Guido Vranken

Some time ago I appropriated @dvyukov 's Go instrumentation for usage with libFuzzer for my own needs: https://github.com/guidovranken/libfuzzer-go I now have an oss-fuzz branch ready to be merged. It uses...

I've implemented it partially. Use https://github.com/guidovranken/bignum-fuzzer/blob/uint256/build_and_run.sh

Thank you for trying my project leepeter2019. I've confirmed that it doesn't work with those commits. When you look here: https://oss-fuzz.com/testcase-detail/5738113498611712 the revision ranges for Cryptofuzz is: 5b42807c259ed836004066faafd8b18a9e978d96 - 8aa5576b934f3430149d337254b2bcc1889418d9...

Hello @noloader, Crypto++ fuzzing has been operational (as a part of my crypto fuzzing framework) on OSS-Fuzz for a few days. Crypto++ is one of the most stable/secure projects I've...

``` Operation: operation name: SymmetricEncrypt cleartext: {0x6e, 0x28, 0x0a, 0x67, 0x65, 0x00, 0xe8, 0x03, 0x00, 0x00, 0x00, 0x00, 0xff, 0xde, 0x00, 0x00} (16 bytes) cipher iv: {0x00, 0x7f, 0x00, 0x42,...

Thanks for pinging me @paulmillr ! @mratsim My [project](https://github.com/guidovranken/cryptofuzz) supports a wide range of operations including pairing cryptography and bignum operations and it has found hundreds of bugs in major...

Thanks for the suggestion @randombit , I actually tried that ([and found a vuln](https://github.com/ARMmbed/mbedtls/commit/ca17ebfbc02b57e2bcb42efe64a5f2002c756ea8)) but unlike cryptographic primitives, whose expected output is almost always very clearly prescribed and therefore universal,...

> Also it is probably not a coincidence that the effected curves all have an order of unusual size (161 bits for the `secp160r{1,2}`, 225 for `secp224k1`, and 239 for...

Hi @hrantzsch, I maintain [Cryptofuzz](https://github.com/guidovranken/cryptofuzz) which uses differential fuzzing to find memory and correctness bugs in cryptographic libraries. This has proven to be a very effective approach, you can see...

I will provide more information tomorrow.