diff options
Diffstat (limited to 'deps/openssl/openssl/fuzz')
| -rw-r--r-- | deps/openssl/openssl/fuzz/README.md | 79 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/asn1.c | 148 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/asn1parse.c | 24 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/bignum.c | 53 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/bndiv.c | 56 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/build.info | 16 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/client.c | 102 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/cms.c | 33 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/conf.c | 14 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/crl.c | 16 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/ct.c | 15 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/driver.c | 17 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/fuzzer.h | 2 | ||||
| -rwxr-xr-x | deps/openssl/openssl/fuzz/helper.py | 4 | ||||
| -rwxr-xr-x | deps/openssl/openssl/fuzz/mkfuzzoids.pl | 32 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/oids.txt | 1065 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/rand.inc | 40 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/server.c | 442 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/test-corpus.c | 3 | ||||
| -rw-r--r-- | deps/openssl/openssl/fuzz/x509.c | 19 |
20 files changed, 2073 insertions, 107 deletions
diff --git a/deps/openssl/openssl/fuzz/README.md b/deps/openssl/openssl/fuzz/README.md index c5a1ba9c9a..44c73f857e 100644 --- a/deps/openssl/openssl/fuzz/README.md +++ b/deps/openssl/openssl/fuzz/README.md @@ -27,7 +27,7 @@ https://github.com/llvm-mirror/llvm/tree/master/lib/Fuzzer if you prefer): $ sudo apt-get install subversion $ mkdir svn-work $ cd svn-work - $ svn co http://llvm.org/svn/llvm-project/llvm/trunk/lib/Fuzzer + $ svn co https://llvm.org/svn/llvm-project/compiler-rt/trunk/lib/fuzzer Fuzzer $ cd Fuzzer $ clang++ -c -g -O2 -std=c++11 *.cpp $ ar r libFuzzer.a *.o @@ -37,8 +37,14 @@ Configure for fuzzing: $ CC=clang ./config enable-fuzz-libfuzzer \ --with-fuzzer-include=../../svn-work/Fuzzer \ - --with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer \ - -DPEDANTIC enable-asan enable-ubsan no-shared + --with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer.a \ + -DPEDANTIC enable-asan enable-ubsan no-shared \ + -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION \ + -fsanitize-coverage=trace-pc-guard,indirect-calls,trace-cmp \ + enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment enable-tls1_3 \ + enable-weak-ssl-ciphers enable-rc5 enable-md2 \ + enable-ssl3 enable-ssl3-method enable-nextprotoneg \ + --debug $ sudo apt-get install make $ LDCMD=clang++ make -j $ fuzz/helper.py $FUZZER @@ -46,9 +52,7 @@ Configure for fuzzing: Where $FUZZER is one of the executables in `fuzz/`. If you get a crash, you should find a corresponding input file in -`fuzz/corpora/$FUZZER-crash/`. You can reproduce the crash with - - $ fuzz/$FUZZER <crashfile> +`fuzz/corpora/$FUZZER-crash/`. AFL === @@ -56,11 +60,72 @@ AFL Configure for fuzzing: $ sudo apt-get install afl-clang - $ CC=afl-clang-fast ./config enable-fuzz-afl no-shared + $ CC=afl-clang-fast ./config enable-fuzz-afl no-shared -DPEDANTIC \ + enable-tls1_3 enable-weak-ssl-ciphers enable-rc5 enable-md2 \ + enable-ssl3 enable-ssl3-method enable-nextprotoneg \ + enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment \ + --debug $ make +The following options can also be enabled: enable-asan, enable-ubsan, enable-msan + Run one of the fuzzers: $ afl-fuzz -i fuzz/corpora/$FUZZER -o fuzz/corpora/$FUZZER/out fuzz/$FUZZER Where $FUZZER is one of the executables in `fuzz/`. + +Reproducing issues +================== + +If a fuzzer generates a reproducible error, you can reproduce the problem using +the fuzz/*-test binaries and the file generated by the fuzzer. They binaries +don't need to be build for fuzzing, there is no need to set CC or the call +config with enable-fuzz-* or -fsanitize-coverage, but some of the other options +above might be needed. For instance the enable-asan or enable-ubsan option might +be useful to show you when the problem happens. For the client and server fuzzer +it might be needed to use -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION to +reproduce the generated random numbers. + +To reproduce the crash you can run: + + $ fuzz/$FUZZER-test $file + +Random numbers +============== + +The client and server fuzzer normally generate random numbers as part of the TLS +connection setup. This results in the coverage of the fuzzing corpus changing +depending on the random numbers. This also has an effect for coverage of the +rest of the test suite and you see the coverage change for each commit even when +no code has been modified. + +Since we want to maximize the coverage of the fuzzing corpus, the client and +server fuzzer will use predictable numbers instead of the random numbers. This +is controlled by the FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION define. + +The coverage depends on the way the numbers are generated. We don't disable any +check of hashes, but the corpus has the correct hash in it for the random +numbers that were generated. For instance the client fuzzer will always generate +the same client hello with the same random number in it, and so the server, as +emulated by the file, can be generated for that client hello. + +Coverage changes +================ + +Since the corpus depends on the default behaviour of the client and the server, +changes in what they send by default will have an impact on the coverage. The +corpus will need to be updated in that case. + +Updating the corpus +=================== + +The client and server corpus is generated with multiple config options: +- The options as documented above +- Without enable-ec_nistp_64_gcc_128 and without --debug +- With no-asm +- Using 32 bit +- A default config, plus options needed to generate the fuzzer. + +The libfuzzer merge option is used to add the additional coverage +from each config to the minimal set. diff --git a/deps/openssl/openssl/fuzz/asn1.c b/deps/openssl/openssl/fuzz/asn1.c index 5125f363ff..fd2271bf52 100644 --- a/deps/openssl/openssl/fuzz/asn1.c +++ b/deps/openssl/openssl/fuzz/asn1.c @@ -27,8 +27,15 @@ #include <openssl/ts.h> #include <openssl/x509v3.h> #include <openssl/cms.h> +#include <openssl/err.h> +#include <openssl/rand.h> +#include <openssl/bio.h> +#include <openssl/evp.h> +#include <openssl/ssl.h> #include "fuzzer.h" +#include "rand.inc" + static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(ACCESS_DESCRIPTION), #ifndef OPENSSL_NO_RFC3779 @@ -99,7 +106,9 @@ static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(IPAddressRange), #endif ASN1_ITEM_ref(ISSUING_DIST_POINT), +#if OPENSSL_API_COMPAT < 0x10200000L ASN1_ITEM_ref(LONG), +#endif ASN1_ITEM_ref(NAME_CONSTRAINTS), ASN1_ITEM_ref(NETSCAPE_CERT_SEQUENCE), ASN1_ITEM_ref(NETSCAPE_SPKAC), @@ -159,7 +168,6 @@ static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(RSAPublicKey), ASN1_ITEM_ref(SXNET), ASN1_ITEM_ref(SXNETID), - /*ASN1_ITEM_ref(TS_RESP), want to do this, but type is hidden, however d2i exists... */ ASN1_ITEM_ref(USERNOTICE), ASN1_ITEM_ref(X509), ASN1_ITEM_ref(X509_ALGOR), @@ -179,25 +187,112 @@ static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(X509_REVOKED), ASN1_ITEM_ref(X509_SIG), ASN1_ITEM_ref(X509_VAL), +#if OPENSSL_API_COMPAT < 0x10200000L ASN1_ITEM_ref(ZLONG), +#endif + ASN1_ITEM_ref(INT32), + ASN1_ITEM_ref(ZINT32), + ASN1_ITEM_ref(UINT32), + ASN1_ITEM_ref(ZUINT32), + ASN1_ITEM_ref(INT64), + ASN1_ITEM_ref(ZINT64), + ASN1_ITEM_ref(UINT64), + ASN1_ITEM_ref(ZUINT64), NULL }; -int FuzzerInitialize(int *argc, char ***argv) { - return 1; +static ASN1_PCTX *pctx; + +#define DO_TEST(TYPE, D2I, I2D, PRINT) { \ + const unsigned char *p = buf; \ + unsigned char *der = NULL; \ + TYPE *type = D2I(NULL, &p, len); \ + \ + if (type != NULL) { \ + int len2; \ + BIO *bio = BIO_new(BIO_s_null()); \ + \ + PRINT(bio, type); \ + BIO_free(bio); \ + len2 = I2D(type, &der); \ + if (len2 != 0) {} \ + OPENSSL_free(der); \ + TYPE ## _free(type); \ + } \ } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { - int n; +#define DO_TEST_PRINT_OFFSET(TYPE, D2I, I2D, PRINT) { \ + const unsigned char *p = buf; \ + unsigned char *der = NULL; \ + TYPE *type = D2I(NULL, &p, len); \ + \ + if (type != NULL) { \ + BIO *bio = BIO_new(BIO_s_null()); \ + \ + PRINT(bio, type, 0); \ + BIO_free(bio); \ + I2D(type, &der); \ + OPENSSL_free(der); \ + TYPE ## _free(type); \ + } \ +} + +#define DO_TEST_PRINT_PCTX(TYPE, D2I, I2D, PRINT) { \ + const unsigned char *p = buf; \ + unsigned char *der = NULL; \ + TYPE *type = D2I(NULL, &p, len); \ + \ + if (type != NULL) { \ + BIO *bio = BIO_new(BIO_s_null()); \ + \ + PRINT(bio, type, 0, pctx); \ + BIO_free(bio); \ + I2D(type, &der); \ + OPENSSL_free(der); \ + TYPE ## _free(type); \ + } \ +} - ASN1_PCTX *pctx = ASN1_PCTX_new(); +#define DO_TEST_NO_PRINT(TYPE, D2I, I2D) { \ + const unsigned char *p = buf; \ + unsigned char *der = NULL; \ + TYPE *type = D2I(NULL, &p, len); \ + \ + if (type != NULL) { \ + BIO *bio = BIO_new(BIO_s_null()); \ + \ + BIO_free(bio); \ + I2D(type, &der); \ + OPENSSL_free(der); \ + TYPE ## _free(type); \ + } \ +} + + +int FuzzerInitialize(int *argc, char ***argv) +{ + pctx = ASN1_PCTX_new(); ASN1_PCTX_set_flags(pctx, ASN1_PCTX_FLAGS_SHOW_ABSENT | ASN1_PCTX_FLAGS_SHOW_SEQUENCE | ASN1_PCTX_FLAGS_SHOW_SSOF | ASN1_PCTX_FLAGS_SHOW_TYPE | ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME); ASN1_PCTX_set_str_flags(pctx, ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_SHOW_TYPE | ASN1_STRFLGS_DUMP_ALL); + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); + FuzzerSetRand(); + + return 1; +} + +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ + int n; + + for (n = 0; item_type[n] != NULL; ++n) { const uint8_t *b = buf; unsigned char *der = NULL; @@ -206,17 +301,52 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { if (o != NULL) { BIO *bio = BIO_new(BIO_s_null()); + ASN1_item_print(bio, o, 4, i, pctx); BIO_free(bio); - ASN1_item_i2d(o, &der, i); OPENSSL_free(der); - ASN1_item_free(o, i); } } - ASN1_PCTX_free(pctx); +#ifndef OPENSSL_NO_TS + DO_TEST(TS_REQ, d2i_TS_REQ, i2d_TS_REQ, TS_REQ_print_bio); + DO_TEST(TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, TS_MSG_IMPRINT_print_bio); + DO_TEST(TS_RESP, d2i_TS_RESP, i2d_TS_RESP, TS_RESP_print_bio); + DO_TEST(TS_STATUS_INFO, d2i_TS_STATUS_INFO, i2d_TS_STATUS_INFO, TS_STATUS_INFO_print_bio); + DO_TEST(TS_TST_INFO, d2i_TS_TST_INFO, i2d_TS_TST_INFO, TS_TST_INFO_print_bio); + DO_TEST_NO_PRINT(TS_ACCURACY, d2i_TS_ACCURACY, i2d_TS_ACCURACY); + DO_TEST_NO_PRINT(ESS_ISSUER_SERIAL, d2i_ESS_ISSUER_SERIAL, i2d_ESS_ISSUER_SERIAL); + DO_TEST_NO_PRINT(ESS_CERT_ID, d2i_ESS_CERT_ID, i2d_ESS_CERT_ID); + DO_TEST_NO_PRINT(ESS_SIGNING_CERT, d2i_ESS_SIGNING_CERT, i2d_ESS_SIGNING_CERT); +#endif +#ifndef OPENSSL_NO_DH + DO_TEST(DH, d2i_DHparams, i2d_DHparams, DHparams_print); + DO_TEST(DH, d2i_DHxparams, i2d_DHxparams, DHparams_print); +#endif +#ifndef OPENSSL_NO_DSA + DO_TEST_NO_PRINT(DSA_SIG, d2i_DSA_SIG, i2d_DSA_SIG); + DO_TEST_PRINT_OFFSET(DSA, d2i_DSAPrivateKey, i2d_DSAPrivateKey, DSA_print); + DO_TEST_PRINT_OFFSET(DSA, d2i_DSAPublicKey, i2d_DSAPublicKey, DSA_print); + DO_TEST(DSA, d2i_DSAparams, i2d_DSAparams, DSAparams_print); +#endif + DO_TEST_PRINT_OFFSET(RSA, d2i_RSAPublicKey, i2d_RSAPublicKey, RSA_print); +#ifndef OPENSSL_NO_EC + DO_TEST_PRINT_OFFSET(EC_GROUP, d2i_ECPKParameters, i2d_ECPKParameters, ECPKParameters_print); + DO_TEST_PRINT_OFFSET(EC_KEY, d2i_ECPrivateKey, i2d_ECPrivateKey, EC_KEY_print); + DO_TEST(EC_KEY, d2i_ECParameters, i2d_ECParameters, ECParameters_print); + DO_TEST_NO_PRINT(ECDSA_SIG, d2i_ECDSA_SIG, i2d_ECDSA_SIG); +#endif + DO_TEST_PRINT_PCTX(EVP_PKEY, d2i_AutoPrivateKey, i2d_PrivateKey, EVP_PKEY_print_private); + DO_TEST(SSL_SESSION, d2i_SSL_SESSION, i2d_SSL_SESSION, SSL_SESSION_print); + + ERR_clear_error(); return 0; } + +void FuzzerCleanup(void) +{ + ASN1_PCTX_free(pctx); +} diff --git a/deps/openssl/openssl/fuzz/asn1parse.c b/deps/openssl/openssl/fuzz/asn1parse.c index b3a6dab0ea..cf5ef72a13 100644 --- a/deps/openssl/openssl/fuzz/asn1parse.c +++ b/deps/openssl/openssl/fuzz/asn1parse.c @@ -16,18 +16,28 @@ #include <openssl/asn1.h> #include <openssl/x509.h> #include <openssl/x509v3.h> +#include <openssl/err.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { +static BIO *bio_out; + +int FuzzerInitialize(int *argc, char ***argv) +{ + bio_out = BIO_new_file("/dev/null", "w"); + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { - static BIO *bio_out; - - if (bio_out == NULL) - bio_out = BIO_new_file("/dev/null", "w"); - +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ (void)ASN1_parse_dump(bio_out, buf, len, 0, 0); + ERR_clear_error(); return 0; } + +void FuzzerCleanup(void) +{ + BIO_free(bio_out); +} diff --git a/deps/openssl/openssl/fuzz/bignum.c b/deps/openssl/openssl/fuzz/bignum.c index 43e134bc14..c5136601b1 100644 --- a/deps/openssl/openssl/fuzz/bignum.c +++ b/deps/openssl/openssl/fuzz/bignum.c @@ -15,31 +15,37 @@ #include <stdio.h> #include <openssl/bn.h> +#include <openssl/err.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { + +int FuzzerInitialize(int *argc, char ***argv) +{ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { - static BN_CTX *ctx; - static BIGNUM *b1; - static BIGNUM *b2; - static BIGNUM *b3; - static BIGNUM *b4; - static BIGNUM *b5; +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ int success = 0; size_t l1 = 0, l2 = 0, l3 = 0; - int s1 = 0, s2 = 0, s3 = 0; + int s1 = 0, s3 = 0; + BN_CTX *ctx; + BIGNUM *b1; + BIGNUM *b2; + BIGNUM *b3; + BIGNUM *b4; + BIGNUM *b5; + + b1 = BN_new(); + b2 = BN_new(); + b3 = BN_new(); + b4 = BN_new(); + b5 = BN_new(); + ctx = BN_CTX_new(); - if (ctx == NULL) { - b1 = BN_new(); - b2 = BN_new(); - b3 = BN_new(); - b4 = BN_new(); - b5 = BN_new(); - ctx = BN_CTX_new(); - } /* Divide the input into three parts, using the values of the first two * bytes to choose lengths, which generate b1, b2 and b3. Use three bits * of the third byte to choose signs for the three numbers. @@ -53,14 +59,12 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { l3 = len - l1 - l2; s1 = buf[0] & 1; - s2 = buf[0] & 2; s3 = buf[0] & 4; ++buf; } OPENSSL_assert(BN_bin2bn(buf, l1, b1) == b1); BN_set_negative(b1, s1); OPENSSL_assert(BN_bin2bn(buf + l1, l2, b2) == b2); - BN_set_negative(b2, s2); OPENSSL_assert(BN_bin2bn(buf + l1 + l2, l3, b3) == b3); BN_set_negative(b3, s3); @@ -89,6 +93,17 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { done: OPENSSL_assert(success); + BN_free(b1); + BN_free(b2); + BN_free(b3); + BN_free(b4); + BN_free(b5); + BN_CTX_free(ctx); + ERR_clear_error(); return 0; } + +void FuzzerCleanup(void) +{ +} diff --git a/deps/openssl/openssl/fuzz/bndiv.c b/deps/openssl/openssl/fuzz/bndiv.c index 45a3937992..e9c70bbd4c 100644 --- a/deps/openssl/openssl/fuzz/bndiv.c +++ b/deps/openssl/openssl/fuzz/bndiv.c @@ -15,32 +15,45 @@ #include <stdio.h> #include <openssl/bn.h> +#include <openssl/err.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { +/* 256 kB */ +#define MAX_LEN (256 * 1000) + +static BN_CTX *ctx; +static BIGNUM *b1; +static BIGNUM *b2; +static BIGNUM *b3; +static BIGNUM *b4; +static BIGNUM *b5; + +int FuzzerInitialize(int *argc, char ***argv) +{ + b1 = BN_new(); + b2 = BN_new(); + b3 = BN_new(); + b4 = BN_new(); + b5 = BN_new(); + ctx = BN_CTX_new(); + + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { - static BN_CTX *ctx; - static BIGNUM *b1; - static BIGNUM *b2; - static BIGNUM *b3; - static BIGNUM *b4; - static BIGNUM *b5; +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ int success = 0; size_t l1 = 0, l2 = 0; /* s1 and s2 will be the signs for b1 and b2. */ int s1 = 0, s2 = 0; - if (ctx == NULL) { - b1 = BN_new(); - b2 = BN_new(); - b3 = BN_new(); - b4 = BN_new(); - b5 = BN_new(); - ctx = BN_CTX_new(); - } + /* limit the size of the input to avoid timeout */ + if (len > MAX_LEN) + len = MAX_LEN; + /* We are going to split the buffer in two, sizes l1 and l2, giving b1 and * b2. */ @@ -102,6 +115,17 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { done: OPENSSL_assert(success); + ERR_clear_error(); return 0; } + +void FuzzerCleanup(void) +{ + BN_free(b1); + BN_free(b2); + BN_free(b3); + BN_free(b4); + BN_free(b5); + BN_CTX_free(ctx); +} diff --git a/deps/openssl/openssl/fuzz/build.info b/deps/openssl/openssl/fuzz/build.info index eade218937..cde03d3447 100644 --- a/deps/openssl/openssl/fuzz/build.info +++ b/deps/openssl/openssl/fuzz/build.info @@ -9,7 +9,7 @@ -} IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}] - PROGRAMS_NO_INST=asn1 asn1parse bignum bndiv conf crl server x509 + PROGRAMS_NO_INST=asn1 asn1parse bignum bndiv client conf crl server x509 IF[{- !$disabled{"cms"} -}] PROGRAMS_NO_INST=cms @@ -21,7 +21,7 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}] SOURCE[asn1]=asn1.c driver.c INCLUDE[asn1]=../include {- $ex_inc -} - DEPEND[asn1]=../libcrypto {- $ex_lib -} + DEPEND[asn1]=../libcrypto ../libssl {- $ex_lib -} SOURCE[asn1parse]=asn1parse.c driver.c INCLUDE[asn1parse]=../include {- $ex_inc -} @@ -35,6 +35,10 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}] INCLUDE[bndiv]=../include {- $ex_inc -} DEPEND[bndiv]=../libcrypto {- $ex_lib -} + SOURCE[client]=client.c driver.c + INCLUDE[client]=../include {- $ex_inc -} + DEPEND[client]=../libcrypto ../libssl {- $ex_lib -} + SOURCE[cms]=cms.c driver.c INCLUDE[cms]=../include {- $ex_inc -} DEPEND[cms]=../libcrypto {- $ex_lib -} @@ -61,7 +65,7 @@ IF[{- !$disabled{"fuzz-afl"} || !$disabled{"fuzz-libfuzzer"} -}] ENDIF IF[{- !$disabled{tests} -}] - PROGRAMS_NO_INST=asn1-test asn1parse-test bignum-test bndiv-test conf-test crl-test server-test x509-test + PROGRAMS_NO_INST=asn1-test asn1parse-test bignum-test bndiv-test client-test conf-test crl-test server-test x509-test IF[{- !$disabled{"cms"} -}] PROGRAMS_NO_INST=cms-test @@ -73,7 +77,7 @@ IF[{- !$disabled{tests} -}] SOURCE[asn1-test]=asn1.c test-corpus.c INCLUDE[asn1-test]=../include - DEPEND[asn1-test]=../libcrypto + DEPEND[asn1-test]=../libcrypto ../libssl SOURCE[asn1parse-test]=asn1parse.c test-corpus.c INCLUDE[asn1parse-test]=../include @@ -87,6 +91,10 @@ IF[{- !$disabled{tests} -}] INCLUDE[bndiv-test]=../include DEPEND[bndiv-test]=../libcrypto + SOURCE[client-test]=client.c test-corpus.c + INCLUDE[client-test]=../include + DEPEND[client-test]=../libcrypto ../libssl + SOURCE[cms-test]=cms.c test-corpus.c INCLUDE[cms-test]=../include DEPEND[cms-test]=../libcrypto diff --git a/deps/openssl/openssl/fuzz/client.c b/deps/openssl/openssl/fuzz/client.c new file mode 100644 index 0000000000..7ce609ca6a --- /dev/null +++ b/deps/openssl/openssl/fuzz/client.c @@ -0,0 +1,102 @@ +/* + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL licenses, (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ + +#include <time.h> +#include <openssl/rand.h> +#include <openssl/ssl.h> +#include <openssl/rsa.h> +#include <openssl/dsa.h> +#include <openssl/ec.h> +#include <openssl/dh.h> +#include <openssl/err.h> +#include "fuzzer.h" + +#include "rand.inc" + +/* unused, to avoid warning. */ +static int idx; + +#define FUZZTIME 1485898104 + +#define TIME_IMPL(t) { if (t != NULL) *t = FUZZTIME; return FUZZTIME; } + +/* + * This might not work in all cases (and definitely not on Windows + * because of the way linkers are) and callees can still get the + * current time instead of the fixed time. This will just result + * in things not being fully reproducible and have a slightly + * different coverage. + */ +#if !defined(_WIN32) +time_t time(time_t *t) TIME_IMPL(t) +#endif + +int FuzzerInitialize(int *argc, char ***argv) +{ + STACK_OF(SSL_COMP) *comp_methods; + + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ASYNC, NULL); + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); + idx = SSL_get_ex_data_X509_STORE_CTX_idx(); + FuzzerSetRand(); + comp_methods = SSL_COMP_get_compression_methods(); + if (comp_methods != NULL) + sk_SSL_COMP_sort(comp_methods); + + return 1; +} + +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ + SSL *client; + BIO *in; + BIO *out; + SSL_CTX *ctx; + + if (len == 0) + return 0; + + /* + * TODO: use the ossltest engine (optionally?) to disable crypto checks. + */ + + /* This only fuzzes the initial flow from the client so far. */ + ctx = SSL_CTX_new(SSLv23_method()); + + client = SSL_new(ctx); + OPENSSL_assert(SSL_set_min_proto_version(client, 0) == 1); + OPENSSL_assert(SSL_set_cipher_list(client, "ALL:eNULL:@SECLEVEL=0") == 1); + SSL_set_tlsext_host_name(client, "localhost"); + in = BIO_new(BIO_s_mem()); + out = BIO_new(BIO_s_mem()); + SSL_set_bio(client, in, out); + SSL_set_connect_state(client); + OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); + if (SSL_do_handshake(client) == 1) { + /* Keep reading application data until error or EOF. */ + uint8_t tmp[1024]; + for (;;) { + if (SSL_read(client, tmp, sizeof(tmp)) <= 0) { + break; + } + } + } + SSL_free(client); + ERR_clear_error(); + SSL_CTX_free(ctx); + + return 0; +} + +void FuzzerCleanup(void) +{ +} diff --git a/deps/openssl/openssl/fuzz/cms.c b/deps/openssl/openssl/fuzz/cms.c index 94390e7c91..959ef9365a 100644 --- a/deps/openssl/openssl/fuzz/cms.c +++ b/deps/openssl/openssl/fuzz/cms.c @@ -14,23 +14,42 @@ #include <openssl/bio.h> #include <openssl/cms.h> +#include <openssl/err.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { +int FuzzerInitialize(int *argc, char ***argv) +{ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { - CMS_ContentInfo *i; +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ + CMS_ContentInfo *cms; BIO *in; - if (!len) { + + if (len == 0) return 0; - } in = BIO_new(BIO_s_mem()); OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); - i = d2i_CMS_bio(in, NULL); - CMS_ContentInfo_free(i); + cms = d2i_CMS_bio(in, NULL); + if (cms != NULL) { + BIO *out = BIO_new(BIO_s_null()); + + i2d_CMS_bio(out, cms); + BIO_free(out); + CMS_ContentInfo_free(cms); + } + BIO_free(in); + ERR_clear_error(); + return 0; } + +void FuzzerCleanup(void) +{ +} diff --git a/deps/openssl/openssl/fuzz/conf.c b/deps/openssl/openssl/fuzz/conf.c index 30b13c84f9..87fe857099 100644 --- a/deps/openssl/openssl/fuzz/conf.c +++ b/deps/openssl/openssl/fuzz/conf.c @@ -13,13 +13,18 @@ */ #include <openssl/conf.h> +#include <openssl/err.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { +int FuzzerInitialize(int *argc, char ***argv) +{ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ CONF *conf; BIO *in; long eline; @@ -33,6 +38,11 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { NCONF_load_bio(conf, in, &eline); NCONF_free(conf); BIO_free(in); + ERR_clear_error(); return 0; } + +void FuzzerCleanup(void) +{ +} diff --git a/deps/openssl/openssl/fuzz/crl.c b/deps/openssl/openssl/fuzz/crl.c index 728943f551..e4b0192f05 100644 --- a/deps/openssl/openssl/fuzz/crl.c +++ b/deps/openssl/openssl/fuzz/crl.c @@ -10,13 +10,19 @@ #include <openssl/x509.h> #include <openssl/bio.h> +#include <openssl/err.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { +int FuzzerInitialize(int *argc, char ***argv) +{ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ const unsigned char *p = buf; unsigned char *der = NULL; @@ -31,5 +37,11 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { X509_CRL_free(crl); } + ERR_clear_error(); + return 0; } + +void FuzzerCleanup(void) +{ +} diff --git a/deps/openssl/openssl/fuzz/ct.c b/deps/openssl/openssl/fuzz/ct.c index 411ccef4a0..72dd798711 100644 --- a/deps/openssl/openssl/fuzz/ct.c +++ b/deps/openssl/openssl/fuzz/ct.c @@ -14,13 +14,19 @@ #include <stdio.h> #include <openssl/ct.h> +#include <openssl/err.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { +int FuzzerInitialize(int *argc, char ***argv) +{ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + CRYPTO_free_ex_index(0, -1); + ERR_get_state(); return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ const uint8_t **pp = &buf; unsigned char *der = NULL; STACK_OF(SCT) *scts = d2i_SCT_LIST(NULL, pp, len); @@ -36,5 +42,10 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { SCT_LIST_free(scts); } + ERR_clear_error(); return 0; } + +void FuzzerCleanup(void) +{ +} diff --git a/deps/openssl/openssl/fuzz/driver.c b/deps/openssl/openssl/fuzz/driver.c index c530fedc84..54d67de202 100644 --- a/deps/openssl/openssl/fuzz/driver.c +++ b/deps/openssl/openssl/fuzz/driver.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL licenses, (the "License"); * you may not use this file except in compliance with the License. @@ -15,14 +15,16 @@ #ifndef OPENSSL_NO_FUZZ_LIBFUZZER +int LLVMFuzzerInitialize(int *argc, char ***argv); +int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); + int LLVMFuzzerInitialize(int *argc, char ***argv) { - if (FuzzerInitialize) - return FuzzerInitialize(argc, argv); - return 0; + return FuzzerInitialize(argc, argv); } -int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { +int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) +{ return FuzzerTestOneInput(buf, len); } @@ -32,8 +34,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { int main(int argc, char** argv) { - if (FuzzerInitialize) - FuzzerInitialize(&argc, &argv); + FuzzerInitialize(&argc, &argv); while (__AFL_LOOP(10000)) { uint8_t *buf = malloc(BUF_SIZE); @@ -42,6 +43,8 @@ int main(int argc, char** argv) FuzzerTestOneInput(buf, size); free(buf); } + + FuzzerCleanup(); return 0; } diff --git a/deps/openssl/openssl/fuzz/fuzzer.h b/deps/openssl/openssl/fuzz/fuzzer.h index 04d605d79a..fcc0d25279 100644 --- a/deps/openssl/openssl/fuzz/fuzzer.h +++ b/deps/openssl/openssl/fuzz/fuzzer.h @@ -10,3 +10,5 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len); int FuzzerInitialize(int *argc, char ***argv); +void FuzzerCleanup(void); +void FuzzerSetRand(void); diff --git a/deps/openssl/openssl/fuzz/helper.py b/deps/openssl/openssl/fuzz/helper.py index f5f9d77daa..e83ea00c00 100755 --- a/deps/openssl/openssl/fuzz/helper.py +++ b/deps/openssl/openssl/fuzz/helper.py @@ -1,6 +1,6 @@ #!/usr/bin/python # -# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -45,7 +45,7 @@ def main(): cmd = ([os.path.abspath(os.path.join(THIS_DIR, FUZZER))] + sys.argv[2:] + ["-artifact_prefix=" + corpora[1] + "/"] + corpora) - print " ".join(cmd) + print(" ".join(cmd)) subprocess.call(cmd) if __name__ == "__main__": diff --git a/deps/openssl/openssl/fuzz/mkfuzzoids.pl b/deps/openssl/openssl/fuzz/mkfuzzoids.pl new file mode 100755 index 0000000000..0153a031a6 --- /dev/null +++ b/deps/openssl/openssl/fuzz/mkfuzzoids.pl @@ -0,0 +1,32 @@ +#! /usr/bin/env perl +# Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +my $obj_dat_h = $ARGV[0]; + +# Output year depends on the date on the input file and the script. +my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900; +my $iYEAR = [localtime([stat($obj_dat_h)]->[9])]->[5] + 1900; +$YEAR = $iYEAR if $iYEAR > $YEAR; + +open IN, '<', $obj_dat_h + || die "Couldn't open $obj_dat_h : $!\n"; + +while(<IN>) { + s|\R$||; # Better chomp + + next unless m|^\s+((0x[0-9A-F][0-9A-F],)*)\s+/\*\s\[\s*\d+\]\s(OBJ_\w+)\s\*/$|; + + my $OID = $1; + my $OBJname = $3; + + $OID =~ s|0x|\\x|g; + $OID =~ s|,||g; + + print "$OBJname=\"$OID\"\n"; +} +close IN; diff --git a/deps/openssl/openssl/fuzz/oids.txt b/deps/openssl/openssl/fuzz/oids.txt new file mode 100644 index 0000000000..fe363fd37e --- /dev/null +++ b/deps/openssl/openssl/fuzz/oids.txt @@ -0,0 +1,1065 @@ +OBJ_rsadsi="\x2A\x86\x48\x86\xF7\x0D" +OBJ_pkcs="\x2A\x86\x48\x86\xF7\x0D\x01" +OBJ_md2="\x2A\x86\x48\x86\xF7\x0D\x02\x02" +OBJ_md5="\x2A\x86\x48\x86\xF7\x0D\x02\x05" +OBJ_rc4="\x2A\x86\x48\x86\xF7\x0D\x03\x04" +OBJ_rsaEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01" +OBJ_md2WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x02" +OBJ_md5WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x04" +OBJ_pbeWithMD2AndDES_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x01" +OBJ_pbeWithMD5AndDES_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x03" +OBJ_X500="\x55" +OBJ_X509="\x55\x04" +OBJ_commonName="\x55\x04\x03" +OBJ_countryName="\x55\x04\x06" +OBJ_localityName="\x55\x04\x07" +OBJ_stateOrProvinceName="\x55\x04\x08" +OBJ_organizationName="\x55\x04\x0A" +OBJ_organizationalUnitName="\x55\x04\x0B" +OBJ_rsa="\x55\x08\x01\x01" +OBJ_pkcs7="\x2A\x86\x48\x86\xF7\x0D\x01\x07" +OBJ_pkcs7_data="\x2A\x86\x48\x86\xF7\x0D\x01\x07\x01" +OBJ_pkcs7_signed="\x2A\x86\x48\x86\xF7\x0D\x01\x07\x02" +OBJ_pkcs7_enveloped="\x2A\x86\x48\x86\xF7\x0D\x01\x07\x03" +OBJ_pkcs7_signedAndEnveloped="\x2A\x86\x48\x86\xF7\x0D\x01\x07\x04" +OBJ_pkcs7_digest="\x2A\x86\x48\x86\xF7\x0D\x01\x07\x05" +OBJ_pkcs7_encrypted="\x2A\x86\x48\x86\xF7\x0D\x01\x07\x06" +OBJ_pkcs3="\x2A\x86\x48\x86\xF7\x0D\x01\x03" +OBJ_dhKeyAgreement="\x2A\x86\x48\x86\xF7\x0D\x01\x03\x01" +OBJ_des_ecb="\x2B\x0E\x03\x02\x06" +OBJ_des_cfb64="\x2B\x0E\x03\x02\x09" +OBJ_des_cbc="\x2B\x0E\x03\x02\x07" +OBJ_des_ede_ecb="\x2B\x0E\x03\x02\x11" +OBJ_idea_cbc="\x2B\x06\x01\x04\x01\x81\x3C\x07\x01\x01\x02" +OBJ_rc2_cbc="\x2A\x86\x48\x86\xF7\x0D\x03\x02" +OBJ_sha="\x2B\x0E\x03\x02\x12" +OBJ_shaWithRSAEncryption="\x2B\x0E\x03\x02\x0F" +OBJ_des_ede3_cbc="\x2A\x86\x48\x86\xF7\x0D\x03\x07" +OBJ_des_ofb64="\x2B\x0E\x03\x02\x08" +OBJ_pkcs9="\x2A\x86\x48\x86\xF7\x0D\x01\x09" +OBJ_pkcs9_emailAddress="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x01" +OBJ_pkcs9_unstructuredName="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x02" +OBJ_pkcs9_contentType="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x03" +OBJ_pkcs9_messageDigest="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x04" +OBJ_pkcs9_signingTime="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x05" +OBJ_pkcs9_countersignature="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x06" +OBJ_pkcs9_challengePassword="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x07" +OBJ_pkcs9_unstructuredAddress="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x08" +OBJ_pkcs9_extCertAttributes="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x09" +OBJ_netscape="\x60\x86\x48\x01\x86\xF8\x42" +OBJ_netscape_cert_extension="\x60\x86\x48\x01\x86\xF8\x42\x01" +OBJ_netscape_data_type="\x60\x86\x48\x01\x86\xF8\x42\x02" +OBJ_sha1="\x2B\x0E\x03\x02\x1A" +OBJ_sha1WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05" +OBJ_dsaWithSHA="\x2B\x0E\x03\x02\x0D" +OBJ_dsa_2="\x2B\x0E\x03\x02\x0C" +OBJ_pbeWithSHA1AndRC2_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x0B" +OBJ_id_pbkdf2="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x0C" +OBJ_dsaWithSHA1_2="\x2B\x0E\x03\x02\x1B" +OBJ_netscape_cert_type="\x60\x86\x48\x01\x86\xF8\x42\x01\x01" +OBJ_netscape_base_url="\x60\x86\x48\x01\x86\xF8\x42\x01\x02" +OBJ_netscape_revocation_url="\x60\x86\x48\x01\x86\xF8\x42\x01\x03" +OBJ_netscape_ca_revocation_url="\x60\x86\x48\x01\x86\xF8\x42\x01\x04" +OBJ_netscape_renewal_url="\x60\x86\x48\x01\x86\xF8\x42\x01\x07" +OBJ_netscape_ca_policy_url="\x60\x86\x48\x01\x86\xF8\x42\x01\x08" +OBJ_netscape_ssl_server_name="\x60\x86\x48\x01\x86\xF8\x42\x01\x0C" +OBJ_netscape_comment="\x60\x86\x48\x01\x86\xF8\x42\x01\x0D" +OBJ_netscape_cert_sequence="\x60\x86\x48\x01\x86\xF8\x42\x02\x05" +OBJ_id_ce="\x55\x1D" +OBJ_subject_key_identifier="\x55\x1D\x0E" +OBJ_key_usage="\x55\x1D\x0F" +OBJ_private_key_usage_period="\x55\x1D\x10" +OBJ_subject_alt_name="\x55\x1D\x11" +OBJ_issuer_alt_name="\x55\x1D\x12" +OBJ_basic_constraints="\x55\x1D\x13" +OBJ_crl_number="\x55\x1D\x14" +OBJ_certificate_policies="\x55\x1D\x20" +OBJ_authority_key_identifier="\x55\x1D\x23" +OBJ_bf_cbc="\x2B\x06\x01\x04\x01\x97\x55\x01\x02" +OBJ_mdc2="\x55\x08\x03\x65" +OBJ_mdc2WithRSA="\x55\x08\x03\x64" +OBJ_givenName="\x55\x04\x2A" +OBJ_surname="\x55\x04\x04" +OBJ_initials="\x55\x04\x2B" +OBJ_uniqueIdentifier="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x2C" +OBJ_crl_distribution_points="\x55\x1D\x1F" +OBJ_md5WithRSA="\x2B\x0E\x03\x02\x03" +OBJ_serialNumber="\x55\x04\x05" +OBJ_title="\x55\x04\x0C" +OBJ_description="\x55\x04\x0D" +OBJ_cast5_cbc="\x2A\x86\x48\x86\xF6\x7D\x07\x42\x0A" +OBJ_pbeWithMD5AndCast5_CBC="\x2A\x86\x48\x86\xF6\x7D\x07\x42\x0C" +OBJ_dsaWithSHA1="\x2A\x86\x48\xCE\x38\x04\x03" +OBJ_sha1WithRSA="\x2B\x0E\x03\x02\x1D" +OBJ_dsa="\x2A\x86\x48\xCE\x38\x04\x01" +OBJ_ripemd160="\x2B\x24\x03\x02\x01" +OBJ_ripemd160WithRSA="\x2B\x24\x03\x03\x01\x02" +OBJ_rc5_cbc="\x2A\x86\x48\x86\xF7\x0D\x03\x08" +OBJ_zlib_compression="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x08" +OBJ_ext_key_usage="\x55\x1D\x25" +OBJ_id_pkix="\x2B\x06\x01\x05\x05\x07" +OBJ_id_kp="\x2B\x06\x01\x05\x05\x07\x03" +OBJ_server_auth="\x2B\x06\x01\x05\x05\x07\x03\x01" +OBJ_client_auth="\x2B\x06\x01\x05\x05\x07\x03\x02" +OBJ_code_sign="\x2B\x06\x01\x05\x05\x07\x03\x03" +OBJ_email_protect="\x2B\x06\x01\x05\x05\x07\x03\x04" +OBJ_time_stamp="\x2B\x06\x01\x05\x05\x07\x03\x08" +OBJ_ms_code_ind="\x2B\x06\x01\x04\x01\x82\x37\x02\x01\x15" +OBJ_ms_code_com="\x2B\x06\x01\x04\x01\x82\x37\x02\x01\x16" +OBJ_ms_ctl_sign="\x2B\x06\x01\x04\x01\x82\x37\x0A\x03\x01" +OBJ_ms_sgc="\x2B\x06\x01\x04\x01\x82\x37\x0A\x03\x03" +OBJ_ms_efs="\x2B\x06\x01\x04\x01\x82\x37\x0A\x03\x04" +OBJ_ns_sgc="\x60\x86\x48\x01\x86\xF8\x42\x04\x01" +OBJ_delta_crl="\x55\x1D\x1B" +OBJ_crl_reason="\x55\x1D\x15" +OBJ_invalidity_date="\x55\x1D\x18" +OBJ_sxnet="\x2B\x65\x01\x04\x01" +OBJ_pbe_WithSHA1And128BitRC4="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x01" +OBJ_pbe_WithSHA1And40BitRC4="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x02" +OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x03" +OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x04" +OBJ_pbe_WithSHA1And128BitRC2_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x05" +OBJ_pbe_WithSHA1And40BitRC2_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x06" +OBJ_keyBag="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x01" +OBJ_pkcs8ShroudedKeyBag="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x02" +OBJ_certBag="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x03" +OBJ_crlBag="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x04" +OBJ_secretBag="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x05" +OBJ_safeContentsBag="\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x06" +OBJ_friendlyName="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x14" +OBJ_localKeyID="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x15" +OBJ_x509Certificate="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x16\x01" +OBJ_sdsiCertificate="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x16\x02" +OBJ_x509Crl="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x17\x01" +OBJ_pbes2="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x0D" +OBJ_pbmac1="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x0E" +OBJ_hmacWithSHA1="\x2A\x86\x48\x86\xF7\x0D\x02\x07" +OBJ_id_qt_cps="\x2B\x06\x01\x05\x05\x07\x02\x01" +OBJ_id_qt_unotice="\x2B\x06\x01\x05\x05\x07\x02\x02" +OBJ_SMIMECapabilities="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x0F" +OBJ_pbeWithMD2AndRC2_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x04" +OBJ_pbeWithMD5AndRC2_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x06" +OBJ_pbeWithSHA1AndDES_CBC="\x2A\x86\x48\x86\xF7\x0D\x01\x05\x0A" +OBJ_ms_ext_req="\x2B\x06\x01\x04\x01\x82\x37\x02\x01\x0E" +OBJ_ext_req="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x0E" +OBJ_name="\x55\x04\x29" +OBJ_dnQualifier="\x55\x04\x2E" +OBJ_id_pe="\x2B\x06\x01\x05\x05\x07\x01" +OBJ_id_ad="\x2B\x06\x01\x05\x05\x07\x30" +OBJ_info_access="\x2B\x06\x01\x05\x05\x07\x01\x01" +OBJ_ad_OCSP="\x2B\x06\x01\x05\x05\x07\x30\x01" +OBJ_ad_ca_issuers="\x2B\x06\x01\x05\x05\x07\x30\x02" +OBJ_OCSP_sign="\x2B\x06\x01\x05\x05\x07\x03\x09" +OBJ_member_body="\x2A" +OBJ_ISO_US="\x2A\x86\x48" +OBJ_X9_57="\x2A\x86\x48\xCE\x38" +OBJ_X9cm="\x2A\x86\x48\xCE\x38\x04" +OBJ_pkcs1="\x2A\x86\x48\x86\xF7\x0D\x01\x01" +OBJ_pkcs5="\x2A\x86\x48\x86\xF7\x0D\x01\x05" +OBJ_SMIME="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10" +OBJ_id_smime_mod="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00" +OBJ_id_smime_ct="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01" +OBJ_id_smime_aa="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02" +OBJ_id_smime_alg="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03" +OBJ_id_smime_cd="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x04" +OBJ_id_smime_spq="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x05" +OBJ_id_smime_cti="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x06" +OBJ_id_smime_mod_cms="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00\x01" +OBJ_id_smime_mod_ess="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00\x02" +OBJ_id_smime_mod_oid="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00\x03" +OBJ_id_smime_mod_msg_v3="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00\x04" +OBJ_id_smime_mod_ets_eSignature_88="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00\x05" +OBJ_id_smime_mod_ets_eSignature_97="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00\x06" +OBJ_id_smime_mod_ets_eSigPolicy_88="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00\x07" +OBJ_id_smime_mod_ets_eSigPolicy_97="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x00\x08" +OBJ_id_smime_ct_receipt="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x01" +OBJ_id_smime_ct_authData="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x02" +OBJ_id_smime_ct_publishCert="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x03" +OBJ_id_smime_ct_TSTInfo="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x04" +OBJ_id_smime_ct_TDTInfo="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x05" +OBJ_id_smime_ct_contentInfo="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x06" +OBJ_id_smime_ct_DVCSRequestData="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x07" +OBJ_id_smime_ct_DVCSResponseData="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x08" +OBJ_id_smime_aa_receiptRequest="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x01" +OBJ_id_smime_aa_securityLabel="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x02" +OBJ_id_smime_aa_mlExpandHistory="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x03" +OBJ_id_smime_aa_contentHint="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x04" +OBJ_id_smime_aa_msgSigDigest="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x05" +OBJ_id_smime_aa_encapContentType="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x06" +OBJ_id_smime_aa_contentIdentifier="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x07" +OBJ_id_smime_aa_macValue="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x08" +OBJ_id_smime_aa_equivalentLabels="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x09" +OBJ_id_smime_aa_contentReference="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x0A" +OBJ_id_smime_aa_encrypKeyPref="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x0B" +OBJ_id_smime_aa_signingCertificate="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x0C" +OBJ_id_smime_aa_smimeEncryptCerts="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x0D" +OBJ_id_smime_aa_timeStampToken="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x0E" +OBJ_id_smime_aa_ets_sigPolicyId="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x0F" +OBJ_id_smime_aa_ets_commitmentType="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x10" +OBJ_id_smime_aa_ets_signerLocation="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x11" +OBJ_id_smime_aa_ets_signerAttr="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x12" +OBJ_id_smime_aa_ets_otherSigCert="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x13" +OBJ_id_smime_aa_ets_contentTimestamp="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x14" +OBJ_id_smime_aa_ets_CertificateRefs="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x15" +OBJ_id_smime_aa_ets_RevocationRefs="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x16" +OBJ_id_smime_aa_ets_certValues="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x17" +OBJ_id_smime_aa_ets_revocationValues="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x18" +OBJ_id_smime_aa_ets_escTimeStamp="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x19" +OBJ_id_smime_aa_ets_certCRLTimestamp="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x1A" +OBJ_id_smime_aa_ets_archiveTimeStamp="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x1B" +OBJ_id_smime_aa_signatureType="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x1C" +OBJ_id_smime_aa_dvcs_dvc="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x1D" +OBJ_id_smime_alg_ESDHwith3DES="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x01" +OBJ_id_smime_alg_ESDHwithRC2="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x02" +OBJ_id_smime_alg_3DESwrap="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x03" +OBJ_id_smime_alg_RC2wrap="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x04" +OBJ_id_smime_alg_ESDH="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x05" +OBJ_id_smime_alg_CMS3DESwrap="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x06" +OBJ_id_smime_alg_CMSRC2wrap="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x07" +OBJ_id_smime_cd_ldap="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x04\x01" +OBJ_id_smime_spq_ets_sqt_uri="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x05\x01" +OBJ_id_smime_spq_ets_sqt_unotice="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x05\x02" +OBJ_id_smime_cti_ets_proofOfOrigin="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x06\x01" +OBJ_id_smime_cti_ets_proofOfReceipt="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x06\x02" +OBJ_id_smime_cti_ets_proofOfDelivery="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x06\x03" +OBJ_id_smime_cti_ets_proofOfSender="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x06\x04" +OBJ_id_smime_cti_ets_proofOfApproval="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x06\x05" +OBJ_id_smime_cti_ets_proofOfCreation="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x06\x06" +OBJ_md4="\x2A\x86\x48\x86\xF7\x0D\x02\x04" +OBJ_id_pkix_mod="\x2B\x06\x01\x05\x05\x07\x00" +OBJ_id_qt="\x2B\x06\x01\x05\x05\x07\x02" +OBJ_id_it="\x2B\x06\x01\x05\x05\x07\x04" +OBJ_id_pkip="\x2B\x06\x01\x05\x05\x07\x05" +OBJ_id_alg="\x2B\x06\x01\x05\x05\x07\x06" +OBJ_id_cmc="\x2B\x06\x01\x05\x05\x07\x07" +OBJ_id_on="\x2B\x06\x01\x05\x05\x07\x08" +OBJ_id_pda="\x2B\x06\x01\x05\x05\x07\x09" +OBJ_id_aca="\x2B\x06\x01\x05\x05\x07\x0A" +OBJ_id_qcs="\x2B\x06\x01\x05\x05\x07\x0B" +OBJ_id_cct="\x2B\x06\x01\x05\x05\x07\x0C" +OBJ_id_pkix1_explicit_88="\x2B\x06\x01\x05\x05\x07\x00\x01" +OBJ_id_pkix1_implicit_88="\x2B\x06\x01\x05\x05\x07\x00\x02" +OBJ_id_pkix1_explicit_93="\x2B\x06\x01\x05\x05\x07\x00\x03" +OBJ_id_pkix1_implicit_93="\x2B\x06\x01\x05\x05\x07\x00\x04" +OBJ_id_mod_crmf="\x2B\x06\x01\x05\x05\x07\x00\x05" +OBJ_id_mod_cmc="\x2B\x06\x01\x05\x05\x07\x00\x06" +OBJ_id_mod_kea_profile_88="\x2B\x06\x01\x05\x05\x07\x00\x07" +OBJ_id_mod_kea_profile_93="\x2B\x06\x01\x05\x05\x07\x00\x08" +OBJ_id_mod_cmp="\x2B\x06\x01\x05\x05\x07\x00\x09" +OBJ_id_mod_qualified_cert_88="\x2B\x06\x01\x05\x05\x07\x00\x0A" +OBJ_id_mod_qualified_cert_93="\x2B\x06\x01\x05\x05\x07\x00\x0B" +OBJ_id_mod_attribute_cert="\x2B\x06\x01\x05\x05\x07\x00\x0C" +OBJ_id_mod_timestamp_protocol="\x2B\x06\x01\x05\x05\x07\x00\x0D" +OBJ_id_mod_ocsp="\x2B\x06\x01\x05\x05\x07\x00\x0E" +OBJ_id_mod_dvcs="\x2B\x06\x01\x05\x05\x07\x00\x0F" +OBJ_id_mod_cmp2000="\x2B\x06\x01\x05\x05\x07\x00\x10" +OBJ_biometricInfo="\x2B\x06\x01\x05\x05\x07\x01\x02" +OBJ_qcStatements="\x2B\x06\x01\x05\x05\x07\x01\x03" +OBJ_ac_auditEntity="\x2B\x06\x01\x05\x05\x07\x01\x04" +OBJ_ac_targeting="\x2B\x06\x01\x05\x05\x07\x01\x05" +OBJ_aaControls="\x2B\x06\x01\x05\x05\x07\x01\x06" +OBJ_sbgp_ipAddrBlock="\x2B\x06\x01\x05\x05\x07\x01\x07" +OBJ_sbgp_autonomousSysNum="\x2B\x06\x01\x05\x05\x07\x01\x08" +OBJ_sbgp_routerIdentifier="\x2B\x06\x01\x05\x05\x07\x01\x09" +OBJ_textNotice="\x2B\x06\x01\x05\x05\x07\x02\x03" +OBJ_ipsecEndSystem="\x2B\x06\x01\x05\x05\x07\x03\x05" +OBJ_ipsecTunnel="\x2B\x06\x01\x05\x05\x07\x03\x06" +OBJ_ipsecUser="\x2B\x06\x01\x05\x05\x07\x03\x07" +OBJ_dvcs="\x2B\x06\x01\x05\x05\x07\x03\x0A" +OBJ_id_it_caProtEncCert="\x2B\x06\x01\x05\x05\x07\x04\x01" +OBJ_id_it_signKeyPairTypes="\x2B\x06\x01\x05\x05\x07\x04\x02" +OBJ_id_it_encKeyPairTypes="\x2B\x06\x01\x05\x05\x07\x04\x03" +OBJ_id_it_preferredSymmAlg="\x2B\x06\x01\x05\x05\x07\x04\x04" +OBJ_id_it_caKeyUpdateInfo="\x2B\x06\x01\x05\x05\x07\x04\x05" +OBJ_id_it_currentCRL="\x2B\x06\x01\x05\x05\x07\x04\x06" +OBJ_id_it_unsupportedOIDs="\x2B\x06\x01\x05\x05\x07\x04\x07" +OBJ_id_it_subscriptionRequest="\x2B\x06\x01\x05\x05\x07\x04\x08" +OBJ_id_it_subscriptionResponse="\x2B\x06\x01\x05\x05\x07\x04\x09" +OBJ_id_it_keyPairParamReq="\x2B\x06\x01\x05\x05\x07\x04\x0A" +OBJ_id_it_keyPairParamRep="\x2B\x06\x01\x05\x05\x07\x04\x0B" +OBJ_id_it_revPassphrase="\x2B\x06\x01\x05\x05\x07\x04\x0C" +OBJ_id_it_implicitConfirm="\x2B\x06\x01\x05\x05\x07\x04\x0D" +OBJ_id_it_confirmWaitTime="\x2B\x06\x01\x05\x05\x07\x04\x0E" +OBJ_id_it_origPKIMessage="\x2B\x06\x01\x05\x05\x07\x04\x0F" +OBJ_id_regCtrl="\x2B\x06\x01\x05\x05\x07\x05\x01" +OBJ_id_regInfo="\x2B\x06\x01\x05\x05\x07\x05\x02" +OBJ_id_regCtrl_regToken="\x2B\x06\x01\x05\x05\x07\x05\x01\x01" +OBJ_id_regCtrl_authenticator="\x2B\x06\x01\x05\x05\x07\x05\x01\x02" +OBJ_id_regCtrl_pkiPublicationInfo="\x2B\x06\x01\x05\x05\x07\x05\x01\x03" +OBJ_id_regCtrl_pkiArchiveOptions="\x2B\x06\x01\x05\x05\x07\x05\x01\x04" +OBJ_id_regCtrl_oldCertID="\x2B\x06\x01\x05\x05\x07\x05\x01\x05" +OBJ_id_regCtrl_protocolEncrKey="\x2B\x06\x01\x05\x05\x07\x05\x01\x06" +OBJ_id_regInfo_utf8Pairs="\x2B\x06\x01\x05\x05\x07\x05\x02\x01" +OBJ_id_regInfo_certReq="\x2B\x06\x01\x05\x05\x07\x05\x02\x02" +OBJ_id_alg_des40="\x2B\x06\x01\x05\x05\x07\x06\x01" +OBJ_id_alg_noSignature="\x2B\x06\x01\x05\x05\x07\x06\x02" +OBJ_id_alg_dh_sig_hmac_sha1="\x2B\x06\x01\x05\x05\x07\x06\x03" +OBJ_id_alg_dh_pop="\x2B\x06\x01\x05\x05\x07\x06\x04" +OBJ_id_cmc_statusInfo="\x2B\x06\x01\x05\x05\x07\x07\x01" +OBJ_id_cmc_identification="\x2B\x06\x01\x05\x05\x07\x07\x02" +OBJ_id_cmc_identityProof="\x2B\x06\x01\x05\x05\x07\x07\x03" +OBJ_id_cmc_dataReturn="\x2B\x06\x01\x05\x05\x07\x07\x04" +OBJ_id_cmc_transactionId="\x2B\x06\x01\x05\x05\x07\x07\x05" +OBJ_id_cmc_senderNonce="\x2B\x06\x01\x05\x05\x07\x07\x06" +OBJ_id_cmc_recipientNonce="\x2B\x06\x01\x05\x05\x07\x07\x07" +OBJ_id_cmc_addExtensions="\x2B\x06\x01\x05\x05\x07\x07\x08" +OBJ_id_cmc_encryptedPOP="\x2B\x06\x01\x05\x05\x07\x07\x09" +OBJ_id_cmc_decryptedPOP="\x2B\x06\x01\x05\x05\x07\x07\x0A" +OBJ_id_cmc_lraPOPWitness="\x2B\x06\x01\x05\x05\x07\x07\x0B" +OBJ_id_cmc_getCert="\x2B\x06\x01\x05\x05\x07\x07\x0F" +OBJ_id_cmc_getCRL="\x2B\x06\x01\x05\x05\x07\x07\x10" +OBJ_id_cmc_revokeRequest="\x2B\x06\x01\x05\x05\x07\x07\x11" +OBJ_id_cmc_regInfo="\x2B\x06\x01\x05\x05\x07\x07\x12" +OBJ_id_cmc_responseInfo="\x2B\x06\x01\x05\x05\x07\x07\x13" +OBJ_id_cmc_queryPending="\x2B\x06\x01\x05\x05\x07\x07\x15" +OBJ_id_cmc_popLinkRandom="\x2B\x06\x01\x05\x05\x07\x07\x16" +OBJ_id_cmc_popLinkWitness="\x2B\x06\x01\x05\x05\x07\x07\x17" +OBJ_id_cmc_confirmCertAcceptance="\x2B\x06\x01\x05\x05\x07\x07\x18" +OBJ_id_on_personalData="\x2B\x06\x01\x05\x05\x07\x08\x01" +OBJ_id_pda_dateOfBirth="\x2B\x06\x01\x05\x05\x07\x09\x01" +OBJ_id_pda_placeOfBirth="\x2B\x06\x01\x05\x05\x07\x09\x02" +OBJ_id_pda_gender="\x2B\x06\x01\x05\x05\x07\x09\x03" +OBJ_id_pda_countryOfCitizenship="\x2B\x06\x01\x05\x05\x07\x09\x04" +OBJ_id_pda_countryOfResidence="\x2B\x06\x01\x05\x05\x07\x09\x05" +OBJ_id_aca_authenticationInfo="\x2B\x06\x01\x05\x05\x07\x0A\x01" +OBJ_id_aca_accessIdentity="\x2B\x06\x01\x05\x05\x07\x0A\x02" +OBJ_id_aca_chargingIdentity="\x2B\x06\x01\x05\x05\x07\x0A\x03" +OBJ_id_aca_group="\x2B\x06\x01\x05\x05\x07\x0A\x04" +OBJ_id_aca_role="\x2B\x06\x01\x05\x05\x07\x0A\x05" +OBJ_id_qcs_pkixQCSyntax_v1="\x2B\x06\x01\x05\x05\x07\x0B\x01" +OBJ_id_cct_crs="\x2B\x06\x01\x05\x05\x07\x0C\x01" +OBJ_id_cct_PKIData="\x2B\x06\x01\x05\x05\x07\x0C\x02" +OBJ_id_cct_PKIResponse="\x2B\x06\x01\x05\x05\x07\x0C\x03" +OBJ_ad_timeStamping="\x2B\x06\x01\x05\x05\x07\x30\x03" +OBJ_ad_dvcs="\x2B\x06\x01\x05\x05\x07\x30\x04" +OBJ_id_pkix_OCSP_basic="\x2B\x06\x01\x05\x05\x07\x30\x01\x01" +OBJ_id_pkix_OCSP_Nonce="\x2B\x06\x01\x05\x05\x07\x30\x01\x02" +OBJ_id_pkix_OCSP_CrlID="\x2B\x06\x01\x05\x05\x07\x30\x01\x03" +OBJ_id_pkix_OCSP_acceptableResponses="\x2B\x06\x01\x05\x05\x07\x30\x01\x04" +OBJ_id_pkix_OCSP_noCheck="\x2B\x06\x01\x05\x05\x07\x30\x01\x05" +OBJ_id_pkix_OCSP_archiveCutoff="\x2B\x06\x01\x05\x05\x07\x30\x01\x06" +OBJ_id_pkix_OCSP_serviceLocator="\x2B\x06\x01\x05\x05\x07\x30\x01\x07" +OBJ_id_pkix_OCSP_extendedStatus="\x2B\x06\x01\x05\x05\x07\x30\x01\x08" +OBJ_id_pkix_OCSP_valid="\x2B\x06\x01\x05\x05\x07\x30\x01\x09" +OBJ_id_pkix_OCSP_path="\x2B\x06\x01\x05\x05\x07\x30\x01\x0A" +OBJ_id_pkix_OCSP_trustRoot="\x2B\x06\x01\x05\x05\x07\x30\x01\x0B" +OBJ_algorithm="\x2B\x0E\x03\x02" +OBJ_rsaSignature="\x2B\x0E\x03\x02\x0B" +OBJ_X500algorithms="\x55\x08" +OBJ_org="\x2B" +OBJ_dod="\x2B\x06" +OBJ_iana="\x2B\x06\x01" +OBJ_Directory="\x2B\x06\x01\x01" +OBJ_Management="\x2B\x06\x01\x02" +OBJ_Experimental="\x2B\x06\x01\x03" +OBJ_Private="\x2B\x06\x01\x04" +OBJ_Security="\x2B\x06\x01\x05" +OBJ_SNMPv2="\x2B\x06\x01\x06" +OBJ_Mail="\x2B\x06\x01\x07" +OBJ_Enterprises="\x2B\x06\x01\x04\x01" +OBJ_dcObject="\x2B\x06\x01\x04\x01\x8B\x3A\x82\x58" +OBJ_domainComponent="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" +OBJ_Domain="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x0D" +OBJ_selected_attribute_types="\x55\x01\x05" +OBJ_clearance="\x55\x01\x05\x37" +OBJ_md4WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x03" +OBJ_ac_proxying="\x2B\x06\x01\x05\x05\x07\x01\x0A" +OBJ_sinfo_access="\x2B\x06\x01\x05\x05\x07\x01\x0B" +OBJ_id_aca_encAttrs="\x2B\x06\x01\x05\x05\x07\x0A\x06" +OBJ_role="\x55\x04\x48" +OBJ_policy_constraints="\x55\x1D\x24" +OBJ_target_information="\x55\x1D\x37" +OBJ_no_rev_avail="\x55\x1D\x38" +OBJ_ansi_X9_62="\x2A\x86\x48\xCE\x3D" +OBJ_X9_62_prime_field="\x2A\x86\x48\xCE\x3D\x01\x01" +OBJ_X9_62_characteristic_two_field="\x2A\x86\x48\xCE\x3D\x01\x02" +OBJ_X9_62_id_ecPublicKey="\x2A\x86\x48\xCE\x3D\x02\x01" +OBJ_X9_62_prime192v1="\x2A\x86\x48\xCE\x3D\x03\x01\x01" +OBJ_X9_62_prime192v2="\x2A\x86\x48\xCE\x3D\x03\x01\x02" +OBJ_X9_62_prime192v3="\x2A\x86\x48\xCE\x3D\x03\x01\x03" +OBJ_X9_62_prime239v1="\x2A\x86\x48\xCE\x3D\x03\x01\x04" +OBJ_X9_62_prime239v2="\x2A\x86\x48\xCE\x3D\x03\x01\x05" +OBJ_X9_62_prime239v3="\x2A\x86\x48\xCE\x3D\x03\x01\x06" +OBJ_X9_62_prime256v1="\x2A\x86\x48\xCE\x3D\x03\x01\x07" +OBJ_ecdsa_with_SHA1="\x2A\x86\x48\xCE\x3D\x04\x01" +OBJ_ms_csp_name="\x2B\x06\x01\x04\x01\x82\x37\x11\x01" +OBJ_aes_128_ecb="\x60\x86\x48\x01\x65\x03\x04\x01\x01" +OBJ_aes_128_cbc="\x60\x86\x48\x01\x65\x03\x04\x01\x02" +OBJ_aes_128_ofb128="\x60\x86\x48\x01\x65\x03\x04\x01\x03" +OBJ_aes_128_cfb128="\x60\x86\x48\x01\x65\x03\x04\x01\x04" +OBJ_aes_192_ecb="\x60\x86\x48\x01\x65\x03\x04\x01\x15" +OBJ_aes_192_cbc="\x60\x86\x48\x01\x65\x03\x04\x01\x16" +OBJ_aes_192_ofb128="\x60\x86\x48\x01\x65\x03\x04\x01\x17" +OBJ_aes_192_cfb128="\x60\x86\x48\x01\x65\x03\x04\x01\x18" +OBJ_aes_256_ecb="\x60\x86\x48\x01\x65\x03\x04\x01\x29" +OBJ_aes_256_cbc="\x60\x86\x48\x01\x65\x03\x04\x01\x2A" +OBJ_aes_256_ofb128="\x60\x86\x48\x01\x65\x03\x04\x01\x2B" +OBJ_aes_256_cfb128="\x60\x86\x48\x01\x65\x03\x04\x01\x2C" +OBJ_hold_instruction_code="\x55\x1D\x17" +OBJ_hold_instruction_none="\x2A\x86\x48\xCE\x38\x02\x01" +OBJ_hold_instruction_call_issuer="\x2A\x86\x48\xCE\x38\x02\x02" +OBJ_hold_instruction_reject="\x2A\x86\x48\xCE\x38\x02\x03" +OBJ_data="\x09" +OBJ_pss="\x09\x92\x26" +OBJ_ucl="\x09\x92\x26\x89\x93\xF2\x2C" +OBJ_pilot="\x09\x92\x26\x89\x93\xF2\x2C\x64" +OBJ_pilotAttributeType="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01" +OBJ_pilotAttributeSyntax="\x09\x92\x26\x89\x93\xF2\x2C\x64\x03" +OBJ_pilotObjectClass="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04" +OBJ_pilotGroups="\x09\x92\x26\x89\x93\xF2\x2C\x64\x0A" +OBJ_iA5StringSyntax="\x09\x92\x26\x89\x93\xF2\x2C\x64\x03\x04" +OBJ_caseIgnoreIA5StringSyntax="\x09\x92\x26\x89\x93\xF2\x2C\x64\x03\x05" +OBJ_pilotObject="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x03" +OBJ_pilotPerson="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x04" +OBJ_account="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x05" +OBJ_document="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x06" +OBJ_room="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x07" +OBJ_documentSeries="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x09" +OBJ_rFC822localPart="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x0E" +OBJ_dNSDomain="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x0F" +OBJ_domainRelatedObject="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x11" +OBJ_friendlyCountry="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x12" +OBJ_simpleSecurityObject="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x13" +OBJ_pilotOrganization="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x14" +OBJ_pilotDSA="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x15" +OBJ_qualityLabelledData="\x09\x92\x26\x89\x93\xF2\x2C\x64\x04\x16" +OBJ_userId="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x01" +OBJ_textEncodedORAddress="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x02" +OBJ_rfc822Mailbox="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x03" +OBJ_info="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x04" +OBJ_favouriteDrink="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x05" +OBJ_roomNumber="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x06" +OBJ_photo="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x07" +OBJ_userClass="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x08" +OBJ_host="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x09" +OBJ_manager="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x0A" +OBJ_documentIdentifier="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x0B" +OBJ_documentTitle="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x0C" +OBJ_documentVersion="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x0D" +OBJ_documentAuthor="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x0E" +OBJ_documentLocation="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x0F" +OBJ_homeTelephoneNumber="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x14" +OBJ_secretary="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x15" +OBJ_otherMailbox="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x16" +OBJ_lastModifiedTime="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x17" +OBJ_lastModifiedBy="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x18" +OBJ_aRecord="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x1A" +OBJ_pilotAttributeType27="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x1B" +OBJ_mXRecord="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x1C" +OBJ_nSRecord="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x1D" +OBJ_sOARecord="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x1E" +OBJ_cNAMERecord="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x1F" +OBJ_associatedDomain="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x25" +OBJ_associatedName="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x26" +OBJ_homePostalAddress="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x27" +OBJ_personalTitle="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x28" +OBJ_mobileTelephoneNumber="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x29" +OBJ_pagerTelephoneNumber="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x2A" +OBJ_friendlyCountryName="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x2B" +OBJ_organizationalStatus="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x2D" +OBJ_janetMailbox="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x2E" +OBJ_mailPreferenceOption="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x2F" +OBJ_buildingName="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x30" +OBJ_dSAQuality="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x31" +OBJ_singleLevelQuality="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x32" +OBJ_subtreeMinimumQuality="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x33" +OBJ_subtreeMaximumQuality="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x34" +OBJ_personalSignature="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x35" +OBJ_dITRedirect="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x36" +OBJ_audio="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x37" +OBJ_documentPublisher="\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x38" +OBJ_x500UniqueIdentifier="\x55\x04\x2D" +OBJ_mime_mhs="\x2B\x06\x01\x07\x01" +OBJ_mime_mhs_headings="\x2B\x06\x01\x07\x01\x01" +OBJ_mime_mhs_bodies="\x2B\x06\x01\x07\x01\x02" +OBJ_id_hex_partial_message="\x2B\x06\x01\x07\x01\x01\x01" +OBJ_id_hex_multipart_message="\x2B\x06\x01\x07\x01\x01\x02" +OBJ_generationQualifier="\x55\x04\x2C" +OBJ_pseudonym="\x55\x04\x41" +OBJ_id_set="\x67\x2A" +OBJ_set_ctype="\x67\x2A\x00" +OBJ_set_msgExt="\x67\x2A\x01" +OBJ_set_attr="\x67\x2A\x03" +OBJ_set_policy="\x67\x2A\x05" +OBJ_set_certExt="\x67\x2A\x07" +OBJ_set_brand="\x67\x2A\x08" +OBJ_setct_PANData="\x67\x2A\x00\x00" +OBJ_setct_PANToken="\x67\x2A\x00\x01" +OBJ_setct_PANOnly="\x67\x2A\x00\x02" +OBJ_setct_OIData="\x67\x2A\x00\x03" +OBJ_setct_PI="\x67\x2A\x00\x04" +OBJ_setct_PIData="\x67\x2A\x00\x05" +OBJ_setct_PIDataUnsigned="\x67\x2A\x00\x06" +OBJ_setct_HODInput="\x67\x2A\x00\x07" +OBJ_setct_AuthResBaggage="\x67\x2A\x00\x08" +OBJ_setct_AuthRevReqBaggage="\x67\x2A\x00\x09" +OBJ_setct_AuthRevResBaggage="\x67\x2A\x00\x0A" +OBJ_setct_CapTokenSeq="\x67\x2A\x00\x0B" +OBJ_setct_PInitResData="\x67\x2A\x00\x0C" +OBJ_setct_PI_TBS="\x67\x2A\x00\x0D" +OBJ_setct_PResData="\x67\x2A\x00\x0E" +OBJ_setct_AuthReqTBS="\x67\x2A\x00\x10" +OBJ_setct_AuthResTBS="\x67\x2A\x00\x11" +OBJ_setct_AuthResTBSX="\x67\x2A\x00\x12" +OBJ_setct_AuthTokenTBS="\x67\x2A\x00\x13" +OBJ_setct_CapTokenData="\x67\x2A\x00\x14" +OBJ_setct_CapTokenTBS="\x67\x2A\x00\x15" +OBJ_setct_AcqCardCodeMsg="\x67\x2A\x00\x16" +OBJ_setct_AuthRevReqTBS="\x67\x2A\x00\x17" +OBJ_setct_AuthRevResData="\x67\x2A\x00\x18" +OBJ_setct_AuthRevResTBS="\x67\x2A\x00\x19" +OBJ_setct_CapReqTBS="\x67\x2A\x00\x1A" +OBJ_setct_CapReqTBSX="\x67\x2A\x00\x1B" +OBJ_setct_CapResData="\x67\x2A\x00\x1C" +OBJ_setct_CapRevReqTBS="\x67\x2A\x00\x1D" +OBJ_setct_CapRevReqTBSX="\x67\x2A\x00\x1E" +OBJ_setct_CapRevResData="\x67\x2A\x00\x1F" +OBJ_setct_CredReqTBS="\x67\x2A\x00\x20" +OBJ_setct_CredReqTBSX="\x67\x2A\x00\x21" +OBJ_setct_CredResData="\x67\x2A\x00\x22" +OBJ_setct_CredRevReqTBS="\x67\x2A\x00\x23" +OBJ_setct_CredRevReqTBSX="\x67\x2A\x00\x24" +OBJ_setct_CredRevResData="\x67\x2A\x00\x25" +OBJ_setct_PCertReqData="\x67\x2A\x00\x26" +OBJ_setct_PCertResTBS="\x67\x2A\x00\x27" +OBJ_setct_BatchAdminReqData="\x67\x2A\x00\x28" +OBJ_setct_BatchAdminResData="\x67\x2A\x00\x29" +OBJ_setct_CardCInitResTBS="\x67\x2A\x00\x2A" +OBJ_setct_MeAqCInitResTBS="\x67\x2A\x00\x2B" +OBJ_setct_RegFormResTBS="\x67\x2A\x00\x2C" +OBJ_setct_CertReqData="\x67\x2A\x00\x2D" +OBJ_setct_CertReqTBS="\x67\x2A\x00\x2E" +OBJ_setct_CertResData="\x67\x2A\x00\x2F" +OBJ_setct_CertInqReqTBS="\x67\x2A\x00\x30" +OBJ_setct_ErrorTBS="\x67\x2A\x00\x31" +OBJ_setct_PIDualSignedTBE="\x67\x2A\x00\x32" +OBJ_setct_PIUnsignedTBE="\x67\x2A\x00\x33" +OBJ_setct_AuthReqTBE="\x67\x2A\x00\x34" +OBJ_setct_AuthResTBE="\x67\x2A\x00\x35" +OBJ_setct_AuthResTBEX="\x67\x2A\x00\x36" +OBJ_setct_AuthTokenTBE="\x67\x2A\x00\x37" +OBJ_setct_CapTokenTBE="\x67\x2A\x00\x38" +OBJ_setct_CapTokenTBEX="\x67\x2A\x00\x39" +OBJ_setct_AcqCardCodeMsgTBE="\x67\x2A\x00\x3A" +OBJ_setct_AuthRevReqTBE="\x67\x2A\x00\x3B" +OBJ_setct_AuthRevResTBE="\x67\x2A\x00\x3C" +OBJ_setct_AuthRevResTBEB="\x67\x2A\x00\x3D" +OBJ_setct_CapReqTBE="\x67\x2A\x00\x3E" +OBJ_setct_CapReqTBEX="\x67\x2A\x00\x3F" +OBJ_setct_CapResTBE="\x67\x2A\x00\x40" +OBJ_setct_CapRevReqTBE="\x67\x2A\x00\x41" +OBJ_setct_CapRevReqTBEX="\x67\x2A\x00\x42" +OBJ_setct_CapRevResTBE="\x67\x2A\x00\x43" +OBJ_setct_CredReqTBE="\x67\x2A\x00\x44" +OBJ_setct_CredReqTBEX="\x67\x2A\x00\x45" +OBJ_setct_CredResTBE="\x67\x2A\x00\x46" +OBJ_setct_CredRevReqTBE="\x67\x2A\x00\x47" +OBJ_setct_CredRevReqTBEX="\x67\x2A\x00\x48" +OBJ_setct_CredRevResTBE="\x67\x2A\x00\x49" +OBJ_setct_BatchAdminReqTBE="\x67\x2A\x00\x4A" +OBJ_setct_BatchAdminResTBE="\x67\x2A\x00\x4B" +OBJ_setct_RegFormReqTBE="\x67\x2A\x00\x4C" +OBJ_setct_CertReqTBE="\x67\x2A\x00\x4D" +OBJ_setct_CertReqTBEX="\x67\x2A\x00\x4E" +OBJ_setct_CertResTBE="\x67\x2A\x00\x4F" +OBJ_setct_CRLNotificationTBS="\x67\x2A\x00\x50" +OBJ_setct_CRLNotificationResTBS="\x67\x2A\x00\x51" +OBJ_setct_BCIDistributionTBS="\x67\x2A\x00\x52" +OBJ_setext_genCrypt="\x67\x2A\x01\x01" +OBJ_setext_miAuth="\x67\x2A\x01\x03" +OBJ_setext_pinSecure="\x67\x2A\x01\x04" +OBJ_setext_pinAny="\x67\x2A\x01\x05" +OBJ_setext_track2="\x67\x2A\x01\x07" +OBJ_setext_cv="\x67\x2A\x01\x08" +OBJ_set_policy_root="\x67\x2A\x05\x00" +OBJ_setCext_hashedRoot="\x67\x2A\x07\x00" +OBJ_setCext_certType="\x67\x2A\x07\x01" +OBJ_setCext_merchData="\x67\x2A\x07\x02" +OBJ_setCext_cCertRequired="\x67\x2A\x07\x03" +OBJ_setCext_tunneling="\x67\x2A\x07\x04" +OBJ_setCext_setExt="\x67\x2A\x07\x05" +OBJ_setCext_setQualf="\x67\x2A\x07\x06" +OBJ_setCext_PGWYcapabilities="\x67\x2A\x07\x07" +OBJ_setCext_TokenIdentifier="\x67\x2A\x07\x08" +OBJ_setCext_Track2Data="\x67\x2A\x07\x09" +OBJ_setCext_TokenType="\x67\x2A\x07\x0A" +OBJ_setCext_IssuerCapabilities="\x67\x2A\x07\x0B" +OBJ_setAttr_Cert="\x67\x2A\x03\x00" +OBJ_setAttr_PGWYcap="\x67\x2A\x03\x01" +OBJ_setAttr_TokenType="\x67\x2A\x03\x02" +OBJ_setAttr_IssCap="\x67\x2A\x03\x03" +OBJ_set_rootKeyThumb="\x67\x2A\x03\x00\x00" +OBJ_set_addPolicy="\x67\x2A\x03\x00\x01" +OBJ_setAttr_Token_EMV="\x67\x2A\x03\x02\x01" +OBJ_setAttr_Token_B0Prime="\x67\x2A\x03\x02\x02" +OBJ_setAttr_IssCap_CVM="\x67\x2A\x03\x03\x03" +OBJ_setAttr_IssCap_T2="\x67\x2A\x03\x03\x04" +OBJ_setAttr_IssCap_Sig="\x67\x2A\x03\x03\x05" +OBJ_setAttr_GenCryptgrm="\x67\x2A\x03\x03\x03\x01" +OBJ_setAttr_T2Enc="\x67\x2A\x03\x03\x04\x01" +OBJ_setAttr_T2cleartxt="\x67\x2A\x03\x03\x04\x02" +OBJ_setAttr_TokICCsig="\x67\x2A\x03\x03\x05\x01" +OBJ_setAttr_SecDevSig="\x67\x2A\x03\x03\x05\x02" +OBJ_set_brand_IATA_ATA="\x67\x2A\x08\x01" +OBJ_set_brand_Diners="\x67\x2A\x08\x1E" +OBJ_set_brand_AmericanExpress="\x67\x2A\x08\x22" +OBJ_set_brand_JCB="\x67\x2A\x08\x23" +OBJ_set_brand_Visa="\x67\x2A\x08\x04" +OBJ_set_brand_MasterCard="\x67\x2A\x08\x05" +OBJ_set_brand_Novus="\x67\x2A\x08\xAE\x7B" +OBJ_des_cdmf="\x2A\x86\x48\x86\xF7\x0D\x03\x0A" +OBJ_rsaOAEPEncryptionSET="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x06" +OBJ_international_organizations="\x67" +OBJ_ms_smartcard_login="\x2B\x06\x01\x04\x01\x82\x37\x14\x02\x02" +OBJ_ms_upn="\x2B\x06\x01\x04\x01\x82\x37\x14\x02\x03" +OBJ_streetAddress="\x55\x04\x09" +OBJ_postalCode="\x55\x04\x11" +OBJ_id_ppl="\x2B\x06\x01\x05\x05\x07\x15" +OBJ_proxyCertInfo="\x2B\x06\x01\x05\x05\x07\x01\x0E" +OBJ_id_ppl_anyLanguage="\x2B\x06\x01\x05\x05\x07\x15\x00" +OBJ_id_ppl_inheritAll="\x2B\x06\x01\x05\x05\x07\x15\x01" +OBJ_name_constraints="\x55\x1D\x1E" +OBJ_Independent="\x2B\x06\x01\x05\x05\x07\x15\x02" +OBJ_sha256WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B" +OBJ_sha384WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0C" +OBJ_sha512WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0D" +OBJ_sha224WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0E" +OBJ_sha256="\x60\x86\x48\x01\x65\x03\x04\x02\x01" +OBJ_sha384="\x60\x86\x48\x01\x65\x03\x04\x02\x02" +OBJ_sha512="\x60\x86\x48\x01\x65\x03\x04\x02\x03" +OBJ_sha224="\x60\x86\x48\x01\x65\x03\x04\x02\x04" +OBJ_identified_organization="\x2B" +OBJ_certicom_arc="\x2B\x81\x04" +OBJ_wap="\x67\x2B" +OBJ_wap_wsg="\x67\x2B\x01" +OBJ_X9_62_id_characteristic_two_basis="\x2A\x86\x48\xCE\x3D\x01\x02\x03" +OBJ_X9_62_onBasis="\x2A\x86\x48\xCE\x3D\x01\x02\x03\x01" +OBJ_X9_62_tpBasis="\x2A\x86\x48\xCE\x3D\x01\x02\x03\x02" +OBJ_X9_62_ppBasis="\x2A\x86\x48\xCE\x3D\x01\x02\x03\x03" +OBJ_X9_62_c2pnb163v1="\x2A\x86\x48\xCE\x3D\x03\x00\x01" +OBJ_X9_62_c2pnb163v2="\x2A\x86\x48\xCE\x3D\x03\x00\x02" +OBJ_X9_62_c2pnb163v3="\x2A\x86\x48\xCE\x3D\x03\x00\x03" +OBJ_X9_62_c2pnb176v1="\x2A\x86\x48\xCE\x3D\x03\x00\x04" +OBJ_X9_62_c2tnb191v1="\x2A\x86\x48\xCE\x3D\x03\x00\x05" +OBJ_X9_62_c2tnb191v2="\x2A\x86\x48\xCE\x3D\x03\x00\x06" +OBJ_X9_62_c2tnb191v3="\x2A\x86\x48\xCE\x3D\x03\x00\x07" +OBJ_X9_62_c2onb191v4="\x2A\x86\x48\xCE\x3D\x03\x00\x08" +OBJ_X9_62_c2onb191v5="\x2A\x86\x48\xCE\x3D\x03\x00\x09" +OBJ_X9_62_c2pnb208w1="\x2A\x86\x48\xCE\x3D\x03\x00\x0A" +OBJ_X9_62_c2tnb239v1="\x2A\x86\x48\xCE\x3D\x03\x00\x0B" +OBJ_X9_62_c2tnb239v2="\x2A\x86\x48\xCE\x3D\x03\x00\x0C" +OBJ_X9_62_c2tnb239v3="\x2A\x86\x48\xCE\x3D\x03\x00\x0D" +OBJ_X9_62_c2onb239v4="\x2A\x86\x48\xCE\x3D\x03\x00\x0E" +OBJ_X9_62_c2onb239v5="\x2A\x86\x48\xCE\x3D\x03\x00\x0F" +OBJ_X9_62_c2pnb272w1="\x2A\x86\x48\xCE\x3D\x03\x00\x10" +OBJ_X9_62_c2pnb304w1="\x2A\x86\x48\xCE\x3D\x03\x00\x11" +OBJ_X9_62_c2tnb359v1="\x2A\x86\x48\xCE\x3D\x03\x00\x12" +OBJ_X9_62_c2pnb368w1="\x2A\x86\x48\xCE\x3D\x03\x00\x13" +OBJ_X9_62_c2tnb431r1="\x2A\x86\x48\xCE\x3D\x03\x00\x14" +OBJ_secp112r1="\x2B\x81\x04\x00\x06" +OBJ_secp112r2="\x2B\x81\x04\x00\x07" +OBJ_secp128r1="\x2B\x81\x04\x00\x1C" +OBJ_secp128r2="\x2B\x81\x04\x00\x1D" +OBJ_secp160k1="\x2B\x81\x04\x00\x09" +OBJ_secp160r1="\x2B\x81\x04\x00\x08" +OBJ_secp160r2="\x2B\x81\x04\x00\x1E" +OBJ_secp192k1="\x2B\x81\x04\x00\x1F" +OBJ_secp224k1="\x2B\x81\x04\x00\x20" +OBJ_secp224r1="\x2B\x81\x04\x00\x21" +OBJ_secp256k1="\x2B\x81\x04\x00\x0A" +OBJ_secp384r1="\x2B\x81\x04\x00\x22" +OBJ_secp521r1="\x2B\x81\x04\x00\x23" +OBJ_sect113r1="\x2B\x81\x04\x00\x04" +OBJ_sect113r2="\x2B\x81\x04\x00\x05" +OBJ_sect131r1="\x2B\x81\x04\x00\x16" +OBJ_sect131r2="\x2B\x81\x04\x00\x17" +OBJ_sect163k1="\x2B\x81\x04\x00\x01" +OBJ_sect163r1="\x2B\x81\x04\x00\x02" +OBJ_sect163r2="\x2B\x81\x04\x00\x0F" +OBJ_sect193r1="\x2B\x81\x04\x00\x18" +OBJ_sect193r2="\x2B\x81\x04\x00\x19" +OBJ_sect233k1="\x2B\x81\x04\x00\x1A" +OBJ_sect233r1="\x2B\x81\x04\x00\x1B" +OBJ_sect239k1="\x2B\x81\x04\x00\x03" +OBJ_sect283k1="\x2B\x81\x04\x00\x10" +OBJ_sect283r1="\x2B\x81\x04\x00\x11" +OBJ_sect409k1="\x2B\x81\x04\x00\x24" +OBJ_sect409r1="\x2B\x81\x04\x00\x25" +OBJ_sect571k1="\x2B\x81\x04\x00\x26" +OBJ_sect571r1="\x2B\x81\x04\x00\x27" +OBJ_wap_wsg_idm_ecid_wtls1="\x67\x2B\x01\x04\x01" +OBJ_wap_wsg_idm_ecid_wtls3="\x67\x2B\x01\x04\x03" +OBJ_wap_wsg_idm_ecid_wtls4="\x67\x2B\x01\x04\x04" +OBJ_wap_wsg_idm_ecid_wtls5="\x67\x2B\x01\x04\x05" +OBJ_wap_wsg_idm_ecid_wtls6="\x67\x2B\x01\x04\x06" +OBJ_wap_wsg_idm_ecid_wtls7="\x67\x2B\x01\x04\x07" +OBJ_wap_wsg_idm_ecid_wtls8="\x67\x2B\x01\x04\x08" +OBJ_wap_wsg_idm_ecid_wtls9="\x67\x2B\x01\x04\x09" +OBJ_wap_wsg_idm_ecid_wtls10="\x67\x2B\x01\x04\x0A" +OBJ_wap_wsg_idm_ecid_wtls11="\x67\x2B\x01\x04\x0B" +OBJ_wap_wsg_idm_ecid_wtls12="\x67\x2B\x01\x04\x0C" +OBJ_any_policy="\x55\x1D\x20\x00" +OBJ_policy_mappings="\x55\x1D\x21" +OBJ_inhibit_any_policy="\x55\x1D\x36" +OBJ_camellia_128_cbc="\x2A\x83\x08\x8C\x9A\x4B\x3D\x01\x01\x01\x02" +OBJ_camellia_192_cbc="\x2A\x83\x08\x8C\x9A\x4B\x3D\x01\x01\x01\x03" +OBJ_camellia_256_cbc="\x2A\x83\x08\x8C\x9A\x4B\x3D\x01\x01\x01\x04" +OBJ_camellia_128_ecb="\x03\xA2\x31\x05\x03\x01\x09\x01" +OBJ_camellia_192_ecb="\x03\xA2\x31\x05\x03\x01\x09\x15" +OBJ_camellia_256_ecb="\x03\xA2\x31\x05\x03\x01\x09\x29" +OBJ_camellia_128_cfb128="\x03\xA2\x31\x05\x03\x01\x09\x04" +OBJ_camellia_192_cfb128="\x03\xA2\x31\x05\x03\x01\x09\x18" +OBJ_camellia_256_cfb128="\x03\xA2\x31\x05\x03\x01\x09\x2C" +OBJ_camellia_128_ofb128="\x03\xA2\x31\x05\x03\x01\x09\x03" +OBJ_camellia_192_ofb128="\x03\xA2\x31\x05\x03\x01\x09\x17" +OBJ_camellia_256_ofb128="\x03\xA2\x31\x05\x03\x01\x09\x2B" +OBJ_subject_directory_attributes="\x55\x1D\x09" +OBJ_issuing_distribution_point="\x55\x1D\x1C" +OBJ_certificate_issuer="\x55\x1D\x1D" +OBJ_kisa="\x2A\x83\x1A\x8C\x9A\x44" +OBJ_seed_ecb="\x2A\x83\x1A\x8C\x9A\x44\x01\x03" +OBJ_seed_cbc="\x2A\x83\x1A\x8C\x9A\x44\x01\x04" +OBJ_seed_ofb128="\x2A\x83\x1A\x8C\x9A\x44\x01\x06" +OBJ_seed_cfb128="\x2A\x83\x1A\x8C\x9A\x44\x01\x05" +OBJ_hmac_md5="\x2B\x06\x01\x05\x05\x08\x01\x01" +OBJ_hmac_sha1="\x2B\x06\x01\x05\x05\x08\x01\x02" +OBJ_id_PasswordBasedMAC="\x2A\x86\x48\x86\xF6\x7D\x07\x42\x0D" +OBJ_id_DHBasedMac="\x2A\x86\x48\x86\xF6\x7D\x07\x42\x1E" +OBJ_id_it_suppLangTags="\x2B\x06\x01\x05\x05\x07\x04\x10" +OBJ_caRepository="\x2B\x06\x01\x05\x05\x07\x30\x05" +OBJ_id_smime_ct_compressedData="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x09" +OBJ_id_ct_asciiTextWithCRLF="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x1B" +OBJ_id_aes128_wrap="\x60\x86\x48\x01\x65\x03\x04\x01\x05" +OBJ_id_aes192_wrap="\x60\x86\x48\x01\x65\x03\x04\x01\x19" +OBJ_id_aes256_wrap="\x60\x86\x48\x01\x65\x03\x04\x01\x2D" +OBJ_ecdsa_with_Recommended="\x2A\x86\x48\xCE\x3D\x04\x02" +OBJ_ecdsa_with_Specified="\x2A\x86\x48\xCE\x3D\x04\x03" +OBJ_ecdsa_with_SHA224="\x2A\x86\x48\xCE\x3D\x04\x03\x01" +OBJ_ecdsa_with_SHA256="\x2A\x86\x48\xCE\x3D\x04\x03\x02" +OBJ_ecdsa_with_SHA384="\x2A\x86\x48\xCE\x3D\x04\x03\x03" +OBJ_ecdsa_with_SHA512="\x2A\x86\x48\xCE\x3D\x04\x03\x04" +OBJ_hmacWithMD5="\x2A\x86\x48\x86\xF7\x0D\x02\x06" +OBJ_hmacWithSHA224="\x2A\x86\x48\x86\xF7\x0D\x02\x08" +OBJ_hmacWithSHA256="\x2A\x86\x48\x86\xF7\x0D\x02\x09" +OBJ_hmacWithSHA384="\x2A\x86\x48\x86\xF7\x0D\x02\x0A" +OBJ_hmacWithSHA512="\x2A\x86\x48\x86\xF7\x0D\x02\x0B" +OBJ_dsa_with_SHA224="\x60\x86\x48\x01\x65\x03\x04\x03\x01" +OBJ_dsa_with_SHA256="\x60\x86\x48\x01\x65\x03\x04\x03\x02" +OBJ_whirlpool="\x28\xCF\x06\x03\x00\x37" +OBJ_cryptopro="\x2A\x85\x03\x02\x02" +OBJ_cryptocom="\x2A\x85\x03\x02\x09" +OBJ_id_GostR3411_94_with_GostR3410_2001="\x2A\x85\x03\x02\x02\x03" +OBJ_id_GostR3411_94_with_GostR3410_94="\x2A\x85\x03\x02\x02\x04" +OBJ_id_GostR3411_94="\x2A\x85\x03\x02\x02\x09" +OBJ_id_HMACGostR3411_94="\x2A\x85\x03\x02\x02\x0A" +OBJ_id_GostR3410_2001="\x2A\x85\x03\x02\x02\x13" +OBJ_id_GostR3410_94="\x2A\x85\x03\x02\x02\x14" +OBJ_id_Gost28147_89="\x2A\x85\x03\x02\x02\x15" +OBJ_id_Gost28147_89_MAC="\x2A\x85\x03\x02\x02\x16" +OBJ_id_GostR3411_94_prf="\x2A\x85\x03\x02\x02\x17" +OBJ_id_GostR3410_2001DH="\x2A\x85\x03\x02\x02\x62" +OBJ_id_GostR3410_94DH="\x2A\x85\x03\x02\x02\x63" +OBJ_id_Gost28147_89_CryptoPro_KeyMeshing="\x2A\x85\x03\x02\x02\x0E\x01" +OBJ_id_Gost28147_89_None_KeyMeshing="\x2A\x85\x03\x02\x02\x0E\x00" +OBJ_id_GostR3411_94_TestParamSet="\x2A\x85\x03\x02\x02\x1E\x00" +OBJ_id_GostR3411_94_CryptoProParamSet="\x2A\x85\x03\x02\x02\x1E\x01" +OBJ_id_Gost28147_89_TestParamSet="\x2A\x85\x03\x02\x02\x1F\x00" +OBJ_id_Gost28147_89_CryptoPro_A_ParamSet="\x2A\x85\x03\x02\x02\x1F\x01" +OBJ_id_Gost28147_89_CryptoPro_B_ParamSet="\x2A\x85\x03\x02\x02\x1F\x02" +OBJ_id_Gost28147_89_CryptoPro_C_ParamSet="\x2A\x85\x03\x02\x02\x1F\x03" +OBJ_id_Gost28147_89_CryptoPro_D_ParamSet="\x2A\x85\x03\x02\x02\x1F\x04" +OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet="\x2A\x85\x03\x02\x02\x1F\x05" +OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet="\x2A\x85\x03\x02\x02\x1F\x06" +OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet="\x2A\x85\x03\x02\x02\x1F\x07" +OBJ_id_GostR3410_94_TestParamSet="\x2A\x85\x03\x02\x02\x20\x00" +OBJ_id_GostR3410_94_CryptoPro_A_ParamSet="\x2A\x85\x03\x02\x02\x20\x02" +OBJ_id_GostR3410_94_CryptoPro_B_ParamSet="\x2A\x85\x03\x02\x02\x20\x03" +OBJ_id_GostR3410_94_CryptoPro_C_ParamSet="\x2A\x85\x03\x02\x02\x20\x04" +OBJ_id_GostR3410_94_CryptoPro_D_ParamSet="\x2A\x85\x03\x02\x02\x20\x05" +OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet="\x2A\x85\x03\x02\x02\x21\x01" +OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet="\x2A\x85\x03\x02\x02\x21\x02" +OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet="\x2A\x85\x03\x02\x02\x21\x03" +OBJ_id_GostR3410_2001_TestParamSet="\x2A\x85\x03\x02\x02\x23\x00" +OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet="\x2A\x85\x03\x02\x02\x23\x01" +OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet="\x2A\x85\x03\x02\x02\x23\x02" +OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet="\x2A\x85\x03\x02\x02\x23\x03" +OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet="\x2A\x85\x03\x02\x02\x24\x00" +OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet="\x2A\x85\x03\x02\x02\x24\x01" +OBJ_id_GostR3410_94_a="\x2A\x85\x03\x02\x02\x14\x01" +OBJ_id_GostR3410_94_aBis="\x2A\x85\x03\x02\x02\x14\x02" +OBJ_id_GostR3410_94_b="\x2A\x85\x03\x02\x02\x14\x03" +OBJ_id_GostR3410_94_bBis="\x2A\x85\x03\x02\x02\x14\x04" +OBJ_id_Gost28147_89_cc="\x2A\x85\x03\x02\x09\x01\x06\x01" +OBJ_id_GostR3410_94_cc="\x2A\x85\x03\x02\x09\x01\x05\x03" +OBJ_id_GostR3410_2001_cc="\x2A\x85\x03\x02\x09\x01\x05\x04" +OBJ_id_GostR3411_94_with_GostR3410_94_cc="\x2A\x85\x03\x02\x09\x01\x03\x03" +OBJ_id_GostR3411_94_with_GostR3410_2001_cc="\x2A\x85\x03\x02\x09\x01\x03\x04" +OBJ_id_GostR3410_2001_ParamSet_cc="\x2A\x85\x03\x02\x09\x01\x08\x01" +OBJ_LocalKeySet="\x2B\x06\x01\x04\x01\x82\x37\x11\x02" +OBJ_freshest_crl="\x55\x1D\x2E" +OBJ_id_on_permanentIdentifier="\x2B\x06\x01\x05\x05\x07\x08\x03" +OBJ_searchGuide="\x55\x04\x0E" +OBJ_businessCategory="\x55\x04\x0F" +OBJ_postalAddress="\x55\x04\x10" +OBJ_postOfficeBox="\x55\x04\x12" +OBJ_physicalDeliveryOfficeName="\x55\x04\x13" +OBJ_telephoneNumber="\x55\x04\x14" +OBJ_telexNumber="\x55\x04\x15" +OBJ_teletexTerminalIdentifier="\x55\x04\x16" +OBJ_facsimileTelephoneNumber="\x55\x04\x17" +OBJ_x121Address="\x55\x04\x18" +OBJ_internationaliSDNNumber="\x55\x04\x19" +OBJ_registeredAddress="\x55\x04\x1A" +OBJ_destinationIndicator="\x55\x04\x1B" +OBJ_preferredDeliveryMethod="\x55\x04\x1C" +OBJ_presentationAddress="\x55\x04\x1D" +OBJ_supportedApplicationContext="\x55\x04\x1E" +OBJ_member="\x55\x04\x1F" +OBJ_owner="\x55\x04\x20" +OBJ_roleOccupant="\x55\x04\x21" +OBJ_seeAlso="\x55\x04\x22" +OBJ_userPassword="\x55\x04\x23" +OBJ_userCertificate="\x55\x04\x24" +OBJ_cACertificate="\x55\x04\x25" +OBJ_authorityRevocationList="\x55\x04\x26" +OBJ_certificateRevocationList="\x55\x04\x27" +OBJ_crossCertificatePair="\x55\x04\x28" +OBJ_enhancedSearchGuide="\x55\x04\x2F" +OBJ_protocolInformation="\x55\x04\x30" +OBJ_distinguishedName="\x55\x04\x31" +OBJ_uniqueMember="\x55\x04\x32" +OBJ_houseIdentifier="\x55\x04\x33" +OBJ_supportedAlgorithms="\x55\x04\x34" +OBJ_deltaRevocationList="\x55\x04\x35" +OBJ_dmdName="\x55\x04\x36" +OBJ_id_alg_PWRI_KEK="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x09" +OBJ_aes_128_gcm="\x60\x86\x48\x01\x65\x03\x04\x01\x06" +OBJ_aes_128_ccm="\x60\x86\x48\x01\x65\x03\x04\x01\x07" +OBJ_id_aes128_wrap_pad="\x60\x86\x48\x01\x65\x03\x04\x01\x08" +OBJ_aes_192_gcm="\x60\x86\x48\x01\x65\x03\x04\x01\x1A" +OBJ_aes_192_ccm="\x60\x86\x48\x01\x65\x03\x04\x01\x1B" +OBJ_id_aes192_wrap_pad="\x60\x86\x48\x01\x65\x03\x04\x01\x1C" +OBJ_aes_256_gcm="\x60\x86\x48\x01\x65\x03\x04\x01\x2E" +OBJ_aes_256_ccm="\x60\x86\x48\x01\x65\x03\x04\x01\x2F" +OBJ_id_aes256_wrap_pad="\x60\x86\x48\x01\x65\x03\x04\x01\x30" +OBJ_id_camellia128_wrap="\x2A\x83\x08\x8C\x9A\x4B\x3D\x01\x01\x03\x02" +OBJ_id_camellia192_wrap="\x2A\x83\x08\x8C\x9A\x4B\x3D\x01\x01\x03\x03" +OBJ_id_camellia256_wrap="\x2A\x83\x08\x8C\x9A\x4B\x3D\x01\x01\x03\x04" +OBJ_anyExtendedKeyUsage="\x55\x1D\x25\x00" +OBJ_mgf1="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x08" +OBJ_rsassaPss="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0A" +OBJ_aes_128_xts="\x2B\x6F\x02\x8C\x53\x00\x01\x01" +OBJ_aes_256_xts="\x2B\x6F\x02\x8C\x53\x00\x01\x02" +OBJ_rsaesOaep="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x07" +OBJ_dhpublicnumber="\x2A\x86\x48\xCE\x3E\x02\x01" +OBJ_brainpoolP160r1="\x2B\x24\x03\x03\x02\x08\x01\x01\x01" +OBJ_brainpoolP160t1="\x2B\x24\x03\x03\x02\x08\x01\x01\x02" +OBJ_brainpoolP192r1="\x2B\x24\x03\x03\x02\x08\x01\x01\x03" +OBJ_brainpoolP192t1="\x2B\x24\x03\x03\x02\x08\x01\x01\x04" +OBJ_brainpoolP224r1="\x2B\x24\x03\x03\x02\x08\x01\x01\x05" +OBJ_brainpoolP224t1="\x2B\x24\x03\x03\x02\x08\x01\x01\x06" +OBJ_brainpoolP256r1="\x2B\x24\x03\x03\x02\x08\x01\x01\x07" +OBJ_brainpoolP256t1="\x2B\x24\x03\x03\x02\x08\x01\x01\x08" +OBJ_brainpoolP320r1="\x2B\x24\x03\x03\x02\x08\x01\x01\x09" +OBJ_brainpoolP320t1="\x2B\x24\x03\x03\x02\x08\x01\x01\x0A" +OBJ_brainpoolP384r1="\x2B\x24\x03\x03\x02\x08\x01\x01\x0B" +OBJ_brainpoolP384t1="\x2B\x24\x03\x03\x02\x08\x01\x01\x0C" +OBJ_brainpoolP512r1="\x2B\x24\x03\x03\x02\x08\x01\x01\x0D" +OBJ_brainpoolP512t1="\x2B\x24\x03\x03\x02\x08\x01\x01\x0E" +OBJ_pSpecified="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x09" +OBJ_dhSinglePass_stdDH_sha1kdf_scheme="\x2B\x81\x05\x10\x86\x48\x3F\x00\x02" +OBJ_dhSinglePass_stdDH_sha224kdf_scheme="\x2B\x81\x04\x01\x0B\x00" +OBJ_dhSinglePass_stdDH_sha256kdf_scheme="\x2B\x81\x04\x01\x0B\x01" +OBJ_dhSinglePass_stdDH_sha384kdf_scheme="\x2B\x81\x04\x01\x0B\x02" +OBJ_dhSinglePass_stdDH_sha512kdf_scheme="\x2B\x81\x04\x01\x0B\x03" +OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme="\x2B\x81\x05\x10\x86\x48\x3F\x00\x03" +OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme="\x2B\x81\x04\x01\x0E\x00" +OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme="\x2B\x81\x04\x01\x0E\x01" +OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme="\x2B\x81\x04\x01\x0E\x02" +OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme="\x2B\x81\x04\x01\x0E\x03" +OBJ_ct_precert_scts="\x2B\x06\x01\x04\x01\xD6\x79\x02\x04\x02" +OBJ_ct_precert_poison="\x2B\x06\x01\x04\x01\xD6\x79\x02\x04\x03" +OBJ_ct_precert_signer="\x2B\x06\x01\x04\x01\xD6\x79\x02\x04\x04" +OBJ_ct_cert_scts="\x2B\x06\x01\x04\x01\xD6\x79\x02\x04\x05" +OBJ_jurisdictionLocalityName="\x2B\x06\x01\x04\x01\x82\x37\x3C\x02\x01\x01" +OBJ_jurisdictionStateOrProvinceName="\x2B\x06\x01\x04\x01\x82\x37\x3C\x02\x01\x02" +OBJ_jurisdictionCountryName="\x2B\x06\x01\x04\x01\x82\x37\x3C\x02\x01\x03" +OBJ_camellia_128_gcm="\x03\xA2\x31\x05\x03\x01\x09\x06" +OBJ_camellia_128_ccm="\x03\xA2\x31\x05\x03\x01\x09\x07" +OBJ_camellia_128_ctr="\x03\xA2\x31\x05\x03\x01\x09\x09" +OBJ_camellia_128_cmac="\x03\xA2\x31\x05\x03\x01\x09\x0A" +OBJ_camellia_192_gcm="\x03\xA2\x31\x05\x03\x01\x09\x1A" +OBJ_camellia_192_ccm="\x03\xA2\x31\x05\x03\x01\x09\x1B" +OBJ_camellia_192_ctr="\x03\xA2\x31\x05\x03\x01\x09\x1D" +OBJ_camellia_192_cmac="\x03\xA2\x31\x05\x03\x01\x09\x1E" +OBJ_camellia_256_gcm="\x03\xA2\x31\x05\x03\x01\x09\x2E" +OBJ_camellia_256_ccm="\x03\xA2\x31\x05\x03\x01\x09\x2F" +OBJ_camellia_256_ctr="\x03\xA2\x31\x05\x03\x01\x09\x31" +OBJ_camellia_256_cmac="\x03\xA2\x31\x05\x03\x01\x09\x32" +OBJ_id_scrypt="\x2B\x06\x01\x04\x01\xDA\x47\x04\x0B" +OBJ_id_tc26="\x2A\x85\x03\x07\x01" +OBJ_id_tc26_algorithms="\x2A\x85\x03\x07\x01\x01" +OBJ_id_tc26_sign="\x2A\x85\x03\x07\x01\x01\x01" +OBJ_id_GostR3410_2012_256="\x2A\x85\x03\x07\x01\x01\x01\x01" +OBJ_id_GostR3410_2012_512="\x2A\x85\x03\x07\x01\x01\x01\x02" +OBJ_id_tc26_digest="\x2A\x85\x03\x07\x01\x01\x02" +OBJ_id_GostR3411_2012_256="\x2A\x85\x03\x07\x01\x01\x02\x02" +OBJ_id_GostR3411_2012_512="\x2A\x85\x03\x07\x01\x01\x02\x03" +OBJ_id_tc26_signwithdigest="\x2A\x85\x03\x07\x01\x01\x03" +OBJ_id_tc26_signwithdigest_gost3410_2012_256="\x2A\x85\x03\x07\x01\x01\x03\x02" +OBJ_id_tc26_signwithdigest_gost3410_2012_512="\x2A\x85\x03\x07\x01\x01\x03\x03" +OBJ_id_tc26_mac="\x2A\x85\x03\x07\x01\x01\x04" +OBJ_id_tc26_hmac_gost_3411_2012_256="\x2A\x85\x03\x07\x01\x01\x04\x01" +OBJ_id_tc26_hmac_gost_3411_2012_512="\x2A\x85\x03\x07\x01\x01\x04\x02" +OBJ_id_tc26_cipher="\x2A\x85\x03\x07\x01\x01\x05" +OBJ_id_tc26_agreement="\x2A\x85\x03\x07\x01\x01\x06" +OBJ_id_tc26_agreement_gost_3410_2012_256="\x2A\x85\x03\x07\x01\x01\x06\x01" +OBJ_id_tc26_agreement_gost_3410_2012_512="\x2A\x85\x03\x07\x01\x01\x06\x02" +OBJ_id_tc26_constants="\x2A\x85\x03\x07\x01\x02" +OBJ_id_tc26_sign_constants="\x2A\x85\x03\x07\x01\x02\x01" +OBJ_id_tc26_gost_3410_2012_512_constants="\x2A\x85\x03\x07\x01\x02\x01\x02" +OBJ_id_tc26_gost_3410_2012_512_paramSetTest="\x2A\x85\x03\x07\x01\x02\x01\x02\x00" +OBJ_id_tc26_gost_3410_2012_512_paramSetA="\x2A\x85\x03\x07\x01\x02\x01\x02\x01" +OBJ_id_tc26_gost_3410_2012_512_paramSetB="\x2A\x85\x03\x07\x01\x02\x01\x02\x02" +OBJ_id_tc26_digest_constants="\x2A\x85\x03\x07\x01\x02\x02" +OBJ_id_tc26_cipher_constants="\x2A\x85\x03\x07\x01\x02\x05" +OBJ_id_tc26_gost_28147_constants="\x2A\x85\x03\x07\x01\x02\x05\x01" +OBJ_id_tc26_gost_28147_param_Z="\x2A\x85\x03\x07\x01\x02\x05\x01\x01" +OBJ_INN="\x2A\x85\x03\x03\x81\x03\x01\x01" +OBJ_OGRN="\x2A\x85\x03\x64\x01" +OBJ_SNILS="\x2A\x85\x03\x64\x03" +OBJ_subjectSignTool="\x2A\x85\x03\x64\x6F" +OBJ_issuerSignTool="\x2A\x85\x03\x64\x70" +OBJ_tlsfeature="\x2B\x06\x01\x05\x05\x07\x01\x18" +OBJ_ipsec_IKE="\x2B\x06\x01\x05\x05\x07\x03\x11" +OBJ_capwapAC="\x2B\x06\x01\x05\x05\x07\x03\x12" +OBJ_capwapWTP="\x2B\x06\x01\x05\x05\x07\x03\x13" +OBJ_sshClient="\x2B\x06\x01\x05\x05\x07\x03\x15" +OBJ_sshServer="\x2B\x06\x01\x05\x05\x07\x03\x16" +OBJ_sendRouter="\x2B\x06\x01\x05\x05\x07\x03\x17" +OBJ_sendProxiedRouter="\x2B\x06\x01\x05\x05\x07\x03\x18" +OBJ_sendOwner="\x2B\x06\x01\x05\x05\x07\x03\x19" +OBJ_sendProxiedOwner="\x2B\x06\x01\x05\x05\x07\x03\x1A" +OBJ_id_pkinit="\x2B\x06\x01\x05\x02\x03" +OBJ_pkInitClientAuth="\x2B\x06\x01\x05\x02\x03\x04" +OBJ_pkInitKDC="\x2B\x06\x01\x05\x02\x03\x05" +OBJ_X25519="\x2B\x65\x6E" +OBJ_X448="\x2B\x65\x6F" +OBJ_blake2b512="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x01\x10" +OBJ_blake2s256="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x02\x08" +OBJ_id_smime_ct_contentCollection="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x13" +OBJ_id_smime_ct_authEnvelopedData="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x17" +OBJ_id_ct_xml="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x1C" +OBJ_aria_128_ecb="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x01" +OBJ_aria_128_cbc="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x02" +OBJ_aria_128_cfb128="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x03" +OBJ_aria_128_ofb128="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x04" +OBJ_aria_128_ctr="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x05" +OBJ_aria_192_ecb="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x06" +OBJ_aria_192_cbc="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x07" +OBJ_aria_192_cfb128="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x08" +OBJ_aria_192_ofb128="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x09" +OBJ_aria_192_ctr="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x0A" +OBJ_aria_256_ecb="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x0B" +OBJ_aria_256_cbc="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x0C" +OBJ_aria_256_cfb128="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x0D" +OBJ_aria_256_ofb128="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x0E" +OBJ_aria_256_ctr="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x0F" +OBJ_id_smime_aa_signingCertificateV2="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x02\x2F" +OBJ_ED25519="\x2B\x65\x70" +OBJ_ED448="\x2B\x65\x71" +OBJ_organizationIdentifier="\x55\x04\x61" +OBJ_countryCode3c="\x55\x04\x62" +OBJ_countryCode3n="\x55\x04\x63" +OBJ_dnsName="\x55\x04\x64" +OBJ_x509ExtAdmission="\x2B\x24\x08\x03\x03" +OBJ_sha512_224="\x60\x86\x48\x01\x65\x03\x04\x02\x05" +OBJ_sha512_256="\x60\x86\x48\x01\x65\x03\x04\x02\x06" +OBJ_sha3_224="\x60\x86\x48\x01\x65\x03\x04\x02\x07" +OBJ_sha3_256="\x60\x86\x48\x01\x65\x03\x04\x02\x08" +OBJ_sha3_384="\x60\x86\x48\x01\x65\x03\x04\x02\x09" +OBJ_sha3_512="\x60\x86\x48\x01\x65\x03\x04\x02\x0A" +OBJ_shake128="\x60\x86\x48\x01\x65\x03\x04\x02\x0B" +OBJ_shake256="\x60\x86\x48\x01\x65\x03\x04\x02\x0C" +OBJ_hmac_sha3_224="\x60\x86\x48\x01\x65\x03\x04\x02\x0D" +OBJ_hmac_sha3_256="\x60\x86\x48\x01\x65\x03\x04\x02\x0E" +OBJ_hmac_sha3_384="\x60\x86\x48\x01\x65\x03\x04\x02\x0F" +OBJ_hmac_sha3_512="\x60\x86\x48\x01\x65\x03\x04\x02\x10" +OBJ_dsa_with_SHA384="\x60\x86\x48\x01\x65\x03\x04\x03\x03" +OBJ_dsa_with_SHA512="\x60\x86\x48\x01\x65\x03\x04\x03\x04" +OBJ_dsa_with_SHA3_224="\x60\x86\x48\x01\x65\x03\x04\x03\x05" +OBJ_dsa_with_SHA3_256="\x60\x86\x48\x01\x65\x03\x04\x03\x06" +OBJ_dsa_with_SHA3_384="\x60\x86\x48\x01\x65\x03\x04\x03\x07" +OBJ_dsa_with_SHA3_512="\x60\x86\x48\x01\x65\x03\x04\x03\x08" +OBJ_ecdsa_with_SHA3_224="\x60\x86\x48\x01\x65\x03\x04\x03\x09" +OBJ_ecdsa_with_SHA3_256="\x60\x86\x48\x01\x65\x03\x04\x03\x0A" +OBJ_ecdsa_with_SHA3_384="\x60\x86\x48\x01\x65\x03\x04\x03\x0B" +OBJ_ecdsa_with_SHA3_512="\x60\x86\x48\x01\x65\x03\x04\x03\x0C" +OBJ_RSA_SHA3_224="\x60\x86\x48\x01\x65\x03\x04\x03\x0D" +OBJ_RSA_SHA3_256="\x60\x86\x48\x01\x65\x03\x04\x03\x0E" +OBJ_RSA_SHA3_384="\x60\x86\x48\x01\x65\x03\x04\x03\x0F" +OBJ_RSA_SHA3_512="\x60\x86\x48\x01\x65\x03\x04\x03\x10" +OBJ_aria_128_ccm="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x25" +OBJ_aria_192_ccm="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x26" +OBJ_aria_256_ccm="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x27" +OBJ_aria_128_gcm="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x22" +OBJ_aria_192_gcm="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x23" +OBJ_aria_256_gcm="\x2A\x83\x1A\x8C\x9A\x6E\x01\x01\x24" +OBJ_cmcCA="\x2B\x06\x01\x05\x05\x07\x03\x1B" +OBJ_cmcRA="\x2B\x06\x01\x05\x05\x07\x03\x1C" +OBJ_sm4_ecb="\x2A\x81\x1C\xCF\x55\x01\x68\x01" +OBJ_sm4_cbc="\x2A\x81\x1C\xCF\x55\x01\x68\x02" +OBJ_sm4_ofb128="\x2A\x81\x1C\xCF\x55\x01\x68\x03" +OBJ_sm4_cfb1="\x2A\x81\x1C\xCF\x55\x01\x68\x05" +OBJ_sm4_cfb128="\x2A\x81\x1C\xCF\x55\x01\x68\x04" +OBJ_sm4_cfb8="\x2A\x81\x1C\xCF\x55\x01\x68\x06" +OBJ_sm4_ctr="\x2A\x81\x1C\xCF\x55\x01\x68\x07" +OBJ_ISO_CN="\x2A\x81\x1C" +OBJ_oscca="\x2A\x81\x1C\xCF\x55" +OBJ_sm_scheme="\x2A\x81\x1C\xCF\x55\x01" +OBJ_sm3="\x2A\x81\x1C\xCF\x55\x01\x83\x11" +OBJ_sm3WithRSAEncryption="\x2A\x81\x1C\xCF\x55\x01\x83\x78" +OBJ_sha512_224WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0F" +OBJ_sha512_256WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x10" +OBJ_id_tc26_gost_3410_2012_256_constants="\x2A\x85\x03\x07\x01\x02\x01\x01" +OBJ_id_tc26_gost_3410_2012_256_paramSetA="\x2A\x85\x03\x07\x01\x02\x01\x01\x01" +OBJ_id_tc26_gost_3410_2012_512_paramSetC="\x2A\x85\x03\x07\x01\x02\x01\x02\x03" +OBJ_ISO_UA="\x2A\x86\x24" +OBJ_ua_pki="\x2A\x86\x24\x02\x01\x01\x01" +OBJ_dstu28147="\x2A\x86\x24\x02\x01\x01\x01\x01\x01\x01" +OBJ_dstu28147_ofb="\x2A\x86\x24\x02\x01\x01\x01\x01\x01\x01\x02" +OBJ_dstu28147_cfb="\x2A\x86\x24\x02\x01\x01\x01\x01\x01\x01\x03" +OBJ_dstu28147_wrap="\x2A\x86\x24\x02\x01\x01\x01\x01\x01\x01\x05" +OBJ_hmacWithDstu34311="\x2A\x86\x24\x02\x01\x01\x01\x01\x01\x02" +OBJ_dstu34311="\x2A\x86\x24\x02\x01\x01\x01\x01\x02\x01" +OBJ_dstu4145le="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01" +OBJ_dstu4145be="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x01\x01" +OBJ_uacurve0="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x00" +OBJ_uacurve1="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x01" +OBJ_uacurve2="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x02" +OBJ_uacurve3="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x03" +OBJ_uacurve4="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x04" +OBJ_uacurve5="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x05" +OBJ_uacurve6="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x06" +OBJ_uacurve7="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x07" +OBJ_uacurve8="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x08" +OBJ_uacurve9="\x2A\x86\x24\x02\x01\x01\x01\x01\x03\x01\x01\x02\x09" +OBJ_ieee="\x2B\x6F" +OBJ_ieee_siswg="\x2B\x6F\x02\x8C\x53" +OBJ_sm2="\x2A\x81\x1C\xCF\x55\x01\x82\x2D" +OBJ_id_tc26_cipher_gostr3412_2015_magma="\x2A\x85\x03\x07\x01\x01\x05\x01" +OBJ_id_tc26_cipher_gostr3412_2015_magma_ctracpkm="\x2A\x85\x03\x07\x01\x01\x05\x01\x01" +OBJ_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac="\x2A\x85\x03\x07\x01\x01\x05\x01\x02" +OBJ_id_tc26_cipher_gostr3412_2015_kuznyechik="\x2A\x85\x03\x07\x01\x01\x05\x02" +OBJ_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm="\x2A\x85\x03\x07\x01\x01\x05\x02\x01" +OBJ_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac="\x2A\x85\x03\x07\x01\x01\x05\x02\x02" +OBJ_id_tc26_wrap="\x2A\x85\x03\x07\x01\x01\x07" +OBJ_id_tc26_wrap_gostr3412_2015_magma="\x2A\x85\x03\x07\x01\x01\x07\x01" +OBJ_id_tc26_wrap_gostr3412_2015_magma_kexp15="\x2A\x85\x03\x07\x01\x01\x07\x01\x01" +OBJ_id_tc26_wrap_gostr3412_2015_kuznyechik="\x2A\x85\x03\x07\x01\x01\x07\x02" +OBJ_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15="\x2A\x85\x03\x07\x01\x01\x07\x01\x01" +OBJ_id_tc26_gost_3410_2012_256_paramSetB="\x2A\x85\x03\x07\x01\x02\x01\x01\x02" +OBJ_id_tc26_gost_3410_2012_256_paramSetC="\x2A\x85\x03\x07\x01\x02\x01\x01\x03" +OBJ_id_tc26_gost_3410_2012_256_paramSetD="\x2A\x85\x03\x07\x01\x02\x01\x01\x04" +OBJ_hmacWithSHA512_224="\x2A\x86\x48\x86\xF7\x0D\x02\x0C" +OBJ_hmacWithSHA512_256="\x2A\x86\x48\x86\xF7\x0D\x02\x0D" diff --git a/deps/openssl/openssl/fuzz/rand.inc b/deps/openssl/openssl/fuzz/rand.inc new file mode 100644 index 0000000000..f8b3277b94 --- /dev/null +++ b/deps/openssl/openssl/fuzz/rand.inc @@ -0,0 +1,40 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL licenses, (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ +#include <openssl/rand.h> + +static int fuzz_bytes(unsigned char *buf, int num) +{ + unsigned char val = 1; + + while (--num >= 0) + *buf++ = val++; + return 1; +} + +static int fuzz_status(void) +{ + return 1; +} + +static RAND_METHOD fuzz_rand_method = { + NULL, + fuzz_bytes, + NULL, + NULL, + fuzz_bytes, + fuzz_status +}; + +void FuzzerSetRand(void) +{ + RAND_set_rand_method(&fuzz_rand_method); +} + + diff --git a/deps/openssl/openssl/fuzz/server.c b/deps/openssl/openssl/fuzz/server.c index 35449d8caa..2d392ac886 100644 --- a/deps/openssl/openssl/fuzz/server.c +++ b/deps/openssl/openssl/fuzz/server.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL licenses, (the "License"); * you may not use this file except in compliance with the License. @@ -12,12 +12,18 @@ /* Test first part of SSL server handshake. */ - +#include <time.h> #include <openssl/rand.h> #include <openssl/ssl.h> #include <openssl/rsa.h> +#include <openssl/dsa.h> +#include <openssl/ec.h> +#include <openssl/dh.h> +#include <openssl/err.h> #include "fuzzer.h" +#include "rand.inc" + static const uint8_t kCertificateDER[] = { 0x30, 0x82, 0x02, 0xff, 0x30, 0x82, 0x01, 0xe7, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x11, 0x00, 0xb1, 0x84, 0xee, 0x34, 0x99, 0x98, 0x76, 0xfb, @@ -189,16 +195,352 @@ static const uint8_t kRSAPrivateKeyDER[] = { 0x98, 0x46, 0x89, 0x82, 0x40, }; -static SSL_CTX *ctx; -int FuzzerInitialize(int *argc, char ***argv) { - const uint8_t *bufp = kRSAPrivateKeyDER; +#ifndef OPENSSL_NO_EC +/* + * -----BEGIN EC PRIVATE KEY----- + * MHcCAQEEIJLyl7hJjpQL/RhP1x2zS79xdiPJQB683gWeqcqHPeZkoAoGCCqGSM49 + * AwEHoUQDQgAEdsjygVYjjaKBF4CNECVllNf017p5/MxNSWDoTHy9I2GeDwEDDazI + * D/xy8JiYjtPKVE/Zqwbmivp2UwtH28a7NQ== + * -----END EC PRIVATE KEY----- + */ +static const char ECDSAPrivateKeyPEM[] = { + 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x45, + 0x43, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, + 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x48, 0x63, 0x43, 0x41, + 0x51, 0x45, 0x45, 0x49, 0x4a, 0x4c, 0x79, 0x6c, 0x37, 0x68, 0x4a, 0x6a, + 0x70, 0x51, 0x4c, 0x2f, 0x52, 0x68, 0x50, 0x31, 0x78, 0x32, 0x7a, 0x53, + 0x37, 0x39, 0x78, 0x64, 0x69, 0x50, 0x4a, 0x51, 0x42, 0x36, 0x38, 0x33, + 0x67, 0x57, 0x65, 0x71, 0x63, 0x71, 0x48, 0x50, 0x65, 0x5a, 0x6b, 0x6f, + 0x41, 0x6f, 0x47, 0x43, 0x43, 0x71, 0x47, 0x53, 0x4d, 0x34, 0x39, 0x0a, + 0x41, 0x77, 0x45, 0x48, 0x6f, 0x55, 0x51, 0x44, 0x51, 0x67, 0x41, 0x45, + 0x64, 0x73, 0x6a, 0x79, 0x67, 0x56, 0x59, 0x6a, 0x6a, 0x61, 0x4b, 0x42, + 0x46, 0x34, 0x43, 0x4e, 0x45, 0x43, 0x56, 0x6c, 0x6c, 0x4e, 0x66, 0x30, + 0x31, 0x37, 0x70, 0x35, 0x2f, 0x4d, 0x78, 0x4e, 0x53, 0x57, 0x44, 0x6f, + 0x54, 0x48, 0x79, 0x39, 0x49, 0x32, 0x47, 0x65, 0x44, 0x77, 0x45, 0x44, + 0x44, 0x61, 0x7a, 0x49, 0x0a, 0x44, 0x2f, 0x78, 0x79, 0x38, 0x4a, 0x69, + 0x59, 0x6a, 0x74, 0x50, 0x4b, 0x56, 0x45, 0x2f, 0x5a, 0x71, 0x77, 0x62, + 0x6d, 0x69, 0x76, 0x70, 0x32, 0x55, 0x77, 0x74, 0x48, 0x32, 0x38, 0x61, + 0x37, 0x4e, 0x51, 0x3d, 0x3d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, + 0x4e, 0x44, 0x20, 0x45, 0x43, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, + 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a +}; + +/* + * -----BEGIN CERTIFICATE----- + * MIIBXzCCAQagAwIBAgIJAK6/Yvf/ain6MAoGCCqGSM49BAMCMBIxEDAOBgNVBAoM + * B0FjbWUgQ28wHhcNMTYxMjI1MTEzOTI3WhcNMjYxMjI1MTEzOTI3WjASMRAwDgYD + * VQQKDAdBY21lIENvMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEdsjygVYjjaKB + * F4CNECVllNf017p5/MxNSWDoTHy9I2GeDwEDDazID/xy8JiYjtPKVE/Zqwbmivp2 + * UwtH28a7NaNFMEMwCQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwEwYDVR0lBAwwCgYI + * KwYBBQUHAwEwFAYDVR0RBA0wC4IJbG9jYWxob3N0MAoGCCqGSM49BAMCA0cAMEQC + * IEzr3t/jejVE9oSnBp8c3P2p+lDLVRrB8zxLyjZvirUXAiAyQPaE9MNcL8/nRpuu + * 99I1enCSmWIAJ57IwuJ/n1d45Q== + * -----END CERTIFICATE----- + */ +static const char ECDSACertPEM[] = { + 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, + 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, + 0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x42, 0x58, 0x7a, 0x43, 0x43, + 0x41, 0x51, 0x61, 0x67, 0x41, 0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x4a, + 0x41, 0x4b, 0x36, 0x2f, 0x59, 0x76, 0x66, 0x2f, 0x61, 0x69, 0x6e, 0x36, + 0x4d, 0x41, 0x6f, 0x47, 0x43, 0x43, 0x71, 0x47, 0x53, 0x4d, 0x34, 0x39, + 0x42, 0x41, 0x4d, 0x43, 0x4d, 0x42, 0x49, 0x78, 0x45, 0x44, 0x41, 0x4f, + 0x42, 0x67, 0x4e, 0x56, 0x42, 0x41, 0x6f, 0x4d, 0x0a, 0x42, 0x30, 0x46, + 0x6a, 0x62, 0x57, 0x55, 0x67, 0x51, 0x32, 0x38, 0x77, 0x48, 0x68, 0x63, + 0x4e, 0x4d, 0x54, 0x59, 0x78, 0x4d, 0x6a, 0x49, 0x31, 0x4d, 0x54, 0x45, + 0x7a, 0x4f, 0x54, 0x49, 0x33, 0x57, 0x68, 0x63, 0x4e, 0x4d, 0x6a, 0x59, + 0x78, 0x4d, 0x6a, 0x49, 0x31, 0x4d, 0x54, 0x45, 0x7a, 0x4f, 0x54, 0x49, + 0x33, 0x57, 0x6a, 0x41, 0x53, 0x4d, 0x52, 0x41, 0x77, 0x44, 0x67, 0x59, + 0x44, 0x0a, 0x56, 0x51, 0x51, 0x4b, 0x44, 0x41, 0x64, 0x42, 0x59, 0x32, + 0x31, 0x6c, 0x49, 0x45, 0x4e, 0x76, 0x4d, 0x46, 0x6b, 0x77, 0x45, 0x77, + 0x59, 0x48, 0x4b, 0x6f, 0x5a, 0x49, 0x7a, 0x6a, 0x30, 0x43, 0x41, 0x51, + 0x59, 0x49, 0x4b, 0x6f, 0x5a, 0x49, 0x7a, 0x6a, 0x30, 0x44, 0x41, 0x51, + 0x63, 0x44, 0x51, 0x67, 0x41, 0x45, 0x64, 0x73, 0x6a, 0x79, 0x67, 0x56, + 0x59, 0x6a, 0x6a, 0x61, 0x4b, 0x42, 0x0a, 0x46, 0x34, 0x43, 0x4e, 0x45, + 0x43, 0x56, 0x6c, 0x6c, 0x4e, 0x66, 0x30, 0x31, 0x37, 0x70, 0x35, 0x2f, + 0x4d, 0x78, 0x4e, 0x53, 0x57, 0x44, 0x6f, 0x54, 0x48, 0x79, 0x39, 0x49, + 0x32, 0x47, 0x65, 0x44, 0x77, 0x45, 0x44, 0x44, 0x61, 0x7a, 0x49, 0x44, + 0x2f, 0x78, 0x79, 0x38, 0x4a, 0x69, 0x59, 0x6a, 0x74, 0x50, 0x4b, 0x56, + 0x45, 0x2f, 0x5a, 0x71, 0x77, 0x62, 0x6d, 0x69, 0x76, 0x70, 0x32, 0x0a, + 0x55, 0x77, 0x74, 0x48, 0x32, 0x38, 0x61, 0x37, 0x4e, 0x61, 0x4e, 0x46, + 0x4d, 0x45, 0x4d, 0x77, 0x43, 0x51, 0x59, 0x44, 0x56, 0x52, 0x30, 0x54, + 0x42, 0x41, 0x49, 0x77, 0x41, 0x44, 0x41, 0x4c, 0x42, 0x67, 0x4e, 0x56, + 0x48, 0x51, 0x38, 0x45, 0x42, 0x41, 0x4d, 0x43, 0x42, 0x61, 0x41, 0x77, + 0x45, 0x77, 0x59, 0x44, 0x56, 0x52, 0x30, 0x6c, 0x42, 0x41, 0x77, 0x77, + 0x43, 0x67, 0x59, 0x49, 0x0a, 0x4b, 0x77, 0x59, 0x42, 0x42, 0x51, 0x55, + 0x48, 0x41, 0x77, 0x45, 0x77, 0x46, 0x41, 0x59, 0x44, 0x56, 0x52, 0x30, + 0x52, 0x42, 0x41, 0x30, 0x77, 0x43, 0x34, 0x49, 0x4a, 0x62, 0x47, 0x39, + 0x6a, 0x59, 0x57, 0x78, 0x6f, 0x62, 0x33, 0x4e, 0x30, 0x4d, 0x41, 0x6f, + 0x47, 0x43, 0x43, 0x71, 0x47, 0x53, 0x4d, 0x34, 0x39, 0x42, 0x41, 0x4d, + 0x43, 0x41, 0x30, 0x63, 0x41, 0x4d, 0x45, 0x51, 0x43, 0x0a, 0x49, 0x45, + 0x7a, 0x72, 0x33, 0x74, 0x2f, 0x6a, 0x65, 0x6a, 0x56, 0x45, 0x39, 0x6f, + 0x53, 0x6e, 0x42, 0x70, 0x38, 0x63, 0x33, 0x50, 0x32, 0x70, 0x2b, 0x6c, + 0x44, 0x4c, 0x56, 0x52, 0x72, 0x42, 0x38, 0x7a, 0x78, 0x4c, 0x79, 0x6a, + 0x5a, 0x76, 0x69, 0x72, 0x55, 0x58, 0x41, 0x69, 0x41, 0x79, 0x51, 0x50, + 0x61, 0x45, 0x39, 0x4d, 0x4e, 0x63, 0x4c, 0x38, 0x2f, 0x6e, 0x52, 0x70, + 0x75, 0x75, 0x0a, 0x39, 0x39, 0x49, 0x31, 0x65, 0x6e, 0x43, 0x53, 0x6d, + 0x57, 0x49, 0x41, 0x4a, 0x35, 0x37, 0x49, 0x77, 0x75, 0x4a, 0x2f, 0x6e, + 0x31, 0x64, 0x34, 0x35, 0x51, 0x3d, 0x3d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, + 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, + 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a +}; +#endif + +#ifndef OPENSSL_NO_DSA +/* + * -----BEGIN DSA PRIVATE KEY----- + * MIIBuwIBAAKBgQDdkFKzNABLOha7Eqj7004+p5fhtR6bxpujToMmSZTYi8igVVXP + * Wzf03ULKS5UKjA6WpR6EiZAhm+PdxusZ5xfAuRZLdKy0bgxn1f348Rwh+EQNaEM8 + * 0TGcnw5ijwKmSw5yyHPDWdiHzoqEBlhAf8Nl22YTXax/clsc/pu/RRLAdwIVAIEg + * QqWRf/1EIZZcgM65Qpd65YuxAoGBAKBauV/RuloFHoSy5iWXESDywiS380tN5974 + * GukGwoYdZo5uSIH6ahpeNSef0MbHGAzr7ZVEnhCQfRAwH1gRvSHoq/Rbmcvtd3r+ + * QtQHOwvQHgLAynhI4i73c794czHaR+439bmcaSwDnQduRM85Mho/jiiZzAVPxBmG + * POIMWNXXAoGAI6Ep5IE7yn3JzkXO9B6tC3bbDM+ZzuuInwZLbtZ8lim7Dsqabg4k + * 2YbE4R95Bnfwnjsyl80mq/DbQN5lAHBvjDrkC6ItojBGKI3+iIrqGUEJdxvl4ulj + * F0PmSD7zvIG8BfocKOel+EHH0YryExiW6krV1KW2ZRmJrqSFw6KCjV0CFFQFbPfU + * xy5PmKytJmXR8BmppkIO + * -----END DSA PRIVATE KEY----- + */ +static const char DSAPrivateKeyPEM[] = { + 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x44, + 0x53, 0x41, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, + 0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x42, + 0x75, 0x77, 0x49, 0x42, 0x41, 0x41, 0x4b, 0x42, 0x67, 0x51, 0x44, 0x64, + 0x6b, 0x46, 0x4b, 0x7a, 0x4e, 0x41, 0x42, 0x4c, 0x4f, 0x68, 0x61, 0x37, + 0x45, 0x71, 0x6a, 0x37, 0x30, 0x30, 0x34, 0x2b, 0x70, 0x35, 0x66, 0x68, + 0x74, 0x52, 0x36, 0x62, 0x78, 0x70, 0x75, 0x6a, 0x54, 0x6f, 0x4d, 0x6d, + 0x53, 0x5a, 0x54, 0x59, 0x69, 0x38, 0x69, 0x67, 0x56, 0x56, 0x58, 0x50, + 0x0a, 0x57, 0x7a, 0x66, 0x30, 0x33, 0x55, 0x4c, 0x4b, 0x53, 0x35, 0x55, + 0x4b, 0x6a, 0x41, 0x36, 0x57, 0x70, 0x52, 0x36, 0x45, 0x69, 0x5a, 0x41, + 0x68, 0x6d, 0x2b, 0x50, 0x64, 0x78, 0x75, 0x73, 0x5a, 0x35, 0x78, 0x66, + 0x41, 0x75, 0x52, 0x5a, 0x4c, 0x64, 0x4b, 0x79, 0x30, 0x62, 0x67, 0x78, + 0x6e, 0x31, 0x66, 0x33, 0x34, 0x38, 0x52, 0x77, 0x68, 0x2b, 0x45, 0x51, + 0x4e, 0x61, 0x45, 0x4d, 0x38, 0x0a, 0x30, 0x54, 0x47, 0x63, 0x6e, 0x77, + 0x35, 0x69, 0x6a, 0x77, 0x4b, 0x6d, 0x53, 0x77, 0x35, 0x79, 0x79, 0x48, + 0x50, 0x44, 0x57, 0x64, 0x69, 0x48, 0x7a, 0x6f, 0x71, 0x45, 0x42, 0x6c, + 0x68, 0x41, 0x66, 0x38, 0x4e, 0x6c, 0x32, 0x32, 0x59, 0x54, 0x58, 0x61, + 0x78, 0x2f, 0x63, 0x6c, 0x73, 0x63, 0x2f, 0x70, 0x75, 0x2f, 0x52, 0x52, + 0x4c, 0x41, 0x64, 0x77, 0x49, 0x56, 0x41, 0x49, 0x45, 0x67, 0x0a, 0x51, + 0x71, 0x57, 0x52, 0x66, 0x2f, 0x31, 0x45, 0x49, 0x5a, 0x5a, 0x63, 0x67, + 0x4d, 0x36, 0x35, 0x51, 0x70, 0x64, 0x36, 0x35, 0x59, 0x75, 0x78, 0x41, + 0x6f, 0x47, 0x42, 0x41, 0x4b, 0x42, 0x61, 0x75, 0x56, 0x2f, 0x52, 0x75, + 0x6c, 0x6f, 0x46, 0x48, 0x6f, 0x53, 0x79, 0x35, 0x69, 0x57, 0x58, 0x45, + 0x53, 0x44, 0x79, 0x77, 0x69, 0x53, 0x33, 0x38, 0x30, 0x74, 0x4e, 0x35, + 0x39, 0x37, 0x34, 0x0a, 0x47, 0x75, 0x6b, 0x47, 0x77, 0x6f, 0x59, 0x64, + 0x5a, 0x6f, 0x35, 0x75, 0x53, 0x49, 0x48, 0x36, 0x61, 0x68, 0x70, 0x65, + 0x4e, 0x53, 0x65, 0x66, 0x30, 0x4d, 0x62, 0x48, 0x47, 0x41, 0x7a, 0x72, + 0x37, 0x5a, 0x56, 0x45, 0x6e, 0x68, 0x43, 0x51, 0x66, 0x52, 0x41, 0x77, + 0x48, 0x31, 0x67, 0x52, 0x76, 0x53, 0x48, 0x6f, 0x71, 0x2f, 0x52, 0x62, + 0x6d, 0x63, 0x76, 0x74, 0x64, 0x33, 0x72, 0x2b, 0x0a, 0x51, 0x74, 0x51, + 0x48, 0x4f, 0x77, 0x76, 0x51, 0x48, 0x67, 0x4c, 0x41, 0x79, 0x6e, 0x68, + 0x49, 0x34, 0x69, 0x37, 0x33, 0x63, 0x37, 0x39, 0x34, 0x63, 0x7a, 0x48, + 0x61, 0x52, 0x2b, 0x34, 0x33, 0x39, 0x62, 0x6d, 0x63, 0x61, 0x53, 0x77, + 0x44, 0x6e, 0x51, 0x64, 0x75, 0x52, 0x4d, 0x38, 0x35, 0x4d, 0x68, 0x6f, + 0x2f, 0x6a, 0x69, 0x69, 0x5a, 0x7a, 0x41, 0x56, 0x50, 0x78, 0x42, 0x6d, + 0x47, 0x0a, 0x50, 0x4f, 0x49, 0x4d, 0x57, 0x4e, 0x58, 0x58, 0x41, 0x6f, + 0x47, 0x41, 0x49, 0x36, 0x45, 0x70, 0x35, 0x49, 0x45, 0x37, 0x79, 0x6e, + 0x33, 0x4a, 0x7a, 0x6b, 0x58, 0x4f, 0x39, 0x42, 0x36, 0x74, 0x43, 0x33, + 0x62, 0x62, 0x44, 0x4d, 0x2b, 0x5a, 0x7a, 0x75, 0x75, 0x49, 0x6e, 0x77, + 0x5a, 0x4c, 0x62, 0x74, 0x5a, 0x38, 0x6c, 0x69, 0x6d, 0x37, 0x44, 0x73, + 0x71, 0x61, 0x62, 0x67, 0x34, 0x6b, 0x0a, 0x32, 0x59, 0x62, 0x45, 0x34, + 0x52, 0x39, 0x35, 0x42, 0x6e, 0x66, 0x77, 0x6e, 0x6a, 0x73, 0x79, 0x6c, + 0x38, 0x30, 0x6d, 0x71, 0x2f, 0x44, 0x62, 0x51, 0x4e, 0x35, 0x6c, 0x41, + 0x48, 0x42, 0x76, 0x6a, 0x44, 0x72, 0x6b, 0x43, 0x36, 0x49, 0x74, 0x6f, + 0x6a, 0x42, 0x47, 0x4b, 0x49, 0x33, 0x2b, 0x69, 0x49, 0x72, 0x71, 0x47, + 0x55, 0x45, 0x4a, 0x64, 0x78, 0x76, 0x6c, 0x34, 0x75, 0x6c, 0x6a, 0x0a, + 0x46, 0x30, 0x50, 0x6d, 0x53, 0x44, 0x37, 0x7a, 0x76, 0x49, 0x47, 0x38, + 0x42, 0x66, 0x6f, 0x63, 0x4b, 0x4f, 0x65, 0x6c, 0x2b, 0x45, 0x48, 0x48, + 0x30, 0x59, 0x72, 0x79, 0x45, 0x78, 0x69, 0x57, 0x36, 0x6b, 0x72, 0x56, + 0x31, 0x4b, 0x57, 0x32, 0x5a, 0x52, 0x6d, 0x4a, 0x72, 0x71, 0x53, 0x46, + 0x77, 0x36, 0x4b, 0x43, 0x6a, 0x56, 0x30, 0x43, 0x46, 0x46, 0x51, 0x46, + 0x62, 0x50, 0x66, 0x55, 0x0a, 0x78, 0x79, 0x35, 0x50, 0x6d, 0x4b, 0x79, + 0x74, 0x4a, 0x6d, 0x58, 0x52, 0x38, 0x42, 0x6d, 0x70, 0x70, 0x6b, 0x49, + 0x4f, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x44, + 0x53, 0x41, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, + 0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a +}; + +/* + * -----BEGIN CERTIFICATE----- + * MIICqTCCAmegAwIBAgIJAILDGUk37fWGMAsGCWCGSAFlAwQDAjASMRAwDgYDVQQK + * DAdBY21lIENvMB4XDTE2MTIyNTEzMjUzNloXDTI2MTIyNTEzMjUzNlowEjEQMA4G + * A1UECgwHQWNtZSBDbzCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQDdkFKzNABLOha7 + * Eqj7004+p5fhtR6bxpujToMmSZTYi8igVVXPWzf03ULKS5UKjA6WpR6EiZAhm+Pd + * xusZ5xfAuRZLdKy0bgxn1f348Rwh+EQNaEM80TGcnw5ijwKmSw5yyHPDWdiHzoqE + * BlhAf8Nl22YTXax/clsc/pu/RRLAdwIVAIEgQqWRf/1EIZZcgM65Qpd65YuxAoGB + * AKBauV/RuloFHoSy5iWXESDywiS380tN5974GukGwoYdZo5uSIH6ahpeNSef0MbH + * GAzr7ZVEnhCQfRAwH1gRvSHoq/Rbmcvtd3r+QtQHOwvQHgLAynhI4i73c794czHa + * R+439bmcaSwDnQduRM85Mho/jiiZzAVPxBmGPOIMWNXXA4GEAAKBgCOhKeSBO8p9 + * yc5FzvQerQt22wzPmc7riJ8GS27WfJYpuw7Kmm4OJNmGxOEfeQZ38J47MpfNJqvw + * 20DeZQBwb4w65AuiLaIwRiiN/oiK6hlBCXcb5eLpYxdD5kg+87yBvAX6HCjnpfhB + * x9GK8hMYlupK1dSltmUZia6khcOigo1do0UwQzAJBgNVHRMEAjAAMAsGA1UdDwQE + * AwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAUBgNVHREEDTALgglsb2NhbGhvc3Qw + * CwYJYIZIAWUDBAMCAy8AMCwCFClxInXTRWNJEWdi5ilNr/fbM1bKAhQy4B7wtmfd + * I+zV6g3w9qBkNqStpA== + * -----END CERTIFICATE----- + */ +static const char DSACertPEM[] = { + 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, + 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, + 0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x43, 0x71, 0x54, 0x43, 0x43, + 0x41, 0x6d, 0x65, 0x67, 0x41, 0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x4a, + 0x41, 0x49, 0x4c, 0x44, 0x47, 0x55, 0x6b, 0x33, 0x37, 0x66, 0x57, 0x47, + 0x4d, 0x41, 0x73, 0x47, 0x43, 0x57, 0x43, 0x47, 0x53, 0x41, 0x46, 0x6c, + 0x41, 0x77, 0x51, 0x44, 0x41, 0x6a, 0x41, 0x53, 0x4d, 0x52, 0x41, 0x77, + 0x44, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4b, 0x0a, 0x44, 0x41, 0x64, + 0x42, 0x59, 0x32, 0x31, 0x6c, 0x49, 0x45, 0x4e, 0x76, 0x4d, 0x42, 0x34, + 0x58, 0x44, 0x54, 0x45, 0x32, 0x4d, 0x54, 0x49, 0x79, 0x4e, 0x54, 0x45, + 0x7a, 0x4d, 0x6a, 0x55, 0x7a, 0x4e, 0x6c, 0x6f, 0x58, 0x44, 0x54, 0x49, + 0x32, 0x4d, 0x54, 0x49, 0x79, 0x4e, 0x54, 0x45, 0x7a, 0x4d, 0x6a, 0x55, + 0x7a, 0x4e, 0x6c, 0x6f, 0x77, 0x45, 0x6a, 0x45, 0x51, 0x4d, 0x41, 0x34, + 0x47, 0x0a, 0x41, 0x31, 0x55, 0x45, 0x43, 0x67, 0x77, 0x48, 0x51, 0x57, + 0x4e, 0x74, 0x5a, 0x53, 0x42, 0x44, 0x62, 0x7a, 0x43, 0x43, 0x41, 0x62, + 0x63, 0x77, 0x67, 0x67, 0x45, 0x73, 0x42, 0x67, 0x63, 0x71, 0x68, 0x6b, + 0x6a, 0x4f, 0x4f, 0x41, 0x51, 0x42, 0x4d, 0x49, 0x49, 0x42, 0x48, 0x77, + 0x4b, 0x42, 0x67, 0x51, 0x44, 0x64, 0x6b, 0x46, 0x4b, 0x7a, 0x4e, 0x41, + 0x42, 0x4c, 0x4f, 0x68, 0x61, 0x37, 0x0a, 0x45, 0x71, 0x6a, 0x37, 0x30, + 0x30, 0x34, 0x2b, 0x70, 0x35, 0x66, 0x68, 0x74, 0x52, 0x36, 0x62, 0x78, + 0x70, 0x75, 0x6a, 0x54, 0x6f, 0x4d, 0x6d, 0x53, 0x5a, 0x54, 0x59, 0x69, + 0x38, 0x69, 0x67, 0x56, 0x56, 0x58, 0x50, 0x57, 0x7a, 0x66, 0x30, 0x33, + 0x55, 0x4c, 0x4b, 0x53, 0x35, 0x55, 0x4b, 0x6a, 0x41, 0x36, 0x57, 0x70, + 0x52, 0x36, 0x45, 0x69, 0x5a, 0x41, 0x68, 0x6d, 0x2b, 0x50, 0x64, 0x0a, + 0x78, 0x75, 0x73, 0x5a, 0x35, 0x78, 0x66, 0x41, 0x75, 0x52, 0x5a, 0x4c, + 0x64, 0x4b, 0x79, 0x30, 0x62, 0x67, 0x78, 0x6e, 0x31, 0x66, 0x33, 0x34, + 0x38, 0x52, 0x77, 0x68, 0x2b, 0x45, 0x51, 0x4e, 0x61, 0x45, 0x4d, 0x38, + 0x30, 0x54, 0x47, 0x63, 0x6e, 0x77, 0x35, 0x69, 0x6a, 0x77, 0x4b, 0x6d, + 0x53, 0x77, 0x35, 0x79, 0x79, 0x48, 0x50, 0x44, 0x57, 0x64, 0x69, 0x48, + 0x7a, 0x6f, 0x71, 0x45, 0x0a, 0x42, 0x6c, 0x68, 0x41, 0x66, 0x38, 0x4e, + 0x6c, 0x32, 0x32, 0x59, 0x54, 0x58, 0x61, 0x78, 0x2f, 0x63, 0x6c, 0x73, + 0x63, 0x2f, 0x70, 0x75, 0x2f, 0x52, 0x52, 0x4c, 0x41, 0x64, 0x77, 0x49, + 0x56, 0x41, 0x49, 0x45, 0x67, 0x51, 0x71, 0x57, 0x52, 0x66, 0x2f, 0x31, + 0x45, 0x49, 0x5a, 0x5a, 0x63, 0x67, 0x4d, 0x36, 0x35, 0x51, 0x70, 0x64, + 0x36, 0x35, 0x59, 0x75, 0x78, 0x41, 0x6f, 0x47, 0x42, 0x0a, 0x41, 0x4b, + 0x42, 0x61, 0x75, 0x56, 0x2f, 0x52, 0x75, 0x6c, 0x6f, 0x46, 0x48, 0x6f, + 0x53, 0x79, 0x35, 0x69, 0x57, 0x58, 0x45, 0x53, 0x44, 0x79, 0x77, 0x69, + 0x53, 0x33, 0x38, 0x30, 0x74, 0x4e, 0x35, 0x39, 0x37, 0x34, 0x47, 0x75, + 0x6b, 0x47, 0x77, 0x6f, 0x59, 0x64, 0x5a, 0x6f, 0x35, 0x75, 0x53, 0x49, + 0x48, 0x36, 0x61, 0x68, 0x70, 0x65, 0x4e, 0x53, 0x65, 0x66, 0x30, 0x4d, + 0x62, 0x48, 0x0a, 0x47, 0x41, 0x7a, 0x72, 0x37, 0x5a, 0x56, 0x45, 0x6e, + 0x68, 0x43, 0x51, 0x66, 0x52, 0x41, 0x77, 0x48, 0x31, 0x67, 0x52, 0x76, + 0x53, 0x48, 0x6f, 0x71, 0x2f, 0x52, 0x62, 0x6d, 0x63, 0x76, 0x74, 0x64, + 0x33, 0x72, 0x2b, 0x51, 0x74, 0x51, 0x48, 0x4f, 0x77, 0x76, 0x51, 0x48, + 0x67, 0x4c, 0x41, 0x79, 0x6e, 0x68, 0x49, 0x34, 0x69, 0x37, 0x33, 0x63, + 0x37, 0x39, 0x34, 0x63, 0x7a, 0x48, 0x61, 0x0a, 0x52, 0x2b, 0x34, 0x33, + 0x39, 0x62, 0x6d, 0x63, 0x61, 0x53, 0x77, 0x44, 0x6e, 0x51, 0x64, 0x75, + 0x52, 0x4d, 0x38, 0x35, 0x4d, 0x68, 0x6f, 0x2f, 0x6a, 0x69, 0x69, 0x5a, + 0x7a, 0x41, 0x56, 0x50, 0x78, 0x42, 0x6d, 0x47, 0x50, 0x4f, 0x49, 0x4d, + 0x57, 0x4e, 0x58, 0x58, 0x41, 0x34, 0x47, 0x45, 0x41, 0x41, 0x4b, 0x42, + 0x67, 0x43, 0x4f, 0x68, 0x4b, 0x65, 0x53, 0x42, 0x4f, 0x38, 0x70, 0x39, + 0x0a, 0x79, 0x63, 0x35, 0x46, 0x7a, 0x76, 0x51, 0x65, 0x72, 0x51, 0x74, + 0x32, 0x32, 0x77, 0x7a, 0x50, 0x6d, 0x63, 0x37, 0x72, 0x69, 0x4a, 0x38, + 0x47, 0x53, 0x32, 0x37, 0x57, 0x66, 0x4a, 0x59, 0x70, 0x75, 0x77, 0x37, + 0x4b, 0x6d, 0x6d, 0x34, 0x4f, 0x4a, 0x4e, 0x6d, 0x47, 0x78, 0x4f, 0x45, + 0x66, 0x65, 0x51, 0x5a, 0x33, 0x38, 0x4a, 0x34, 0x37, 0x4d, 0x70, 0x66, + 0x4e, 0x4a, 0x71, 0x76, 0x77, 0x0a, 0x32, 0x30, 0x44, 0x65, 0x5a, 0x51, + 0x42, 0x77, 0x62, 0x34, 0x77, 0x36, 0x35, 0x41, 0x75, 0x69, 0x4c, 0x61, + 0x49, 0x77, 0x52, 0x69, 0x69, 0x4e, 0x2f, 0x6f, 0x69, 0x4b, 0x36, 0x68, + 0x6c, 0x42, 0x43, 0x58, 0x63, 0x62, 0x35, 0x65, 0x4c, 0x70, 0x59, 0x78, + 0x64, 0x44, 0x35, 0x6b, 0x67, 0x2b, 0x38, 0x37, 0x79, 0x42, 0x76, 0x41, + 0x58, 0x36, 0x48, 0x43, 0x6a, 0x6e, 0x70, 0x66, 0x68, 0x42, 0x0a, 0x78, + 0x39, 0x47, 0x4b, 0x38, 0x68, 0x4d, 0x59, 0x6c, 0x75, 0x70, 0x4b, 0x31, + 0x64, 0x53, 0x6c, 0x74, 0x6d, 0x55, 0x5a, 0x69, 0x61, 0x36, 0x6b, 0x68, + 0x63, 0x4f, 0x69, 0x67, 0x6f, 0x31, 0x64, 0x6f, 0x30, 0x55, 0x77, 0x51, + 0x7a, 0x41, 0x4a, 0x42, 0x67, 0x4e, 0x56, 0x48, 0x52, 0x4d, 0x45, 0x41, + 0x6a, 0x41, 0x41, 0x4d, 0x41, 0x73, 0x47, 0x41, 0x31, 0x55, 0x64, 0x44, + 0x77, 0x51, 0x45, 0x0a, 0x41, 0x77, 0x49, 0x46, 0x6f, 0x44, 0x41, 0x54, + 0x42, 0x67, 0x4e, 0x56, 0x48, 0x53, 0x55, 0x45, 0x44, 0x44, 0x41, 0x4b, + 0x42, 0x67, 0x67, 0x72, 0x42, 0x67, 0x45, 0x46, 0x42, 0x51, 0x63, 0x44, + 0x41, 0x54, 0x41, 0x55, 0x42, 0x67, 0x4e, 0x56, 0x48, 0x52, 0x45, 0x45, + 0x44, 0x54, 0x41, 0x4c, 0x67, 0x67, 0x6c, 0x73, 0x62, 0x32, 0x4e, 0x68, + 0x62, 0x47, 0x68, 0x76, 0x63, 0x33, 0x51, 0x77, 0x0a, 0x43, 0x77, 0x59, + 0x4a, 0x59, 0x49, 0x5a, 0x49, 0x41, 0x57, 0x55, 0x44, 0x42, 0x41, 0x4d, + 0x43, 0x41, 0x79, 0x38, 0x41, 0x4d, 0x43, 0x77, 0x43, 0x46, 0x43, 0x6c, + 0x78, 0x49, 0x6e, 0x58, 0x54, 0x52, 0x57, 0x4e, 0x4a, 0x45, 0x57, 0x64, + 0x69, 0x35, 0x69, 0x6c, 0x4e, 0x72, 0x2f, 0x66, 0x62, 0x4d, 0x31, 0x62, + 0x4b, 0x41, 0x68, 0x51, 0x79, 0x34, 0x42, 0x37, 0x77, 0x74, 0x6d, 0x66, + 0x64, 0x0a, 0x49, 0x2b, 0x7a, 0x56, 0x36, 0x67, 0x33, 0x77, 0x39, 0x71, + 0x42, 0x6b, 0x4e, 0x71, 0x53, 0x74, 0x70, 0x41, 0x3d, 0x3d, 0x0a, 0x2d, + 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, + 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, + 0x0a +}; +#endif + +/* unused, to avoid warning. */ +static int idx; + +#define FUZZTIME 1485898104 + +#define TIME_IMPL(t) { if (t != NULL) *t = FUZZTIME; return FUZZTIME; } + +/* + * This might not work in all cases (and definitely not on Windows + * because of the way linkers are) and callees can still get the + * current time instead of the fixed time. This will just result + * in things not being fully reproducible and have a slightly + * different coverage. + */ +#if !defined(_WIN32) +time_t time(time_t *t) TIME_IMPL(t) +#endif + +int FuzzerInitialize(int *argc, char ***argv) +{ + STACK_OF(SSL_COMP) *comp_methods; + + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ASYNC, NULL); + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); + idx = SSL_get_ex_data_X509_STORE_CTX_idx(); + FuzzerSetRand(); + comp_methods = SSL_COMP_get_compression_methods(); + if (comp_methods != NULL) + sk_SSL_COMP_sort(comp_methods); + + return 1; +} + +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ + SSL *server; + BIO *in; + BIO *out; +#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) + BIO *bio_buf; +#endif + SSL_CTX *ctx; + int ret; RSA *privkey; + const uint8_t *bufp; EVP_PKEY *pkey; - int ret; X509 *cert; +#ifndef OPENSSL_NO_EC + EC_KEY *ecdsakey = NULL; +#endif +#ifndef OPENSSL_NO_DSA + DSA *dsakey = NULL; +#endif + uint8_t opt; + + if (len < 2) + return 0; + + /* + * TODO: use the ossltest engine (optionally?) to disable crypto checks. + */ + /* This only fuzzes the initial flow from the client so far. */ ctx = SSL_CTX_new(SSLv23_method()); + + ret = SSL_CTX_set_min_proto_version(ctx, 0); + OPENSSL_assert(ret == 1); + ret = SSL_CTX_set_cipher_list(ctx, "ALL:eNULL:@SECLEVEL=0"); + OPENSSL_assert(ret == 1); + + /* RSA */ + bufp = kRSAPrivateKeyDER; privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER)); OPENSSL_assert(privkey != NULL); pkey = EVP_PKEY_new(); @@ -206,6 +548,7 @@ int FuzzerInitialize(int *argc, char ***argv) { ret = SSL_CTX_use_PrivateKey(ctx, pkey); OPENSSL_assert(ret == 1); EVP_PKEY_free(pkey); + bufp = kCertificateDER; cert = d2i_X509(NULL, &bufp, sizeof(kCertificateDER)); OPENSSL_assert(cert != NULL); @@ -213,29 +556,79 @@ int FuzzerInitialize(int *argc, char ***argv) { OPENSSL_assert(ret == 1); X509_free(cert); - return 1; -} +#ifndef OPENSSL_NO_EC + /* ECDSA */ + bio_buf = BIO_new(BIO_s_mem()); + OPENSSL_assert((size_t)BIO_write(bio_buf, ECDSAPrivateKeyPEM, sizeof(ECDSAPrivateKeyPEM)) == sizeof(ECDSAPrivateKeyPEM)); + ecdsakey = PEM_read_bio_ECPrivateKey(bio_buf, NULL, NULL, NULL); + ERR_print_errors_fp(stderr); + OPENSSL_assert(ecdsakey != NULL); + BIO_free(bio_buf); + pkey = EVP_PKEY_new(); + EVP_PKEY_assign_EC_KEY(pkey, ecdsakey); + ret = SSL_CTX_use_PrivateKey(ctx, pkey); + OPENSSL_assert(ret == 1); + EVP_PKEY_free(pkey); -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { - SSL *server; - BIO *in; - BIO *out; - if (!len) { - return 0; - } - /* TODO: make this work for OpenSSL. There's a PREDICT define that may do - * the job. - * TODO: use the ossltest engine (optionally?) to disable crypto checks. - * RAND_reset_for_fuzzing(); - */ + bio_buf = BIO_new(BIO_s_mem()); + OPENSSL_assert((size_t)BIO_write(bio_buf, ECDSACertPEM, sizeof(ECDSACertPEM)) == sizeof(ECDSACertPEM)); + cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL); + OPENSSL_assert(cert != NULL); + BIO_free(bio_buf); + ret = SSL_CTX_use_certificate(ctx, cert); + OPENSSL_assert(ret == 1); + X509_free(cert); +#endif + +#ifndef OPENSSL_NO_DSA + /* DSA */ + bio_buf = BIO_new(BIO_s_mem()); + OPENSSL_assert((size_t)BIO_write(bio_buf, DSAPrivateKeyPEM, sizeof(DSAPrivateKeyPEM)) == sizeof(DSAPrivateKeyPEM)); + dsakey = PEM_read_bio_DSAPrivateKey(bio_buf, NULL, NULL, NULL); + ERR_print_errors_fp(stderr); + OPENSSL_assert(dsakey != NULL); + BIO_free(bio_buf); + pkey = EVP_PKEY_new(); + EVP_PKEY_assign_DSA(pkey, dsakey); + ret = SSL_CTX_use_PrivateKey(ctx, pkey); + OPENSSL_assert(ret == 1); + EVP_PKEY_free(pkey); + + bio_buf = BIO_new(BIO_s_mem()); + OPENSSL_assert((size_t)BIO_write(bio_buf, DSACertPEM, sizeof(DSACertPEM)) == sizeof(DSACertPEM)); + cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL); + OPENSSL_assert(cert != NULL); + BIO_free(bio_buf); + ret = SSL_CTX_use_certificate(ctx, cert); + OPENSSL_assert(ret == 1); + X509_free(cert); +#endif + + /* TODO: Set up support for SRP and PSK */ - /* This only fuzzes the initial flow from the client so far. */ server = SSL_new(ctx); in = BIO_new(BIO_s_mem()); out = BIO_new(BIO_s_mem()); SSL_set_bio(server, in, out); SSL_set_accept_state(server); + + opt = (uint8_t)buf[len-1]; + len--; + OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); + + if ((opt & 0x01) != 0) + { + do { + char early_buf[16384]; + size_t early_len; + ret = SSL_read_early_data(server, early_buf, sizeof(early_buf), &early_len); + + if (ret != SSL_READ_EARLY_DATA_SUCCESS) + break; + } while (1); + } + if (SSL_do_handshake(server) == 1) { /* Keep reading application data until error or EOF. */ uint8_t tmp[1024]; @@ -246,5 +639,12 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { } } SSL_free(server); + ERR_clear_error(); + SSL_CTX_free(ctx); + return 0; } + +void FuzzerCleanup(void) +{ +} diff --git a/deps/openssl/openssl/fuzz/test-corpus.c b/deps/openssl/openssl/fuzz/test-corpus.c index 628e633536..86be5337e1 100644 --- a/deps/openssl/openssl/fuzz/test-corpus.c +++ b/deps/openssl/openssl/fuzz/test-corpus.c @@ -97,5 +97,8 @@ int main(int argc, char **argv) { free(pathname); } + + FuzzerCleanup(); + return 0; } diff --git a/deps/openssl/openssl/fuzz/x509.c b/deps/openssl/openssl/fuzz/x509.c index b2851f1e11..926287da48 100644 --- a/deps/openssl/openssl/fuzz/x509.c +++ b/deps/openssl/openssl/fuzz/x509.c @@ -10,13 +10,23 @@ #include <openssl/x509.h> #include <openssl/bio.h> +#include <openssl/err.h> +#include <openssl/rand.h> #include "fuzzer.h" -int FuzzerInitialize(int *argc, char ***argv) { +#include "rand.inc" + +int FuzzerInitialize(int *argc, char ***argv) +{ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + ERR_get_state(); + CRYPTO_free_ex_index(0, -1); + FuzzerSetRand(); return 1; } -int FuzzerTestOneInput(const uint8_t *buf, size_t len) { +int FuzzerTestOneInput(const uint8_t *buf, size_t len) +{ const unsigned char *p = buf; unsigned char *der = NULL; @@ -32,5 +42,10 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) { X509_free(x509); } + ERR_clear_error(); return 0; } + +void FuzzerCleanup(void) +{ +} |