aboutsummaryrefslogtreecommitdiff
path: root/lib/mbedtls-2.27.0/programs/fuzz
diff options
context:
space:
mode:
authorAdam Harrison <adamdharrison@gmail.com>2023-07-06 06:37:41 -0400
committerAdam Harrison <adamdharrison@gmail.com>2023-07-06 06:37:41 -0400
commit9db10386430479067795bec66bb26343ff176ded (patch)
tree5ad0cf95abde7cf03afaf8f70af8549d46b09a46 /lib/mbedtls-2.27.0/programs/fuzz
parent57092d80cb07fa1a84873769fa92165426196054 (diff)
downloadlite-xl-plugin-manager-9db10386430479067795bec66bb26343ff176ded.tar.gz
lite-xl-plugin-manager-9db10386430479067795bec66bb26343ff176ded.zip
Removed old mbedtls, replacing with submodule.
Diffstat (limited to 'lib/mbedtls-2.27.0/programs/fuzz')
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/.gitignore9
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/CMakeLists.txt55
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/Makefile72
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/README.md68
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/common.c96
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/common.h19
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/corpuses/clientbin4037 -> 0 bytes
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/corpuses/dtlsclientbin4058 -> 0 bytes
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/corpuses/dtlsserverbin1189 -> 0 bytes
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/corpuses/serverbin675 -> 0 bytes
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_client.c177
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_client.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsclient.c123
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsclient.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsserver.c148
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsserver.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_privkey.c75
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_privkey.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_pubkey.c75
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_pubkey.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_server.c189
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_server.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crl.c22
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crl.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crt.c22
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crt.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509csr.c22
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509csr.options2
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/onefile.c60
29 files changed, 0 insertions, 1250 deletions
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/.gitignore b/lib/mbedtls-2.27.0/programs/fuzz/.gitignore
deleted file mode 100644
index 5dc0960..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/.gitignore
+++ /dev/null
@@ -1,9 +0,0 @@
-fuzz_client
-fuzz_dtlsclient
-fuzz_dtlsserver
-fuzz_privkey
-fuzz_pubkey
-fuzz_server
-fuzz_x509crl
-fuzz_x509crt
-fuzz_x509csr
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/CMakeLists.txt b/lib/mbedtls-2.27.0/programs/fuzz/CMakeLists.txt
deleted file mode 100644
index fd55e31..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/CMakeLists.txt
+++ /dev/null
@@ -1,55 +0,0 @@
-set(libs
- ${mbedtls_target}
-)
-
-if(USE_PKCS11_HELPER_LIBRARY)
- set(libs ${libs} pkcs11-helper)
-endif(USE_PKCS11_HELPER_LIBRARY)
-
-if(ENABLE_ZLIB_SUPPORT)
- set(libs ${libs} ${ZLIB_LIBRARIES})
-endif(ENABLE_ZLIB_SUPPORT)
-
-find_library(FUZZINGENGINE_LIB FuzzingEngine)
-if(FUZZINGENGINE_LIB)
- project(fuzz CXX)
-endif()
-
-set(executables_no_common_c
- fuzz_privkey
- fuzz_pubkey
- fuzz_x509crl
- fuzz_x509crt
- fuzz_x509csr
-)
-
-set(executables_with_common_c
- fuzz_client
- fuzz_dtlsclient
- fuzz_dtlsserver
- fuzz_server
-)
-
-foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
-
- set(exe_sources ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- if(NOT FUZZINGENGINE_LIB)
- list(APPEND exe_sources onefile.c)
- endif()
-
- # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
- list(FIND executables_with_common_c ${exe} exe_index)
- if(${exe_index} GREATER -1)
- list(APPEND exe_sources common.c)
- endif()
-
- add_executable(${exe} ${exe_sources})
-
- if (NOT FUZZINGENGINE_LIB)
- target_link_libraries(${exe} ${libs})
- else()
- target_link_libraries(${exe} ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
- endif()
-
-endforeach()
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/Makefile b/lib/mbedtls-2.27.0/programs/fuzz/Makefile
deleted file mode 100644
index 084fc24..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/Makefile
+++ /dev/null
@@ -1,72 +0,0 @@
-MBEDTLS_TEST_PATH:=../../tests/src
-MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c))
-
-LOCAL_CFLAGS = -I../../tests/include -I../../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
- -L../../library \
- -lmbedtls$(SHARED_SUFFIX) \
- -lmbedx509$(SHARED_SUFFIX) \
- -lmbedcrypto$(SHARED_SUFFIX)
-
-LOCAL_CFLAGS += $(patsubst -I../%,-I../../%,$(THIRDPARTY_INCLUDES))
-
-ifndef SHARED
-DEP=../../library/libmbedcrypto.a ../../library/libmbedx509.a ../../library/libmbedtls.a
-else
-DEP=../../library/libmbedcrypto.$(DLEXT) ../../library/libmbedx509.$(DLEXT) ../../library/libmbedtls.$(DLEXT)
-endif
-
-
-DLEXT ?= so
-EXEXT=
-SHARED_SUFFIX=
-
-# Zlib shared library extensions:
-ifdef ZLIB
-LOCAL_LDFLAGS += -lz
-endif
-
-ifdef FUZZINGENGINE
-LOCAL_LDFLAGS += -lFuzzingEngine
-endif
-
-# A test application is built for each suites/test_suite_*.data file.
-# Application name is same as .data file's base name and can be
-# constructed by stripping path 'suites/' and extension .data.
-APPS = $(basename $(wildcard fuzz_*.c))
-
-# Construct executable name by adding OS specific suffix $(EXEXT).
-BINARIES := $(addsuffix $(EXEXT),$(APPS))
-
-.SILENT:
-
-.PHONY: all check test clean
-
-all: $(BINARIES)
-
-$(DEP):
- $(MAKE) -C ../../library
-
-C_FILES := $(addsuffix .c,$(APPS))
-
-%.o: %.c
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c $< -o $@
-
-
-ifdef FUZZINGENGINE
-$(BINARIES): %$(EXEXT): %.o common.o $(DEP)
- echo " $(CC) common.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
- $(CXX) common.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-else
-$(BINARIES): %$(EXEXT): %.o common.o onefile.o $(DEP)
- echo " $(CC) common.o onefile.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
- $(CC) common.o onefile.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-endif
-
-clean:
-ifndef WINDOWS
- rm -rf $(BINARIES) *.o
-else
- if exist *.o del /Q /F *.o
- if exist *.exe del /Q /F *.exe
-endif
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/README.md b/lib/mbedtls-2.27.0/programs/fuzz/README.md
deleted file mode 100644
index b6a4333..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/README.md
+++ /dev/null
@@ -1,68 +0,0 @@
-What is it?
-------
-
-This directory contains fuzz targets.
-Fuzz targets are simple codes using the library.
-They are used with a so-called fuzz driver, which will generate inputs, try to process them with the fuzz target, and alert in case of an unwanted behavior (such as a buffer overflow for instance).
-
-These targets were meant to be used with oss-fuzz but can be used in other contexts.
-
-This code was contributed by Philippe Antoine ( Catena cyber ).
-
-How to run?
-------
-
-To run the fuzz targets like oss-fuzz:
-```
-git clone https://github.com/google/oss-fuzz
-cd oss-fuzz
-python infra/helper.py build_image mbedtls
-python infra/helper.py build_fuzzers --sanitizer address mbedtls
-python infra/helper.py run_fuzzer mbedtls fuzz_client
-```
-You can use `undefined` sanitizer as well as `address` sanitizer.
-And you can run any of the fuzz targets like `fuzz_client`.
-
-To run the fuzz targets without oss-fuzz, you first need to install one libFuzzingEngine (libFuzzer for instance).
-Then you need to compile the code with the compiler flags of the wished sanitizer.
-```
-perl scripts/config.py set MBEDTLS_PLATFORM_TIME_ALT
-mkdir build
-cd build
-cmake ..
-make
-```
-Finally, you can run the targets like `./test/fuzz/fuzz_client`.
-
-
-Corpus generation for network trafic targets
-------
-
-These targets use network trafic as inputs :
-* client : simulates a client against (fuzzed) server traffic
-* server : simulates a server against (fuzzed) client traffic
-* dtls_client
-* dtls_server
-
-They also use the last bytes as configuration options.
-
-To generate corpus for these targets, you can do the following, not fully automated steps :
-* Build mbedtls programs ssl_server2 and ssl_client2
-* Run them one against the other with `reproducible` option turned on while capturing trafic into test.pcap
-* Extract tcp payloads, for instance with tshark : `tshark -Tfields -e tcp.dstport -e tcp.payload -r test.pcap > test.txt`
-* Run a dummy python script to output either client or server corpus file like `python dummy.py test.txt > test.cor`
-* Finally, you can add the options by appending the last bytes to the file test.cor
-
-Here is an example of dummy.py for extracting payload from client to server (if we used `tcp.dstport` in tshark command)
-```
-import sys
-import binascii
-
-f = open(sys.argv[1])
-for l in f.readlines():
- portAndPl=l.split()
- if len(portAndPl) == 2:
- # determine client or server based on port
- if portAndPl[0] == "4433":
- print(binascii.unhexlify(portAndPl[1].replace(":","")))
-```
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/common.c b/lib/mbedtls-2.27.0/programs/fuzz/common.c
deleted file mode 100644
index ac39ee2..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/common.c
+++ /dev/null
@@ -1,96 +0,0 @@
-#include "common.h"
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "mbedtls/ctr_drbg.h"
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
-{
- (void) time;
- return 0x5af2a056;
-}
-
-void dummy_init()
-{
-#if defined(MBEDTLS_PLATFORM_TIME_ALT)
- mbedtls_platform_set_time( dummy_constant_time );
-#else
- fprintf(stderr, "Warning: fuzzing without constant time\n");
-#endif
-}
-
-int dummy_send( void *ctx, const unsigned char *buf, size_t len )
-{
- //silence warning about unused parameter
- (void) ctx;
- (void) buf;
-
- //pretends we wrote everything ok
- if( len > INT_MAX ) {
- return( -1 );
- }
- return( (int) len );
-}
-
-int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
-{
- //reads from the buffer from fuzzer
- fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
-
- if(biomemfuzz->Offset == biomemfuzz->Size) {
- //EOF
- return( 0 );
- }
- if( len > INT_MAX ) {
- return( -1 );
- }
- if( len + biomemfuzz->Offset > biomemfuzz->Size ) {
- //do not overflow
- len = biomemfuzz->Size - biomemfuzz->Offset;
- }
- memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
- biomemfuzz->Offset += len;
- return( (int) len );
-}
-
-int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
-{
- int ret;
- size_t i;
-
-#if defined(MBEDTLS_CTR_DRBG_C)
- //use mbedtls_ctr_drbg_random to find bugs in it
- ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
-#else
- (void) p_rng;
- ret = 0;
-#endif
- for (i=0; i<output_len; i++) {
- //replace result with pseudo random
- output[i] = (unsigned char) rand();
- }
- return( ret );
-}
-
-int dummy_entropy( void *data, unsigned char *output, size_t len )
-{
- size_t i;
- (void) data;
-
- //use mbedtls_entropy_func to find bugs in it
- //test performance impact of entropy
- //ret = mbedtls_entropy_func(data, output, len);
- for (i=0; i<len; i++) {
- //replace result with pseudo random
- output[i] = (unsigned char) rand();
- }
- return( 0 );
-}
-
-int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len,
- uint32_t timeout )
-{
- (void) timeout;
-
- return fuzz_recv(ctx, buf, len);
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/common.h b/lib/mbedtls-2.27.0/programs/fuzz/common.h
deleted file mode 100644
index 5586c06..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/common.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#include "mbedtls/platform_time.h"
-#include <stdint.h>
-
-typedef struct fuzzBufferOffset
-{
- const uint8_t *Data;
- size_t Size;
- size_t Offset;
-} fuzzBufferOffset_t;
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time );
-void dummy_init();
-
-int dummy_send( void *ctx, const unsigned char *buf, size_t len );
-int fuzz_recv( void *ctx, unsigned char *buf, size_t len );
-int dummy_random( void *p_rng, unsigned char *output, size_t output_len );
-int dummy_entropy( void *data, unsigned char *output, size_t len );
-int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len,
- uint32_t timeout );
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/corpuses/client b/lib/mbedtls-2.27.0/programs/fuzz/corpuses/client
deleted file mode 100644
index 48d0a67..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/corpuses/client
+++ /dev/null
Binary files differ
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/corpuses/dtlsclient b/lib/mbedtls-2.27.0/programs/fuzz/corpuses/dtlsclient
deleted file mode 100644
index 87c3ca3..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/corpuses/dtlsclient
+++ /dev/null
Binary files differ
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/corpuses/dtlsserver b/lib/mbedtls-2.27.0/programs/fuzz/corpuses/dtlsserver
deleted file mode 100644
index 7a7a117..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/corpuses/dtlsserver
+++ /dev/null
Binary files differ
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/corpuses/server b/lib/mbedtls-2.27.0/programs/fuzz/corpuses/server
deleted file mode 100644
index fbeb019..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/corpuses/server
+++ /dev/null
Binary files differ
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_client.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_client.c
deleted file mode 100644
index 270ae8a..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_client.c
+++ /dev/null
@@ -1,177 +0,0 @@
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "common.h"
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-
-
-#if defined(MBEDTLS_SSL_CLI_C) && \
- defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C)
-static int initialized = 0;
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-static mbedtls_x509_crt cacert;
-#endif
-const char *alpn_list[3];
-
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-const unsigned char psk[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-};
-const char psk_id[] = "Client_identity";
-#endif
-
-const char *pers = "fuzz_client";
-#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
-
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#if defined(MBEDTLS_SSL_CLI_C) && \
- defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C)
- int ret;
- size_t len;
- mbedtls_ssl_context ssl;
- mbedtls_ssl_config conf;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_entropy_context entropy;
- unsigned char buf[4096];
- fuzzBufferOffset_t biomemfuzz;
- uint16_t options;
-
- if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- mbedtls_x509_crt_init( &cacert );
- if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
- mbedtls_test_cas_pem_len ) != 0)
- return 1;
-#endif
-
- alpn_list[0] = "HTTP";
- alpn_list[1] = "fuzzalpn";
- alpn_list[2] = NULL;
-
- dummy_init();
-
- initialized = 1;
- }
-
- //we take 1 byte as options input
- if (Size < 2) {
- return 0;
- }
- options = (Data[Size - 2] << 8) | Data[Size - 1];
- //Avoid warnings if compile options imply no options
- (void) options;
-
- mbedtls_ssl_init( &ssl );
- mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
-
- if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
- (const unsigned char *) pers, strlen( pers ) ) != 0 )
- goto exit;
-
- if( mbedtls_ssl_config_defaults( &conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_STREAM,
- MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
- goto exit;
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
- if (options & 2) {
- mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
- (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
- }
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- if (options & 4) {
- mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
- mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
- } else
-#endif
- {
- mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
- }
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- mbedtls_ssl_conf_truncated_hmac( &conf, (options & 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
-#endif
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
- mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
-#endif
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
- mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED);
-#endif
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
- mbedtls_ssl_conf_cbc_record_splitting( &conf, (options & 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
- mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED );
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- mbedtls_ssl_conf_session_tickets( &conf, (options & 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED );
-#endif
-#if defined(MBEDTLS_SSL_ALPN)
- if (options & 0x200) {
- mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list );
- }
-#endif
- //There may be other options to add :
- // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes
-
- srand(1);
- mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-
- if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
- goto exit;
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- if ((options & 1) == 0) {
- if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 )
- goto exit;
- }
-#endif
-
- biomemfuzz.Data = Data;
- biomemfuzz.Size = Size-2;
- biomemfuzz.Offset = 0;
- mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL );
-
- ret = mbedtls_ssl_handshake( &ssl );
- if( ret == 0 )
- {
- //keep reading data from server until the end
- do
- {
- len = sizeof( buf ) - 1;
- ret = mbedtls_ssl_read( &ssl, buf, len );
-
- if( ret == MBEDTLS_ERR_SSL_WANT_READ )
- continue;
- else if( ret <= 0 )
- //EOF or error
- break;
- }
- while( 1 );
- }
-
-exit:
- mbedtls_entropy_free( &entropy );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_ssl_config_free( &conf );
- mbedtls_ssl_free( &ssl );
-
-#else
- (void) Data;
- (void) Size;
-#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
-
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_client.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_client.options
deleted file mode 100644
index 4d7340f..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_client.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 1048575
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsclient.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsclient.c
deleted file mode 100644
index ff258bc..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsclient.c
+++ /dev/null
@@ -1,123 +0,0 @@
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include "common.h"
-#include "mbedtls/ssl.h"
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/timing.h"
-
-
-#if defined(MBEDTLS_SSL_CLI_C) && \
- defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C) && \
- defined(MBEDTLS_TIMING_C)
-static int initialized = 0;
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-static mbedtls_x509_crt cacert;
-#endif
-
-const char *pers = "fuzz_dtlsclient";
-#endif
-#endif // MBEDTLS_SSL_PROTO_DTLS
-
-
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
- defined(MBEDTLS_SSL_CLI_C) && \
- defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C) && \
- defined(MBEDTLS_TIMING_C)
- int ret;
- size_t len;
- mbedtls_ssl_context ssl;
- mbedtls_ssl_config conf;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_entropy_context entropy;
- mbedtls_timing_delay_context timer;
- unsigned char buf[4096];
- fuzzBufferOffset_t biomemfuzz;
-
- if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- mbedtls_x509_crt_init( &cacert );
- if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
- mbedtls_test_cas_pem_len ) != 0)
- return 1;
-#endif
- dummy_init();
-
- initialized = 1;
- }
-
- mbedtls_ssl_init( &ssl );
- mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
-
- srand(1);
- if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
- (const unsigned char *) pers, strlen( pers ) ) != 0 )
- goto exit;
-
- if( mbedtls_ssl_config_defaults( &conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_DATAGRAM,
- MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
- goto exit;
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-#endif
- mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
- mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-
- if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
- goto exit;
-
- mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
- mbedtls_timing_get_delay );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 )
- goto exit;
-#endif
-
- biomemfuzz.Data = Data;
- biomemfuzz.Size = Size;
- biomemfuzz.Offset = 0;
- mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
-
- ret = mbedtls_ssl_handshake( &ssl );
- if( ret == 0 )
- {
- //keep reading data from server until the end
- do
- {
- len = sizeof( buf ) - 1;
- ret = mbedtls_ssl_read( &ssl, buf, len );
-
- if( ret == MBEDTLS_ERR_SSL_WANT_READ )
- continue;
- else if( ret <= 0 )
- //EOF or error
- break;
- }
- while( 1 );
- }
-
-exit:
- mbedtls_entropy_free( &entropy );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_ssl_config_free( &conf );
- mbedtls_ssl_free( &ssl );
-
-#else
- (void) Data;
- (void) Size;
-#endif
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsclient.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsclient.options
deleted file mode 100644
index 4d7340f..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsclient.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 1048575
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsserver.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsserver.c
deleted file mode 100644
index 4cde1fe..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsserver.c
+++ /dev/null
@@ -1,148 +0,0 @@
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include "common.h"
-#include "mbedtls/ssl.h"
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/ssl_cookie.h"
-
-
-#if defined(MBEDTLS_SSL_SRV_C) && \
- defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C) && \
- defined(MBEDTLS_TIMING_C)
-const char *pers = "fuzz_dtlsserver";
-const unsigned char client_ip[4] = {0x7F, 0, 0, 1};
-static int initialized = 0;
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-static mbedtls_x509_crt srvcert;
-static mbedtls_pk_context pkey;
-#endif
-#endif
-#endif // MBEDTLS_SSL_PROTO_DTLS
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
- defined(MBEDTLS_SSL_SRV_C) && \
- defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C) && \
- defined(MBEDTLS_TIMING_C)
- int ret;
- size_t len;
- mbedtls_ssl_context ssl;
- mbedtls_ssl_config conf;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_entropy_context entropy;
- mbedtls_timing_delay_context timer;
- mbedtls_ssl_cookie_ctx cookie_ctx;
- unsigned char buf[4096];
- fuzzBufferOffset_t biomemfuzz;
-
- if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- mbedtls_x509_crt_init( &srvcert );
- mbedtls_pk_init( &pkey );
- if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
- mbedtls_test_srv_crt_len ) != 0)
- return 1;
- if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
- mbedtls_test_cas_pem_len ) != 0)
- return 1;
- if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 ) != 0)
- return 1;
-#endif
- dummy_init();
-
- initialized = 1;
- }
- mbedtls_ssl_init( &ssl );
- mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
- mbedtls_ssl_cookie_init( &cookie_ctx );
-
- if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
- (const unsigned char *) pers, strlen( pers ) ) != 0 )
- goto exit;
-
-
- if( mbedtls_ssl_config_defaults( &conf,
- MBEDTLS_SSL_IS_SERVER,
- MBEDTLS_SSL_TRANSPORT_DATAGRAM,
- MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
- goto exit;
-
-
- srand(1);
- mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
- if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 )
- goto exit;
-#endif
-
- if( mbedtls_ssl_cookie_setup( &cookie_ctx, dummy_random, &ctr_drbg ) != 0 )
- goto exit;
-
- mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx );
-
- if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
- goto exit;
-
- mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
- mbedtls_timing_get_delay );
-
- biomemfuzz.Data = Data;
- biomemfuzz.Size = Size;
- biomemfuzz.Offset = 0;
- mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
- if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 )
- goto exit;
-
- ret = mbedtls_ssl_handshake( &ssl );
-
- if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
- biomemfuzz.Offset = ssl.next_record_offset;
- mbedtls_ssl_session_reset( &ssl );
- mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
- if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 )
- goto exit;
-
- ret = mbedtls_ssl_handshake( &ssl );
-
- if( ret == 0 )
- {
- //keep reading data from server until the end
- do
- {
- len = sizeof( buf ) - 1;
- ret = mbedtls_ssl_read( &ssl, buf, len );
- if( ret == MBEDTLS_ERR_SSL_WANT_READ )
- continue;
- else if( ret <= 0 )
- //EOF or error
- break;
- }
- while( 1 );
- }
- }
-
-exit:
- mbedtls_ssl_cookie_free( &cookie_ctx );
- mbedtls_entropy_free( &entropy );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_ssl_config_free( &conf );
- mbedtls_ssl_free( &ssl );
-
-#else
- (void) Data;
- (void) Size;
-#endif
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsserver.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsserver.options
deleted file mode 100644
index 4d7340f..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_dtlsserver.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 1048575
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_privkey.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_privkey.c
deleted file mode 100644
index 6c968fd..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_privkey.c
+++ /dev/null
@@ -1,75 +0,0 @@
-#include <stdint.h>
-#include <stdlib.h>
-#include "mbedtls/pk.h"
-
-//4 Kb should be enough for every bug ;-)
-#define MAX_LEN 0x1000
-
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_PK_PARSE_C
- int ret;
- mbedtls_pk_context pk;
-
- if (Size > MAX_LEN) {
- //only work on small inputs
- Size = MAX_LEN;
- }
-
- mbedtls_pk_init( &pk );
- ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 );
- if (ret == 0) {
-#if defined(MBEDTLS_RSA_C)
- if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
- {
- mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
- mbedtls_rsa_context *rsa;
-
- mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
- mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
- mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
- rsa = mbedtls_pk_rsa( pk );
- if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != 0 ) {
- abort();
- }
- if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != 0 ) {
- abort();
- }
-
- mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
- mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
- mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
- }
- else
-#endif
-#if defined(MBEDTLS_ECP_C)
- if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ||
- mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH )
- {
- mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
- mbedtls_ecp_group_id grp_id = ecp->grp.id;
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id( grp_id );
-
- /* If the curve is not supported, the key should not have been
- * accepted. */
- if( curve_info == NULL )
- abort( );
- }
- else
-#endif
- {
- /* The key is valid but is not of a supported type.
- * This should not happen. */
- abort( );
- }
- }
- mbedtls_pk_free( &pk );
-#else
- (void) Data;
- (void) Size;
-#endif //MBEDTLS_PK_PARSE_C
-
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_privkey.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_privkey.options
deleted file mode 100644
index 0824b19..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_privkey.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 65535
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_pubkey.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_pubkey.c
deleted file mode 100644
index 9e80350..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_pubkey.c
+++ /dev/null
@@ -1,75 +0,0 @@
-#include <stdint.h>
-#include <stdlib.h>
-#include "mbedtls/pk.h"
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_PK_PARSE_C
- int ret;
- mbedtls_pk_context pk;
-
- mbedtls_pk_init( &pk );
- ret = mbedtls_pk_parse_public_key( &pk, Data, Size );
- if (ret == 0) {
-#if defined(MBEDTLS_RSA_C)
- if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
- {
- mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
- mbedtls_rsa_context *rsa;
-
- mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
- mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
- mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
- rsa = mbedtls_pk_rsa( pk );
- if ( mbedtls_rsa_export( rsa, &N, NULL, NULL, NULL, &E ) != 0 ) {
- abort();
- }
- if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) {
- abort();
- }
- if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) {
- abort();
- }
-
- mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
- mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
- mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-
- }
- else
-#endif
-#if defined(MBEDTLS_ECP_C)
- if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ||
- mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH )
- {
- mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
- mbedtls_ecp_group_id grp_id = ecp->grp.id;
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id( grp_id );
-
- /* If the curve is not supported, the key should not have been
- * accepted. */
- if( curve_info == NULL )
- abort( );
-
- /* It's a public key, so the private value should not have
- * been changed from its initialization to 0. */
- if( mbedtls_mpi_cmp_int( &ecp->d, 0 ) != 0 )
- abort( );
- }
- else
-#endif
- {
- /* The key is valid but is not of a supported type.
- * This should not happen. */
- abort( );
- }
- }
- mbedtls_pk_free( &pk );
-#else
- (void) Data;
- (void) Size;
-#endif //MBEDTLS_PK_PARSE_C
-
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_pubkey.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_pubkey.options
deleted file mode 100644
index 0824b19..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_pubkey.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 65535
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_server.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_server.c
deleted file mode 100644
index 014f386..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_server.c
+++ /dev/null
@@ -1,189 +0,0 @@
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/ssl_ticket.h"
-#include "common.h"
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-
-
-#if defined(MBEDTLS_SSL_SRV_C) && \
- defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C)
-const char *pers = "fuzz_server";
-static int initialized = 0;
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-static mbedtls_x509_crt srvcert;
-static mbedtls_pk_context pkey;
-#endif
-const char *alpn_list[3];
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-const unsigned char psk[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-};
-const char psk_id[] = "Client_identity";
-#endif
-#endif // MBEDTLS_SSL_SRV_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C
-
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#if defined(MBEDTLS_SSL_SRV_C) && \
- defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_CTR_DRBG_C)
- int ret;
- size_t len;
- mbedtls_ssl_context ssl;
- mbedtls_ssl_config conf;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_entropy_context entropy;
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- mbedtls_ssl_ticket_context ticket_ctx;
-#endif
- unsigned char buf[4096];
- fuzzBufferOffset_t biomemfuzz;
- uint8_t options;
-
- //we take 1 byte as options input
- if (Size < 1) {
- return 0;
- }
- options = Data[Size - 1];
-
- if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- mbedtls_x509_crt_init( &srvcert );
- mbedtls_pk_init( &pkey );
- if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
- mbedtls_test_srv_crt_len ) != 0)
- return 1;
- if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
- mbedtls_test_cas_pem_len ) != 0)
- return 1;
- if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 ) != 0)
- return 1;
-#endif
-
- alpn_list[0] = "HTTP";
- alpn_list[1] = "fuzzalpn";
- alpn_list[2] = NULL;
-
- dummy_init();
-
- initialized = 1;
- }
- mbedtls_ssl_init( &ssl );
- mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- mbedtls_ssl_ticket_init( &ticket_ctx );
-#endif
-
- if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
- (const unsigned char *) pers, strlen( pers ) ) != 0 )
- goto exit;
-
-
- if( mbedtls_ssl_config_defaults( &conf,
- MBEDTLS_SSL_IS_SERVER,
- MBEDTLS_SSL_TRANSPORT_STREAM,
- MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
- goto exit;
-
- srand(1);
- mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
- mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
- if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 )
- goto exit;
-#endif
-
- mbedtls_ssl_conf_cert_req_ca_list( &conf, (options & 0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED );
-#if defined(MBEDTLS_SSL_ALPN)
- if (options & 0x2) {
- mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list );
- }
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- if( options & 0x4 )
- {
- if( mbedtls_ssl_ticket_setup( &ticket_ctx,
- dummy_random, &ctr_drbg,
- MBEDTLS_CIPHER_AES_256_GCM,
- 86400 ) != 0 )
- goto exit;
-
- mbedtls_ssl_conf_session_tickets_cb( &conf,
- mbedtls_ssl_ticket_write,
- mbedtls_ssl_ticket_parse,
- &ticket_ctx );
- }
-#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- mbedtls_ssl_conf_truncated_hmac( &conf, (options & 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
-#endif
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
- mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
-#endif
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
- mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED);
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
- if (options & 0x40) {
- mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
- (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
- }
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
- mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED );
-#endif
-
- if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
- goto exit;
-
- biomemfuzz.Data = Data;
- biomemfuzz.Size = Size-1;
- biomemfuzz.Offset = 0;
- mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL );
-
- mbedtls_ssl_session_reset( &ssl );
- ret = mbedtls_ssl_handshake( &ssl );
- if( ret == 0 )
- {
- //keep reading data from server until the end
- do
- {
- len = sizeof( buf ) - 1;
- ret = mbedtls_ssl_read( &ssl, buf, len );
-
- if( ret == MBEDTLS_ERR_SSL_WANT_READ )
- continue;
- else if( ret <= 0 )
- //EOF or error
- break;
- }
- while( 1 );
- }
-
-exit:
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- mbedtls_ssl_ticket_free( &ticket_ctx );
-#endif
- mbedtls_entropy_free( &entropy );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_ssl_config_free( &conf );
- mbedtls_ssl_free( &ssl );
-
-#else
- (void) Data;
- (void) Size;
-#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
-
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_server.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_server.options
deleted file mode 100644
index 4d7340f..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_server.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 1048575
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crl.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crl.c
deleted file mode 100644
index 02f521c..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crl.c
+++ /dev/null
@@ -1,22 +0,0 @@
-#include <stdint.h>
-#include "mbedtls/x509_crl.h"
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_X509_CRL_PARSE_C
- int ret;
- mbedtls_x509_crl crl;
- unsigned char buf[4096];
-
- mbedtls_x509_crl_init( &crl );
- ret = mbedtls_x509_crl_parse( &crl, Data, Size );
- if (ret == 0) {
- ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
- }
- mbedtls_x509_crl_free( &crl );
-#else
- (void) Data;
- (void) Size;
-#endif
-
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crl.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crl.options
deleted file mode 100644
index 0824b19..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crl.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 65535
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crt.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crt.c
deleted file mode 100644
index 8f593a1..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crt.c
+++ /dev/null
@@ -1,22 +0,0 @@
-#include <stdint.h>
-#include "mbedtls/x509_crt.h"
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_X509_CRT_PARSE_C
- int ret;
- mbedtls_x509_crt crt;
- unsigned char buf[4096];
-
- mbedtls_x509_crt_init( &crt );
- ret = mbedtls_x509_crt_parse( &crt, Data, Size );
- if (ret == 0) {
- ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", &crt );
- }
- mbedtls_x509_crt_free( &crt );
-#else
- (void) Data;
- (void) Size;
-#endif
-
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crt.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crt.options
deleted file mode 100644
index 0824b19..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509crt.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 65535
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509csr.c b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509csr.c
deleted file mode 100644
index 3cf28a6..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509csr.c
+++ /dev/null
@@ -1,22 +0,0 @@
-#include <stdint.h>
-#include "mbedtls/x509_csr.h"
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_X509_CSR_PARSE_C
- int ret;
- mbedtls_x509_csr csr;
- unsigned char buf[4096];
-
- mbedtls_x509_csr_init( &csr );
- ret = mbedtls_x509_csr_parse( &csr, Data, Size );
- if (ret == 0) {
- ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
- }
- mbedtls_x509_csr_free( &csr );
-#else
- (void) Data;
- (void) Size;
-#endif
-
- return 0;
-}
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509csr.options b/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509csr.options
deleted file mode 100644
index 0824b19..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/fuzz_x509csr.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-max_len = 65535
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/onefile.c b/lib/mbedtls-2.27.0/programs/fuzz/onefile.c
deleted file mode 100644
index c845149..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/onefile.c
+++ /dev/null
@@ -1,60 +0,0 @@
-#include <stdint.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-/* This file doesn't use any Mbed TLS function, but grab config.h anyway
- * in case it contains platform-specific #defines related to malloc or
- * stdio functions. */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
-
-int main(int argc, char** argv)
-{
- FILE * fp;
- uint8_t *Data;
- size_t Size;
-
- if (argc != 2) {
- return 1;
- }
- //opens the file, get its size, and reads it into a buffer
- fp = fopen(argv[1], "rb");
- if (fp == NULL) {
- return 2;
- }
- if (fseek(fp, 0L, SEEK_END) != 0) {
- fclose(fp);
- return 2;
- }
- Size = ftell(fp);
- if (Size == (size_t) -1) {
- fclose(fp);
- return 2;
- }
- if (fseek(fp, 0L, SEEK_SET) != 0) {
- fclose(fp);
- return 2;
- }
- Data = malloc(Size);
- if (Data == NULL) {
- fclose(fp);
- return 2;
- }
- if (fread(Data, Size, 1, fp) != 1) {
- free(Data);
- fclose(fp);
- return 2;
- }
-
- //lauch fuzzer
- LLVMFuzzerTestOneInput(Data, Size);
- free(Data);
- fclose(fp);
- return 0;
-}
-