summaryrefslogtreecommitdiffstats
path: root/fuzz/x509.c
AgeCommit message (Collapse)Author
2023-09-07Copyright year updatesMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
2023-09-01Update X509 fuzzer to verify a chainKurt Roeckx
It add supports for verifying that it's been signed by a CA, and checks the CRL and OCSP status Can find CVE-2022-4203 and CVE-2023-0286 Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20243)
2021-02-23RAND_METHOD deprecation: fuzzerPauli
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13652)
2021-02-18Update copyright yearMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
2021-02-16Test that X509_issuer_and_serial_hash doesn't crashMatt Caswell
Provide a certificate with a bad issuer and check that X509_issuer_and_serial_hash doesn't crash. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
2019-09-12Deprecate ERR_get_state()Richard Levitte
Internally, we still need this function, so we make it internal and then add a new ERR_get_state() that simply calls the internal variant, unless it's "removed" by configuration. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9462)
2018-12-06Following the license change, modify the boilerplates in fuzz/Richard Levitte
[skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7833)
2017-08-11Move FuzzerSetRand to separate file.Rich Salz
Use an inline rand.inc; this fixes Google's OSS-Fuzz builds. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4141)
2017-07-26Install custom RAND_METHOD for fuzzingRich Salz
Instead of setting a "magic" global variable to force RAND to keep consistent state and always generate the same bytestream, have the fuzzing code install its own RAND_METHOD that does this. For BN_RAND_DEBUG, we just don't do it; that debugging was about mucking with BN's internal representation, not requiring predictable rand bytes. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4025)
2017-04-16Make x509 and asn1 fuzzer reproducibleKurt Roeckx
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
2016-12-03Make the fuzzers more reproducibleKurt Roeckx
We want to be in the same global state each time we come in FuzzerTestOneInput(). There are various reasons why we might not be that include: - Initialization that happens on first use. This is mostly the RUN_ONCE() things, or loading of error strings. - Results that get cached. For instance a stack that is sorted, RSA blinding that has been set up, ... So I try to trigger as much as possible in FuzzerInitialize(), and for things I didn't find out how to trigger this it needs to happen in FuzzerTestOneInput(). Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
2016-12-03Add a FuzzerClean() functionKurt Roeckx
This allows to free everything we allocated, so we can detect memory leaks. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
2016-12-03Fix formatting of fuzzersKurt Roeckx
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
2016-07-01Re-add x509 and crl fuzzerKurt Roeckx
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1276
2016-06-28Add comment about X509_printAlex Gaynor
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Emilia Kasper <emilia@openssl.org> GH: #1255
2016-06-25Add X509 and CRL fuzzerKurt Roeckx
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1229
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-04 15:03:08 +0000