summaryrefslogtreecommitdiffstats
path: root/fuzz (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add OIDs for HMAC SHA512/224 and HMAC SHA512/256.Pauli2018-08-011-0/+2
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6830)
* Enable all protocols and ciphers in the fuzzerKurt Roeckx2018-07-172-2/+6
| | | | | | | | | The config file can override it. In case of the server, it needs to be set on the ctx or some of the other functions on the ctx might file. Reviewed-by: Rich Salz <rsalz@openssl.org> DH: #6718
* New GOST identificatorsDmitry Belyavskiy2018-06-081-0/+14
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6438)
* Update copyright yearMatt Caswell2018-04-031-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5851)
* Faster fuzz test: teach the fuzz test programs to handle directoriesRichard Levitte2018-03-291-15/+70
| | | | | | | | | | | | | | Instead of invoking the fuzz test programs once for every corpora file, we invoke them once for each directory of corpora files. This dramatically reduces the number of program invikations, as well as the time 99-test_fuzz.t takes to complete. fuzz/test-corpus.c was enhanced to handle directories as well as regular files. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5776)
* Add fuzz corpora file that found the ASN.1 stack depth issueMatt Caswell2018-03-271-0/+0
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add SM2 signature and ECIES schemesJack Lloyd2018-03-191-0/+1
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4793)
* Missings OIDs for XTS added.Pauli2018-03-151-0/+4
| | | | | | | Added two missing OIDs for AES-{128,256}-XTS. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5622)
* Add OIDs for DSTU-4145gmile2018-03-121-0/+20
| | | | | | | | | | | | | | Original source: https://github.com/dstucrypt/openssl-dstu/commit/2c5fc4c92b8244c5026f4f871eb9497f9c28d5af Full list of OIDs is available on related enactment page at http://zakon2.rada.gov.ua/laws/show/z0423-17 CLA: trivial Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5216)
* Add GOST OIDs for Edwards parameter setsSergey Zhuravlev2018-03-071-0/+3
| | | | | | | | | | Add OIDs for parameter sets of Edwards elliptic curves. CLA: trivial Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5380)
* Update copyright yearMatt Caswell2018-02-271-1/+1
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Generate copyright year properlyRich Salz2018-02-131-0/+5
| | | | | | | | | Output copyright year depends on any input file(s) and the script. This is not perfect, but better than what we had. Also run 'make update' Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5350)
* SHA512/224 and SHA512/256Pauli2018-01-231-0/+2
| | | | | | | Support added for these two digests, available only via the EVP interface. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5093)
* SM3: restructure to EVP internal and update doc to right locationRonald Tse2017-11-061-0/+2
| | | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4616)
* Conditionalize fuzz tests on feature macrosBenjamin Kaduk2017-11-031-0/+8
| | | | | | | | Do not try to fuzz-test structures/routines that are compiled out of the library due to library configuration. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4664)
* Update asn1 and x509 corporaKurt Roeckx2017-11-037760-166/+124
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4653
* ASN1 fuzzer: Use d2i_TYPE / i2d_TYPE functionsKurt Roeckx2017-11-032-5/+97
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
* Don't turn b2 negativeKurt Roeckx2017-11-031-3/+1
| | | | | | | | b2 being negative is ignored Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
* Update location of the libfuzzer repositoryKurt Roeckx2017-11-031-1/+1
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
* make updateRichard Levitte2017-10-311-0/+1017
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4637)
* Generate a dictionary of OIDs for fuzzersRichard Levitte2017-10-311-0/+27
| | | | | | | | | | | It turns out that (some?) fuzzers can read a dictionary of OIDs, so we generate one as part of the usual 'make update'. Fixes #4615 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4637)
* Remove unused variable.Ben Laurie2017-10-161-0/+2
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4367)
* Stack sorting safetyPauli2017-09-182-2/+2
| | | | | | | | Use the defined typechecking stack method to sort the compression methods stack rather than using the generic function and apply type casts. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4382)
* bndiv fuzzer: limit the size of the input to avoid timeoutgbrl2017-08-161-0/+7
| | | | | | | | CLA: trivial Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4119)
* Move FuzzerSetRand to separate file.Rich Salz2017-08-116-31/+48
| | | | | | | Use an inline rand.inc; this fixes Google's OSS-Fuzz builds. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4141)
* Install custom RAND_METHOD for fuzzingRich Salz2017-07-276-44/+36
| | | | | | | | | | | | Instead of setting a "magic" global variable to force RAND to keep consistent state and always generate the same bytestream, have the fuzzing code install its own RAND_METHOD that does this. For BN_RAND_DEBUG, we just don't do it; that debugging was about mucking with BN's internal representation, not requiring predictable rand bytes. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4025)
* Update fuzz corporaKurt Roeckx2017-07-0222495-2943/+7089
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #3829
* fuzz/{client,server}.c: omit _time64 "overload method".Andy Polyakov2017-04-272-16/+12
| | | | | | | | | | | Approach was opportunistic in Windows context from its inception and on top of that it was proven to be error-prone at link stage. Correct answer is to introduce library-specific time function that we can control in platform-neutral manner. Meanwhile we just let be attempts to override time on Windows. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3320)
* Change 64-bit time type for windowsJon Spillett2017-04-192-2/+2
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3248)
* Optionally check for early dataKurt Roeckx2017-04-161-1/+19
| | | | | | | | | | | This adds a way to use the last byte of the buffer to change the behavior of the server. The last byte is used so that the existing corpus can be reused either without changing it, or just adding a single byte, and that it can still be used by other projects. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Use a fixed time when fuzzing.Kurt Roeckx2017-04-162-1/+36
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Document how to update the corpus.Kurt Roeckx2017-04-161-0/+12
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Make x509 and asn1 fuzzer reproducibleKurt Roeckx2017-04-162-0/+24
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Switch libfuzzer to use trace-pc-guardKurt Roeckx2017-04-161-1/+1
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2683
* Act on deprecation of LONG and ZLONG, step 1Richard Levitte2017-04-101-0/+4
| | | | | | | Don't compile code that still uses LONG when it's deprecated Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3126)
* Publish our INT32, UINT32, INT64, UINT64 ASN.1 types and Z variantsRichard Levitte2017-04-101-0/+8
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3126)
* Make default_method mostly compile-timeRich Salz2017-04-072-20/+0
| | | | | | | | Document thread-safety issues Have RSA_null return NULL (always fails) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2244)
* Fix out-of-memory condition in confMatt Caswell2017-03-121-0/+41
| | | | | | | | | | | | conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion. Credit to OSS-Fuzz for finding this problem. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2894)
* Update client, server and x509 fuzz corpusKurt Roeckx2017-02-216183-6/+3
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2682
* Update client and server corpusKurt Roeckx2017-01-294777-0/+1
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2318
* Fix build issues with no-dh, no-dsa and no-ecRichard Levitte2017-01-092-0/+24
| | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2192)
* Update fuzz corporaKurt Roeckx2017-01-068085-237/+216
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Make client and server fuzzer reproducibleKurt Roeckx2017-01-062-0/+12
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Make the bignum fuzzer reproducibleKurt Roeckx2017-01-061-18/+23
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Update fuzz documentationKurt Roeckx2017-01-061-5/+48
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* server fuzzer: add support for DSA and ECDSAKurt Roeckx2017-01-061-1/+321
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2182
* Update fuzz corporaKurt Roeckx2016-12-192442-0/+0
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #2090
* Make client and server fuzzer support all ciphersKurt Roeckx2016-12-162-0/+4
| | | | | | | Also send a SNI extension in the client so the fuzzer can react to it. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2088
* Document the recommended parameters for fuzzingKurt Roeckx2016-12-161-2/+10
| | | | | | | We use those parameters for calculating the coverage. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2088
* Update client fuzz corpusKurt Roeckx2016-12-09310-0/+0
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2060
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-22 10:40:24 +0100