diff options
author | Bob Beck <bbe@google.com> | 2023-07-25 10:07:38 -0700 |
---|---|---|
committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2023-08-17 16:12:42 +0000 |
commit | 257bfaa3294d2a7aa01ebdbd3e0f9eeea0071e01 (patch) | |
tree | 300d858dc6bfddcb9b88b733d9b990d89aa31ea0 | |
parent | 9f4cad2208b703350fe11d9469125dad55c34d30 (diff) | |
download | boringssl-257bfaa3294d2a7aa01ebdbd3e0f9eeea0071e01.zip boringssl-257bfaa3294d2a7aa01ebdbd3e0f9eeea0071e01.tar.gz boringssl-257bfaa3294d2a7aa01ebdbd3e0f9eeea0071e01.tar.bz2 |
Move the fuzzers into the fuzz directory and make them build.
Change-Id: I9346a4bf48d756da254dc27842cd645a3a69f847
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/62045
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
182 files changed, 150 insertions, 128 deletions
diff --git a/fuzz/CMakeLists.txt b/fuzz/CMakeLists.txt index d9b898d..3905f55 100644 --- a/fuzz/CMakeLists.txt +++ b/fuzz/CMakeLists.txt @@ -22,10 +22,20 @@ fuzzer(bn_mod_exp) fuzzer(cert) fuzzer(client ssl) fuzzer(conf) +fuzzer(crl_getcrlstatusforcert_fuzzer pki) +fuzzer(crl_parse_crl_certificatelist_fuzzer pki) +fuzzer(crl_parse_crl_tbscertlist_fuzzer pki) +fuzzer(crl_parse_issuing_distribution_point_fuzzer pki) fuzzer(decode_client_hello_inner ssl) fuzzer(der_roundtrip) fuzzer(dtls_client ssl) fuzzer(dtls_server ssl) +fuzzer(ocsp_parse_ocsp_cert_id_fuzzer pki) +fuzzer(ocsp_parse_ocsp_response_data_fuzzer pki) +fuzzer(ocsp_parse_ocsp_response_fuzzer pki) +fuzzer(ocsp_parse_ocsp_single_response_fuzzer pki) +fuzzer(parse_authority_key_identifier_fuzzer pki) +fuzzer(parse_certificate_fuzzer pki) fuzzer(pkcs12) fuzzer(pkcs8) fuzzer(privkey) @@ -34,4 +44,6 @@ fuzzer(server ssl) fuzzer(session ssl) fuzzer(spki) fuzzer(ssl_ctx_api ssl) -fuzzer(parse_certificate_fuzzer pki) +fuzzer(verify_name_match_fuzzer pki) +fuzzer(verify_name_match_normalizename_fuzzer pki) +fuzzer(verify_name_match_verifynameinsubtree_fuzzer pki) diff --git a/pki/crl_getcrlstatusforcert_fuzzer.cc b/fuzz/crl_getcrlstatusforcert_fuzzer.cc index 9f0fd14..a9825fe 100644 --- a/pki/crl_getcrlstatusforcert_fuzzer.cc +++ b/fuzz/crl_getcrlstatusforcert_fuzzer.cc @@ -6,8 +6,8 @@ #include <stddef.h> #include <stdint.h> -#include "crl.h" -#include "input.h" +#include "../pki/crl.h" +#include "../pki/input.h" #include <openssl/sha.h> extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { @@ -15,14 +15,14 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { uint8_t data_hash[SHA256_DIGEST_LENGTH]; SHA256(data, size, data_hash); - const net::CrlVersion crl_version = - (data_hash[0] % 2) ? net::CrlVersion::V2 : net::CrlVersion::V1; + const bssl::CrlVersion crl_version = + (data_hash[0] % 2) ? bssl::CrlVersion::V2 : bssl::CrlVersion::V1; const size_t serial_len = data_hash[1] % (sizeof(data_hash) - 2); assert(serial_len + 2 < sizeof(data_hash)); const bssl::der::Input cert_serial( reinterpret_cast<const uint8_t*>(data_hash + 2), serial_len); - net::GetCRLStatusForCert(cert_serial, crl_version, + bssl::GetCRLStatusForCert(cert_serial, crl_version, std::make_optional(input_der)); return 0; diff --git a/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/bad_empty_extensions b/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/bad_empty_extensions Binary files differnew file mode 100644 index 0000000..53e2224 --- /dev/null +++ b/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/bad_empty_extensions diff --git a/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/bad_empty_sequence b/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/bad_empty_sequence Binary files differnew file mode 100644 index 0000000..def7fcb --- /dev/null +++ b/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/bad_empty_sequence diff --git a/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/good b/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/good Binary files differnew file mode 100644 index 0000000..cdfccaa --- /dev/null +++ b/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/good diff --git a/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/good_no_extensions b/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/good_no_extensions new file mode 100644 index 0000000..ccfb121 --- /dev/null +++ b/fuzz/crl_getcrlstatusforcert_fuzzer_corpus/good_no_extensions @@ -0,0 +1 @@ +0#0!8V+R'
181025161138Z
\ No newline at end of file diff --git a/pki/crl_parse_crl_certificatelist_fuzzer.cc b/fuzz/crl_parse_crl_certificatelist_fuzzer.cc index 2c6c571..508f7da 100644 --- a/pki/crl_parse_crl_certificatelist_fuzzer.cc +++ b/fuzz/crl_parse_crl_certificatelist_fuzzer.cc @@ -7,8 +7,8 @@ #include <tuple> -#include "crl.h" -#include "input.h" +#include "../pki/crl.h" +#include "../pki/input.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input crl_der(data, size); @@ -17,7 +17,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input signature_algorithm_tlv; bssl::der::BitString signature_value; - std::ignore = net::ParseCrlCertificateList( + std::ignore = bssl::ParseCrlCertificateList( crl_der, &tbs_cert_list_tlv, &signature_algorithm_tlv, &signature_value); return 0; diff --git a/fuzz/crl_parse_crl_certificatelist_fuzzer_corpus/good_minimal b/fuzz/crl_parse_crl_certificatelist_fuzzer_corpus/good_minimal Binary files differnew file mode 100644 index 0000000..b159c95 --- /dev/null +++ b/fuzz/crl_parse_crl_certificatelist_fuzzer_corpus/good_minimal diff --git a/pki/crl_parse_crl_tbscertlist_fuzzer.cc b/fuzz/crl_parse_crl_tbscertlist_fuzzer.cc index dae0ea6..845bfbd 100644 --- a/pki/crl_parse_crl_tbscertlist_fuzzer.cc +++ b/fuzz/crl_parse_crl_tbscertlist_fuzzer.cc @@ -7,14 +7,14 @@ #include <tuple> -#include "crl.h" -#include "input.h" +#include "../pki/crl.h" +#include "../pki/input.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input input_der(data, size); - net::ParsedCrlTbsCertList tbs_cert_list; - std::ignore = net::ParseCrlTbsCertList(input_der, &tbs_cert_list); + bssl::ParsedCrlTbsCertList tbs_cert_list; + std::ignore = bssl::ParseCrlTbsCertList(input_der, &tbs_cert_list); return 0; } diff --git a/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good Binary files differnew file mode 100644 index 0000000..1963fe2 --- /dev/null +++ b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good diff --git a/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_noextensions b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_noextensions Binary files differnew file mode 100644 index 0000000..ee3f216 --- /dev/null +++ b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_noextensions diff --git a/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_nonextupdate b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_nonextupdate Binary files differnew file mode 100644 index 0000000..d64fb9e --- /dev/null +++ b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_nonextupdate diff --git a/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_nooptionals b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_nooptionals Binary files differnew file mode 100644 index 0000000..f3b3110 --- /dev/null +++ b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_nooptionals diff --git a/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_norevokedcerts b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_norevokedcerts Binary files differnew file mode 100644 index 0000000..66aab9a --- /dev/null +++ b/fuzz/crl_parse_crl_tbscertlist_fuzzer_corpus/good_norevokedcerts diff --git a/pki/crl_parse_issuing_distribution_point_fuzzer.cc b/fuzz/crl_parse_issuing_distribution_point_fuzzer.cc index d262c6c..1239f4d 100644 --- a/pki/crl_parse_issuing_distribution_point_fuzzer.cc +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer.cc @@ -6,22 +6,22 @@ #include <stdint.h> #include <stdlib.h> -#include "crl.h" -#include "input.h" +#include "../pki/crl.h" +#include "../pki/input.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input idp_der(data, size); - std::unique_ptr<net::GeneralNames> distribution_point_names; - net::ContainedCertsType only_contains_cert_type; + std::unique_ptr<bssl::GeneralNames> distribution_point_names; + bssl::ContainedCertsType only_contains_cert_type; - if (net::ParseIssuingDistributionPoint(idp_der, &distribution_point_names, + if (bssl::ParseIssuingDistributionPoint(idp_der, &distribution_point_names, &only_contains_cert_type)) { bool has_distribution_point_names = distribution_point_names && - distribution_point_names->present_name_types != net::GENERAL_NAME_NONE; + distribution_point_names->present_name_types != bssl::GENERAL_NAME_NONE; if (!has_distribution_point_names && - only_contains_cert_type == net::ContainedCertsType::ANY_CERTS) { + only_contains_cert_type == bssl::ContainedCertsType::ANY_CERTS) { abort(); } } diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/empty_sequence b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/empty_sequence Binary files differnew file mode 100644 index 0000000..def7fcb --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/empty_sequence diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_distributionPoint_fullName_uri b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_distributionPoint_fullName_uri new file mode 100644 index 0000000..2f74234 --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_distributionPoint_fullName_uri @@ -0,0 +1 @@ +0 http://example.com/foo.crl
\ No newline at end of file diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_distributionPoint_nameRelativeToCRLIssuer b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_distributionPoint_nameRelativeToCRLIssuer new file mode 100644 index 0000000..a45d024 --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_distributionPoint_nameRelativeToCRLIssuer @@ -0,0 +1 @@ +0
10 UUS
\ No newline at end of file diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_dpname_onlyca_reasons_and_indirectcrl b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_dpname_onlyca_reasons_and_indirectcrl new file mode 100644 index 0000000..d5954c7 --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_dpname_onlyca_reasons_and_indirectcrl @@ -0,0 +1 @@ +0+http://example.com/foo.crl
\ No newline at end of file diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_indirectCrl b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_indirectCrl new file mode 100644 index 0000000..fe8256c --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_indirectCrl @@ -0,0 +1 @@ +0
\ No newline at end of file diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsAttributeCerts b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsAttributeCerts new file mode 100644 index 0000000..4195f6e --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsAttributeCerts @@ -0,0 +1 @@ +0
\ No newline at end of file diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsCaCerts b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsCaCerts new file mode 100644 index 0000000..e38a636 --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsCaCerts @@ -0,0 +1 @@ +0
\ No newline at end of file diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsUserCerts b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsUserCerts new file mode 100644 index 0000000..91d56bd --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlyContainsUserCerts @@ -0,0 +1 @@ +0
\ No newline at end of file diff --git a/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlySomeReasons b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlySomeReasons new file mode 100644 index 0000000..fdedbe9 --- /dev/null +++ b/fuzz/crl_parse_issuing_distribution_point_fuzzer_corpus/idp_with_onlySomeReasons @@ -0,0 +1 @@ +0
\ No newline at end of file diff --git a/pki/ocsp_parse_ocsp_cert_id_fuzzer.cc b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer.cc index 49f7c90..77d0a20 100644 --- a/pki/ocsp_parse_ocsp_cert_id_fuzzer.cc +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer.cc @@ -5,13 +5,13 @@ #include <stddef.h> #include <stdint.h> -#include "ocsp.h" -#include "input.h" +#include "../pki/ocsp.h" +#include "../pki/input.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input cert_id_der(data, size); - net::OCSPCertID cert_id; - net::ParseOCSPCertID(cert_id_der, &cert_id); + bssl::OCSPCertID cert_id; + bssl::ParseOCSPCertID(cert_id_der, &cert_id); return 0; } diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_issuer_key_hash_type b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_issuer_key_hash_type Binary files differnew file mode 100644 index 0000000..8b001aa --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_issuer_key_hash_type diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_name_hash_type b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_name_hash_type Binary files differnew file mode 100644 index 0000000..63084c2 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_name_hash_type diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_params b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_params Binary files differnew file mode 100644 index 0000000..059120e --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_params diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_serial_number_type b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_serial_number_type Binary files differnew file mode 100644 index 0000000..29224ff --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/bad_serial_number_type diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_hash b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_hash Binary files differnew file mode 100644 index 0000000..595db6b --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_hash diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_hash_oid b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_hash_oid Binary files differnew file mode 100644 index 0000000..282dbb1 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_hash_oid diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_sequence b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_sequence Binary files differnew file mode 100644 index 0000000..def7fcb --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_sequence diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_serial_number b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_serial_number Binary files differnew file mode 100644 index 0000000..6296a22 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/empty_serial_number diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/good b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/good new file mode 100644 index 0000000..788cbf0 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/good @@ -0,0 +1,2 @@ +0;0 +*Uu
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/hash_as_integer b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/hash_as_integer Binary files differnew file mode 100644 index 0000000..7b407db --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/hash_as_integer diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/hash_oid_as_integer b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/hash_oid_as_integer Binary files differnew file mode 100644 index 0000000..f2234fb --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/hash_oid_as_integer diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/md4_params b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/md4_params new file mode 100644 index 0000000..8448edb --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/md4_params @@ -0,0 +1,2 @@ +00 +*H
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/negative_serial b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/negative_serial Binary files differnew file mode 100644 index 0000000..009e7f4 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/negative_serial diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/non_minimal_serial b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/non_minimal_serial Binary files differnew file mode 100644 index 0000000..32bd979 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/non_minimal_serial diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/not_sequence b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/not_sequence new file mode 100644 index 0000000..cfcc2fe --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/not_sequence @@ -0,0 +1 @@ +
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/null_params b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/null_params Binary files differnew file mode 100644 index 0000000..2bc8fb5 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/null_params diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/overlong_serial b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/overlong_serial Binary files differnew file mode 100644 index 0000000..ee0e2b6 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/overlong_serial diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/trailing_data b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/trailing_data Binary files differnew file mode 100644 index 0000000..8507597 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/trailing_data diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/trailing_inner_data b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/trailing_inner_data Binary files differnew file mode 100644 index 0000000..13f1aec --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/trailing_inner_data diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/unknown_hash_oid b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/unknown_hash_oid new file mode 100644 index 0000000..c11ffee --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/unknown_hash_oid @@ -0,0 +1 @@ +0 0+
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/zero_serial b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/zero_serial Binary files differnew file mode 100644 index 0000000..cb9c664 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_cert_id_fuzzer_corpus/zero_serial diff --git a/pki/ocsp_parse_ocsp_response_data_fuzzer.cc b/fuzz/ocsp_parse_ocsp_response_data_fuzzer.cc index 884a8a7..99839d5 100644 --- a/pki/ocsp_parse_ocsp_response_data_fuzzer.cc +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer.cc @@ -5,13 +5,13 @@ #include <stddef.h> #include <stdint.h> -#include "ocsp.h" -#include "input.h" +#include "../pki/ocsp.h" +#include "../pki/input.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input response_data_der(data, size); - net::OCSPResponseData response_data; - net::ParseOCSPResponseData(response_data_der, &response_data); + bssl::OCSPResponseData response_data; + bssl::ParseOCSPResponseData(response_data_der, &response_data); return 0; } diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_produced_at_type b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_produced_at_type Binary files differnew file mode 100644 index 0000000..033c54b --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_produced_at_type diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_length b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_length new file mode 100644 index 0000000..302c64b --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_length @@ -0,0 +1 @@ +0
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_trailing_data b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_trailing_data Binary files differnew file mode 100644 index 0000000..42906d0 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_trailing_data diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_type b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_type Binary files differnew file mode 100644 index 0000000..5b667cc --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responder_id_key_hash_type diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responses_data b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responses_data Binary files differnew file mode 100644 index 0000000..6638cbf --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responses_data diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responses_type b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responses_type Binary files differnew file mode 100644 index 0000000..4b09b3c --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/bad_responses_type diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_extensions b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_extensions Binary files differnew file mode 100644 index 0000000..c46e843 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_extensions diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_responder_id_name b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_responder_id_name Binary files differnew file mode 100644 index 0000000..7cb619d --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_responder_id_name diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_responses b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_responses Binary files differnew file mode 100644 index 0000000..62840b9 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_responses diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_version b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_version Binary files differnew file mode 100644 index 0000000..fa20e44 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/empty_version diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/null_responses_data b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/null_responses_data Binary files differnew file mode 100644 index 0000000..29bbc44 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/null_responses_data diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/trailing_junk b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/trailing_junk Binary files differnew file mode 100644 index 0000000..d69f701 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/trailing_junk diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/trailing_outer_data b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/trailing_outer_data Binary files differnew file mode 100644 index 0000000..3b73587 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/trailing_outer_data diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_explicit_default b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_explicit_default Binary files differnew file mode 100644 index 0000000..15c89fb --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_explicit_default diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_too_large b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_too_large new file mode 100644 index 0000000..4c5e703 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_too_large @@ -0,0 +1 @@ +0
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_too_new b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_too_new new file mode 100644 index 0000000..6dfd6ad --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_too_new @@ -0,0 +1 @@ +0
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_trailing_data b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_trailing_data Binary files differnew file mode 100644 index 0000000..75412ad --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/version_trailing_data diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/wrong_outer_type b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/wrong_outer_type Binary files differnew file mode 100644 index 0000000..19b3e94 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/wrong_outer_type diff --git a/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/wrong_responder_id_type b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/wrong_responder_id_type Binary files differnew file mode 100644 index 0000000..df0dd6d --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_data_fuzzer_corpus/wrong_responder_id_type diff --git a/pki/ocsp_parse_ocsp_response_fuzzer.cc b/fuzz/ocsp_parse_ocsp_response_fuzzer.cc index df6c880..148612c 100644 --- a/pki/ocsp_parse_ocsp_response_fuzzer.cc +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer.cc @@ -5,13 +5,13 @@ #include <stddef.h> #include <stdint.h> -#include "ocsp.h" -#include "input.h" +#include "../pki/ocsp.h" +#include "../pki/input.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input response_der(data, size); - net::OCSPResponse response; - net::ParseOCSPResponse(response_der, &response); + bssl::OCSPResponse response; + bssl::ParseOCSPResponse(response_der, &response); return 0; } diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/baisc_response_bad_data b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/baisc_response_bad_data Binary files differnew file mode 100644 index 0000000..418147d --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/baisc_response_bad_data diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/baisc_response_trailing_data b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/baisc_response_trailing_data Binary files differnew file mode 100644 index 0000000..6e5c0fe --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/baisc_response_trailing_data diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs Binary files differnew file mode 100644 index 0000000..0460e1a --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_inner_data b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_inner_data Binary files differnew file mode 100644 index 0000000..eb4dd03 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_inner_data diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_trailing_data b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_trailing_data Binary files differnew file mode 100644 index 0000000..9c322c4 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_trailing_data diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_type Binary files differnew file mode 100644 index 0000000..61fd3a2 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_certs_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg Binary files differnew file mode 100644 index 0000000..2b501de --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_params b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_params Binary files differnew file mode 100644 index 0000000..cb855ef --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_params diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_sha1_non_empty_params b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_sha1_non_empty_params Binary files differnew file mode 100644 index 0000000..8a593e7 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_sha1_non_empty_params diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_sha1_params b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_sha1_params Binary files differnew file mode 100644 index 0000000..497e993 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_bad_sha1_params diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_data_trailing_params b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_data_trailing_params Binary files differnew file mode 100644 index 0000000..c6ce25e --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_data_trailing_params diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_empty_oid b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_empty_oid Binary files differnew file mode 100644 index 0000000..b27581b --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_empty_oid diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_oid_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_oid_type Binary files differnew file mode 100644 index 0000000..2a2db0a --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_oid_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_type Binary files differnew file mode 100644 index 0000000..cef9501 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_alg_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_type Binary files differnew file mode 100644 index 0000000..a0d9616 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_bad_sig_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_empty_certs b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_empty_certs Binary files differnew file mode 100644 index 0000000..6da3aa0 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_empty_certs diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_empty_sig b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_empty_sig Binary files differnew file mode 100644 index 0000000..97ef6a9 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_empty_sig diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_null_certs b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_null_certs Binary files differnew file mode 100644 index 0000000..73ff9c0 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_null_certs diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_inner_junk b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_inner_junk Binary files differnew file mode 100644 index 0000000..169dbea --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_inner_junk diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_junk b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_junk Binary files differnew file mode 100644 index 0000000..3ce548d --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_junk diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_outer_junk b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_outer_junk Binary files differnew file mode 100644 index 0000000..52eb0f8 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/basic_response_trailing_outer_junk diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_bad_oid_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_bad_oid_type Binary files differnew file mode 100644 index 0000000..a821342 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_bad_oid_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_bad_response_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_bad_response_type Binary files differnew file mode 100644 index 0000000..cd6df83 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_bad_response_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_empty_oid b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_empty_oid Binary files differnew file mode 100644 index 0000000..63152f7 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_empty_oid diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_empty_response b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_empty_response Binary files differnew file mode 100644 index 0000000..8c42956 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_empty_response diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_trailing_data b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_trailing_data Binary files differnew file mode 100644 index 0000000..ffdf181 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_bytes_trailing_data diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_status_type_out_of_range b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_status_type_out_of_range new file mode 100644 index 0000000..e96966e --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_status_type_out_of_range @@ -0,0 +1,2 @@ +0 +
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_status_type_too_large b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_status_type_too_large new file mode 100644 index 0000000..a071026 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/response_status_type_too_large @@ -0,0 +1,2 @@ +0 +
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/trailing_inner_data b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/trailing_inner_data Binary files differnew file mode 100644 index 0000000..d3fa1b4 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/trailing_inner_data diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/trailing_outer_data b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/trailing_outer_data Binary files differnew file mode 100644 index 0000000..3b73587 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/trailing_outer_data diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/try_later b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/try_later new file mode 100644 index 0000000..39e09cf --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/try_later @@ -0,0 +1,2 @@ +0 +
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/unused b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/unused new file mode 100644 index 0000000..3838393 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/unused @@ -0,0 +1,2 @@ +0 +
\ No newline at end of file diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_basic_response_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_basic_response_type Binary files differnew file mode 100644 index 0000000..7966443 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_basic_response_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_outer_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_outer_type Binary files differnew file mode 100644 index 0000000..bbfb76b --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_outer_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_bytes b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_bytes Binary files differnew file mode 100644 index 0000000..0b7768b --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_bytes diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_bytes_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_bytes_type Binary files differnew file mode 100644 index 0000000..5bd1e98 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_bytes_type diff --git a/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_status_type b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_status_type Binary files differnew file mode 100644 index 0000000..7b407db --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_response_fuzzer_corpus/wrong_response_status_type diff --git a/pki/ocsp_parse_ocsp_single_response_fuzzer.cc b/fuzz/ocsp_parse_ocsp_single_response_fuzzer.cc index 9c07918..3c7861d 100644 --- a/pki/ocsp_parse_ocsp_single_response_fuzzer.cc +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer.cc @@ -5,13 +5,13 @@ #include <stddef.h> #include <stdint.h> -#include "ocsp.h" -#include "input.h" +#include "../pki/ocsp.h" +#include "../pki/input.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input single_response_der(data, size); - net::OCSPSingleResponse single_response; - net::ParseOCSPSingleResponse(single_response_der, &single_response); + bssl::OCSPSingleResponse single_response; + bssl::ParseOCSPSingleResponse(single_response_der, &single_response); return 0; } diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_cert_status_context b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_cert_status_context Binary files differnew file mode 100644 index 0000000..610d533 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_cert_status_context diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_cert_status_type b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_cert_status_type Binary files differnew file mode 100644 index 0000000..f3ca9af --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_cert_status_type diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_extensions b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_extensions Binary files differnew file mode 100644 index 0000000..e654d41 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_extensions diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update Binary files differnew file mode 100644 index 0000000..b04f3ad --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update_trailing_data b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update_trailing_data Binary files differnew file mode 100644 index 0000000..d228524 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update_trailing_data diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update_type b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update_type Binary files differnew file mode 100644 index 0000000..f0d1489 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_next_update_type diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_outer_type b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_outer_type Binary files differnew file mode 100644 index 0000000..bbfb76b --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_outer_type diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_offset b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_offset Binary files differnew file mode 100644 index 0000000..85b7ccf --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_offset diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_type b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_type Binary files differnew file mode 100644 index 0000000..e890edb --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_type diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_value b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_value Binary files differnew file mode 100644 index 0000000..65e3709 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_date_value diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_integer b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_integer Binary files differnew file mode 100644 index 0000000..03c66fe --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_integer diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_primitive b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_primitive Binary files differnew file mode 100644 index 0000000..5a84984 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_primitive diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_out_of_range b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_out_of_range Binary files differnew file mode 100644 index 0000000..a31531c --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_out_of_range diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_too_large b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_too_large Binary files differnew file mode 100644 index 0000000..bec5172 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_too_large diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_trailing_data b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_trailing_data Binary files differnew file mode 100644 index 0000000..778630f --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_trailing_data diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_type b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_type Binary files differnew file mode 100644 index 0000000..144078b --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_type diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_unused b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_unused Binary files differnew file mode 100644 index 0000000..0bade04 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_reason_value_unused diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_trailing_data b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_trailing_data Binary files differnew file mode 100644 index 0000000..5e5bcbc --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_revoked_info_trailing_data diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_this_update_type b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_this_update_type Binary files differnew file mode 100644 index 0000000..0d82e23 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/bad_this_update_type diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/empty_extensions b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/empty_extensions Binary files differnew file mode 100644 index 0000000..457a329 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/empty_extensions diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/empty_next_update b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/empty_next_update Binary files differnew file mode 100644 index 0000000..d401d93 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/empty_next_update diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/no_extensions b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/no_extensions Binary files differnew file mode 100644 index 0000000..d026ebb --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/no_extensions diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/trailing_inner_data b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/trailing_inner_data Binary files differnew file mode 100644 index 0000000..5f58d17 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/trailing_inner_data diff --git a/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/trailing_outer_data b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/trailing_outer_data Binary files differnew file mode 100644 index 0000000..8507597 --- /dev/null +++ b/fuzz/ocsp_parse_ocsp_single_response_fuzzer_corpus/trailing_outer_data diff --git a/pki/parse_authority_key_identifier_fuzzer.cc b/fuzz/parse_authority_key_identifier_fuzzer.cc index 18d4b62..1e95af6 100644 --- a/pki/parse_authority_key_identifier_fuzzer.cc +++ b/fuzz/parse_authority_key_identifier_fuzzer.cc @@ -7,16 +7,16 @@ #include <tuple> -#include "parse_certificate.h" -#include "input.h" +#include "../pki/parse_certificate.h" +#include "../pki/input.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input der(data, size); - net::ParsedAuthorityKeyIdentifier authority_key_identifier; + bssl::ParsedAuthorityKeyIdentifier authority_key_identifier; std::ignore = - net::ParseAuthorityKeyIdentifier(der, &authority_key_identifier); + bssl::ParseAuthorityKeyIdentifier(der, &authority_key_identifier); return 0; } diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/empty_sequence b/fuzz/parse_authority_key_identifier_fuzzer_corpus/empty_sequence Binary files differnew file mode 100644 index 0000000..def7fcb --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/empty_sequence diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/extra_contents_after_issuer_and_serial b/fuzz/parse_authority_key_identifier_fuzzer_corpus/extra_contents_after_issuer_and_serial new file mode 100644 index 0000000..0861b74 --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/extra_contents_after_issuer_and_serial @@ -0,0 +1 @@ +001
0URoot'O4
\ No newline at end of file diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/invalid_contents b/fuzz/parse_authority_key_identifier_fuzzer_corpus/invalid_contents new file mode 100644 index 0000000..bde072e --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/invalid_contents @@ -0,0 +1 @@ +04
\ No newline at end of file diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/issuer_and_serial b/fuzz/parse_authority_key_identifier_fuzzer_corpus/issuer_and_serial new file mode 100644 index 0000000..b92ee50 --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/issuer_and_serial @@ -0,0 +1 @@ +001
0URoot'O
\ No newline at end of file diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/issuer_only b/fuzz/parse_authority_key_identifier_fuzzer_corpus/issuer_only new file mode 100644 index 0000000..8576644 --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/issuer_only @@ -0,0 +1 @@ +001
0URoot
\ No newline at end of file diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/key_identifier b/fuzz/parse_authority_key_identifier_fuzzer_corpus/key_identifier new file mode 100644 index 0000000..07d6612 --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/key_identifier @@ -0,0 +1 @@ +0ޭ
\ No newline at end of file diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/key_identifier_and_issuer_and_serial b/fuzz/parse_authority_key_identifier_fuzzer_corpus/key_identifier_and_issuer_and_serial new file mode 100644 index 0000000..23b4b37 --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/key_identifier_and_issuer_and_serial @@ -0,0 +1 @@ +0ޭ01
0URoot'O
\ No newline at end of file diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/serial_only b/fuzz/parse_authority_key_identifier_fuzzer_corpus/serial_only new file mode 100644 index 0000000..b0fbe47 --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/serial_only @@ -0,0 +1 @@ +0'O
\ No newline at end of file diff --git a/fuzz/parse_authority_key_identifier_fuzzer_corpus/url_issuer_and_serial b/fuzz/parse_authority_key_identifier_fuzzer_corpus/url_issuer_and_serial new file mode 100644 index 0000000..e5f1579 --- /dev/null +++ b/fuzz/parse_authority_key_identifier_fuzzer_corpus/url_issuer_and_serial @@ -0,0 +1 @@ +0http://example.com'O
\ No newline at end of file diff --git a/pki/verify_name_match_fuzzer.cc b/fuzz/verify_name_match_fuzzer.cc index 5b2b159..e5e2c21 100644 --- a/pki/verify_name_match_fuzzer.cc +++ b/fuzz/verify_name_match_fuzzer.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "verify_name_match.h" +#include "../pki/verify_name_match.h" #include <stddef.h> #include <stdint.h> @@ -12,7 +12,7 @@ #include <vector> -#include "input.h" +#include "../pki/input.h" // Entry point for LibFuzzer. extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { @@ -27,8 +27,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input in1(first_part); bssl::der::Input in2(second_part); - bool match = net::VerifyNameMatch(in1, in2); - bool reverse_order_match = net::VerifyNameMatch(in2, in1); + bool match = bssl::VerifyNameMatch(in1, in2); + bool reverse_order_match = bssl::VerifyNameMatch(in2, in1); // Result should be the same regardless of argument order. if (match != reverse_order_match) { abort(); diff --git a/fuzz/verify_name_match_fuzzer_corpus/1b016c1840c8e898f9ff55e637fafb3cf3ead130 b/fuzz/verify_name_match_fuzzer_corpus/1b016c1840c8e898f9ff55e637fafb3cf3ead130 Binary files differnew file mode 100644 index 0000000..c6b3045 --- /dev/null +++ b/fuzz/verify_name_match_fuzzer_corpus/1b016c1840c8e898f9ff55e637fafb3cf3ead130 diff --git a/fuzz/verify_name_match_fuzzer_corpus/4294e32c0898747dbab77e9305416adb00507c4f b/fuzz/verify_name_match_fuzzer_corpus/4294e32c0898747dbab77e9305416adb00507c4f Binary files differnew file mode 100644 index 0000000..432b4f4 --- /dev/null +++ b/fuzz/verify_name_match_fuzzer_corpus/4294e32c0898747dbab77e9305416adb00507c4f diff --git a/fuzz/verify_name_match_fuzzer_corpus/8e747a3d570ba8af6fd8a086363be7c7ff129717 b/fuzz/verify_name_match_fuzzer_corpus/8e747a3d570ba8af6fd8a086363be7c7ff129717 Binary files differnew file mode 100644 index 0000000..d1517dc --- /dev/null +++ b/fuzz/verify_name_match_fuzzer_corpus/8e747a3d570ba8af6fd8a086363be7c7ff129717 diff --git a/fuzz/verify_name_match_fuzzer_corpus/a530be31dc772f5da83827396e2db7f3530dbd63 b/fuzz/verify_name_match_fuzzer_corpus/a530be31dc772f5da83827396e2db7f3530dbd63 Binary files differnew file mode 100644 index 0000000..5f6a5ee --- /dev/null +++ b/fuzz/verify_name_match_fuzzer_corpus/a530be31dc772f5da83827396e2db7f3530dbd63 diff --git a/fuzz/verify_name_match_fuzzer_corpus/b010e4b4f94f13421176001e854c198d659cdbc6 b/fuzz/verify_name_match_fuzzer_corpus/b010e4b4f94f13421176001e854c198d659cdbc6 Binary files differnew file mode 100644 index 0000000..05dbb52 --- /dev/null +++ b/fuzz/verify_name_match_fuzzer_corpus/b010e4b4f94f13421176001e854c198d659cdbc6 diff --git a/fuzz/verify_name_match_fuzzer_corpus/c100b87975cddf2b5ba2dc5c79cf19be094ba49c b/fuzz/verify_name_match_fuzzer_corpus/c100b87975cddf2b5ba2dc5c79cf19be094ba49c Binary files differnew file mode 100644 index 0000000..a8af270 --- /dev/null +++ b/fuzz/verify_name_match_fuzzer_corpus/c100b87975cddf2b5ba2dc5c79cf19be094ba49c diff --git a/pki/verify_name_match_normalizename_fuzzer.cc b/fuzz/verify_name_match_normalizename_fuzzer.cc index 0bf31bb..2577dfa 100644 --- a/pki/verify_name_match_normalizename_fuzzer.cc +++ b/fuzz/verify_name_match_normalizename_fuzzer.cc @@ -2,22 +2,22 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "verify_name_match.h" +#include "../pki/verify_name_match.h" -#include "cert_errors.h" -#include "input.h" +#include "../pki/cert_errors.h" +#include "../pki/input.h" // Entry point for LibFuzzer. extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input in(data, size); std::string normalized_der; bssl::CertErrors errors; - bool success = net::NormalizeName(in, &normalized_der, &errors); + bool success = bssl::NormalizeName(in, &normalized_der, &errors); if (success) { // If the input was successfully normalized, re-normalizing it should // produce the same output again. std::string renormalized_der; - bool renormalize_success = net::NormalizeName( + bool renormalize_success = bssl::NormalizeName( bssl::der::Input(normalized_der), &renormalized_der, &errors); if (!renormalize_success) { abort(); diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/37924c444319c3e53f946bfecb9619f49feac82c b/fuzz/verify_name_match_normalizename_fuzzer_corpus/37924c444319c3e53f946bfecb9619f49feac82c Binary files differnew file mode 100644 index 0000000..718b01a --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/37924c444319c3e53f946bfecb9619f49feac82c diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/42ddf23c41b1cd18d91ee88cbf4ce16691c26ccf b/fuzz/verify_name_match_normalizename_fuzzer_corpus/42ddf23c41b1cd18d91ee88cbf4ce16691c26ccf Binary files differnew file mode 100644 index 0000000..758c544 --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/42ddf23c41b1cd18d91ee88cbf4ce16691c26ccf diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/471f1dd828dbff86838a550fd418921eb694739b b/fuzz/verify_name_match_normalizename_fuzzer_corpus/471f1dd828dbff86838a550fd418921eb694739b new file mode 100644 index 0000000..926c6db --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/471f1dd828dbff86838a550fd418921eb694739b @@ -0,0 +1 @@ +0
00 UUS
\ No newline at end of file diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/50feeb838ca58e5faaba45e34db5ebe95fc79d90 b/fuzz/verify_name_match_normalizename_fuzzer_corpus/50feeb838ca58e5faaba45e34db5ebe95fc79d90 new file mode 100644 index 0000000..879f126 --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/50feeb838ca58e5faaba45e34db5ebe95fc79d90 @@ -0,0 +1 @@ +0 10U
\ No newline at end of file diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/7bbf4751b9c581ae33c572f5313728414c598fdf b/fuzz/verify_name_match_normalizename_fuzzer_corpus/7bbf4751b9c581ae33c572f5313728414c598fdf Binary files differnew file mode 100644 index 0000000..86f406e --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/7bbf4751b9c581ae33c572f5313728414c598fdf diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/81ea9ea4435b0dffc2df539aa81fe1baa9c1bab3 b/fuzz/verify_name_match_normalizename_fuzzer_corpus/81ea9ea4435b0dffc2df539aa81fe1baa9c1bab3 new file mode 100644 index 0000000..c9bf44b --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/81ea9ea4435b0dffc2df539aa81fe1baa9c1bab3 @@ -0,0 +1 @@ +0
11 UUS
\ No newline at end of file diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/897be1df5da3a82bb30a3c3cfe6e737c791e7a64 b/fuzz/verify_name_match_normalizename_fuzzer_corpus/897be1df5da3a82bb30a3c3cfe6e737c791e7a64 Binary files differnew file mode 100644 index 0000000..ca074fd --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/897be1df5da3a82bb30a3c3cfe6e737c791e7a64 diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/8c8d92335b0dd8916648af9298a03be29c47cb3b b/fuzz/verify_name_match_normalizename_fuzzer_corpus/8c8d92335b0dd8916648af9298a03be29c47cb3b new file mode 100644 index 0000000..28fc0fd --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/8c8d92335b0dd8916648af9298a03be29c47cb3b @@ -0,0 +1 @@ +1
10 UUS
\ No newline at end of file diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/a716b31050528102348026757fa7f5637da9e8b6 b/fuzz/verify_name_match_normalizename_fuzzer_corpus/a716b31050528102348026757fa7f5637da9e8b6 Binary files differnew file mode 100644 index 0000000..fcacff8 --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/a716b31050528102348026757fa7f5637da9e8b6 diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/f26c509626316176ed2d9ad0d8df8bd53a66f5a1 b/fuzz/verify_name_match_normalizename_fuzzer_corpus/f26c509626316176ed2d9ad0d8df8bd53a66f5a1 new file mode 100644 index 0000000..2c430e9 --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/f26c509626316176ed2d9ad0d8df8bd53a66f5a1 @@ -0,0 +1 @@ +010 UUS10U New York 1_0]UV ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 '()+,-./:=?
\ No newline at end of file diff --git a/fuzz/verify_name_match_normalizename_fuzzer_corpus/f944dcd635f9801f7ac90a407fbc479964dec024 b/fuzz/verify_name_match_normalizename_fuzzer_corpus/f944dcd635f9801f7ac90a407fbc479964dec024 Binary files differnew file mode 100644 index 0000000..def7fcb --- /dev/null +++ b/fuzz/verify_name_match_normalizename_fuzzer_corpus/f944dcd635f9801f7ac90a407fbc479964dec024 diff --git a/pki/verify_name_match_verifynameinsubtree_fuzzer.cc b/fuzz/verify_name_match_verifynameinsubtree_fuzzer.cc index bfc70d3..226d23d 100644 --- a/pki/verify_name_match_verifynameinsubtree_fuzzer.cc +++ b/fuzz/verify_name_match_verifynameinsubtree_fuzzer.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "verify_name_match.h" +#include "../pki/verify_name_match.h" #include <stddef.h> #include <stdint.h> @@ -11,7 +11,7 @@ #include <vector> -#include "input.h" +#include "../pki/input.h" // Entry point for LibFuzzer. extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { @@ -26,11 +26,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bssl::der::Input in1(first_part); bssl::der::Input in2(second_part); - bool match = net::VerifyNameInSubtree(in1, in2); - bool reverse_order_match = net::VerifyNameInSubtree(in2, in1); + bool match = bssl::VerifyNameInSubtree(in1, in2); + bool reverse_order_match = bssl::VerifyNameInSubtree(in2, in1); // If both InSubtree matches are true, then in1 == in2 (modulo normalization). if (match && reverse_order_match) { - if (!net::VerifyNameMatch(in1, in2)) { + if (!bssl::VerifyNameMatch(in1, in2)) { abort(); } } diff --git a/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/1b016c1840c8e898f9ff55e637fafb3cf3ead130 b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/1b016c1840c8e898f9ff55e637fafb3cf3ead130 Binary files differnew file mode 100644 index 0000000..c6b3045 --- /dev/null +++ b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/1b016c1840c8e898f9ff55e637fafb3cf3ead130 diff --git a/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/4294e32c0898747dbab77e9305416adb00507c4f b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/4294e32c0898747dbab77e9305416adb00507c4f Binary files differnew file mode 100644 index 0000000..432b4f4 --- /dev/null +++ b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/4294e32c0898747dbab77e9305416adb00507c4f diff --git a/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/8e747a3d570ba8af6fd8a086363be7c7ff129717 b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/8e747a3d570ba8af6fd8a086363be7c7ff129717 Binary files differnew file mode 100644 index 0000000..d1517dc --- /dev/null +++ b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/8e747a3d570ba8af6fd8a086363be7c7ff129717 diff --git a/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/a530be31dc772f5da83827396e2db7f3530dbd63 b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/a530be31dc772f5da83827396e2db7f3530dbd63 Binary files differnew file mode 100644 index 0000000..5f6a5ee --- /dev/null +++ b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/a530be31dc772f5da83827396e2db7f3530dbd63 diff --git a/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/b010e4b4f94f13421176001e854c198d659cdbc6 b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/b010e4b4f94f13421176001e854c198d659cdbc6 Binary files differnew file mode 100644 index 0000000..05dbb52 --- /dev/null +++ b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/b010e4b4f94f13421176001e854c198d659cdbc6 diff --git a/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/c100b87975cddf2b5ba2dc5c79cf19be094ba49c b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/c100b87975cddf2b5ba2dc5c79cf19be094ba49c Binary files differnew file mode 100644 index 0000000..a8af270 --- /dev/null +++ b/fuzz/verify_name_match_verifynameinsubtree_fuzzer_corpus/c100b87975cddf2b5ba2dc5c79cf19be094ba49c @@ -22,3 +22,9 @@ tar -C $CHROMIUM_SRC/net/data -cf - cert_issuer_source_static_unittest \ verify_signed_data_unittest | tar -C ./testdata -xf - go run ./import_tool.go -spec import_spec.json --source-base $CHROMIUM_SRC -dest-base . + +sed -i "s/#include \"/#include \"..\/pki\//g" *fuzzer.cc +mv *fuzzer.cc ../fuzz + + + diff --git a/pki/asn1_util.cc b/pki/asn1_util.cc index 8479470..148c39d 100644 --- a/pki/asn1_util.cc +++ b/pki/asn1_util.cc @@ -328,4 +328,4 @@ bool ExtractExtensionFromDERCert(std::string_view cert, return true; } -} // namespace net::asn1 +} // namespace bssl::asn1 diff --git a/pki/asn1_util.h b/pki/asn1_util.h index 758c787..af0b176 100644 --- a/pki/asn1_util.h +++ b/pki/asn1_util.h @@ -70,6 +70,6 @@ OPENSSL_EXPORT bool ExtractExtensionFromDERCert(std::string_view cert, bool* out_extension_critical, std::string_view* out_contents); -} // namespace net::asn1 +} // namespace bssl::asn1 #endif // BSSL_PKI_ASN1_UTIL_H_ diff --git a/pki/cert_status_flags.h b/pki/cert_status_flags.h index 69ae818..9f7d979 100644 --- a/pki/cert_status_flags.h +++ b/pki/cert_status_flags.h @@ -33,9 +33,9 @@ inline bool IsCertStatusError(CertStatus status) { // Maps a network error code to the equivalent certificate status flag. If // the error code is not a certificate error, it is mapped to 0. -// Note: It is not safe to go net::CertStatus -> net::Error -> net::CertStatus, +// Note: It is not safe to go bssl::CertStatus -> bssl::Error -> bssl::CertStatus, // as the CertStatus contains more information. Conversely, going from -// net::Error -> net::CertStatus -> net::Error is not a lossy function, for the +// bssl::Error -> bssl::CertStatus -> bssl::Error is not a lossy function, for the // same reason. // To avoid incorrect use, this is only exported for unittest helpers. OPENSSL_EXPORT CertStatus MapNetErrorToCertStatus(int error); diff --git a/pki/common_cert_errors.cc b/pki/common_cert_errors.cc index 4807ae0..b13bc94 100644 --- a/pki/common_cert_errors.cc +++ b/pki/common_cert_errors.cc @@ -82,4 +82,4 @@ DEFINE_CERT_ERROR_ID(kDeadlineExceeded, "Deadline exceeded"); DEFINE_CERT_ERROR_ID(kIterationLimitExceeded, "Iteration limit exceeded"); DEFINE_CERT_ERROR_ID(kDepthLimitExceeded, "Depth limit exceeded"); -} // namespace net::cert_errors +} // namespace bssl::cert_errors diff --git a/pki/common_cert_errors.h b/pki/common_cert_errors.h index c6cb337..5e3f1b9 100644 --- a/pki/common_cert_errors.h +++ b/pki/common_cert_errors.h @@ -159,6 +159,6 @@ OPENSSL_EXPORT extern const CertErrorId kIterationLimitExceeded; // Depth limit was reached during path building. OPENSSL_EXPORT extern const CertErrorId kDepthLimitExceeded; -} // namespace net::cert_errors +} // namespace bssl::cert_errors #endif // BSSL_PKI_COMMON_CERT_ERRORS_H_ diff --git a/pki/import_spec.json b/pki/import_spec.json index f6617cd..8fcfa52 100644 --- a/pki/import_spec.json +++ b/pki/import_spec.json @@ -189,18 +189,8 @@ "replace": ""}, {"match": "friend class base::RefCountedThreadSafe<.+>;", "replace": ""}, - {"match": "net::string_util::", - "replace": "bssl::string_util::"}, - {"match": "net::x509_util::", - "replace": "x509_util::"}, - {"match": " net::der", - "replace": " bssl::der"}, - {"match": "net::ParsedCertificate", - "replace": "ParsedCertificate"}, - {"match": "net::CertPathBuilderResultPath", - "replace": "CertPathBuilderResultPath"}, - {"match": "net::CertErrors", - "replace": "bssl::CertErrors"}, + {"match": "\\bnet::", + "replace": "bssl::"}, {"match": "base::Time::Exploded", "replace": "fillins::Exploded", "include": "fillins/time.h"}, diff --git a/pki/nist_pkits_unittest.h b/pki/nist_pkits_unittest.h index c6b91d6..279fb29 100644 --- a/pki/nist_pkits_unittest.h +++ b/pki/nist_pkits_unittest.h @@ -90,12 +90,12 @@ class PkitsTest : public ::testing::Test { const PkitsTestInfo& info) { std::vector<std::string> cert_ders; for (const std::string s : cert_names) { - cert_ders.push_back(ReadTestFileToString( + cert_ders.push_back(bssl::ReadTestFileToString( "testdata/nist-pkits/certs/" + s + ".crt")); } std::vector<std::string> crl_ders; for (const std::string s : crl_names) { - crl_ders.push_back(ReadTestFileToString( + crl_ders.push_back(bssl::ReadTestFileToString( "testdata/nist-pkits/crls/" + s + ".crl")); } diff --git a/pki/parse_certificate_fuzzer.cc b/pki/parse_certificate_fuzzer.cc deleted file mode 100644 index caf0c0e..0000000 --- a/pki/parse_certificate_fuzzer.cc +++ /dev/null @@ -1,25 +0,0 @@ -// Copyright 2016 The Chromium Authors -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include <stddef.h> -#include <stdint.h> - -#include "cert_errors.h" -#include "parsed_certificate.h" -#include <openssl/pool.h> - -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - bssl::CertErrors errors; - std::shared_ptr<const ParsedCertificate> cert = - ParsedCertificate::Create( - bssl::UniquePtr<CRYPTO_BUFFER>( - CRYPTO_BUFFER_new(data, size, nullptr)), - {}, &errors); - - // Severe errors must be provided iff the parsing failed. - CHECK_EQ(errors.ContainsAnyErrorWithSeverity(net::CertError::SEVERITY_HIGH), - cert == nullptr); - - return 0; -} diff --git a/pki/parsed_certificate.cc b/pki/parsed_certificate.cc index 5a5039c..028bdad 100644 --- a/pki/parsed_certificate.cc +++ b/pki/parsed_certificate.cc @@ -282,7 +282,7 @@ std::shared_ptr<const ParsedCertificate> ParsedCertificate::Create( bool ParsedCertificate::CreateAndAddToVector( bssl::UniquePtr<CRYPTO_BUFFER> cert_data, const ParseCertificateOptions& options, - std::vector<std::shared_ptr<const ParsedCertificate>>* chain, + std::vector<std::shared_ptr<const bssl::ParsedCertificate>>* chain, CertErrors* errors) { std::shared_ptr<const ParsedCertificate> cert( Create(std::move(cert_data), options, errors)); diff --git a/pki/parsed_certificate.h b/pki/parsed_certificate.h index 5fbef82..1f2083f 100644 --- a/pki/parsed_certificate.h +++ b/pki/parsed_certificate.h @@ -70,7 +70,7 @@ class OPENSSL_EXPORT ParsedCertificate { static bool CreateAndAddToVector( bssl::UniquePtr<CRYPTO_BUFFER> cert_data, const ParseCertificateOptions& options, - std::vector<std::shared_ptr<const ParsedCertificate>>* chain, + std::vector<std::shared_ptr<const bssl::ParsedCertificate>>* chain, CertErrors* errors); explicit ParsedCertificate(PrivateConstructor); diff --git a/pki/patches/0001-Simplify-the-name-constraint-limit-to-resemble-Borin.patch b/pki/patches/0001-Simplify-the-name-constraint-limit-to-resemble-Borin.patch index 1917779..e786b3a 100644 --- a/pki/patches/0001-Simplify-the-name-constraint-limit-to-resemble-Borin.patch +++ b/pki/patches/0001-Simplify-the-name-constraint-limit-to-resemble-Borin.patch @@ -1,4 +1,4 @@ -From 6218984931c841f8e2939a94d58e7315a967fe68 Mon Sep 17 00:00:00 2001 +From 78f16e55f9d5cae7cf4b4bcf45c4af53db231cd9 Mon Sep 17 00:00:00 2001 From: Bob Beck <bbe@google.com> Date: Wed, 17 May 2023 10:37:22 -0600 Subject: [PATCH 1/2] Simplify the name constraint limit to resemble @@ -45,7 +45,7 @@ index e9d834e1b51fa..ecf528b6e10a5 100644 "+base/supports_user_data.h", ] diff --git a/net/cert/pki/name_constraints.cc b/net/cert/pki/name_constraints.cc -index f6415dfbfec94..27d8638df87a7 100644 +index b1f4aa44e54e1..06703db78fb5b 100644 --- a/net/cert/pki/name_constraints.cc +++ b/net/cert/pki/name_constraints.cc @@ -8,7 +8,6 @@ @@ -139,10 +139,10 @@ index f6415dfbfec94..27d8638df87a7 100644 // Subject Alternative Name handling: diff --git a/net/cert/pki/verify_certificate_chain_typed_unittest.h b/net/cert/pki/verify_certificate_chain_typed_unittest.h -index fffb5c0339df9..d4090be9b604c 100644 +index a1af7849ebcc1..32a5be319d00d 100644 --- a/net/cert/pki/verify_certificate_chain_typed_unittest.h +++ b/net/cert/pki/verify_certificate_chain_typed_unittest.h -@@ -276,10 +276,9 @@ TYPED_TEST_P(VerifyCertificateChainSingleRootTest, Policies) { +@@ -275,10 +275,9 @@ TYPED_TEST_P(VerifyCertificateChainSingleRootTest, Policies) { } TYPED_TEST_P(VerifyCertificateChainSingleRootTest, ManyNames) { @@ -155,7 +155,7 @@ index fffb5c0339df9..d4090be9b604c 100644 this->RunTest("many-names/toomany-all-types.test"); this->RunTest("many-names/toomany-dns-excluded.test"); this->RunTest("many-names/toomany-dns-permitted.test"); -@@ -287,6 +286,7 @@ TYPED_TEST_P(VerifyCertificateChainSingleRootTest, ManyNames) { +@@ -286,6 +285,7 @@ TYPED_TEST_P(VerifyCertificateChainSingleRootTest, ManyNames) { this->RunTest("many-names/toomany-ips-permitted.test"); this->RunTest("many-names/toomany-dirnames-excluded.test"); this->RunTest("many-names/toomany-dirnames-permitted.test"); @@ -164,10 +164,10 @@ index fffb5c0339df9..d4090be9b604c 100644 TYPED_TEST_P(VerifyCertificateChainSingleRootTest, TargetOnly) { diff --git a/net/data/test_bundle_data.filelist b/net/data/test_bundle_data.filelist -index 3eccfcb4a981a..baa64c0a92171 100644 +index a33bdbe30a0eb..00c635befd873 100644 --- a/net/data/test_bundle_data.filelist +++ b/net/data/test_bundle_data.filelist -@@ -751,12 +751,6 @@ data/verify_certificate_chain_unittest/key-rollover/rolloverchain.pem +@@ -753,12 +753,6 @@ data/verify_certificate_chain_unittest/key-rollover/rolloverchain.pem data/verify_certificate_chain_unittest/key-rollover/rolloverchain.test data/verify_certificate_chain_unittest/many-names/ok-all-types.pem data/verify_certificate_chain_unittest/many-names/ok-all-types.test @@ -41105,5 +41105,5 @@ index efdbd5eaca095..56bc9c89c4c42 100644 Validity Not Before: Oct 5 12:00:00 2021 GMT -- -2.41.0.162.gfafddb0af9-goog +2.41.0.694.ge786442a9b-goog diff --git a/pki/patches/0002-disable-path-builder-tests-with-unsupported-dependen.patch b/pki/patches/0002-disable-path-builder-tests-with-unsupported-dependen.patch index 6565afa..6abbe75 100644 --- a/pki/patches/0002-disable-path-builder-tests-with-unsupported-dependen.patch +++ b/pki/patches/0002-disable-path-builder-tests-with-unsupported-dependen.patch @@ -1,4 +1,4 @@ -From 0a1d630dbc33f63009aabb4907a1dbeb4c934415 Mon Sep 17 00:00:00 2001 +From 0c4866b5b94854983697ebc362efba8d05e5cb86 Mon Sep 17 00:00:00 2001 From: Bob Beck <bbe@google.com> Date: Fri, 2 Jun 2023 11:08:50 +0200 Subject: [PATCH 2/2] disable path builder tests with unsupported dependencies @@ -8,10 +8,10 @@ Subject: [PATCH 2/2] disable path builder tests with unsupported dependencies 1 file changed, 12 insertions(+) diff --git a/net/cert/pki/path_builder_unittest.cc b/net/cert/pki/path_builder_unittest.cc -index d2cf0626cd474..112d0cafd811b 100644 +index 2ee48ce3f5ecc..3a9ead52f0d54 100644 --- a/net/cert/pki/path_builder_unittest.cc +++ b/net/cert/pki/path_builder_unittest.cc -@@ -34,6 +34,7 @@ namespace net { +@@ -32,6 +32,7 @@ namespace net { namespace { @@ -19,7 +19,7 @@ index d2cf0626cd474..112d0cafd811b 100644 using ::testing::_; using ::testing::ElementsAre; using ::testing::Exactly; -@@ -43,6 +44,7 @@ using ::testing::Return; +@@ -41,6 +42,7 @@ using ::testing::Return; using ::testing::SaveArg; using ::testing::SetArgPointee; using ::testing::StrictMock; @@ -27,7 +27,7 @@ index d2cf0626cd474..112d0cafd811b 100644 class TestPathBuilderDelegate : public SimplePathBuilderDelegate { public: -@@ -161,6 +163,7 @@ class AsyncCertIssuerSourceStatic : public CertIssuerSource { +@@ -159,6 +161,7 @@ class AsyncCertIssuerSourceStatic : public CertIssuerSource { } const void* kKey = &kKey; @@ -35,7 +35,7 @@ index d2cf0626cd474..112d0cafd811b 100644 class TrustStoreThatStoresUserData : public TrustStore { public: class Data : public base::SupportsUserData::Data { -@@ -202,6 +205,7 @@ TEST(PathBuilderResultUserDataTest, ModifyUserDataInConstructor) { +@@ -200,6 +203,7 @@ TEST(PathBuilderResultUserDataTest, ModifyUserDataInConstructor) { ASSERT_TRUE(data); EXPECT_EQ(1234, data->value); } @@ -43,7 +43,7 @@ index d2cf0626cd474..112d0cafd811b 100644 class PathBuilderMultiRootTest : public ::testing::Test { public: -@@ -1566,6 +1570,7 @@ TEST_F(PathBuilderKeyRolloverTest, TestDuplicateIntermediateAndRoot) { +@@ -1564,6 +1568,7 @@ TEST_F(PathBuilderKeyRolloverTest, TestDuplicateIntermediateAndRoot) { EXPECT_EQ(newroot_->der_cert(), path.certs[2]->der_cert()); } @@ -51,7 +51,7 @@ index d2cf0626cd474..112d0cafd811b 100644 class MockCertIssuerSourceRequest : public CertIssuerSource::Request { public: MOCK_METHOD2(GetNext, void(ParsedCertificateList*, base::SupportsUserData*)); -@@ -1578,6 +1583,7 @@ class MockCertIssuerSource : public CertIssuerSource { +@@ -1576,6 +1581,7 @@ class MockCertIssuerSource : public CertIssuerSource { MOCK_METHOD2(AsyncGetIssuersOf, void(const ParsedCertificate*, std::unique_ptr<Request>*)); }; @@ -59,7 +59,7 @@ index d2cf0626cd474..112d0cafd811b 100644 // Helper class to pass the Request to the PathBuilder when it calls // AsyncGetIssuersOf. (GoogleMock has a ByMove helper, but it apparently can -@@ -1613,6 +1619,7 @@ class AppendCertToList { +@@ -1611,6 +1617,7 @@ class AppendCertToList { std::shared_ptr<const ParsedCertificate> cert_; }; @@ -67,7 +67,7 @@ index d2cf0626cd474..112d0cafd811b 100644 // Test that a single CertIssuerSource returning multiple async batches of // issuers is handled correctly. Due to the StrictMocks, it also tests that path // builder does not request issuers of certs that it shouldn't. -@@ -1782,6 +1789,7 @@ TEST_F(PathBuilderKeyRolloverTest, TestDuplicateAsyncIntermediates) { +@@ -1780,6 +1787,7 @@ TEST_F(PathBuilderKeyRolloverTest, TestDuplicateAsyncIntermediates) { EXPECT_EQ(newintermediate_, path1.certs[1]); EXPECT_EQ(newroot_, path1.certs[2]); } @@ -75,7 +75,7 @@ index d2cf0626cd474..112d0cafd811b 100644 class PathBuilderSimpleChainTest : public ::testing::Test { public: -@@ -1936,6 +1944,7 @@ class CertPathBuilderDelegateBase : public SimplePathBuilderDelegate { +@@ -1934,6 +1942,7 @@ class CertPathBuilderDelegateBase : public SimplePathBuilderDelegate { } }; @@ -83,7 +83,7 @@ index d2cf0626cd474..112d0cafd811b 100644 class MockPathBuilderDelegate : public CertPathBuilderDelegateBase { public: MOCK_METHOD2(CheckPathAfterVerification, -@@ -1951,6 +1960,7 @@ TEST_F(PathBuilderCheckPathAfterVerificationTest, NoOpToValidPath) { +@@ -1949,6 +1958,7 @@ TEST_F(PathBuilderCheckPathAfterVerificationTest, NoOpToValidPath) { CertPathBuilder::Result result = RunPathBuilder(nullptr, &delegate); EXPECT_TRUE(result.HasValidPath()); } @@ -91,7 +91,7 @@ index d2cf0626cd474..112d0cafd811b 100644 DEFINE_CERT_ERROR_ID(kWarningFromDelegate, "Warning from delegate"); -@@ -2002,6 +2012,7 @@ TEST_F(PathBuilderCheckPathAfterVerificationTest, AddsErrorToValidPath) { +@@ -2000,6 +2010,7 @@ TEST_F(PathBuilderCheckPathAfterVerificationTest, AddsErrorToValidPath) { EXPECT_TRUE(cert2_errors->ContainsError(kErrorFromDelegate)); } @@ -99,7 +99,7 @@ index d2cf0626cd474..112d0cafd811b 100644 TEST_F(PathBuilderCheckPathAfterVerificationTest, NoopToAlreadyInvalidPath) { StrictMock<MockPathBuilderDelegate> delegate; // Just verify that the hook is called (on an invalid path). -@@ -2034,6 +2045,7 @@ TEST_F(PathBuilderCheckPathAfterVerificationTest, SetsDelegateData) { +@@ -2032,6 +2043,7 @@ TEST_F(PathBuilderCheckPathAfterVerificationTest, SetsDelegateData) { EXPECT_EQ(0xB33F, data->value); } @@ -108,5 +108,5 @@ index d2cf0626cd474..112d0cafd811b 100644 TEST(PathBuilderPrioritizationTest, DatePrioritization) { std::string test_dir = -- -2.41.0.162.gfafddb0af9-goog +2.41.0.694.ge786442a9b-goog diff --git a/pki/path_builder.cc b/pki/path_builder.cc index 9f4b7e9..2aa1c21 100644 --- a/pki/path_builder.cc +++ b/pki/path_builder.cc @@ -32,7 +32,7 @@ namespace { using CertIssuerSources = std::vector<CertIssuerSource*>; // Returns a hex-encoded sha256 of the DER-encoding of |cert|. -std::string FingerPrintParsedCertificate(const ParsedCertificate* cert) { +std::string FingerPrintParsedCertificate(const bssl::ParsedCertificate* cert) { uint8_t digest[SHA256_DIGEST_LENGTH]; SHA256(cert->der_cert().UnsafeData(), cert->der_cert().Length(), digest); return bssl::string_util::HexEncode(digest, sizeof(digest)); diff --git a/pki/path_builder_pkits_unittest.cc b/pki/path_builder_pkits_unittest.cc index 620205c..b797cd4 100644 --- a/pki/path_builder_pkits_unittest.cc +++ b/pki/path_builder_pkits_unittest.cc @@ -234,7 +234,7 @@ class PathBuilderPkitsTestDelegate { if (info.should_validate != result.HasValidPath()) { for (size_t i = 0; i < result.paths.size(); ++i) { - const CertPathBuilderResultPath* result_path = + const bssl::CertPathBuilderResultPath* result_path = result.paths[i].get(); LOG(ERROR) << "path " << i << " errors:\n" << result_path->errors.ToDebugString(result_path->certs); diff --git a/pki/string_util.cc b/pki/string_util.cc index 9f1b15d..5e97eb5 100644 --- a/pki/string_util.cc +++ b/pki/string_util.cc @@ -114,4 +114,4 @@ std::vector<std::string_view> SplitString(std::string_view str, return out; } -} // namespace net::string_util +} // namespace bssl::string_util diff --git a/pki/string_util.h b/pki/string_util.h index 08bb2b7..635f9ea 100644 --- a/pki/string_util.h +++ b/pki/string_util.h @@ -60,6 +60,6 @@ OPENSSL_EXPORT std::vector<std::string_view> SplitString( std::string_view str, char split_char); -} // namespace net::string_util +} // namespace bssl::string_util #endif // BSSL_PKI_STRING_UTIL_H_ |