Bignum and ECC API evolution: study fuzzers #9070

gilles-peskine-arm · 2024-04-29T18:35:49Z

OSS-Fuzz runs three differential fuzzers that access low-level APIs in Mbed TLS:

cryptofuzz: high level APIs (we're in the process of adding PSA), many bignum functions, some ECC functions.
bignum-fuzzer: many bignum functions. I'm not sure if it's still relevant as cryptofuzz (by the same maintainer) is meant to eventually replace bignum-fuzzer.
ecc-diff-fuzzer: ECC functions. I'm not sure if it's still relevant as cryptofuzz (by a diffferent maintainer) is has similar functionality.

We are likely to remove bignum and ECC APIs from the public interface in Mbed TLS 4.0 and TF-PSA-Crypto 1.0. The goal of this issue is to design how we will fuzz bignum and ECC. Definition of done: there is a documented design (in a document or on GitHub) and issues to implement that design have been filed and scheduled.

Plausible solution: we edit the build scripts in OSS-Fuzz to access internal headers, and we build the fuzzer(s) in our CI to ensure that we preserve the APIs that they use.

gilles-peskine-arm added component-crypto Crypto primitives and low-level interfaces size-s Estimated task size: small (~2d) labels Apr 29, 2024

gilles-peskine-arm mentioned this issue Apr 29, 2024

Migrate OSS-Fuzz back to development #9071

Open

gilles-peskine-arm added this to Mbed TLS 4.0 MUST in Backlog for Mbed TLS Apr 29, 2024

This was referenced Apr 29, 2024

Make bignum non-public #8155

Open

Make legacy crypto APIs internal #8663

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bignum and ECC API evolution: study fuzzers #9070

Bignum and ECC API evolution: study fuzzers #9070

gilles-peskine-arm commented Apr 29, 2024 •

edited

Bignum and ECC API evolution: study fuzzers #9070

Bignum and ECC API evolution: study fuzzers #9070

Comments

gilles-peskine-arm commented Apr 29, 2024 • edited

gilles-peskine-arm commented Apr 29, 2024 •

edited