/src/openssl34/fuzz/provider.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"); |
5 | | * you may not use this file except in compliance with the License. |
6 | | * You may obtain a copy of the License at |
7 | | * https://www.openssl.org/source/license.html |
8 | | * or in the file LICENSE in the source distribution. |
9 | | */ |
10 | | #include <string.h> |
11 | | #include <openssl/types.h> |
12 | | #include <openssl/crypto.h> |
13 | | #include <openssl/core_names.h> |
14 | | #include <openssl/kdf.h> |
15 | | #include <openssl/evp.h> |
16 | | #include <openssl/provider.h> |
17 | | #include "fuzzer.h" |
18 | | |
19 | | #define DEFINE_ALGORITHMS(name, evp) DEFINE_STACK_OF(evp) \ |
20 | | static int cmp_##evp(const evp *const *a, const evp *const *b); \ |
21 | | static void collect_##evp(evp *obj, void *stack); \ |
22 | | static void init_##name(OSSL_LIB_CTX *libctx); \ |
23 | | static void cleanup_##name(void); \ |
24 | | static STACK_OF(evp) *name##_collection; \ |
25 | | static int cmp_##evp(const evp *const *a, const evp *const *b) \ |
26 | 598 | { \ |
27 | 598 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ |
28 | 598 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ |
29 | 598 | } \ Line | Count | Source | 26 | 52 | { \ | 27 | 52 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 52 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 52 | } \ |
Line | Count | Source | 26 | 36 | { \ | 27 | 36 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 36 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 36 | } \ |
provider.c:cmp_EVP_CIPHER Line | Count | Source | 26 | 258 | { \ | 27 | 258 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 258 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 258 | } \ |
Line | Count | Source | 26 | 20 | { \ | 27 | 20 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 20 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 20 | } \ |
provider.c:cmp_EVP_KEYEXCH Line | Count | Source | 26 | 12 | { \ | 27 | 12 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 12 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 12 | } \ |
Line | Count | Source | 26 | 8 | { \ | 27 | 8 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 8 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 8 | } \ |
Line | Count | Source | 26 | 16 | { \ | 27 | 16 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 16 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 16 | } \ |
provider.c:cmp_EVP_KEYMGMT Line | Count | Source | 26 | 78 | { \ | 27 | 78 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 78 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 78 | } \ |
provider.c:cmp_EVP_SIGNATURE Line | Count | Source | 26 | 116 | { \ | 27 | 116 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 116 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 116 | } \ |
provider.c:cmp_EVP_ASYM_CIPHER Line | Count | Source | 26 | 2 | { \ | 27 | 2 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 28 | 2 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 29 | 2 | } \ |
|
30 | | static void collect_##evp(evp *obj, void *stack) \ |
31 | 1.75k | { \ |
32 | 1.75k | STACK_OF(evp) *obj_stack = stack; \ |
33 | 1.75k | \ |
34 | 1.75k | if (sk_##evp##_push(obj_stack, obj) > 0) \ |
35 | 1.75k | evp##_up_ref(obj); \ |
36 | 1.75k | } \ provider.c:collect_EVP_MD Line | Count | Source | 31 | 162 | { \ | 32 | 162 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 162 | \ | 34 | 162 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 162 | evp##_up_ref(obj); \ | 36 | 162 | } \ |
provider.c:collect_EVP_KDF Line | Count | Source | 31 | 102 | { \ | 32 | 102 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 102 | \ | 34 | 102 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 102 | evp##_up_ref(obj); \ | 36 | 102 | } \ |
provider.c:collect_EVP_CIPHER Line | Count | Source | 31 | 780 | { \ | 32 | 780 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 780 | \ | 34 | 780 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 780 | evp##_up_ref(obj); \ | 36 | 780 | } \ |
provider.c:collect_EVP_KEM Line | Count | Source | 31 | 52 | { \ | 32 | 52 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 52 | \ | 34 | 52 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 52 | evp##_up_ref(obj); \ | 36 | 52 | } \ |
provider.c:collect_EVP_KEYEXCH Line | Count | Source | 31 | 42 | { \ | 32 | 42 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 42 | \ | 34 | 42 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 42 | evp##_up_ref(obj); \ | 36 | 42 | } \ |
provider.c:collect_EVP_RAND Line | Count | Source | 31 | 30 | { \ | 32 | 30 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 30 | \ | 34 | 30 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 30 | evp##_up_ref(obj); \ | 36 | 30 | } \ |
provider.c:collect_EVP_MAC Line | Count | Source | 31 | 54 | { \ | 32 | 54 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 54 | \ | 34 | 54 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 54 | evp##_up_ref(obj); \ | 36 | 54 | } \ |
provider.c:collect_EVP_KEYMGMT Line | Count | Source | 31 | 196 | { \ | 32 | 196 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 196 | \ | 34 | 196 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 196 | evp##_up_ref(obj); \ | 36 | 196 | } \ |
provider.c:collect_EVP_SIGNATURE Line | Count | Source | 31 | 324 | { \ | 32 | 324 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 324 | \ | 34 | 324 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 324 | evp##_up_ref(obj); \ | 36 | 324 | } \ |
provider.c:collect_EVP_ASYM_CIPHER Line | Count | Source | 31 | 12 | { \ | 32 | 12 | STACK_OF(evp) *obj_stack = stack; \ | 33 | 12 | \ | 34 | 12 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 35 | 12 | evp##_up_ref(obj); \ | 36 | 12 | } \ |
|
37 | | static void init_##name(OSSL_LIB_CTX *libctx) \ |
38 | 60 | { \ |
39 | 60 | name##_collection = sk_##evp##_new(cmp_##evp); \ |
40 | 60 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ |
41 | 60 | } \ Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
provider.c:init_signature Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
provider.c:init_asym_ciphers Line | Count | Source | 38 | 6 | { \ | 39 | 6 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 40 | 6 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 41 | 6 | } \ |
|
42 | | static void cleanup_##name(void) \ |
43 | 0 | { \ |
44 | 0 | sk_##evp##_pop_free(name##_collection, evp##_free); \ |
45 | 0 | } Unexecuted instantiation: provider.c:cleanup_digests Unexecuted instantiation: provider.c:cleanup_kdf Unexecuted instantiation: provider.c:cleanup_cipher Unexecuted instantiation: provider.c:cleanup_kem Unexecuted instantiation: provider.c:cleanup_keyexch Unexecuted instantiation: provider.c:cleanup_rand Unexecuted instantiation: provider.c:cleanup_mac Unexecuted instantiation: provider.c:cleanup_keymgmt Unexecuted instantiation: provider.c:cleanup_signature Unexecuted instantiation: provider.c:cleanup_asym_ciphers |
46 | | |
47 | | DEFINE_ALGORITHMS(digests, EVP_MD) |
48 | | |
49 | | DEFINE_ALGORITHMS(kdf, EVP_KDF) |
50 | | |
51 | | DEFINE_ALGORITHMS(cipher, EVP_CIPHER) |
52 | | |
53 | | DEFINE_ALGORITHMS(kem, EVP_KEM) |
54 | | |
55 | | DEFINE_ALGORITHMS(keyexch, EVP_KEYEXCH) |
56 | | |
57 | | DEFINE_ALGORITHMS(rand, EVP_RAND) |
58 | | |
59 | | DEFINE_ALGORITHMS(mac, EVP_MAC) |
60 | | |
61 | | DEFINE_ALGORITHMS(keymgmt, EVP_KEYMGMT) |
62 | | |
63 | | DEFINE_ALGORITHMS(signature, EVP_SIGNATURE) |
64 | | |
65 | | DEFINE_ALGORITHMS(asym_ciphers, EVP_ASYM_CIPHER) |
66 | | |
67 | | static OSSL_LIB_CTX *libctx = NULL; |
68 | | |
69 | | int FuzzerInitialize(int *argc, char ***argv) |
70 | 18 | { |
71 | 18 | libctx = OSSL_LIB_CTX_new(); |
72 | 18 | if (libctx == NULL) |
73 | 0 | return 0; |
74 | | |
75 | 18 | init_digests(libctx); |
76 | 18 | init_kdf(libctx); |
77 | 18 | init_cipher(libctx); |
78 | 18 | init_kem(libctx); |
79 | 18 | init_keyexch(libctx); |
80 | 18 | init_rand(libctx); |
81 | 18 | init_mac(libctx); |
82 | 18 | init_keymgmt(libctx); |
83 | 18 | init_signature(libctx); |
84 | 18 | init_asym_ciphers(libctx); |
85 | 18 | return 1; |
86 | 18 | } |
87 | | |
88 | | void FuzzerCleanup(void) |
89 | 0 | { |
90 | 0 | cleanup_digests(); |
91 | 0 | cleanup_kdf(); |
92 | 0 | cleanup_cipher(); |
93 | 0 | cleanup_kem(); |
94 | 0 | cleanup_keyexch(); |
95 | 0 | cleanup_rand(); |
96 | 0 | cleanup_mac(); |
97 | 0 | cleanup_keymgmt(); |
98 | 0 | cleanup_signature(); |
99 | 0 | cleanup_asym_ciphers(); |
100 | |
|
101 | 0 | OSSL_LIB_CTX_free(libctx); |
102 | 0 | } |
103 | | |
104 | | static int read_uint(const uint8_t **buf, size_t *len, uint64_t **res) |
105 | 11.5k | { |
106 | 11.5k | int r = 1; |
107 | | |
108 | 11.5k | if (*len < sizeof(uint64_t)) { |
109 | 205 | r = 0; |
110 | 205 | goto end; |
111 | 205 | } |
112 | | |
113 | 11.3k | *res = OPENSSL_malloc(sizeof(uint64_t)); |
114 | 11.3k | **res = (uint64_t) **buf; |
115 | | |
116 | 11.3k | *buf += sizeof(uint64_t); |
117 | 11.3k | *len -= sizeof(uint64_t); |
118 | 11.5k | end: |
119 | 11.5k | return r; |
120 | 11.3k | } |
121 | | |
122 | | static int read_int(const uint8_t **buf, size_t *len, int64_t **res) |
123 | 47.5k | { |
124 | 47.5k | int r = 1; |
125 | | |
126 | 47.5k | if (*len < sizeof(int64_t)) { |
127 | 11.7k | r = 0; |
128 | 11.7k | goto end; |
129 | 11.7k | } |
130 | | |
131 | 35.8k | *res = OPENSSL_malloc(sizeof(int64_t)); |
132 | 35.8k | **res = (int64_t) **buf; |
133 | | |
134 | 35.8k | *buf += sizeof(int64_t); |
135 | 35.8k | *len -= sizeof(int64_t); |
136 | 47.5k | end: |
137 | 47.5k | return r; |
138 | 35.8k | } |
139 | | |
140 | | static int read_double(const uint8_t **buf, size_t *len, double **res) |
141 | 0 | { |
142 | 0 | int r = 1; |
143 | |
|
144 | 0 | if (*len < sizeof(double)) { |
145 | 0 | r = 0; |
146 | 0 | goto end; |
147 | 0 | } |
148 | | |
149 | 0 | *res = OPENSSL_malloc(sizeof(double)); |
150 | 0 | **res = (double) **buf; |
151 | |
|
152 | 0 | *buf += sizeof(double); |
153 | 0 | *len -= sizeof(double); |
154 | 0 | end: |
155 | 0 | return r; |
156 | 0 | } |
157 | | |
158 | | static int read_utf8_string(const uint8_t **buf, size_t *len, char **res) |
159 | 9.39k | { |
160 | 9.39k | size_t found_len; |
161 | 9.39k | int r; |
162 | | |
163 | 9.39k | found_len = OPENSSL_strnlen((const char *) *buf, *len); |
164 | | |
165 | 9.39k | if (found_len == *len) { |
166 | 605 | r = -1; |
167 | 605 | goto end; |
168 | 605 | } |
169 | | |
170 | 8.79k | found_len++; /* skip over the \0 byte */ |
171 | | |
172 | 8.79k | r = (int) found_len; |
173 | | |
174 | 8.79k | *res = (char *) *buf; |
175 | 8.79k | *len -= found_len; |
176 | 8.79k | *buf = *buf + found_len; /* continue after the \0 byte */ |
177 | 9.39k | end: |
178 | 9.39k | return r; |
179 | 8.79k | } |
180 | | |
181 | | static int read_utf8_ptr(const uint8_t **buf, size_t *len, char **res) |
182 | 0 | { |
183 | 0 | if (*len > 0 && **buf == 0xFF) { |
184 | | /* represent NULL somehow */ |
185 | 0 | *res = NULL; |
186 | 0 | *buf += 1; |
187 | 0 | *len -= 1; |
188 | 0 | return 0; |
189 | 0 | } |
190 | 0 | return read_utf8_string(buf, len, res); |
191 | 0 | } |
192 | | |
193 | | static int read_octet_string(const uint8_t **buf, size_t *len, char **res) |
194 | 9.53k | { |
195 | 9.53k | int r; |
196 | 9.53k | size_t i; |
197 | 9.53k | const uint8_t *ptr = *buf; |
198 | 9.53k | int found = 0; |
199 | | |
200 | 179M | for (i = 0; i < *len; ++i) { |
201 | 179M | if (*ptr == 0xFF && |
202 | 239k | (i + 1 < *len && *(ptr + 1) == 0xFF)) { |
203 | 7.04k | ptr++; |
204 | 7.04k | found = 1; |
205 | 7.04k | break; |
206 | 7.04k | } |
207 | 179M | ptr++; |
208 | 179M | } |
209 | | |
210 | 9.53k | if (!found) { |
211 | 2.49k | r = -1; |
212 | 2.49k | goto end; |
213 | 2.49k | } |
214 | | |
215 | 7.04k | *res = (char *) *buf; |
216 | | |
217 | 7.04k | r = ptr - *buf; |
218 | 7.04k | *len -= r; |
219 | 7.04k | *buf = ptr; |
220 | | |
221 | 9.53k | end: |
222 | 9.53k | return r; |
223 | 7.04k | } |
224 | | |
225 | | static int read_octet_ptr(const uint8_t **buf, size_t *len, char **res) |
226 | 0 | { |
227 | | /* TODO: This representation could need an improvement potentially. */ |
228 | 0 | if (*len > 1 && **buf == 0xFF && *(*buf + 1) == 0xFF) { |
229 | | /* represent NULL somehow */ |
230 | 0 | *res = NULL; |
231 | 0 | *buf += 2; |
232 | 0 | *len -= 2; |
233 | 0 | return 0; |
234 | 0 | } |
235 | 0 | return read_octet_string(buf, len, res); |
236 | 0 | } |
237 | | |
238 | | static char *DFLT_STR = ""; |
239 | | static char *DFLT_UTF8_PTR = NULL; |
240 | | static char *DFLT_OCTET_STRING = ""; |
241 | | static char *DFLT_OCTET_PTR = NULL; |
242 | | |
243 | | static int64_t ITERS = 1; |
244 | | static uint64_t UITERS = 1; |
245 | | static int64_t BLOCKSIZE = 8; |
246 | | static uint64_t UBLOCKSIZE = 8; |
247 | | |
248 | | |
249 | | static void free_params(OSSL_PARAM *param) |
250 | 7.14k | { |
251 | 46.4k | for (; param != NULL && param->key != NULL; param++) { |
252 | 39.3k | switch (param->data_type) { |
253 | 2.49k | case OSSL_PARAM_INTEGER: |
254 | 11.6k | case OSSL_PARAM_UNSIGNED_INTEGER: |
255 | 11.6k | case OSSL_PARAM_REAL: |
256 | 11.6k | if (param->data != NULL) { |
257 | 11.6k | OPENSSL_free(param->data); |
258 | 11.6k | } |
259 | 11.6k | break; |
260 | 39.3k | } |
261 | 39.3k | } |
262 | 7.14k | } |
263 | | |
264 | | static OSSL_PARAM *fuzz_params(OSSL_PARAM *param, const uint8_t **buf, size_t *len) |
265 | 7.14k | { |
266 | 7.14k | OSSL_PARAM *p; |
267 | 7.14k | OSSL_PARAM *fuzzed_parameters; |
268 | 7.14k | int p_num = 0; |
269 | | |
270 | 46.4k | for (p = param; p != NULL && p->key != NULL; p++) |
271 | 39.3k | p_num++; |
272 | | |
273 | 7.14k | fuzzed_parameters = OPENSSL_zalloc(sizeof(OSSL_PARAM) *(p_num + 1)); |
274 | 7.14k | p = fuzzed_parameters; |
275 | | |
276 | 46.4k | for (; param != NULL && param->key != NULL; param++) { |
277 | 39.3k | int64_t *use_param = NULL; |
278 | 39.3k | int64_t *p_value_int = NULL; |
279 | 39.3k | uint64_t *p_value_uint = NULL; |
280 | 39.3k | double *p_value_double = NULL; |
281 | 39.3k | char *p_value_utf8_str = DFLT_STR; |
282 | 39.3k | char *p_value_octet_str = DFLT_OCTET_STRING; |
283 | 39.3k | char *p_value_utf8_ptr = DFLT_UTF8_PTR; |
284 | 39.3k | char *p_value_octet_ptr = DFLT_OCTET_PTR; |
285 | | |
286 | 39.3k | int data_len = 0; |
287 | | |
288 | 39.3k | if (!read_int(buf, len, &use_param)) { |
289 | 11.6k | use_param = OPENSSL_malloc(sizeof(uint64_t)); |
290 | 11.6k | *use_param = 0; |
291 | 11.6k | } |
292 | | |
293 | 39.3k | switch (param->data_type) { |
294 | 2.49k | case OSSL_PARAM_INTEGER: |
295 | 2.49k | if (strcmp(param->key, OSSL_KDF_PARAM_ITER) == 0) { |
296 | 0 | p_value_int = OPENSSL_malloc(sizeof(ITERS)); |
297 | 0 | *p_value_int = ITERS; |
298 | 2.49k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_N) == 0) { |
299 | 0 | p_value_int = OPENSSL_malloc(sizeof(ITERS)); |
300 | 0 | *p_value_int = ITERS; |
301 | 2.49k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_R) == 0) { |
302 | 248 | p_value_int = OPENSSL_malloc(sizeof(BLOCKSIZE)); |
303 | 248 | *p_value_int = BLOCKSIZE; |
304 | 2.25k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_P) == 0) { |
305 | 0 | p_value_int = OPENSSL_malloc(sizeof(BLOCKSIZE)); |
306 | 0 | *p_value_int = BLOCKSIZE; |
307 | 2.25k | } else if (!*use_param || !read_int(buf, len, &p_value_int)) { |
308 | 1.28k | p_value_int = OPENSSL_malloc(sizeof(int64_t)); |
309 | 1.28k | *p_value_int = 0; |
310 | 1.28k | } |
311 | | |
312 | 2.49k | *p = *param; |
313 | 2.49k | p->data = p_value_int; |
314 | 2.49k | p++; |
315 | 2.49k | break; |
316 | 9.18k | case OSSL_PARAM_UNSIGNED_INTEGER: |
317 | 9.18k | if (strcmp(param->key, OSSL_KDF_PARAM_ITER) == 0) { |
318 | 1.27k | p_value_uint = OPENSSL_malloc(sizeof(UITERS)); |
319 | 1.27k | *p_value_uint = UITERS; |
320 | 7.91k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_N) == 0) { |
321 | 85 | p_value_uint = OPENSSL_malloc(sizeof(UITERS)); |
322 | 85 | *p_value_uint = UITERS; |
323 | 7.82k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_R) == 0) { |
324 | 85 | p_value_uint = OPENSSL_malloc(sizeof(UBLOCKSIZE)); |
325 | 85 | *p_value_uint = UBLOCKSIZE; |
326 | 7.74k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_P) == 0) { |
327 | 85 | p_value_uint = OPENSSL_malloc(sizeof(UBLOCKSIZE)); |
328 | 85 | *p_value_uint = UBLOCKSIZE; |
329 | 7.65k | } else if (!*use_param || !read_uint(buf, len, &p_value_uint)) { |
330 | 3.50k | p_value_uint = OPENSSL_malloc(sizeof(uint64_t)); |
331 | 3.50k | *p_value_uint = 0; |
332 | 3.50k | } |
333 | | |
334 | 9.18k | *p = *param; |
335 | 9.18k | p->data = p_value_uint; |
336 | 9.18k | p++; |
337 | 9.18k | break; |
338 | 0 | case OSSL_PARAM_REAL: |
339 | 0 | if (!*use_param || !read_double(buf, len, &p_value_double)) { |
340 | 0 | p_value_double = OPENSSL_malloc(sizeof(double)); |
341 | 0 | *p_value_double = 0; |
342 | 0 | } |
343 | |
|
344 | 0 | *p = *param; |
345 | 0 | p->data = p_value_double; |
346 | 0 | p++; |
347 | 0 | break; |
348 | 12.5k | case OSSL_PARAM_UTF8_STRING: |
349 | 12.5k | if (*use_param && (data_len = read_utf8_string(buf, len, &p_value_utf8_str)) < 0) |
350 | 605 | data_len = 0; |
351 | 12.5k | *p = *param; |
352 | 12.5k | p->data = p_value_utf8_str; |
353 | 12.5k | p->data_size = data_len; |
354 | 12.5k | p++; |
355 | 12.5k | break; |
356 | 15.1k | case OSSL_PARAM_OCTET_STRING: |
357 | 15.1k | if (*use_param && (data_len = read_octet_string(buf, len, &p_value_octet_str)) < 0) |
358 | 2.49k | data_len = 0; |
359 | 15.1k | *p = *param; |
360 | 15.1k | p->data = p_value_octet_str; |
361 | 15.1k | p->data_size = data_len; |
362 | 15.1k | p++; |
363 | 15.1k | break; |
364 | 0 | case OSSL_PARAM_UTF8_PTR: |
365 | 0 | if (*use_param && (data_len = read_utf8_ptr(buf, len, &p_value_utf8_ptr)) < 0) |
366 | 0 | data_len = 0; |
367 | 0 | *p = *param; |
368 | 0 | p->data = p_value_utf8_ptr; |
369 | 0 | p->data_size = data_len; |
370 | 0 | p++; |
371 | 0 | break; |
372 | 0 | case OSSL_PARAM_OCTET_PTR: |
373 | 0 | if (*use_param && (data_len = read_octet_ptr(buf, len, &p_value_octet_ptr)) < 0) |
374 | 0 | data_len = 0; |
375 | 0 | *p = *param; |
376 | 0 | p->data = p_value_octet_ptr; |
377 | 0 | p->data_size = data_len; |
378 | 0 | p++; |
379 | 0 | break; |
380 | 0 | default: |
381 | 0 | break; |
382 | 39.3k | } |
383 | | |
384 | 39.3k | OPENSSL_free(use_param); |
385 | 39.3k | } |
386 | | |
387 | 7.14k | return fuzzed_parameters; |
388 | 7.14k | } |
389 | | |
390 | | static int do_evp_cipher(const EVP_CIPHER *evp_cipher, const OSSL_PARAM param[]) |
391 | 94 | { |
392 | 94 | unsigned char outbuf[1024]; |
393 | 94 | int outlen, tmplen; |
394 | 94 | unsigned char key[] = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15}; |
395 | 94 | unsigned char iv[] = {1, 2, 3, 4, 5, 6, 7, 8}; |
396 | 94 | const char intext[] = "text"; |
397 | 94 | EVP_CIPHER_CTX *ctx; |
398 | | |
399 | 94 | ctx = EVP_CIPHER_CTX_new(); |
400 | | |
401 | 94 | if (!EVP_CIPHER_CTX_set_params(ctx, param)) { |
402 | 94 | EVP_CIPHER_CTX_free(ctx); |
403 | 94 | return 0; |
404 | 94 | } |
405 | | |
406 | 0 | if (!EVP_EncryptInit_ex2(ctx, evp_cipher, key, iv, NULL)) { |
407 | | /* Error */ |
408 | 0 | EVP_CIPHER_CTX_free(ctx); |
409 | 0 | return 0; |
410 | 0 | } |
411 | | |
412 | 0 | if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, (const unsigned char *) intext, strlen(intext))) { |
413 | | /* Error */ |
414 | 0 | EVP_CIPHER_CTX_free(ctx); |
415 | 0 | return 0; |
416 | 0 | } |
417 | | /* |
418 | | * Buffer passed to EVP_EncryptFinal() must be after data just |
419 | | * encrypted to avoid overwriting it. |
420 | | */ |
421 | 0 | if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen)) { |
422 | | /* Error */ |
423 | 0 | EVP_CIPHER_CTX_free(ctx); |
424 | 0 | return 0; |
425 | 0 | } |
426 | 0 | outlen += tmplen; |
427 | 0 | EVP_CIPHER_CTX_free(ctx); |
428 | 0 | return 1; |
429 | 0 | } |
430 | | |
431 | | static int do_evp_kdf(EVP_KDF *evp_kdf, const OSSL_PARAM params[]) |
432 | 4.59k | { |
433 | 4.59k | int r = 1; |
434 | 4.59k | EVP_KDF_CTX *kctx = NULL; |
435 | 4.59k | unsigned char derived[32]; |
436 | | |
437 | 4.59k | kctx = EVP_KDF_CTX_new(evp_kdf); |
438 | | |
439 | 4.59k | if (kctx == NULL) { |
440 | 0 | r = 0; |
441 | 0 | goto end; |
442 | 0 | } |
443 | | |
444 | 4.59k | if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { |
445 | 2.10k | r = 0; |
446 | 2.10k | goto end; |
447 | 2.10k | } |
448 | | |
449 | 2.49k | if (EVP_KDF_derive(kctx, derived, sizeof(derived), NULL) <= 0) { |
450 | 846 | r = 0; |
451 | 846 | goto end; |
452 | 846 | } |
453 | | |
454 | 4.59k | end: |
455 | 4.59k | EVP_KDF_CTX_free(kctx); |
456 | 4.59k | return r; |
457 | 2.49k | } |
458 | | |
459 | | static int do_evp_mac(EVP_MAC *evp_mac, const OSSL_PARAM params[]) |
460 | 1.54k | { |
461 | 1.54k | int r = 1; |
462 | 1.54k | const char *key = "mac_key"; |
463 | 1.54k | char text[] = "Some Crypto Text"; |
464 | 1.54k | EVP_MAC_CTX *ctx = NULL; |
465 | 1.54k | unsigned char buf[4096]; |
466 | 1.54k | size_t final_l; |
467 | | |
468 | 1.54k | if ((ctx = EVP_MAC_CTX_new(evp_mac)) == NULL |
469 | 1.54k | || !EVP_MAC_init(ctx, (const unsigned char *) key, strlen(key), |
470 | 1.54k | params)) { |
471 | 890 | r = 0; |
472 | 890 | goto end; |
473 | 890 | } |
474 | | |
475 | 656 | if (EVP_MAC_CTX_set_params(ctx, params) <= 0) { |
476 | 0 | r = 0; |
477 | 0 | goto end; |
478 | 0 | } |
479 | | |
480 | 656 | if (!EVP_MAC_update(ctx, (unsigned char *) text, sizeof(text))) { |
481 | 90 | r = 0; |
482 | 90 | goto end; |
483 | 90 | } |
484 | | |
485 | 566 | if (!EVP_MAC_final(ctx, buf, &final_l, sizeof(buf))) { |
486 | 0 | r = 0; |
487 | 0 | goto end; |
488 | 0 | } |
489 | | |
490 | 1.54k | end: |
491 | 1.54k | EVP_MAC_CTX_free(ctx); |
492 | 1.54k | return r; |
493 | 566 | } |
494 | | |
495 | | static int do_evp_rand(EVP_RAND *evp_rand, const OSSL_PARAM params[]) |
496 | 668 | { |
497 | 668 | int r = 1; |
498 | 668 | EVP_RAND_CTX *ctx = NULL; |
499 | 668 | unsigned char buf[4096]; |
500 | | |
501 | 668 | if (!(ctx = EVP_RAND_CTX_new(evp_rand, NULL))) { |
502 | 0 | r = 0; |
503 | 0 | goto end; |
504 | 0 | } |
505 | | |
506 | 668 | if (EVP_RAND_CTX_set_params(ctx, params) <= 0) { |
507 | 169 | r = 0; |
508 | 169 | goto end; |
509 | 169 | } |
510 | | |
511 | 499 | if (!EVP_RAND_generate(ctx, buf, sizeof(buf), 0, 0, NULL, 0)) { |
512 | 138 | r = 0; |
513 | 138 | goto end; |
514 | 138 | } |
515 | | |
516 | 361 | if (!EVP_RAND_reseed(ctx, 0, 0, 0, NULL, 0)) { |
517 | 0 | r = 0; |
518 | 0 | goto end; |
519 | 0 | } |
520 | | |
521 | 668 | end: |
522 | 668 | EVP_RAND_CTX_free(ctx); |
523 | 668 | return r; |
524 | 361 | } |
525 | | |
526 | | static int do_evp_sig(EVP_SIGNATURE *evp_sig, const OSSL_PARAM params[]) |
527 | 79 | { |
528 | 79 | return 0; |
529 | 79 | } |
530 | | |
531 | | static int do_evp_asym_cipher(EVP_ASYM_CIPHER *evp_asym_cipher, const OSSL_PARAM params[]) |
532 | 16 | { |
533 | 16 | return 0; |
534 | 16 | } |
535 | | |
536 | | static int do_evp_kem(EVP_KEM *evp_kem, const OSSL_PARAM params[]) |
537 | 37 | { |
538 | 37 | return 0; |
539 | 37 | } |
540 | | |
541 | | static int do_evp_key_exch(EVP_KEYEXCH *evp_kdf, const OSSL_PARAM params[]) |
542 | 59 | { |
543 | 59 | return 0; |
544 | 59 | } |
545 | | |
546 | | static int do_evp_md(EVP_MD *evp_md, const OSSL_PARAM params[]) |
547 | 49 | { |
548 | 49 | int r = 1; |
549 | 49 | unsigned char md_value[EVP_MAX_MD_SIZE]; |
550 | 49 | unsigned int md_len; |
551 | 49 | EVP_MD_CTX *mdctx = NULL; |
552 | | |
553 | 49 | if (!(mdctx = EVP_MD_CTX_new())) { |
554 | 0 | r = 0; |
555 | 0 | goto end; |
556 | 0 | } |
557 | | |
558 | 49 | if (!EVP_MD_CTX_set_params(mdctx, params)) { |
559 | 49 | r = 0; |
560 | 49 | goto end; |
561 | 49 | } |
562 | | |
563 | 0 | if (!EVP_DigestInit_ex2(mdctx, evp_md, NULL)) { |
564 | 0 | r = 0; |
565 | 0 | goto end; |
566 | 0 | } |
567 | 0 | if (!EVP_DigestUpdate(mdctx, "Test", strlen("Test"))) { |
568 | 0 | r = 0; |
569 | 0 | goto end; |
570 | 0 | } |
571 | 0 | if (!EVP_DigestFinal_ex(mdctx, md_value, &md_len)) { |
572 | 0 | r = 0; |
573 | 0 | goto end; |
574 | 0 | } |
575 | | |
576 | 49 | end: |
577 | 49 | EVP_MD_CTX_free(mdctx); |
578 | 49 | return r; |
579 | 0 | } |
580 | | |
581 | | #define EVP_FUZZ(source, evp, f) \ |
582 | 7.14k | do { \ |
583 | 7.14k | evp *alg = sk_##evp##_value(source, *algorithm % sk_##evp##_num(source)); \ |
584 | 7.14k | OSSL_PARAM *fuzzed_params; \ |
585 | 7.14k | \ |
586 | 7.14k | if (alg == NULL) \ |
587 | 7.14k | break; \ |
588 | 7.14k | fuzzed_params = fuzz_params((OSSL_PARAM*) evp##_settable_ctx_params(alg), &buf, &len); \ |
589 | 7.14k | if (fuzzed_params != NULL) \ |
590 | 7.14k | f(alg, fuzzed_params); \ |
591 | 7.14k | free_params(fuzzed_params); \ |
592 | 7.14k | OSSL_PARAM_free(fuzzed_params); \ |
593 | 7.14k | } while (0); |
594 | | |
595 | | int FuzzerTestOneInput(const uint8_t *buf, size_t len) |
596 | 7.17k | { |
597 | 7.17k | int r = 1; |
598 | 7.17k | uint64_t *operation = NULL; |
599 | 7.17k | int64_t *algorithm = NULL; |
600 | | |
601 | 7.17k | if (!read_uint(&buf, &len, &operation)) { |
602 | 12 | r = 0; |
603 | 12 | goto end; |
604 | 12 | } |
605 | | |
606 | 7.15k | if (!read_int(&buf, &len, &algorithm)) { |
607 | 15 | r = 0; |
608 | 15 | goto end; |
609 | 15 | } |
610 | | |
611 | 7.14k | switch (*operation % 10) { |
612 | 49 | case 0: |
613 | 49 | EVP_FUZZ(digests_collection, EVP_MD, do_evp_md); |
614 | 49 | break; |
615 | 94 | case 1: |
616 | 94 | EVP_FUZZ(cipher_collection, EVP_CIPHER, do_evp_cipher); |
617 | 94 | break; |
618 | 4.59k | case 2: |
619 | 4.59k | EVP_FUZZ(kdf_collection, EVP_KDF, do_evp_kdf); |
620 | 4.59k | break; |
621 | 1.54k | case 3: |
622 | 1.54k | EVP_FUZZ(mac_collection, EVP_MAC, do_evp_mac); |
623 | 1.54k | break; |
624 | 37 | case 4: |
625 | 37 | EVP_FUZZ(kem_collection, EVP_KEM, do_evp_kem); |
626 | 37 | break; |
627 | 668 | case 5: |
628 | 668 | EVP_FUZZ(rand_collection, EVP_RAND, do_evp_rand); |
629 | 668 | break; |
630 | 16 | case 6: |
631 | 16 | EVP_FUZZ(asym_ciphers_collection, EVP_ASYM_CIPHER, do_evp_asym_cipher); |
632 | 16 | break; |
633 | 79 | case 7: |
634 | 79 | EVP_FUZZ(signature_collection, EVP_SIGNATURE, do_evp_sig); |
635 | 79 | break; |
636 | 59 | case 8: |
637 | 59 | EVP_FUZZ(keyexch_collection, EVP_KEYEXCH, do_evp_key_exch); |
638 | 59 | break; |
639 | 3 | case 9: |
640 | | /* |
641 | | Implement and call: |
642 | | static int do_evp_keymgmt(EVP_KEYMGMT *evp_kdf, const OSSL_PARAM params[]) |
643 | | { |
644 | | return 0; |
645 | | } |
646 | | */ |
647 | | /* not yet implemented */ |
648 | 3 | break; |
649 | 0 | default: |
650 | 0 | r = 0; |
651 | 0 | goto end; |
652 | 7.14k | } |
653 | | |
654 | 7.17k | end: |
655 | 7.17k | OPENSSL_free(operation); |
656 | 7.17k | OPENSSL_free(algorithm); |
657 | 7.17k | return r; |
658 | 7.14k | } |