summaryrefslogtreecommitdiffstats
path: root/fuzz (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Update copyright yearMatt Caswell2021-06-171-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15801)
* fuzz/asn1parse.c: Clean up non-portable code and catch malloc failureDr. David von Oheimb2021-06-151-2/+2
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15722)
* fuzz/asn1parse: Use BIO_s_mem() as fallback outputTomas Mraz2021-06-111-0/+2
| | | | | | | /dev/null is not available everywhere. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15672)
* fuzz: remove TODOsPauli2021-06-022-10/+0
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
* Use "" for include internal/xxxRich Salz2021-05-271-1/+1
| | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15468)
* Add OID for RPKI id-ct-signedChecklistJob Snijders2021-05-121-0/+1
| | | | | | | | | | | | | | | References: draft-ietf-sidrops-rpki-rsc - Resource Public Key Infrastructure (RPKI) object profile for Signed Checklist (RSC) OID listed under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)' https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 CLA: Trivial Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15207)
* Add a local perl module to get year last changedRich Salz2021-03-312-4/+25
| | | | | | | | | | | This is used for generating a more-correct copyright statement for the "build_generated" targets. Fixes: #13765 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13791)
* Update copyright yearMatt Caswell2021-03-113-3/+3
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
* prov: update rand implementations to have a params argument for the ↵Pauli2021-02-281-1/+2
| | | | | | | instantiate call Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14310)
* fuzzer: add ctx gettable/settable to the fuzzer RNGPauli2021-02-261-1/+2
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14240)
* RAND_METHOD deprecation: fuzzerPauli2021-02-238-25/+187
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13652)
* RAND_METHOD deprecation: documentationPauli2021-02-231-40/+0
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13652)
* Update copyright yearMatt Caswell2021-02-181-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
* Test that X509_issuer_and_serial_hash doesn't crashMatt Caswell2021-02-162-0/+2
| | | | | | | | Provide a certificate with a bad issuer and check that X509_issuer_and_serial_hash doesn't crash. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
* Add OID for draft-ietf-opsawg-finding-geofeeds detached CMS signatureJob Snijders2021-02-121-0/+1
| | | | | | | | | | RFC 8805 Geofeed files can be authenticated with RPKI CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14050)
* Add some PKIX-RPKI objectsJob Snijders2021-02-021-0/+12
| | | | | | | | | | | | | | | | | References: RFC6482 - A Profile for Route Origin Authorizations (ROAs) RFC6484 - Certificate Policy (CP) for the RPKI RFC6493 - The RPKI Ghostbusters Record RFC8182 - The RPKI Repository Delta Protocol (RRDP) RFC8360 - RPKI Validation Reconsidered draft-ietf-sidrops-rpki-rta - A profile for RTAs CLA: trivial Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13948)
* Update copyright yearRichard Levitte2021-01-282-2/+2
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
* Deprecate EC_KEY + Update ec apps to use EVP_PKEYShane Lontis2021-01-262-9/+11
| | | | | | | | | Co-author: Richard Levitte <levitte@openssl.org> Co-author: Tomas Mraz <tmraz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13139)
* Fix 'no-deprecated'Richard Levitte2020-12-191-7/+8
| | | | | | | | | | | | | | Some of the handling of no-deprecated stuff wasn't quite complete, or even plain wrong. This restores i2d_PublicKey() to be able to handle EVP_PKEYs with legacy internal keys. This also refactors the DSA key tests in test/evp_extra_test.c to use EVP functionality entirely. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13706)
* dsa: fuzzer deprecation changesPauli2020-12-172-4/+7
| | | | | | Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13638)
* fuzz/server.c: Fix build error on OPENSSL_NO_{DSA,EC,DEPECATED_3_0}Dr. David von Oheimb2020-12-041-0/+3
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13110)
* Don't Overflow when printing Thawte Strong Extranet VersionMatt Caswell2020-12-021-0/+0
| | | | | | | | | | | When printing human readable info on the Thawte Strong Extranet extension the version number could overflow if the version number == LONG_MAX. This is undefined behaviour. Issue found by OSSFuzz. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/13452)
* Remove fuzzing of deprecated functions in a no-deprecated buildMatt Caswell2020-11-271-1/+1
| | | | | | | | d2i_DHparams and i2d_DHparam as well as the equivalent DHX functions are deprecated. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13138)
* Deprecate RSA harderRichard Levitte2020-11-182-1/+14
| | | | | | | This deprecates all functions that deal with the types RSA and RSA_METHOD Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13096)
* Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() callRichard Levitte2020-11-131-6/+6
| | | | | | | | | | This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
* [test/recipes] Split test_fuzz into separate recipesNicola Tuveri2020-11-121-3/+3
| | | | | | | | | | | | | | | When using `HARNESS_JOBS` to run the tests in parallel, no matter the level of parallelism that can be used, the monolithic `test_fuzz` takes a long time to run, conditioning the duration of the whole build. This commit splits the single `test_fuzz` recipe into separate recipes for each fuzzer. The previous mechanism to select individual fuzz tests using the `FUZZ_TESTS` environment variable is also dropped (and documentation updated). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13307)
* Update copyright yearMatt Caswell2020-10-151-1/+1
| | | | | Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13144)
* Some OIDs used in Russian X.509 certificates.Dmitry Belyavskiy2020-10-051-0/+8
| | | | | | | | | | | | OBJ_OGRNIP denotes a specific legal status of the certificate owner. OBJ_classSignTool* denotes a level of certification of the software created the certificate. http://www.garant.ru/products/ipo/prime/doc/70033464/ is the relevant link (in Russian). Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8309)
* Fix safestack issues in cmp.hMatt Caswell2020-09-131-2/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
* Fix safestack issues in ssl.hMatt Caswell2020-09-132-4/+0
| | | | | | | | | | | | | | | | | | | | | We fix 3 problems with safestack: - Including an openssl header file without linking against libcrypto can cause compilation failures (even if the app does not otherwise need to link against libcrypto). See issue #8102 - Recent changes means that applications in no-deprecated builds will need to include additional macro calls in the source code for all stacks that they need to use - which is an API break. This changes avoids that necessity. - It is not possible to write code using stacks that works in both a no-deprecated and a normal build of OpenSSL. See issue #12707. Fixes #12707 Contains a partial fix for #8102. A similar PR will be needed for hash to fully fix. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
* fuzz/test-corpus: check if PATH_MAX is already definedBiswapriyo Nath2020-09-111-1/+1
| | | | | | | | CLA: trivial Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12620)
* Add 4 new OIDs for PKIX key purposes and 3 new CMP information typesDr. David von Oheimb2020-09-081-0/+7
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12807)
* Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ↵Dr. David von Oheimb2020-08-211-2/+2
| | | | | | | | | ossl_cmp_mock_srv_new() Also remove not really to-the-point error message if call fails in apps/cmp.c Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11808)
* Streamline the CMP request session API, adding the generalized ↵Dr. David von Oheimb2020-07-301-1/+1
| | | | | | | | | OSSL_CMP_exec_certreq() Fixes #12395 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12431)
* 99-test_fuzz.t: Clean up and re-organize such that sub-tests could be split ↵Dr. David von Oheimb2020-07-161-1/+15
| | | | | | | easily Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12359)
* Fix typos and repeated wordsGustaf Neumann2020-07-051-1/+1
| | | | | | | | CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12320)
* Improve ossl_cmp_msg_check_received() and rename to ossl_cmp_msg_check_update()Dr. David von Oheimb2020-06-131-1/+1
| | | | | | | | Bugfix: allow using extraCerts contained in msg already while checking signature Improve function name, simplify its return value, and update its documentation Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998)
* Update copyright yearMatt Caswell2020-05-152-2/+2
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11839)
* Fix issues reported by markdownlintRich Salz2020-05-081-8/+12
| | | | | | Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11739)
* fuzz/asn1.c: Add missing #includeRichard Levitte2020-04-281-0/+1
| | | | | | | | | | <openssl/dsa.h> gets included via ts.h... except when 'no-ts' has been configured. Fixes #11597 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11640)
* In OpenSSL builds, declare STACK for datatypes ...Rich Salz2020-04-243-0/+6
| | | | | | | | | | | | | | | | | | | | | | ... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669)
* Update copyright yearMatt Caswell2020-04-232-2/+2
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
* Add CMP fuzzing to fuzz/cmp.c, including a couple of helpers in crypto/cmp/Dr. David von Oheimb2020-04-184566-0/+271
| | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11386)
* Add a couple of hints to fuzz/README.mdDr. David von Oheimb2020-04-181-12/+27
| | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11386)
* GOST cipher names adjustmentDmitry Belyavskiy2020-04-171-6/+6
| | | | | | | | | | | | | The erroneously introduced names grasshopper-* replaced with kuznyechik-* according to official algorithm name translation. Too long symbolic names replaced with human-enterable ones. Also the mechanism of deprecating names in objects.txt is implemented Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11440)
* Deprecate the low level Diffie-Hellman functions.Pauli2020-02-201-2/+2
| | | | | | | | Use of the low level DH functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11024)
* Deprecate the low level RSA functions.Pauli2020-02-201-1/+1
| | | | | | | | Use of the low level RSA functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11063)
* Deprecate the low level DSA functions.Pauli2020-02-111-3/+3
| | | | | | | | Use of the low level DSA functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10977)
* Deprecate the ECDSA and EV_KEY_METHOD functions.Pauli2020-02-041-0/+5
| | | | | | | | Use of the low level ECDSA and EC_KEY_METHOD functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10960)
* Make generated copyright year be "now"Rich Salz2020-01-071-4/+2
| | | | | | | | | | | | Always use the current year in generating output files, rather than trying to base is on the modtime of the script or input, as that can vary depending on the ability of the local OS to keep those accurate. Fixes #10744 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10776)