/src/mbedtls/programs/fuzz/fuzz_client.c
Line | Count | Source (jump to first uncovered line) |
1 | | #include "mbedtls/ssl.h" |
2 | | #include "mbedtls/entropy.h" |
3 | | #include "mbedtls/ctr_drbg.h" |
4 | | #include "test/certs.h" |
5 | | #include "common.h" |
6 | | #include <string.h> |
7 | | #include <stdlib.h> |
8 | | #include <stdint.h> |
9 | | |
10 | | |
11 | | #if defined(MBEDTLS_SSL_CLI_C) && \ |
12 | | defined(MBEDTLS_ENTROPY_C) && \ |
13 | | defined(MBEDTLS_CTR_DRBG_C) |
14 | | static int initialized = 0; |
15 | | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) |
16 | | static mbedtls_x509_crt cacert; |
17 | | #endif |
18 | | const char *alpn_list[3]; |
19 | | |
20 | | |
21 | | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) |
22 | | const unsigned char psk[] = { |
23 | | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, |
24 | | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f |
25 | | }; |
26 | | const char psk_id[] = "Client_identity"; |
27 | | #endif |
28 | | |
29 | | const char *pers = "fuzz_client"; |
30 | | #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ |
31 | | |
32 | | |
33 | | int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) |
34 | 41 | { |
35 | 41 | #if defined(MBEDTLS_SSL_CLI_C) && \ |
36 | 41 | defined(MBEDTLS_ENTROPY_C) && \ |
37 | 41 | defined(MBEDTLS_CTR_DRBG_C) |
38 | 41 | int ret; |
39 | 41 | size_t len; |
40 | 41 | mbedtls_ssl_context ssl; |
41 | 41 | mbedtls_ssl_config conf; |
42 | 41 | mbedtls_ctr_drbg_context ctr_drbg; |
43 | 41 | mbedtls_entropy_context entropy; |
44 | 41 | unsigned char buf[4096]; |
45 | 41 | fuzzBufferOffset_t biomemfuzz; |
46 | 41 | uint16_t options; |
47 | | |
48 | 41 | if (initialized == 0) { |
49 | 2 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) |
50 | 2 | mbedtls_x509_crt_init(&cacert); |
51 | 2 | if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, |
52 | 2 | mbedtls_test_cas_pem_len) != 0) { |
53 | 0 | return 1; |
54 | 0 | } |
55 | 2 | #endif |
56 | | |
57 | 2 | alpn_list[0] = "HTTP"; |
58 | 2 | alpn_list[1] = "fuzzalpn"; |
59 | 2 | alpn_list[2] = NULL; |
60 | | |
61 | 2 | dummy_init(); |
62 | | |
63 | 2 | initialized = 1; |
64 | 2 | } |
65 | | |
66 | | //we take 1 byte as options input |
67 | 41 | if (Size < 2) { |
68 | 4 | return 0; |
69 | 4 | } |
70 | 37 | options = (Data[Size - 2] << 8) | Data[Size - 1]; |
71 | | //Avoid warnings if compile options imply no options |
72 | 37 | (void) options; |
73 | | |
74 | 37 | mbedtls_ssl_init(&ssl); |
75 | 37 | mbedtls_ssl_config_init(&conf); |
76 | 37 | mbedtls_ctr_drbg_init(&ctr_drbg); |
77 | 37 | mbedtls_entropy_init(&entropy); |
78 | | |
79 | | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
80 | | psa_status_t status = psa_crypto_init(); |
81 | 21 | if (status != PSA_SUCCESS) { |
82 | 21 | goto exit; |
83 | 21 | } |
84 | 0 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
85 | | |
86 | 16 | if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, |
87 | 16 | (const unsigned char *) pers, strlen(pers)) != 0) { |
88 | 0 | goto exit; |
89 | 0 | } |
90 | | |
91 | 16 | if (mbedtls_ssl_config_defaults(&conf, |
92 | 16 | MBEDTLS_SSL_IS_CLIENT, |
93 | 16 | MBEDTLS_SSL_TRANSPORT_STREAM, |
94 | 16 | MBEDTLS_SSL_PRESET_DEFAULT) != 0) { |
95 | 0 | goto exit; |
96 | 0 | } |
97 | | |
98 | 16 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) |
99 | 16 | if (options & 2) { |
100 | 6 | mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), |
101 | 6 | (const unsigned char *) psk_id, sizeof(psk_id) - 1); |
102 | 6 | } |
103 | 16 | #endif |
104 | | |
105 | 16 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) |
106 | 16 | if (options & 4) { |
107 | 8 | mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); |
108 | 8 | mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); |
109 | 8 | } else |
110 | 8 | #endif |
111 | 8 | { |
112 | 8 | mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); |
113 | 8 | } |
114 | 16 | #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) |
115 | 16 | mbedtls_ssl_conf_extended_master_secret(&conf, |
116 | 16 | (options & |
117 | 16 | 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); |
118 | 16 | #endif |
119 | 16 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) |
120 | 16 | mbedtls_ssl_conf_encrypt_then_mac(&conf, |
121 | 16 | (options & |
122 | 16 | 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED); |
123 | 16 | #endif |
124 | 16 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
125 | 16 | mbedtls_ssl_conf_renegotiation(&conf, |
126 | 16 | (options & |
127 | 16 | 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED); |
128 | 16 | #endif |
129 | 16 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
130 | 16 | mbedtls_ssl_conf_session_tickets(&conf, |
131 | 16 | (options & |
132 | 16 | 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED); |
133 | 16 | #endif |
134 | 16 | #if defined(MBEDTLS_SSL_ALPN) |
135 | 16 | if (options & 0x200) { |
136 | 12 | mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list); |
137 | 12 | } |
138 | 16 | #endif |
139 | | //There may be other options to add : |
140 | | // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes |
141 | | |
142 | 16 | srand(1); |
143 | 16 | mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); |
144 | | |
145 | 16 | if (mbedtls_ssl_setup(&ssl, &conf) != 0) { |
146 | 0 | goto exit; |
147 | 0 | } |
148 | | |
149 | 16 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) |
150 | 16 | if ((options & 1) == 0) { |
151 | 6 | if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) { |
152 | 0 | goto exit; |
153 | 0 | } |
154 | 6 | } |
155 | 16 | #endif |
156 | | |
157 | 16 | biomemfuzz.Data = Data; |
158 | 16 | biomemfuzz.Size = Size-2; |
159 | 16 | biomemfuzz.Offset = 0; |
160 | 16 | mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL); |
161 | | |
162 | 16 | ret = mbedtls_ssl_handshake(&ssl); |
163 | 16 | if (ret == 0) { |
164 | | //keep reading data from server until the end |
165 | 0 | do { |
166 | 0 | len = sizeof(buf) - 1; |
167 | 0 | ret = mbedtls_ssl_read(&ssl, buf, len); |
168 | |
|
169 | 0 | if (ret == MBEDTLS_ERR_SSL_WANT_READ) { |
170 | 0 | continue; |
171 | 0 | } else if (ret <= 0) { |
172 | | //EOF or error |
173 | 0 | break; |
174 | 0 | } |
175 | 0 | } while (1); |
176 | 0 | } |
177 | | |
178 | 37 | exit: |
179 | 37 | mbedtls_entropy_free(&entropy); |
180 | 37 | mbedtls_ctr_drbg_free(&ctr_drbg); |
181 | 37 | mbedtls_ssl_config_free(&conf); |
182 | 37 | mbedtls_ssl_free(&ssl); |
183 | | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
184 | | mbedtls_psa_crypto_free(); |
185 | | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
186 | | |
187 | | #else |
188 | | (void) Data; |
189 | | (void) Size; |
190 | | #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ |
191 | | |
192 | 37 | return 0; |
193 | 16 | } Line | Count | Source | 34 | 23 | { | 35 | 23 | #if defined(MBEDTLS_SSL_CLI_C) && \ | 36 | 23 | defined(MBEDTLS_ENTROPY_C) && \ | 37 | 23 | defined(MBEDTLS_CTR_DRBG_C) | 38 | 23 | int ret; | 39 | 23 | size_t len; | 40 | 23 | mbedtls_ssl_context ssl; | 41 | 23 | mbedtls_ssl_config conf; | 42 | 23 | mbedtls_ctr_drbg_context ctr_drbg; | 43 | 23 | mbedtls_entropy_context entropy; | 44 | 23 | unsigned char buf[4096]; | 45 | 23 | fuzzBufferOffset_t biomemfuzz; | 46 | 23 | uint16_t options; | 47 | | | 48 | 23 | if (initialized == 0) { | 49 | 1 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) | 50 | 1 | mbedtls_x509_crt_init(&cacert); | 51 | 1 | if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, | 52 | 1 | mbedtls_test_cas_pem_len) != 0) { | 53 | 0 | return 1; | 54 | 0 | } | 55 | 1 | #endif | 56 | | | 57 | 1 | alpn_list[0] = "HTTP"; | 58 | 1 | alpn_list[1] = "fuzzalpn"; | 59 | 1 | alpn_list[2] = NULL; | 60 | | | 61 | 1 | dummy_init(); | 62 | | | 63 | 1 | initialized = 1; | 64 | 1 | } | 65 | | | 66 | | //we take 1 byte as options input | 67 | 23 | if (Size < 2) { | 68 | 2 | return 0; | 69 | 2 | } | 70 | 21 | options = (Data[Size - 2] << 8) | Data[Size - 1]; | 71 | | //Avoid warnings if compile options imply no options | 72 | 21 | (void) options; | 73 | | | 74 | 21 | mbedtls_ssl_init(&ssl); | 75 | 21 | mbedtls_ssl_config_init(&conf); | 76 | 21 | mbedtls_ctr_drbg_init(&ctr_drbg); | 77 | 21 | mbedtls_entropy_init(&entropy); | 78 | | | 79 | 21 | #if defined(MBEDTLS_USE_PSA_CRYPTO) | 80 | 21 | psa_status_t status = psa_crypto_init(); | 81 | 21 | if (status != PSA_SUCCESS) { | 82 | 21 | goto exit; | 83 | 21 | } | 84 | 0 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ | 85 | | | 86 | 0 | if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, | 87 | 0 | (const unsigned char *) pers, strlen(pers)) != 0) { | 88 | 0 | goto exit; | 89 | 0 | } | 90 | | | 91 | 0 | if (mbedtls_ssl_config_defaults(&conf, | 92 | 0 | MBEDTLS_SSL_IS_CLIENT, | 93 | 0 | MBEDTLS_SSL_TRANSPORT_STREAM, | 94 | 0 | MBEDTLS_SSL_PRESET_DEFAULT) != 0) { | 95 | 0 | goto exit; | 96 | 0 | } | 97 | | | 98 | 0 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) | 99 | 0 | if (options & 2) { | 100 | 0 | mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), | 101 | 0 | (const unsigned char *) psk_id, sizeof(psk_id) - 1); | 102 | 0 | } | 103 | 0 | #endif | 104 | |
| 105 | 0 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) | 106 | 0 | if (options & 4) { | 107 | 0 | mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); | 108 | 0 | mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); | 109 | 0 | } else | 110 | 0 | #endif | 111 | 0 | { | 112 | 0 | mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); | 113 | 0 | } | 114 | 0 | #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) | 115 | 0 | mbedtls_ssl_conf_extended_master_secret(&conf, | 116 | 0 | (options & | 117 | 0 | 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); | 118 | 0 | #endif | 119 | 0 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) | 120 | 0 | mbedtls_ssl_conf_encrypt_then_mac(&conf, | 121 | 0 | (options & | 122 | 0 | 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED); | 123 | 0 | #endif | 124 | 0 | #if defined(MBEDTLS_SSL_RENEGOTIATION) | 125 | 0 | mbedtls_ssl_conf_renegotiation(&conf, | 126 | 0 | (options & | 127 | 0 | 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED); | 128 | 0 | #endif | 129 | 0 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) | 130 | 0 | mbedtls_ssl_conf_session_tickets(&conf, | 131 | 0 | (options & | 132 | 0 | 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED); | 133 | 0 | #endif | 134 | 0 | #if defined(MBEDTLS_SSL_ALPN) | 135 | 0 | if (options & 0x200) { | 136 | 0 | mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list); | 137 | 0 | } | 138 | 0 | #endif | 139 | | //There may be other options to add : | 140 | | // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes | 141 | |
| 142 | 0 | srand(1); | 143 | 0 | mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); | 144 | |
| 145 | 0 | if (mbedtls_ssl_setup(&ssl, &conf) != 0) { | 146 | 0 | goto exit; | 147 | 0 | } | 148 | | | 149 | 0 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) | 150 | 0 | if ((options & 1) == 0) { | 151 | 0 | if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) { | 152 | 0 | goto exit; | 153 | 0 | } | 154 | 0 | } | 155 | 0 | #endif | 156 | | | 157 | 0 | biomemfuzz.Data = Data; | 158 | 0 | biomemfuzz.Size = Size-2; | 159 | 0 | biomemfuzz.Offset = 0; | 160 | 0 | mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL); | 161 | |
| 162 | 0 | ret = mbedtls_ssl_handshake(&ssl); | 163 | 0 | if (ret == 0) { | 164 | | //keep reading data from server until the end | 165 | 0 | do { | 166 | 0 | len = sizeof(buf) - 1; | 167 | 0 | ret = mbedtls_ssl_read(&ssl, buf, len); | 168 | |
| 169 | 0 | if (ret == MBEDTLS_ERR_SSL_WANT_READ) { | 170 | 0 | continue; | 171 | 0 | } else if (ret <= 0) { | 172 | | //EOF or error | 173 | 0 | break; | 174 | 0 | } | 175 | 0 | } while (1); | 176 | 0 | } | 177 | | | 178 | 21 | exit: | 179 | 21 | mbedtls_entropy_free(&entropy); | 180 | 21 | mbedtls_ctr_drbg_free(&ctr_drbg); | 181 | 21 | mbedtls_ssl_config_free(&conf); | 182 | 21 | mbedtls_ssl_free(&ssl); | 183 | 21 | #if defined(MBEDTLS_USE_PSA_CRYPTO) | 184 | 21 | mbedtls_psa_crypto_free(); | 185 | 21 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ | 186 | | | 187 | | #else | 188 | | (void) Data; | 189 | | (void) Size; | 190 | | #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ | 191 | | | 192 | 21 | return 0; | 193 | 0 | } |
Line | Count | Source | 34 | 18 | { | 35 | 18 | #if defined(MBEDTLS_SSL_CLI_C) && \ | 36 | 18 | defined(MBEDTLS_ENTROPY_C) && \ | 37 | 18 | defined(MBEDTLS_CTR_DRBG_C) | 38 | 18 | int ret; | 39 | 18 | size_t len; | 40 | 18 | mbedtls_ssl_context ssl; | 41 | 18 | mbedtls_ssl_config conf; | 42 | 18 | mbedtls_ctr_drbg_context ctr_drbg; | 43 | 18 | mbedtls_entropy_context entropy; | 44 | 18 | unsigned char buf[4096]; | 45 | 18 | fuzzBufferOffset_t biomemfuzz; | 46 | 18 | uint16_t options; | 47 | | | 48 | 18 | if (initialized == 0) { | 49 | 1 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) | 50 | 1 | mbedtls_x509_crt_init(&cacert); | 51 | 1 | if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, | 52 | 1 | mbedtls_test_cas_pem_len) != 0) { | 53 | 0 | return 1; | 54 | 0 | } | 55 | 1 | #endif | 56 | | | 57 | 1 | alpn_list[0] = "HTTP"; | 58 | 1 | alpn_list[1] = "fuzzalpn"; | 59 | 1 | alpn_list[2] = NULL; | 60 | | | 61 | 1 | dummy_init(); | 62 | | | 63 | 1 | initialized = 1; | 64 | 1 | } | 65 | | | 66 | | //we take 1 byte as options input | 67 | 18 | if (Size < 2) { | 68 | 2 | return 0; | 69 | 2 | } | 70 | 16 | options = (Data[Size - 2] << 8) | Data[Size - 1]; | 71 | | //Avoid warnings if compile options imply no options | 72 | 16 | (void) options; | 73 | | | 74 | 16 | mbedtls_ssl_init(&ssl); | 75 | 16 | mbedtls_ssl_config_init(&conf); | 76 | 16 | mbedtls_ctr_drbg_init(&ctr_drbg); | 77 | 16 | mbedtls_entropy_init(&entropy); | 78 | | | 79 | | #if defined(MBEDTLS_USE_PSA_CRYPTO) | 80 | | psa_status_t status = psa_crypto_init(); | 81 | | if (status != PSA_SUCCESS) { | 82 | | goto exit; | 83 | | } | 84 | | #endif /* MBEDTLS_USE_PSA_CRYPTO */ | 85 | | | 86 | 16 | if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, | 87 | 16 | (const unsigned char *) pers, strlen(pers)) != 0) { | 88 | 0 | goto exit; | 89 | 0 | } | 90 | | | 91 | 16 | if (mbedtls_ssl_config_defaults(&conf, | 92 | 16 | MBEDTLS_SSL_IS_CLIENT, | 93 | 16 | MBEDTLS_SSL_TRANSPORT_STREAM, | 94 | 16 | MBEDTLS_SSL_PRESET_DEFAULT) != 0) { | 95 | 0 | goto exit; | 96 | 0 | } | 97 | | | 98 | 16 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) | 99 | 16 | if (options & 2) { | 100 | 6 | mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), | 101 | 6 | (const unsigned char *) psk_id, sizeof(psk_id) - 1); | 102 | 6 | } | 103 | 16 | #endif | 104 | | | 105 | 16 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) | 106 | 16 | if (options & 4) { | 107 | 8 | mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); | 108 | 8 | mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); | 109 | 8 | } else | 110 | 8 | #endif | 111 | 8 | { | 112 | 8 | mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); | 113 | 8 | } | 114 | 16 | #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) | 115 | 16 | mbedtls_ssl_conf_extended_master_secret(&conf, | 116 | 16 | (options & | 117 | 16 | 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); | 118 | 16 | #endif | 119 | 16 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) | 120 | 16 | mbedtls_ssl_conf_encrypt_then_mac(&conf, | 121 | 16 | (options & | 122 | 16 | 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED); | 123 | 16 | #endif | 124 | 16 | #if defined(MBEDTLS_SSL_RENEGOTIATION) | 125 | 16 | mbedtls_ssl_conf_renegotiation(&conf, | 126 | 16 | (options & | 127 | 16 | 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED); | 128 | 16 | #endif | 129 | 16 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) | 130 | 16 | mbedtls_ssl_conf_session_tickets(&conf, | 131 | 16 | (options & | 132 | 16 | 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED); | 133 | 16 | #endif | 134 | 16 | #if defined(MBEDTLS_SSL_ALPN) | 135 | 16 | if (options & 0x200) { | 136 | 12 | mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list); | 137 | 12 | } | 138 | 16 | #endif | 139 | | //There may be other options to add : | 140 | | // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes | 141 | | | 142 | 16 | srand(1); | 143 | 16 | mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); | 144 | | | 145 | 16 | if (mbedtls_ssl_setup(&ssl, &conf) != 0) { | 146 | 0 | goto exit; | 147 | 0 | } | 148 | | | 149 | 16 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) | 150 | 16 | if ((options & 1) == 0) { | 151 | 6 | if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) { | 152 | 0 | goto exit; | 153 | 0 | } | 154 | 6 | } | 155 | 16 | #endif | 156 | | | 157 | 16 | biomemfuzz.Data = Data; | 158 | 16 | biomemfuzz.Size = Size-2; | 159 | 16 | biomemfuzz.Offset = 0; | 160 | 16 | mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL); | 161 | | | 162 | 16 | ret = mbedtls_ssl_handshake(&ssl); | 163 | 16 | if (ret == 0) { | 164 | | //keep reading data from server until the end | 165 | 0 | do { | 166 | 0 | len = sizeof(buf) - 1; | 167 | 0 | ret = mbedtls_ssl_read(&ssl, buf, len); | 168 | |
| 169 | 0 | if (ret == MBEDTLS_ERR_SSL_WANT_READ) { | 170 | 0 | continue; | 171 | 0 | } else if (ret <= 0) { | 172 | | //EOF or error | 173 | 0 | break; | 174 | 0 | } | 175 | 0 | } while (1); | 176 | 0 | } | 177 | | | 178 | 16 | exit: | 179 | 16 | mbedtls_entropy_free(&entropy); | 180 | 16 | mbedtls_ctr_drbg_free(&ctr_drbg); | 181 | 16 | mbedtls_ssl_config_free(&conf); | 182 | 16 | mbedtls_ssl_free(&ssl); | 183 | | #if defined(MBEDTLS_USE_PSA_CRYPTO) | 184 | | mbedtls_psa_crypto_free(); | 185 | | #endif /* MBEDTLS_USE_PSA_CRYPTO */ | 186 | | | 187 | | #else | 188 | | (void) Data; | 189 | | (void) Size; | 190 | | #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ | 191 | | | 192 | 16 | return 0; | 193 | 16 | } |
|