Fuzz testing

Fuzz targets are x509 crt csr and crl parsing
as well as private and public key parsing
and client and server communication

Fuzz targets for DTLS
Simple corpus with valid DTLS connection
Deterministic behavior for fuzzing, ie no timestamps

tests/CMakeLists.txt

@@ -77,3 +77,5 @@ if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
     link_to_source(scripts)
     link_to_source(ssl-opt.sh)
 endif()
+
+add_subdirectory(fuzz)

tests/fuzz/CMakeLists.txt

@@ -0,0 +1,38 @@
+set(libs
+    mbedtls
+)
+
+if(USE_PKCS11_HELPER_LIBRARY)
+    set(libs ${libs} pkcs11-helper)
+endif(USE_PKCS11_HELPER_LIBRARY)
+
+if(ENABLE_ZLIB_SUPPORT)
+    set(libs ${libs} ${ZLIB_LIBRARIES})
+endif(ENABLE_ZLIB_SUPPORT)
+
+add_executable(fuzz_x509csr fuzz_x509csr.c onefile.c)
+target_link_libraries(fuzz_x509csr ${libs})
+
+add_executable(fuzz_x509crl fuzz_x509crl.c onefile.c)
+target_link_libraries(fuzz_x509crl ${libs})
+
+add_executable(fuzz_x509crt fuzz_x509crt.c onefile.c)
+target_link_libraries(fuzz_x509crt ${libs})
+
+add_executable(fuzz_privkey fuzz_privkey.c onefile.c)
+target_link_libraries(fuzz_privkey ${libs})
+
+add_executable(fuzz_pubkey fuzz_pubkey.c onefile.c)
+target_link_libraries(fuzz_pubkey ${libs})
+
+add_executable(fuzz_client fuzz_client.c onefile.c)
+target_link_libraries(fuzz_client ${libs})
+
+add_executable(fuzz_server fuzz_server.c onefile.c)
+target_link_libraries(fuzz_server ${libs})
+
+add_executable(fuzz_dtlsclient fuzz_dtlsclient.c onefile.c)
+target_link_libraries(fuzz_dtlsclient ${libs})
+
+add_executable(fuzz_dtlsserver fuzz_dtlsserver.c onefile.c)
+target_link_libraries(fuzz_dtlsserver ${libs})

tests/fuzz/fuzz_client.c

@@ -0,0 +1,227 @@
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include <string.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <stdint.h>
+
+
+static bool initialized = 0;
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static mbedtls_x509_crt cacert;
+#endif
+const char *alpn_list[3];
+
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+const unsigned char psk[] = {
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+const char psk_id[] = "Client_identity";
+#endif
+
+const char *pers = "fuzz_client";
+
+
+typedef struct fuzzBufferOffset
+{
+    const uint8_t *Data;
+    size_t Size;
+    size_t Offset;
+} fuzzBufferOffset_t;
+
+static int dummy_send( void *ctx, const unsigned char *buf, size_t len )
+{
+    //silence warning about unused parameter
+    (void) ctx;
+    (void) buf;
+
+    //pretends we wrote everything ok
+    return( len );
+}
+
+static int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
+{
+    //reads from the buffer from fuzzer
+    fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
+
+    if (biomemfuzz->Offset == biomemfuzz->Size) {
+        //EOF
+        return (0);
+    }
+    if (len + biomemfuzz->Offset > biomemfuzz->Size) {
+        //do not overflow
+        len = biomemfuzz->Size - biomemfuzz->Offset;
+    }
+    memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
+    biomemfuzz->Offset += len;
+    return( len );
+}
+
+static int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
+{
+    int ret;
+    size_t i;
+
+    //use mbedtls_ctr_drbg_random to find bugs in it
+    ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
+    for (i=0; i<output_len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) random();
+    }
+    return( ret );
+}
+
+static int dummy_entropy( void *data, unsigned char *output, size_t len )
+{
+    int ret;
+    size_t i;
+
+    //use mbedtls_entropy_func to find bugs in it
+    ret = mbedtls_entropy_func(data, output, len);
+    for (i=0; i<len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) random();
+    }
+    return( ret );
+}
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+    int ret;
+    size_t len;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+    unsigned char buf[4096];
+    fuzzBufferOffset_t biomemfuzz;
+    uint16_t options;
+
+    if (initialized == 0) {
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+        mbedtls_x509_crt_init( &cacert );
+        if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
+                                   mbedtls_test_cas_pem_len ) != 0)
+            return 1;
+#endif
+
+        alpn_list[0] = "HTTP";
+        alpn_list[1] = "fuzzalpn";
+        alpn_list[2] = NULL;
+
+        initialized = 1;
+    }
+
+    //we take 1 byte as options input
+    if (Size < 2) {
+        return 0;
+    }
+    options = (Data[Size - 2] << 8) | Data[Size - 1];
+    //Avoid warnings if compile options imply no options
+    (void) options;
+
+    mbedtls_ssl_init( &ssl );
+    mbedtls_ssl_config_init( &conf );
+    mbedtls_ctr_drbg_init( &ctr_drbg );
+    mbedtls_entropy_init( &entropy );
+
+    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
+                              (const unsigned char *) pers, strlen( pers ) ) != 0 )
+        goto exit;
+
+    if( mbedtls_ssl_config_defaults( &conf,
+                                    MBEDTLS_SSL_IS_CLIENT,
+                                    MBEDTLS_SSL_TRANSPORT_STREAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
+        goto exit;
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    if (options & 2) {
+        mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
+                             (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
+    }
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if (options & 4) {
+        mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
+        mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
+    } else
+#endif
+    {
+        mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
+    }
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    mbedtls_ssl_conf_truncated_hmac( &conf, (options & 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
+#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED);
+#endif
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    mbedtls_ssl_conf_cbc_record_splitting( &conf, (options & 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED );
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    mbedtls_ssl_conf_session_tickets( &conf, (options & 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED );
+#endif
+#if defined(MBEDTLS_SSL_ALPN)
+    if (options & 0x200) {
+        mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list );
+    }
+#endif
+    //There may be other options to add :
+    // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes
+
+    srandom(1);
+    mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
+
+    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
+        goto exit;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if ((options & 1) == 0) {
+        if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 )
+            goto exit;
+    }
+#endif
+
+    biomemfuzz.Data = Data;
+    biomemfuzz.Size = Size-2;
+    biomemfuzz.Offset = 0;
+    mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL );
+
+    ret = mbedtls_ssl_handshake( &ssl );
+    if( ret == 0 )
+    {
+        //keep reading data from server until the end
+        do
+        {
+            len = sizeof( buf ) - 1;
+            ret = mbedtls_ssl_read( &ssl, buf, len );
+
+            if( ret == MBEDTLS_ERR_SSL_WANT_READ )
+                continue;
+            else if( ret <= 0 )
+                //EOF or error
+                break;
+        }
+        while( 1 );
+    }
+
+exit:
+    mbedtls_entropy_free( &entropy );
+    mbedtls_ctr_drbg_free( &ctr_drbg );
+    mbedtls_ssl_config_free( &conf );
+    mbedtls_ssl_free( &ssl );
+
+    return 0;
+}

tests/fuzz/fuzz_client.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 1048575

tests/fuzz/fuzz_dtlsclient.c

@@ -0,0 +1,185 @@
+#include <string.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include "mbedtls/ssl.h"
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/timing.h"
+
+
+static bool initialized = 0;
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static mbedtls_x509_crt cacert;
+#endif
+
+
+const char *pers = "fuzz_dtlsclient";
+
+
+typedef struct fuzzBufferOffset
+{
+    const uint8_t *Data;
+    size_t Size;
+    size_t Offset;
+} fuzzBufferOffset_t;
+
+static int dummy_send( void *ctx, const unsigned char *buf, size_t len )
+{
+    //silence warning about unused parameter
+    (void) ctx;
+    (void) buf;
+
+    //pretends we wrote everything ok
+    return( len );
+}
+
+static int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
+{
+    //reads from the buffer from fuzzer
+    fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
+
+    if (biomemfuzz->Offset == biomemfuzz->Size) {
+        //EOF
+        return (0);
+    }
+    if (len + biomemfuzz->Offset > biomemfuzz->Size) {
+        //do not overflow
+        len = biomemfuzz->Size - biomemfuzz->Offset;
+    }
+    memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
+    biomemfuzz->Offset += len;
+    return( len );
+}
+
+static int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len,
+                             uint32_t timeout )
+{
+    (void) timeout;
+
+    return fuzz_recv(ctx, buf, len);
+}
+
+static int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
+{
+    int ret;
+    size_t i;
+
+    //use mbedtls_ctr_drbg_random to find bugs in it
+    ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
+    for (i=0; i<output_len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) random();
+    }
+    return( ret );
+}
+
+static int dummy_entropy( void *data, unsigned char *output, size_t len )
+{
+    int ret;
+    size_t i;
+
+    //use mbedtls_entropy_func to find bugs in it
+    ret = mbedtls_entropy_func(data, output, len);
+    for (i=0; i<len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) random();
+    }
+    return( ret );
+}
+#endif
+
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    int ret;
+    size_t len;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+    mbedtls_timing_delay_context timer;
+    unsigned char buf[4096];
+    fuzzBufferOffset_t biomemfuzz;
+
+    if (initialized == 0) {
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+        mbedtls_x509_crt_init( &cacert );
+        if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
+                                   mbedtls_test_cas_pem_len ) != 0)
+            return 1;
+#endif
+        initialized = 1;
+    }
+
+    mbedtls_ssl_init( &ssl );
+    mbedtls_ssl_config_init( &conf );
+    mbedtls_ctr_drbg_init( &ctr_drbg );
+    mbedtls_entropy_init( &entropy );
+
+    srandom(1);
+    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
+                              (const unsigned char *) pers, strlen( pers ) ) != 0 )
+        goto exit;
+
+    if( mbedtls_ssl_config_defaults( &conf,
+                                    MBEDTLS_SSL_IS_CLIENT,
+                                    MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
+        goto exit;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
+#endif
+    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
+    mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
+
+    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
+        goto exit;
+
+    mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
+                             mbedtls_timing_get_delay );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 )
+        goto exit;
+#endif
+
+    biomemfuzz.Data = Data;
+    biomemfuzz.Size = Size;
+    biomemfuzz.Offset = 0;
+    mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
+
+    ret = mbedtls_ssl_handshake( &ssl );
+    if( ret == 0 )
+    {
+        //keep reading data from server until the end
+        do
+        {
+            len = sizeof( buf ) - 1;
+            ret = mbedtls_ssl_read( &ssl, buf, len );
+
+            if( ret == MBEDTLS_ERR_SSL_WANT_READ )
+                continue;
+            else if( ret <= 0 )
+                //EOF or error
+                break;
+        }
+        while( 1 );
+    }
+
+exit:
+    mbedtls_entropy_free( &entropy );
+    mbedtls_ctr_drbg_free( &ctr_drbg );
+    mbedtls_ssl_config_free( &conf );
+    mbedtls_ssl_free( &ssl );
+
+#else
+    (void) Data;
+    (void) Size;
+#endif
+    return 0;
+}

tests/fuzz/fuzz_dtlsclient.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 1048575

tests/fuzz/fuzz_dtlsserver.c

@@ -0,0 +1,209 @@
+#include <string.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include "mbedtls/ssl.h"
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/ssl_cookie.h"
+
+
+const char *pers = "fuzz_dtlsserver";
+const unsigned char client_ip[4] = {0x7F, 0, 0, 1};
+static bool initialized = 0;
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static mbedtls_x509_crt srvcert;
+static mbedtls_pk_context pkey;
+#endif
+
+typedef struct fuzzBufferOffset
+{
+    const uint8_t *Data;
+    size_t Size;
+    size_t Offset;
+} fuzzBufferOffset_t;
+
+
+static int dummy_send( void *ctx, const unsigned char *buf, size_t len )
+{
+    //silence warning about unused parameter
+    (void) ctx;
+    (void) buf;
+
+    //pretends we wrote everything ok
+    return( len );
+}
+
+static int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
+{
+    //reads from the buffer from fuzzer
+    fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
+
+    if (biomemfuzz->Offset == biomemfuzz->Size) {
+        //EOF
+        return (0);
+    }
+    if (len + biomemfuzz->Offset > biomemfuzz->Size) {
+        //do not overflow
+        len = biomemfuzz->Size - biomemfuzz->Offset;
+    }
+    memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
+    biomemfuzz->Offset += len;
+    return( len );
+}
+
+static int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len,
+                      uint32_t timeout )
+{
+    (void) timeout;
+
+    return fuzz_recv(ctx, buf, len);
+}
+
+static int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
+{
+    int ret;
+    size_t i;
+
+    //use mbedtls_ctr_drbg_random to find bugs in it
+    ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
+    for (i=0; i<output_len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) random();
+    }
+    return( ret );
+}
+
+static int dummy_entropy( void *data, unsigned char *output, size_t len )
+{
+    int ret;
+    size_t i;
+
+    //use mbedtls_entropy_func to find bugs in it
+    ret = mbedtls_entropy_func(data, output, len);
+    for (i=0; i<len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) random();
+    }
+    return( ret );
+}
+#endif
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    int ret;
+    size_t len;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+    mbedtls_timing_delay_context timer;
+    mbedtls_ssl_cookie_ctx cookie_ctx;
+    unsigned char buf[4096];
+    fuzzBufferOffset_t biomemfuzz;
+
+    if (initialized == 0) {
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+        mbedtls_x509_crt_init( &srvcert );
+        mbedtls_pk_init( &pkey );
+        if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
+                                   mbedtls_test_srv_crt_len ) != 0)
+            return 1;
+        if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
+                                   mbedtls_test_cas_pem_len ) != 0)
+            return 1;
+        if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
+                                 mbedtls_test_srv_key_len, NULL, 0 ) != 0)
+            return 1;
+#endif
+        initialized = 1;
+    }
+    mbedtls_ssl_init( &ssl );
+    mbedtls_ssl_config_init( &conf );
+    mbedtls_ctr_drbg_init( &ctr_drbg );
+    mbedtls_entropy_init( &entropy );
+    mbedtls_ssl_cookie_init( &cookie_ctx );
+
+    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
+                              (const unsigned char *) pers, strlen( pers ) ) != 0 )
+        goto exit;
+
+
+    if( mbedtls_ssl_config_defaults( &conf,
+                                    MBEDTLS_SSL_IS_SERVER,
+                                    MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
+        goto exit;
+
+
+    srandom(1);
+    mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
+    if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 )
+        goto exit;
+#endif
+
+    if( mbedtls_ssl_cookie_setup( &cookie_ctx, dummy_random, &ctr_drbg ) != 0 )
+        goto exit;
+
+    mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx );
+
+    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
+        goto exit;
+
+    mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
+                             mbedtls_timing_get_delay );
+
+    biomemfuzz.Data = Data;
+    biomemfuzz.Size = Size;
+    biomemfuzz.Offset = 0;
+    mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
+    if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 )
+        goto exit;
+
+    ret = mbedtls_ssl_handshake( &ssl );
+
+    if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
+        biomemfuzz.Offset = ssl.next_record_offset;
+        mbedtls_ssl_session_reset( &ssl );
+        mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
+        if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 )
+            goto exit;
+
+        ret = mbedtls_ssl_handshake( &ssl );
+
+        if( ret == 0 )
+        {
+            //keep reading data from server until the end
+            do
+            {
+                len = sizeof( buf ) - 1;
+                ret = mbedtls_ssl_read( &ssl, buf, len );
+                if( ret == MBEDTLS_ERR_SSL_WANT_READ )
+                    continue;
+                else if( ret <= 0 )
+                    //EOF or error
+                    break;
+            }
+            while( 1 );
+        }
+    }
+
+exit:
+    mbedtls_ssl_cookie_free( &cookie_ctx );
+    mbedtls_entropy_free( &entropy );
+    mbedtls_ctr_drbg_free( &ctr_drbg );
+    mbedtls_ssl_config_free( &conf );
+    mbedtls_ssl_free( &ssl );
+
+#else
+    (void) Data;
+    (void) Size;
+#endif
+    return 0;
+}

tests/fuzz/fuzz_dtlsserver.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 1048575

tests/fuzz/fuzz_privkey.c

@@ -0,0 +1,64 @@
+#include <stdint.h>
+#include "mbedtls/pk.h"
+
+//4 Kb should be enough for every bug ;-)
+#define MAX_LEN 0x1000
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+#ifdef MBEDTLS_PK_PARSE_C
+    int ret;
+    mbedtls_pk_context pk;
+
+    if (Size > MAX_LEN) {
+        //only work on small inputs
+        Size = MAX_LEN;
+    }
+
+    mbedtls_pk_init( &pk );
+    ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 );
+    if (ret == 0) {
+#if defined(MBEDTLS_RSA_C)
+        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
+        {
+            mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+            mbedtls_rsa_context *rsa;
+
+            mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
+            mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
+            mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
+
+            rsa = mbedtls_pk_rsa( pk );
+            mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E );
+            mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP );
+
+            mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
+            mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
+            mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
+        }
+        else
+#endif
+#if defined(MBEDTLS_ECP_C)
+        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
+        {
+            mbedtls_ecp_keypair *ecp;
+
+            ecp = mbedtls_pk_ec( pk );
+            if (ecp) {
+                ret = 0;
+            }
+        }
+        else
+#endif
+            {
+                ret = 0;
+            }
+    }
+    mbedtls_pk_free( &pk );
+#else
+    (void) Data;
+    (void) Size;
+#endif //MBEDTLS_PK_PARSE_C
+
+    return 0;
+}

tests/fuzz/fuzz_privkey.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65535

tests/fuzz/fuzz_pubkey.c

@@ -0,0 +1,57 @@
+#include <stdint.h>
+#include "mbedtls/pk.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+#ifdef MBEDTLS_PK_PARSE_C
+    int ret;
+    mbedtls_pk_context pk;
+
+    mbedtls_pk_init( &pk );
+    ret = mbedtls_pk_parse_public_key( &pk, Data, Size );
+    if (ret == 0) {
+#if defined(MBEDTLS_RSA_C)
+        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
+        {
+            mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+            mbedtls_rsa_context *rsa;
+
+            mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
+            mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
+            mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
+
+            rsa = mbedtls_pk_rsa( pk );
+            ret = mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E );
+            ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP );
+
+            mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
+            mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
+            mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
+
+        }
+        else
+#endif
+#if defined(MBEDTLS_ECP_C)
+        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
+        {
+            mbedtls_ecp_keypair *ecp;
+
+            ecp = mbedtls_pk_ec( pk );
+            //dummy use of value
+            if (ecp) {
+                ret = 0;
+            }
+        }
+        else
+#endif
+        {
+            ret = 0;
+        }
+    }
+    mbedtls_pk_free( &pk );
+#else
+    (void) Data;
+    (void) Size;
+#endif //MBEDTLS_PK_PARSE_C
+
+    return 0;
+}

tests/fuzz/fuzz_pubkey.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65535

tests/fuzz/fuzz_server.c

@@ -0,0 +1,240 @@
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/ssl_ticket.h"
+#include <string.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <stdint.h>
+
+
+const char *pers = "fuzz_server";
+static bool initialized = 0;
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static mbedtls_x509_crt srvcert;
+static mbedtls_pk_context pkey;
+#endif
+const char *alpn_list[3];
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+const unsigned char psk[] = {
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+const char psk_id[] = "Client_identity";
+#endif
+
+
+typedef struct fuzzBufferOffset
+{
+    const uint8_t *Data;
+    size_t Size;
+    size_t Offset;
+} fuzzBufferOffset_t;
+
+
+static int dummy_send( void *ctx, const unsigned char *buf, size_t len )
+{
+    //silence warning about unused parameter
+    (void) ctx;
+    (void) buf;
+
+    //pretends we wrote everything ok
+    return( len );
+}
+
+static int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
+{
+    //reads from the buffer from fuzzer
+    fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
+
+    if (biomemfuzz->Offset == biomemfuzz->Size) {
+        //EOF
+        return (0);
+    }
+    if (len + biomemfuzz->Offset > biomemfuzz->Size) {
+        //do not overflow
+        len = biomemfuzz->Size - biomemfuzz->Offset;
+    }
+    memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
+    biomemfuzz->Offset += len;
+    return( len );
+}
+
+static int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
+{
+    int ret;
+    size_t i;
+
+    //use mbedtls_ctr_drbg_random to find bugs in it
+    ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
+    for (i=0; i<output_len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) random();
+    }
+    return( ret );
+}
+
+static int dummy_entropy( void *data, unsigned char *output, size_t len )
+{
+    int ret;
+    size_t i;
+
+    //use mbedtls_entropy_func to find bugs in it
+    ret = mbedtls_entropy_func(data, output, len);
+    for (i=0; i<len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) random();
+    }
+    return( ret );
+}
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+    int ret;
+    size_t len;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    mbedtls_ssl_ticket_context ticket_ctx;
+#endif
+    unsigned char buf[4096];
+    fuzzBufferOffset_t biomemfuzz;
+    uint8_t options;
+
+    //we take 1 byte as options input
+    if (Size < 1) {
+        return 0;
+    }
+    options = Data[Size - 1];
+
+    if (initialized == 0) {
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+        mbedtls_x509_crt_init( &srvcert );
+        mbedtls_pk_init( &pkey );
+        if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
+                                   mbedtls_test_srv_crt_len ) != 0)
+            return 1;
+        if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
+                                   mbedtls_test_cas_pem_len ) != 0)
+            return 1;
+        if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
+                                 mbedtls_test_srv_key_len, NULL, 0 ) != 0)
+            return 1;
+#endif
+
+        alpn_list[0] = "HTTP";
+        alpn_list[1] = "fuzzalpn";
+        alpn_list[2] = NULL;
+
+        initialized = 1;
+    }
+    mbedtls_ssl_init( &ssl );
+    mbedtls_ssl_config_init( &conf );
+    mbedtls_ctr_drbg_init( &ctr_drbg );
+    mbedtls_entropy_init( &entropy );
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    mbedtls_ssl_ticket_init( &ticket_ctx );
+#endif
+
+    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
+                              (const unsigned char *) pers, strlen( pers ) ) != 0 )
+        goto exit;
+
+
+    if( mbedtls_ssl_config_defaults( &conf,
+                                    MBEDTLS_SSL_IS_SERVER,
+                                    MBEDTLS_SSL_TRANSPORT_STREAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
+        goto exit;
+
+    srandom(1);
+    mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
+    if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 )
+        goto exit;
+#endif
+
+    mbedtls_ssl_conf_cert_req_ca_list( &conf, (options & 0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED );
+#if defined(MBEDTLS_SSL_ALPN)
+    if (options & 0x2) {
+        mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list );
+    }
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    if( options & 0x4 )
+    {
+        if( mbedtls_ssl_ticket_setup( &ticket_ctx,
+                                     dummy_random, &ctr_drbg,
+                                     MBEDTLS_CIPHER_AES_256_GCM,
+                                     86400 ) != 0 )
+            goto exit;
+
+        mbedtls_ssl_conf_session_tickets_cb( &conf,
+                                            mbedtls_ssl_ticket_write,
+                                            mbedtls_ssl_ticket_parse,
+                                            &ticket_ctx );
+    }
+#endif
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    mbedtls_ssl_conf_truncated_hmac( &conf, (options & 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
+#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED);
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    if (options & 0x40) {
+        mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
+                             (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
+    }
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED );
+#endif
+
+    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
+        goto exit;
+
+    biomemfuzz.Data = Data;
+    biomemfuzz.Size = Size-1;
+    biomemfuzz.Offset = 0;
+    mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL );
+
+    mbedtls_ssl_session_reset( &ssl );
+    ret = mbedtls_ssl_handshake( &ssl );
+    if( ret == 0 )
+    {
+        //keep reading data from server until the end
+        do
+        {
+            len = sizeof( buf ) - 1;
+            ret = mbedtls_ssl_read( &ssl, buf, len );
+
+            if( ret == MBEDTLS_ERR_SSL_WANT_READ )
+                continue;
+            else if( ret <= 0 )
+                //EOF or error
+                break;
+        }
+        while( 1 );
+    }
+
+exit:
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    mbedtls_ssl_ticket_free( &ticket_ctx );
+#endif
+    mbedtls_entropy_free( &entropy );
+    mbedtls_ctr_drbg_free( &ctr_drbg );
+    mbedtls_ssl_config_free( &conf );
+    mbedtls_ssl_free( &ssl );
+
+    return 0;
+}

tests/fuzz/fuzz_server.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 1048575

tests/fuzz/fuzz_x509crl.c

@@ -0,0 +1,22 @@
+#include <stdint.h>
+#include "mbedtls/x509_crl.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+#ifdef MBEDTLS_X509_CRL_PARSE_C
+    int ret;
+    mbedtls_x509_crl crl;
+    unsigned char buf[4096];
+
+    mbedtls_x509_crl_init( &crl );
+    ret = mbedtls_x509_crl_parse( &crl, Data, Size );
+    if (ret == 0) {
+        ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
+    }
+    mbedtls_x509_crl_free( &crl );
+#else
+    (void) Data;
+    (void) Size;
+#endif
+
+    return 0;
+}

tests/fuzz/fuzz_x509crl.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65535

tests/fuzz/fuzz_x509crt.c

@@ -0,0 +1,22 @@
+#include <stdint.h>
+#include "mbedtls/x509_crt.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+#ifdef MBEDTLS_X509_CRT_PARSE_C
+    int ret;
+    mbedtls_x509_crt crt;
+    unsigned char buf[4096];
+
+    mbedtls_x509_crt_init( &crt );
+    ret = mbedtls_x509_crt_parse( &crt, Data, Size );
+    if (ret == 0) {
+        ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", &crt );
+    }
+    mbedtls_x509_crt_free( &crt );
+#else
+    (void) Data;
+    (void) Size;
+#endif
+
+    return 0;
+}

tests/fuzz/fuzz_x509crt.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65535

tests/fuzz/fuzz_x509csr.c

@@ -0,0 +1,22 @@
+#include <stdint.h>
+#include "mbedtls/x509_csr.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+#ifdef MBEDTLS_X509_CSR_PARSE_C
+    int ret;
+    mbedtls_x509_csr csr;
+    unsigned char buf[4096];
+
+    mbedtls_x509_csr_init( &csr );
+    ret = mbedtls_x509_csr_parse( &csr, Data, Size );
+    if (ret == 0) {
+        ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
+    }
+    mbedtls_x509_csr_free( &csr );
+#else
+    (void) Data;
+    (void) Size;
+#endif
+
+    return 0;
+}

tests/fuzz/fuzz_x509csr.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 65535

tests/fuzz/onefile.c

@@ -0,0 +1,50 @@
+#include <stdint.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
+
+int main(int argc, char** argv)
+{
+    FILE * fp;
+    uint8_t *Data;
+    size_t Size;
+
+    if (argc != 2) {
+        return 1;
+    }
+    //opens the file, get its size, and reads it into a buffer
+    fp = fopen(argv[1], "rb");
+    if (fp == NULL) {
+        return 2;
+    }
+    if (fseek(fp, 0L, SEEK_END) != 0) {
+        fclose(fp);
+        return 2;
+    }
+    Size = ftell(fp);
+    if (Size == (size_t) -1) {
+        fclose(fp);
+        return 2;
+    }
+    if (fseek(fp, 0L, SEEK_SET) != 0) {
+        fclose(fp);
+        return 2;
+    }
+    Data = malloc(Size);
+    if (Data == NULL) {
+        fclose(fp);
+        return 2;
+    }
+    if (fread(Data, Size, 1, fp) != 1) {
+        fclose(fp);
+        return 2;
+    }
+
+    //lauch fuzzer
+    LLVMFuzzerTestOneInput(Data, Size);
+    fclose(fp);
+    return 0;
+}
+