aboutsummaryrefslogtreecommitdiffhomepage
path: root/projects/mbedtls
diff options
context:
space:
mode:
authorGravatar Catena cyber <35799796+catenacyber@users.noreply.github.com>2019-07-12 16:59:39 +0200
committerGravatar Abhishek Arya <inferno@chromium.org>2019-07-12 07:59:39 -0700
commitf49aaecdfcc86f8517d03f1db476fa1eae3cc23e (patch)
treebe802587b2d32ce0da7ccb6ca16f7479fec749a2 /projects/mbedtls
parentab91fbd152a87c9d4fa20ac5143bfa5507c33a2d (diff)
Use main repo for project MbedTLS (#2592)
* mbedtls ok * Do not copy removed patch
Diffstat (limited to 'projects/mbedtls')
-rw-r--r--projects/mbedtls/Dockerfile1
-rwxr-xr-xprojects/mbedtls/build.sh29
-rw-r--r--projects/mbedtls/fuzzmbedtls.diff1539
3 files changed, 12 insertions, 1557 deletions
diff --git a/projects/mbedtls/Dockerfile b/projects/mbedtls/Dockerfile
index d0e409de..9c49e60c 100644
--- a/projects/mbedtls/Dockerfile
+++ b/projects/mbedtls/Dockerfile
@@ -22,5 +22,4 @@ RUN git clone --recursive --depth 1 https://github.com/ARMmbed/mbedtls.git mbedt
RUN git clone --depth 1 https://github.com/google/boringssl.git boringssl
RUN git clone --depth 1 https://github.com/openssl/openssl.git openssl
WORKDIR mbedtls
-COPY fuzzmbedtls.diff $SRC/fuzz.diff
COPY build.sh $SRC/
diff --git a/projects/mbedtls/build.sh b/projects/mbedtls/build.sh
index 263ab545..62ab2970 100755
--- a/projects/mbedtls/build.sh
+++ b/projects/mbedtls/build.sh
@@ -16,22 +16,25 @@
################################################################################
# build project
-# TODO change when merged into master branch of official repo
-git apply ../fuzz.diff
-cmake .
+perl scripts/config.pl set MBEDTLS_PLATFORM_TIME_ALT
+mkdir build
+cd build
+cmake ..
+# build including fuzzers
make -j$(nproc) all
+cp programs/fuzz/fuzz_* $OUT/
# build corpuses
-cd tests
+cd ../programs
cp -r ../../openssl/fuzz/corpora/crl fuzz/corpuses/
cp -r ../../openssl/fuzz/corpora/x509 fuzz/corpuses/
cp -r ../../boringssl/fuzz/privkey_corpus fuzz/corpuses/
cp ../../boringssl/fuzz/cert_corpus/* fuzz/corpuses/x509/
-zip -r fuzz/fuzz_x509crl_seed_corpus.zip data_files/crl* fuzz/corpuses/crl
-zip -r fuzz/fuzz_x509crt_seed_corpus.zip data_files/*.crt data_files/dir*/*.crt fuzz/corpuses/x509/
-zip -r fuzz/fuzz_x509csr_seed_corpus.zip data_files/*.csr data_files/*.req.*
-zip -r fuzz/fuzz_privkey_seed_corpus.zip data_files/*.key data_files/*.pem fuzz/corpuses/privkey_corpus
-zip -r fuzz/fuzz_pubkey_seed_corpus.zip data_files/*.pub data_files/*.pubkey data_files/*pub.pem
+zip -r fuzz/fuzz_x509crl_seed_corpus.zip ../tests/data_files/crl* fuzz/corpuses/crl
+zip -r fuzz/fuzz_x509crt_seed_corpus.zip ../tests/data_files/*.crt ../tests/data_files/dir*/*.crt fuzz/corpuses/x509/
+zip -r fuzz/fuzz_x509csr_seed_corpus.zip ../tests/data_files/*.csr ../tests/data_files/*.req.*
+zip -r fuzz/fuzz_privkey_seed_corpus.zip ../tests/data_files/*.key ../tests/data_files/*.pem fuzz/corpuses/privkey_corpus
+zip -r fuzz/fuzz_pubkey_seed_corpus.zip ../tests/data_files/*.pub ../tests/data_files/*.pubkey
zip -r fuzz/fuzz_dtlsclient_seed_corpus.zip fuzz/corpuses/dtlsclient
zip -r fuzz/fuzz_dtlsserver_seed_corpus.zip fuzz/corpuses/dtlsserver
zip -r fuzz/fuzz_client_seed_corpus.zip fuzz/corpuses/client
@@ -41,11 +44,3 @@ cd fuzz
# export other associated stuff
cp *.options $OUT/
cp fuzz_*_seed_corpus.zip $OUT/
-
-# build fuzzers
-for target in x509crl x509crt x509csr privkey pubkey client server dtlsclient dtlsserver
-do
- $CC $CFLAGS -I. -I ../../include -c fuzz_$target.c -o fuzz_$target.o
-
- $CXX $CXXFLAGS -std=c++11 fuzz_$target.o -o $OUT/fuzz_$target ../../library/libmbedx509.a ../../library/libmbedtls.a ../../crypto/library/libmbedcrypto.a $LIB_FUZZING_ENGINE
-done
diff --git a/projects/mbedtls/fuzzmbedtls.diff b/projects/mbedtls/fuzzmbedtls.diff
deleted file mode 100644
index 307d1b2e..00000000
--- a/projects/mbedtls/fuzzmbedtls.diff
+++ /dev/null
@@ -1,1539 +0,0 @@
-diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
-index ac23cffe8..466963cfe 100644
---- a/include/mbedtls/x509_crt.h
-+++ b/include/mbedtls/x509_crt.h
-@@ -32,6 +32,7 @@
-
- #include "x509.h"
- #include "x509_crl.h"
-+#include "bignum.h"
-
- /**
- * \addtogroup x509_module
-diff --git a/library/ssl_cli.c b/library/ssl_cli.c
-index ba59c4898..8f2e619d0 100644
---- a/library/ssl_cli.c
-+++ b/library/ssl_cli.c
-@@ -678,7 +678,7 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl )
- {
- int ret;
- unsigned char *p = ssl->handshake->randbytes;
--#if defined(MBEDTLS_HAVE_TIME)
-+#if defined(MBEDTLS_HAVE_TIME) && !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
- mbedtls_time_t t;
- #endif
-
-@@ -693,7 +693,7 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl )
- }
- #endif
-
--#if defined(MBEDTLS_HAVE_TIME)
-+#if defined(MBEDTLS_HAVE_TIME) && !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
- t = mbedtls_time( NULL );
- *p++ = (unsigned char)( t >> 24 );
- *p++ = (unsigned char)( t >> 16 );
-diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
-index 56e9bdd2b..8ec34f3f1 100644
---- a/library/ssl_cookie.c
-+++ b/library/ssl_cookie.c
-@@ -167,7 +167,9 @@ int mbedtls_ssl_cookie_write( void *p_ctx,
- if( (size_t)( end - *p ) < COOKIE_LEN )
- return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-
--#if defined(MBEDTLS_HAVE_TIME)
-+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
-+ t = 0x5af2a056;
-+#elif defined(MBEDTLS_HAVE_TIME)
- t = (unsigned long) mbedtls_time( NULL );
- #else
- t = ctx->serial++;
-@@ -237,7 +239,9 @@ int mbedtls_ssl_cookie_check( void *p_ctx,
- if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
- return( -1 );
-
--#if defined(MBEDTLS_HAVE_TIME)
-+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
-+ cur_time = 0x5af2a056;
-+#elif defined(MBEDTLS_HAVE_TIME)
- cur_time = (unsigned long) mbedtls_time( NULL );
- #else
- cur_time = ctx->serial;
-diff --git a/library/ssl_srv.c b/library/ssl_srv.c
-index 52087ae6e..265017bfa 100644
---- a/library/ssl_srv.c
-+++ b/library/ssl_srv.c
-@@ -2398,7 +2398,7 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl )
-
- static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
- {
--#if defined(MBEDTLS_HAVE_TIME)
-+#if defined(MBEDTLS_HAVE_TIME) && !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
- mbedtls_time_t t;
- #endif
- int ret;
-@@ -2441,7 +2441,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]",
- buf[4], buf[5] ) );
-
--#if defined(MBEDTLS_HAVE_TIME)
-+#if defined(MBEDTLS_HAVE_TIME) && !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
- t = mbedtls_time( NULL );
- *p++ = (unsigned char)( t >> 24 );
- *p++ = (unsigned char)( t >> 16 );
-diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
-index 52632f87c..2b732899e 100644
---- a/tests/CMakeLists.txt
-+++ b/tests/CMakeLists.txt
-@@ -127,3 +127,5 @@ if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
- link_to_source(scripts)
- link_to_source(ssl-opt.sh)
- endif()
-+
-+add_subdirectory(fuzz)
-diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt
-new file mode 100644
-index 000000000..1392f63ca
---- /dev/null
-+++ b/tests/fuzz/CMakeLists.txt
-@@ -0,0 +1,38 @@
-+set(libs
-+ mbedtls
-+)
-+
-+if(USE_PKCS11_HELPER_LIBRARY)
-+ set(libs ${libs} pkcs11-helper)
-+endif(USE_PKCS11_HELPER_LIBRARY)
-+
-+if(ENABLE_ZLIB_SUPPORT)
-+ set(libs ${libs} ${ZLIB_LIBRARIES})
-+endif(ENABLE_ZLIB_SUPPORT)
-+
-+add_executable(fuzz_x509csr fuzz_x509csr.c onefile.c)
-+target_link_libraries(fuzz_x509csr ${libs})
-+
-+add_executable(fuzz_x509crl fuzz_x509crl.c onefile.c)
-+target_link_libraries(fuzz_x509crl ${libs})
-+
-+add_executable(fuzz_x509crt fuzz_x509crt.c onefile.c)
-+target_link_libraries(fuzz_x509crt ${libs})
-+
-+add_executable(fuzz_privkey fuzz_privkey.c onefile.c)
-+target_link_libraries(fuzz_privkey ${libs})
-+
-+add_executable(fuzz_pubkey fuzz_pubkey.c onefile.c)
-+target_link_libraries(fuzz_pubkey ${libs})
-+
-+add_executable(fuzz_client fuzz_client.c onefile.c)
-+target_link_libraries(fuzz_client ${libs})
-+
-+add_executable(fuzz_server fuzz_server.c onefile.c)
-+target_link_libraries(fuzz_server ${libs})
-+
-+add_executable(fuzz_dtlsclient fuzz_dtlsclient.c onefile.c)
-+target_link_libraries(fuzz_dtlsclient ${libs})
-+
-+add_executable(fuzz_dtlsserver fuzz_dtlsserver.c onefile.c)
-+target_link_libraries(fuzz_dtlsserver ${libs})
-diff --git a/tests/fuzz/corpuses/client b/tests/fuzz/corpuses/client
-new file mode 100644
-index 0000000000000000000000000000000000000000..48d0a67c8f36ace60ccf4013a5b985207703ed80
-GIT binary patch
-literal 4037
-zcmeH~c{o)2AIHy`8T&qD>`Tbb8T(Gxk|o8ErjclDkqky<Pbg_@EtHUbNxH&RawA*G
-zGPcN)kjTi=O%Yl8jp{x>_x`$1_j$U1{?2p$IG^wNp3n1rKA-RFyx(75I2>?<0l<DZ
-z-1D&)(e|_DtSqJa=ECYLv#<vHWkKpx!U>#`t7=xuH8BqrwtHx79!|=M4uzdQ)O)jn
-z@;IGr&&3`UxKmtzIJOP~0FKWf00ICC000&M1_HcrIBPWvz<L*8tpwn@P!wDfih_w|
-z!(kwdc0+9ROmb(<&wgYBK{`4B(nYgCO!V-52zqYVp516Jh+{Kg=4P}Z_#6(fv)hg4
-zhfteCaBj{&hQ#dMiGgCqJ0TGi8yXF%pjFUnYHE-M4#lRjHH6fDm>daleofBgLvTIp
-zbA&()grdOhTUQCv0q`i01E7sF!=gYCsJG60F+~yXM)X?*RHc=&2TkbcS$67h^LF7T
-zD0#rSqIr>{sYMua@>|7#5Ch3;Yj@R3B^OVQ?Qo0FxGfW&GxR3@b&F8ygN=Fwrc$Ff
-z@6*fj69dWhhshoojock}B{u^PF@*C+J(n90%^qYEQnc{+=qN=rqq3ae>&1EpNPamK
-z#px0LtGztQJ@`V-_~Ay1kp<)Y5!QF4vpr@HyQ)gK;3B6SiUmYW_&7MukcLPmhsOCH
-z<CU8|5<WQ%guj=LlLa3ovl~jkgPvHjzkN2++$?>xnNB~X38r^V*noqocGa<sXoX1~
-z;L25qJm;m2d&+Tp<bX0)^T#(x5V`_`(>k7K4Ox9@oG>>61_6*Tt&GC#2wntF0Ugz?
-zYIxLz!v<;XQtVb{O)|a&iEh4@K=47lkvwGFL_y_94`%6pUttQzjKPEE_0L-iPTLl=
-zf`dSY=RsL)cCcVkjZm?`EPud)5BoAvqhk_fg#>-(%loW`Hi(3isS^)n2l0y1{Kc#T
-z`(^!XKR7(dlfiKf$Ys9ZjH!C0J~6XFbmk*03h9}9>Xk&4iK8d_6g~83=0eN`$`i41
-zZc3^_L5C06iuyNm*1`L<>q1feLVk~oJZtG*;K2ur8};j=EkTyUsA;P5?py8kfquz1
-zl;aCySUHTW@A~)P^%RbxEyqeiht^NZyuRBXG@I$wCs@$wN225(v?pCO<q<t%C>_*!
-zuupkhda2MF7uUpQsr~fg)I&8K_oz8@-6wWAm|I@Re$AqI-a_679fDUI)P0?EcM0wS
-z;3OJ7u{3%J-{=AUQl@{C9_Y{XK)9bv{v(L$Mm5(^zm2748lD|VRS7pK;LWCpzf0?#
-zebW}khh@B6Fq{5}G%6sHrj-^e5?Ys_J*ws87sT-N`rsw%{Q%oX9eEJu#=?}5A5WV}
-zZU9Teq|u7OWFdRy%B-bpU6m{ln6Y2CxB!vt|E?x_(C}HoxSm|nTWOcZ$60OFvo7KH
-zUdO1^?p?+1*baB>CHJi^zDiZ{tD8`&SyP%H-?^_&O(|S5z^iRnIge3vxaWtnOX!>L
-zg7YixC?Qv3P`~2|(gxhva(g!MYedZ)sFQGUcxigA^tqBucLdBzB756{mb)9%8&=;$
-zK~%Q?lgjj#o70U8ow2D&kua6(X;?yT-&crEr$DDKLadu`a3km-I0$~;Leh6Zas5it
-zK?wJKl5!05^?#~$QQ%*<*%unC*6jxX`(%>TZRr;&l-!Ro48pN-mQ6ui0}OZix7#F|
-z&)`E;;%Z%Y*?qoS`%Wp|zAnu$`@W_`fHRxffuw<5lq<Wl7+8^bCLPHMjlpS!A+0Xr
-z@x%S~K08S1V|~M(bMZ%2`vbS@?S6hIL9RoAjqv~-6J4QpR;8!lc=Y7UB)cWgOU)~U
-z6DC+BRj2pL)O4LeaY%rEtexnjLQKrmwd<!m21U~sxy^4|^K_3?NDc;tFRHg=`MZ14
-z-dYovMdNyLU6>B0#d0%SZy-^(o!|-rX>*x{j4l)vzAoYz)_-ua$F4u2t99B*j+xDA
-z->kR|iuX0WCFRh_$FXVqAJEA1_gcpKzgouneJ#_3)M=Wfp{@y`H)-4q)xU***V2EM
-z{Qorma~l7vWdAyU|EO7;{Qdclu*EXbw%HdNh02;m$b%}ueJWQDJ(Dx2jZ`c-^lH56
-zuu@gye8N+aVJ;tyyC=lT3U48A9-~C#+wo^+bp=?~d6-8eLTyU-4L2kqYak~?ZF0U`
-zoPK)wr&pP-+l15YwOT!>cHaKoh3kR}BMX^Fy$;GbOJYJEw(eJ7p|2Or*12QV6;PAb
-z;@KBH9X}Z?zNa$r(2RywRX*X&ZDfy~6t_wD=L)^C9y@)*8iP>Sg%8YrVcmC`DtH<6
-z{1>jyxCa4YvO5$@d{?5E*mA0-;zcsjPfs`!(@Zf^(@T6=$Jk75)E#tn_z-)_qP-pC
-z4411#U5CjEx0^m?%831PWqX5i%%_h_?PzlV=0MX$49%1Ef7M1Npx$^q0&m<-g_!9X
-zX%4eP9|4C!20wIwLXZIMk4m$b++XY^k?8Z)UYZ*J;V@MpZ51`Nx|+6{)+Uvkp~|=L
-zr}Lkn`A>!~tA&B|bn>SWz;-wuKr{}?tL@apD#to(ti@H!8e8od^KE3`Z>Oq_?ZuEU
-zq-e89j5?zv@#bp+DY6|3im?snFp*`?yl;xXsCp{oi>+#<R(K`8-+4>6k?efDXcwW6
-zUv{6@H9K7~vInn=sz~1HZ0L067OBZRCMIbC8p^i?-Qj-_A=&bLRU-`Y{VFw{kb5N0
-z_a@~0l5h006^Po>xIgduEp3E*0gwj_4K$MRL<gA^AUp`UqsKp#fBF1XgNqxg*C&E|
-zHbU;j2I|RI^?O}r$@4r}Rax7up+fs)-818|glC;YwUz2N;PI<=G^0WWY3Rmr3FRu8
-zsf7$49V75y8EZvn;3+7J(fF1a?f3#-U<JSgIKY1f0nAO!w3fDE_zk6Mi*`QusOPBm
-z-IgAKohwYAu0A^d+j^tV`}I|4`6Pmy_)MUfzQL;pSrwn3ceZ+~+NS9Ha8B+3_s(lh
-zmD)WL{=ne6M!`F3?(2Tvu+z>E)>L1XYVbjFH9X0!^6LFayjhEnsTQMv&*TjYV%2V&
-zEG};=>6`@LWKnvW6^>YUcd$0@nv-`yA31ow#REz*ezN8$al{1d4T}Qrg%x$?3PnXZ
-zTd|fddp%b@CwQRx!=jVu1vhe^K!X1M8vVdvBzfZs=S!CB{Fe=Uw576{vRpE$yyi#&
-zS@)=0BPRy%ZaUXH*U!J!n!{eme@|)FJEKXMTHSU2jkDIatfwJ~ULOQvoMmGp-?yHc
-z%Z|vG%Zc|k%aB(*&Gqs%S<ZhhIJzmKE2V?-So&B}XRBP3K4X9kMVkwWLMo`+wl6Th
-zCfBkL1yx#a8@I-RRvnk~OSl&}MoFsv;jv3oF_ngIO>U(;GeaZeTXL6~{1j}g2uDI+
-z3P&+E2wKG86mk`4T>%j6v?C@D?EwTgLm681<$}%|>5hE--TDBjbferpg=$#0GKxyL
-zC(}}4l=wutqZ~z>{Oh;5;F+vFDNs6U#sRkHEC>H1XDK-^3uTUb-dwys)zv=G8#Zdq
-zo}=u}MY@;Y>aL}nNl26FDMnK~D%u5M1!~N&Pz$^%+9Sla(rIsc(~aK*aeWuF->DbY
-zxZqY}yMA@QBdOtf^};Jsv2F}CT4~{U*k$Sb21;9!>8RhnF1{6#h%P1obEzSvF~vK<
-z)MDW+u7WM+@iKYdq!W=3af-@0Fw02F*iUF|qb*tB+mc~|&77<CT&)Q@&&txM(%Lz{
-ImjJ+j04YTqLI3~&
-
-literal 0
-HcmV?d00001
-
-diff --git a/tests/fuzz/corpuses/dtlsclient b/tests/fuzz/corpuses/dtlsclient
-new file mode 100644
-index 0000000000000000000000000000000000000000..87c3ca333a37338f74a136fb4af241f0bbe2f6da
-GIT binary patch
-literal 4058
-zcmeH~cT^ME7sqFk&=Zg%p?8HKWfFSFMWic+77;;0i3k!Pr~w3NiY(Ovh=9^Xlm%%<
-zS1}06A{{|GB7%S*F1TQ$Y_PKXbB}wD`{yrbPG;_#ckj%3_kQMnAOFfS@cE|<2LS0$
-zhV;s^gyVd+z0b}3R(Z@-yYnW_!yT-27-CC9du>3RYt+2AHUAf15O9M5fCB)2@OD^P
-z_QavCV+nbVoAxrH2~*BpSIS%NXH?p9b4CVkmDC%Ik?@<+&)NE9iKGvPr9B_?PEFEu
-zlAkHld5<gAwVe?daH2y1z_kjlMMN`#asV(8`1(8;@-7E}tOghl1=h~U3IMJHMZz_p
-zNSJsw90tM|2ZUl~lRsg4;x!5cnV0}b2g?DmF~jW;%)GE2mRN3xYt3NiWwj>zxCYqR
-zSYibs^x6=dcf;o)30n_JpoGy@NDPg_Vj&zBhgDToh14C<DBOAzQvGgl9%#eI;A}o*
-zH&>tiWJ(|u2}-ShOOOeGM}k}cW1Jlp34%baRo>7<i)aU;$1H%BewC9trmbt<rp?RW
-z?l{(x2b{b#E9RYg316A~QZXP{U*`N$wdz%wg(D-I-QzRM<U(`$pT|FI6iL0cQj5S>
-zsCVVPdvfh?Z*r|`r6*oJce73Ll|W~fP{GIn`CjqtK9q=}ndj?0n<(2SIey;hg{%US
-zpY%s=@C^OMc1xT`(5akJ*SZ!%GuGMt$ho)^o!jrU(~7y_V#n-@gv7Q9aB&@v>yO*!
-zJSuRXsNCS0@NRE!=quS+40tb@(?E6(`pum4<)h(-23hY0CcWT#nC^K|eXdE>b9<U7
-z7WmX&?p%fNlU`bm54p;QcPn!@ynfCDLTNBKqXP1*Ad3%)6Xiv~AOI3&ETbqVf*-+G
-zz%=Pj8+^Qv%bLe(Uy*yMRh-coNPO+KG(rI459h0N94n|8?!+(N=q^m*n%2M7u)Ml{
-z!5L-2Sa1-?BspOS*+IgWZi^HN%?Jj}`*6OYsJD)zEqFkm*=yYv{VNpmk<_s}m_DMS
-ztY8tc*8$_V>ks=|d2){2z4BQ@8=`6V)W)V)C@uoz1rc3Sl5TNWsU&u+ThUW*`bDs*
-z(6vNDth<s5mFl{Cm$-k!20FZ3iyngR5%IfcNUC8PB7(OTR%(~U8>!}l=&4C%%aZ2W
-zK)>Y6%JGHKNG?OGYX456u7Wq#e55#}fBA^qv+5q|OqN%-a6y}2TuZ)_ZQN;NKJonq
-zveY)GZsk$g#X>8`*m{(?*2B{icT^pDADgn%-*L*r-1CARG%m&S7xLd~6+U-Y&DSN@
-zMA!s?$1&)MVbDYVL=W({W%@7af&NMl<oIL3zXuWhvBnbm*OAmLgA>E4xX^6{{Mjv%
-zbLm|(&zp`45LnL^%w*h)dn_cDu9+Sq7D7+ZdaSwEkIM4!Lf@Im8v(oSwdO(i%kvY4
-zetb>aasxQ-jvKz!A1~yrcspb6MyFwbz)T07q5?#+|J?1UK7&UEqq_1*FJ<@D-M`p$
-zb7o)Y^=Hwznw{?no2B4;x+=ThFFZ|E@}rL_-Ck0f9o=e2S5*p?3Giw%xyEN06-xT!
-z#3J^}Tu^>_l@ia}X!P$yvaCKY;hHT<@;pT&2Wlgq9$cJSx;mgF*AWJ@kj~yXuj%2=
-z_8jS(D2&eb|E(gU@yb-)d|OOvQaB8EA)P?Z?fwW+L<$sf8bYqY!HZym;2^lVj-+pb
-z;`WgwC&=;JB;^?7>-|vbBEi3x*#{bF%eK9MZF1bEGTEV&mfY9TETS>7=JizWUY4pJ
-zDeFYjX<{%gw#LoGX0^IzPAT4&o^FtRLqj^i1+{&5Qm;u%n&m|nBoC2ITV_nXZ%UzG
-zvz>CtwWro+b6mzq_aNy-ythhEpp>rVKvjZ#s{)F3HxnCEq1MF;lJIEM_>&}?Mbepu
-zx8%dy2t1S8U1<|jbp4{>0KFI+@o|Od=!x?ej(PTpXDslVmRa$2442FFQ9~EhnhAm(
-zo#`*FC~w4LyByo`t!xX|w(mLsB<eJi-9RAyMOGo}z80K7J7t96-#6ZA)05EtU}~>C
-zJ8G}pjHET1{~5D+i}Ud7kty5n(8%%6y$t!ky$t#7UZw%5F?yD|ng)bjqjAkt`(*x8
-zO8;H(|I_&IY5dyB{&W8RRkGIj`|B5Bon&H^*#{a$N*lx~`*1<sxHRWS^7=L5ip9=P
-zN9$dcXmzs*55)$#eblQDOOzIt@LW0A5=Cq#9-q+>;#lTmAC?ZWzG^pkH;Lyqv=>p6
-zoG%}%mvQag(=4}*q8YZD4?HJr4)}KzE(<FR&u4jiImx@o;Dhfxa8P^8Tq~TdU1iZ8
-za67$`)EzYyKOQ8xqax9HT3wTtPd;A8(`mDbcU#A5x$a1(jh?}6{SerxKiK__c2u*K
-z^Rwvs&!3z2paMrRn-z<F-$pH>a%dCrVwo8cV|ys+#`sNBivkx9qKvK8>~*vS5Iahv
-z4(y3Fcym+SZLm_Ito~h=oWxIQQg@Z3-@RUJ#+m{!dq!WxGc;Mx$KJ>W)EbS35sjKB
-zA$Dd~hQe&sL%?B>{&y9i2qeV#qB7(q?+1BFq4<21m&Qh)6{ZTLg;T|<scNZeu2H#W
-z;y#%_9RDywf3kddTNud9v?T%oNWqB!qOO07>Q)Vca*X}TQtVBPk;RS?-#ShQ8x<`=
-z7rydTiWZ0TV;8gx(R4{D1=Fga7<2a|KD_kNfh&?jw1*<T1lohia<9Z!TT3u?l`e-a
-znUK2$F?L?(ZFD3mJ^A;kh~-6OLlIf)T20nL2^llcU`rFVO7K>gOyj_N^`nsQ$5umv
-zJi__DH6iDxe8V4Ifyi}<`)k#&OC#J1fIMMXpstcgv6o8$La98PJN-ih-~4<||MZH=
-zg|VQ{mEh|!fx260Jzi%y@<>N$6*V2|IEKqIDf6r}iEe+>LS-Xx|7kOpRUtF3|MDSe
-zWt!Z?d?uf^A?Q?!EN=@u23=$|Dv|iQoq>btNB~R#82c}PafSne#}QyIzvg&*gpZ<b
-zN6S@XOc{>Y?z2OC<VKGrCZ(h)z7s5uSDA}bIin=uUQ)mpg6u#^HO6{mF5U1mv^NN-
-zF%d8alU{Xfb-6yR?k&;7%1N%+nZEH7Uql*g-ng=I>}lrfz~-I%7h;?HH9Qr(Ce0p%
-z3B>1^CB4`g6lf-gcar>7?YCFV3~3xw<nudA;!(+;#=&~S%a6x9Pu@6)(#Bf{O}%q2
-zo0}~(t)GpqZY^6e_=PC#Wwk2I+y3a3GtYqm_5BGLREbcyGV=@L%hZj08*Vx8+#TK@
-zl<%3zg(cio;%^oSBegEj$b&4Ufz@_TJv>k@cLp32i*v}n@bfjlI#|nl_X_j>GIZjs
-zL8y3#t=^&JqLtxeHZwpeM*GeI*70XMOyN%1bgjL<EjrMllq7}BRm)tD`4A=cO-qY=
-zA`9)BYJ!V&4GuUQ7p<Wk3L7xLX{rCpUT-LfYRFk|hTF_Sq~ZdTlb>&J59Q9r;pzKr
-z+tFE@3vcUOL_|cLtxR}caLOCda^CedO9%kTxt1Wr+8+S$ecAmo0U)?G?c?qj0HDuT
-z&id`LQeE9i24*F2(or_*bb*l=?CqOIPo8kfl`;WYrX043LSQ8p{lyssBtJQWzgvJC
-zhKOEO_gDrr)8x+554UKhgz`QyZrJ!`HVhE@G#l1lH6pcBTeNsq{uxgX9PgCc`zK~=
-B`4|8I
-
-literal 0
-HcmV?d00001
-
-diff --git a/tests/fuzz/corpuses/dtlsserver b/tests/fuzz/corpuses/dtlsserver
-new file mode 100644
-index 0000000000000000000000000000000000000000..7a7a117900781be46a5b985b275d625ef98b8c96
-GIT binary patch
-literal 1189
-zcmeHGYfQ~y9Dd&OKed!oraGZql5k2FMY=IQC>?!Zlr0-G3@h3y2VpKLUDct`kxFiL
-zI@MfO(=3nsd|;W|T-LITvM_BKnvOSJKKta8=gaT;-S+<8-}AoOek+C`jthv~K}Y2F
-z|JrnKOX_l~zFYUOxwfaTBWlmBmEYYvKNJ`e{MQFpJTL*mma`a$3f8fL(>N1}w5JQg
-z*ub+q%slR8DtF)xvgykJl+(g;dT|CeaTJ{q%z9Qai@Dsx6dKTi#kAvCXi>|H48;|O
-zz(^xc@dRsO<^|5fWzIzri+G$SnmGrBIL*_TkGTw@51r`G>9pY)?gnv)1>D6PZbuo*
-z5QzZJrjCyEqc_#8WICF$i22;fY^K4U8Y-wm6H0iDrLdq8#XQQBIEEUYM*|92$P(6|
-zn&(iDd>&yjtC0t*021Wh95EUgm6W`GUDD>{)HG=1O<ZghTVbQv2(_XXilPXWq7tyj
-zIGGy{4{6=uCiw)o!UfJ43kS#o8G(!gUXqSTBt)Z>$PAg6%QydpL{k!aD&v!y&pq<d
-zS>jC5YuX;$QKk01-+D78Z(T-D;xh4H!ha&+uK~#<R5&^Y$dYydS($1PAMNDV`6ax`
-z(fjq?Z!C`W?)rFpyjM_LerEp<-wl^yHCJ2o-9~Hh;};RRH!frw?2OM%k*!g2i4N(V
-zm!~|hdI;@K$Db(&3v>s{3VYWqz0{Yv%U$#2?KR;OS5)KIu)%fV2}8-ZCHmf{)6Q&l
-z`Wj@ezdduJ@=~YnePn8R7weHT)un%UJOx5%rT6EB$pHh0nOm69Ps&R#Ee{{vl#uQa
-z6*IZLyl+*;oW>RLapA2+_O`~3lWiL}zj7OC7VsQu7N0X?t_LSahlF-py54Bl1}u2i
-nv9Hu>xftj=Qmv9dVDL~?`zO!puqtOwgrV+z*#6Zm+cJIwp9Z@o
-
-literal 0
-HcmV?d00001
-
-diff --git a/tests/fuzz/corpuses/server b/tests/fuzz/corpuses/server
-new file mode 100644
-index 0000000000000000000000000000000000000000..fbeb019f200a63d8f40815551f07375c0265c4e6
-GIT binary patch
-literal 675
-zcmXYsSxD4z6ot>v|0wF@SUPGhQKaUUySADrl!Z=#p*;u%p=F^VsJTZNxsH>2mbq6h
-z<AxeaKG-2EC{T+^v!IlM)C4h7Dk1w9-j{ng_j~xRwIqa2Kom(*{IiQGk?Y}$Zezop
-z-`75e<vfo1X+QT>mlop{>)-gi7Q%?T>4Qdgvyo18MFLH!#(wtlE(@sT6{av9Pf$n?
-zdZU3|Y@j1u5Kj|Y!k;~CVLpqQ!(^sm1V?C03s|F*ZQO?e?m;=rd51OZgr2S3i+%>8
-zjAgvZTIv~qQq;2^hY(0Vy3?Fq+(kn+GaJNp>X^wQUPc}35Cm`f(v2#5(wPc2F$=>8
-zWeGD_$W)lpj1syrglbmuHo7o~Dpv3oD$&9F=!K4@tY!z=c@I4(;SE-?9a^jlAO?U6
-zn*fu<q}a2G7m`v^VJ3f~Hj<2lp=2l&l0rz5Bn%`20aI+1Z?<rdw>@m+YzHf-VF?Q;
-zAp>#)xd$BOC`l;Z4CLo2#Hpj^o^wkFhE&cUp02V=<2=7GYU}9tu_W)$FORrBjoE{d
-z@Wt|V|5sB7iyyTXrWuz{)&{){i%w8x&Gqk?Y#D=fhU$0nHJw{-UFpi1h`zPFOnbA}
-zvk!%PbXkXIZ=6*~O<MKpvGA2QPR*Chm;LlTqpsVeX*b2nc<sm+jYH8+wX7q=KPgw)
-z@BgqX<HSU$SJ8Xr&Gg=7pWy&br#cAjaMZ+Azu-^Dl{PZ$zQKw%U#}^{fuV}rrMKS(
-zw=8JGevC&3t7_iO&qg@t(_b{XY`2neyA9mHryzUgu(RfL^U3ow^&#g>#{2OX(K-Ys
-
-literal 0
-HcmV?d00001
-
-diff --git a/tests/fuzz/fuzz_client.c b/tests/fuzz/fuzz_client.c
-new file mode 100644
-index 000000000..7860177a1
---- /dev/null
-+++ b/tests/fuzz/fuzz_client.c
-@@ -0,0 +1,227 @@
-+#include "mbedtls/ssl.h"
-+#include "mbedtls/entropy.h"
-+#include "mbedtls/ctr_drbg.h"
-+#include "mbedtls/certs.h"
-+#include <string.h>
-+#include <stdlib.h>
-+#include <stdbool.h>
-+#include <stdint.h>
-+
-+
-+static bool initialized = 0;
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+static mbedtls_x509_crt cacert;
-+#endif
-+const char *alpn_list[3];
-+
-+
-+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-+const unsigned char psk[] = {
-+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-+};
-+const char psk_id[] = "Client_identity";
-+#endif
-+
-+const char *pers = "fuzz_client";
-+
-+
-+typedef struct fuzzBufferOffset
-+{
-+ const uint8_t *Data;
-+ size_t Size;
-+ size_t Offset;
-+} fuzzBufferOffset_t;
-+
-+static int dummy_send( void *ctx, const unsigned char *buf, size_t len )
-+{
-+ //silence warning about unused parameter
-+ (void) ctx;
-+ (void) buf;
-+
-+ //pretends we wrote everything ok
-+ return( len );
-+}
-+
-+static int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
-+{
-+ //reads from the buffer from fuzzer
-+ fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
-+
-+ if (biomemfuzz->Offset == biomemfuzz->Size) {
-+ //EOF
-+ return (0);
-+ }
-+ if (len + biomemfuzz->Offset > biomemfuzz->Size) {
-+ //do not overflow
-+ len = biomemfuzz->Size - biomemfuzz->Offset;
-+ }
-+ memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
-+ biomemfuzz->Offset += len;
-+ return( len );
-+}
-+
-+static int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
-+{
-+ int ret;
-+ size_t i;
-+
-+ //use mbedtls_ctr_drbg_random to find bugs in it
-+ ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
-+ for (i=0; i<output_len; i++) {
-+ //replace result with pseudo random
-+ output[i] = (unsigned char) random();
-+ }
-+ return( ret );
-+}
-+
-+static int dummy_entropy( void *data, unsigned char *output, size_t len )
-+{
-+ size_t i;
-+
-+ //use mbedtls_entropy_func to find bugs in it
-+ //test performance impact of entropy
-+ //ret = mbedtls_entropy_func(data, output, len);
-+ for (i=0; i<len; i++) {
-+ //replace result with pseudo random
-+ output[i] = (unsigned char) random();
-+ }
-+ return( 0 );
-+}
-+
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+ int ret;
-+ size_t len;
-+ mbedtls_ssl_context ssl;
-+ mbedtls_ssl_config conf;
-+ mbedtls_ctr_drbg_context ctr_drbg;
-+ mbedtls_entropy_context entropy;
-+ unsigned char buf[4096];
-+ fuzzBufferOffset_t biomemfuzz;
-+ uint16_t options;
-+
-+ if (initialized == 0) {
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ mbedtls_x509_crt_init( &cacert );
-+ if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
-+ mbedtls_test_cas_pem_len ) != 0)
-+ return 1;
-+#endif
-+
-+ alpn_list[0] = "HTTP";
-+ alpn_list[1] = "fuzzalpn";
-+ alpn_list[2] = NULL;
-+
-+ initialized = 1;
-+ }
-+
-+ //we take 1 byte as options input
-+ if (Size < 2) {
-+ return 0;
-+ }
-+ options = (Data[Size - 2] << 8) | Data[Size - 1];
-+ //Avoid warnings if compile options imply no options
-+ (void) options;
-+
-+ mbedtls_ssl_init( &ssl );
-+ mbedtls_ssl_config_init( &conf );
-+ mbedtls_ctr_drbg_init( &ctr_drbg );
-+ mbedtls_entropy_init( &entropy );
-+
-+ if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
-+ (const unsigned char *) pers, strlen( pers ) ) != 0 )
-+ goto exit;
-+
-+ if( mbedtls_ssl_config_defaults( &conf,
-+ MBEDTLS_SSL_IS_CLIENT,
-+ MBEDTLS_SSL_TRANSPORT_STREAM,
-+ MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-+ goto exit;
-+
-+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-+ if (options & 2) {
-+ mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
-+ (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
-+ }
-+#endif
-+
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ if (options & 4) {
-+ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
-+ } else
-+#endif
-+ {
-+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
-+ }
-+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-+ mbedtls_ssl_conf_truncated_hmac( &conf, (options & 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
-+#endif
-+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-+ mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
-+#endif
-+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-+ mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED);
-+#endif
-+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-+ mbedtls_ssl_conf_cbc_record_splitting( &conf, (options & 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
-+#endif
-+#if defined(MBEDTLS_SSL_RENEGOTIATION)
-+ mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED );
-+#endif
-+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-+ mbedtls_ssl_conf_session_tickets( &conf, (options & 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED );
-+#endif
-+#if defined(MBEDTLS_SSL_ALPN)
-+ if (options & 0x200) {
-+ mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list );
-+ }
-+#endif
-+ //There may be other options to add :
-+ // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes
-+
-+ srandom(1);
-+ mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-+
-+ if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-+ goto exit;
-+
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ if ((options & 1) == 0) {
-+ if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 )
-+ goto exit;
-+ }
-+#endif
-+
-+ biomemfuzz.Data = Data;
-+ biomemfuzz.Size = Size-2;
-+ biomemfuzz.Offset = 0;
-+ mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL );
-+
-+ ret = mbedtls_ssl_handshake( &ssl );
-+ if( ret == 0 )
-+ {
-+ //keep reading data from server until the end
-+ do
-+ {
-+ len = sizeof( buf ) - 1;
-+ ret = mbedtls_ssl_read( &ssl, buf, len );
-+
-+ if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-+ continue;
-+ else if( ret <= 0 )
-+ //EOF or error
-+ break;
-+ }
-+ while( 1 );
-+ }
-+
-+exit:
-+ mbedtls_entropy_free( &entropy );
-+ mbedtls_ctr_drbg_free( &ctr_drbg );
-+ mbedtls_ssl_config_free( &conf );
-+ mbedtls_ssl_free( &ssl );
-+
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_client.options b/tests/fuzz/fuzz_client.options
-new file mode 100644
-index 000000000..4d7340f49
---- /dev/null
-+++ b/tests/fuzz/fuzz_client.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 1048575
-diff --git a/tests/fuzz/fuzz_dtlsclient.c b/tests/fuzz/fuzz_dtlsclient.c
-new file mode 100644
-index 000000000..c88b33b73
---- /dev/null
-+++ b/tests/fuzz/fuzz_dtlsclient.c
-@@ -0,0 +1,185 @@
-+#include <string.h>
-+#include <stdlib.h>
-+#include <stdbool.h>
-+#include <stdint.h>
-+#include "mbedtls/ssl.h"
-+#if defined(MBEDTLS_SSL_PROTO_DTLS)
-+#include "mbedtls/entropy.h"
-+#include "mbedtls/ctr_drbg.h"
-+#include "mbedtls/certs.h"
-+#include "mbedtls/timing.h"
-+
-+
-+static bool initialized = 0;
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+static mbedtls_x509_crt cacert;
-+#endif
-+
-+
-+const char *pers = "fuzz_dtlsclient";
-+
-+
-+typedef struct fuzzBufferOffset
-+{
-+ const uint8_t *Data;
-+ size_t Size;
-+ size_t Offset;
-+} fuzzBufferOffset_t;
-+
-+static int dummy_send( void *ctx, const unsigned char *buf, size_t len )
-+{
-+ //silence warning about unused parameter
-+ (void) ctx;
-+ (void) buf;
-+
-+ //pretends we wrote everything ok
-+ return( len );
-+}
-+
-+static int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
-+{
-+ //reads from the buffer from fuzzer
-+ fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
-+
-+ if (biomemfuzz->Offset == biomemfuzz->Size) {
-+ //EOF
-+ return (0);
-+ }
-+ if (len + biomemfuzz->Offset > biomemfuzz->Size) {
-+ //do not overflow
-+ len = biomemfuzz->Size - biomemfuzz->Offset;
-+ }
-+ memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
-+ biomemfuzz->Offset += len;
-+ return( len );
-+}
-+
-+static int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len,
-+ uint32_t timeout )
-+{
-+ (void) timeout;
-+
-+ return fuzz_recv(ctx, buf, len);
-+}
-+
-+static int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
-+{
-+ int ret;
-+ size_t i;
-+
-+ //use mbedtls_ctr_drbg_random to find bugs in it
-+ ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
-+ for (i=0; i<output_len; i++) {
-+ //replace result with pseudo random
-+ output[i] = (unsigned char) random();
-+ }
-+ return( ret );
-+}
-+
-+static int dummy_entropy( void *data, unsigned char *output, size_t len )
-+{
-+ size_t i;
-+
-+ //use mbedtls_entropy_func to find bugs in it
-+ //test performance impact of entropy
-+ //ret = mbedtls_entropy_func(data, output, len);
-+ for (i=0; i<len; i++) {
-+ //replace result with pseudo random
-+ output[i] = (unsigned char) random();
-+ }
-+ return( 0 );
-+}
-+#endif
-+
-+
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+#if defined(MBEDTLS_SSL_PROTO_DTLS)
-+ int ret;
-+ size_t len;
-+ mbedtls_ssl_context ssl;
-+ mbedtls_ssl_config conf;
-+ mbedtls_ctr_drbg_context ctr_drbg;
-+ mbedtls_entropy_context entropy;
-+ mbedtls_timing_delay_context timer;
-+ unsigned char buf[4096];
-+ fuzzBufferOffset_t biomemfuzz;
-+
-+ if (initialized == 0) {
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ mbedtls_x509_crt_init( &cacert );
-+ if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
-+ mbedtls_test_cas_pem_len ) != 0)
-+ return 1;
-+#endif
-+ initialized = 1;
-+ }
-+
-+ mbedtls_ssl_init( &ssl );
-+ mbedtls_ssl_config_init( &conf );
-+ mbedtls_ctr_drbg_init( &ctr_drbg );
-+ mbedtls_entropy_init( &entropy );
-+
-+ srandom(1);
-+ if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
-+ (const unsigned char *) pers, strlen( pers ) ) != 0 )
-+ goto exit;
-+
-+ if( mbedtls_ssl_config_defaults( &conf,
-+ MBEDTLS_SSL_IS_CLIENT,
-+ MBEDTLS_SSL_TRANSPORT_DATAGRAM,
-+ MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-+ goto exit;
-+
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-+#endif
-+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
-+ mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-+
-+ if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-+ goto exit;
-+
-+ mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
-+ mbedtls_timing_get_delay );
-+
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 )
-+ goto exit;
-+#endif
-+
-+ biomemfuzz.Data = Data;
-+ biomemfuzz.Size = Size;
-+ biomemfuzz.Offset = 0;
-+ mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
-+
-+ ret = mbedtls_ssl_handshake( &ssl );
-+ if( ret == 0 )
-+ {
-+ //keep reading data from server until the end
-+ do
-+ {
-+ len = sizeof( buf ) - 1;
-+ ret = mbedtls_ssl_read( &ssl, buf, len );
-+
-+ if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-+ continue;
-+ else if( ret <= 0 )
-+ //EOF or error
-+ break;
-+ }
-+ while( 1 );
-+ }
-+
-+exit:
-+ mbedtls_entropy_free( &entropy );
-+ mbedtls_ctr_drbg_free( &ctr_drbg );
-+ mbedtls_ssl_config_free( &conf );
-+ mbedtls_ssl_free( &ssl );
-+
-+#else
-+ (void) Data;
-+ (void) Size;
-+#endif
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_dtlsclient.options b/tests/fuzz/fuzz_dtlsclient.options
-new file mode 100644
-index 000000000..4d7340f49
---- /dev/null
-+++ b/tests/fuzz/fuzz_dtlsclient.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 1048575
-diff --git a/tests/fuzz/fuzz_dtlsserver.c b/tests/fuzz/fuzz_dtlsserver.c
-new file mode 100644
-index 000000000..6e59a85a7
---- /dev/null
-+++ b/tests/fuzz/fuzz_dtlsserver.c
-@@ -0,0 +1,209 @@
-+#include <string.h>
-+#include <stdlib.h>
-+#include <stdbool.h>
-+#include <stdint.h>
-+#include "mbedtls/ssl.h"
-+#if defined(MBEDTLS_SSL_PROTO_DTLS)
-+#include "mbedtls/entropy.h"
-+#include "mbedtls/ctr_drbg.h"
-+#include "mbedtls/certs.h"
-+#include "mbedtls/timing.h"
-+#include "mbedtls/ssl_cookie.h"
-+
-+
-+const char *pers = "fuzz_dtlsserver";
-+const unsigned char client_ip[4] = {0x7F, 0, 0, 1};
-+static bool initialized = 0;
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+static mbedtls_x509_crt srvcert;
-+static mbedtls_pk_context pkey;
-+#endif
-+
-+typedef struct fuzzBufferOffset
-+{
-+ const uint8_t *Data;
-+ size_t Size;
-+ size_t Offset;
-+} fuzzBufferOffset_t;
-+
-+
-+static int dummy_send( void *ctx, const unsigned char *buf, size_t len )
-+{
-+ //silence warning about unused parameter
-+ (void) ctx;
-+ (void) buf;
-+
-+ //pretends we wrote everything ok
-+ return( len );
-+}
-+
-+static int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
-+{
-+ //reads from the buffer from fuzzer
-+ fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
-+
-+ if (biomemfuzz->Offset == biomemfuzz->Size) {
-+ //EOF
-+ return (0);
-+ }
-+ if (len + biomemfuzz->Offset > biomemfuzz->Size) {
-+ //do not overflow
-+ len = biomemfuzz->Size - biomemfuzz->Offset;
-+ }
-+ memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
-+ biomemfuzz->Offset += len;
-+ return( len );
-+}
-+
-+static int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len,
-+ uint32_t timeout )
-+{
-+ (void) timeout;
-+
-+ return fuzz_recv(ctx, buf, len);
-+}
-+
-+static int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
-+{
-+ int ret;
-+ size_t i;
-+
-+ //use mbedtls_ctr_drbg_random to find bugs in it
-+ ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
-+ for (i=0; i<output_len; i++) {
-+ //replace result with pseudo random
-+ output[i] = (unsigned char) random();
-+ }
-+ return( ret );
-+}
-+
-+static int dummy_entropy( void *data, unsigned char *output, size_t len )
-+{
-+ size_t i;
-+
-+ //use mbedtls_entropy_func to find bugs in it
-+ //test performance impact of entropy
-+ //ret = mbedtls_entropy_func(data, output, len);
-+ for (i=0; i<len; i++) {
-+ //replace result with pseudo random
-+ output[i] = (unsigned char) random();
-+ }
-+ return( 0 );
-+}
-+#endif
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+#if defined(MBEDTLS_SSL_PROTO_DTLS)
-+ int ret;
-+ size_t len;
-+ mbedtls_ssl_context ssl;
-+ mbedtls_ssl_config conf;
-+ mbedtls_ctr_drbg_context ctr_drbg;
-+ mbedtls_entropy_context entropy;
-+ mbedtls_timing_delay_context timer;
-+ mbedtls_ssl_cookie_ctx cookie_ctx;
-+ unsigned char buf[4096];
-+ fuzzBufferOffset_t biomemfuzz;
-+
-+ if (initialized == 0) {
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ mbedtls_x509_crt_init( &srvcert );
-+ mbedtls_pk_init( &pkey );
-+ if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
-+ mbedtls_test_srv_crt_len ) != 0)
-+ return 1;
-+ if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
-+ mbedtls_test_cas_pem_len ) != 0)
-+ return 1;
-+ if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-+ mbedtls_test_srv_key_len, NULL, 0 ) != 0)
-+ return 1;
-+#endif
-+ initialized = 1;
-+ }
-+ mbedtls_ssl_init( &ssl );
-+ mbedtls_ssl_config_init( &conf );
-+ mbedtls_ctr_drbg_init( &ctr_drbg );
-+ mbedtls_entropy_init( &entropy );
-+ mbedtls_ssl_cookie_init( &cookie_ctx );
-+
-+ if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
-+ (const unsigned char *) pers, strlen( pers ) ) != 0 )
-+ goto exit;
-+
-+
-+ if( mbedtls_ssl_config_defaults( &conf,
-+ MBEDTLS_SSL_IS_SERVER,
-+ MBEDTLS_SSL_TRANSPORT_DATAGRAM,
-+ MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-+ goto exit;
-+
-+
-+ srandom(1);
-+ mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-+
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-+ if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 )
-+ goto exit;
-+#endif
-+
-+ if( mbedtls_ssl_cookie_setup( &cookie_ctx, dummy_random, &ctr_drbg ) != 0 )
-+ goto exit;
-+
-+ mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx );
-+
-+ if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-+ goto exit;
-+
-+ mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
-+ mbedtls_timing_get_delay );
-+
-+ biomemfuzz.Data = Data;
-+ biomemfuzz.Size = Size;
-+ biomemfuzz.Offset = 0;
-+ mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
-+ if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 )
-+ goto exit;
-+
-+ ret = mbedtls_ssl_handshake( &ssl );
-+
-+ if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
-+ biomemfuzz.Offset = ssl.next_record_offset;
-+ mbedtls_ssl_session_reset( &ssl );
-+ mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
-+ if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 )
-+ goto exit;
-+
-+ ret = mbedtls_ssl_handshake( &ssl );
-+
-+ if( ret == 0 )
-+ {
-+ //keep reading data from server until the end
-+ do
-+ {
-+ len = sizeof( buf ) - 1;
-+ ret = mbedtls_ssl_read( &ssl, buf, len );
-+ if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-+ continue;
-+ else if( ret <= 0 )
-+ //EOF or error
-+ break;
-+ }
-+ while( 1 );
-+ }
-+ }
-+
-+exit:
-+ mbedtls_ssl_cookie_free( &cookie_ctx );
-+ mbedtls_entropy_free( &entropy );
-+ mbedtls_ctr_drbg_free( &ctr_drbg );
-+ mbedtls_ssl_config_free( &conf );
-+ mbedtls_ssl_free( &ssl );
-+
-+#else
-+ (void) Data;
-+ (void) Size;
-+#endif
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_dtlsserver.options b/tests/fuzz/fuzz_dtlsserver.options
-new file mode 100644
-index 000000000..4d7340f49
---- /dev/null
-+++ b/tests/fuzz/fuzz_dtlsserver.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 1048575
-diff --git a/tests/fuzz/fuzz_privkey.c b/tests/fuzz/fuzz_privkey.c
-new file mode 100644
-index 000000000..533a647dc
---- /dev/null
-+++ b/tests/fuzz/fuzz_privkey.c
-@@ -0,0 +1,64 @@
-+#include <stdint.h>
-+#include "mbedtls/pk.h"
-+
-+//4 Kb should be enough for every bug ;-)
-+#define MAX_LEN 0x1000
-+
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+#ifdef MBEDTLS_PK_PARSE_C
-+ int ret;
-+ mbedtls_pk_context pk;
-+
-+ if (Size > MAX_LEN) {
-+ //only work on small inputs
-+ Size = MAX_LEN;
-+ }
-+
-+ mbedtls_pk_init( &pk );
-+ ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 );
-+ if (ret == 0) {
-+#if defined(MBEDTLS_RSA_C)
-+ if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
-+ {
-+ mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-+ mbedtls_rsa_context *rsa;
-+
-+ mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-+ mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-+ mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-+
-+ rsa = mbedtls_pk_rsa( pk );
-+ mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E );
-+ mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP );
-+
-+ mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-+ mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-+ mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-+ }
-+ else
-+#endif
-+#if defined(MBEDTLS_ECP_C)
-+ if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
-+ {
-+ mbedtls_ecp_keypair *ecp;
-+
-+ ecp = mbedtls_pk_ec( pk );
-+ if (ecp) {
-+ ret = 0;
-+ }
-+ }
-+ else
-+#endif
-+ {
-+ ret = 0;
-+ }
-+ }
-+ mbedtls_pk_free( &pk );
-+#else
-+ (void) Data;
-+ (void) Size;
-+#endif //MBEDTLS_PK_PARSE_C
-+
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_privkey.options b/tests/fuzz/fuzz_privkey.options
-new file mode 100644
-index 000000000..0824b19fa
---- /dev/null
-+++ b/tests/fuzz/fuzz_privkey.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 65535
-diff --git a/tests/fuzz/fuzz_pubkey.c b/tests/fuzz/fuzz_pubkey.c
-new file mode 100644
-index 000000000..df42f7d53
---- /dev/null
-+++ b/tests/fuzz/fuzz_pubkey.c
-@@ -0,0 +1,57 @@
-+#include <stdint.h>
-+#include "mbedtls/pk.h"
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+#ifdef MBEDTLS_PK_PARSE_C
-+ int ret;
-+ mbedtls_pk_context pk;
-+
-+ mbedtls_pk_init( &pk );
-+ ret = mbedtls_pk_parse_public_key( &pk, Data, Size );
-+ if (ret == 0) {
-+#if defined(MBEDTLS_RSA_C)
-+ if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
-+ {
-+ mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-+ mbedtls_rsa_context *rsa;
-+
-+ mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-+ mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-+ mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-+
-+ rsa = mbedtls_pk_rsa( pk );
-+ ret = mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E );
-+ ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP );
-+
-+ mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-+ mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-+ mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-+
-+ }
-+ else
-+#endif
-+#if defined(MBEDTLS_ECP_C)
-+ if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
-+ {
-+ mbedtls_ecp_keypair *ecp;
-+
-+ ecp = mbedtls_pk_ec( pk );
-+ //dummy use of value
-+ if (ecp) {
-+ ret = 0;
-+ }
-+ }
-+ else
-+#endif
-+ {
-+ ret = 0;
-+ }
-+ }
-+ mbedtls_pk_free( &pk );
-+#else
-+ (void) Data;
-+ (void) Size;
-+#endif //MBEDTLS_PK_PARSE_C
-+
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_pubkey.options b/tests/fuzz/fuzz_pubkey.options
-new file mode 100644
-index 000000000..0824b19fa
---- /dev/null
-+++ b/tests/fuzz/fuzz_pubkey.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 65535
-diff --git a/tests/fuzz/fuzz_server.c b/tests/fuzz/fuzz_server.c
-new file mode 100644
-index 000000000..770a38633
---- /dev/null
-+++ b/tests/fuzz/fuzz_server.c
-@@ -0,0 +1,240 @@
-+#include "mbedtls/ssl.h"
-+#include "mbedtls/entropy.h"
-+#include "mbedtls/ctr_drbg.h"
-+#include "mbedtls/certs.h"
-+#include "mbedtls/ssl_ticket.h"
-+#include <string.h>
-+#include <stdlib.h>
-+#include <stdbool.h>
-+#include <stdint.h>
-+
-+
-+const char *pers = "fuzz_server";
-+static bool initialized = 0;
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+static mbedtls_x509_crt srvcert;
-+static mbedtls_pk_context pkey;
-+#endif
-+const char *alpn_list[3];
-+
-+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-+const unsigned char psk[] = {
-+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-+};
-+const char psk_id[] = "Client_identity";
-+#endif
-+
-+
-+typedef struct fuzzBufferOffset
-+{
-+ const uint8_t *Data;
-+ size_t Size;
-+ size_t Offset;
-+} fuzzBufferOffset_t;
-+
-+
-+static int dummy_send( void *ctx, const unsigned char *buf, size_t len )
-+{
-+ //silence warning about unused parameter
-+ (void) ctx;
-+ (void) buf;
-+
-+ //pretends we wrote everything ok
-+ return( len );
-+}
-+
-+static int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
-+{
-+ //reads from the buffer from fuzzer
-+ fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
-+
-+ if (biomemfuzz->Offset == biomemfuzz->Size) {
-+ //EOF
-+ return (0);
-+ }
-+ if (len + biomemfuzz->Offset > biomemfuzz->Size) {
-+ //do not overflow
-+ len = biomemfuzz->Size - biomemfuzz->Offset;
-+ }
-+ memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
-+ biomemfuzz->Offset += len;
-+ return( len );
-+}
-+
-+static int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
-+{
-+ int ret;
-+ size_t i;
-+
-+ //use mbedtls_ctr_drbg_random to find bugs in it
-+ ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
-+ for (i=0; i<output_len; i++) {
-+ //replace result with pseudo random
-+ output[i] = (unsigned char) random();
-+ }
-+ return( ret );
-+}
-+
-+static int dummy_entropy( void *data, unsigned char *output, size_t len )
-+{
-+ size_t i;
-+
-+ //use mbedtls_entropy_func to find bugs in it
-+ //test performance impact of entropy
-+ //ret = mbedtls_entropy_func(data, output, len);
-+ for (i=0; i<len; i++) {
-+ //replace result with pseudo random
-+ output[i] = (unsigned char) random();
-+ }
-+ return( 0 );
-+}
-+
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+ int ret;
-+ size_t len;
-+ mbedtls_ssl_context ssl;
-+ mbedtls_ssl_config conf;
-+ mbedtls_ctr_drbg_context ctr_drbg;
-+ mbedtls_entropy_context entropy;
-+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-+ mbedtls_ssl_ticket_context ticket_ctx;
-+#endif
-+ unsigned char buf[4096];
-+ fuzzBufferOffset_t biomemfuzz;
-+ uint8_t options;
-+
-+ //we take 1 byte as options input
-+ if (Size < 1) {
-+ return 0;
-+ }
-+ options = Data[Size - 1];
-+
-+ if (initialized == 0) {
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ mbedtls_x509_crt_init( &srvcert );
-+ mbedtls_pk_init( &pkey );
-+ if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
-+ mbedtls_test_srv_crt_len ) != 0)
-+ return 1;
-+ if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
-+ mbedtls_test_cas_pem_len ) != 0)
-+ return 1;
-+ if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-+ mbedtls_test_srv_key_len, NULL, 0 ) != 0)
-+ return 1;
-+#endif
-+
-+ alpn_list[0] = "HTTP";
-+ alpn_list[1] = "fuzzalpn";
-+ alpn_list[2] = NULL;
-+
-+ initialized = 1;
-+ }
-+ mbedtls_ssl_init( &ssl );
-+ mbedtls_ssl_config_init( &conf );
-+ mbedtls_ctr_drbg_init( &ctr_drbg );
-+ mbedtls_entropy_init( &entropy );
-+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-+ mbedtls_ssl_ticket_init( &ticket_ctx );
-+#endif
-+
-+ if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
-+ (const unsigned char *) pers, strlen( pers ) ) != 0 )
-+ goto exit;
-+
-+
-+ if( mbedtls_ssl_config_defaults( &conf,
-+ MBEDTLS_SSL_IS_SERVER,
-+ MBEDTLS_SSL_TRANSPORT_STREAM,
-+ MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-+ goto exit;
-+
-+ srandom(1);
-+ mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-+
-+#if defined(MBEDTLS_X509_CRT_PARSE_C)
-+ mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-+ if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 )
-+ goto exit;
-+#endif
-+
-+ mbedtls_ssl_conf_cert_req_ca_list( &conf, (options & 0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED );
-+#if defined(MBEDTLS_SSL_ALPN)
-+ if (options & 0x2) {
-+ mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list );
-+ }
-+#endif
-+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-+ if( options & 0x4 )
-+ {
-+ if( mbedtls_ssl_ticket_setup( &ticket_ctx,
-+ dummy_random, &ctr_drbg,
-+ MBEDTLS_CIPHER_AES_256_GCM,
-+ 86400 ) != 0 )
-+ goto exit;
-+
-+ mbedtls_ssl_conf_session_tickets_cb( &conf,
-+ mbedtls_ssl_ticket_write,
-+ mbedtls_ssl_ticket_parse,
-+ &ticket_ctx );
-+ }
-+#endif
-+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-+ mbedtls_ssl_conf_truncated_hmac( &conf, (options & 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
-+#endif
-+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-+ mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
-+#endif
-+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-+ mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED);
-+#endif
-+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-+ if (options & 0x40) {
-+ mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
-+ (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
-+ }
-+#endif
-+#if defined(MBEDTLS_SSL_RENEGOTIATION)
-+ mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED );
-+#endif
-+
-+ if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-+ goto exit;
-+
-+ biomemfuzz.Data = Data;
-+ biomemfuzz.Size = Size-1;
-+ biomemfuzz.Offset = 0;
-+ mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL );
-+
-+ mbedtls_ssl_session_reset( &ssl );
-+ ret = mbedtls_ssl_handshake( &ssl );
-+ if( ret == 0 )
-+ {
-+ //keep reading data from server until the end
-+ do
-+ {
-+ len = sizeof( buf ) - 1;
-+ ret = mbedtls_ssl_read( &ssl, buf, len );
-+
-+ if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-+ continue;
-+ else if( ret <= 0 )
-+ //EOF or error
-+ break;
-+ }
-+ while( 1 );
-+ }
-+
-+exit:
-+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-+ mbedtls_ssl_ticket_free( &ticket_ctx );
-+#endif
-+ mbedtls_entropy_free( &entropy );
-+ mbedtls_ctr_drbg_free( &ctr_drbg );
-+ mbedtls_ssl_config_free( &conf );
-+ mbedtls_ssl_free( &ssl );
-+
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_server.options b/tests/fuzz/fuzz_server.options
-new file mode 100644
-index 000000000..4d7340f49
---- /dev/null
-+++ b/tests/fuzz/fuzz_server.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 1048575
-diff --git a/tests/fuzz/fuzz_x509crl.c b/tests/fuzz/fuzz_x509crl.c
-new file mode 100644
-index 000000000..02f521cc8
---- /dev/null
-+++ b/tests/fuzz/fuzz_x509crl.c
-@@ -0,0 +1,22 @@
-+#include <stdint.h>
-+#include "mbedtls/x509_crl.h"
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+#ifdef MBEDTLS_X509_CRL_PARSE_C
-+ int ret;
-+ mbedtls_x509_crl crl;
-+ unsigned char buf[4096];
-+
-+ mbedtls_x509_crl_init( &crl );
-+ ret = mbedtls_x509_crl_parse( &crl, Data, Size );
-+ if (ret == 0) {
-+ ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
-+ }
-+ mbedtls_x509_crl_free( &crl );
-+#else
-+ (void) Data;
-+ (void) Size;
-+#endif
-+
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_x509crl.options b/tests/fuzz/fuzz_x509crl.options
-new file mode 100644
-index 000000000..0824b19fa
---- /dev/null
-+++ b/tests/fuzz/fuzz_x509crl.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 65535
-diff --git a/tests/fuzz/fuzz_x509crt.c b/tests/fuzz/fuzz_x509crt.c
-new file mode 100644
-index 000000000..8f593a141
---- /dev/null
-+++ b/tests/fuzz/fuzz_x509crt.c
-@@ -0,0 +1,22 @@
-+#include <stdint.h>
-+#include "mbedtls/x509_crt.h"
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+#ifdef MBEDTLS_X509_CRT_PARSE_C
-+ int ret;
-+ mbedtls_x509_crt crt;
-+ unsigned char buf[4096];
-+
-+ mbedtls_x509_crt_init( &crt );
-+ ret = mbedtls_x509_crt_parse( &crt, Data, Size );
-+ if (ret == 0) {
-+ ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", &crt );
-+ }
-+ mbedtls_x509_crt_free( &crt );
-+#else
-+ (void) Data;
-+ (void) Size;
-+#endif
-+
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_x509crt.options b/tests/fuzz/fuzz_x509crt.options
-new file mode 100644
-index 000000000..0824b19fa
---- /dev/null
-+++ b/tests/fuzz/fuzz_x509crt.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 65535
-diff --git a/tests/fuzz/fuzz_x509csr.c b/tests/fuzz/fuzz_x509csr.c
-new file mode 100644
-index 000000000..3cf28a6fa
---- /dev/null
-+++ b/tests/fuzz/fuzz_x509csr.c
-@@ -0,0 +1,22 @@
-+#include <stdint.h>
-+#include "mbedtls/x509_csr.h"
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-+#ifdef MBEDTLS_X509_CSR_PARSE_C
-+ int ret;
-+ mbedtls_x509_csr csr;
-+ unsigned char buf[4096];
-+
-+ mbedtls_x509_csr_init( &csr );
-+ ret = mbedtls_x509_csr_parse( &csr, Data, Size );
-+ if (ret == 0) {
-+ ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
-+ }
-+ mbedtls_x509_csr_free( &csr );
-+#else
-+ (void) Data;
-+ (void) Size;
-+#endif
-+
-+ return 0;
-+}
-diff --git a/tests/fuzz/fuzz_x509csr.options b/tests/fuzz/fuzz_x509csr.options
-new file mode 100644
-index 000000000..0824b19fa
---- /dev/null
-+++ b/tests/fuzz/fuzz_x509csr.options
-@@ -0,0 +1,2 @@
-+[libfuzzer]
-+max_len = 65535
-diff --git a/tests/fuzz/onefile.c b/tests/fuzz/onefile.c
-new file mode 100644
-index 000000000..caf3ca565
---- /dev/null
-+++ b/tests/fuzz/onefile.c
-@@ -0,0 +1,50 @@
-+#include <stdint.h>
-+#include <unistd.h>
-+#include <stdlib.h>
-+#include <stdio.h>
-+
-+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
-+
-+int main(int argc, char** argv)
-+{
-+ FILE * fp;
-+ uint8_t *Data;
-+ size_t Size;
-+
-+ if (argc != 2) {
-+ return 1;
-+ }
-+ //opens the file, get its size, and reads it into a buffer
-+ fp = fopen(argv[1], "rb");
-+ if (fp == NULL) {
-+ return 2;
-+ }
-+ if (fseek(fp, 0L, SEEK_END) != 0) {
-+ fclose(fp);
-+ return 2;
-+ }
-+ Size = ftell(fp);
-+ if (Size == (size_t) -1) {
-+ fclose(fp);
-+ return 2;
-+ }
-+ if (fseek(fp, 0L, SEEK_SET) != 0) {
-+ fclose(fp);
-+ return 2;
-+ }
-+ Data = malloc(Size);
-+ if (Data == NULL) {
-+ fclose(fp);
-+ return 2;
-+ }
-+ if (fread(Data, Size, 1, fp) != 1) {
-+ fclose(fp);
-+ return 2;
-+ }
-+
-+ //lauch fuzzer
-+ LLVMFuzzerTestOneInput(Data, Size);
-+ fclose(fp);
-+ return 0;
-+}
-+
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-17 08:12:48 +0000