1 /* This Source Code Form is subject to the terms of the Mozilla Public
2  * License, v. 2.0. If a copy of the MPL was not distributed with this
3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 
5 #include "asn1_mutators.h"
6 #include "shared.h"
7 
8 const std::vector<const SEC_ASN1Template *> templates = {
9     CERT_AttributeTemplate,
10     CERT_CertExtensionTemplate,
11     CERT_CertificateRequestTemplate,
12     CERT_CertificateTemplate,
13     CERT_CrlTemplate,
14     CERT_IssuerAndSNTemplate,
15     CERT_NameTemplate,
16     CERT_PublicKeyAndChallengeTemplate,
17     CERT_RDNTemplate,
18     CERT_SequenceOfCertExtensionTemplate,
19     CERT_SetOfAttributeTemplate,
20     CERT_SetOfSignedCrlTemplate,
21     CERT_SignedCrlTemplate,
22     CERT_SignedDataTemplate,
23     CERT_SubjectPublicKeyInfoTemplate,
24     CERT_TimeChoiceTemplate,
25     CERT_ValidityTemplate,
26     SEC_AnyTemplate,
27     SEC_BitStringTemplate,
28     SEC_BMPStringTemplate,
29     SEC_BooleanTemplate,
30     SEC_CertSequenceTemplate,
31     SEC_EnumeratedTemplate,
32     SEC_GeneralizedTimeTemplate,
33     SEC_IA5StringTemplate,
34     SEC_IntegerTemplate,
35     SEC_NullTemplate,
36     SEC_ObjectIDTemplate,
37     SEC_OctetStringTemplate,
38     SEC_PointerToAnyTemplate,
39     SEC_PointerToEnumeratedTemplate,
40     SEC_PointerToGeneralizedTimeTemplate,
41     SEC_PointerToOctetStringTemplate,
42     SEC_PrintableStringTemplate,
43     SEC_SetOfAnyTemplate,
44     SEC_SetOfEnumeratedTemplate,
45     SEC_SequenceOfAnyTemplate,
46     SEC_SequenceOfObjectIDTemplate,
47     SEC_SignedCertificateTemplate,
48     SEC_SkipTemplate,
49     SEC_T61StringTemplate,
50     SEC_UniversalStringTemplate,
51     SEC_UTCTimeTemplate,
52     SEC_UTF8StringTemplate,
53     SEC_VisibleStringTemplate,
54     SECKEY_DHParamKeyTemplate,
55     SECKEY_DHPublicKeyTemplate,
56     SECKEY_DSAPrivateKeyExportTemplate,
57     SECKEY_DSAPublicKeyTemplate,
58     SECKEY_PQGParamsTemplate,
59     SECKEY_PrivateKeyInfoTemplate,
60     SECKEY_RSAPSSParamsTemplate,
61     SECKEY_RSAPublicKeyTemplate,
62     SECOID_AlgorithmIDTemplate};
63 
LLVMFuzzerTestOneInput(const uint8_t * Data,size_t Size)64 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
65   char *dest[2048];
66 
67   for (auto tpl : templates) {
68     PORTCheapArenaPool pool;
69     SECItem buf = {siBuffer, const_cast<unsigned char *>(Data),
70                    static_cast<unsigned int>(Size)};
71 
72     PORT_InitCheapArena(&pool, DER_DEFAULT_CHUNKSIZE);
73     (void)SEC_QuickDERDecodeItem(&pool.arena, dest, tpl, &buf);
74     PORT_DestroyCheapArena(&pool);
75   }
76 
77   return 0;
78 }
79 
LLVMFuzzerCustomMutator(uint8_t * data,size_t size,size_t max_size,unsigned int seed)80 extern "C" size_t LLVMFuzzerCustomMutator(uint8_t *data, size_t size,
81                                           size_t max_size, unsigned int seed) {
82   return CustomMutate(
83       Mutators({ASN1MutatorFlipConstructed, ASN1MutatorChangeType}), data, size,
84       max_size, seed);
85 }
86