Run cryptofuzz against the PSA API #8200

gilles-peskine-arm · 2023-09-13T12:14:11Z

This is an epic-level task. The overall goal is to integrate the PSA crypto API into cryptofuzz and arrange for OSS-Fuzz to run that.

Familiarization
Add a modifier to the cryptofuzz backend for mbedtls, so that it will either dispatch to the legacy API or to PSA. See guidance from the author of cryptofuzz.
Implement at least one algorithm in cryptofuzz with PSA (hashes are likely the best candidate).
Ensure that the way OSS-Fuzz runs cryptofuzz does pick up the PSA code paths (I'm not sure if there's any change to do there).
Continue adding PSA code paths until the whole API is covered (insofar as it's within the scope of Cryptofuzz).

Guido (author of Cryptofuzz) can help with the Cryptofuzz integration:

once you submit a rough draft I can take it from there.

gilles-peskine-arm added enhancement component-crypto Crypto primitives and low-level interfaces size-l Estimated task size: large (2w+) labels Sep 13, 2023

gilles-peskine-arm mentioned this issue Apr 29, 2024

Bignum and ECC API evolution: study fuzzers #9070

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Run cryptofuzz against the PSA API #8200

Run cryptofuzz against the PSA API #8200

gilles-peskine-arm commented Sep 13, 2023

Run cryptofuzz against the PSA API #8200

Run cryptofuzz against the PSA API #8200

Comments

gilles-peskine-arm commented Sep 13, 2023