/src/openssl36/fuzz/provider.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2023-2025 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"); |
5 | | * you may not use this file except in compliance with the License. |
6 | | * You may obtain a copy of the License at |
7 | | * https://www.openssl.org/source/license.html |
8 | | * or in the file LICENSE in the source distribution. |
9 | | */ |
10 | | #include <string.h> |
11 | | #include <openssl/types.h> |
12 | | #include <openssl/crypto.h> |
13 | | #include <openssl/core_names.h> |
14 | | #include <openssl/kdf.h> |
15 | | #include <openssl/evp.h> |
16 | | #include <openssl/provider.h> |
17 | | #include "fuzzer.h" |
18 | | |
19 | | #define DEFINE_ALGORITHMS(name, evp) \ |
20 | | DEFINE_STACK_OF(evp) \ |
21 | | static int cmp_##evp(const evp *const *a, const evp *const *b); \ |
22 | | static void collect_##evp(evp *obj, void *stack); \ |
23 | | static void init_##name(OSSL_LIB_CTX *libctx); \ |
24 | | static void cleanup_##name(void); \ |
25 | | static STACK_OF(evp) *name##_collection; \ |
26 | | static int cmp_##evp(const evp *const *a, const evp *const *b) \ |
27 | 616 | { \ |
28 | 616 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ |
29 | 616 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ |
30 | 616 | } \ Line | Count | Source | 27 | 58 | { \ | 28 | 58 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 58 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 58 | } \ |
Line | Count | Source | 27 | 42 | { \ | 28 | 42 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 42 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 42 | } \ |
provider.c:cmp_EVP_CIPHER Line | Count | Source | 27 | 258 | { \ | 28 | 258 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 258 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 258 | } \ |
Line | Count | Source | 27 | 22 | { \ | 28 | 22 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 22 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 22 | } \ |
provider.c:cmp_EVP_KEYEXCH Line | Count | Source | 27 | 12 | { \ | 28 | 12 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 12 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 12 | } \ |
Line | Count | Source | 27 | 8 | { \ | 28 | 8 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 8 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 8 | } \ |
Line | Count | Source | 27 | 16 | { \ | 28 | 16 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 16 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 16 | } \ |
provider.c:cmp_EVP_KEYMGMT Line | Count | Source | 27 | 82 | { \ | 28 | 82 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 82 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 82 | } \ |
provider.c:cmp_EVP_SIGNATURE Line | Count | Source | 27 | 116 | { \ | 28 | 116 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 116 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 116 | } \ |
provider.c:cmp_EVP_ASYM_CIPHER Line | Count | Source | 27 | 2 | { \ | 28 | 2 | return strcmp(OSSL_PROVIDER_get0_name(evp##_get0_provider(*a)), \ | 29 | 2 | OSSL_PROVIDER_get0_name(evp##_get0_provider(*b))); \ | 30 | 2 | } \ |
|
31 | | static void collect_##evp(evp *obj, void *stack) \ |
32 | 2.39k | { \ |
33 | 2.39k | STACK_OF(evp) *obj_stack = stack; \ |
34 | 2.39k | \ |
35 | 2.39k | if (sk_##evp##_push(obj_stack, obj) > 0) \ |
36 | 2.39k | evp##_up_ref(obj); \ |
37 | 2.39k | } \ provider.c:collect_EVP_MD Line | Count | Source | 32 | 222 | { \ | 33 | 222 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 222 | \ | 35 | 222 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 222 | evp##_up_ref(obj); \ | 37 | 222 | } \ |
provider.c:collect_EVP_KDF Line | Count | Source | 32 | 146 | { \ | 33 | 146 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 146 | \ | 35 | 146 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 146 | evp##_up_ref(obj); \ | 37 | 146 | } \ |
provider.c:collect_EVP_CIPHER Line | Count | Source | 32 | 1.04k | { \ | 33 | 1.04k | STACK_OF(evp) *obj_stack = stack; \ | 34 | 1.04k | \ | 35 | 1.04k | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 1.04k | evp##_up_ref(obj); \ | 37 | 1.04k | } \ |
provider.c:collect_EVP_KEM Line | Count | Source | 32 | 76 | { \ | 33 | 76 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 76 | \ | 35 | 76 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 76 | evp##_up_ref(obj); \ | 37 | 76 | } \ |
provider.c:collect_EVP_KEYEXCH Line | Count | Source | 32 | 56 | { \ | 33 | 56 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 56 | \ | 35 | 56 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 56 | evp##_up_ref(obj); \ | 37 | 56 | } \ |
provider.c:collect_EVP_RAND Line | Count | Source | 32 | 40 | { \ | 33 | 40 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 40 | \ | 35 | 40 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 40 | evp##_up_ref(obj); \ | 37 | 40 | } \ |
provider.c:collect_EVP_MAC Line | Count | Source | 32 | 72 | { \ | 33 | 72 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 72 | \ | 35 | 72 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 72 | evp##_up_ref(obj); \ | 37 | 72 | } \ |
provider.c:collect_EVP_KEYMGMT Line | Count | Source | 32 | 280 | { \ | 33 | 280 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 280 | \ | 35 | 280 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 280 | evp##_up_ref(obj); \ | 37 | 280 | } \ |
provider.c:collect_EVP_SIGNATURE Line | Count | Source | 32 | 442 | { \ | 33 | 442 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 442 | \ | 35 | 442 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 442 | evp##_up_ref(obj); \ | 37 | 442 | } \ |
provider.c:collect_EVP_ASYM_CIPHER Line | Count | Source | 32 | 16 | { \ | 33 | 16 | STACK_OF(evp) *obj_stack = stack; \ | 34 | 16 | \ | 35 | 16 | if (sk_##evp##_push(obj_stack, obj) > 0) \ | 36 | 16 | evp##_up_ref(obj); \ | 37 | 16 | } \ |
|
38 | | static void init_##name(OSSL_LIB_CTX *libctx) \ |
39 | 80 | { \ |
40 | 80 | name##_collection = sk_##evp##_new(cmp_##evp); \ |
41 | 80 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ |
42 | 80 | } \ Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
provider.c:init_signature Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
provider.c:init_asym_ciphers Line | Count | Source | 39 | 8 | { \ | 40 | 8 | name##_collection = sk_##evp##_new(cmp_##evp); \ | 41 | 8 | evp##_do_all_provided(libctx, collect_##evp, name##_collection); \ | 42 | 8 | } \ |
|
43 | | static void cleanup_##name(void) \ |
44 | 0 | { \ |
45 | 0 | sk_##evp##_pop_free(name##_collection, evp##_free); \ |
46 | 0 | } Unexecuted instantiation: provider.c:cleanup_digests Unexecuted instantiation: provider.c:cleanup_kdf Unexecuted instantiation: provider.c:cleanup_cipher Unexecuted instantiation: provider.c:cleanup_kem Unexecuted instantiation: provider.c:cleanup_keyexch Unexecuted instantiation: provider.c:cleanup_rand Unexecuted instantiation: provider.c:cleanup_mac Unexecuted instantiation: provider.c:cleanup_keymgmt Unexecuted instantiation: provider.c:cleanup_signature Unexecuted instantiation: provider.c:cleanup_asym_ciphers |
47 | | |
48 | | DEFINE_ALGORITHMS(digests, EVP_MD) |
49 | | |
50 | | DEFINE_ALGORITHMS(kdf, EVP_KDF) |
51 | | |
52 | | DEFINE_ALGORITHMS(cipher, EVP_CIPHER) |
53 | | |
54 | | DEFINE_ALGORITHMS(kem, EVP_KEM) |
55 | | |
56 | | DEFINE_ALGORITHMS(keyexch, EVP_KEYEXCH) |
57 | | |
58 | | DEFINE_ALGORITHMS(rand, EVP_RAND) |
59 | | |
60 | | DEFINE_ALGORITHMS(mac, EVP_MAC) |
61 | | |
62 | | DEFINE_ALGORITHMS(keymgmt, EVP_KEYMGMT) |
63 | | |
64 | | DEFINE_ALGORITHMS(signature, EVP_SIGNATURE) |
65 | | |
66 | | DEFINE_ALGORITHMS(asym_ciphers, EVP_ASYM_CIPHER) |
67 | | |
68 | | static OSSL_LIB_CTX *libctx = NULL; |
69 | | |
70 | | int FuzzerInitialize(int *argc, char ***argv) |
71 | 20 | { |
72 | 20 | libctx = OSSL_LIB_CTX_new(); |
73 | 20 | if (libctx == NULL) |
74 | 0 | return 0; |
75 | | |
76 | 20 | init_digests(libctx); |
77 | 20 | init_kdf(libctx); |
78 | 20 | init_cipher(libctx); |
79 | 20 | init_kem(libctx); |
80 | 20 | init_keyexch(libctx); |
81 | 20 | init_rand(libctx); |
82 | 20 | init_mac(libctx); |
83 | 20 | init_keymgmt(libctx); |
84 | 20 | init_signature(libctx); |
85 | 20 | init_asym_ciphers(libctx); |
86 | 20 | return 1; |
87 | 20 | } |
88 | | |
89 | | void FuzzerCleanup(void) |
90 | 0 | { |
91 | 0 | cleanup_digests(); |
92 | 0 | cleanup_kdf(); |
93 | 0 | cleanup_cipher(); |
94 | 0 | cleanup_kem(); |
95 | 0 | cleanup_keyexch(); |
96 | 0 | cleanup_rand(); |
97 | 0 | cleanup_mac(); |
98 | 0 | cleanup_keymgmt(); |
99 | 0 | cleanup_signature(); |
100 | 0 | cleanup_asym_ciphers(); |
101 | |
|
102 | 0 | OSSL_LIB_CTX_free(libctx); |
103 | 0 | } |
104 | | |
105 | | static int read_uint(const uint8_t **buf, size_t *len, uint64_t **res) |
106 | 11.9k | { |
107 | 11.9k | int r = 1; |
108 | | |
109 | 11.9k | if (*len < sizeof(uint64_t)) { |
110 | 207 | r = 0; |
111 | 207 | goto end; |
112 | 207 | } |
113 | | |
114 | 11.7k | *res = OPENSSL_malloc(sizeof(uint64_t)); |
115 | 11.7k | **res = (uint64_t)**buf; |
116 | | |
117 | 11.7k | *buf += sizeof(uint64_t); |
118 | 11.7k | *len -= sizeof(uint64_t); |
119 | 11.9k | end: |
120 | 11.9k | return r; |
121 | 11.7k | } |
122 | | |
123 | | static int read_int(const uint8_t **buf, size_t *len, int64_t **res) |
124 | 52.2k | { |
125 | 52.2k | int r = 1; |
126 | | |
127 | 52.2k | if (*len < sizeof(int64_t)) { |
128 | 13.0k | r = 0; |
129 | 13.0k | goto end; |
130 | 13.0k | } |
131 | | |
132 | 39.1k | *res = OPENSSL_malloc(sizeof(int64_t)); |
133 | 39.1k | **res = (int64_t)**buf; |
134 | | |
135 | 39.1k | *buf += sizeof(int64_t); |
136 | 39.1k | *len -= sizeof(int64_t); |
137 | 52.2k | end: |
138 | 52.2k | return r; |
139 | 39.1k | } |
140 | | |
141 | | static int read_double(const uint8_t **buf, size_t *len, double **res) |
142 | 0 | { |
143 | 0 | int r = 1; |
144 | |
|
145 | 0 | if (*len < sizeof(double)) { |
146 | 0 | r = 0; |
147 | 0 | goto end; |
148 | 0 | } |
149 | | |
150 | 0 | *res = OPENSSL_malloc(sizeof(double)); |
151 | 0 | **res = (double)**buf; |
152 | |
|
153 | 0 | *buf += sizeof(double); |
154 | 0 | *len -= sizeof(double); |
155 | 0 | end: |
156 | 0 | return r; |
157 | 0 | } |
158 | | |
159 | | static int read_utf8_string(const uint8_t **buf, size_t *len, char **res) |
160 | 13.9k | { |
161 | 13.9k | size_t found_len; |
162 | 13.9k | int r; |
163 | | |
164 | 13.9k | found_len = OPENSSL_strnlen((const char *)*buf, *len); |
165 | | |
166 | 13.9k | if (found_len == *len) { |
167 | 1.01k | r = -1; |
168 | 1.01k | goto end; |
169 | 1.01k | } |
170 | | |
171 | 12.9k | found_len++; /* skip over the \0 byte */ |
172 | | |
173 | 12.9k | r = (int)found_len; |
174 | | |
175 | 12.9k | *res = (char *)*buf; |
176 | 12.9k | *len -= found_len; |
177 | 12.9k | *buf = *buf + found_len; /* continue after the \0 byte */ |
178 | 13.9k | end: |
179 | 13.9k | return r; |
180 | 12.9k | } |
181 | | |
182 | | static int read_utf8_ptr(const uint8_t **buf, size_t *len, char **res) |
183 | 0 | { |
184 | 0 | if (*len > 0 && **buf == 0xFF) { |
185 | | /* represent NULL somehow */ |
186 | 0 | *res = NULL; |
187 | 0 | *buf += 1; |
188 | 0 | *len -= 1; |
189 | 0 | return 0; |
190 | 0 | } |
191 | 0 | return read_utf8_string(buf, len, res); |
192 | 0 | } |
193 | | |
194 | | static int read_octet_string(const uint8_t **buf, size_t *len, char **res) |
195 | 13.5k | { |
196 | 13.5k | int r; |
197 | 13.5k | size_t i; |
198 | 13.5k | const uint8_t *ptr = *buf; |
199 | 13.5k | int found = 0; |
200 | | |
201 | 176M | for (i = 0; i < *len; ++i) { |
202 | 176M | if (*ptr == 0xFF && (i + 1 < *len && *(ptr + 1) == 0xFF)) { |
203 | 10.0k | ptr++; |
204 | 10.0k | found = 1; |
205 | 10.0k | break; |
206 | 10.0k | } |
207 | 176M | ptr++; |
208 | 176M | } |
209 | | |
210 | 13.5k | if (!found) { |
211 | 3.48k | r = -1; |
212 | 3.48k | goto end; |
213 | 3.48k | } |
214 | | |
215 | 10.0k | *res = (char *)*buf; |
216 | | |
217 | 10.0k | r = (int)(ptr - *buf); |
218 | 10.0k | *len -= r; |
219 | 10.0k | *buf = ptr; |
220 | | |
221 | 13.5k | end: |
222 | 13.5k | return r; |
223 | 10.0k | } |
224 | | |
225 | | static int read_octet_ptr(const uint8_t **buf, size_t *len, char **res) |
226 | 0 | { |
227 | | /* TODO: This representation could need an improvement potentially. */ |
228 | 0 | if (*len > 1 && **buf == 0xFF && *(*buf + 1) == 0xFF) { |
229 | | /* represent NULL somehow */ |
230 | 0 | *res = NULL; |
231 | 0 | *buf += 2; |
232 | 0 | *len -= 2; |
233 | 0 | return 0; |
234 | 0 | } |
235 | 0 | return read_octet_string(buf, len, res); |
236 | 0 | } |
237 | | |
238 | | static char *DFLT_STR = ""; |
239 | | static char *DFLT_UTF8_PTR = NULL; |
240 | | static char *DFLT_OCTET_STRING = ""; |
241 | | static char *DFLT_OCTET_PTR = NULL; |
242 | | |
243 | | static int64_t ITERS = 1; |
244 | | static uint64_t UITERS = 1; |
245 | | static int64_t BLOCKSIZE = 8; |
246 | | static uint64_t UBLOCKSIZE = 8; |
247 | | |
248 | | static void free_params(OSSL_PARAM *param) |
249 | 9.90k | { |
250 | 65.2k | for (; param != NULL && param->key != NULL; param++) { |
251 | 55.3k | switch (param->data_type) { |
252 | 3.90k | case OSSL_PARAM_INTEGER: |
253 | 16.1k | case OSSL_PARAM_UNSIGNED_INTEGER: |
254 | 16.1k | case OSSL_PARAM_REAL: |
255 | 16.1k | if (param->data != NULL) { |
256 | 16.1k | OPENSSL_free(param->data); |
257 | 16.1k | } |
258 | 16.1k | break; |
259 | 55.3k | } |
260 | 55.3k | } |
261 | 9.90k | } |
262 | | |
263 | | static OSSL_PARAM *fuzz_params(OSSL_PARAM *param, const uint8_t **buf, size_t *len) |
264 | 7.61k | { |
265 | 7.61k | OSSL_PARAM *p; |
266 | 7.61k | OSSL_PARAM *fuzzed_parameters; |
267 | 7.61k | int p_num = 0; |
268 | | |
269 | 50.8k | for (p = param; p != NULL && p->key != NULL; p++) |
270 | 43.2k | p_num++; |
271 | | |
272 | 7.61k | fuzzed_parameters = OPENSSL_calloc(p_num + 1, sizeof(OSSL_PARAM)); |
273 | 7.61k | p = fuzzed_parameters; |
274 | | |
275 | 50.8k | for (; param != NULL && param->key != NULL; param++) { |
276 | 43.2k | int64_t *use_param = NULL; |
277 | 43.2k | int64_t *p_value_int = NULL; |
278 | 43.2k | uint64_t *p_value_uint = NULL; |
279 | 43.2k | double *p_value_double = NULL; |
280 | 43.2k | char *p_value_utf8_str = DFLT_STR; |
281 | 43.2k | char *p_value_octet_str = DFLT_OCTET_STRING; |
282 | 43.2k | char *p_value_utf8_ptr = DFLT_UTF8_PTR; |
283 | 43.2k | char *p_value_octet_ptr = DFLT_OCTET_PTR; |
284 | | |
285 | 43.2k | int data_len = 0; |
286 | | |
287 | 43.2k | if (!read_int(buf, len, &use_param)) { |
288 | 12.9k | use_param = OPENSSL_malloc(sizeof(uint64_t)); |
289 | 12.9k | *use_param = 0; |
290 | 12.9k | } |
291 | | |
292 | 43.2k | switch (param->data_type) { |
293 | 3.11k | case OSSL_PARAM_INTEGER: |
294 | 3.11k | if (strcmp(param->key, OSSL_KDF_PARAM_ITER) == 0) { |
295 | 0 | p_value_int = OPENSSL_malloc(sizeof(ITERS)); |
296 | 0 | *p_value_int = ITERS; |
297 | 3.11k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_N) == 0) { |
298 | 0 | p_value_int = OPENSSL_malloc(sizeof(ITERS)); |
299 | 0 | *p_value_int = ITERS; |
300 | 3.11k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_R) == 0) { |
301 | 440 | p_value_int = OPENSSL_malloc(sizeof(BLOCKSIZE)); |
302 | 440 | *p_value_int = BLOCKSIZE; |
303 | 2.67k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_P) == 0) { |
304 | 0 | p_value_int = OPENSSL_malloc(sizeof(BLOCKSIZE)); |
305 | 0 | *p_value_int = BLOCKSIZE; |
306 | 2.67k | } else if (!*use_param || !read_int(buf, len, &p_value_int)) { |
307 | 1.46k | p_value_int = OPENSSL_malloc(sizeof(int64_t)); |
308 | 1.46k | *p_value_int = 0; |
309 | 1.46k | } |
310 | | |
311 | 3.11k | *p = *param; |
312 | 3.11k | p->data = p_value_int; |
313 | 3.11k | p++; |
314 | 3.11k | break; |
315 | 9.00k | case OSSL_PARAM_UNSIGNED_INTEGER: |
316 | 9.00k | if (strcmp(param->key, OSSL_KDF_PARAM_ITER) == 0) { |
317 | 1.23k | p_value_uint = OPENSSL_malloc(sizeof(UITERS)); |
318 | 1.23k | *p_value_uint = UITERS; |
319 | 7.76k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_N) == 0) { |
320 | 59 | p_value_uint = OPENSSL_malloc(sizeof(UITERS)); |
321 | 59 | *p_value_uint = UITERS; |
322 | 7.70k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_R) == 0) { |
323 | 59 | p_value_uint = OPENSSL_malloc(sizeof(UBLOCKSIZE)); |
324 | 59 | *p_value_uint = UBLOCKSIZE; |
325 | 7.64k | } else if (strcmp(param->key, OSSL_KDF_PARAM_SCRYPT_P) == 0) { |
326 | 59 | p_value_uint = OPENSSL_malloc(sizeof(UBLOCKSIZE)); |
327 | 59 | *p_value_uint = UBLOCKSIZE; |
328 | 7.58k | } else if (!*use_param || !read_uint(buf, len, &p_value_uint)) { |
329 | 3.44k | p_value_uint = OPENSSL_malloc(sizeof(uint64_t)); |
330 | 3.44k | *p_value_uint = 0; |
331 | 3.44k | } |
332 | | |
333 | 9.00k | *p = *param; |
334 | 9.00k | p->data = p_value_uint; |
335 | 9.00k | p++; |
336 | 9.00k | break; |
337 | 0 | case OSSL_PARAM_REAL: |
338 | 0 | if (!*use_param || !read_double(buf, len, &p_value_double)) { |
339 | 0 | p_value_double = OPENSSL_malloc(sizeof(double)); |
340 | 0 | *p_value_double = 0; |
341 | 0 | } |
342 | |
|
343 | 0 | *p = *param; |
344 | 0 | p->data = p_value_double; |
345 | 0 | p++; |
346 | 0 | break; |
347 | 14.4k | case OSSL_PARAM_UTF8_STRING: |
348 | 14.4k | if (*use_param && (data_len = read_utf8_string(buf, len, &p_value_utf8_str)) < 0) |
349 | 796 | data_len = 0; |
350 | 14.4k | *p = *param; |
351 | 14.4k | p->data = p_value_utf8_str; |
352 | 14.4k | p->data_size = data_len; |
353 | 14.4k | p++; |
354 | 14.4k | break; |
355 | 16.6k | case OSSL_PARAM_OCTET_STRING: |
356 | 16.6k | if (*use_param && (data_len = read_octet_string(buf, len, &p_value_octet_str)) < 0) |
357 | 2.90k | data_len = 0; |
358 | 16.6k | *p = *param; |
359 | 16.6k | p->data = p_value_octet_str; |
360 | 16.6k | p->data_size = data_len; |
361 | 16.6k | p++; |
362 | 16.6k | break; |
363 | 0 | case OSSL_PARAM_UTF8_PTR: |
364 | 0 | if (*use_param && (data_len = read_utf8_ptr(buf, len, &p_value_utf8_ptr)) < 0) |
365 | 0 | data_len = 0; |
366 | 0 | *p = *param; |
367 | 0 | p->data = p_value_utf8_ptr; |
368 | 0 | p->data_size = data_len; |
369 | 0 | p++; |
370 | 0 | break; |
371 | 0 | case OSSL_PARAM_OCTET_PTR: |
372 | 0 | if (*use_param && (data_len = read_octet_ptr(buf, len, &p_value_octet_ptr)) < 0) |
373 | 0 | data_len = 0; |
374 | 0 | *p = *param; |
375 | 0 | p->data = p_value_octet_ptr; |
376 | 0 | p->data_size = data_len; |
377 | 0 | p++; |
378 | 0 | break; |
379 | 0 | default: |
380 | 0 | break; |
381 | 43.2k | } |
382 | | |
383 | 43.2k | OPENSSL_free(use_param); |
384 | 43.2k | } |
385 | | |
386 | 7.61k | return fuzzed_parameters; |
387 | 7.61k | } |
388 | | |
389 | | static int do_evp_cipher(const EVP_CIPHER *evp_cipher, const OSSL_PARAM param[]) |
390 | 88 | { |
391 | 88 | unsigned char outbuf[1024]; |
392 | 88 | int outlen, tmplen; |
393 | 88 | unsigned char key[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }; |
394 | 88 | unsigned char iv[] = { 1, 2, 3, 4, 5, 6, 7, 8 }; |
395 | 88 | const char intext[] = "text"; |
396 | 88 | EVP_CIPHER_CTX *ctx; |
397 | | |
398 | 88 | ctx = EVP_CIPHER_CTX_new(); |
399 | | |
400 | 88 | if (!EVP_CIPHER_CTX_set_params(ctx, param)) { |
401 | 88 | EVP_CIPHER_CTX_free(ctx); |
402 | 88 | return 0; |
403 | 88 | } |
404 | | |
405 | 0 | if (!EVP_EncryptInit_ex2(ctx, evp_cipher, key, iv, NULL)) { |
406 | | /* Error */ |
407 | 0 | EVP_CIPHER_CTX_free(ctx); |
408 | 0 | return 0; |
409 | 0 | } |
410 | | |
411 | 0 | if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, (const unsigned char *)intext, |
412 | 0 | (int)strlen(intext))) { |
413 | | /* Error */ |
414 | 0 | EVP_CIPHER_CTX_free(ctx); |
415 | 0 | return 0; |
416 | 0 | } |
417 | | /* |
418 | | * Buffer passed to EVP_EncryptFinal() must be after data just |
419 | | * encrypted to avoid overwriting it. |
420 | | */ |
421 | 0 | if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen)) { |
422 | | /* Error */ |
423 | 0 | EVP_CIPHER_CTX_free(ctx); |
424 | 0 | return 0; |
425 | 0 | } |
426 | 0 | outlen += tmplen; |
427 | 0 | EVP_CIPHER_CTX_free(ctx); |
428 | 0 | return 1; |
429 | 0 | } |
430 | | |
431 | | static int do_evp_kdf(EVP_KDF *evp_kdf, const OSSL_PARAM params[]) |
432 | 6.01k | { |
433 | 6.01k | int r = 1; |
434 | 6.01k | EVP_KDF_CTX *kctx = NULL; |
435 | 6.01k | unsigned char derived[32]; |
436 | | |
437 | 6.01k | kctx = EVP_KDF_CTX_new(evp_kdf); |
438 | | |
439 | 6.01k | if (kctx == NULL) { |
440 | 0 | r = 0; |
441 | 0 | goto end; |
442 | 0 | } |
443 | | |
444 | 6.01k | if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { |
445 | 2.50k | r = 0; |
446 | 2.50k | goto end; |
447 | 2.50k | } |
448 | | |
449 | 3.50k | if (EVP_KDF_derive(kctx, derived, sizeof(derived), NULL) <= 0) { |
450 | 1.00k | r = 0; |
451 | 1.00k | goto end; |
452 | 1.00k | } |
453 | | |
454 | 6.01k | end: |
455 | 6.01k | EVP_KDF_CTX_free(kctx); |
456 | 6.01k | return r; |
457 | 3.50k | } |
458 | | |
459 | | static int do_evp_mac(EVP_MAC *evp_mac, const OSSL_PARAM params[]) |
460 | 2.00k | { |
461 | 2.00k | int r = 1; |
462 | 2.00k | const char *key = "mac_key"; |
463 | 2.00k | char text[] = "Some Crypto Text"; |
464 | 2.00k | EVP_MAC_CTX *ctx = NULL; |
465 | 2.00k | unsigned char buf[4096]; |
466 | 2.00k | size_t final_l; |
467 | | |
468 | 2.00k | if ((ctx = EVP_MAC_CTX_new(evp_mac)) == NULL |
469 | 2.00k | || !EVP_MAC_init(ctx, (const unsigned char *)key, strlen(key), |
470 | 2.00k | params)) { |
471 | 1.19k | r = 0; |
472 | 1.19k | goto end; |
473 | 1.19k | } |
474 | | |
475 | 807 | if (EVP_MAC_CTX_set_params(ctx, params) <= 0) { |
476 | 0 | r = 0; |
477 | 0 | goto end; |
478 | 0 | } |
479 | | |
480 | 807 | if (!EVP_MAC_update(ctx, (unsigned char *)text, sizeof(text))) { |
481 | 105 | r = 0; |
482 | 105 | goto end; |
483 | 105 | } |
484 | | |
485 | 702 | if (!EVP_MAC_final(ctx, buf, &final_l, sizeof(buf))) { |
486 | 0 | r = 0; |
487 | 0 | goto end; |
488 | 0 | } |
489 | | |
490 | 2.00k | end: |
491 | 2.00k | EVP_MAC_CTX_free(ctx); |
492 | 2.00k | return r; |
493 | 702 | } |
494 | | |
495 | | static int do_evp_rand(EVP_RAND *evp_rand, const OSSL_PARAM params[]) |
496 | 1.12k | { |
497 | 1.12k | int r = 1; |
498 | 1.12k | EVP_RAND_CTX *ctx = NULL; |
499 | 1.12k | unsigned char buf[4096]; |
500 | | |
501 | 1.12k | if (!(ctx = EVP_RAND_CTX_new(evp_rand, NULL))) { |
502 | 0 | r = 0; |
503 | 0 | goto end; |
504 | 0 | } |
505 | | |
506 | 1.12k | if (EVP_RAND_CTX_set_params(ctx, params) <= 0) { |
507 | 329 | r = 0; |
508 | 329 | goto end; |
509 | 329 | } |
510 | | |
511 | 796 | if (!EVP_RAND_generate(ctx, buf, sizeof(buf), 0, 0, NULL, 0)) { |
512 | 191 | r = 0; |
513 | 191 | goto end; |
514 | 191 | } |
515 | | |
516 | 605 | if (!EVP_RAND_reseed(ctx, 0, 0, 0, NULL, 0)) { |
517 | 0 | r = 0; |
518 | 0 | goto end; |
519 | 0 | } |
520 | | |
521 | 1.12k | end: |
522 | 1.12k | EVP_RAND_CTX_free(ctx); |
523 | 1.12k | return r; |
524 | 605 | } |
525 | | |
526 | | static int do_evp_sig(EVP_SIGNATURE *evp_sig, const OSSL_PARAM params[]) |
527 | 121 | { |
528 | 121 | return 0; |
529 | 121 | } |
530 | | |
531 | | static int do_evp_asym_cipher(EVP_ASYM_CIPHER *evp_asym_cipher, const OSSL_PARAM params[]) |
532 | 22 | { |
533 | 22 | return 0; |
534 | 22 | } |
535 | | |
536 | | static int do_evp_kem(EVP_KEM *evp_kem, const OSSL_PARAM params[]) |
537 | 53 | { |
538 | 53 | return 0; |
539 | 53 | } |
540 | | |
541 | | static int do_evp_key_exch(EVP_KEYEXCH *evp_kdf, const OSSL_PARAM params[]) |
542 | 88 | { |
543 | 88 | return 0; |
544 | 88 | } |
545 | | |
546 | | static int do_evp_md(EVP_MD *evp_md, const OSSL_PARAM params[]) |
547 | 144 | { |
548 | 144 | int r = 1; |
549 | 144 | unsigned char md_value[EVP_MAX_MD_SIZE]; |
550 | 144 | unsigned int md_len; |
551 | 144 | EVP_MD_CTX *mdctx = NULL; |
552 | | |
553 | 144 | if (!(mdctx = EVP_MD_CTX_new())) { |
554 | 0 | r = 0; |
555 | 0 | goto end; |
556 | 0 | } |
557 | | |
558 | 144 | if (!EVP_MD_CTX_set_params(mdctx, params)) { |
559 | 65 | r = 0; |
560 | 65 | goto end; |
561 | 65 | } |
562 | | |
563 | 79 | if (!EVP_DigestInit_ex2(mdctx, evp_md, NULL)) { |
564 | 63 | r = 0; |
565 | 63 | goto end; |
566 | 63 | } |
567 | 16 | if (!EVP_DigestUpdate(mdctx, "Test", strlen("Test"))) { |
568 | 0 | r = 0; |
569 | 0 | goto end; |
570 | 0 | } |
571 | 16 | if (!EVP_DigestFinal_ex(mdctx, md_value, &md_len)) { |
572 | 12 | r = 0; |
573 | 12 | goto end; |
574 | 12 | } |
575 | | |
576 | 144 | end: |
577 | 144 | EVP_MD_CTX_free(mdctx); |
578 | 144 | return r; |
579 | 16 | } |
580 | | |
581 | | #define EVP_FUZZ(source, evp, f) \ |
582 | 9.90k | do { \ |
583 | 9.90k | evp *alg = sk_##evp##_value(source, *algorithm % sk_##evp##_num(source)); \ |
584 | 9.90k | OSSL_PARAM *fuzzed_params; \ |
585 | 9.90k | \ |
586 | 9.90k | if (alg == NULL) \ |
587 | 9.90k | break; \ |
588 | 9.90k | fuzzed_params = fuzz_params((OSSL_PARAM *)evp##_settable_ctx_params(alg), &buf, &len); \ |
589 | 9.90k | if (fuzzed_params != NULL) \ |
590 | 9.90k | f(alg, fuzzed_params); \ |
591 | 9.90k | free_params(fuzzed_params); \ |
592 | 9.90k | OSSL_PARAM_free(fuzzed_params); \ |
593 | 9.90k | } while (0); |
594 | | |
595 | | int FuzzerTestOneInput(const uint8_t *buf, size_t len) |
596 | 9.94k | { |
597 | 9.94k | int r = 1; |
598 | 9.94k | uint64_t *operation = NULL; |
599 | 9.94k | int64_t *algorithm = NULL; |
600 | | |
601 | 9.94k | if (!read_uint(&buf, &len, &operation)) { |
602 | 16 | r = 0; |
603 | 16 | goto end; |
604 | 16 | } |
605 | | |
606 | 9.92k | if (!read_int(&buf, &len, &algorithm)) { |
607 | 20 | r = 0; |
608 | 20 | goto end; |
609 | 20 | } |
610 | | |
611 | 9.90k | switch (*operation % 10) { |
612 | 144 | case 0: |
613 | 144 | EVP_FUZZ(digests_collection, EVP_MD, do_evp_md); |
614 | 144 | break; |
615 | 334 | case 1: |
616 | 334 | EVP_FUZZ(cipher_collection, EVP_CIPHER, do_evp_cipher); |
617 | 334 | break; |
618 | 6.01k | case 2: |
619 | 6.01k | EVP_FUZZ(kdf_collection, EVP_KDF, do_evp_kdf); |
620 | 6.01k | break; |
621 | 2.00k | case 3: |
622 | 2.00k | EVP_FUZZ(mac_collection, EVP_MAC, do_evp_mac); |
623 | 2.00k | break; |
624 | 53 | case 4: |
625 | 53 | EVP_FUZZ(kem_collection, EVP_KEM, do_evp_kem); |
626 | 53 | break; |
627 | 1.12k | case 5: |
628 | 1.12k | EVP_FUZZ(rand_collection, EVP_RAND, do_evp_rand); |
629 | 1.12k | break; |
630 | 22 | case 6: |
631 | 22 | EVP_FUZZ(asym_ciphers_collection, EVP_ASYM_CIPHER, do_evp_asym_cipher); |
632 | 22 | break; |
633 | 121 | case 7: |
634 | 121 | EVP_FUZZ(signature_collection, EVP_SIGNATURE, do_evp_sig); |
635 | 121 | break; |
636 | 88 | case 8: |
637 | 88 | EVP_FUZZ(keyexch_collection, EVP_KEYEXCH, do_evp_key_exch); |
638 | 88 | break; |
639 | 4 | case 9: |
640 | | /* |
641 | | Implement and call: |
642 | | static int do_evp_keymgmt(EVP_KEYMGMT *evp_kdf, const OSSL_PARAM params[]) |
643 | | { |
644 | | return 0; |
645 | | } |
646 | | */ |
647 | | /* not yet implemented */ |
648 | 4 | break; |
649 | 0 | default: |
650 | 0 | r = 0; |
651 | 0 | goto end; |
652 | 9.90k | } |
653 | | |
654 | 9.94k | end: |
655 | 9.94k | OPENSSL_free(operation); |
656 | 9.94k | OPENSSL_free(algorithm); |
657 | 9.94k | return r; |
658 | 9.90k | } |