/src/botan/src/fuzzer/tls_server.cpp

Source (jump to first uncovered line)
/*
* (C) 2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "fuzzers.h"
#include <botan/tls_server.h>
#include <botan/data_src.h>

const char* fixed_rsa_key =
   "-----BEGIN PRIVATE KEY-----\n"
   "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCe6qqpMQVJ7zCJ\n"
   "oSnpxia0yO6M7Ie3FGqPcd0DzueC+kWPvuHQ+PpP5vfO6qqRaDVII37PFX5NUZQm\n"
   "GK/rAm7spjIHTCMgqSZ8pN13LU8m1gDwIdu9al16LXN9zZjB67uLlFn2trtLi234\n"
   "i0cnyeF8IC0cz7tgCOzMSVEBcqJjkdgGrZ3WUgOXecVm2lXVrYlEiaSxFp4VOE9k\n"
   "RFeVrELCjmNtc4hRd1yJsF+vObCtvyqGYQE1Qcb0MVSQDBHMkiUVmO6zuW7td5ef\n"
   "O/1OyntQJGyVa+SnWbkSLCybta2J7MreHENrF5GA0K1KL140SNRHeWifRMuNQua7\n"
   "qmKXMBTFAgMBAAECggEAIk3fxyQI0zvpy1vZ01ft1QqmzA7nAPNMSWi33/GS8iga\n"
   "SfxXfKeySPs/tQ/dAARxs//NiOBH4mLgyxR7LQzaawU5OXALCSraXv+ruuUx990s\n"
   "WKnGaG4EfbJAAwEVn47Gbkv425P4fEc91vAhzQn8PbIoatbAyOtESpjs/pYDTeC/\n"
   "mnJId8gqO90cqyRECEMjk9sQ8iEjWPlik4ayGlUVbeeMu6/pJ9F8IZEgkLZiNDAB\n"
   "4anmOFaT7EmqUjI4IlcaqfbbXyDXlvWUYukidEss+CNvPuqbQHBDnpFVvBxdDR2N\n"
   "Uj2D5Xd5blcIe2/+1IVRnznjoQ5zvutzb7ThBmMehQKBgQDOITKG0ht2kXLxjVoR\n"
   "r/pVpx+f3hs3H7wE0+vrLHoQgkVjpMWXQ47YuZTT9rCOOYNI2cMoH2D27t1j78/B\n"
   "9kGYABUVpvQQ+6amqJDI1eYI6e68TPueEDjeALfSCdmPNiI3lZZrCIK9XLpkoy8K\n"
   "tGYBRRJ+JJxjj1zPXj9SGshPgwKBgQDFXUtoxY3mCStH3+0b1qxGG9r1L5goHEmd\n"
   "Am8WBYDheNpL0VqPNzouhuM/ZWMGyyAs/py6aLATe+qhR1uX5vn7LVZwjCSONZ4j\n"
   "7ieEEUh1BHetPI1oI5PxgokRYfVuckotqVseanI/536Er3Yf2FXNQ1/ceVp9WykX\n"
   "3mYTKMhQFwKBgQDKakcXpZNaZ5IcKdZcsBZ/rdGcR5sqEnursf9lvRNQytwg8Vkn\n"
   "JSxNHlBLpV/TCh8lltHRwJ6TXhUBYij+KzhWbx5FWOErHDOWTMmArqtp7W6GcoJT\n"
   "wVJWjxXzp8CApYQMWVSQXpckJL7UvHohZO0WKiHyxTjde5aD++TqV2qEyQKBgBbD\n"
   "jvoTpy08K4DLxCZs2Uvw1I1pIuylbpwsdrGciuP2s38BM6fHH+/T4Qwj3osfDKQD\n"
   "7gHWJ1Dn/wUBHQBlRLoC3bB3iZPZfVb5lhc2gxv0GvWhQVIcoGi/vJ2DpfJKPmIL\n"
   "4ZWdg3X5dm9JaZ98rVDSj5D3ckd5J0E4hp95GbmbAoGBAJJHM4O9lx60tIjw9Sf/\n"
   "QmKWyUk0NLnt8DcgRMW7fVxtzPNDy9DBKGIkDdWZ2s+ForICA3C9WSxBC1EOEHGG\n"
   "xkg2xKt66CeutGroP6M191mHQrRClt1VbEYzQFX21BCk5kig9i/BURyoTHtFiV+t\n"
   "kbf4VLg8Vk9u/R3RU1HsYWhe\n"
   "-----END PRIVATE KEY-----\n";

const char* fixed_rsa_cert =
   "-----BEGIN CERTIFICATE-----\n"
   "MIIDUDCCAjgCCQD7pIb1ZsoafjANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJW\n"
   "VDEQMA4GA1UECAwHVmVybW9udDEWMBQGA1UEBwwNVGhlIEludGVybmV0czEUMBIG\n"
   "A1UECgwLTWFuZ29zIFIgVXMxGzAZBgNVBAMMEnNlcnZlci5leGFtcGxlLmNvbTAe\n"
   "Fw0xNjAxMDYxNzQ3MjNaFw0yNjAxMDMxNzQ3MjNaMGoxCzAJBgNVBAYTAlZUMRAw\n"
   "DgYDVQQIDAdWZXJtb250MRYwFAYDVQQHDA1UaGUgSW50ZXJuZXRzMRQwEgYDVQQK\n"
   "DAtNYW5nb3MgUiBVczEbMBkGA1UEAwwSc2VydmVyLmV4YW1wbGUuY29tMIIBIjAN\n"
   "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuqqqTEFSe8wiaEp6cYmtMjujOyH\n"
   "txRqj3HdA87ngvpFj77h0Pj6T+b3zuqqkWg1SCN+zxV+TVGUJhiv6wJu7KYyB0wj\n"
   "IKkmfKTddy1PJtYA8CHbvWpdei1zfc2Yweu7i5RZ9ra7S4tt+ItHJ8nhfCAtHM+7\n"
   "YAjszElRAXKiY5HYBq2d1lIDl3nFZtpV1a2JRImksRaeFThPZERXlaxCwo5jbXOI\n"
   "UXdcibBfrzmwrb8qhmEBNUHG9DFUkAwRzJIlFZjus7lu7XeXnzv9Tsp7UCRslWvk\n"
   "p1m5Eiwsm7WtiezK3hxDaxeRgNCtSi9eNEjUR3lon0TLjULmu6pilzAUxQIDAQAB\n"
   "MA0GCSqGSIb3DQEBCwUAA4IBAQA1eZGc/4V7z/E/6eG0hVkzoAZeuTcSP7WqBSx+\n"
   "OP2yh0163UYjoa6nehmkKYQQ9PbYPZGzIcl+dBFyYzy6jcp0NdtzpWnTFrjl4rMq\n"
   "akcQ1D0LTYjJXVP9G/vF/SvatOFeVTnQmLlLt/a8ZtRUINqejeZZPzH8ifzFW6tu\n"
   "mlhTVIEKyPHpxClh5Y3ubw/mZYygekFTqMkTx3FwJxKU8J6rYGZxanWAODUIvCUo\n"
   "Fxer1qC5Love3uWl3vXPLEZWZdORnExSRByzz2immBP2vX4zYZoeZRhTQ9ae1TIV\n"
   "Dk02a/1AOJZdZReDbgXhlqaUx5pk/rzo4mDzvu5HSCeXmClz\n"
   "-----END CERTIFICATE-----\n";

class Fuzzer_TLS_Server_Creds : public Botan::Credentials_Manager
   {
   public:
      Fuzzer_TLS_Server_Creds()
         {
         Botan::DataSource_Memory cert_in(fixed_rsa_cert);
         Botan::DataSource_Memory key_in(fixed_rsa_key);

         m_rsa_cert.reset(new Botan::X509_Certificate(cert_in));
         //m_rsa_key.reset(Botan::PKCS8::load_key(key_in, fuzzer_rng());
         }

      std::vector<Botan::X509_Certificate> cert_chain(
         const std::vector<std::string>& algos,
         const std::string& /*type*/,
         const std::string& /*hostname*/) override
         {
         std::vector<Botan::X509_Certificate> v;

         for(auto algo : algos)
            {
            if(algo == "RSA")
               {
               v.push_back(*m_rsa_cert);
               break;
               }
            }

         return v;
         }

      Botan::Private_Key* private_key_for(const Botan::X509_Certificate& /*cert*/,
                                          const std::string& /*type*/,
                                          const std::string& /*context*/) override
         {
         return m_rsa_key.get();
         }

      std::string psk_identity_hint(const std::string&, const std::string&) override { return "psk_hint"; }
      std::string psk_identity(const std::string&, const std::string&, const std::string&) override { return "psk_id"; }
      Botan::SymmetricKey psk(const std::string&, const std::string&, const std::string&) override
         {
         return Botan::SymmetricKey("AABBCCDDEEFF00112233445566778899");
         }
   private:
      std::unique_ptr<Botan::X509_Certificate> m_rsa_cert;
      std::unique_ptr<Botan::Private_Key> m_rsa_key;
   };

class Fuzzer_TLS_Policy : public Botan::TLS::Policy
   {
   public:
      std::vector<uint16_t> ciphersuite_list(Botan::TLS::Protocol_Version version,
                                             bool have_srp) const
         {
         std::vector<uint16_t> ciphersuites;

         for(auto&& suite : Botan::TLS::Ciphersuite::all_known_ciphersuites())
            {
            if(suite.valid() == false)
               continue;

            // Are we doing SRP?
            if(!have_srp && suite.kex_method() == Botan::TLS::Kex_Algo::SRP_SHA)
               continue;

            if(!version.supports_aead_modes())
               {
               // Are we doing AEAD in a non-AEAD version?
               if(suite.mac_algo() == "AEAD")
                  continue;

               // Older (v1.0/v1.1) versions also do not support any hash but SHA-1
               if(suite.mac_algo() != "SHA-1")
                  continue;
               }

            ciphersuites.push_back(suite.ciphersuite_code());
            }

         return ciphersuites;
         }
   };

class Fuzzer_TLS_Server_Callbacks : public Botan::TLS::Callbacks
   {
   public:
       void tls_emit_data(const uint8_t[], size_t) override
         {
         // discard
         }

      void tls_record_received(uint64_t, const uint8_t[], size_t) override
         {
         // ignore peer data
         }

      void tls_alert(Botan::TLS::Alert) override
         {
         // ignore alert
         }

      bool tls_session_established(const Botan::TLS::Session&) override
         {
         return true; // cache it
         }

      std::string tls_server_choose_app_protocol(const std::vector<std::string>& client_protos) override
         {
         if(client_protos.size() > 1)
            return client_protos[0];
         else
            return "fuzzy";
         }

      void tls_verify_cert_chain(
         const std::vector<Botan::X509_Certificate>& cert_chain,
         const std::vector<std::shared_ptr<const Botan::OCSP::Response>>& ocsp_responses,
         const std::vector<Botan::Certificate_Store*>& trusted_roots,
         Botan::Usage_Type usage,
         const std::string& hostname,
         const Botan::TLS::Policy& policy) override
         {
         try
            {
            // try to validate to exercise those code paths
            Botan::TLS::Callbacks::tls_verify_cert_chain(cert_chain, ocsp_responses,
                                                         trusted_roots, usage, hostname, policy);
            }
         catch(...)
            {
            // ignore validation result
            }
         }

   };

void fuzz(const uint8_t in[], size_t len)
   {
   if(len <= 1)
      return;

   Botan::TLS::Session_Manager_Noop session_manager;
   Fuzzer_TLS_Policy policy;
   Botan::TLS::Server_Information info("server.name", 443);
   Fuzzer_TLS_Server_Creds creds;
   Fuzzer_TLS_Server_Callbacks callbacks;

   const bool is_datagram = in[0] & 1;

   Botan::TLS::Server server(callbacks,
                             session_manager,
                             creds,
                             policy,
                             fuzzer_rng(),
                             is_datagram);

   try
      {
      server.received_data(in + 1, len - 1);
      }
   catch(std::exception& e)
      {
      }
   }

Coverage Report

Created: 2020-09-16 07:52

Line	Count	Source (jump to first uncovered line)
1		/*
2		* (C) 2015,2016 Jack Lloyd
3		*
4		* Botan is released under the Simplified BSD License (see license.txt)
5		*/
6
7		#include "fuzzers.h"
8		#include <botan/tls_server.h>
9		#include <botan/data_src.h>
10
11		const char* fixed_rsa_key =
12		"-----BEGIN PRIVATE KEY-----\n"
13		"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCe6qqpMQVJ7zCJ\n"
14		"oSnpxia0yO6M7Ie3FGqPcd0DzueC+kWPvuHQ+PpP5vfO6qqRaDVII37PFX5NUZQm\n"
15		"GK/rAm7spjIHTCMgqSZ8pN13LU8m1gDwIdu9al16LXN9zZjB67uLlFn2trtLi234\n"
16		"i0cnyeF8IC0cz7tgCOzMSVEBcqJjkdgGrZ3WUgOXecVm2lXVrYlEiaSxFp4VOE9k\n"
17		"RFeVrELCjmNtc4hRd1yJsF+vObCtvyqGYQE1Qcb0MVSQDBHMkiUVmO6zuW7td5ef\n"
18		"O/1OyntQJGyVa+SnWbkSLCybta2J7MreHENrF5GA0K1KL140SNRHeWifRMuNQua7\n"
19		"qmKXMBTFAgMBAAECggEAIk3fxyQI0zvpy1vZ01ft1QqmzA7nAPNMSWi33/GS8iga\n"
20		"SfxXfKeySPs/tQ/dAARxs//NiOBH4mLgyxR7LQzaawU5OXALCSraXv+ruuUx990s\n"
21		"WKnGaG4EfbJAAwEVn47Gbkv425P4fEc91vAhzQn8PbIoatbAyOtESpjs/pYDTeC/\n"
22		"mnJId8gqO90cqyRECEMjk9sQ8iEjWPlik4ayGlUVbeeMu6/pJ9F8IZEgkLZiNDAB\n"
23		"4anmOFaT7EmqUjI4IlcaqfbbXyDXlvWUYukidEss+CNvPuqbQHBDnpFVvBxdDR2N\n"
24		"Uj2D5Xd5blcIe2/+1IVRnznjoQ5zvutzb7ThBmMehQKBgQDOITKG0ht2kXLxjVoR\n"
25		"r/pVpx+f3hs3H7wE0+vrLHoQgkVjpMWXQ47YuZTT9rCOOYNI2cMoH2D27t1j78/B\n"
26		"9kGYABUVpvQQ+6amqJDI1eYI6e68TPueEDjeALfSCdmPNiI3lZZrCIK9XLpkoy8K\n"
27		"tGYBRRJ+JJxjj1zPXj9SGshPgwKBgQDFXUtoxY3mCStH3+0b1qxGG9r1L5goHEmd\n"
28		"Am8WBYDheNpL0VqPNzouhuM/ZWMGyyAs/py6aLATe+qhR1uX5vn7LVZwjCSONZ4j\n"
29		"7ieEEUh1BHetPI1oI5PxgokRYfVuckotqVseanI/536Er3Yf2FXNQ1/ceVp9WykX\n"
30		"3mYTKMhQFwKBgQDKakcXpZNaZ5IcKdZcsBZ/rdGcR5sqEnursf9lvRNQytwg8Vkn\n"
31		"JSxNHlBLpV/TCh8lltHRwJ6TXhUBYij+KzhWbx5FWOErHDOWTMmArqtp7W6GcoJT\n"
32		"wVJWjxXzp8CApYQMWVSQXpckJL7UvHohZO0WKiHyxTjde5aD++TqV2qEyQKBgBbD\n"
33		"jvoTpy08K4DLxCZs2Uvw1I1pIuylbpwsdrGciuP2s38BM6fHH+/T4Qwj3osfDKQD\n"
34		"7gHWJ1Dn/wUBHQBlRLoC3bB3iZPZfVb5lhc2gxv0GvWhQVIcoGi/vJ2DpfJKPmIL\n"
35		"4ZWdg3X5dm9JaZ98rVDSj5D3ckd5J0E4hp95GbmbAoGBAJJHM4O9lx60tIjw9Sf/\n"
36		"QmKWyUk0NLnt8DcgRMW7fVxtzPNDy9DBKGIkDdWZ2s+ForICA3C9WSxBC1EOEHGG\n"
37		"xkg2xKt66CeutGroP6M191mHQrRClt1VbEYzQFX21BCk5kig9i/BURyoTHtFiV+t\n"
38		"kbf4VLg8Vk9u/R3RU1HsYWhe\n"
39		"-----END PRIVATE KEY-----\n";
40
41		const char* fixed_rsa_cert =
42		"-----BEGIN CERTIFICATE-----\n"
43		"MIIDUDCCAjgCCQD7pIb1ZsoafjANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJW\n"
44		"VDEQMA4GA1UECAwHVmVybW9udDEWMBQGA1UEBwwNVGhlIEludGVybmV0czEUMBIG\n"
45		"A1UECgwLTWFuZ29zIFIgVXMxGzAZBgNVBAMMEnNlcnZlci5leGFtcGxlLmNvbTAe\n"
46		"Fw0xNjAxMDYxNzQ3MjNaFw0yNjAxMDMxNzQ3MjNaMGoxCzAJBgNVBAYTAlZUMRAw\n"
47		"DgYDVQQIDAdWZXJtb250MRYwFAYDVQQHDA1UaGUgSW50ZXJuZXRzMRQwEgYDVQQK\n"
48		"DAtNYW5nb3MgUiBVczEbMBkGA1UEAwwSc2VydmVyLmV4YW1wbGUuY29tMIIBIjAN\n"
49		"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuqqqTEFSe8wiaEp6cYmtMjujOyH\n"
50		"txRqj3HdA87ngvpFj77h0Pj6T+b3zuqqkWg1SCN+zxV+TVGUJhiv6wJu7KYyB0wj\n"
51		"IKkmfKTddy1PJtYA8CHbvWpdei1zfc2Yweu7i5RZ9ra7S4tt+ItHJ8nhfCAtHM+7\n"
52		"YAjszElRAXKiY5HYBq2d1lIDl3nFZtpV1a2JRImksRaeFThPZERXlaxCwo5jbXOI\n"
53		"UXdcibBfrzmwrb8qhmEBNUHG9DFUkAwRzJIlFZjus7lu7XeXnzv9Tsp7UCRslWvk\n"
54		"p1m5Eiwsm7WtiezK3hxDaxeRgNCtSi9eNEjUR3lon0TLjULmu6pilzAUxQIDAQAB\n"
55		"MA0GCSqGSIb3DQEBCwUAA4IBAQA1eZGc/4V7z/E/6eG0hVkzoAZeuTcSP7WqBSx+\n"
56		"OP2yh0163UYjoa6nehmkKYQQ9PbYPZGzIcl+dBFyYzy6jcp0NdtzpWnTFrjl4rMq\n"
57		"akcQ1D0LTYjJXVP9G/vF/SvatOFeVTnQmLlLt/a8ZtRUINqejeZZPzH8ifzFW6tu\n"
58		"mlhTVIEKyPHpxClh5Y3ubw/mZYygekFTqMkTx3FwJxKU8J6rYGZxanWAODUIvCUo\n"
59		"Fxer1qC5Love3uWl3vXPLEZWZdORnExSRByzz2immBP2vX4zYZoeZRhTQ9ae1TIV\n"
60		"Dk02a/1AOJZdZReDbgXhlqaUx5pk/rzo4mDzvu5HSCeXmClz\n"
61		"-----END CERTIFICATE-----\n";
62
63		class Fuzzer_TLS_Server_Creds : public Botan::Credentials_Manager
64		{
65		public:
66		Fuzzer_TLS_Server_Creds()
67	5.55k	{
68	5.55k	Botan::DataSource_Memory cert_in(fixed_rsa_cert);
69	5.55k	Botan::DataSource_Memory key_in(fixed_rsa_key);
70	5.55k
71	5.55k	m_rsa_cert.reset(new Botan::X509_Certificate(cert_in));
72		//m_rsa_key.reset(Botan::PKCS8::load_key(key_in, fuzzer_rng());
73	5.55k	}
74
75		std::vector<Botan::X509_Certificate> cert_chain(
76		const std::vector<std::string>& algos,
77		const std::string& /type/,
78		const std::string& /hostname/) override
79	75.8k	{
80	75.8k	std::vector<Botan::X509_Certificate> v;
81	75.8k
82	75.8k	for(auto algo : algos)
83	75.8k	{
84	75.8k	if(algo == "RSA")
85	25.2k	{
86	25.2k	v.push_back(*m_rsa_cert);
87	25.2k	break;
88	25.2k	}
89	75.8k	}
90	75.8k
91	75.8k	return v;
92	75.8k	}
93
94		Botan::Private_Key* private_key_for(const Botan::X509_Certificate& /cert/,
95		const std::string& /type/,
96		const std::string& /context/) override
97	140	{
98	140	return m_rsa_key.get();
99	140	}
100
101	21.7k	std::string psk_identity_hint(const std::string&, const std::string&) override { return "psk_hint"; }
102	0	std::string psk_identity(const std::string&, const std::string&, const std::string&) override { return "psk_id"; }
103		Botan::SymmetricKey psk(const std::string&, const std::string&, const std::string&) override
104	47.8k	{
105	47.8k	return Botan::SymmetricKey("AABBCCDDEEFF00112233445566778899");
106	47.8k	}
107		private:
108		std::unique_ptr<Botan::X509_Certificate> m_rsa_cert;
109		std::unique_ptr<Botan::Private_Key> m_rsa_key;
110		};
111
112		class Fuzzer_TLS_Policy : public Botan::TLS::Policy
113		{
114		public:
115		std::vector<uint16_t> ciphersuite_list(Botan::TLS::Protocol_Version version,
116		bool have_srp) const
117	31.4k	{
118	31.4k	std::vector<uint16_t> ciphersuites;
119	31.4k
120	31.4k	for(auto&& suite : Botan::TLS::Ciphersuite::all_known_ciphersuites())
121	5.75M	{
122	5.75M	if(suite.valid() == false)
123	0	continue;
124	5.75M
125		// Are we doing SRP?
126	5.75M	if(!have_srp && suite.kex_method() == Botan::TLS::Kex_Algo::SRP_SHA)
127	282k	continue;
128	5.47M
129	5.47M	if(!version.supports_aead_modes())
130	0	{
131		// Are we doing AEAD in a non-AEAD version?
132	0	if(suite.mac_algo() == "AEAD")
133	0	continue;
134	0
135		// Older (v1.0/v1.1) versions also do not support any hash but SHA-1
136	0	if(suite.mac_algo() != "SHA-1")
137	0	continue;
138	5.47M	}
139	5.47M
140	5.47M	ciphersuites.push_back(suite.ciphersuite_code());
141	5.47M	}
142	31.4k
143	31.4k	return ciphersuites;
144	31.4k	}
145		};
146
147		class Fuzzer_TLS_Server_Callbacks : public Botan::TLS::Callbacks
148		{
149		public:
150		void tls_emit_data(const uint8_t[], size_t) override
151	85.7k	{
152		// discard
153	85.7k	}
154
155		void tls_record_received(uint64_t, const uint8_t[], size_t) override
156	0	{
157		// ignore peer data
158	0	}
159
160		void tls_alert(Botan::TLS::Alert) override
161	47.1k	{
162		// ignore alert
163	47.1k	}
164
165		bool tls_session_established(const Botan::TLS::Session&) override
166	450	{
167	450	return true; // cache it
168	450	}
169
170		std::string tls_server_choose_app_protocol(const std::vector<std::string>& client_protos) override
171	6.85k	{
172	6.85k	if(client_protos.size() > 1)
173	9	return client_protos[0];
174	6.84k	else
175	6.84k	return "fuzzy";
176	6.85k	}
177
178		void tls_verify_cert_chain(
179		const std::vector<Botan::X509_Certificate>& cert_chain,
180		const std::vector<std::shared_ptr<const Botan::OCSP::Response>>& ocsp_responses,
181		const std::vector<Botan::Certificate_Store*>& trusted_roots,
182		Botan::Usage_Type usage,
183		const std::string& hostname,
184		const Botan::TLS::Policy& policy) override
185	0	{
186	0	try
187	0	{
188		// try to validate to exercise those code paths
189	0	Botan::TLS::Callbacks::tls_verify_cert_chain(cert_chain, ocsp_responses,
190	0	trusted_roots, usage, hostname, policy);
191	0	}
192	0	catch(...)
193	0	{
194		// ignore validation result
195	0	}
196	0	}
197
198		};
199
200		void fuzz(const uint8_t in[], size_t len)
201	5.55k	{
202	5.55k	if(len <= 1)
203	2	return;
204	5.55k
205	5.55k	Botan::TLS::Session_Manager_Noop session_manager;
206	5.55k	Fuzzer_TLS_Policy policy;
207	5.55k	Botan::TLS::Server_Information info("server.name", 443);
208	5.55k	Fuzzer_TLS_Server_Creds creds;
209	5.55k	Fuzzer_TLS_Server_Callbacks callbacks;
210	5.55k
211	5.55k	const bool is_datagram = in[0] & 1;
212	5.55k
213	5.55k	Botan::TLS::Server server(callbacks,
214	5.55k	session_manager,
215	5.55k	creds,
216	5.55k	policy,
217	5.55k	fuzzer_rng(),
218	5.55k	is_datagram);
219	5.55k
220	5.55k	try
221	5.55k	{
222	5.55k	server.received_data(in + 1, len - 1);
223	5.55k	}
224	5.55k	catch(std::exception& e)
225	3.09k	{
226	3.09k	}
227	5.55k	}