21848380424

Committed 10 Feb 2026 01:47AM UTC coverage: 91.634% (+1.6%) from 90.069%

Build # 21848380424

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #5296 from randombit/jack/tls-header-patrol

Various changes to reduce header dependencies in TLS

Run Details

104002 of 113497 relevant lines covered (91.63%)

11230277.53 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

33.8

/src/fuzzer/tls_server.cpp

/*
* (C) 2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "fuzzers.h"

#include <botan/data_src.h>
#include <botan/hex.h>
#include <botan/pkcs8.h>
#include <botan/tls_callbacks.h>
#include <botan/tls_ciphersuite.h>
#include <botan/tls_external_psk.h>
#include <botan/tls_policy.h>
#include <botan/tls_server.h>
#include <botan/tls_server_info.h>
#include <botan/tls_session_manager_noop.h>
#include <botan/x509cert.h>

#include <memory>

namespace {

const char* const fixed_ecdsa_key =
   "-----BEGIN PRIVATE KEY-----"
   "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfUjnfxgvrIyrqa5N"
   "47X1W50cVStDPbASwRcY6zqehjyhRANCAAQTNF0poMBM4tuCY50NrDJU8za/SK45"
   "erOdFpGK7KRWtBE9zNj6J0f1UB+K8GdekFD2me+iL63v+uBqo/PHRPT9"
   "-----END PRIVATE KEY-----";

const char* const fixed_ecdsa_cert =
   "-----BEGIN CERTIFICATE-----"
   "MIIB3zCCAYWgAwIBAgIRAPFi6dun9OY7YLuZHqKzdEMwCgYIKoZIzj0EAwIwOTEa"
   "MBgGA1UEAwwRSXQncyBGdXp6aW5nIFRpbWUxCzAJBgNVBAYTAlZUMQ4wDAYDVQQK"
   "EwVCb3RhbjAeFw0yNTAxMjAxMzI0MjdaFw0zODAxMTgxMzI0MjdaMDkxGjAYBgNV"
   "BAMMEUl0J3MgRnV6emluZyBUaW1lMQswCQYDVQQGEwJWVDEOMAwGA1UEChMFQm90"
   "YW4wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQTNF0poMBM4tuCY50NrDJU8za/"
   "SK45erOdFpGK7KRWtBE9zNj6J0f1UB+K8GdekFD2me+iL63v+uBqo/PHRPT9o24w"
   "bDAhBgNVHQ4EGgQYevp/SCkZVWPKNAUSez17HTOyneXEWwpEMBQGA1UdEQQNMAuC"
   "CWxvY2FsaG9zdDAMBgNVHRMBAf8EAjAAMCMGA1UdIwQcMBqAGHr6f0gpGVVjyjQF"
   "Ens9ex0zsp3lxFsKRDAKBggqhkjOPQQDAgNIADBFAiEApqVCYhySxK/8GLq8wlPh"
   "MeBg8CwKO83s1h/GYQZD4CUCID5Mzh5mwrkkAuSENjLXAD4dtiu91Zsoye5J0uuU"
   "60v7"
   "-----END CERTIFICATE-----";

class Fuzzer_TLS_Server_Creds : public Botan::Credentials_Manager {
   public:
      Fuzzer_TLS_Server_Creds() {
         Botan::DataSource_Memory cert_in(fixed_ecdsa_cert);
         m_ecdsa_cert = std::make_unique<Botan::X509_Certificate>(cert_in);

         Botan::DataSource_Memory key_in(fixed_ecdsa_key);
         m_ecdsa_key.reset(Botan::PKCS8::load_key(key_in).release());
      }

      std::vector<Botan::X509_Certificate> cert_chain(
         const std::vector<std::string>& algos,
         const std::vector<Botan::AlgorithmIdentifier>& /*signature_schemes*/,
         const std::string& /*type*/,
         const std::string& /*hostname*/) override {
         std::vector<Botan::X509_Certificate> v;

         for(const auto& algo : algos) {
            if(algo == "ECDSA") {
               v.push_back(*m_ecdsa_cert);
               break;
            }
         }

         return v;
      }

      std::shared_ptr<Botan::Private_Key> private_key_for(const Botan::X509_Certificate& /*cert*/,
                                                          const std::string& type,
                                                          const std::string& /*context*/) override {
         if(type == "ECDSA") {
            return m_ecdsa_key;
         }
         return nullptr;
      }

      Botan::secure_vector<uint8_t> session_ticket_key() override {
         return Botan::hex_decode_locked("AABBCCDDEEFF00112233445566778899");
      }

      Botan::secure_vector<uint8_t> dtls_cookie_secret() override {
         return Botan::hex_decode_locked("AABBCCDDEEFF00112233445566778899");
      }

      std::string psk_identity_hint(const std::string& /*type*/, const std::string& /*context*/) override {
         return "psk_hint";
      }

      std::string psk_identity(const std::string& /*type*/,
                               const std::string& /*context*/,
                               const std::string& /*hint*/) override {
         return "psk_id";
      }

      std::vector<Botan::TLS::ExternalPSK> find_preshared_keys(
         std::string_view host,
         Botan::TLS::Connection_Side whoami,
         const std::vector<std::string>& identities = {},
         const std::optional<std::string>& prf = std::nullopt) override {
         if(!identities.empty() && std::find(identities.begin(), identities.end(), "psk_id") == identities.end()) {
            return Botan::Credentials_Manager::find_preshared_keys(host, whoami, identities, prf);
         }

         std::vector<Botan::TLS::ExternalPSK> psks;
         psks.emplace_back("psk_id", "SHA-256", Botan::hex_decode_locked("AABBCCDDEEFF00112233445566778899"));
         return psks;
      }

   private:
      std::unique_ptr<Botan::X509_Certificate> m_ecdsa_cert;
      std::shared_ptr<Botan::Private_Key> m_ecdsa_key;
};

class Fuzzer_TLS_Policy : public Botan::TLS::Policy {
   public:
      std::vector<uint16_t> ciphersuite_list(Botan::TLS::Protocol_Version version) const override {
         std::vector<uint16_t> ciphersuites;

         for(auto&& suite : Botan::TLS::Ciphersuite::all_known_ciphersuites()) {
            if(suite.valid() and suite.usable_in_version(version)) {
               ciphersuites.push_back(suite.ciphersuite_code());
            }
         }

         return ciphersuites;
      }
};

class Fuzzer_TLS_Server_Callbacks : public Botan::TLS::Callbacks {
   public:
      void tls_emit_data(std::span<const uint8_t> /*data*/) override {
         // discard
      }

      void tls_record_received(uint64_t /*rec*/, std::span<const uint8_t> /*data*/) override {
         // ignore peer data
      }

      void tls_alert(Botan::TLS::Alert /*alert*/) override {
         // ignore alert
      }

      std::string tls_server_choose_app_protocol(const std::vector<std::string>& client_protos) override {
         if(client_protos.size() > 1) {
            return client_protos[0];
         } else {
            return "fuzzy";
         }
      }

      void tls_verify_cert_chain(const std::vector<Botan::X509_Certificate>& cert_chain,
                                 const std::vector<std::optional<Botan::OCSP::Response>>& ocsp_responses,
                                 const std::vector<Botan::Certificate_Store*>& trusted_roots,
                                 Botan::Usage_Type usage,
                                 std::string_view hostname,
                                 const Botan::TLS::Policy& policy) override {
         try {
            // try to validate to exercise those code paths
            Botan::TLS::Callbacks::tls_verify_cert_chain(
               cert_chain, ocsp_responses, trusted_roots, usage, hostname, policy);
         } catch(...) {
            // ignore validation result
         }
      }
};

}  // namespace

void fuzz(std::span<const uint8_t> in) {
   if(in.size() <= 1) {
      return;
   }

   auto session_manager = std::make_shared<Botan::TLS::Session_Manager_Noop>();
   auto policy = std::make_shared<Fuzzer_TLS_Policy>();
   const Botan::TLS::Server_Information info("server.name", 443);
   auto creds = std::make_shared<Fuzzer_TLS_Server_Creds>();
   auto callbacks = std::make_shared<Fuzzer_TLS_Server_Callbacks>();

   const bool is_datagram = (in[0] & 1) == 1;

   Botan::TLS::Server server(callbacks, session_manager, creds, policy, fuzzer_rng_as_shared(), is_datagram);

   try {
      server.received_data(in.subspan(1, in.size() - 1));
   } catch(const std::exception& e) {}
}

1	/*
2	* (C) 2015,2016 Jack Lloyd
3	*
4	* Botan is released under the Simplified BSD License (see license.txt)
5	*/
6
7	#include "fuzzers.h"
8
9	#include <botan/data_src.h>
10	#include <botan/hex.h>
11	#include <botan/pkcs8.h>
12	#include <botan/tls_callbacks.h>
13	#include <botan/tls_ciphersuite.h>
14	#include <botan/tls_external_psk.h>
15	#include <botan/tls_policy.h>
16	#include <botan/tls_server.h>
17	#include <botan/tls_server_info.h>
18	#include <botan/tls_session_manager_noop.h>
19	#include <botan/x509cert.h>
20
21	#include <memory>
22
23	namespace {
24
25	const char* const fixed_ecdsa_key =
26	"-----BEGIN PRIVATE KEY-----"
27	"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfUjnfxgvrIyrqa5N"
28	"47X1W50cVStDPbASwRcY6zqehjyhRANCAAQTNF0poMBM4tuCY50NrDJU8za/SK45"
29	"erOdFpGK7KRWtBE9zNj6J0f1UB+K8GdekFD2me+iL63v+uBqo/PHRPT9"
30	"-----END PRIVATE KEY-----";
31
32	const char* const fixed_ecdsa_cert =
33	"-----BEGIN CERTIFICATE-----"
34	"MIIB3zCCAYWgAwIBAgIRAPFi6dun9OY7YLuZHqKzdEMwCgYIKoZIzj0EAwIwOTEa"
35	"MBgGA1UEAwwRSXQncyBGdXp6aW5nIFRpbWUxCzAJBgNVBAYTAlZUMQ4wDAYDVQQK"
36	"EwVCb3RhbjAeFw0yNTAxMjAxMzI0MjdaFw0zODAxMTgxMzI0MjdaMDkxGjAYBgNV"
37	"BAMMEUl0J3MgRnV6emluZyBUaW1lMQswCQYDVQQGEwJWVDEOMAwGA1UEChMFQm90"
38	"YW4wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQTNF0poMBM4tuCY50NrDJU8za/"
39	"SK45erOdFpGK7KRWtBE9zNj6J0f1UB+K8GdekFD2me+iL63v+uBqo/PHRPT9o24w"
40	"bDAhBgNVHQ4EGgQYevp/SCkZVWPKNAUSez17HTOyneXEWwpEMBQGA1UdEQQNMAuC"
41	"CWxvY2FsaG9zdDAMBgNVHRMBAf8EAjAAMCMGA1UdIwQcMBqAGHr6f0gpGVVjyjQF"
42	"Ens9ex0zsp3lxFsKRDAKBggqhkjOPQQDAgNIADBFAiEApqVCYhySxK/8GLq8wlPh"
43	"MeBg8CwKO83s1h/GYQZD4CUCID5Mzh5mwrkkAuSENjLXAD4dtiu91Zsoye5J0uuU"
44	"60v7"
45	"-----END CERTIFICATE-----";
46
47	class Fuzzer_TLS_Server_Creds : public Botan::Credentials_Manager {
48	public:
49	Fuzzer_TLS_Server_Creds() {	1,128✔
50	Botan::DataSource_Memory cert_in(fixed_ecdsa_cert);	1,128✔
51	m_ecdsa_cert = std::make_unique<Botan::X509_Certificate>(cert_in);	1,128✔
52
53	Botan::DataSource_Memory key_in(fixed_ecdsa_key);	1,128✔
54	m_ecdsa_key.reset(Botan::PKCS8::load_key(key_in).release());	2,256✔
55	}	2,256✔
56
57	std::vector<Botan::X509_Certificate> cert_chain(	×
58	const std::vector<std::string>& algos,
59	const std::vector<Botan::AlgorithmIdentifier>& /signature_schemes/,
60	const std::string& /type/,
61	const std::string& /hostname/) override {
62	std::vector<Botan::X509_Certificate> v;	×
63
64	for(const auto& algo : algos) {	×
65	if(algo == "ECDSA") {	×
66	v.push_back(*m_ecdsa_cert);	×
67	break;
68	}
69	}
70
71	return v;	×
72	}	×
73
74	std::shared_ptr<Botan::Private_Key> private_key_for(const Botan::X509_Certificate& /cert/,	×
75	const std::string& type,
76	const std::string& /context/) override {
77	if(type == "ECDSA") {	×
78	return m_ecdsa_key;	×
79	}
80	return nullptr;	×
81	}
82
83	Botan::secure_vector<uint8_t> session_ticket_key() override {	×
84	return Botan::hex_decode_locked("AABBCCDDEEFF00112233445566778899");	×
85	}
86
87	Botan::secure_vector<uint8_t> dtls_cookie_secret() override {	×
88	return Botan::hex_decode_locked("AABBCCDDEEFF00112233445566778899");	×
89	}
90
91	std::string psk_identity_hint(const std::string& /type/, const std::string& /context/) override {	×
92	return "psk_hint";	×
93	}
94
95	std::string psk_identity(const std::string& /type/,	×
96	const std::string& /context/,
97	const std::string& /hint/) override {
98	return "psk_id";	×
99	}
100
101	std::vector<Botan::TLS::ExternalPSK> find_preshared_keys(	×
102	std::string_view host,
103	Botan::TLS::Connection_Side whoami,
104	const std::vector<std::string>& identities = {},
105	const std::optional<std::string>& prf = std::nullopt) override {
106	if(!identities.empty() && std::find(identities.begin(), identities.end(), "psk_id") == identities.end()) {	×
107	return Botan::Credentials_Manager::find_preshared_keys(host, whoami, identities, prf);	×
108	}
109
110	std::vector<Botan::TLS::ExternalPSK> psks;	×
111	psks.emplace_back("psk_id", "SHA-256", Botan::hex_decode_locked("AABBCCDDEEFF00112233445566778899"));	×
112	return psks;	×
113	}	×
114
115	private:
116	std::unique_ptr<Botan::X509_Certificate> m_ecdsa_cert;
117	std::shared_ptr<Botan::Private_Key> m_ecdsa_key;
118	};
119
120	class Fuzzer_TLS_Policy : public Botan::TLS::Policy {	2,256✔
121	public:
122	std::vector<uint16_t> ciphersuite_list(Botan::TLS::Protocol_Version version) const override {	×
123	std::vector<uint16_t> ciphersuites;	×
124
125	for(auto&& suite : Botan::TLS::Ciphersuite::all_known_ciphersuites()) {	×
126	if(suite.valid() and suite.usable_in_version(version)) {	×
127	ciphersuites.push_back(suite.ciphersuite_code());	×
128	}
129	}
130
131	return ciphersuites;	×
132	}	×
133	};
134
135	class Fuzzer_TLS_Server_Callbacks : public Botan::TLS::Callbacks {	2,256✔
136	public:
137	void tls_emit_data(std::span<const uint8_t> /data/) override {	1,105✔
138	// discard
139	}	1,105✔
140
141	void tls_record_received(uint64_t /rec/, std::span<const uint8_t> /data/) override {	×
142	// ignore peer data
143	}	×
144
145	void tls_alert(Botan::TLS::Alert /alert/) override {	×
146	// ignore alert
147	}	×
148
149	std::string tls_server_choose_app_protocol(const std::vector<std::string>& client_protos) override {	×
150	if(client_protos.size() > 1) {	×
151	return client_protos[0];	×
152	} else {
153	return "fuzzy";	×
154	}
155	}
156
157	void tls_verify_cert_chain(const std::vector<Botan::X509_Certificate>& cert_chain,	×
158	const std::vector<std::optional<Botan::OCSP::Response>>& ocsp_responses,
159	const std::vector<Botan::Certificate_Store*>& trusted_roots,
160	Botan::Usage_Type usage,
161	std::string_view hostname,
162	const Botan::TLS::Policy& policy) override {
163	try {	×
164	// try to validate to exercise those code paths
165	Botan::TLS::Callbacks::tls_verify_cert_chain(	×
166	cert_chain, ocsp_responses, trusted_roots, usage, hostname, policy);
167	} catch(...) {	×
168	// ignore validation result
169	}	×
170	}	×
171	};
172
173	} // namespace
174
175	void fuzz(std::span<const uint8_t> in) {	1,131✔
176	if(in.size() <= 1) {	1,131✔
177	return;	3✔
178	}
179
180	auto session_manager = std::make_shared<Botan::TLS::Session_Manager_Noop>();	1,128✔
181	auto policy = std::make_shared<Fuzzer_TLS_Policy>();	1,128✔
182	const Botan::TLS::Server_Information info("server.name", 443);	1,128✔
183	auto creds = std::make_shared<Fuzzer_TLS_Server_Creds>();	1,128✔
184	auto callbacks = std::make_shared<Fuzzer_TLS_Server_Callbacks>();	1,128✔
185
186	const bool is_datagram = (in[0] & 1) == 1;	1,128✔
187
188	Botan::TLS::Server server(callbacks, session_manager, creds, policy, fuzzer_rng_as_shared(), is_datagram);	6,768✔
189
190	try {	1,128✔
191	server.received_data(in.subspan(1, in.size() - 1));	1,128✔
192	} catch(const std::exception& e) {}	1,105✔
193	}	6,768✔

randombit / botan / 21848380424

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous