
6.34k
    b->protocol = protocol_;
605
6.34k
    CBS_init(&b->cbs, in, len);
606
607
6.34k
    bssl::UniquePtr<BIO> bio(BIO_new(BIOMethod()));
608
6.34k
    BIO_set_init(bio.get(), 1);
609
6.34k
    BIO_set_data(bio.get(), b);
610
6.34k
    return bio;
611
6.34k
  }
server.cc:(anonymous namespace)::TLSFuzzer::MakeBIO(unsigned char const*, unsigned long)
Line
Count
Source
602
5.45k
  bssl::UniquePtr<BIO> MakeBIO(const uint8_t *in, size_t len) {
603
5.45k
    BIOData *b = new BIOData;
604
5.45k
    b->protocol = protocol_;
605
5.45k
    CBS_init(&b->cbs, in, len);
606
607
5.45k
    bssl::UniquePtr<BIO> bio(BIO_new(BIOMethod()));
608
5.45k
    BIO_set_init(bio.get(), 1);
609
5.45k
    BIO_set_data(bio.get(), b);
610
5.45k
    return bio;
611
5.45k
  }
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::MakeBIO(unsigned char const*, unsigned long)
Line
Count
Source
602
3.77k
  bssl::UniquePtr<BIO> MakeBIO(const uint8_t *in, size_t len) {
603
3.77k
    BIOData *b = new BIOData;
604
3.77k
    b->protocol = protocol_;
605
3.77k
    CBS_init(&b->cbs, in, len);
606
607
3.77k
    bssl::UniquePtr<BIO> bio(BIO_new(BIOMethod()));
608
3.77k
    BIO_set_init(bio.get(), 1);
609
3.77k
    BIO_set_data(bio.get(), b);
610
3.77k
    return bio;
611
3.77k
  }
client.cc:(anonymous namespace)::TLSFuzzer::MakeBIO(unsigned char const*, unsigned long)
Line
Count
Source
602
4.66k
  bssl::UniquePtr<BIO> MakeBIO(const uint8_t *in, size_t len) {
603
4.66k
    BIOData *b = new BIOData;
604
4.66k
    b->protocol = protocol_;
605
4.66k
    CBS_init(&b->cbs, in, len);
606
607
4.66k
    bssl::UniquePtr<BIO> bio(BIO_new(BIOMethod()));
608
4.66k
    BIO_set_init(bio.get(), 1);
609
4.66k
    BIO_set_data(bio.get(), b);
610
4.66k
    return bio;
611
4.66k
  }
612
613
1.16M
  static int BIORead(BIO *bio, char *out, int len) {
614
1.16M
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
615
1.16M
    if (b->protocol == kTLS) {
616
994k
      len = std::min(static_cast<size_t>(len), CBS_len(&b->cbs));
617
994k
      memcpy(out, CBS_data(&b->cbs), len);
618
994k
      CBS_skip(&b->cbs, len);
619
994k
      return len;
620
994k
    }
621
622
    // Preserve packet boundaries for DTLS.
623
170k
    CBS packet;
624
170k
    if (!CBS_get_u24_length_prefixed(&b->cbs, &packet)) {
625
6.67k
      return -1;
626
6.67k
    }
627
163k
    len = std::min(static_cast<size_t>(len), CBS_len(&packet));
628
163k
    memcpy(out, CBS_data(&packet), len);
629
163k
    return len;
630
170k
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::BIORead(bio_st*, char*, int)
Line
Count
Source
613
121k
  static int BIORead(BIO *bio, char *out, int len) {
614
121k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
615
121k
    if (b->protocol == kTLS) {
616
121k
      len = std::min(static_cast<size_t>(len), CBS_len(&b->cbs));
617
121k
      memcpy(out, CBS_data(&b->cbs), len);
618
121k
      CBS_skip(&b->cbs, len);
619
121k
      return len;
620
121k
    }
621
622
    // Preserve packet boundaries for DTLS.
623
0
    CBS packet;
624
0
    if (!CBS_get_u24_length_prefixed(&b->cbs, &packet)) {
625
0
      return -1;
626
0
    }
627
0
    len = std::min(static_cast<size_t>(len), CBS_len(&packet));
628
0
    memcpy(out, CBS_data(&packet), len);
629
0
    return len;
630
0
  }
dtls_client.cc:(anonymous namespace)::TLSFuzzer::BIORead(bio_st*, char*, int)
Line
Count
Source
613
73.5k
  static int BIORead(BIO *bio, char *out, int len) {
614
73.5k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
615
73.5k
    if (b->protocol == kTLS) {
616
0
      len = std::min(static_cast<size_t>(len), CBS_len(&b->cbs));
617
0
      memcpy(out, CBS_data(&b->cbs), len);
618
0
      CBS_skip(&b->cbs, len);
619
0
      return len;
620
0
    }
621
622
    // Preserve packet boundaries for DTLS.
623
73.5k
    CBS packet;
624
73.5k
    if (!CBS_get_u24_length_prefixed(&b->cbs, &packet)) {
625
2.53k
      return -1;
626
2.53k
    }
627
71.0k
    len = std::min(static_cast<size_t>(len), CBS_len(&packet));
628
71.0k
    memcpy(out, CBS_data(&packet), len);
629
71.0k
    return len;
630
73.5k
  }
dtls_server.cc:(anonymous namespace)::TLSFuzzer::BIORead(bio_st*, char*, int)
Line
Count
Source
613
96.6k
  static int BIORead(BIO *bio, char *out, int len) {
614
96.6k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
615
96.6k
    if (b->protocol == kTLS) {
616
0
      len = std::min(static_cast<size_t>(len), CBS_len(&b->cbs));
617
0
      memcpy(out, CBS_data(&b->cbs), len);
618
0
      CBS_skip(&b->cbs, len);
619
0
      return len;
620
0
    }
621
622
    // Preserve packet boundaries for DTLS.
623
96.6k
    CBS packet;
624
96.6k
    if (!CBS_get_u24_length_prefixed(&b->cbs, &packet)) {
625
4.14k
      return -1;
626
4.14k
    }
627
92.4k
    len = std::min(static_cast<size_t>(len), CBS_len(&packet));
628
92.4k
    memcpy(out, CBS_data(&packet), len);
629
92.4k
    return len;
630
96.6k
  }
server.cc:(anonymous namespace)::TLSFuzzer::BIORead(bio_st*, char*, int)
Line
Count
Source
613
79.0k
  static int BIORead(BIO *bio, char *out, int len) {
614
79.0k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
615
79.0k
    if (b->protocol == kTLS) {
616
79.0k
      len = std::min(static_cast<size_t>(len), CBS_len(&b->cbs));
617
79.0k
      memcpy(out, CBS_data(&b->cbs), len);
618
79.0k
      CBS_skip(&b->cbs, len);
619
79.0k
      return len;
620
79.0k
    }
621
622
    // Preserve packet boundaries for DTLS.
623
0
    CBS packet;
624
0
    if (!CBS_get_u24_length_prefixed(&b->cbs, &packet)) {
625
0
      return -1;
626
0
    }
627
0
    len = std::min(static_cast<size_t>(len), CBS_len(&packet));
628
0
    memcpy(out, CBS_data(&packet), len);
629
0
    return len;
630
0
  }
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::BIORead(bio_st*, char*, int)
Line
Count
Source
613
152k
  static int BIORead(BIO *bio, char *out, int len) {
614
152k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
615
152k
    if (b->protocol == kTLS) {
616
152k
      len = std::min(static_cast<size_t>(len), CBS_len(&b->cbs));
617
152k
      memcpy(out, CBS_data(&b->cbs), len);
618
152k
      CBS_skip(&b->cbs, len);
619
152k
      return len;
620
152k
    }
621
622
    // Preserve packet boundaries for DTLS.
623
0
    CBS packet;
624
0
    if (!CBS_get_u24_length_prefixed(&b->cbs, &packet)) {
625
0
      return -1;
626
0
    }
627
0
    len = std::min(static_cast<size_t>(len), CBS_len(&packet));
628
0
    memcpy(out, CBS_data(&packet), len);
629
0
    return len;
630
0
  }
client.cc:(anonymous namespace)::TLSFuzzer::BIORead(bio_st*, char*, int)
Line
Count
Source
613
641k
  static int BIORead(BIO *bio, char *out, int len) {
614
641k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
615
641k
    if (b->protocol == kTLS) {
616
641k
      len = std::min(static_cast<size_t>(len), CBS_len(&b->cbs));
617
641k
      memcpy(out, CBS_data(&b->cbs), len);
618
641k
      CBS_skip(&b->cbs, len);
619
641k
      return len;
620
641k
    }
621
622
    // Preserve packet boundaries for DTLS.
623
0
    CBS packet;
624
0
    if (!CBS_get_u24_length_prefixed(&b->cbs, &packet)) {
625
0
      return -1;
626
0
    }
627
0
    len = std::min(static_cast<size_t>(len), CBS_len(&packet));
628
0
    memcpy(out, CBS_data(&packet), len);
629
0
    return len;
630
0
  }
631
632
30.1k
  static int BIODestroy(BIO *bio) {
633
30.1k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
634
30.1k
    delete b;
635
30.1k
    return 1;
636
30.1k
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::BIODestroy(bio_st*)
Line
Count
Source
632
4.92k
  static int BIODestroy(BIO *bio) {
633
4.92k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
634
4.92k
    delete b;
635
4.92k
    return 1;
636
4.92k
  }
dtls_client.cc:(anonymous namespace)::TLSFuzzer::BIODestroy(bio_st*)
Line
Count
Source
632
5.00k
  static int BIODestroy(BIO *bio) {
633
5.00k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
634
5.00k
    delete b;
635
5.00k
    return 1;
636
5.00k
  }
dtls_server.cc:(anonymous namespace)::TLSFuzzer::BIODestroy(bio_st*)
Line
Count
Source
632
6.34k
  static int BIODestroy(BIO *bio) {
633
6.34k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
634
6.34k
    delete b;
635
6.34k
    return 1;
636
6.34k
  }
server.cc:(anonymous namespace)::TLSFuzzer::BIODestroy(bio_st*)
Line
Count
Source
632
5.45k
  static int BIODestroy(BIO *bio) {
633
5.45k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
634
5.45k
    delete b;
635
5.45k
    return 1;
636
5.45k
  }
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::BIODestroy(bio_st*)
Line
Count
Source
632
3.77k
  static int BIODestroy(BIO *bio) {
633
3.77k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
634
3.77k
    delete b;
635
3.77k
    return 1;
636
3.77k
  }
client.cc:(anonymous namespace)::TLSFuzzer::BIODestroy(bio_st*)
Line
Count
Source
632
4.66k
  static int BIODestroy(BIO *bio) {
633
4.66k
    BIOData *b = reinterpret_cast<BIOData *>(BIO_get_data(bio));
634
4.66k
    delete b;
635
4.66k
    return 1;
636
4.66k
  }
637
638
30.1k
  static const BIO_METHOD *BIOMethod() {
639
30.1k
    static const BIO_METHOD *method = [] {
640
6
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
6
      BSSL_CHECK(ret);
642
6
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
6
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
6
      return ret;
645
6
    }();
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()::{lambda()#1}::operator()() const
Line
Count
Source
639
1
    static const BIO_METHOD *method = [] {
640
1
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
1
      BSSL_CHECK(ret);
642
1
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
1
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
1
      return ret;
645
1
    }();
dtls_client.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()::{lambda()#1}::operator()() const
Line
Count
Source
639
1
    static const BIO_METHOD *method = [] {
640
1
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
1
      BSSL_CHECK(ret);
642
1
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
1
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
1
      return ret;
645
1
    }();
dtls_server.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()::{lambda()#1}::operator()() const
Line
Count
Source
639
1
    static const BIO_METHOD *method = [] {
640
1
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
1
      BSSL_CHECK(ret);
642
1
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
1
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
1
      return ret;
645
1
    }();
server.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()::{lambda()#1}::operator()() const
Line
Count
Source
639
1
    static const BIO_METHOD *method = [] {
640
1
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
1
      BSSL_CHECK(ret);
642
1
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
1
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
1
      return ret;
645
1
    }();
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()::{lambda()#1}::operator()() const
Line
Count
Source
639
1
    static const BIO_METHOD *method = [] {
640
1
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
1
      BSSL_CHECK(ret);
642
1
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
1
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
1
      return ret;
645
1
    }();
client.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()::{lambda()#1}::operator()() const
Line
Count
Source
639
1
    static const BIO_METHOD *method = [] {
640
1
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
1
      BSSL_CHECK(ret);
642
1
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
1
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
1
      return ret;
645
1
    }();
646
30.1k
    return method;
647
30.1k
  }
server_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()
Line
Count
Source
638
4.92k
  static const BIO_METHOD *BIOMethod() {
639
4.92k
    static const BIO_METHOD *method = [] {
640
4.92k
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
4.92k
      BSSL_CHECK(ret);
642
4.92k
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
4.92k
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
4.92k
      return ret;
645
4.92k
    }();
646
4.92k
    return method;
647
4.92k
  }
dtls_client.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()
Line
Count
Source
638
5.00k
  static const BIO_METHOD *BIOMethod() {
639
5.00k
    static const BIO_METHOD *method = [] {
640
5.00k
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
5.00k
      BSSL_CHECK(ret);
642
5.00k
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
5.00k
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
5.00k
      return ret;
645
5.00k
    }();
646
5.00k
    return method;
647
5.00k
  }
dtls_server.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()
Line
Count
Source
638
6.34k
  static const BIO_METHOD *BIOMethod() {
639
6.34k
    static const BIO_METHOD *method = [] {
640
6.34k
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
6.34k
      BSSL_CHECK(ret);
642
6.34k
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
6.34k
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
6.34k
      return ret;
645
6.34k
    }();
646
6.34k
    return method;
647
6.34k
  }
server.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()
Line
Count
Source
638
5.45k
  static const BIO_METHOD *BIOMethod() {
639
5.45k
    static const BIO_METHOD *method = [] {
640
5.45k
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
5.45k
      BSSL_CHECK(ret);
642
5.45k
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
5.45k
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
5.45k
      return ret;
645
5.45k
    }();
646
5.45k
    return method;
647
5.45k
  }
client_no_fuzzer_mode.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()
Line
Count
Source
638
3.77k
  static const BIO_METHOD *BIOMethod() {
639
3.77k
    static const BIO_METHOD *method = [] {
640
3.77k
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
3.77k
      BSSL_CHECK(ret);
642
3.77k
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
3.77k
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
3.77k
      return ret;
645
3.77k
    }();
646
3.77k
    return method;
647
3.77k
  }
client.cc:(anonymous namespace)::TLSFuzzer::BIOMethod()
Line
Count
Source
638
4.66k
  static const BIO_METHOD *BIOMethod() {
639
4.66k
    static const BIO_METHOD *method = [] {
640
4.66k
      BIO_METHOD *ret = BIO_meth_new(0, nullptr);
641
4.66k
      BSSL_CHECK(ret);
642
4.66k
      BSSL_CHECK(BIO_meth_set_read(ret, BIORead));
643
4.66k
      BSSL_CHECK(BIO_meth_set_destroy(ret, BIODestroy));
644
4.66k
      return ret;
645
4.66k
    }();
646
4.66k
    return method;
647
4.66k
  }
648
649
  bool debug_;
650
  Protocol protocol_;
651
  Role role_;
652
  bssl::UniquePtr<SSL_CTX> ctx_;
653
  std::vector<uint8_t> handoff_, handback_;
654
};
655
656
}  // namespace
657
658
659
#endif  // HEADER_SSL_TEST_FUZZER