1 1.1 christos /* 2 1.1 christos * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos * 4 1.1 christos * Licensed under the Apache License 2.0 (the "License"). You may not use 5 1.1 christos * this file except in compliance with the License. You can obtain a copy 6 1.1 christos * in the file LICENSE in the source distribution or at 7 1.1 christos * https://www.openssl.org/source/license.html 8 1.1 christos */ 9 1.1 christos 10 1.1 christos /* 11 1.1 christos * Test CMP DER parsing. 12 1.1 christos */ 13 1.1 christos 14 1.1 christos #include <openssl/bio.h> 15 1.1 christos #include <openssl/cmp.h> 16 1.1 christos #include "../crypto/cmp/cmp_local.h" 17 1.1 christos #include <openssl/err.h> 18 1.1 christos #include "fuzzer.h" 19 1.1 christos 20 1.1 christos int FuzzerInitialize(int *argc, char ***argv) 21 1.1 christos { 22 1.1 christos FuzzerSetRand(); 23 1.1 christos OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); 24 1.1 christos ERR_clear_error(); 25 1.1 christos CRYPTO_free_ex_index(0, -1); 26 1.1 christos return 1; 27 1.1 christos } 28 1.1 christos 29 1.1 christos static int num_responses; 30 1.1 christos 31 1.1 christos static OSSL_CMP_MSG *transfer_cb(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req) 32 1.1 christos { 33 1.1 christos if (num_responses++ > 2) 34 1.1 christos return NULL; /* prevent loops due to repeated pollRep */ 35 1.1 christos return OSSL_CMP_MSG_dup((OSSL_CMP_MSG *) 36 1.1 christos OSSL_CMP_CTX_get_transfer_cb_arg(ctx)); 37 1.1 christos } 38 1.1 christos 39 1.1 christos static int print_noop(const char *func, const char *file, int line, 40 1.1 christos OSSL_CMP_severity level, const char *msg) 41 1.1 christos { 42 1.1 christos return 1; 43 1.1 christos } 44 1.1 christos 45 1.1 christos static int allow_unprotected(const OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *rep, 46 1.1 christos int invalid_protection, int expected_type) 47 1.1 christos { 48 1.1 christos return 1; 49 1.1 christos } 50 1.1 christos 51 1.1 christos static void cmp_client_process_response(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg) 52 1.1 christos { 53 1.1 christos X509_NAME *name = X509_NAME_new(); 54 1.1 christos ASN1_INTEGER *serial = ASN1_INTEGER_new(); 55 1.1 christos 56 1.1 christos ctx->unprotectedSend = 1; /* satisfy ossl_cmp_msg_protect() */ 57 1.1 christos ctx->disableConfirm = 1; /* check just one response message */ 58 1.1 christos ctx->popoMethod = OSSL_CRMF_POPO_NONE; /* satisfy ossl_cmp_certReq_new() */ 59 1.1 christos ctx->oldCert = X509_new(); /* satisfy crm_new() and ossl_cmp_rr_new() */ 60 1.1 christos if (!OSSL_CMP_CTX_set1_secretValue(ctx, (unsigned char *)"", 61 1.1 christos 0) /* prevent too unspecific error */ 62 1.1 christos || ctx->oldCert == NULL 63 1.1 christos || name == NULL || !X509_set_issuer_name(ctx->oldCert, name) 64 1.1 christos || serial == NULL || !X509_set_serialNumber(ctx->oldCert, serial)) 65 1.1 christos goto err; 66 1.1 christos 67 1.1 christos (void)OSSL_CMP_CTX_set_transfer_cb(ctx, transfer_cb); 68 1.1 christos (void)OSSL_CMP_CTX_set_transfer_cb_arg(ctx, msg); 69 1.1 christos (void)OSSL_CMP_CTX_set_log_cb(ctx, print_noop); 70 1.1 christos num_responses = 0; 71 1.1 christos switch (msg->body != NULL ? msg->body->type : -1) { 72 1.1 christos case OSSL_CMP_PKIBODY_IP: 73 1.1 christos (void)OSSL_CMP_exec_IR_ses(ctx); 74 1.1 christos break; 75 1.1 christos case OSSL_CMP_PKIBODY_CP: 76 1.1 christos (void)OSSL_CMP_exec_CR_ses(ctx); 77 1.1 christos (void)OSSL_CMP_exec_P10CR_ses(ctx); 78 1.1 christos break; 79 1.1 christos case OSSL_CMP_PKIBODY_KUP: 80 1.1 christos (void)OSSL_CMP_exec_KUR_ses(ctx); 81 1.1 christos break; 82 1.1 christos case OSSL_CMP_PKIBODY_POLLREP: 83 1.1 christos ctx->status = OSSL_CMP_PKISTATUS_waiting; 84 1.1 christos (void)OSSL_CMP_try_certreq(ctx, OSSL_CMP_PKIBODY_CR, NULL, NULL); 85 1.1 christos break; 86 1.1 christos case OSSL_CMP_PKIBODY_RP: 87 1.1 christos (void)OSSL_CMP_exec_RR_ses(ctx); 88 1.1 christos break; 89 1.1 christos case OSSL_CMP_PKIBODY_GENP: 90 1.1 christos sk_OSSL_CMP_ITAV_pop_free(OSSL_CMP_exec_GENM_ses(ctx), 91 1.1 christos OSSL_CMP_ITAV_free); 92 1.1 christos break; 93 1.1 christos default: 94 1.1 christos (void)ossl_cmp_msg_check_update(ctx, msg, allow_unprotected, 0); 95 1.1 christos break; 96 1.1 christos } 97 1.1 christos err: 98 1.1 christos X509_NAME_free(name); 99 1.1 christos ASN1_INTEGER_free(serial); 100 1.1 christos } 101 1.1 christos 102 1.1 christos static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx, 103 1.1 christos const OSSL_CMP_MSG *cert_req, 104 1.1 christos int certReqId, 105 1.1 christos const OSSL_CRMF_MSG *crm, 106 1.1 christos const X509_REQ *p10cr, 107 1.1 christos X509 **certOut, 108 1.1 christos STACK_OF(X509) **chainOut, 109 1.1 christos STACK_OF(X509) **caPubs) 110 1.1 christos { 111 1.1 christos ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); 112 1.1 christos return NULL; 113 1.1 christos } 114 1.1 christos 115 1.1 christos static OSSL_CMP_PKISI *process_rr(OSSL_CMP_SRV_CTX *srv_ctx, 116 1.1 christos const OSSL_CMP_MSG *rr, 117 1.1 christos const X509_NAME *issuer, 118 1.1 christos const ASN1_INTEGER *serial) 119 1.1 christos { 120 1.1 christos ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); 121 1.1 christos return NULL; 122 1.1 christos } 123 1.1 christos 124 1.1 christos static int process_genm(OSSL_CMP_SRV_CTX *srv_ctx, 125 1.1 christos const OSSL_CMP_MSG *genm, 126 1.1 christos const STACK_OF(OSSL_CMP_ITAV) *in, 127 1.1 christos STACK_OF(OSSL_CMP_ITAV) **out) 128 1.1 christos { 129 1.1 christos ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); 130 1.1 christos return 0; 131 1.1 christos } 132 1.1 christos 133 1.1 christos static void process_error(OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *error, 134 1.1 christos const OSSL_CMP_PKISI *statusInfo, 135 1.1 christos const ASN1_INTEGER *errorCode, 136 1.1 christos const OSSL_CMP_PKIFREETEXT *errorDetails) 137 1.1 christos { 138 1.1 christos ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); 139 1.1 christos } 140 1.1 christos 141 1.1 christos static int process_certConf(OSSL_CMP_SRV_CTX *srv_ctx, 142 1.1 christos const OSSL_CMP_MSG *certConf, int certReqId, 143 1.1 christos const ASN1_OCTET_STRING *certHash, 144 1.1 christos const OSSL_CMP_PKISI *si) 145 1.1 christos { 146 1.1 christos ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); 147 1.1 christos return 0; 148 1.1 christos } 149 1.1 christos 150 1.1 christos static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx, 151 1.1 christos const OSSL_CMP_MSG *pollReq, int certReqId, 152 1.1 christos OSSL_CMP_MSG **certReq, int64_t *check_after) 153 1.1 christos { 154 1.1 christos ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); 155 1.1 christos return 0; 156 1.1 christos } 157 1.1 christos 158 1.1 christos int FuzzerTestOneInput(const uint8_t *buf, size_t len) 159 1.1 christos { 160 1.1 christos OSSL_CMP_MSG *msg; 161 1.1 christos BIO *in; 162 1.1 christos 163 1.1 christos if (len == 0) 164 1.1 christos return 0; 165 1.1 christos 166 1.1 christos in = BIO_new(BIO_s_mem()); 167 1.1 christos OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); 168 1.1 christos msg = d2i_OSSL_CMP_MSG_bio(in, NULL); 169 1.1 christos if (msg != NULL) { 170 1.1 christos BIO *out = BIO_new(BIO_s_null()); 171 1.1 christos OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(NULL, NULL); 172 1.1 christos OSSL_CMP_CTX *client_ctx = OSSL_CMP_CTX_new(NULL, NULL); 173 1.1 christos 174 1.1 christos i2d_OSSL_CMP_MSG_bio(out, msg); 175 1.1 christos ASN1_item_print(out, (ASN1_VALUE *)msg, 4, 176 1.1 christos ASN1_ITEM_rptr(OSSL_CMP_MSG), NULL); 177 1.1 christos BIO_free(out); 178 1.1 christos 179 1.1 christos if (client_ctx != NULL) 180 1.1 christos cmp_client_process_response(client_ctx, msg); 181 1.1 christos if (srv_ctx != NULL 182 1.1 christos && OSSL_CMP_CTX_set_log_cb(OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx), 183 1.1 christos print_noop) 184 1.1 christos && OSSL_CMP_SRV_CTX_init(srv_ctx, NULL, process_cert_request, 185 1.1 christos process_rr, process_genm, process_error, 186 1.1 christos process_certConf, process_pollReq)) 187 1.1 christos OSSL_CMP_MSG_free(OSSL_CMP_SRV_process_request(srv_ctx, msg)); 188 1.1 christos 189 1.1 christos OSSL_CMP_CTX_free(client_ctx); 190 1.1 christos OSSL_CMP_SRV_CTX_free(srv_ctx); 191 1.1 christos OSSL_CMP_MSG_free(msg); 192 1.1 christos } 193 1.1 christos 194 1.1 christos BIO_free(in); 195 1.1 christos ERR_clear_error(); 196 1.1 christos 197 1.1 christos return 0; 198 1.1 christos } 199 1.1 christos 200 1.1 christos void FuzzerCleanup(void) 201 1.1 christos { 202 1.1 christos FuzzerClearRand(); 203 1.1 christos } 204
Indexes created Sun Mar 01 05:31:48 UTC 2026