You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OSS-Fuzz runs three differential fuzzers that access low-level APIs in Mbed TLS:
cryptofuzz: high level APIs (we're in the process of adding PSA), many bignum functions, some ECC functions.
bignum-fuzzer: many bignum functions. I'm not sure if it's still relevant as cryptofuzz (by the same maintainer) is meant to eventually replace bignum-fuzzer.
ecc-diff-fuzzer: ECC functions. I'm not sure if it's still relevant as cryptofuzz (by a diffferent maintainer) is has similar functionality.
We are likely to remove bignum and ECC APIs from the public interface in Mbed TLS 4.0 and TF-PSA-Crypto 1.0. The goal of this issue is to design how we will fuzz bignum and ECC. Definition of done: there is a documented design (in a document or on GitHub) and issues to implement that design have been filed and scheduled.
Plausible solution: we edit the build scripts in OSS-Fuzz to access internal headers, and we build the fuzzer(s) in our CI to ensure that we preserve the APIs that they use.
The text was updated successfully, but these errors were encountered:
OSS-Fuzz runs three differential fuzzers that access low-level APIs in Mbed TLS:
We are likely to remove bignum and ECC APIs from the public interface in Mbed TLS 4.0 and TF-PSA-Crypto 1.0. The goal of this issue is to design how we will fuzz bignum and ECC. Definition of done: there is a documented design (in a document or on GitHub) and issues to implement that design have been filed and scheduled.
Plausible solution: we edit the build scripts in OSS-Fuzz to access internal headers, and we build the fuzzer(s) in our CI to ensure that we preserve the APIs that they use.
The text was updated successfully, but these errors were encountered: