diff options
author | Richard Levitte <levitte@openssl.org> | 2020-10-04 16:34:31 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-11-18 23:38:34 +0100 |
commit | d7e498ac55f12bc2f4e7f948cbb8de2e3eeafc74 (patch) | |
tree | 755ca6bcbcd3b85d0371713d754b26f4a9d70250 /fuzz | |
parent | b24d6c335d3beb431f8f9847623d4db39ae1f96b (diff) |
Deprecate RSA harder
This deprecates all functions that deal with the types RSA and RSA_METHOD
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13096)
Diffstat (limited to 'fuzz')
-rw-r--r-- | fuzz/asn1.c | 6 | ||||
-rw-r--r-- | fuzz/server.c | 9 |
2 files changed, 14 insertions, 1 deletions
diff --git a/fuzz/asn1.c b/fuzz/asn1.c index 8fe8583815..9a4e454b2f 100644 --- a/fuzz/asn1.c +++ b/fuzz/asn1.c @@ -169,9 +169,11 @@ static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), ASN1_ITEM_ref(PROXY_POLICY), ASN1_ITEM_ref(RSA_OAEP_PARAMS), - ASN1_ITEM_ref(RSAPrivateKey), ASN1_ITEM_ref(RSA_PSS_PARAMS), +#ifndef OPENSSL_NO_DEPRECATED_3_0 + ASN1_ITEM_ref(RSAPrivateKey), ASN1_ITEM_ref(RSAPublicKey), +#endif ASN1_ITEM_ref(SXNET), ASN1_ITEM_ref(SXNETID), ASN1_ITEM_ref(USERNOTICE), @@ -339,7 +341,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) DO_TEST_NO_PRINT(DSA, d2i_DSAPublicKey, i2d_DSAPublicKey); DO_TEST_NO_PRINT(DSA, d2i_DSAparams, i2d_DSAparams); #endif +#ifndef OPENSSL_NO_DEPRECATED_3_0 DO_TEST_NO_PRINT(RSA, d2i_RSAPublicKey, i2d_RSAPublicKey); +#endif #ifndef OPENSSL_NO_EC DO_TEST_PRINT_OFFSET(EC_GROUP, d2i_ECPKParameters, i2d_ECPKParameters, ECPKParameters_print); DO_TEST_PRINT_OFFSET(EC_KEY, d2i_ECPrivateKey, i2d_ECPrivateKey, EC_KEY_print); diff --git a/fuzz/server.c b/fuzz/server.c index 8123c90994..4055b58222 100644 --- a/fuzz/server.c +++ b/fuzz/server.c @@ -12,6 +12,9 @@ /* Test first part of SSL server handshake. */ +/* We need to use the deprecated RSA low level calls */ +#define OPENSSL_SUPPRESS_DEPRECATED + #include <time.h> #include <openssl/rand.h> #include <openssl/ssl.h> @@ -92,6 +95,7 @@ static const uint8_t kCertificateDER[] = { 0x76, 0x8a, 0xbb, }; +#ifndef OPENSSL_NO_DEPRECATED_3_0 static const uint8_t kRSAPrivateKeyDER[] = { 0x30, 0x82, 0x04, 0xa5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xce, 0x47, 0xcb, 0x11, 0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14, @@ -194,6 +198,7 @@ static const uint8_t kRSAPrivateKeyDER[] = { 0xb2, 0xc6, 0xb2, 0x0a, 0x2a, 0x7c, 0x6d, 0x6a, 0x40, 0xfc, 0xf5, 0x50, 0x98, 0x46, 0x89, 0x82, 0x40, }; +#endif #ifndef OPENSSL_NO_EC @@ -512,7 +517,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) #endif SSL_CTX *ctx; int ret; +#ifndef OPENSSL_NO_DEPRECATED_3_0 RSA *privkey; +#endif const uint8_t *bufp; EVP_PKEY *pkey; X509 *cert; @@ -539,6 +546,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) ret = SSL_CTX_set_cipher_list(ctx, "ALL:eNULL:@SECLEVEL=0"); OPENSSL_assert(ret == 1); +#ifndef OPENSSL_NO_DEPRECATED_3_0 /* RSA */ bufp = kRSAPrivateKeyDER; privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER)); @@ -548,6 +556,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) ret = SSL_CTX_use_PrivateKey(ctx, pkey); OPENSSL_assert(ret == 1); EVP_PKEY_free(pkey); +#endif bufp = kCertificateDER; cert = d2i_X509(NULL, &bufp, sizeof(kCertificateDER)); |