1# Fuzzing OpenSSL # 2 3**Requirements** 4 5 * honggfuzz 6 * clang-4.0, or newer (5.0/6.0 work as well) 7 * openssl 1.1.0 (or, the master branch from git) 8 * libressl/boringssl/openssl-1.0.2 work as well, though they might require specific building instructions 9 10**Preparation (for OpenSSL 1.1.0/master)** 11 121. Compile honggfuzz 132. Unpack/Clone OpenSSL 14 15```shell 16$ git clone --depth=1 https://github.com/openssl/openssl.git 17$ mv openssl openssl-master 18``` 19 203. Use ```compile_hfuzz_openssl_master.sh``` to configure OpenSSL 21 22```shell 23$ cd openssl-master 24$ /home/jagger/src/honggfuzz/examples/openssl/compile_hfuzz_openssl_master.sh [enable-asan|enable-msan|enable-ubsan] 25``` 26 274. Compile OpenSSL 28 29```shell 30$ make 31``` 32 335. Prepare fuzzing binaries 34 35The _make.sh_ script will compile honggfuzz and libFuzzer binaries. Syntax: 36 37```shell 38make.sh <directory-with-open/libre/boring-ssl> [address|memory|undefined] 39``` 40 41```shell 42$ cd .. 43$ /home/jagger/src/honggfuzz/examples/openssl/make.sh openssl-master address 44``` 45 46**Fuzzing** 47 48```shell 49$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_server/ -P -- ./openssl-master.address.server 50$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_client/ -P -- ./openssl-master.address.client 51$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_x509/ -P -- ./openssl-master.address.x509 52$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_privkey/ -P -- ./openssl-master.address.privkey 53``` 54