Skip to content

Commit ec39cb3

Browse files
skmcgrailskmcgrail
authored
[tool-openssl] basic asn1parse support (#2882)
### Issues: Resolves P342458791 ### Description of changes: Adds basic support for `openssl asn1parse` with the following arguments: ``` -in <inputFile> -inform (PEM | DER) ``` The behavior of the command will default to OpenSSL's `-strictpem` flag behavior which was an optional feature. We can revisit if this determined to be required in order to relax the input restriction for valid PEM blocks. ### Call-outs: The original asn1parse function used `ASN1_dump` rather then `ASN1_parse`, under the hood they are the same function, except that `ASN1_dump` can be given a flag to indicate that unknown data should be hex dumped out. As our BIO hexdump functions doesn't match OpenSSL's the output would be slightly different. For now I've opted to not support the `-dump` flag for the CLI, and chose to only expose `ASN1_parse` in the library. That way we could come back and add `-dump` and `ASN1_dump` with proper output without worrying about backwards compatibility concerns. ### Testing: * Added a series of corpus files for some BER and DER encodings (the asn1parse tool / library components due allow some BER features e.g. indefinite length encoding). * Used DER corpus files to seed a fuzzer for testing the `ASN1_parse` library function. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.
1 parent 653cc0a commit ec39cb3

File tree

703 files changed

+1491
-1
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

703 files changed

+1491
-1
lines changed

crypto/asn1/asn1_par.c

Lines changed: 577 additions & 0 deletions
Large diffs are not rendered by default.

fuzz/CMakeLists.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ macro(fuzzer name)
1515
add_dependencies(all_fuzz_tests ${name})
1616
endmacro()
1717

18+
fuzzer(asn1parse)
1819
fuzzer(arm_cpuinfo)
1920
fuzzer(blowfish)
2021
fuzzer(bn_div)

fuzz/asn1parse.cc

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
2+
// SPDX-License-Identifier: Apache-2.0 OR ISC
3+
4+
#include <openssl/asn1.h>
5+
#include <openssl/err.h>
6+
#include <openssl/evp.h>
7+
#include <openssl/mem.h>
8+
9+
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
10+
bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
11+
if(len > LONG_MAX) {
12+
return 0;
13+
}
14+
ASN1_parse(bio.get(), buf, len, 0);
15+
return 0;
16+
}

fuzz/asn1parse_corpus/007dd9b9b6f1fe30c650ee7988643e98436c23da

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
�

fuzz/asn1parse_corpus/00b28ff06b788b9b67c6b259800f404f9f3761fd

2 Bytes
Binary file not shown.

fuzz/asn1parse_corpus/00e102d4eb2ba6eb94188164b1193fcb9adc4592

6 Bytes
Binary file not shown.

fuzz/asn1parse_corpus/0157abd8a42fdc502a6bd8b551974112b2b11152

74 Bytes
Binary file not shown.

fuzz/asn1parse_corpus/01c29e968e08fc7d923c98bea3f360271025003c

3 Bytes
Binary file not shown.

fuzz/asn1parse_corpus/027f6e82ba01d9db9a9167b83e56cc9f2c602550

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+

2+
3+

fuzz/asn1parse_corpus/044f0146e7f0457d968a98810dd92304145ea206

82 Bytes
Binary file not shown.

0 commit comments

Comments
 (0)