aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2017-08-29 07:01:53 -0400
committerJack Lloyd <[email protected]>2017-08-29 07:01:53 -0400
commit922d3dcb678fa9ff9a54b9a920e530fe753da384 (patch)
tree3b7bbdc56376fd01a16c181895dd7c231a288d82
parentd3cc9179a72cebddf2057256ab8a4d421b202b21 (diff)
parent4a64e42c3985ae7d460cf52d3e38a13b6b562572 (diff)
Merge GH #1158 Add build mode for fuzzer tests
-rw-r--r--.travis.yml12
-rwxr-xr-xconfigure.py109
-rw-r--r--src/build-data/buildh.in1
-rw-r--r--src/build-data/makefile/gmake.in2
-rw-r--r--src/build-data/makefile/gmake_fuzzers.in18
-rw-r--r--src/extra_tests/fuzzers/.gitignore10
-rw-r--r--src/extra_tests/fuzzers/GNUmakefile88
-rw-r--r--src/extra_tests/fuzzers/readme.txt49
-rw-r--r--src/fuzzer/asn1.cpp (renamed from src/extra_tests/fuzzers/jigs/ber_decode.cpp)13
-rw-r--r--src/fuzzer/bn_sqr.cpp (renamed from src/extra_tests/fuzzers/jigs/bn_sqr.cpp)2
-rw-r--r--src/fuzzer/cert.cpp (renamed from src/extra_tests/fuzzers/jigs/cert.cpp)8
-rw-r--r--src/fuzzer/crl.cpp (renamed from src/extra_tests/fuzzers/jigs/crl.cpp)11
-rw-r--r--src/fuzzer/divide.cpp (renamed from src/extra_tests/fuzzers/jigs/divide.cpp)10
-rw-r--r--src/fuzzer/ecc_bp256.cpp (renamed from src/extra_tests/fuzzers/jigs/ecc_bp256.cpp)4
-rw-r--r--src/fuzzer/ecc_helper.h (renamed from src/extra_tests/fuzzers/jigs/ecc_helper.h)29
-rw-r--r--src/fuzzer/ecc_p256.cpp (renamed from src/extra_tests/fuzzers/jigs/ecc_p256.cpp)4
-rw-r--r--src/fuzzer/ecc_p384.cpp (renamed from src/extra_tests/fuzzers/jigs/ecc_p384.cpp)4
-rw-r--r--src/fuzzer/ecc_p521.cpp (renamed from src/extra_tests/fuzzers/jigs/ecc_p521.cpp)4
-rw-r--r--src/fuzzer/fuzzers.h (renamed from src/extra_tests/fuzzers/jigs/driver.h)104
-rw-r--r--src/fuzzer/invert.cpp (renamed from src/extra_tests/fuzzers/jigs/invert.cpp)21
-rw-r--r--src/fuzzer/ocsp.cpp (renamed from src/extra_tests/fuzzers/jigs/ocsp.cpp)4
-rw-r--r--src/fuzzer/os2ecp.cpp (renamed from src/extra_tests/fuzzers/jigs/os2ecp.cpp)24
-rw-r--r--src/fuzzer/pkcs1.cpp (renamed from src/extra_tests/fuzzers/jigs/pkcs1.cpp)25
-rw-r--r--src/fuzzer/pkcs8.cpp (renamed from src/extra_tests/fuzzers/jigs/pkcs8.cpp)7
-rw-r--r--src/fuzzer/pow_mod.cpp (renamed from src/extra_tests/fuzzers/jigs/pow_mod.cpp)25
-rw-r--r--src/fuzzer/redc_helper.h33
-rw-r--r--src/fuzzer/redc_p192.cpp (renamed from src/extra_tests/fuzzers/jigs/redc_p192.cpp)8
-rw-r--r--src/fuzzer/redc_p224.cpp (renamed from src/extra_tests/fuzzers/jigs/redc_p224.cpp)8
-rw-r--r--src/fuzzer/redc_p256.cpp (renamed from src/extra_tests/fuzzers/jigs/redc_p256.cpp)8
-rw-r--r--src/fuzzer/redc_p384.cpp (renamed from src/extra_tests/fuzzers/jigs/redc_p384.cpp)8
-rw-r--r--src/fuzzer/redc_p521.cpp (renamed from src/extra_tests/fuzzers/jigs/redc_p521.cpp)8
-rw-r--r--src/fuzzer/ressol.cpp (renamed from src/extra_tests/fuzzers/jigs/ressol.cpp)14
-rw-r--r--src/fuzzer/tls_client.cpp (renamed from src/extra_tests/fuzzers/jigs/tls_client.cpp)24
-rw-r--r--src/fuzzer/tls_client_hello.cpp (renamed from src/extra_tests/fuzzers/jigs/tls_client_hello.cpp)3
-rw-r--r--src/fuzzer/tls_server.cpp (renamed from src/extra_tests/fuzzers/jigs/tls_server.cpp)32
-rw-r--r--src/lib/asn1/ber_dec.cpp8
-rw-r--r--src/lib/prov/openssl/openssl_rsa.cpp4
-rwxr-xr-xsrc/scripts/ci/travis/build.sh19
-rwxr-xr-xsrc/scripts/create_corpus_zip.py48
-rwxr-xr-xsrc/scripts/test_fuzzers.py130
-rw-r--r--src/tests/data/fuzz/pkcs8/ecc_overflow.pem11
-rw-r--r--src/tests/data/fuzz/x509/afl_000.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_001.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_002.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_003.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_004.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_005.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_006.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_007.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_008.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_009.pem14
-rw-r--r--src/tests/data/fuzz/x509/afl_010.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_011.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_012.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_013.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_014.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_015.pem5
-rw-r--r--src/tests/data/fuzz/x509/afl_016.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_017.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_018.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_019.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_020.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_021.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_022.pem12
-rw-r--r--src/tests/data/fuzz/x509/afl_023.pem13
-rw-r--r--src/tests/data/fuzz/x509/afl_024.pem3
-rw-r--r--src/tests/data/fuzz/x509/afl_025.pem3
-rw-r--r--src/tests/data/fuzz/x509/afl_026.pembin35 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_027.pembin10 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_028.pembin22 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_029.pembin60 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_030.pem1
-rw-r--r--src/tests/data/fuzz/x509/afl_031.pem1
-rw-r--r--src/tests/data/fuzz/x509/afl_032.pembin134 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_033.pembin134 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_034.pem4
-rw-r--r--src/tests/data/fuzz/x509/afl_035.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_036.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_037.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_038.pembin634 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_039.pembin631 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_040.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_041.pembin637 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_042.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_043.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_044.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_045.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_046.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_047.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_048.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_049.pembin639 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_050.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_051.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/afl_052.pembin624 -> 0 bytes
-rw-r--r--src/tests/data/fuzz/x509/cve_2017_2801.derbin1410 -> 0 bytes
-rw-r--r--src/tests/test_fuzzer.cpp128
96 files changed, 540 insertions, 858 deletions
diff --git a/.travis.yml b/.travis.yml
index d7092f01a..8431729b4 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -31,6 +31,7 @@ env:
- BUILD_MODE="static"
- BUILD_MODE="bsi"
- BUILD_MODE="nist"
+ - BUILD_MODE="fuzzers"
- BUILD_MODE="sanitizer"
- BUILD_MODE="coverage"
- BUILD_MODE="cross-arm32"
@@ -52,10 +53,11 @@ matrix:
- os: osx
compiler: gcc
- # Run docs, lint, bsi, nist, coverage, valgrind, sonarqube, sanitizer,
- # minimized and non-ARM cross builds on Linux/gcc only. The
- # sanitizer builds under Clang run the tests very slowly and cause
- # CI timeouts.
+ # Run docs, lint, bsi, nist, fuzzers, coverage, valgrind, sonarqube, sanitizer,
+ # minimized and non-ARM cross builds on Linux/gcc only.
+
+ # The sanitizer builds under Clang run the tests very slowly and
+ # cause CI timeouts.
- compiler: clang
env: BUILD_MODE="bsi"
@@ -72,6 +74,8 @@ matrix:
- compiler: clang
env: BUILD_MODE="sanitizer"
- compiler: clang
+ env: BUILD_MODE="fuzzers"
+ - compiler: clang
env: BUILD_MODE="valgrind"
- compiler: clang
env: BUILD_MODE="mini-shared"
diff --git a/configure.py b/configure.py
index 58a4f19d2..f9bf90fc9 100755
--- a/configure.py
+++ b/configure.py
@@ -183,6 +183,13 @@ class BuildPaths(object): # pylint: disable=too-many-instance-attributes
self.cli_headers = list(find_headers_in(source_paths.src_dir, 'cli'))
self.test_sources = list(find_sources_in(source_paths.src_dir, 'tests'))
+ if options.build_fuzzers:
+ self.fuzzer_sources = list(find_sources_in(source_paths.src_dir, 'fuzzer'))
+ self.fuzzer_output_dir = os.path.join(self.build_dir, 'fuzzer')
+ else:
+ self.fuzzer_sources = None
+ self.fuzzer_output_dir = None
+
def build_dirs(self):
out = [
self.libobj_dir,
@@ -195,6 +202,8 @@ class BuildPaths(object): # pylint: disable=too-many-instance-attributes
]
if self.doc_output_dir_doxygen:
out += [self.doc_output_dir_doxygen]
+ if self.fuzzer_output_dir:
+ out += [self.fuzzer_output_dir]
return out
def src_info(self, typ):
@@ -204,6 +213,10 @@ class BuildPaths(object): # pylint: disable=too-many-instance-attributes
return (self.cli_sources, self.cliobj_dir)
elif typ == 'test':
return (self.test_sources, self.testobj_dir)
+ elif typ == 'fuzzer':
+ return (self.fuzzer_sources, self.fuzzer_output_dir)
+ else:
+ raise InternalError("Unknown src info type '%s'" % (typ))
PKG_CONFIG_FILENAME = 'botan-%d.pc' % (Version.major)
@@ -409,7 +422,14 @@ def process_command_line(args): # pylint: disable=too-many-locals
help='Generate CMakeLists.txt which can be used to create many IDEs project files')
build_group.add_option('--unsafe-fuzzer-mode', action='store_true', default=False,
- help='disable essential checks for testing')
+ help='Disable essential checks for testing')
+
+ build_group.add_option('--build-fuzzers=', dest='build_fuzzers',
+ metavar='TYPE', default=None,
+ help='Build fuzzers (afl, libfuzzer, test)')
+
+ build_group.add_option('--with-fuzzer-lib=', metavar='LIB', default=None, dest='fuzzer_lib',
+ help='additionally link in LIB')
mods_group = optparse.OptionGroup(parser, 'Module selection')
@@ -1711,13 +1731,14 @@ class MakefileListsGenerator(object):
for src in sources:
(directory, filename) = os.path.split(os.path.normpath(src))
+ obj_suffix = '.' + self._osinfo.obj_suffix
+
parts = directory.split(os.sep)
+ if 'fuzzer' in parts:
+ obj_suffix = ''
+
if 'src' in parts:
parts = parts[parts.index('src')+2:]
- elif 'tests' in parts:
- parts = parts[parts.index('tests')+2:]
- elif 'cli' in parts:
- parts = parts[parts.index('cli'):]
elif filename.find('botan_all') != -1:
parts = []
else:
@@ -1744,8 +1765,7 @@ class MakefileListsGenerator(object):
else:
name = filename
- for src_suffix in ['.cpp', '.S']:
- name = name.replace(src_suffix, '.' + self._osinfo.obj_suffix)
+ name = name.replace('.cpp', obj_suffix)
yield os.path.join(obj_dir, name)
@@ -1760,21 +1780,29 @@ class MakefileListsGenerator(object):
if self._options.with_external_includedir:
includes += ' ' + self._cc.add_include_dir_option + self._options.with_external_includedir
- for (obj_file, src) in zip(self._objectfile_list(sources, obj_dir), sources):
- isa_specific_flags_str = "".join([" %s" % flagset for flagset in sorted(self._isa_specific_flags(src))])
- yield '%s: %s\n\t$(CXX)%s $(%s_FLAGS) %s %s %s %s$@\n' % (
- obj_file,
- src,
- isa_specific_flags_str,
- flags,
- includes,
- self._cc.compile_flags,
- src,
- self._cc.output_to_option)
+ is_fuzzer = obj_dir.find('fuzzer') != -1
+
+ if is_fuzzer:
+ for (obj_file, src) in zip(self._objectfile_list(sources, obj_dir), sources):
+
+ yield '%s: %s\n\t$(CXX) %s $(%s_FLAGS) %s -L. -lbotan-2 $(FUZZER_LINKS_TO) %s$@\n' % (
+ obj_file, src, includes, flags, src, self._cc.output_to_option)
+ else:
+ for (obj_file, src) in zip(self._objectfile_list(sources, obj_dir), sources):
+ isa_specific_flags_str = "".join([" %s" % flagset for flagset in sorted(self._isa_specific_flags(src))])
+
+ yield '%s: %s\n\t$(CXX)%s $(%s_FLAGS) %s %s %s %s$@\n' % (
+ obj_file, src, isa_specific_flags_str, flags,
+ includes, self._cc.compile_flags, src, self._cc.output_to_option)
def generate(self):
out = {}
- for t in ['lib', 'cli', 'test']:
+
+ targets = ['lib', 'cli', 'test']
+ if self._options.build_fuzzers:
+ targets += ['fuzzer']
+
+ for t in targets:
obj_key = '%s_objs' % (t)
src_list, src_dir = self._build_paths.src_info(t)
src_list.sort()
@@ -1817,7 +1845,7 @@ class HouseEccCurve(object):
return "\\\n" + ' \\\n'.join(lines)
-def create_template_vars(source_paths, build_config, options, modules, cc, arch, osinfo):
+def create_template_vars(source_paths, build_config, options, modules, cc, arch, osinfo): #pylint: disable=too-many-locals,too-many-branches
"""
Create the template variables needed to process the makefile, build.h, etc
"""
@@ -1846,6 +1874,7 @@ def create_template_vars(source_paths, build_config, options, modules, cc, arch,
exceptions = match.group(1).split(',')
if osinfo.basename not in exceptions:
libs |= set(module_link_to)
+
return sorted(libs)
def choose_mp_bits():
@@ -1909,6 +1938,7 @@ def create_template_vars(source_paths, build_config, options, modules, cc, arch,
'libobj_dir': build_config.libobj_dir,
'cliobj_dir': build_config.cliobj_dir,
'testobj_dir': build_config.testobj_dir,
+ 'fuzzobj_dir': build_config.fuzzer_output_dir if build_config.fuzzer_output_dir else '',
'doc_output_dir': build_config.doc_output_dir,
@@ -1938,6 +1968,7 @@ def create_template_vars(source_paths, build_config, options, modules, cc, arch,
'lib_link_cmd': cc.so_link_command_for(osinfo.basename, options) + external_link_cmd(),
'cli_link_cmd': cc.binary_link_command_for(osinfo.basename, options) + external_link_cmd(),
'test_link_cmd': cc.binary_link_command_for(osinfo.basename, options) + external_link_cmd(),
+ 'fuzzer_link_cmd': cc.binary_link_command_for(osinfo.basename, options) + external_link_cmd(),
'link_to': ' '.join(
[cc.add_lib_option + lib for lib in link_to('libs')] +
@@ -1956,7 +1987,9 @@ def create_template_vars(source_paths, build_config, options, modules, cc, arch,
'include_files': makefile_list(build_config.public_headers),
- 'unsafe_fuzzer_mode_define': '' if not options.unsafe_fuzzer_mode else '#define BOTAN_UNSAFE_FUZZER_MODE',
+ 'unsafe_fuzzer_mode_define': '#define BOTAN_UNSAFE_FUZZER_MODE' if options.unsafe_fuzzer_mode else '',
+ 'fuzzer_type': '#define BOTAN_FUZZER_IS_%s' % (options.build_fuzzers.upper()) if options.build_fuzzers else '',
+ 'fuzzer_libs': '' if options.fuzzer_lib is None else '%s%s' % (cc.add_lib_option, options.fuzzer_lib),
'ar_command': cc.ar_command or osinfo.ar_command,
'ranlib_command': osinfo.ranlib_command(),
@@ -2026,17 +2059,22 @@ def create_template_vars(source_paths, build_config, options, modules, cc, arch,
variables["header_in"] = process_template(os.path.join(source_paths.makefile_dir, 'header.in'), variables)
if variables["makefile_style"] == "gmake":
- variables["gmake_commands_in"] = process_template(
- os.path.join(source_paths.makefile_dir, 'gmake_commands.in'),
- variables)
- variables["gmake_dso_in"] = process_template(
- os.path.join(source_paths.makefile_dir, 'gmake_dso.in'),
- variables
- ) if options.build_shared_lib else ''
- variables["gmake_coverage_in"] = process_template(
- os.path.join(source_paths.makefile_dir, 'gmake_coverage.in'),
- variables
- ) if options.with_coverage_info else ''
+ templates = [
+ ('gmake_commands.in', True),
+ ('gmake_dso.in', options.build_shared_lib),
+ ('gmake_coverage.in', options.with_coverage_info),
+ ('gmake_fuzzers.in', options.build_fuzzers)
+ ]
+
+ for (template, build_it) in templates:
+ template_file = os.path.join(source_paths.makefile_dir, template)
+
+ var_name = template.replace('.', '_')
+
+ if build_it:
+ variables[var_name] = process_template(template_file, variables)
+ else:
+ variables[var_name] = ''
return variables
@@ -3006,6 +3044,13 @@ def main(argv):
source_paths = SourcePaths(os.path.dirname(argv[0]))
+ if options.build_fuzzers != None:
+ if options.build_fuzzers not in ['libfuzzer', 'afl', 'test']:
+ raise UserError('Bad value to --build-fuzzers')
+
+ if options.build_fuzzers == 'libfuzzer' and options.fuzzer_lib is None:
+ options.fuzzer_lib = 'Fuzzer'
+
info_modules = load_info_files(source_paths.lib_dir, 'Modules', "info.txt", ModuleInfo)
info_arch = load_build_data_info_files(source_paths, 'CPU info', 'arch', ArchInfo)
info_os = load_build_data_info_files(source_paths, 'OS info', 'os', OsInfo)
diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in
index 2376b056e..6e60718ee 100644
--- a/src/build-data/buildh.in
+++ b/src/build-data/buildh.in
@@ -25,6 +25,7 @@
/* How many bits per limb in a BigInt */
#define BOTAN_MP_WORD_BITS %{mp_bits}
%{unsafe_fuzzer_mode_define}
+%{fuzzer_type}
#define BOTAN_INSTALL_PREFIX R"(%{prefix})"
#define BOTAN_INSTALL_HEADER_DIR "%{includedir}/botan-%{version_major}"
diff --git a/src/build-data/makefile/gmake.in b/src/build-data/makefile/gmake.in
index 22e4ef778..c77c1908c 100644
--- a/src/build-data/makefile/gmake.in
+++ b/src/build-data/makefile/gmake.in
@@ -53,6 +53,8 @@ $(STATIC_LIB): $(LIBOBJS)
%{gmake_coverage_in}
+%{gmake_fuzzers_in}
+
SPHINX_CONFIG = %{sphinx_config_dir}
SPHINX_OPTS = -b html
diff --git a/src/build-data/makefile/gmake_fuzzers.in b/src/build-data/makefile/gmake_fuzzers.in
new file mode 100644
index 000000000..82fa8b256
--- /dev/null
+++ b/src/build-data/makefile/gmake_fuzzers.in
@@ -0,0 +1,18 @@
+
+# Fuzzer build commands
+
+FUZZER_LINK_CMD = %{fuzzer_link_cmd}
+FUZZER_LINKS_TO = $(LIB_LINKS_TO) %{fuzzer_libs}
+FUZZER_FLAGS = $(CXXFLAGS) $(WARN_FLAGS)
+
+%{fuzzer_build_cmds}
+
+FUZZERS=%{fuzzer_objs}
+
+fuzzers: libs $(FUZZERS)
+
+fuzzer_corpus:
+ git clone --depth=1 https://github.com/randombit/crypto-corpus.git fuzzer_corpus
+
+fuzzer_corpus_zip: fuzzer_corpus
+ ./src/scripts/create_corpus_zip.py fuzzer_corpus %{fuzzobj_dir}
diff --git a/src/extra_tests/fuzzers/.gitignore b/src/extra_tests/fuzzers/.gitignore
deleted file mode 100644
index f7ce206a2..000000000
--- a/src/extra_tests/fuzzers/.gitignore
+++ /dev/null
@@ -1,10 +0,0 @@
-*.log
-
-/libFuzzer
-libFuzzer.a
-
-/output
-/botan
-/bin
-callgrind.out.*
-/corpus/
diff --git a/src/extra_tests/fuzzers/GNUmakefile b/src/extra_tests/fuzzers/GNUmakefile
deleted file mode 100644
index 32b353d17..000000000
--- a/src/extra_tests/fuzzers/GNUmakefile
+++ /dev/null
@@ -1,88 +0,0 @@
-
-FUZZERS=$(patsubst jigs/%.cpp,%,$(wildcard jigs/*.cpp))
-
-AFL_SAN_FLAGS=-fsanitize=address,undefined -fno-sanitize-recover=undefined
-CLANG_SAN_FLAGS=-fsanitize=address,undefined -fno-sanitize-recover=undefined
-#CLANG_SAN_FLAGS=-fsanitize=address
-
-CLANG_COV_FLAGS=-fsanitize-coverage=edge,indirect-calls,8bit-counters
-SHARED_FLAGS=-O3 -g -std=c++11 -pthread
-CFG_FLAGS=--with-debug-info --unsafe-fuzzer-mode
-
-LIBFUZZER_FLAGS=-Illvm-build/build/include $(SHARED_FLAGS) $(CLANG_COV_FLAGS) $(CLANG_SAN_FLAGS)
-AFL_FLAGS=-Iafl-build/build/include $(SHARED_FLAGS) -DINCLUDE_AFL_MAIN
-
-LIBFUZZER_LIBS=llvm-build/libbotan-2.a libFuzzer.a
-AFL_LIBS=afl-build/libbotan-2.a
-
-#AFL_CXX=AFL_USE_ASAN=1 afl-g++ -m32
-AFL_CXX=afl-g++
-AFL_CXX_TYPE=gcc
-CLANG_CXX=clang++
-
-LIBFUZZER_PROGS=$(patsubst %,bin/llvm_fuzz_%,$(FUZZERS))
-AFL_PROGS=$(patsubst %,bin/afl_fuzz_%,$(FUZZERS))
-
-all:
- @echo "make afl for AFL, llvm for libFuzzer"
-
-afl: dirs afl-build $(AFL_PROGS)
-
-llvm: dirs llvm-build $(LIBFUZZER_PROGS)
-
-bin/llvm_fuzz_%: jigs/%.cpp $(LIBFUZZER_LIBS)
- $(CLANG_CXX) $(LIBFUZZER_FLAGS) $< $(LIBFUZZER_LIBS) -o $@
-
-bin/afl_fuzz_%: jigs/%.cpp $(AFL_LIBS)
- $(AFL_CXX) $(AFL_FLAGS) $< $(AFL_LIBS) -o $@
-
-
-dirs:
- mkdir -p bin
- mkdir -p output
- mkdir -p corpus
-
-afl-build:
- ../../../configure.py $(CFG_FLAGS) --with-build-dir=afl-build --cc=$(AFL_CXX_TYPE) --cc-bin=$(AFL_CXX)
- make -j2 -f afl-build/Makefile afl-build/libbotan-2.a
-
-llvm-build:
- ../../../configure.py $(CFG_FLAGS) --with-build-dir=llvm-build --cc=clang --cc-bin=$(CLANG_CXX) --cc-abi-flags="$(CLANG_COV_FLAGS) $(CLANG_SAN_FLAGS)"
- make -j2 -f llvm-build/Makefile llvm-build/libbotan-2.a
-
-# libFuzzer default is max_len 64 this sets 140 but allows override via args=
-run_llvm_%: bin/llvm_fuzz_%
- $(eval FUZZER = $(subst bin/llvm_fuzz_,,$<))
- mkdir -p output/$(FUZZER)/llvm/queue
- mkdir -p output/$(FUZZER)/llvm/outputs
- $< -max_len=140 -artifact_prefix=output/$(FUZZER)/llvm/outputs/ output/$(FUZZER)/llvm/queue corpus/$(FUZZER) $(args)
-
-run_afl_%: bin/afl_fuzz_%
- $(eval FUZZER = $(subst bin/afl_fuzz_,,$<))
- mkdir -p output/$(FUZZER)/afl
- afl-fuzz $(args) -o output/$(FUZZER)/afl -i corpus/$(FUZZER) $<
-
-cmin_%: bin/afl_fuzz_%
- $(eval FUZZER = $(subst bin/afl_fuzz_,,$<))
- rm -rf cmin-dir
- mv corpus/$(FUZZER) cmin-dir
- -cp -n output/$(FUZZER)/afl/queue/* cmin-dir
- -cp -n output/$(FUZZER)/llvm/queue/* cmin-dir
- afl-cmin -i cmin-dir -o corpus/$(FUZZER) $<
- rm -rf cmin-dir
-
-clean:
- rm -f $(LIBFUZZER_PROGS) $(AFL_PROGS)
-
-clean_builds: clean
- rm -rf afl-build llvm-build
-
-libFuzzer:
- svn co http://llvm.org/svn/llvm-project/compiler-rt/trunk/lib/fuzzer libFuzzer
-
-libFuzzer.a: libFuzzer
- cd libFuzzer && clang -c -g -O2 -std=c++11 *.cpp
- ar cr libFuzzer.a libFuzzer/*.o
-
-update:
- svn co http://llvm.org/svn/llvm-project/compiler-rt/trunk/lib/fuzzer libFuzzer
diff --git a/src/extra_tests/fuzzers/readme.txt b/src/extra_tests/fuzzers/readme.txt
deleted file mode 100644
index 1bee1a785..000000000
--- a/src/extra_tests/fuzzers/readme.txt
+++ /dev/null
@@ -1,49 +0,0 @@
-
-The code in this directory is for testing various message decoders and
-math functions using the fuzzers AFL (http://lcamtuf.coredump.cx/afl/)
-and libFuzzer (http://llvm.org/docs/LibFuzzer.html).
-
-To build for AFL, run
-
- make afl
-
-For libFuzzer
-
- make llvm
-
-To add a new fuzzer, create a new file in jigs/, include "driver.h",
-and implement the function with the signature
-
-void fuzz(const uint8_t buf[], size_t len);
-
-This function should abort/crash if something is incorrect.
-
-Run it with
-
-make run_{llvm,afl}_{what}
-
-like in
-
-make run_llvm_crl
-make run_afl_tls_client
-
-You can pass args to the fuzzer process using args=
-
-make args=-max_len=4000 run_llvm_tls_client
-
-The fuzzer entry point assumes no more than 4K of input. The base
-libFuzzer default max len is 64 bytes, the makefile sets it to 140 as
-default.
-
-Use
-
-make cmin_redc_p384
-
-to run afl-cmin to minimize and merge the LLVM and AFL outputs back to
-the corpus directory.
-
-TODO:
-
-- KLEE (https://klee.github.io)
-- DFSan (http://clang.llvm.org/docs/DataFlowSanitizer.html)
-- More jigs
diff --git a/src/extra_tests/fuzzers/jigs/ber_decode.cpp b/src/fuzzer/asn1.cpp
index 6ec9cadba..b0ea553e5 100644
--- a/src/extra_tests/fuzzers/jigs/ber_decode.cpp
+++ b/src/fuzzer/asn1.cpp
@@ -1,25 +1,22 @@
/*
-* (C) 2016 Jack Lloyd
+* (C) 2016,2017 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/ber_dec.h>
void fuzz(const uint8_t in[], size_t len)
{
- if(len > 4096)
- return;
-
try
{
- DataSource_Memory input(in, len);
- BER_Decoder dec(input);
+ Botan::DataSource_Memory input(in, len);
+ Botan::BER_Decoder dec(input);
while(dec.more_items())
{
- BER_Object obj;
+ Botan::BER_Object obj;
dec.get_next(obj);
}
}
diff --git a/src/extra_tests/fuzzers/jigs/bn_sqr.cpp b/src/fuzzer/bn_sqr.cpp
index aa76067f7..f507c4a79 100644
--- a/src/extra_tests/fuzzers/jigs/bn_sqr.cpp
+++ b/src/fuzzer/bn_sqr.cpp
@@ -4,7 +4,7 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/bigint.h>
#include <botan/numthry.h>
diff --git a/src/extra_tests/fuzzers/jigs/cert.cpp b/src/fuzzer/cert.cpp
index 5620a4700..3b40020df 100644
--- a/src/extra_tests/fuzzers/jigs/cert.cpp
+++ b/src/fuzzer/cert.cpp
@@ -3,19 +3,19 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/x509cert.h>
void fuzz(const uint8_t in[], size_t len)
{
- if(len > 8192)
+ if(len > max_fuzzer_input_size)
return;
try
{
- DataSource_Memory input(in, len);
- X509_Certificate cert(input);
+ Botan::DataSource_Memory input(in, len);
+ Botan::X509_Certificate cert(input);
}
catch(Botan::Exception& e) { }
}
diff --git a/src/extra_tests/fuzzers/jigs/crl.cpp b/src/fuzzer/crl.cpp
index b3157e5fe..63699b9b3 100644
--- a/src/extra_tests/fuzzers/jigs/crl.cpp
+++ b/src/fuzzer/crl.cpp
@@ -3,19 +3,16 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/x509_crl.h>
void fuzz(const uint8_t in[], size_t len)
{
- if(len > 4096)
- return;
-
try
{
- DataSource_Memory input(in, len);
- X509_CRL crl(input);
+ Botan::DataSource_Memory input(in, len);
+ Botan::X509_CRL crl(input);
}
- catch(Botan::Exception& e) { }
+ catch(Botan::Exception& e) {}
}
diff --git a/src/extra_tests/fuzzers/jigs/divide.cpp b/src/fuzzer/divide.cpp
index 4ff50a680..01ec14e28 100644
--- a/src/extra_tests/fuzzers/jigs/divide.cpp
+++ b/src/fuzzer/divide.cpp
@@ -3,7 +3,7 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/divide.h>
void fuzz(const uint8_t in[], size_t len)
@@ -11,18 +11,18 @@ void fuzz(const uint8_t in[], size_t len)
if(len % 2 == 1 || len > 2*4096/8)
return;
- const BigInt x = BigInt::decode(in, len / 2);
- const BigInt y = BigInt::decode(in + len / 2, len / 2);
+ const Botan::BigInt x = Botan::BigInt::decode(in, len / 2);
+ const Botan::BigInt y = Botan::BigInt::decode(in + len / 2, len / 2);
if(y == 0)
return;
- BigInt q, r;
+ Botan::BigInt q, r;
Botan::divide(x, y, q, r);
FUZZER_ASSERT_TRUE(r < y);
- BigInt z = q*y + r;
+ Botan::BigInt z = q*y + r;
FUZZER_ASSERT_EQUAL(z, x);
}
diff --git a/src/extra_tests/fuzzers/jigs/ecc_bp256.cpp b/src/fuzzer/ecc_bp256.cpp
index 07833c639..4c1186f06 100644
--- a/src/extra_tests/fuzzers/jigs/ecc_bp256.cpp
+++ b/src/fuzzer/ecc_bp256.cpp
@@ -3,7 +3,7 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include "ecc_helper.h"
void fuzz(const uint8_t in[], size_t len)
@@ -11,6 +11,6 @@ void fuzz(const uint8_t in[], size_t len)
if(len > 2*256/8)
return;
- static EC_Group bp256("brainpool256r1");
+ static Botan::EC_Group bp256("brainpool256r1");
return check_ecc_math(bp256, in, len);
}
diff --git a/src/extra_tests/fuzzers/jigs/ecc_helper.h b/src/fuzzer/ecc_helper.h
index fb502452a..c9b3a6604 100644
--- a/src/extra_tests/fuzzers/jigs/ecc_helper.h
+++ b/src/fuzzer/ecc_helper.h
@@ -3,37 +3,24 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
+
#ifndef ECC_HELPERS_H__
#define ECC_HELPERS_H__
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/curve_gfp.h>
#include <botan/ec_group.h>
#include <botan/reducer.h>
-void check_redc(std::function<void (BigInt&, secure_vector<word>&)> redc_fn,
- const Modular_Reducer& redc,
- const BigInt& prime,
- const BigInt& x)
- {
- const Botan::BigInt v1 = x % prime;
- const Botan::BigInt v2 = redc.reduce(x);
-
- Botan::secure_vector<Botan::word> ws;
- Botan::BigInt v3 = x;
- redc_fn(v3, ws);
+namespace {
- FUZZER_ASSERT_EQUAL(v1, v2);
- FUZZER_ASSERT_EQUAL(v2, v3);
- }
-
-inline std::ostream& operator<<(std::ostream& o, const PointGFp& point)
+inline std::ostream& operator<<(std::ostream& o, const Botan::PointGFp& point)
{
o << point.get_affine_x() << "," << point.get_affine_y();
return o;
}
-void check_ecc_math(const EC_Group& group,
+void check_ecc_math(const Botan::EC_Group& group,
const uint8_t in[], size_t len)
{
// These depend only on the group, which is also static
@@ -41,8 +28,8 @@ void check_ecc_math(const EC_Group& group,
static Botan::Blinded_Point_Multiply blind(base_point, group.get_order(), 4);
const size_t hlen = len / 2;
- const BigInt a = BigInt::decode(in, hlen);
- const BigInt b = BigInt::decode(in + hlen, len - hlen);
+ const Botan::BigInt a = Botan::BigInt::decode(in, hlen);
+ const Botan::BigInt b = Botan::BigInt::decode(in + hlen, len - hlen);
const Botan::BigInt c = a + b;
@@ -66,4 +53,6 @@ void check_ecc_math(const EC_Group& group,
FUZZER_ASSERT_EQUAL(S1, A1);
}
+}
+
#endif
diff --git a/src/extra_tests/fuzzers/jigs/ecc_p256.cpp b/src/fuzzer/ecc_p256.cpp
index f13104fda..c00be71b6 100644
--- a/src/extra_tests/fuzzers/jigs/ecc_p256.cpp
+++ b/src/fuzzer/ecc_p256.cpp
@@ -3,13 +3,13 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include "ecc_helper.h"
void fuzz(const uint8_t in[], size_t len)
{
if(len > 2*256/8)
return;
- static EC_Group p256("secp256r1");
+ static Botan::EC_Group p256("secp256r1");
return check_ecc_math(p256, in, len);
}
diff --git a/src/extra_tests/fuzzers/jigs/ecc_p384.cpp b/src/fuzzer/ecc_p384.cpp
index 47826e1d6..1b58da958 100644
--- a/src/extra_tests/fuzzers/jigs/ecc_p384.cpp
+++ b/src/fuzzer/ecc_p384.cpp
@@ -3,13 +3,13 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include "ecc_helper.h"
void fuzz(const uint8_t in[], size_t len)
{
if(len > 2*384/8)
return;
- static EC_Group p384("secp384r1");
+ static Botan::EC_Group p384("secp384r1");
return check_ecc_math(p384, in, len);
}
diff --git a/src/extra_tests/fuzzers/jigs/ecc_p521.cpp b/src/fuzzer/ecc_p521.cpp
index c2d1e36bb..3b9ed2d5c 100644
--- a/src/extra_tests/fuzzers/jigs/ecc_p521.cpp
+++ b/src/fuzzer/ecc_p521.cpp
@@ -3,13 +3,13 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include "ecc_helper.h"
void fuzz(const uint8_t in[], size_t len)
{
if(len > 2*(521+7)/8)
return;
- static EC_Group p521("secp521r1");
+ static Botan::EC_Group p521("secp521r1");
return check_ecc_math(p521, in, len);
}
diff --git a/src/extra_tests/fuzzers/jigs/driver.h b/src/fuzzer/fuzzers.h
index 08fffd0c1..2f1b1346d 100644
--- a/src/extra_tests/fuzzers/jigs/driver.h
+++ b/src/fuzzer/fuzzers.h
@@ -1,25 +1,30 @@
/*
-* (C) 2015,2016 Jack Lloyd
+* (C) 2015,2016,2017 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#ifndef FUZZER_DRIVER_H_
-#define FUZZER_DRIVER_H_
+#ifndef BOTAN_FUZZER_DRIVER_H__
+#define BOTAN_FUZZER_DRIVER_H__
#include <stdint.h>
+#include <stdlib.h> // for setenv
#include <iostream>
#include <vector>
-#include <stdlib.h> // for setenv
#include <botan/exceptn.h>
-#include <botan/rng.h>
-#include <botan/chacha.h>
+#include <botan/chacha_rng.h>
+
+#if defined(BOTAN_FUZZER_IS_AFL) && !defined(__AFL_COMPILER)
+ #error "Build configured for AFL but not being compiled by AFL compiler"
+#endif
-using namespace Botan;
+static const size_t max_fuzzer_input_size = 8192;
extern void fuzz(const uint8_t in[], size_t len);
+extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv);
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t in[], size_t len);
-extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv)
+extern "C" int LLVMFuzzerInitialize(int *, char ***)
{
/*
* This disables the mlock pool, as overwrites within the pool are
@@ -32,68 +37,18 @@ extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv)
// Called by main() in libFuzzer or in main for AFL below
extern "C" int LLVMFuzzerTestOneInput(const uint8_t in[], size_t len)
{
- fuzz(in, len);
- return 0;
- }
-
-#if defined(INCLUDE_AFL_MAIN)
-
-// Read stdin for AFL
-
-int main(int argc, char* argv[])
- {
- const size_t max_read = 4096;
-
- LLVMFuzzerInitialize(&argc, &argv);
-
-#if defined(__AFL_LOOP)
- while(__AFL_LOOP(1000))
-#endif
+ if(len <= max_fuzzer_input_size)
{
- std::vector<uint8_t> buf(max_read);
- std::cin.read((char*)buf.data(), buf.size());
- size_t got = std::cin.gcount();
-
- buf.resize(got);
- buf.shrink_to_fit();
-
- fuzz(buf.data(), got);
+ fuzz(in, len);
}
+ return 0;
}
-#endif
-
// Some helpers for the fuzzer jigs
inline Botan::RandomNumberGenerator& fuzzer_rng()
{
- class ChaCha20_RNG : public Botan::RandomNumberGenerator
- {
- public:
- std::string name() const override { return "ChaCha20_RNG"; }
- void clear() override { /* ignored */ }
-
- void randomize(uint8_t out[], size_t len) override
- {
- Botan::clear_mem(out, len);
- m_chacha.cipher1(out, len);
- }
-
- bool is_seeded() const override { return true; }
-
- void add_entropy(const uint8_t[], size_t) override { /* ignored */ }
-
- ChaCha20_RNG()
- {
- std::vector<uint8_t> seed(32, 0x82);
- m_chacha.set_key(seed);
- }
-
- private:
- Botan::ChaCha m_chacha;
- };
-
- static ChaCha20_RNG rng;
+ static Botan::ChaCha_RNG rng(Botan::secure_vector<uint8_t>(32));
return rng;
}
@@ -112,4 +67,29 @@ inline Botan::RandomNumberGenerator& fuzzer_rng()
abort(); \
} } while(0)
+#if defined(BOTAN_FUZZER_IS_AFL) || defined(BOTAN_FUZZER_IS_TEST)
+
+/* Stub for AFL */
+
+int main(int argc, char* argv[])
+ {
+ LLVMFuzzerInitialize(&argc, &argv);
+
+#if defined(__AFL_LOOP)
+ while(__AFL_LOOP(1000))
+#endif
+ {
+ std::vector<uint8_t> buf(max_fuzzer_input_size);
+ std::cin.read((char*)buf.data(), buf.size());
+ const size_t got = std::cin.gcount();
+
+ buf.resize(got);
+ buf.shrink_to_fit();
+
+ LLVMFuzzerTestOneInput(buf.data(), got);
+ }
+ }
+
+#endif
+
#endif
diff --git a/src/extra_tests/fuzzers/jigs/invert.cpp b/src/fuzzer/invert.cpp
index 63c140139..08e8229b8 100644
--- a/src/extra_tests/fuzzers/jigs/invert.cpp
+++ b/src/fuzzer/invert.cpp
@@ -3,16 +3,18 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/numthry.h>
-BigInt inverse_mod_ref(const BigInt& n, const BigInt& mod)
+namespace {
+
+Botan::BigInt inverse_mod_ref(const Botan::BigInt& n, const Botan::BigInt& mod)
{
if(n == 0)
return 0;
- BigInt u = mod, v = n;
- BigInt B = 0, D = 1;
+ Botan::BigInt u = mod, v = n;
+ Botan::BigInt B = 0, D = 1;
while(u.is_nonzero())
{
@@ -48,23 +50,24 @@ BigInt inverse_mod_ref(const BigInt& n, const BigInt& mod)
return D;
}
+}
void fuzz(const uint8_t in[], size_t len)
{
if(len % 2 == 1 || len > 2*4096/8)
return;
- const BigInt x = BigInt::decode(in, len / 2);
- BigInt mod = BigInt::decode(in + len / 2, len / 2);
+ const Botan::BigInt x = Botan::BigInt::decode(in, len / 2);
+ Botan::BigInt mod = Botan::BigInt::decode(in + len / 2, len / 2);
mod.set_bit(0);
if(mod < 3 || x >= mod)
return;
- BigInt ref = inverse_mod_ref(x, mod);
- BigInt ct = ct_inverse_mod_odd_modulus(x, mod);
- //BigInt mon = normalized_montgomery_inverse(x, mod);
+ Botan::BigInt ref = inverse_mod_ref(x, mod);
+ Botan::BigInt ct = Botan::ct_inverse_mod_odd_modulus(x, mod);
+ //Botan::BigInt mon = Botan::normalized_montgomery_inverse(x, mod);
if(ref != ct)
{
diff --git a/src/extra_tests/fuzzers/jigs/ocsp.cpp b/src/fuzzer/ocsp.cpp
index 7cf2d91b0..0db265b8d 100644
--- a/src/extra_tests/fuzzers/jigs/ocsp.cpp
+++ b/src/fuzzer/ocsp.cpp
@@ -3,15 +3,15 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/ocsp.h>
void fuzz(const uint8_t in[], size_t len)
{
try
{
- OCSP::Response response(in, len);
+ Botan::OCSP::Response response(in, len);
}
catch(Botan::Exception& e) { }
}
diff --git a/src/extra_tests/fuzzers/jigs/os2ecp.cpp b/src/fuzzer/os2ecp.cpp
index 61ce1bd7b..dba6dbdfe 100644
--- a/src/extra_tests/fuzzers/jigs/os2ecp.cpp
+++ b/src/fuzzer/os2ecp.cpp
@@ -3,31 +3,35 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/ec_group.h>
#include <botan/point_gfp.h>
-void check_os2ecp(const EC_Group& group, const uint8_t in[], size_t len)
+namespace {
+
+void check_os2ecp(const Botan::EC_Group& group, const uint8_t in[], size_t len)
{
try
{
- PointGFp point = OS2ECP(in, len, group.get_curve());
+ Botan::PointGFp point = Botan::OS2ECP(in, len, group.get_curve());
}
catch(Botan::Exception& e) {}
}
+}
+
void fuzz(const uint8_t in[], size_t len)
{
if(len >= 256)
return;
- static EC_Group p192("secp192r1");
- static EC_Group p224("secp224r1");
- static EC_Group p256("secp256r1");
- static EC_Group p384("secp384r1");
- static EC_Group p521("secp521r1");
- static EC_Group bp256("brainpool256r1");
- static EC_Group bp512("brainpool512r1");
+ static Botan::EC_Group p192("secp192r1");
+ static Botan::EC_Group p224("secp224r1");
+ static Botan::EC_Group p256("secp256r1");
+ static Botan::EC_Group p384("secp384r1");
+ static Botan::EC_Group p521("secp521r1");
+ static Botan::EC_Group bp256("brainpool256r1");
+ static Botan::EC_Group bp512("brainpool512r1");
check_os2ecp(p192, in, len);
check_os2ecp(p224, in, len);
diff --git a/src/extra_tests/fuzzers/jigs/pkcs1.cpp b/src/fuzzer/pkcs1.cpp
index 8a16d17e5..a0323d2b2 100644
--- a/src/extra_tests/fuzzers/jigs/pkcs1.cpp
+++ b/src/fuzzer/pkcs1.cpp
@@ -3,12 +3,14 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/eme_pkcs.h>
#include <botan/hex.h>
-secure_vector<byte> simple_pkcs1_unpad(const byte in[], size_t len)
+namespace {
+
+std::vector<uint8_t> simple_pkcs1_unpad(const uint8_t in[], size_t len)
{
if(len < 10)
throw Botan::Decoding_Error("bad len");
@@ -22,24 +24,27 @@ secure_vector<byte> simple_pkcs1_unpad(const byte in[], size_t len)
{
if(i < 10) // at least 8 padding bytes required
throw Botan::Decoding_Error("insufficient padding bytes");
- return secure_vector<byte>(in + i + 1, in + len);
+ return std::vector<uint8_t>(in + i + 1, in + len);
}
}
throw Botan::Decoding_Error("delim not found");
}
+}
+
void fuzz(const uint8_t in[], size_t len)
{
- static EME_PKCS1v15 pkcs1;
+ static Botan::EME_PKCS1v15 pkcs1;
- secure_vector<byte> lib_result, ref_result;
+ Botan::secure_vector<uint8_t> lib_result;
+ std::vector<uint8_t> ref_result;
bool lib_rejected = false, ref_rejected = false;
try
{
- byte valid_mask = 0;
- secure_vector<byte> decoded = ((EME*)&pkcs1)->unpad(valid_mask, in, len);
+ uint8_t valid_mask = 0;
+ Botan::secure_vector<uint8_t> decoded = (static_cast<Botan::EME*>(&pkcs1))->unpad(valid_mask, in, len);
if(valid_mask == 0)
lib_rejected = true;
@@ -54,7 +59,7 @@ void fuzz(const uint8_t in[], size_t len)
{
ref_result = simple_pkcs1_unpad(in, len);
}
- catch(Botan::Decoding_Error& e) { ref_rejected = true; /*printf("%s\n", e.what());*/ }
+ catch(Botan::Decoding_Error& e) { ref_rejected = true; }
if(lib_rejected == ref_rejected)
{
@@ -65,12 +70,12 @@ void fuzz(const uint8_t in[], size_t len)
if(lib_rejected == true && ref_rejected == false)
{
std::cerr << "Library rejected input accepted by ref\n";
- std::cerr << "Ref decoded " << hex_encode(ref_result) << "\n";
+ std::cerr << "Ref decoded " << Botan::hex_encode(ref_result) << "\n";
}
else if(ref_rejected == true && lib_rejected == false)
{
std::cerr << "Library accepted input reject by ref\n";
- std::cerr << "Lib decoded " << hex_encode(lib_result) << "\n";
+ std::cerr << "Lib decoded " << Botan::hex_encode(lib_result) << "\n";
}
abort();
diff --git a/src/extra_tests/fuzzers/jigs/pkcs8.cpp b/src/fuzzer/pkcs8.cpp
index 47c0068ad..ad43d6f3e 100644
--- a/src/extra_tests/fuzzers/jigs/pkcs8.cpp
+++ b/src/fuzzer/pkcs8.cpp
@@ -3,7 +3,7 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/pkcs8.h>
@@ -11,8 +11,9 @@ void fuzz(const uint8_t in[], size_t len)
{
try
{
- DataSource_Memory input(in, len);
- std::unique_ptr<Private_Key> key(PKCS8::load_key(input, fuzzer_rng()));
+ Botan::DataSource_Memory input(in, len);
+ Botan::Null_RNG null_rng;
+ std::unique_ptr<Botan::Private_Key> key(Botan::PKCS8::load_key(input, null_rng));
}
catch(Botan::Exception& e) { }
}
diff --git a/src/extra_tests/fuzzers/jigs/pow_mod.cpp b/src/fuzzer/pow_mod.cpp
index c97dd78cd..2244c2004 100644
--- a/src/extra_tests/fuzzers/jigs/pow_mod.cpp
+++ b/src/fuzzer/pow_mod.cpp
@@ -4,12 +4,17 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/numthry.h>
#include <botan/reducer.h>
#include <botan/pow_mod.h>
-BigInt simple_power_mod(BigInt x, BigInt n, const BigInt& p, const Modular_Reducer& mod_p)
+namespace {
+
+Botan::BigInt simple_power_mod(Botan::BigInt x,
+ Botan::BigInt n,
+ const Botan::BigInt& p,
+ const Botan::Modular_Reducer& mod_p)
{
if(n == 0)
{
@@ -18,7 +23,7 @@ BigInt simple_power_mod(BigInt x, BigInt n, const BigInt& p, const Modular_Reduc
return 1;
}
- BigInt y = 1;
+ Botan::BigInt y = 1;
while(n > 1)
{
@@ -32,22 +37,24 @@ BigInt simple_power_mod(BigInt x, BigInt n, const BigInt& p, const Modular_Reduc
return mod_p.multiply(x, y);
}
+}
+
void fuzz(const uint8_t in[], size_t len)
{
static const size_t p_bits = 1024;
- static const BigInt p = random_prime(fuzzer_rng(), p_bits);
- static Modular_Reducer mod_p(p);
+ static const Botan::BigInt p = random_prime(fuzzer_rng(), p_bits);
+ static Botan::Modular_Reducer mod_p(p);
if(len == 0 || len > p_bits/8)
return;
try
{
- const BigInt g = BigInt::decode(in, len / 2);
- const BigInt x = BigInt::decode(in + len / 2, len / 2);
+ const Botan::BigInt g = Botan::BigInt::decode(in, len / 2);
+ const Botan::BigInt x = Botan::BigInt::decode(in + len / 2, len / 2);
- const BigInt ref = simple_power_mod(g, x, p, mod_p);
- const BigInt z = Botan::power_mod(g, x, p);
+ const Botan::BigInt ref = simple_power_mod(g, x, p, mod_p);
+ const Botan::BigInt z = Botan::power_mod(g, x, p);
if(ref != z)
{
diff --git a/src/fuzzer/redc_helper.h b/src/fuzzer/redc_helper.h
new file mode 100644
index 000000000..4fc33894a
--- /dev/null
+++ b/src/fuzzer/redc_helper.h
@@ -0,0 +1,33 @@
+/*
+* (C) 2015,2016 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#ifndef BOTAN_FUZZ_REDC_HELPERS_H__
+#define BOTAN_FUZZ_REDC_HELPERS_H__
+
+#include "fuzzers.h"
+#include <botan/reducer.h>
+
+namespace {
+
+void check_redc(std::function<void (Botan::BigInt&, Botan::secure_vector<Botan::word>&)> redc_fn,
+ const Botan::Modular_Reducer& redc,
+ const Botan::BigInt& prime,
+ const Botan::BigInt& x)
+ {
+ const Botan::BigInt v1 = x % prime;
+ const Botan::BigInt v2 = redc.reduce(x);
+
+ Botan::secure_vector<Botan::word> ws;
+ Botan::BigInt v3 = x;
+ redc_fn(v3, ws);
+
+ FUZZER_ASSERT_EQUAL(v1, v2);
+ FUZZER_ASSERT_EQUAL(v2, v3);
+ }
+
+}
+
+#endif
diff --git a/src/extra_tests/fuzzers/jigs/redc_p192.cpp b/src/fuzzer/redc_p192.cpp
index 9bece4595..e1f7c753f 100644
--- a/src/extra_tests/fuzzers/jigs/redc_p192.cpp
+++ b/src/fuzzer/redc_p192.cpp
@@ -4,8 +4,8 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
-#include "ecc_helper.h"
+#include "fuzzers.h"
+#include "redc_helper.h"
#include <botan/curve_nistp.h>
void fuzz(const uint8_t in[], size_t len)
@@ -13,8 +13,8 @@ void fuzz(const uint8_t in[], size_t len)
if(len > 2*192/8)
return;
- static const BigInt& prime = Botan::prime_p192();
- static const BigInt prime_2 = prime * prime;
+ static const Botan::BigInt& prime = Botan::prime_p192();
+ static const Botan::BigInt prime_2 = prime * prime;
static Botan::Modular_Reducer prime_redc(prime);
Botan::BigInt x = Botan::BigInt::decode(in, len);
diff --git a/src/extra_tests/fuzzers/jigs/redc_p224.cpp b/src/fuzzer/redc_p224.cpp
index 637d9e6fd..a8a4d5d72 100644
--- a/src/extra_tests/fuzzers/jigs/redc_p224.cpp
+++ b/src/fuzzer/redc_p224.cpp
@@ -4,14 +4,14 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
-#include "ecc_helper.h"
+#include "fuzzers.h"
+#include "redc_helper.h"
#include <botan/curve_nistp.h>
void fuzz(const uint8_t in[], size_t len)
{
- static const BigInt& prime = Botan::prime_p224();
- static const BigInt prime_2 = prime * prime;
+ static const Botan::BigInt& prime = Botan::prime_p224();
+ static const Botan::BigInt prime_2 = prime * prime;
static Botan::Modular_Reducer prime_redc(prime);
Botan::BigInt x = Botan::BigInt::decode(in, len);
diff --git a/src/extra_tests/fuzzers/jigs/redc_p256.cpp b/src/fuzzer/redc_p256.cpp
index cbb7f4fef..b8d78e7bb 100644
--- a/src/extra_tests/fuzzers/jigs/redc_p256.cpp
+++ b/src/fuzzer/redc_p256.cpp
@@ -4,8 +4,8 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
-#include "ecc_helper.h"
+#include "fuzzers.h"
+#include "redc_helper.h"
#include <botan/curve_nistp.h>
void fuzz(const uint8_t in[], size_t len)
@@ -13,8 +13,8 @@ void fuzz(const uint8_t in[], size_t len)
if(len > 2*256/8)
return;
- static const BigInt& prime = Botan::prime_p256();
- static const BigInt prime_2 = prime * prime;
+ static const Botan::BigInt& prime = Botan::prime_p256();
+ static const Botan::BigInt prime_2 = prime * prime;
static Botan::Modular_Reducer prime_redc(prime);
Botan::BigInt x = Botan::BigInt::decode(in, len);
diff --git a/src/extra_tests/fuzzers/jigs/redc_p384.cpp b/src/fuzzer/redc_p384.cpp
index 3b990fb63..35e3ccfee 100644
--- a/src/extra_tests/fuzzers/jigs/redc_p384.cpp
+++ b/src/fuzzer/redc_p384.cpp
@@ -4,8 +4,8 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
-#include "ecc_helper.h"
+#include "fuzzers.h"
+#include "redc_helper.h"
#include <botan/curve_nistp.h>
void fuzz(const uint8_t in[], size_t len)
@@ -13,8 +13,8 @@ void fuzz(const uint8_t in[], size_t len)
if(len > 2*384/8)
return;
- static const BigInt& prime = Botan::prime_p384();
- static const BigInt prime_2 = prime * prime;
+ static const Botan::BigInt& prime = Botan::prime_p384();
+ static const Botan::BigInt prime_2 = prime * prime;
static Botan::Modular_Reducer prime_redc(prime);
Botan::BigInt x = Botan::BigInt::decode(in, len);
diff --git a/src/extra_tests/fuzzers/jigs/redc_p521.cpp b/src/fuzzer/redc_p521.cpp
index 5142a44c2..c6c5d262b 100644
--- a/src/extra_tests/fuzzers/jigs/redc_p521.cpp
+++ b/src/fuzzer/redc_p521.cpp
@@ -4,8 +4,8 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
-#include "ecc_helper.h"
+#include "fuzzers.h"
+#include "redc_helper.h"
#include <botan/curve_nistp.h>
void fuzz(const uint8_t in[], size_t len)
@@ -13,8 +13,8 @@ void fuzz(const uint8_t in[], size_t len)
if(len > 2*(521+7)/8)
return;
- static const BigInt& prime = Botan::prime_p521();
- static const BigInt prime_2 = prime * prime;
+ static const Botan::BigInt& prime = Botan::prime_p521();
+ static const Botan::BigInt prime_2 = prime * prime;
static Botan::Modular_Reducer prime_redc(prime);
Botan::BigInt x = Botan::BigInt::decode(in, len);
diff --git a/src/extra_tests/fuzzers/jigs/ressol.cpp b/src/fuzzer/ressol.cpp
index 6fbb85690..17ba88b8b 100644
--- a/src/extra_tests/fuzzers/jigs/ressol.cpp
+++ b/src/fuzzer/ressol.cpp
@@ -4,7 +4,7 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/numthry.h>
#include <botan/reducer.h>
@@ -12,21 +12,21 @@ void fuzz(const uint8_t in[], size_t len)
{
// Ressol is mostly used for ECC point decompression so best to test smaller sizes
static const size_t p_bits = 256;
- static const BigInt p = random_prime(fuzzer_rng(), p_bits);
- static const Modular_Reducer mod_p(p);
+ static const Botan::BigInt p = random_prime(fuzzer_rng(), p_bits);
+ static const Botan::Modular_Reducer mod_p(p);
if(len > p_bits / 8)
return;
try
{
- const BigInt a = BigInt::decode(in, len);
- BigInt a_sqrt = Botan::ressol(a, p);
+ const Botan::BigInt a = Botan::BigInt::decode(in, len);
+ Botan::BigInt a_sqrt = Botan::ressol(a, p);
if(a_sqrt > 0)
{
- const BigInt a_redc = mod_p.reduce(a);
- const BigInt z = mod_p.square(a_sqrt);
+ const Botan::BigInt a_redc = mod_p.reduce(a);
+ const Botan::BigInt z = mod_p.square(a_sqrt);
if(z != a_redc)
{
diff --git a/src/extra_tests/fuzzers/jigs/tls_client.cpp b/src/fuzzer/tls_client.cpp
index d3fbd069c..197e97928 100644
--- a/src/extra_tests/fuzzers/jigs/tls_client.cpp
+++ b/src/fuzzer/tls_client.cpp
@@ -4,17 +4,17 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/tls_client.h>
-class Fuzzer_TLS_Client_Creds : public Credentials_Manager
+class Fuzzer_TLS_Client_Creds : public Botan::Credentials_Manager
{
public:
std::string psk_identity_hint(const std::string&, const std::string&) override { return "psk_hint"; }
std::string psk_identity(const std::string&, const std::string&, const std::string&) override { return "psk_id"; }
- SymmetricKey psk(const std::string&, const std::string&, const std::string&) override
+ Botan::SymmetricKey psk(const std::string&, const std::string&, const std::string&) override
{
- return SymmetricKey("AABBCCDDEEFF00112233445566778899");
+ return Botan::SymmetricKey("AABBCCDDEEFF00112233445566778899");
}
};
@@ -23,18 +23,18 @@ void fuzz(const uint8_t in[], size_t len)
if(len == 0)
return;
- auto dev_null = [](const byte[], size_t) {};
+ auto dev_null = [](const uint8_t[], size_t) {};
- auto ignore_alerts = [](TLS::Alert, const byte[], size_t) {};
- auto ignore_hs = [](const TLS::Session&) { abort(); return true; };
+ auto ignore_alerts = [](Botan::TLS::Alert, const uint8_t[], size_t) {};
+ auto ignore_hs = [](const Botan::TLS::Session&) { abort(); return true; };
- TLS::Session_Manager_Noop session_manager;
- TLS::Policy policy;
- TLS::Protocol_Version client_offer = TLS::Protocol_Version::TLS_V12;
- TLS::Server_Information info("server.name", 443);
+ Botan::TLS::Session_Manager_Noop session_manager;
+ Botan::TLS::Policy policy;
+ Botan::TLS::Protocol_Version client_offer = Botan::TLS::Protocol_Version::TLS_V12;
+ Botan::TLS::Server_Information info("server.name", 443);
Fuzzer_TLS_Client_Creds creds;
- TLS::Client client(dev_null,
+ Botan::TLS::Client client(dev_null,
dev_null,
ignore_alerts,
ignore_hs,
diff --git a/src/extra_tests/fuzzers/jigs/tls_client_hello.cpp b/src/fuzzer/tls_client_hello.cpp
index 7c95c7db3..28c77c9b6 100644
--- a/src/extra_tests/fuzzers/jigs/tls_client_hello.cpp
+++ b/src/fuzzer/tls_client_hello.cpp
@@ -3,7 +3,8 @@
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+
+#include "fuzzers.h"
#include <botan/tls_messages.h>
void fuzz(const uint8_t in[], size_t len)
diff --git a/src/extra_tests/fuzzers/jigs/tls_server.cpp b/src/fuzzer/tls_server.cpp
index a4e0d5f00..54586595f 100644
--- a/src/extra_tests/fuzzers/jigs/tls_server.cpp
+++ b/src/fuzzer/tls_server.cpp
@@ -4,7 +4,7 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
-#include "driver.h"
+#include "fuzzers.h"
#include <botan/tls_server.h>
const char* fixed_rsa_key =
@@ -59,13 +59,13 @@ const char* fixed_rsa_cert =
"Dk02a/1AOJZdZReDbgXhlqaUx5pk/rzo4mDzvu5HSCeXmClz\n"
"-----END CERTIFICATE-----\n";
-class Fuzzer_TLS_Server_Creds : public Credentials_Manager
+class Fuzzer_TLS_Server_Creds : public Botan::Credentials_Manager
{
public:
Fuzzer_TLS_Server_Creds()
{
- DataSource_Memory cert_in(fixed_rsa_cert);
- DataSource_Memory key_in(fixed_rsa_key);
+ Botan::DataSource_Memory cert_in(fixed_rsa_cert);
+ Botan::DataSource_Memory key_in(fixed_rsa_key);
m_rsa_cert.reset(new Botan::X509_Certificate(cert_in));
//m_rsa_key.reset(Botan::PKCS8::load_key(key_in, fuzzer_rng());
@@ -73,8 +73,8 @@ class Fuzzer_TLS_Server_Creds : public Credentials_Manager
std::vector<Botan::X509_Certificate> cert_chain(
const std::vector<std::string>& algos,
- const std::string& type,
- const std::string& hostname) override
+ const std::string& /*type*/,
+ const std::string& /*hostname*/) override
{
std::vector<Botan::X509_Certificate> v;
@@ -90,7 +90,7 @@ class Fuzzer_TLS_Server_Creds : public Credentials_Manager
return v;
}
- Botan::Private_Key* private_key_for(const Botan::X509_Certificate& cert,
+ Botan::Private_Key* private_key_for(const Botan::X509_Certificate& /*cert*/,
const std::string& /*type*/,
const std::string& /*context*/) override
{
@@ -99,9 +99,9 @@ class Fuzzer_TLS_Server_Creds : public Credentials_Manager
std::string psk_identity_hint(const std::string&, const std::string&) override { return "psk_hint"; }
std::string psk_identity(const std::string&, const std::string&, const std::string&) override { return "psk_id"; }
- SymmetricKey psk(const std::string&, const std::string&, const std::string&) override
+ Botan::SymmetricKey psk(const std::string&, const std::string&, const std::string&) override
{
- return SymmetricKey("AABBCCDDEEFF00112233445566778899");
+ return Botan::SymmetricKey("AABBCCDDEEFF00112233445566778899");
}
private:
std::unique_ptr<Botan::X509_Certificate> m_rsa_cert;
@@ -113,14 +113,14 @@ void fuzz(const uint8_t in[], size_t len)
if(len == 0)
return;
- auto dev_null = [](const byte[], size_t) {};
+ auto dev_null = [](const uint8_t[], size_t) {};
- auto ignore_alerts = [](TLS::Alert, const byte[], size_t) {};
- auto ignore_hs = [](const TLS::Session&) { return true; };
+ auto ignore_alerts = [](Botan::TLS::Alert, const uint8_t[], size_t) {};
+ auto ignore_hs = [](const Botan::TLS::Session&) { return true; };
- TLS::Session_Manager_Noop session_manager;
- TLS::Policy policy;
- TLS::Server_Information info("server.name", 443);
+ Botan::TLS::Session_Manager_Noop session_manager;
+ Botan::TLS::Policy policy;
+ Botan::TLS::Server_Information info("server.name", 443);
Fuzzer_TLS_Server_Creds creds;
auto next_proto_fn = [](const std::vector<std::string>& protos) -> std::string {
@@ -132,7 +132,7 @@ void fuzz(const uint8_t in[], size_t len)
const bool is_datagram = (len % 2 == 0);
- TLS::Server server(dev_null,
+ Botan::TLS::Server server(dev_null,
dev_null,
ignore_alerts,
ignore_hs,
diff --git a/src/lib/asn1/ber_dec.cpp b/src/lib/asn1/ber_dec.cpp
index bf728a8e8..67a2c9d8e 100644
--- a/src/lib/asn1/ber_dec.cpp
+++ b/src/lib/asn1/ber_dec.cpp
@@ -544,7 +544,9 @@ BER_Decoder& BER_Decoder::decode(secure_vector<uint8_t>& buffer,
throw BER_Decoding_Error("Bad number of unused bits in BIT STRING");
buffer.resize(obj.value.size() - 1);
- copy_mem(buffer.data(), &obj.value[1], obj.value.size() - 1);
+
+ if(obj.value.size() > 1)
+ copy_mem(buffer.data(), &obj.value[1], obj.value.size() - 1);
}
return (*this);
}
@@ -569,7 +571,9 @@ BER_Decoder& BER_Decoder::decode(std::vector<uint8_t>& buffer,
throw BER_Decoding_Error("Bad number of unused bits in BIT STRING");
buffer.resize(obj.value.size() - 1);
- copy_mem(buffer.data(), &obj.value[1], obj.value.size() - 1);
+
+ if(obj.value.size() > 1)
+ copy_mem(buffer.data(), &obj.value[1], obj.value.size() - 1);
}
return (*this);
}
diff --git a/src/lib/prov/openssl/openssl_rsa.cpp b/src/lib/prov/openssl/openssl_rsa.cpp
index 58a09cb0d..b1c73d851 100644
--- a/src/lib/prov/openssl/openssl_rsa.cpp
+++ b/src/lib/prov/openssl/openssl_rsa.cpp
@@ -171,7 +171,9 @@ class OpenSSL_RSA_Verification_Operation : public PK_Ops::Verification_with_EMSA
throw Invalid_Argument("OpenSSL RSA verify input too large");
secure_vector<uint8_t> inbuf(mod_sz);
- copy_mem(&inbuf[mod_sz - msg_len], msg, msg_len);
+
+ if(msg_len > 0)
+ copy_mem(&inbuf[mod_sz - msg_len], msg, msg_len);
secure_vector<uint8_t> outbuf(mod_sz);
diff --git a/src/scripts/ci/travis/build.sh b/src/scripts/ci/travis/build.sh
index 36517738b..bbf4e986c 100755
--- a/src/scripts/ci/travis/build.sh
+++ b/src/scripts/ci/travis/build.sh
@@ -23,6 +23,8 @@ elif [ "$BUILD_MODE" = "nist" ]; then
elif [ "$BUILD_MODE" = "sonarqube" ]; then
# No special flags required
CFG_FLAGS+=()
+elif [ "$BUILD_MODE" = "fuzzers" ]; then
+ CFG_FLAGS+=(--build-fuzzers=test --with-sanitizers --with-debug-info --disable-shared)
elif [ "$BUILD_MODE" = "parallel" ]; then
if [ "$CC" = "gcc" ]; then
@@ -32,7 +34,7 @@ elif [ "$BUILD_MODE" = "parallel" ]; then
fi
elif [ "$BUILD_MODE" = "coverage" ]; then
- CFG_FLAGS+=(--with-coverage --no-optimizations)
+ CFG_FLAGS+=(--with-coverage --build-fuzzers=test --no-optimizations)
elif [ "$BUILD_MODE" = "sanitizer" ]; then
export ASAN_OPTIONS=detect_leaks=0
CFG_FLAGS+=(--with-sanitizers --disable-modules=locking_allocator)
@@ -137,6 +139,11 @@ else
time "${MAKE_CMD[@]}"
fi
+if [ "$BUILD_MODE" = "fuzzers" ] || [ "$BUILD_MODE" = "coverage" ]; then
+ make fuzzers
+ make fuzzer_corpus_zip
+fi
+
# post-build ccache stats
ccache --show-stats
@@ -171,15 +178,21 @@ if [ "$BUILD_MODE" = "sonarqube" ]; then
# When neither on master branch nor on a non-external pull request => nothing to do
fi
-if [ "$BUILD_MODE" = "sonarqube" ] || [ "$BUILD_MODE" = "docs" ] || \
+if [ "$BUILD_MODE" = "sonarqube" ] || [ "$BUILD_MODE" = "docs" ] ||
( [ "${BUILD_MODE:0:5}" = "cross" ] && [ "$TRAVIS_OS_NAME" = "osx" ] ); then
echo "Running tests disabled on this build type"
-else
+
+elif [ "$BUILD_MODE" != "fuzzers" ]; then
TEST_CMD=("${TEST_PREFIX[@]}" $TEST_EXE "${TEST_FLAGS[@]}")
echo "Running" "${TEST_CMD[@]}"
time "${TEST_CMD[@]}"
fi
+if [ "$BUILD_MODE" = "fuzzers" ] || [ "$BUILD_MODE" = "coverage" ]; then
+ # Test each fuzzer against its corpus
+ LD_LIBRARY_PATH=. ./src/scripts/test_fuzzers.py fuzzer_corpus build/fuzzer
+fi
+
if [ "$BUILD_MODE" = "static" ] || [ "$BUILD_MODE" = "shared" ]
then
echo "Running cli tests ..."
diff --git a/src/scripts/create_corpus_zip.py b/src/scripts/create_corpus_zip.py
new file mode 100755
index 000000000..5faee3b52
--- /dev/null
+++ b/src/scripts/create_corpus_zip.py
@@ -0,0 +1,48 @@
+#!/usr/bin/python
+
+# These is used to create fuzzer corpus zip files
+
+# This is primarily used by OSS-Fuzz but might be useful if you were
+# deploying the binaries in a custom fuzzer deployment system.
+
+import sys
+import os
+import zipfile
+import stat
+
+def main(args=None):
+ if args is None:
+ args = sys.argv
+
+ if len(args) != 2 and len(args) != 3:
+ print("Usage: %s corpus_dir <output_dir>" % (args[0]))
+ return 1
+
+ root_dir = args[1]
+
+ if len(args) == 3:
+ output_dir = args[2]
+ else:
+ output_dir = ''
+
+ if not os.access(root_dir, os.R_OK):
+ print("Error could not access directory '%s'" % (root_dir))
+ return 1
+
+ for corpus_dir in os.listdir(root_dir):
+ if corpus_dir == '.git':
+ continue
+ subdir = os.path.join(root_dir, corpus_dir)
+ if not stat.S_ISDIR(os.stat(subdir).st_mode):
+ continue
+
+ zipfile_path = os.path.join(output_dir, '%s.zip' % (corpus_dir))
+ zf = zipfile.ZipFile(zipfile_path, 'w', zipfile.ZIP_DEFLATED)
+ for f in os.listdir(subdir):
+ zf.write(os.path.join(subdir, f), f)
+ zf.close()
+
+ return 0
+
+if __name__ == '__main__':
+ sys.exit(main())
diff --git a/src/scripts/test_fuzzers.py b/src/scripts/test_fuzzers.py
new file mode 100755
index 000000000..9b813f013
--- /dev/null
+++ b/src/scripts/test_fuzzers.py
@@ -0,0 +1,130 @@
+#!/usr/bin/python
+
+import sys
+import os
+import subprocess
+import optparse
+import stat
+
+def run_fuzzer(fuzzer_bin, corpus_file, run_under_gdb):
+
+ if run_under_gdb:
+ gdb_proc = subprocess.Popen(['gdb', '--quiet', '--return-child-result', fuzzer_bin],
+ stdin=subprocess.PIPE,
+ stdout=subprocess.PIPE,
+ stderr=subprocess.PIPE,
+ close_fds=True)
+
+ gdb_commands = ('run < %s\nbt\nquit\n' % (corpus_file)).encode('ascii')
+
+ (stdout, stderr) = gdb_proc.communicate(gdb_commands)
+
+ if gdb_proc.returncode == 0:
+ return (0, '', '')
+
+ return (gdb_proc.returncode, stdout.decode('ascii'), stderr.decode('ascii'))
+ else:
+ corpus_fd = open(corpus_file, 'r')
+ fuzzer_proc = subprocess.Popen([fuzzer_bin], stdin=corpus_fd,
+ stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True)
+ (stdout, stderr) = fuzzer_proc.communicate()
+ corpus_fd.close()
+ return (fuzzer_proc.returncode, stdout.decode('ascii'), stderr.decode('ascii'))
+
+def main(args=None):
+ if args is None:
+ args = sys.argv
+
+ parser = optparse.OptionParser(
+ usage='Usage: %prog [options] corpus_dir fuzzers_dir',
+ )
+
+ parser.add_option('--gdb', action='store_true',
+ help='Run under GDB and capture backtraces')
+
+ (options, args) = parser.parse_args(args)
+
+ if len(args) != 3:
+ parser.print_usage()
+ return 1
+
+ corpus_dir = args[1]
+ fuzzer_dir = args[2]
+
+ if not os.access(corpus_dir, os.R_OK):
+ print("Error could not access corpus directory '%s'" % (corpus_dir))
+ return 1
+
+ if not os.access(fuzzer_dir, os.R_OK):
+ print("Error could not access fuzzers directory '%s'" % (fuzzer_dir))
+ return 1
+
+ fuzzers = set([])
+ for fuzzer in os.listdir(fuzzer_dir):
+ if fuzzer.endswith('.zip'):
+ continue
+ fuzzers.add(fuzzer)
+
+ corpii = set([])
+ for corpus in os.listdir(corpus_dir):
+ # Ignore regular files in toplevel dir
+ if not stat.S_ISDIR(os.stat(os.path.join(corpus_dir, corpus)).st_mode):
+ continue
+
+ if corpus == '.git':
+ continue
+
+ corpii.add(corpus)
+
+ fuzzers_without_corpus = fuzzers - corpii
+ corpus_without_fuzzers = corpii - fuzzers
+
+ for f in sorted(list(fuzzers_without_corpus)):
+ print("Warning: Fuzzer %s has no corpus" % (f))
+ for c in sorted(list(corpus_without_fuzzers)):
+ print("Warning: Corpus %s has no fuzzer" % (c))
+
+ fuzzers_with_corpus = fuzzers & corpii
+
+ crash_count = 0
+ stderr_count = 0
+ stdout_count = 0
+
+ gdb_commands = None
+
+ for f in sorted(list(fuzzers_with_corpus)):
+ fuzzer_bin = os.path.join(fuzzer_dir, f)
+ corpus_files = os.path.join(corpus_dir, f)
+
+ tests_for_this_fuzzer = 0
+
+ for corpus_file in sorted(list(os.listdir(corpus_files))):
+
+ tests_for_this_fuzzer += 1
+
+ corpus_full_path = os.path.join(corpus_files, corpus_file)
+
+ (retcode, stdout, stderr) = run_fuzzer(fuzzer_bin, corpus_full_path, options.gdb)
+
+ if retcode != 0:
+ print("Fuzzer %s crashed with input %s returncode %d" % (f, corpus_file, retcode))
+ crash_count += 1
+
+ if len(stdout) != 0:
+ print("Fuzzer %s produced stdout on input %s:\n%s" % (f, corpus_file, stdout))
+ stdout_count += 1
+
+ if len(stderr) != 0:
+ print("Fuzzer %s produced stderr on input %s:\n%s" % (f, corpus_file, stderr))
+ stderr_count += 1
+
+ print("Tested fuzzer %s with %d test cases, %d crashes" % (f, tests_for_this_fuzzer, crash_count))
+ sys.stdout.flush()
+
+ if crash_count > 0 or stderr_count > 0 or stdout_count > 0:
+ print("Ran fuzzer tests, %d crashes %d stdout %d stderr" % (crash_count, stdout_count, stderr_count))
+ return 2
+ return 0
+
+if __name__ == '__main__':
+ sys.exit(main())
diff --git a/src/tests/data/fuzz/pkcs8/ecc_overflow.pem b/src/tests/data/fuzz/pkcs8/ecc_overflow.pem
deleted file mode 100644
index 3b52a3ee0..000000000
--- a/src/tests/data/fuzz/pkcs8/ecc_overflow.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIBjQIBADCCAU0GByqGSM49AgEwggFAAgEBMDwGByqGSM49AQECMQCMuR6Cozht
-KA9db35Q5kHfFS9xCe1UVrQSsdoZf7cRI6zTpymQHRpxh0cAEzEH7FMwZAQwe8OC
-xj2MFQw8cggKzgWvoMK+oo5PsieHE5Fl77qR+Q+KpYFKUDrU6wSox90izigmBDAE
-qMfdIs4oJos5tVQW8ER8L7d94Qfc0qYuiA6lPuti1Xy0OQKV28mUOreGlvpQTBEE
-YQPdHGTwaM9F/6KmOoG3wT9riEej537xT+Pbf8r+DL0Q6Ogm4DQ21kaq74ey4kfU
-rx6Kvh11IPnCpFyx646Vz9VSYrcLKf7sWGThnAVP+ZEpKA5GRiF3kYERQoIDQSY8
-UxUCMQCMuR6CozhtKA9db35Q5kHfFS9xCe1UVrMfFm5srAQlp886tq9rf8MQO4gy
-AukEZWUCAQEENzA1AgEBBDB5HVMmAiyXDGqBKoKEHNIk02EMVKKdHqXG6kDInWC/
-R4ZVuXK3T8DqJrRX7RHxndk=
------END PRIVATE KEY-----
diff --git a/src/tests/data/fuzz/x509/afl_000.pem b/src/tests/data/fuzz/x509/afl_000.pem
deleted file mode 100644
index 5bd3a97d0..000000000
--- a/src/tests/data/fuzz/x509/afl_000.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIEYMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_001.pem b/src/tests/data/fuzz/x509/afl_001.pem
deleted file mode 100644
index 9bf1fcecb..000000000
--- a/src/tests/data/fuzz/x509/afl_001.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MICzAJBGCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_002.pem b/src/tests/data/fuzz/x509/afl_002.pem
deleted file mode 100644
index fbadfd772..000000000
--- a/src/tests/data/fuzz/x509/afl_002.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4EAABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_003.pem b/src/tests/data/fuzz/x509/afl_003.pem
deleted file mode 100644
index 86041ccfd..000000000
--- a/src/tests/data/fuzz/x509/afl_003.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgOjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWzXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_004.pem b/src/tests/data/fuzz/x509/afl_004.pem
deleted file mode 100644
index 4c818d9c3..000000000
--- a/src/tests/data/fuzz/x509/afl_004.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4EAADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_005.pem b/src/tests/data/fuzz/x509/afl_005.pem
deleted file mode 100644
index fa101ff3a..000000000
--- a/src/tests/data/fuzz/x509/afl_005.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MICATECCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1uEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_006.pem b/src/tests/data/fuzz/x509/afl_006.pem
deleted file mode 100644
index af95cabfb..000000000
--- a/src/tests/data/fuzz/x509/afl_006.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCCqGSIb9ycEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG6yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAU4AwAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_007.pem b/src/tests/data/fuzz/x509/afl_007.pem
deleted file mode 100644
index 30145a8fa..000000000
--- a/src/tests/data/fuzz/x509/afl_007.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MICAIN CAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_008.pem b/src/tests/data/fuzz/x509/afl_008.pem
deleted file mode 100644
index 5be654ce4..000000000
--- a/src/tests/data/fuzz/x509/afl_008.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMfAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIEYMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_009.pem b/src/tests/data/fuzz/x509/afl_009.pem
deleted file mode 100644
index 7434298ea..000000000
--- a/src/tests/data/fuzz/x509/afl_009.pem
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CERTIFICATE-----
-MICATECCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhUgQ3liZXJU
-cnVzdcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_010.pem b/src/tests/data/fuzz/x509/afl_010.pem
deleted file mode 100644
index 2640094e5..000000000
--- a/src/tests/data/fuzz/x509/afl_010.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAAIGHADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwADAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_011.pem b/src/tests/data/fuzz/x509/afl_011.pem
deleted file mode 100644
index 176669d6d..000000000
--- a/src/tests/data/fuzz/x509/afl_011.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MICATECCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTA0GCSqGSIb3DQEBBAUAMEUxCMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OT1wWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXvcmApy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_012.pem b/src/tests/data/fuzz/x509/afl_012.pem
deleted file mode 100644
index baf1a7786..000000000
--- a/src/tests/data/fuzz/x509/afl_012.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MICATECCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OPI2PnPfMD+fQ2qLTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAFMQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_013.pem b/src/tests/data/fuzz/x509/afl_013.pem
deleted file mode 100644
index bbb050f76..000000000
--- a/src/tests/data/fuzz/x509/afl_013.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MICATECCAWMCAgGjMA0GCSqGAMTE0dURSBDeWJlcXRydXN0ISIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlcXRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor7M4sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9t1tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_014.pem b/src/tests/data/fuzz/x509/afl_014.pem
deleted file mode 100644
index b68d8c8e2..000000000
--- a/src/tests/data/fuzz/x509/afl_014.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCATDKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_015.pem b/src/tests/data/fuzz/x509/afl_015.pem
deleted file mode 100644
index ea8638e31..000000000
--- a/src/tests/data/fuzz/x509/afl_015.pem
+++ /dev/null
@@ -1,5 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVgYD
-VQQKEw9HVEUgQ29ycG9yYX===============================lR===============================ydXN0IFJv
-b3QwHhcNOTYwMY
------END CEc \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_016.pem b/src/tests/data/fuzz/x509/afl_016.pem
deleted file mode 100644
index 3bd2fc312..000000000
--- a/src/tests/data/fuzz/x509/afl_016.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIBBAUAMEUxCCATEgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBHeFhVYAA1DeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPm1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAO4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1LvZ46WXTeorKeDWanOB5rCJo9Px4KWl
-IjeaY8JIILTbcRPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_017.pem b/src/tests/data/fuzz/x509/afl_017.pem
deleted file mode 100644
index 6ec87b82b..000000000
--- a/src/tests/data/fuzz/x509/afl_017.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIBBAUAMEUxCCATEgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMpK+ULjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPm1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAO4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5rCJo9Px4KWl
-IjeaY8JIILTbcRPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_018.pem b/src/tests/data/fuzz/x509/afl_018.pem
deleted file mode 100644
index be7ecaec6..000000000
--- a/src/tests/data/fuzz/x509/afl_018.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKAgQc45k+625h8BSb2
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_019.pem b/src/tests/data/fuzz/x509/afl_019.pem
deleted file mode 100644
index d0603430f..000000000
--- a/src/tests/data/fuzz/x509/afl_019.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xgDCERTNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQA45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_020.pem b/src/tests/data/fuzz/x509/afl_020.pem
deleted file mode 100644
index 10cba363d..000000000
--- a/src/tests/data/fuzz/x509/afl_020.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MICfMA0GCSqGSIb3DQEBAQUAA4RHADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_021.pem b/src/tests/data/fuzz/x509/afl_021.pem
deleted file mode 100644
index 5e861a5aa..000000000
--- a/src/tests/data/fuzz/x509/afl_021.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCZgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAlWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46-----BKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_022.pem b/src/tests/data/fuzz/x509/afl_022.pem
deleted file mode 100644
index 7ffa58208..000000000
--- a/src/tests/data/fuzz/x509/afl_022.pem
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUKQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4BSb2CBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt CERTiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_023.pem b/src/tests/data/fuzz/x509/afl_023.pem
deleted file mode 100644
index ace8de7a1..000000000
--- a/src/tests/data/fuzz/x509/afl_023.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MICAgECCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4RBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE----- \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_024.pem b/src/tests/data/fuzz/x509/afl_024.pem
deleted file mode 100644
index 57243fc2e..000000000
--- a/src/tests/data/fuzz/x509/afl_024.pem
+++ /dev/null
@@ -1,3 +0,0 @@
-0�q�-
-MIIvLmCCAW]C---BE���CERT---
-MIIvcmCCAW]C \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_025.pem b/src/tests/data/fuzz/x509/afl_025.pem
deleted file mode 100644
index f1e877697..000000000
--- a/src/tests/data/fuzz/x509/afl_025.pem
+++ /dev/null
@@ -1,3 +0,0 @@
-0�q�-
-MIIfLm CAW]C--����mCCAW-BE����CERT-#-
-MIIvGmCCAW]C \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_026.pem b/src/tests/data/fuzz/x509/afl_026.pem
deleted file mode 100644
index 899e1d71d..000000000
--- a/src/tests/data/fuzz/x509/afl_026.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_027.pem b/src/tests/data/fuzz/x509/afl_027.pem
deleted file mode 100644
index 8504c3d8c..000000000
--- a/src/tests/data/fuzz/x509/afl_027.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_028.pem b/src/tests/data/fuzz/x509/afl_028.pem
deleted file mode 100644
index d4f588112..000000000
--- a/src/tests/data/fuzz/x509/afl_028.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_029.pem b/src/tests/data/fuzz/x509/afl_029.pem
deleted file mode 100644
index 59591e0b8..000000000
--- a/src/tests/data/fuzz/x509/afl_029.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_030.pem b/src/tests/data/fuzz/x509/afl_030.pem
deleted file mode 100644
index be3106dcc..000000000
--- a/src/tests/data/fuzz/x509/afl_030.pem
+++ /dev/null
@@ -1 +0,0 @@
-0����----BcCAWqG \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_031.pem b/src/tests/data/fuzz/x509/afl_031.pem
deleted file mode 100644
index 1bdb26461..000000000
--- a/src/tests/data/fuzz/x509/afl_031.pem
+++ /dev/null
@@ -1 +0,0 @@
-0�q�BEG���II�m8CAW]C \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_032.pem b/src/tests/data/fuzz/x509/afl_032.pem
deleted file mode 100644
index 436f7ce70..000000000
--- a/src/tests/data/fuzz/x509/afl_032.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_033.pem b/src/tests/data/fuzz/x509/afl_033.pem
deleted file mode 100644
index f1aa4028e..000000000
--- a/src/tests/data/fuzz/x509/afl_033.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_034.pem b/src/tests/data/fuzz/x509/afl_034.pem
deleted file mode 100644
index 11c8448d0..000000000
--- a/src/tests/data/fuzz/x509/afl_034.pem
+++ /dev/null
@@ -1,4 +0,0 @@
------BEGIN CERTIFICATE-----
-MIBBAUAMEUxCzAJBgNoBAYTAlVTMRgwFgYT
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHXY
------END CERTIFICATE-----DA \ No newline at end of file
diff --git a/src/tests/data/fuzz/x509/afl_035.pem b/src/tests/data/fuzz/x509/afl_035.pem
deleted file mode 100644
index 1ff6f1f71..000000000
--- a/src/tests/data/fuzz/x509/afl_035.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_036.pem b/src/tests/data/fuzz/x509/afl_036.pem
deleted file mode 100644
index 8171e93c9..000000000
--- a/src/tests/data/fuzz/x509/afl_036.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_037.pem b/src/tests/data/fuzz/x509/afl_037.pem
deleted file mode 100644
index f3f4403b9..000000000
--- a/src/tests/data/fuzz/x509/afl_037.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_038.pem b/src/tests/data/fuzz/x509/afl_038.pem
deleted file mode 100644
index bfdd13e44..000000000
--- a/src/tests/data/fuzz/x509/afl_038.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_039.pem b/src/tests/data/fuzz/x509/afl_039.pem
deleted file mode 100644
index 9e888f879..000000000
--- a/src/tests/data/fuzz/x509/afl_039.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_040.pem b/src/tests/data/fuzz/x509/afl_040.pem
deleted file mode 100644
index dbde6a784..000000000
--- a/src/tests/data/fuzz/x509/afl_040.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_041.pem b/src/tests/data/fuzz/x509/afl_041.pem
deleted file mode 100644
index 5405ae442..000000000
--- a/src/tests/data/fuzz/x509/afl_041.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_042.pem b/src/tests/data/fuzz/x509/afl_042.pem
deleted file mode 100644
index 6862f605a..000000000
--- a/src/tests/data/fuzz/x509/afl_042.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_043.pem b/src/tests/data/fuzz/x509/afl_043.pem
deleted file mode 100644
index 56b0ddead..000000000
--- a/src/tests/data/fuzz/x509/afl_043.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_044.pem b/src/tests/data/fuzz/x509/afl_044.pem
deleted file mode 100644
index c250a4c73..000000000
--- a/src/tests/data/fuzz/x509/afl_044.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_045.pem b/src/tests/data/fuzz/x509/afl_045.pem
deleted file mode 100644
index d3d2fbb7f..000000000
--- a/src/tests/data/fuzz/x509/afl_045.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_046.pem b/src/tests/data/fuzz/x509/afl_046.pem
deleted file mode 100644
index 0c65e9a45..000000000
--- a/src/tests/data/fuzz/x509/afl_046.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_047.pem b/src/tests/data/fuzz/x509/afl_047.pem
deleted file mode 100644
index 9e1ad3030..000000000
--- a/src/tests/data/fuzz/x509/afl_047.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_048.pem b/src/tests/data/fuzz/x509/afl_048.pem
deleted file mode 100644
index e7f577414..000000000
--- a/src/tests/data/fuzz/x509/afl_048.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_049.pem b/src/tests/data/fuzz/x509/afl_049.pem
deleted file mode 100644
index 60a5b63bd..000000000
--- a/src/tests/data/fuzz/x509/afl_049.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_050.pem b/src/tests/data/fuzz/x509/afl_050.pem
deleted file mode 100644
index 2407ec731..000000000
--- a/src/tests/data/fuzz/x509/afl_050.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_051.pem b/src/tests/data/fuzz/x509/afl_051.pem
deleted file mode 100644
index c6f0bf36f..000000000
--- a/src/tests/data/fuzz/x509/afl_051.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/afl_052.pem b/src/tests/data/fuzz/x509/afl_052.pem
deleted file mode 100644
index 3f2b126f6..000000000
--- a/src/tests/data/fuzz/x509/afl_052.pem
+++ /dev/null
Binary files differ
diff --git a/src/tests/data/fuzz/x509/cve_2017_2801.der b/src/tests/data/fuzz/x509/cve_2017_2801.der
deleted file mode 100644
index fe615d2c4..000000000
--- a/src/tests/data/fuzz/x509/cve_2017_2801.der
+++ /dev/null
Binary files differ
diff --git a/src/tests/test_fuzzer.cpp b/src/tests/test_fuzzer.cpp
deleted file mode 100644
index 85dde5859..000000000
--- a/src/tests/test_fuzzer.cpp
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
-* (C) 2015 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#include "tests.h"
-#include <chrono>
-#include <botan/internal/filesystem.h>
-
-#if defined(BOTAN_HAS_X509_CERTIFICATES)
- #include <botan/x509cert.h>
- #include <botan/x509_crl.h>
- #include <botan/base64.h>
-#endif
-
-#if defined(BOTAN_HAS_PUBLIC_KEY_CRYPTO)
- #include <botan/pkcs8.h>
-#endif
-
-namespace Botan_Tests {
-
-namespace {
-
-class Fuzzer_Input_Tests : public Test
- {
- public:
- std::vector<Test::Result> run() override
- {
- std::vector<Test::Result> results;
-#if defined(BOTAN_HAS_X509_CERTIFICATES)
- results.push_back(test_x509_fuzz());
-#endif
-
-#if defined(BOTAN_HAS_PUBLIC_KEY_CRYPTO)
- results.push_back(test_pkcs8());
-#endif
- return results;
- }
-
- private:
-
-#if defined(BOTAN_HAS_PUBLIC_KEY_CRYPTO)
- Test::Result test_pkcs8()
- {
- std::vector<std::string> files;
-
- Test::Result result("PKCS #8 fuzzing");
-
- try
- {
- files = Botan::get_files_recursive(Test::data_dir() + "/fuzz/pkcs8");
- }
- catch(Botan::No_Filesystem_Access)
- {
- result.note_missing("Filesystem readdir wrapper not implemented");
- return result;
- }
-
- for(auto vec_file : files)
- {
- try
- {
- std::unique_ptr<Botan::Private_Key> key(
- Botan::PKCS8::load_key(vec_file, Test::rng()));
- }
- catch(std::exception&) {}
-
- result.test_success();
- }
-
- return result;
- }
-#endif
-
-#if defined(BOTAN_HAS_X509_CERTIFICATES)
- Test::Result test_x509_fuzz()
- {
- Test::Result result("X.509 fuzzing");
-
- std::vector<std::string> files;
-
- try
- {
- files = Botan::get_files_recursive(Test::data_dir() + "/fuzz/x509");
- }
- catch(Botan::No_Filesystem_Access)
- {
- result.note_missing("Filesystem access");
- return result;
- }
-
- for(auto vec_file : files)
- {
- auto start = std::chrono::steady_clock::now();
-
- try
- {
- // TODO: check for memory consumption?
- Botan::X509_Certificate cert(vec_file);
- }
- catch(std::exception&)
- {
- }
-
- result.test_success();
-
- auto end = std::chrono::steady_clock::now();
-
- uint64_t duration = std::chrono::duration_cast<std::chrono::milliseconds>(end - start).count();
-
- if(duration > 100)
- {
- result.test_note("Fuzzer test " + vec_file + " took " + std::to_string(duration) + " ms");
- }
- }
-
- return result;
- }
-#endif
- };
-
-BOTAN_REGISTER_TEST("fuzzer", Fuzzer_Input_Tests);
-
-
-}
-
-}