6d42072e0b
fix: add OOM handler for x509 fuzz test
...
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26830 )
2025-02-25 11:58:48 +01:00
ba90c49125
separate intval into separate variable in OSSL_PARAMS
...
construction of int params holds a pointer to an int rather than an int
value, so we need to use separate variables when constructing separate
int params.
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Tim Hudson <tjh@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26851 )
2025-02-22 14:29:56 -05:00
3be71de4d9
Fix slh-dsa fuzzer on invalid param inputs
...
oss-fuzz issue:
https://issues.oss-fuzz.com/issues/397734693
Fails because the fuzzer occasionaly provides inputs which drives the
fuzzer to create an octet-string for the context_string param which
violates the 255 byte constraint documented on that parameter.
Fix it by detecting that condition, expecting failure in the call to
EVP_sign_message_init, and bailing out when it occurs.
Fixes openssl/project#1109
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Tim Hudson <tjh@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26851 )
2025-02-22 14:29:56 -05:00
75bc132dec
Initial slh-dsa fuzzer
...
Current preforms the following operations
1) Generates arbitrary key pairs
2) Generates key pairs with parameters (both correct and incorrect)
based on fuzzer input buffer
3) Exports and re-imports keys, confirming validity
4) Preforms Sign and Verify operations with optional parameters based on
fuzzer input buffer
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26708 )
2025-02-18 10:24:02 +01:00
029d85869f
Add quic-server fuzz test. Also update fuzz corpora submodule.
...
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Neil Horman <nhorman@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26514 )
2025-02-17 11:27:34 -05:00
ac69d0649a
Simplify the QUIC time override handling
...
Centralise the storage of the override in the QUIC_ENGINE rather than in
the QUIC_CONNECTION. We can now set the override on any type of QUIC SSL
object as needed.
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Viktor Dukhovni <viktor@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/25457 )
2025-02-17 11:27:32 -05:00
c0cf783178
Add an initial ML-DSA fuzzer
...
Add an initial version of an ML-DSA fuzzer. Exercises various ML-DSA
appropriate APIs. Currently it is able to randomly:
1. Attempt to create raw public private keys of various valid and invalid sizes
2. Generate legitimate keys of various sizes using the keygen api
3. Perform sign/verify operations using real generated keys
4. Perform digest sign/verify operations using real generated keys
5. Do an export and import of a key using todata/fromdata
6. Do a comparison of two equal and unequal keys
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26685 )
2025-02-15 11:13:38 -05:00
f0be0521d1
Update corpora to include ml-kem seed corpus
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org >
Reviewed-by: Tim Hudson <tjh@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26657 )
2025-02-14 10:50:59 +01:00
f440e816d0
Add an inital ML-KEM fuzzer
...
Add an inital version of an ML-KEM fuzzer. Exercises various ML-KEM
appropriate apis, as a fuzzer does. Currently it is able to randomly:
1) Attempt to create raw public private keys of various valid and
invalid sizes
2) Generate legitimate keys of various sizes using the keygen api
3) Preform encap/decap operations using real generated keys
4) Do a shared secret derivation using 2 keys
5) Do an export and import of a key using todata/fromdata
6) Do a comparison of two equal and unequal keys
Its not much to start, but it should be fairly extensible
Reviewed-by: Viktor Dukhovni <viktor@openssl.org >
Reviewed-by: Tim Hudson <tjh@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26657 )
2025-02-14 10:50:59 +01:00
bd0a2e0c1e
Check returns of sk_X509_CRL_push and handle appropriately.
...
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26234 )
2025-01-24 13:37:38 +01:00
b049ce0e35
Tweak case of [fs] variant letter in SLH-DSA algorithms
...
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Tim Hudson <tjh@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26359 )
2025-01-11 14:39:03 +11:00
c626fda8a6
Check returns of various sk_*_push functions
...
Check returns of sk_POLICY_MAPPING_push, sk_GENERAL_NAME_push,
sk_ACCESS_DESCRIPTION_push, sk_X509_push, sk_X509_NAME_push,
sk_OPENSSL_CSTRING_push, sk_SCT_push, sk_DIST_POINT_push,
sk_OSSL_CMP_CRLSTATUS_push, sk_ASN1_UTF8STRING_push and
sk_ASN1_OBJECT_push and handle appropriately.
Reviewed-by: Saša Nedvědický <sashan@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26240 )
2025-01-08 11:11:00 +01:00
d31fce1972
Some PQ-related CSOR OIDs
...
Reviewed-by: Tim Hudson <tjh@openssl.org >
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/26321 )
2025-01-07 23:01:44 +11:00
9183306815
feat: add TCG / platform certificate OIDs
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/25312 )
2024-09-05 17:22:40 +02:00
7ed6de997f
Copyright year updates
...
Reviewed-by: Neil Horman <nhorman@openssl.org >
Release: yes
2024-09-05 09:35:49 +02:00
91432b9ea0
fix: alias auditEntity OID
...
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Matt Caswell <matt@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/24754 )
2024-08-26 10:38:44 +01:00
9216859f7b
feat: support auditIdentity X.509v3 extension
...
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Matt Caswell <matt@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/24754 )
2024-08-26 10:38:44 +01:00
bce3a8d57e
fix: wrong name for OID -> auditIdentity
...
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Matt Caswell <matt@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/24754 )
2024-08-26 10:25:23 +01:00
3c1713aeed
fuzz/hashtable.c: rc == -1 on insert is OK when fuzzing
...
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Neil Horman <nhorman@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/25273 )
2024-08-22 14:52:43 +02:00
f0b1d4d1b0
core_namemap.c: 2048 hashtable buckets should be sufficient
...
It is unlikely we would need more than 4000 names and even
with more names (up to 8192) it would still work, just
the performance fo the namemap would degrade.
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
(Merged from https://github.com/openssl/openssl/pull/24504 )
2024-08-21 15:21:26 +02:00
71fe7f0983
hashtable: Support lockless reads
...
Also build it in the FIPS provider too and properly
report error on insert when hashtable cannot be grown.
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
(Merged from https://github.com/openssl/openssl/pull/24504 )
2024-08-21 15:21:25 +02:00
435531ec24
alternate collision checking support
...
Add full key matching to hashtable
the idea is that on a hash value match we do a full memory comparison of
the unhashed key to validate that its actually the key we're looking for
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/24504 )
2024-08-21 15:21:25 +02:00
f0768376e1
limit bignums to 128 bytes
...
Keep us from spinning forever doing huge amounts of math in the fuzzer
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
(Merged from https://github.com/openssl/openssl/pull/25013 )
2024-08-09 07:59:03 -04:00
387491d537
Add OIDs id-kp-wisun-fan-device and id-on-hardwareModule
...
Sub-OIDs for {iso(1) identified-organization(3) dod(6) internet(1)
private(4) enterprise(1) 45605} are recorded in the document "Wi-SUN
Assigned Value Registry" (WAVR).
OID id-on-hardwareModule is defined in RFC 4108.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23428 )
2024-08-07 19:53:19 +02:00
7bcfb41489
ossl_print_attribute_value(): use a sequence value only if type is a sequence
...
Move the switch to print a distinguished name inside the
switch by the printed attribute type, otherwise a malformed
attribute will cause a crash.
Updated the fuzz corpora with the testcase
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com >
(Merged from https://github.com/openssl/openssl/pull/25087 )
2024-08-07 19:43:34 +02:00
4f619ca622
Ensure cmd from fuzz buffer is always valid
...
The quic-srtm fuzzer uses a loop in which an integer command is
extracted from the fuzzer buffer input to determine the action to take,
switching on the values between 0 and 3, and ignoring all other
commands. Howver in the failing fuzzer test case here:
https://oss-fuzz.com/testcase-detail/5618331942977536
The buffer provided shows a large number of 0 values (indicating an SRTM
add command), and almost no 1, 2, or 3 values. As such, the fuzzer only
truly exercises the srtm add path, which has the side effect of growing
the SRTM hash table unboundedly, leading to a timeout when 10 entries
need to be iterated over when the hashtable doall command is executed.
Fix this by ensuring that the command is always valid, and reasonably
distributed among all the operations with some modulo math.
Introducing this change bounds the hash table size in the reproducer
test case to less than half of the initially observed size, and avoids
the timeout.
Fixes openssl/project#679
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Matt Caswell <matt@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/24827 )
2024-07-23 08:20:15 -04:00
962431d58b
that open brace { should be on the previous line
...
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/22097 )
2024-07-22 06:55:35 -04:00
1b2ab42ed7
Change strnlen() to OPENSSL_strnlen() in fuzz/provider.
...
strnlen() is not portable. It is preferable to use the wrapper.
Fixes : #24908
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca >
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Kurt Roeckx <kurt@roeckx.be >
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
(Merged from https://github.com/openssl/openssl/pull/24912 )
2024-07-18 17:26:55 +02:00
939dd479ac
Limit the number of commands that can be used in the quic-lcidm fuzzer
...
The fuzzer was reporting a spurious timeout due to excessive numbers of
commands in a single file. We limit the number of commands to avoid this.
Found by OSSFuzz
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/24831 )
2024-07-11 14:17:11 -04:00
29696af689
fuzz/decoder.c: Lower the limits on key checks
...
These checks still take too long time on clusterfuzz
so they are longer than the timeout limit.
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Kurt Roeckx <kurt@roeckx.be >
(Merged from https://github.com/openssl/openssl/pull/24781 )
2024-07-05 07:45:53 -04:00
8f250985ad
Fix typos found by codespell
...
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
Reviewed-by: Kurt Roeckx <kurt@roeckx.be >
(Merged from https://github.com/openssl/openssl/pull/24691 )
2024-06-24 15:09:11 +02:00
58301e24f6
Add support for targetingInformation X.509v3 extension
...
Support for the targetingInformation X.509v3 extension defined in ITU-T
Recommendation X.509 (2019), Section 17.1.2.2. This extension is used
in attribute certificates.
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/22206 )
2024-06-17 14:03:25 +02:00
f3b988dc29
Add provider fuzzer
...
Test recipe 99-test_fuzz_provider.t added.
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Neil Horman <nhorman@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/22964 )
2024-05-24 11:56:41 +02:00
c04901be78
Fix alignment errors in hashtable fuzzer
...
we extract several values (uint16_t and uint64_t from the fuzzer buff
passed in, but they weren't aligned on 2 and 8 byte boundaries. Adjust
the fuzzer to memcpy data to the target variables to avoid unalignment
issues
Fixes #24272
Reviewed-by: Paul Dale <ppzgs1@gmail.com >
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com >
(Merged from https://github.com/openssl/openssl/pull/24276 )
2024-04-30 12:53:51 +02:00
d10b020e2e
fuzz: Add attribute certificate fuzz test
...
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Neil Horman <nhorman@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/15857 )
2024-04-24 14:08:03 +01:00
ca43171b3c
updating fuzz-corpora submodule
...
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Paul Dale <pauli@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23671 )
2024-04-24 12:03:30 +10:00
f597acb71b
Adding hashtable fuzzer
...
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Paul Dale <pauli@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23671 )
2024-04-24 12:03:30 +10:00
8d8a014430
fuzz/decoder.c: Limit the EVP_PKEY_param_check on DHX keys as well
...
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Richard Levitte <levitte@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/24126 )
2024-04-17 09:30:11 +02:00
9fc61ba0a7
fuzz/decoder.c: Limit the key sizes on which checks are run
...
In particular the DH safe prime check will be limited to 8192 bits
and the private and pairwise checks are limited to 16384 bits on
any key types.
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Shane Lontis <shane.lontis@oracle.com >
(Merged from https://github.com/openssl/openssl/pull/24049 )
2024-04-10 09:28:59 +02:00
b646179229
Copyright year updates
...
Reviewed-by: Neil Horman <nhorman@openssl.org >
Release: yes
(cherry picked from commit 0ce7d1f355hlandau@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/24034 )
2024-04-09 13:43:26 +02:00
c5e097dec5
Add Content Type OID for id-ct-rpkiSignedPrefixList
...
References: draft-ietf-sidrops-rpki-prefixlist
Title: "A profile for Signed Prefix Lists for Use in the Resource Public Key Infrastructure (RPKI)"
OID assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)'
https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23426 )
2024-03-15 09:10:22 +01:00
7649b5548e
Add fuzzing for DTLS
...
Update the fuzz corpora submodule with the DTLS fuzz corpus.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23585 )
2024-03-12 20:10:40 +01:00
4a6f70c031
Don't print excessively long ASN1 items in fuzzer
...
Prevent spurious fuzzer timeouts by not printing ASN1 which is excessively
long.
This fixes a false positive encountered by OSS-Fuzz.
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com >
(Merged from https://github.com/openssl/openssl/pull/23640 )
2024-02-21 16:45:33 +00:00
9eabb30ab4
QUIC RCIDM: Minor updates
...
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23022 )
2024-01-11 11:16:27 +01:00
ad08c814d8
Update fuzz corpora
...
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23022 )
2024-01-11 11:14:18 +01:00
8e1593e647
QUIC RCIDM: Update fuzz corpora
...
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23022 )
2024-01-11 11:14:18 +01:00
d0bac943c9
QUIC RCIDM: Add fuzzer
...
Reviewed-by: Matt Caswell <matt@openssl.org >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/23022 )
2024-01-11 11:14:18 +01:00
bedffe1731
crypto/cmp/,apps/lib/cmp_mock_srv.c: various improvements on delayed delivery
...
Reviewed-by: Shane Lontis <shane.lontis@oracle.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com >
(Merged from https://github.com/openssl/openssl/pull/20727 )
2023-12-21 23:06:42 +01:00
192bfec487
crypto/cmp/,apps/lib/cmp_mock_srv.c: add delayed delivery for all types of responses
...
Reviewed-by: Shane Lontis <shane.lontis@oracle.com >
Reviewed-by: Tomas Mraz <tomas@openssl.org >
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com >
(Merged from https://github.com/openssl/openssl/pull/20727 )
2023-12-21 22:53:35 +01:00
3d7f83ebdc
QUIC LCIDM: Add fuzzer
...
Reviewed-by: Neil Horman <nhorman@openssl.org >
Reviewed-by: Matt Caswell <matt@openssl.org >
(Merged from https://github.com/openssl/openssl/pull/22673 )
2023-12-06 10:40:11 +00:00
Burkov Egor
Neil Horman
Andrew Dinh
Matt Caswell
Frederik Wedel-Heinen
Viktor Dukhovni
Jonathan M. Wilbur
Tomas Mraz
Mathis Marion
Dimitri Papadopoulos
Randall S. Becker
Max Ammann
Damian Hobson-Garcia
Richard Levitte
Job Snijders
Hugo Landau
Dr. David von Oheimb
Rajeev Ranjan