-
Notifications
You must be signed in to change notification settings - Fork 143
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
go-fuzz for CIRCL #4
Comments
Very interesting. I can start playing with this a little. |
oh, while I'm here. I was recently informed by the author via linkedin that this exists and uses CIRCL thought you may want to know |
Oh, wow, interesting @henrydcase .. check it out @bwesterb : https://github.com/kuking/go-pqsw |
Hey @henrydcase @claucece , I'm the maintainer of Cryptofuzz. I'm still improving it every day. It now supports elliptic curve operations and has been effective at finding EC bugs (see full bug list here ). PQ crypto not yet but I'm planning on implementing that. Have you gotten around to work with Cryptofuzz to test circl? Feel free to reach out to me at guido@guidovranken.com to discuss these plans in depth. |
Fuzzing is something we want to include in CIRCL, we are open for discussion. |
I now have a circl module for Cryptofuzz https://github.com/guidovranken/cryptofuzz/tree/master/modules/circl I can install it on OSS-Fuzz if you want @armfazh ? |
Thanks for writing the module.
What does this implies and what it is required to be included? (sorry, not so familiar with the internals of the project). |
Basically:
More information: https://google.github.io/oss-fuzz/ |
@guidovranken can you please clarify who the "participants" are here? |
People who receive the bug reports, typically the maintainers of the software being fuzzed, in this case the circl maintainers. |
@guidovranken just reached at this address https://guidovranken.com/contact/, please confirm you have received my email. |
Yes I did, thanks, I will reply in a minute. |
Tracking integration at: google/oss-fuzz#7262 |
* - adds META.yml files - adds new api: crypto_sign_signature and crypto_sign_verify - adds namespacing - converts CRLF to LF - fixes for big-endian - changes types from 'unsigned long long' to size_t - fixes for strict compilers - ensures newlines at end of files - remove PQM4 defines from api, using size_t
We should use both:
Obviously it can't be part of the CI as it will disturb development process. os-fuzz is much better place
The text was updated successfully, but these errors were encountered: