Cryptofuzz - Differential cryptography fuzzing
Documentation
Documentation on how to implement modules and use Cryptofuzz will follow.
Hall of Fame
- OpenSSL: ARIA GCM ciphers memory leak after EVP_CTRL_AEAD_SET_IVLEN
- OpenSSL: HMAC with SHAKE128 via EVP interface crashes on EVP_DigestSignUpdate
- OpenSSL: BLAKE2b_Update can pass NULL to memcpy (undefined behavior)
- LibreSSL: EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1 decrypt OOB read/crash/invalid result
- OpenSSL: CHACHA20_POLY1305 different results for chunked/non-chunked updating
- OpenSSL: OpenSSL 1.0.2: BIO_read + *_WRAP ciphers copy to uninitialized pointer
- BoringSSL: AEAD AES GCM SIV NULL pointer dereference/OOB read
- LibreSSL: BIO_read can report more bytes written than buffer can hold
- LibreSSL: Use-after-free/bad free after EVP_CIPHER_CTX_copy
- BoringSSL: Use-after-free/bad free after EVP_CIPHER_CTX_copy
- LibreSSL: GOST HMAC uses and outputs uninitialized memory
- OpenSSL: Overlong tag buffer leaves memory uninitialized in CCM mode
- OpenSSL: Buffer write overflow when passing large RC5 key
- OpenSSL: Hang after particular sequence of operations
- LibreSSL: Overlong tag buffer leaves memory uninitialized in CCM mode
- LibreSSL: AES GCM context copy crash
- LibreSSL: Streebog wrong output
- OpenSSL: EVP_EncryptUpdate, EVP_EncryptFinal_ex branching on uninitialized memory
- libgcrypt: Invalid output of MD4, MD5, RIPEMD160
- OpenSSL: RC5 signed integer overflow, TBA
- LibreSSL: AES CCM context copy crash
- LibreSSL: DES EDE3 CFB1 leaves output uninitialized
- Crypto++: Scrypt crash with blocksize 0
- EverCrypt: Illegal instruction exception on non-AVX CPUs
- OpenSSL: OpenSSL 1.0.2: RC4 OOB read
- OpenSSL: OpenSSL 1.0.2: Branch on uninitialized memory in EVP_CIPHER_CTX_copy