Darren Tucker
7cd062c3a2
Add USE_LIBC_SHA2 for (at least) NetBSD 9.
2021-10-06 17:45:28 +11:00
Darren Tucker
639c440f6c
Define OPENSSL_NO_SHA including OpenSSL from test.
...
We don't use SHA256 from OpenSSL in the sk-dummy module and the
definitions can conflict with system sha2.h (eg on NetBSD) so define
OPENSSL_NO_SHA so we don't attempt to redefine them.
2021-10-06 17:09:31 +11:00
djm@openbsd.org
e3e62deb54
upstream: use libc SHA256 functions; make this work when compiled
...
!WITH_OPENSSL
OpenBSD-Regress-ID: fda0764c1097cd42f979ace29b07eb3481259890
2021-10-06 14:40:26 +11:00
Damien Miller
5a37cc118f
fix broken OPENSSL_HAS_ECC test
...
spotted by dtucker
2021-10-06 13:16:21 +11:00
Damien Miller
16a25414f3
make sk-dummy.so work without libcrypto installed
2021-10-01 22:40:06 +10:00
djm@openbsd.org
1fe4d70df9
upstream: remove this KEX fuzzer; it's awkward to use and doesn't play
...
nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it
but me.
OpenBSD-Regress-ID: cad919522b3ce90c147c95abaf81b0492ac296c9
2021-02-26 15:23:42 +11:00
Damien Miller
a5dfc5bae8
allow a fuzz case to contain more than one request
...
loop until input buffer empty, no message consumed or 256 messages
processed
2021-01-30 16:32:29 +11:00
Damien Miller
0ef24ad602
expect fuzz cases to have length prefix
...
might make life a little easier for the fuzzer, e.g. it can now
produce valid (multi-request) messages by smashing two cases together.
2021-01-30 16:28:23 +11:00
Damien Miller
de613f2713
ssh-agent fuzzer
2021-01-30 13:18:30 +11:00
Damien Miller
7e96c877bc
move keys out of kex_fuzz.cc into separate header
...
add certificates and missing key types
2021-01-30 12:02:46 +11:00
Damien Miller
76f46d7566
some fixed test data (mostly keys) for fuzzing
2021-01-30 12:02:10 +11:00
djm@openbsd.org
7c2e3d6de1
upstream: add a SK_DUMMY_INTEGRATE define that allows the dummy
...
security key middleware to be directly linked; useful for writing fuzzers,
etc.
OpenBSD-Regress-ID: 0ebd00159b58ebd85e61d8270fc02f1e45df1544
2021-01-30 11:58:38 +11:00
Damien Miller
1e660115f0
fuzz diffie-hellman-group-exchange-sha1 kex too
2021-01-29 11:09:14 +11:00
Damien Miller
be5f0048ea
support for running kex fuzzer with null cipher
2021-01-29 11:03:35 +11:00
Damien Miller
1134a48cdc
correct kex name in disabled code
2021-01-28 08:57:31 +11:00
anatasluo
1050109b4b
Remove duplicated declaration in fatal.c .
2021-01-12 07:08:26 +11:00
dtucker@openbsd.org
ba328bd7a6
upstream: Adjust kexfuzz to addr.c/addrmatch.c split.
...
OpenBSD-Regress-ID: 1d8d23bb548078020be2fb52c4c643efb190f0eb
2021-01-11 15:24:31 +11:00
Damien Miller
5c1953bf98
adapt KEX fuzzer to PQ kex change
2020-12-29 12:40:54 +11:00
djm@openbsd.org
659864fe81
upstream: Adapt to replacement of
...
sntrup4591761x25519-sha512@tinyssh.org with
sntrup761x25519-sha512@openssh.com .
Also test sntrup761x25519-sha512@openssh.com in unittests/kex
OpenBSD-Regress-ID: cfa3506b2b077a9cac1877fb521efd2641b6030c
2020-12-29 12:39:40 +11:00
Damien Miller
a5ab499bd2
basic KEX fuzzer; adapted from Markus' unittest
2020-12-04 14:01:27 +11:00
Damien Miller
021ff33e38
use options that work with recent clang
2020-12-04 13:57:43 +11:00
djm@openbsd.org
816036f142
upstream: use the new variant log macros instead of prepending
...
__func__ and appending ssh_err(r) manually; ok markus@
OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
2020-10-18 23:46:29 +11:00
Damien Miller
d55dfed34e
missing header
2020-10-17 22:55:24 +11:00
Damien Miller
999d7cb79a
sync regress/misc/sk-dummy/fatal.c
2020-10-17 22:47:52 +11:00
Damien Miller
0f938f9986
adapt sk-dummy's fatal implementation to changes
2020-10-17 11:42:26 +11:00
djm@openbsd.org
bbf20ac806
upstream: adapt to SSH_SK_VERSION_MAJOR crank
...
OpenBSD-Regress-ID: 0f3e76bdc8f9dbd9d22707c7bdd86051d5112ab8
2020-09-09 13:12:29 +10:00
djm@openbsd.org
9cbbdc12cb
upstream: dummy firmware needs to match API version numner crank (for
...
verify-required resident keys) even though it doesn't implement this feature
OpenBSD-Regress-ID: 86579ea2891e18e822e204413d011b2ae0e59657
2020-08-27 12:16:23 +10:00
djm@openbsd.org
a01817a9f6
upstream: adapt dummy FIDO middleware to API change; ok markus@
...
OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
2020-05-01 13:13:36 +10:00
djm@openbsd.org
9f8a42340b
upstream: this needs utf8.c too
...
OpenBSD-Regress-ID: 445040036cec714d28069a20da25553a04a28451
2020-04-03 15:46:13 +11:00
djm@openbsd.org
f73ab8a811
upstream: unbreak unittests for recent API / source file changes
...
OpenBSD-Regress-ID: 075a899a01bbf7781d38bf0b33d8366faaf6d3c0
2020-01-26 14:19:43 +11:00
Damien Miller
47160e1de8
unbreak fuzzer support for recent ssh-sk.h changes
2020-01-22 10:30:13 +11:00
Darren Tucker
1af3354aea
Wrap stdint.h in ifdef HAVE_STDINT_H.
2020-01-15 16:22:36 +11:00
djm@openbsd.org
dd2acc8b86
upstream: adapt sk-dummy to SK API changes
...
also, make it pull prototypes directly from sk-api.c and #error
if the expected version changes. This will make any future regress
test breakage because of SK API changes much more apparent
OpenBSD-Regress-ID: 79b07055de4feb988e31da71a89051ad5969829d
2020-01-06 13:12:46 +11:00
djm@openbsd.org
680eb7749a
upstream: implement recent SK API change to support resident keys
...
and PIN prompting in the dummy middleware that we use for the tests. Should
fix breakage spotted by dtucker@
OpenBSD-Regress-ID: 379cf9eabfea57aaf7f3f59dafde59889566c484
2020-01-03 13:47:32 +11:00
Damien Miller
0248ec7c76
ssh-sk-null.cc needs extern "C" {}
2020-01-02 13:41:31 +11:00
Damien Miller
5ca4b414ef
add dummy ssh-sk API for linking with fuzzers
2020-01-02 11:15:49 +11:00
djm@openbsd.org
1a7217ac06
upstream: adapt to ssh-sk-client change
...
OpenBSD-Regress-ID: 40481999a5928d635ab2e5b029e8239c112005ea
2019-12-16 14:20:35 +11:00
Darren Tucker
fa7924008e
Wrap ECC specific bits in ifdef.
...
Fixes tests when built against an OpenSSL configured with no-ec.
2019-12-06 14:17:26 +11:00
Damien Miller
37f5b5346e
includes.h for sk-dummy.c, dummy
2019-11-29 14:48:46 +11:00
Damien Miller
ef3853bb94
another attempt at sk-dummy.so working x-platform
...
include a fatal() implementation to satisfy libopenbsd-compat
clean up .lo and .so files
.gitignore .lo and .so files
2019-11-29 11:52:23 +11:00
djm@openbsd.org
d46ac56f1c
upstream: lots of dependencies go away here with ed25519 no longer
...
needing the ssh_digest API.
OpenBSD-Regress-ID: 785847ec78cb580d141e29abce351a436d6b5d49
2019-11-29 11:19:48 +11:00
djm@openbsd.org
c6efa8a91a
upstream: add dummy security key middleware based on work by
...
markus@
This will allow us to test U2F/FIDO2 support in OpenSSH without
requiring real hardware.
ok markus@
OpenBSD-Regress-ID: 88b309464b8850c320cf7513f26d97ee1fdf9aae
2019-11-27 10:47:28 +11:00
Damien Miller
9281d4311b
unbreak fuzzers for recent security key changes
2019-11-25 21:47:49 +11:00
djm@openbsd.org
6498826682
upstream: unbreak after security key support landed
...
OpenBSD-Regress-ID: 3ab578b0dbeb2aa6d9969b54a9c1bad329c0dcba
2019-11-25 21:34:20 +11:00
Damien Miller
1ba130ac8f
add a fuzzer for private key parsing
2019-10-09 13:49:35 +11:00
Damien Miller
8b57337c1c
update fuzzing makefile to more recent clang
2019-09-05 15:46:39 +10:00
Damien Miller
ae631ad77d
fuzzer for sshsig allowed_signers option parsing
2019-09-05 15:46:11 +10:00
Damien Miller
f4846dfc6a
Fuzzer harness for sshsig
2019-09-05 14:26:39 +10:00
djm@openbsd.org
49d8c8e214
upstream: adapt to changes in KEX APIs and file removals
...
OpenBSD-Regress-ID: 54d6857e7c58999c7a6d40942ab0fed3529f43ca
2019-01-21 23:51:29 +11:00
Damien Miller
9b655dc9c9
last bits of old packet API / active_state global
2019-01-20 14:55:27 +11:00