1 // Copyright 2021 The BoringSSL Authors
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include <openssl/bytestring.h>
16 #include <openssl/ssl.h>
17 #include <openssl/span.h>
18
19 #include "../ssl/internal.h"
20
21
LLVMFuzzerTestOneInput(const uint8_t * buf,size_t len)22 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
23 static bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
24 static bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
25
26 CBS reader(bssl::Span(buf, len));
27 CBS encoded_client_hello_inner_cbs;
28
29 if (!CBS_get_u24_length_prefixed(&reader, &encoded_client_hello_inner_cbs)) {
30 return 0;
31 }
32
33 bssl::Array<uint8_t> encoded_client_hello_inner;
34 if (!encoded_client_hello_inner.CopyFrom(encoded_client_hello_inner_cbs)) {
35 return 0;
36 }
37
38 // Use the remaining bytes in |reader| as the ClientHelloOuter.
39 SSL_CLIENT_HELLO client_hello_outer;
40 if (!SSL_parse_client_hello(ssl.get(), &client_hello_outer, CBS_data(&reader),
41 CBS_len(&reader))) {
42 return 0;
43 }
44
45 // Recover the ClientHelloInner from the EncodedClientHelloInner and
46 // ClientHelloOuter.
47 uint8_t alert_unused;
48 bssl::Array<uint8_t> client_hello_inner;
49 bssl::ssl_decode_client_hello_inner(
50 ssl.get(), &alert_unused, &client_hello_inner, encoded_client_hello_inner,
51 &client_hello_outer);
52 return 0;
53 }
54