High level conclusions

Fuzzers reach 73.27% of cyclomatic complexity.

Fuzzers reach 67.49% of all functions.

Fuzzer usepsa-fuzz_server is blocked:

The runtime code coverage of usepsa-fuzz_server covers 4.747% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_dtlsclient is blocked:

The runtime code coverage of usepsa-fuzz_dtlsclient covers 11.46% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_x509crt is blocked:

The runtime code coverage of usepsa-fuzz_x509crt covers 16.30% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_client is blocked:

The runtime code coverage of fuzz_client covers 20.72% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_dtlsserver is blocked:

The runtime code coverage of usepsa-fuzz_dtlsserver covers 4.784% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_pkcs7 is blocked:

The runtime code coverage of usepsa-fuzz_pkcs7 covers 26.31% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_client is blocked:

The runtime code coverage of usepsa-fuzz_client covers 11.45% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_dtlsserver is blocked:

The runtime code coverage of fuzz_dtlsserver covers 21.86% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_pkcs7 is blocked:

The runtime code coverage of fuzz_pkcs7 covers 26.19% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_x509csr is blocked:

The runtime code coverage of usepsa-fuzz_x509csr covers 17.39% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_pubkey is blocked:

The runtime code coverage of usepsa-fuzz_pubkey covers 18.68% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_x509crl is blocked:

The runtime code coverage of usepsa-fuzz_x509crl covers 28.29% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer usepsa-fuzz_privkey is blocked:

The runtime code coverage of usepsa-fuzz_privkey covers 10.76% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Reachability and coverage overview

Functions statically reachable by fuzzers

1732 / 2566

Cyclomatic complexity statically reachable by fuzzers

12965 / 17694

Runtime code coverage of functions

951 / 2566

The following table shows data about each function in the project. The functions included in this table correspond to all functions that exist in the executables of the fuzzers. As such, there may be functions that are from third-party libraries.

For further technical details on the meaning of columns in the below table, please see the Glossary .

Func name	Functions filename	Args	Function call depth	Reached by Fuzzers	Fuzzers runtime hit	Func lines hit %	I Count	BB Count	Cyclomatic complexity	Functions reached	Reached by functions	Accumulated cyclomatic complexity	Undiscovered complexity

Fuzzer: usepsa-fuzz_privkey

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	1929	94.9%
gold	[1:9]	0	0.0%
yellow	[10:29]	83	4.08%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	19	0.93%
All colors	2031	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 00078	/src/mbedtls/library/entropy.c:389
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 00049	/src/mbedtls/library/ctr_drbg.c:469
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 00077	/src/mbedtls/library/entropy.c:308
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	15	mbedtls_md_free	call site: 00205	/src/mbedtls/library/md.c:325
6	11	3 : View List ['mbedtls_platform_zeroize', 'fread', 'fclose']	6	11	mbedtls_platform_std_nv_seed_read	call site: 00000	/src/mbedtls/library/platform.c:298
0	630	1 : View List ['mbedtls_psa_crypto_init_subsystem']	0	696	psa_crypto_init	call site: 00273	/src/mbedtls/library/psa_crypto.c:8472
0	35	2 : View List ['mbedtls_calloc', 'mbedtls_md_free']	0	35	mbedtls_md_setup	call site: 00194	/src/mbedtls/library/md.c:497
0	0	None	34	42	psa_wipe_all_key_slots	call site: 00278	/src/mbedtls/library/psa_crypto_slot_management.c:475
0	0	None	32	32	psa_init_all_se_drivers	call site: 00021	/src/mbedtls/library/psa_crypto_se.c:264
0	0	None	0	113	mbedtls_ctr_drbg_seed	call site: 00040	/src/mbedtls/library/ctr_drbg.c:562
0	0	None	0	72	mbedtls_psa_crypto_free	call site: 00275	/src/mbedtls/library/psa_crypto.c:8251
0	0	None	0	66	psa_crypto_init	call site: 00019	/src/mbedtls/library/psa_crypto.c:8462

Runtime coverage analysis

Covered functions

70

Functions that are reachable but not covered

522

Reachable functions

585

Percentage of reachable functions covered

10.77%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_privkey.c	1
library/ctr_drbg.c	10
library/aes.c	9
library/entropy.c	8
library/md.c	13
library/entropy_poll.c	3
library/pk.c	5
library/psa_crypto.c	48
build-usepsa/library/psa_crypto_driver_wrappers.h	10
library/psa_crypto_se.c	9
library/psa_its_file.c	6
library/psa_crypto_slot_management.c	22
library/platform.c	2
library/psa_crypto_random_impl.h	3
library/aesni.c	8
library/platform_util.c	2
library/ctr.h	1
library/md5.c	7
library/ripemd160.c	7
library/sha1.c	7
library/sha256.c	8
library/sha512.c	9
library/sha3.c	7
library/psa_crypto_storage.c	15
programs/fuzz/common.c	2
library/pkparse.c	13
library/pem.c	9
library/base64.c	2
library/constant_time_impl.h	14
include/mbedtls/error.h	1
library/des.c	12
include/mbedtls/pk.h	2
library/rsa.c	15
library/bignum.c	42
library/asn1parse.c	8
library/bignum_core.c	36
library/rsa_alt_helpers.c	3
library/constant_time.c	1
library/oid.c	12
library/ecp.c	60
include/mbedtls/ecp.h	1
library/ecp_curves.c	6
library/pk_ecc.c	4
library/pk_internal.h	2
library/psa_util.c	5
include/psa/crypto_struct.h	10
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
library/psa_crypto_storage.h	1
library/psa_crypto_ffdh.c	3
library/psa_crypto_ecp.c	5
library/psa_crypto_rsa.c	5
library/asn1write.c	6
include/psa/crypto_values.h	2
include/psa/crypto_extra.h	1
framework/tests/src/drivers/platform_builtin_keys.c	1
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c	3
library/pkcs12.c	6
library/cipher.c	14
include/mbedtls/cipher.h	5
include/mbedtls/md.h	1
library/psa_crypto_cipher.c	11
library/chacha20.c	5
library/gcm.c	6
library/ccm.c	5
library/chachapoly.c	2
library/poly1305.c	3
library/pkcs5.c	4

Fuzzer: fuzz_pubkey

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	355	41.2%
gold	[1:9]	23	2.67%
yellow	[10:29]	33	3.83%
greenyellow	[30:49]	9	1.04%
lawngreen	50+	440	51.1%
All colors	860	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1524	1524	4 : View List ['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']	1524	1544	mbedtls_pem_read_buffer	call site: 00036	/src/mbedtls/library/pem.c:430
389	389	1 : View List ['mbedtls_rsa_deduce_primes']	389	434	mbedtls_rsa_complete	call site: 00282	/src/mbedtls/library/rsa.c:782
65	65	1 : View List ['mbedtls_mpi_core_exp_mod_unsafe']	76	198	mbedtls_mpi_exp_mod_optionally_safe	call site: 00408	/src/mbedtls/library/bignum.c:1703
0	206	1 : View List ['mbedtls_mpi_mod_mpi']	76	511	mbedtls_mpi_exp_mod_optionally_safe	call site: 00404	/src/mbedtls/library/bignum.c:1692
0	72	2 : View List ['mbedtls_mpi_mul_mpi', 'mbedtls_mpi_size']	692	809	mbedtls_rsa_complete	call site: 00267	/src/mbedtls/library/rsa.c:769
0	27	1 : View List ['mbedtls_mpi_copy']	0	105	mbedtls_mpi_mul_mpi	call site: 00271	/src/mbedtls/library/bignum.c:1206
0	23	1 : View List ['mbedtls_mpi_lset']	0	111	mbedtls_mpi_div_mpi	call site: 00356	/src/mbedtls/library/bignum.c:1419
0	23	1 : View List ['mbedtls_mpi_lset']	0	23	mbedtls_mpi_exp_mod_optionally_safe	call site: 00341	/src/mbedtls/library/bignum.c:1640
0	18	1 : View List ['mbedtls_mpi_grow']	0	18	mbedtls_mpi_shrink	call site: 00398	/src/mbedtls/library/bignum.c:250
0	6	1 : View List ['mbedtls_mpi_core_bitlen']	0	6	exp_mod_calc_first_bit_optionally_safe	call site: 00418	/src/mbedtls/library/bignum_core.c:767
0	0	None	282	282	mbedtls_rsa_export_crt	call site: 00828	/src/mbedtls/library/rsa.c:929
0	0	None	76	572	mbedtls_mpi_exp_mod_optionally_safe	call site: 00346	/src/mbedtls/library/bignum.c:1660

Runtime coverage analysis

Covered functions

175

Functions that are reachable but not covered

96

Reachable functions

245

Percentage of reachable functions covered

60.82%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_pubkey.c	1
library/pk.c	5
library/pkparse.c	8
library/pem.c	9
library/base64.c	2
library/constant_time_impl.h	8
include/mbedtls/error.h	1
library/platform.c	2
library/platform_util.c	2
library/des.c	12
library/md.c	7
library/md5.c	6
library/ripemd160.c	6
library/sha1.c	6
library/sha256.c	7
library/sha512.c	8
library/sha3.c	6
library/aes.c	9
library/aesni.c	7
include/mbedtls/pk.h	2
library/rsa.c	7
library/asn1parse.c	7
library/bignum.c	37
library/bignum_core.c	29
library/rsa_alt_helpers.c	3
library/constant_time.c	1
library/oid.c	6
library/pk_ecc.c	2
library/pk_internal.h	2
library/ecp_curves.c	6
library/ecp.c	25
include/mbedtls/ecp.h	1

Fuzzer: usepsa-fuzz_x509crl

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	486	84.3%
gold	[1:9]	86	14.9%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	1	0.17%
lawngreen	50+	3	0.52%
All colors	576	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 00064	/src/mbedtls/library/entropy.c:389
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 00035	/src/mbedtls/library/ctr_drbg.c:469
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 00063	/src/mbedtls/library/entropy.c:308
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	15	mbedtls_md_free	call site: 00191	/src/mbedtls/library/md.c:325
6	11	3 : View List ['mbedtls_platform_zeroize', 'fread', 'fclose']	6	11	mbedtls_platform_std_nv_seed_read	call site: 00000	/src/mbedtls/library/platform.c:298
0	630	1 : View List ['mbedtls_psa_crypto_init_subsystem']	0	696	psa_crypto_init	call site: 00259	/src/mbedtls/library/psa_crypto.c:8472
0	35	2 : View List ['mbedtls_calloc', 'mbedtls_md_free']	0	35	mbedtls_md_setup	call site: 00180	/src/mbedtls/library/md.c:497
0	0	None	34	42	psa_wipe_all_key_slots	call site: 00264	/src/mbedtls/library/psa_crypto_slot_management.c:475
0	0	None	32	32	psa_init_all_se_drivers	call site: 00006	/src/mbedtls/library/psa_crypto_se.c:264
0	0	None	20	34	mbedtls_x509_crl_free	call site: 00381	/src/mbedtls/library/x509_crl.c:699
0	0	None	0	113	mbedtls_ctr_drbg_seed	call site: 00026	/src/mbedtls/library/ctr_drbg.c:562
0	0	None	0	72	mbedtls_psa_crypto_free	call site: 00261	/src/mbedtls/library/psa_crypto.c:8251

Runtime coverage analysis

Covered functions

71

Functions that are reachable but not covered

147

Reachable functions

205

Percentage of reachable functions covered

28.29%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_x509crl.c	1
library/x509_crl.c	9
library/psa_crypto.c	11
build-usepsa/library/psa_crypto_driver_wrappers.h	2
library/psa_crypto_se.c	5
library/psa_its_file.c	5
library/psa_crypto_slot_management.c	5
library/platform.c	2
library/psa_crypto_random_impl.h	3
library/ctr_drbg.c	7
library/aes.c	9
library/aesni.c	7
library/platform_util.c	2
library/ctr.h	1
library/entropy.c	5
library/md.c	8
library/md5.c	7
library/ripemd160.c	7
library/sha1.c	7
library/sha256.c	8
library/sha512.c	9
library/sha3.c	7
library/psa_crypto_storage.c	2
library/pem.c	9
library/base64.c	2
library/constant_time_impl.h	2
include/mbedtls/error.h	1
library/des.c	12
library/asn1parse.c	9
library/x509.c	19
library/oid.c	8
library/asn1write.c	2

Fuzzer: usepsa-fuzz_pubkey

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	917	91.2%
gold	[1:9]	84	8.35%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	1	0.09%
lawngreen	50+	3	0.29%
All colors	1005	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 00064	/src/mbedtls/library/entropy.c:389
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 00035	/src/mbedtls/library/ctr_drbg.c:469
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 00063	/src/mbedtls/library/entropy.c:308
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	15	mbedtls_md_free	call site: 00191	/src/mbedtls/library/md.c:325
6	11	3 : View List ['mbedtls_platform_zeroize', 'fread', 'fclose']	6	11	mbedtls_platform_std_nv_seed_read	call site: 00000	/src/mbedtls/library/platform.c:298
0	630	1 : View List ['mbedtls_psa_crypto_init_subsystem']	0	696	psa_crypto_init	call site: 00259	/src/mbedtls/library/psa_crypto.c:8472
0	35	2 : View List ['mbedtls_calloc', 'mbedtls_md_free']	0	35	mbedtls_md_setup	call site: 00180	/src/mbedtls/library/md.c:497
0	0	None	34	42	psa_wipe_all_key_slots	call site: 00264	/src/mbedtls/library/psa_crypto_slot_management.c:475
0	0	None	32	32	psa_init_all_se_drivers	call site: 00006	/src/mbedtls/library/psa_crypto_se.c:264
0	0	None	0	113	mbedtls_ctr_drbg_seed	call site: 00026	/src/mbedtls/library/ctr_drbg.c:562
0	0	None	0	72	mbedtls_psa_crypto_free	call site: 00261	/src/mbedtls/library/psa_crypto.c:8251
0	0	None	0	66	psa_crypto_init	call site: 00004	/src/mbedtls/library/psa_crypto.c:8462

Runtime coverage analysis

Covered functions

70

Functions that are reachable but not covered

248

Reachable functions

305

Percentage of reachable functions covered

18.69%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_pubkey.c	1
library/pk.c	5
library/psa_crypto.c	11
build-usepsa/library/psa_crypto_driver_wrappers.h	2
library/psa_crypto_se.c	5
library/psa_its_file.c	5
library/psa_crypto_slot_management.c	5
library/platform.c	2
library/psa_crypto_random_impl.h	3
library/ctr_drbg.c	7
library/aes.c	9
library/aesni.c	7
library/platform_util.c	2
library/ctr.h	1
library/entropy.c	5
library/md.c	8
library/md5.c	7
library/ripemd160.c	7
library/sha1.c	7
library/sha256.c	8
library/sha512.c	9
library/sha3.c	7
library/psa_crypto_storage.c	2
library/pkparse.c	8
library/pem.c	9
library/base64.c	2
library/constant_time_impl.h	8
include/mbedtls/error.h	1
library/des.c	12
include/mbedtls/pk.h	2
library/rsa.c	7
library/asn1parse.c	7
library/bignum.c	37
library/bignum_core.c	29
library/rsa_alt_helpers.c	3
library/constant_time.c	1
library/oid.c	6
library/pk_ecc.c	2
library/pk_internal.h	2
library/ecp_curves.c	6
library/ecp.c	25
include/mbedtls/ecp.h	1

Fuzzer: fuzz_privkey

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	597	38.5%
gold	[1:9]	39	2.51%
yellow	[10:29]	85	5.49%
greenyellow	[30:49]	32	2.06%
lawngreen	50+	795	51.3%
All colors	1548	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
6040	8713	8 : View List ['mbedtls_asn1_get_tag', 'mbedtls_asn1_get_alg', 'mbedtls_error_add.1604', 'mbedtls_oid_get_pkcs12_pbe_alg', 'memcmp', 'mbedtls_pkcs12_pbe_ext', 'pk_parse_key_pkcs8_unencrypted_der', 'mbedtls_pkcs5_pbes2_ext']	6040	8713	mbedtls_pk_parse_key_pkcs8_encrypted_der	call site: 01209	/src/mbedtls/library/pkparse.c:885
1524	1524	4 : View List ['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']	1524	1544	mbedtls_pem_read_buffer	call site: 00089	/src/mbedtls/library/pem.c:430
389	389	1 : View List ['mbedtls_rsa_deduce_primes']	389	434	mbedtls_rsa_complete	call site: 00337	/src/mbedtls/library/rsa.c:782
89	89	1 : View List ['mbedtls_ctr_drbg_reseed']	89	294	mbedtls_ctr_drbg_random_with_add	call site: 01491	/src/mbedtls/library/ctr_drbg.c:632
65	65	1 : View List ['mbedtls_mpi_core_exp_mod_unsafe']	70	198	mbedtls_mpi_exp_mod_optionally_safe	call site: 00463	/src/mbedtls/library/bignum.c:1703
16	16	2 : View List ['mbedtls_internal_aes_decrypt', 'mbedtls_internal_aes_encrypt']	16	16	mbedtls_aes_crypt_ecb	call site: 00032	/src/mbedtls/library/aes.c:1038
0	3591	3 : View List ['mbedtls_calloc', 'mbedtls_zeroize_and_free', 'mbedtls_pk_parse_key_pkcs8_encrypted_der']	0	9405	mbedtls_pk_parse_key	call site: 01470	/src/mbedtls/library/pkparse.c:1107
0	211	6 : View List ['mbedtls_mpi_set_bit', 'mbedtls_mpi_read_binary_le', 'mbedtls_mpi_read_binary', 'mbedtls_ecp_check_privkey', 'mbedtls_mpi_free', 'mbedtls_ecp_get_type']	0	211	mbedtls_ecp_read_key	call site: 00832	/src/mbedtls/library/ecp.c:3265
0	206	1 : View List ['mbedtls_mpi_mod_mpi']	70	511	mbedtls_mpi_exp_mod_optionally_safe	call site: 00459	/src/mbedtls/library/bignum.c:1692
0	73	3 : View List ['mbedtls_mpi_set_bit', 'mbedtls_mpi_read_binary_le', 'mbedtls_mpi_free']	0	616	mbedtls_ecp_point_read_binary	call site: 00677	/src/mbedtls/library/ecp.c:782
0	72	2 : View List ['mbedtls_mpi_mul_mpi', 'mbedtls_mpi_size']	692	809	mbedtls_rsa_complete	call site: 00323	/src/mbedtls/library/rsa.c:769
0	65	1 : View List ['block_cipher_df']	0	205	mbedtls_ctr_drbg_random_with_add	call site: 01492	/src/mbedtls/library/ctr_drbg.c:640

Runtime coverage analysis

Covered functions

262

Functions that are reachable but not covered

160

Reachable functions

391

Percentage of reachable functions covered

59.08%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_privkey.c	1
library/ctr_drbg.c	10
library/aes.c	9
library/entropy.c	3
library/md.c	13
library/entropy_poll.c	3
library/pk.c	5
library/aesni.c	8
library/platform_util.c	2
library/ctr.h	1
programs/fuzz/common.c	2
library/pkparse.c	13
library/pem.c	9
library/base64.c	2
library/constant_time_impl.h	14
include/mbedtls/error.h	1
library/platform.c	2
library/des.c	12
library/md5.c	7
library/ripemd160.c	7
library/sha1.c	7
library/sha256.c	8
library/sha512.c	9
library/sha3.c	7
include/mbedtls/pk.h	2
library/rsa.c	9
library/bignum.c	40
library/asn1parse.c	8
library/bignum_core.c	34
library/rsa_alt_helpers.c	3
library/constant_time.c	1
library/oid.c	12
library/ecp.c	55
include/mbedtls/ecp.h	1
library/ecp_curves.c	6
library/pk_ecc.c	4
library/pk_internal.h	2
library/pkcs12.c	6
library/cipher.c	12
include/mbedtls/cipher.h	4
include/mbedtls/md.h	1
library/chacha20.c	5
library/gcm.c	6
library/ccm.c	5
library/chachapoly.c	2
library/poly1305.c	3
library/pkcs5.c	4

Fuzzer: usepsa-fuzz_x509csr

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	1044	91.8%
gold	[1:9]	89	7.82%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	1	0.08%
lawngreen	50+	3	0.26%
All colors	1137	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 00064	/src/mbedtls/library/entropy.c:389
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 00035	/src/mbedtls/library/ctr_drbg.c:469
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 00063	/src/mbedtls/library/entropy.c:308
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	15	mbedtls_md_free	call site: 00191	/src/mbedtls/library/md.c:325
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	15	mbedtls_x509_csr_free	call site: 00388	/src/mbedtls/library/x509_csr.c:632
6	11	3 : View List ['mbedtls_platform_zeroize', 'fread', 'fclose']	6	11	mbedtls_platform_std_nv_seed_read	call site: 00000	/src/mbedtls/library/platform.c:298
0	630	1 : View List ['mbedtls_psa_crypto_init_subsystem']	0	696	psa_crypto_init	call site: 00259	/src/mbedtls/library/psa_crypto.c:8472
0	35	2 : View List ['mbedtls_calloc', 'mbedtls_md_free']	0	35	mbedtls_md_setup	call site: 00180	/src/mbedtls/library/md.c:497
0	0	None	34	42	psa_wipe_all_key_slots	call site: 00264	/src/mbedtls/library/psa_crypto_slot_management.c:475
0	0	None	32	32	psa_init_all_se_drivers	call site: 00006	/src/mbedtls/library/psa_crypto_se.c:264
0	0	None	0	113	mbedtls_ctr_drbg_seed	call site: 00026	/src/mbedtls/library/ctr_drbg.c:562
0	0	None	0	72	mbedtls_psa_crypto_free	call site: 00261	/src/mbedtls/library/psa_crypto.c:8251

Runtime coverage analysis

Covered functions

73

Functions that are reachable but not covered

285

Reachable functions

345

Percentage of reachable functions covered

17.39%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_x509csr.c	1
library/x509_csr.c	9
library/psa_crypto.c	11
build-usepsa/library/psa_crypto_driver_wrappers.h	2
library/psa_crypto_se.c	5
library/psa_its_file.c	5
library/psa_crypto_slot_management.c	5
library/platform.c	2
library/psa_crypto_random_impl.h	3
library/ctr_drbg.c	7
library/aes.c	9
library/aesni.c	7
library/platform_util.c	2
library/ctr.h	1
library/entropy.c	5
library/md.c	8
library/md5.c	7
library/ripemd160.c	7
library/sha1.c	7
library/sha256.c	8
library/sha512.c	9
library/sha3.c	7
library/psa_crypto_storage.c	2
library/pem.c	9
library/base64.c	2
library/constant_time_impl.h	8
include/mbedtls/error.h	1
library/des.c	12
library/asn1parse.c	12
library/pk.c	6
library/x509.c	23
library/pkparse.c	7
library/oid.c	16
include/mbedtls/pk.h	1
library/rsa.c	5
library/bignum.c	37
library/bignum_core.c	29
library/rsa_alt_helpers.c	2
library/constant_time.c	1
library/pk_ecc.c	2
library/pk_internal.h	2
library/ecp_curves.c	6
library/ecp.c	20
include/mbedtls/ecp.h	1
library/asn1write.c	2

Fuzzer: fuzz_x509crl

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	194	46.1%
gold	[1:9]	34	8.09%
yellow	[10:29]	19	4.52%
greenyellow	[30:49]	6	1.42%
lawngreen	50+	167	39.7%
All colors	420	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1524	1524	4 : View List ['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']	1524	1544	mbedtls_pem_read_buffer	call site: 00036	/src/mbedtls/library/pem.c:430
0	3	1 : View List ['mbedtls_error_add']	0	3	x509_get_crl_entry_ext	call site: 00355	/src/mbedtls/library/x509_crl.c:204
0	0	None	4	52	mbedtls_x509_dn_gets	call site: 00398	/src/mbedtls/library/x509.c:833
0	0	None	0	22	mbedtls_x509_sig_alg_gets	call site: 00415	/src/mbedtls/library/x509.c:989
0	0	None	0	19	mbedtls_x509_crl_parse_der	call site: 00221	/src/mbedtls/library/x509_crl.c:313
0	0	1 : View List ['mbedtls_error_add.4717']	0	10	mbedtls_pem_read_buffer	call site: 00031	/src/mbedtls/library/pem.c:423
0	0	None	0	5	mbedtls_x509_get_name	call site: 00318	/src/mbedtls/library/x509.c:533
0	0	None	0	5	mbedtls_x509_get_name	call site: 00319	/src/mbedtls/library/x509.c:550
0	0	None	0	3	x509_get_crl_entry_ext	call site: 00352	/src/mbedtls/library/x509_crl.c:190
0	0	None	0	0	mbedtls_asn1_write_len	call site: 00403	/src/mbedtls/library/asn1write.c:27
0	0	None	0	0	mbedtls_asn1_write_len	call site: 00403	/src/mbedtls/library/asn1write.c:34
0	0	None	0	0	mbedtls_asn1_write_len	call site: 00403	/src/mbedtls/library/asn1write.c:40

Runtime coverage analysis

Covered functions

61

Functions that are reachable but not covered

84

Reachable functions

145

Percentage of reachable functions covered

42.07%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_x509crl.c	1
library/x509_crl.c	9
library/pem.c	9
library/base64.c	2
library/constant_time_impl.h	2
include/mbedtls/error.h	1
library/platform.c	2
library/platform_util.c	2
library/des.c	12
library/md.c	7
library/md5.c	6
library/ripemd160.c	6
library/sha1.c	6
library/sha256.c	7
library/sha512.c	8
library/sha3.c	6
library/aes.c	9
library/aesni.c	7
library/asn1parse.c	9
library/x509.c	19
library/oid.c	8
library/asn1write.c	2

Fuzzer: fuzz_x509csr

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	447	44.8%
gold	[1:9]	87	8.72%
yellow	[10:29]	27	2.70%
greenyellow	[30:49]	7	0.70%
lawngreen	50+	429	43.0%
All colors	997	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1524	1524	4 : View List ['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']	1524	1544	mbedtls_pem_read_buffer	call site: 00036	/src/mbedtls/library/pem.c:430
389	389	1 : View List ['mbedtls_rsa_deduce_primes']	389	434	mbedtls_rsa_complete	call site: 00346	/src/mbedtls/library/rsa.c:782
239	239	1 : View List ['pk_group_id_from_group']	239	312	pk_ecc_group_id_from_specified	call site: 00697	/src/mbedtls/library/pkparse.c:310
193	193	1 : View List ['mbedtls_x509_info_subject_alt_name']	248	248	mbedtls_x509_csr_info	call site: 00985	/src/mbedtls/library/x509_csr.c:568
131	131	1 : View List ['ecp_check_pubkey_mx']	131	131	mbedtls_ecp_check_pubkey	call site: 00800	/src/mbedtls/library/ecp.c:3036
112	815	8 : View List ['mbedtls_mpi_size', 'mbedtls_asn1_get_tag', 'mbedtls_mpi_bitlen', 'mbedtls_asn1_get_mpi', 'mbedtls_mpi_read_binary', 'mbedtls_error_add.1604', 'mbedtls_ecp_point_read_binary', 'mbedtls_mpi_lset']	112	815	pk_group_from_specified	call site: 00701	/src/mbedtls/library/pkparse.c:152
65	65	1 : View List ['mbedtls_mpi_core_exp_mod_unsafe']	76	198	mbedtls_mpi_exp_mod_optionally_safe	call site: 00472	/src/mbedtls/library/bignum.c:1703
34	616	8 : View List ['mbedtls_mpi_read_binary_le', 'mbedtls_ecp_get_type', 'mbedtls_ecp_sw_derive_y', 'mbedtls_mpi_set_bit', 'mbedtls_mpi_read_binary', 'mbedtls_ecp_set_zero', 'mbedtls_mpi_free', 'mbedtls_mpi_lset']	34	616	mbedtls_ecp_point_read_binary	call site: 00722	/src/mbedtls/library/ecp.c:783
29	29	1 : View List ['mbedtls_x509_info_key_usage']	29	29	mbedtls_x509_csr_info	call site: 00994	/src/mbedtls/library/x509_csr.c:588
26	26	1 : View List ['mbedtls_x509_info_cert_type']	55	55	mbedtls_x509_csr_info	call site: 00986	/src/mbedtls/library/x509_csr.c:579
0	228	7 : View List ['mbedtls_x509_get_subject_alt_name', 'mbedtls_asn1_get_bool', 'mbedtls_asn1_get_tag', 'mbedtls_x509_get_key_usage', 'mbedtls_error_add', 'mbedtls_oid_get_x509_ext_type', 'mbedtls_x509_get_ns_cert_type']	0	228	x509_csr_parse_extensions	call site: 00893	/src/mbedtls/library/x509_csr.c:169
0	206	1 : View List ['mbedtls_mpi_mod_mpi']	76	511	mbedtls_mpi_exp_mod_optionally_safe	call site: 00468	/src/mbedtls/library/bignum.c:1692

Runtime coverage analysis

Covered functions

203

Functions that are reachable but not covered

105

Reachable functions

286

Percentage of reachable functions covered

63.29%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_x509csr.c	1
library/x509_csr.c	9
library/pem.c	9
library/base64.c	2
library/constant_time_impl.h	8
include/mbedtls/error.h	1
library/platform.c	2
library/platform_util.c	2
library/des.c	12
library/md.c	7
library/md5.c	6
library/ripemd160.c	6
library/sha1.c	6
library/sha256.c	7
library/sha512.c	8
library/sha3.c	6
library/aes.c	9
library/aesni.c	7
library/asn1parse.c	12
library/pk.c	6
library/x509.c	23
library/pkparse.c	7
library/oid.c	16
include/mbedtls/pk.h	1
library/rsa.c	5
library/bignum.c	37
library/bignum_core.c	29
library/rsa_alt_helpers.c	3
library/constant_time.c	1
library/pk_ecc.c	2
library/pk_internal.h	2
library/ecp_curves.c	6
library/ecp.c	20
include/mbedtls/ecp.h	1
library/asn1write.c	2

Fuzzer: fuzz_pkcs7

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	695	75.8%
gold	[1:9]	63	6.87%
yellow	[10:29]	23	2.51%
greenyellow	[30:49]	10	1.09%
lawngreen	50+	125	13.6%
All colors	916	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1935	1945	10 : View List ['pk_use_ecparams', 'mbedtls_pk_ecc_set_pubkey', 'mbedtls_pk_rsa.1608', 'pk_use_ecparams_rfc8410', 'mbedtls_pk_info_from_type', 'mbedtls_pk_free', 'mbedtls_rsa_parse_pubkey', 'mbedtls_error_add.1604', 'mbedtls_pk_setup', 'mbedtls_asn1_get_bitstring_null']	1935	1945	mbedtls_pk_parse_subpubkey	call site: 00194	/src/mbedtls/library/pkparse.c:534
299	330	6 : View List ['mbedtls_x509_get_sig', 'mbedtls_error_add.689', 'memcmp', 'x509_get_crt_ext', 'x509_get_uid', 'mbedtls_x509_get_alg']	299	546	x509_crt_parse_der_core	call site: 00191	/src/mbedtls/library/x509_crt.c:1227
24	24	2 : View List ['mbedtls_oid_get_pk_alg', 'mbedtls_oid_get_ec_grp_algid']	24	24	pk_get_pk_alg	call site: 00195	/src/mbedtls/library/pkparse.c:481
0	119	2 : View List ['mbedtls_calloc', 'pkcs7_get_signer_info']	0	135	pkcs7_get_signers_info_set	call site: 00897	/src/mbedtls/library/pkcs7.c:415
0	4	2 : View List ['mbedtls_calloc', 'mbedtls_x509_crt_init']	0	1335	mbedtls_x509_crt_parse_der_internal	call site: 00058	/src/mbedtls/library/x509_crt.c:1338
0	2	1 : View List ['mbedtls_free']	0	2	mbedtls_x509_crt_parse_der_internal	call site: 00061	/src/mbedtls/library/x509_crt.c:1356
0	0	None	299	2142	x509_crt_parse_der_core	call site: 00063	/src/mbedtls/library/x509_crt.c:1115
0	0	None	0	135	pkcs7_get_signers_info_set	call site: 00896	/src/mbedtls/library/pkcs7.c:409
0	0	None	0	42	mbedtls_pkcs7_parse_der	call site: 00003	/src/mbedtls/library/pkcs7.c:567
0	0	None	0	34	mbedtls_x509_crl_free	call site: 00908	/src/mbedtls/library/x509_crl.c:699
0	0	None	0	27	x509_crt_parse_der_core	call site: 00062	/src/mbedtls/library/x509_crt.c:1107
0	0	None	0	5	mbedtls_pk_free	call site: 00064	/src/mbedtls/library/pk.c:65

Runtime coverage analysis

Covered functions

55

Functions that are reachable but not covered

155

Reachable functions

210

Percentage of reachable functions covered

26.19%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_pkcs7.c	1
library/pkcs7.c	14
library/platform.c	2
library/asn1parse.c	15
include/mbedtls/error.h	1
library/platform_util.c	2
library/oid.c	12
library/x509_crt.c	14
library/pk.c	4
library/x509.c	21
library/pkparse.c	7
include/mbedtls/pk.h	1
library/rsa.c	5
library/bignum.c	37
library/bignum_core.c	29
library/rsa_alt_helpers.c	3
library/constant_time_impl.h	7
library/constant_time.c	1
library/pk_ecc.c	2
library/pk_internal.h	2
library/ecp_curves.c	6
library/ecp.c	20
include/mbedtls/ecp.h	1
library/x509_crl.c	1

Fuzzer: fuzz_dtlsserver

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	6127	87.6%
gold	[1:9]	284	4.06%
yellow	[10:29]	37	0.52%
greenyellow	[30:49]	28	0.40%
lawngreen	50+	512	7.32%
All colors	6988	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
22505	22515	5 : View List ['mbedtls_ssl_handshake_client_step', 'mbedtls_ssl_write_client_hello', 'mbedtls_debug_print_msg', 'mbedtls_ssl_states_str', 'mbedtls_ssl_tls13_handshake_client_step']	30807	37546	mbedtls_ssl_handshake_step	call site: 02369	/src/mbedtls/library/ssl_tls.c:4524
8302	8302	1 : View List ['mbedtls_ssl_tls13_handshake_server_step']	8302	9113	mbedtls_ssl_handshake_step	call site: 05099	/src/mbedtls/library/ssl_tls.c:4557
1696	1727	5 : View List ['ssl_double_retransmit_timeout', 'mbedtls_debug_print_ret', 'mbedtls_ssl_set_timer', 'mbedtls_ssl_resend_hello_request', 'mbedtls_ssl_resend']	1696	1757	mbedtls_ssl_fetch_input	call site: 03679	/src/mbedtls/library/ssl_msg.c:2256
1524	1554	5 : View List ['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']	1524	1554	mbedtls_pem_read_buffer	call site: 00923	/src/mbedtls/library/pem.c:428
1320	2135	3 : View List ['mbedtls_ssl_send_alert_message', 'mbedtls_ecjpake_read_round_one', 'mbedtls_debug_print_ret']	1320	2135	ssl_parse_ecjpake_kkpp	call site: 05217	/src/mbedtls/library/ssl_tls12_server.c:299
720	722	2 : View List ['mbedtls_ssl_encrypt_buf', 'mbedtls_ssl_write_version']	776	933	mbedtls_ssl_write_record	call site: 02243	/src/mbedtls/library/ssl_msg.c:2969
600	600	1 : View List ['pk_ecc_group_id_from_specified']	600	827	pk_use_ecparams	call site: 00623	/src/mbedtls/library/pkparse.c:394
512	512	11 : View List ['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']	512	512	psa_destroy_key	call site: 01971	/src/mbedtls/library/psa_crypto.c:1286
389	389	1 : View List ['mbedtls_rsa_deduce_primes']	389	434	mbedtls_rsa_complete	call site: 00278	/src/mbedtls/library/rsa.c:782
206	206	1 : View List ['mbedtls_mpi_mod_mpi']	206	206	ecp_modp	call site: 00676	/src/mbedtls/library/ecp.c:1003
131	131	1 : View List ['ecp_check_pubkey_mx']	131	131	mbedtls_ecp_check_pubkey	call site: 00732	/src/mbedtls/library/ecp.c:3036
104	108	3 : View List ['mbedtls_calloc', 'mbedtls_free', 'mbedtls_x509_get_rsassa_pss_params']	104	108	mbedtls_x509_get_sig_alg	call site: 00117	/src/mbedtls/library/x509.c:733

Runtime coverage analysis

Covered functions

343

Functions that are reachable but not covered

1154

Reachable functions

1477

Percentage of reachable functions covered

21.87%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_dtlsserver.c	1
library/ctr_drbg.c	10
library/aes.c	9
library/entropy.c	8
library/md.c	15
library/entropy_poll.c	3
library/x509_crt.c	50
library/pk.c	21
library/ssl_tls.c	112
library/ssl_cookie.c	6
library/aesni.c	8
library/platform_util.c	4
library/ctr.h	1
programs/fuzz/common.c	7
library/platform.c	3
library/asn1parse.c	15
include/mbedtls/error.h	1
library/x509.c	32
library/oid.c	26
library/pkparse.c	14
include/mbedtls/pk.h	2
library/rsa.c	26
library/bignum.c	50
library/bignum_core.c	36
library/rsa_alt_helpers.c	5
library/constant_time_impl.h	18
library/constant_time.c	4
library/pk_ecc.c	4
library/pk_internal.h	3
library/ecp_curves.c	6
library/ecp.c	77
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	13
library/md5.c	8
library/ripemd160.c	8
library/sha1.c	8
library/sha256.c	9
library/sha512.c	10
library/sha3.c	8
library/pkcs12.c	6
library/cipher.c	17
include/mbedtls/cipher.h	8
include/mbedtls/md.h	1
library/chacha20.c	5
library/gcm.c	10
library/ccm.c	13
library/chachapoly.c	9
library/poly1305.c	6
library/pkcs5.c	4
library/ssl_misc.h	53
library/ssl_ciphersuites.c	8
library/ssl_tls12_server.c	44
library/debug.c	11
library/ssl_msg.c	86
library/dhm.c	15
library/ecdh.c	22
library/ecjpake.c	21
library/psa_crypto.c	99
include/psa/crypto_values.h	2
library/psa_crypto_slot_management.c	22
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
include/psa/crypto_extra.h	2
framework/tests/src/drivers/platform_builtin_keys.c	1
include/psa/crypto_struct.h	12
build/library/psa_crypto_driver_wrappers_no_static.c	3
library/psa_crypto_storage.c	15
library/psa_its_file.c	6
library/psa_crypto_se.c	9
library/psa_crypto_storage.h	1
library/timing.c	3
library/nist_kw.c	4
include/mbedtls/ssl.h	2
build/library/ssl_debug_helpers_generated.c	3
library/ssl_client.c	8
library/ssl_tls13_client.c	57
library/ssl_tls13_generic.c	33
build/library/psa_crypto_driver_wrappers.h	16
library/psa_crypto_random_impl.h	3
library/psa_util.c	5
library/psa_crypto_rsa.c	7
library/asn1write.c	6
library/psa_crypto_ecp.c	7
library/psa_crypto_ffdh.c	5
library/ssl_tls12_client.c	35
include/mbedtls/psa_util.h	2
library/ssl_tls13_keys.c	27
library/psa_crypto_hash.c	5
library/psa_crypto_mac.c	13
library/psa_crypto_cipher.c	3
library/cmac.c	6
library/psa_crypto_client.c	1
library/bignum_core.h	1
library/ssl_ciphersuites_internal.h	7
library/ssl_tls13_server.c	53

Fuzzer: usepsa-fuzz_client

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	7079	94.9%
gold	[1:9]	237	3.17%
yellow	[10:29]	108	1.44%
greenyellow	[30:49]	16	0.21%
lawngreen	50+	15	0.20%
All colors	7455	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1524	1554	5 : View List ['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']	1524	1554	mbedtls_pem_read_buffer	call site: 00849	/src/mbedtls/library/pem.c:428
674	745	3 : View List ['mbedtls_platform_zeroize', 'mbedtls_md_free', 'mbedtls_cipher_free']	674	745	mbedtls_ssl_transform_free	call site: 01297	/src/mbedtls/library/ssl_msg.c:6208
600	600	1 : View List ['pk_ecc_group_id_from_specified']	600	827	pk_use_ecparams	call site: 00549	/src/mbedtls/library/pkparse.c:394
537	537	1 : View List ['mbedtls_ssl_handshake_free']	605	734	mbedtls_ssl_free	call site: 07438	/src/mbedtls/library/ssl_tls.c:5550
389	389	1 : View List ['mbedtls_rsa_deduce_primes']	389	434	mbedtls_rsa_complete	call site: 00217	/src/mbedtls/library/rsa.c:782
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 01106	/src/mbedtls/library/entropy.c:389
206	206	1 : View List ['mbedtls_mpi_mod_mpi']	206	206	ecp_modp	call site: 00602	/src/mbedtls/library/ecp.c:1003
131	131	1 : View List ['ecp_check_pubkey_mx']	131	131	mbedtls_ecp_check_pubkey	call site: 00658	/src/mbedtls/library/ecp.c:3036
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 01085	/src/mbedtls/library/ctr_drbg.c:469
104	108	3 : View List ['mbedtls_calloc', 'mbedtls_free', 'mbedtls_x509_get_rsassa_pss_params']	104	108	mbedtls_x509_get_sig_alg	call site: 00059	/src/mbedtls/library/x509.c:733
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 01105	/src/mbedtls/library/entropy.c:308
83	107	3 : View List ['mbedtls_asn1_get_tag', 'mbedtls_x509_get_subject_alt_name_ext', 'mbedtls_error_add.689']	83	107	x509_get_authority_key_id	call site: 00746	/src/mbedtls/library/x509_crt.c:654

Runtime coverage analysis

Covered functions

198

Functions that are reachable but not covered

1430

Reachable functions

1615

Percentage of reachable functions covered

11.46%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_client.c	1
library/x509_crt.c	50
library/platform.c	3
library/asn1parse.c	15
library/pk.c	21
library/platform_util.c	4
include/mbedtls/error.h	1
library/x509.c	32
library/oid.c	21
library/pkparse.c	7
include/mbedtls/pk.h	2
library/rsa.c	34
library/bignum.c	50
library/bignum_core.c	36
library/rsa_alt_helpers.c	4
library/constant_time_impl.h	16
library/constant_time.c	3
library/pk_ecc.c	2
library/pk_internal.h	3
library/ecp_curves.c	6
library/ecp.c	77
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	13
library/md.c	14
library/md5.c	8
library/ripemd160.c	8
library/sha1.c	8
library/sha256.c	9
library/sha512.c	10
library/sha3.c	8
library/aes.c	9
library/aesni.c	8
programs/fuzz/common.c	6
library/ssl_tls.c	119
library/ctr_drbg.c	10
library/entropy.c	8
library/entropy_poll.c	3
library/psa_crypto.c	145
build-usepsa/library/psa_crypto_driver_wrappers.h	37
library/psa_crypto_se.c	9
library/psa_its_file.c	6
library/psa_crypto_slot_management.c	22
library/psa_crypto_random_impl.h	3
library/ctr.h	1
library/psa_crypto_storage.c	15
library/ssl_misc.h	53
library/ssl_ciphersuites.c	10
include/psa/crypto_values.h	2
library/debug.c	9
library/ssl_msg.c	87
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
include/psa/crypto_extra.h	5
framework/tests/src/drivers/platform_builtin_keys.c	1
include/psa/crypto_struct.h	15
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c	3
library/psa_crypto_storage.h	1
library/psa_crypto_hash.c	6
library/dhm.c	15
library/psa_crypto_pake.c	9
library/ecjpake.c	20
library/psa_util.c	6
library/psa_crypto_client.c	1
library/psa_crypto_mac.c	15
library/cipher.c	11
library/psa_crypto_cipher.c	11
include/mbedtls/cipher.h	6
library/cmac.c	6
library/psa_crypto_ffdh.c	5
library/psa_crypto_ecp.c	10
library/psa_crypto_rsa.c	11
library/asn1write.c	6
library/gcm.c	16
library/ccm.c	16
library/chachapoly.c	12
library/poly1305.c	8
library/chacha20.c	8
library/psa_crypto_aead.c	5
include/mbedtls/ssl.h	2
build-usepsa/library/ssl_debug_helpers_generated.c	3
library/ssl_client.c	8
library/ssl_tls13_client.c	57
library/ssl_tls13_generic.c	33
library/ssl_tls12_client.c	35
include/mbedtls/md.h	1
include/mbedtls/psa_util.h	2
library/ssl_tls13_keys.c	27
library/ecdh.c	12
3rdparty/everest/library/everest.c	4
3rdparty/everest/library/x25519.c	4
3rdparty/everest/library/Hacl_Curve25519.c	38
3rdparty/everest/include/everest/kremlin/c_endianness.h	2
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h	1
3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c	2
library/ecdsa.c	14
library/bignum_core.h	1
library/hmac_drbg.c	8
library/pk_wrap.c	1
library/ssl_ciphersuites_internal.h	7
library/ssl_tls13_server.c	54
library/ssl_tls12_server.c	43

Fuzzer: fuzz_server

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	5325	75.9%
gold	[1:9]	340	4.85%
yellow	[10:29]	110	1.56%
greenyellow	[30:49]	18	0.25%
lawngreen	50+	1215	17.3%
All colors	7008	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
22472	22515	5 : View List ['mbedtls_ssl_handshake_client_step', 'mbedtls_ssl_write_client_hello', 'mbedtls_debug_print_msg', 'mbedtls_ssl_states_str', 'mbedtls_ssl_tls13_handshake_client_step']	22472	37546	mbedtls_ssl_handshake_step	call site: 02454	/src/mbedtls/library/ssl_tls.c:4524
4435	4989	20 : View List ['ssl_tls13_parse_supported_groups_ext', 'mbedtls_debug_print_ret', 'mbedtls_ssl_parse_alpn_ext', 'ssl_tls13_select_ciphersuite', 'ssl_tls13_parse_key_shares_ext', 'mbedtls_ssl_tls13_check_received_extension', 'mbedtls_ssl_add_hs_hdr_to_checksum', 'mbedtls_ssl_parse_server_name_ext', 'mbedtls_ssl_print_extension', 'mbedtls_debug_print_buf', 'ssl_tls13_key_exchange_is_ephemeral_available', 'mbedtls_ssl_tls13_parse_record_size_limit_ext', 'mbedtls_ssl_pend_fatal_alert', 'ssl_tls13_parse_key_exchange_modes_ext', 'mbedtls_ssl_optimize_checksum', 'mbedtls_debug_print_msg', 'ssl_tls13_parse_pre_shared_key_ext', 'mbedtls_ssl_parse_sig_alg_ext', 'mbedtls_ssl_print_extensions', 'mbedtls_ssl_chk_buf_ptr.1814']	4435	4989	ssl_tls13_parse_client_hello	call site: 05932	/src/mbedtls/library/ssl_tls13_server.c:1417
4250	7107	9 : View List ['mbedtls_ssl_verify_certificate', 'mbedtls_debug_print_ret', 'ssl_srv_check_client_no_crt_notification', 'mbedtls_ssl_read_record', 'mbedtls_calloc', 'ssl_parse_certificate_chain', 'mbedtls_ssl_send_alert_message', 'ssl_clear_peer_cert', 'mbedtls_x509_crt_init']	4250	7156	mbedtls_ssl_parse_certificate	call site: 05413	/src/mbedtls/library/ssl_tls.c:7965
2606	2606	3 : View List ['mbedtls_ecjpake_derive_secret', 'mbedtls_ecjpake_read_round_two', 'ssl_parse_encrypted_pms']	2989	3045	ssl_parse_client_key_exchange	call site: 06854	/src/mbedtls/library/ssl_tls12_server.c:3922
1897	1945	5 : View List ['mbedtls_ecdh_read_public', 'mbedtls_ssl_derive_keys', 'mbedtls_debug_print_msg', 'mbedtls_debug_printf_ecdh', 'mbedtls_ssl_psk_derive_premaster']	1897	1972	ssl_parse_client_key_exchange	call site: 06855	/src/mbedtls/library/ssl_tls12_server.c:4006
1696	1711	5 : View List ['ssl_double_retransmit_timeout', 'mbedtls_ssl_set_timer', 'mbedtls_ssl_is_handshake_over', 'mbedtls_ssl_resend_hello_request', 'mbedtls_ssl_resend']	1696	1852	mbedtls_ssl_fetch_input	call site: 03751	/src/mbedtls/library/ssl_msg.c:2168
1636	1636	2 : View List ['mbedtls_ssl_handshake_set_state.1836', 'ssl_tls13_postprocess_client_hello']	1636	1646	ssl_tls13_process_client_hello	call site: 05898	/src/mbedtls/library/ssl_tls13_server.c:1976
1524	1554	5 : View List ['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']	1524	1554	mbedtls_pem_read_buffer	call site: 00922	/src/mbedtls/library/pem.c:428
1521	1541	4 : View List ['mbedtls_debug_print_msg', 'ssl_parse_client_dh_public', 'mbedtls_ssl_derive_keys', 'mbedtls_ssl_psk_derive_premaster']	1521	1568	ssl_parse_client_key_exchange	call site: 06848	/src/mbedtls/library/ssl_tls12_server.c:3881
1427	1447	3 : View List ['mbedtls_debug_print_msg', 'mbedtls_ssl_derive_keys', 'mbedtls_ssl_psk_derive_premaster']	1427	1465	ssl_parse_client_key_exchange	call site: 06799	/src/mbedtls/library/ssl_tls12_server.c:3826
1424	1424	3 : View List ['mbedtls_ssl_session_get_ticket_creation_time', 'mbedtls_ms_time', 'mbedtls_ssl_session_load']	1424	1424	mbedtls_ssl_ticket_parse	call site: 01921	/src/mbedtls/library/ssl_ticket.c:479
1320	2135	3 : View List ['mbedtls_ssl_send_alert_message', 'mbedtls_ecjpake_read_round_one', 'mbedtls_debug_print_ret']	1320	2135	ssl_parse_ecjpake_kkpp	call site: 05248	/src/mbedtls/library/ssl_tls12_server.c:299

Runtime coverage analysis

Covered functions

589

Functions that are reachable but not covered

938

Reachable functions

1490

Percentage of reachable functions covered

37.05%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_server.c	1
library/ctr_drbg.c	10
library/aes.c	9
library/entropy.c	8
library/md.c	15
library/entropy_poll.c	3
library/x509_crt.c	50
library/pk.c	21
library/ssl_tls.c	128
library/ssl_ticket.c	8
library/aesni.c	8
library/platform_util.c	4
library/ctr.h	1
programs/fuzz/common.c	6
library/platform.c	3
library/asn1parse.c	15
include/mbedtls/error.h	1
library/x509.c	32
library/oid.c	26
library/pkparse.c	14
include/mbedtls/pk.h	2
library/rsa.c	26
library/bignum.c	50
library/bignum_core.c	36
library/rsa_alt_helpers.c	5
library/constant_time_impl.h	18
library/constant_time.c	4
library/pk_ecc.c	4
library/pk_internal.h	3
library/ecp_curves.c	6
library/ecp.c	77
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	13
library/md5.c	8
library/ripemd160.c	8
library/sha1.c	8
library/sha256.c	9
library/sha512.c	10
library/sha3.c	8
library/pkcs12.c	6
library/cipher.c	17
include/mbedtls/cipher.h	9
include/mbedtls/md.h	1
library/chacha20.c	5
library/gcm.c	10
library/ccm.c	13
library/chachapoly.c	9
library/poly1305.c	6
library/pkcs5.c	4
library/ssl_misc.h	53
library/ssl_ciphersuites.c	8
library/nist_kw.c	4
include/mbedtls/ssl.h	3
library/debug.c	11
library/ssl_msg.c	86
library/dhm.c	15
library/ecdh.c	22
library/ecjpake.c	21
library/psa_crypto.c	99
include/psa/crypto_values.h	2
library/psa_crypto_slot_management.c	22
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
include/psa/crypto_extra.h	2
framework/tests/src/drivers/platform_builtin_keys.c	1
include/psa/crypto_struct.h	12
build/library/psa_crypto_driver_wrappers_no_static.c	3
library/psa_crypto_storage.c	15
library/psa_its_file.c	6
library/psa_crypto_se.c	9
library/psa_crypto_storage.h	1
build/library/ssl_debug_helpers_generated.c	3
library/ssl_client.c	8
library/ssl_tls13_client.c	57
library/ssl_tls13_generic.c	33
build/library/psa_crypto_driver_wrappers.h	16
library/psa_crypto_random_impl.h	3
library/psa_util.c	5
library/psa_crypto_rsa.c	7
library/asn1write.c	6
library/psa_crypto_ecp.c	7
library/psa_crypto_ffdh.c	5
library/ssl_tls12_client.c	35
include/mbedtls/psa_util.h	2
library/ssl_tls13_keys.c	27
library/psa_crypto_hash.c	5
library/psa_crypto_mac.c	13
library/psa_crypto_cipher.c	3
library/cmac.c	6
library/psa_crypto_client.c	1
library/bignum_core.h	1
library/ssl_ciphersuites_internal.h	7
library/ssl_tls13_server.c	53
library/ssl_tls12_server.c	42

Fuzzer: usepsa-fuzz_pkcs7

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	679	75.4%
gold	[1:9]	66	7.33%
yellow	[10:29]	21	2.33%
greenyellow	[30:49]	9	1.0%
lawngreen	50+	125	13.8%
All colors	900	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1935	1945	10 : View List ['pk_use_ecparams', 'mbedtls_pk_ecc_set_pubkey', 'mbedtls_pk_rsa.1608', 'pk_use_ecparams_rfc8410', 'mbedtls_pk_info_from_type', 'mbedtls_pk_free', 'mbedtls_rsa_parse_pubkey', 'mbedtls_error_add.1604', 'mbedtls_pk_setup', 'mbedtls_asn1_get_bitstring_null']	1935	1945	mbedtls_pk_parse_subpubkey	call site: 00194	/src/mbedtls/library/pkparse.c:534
299	330	6 : View List ['mbedtls_x509_get_sig', 'mbedtls_error_add.689', 'memcmp', 'x509_get_crt_ext', 'x509_get_uid', 'mbedtls_x509_get_alg']	299	546	x509_crt_parse_der_core	call site: 00191	/src/mbedtls/library/x509_crt.c:1227
24	24	2 : View List ['mbedtls_oid_get_pk_alg', 'mbedtls_oid_get_ec_grp_algid']	24	24	pk_get_pk_alg	call site: 00195	/src/mbedtls/library/pkparse.c:481
0	119	2 : View List ['mbedtls_calloc', 'pkcs7_get_signer_info']	0	135	pkcs7_get_signers_info_set	call site: 00881	/src/mbedtls/library/pkcs7.c:415
0	4	2 : View List ['mbedtls_calloc', 'mbedtls_x509_crt_init']	0	1335	mbedtls_x509_crt_parse_der_internal	call site: 00058	/src/mbedtls/library/x509_crt.c:1338
0	2	1 : View List ['mbedtls_free']	0	2	mbedtls_x509_crt_parse_der_internal	call site: 00061	/src/mbedtls/library/x509_crt.c:1356
0	0	None	299	2142	x509_crt_parse_der_core	call site: 00063	/src/mbedtls/library/x509_crt.c:1115
0	0	None	0	135	pkcs7_get_signers_info_set	call site: 00880	/src/mbedtls/library/pkcs7.c:409
0	0	None	0	42	mbedtls_pkcs7_parse_der	call site: 00003	/src/mbedtls/library/pkcs7.c:567
0	0	None	0	34	mbedtls_x509_crl_free	call site: 00892	/src/mbedtls/library/x509_crl.c:699
0	0	None	0	27	x509_crt_parse_der_core	call site: 00062	/src/mbedtls/library/x509_crt.c:1107
0	0	None	0	5	mbedtls_pk_free	call site: 00064	/src/mbedtls/library/pk.c:65

Runtime coverage analysis

Covered functions

55

Functions that are reachable but not covered

154

Reachable functions

209

Percentage of reachable functions covered

26.32%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_pkcs7.c	1
library/pkcs7.c	14
library/platform.c	2
library/asn1parse.c	15
include/mbedtls/error.h	1
library/platform_util.c	2
library/oid.c	12
library/x509_crt.c	14
library/pk.c	4
library/x509.c	21
library/pkparse.c	7
include/mbedtls/pk.h	1
library/rsa.c	5
library/bignum.c	37
library/bignum_core.c	29
library/rsa_alt_helpers.c	2
library/constant_time_impl.h	7
library/constant_time.c	1
library/pk_ecc.c	2
library/pk_internal.h	2
library/ecp_curves.c	6
library/ecp.c	20
include/mbedtls/ecp.h	1
library/x509_crl.c	1

Fuzzer: usepsa-fuzz_dtlsserver

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	7577	98.2%
gold	[1:9]	129	1.67%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	1	0.01%
lawngreen	50+	3	0.03%
All colors	7710	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
674	745	3 : View List ['mbedtls_platform_zeroize', 'mbedtls_md_free', 'mbedtls_cipher_free']	674	745	mbedtls_ssl_transform_free	call site: 02731	/src/mbedtls/library/ssl_msg.c:6208
537	537	1 : View List ['mbedtls_ssl_handshake_free']	615	734	mbedtls_ssl_free	call site: 07693	/src/mbedtls/library/ssl_tls.c:5550
512	512	11 : View List ['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']	512	512	psa_destroy_key	call site: 01931	/src/mbedtls/library/psa_crypto.c:1286
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 00082	/src/mbedtls/library/entropy.c:389
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 00053	/src/mbedtls/library/ctr_drbg.c:469
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 00081	/src/mbedtls/library/entropy.c:308
33	33	1 : View List ['mbedtls_ssl_session_free']	45	64	mbedtls_ssl_free	call site: 07701	/src/mbedtls/library/ssl_tls.c:5568
12	12	2 : View List ['mbedtls_zeroize_and_free', 'strlen']	12	29	mbedtls_ssl_free	call site: 07703	/src/mbedtls/library/ssl_tls.c:5574
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	20	mbedtls_ssl_config_free	call site: 07684	/src/mbedtls/library/ssl_tls.c:6080
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	15	mbedtls_md_free	call site: 00209	/src/mbedtls/library/md.c:325
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	10	mbedtls_mpi_free	call site: 00473	/src/mbedtls/library/bignum.c:197
6	11	3 : View List ['mbedtls_platform_zeroize', 'fread', 'fclose']	6	11	mbedtls_platform_std_nv_seed_read	call site: 00000	/src/mbedtls/library/platform.c:298

Runtime coverage analysis

Covered functions

86

Functions that are reachable but not covered

1572

Reachable functions

1651

Percentage of reachable functions covered

4.78%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_dtlsserver.c	1
library/ctr_drbg.c	10
library/aes.c	9
library/entropy.c	8
library/md.c	14
library/entropy_poll.c	3
library/x509_crt.c	50
library/pk.c	22
library/ssl_tls.c	114
library/ssl_cookie.c	6
library/psa_crypto.c	145
build-usepsa/library/psa_crypto_driver_wrappers.h	37
library/psa_crypto_se.c	9
library/psa_its_file.c	6
library/psa_crypto_slot_management.c	22
library/platform.c	3
library/psa_crypto_random_impl.h	3
library/aesni.c	8
library/platform_util.c	4
library/ctr.h	1
library/md5.c	8
library/ripemd160.c	8
library/sha1.c	8
library/sha256.c	9
library/sha512.c	10
library/sha3.c	8
library/psa_crypto_storage.c	15
programs/fuzz/common.c	7
library/asn1parse.c	15
include/mbedtls/error.h	1
library/x509.c	32
library/oid.c	27
library/pkparse.c	14
include/mbedtls/pk.h	2
library/rsa.c	34
library/bignum.c	50
library/bignum_core.c	36
library/rsa_alt_helpers.c	4
library/constant_time_impl.h	16
library/constant_time.c	3
library/pk_ecc.c	4
library/pk_internal.h	3
library/ecp_curves.c	6
library/ecp.c	77
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	13
library/psa_util.c	6
include/psa/crypto_struct.h	15
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
library/psa_crypto_storage.h	1
library/psa_crypto_ffdh.c	5
library/psa_crypto_ecp.c	10
library/psa_crypto_rsa.c	11
library/asn1write.c	6
include/psa/crypto_values.h	2
include/psa/crypto_extra.h	5
framework/tests/src/drivers/platform_builtin_keys.c	1
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c	3
library/pkcs12.c	6
library/cipher.c	14
include/mbedtls/cipher.h	6
include/mbedtls/md.h	1
library/psa_crypto_cipher.c	11
library/chacha20.c	8
library/gcm.c	16
library/ccm.c	16
library/chachapoly.c	12
library/poly1305.c	8
library/pkcs5.c	4
library/ssl_misc.h	53
library/ssl_ciphersuites.c	10
include/mbedtls/psa_util.h	2
library/ssl_tls12_server.c	45
library/psa_crypto_mac.c	15
library/cmac.c	6
library/psa_crypto_hash.c	6
library/debug.c	9
library/ssl_msg.c	87
library/dhm.c	15
library/psa_crypto_pake.c	9
library/ecjpake.c	20
library/timing.c	3
library/psa_crypto_client.c	1
library/psa_crypto_aead.c	5
include/mbedtls/ssl.h	2
build-usepsa/library/ssl_debug_helpers_generated.c	3
library/ssl_client.c	8
library/ssl_tls13_client.c	57
library/ssl_tls13_generic.c	33
library/ssl_tls12_client.c	35
library/ssl_tls13_keys.c	27
library/ecdh.c	12
3rdparty/everest/library/everest.c	4
3rdparty/everest/library/x25519.c	4
3rdparty/everest/library/Hacl_Curve25519.c	38
3rdparty/everest/include/everest/kremlin/c_endianness.h	2
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h	1
3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c	2
library/ecdsa.c	14
library/bignum_core.h	1
library/hmac_drbg.c	8
library/pk_wrap.c	1
library/ssl_ciphersuites_internal.h	7
library/ssl_tls13_server.c	54

Fuzzer: fuzz_client

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	6093	90.1%
gold	[1:9]	242	3.57%
yellow	[10:29]	329	4.86%
greenyellow	[30:49]	50	0.73%
lawngreen	50+	47	0.69%
All colors	6761	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
14220	14220	2 : View List ['mbedtls_ssl_tls13_handshake_server_step', 'mbedtls_ssl_handshake_server_step']	14220	15031	mbedtls_ssl_handshake_step	call site: 04879	/src/mbedtls/library/ssl_tls.c:4555
1619	1645	9 : View List ['mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled.2884', 'mbedtls_ssl_write_sig_alg_ext', 'mbedtls_debug_print_msg', 'mbedtls_ssl_conf_tls13_is_ephemeral_enabled.2876', 'mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext', 'ssl_write_supported_groups_ext', 'mbedtls_ssl_conf_tls13_is_some_psk_enabled.2875', 'mbedtls_debug_print_buf', 'mbedtls_ssl_tls12_write_client_hello_exts']	1619	1645	ssl_write_client_hello_body	call site: 01827	/src/mbedtls/library/ssl_client.c:599
1524	1554	5 : View List ['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']	1524	1554	mbedtls_pem_read_buffer	call site: 00865	/src/mbedtls/library/pem.c:428
835	835	1 : View List ['mbedtls_ssl_flight_transmit']	835	835	ssl_prepare_handshake_step	call site: 01494	/src/mbedtls/library/ssl_tls.c:4487
806	806	1 : View List ['mbedtls_ssl_send_alert_message']	806	806	mbedtls_ssl_handle_pending_alert	call site: 01760	/src/mbedtls/library/ssl_msg.c:6337
600	600	1 : View List ['pk_ecc_group_id_from_specified']	600	827	pk_use_ecparams	call site: 00565	/src/mbedtls/library/pkparse.c:394
512	512	11 : View List ['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']	512	512	psa_destroy_key	call site: 01269	/src/mbedtls/library/psa_crypto.c:1286
389	389	1 : View List ['mbedtls_rsa_deduce_primes']	389	434	mbedtls_rsa_complete	call site: 00220	/src/mbedtls/library/rsa.c:782
322	322	9 : View List ['mbedtls_ssl_tls13_write_early_data_ext', 'ssl_tls13_write_cookie_ext', 'ssl_tls13_write_key_share_ext.2287', 'ssl_tls13_early_data_has_valid_ticket', 'mbedtls_ssl_tls13_write_record_size_limit_ext', 'ssl_tls13_write_supported_versions_ext', 'ssl_tls13_write_psk_key_exchange_modes_ext', 'mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled', 'mbedtls_ssl_conf_tls13_is_some_psk_enabled']	322	322	mbedtls_ssl_tls13_write_client_hello_exts	call site: 01828	/src/mbedtls/library/ssl_tls13_client.c:1146
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 01846	/src/mbedtls/library/entropy.c:389
206	206	1 : View List ['mbedtls_mpi_mod_mpi']	206	206	ecp_modp	call site: 00618	/src/mbedtls/library/ecp.c:1003
131	131	1 : View List ['ecp_check_pubkey_mx']	131	131	mbedtls_ecp_check_pubkey	call site: 00674	/src/mbedtls/library/ecp.c:3036

Runtime coverage analysis

Covered functions

316

Functions that are reachable but not covered

1144

Reachable functions

1443

Percentage of reachable functions covered

20.72%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_client.c	1
library/x509_crt.c	50
library/platform.c	3
library/asn1parse.c	15
library/pk.c	20
library/platform_util.c	4
include/mbedtls/error.h	1
library/x509.c	32
library/oid.c	20
library/pkparse.c	7
include/mbedtls/pk.h	2
library/rsa.c	26
library/bignum.c	50
library/bignum_core.c	36
library/rsa_alt_helpers.c	5
library/constant_time_impl.h	18
library/constant_time.c	4
library/pk_ecc.c	2
library/pk_internal.h	3
library/ecp_curves.c	6
library/ecp.c	77
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	13
library/md.c	15
library/md5.c	8
library/ripemd160.c	8
library/sha1.c	8
library/sha256.c	9
library/sha512.c	10
library/sha3.c	8
library/aes.c	9
library/aesni.c	8
programs/fuzz/common.c	6
library/ssl_tls.c	117
library/ctr_drbg.c	10
library/entropy.c	8
library/entropy_poll.c	3
library/ctr.h	1
library/ssl_misc.h	53
library/ssl_ciphersuites.c	8
library/debug.c	11
library/ssl_msg.c	86
library/cipher.c	17
library/dhm.c	15
library/ecdh.c	22
library/ecjpake.c	21
library/psa_crypto.c	99
include/psa/crypto_values.h	2
library/psa_crypto_slot_management.c	22
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
include/psa/crypto_extra.h	2
framework/tests/src/drivers/platform_builtin_keys.c	1
include/psa/crypto_struct.h	12
build/library/psa_crypto_driver_wrappers_no_static.c	3
library/psa_crypto_storage.c	15
library/psa_its_file.c	6
library/psa_crypto_se.c	9
library/psa_crypto_storage.h	1
include/mbedtls/cipher.h	8
library/nist_kw.c	4
library/gcm.c	10
library/ccm.c	13
library/chachapoly.c	9
library/poly1305.c	6
library/chacha20.c	5
include/mbedtls/ssl.h	2
build/library/ssl_debug_helpers_generated.c	3
library/ssl_client.c	8
library/ssl_tls13_client.c	57
library/ssl_tls13_generic.c	33
build/library/psa_crypto_driver_wrappers.h	16
library/psa_crypto_random_impl.h	3
library/psa_util.c	5
library/psa_crypto_rsa.c	7
library/asn1write.c	6
library/psa_crypto_ecp.c	7
library/psa_crypto_ffdh.c	5
library/ssl_tls12_client.c	35
include/mbedtls/md.h	1
include/mbedtls/psa_util.h	2
library/ssl_tls13_keys.c	27
library/psa_crypto_hash.c	5
library/psa_crypto_mac.c	13
library/psa_crypto_cipher.c	3
library/cmac.c	6
library/psa_crypto_client.c	1
library/bignum_core.h	1
library/ssl_ciphersuites_internal.h	7
library/ssl_tls13_server.c	53
library/ssl_tls12_server.c	42

Fuzzer: fuzz_x509crt

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	363	33.0%
gold	[1:9]	45	4.09%
yellow	[10:29]	16	1.45%
greenyellow	[30:49]	3	0.27%
lawngreen	50+	673	61.1%
All colors	1100	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1524	1524	4 : View List ['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']	1524	1544	mbedtls_pem_read_buffer	call site: 00865	/src/mbedtls/library/pem.c:430
389	389	1 : View List ['mbedtls_rsa_deduce_primes']	389	434	mbedtls_rsa_complete	call site: 00220	/src/mbedtls/library/rsa.c:782
65	65	1 : View List ['mbedtls_mpi_core_exp_mod_unsafe']	76	198	mbedtls_mpi_exp_mod_optionally_safe	call site: 00346	/src/mbedtls/library/bignum.c:1703
0	206	1 : View List ['mbedtls_mpi_mod_mpi']	76	511	mbedtls_mpi_exp_mod_optionally_safe	call site: 00342	/src/mbedtls/library/bignum.c:1692
0	206	1 : View List ['mbedtls_mpi_mod_mpi']	0	206	ecp_modp	call site: 00618	/src/mbedtls/library/ecp.c:1003
0	72	2 : View List ['mbedtls_mpi_mul_mpi', 'mbedtls_mpi_size']	692	809	mbedtls_rsa_complete	call site: 00205	/src/mbedtls/library/rsa.c:769
0	27	1 : View List ['mbedtls_mpi_copy']	0	105	mbedtls_mpi_mul_mpi	call site: 00209	/src/mbedtls/library/bignum.c:1206
0	23	1 : View List ['mbedtls_mpi_lset']	0	23	mbedtls_mpi_exp_mod_optionally_safe	call site: 00279	/src/mbedtls/library/bignum.c:1640
0	18	1 : View List ['mbedtls_mpi_grow']	0	18	mbedtls_mpi_shrink	call site: 00336	/src/mbedtls/library/bignum.c:250
0	6	1 : View List ['mbedtls_mpi_core_bitlen']	0	6	exp_mod_calc_first_bit_optionally_safe	call site: 00356	/src/mbedtls/library/bignum_core.c:767
0	0	None	76	572	mbedtls_mpi_exp_mod_optionally_safe	call site: 00284	/src/mbedtls/library/bignum.c:1660
0	0	None	76	554	mbedtls_mpi_exp_mod_optionally_safe	call site: 00285	/src/mbedtls/library/bignum.c:1663

Runtime coverage analysis

Covered functions

244

Functions that are reachable but not covered

94

Reachable functions

309

Percentage of reachable functions covered

69.58%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_x509crt.c	1
library/x509_crt.c	18
library/platform.c	2
library/asn1parse.c	15
library/pk.c	6
library/platform_util.c	2
include/mbedtls/error.h	1
library/x509.c	30
library/oid.c	20
library/pkparse.c	7
include/mbedtls/pk.h	1
library/rsa.c	5
library/bignum.c	37
library/bignum_core.c	29
library/rsa_alt_helpers.c	3
library/constant_time_impl.h	8
library/constant_time.c	1
library/pk_ecc.c	2
library/pk_internal.h	2
library/ecp_curves.c	6
library/ecp.c	20
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	12
library/md.c	7
library/md5.c	6
library/ripemd160.c	6
library/sha1.c	6
library/sha256.c	7
library/sha512.c	8
library/sha3.c	6
library/aes.c	9
library/aesni.c	7
library/asn1write.c	2

Fuzzer: usepsa-fuzz_x509crt

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	1143	92.1%
gold	[1:9]	93	7.5%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	1	0.08%
lawngreen	50+	3	0.24%
All colors	1240	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 00064	/src/mbedtls/library/entropy.c:389
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 00035	/src/mbedtls/library/ctr_drbg.c:469
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 00063	/src/mbedtls/library/entropy.c:308
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	15	mbedtls_md_free	call site: 00191	/src/mbedtls/library/md.c:325
6	11	3 : View List ['mbedtls_platform_zeroize', 'fread', 'fclose']	6	11	mbedtls_platform_std_nv_seed_read	call site: 00000	/src/mbedtls/library/platform.c:298
0	630	1 : View List ['mbedtls_psa_crypto_init_subsystem']	0	696	psa_crypto_init	call site: 00259	/src/mbedtls/library/psa_crypto.c:8472
0	35	2 : View List ['mbedtls_calloc', 'mbedtls_md_free']	0	35	mbedtls_md_setup	call site: 00180	/src/mbedtls/library/md.c:497
0	0	None	34	42	psa_wipe_all_key_slots	call site: 00264	/src/mbedtls/library/psa_crypto_slot_management.c:475
0	0	None	32	32	psa_init_all_se_drivers	call site: 00006	/src/mbedtls/library/psa_crypto_se.c:264
0	0	None	10	59	mbedtls_x509_crt_free	call site: 00302	/src/mbedtls/library/x509_crt.c:3248
0	0	None	0	113	mbedtls_ctr_drbg_seed	call site: 00026	/src/mbedtls/library/ctr_drbg.c:562
0	0	None	0	72	mbedtls_psa_crypto_free	call site: 00261	/src/mbedtls/library/psa_crypto.c:8251

Runtime coverage analysis

Covered functions

73

Functions that are reachable but not covered

308

Reachable functions

368

Percentage of reachable functions covered

16.3%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_x509crt.c	1
library/x509_crt.c	18
library/psa_crypto.c	11
build-usepsa/library/psa_crypto_driver_wrappers.h	2
library/psa_crypto_se.c	5
library/psa_its_file.c	5
library/psa_crypto_slot_management.c	5
library/platform.c	2
library/psa_crypto_random_impl.h	3
library/ctr_drbg.c	7
library/aes.c	9
library/aesni.c	7
library/platform_util.c	2
library/ctr.h	1
library/entropy.c	5
library/md.c	8
library/md5.c	7
library/ripemd160.c	7
library/sha1.c	7
library/sha256.c	8
library/sha512.c	9
library/sha3.c	7
library/psa_crypto_storage.c	2
library/asn1parse.c	15
library/pk.c	6
include/mbedtls/error.h	1
library/x509.c	30
library/oid.c	20
library/pkparse.c	7
include/mbedtls/pk.h	1
library/rsa.c	5
library/bignum.c	37
library/bignum_core.c	29
library/rsa_alt_helpers.c	2
library/constant_time_impl.h	8
library/constant_time.c	1
library/pk_ecc.c	2
library/pk_internal.h	2
library/ecp_curves.c	6
library/ecp.c	20
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	12
library/asn1write.c	2

Fuzzer: usepsa-fuzz_dtlsclient

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	7072	94.9%
gold	[1:9]	347	4.65%
yellow	[10:29]	13	0.17%
greenyellow	[30:49]	2	0.02%
lawngreen	50+	14	0.18%
All colors	7448	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1524	1554	5 : View List ['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']	1524	1554	mbedtls_pem_read_buffer	call site: 00849	/src/mbedtls/library/pem.c:428
674	745	3 : View List ['mbedtls_platform_zeroize', 'mbedtls_md_free', 'mbedtls_cipher_free']	674	745	mbedtls_ssl_transform_free	call site: 01280	/src/mbedtls/library/ssl_msg.c:6208
600	600	1 : View List ['pk_ecc_group_id_from_specified']	600	827	pk_use_ecparams	call site: 00549	/src/mbedtls/library/pkparse.c:394
537	537	1 : View List ['mbedtls_ssl_handshake_free']	605	734	mbedtls_ssl_free	call site: 07431	/src/mbedtls/library/ssl_tls.c:5550
389	389	1 : View List ['mbedtls_rsa_deduce_primes']	389	434	mbedtls_rsa_complete	call site: 00217	/src/mbedtls/library/rsa.c:782
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 01106	/src/mbedtls/library/entropy.c:389
206	206	1 : View List ['mbedtls_mpi_mod_mpi']	206	206	ecp_modp	call site: 00602	/src/mbedtls/library/ecp.c:1003
131	131	1 : View List ['ecp_check_pubkey_mx']	131	131	mbedtls_ecp_check_pubkey	call site: 00658	/src/mbedtls/library/ecp.c:3036
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 01085	/src/mbedtls/library/ctr_drbg.c:469
104	108	3 : View List ['mbedtls_calloc', 'mbedtls_free', 'mbedtls_x509_get_rsassa_pss_params']	104	108	mbedtls_x509_get_sig_alg	call site: 00059	/src/mbedtls/library/x509.c:733
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 01105	/src/mbedtls/library/entropy.c:308
83	107	3 : View List ['mbedtls_asn1_get_tag', 'mbedtls_x509_get_subject_alt_name_ext', 'mbedtls_error_add.689']	83	107	x509_get_authority_key_id	call site: 00746	/src/mbedtls/library/x509_crt.c:654

Runtime coverage analysis

Covered functions

198

Functions that are reachable but not covered

1429

Reachable functions

1614

Percentage of reachable functions covered

11.46%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_dtlsclient.c	1
library/x509_crt.c	50
library/platform.c	3
library/asn1parse.c	15
library/pk.c	21
library/platform_util.c	4
include/mbedtls/error.h	1
library/x509.c	32
library/oid.c	21
library/pkparse.c	7
include/mbedtls/pk.h	2
library/rsa.c	34
library/bignum.c	50
library/bignum_core.c	36
library/rsa_alt_helpers.c	4
library/constant_time_impl.h	16
library/constant_time.c	3
library/pk_ecc.c	2
library/pk_internal.h	3
library/ecp_curves.c	6
library/ecp.c	77
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	13
library/md.c	14
library/md5.c	8
library/ripemd160.c	8
library/sha1.c	8
library/sha256.c	9
library/sha512.c	10
library/sha3.c	8
library/aes.c	9
library/aesni.c	8
programs/fuzz/common.c	7
library/ssl_tls.c	113
library/ctr_drbg.c	10
library/entropy.c	8
library/entropy_poll.c	3
library/psa_crypto.c	145
build-usepsa/library/psa_crypto_driver_wrappers.h	37
library/psa_crypto_se.c	9
library/psa_its_file.c	6
library/psa_crypto_slot_management.c	22
library/psa_crypto_random_impl.h	3
library/ctr.h	1
library/psa_crypto_storage.c	15
library/ssl_misc.h	53
library/ssl_ciphersuites.c	10
library/debug.c	9
library/ssl_msg.c	87
include/psa/crypto_values.h	2
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
include/psa/crypto_extra.h	5
framework/tests/src/drivers/platform_builtin_keys.c	1
include/psa/crypto_struct.h	15
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c	3
library/psa_crypto_storage.h	1
library/psa_crypto_hash.c	6
library/dhm.c	15
library/psa_crypto_pake.c	9
library/ecjpake.c	20
library/psa_util.c	6
library/timing.c	3
library/psa_crypto_client.c	1
library/psa_crypto_mac.c	15
library/cipher.c	11
library/psa_crypto_cipher.c	11
include/mbedtls/cipher.h	6
library/cmac.c	6
library/psa_crypto_ffdh.c	5
library/psa_crypto_ecp.c	10
library/psa_crypto_rsa.c	11
library/asn1write.c	6
library/gcm.c	16
library/ccm.c	16
library/chachapoly.c	12
library/poly1305.c	8
library/chacha20.c	8
library/psa_crypto_aead.c	5
include/mbedtls/ssl.h	2
build-usepsa/library/ssl_debug_helpers_generated.c	3
library/ssl_client.c	8
library/ssl_tls13_client.c	57
library/ssl_tls13_generic.c	33
library/ssl_tls12_client.c	35
include/mbedtls/md.h	1
include/mbedtls/psa_util.h	2
library/ssl_tls13_keys.c	27
library/ecdh.c	12
3rdparty/everest/library/everest.c	4
3rdparty/everest/library/x25519.c	4
3rdparty/everest/library/Hacl_Curve25519.c	38
3rdparty/everest/include/everest/kremlin/c_endianness.h	2
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h	1
3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c	2
library/ecdsa.c	14
library/bignum_core.h	1
library/hmac_drbg.c	8
library/pk_wrap.c	1
library/ssl_ciphersuites_internal.h	7
library/ssl_tls13_server.c	54
library/ssl_tls12_server.c	43

Fuzzer: usepsa-fuzz_server

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	7590	98.2%
gold	[1:9]	0	0.0%
yellow	[10:29]	113	1.46%
greenyellow	[30:49]	16	0.20%
lawngreen	50+	5	0.06%
All colors	7724	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
674	745	3 : View List ['mbedtls_platform_zeroize', 'mbedtls_md_free', 'mbedtls_cipher_free']	674	745	mbedtls_ssl_transform_free	call site: 02570	/src/mbedtls/library/ssl_msg.c:6208
537	537	1 : View List ['mbedtls_ssl_handshake_free']	615	734	mbedtls_ssl_free	call site: 07707	/src/mbedtls/library/ssl_tls.c:5550
512	512	11 : View List ['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']	512	512	psa_destroy_key	call site: 01931	/src/mbedtls/library/psa_crypto.c:1286
276	276	1 : View List ['mbedtls_entropy_update_manual']	276	276	mbedtls_entropy_update_nv_seed	call site: 00082	/src/mbedtls/library/entropy.c:389
120	125	3 : View List ['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']	120	125	mbedtls_ctr_drbg_reseed_internal	call site: 00053	/src/mbedtls/library/ctr_drbg.c:469
94	841	9 : View List ['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']	94	846	mbedtls_entropy_func	call site: 00081	/src/mbedtls/library/entropy.c:308
33	33	1 : View List ['mbedtls_ssl_session_free']	45	64	mbedtls_ssl_free	call site: 07715	/src/mbedtls/library/ssl_tls.c:5568
12	12	2 : View List ['mbedtls_zeroize_and_free', 'strlen']	12	29	mbedtls_ssl_free	call site: 07717	/src/mbedtls/library/ssl_tls.c:5574
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	20	mbedtls_ssl_config_free	call site: 07696	/src/mbedtls/library/ssl_tls.c:6080
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	15	mbedtls_md_free	call site: 00209	/src/mbedtls/library/md.c:325
10	10	1 : View List ['mbedtls_zeroize_and_free']	10	10	mbedtls_mpi_free	call site: 00473	/src/mbedtls/library/bignum.c:197
6	11	3 : View List ['mbedtls_platform_zeroize', 'fread', 'fclose']	6	11	mbedtls_platform_std_nv_seed_read	call site: 00000	/src/mbedtls/library/platform.c:298

Runtime coverage analysis

Covered functions

86

Functions that are reachable but not covered

1585

Reachable functions

1664

Percentage of reachable functions covered

4.75%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_server.c	1
library/ctr_drbg.c	10
library/aes.c	9
library/entropy.c	8
library/md.c	14
library/entropy_poll.c	3
library/x509_crt.c	50
library/pk.c	22
library/ssl_tls.c	130
library/ssl_ticket.c	9
library/psa_crypto.c	145
build-usepsa/library/psa_crypto_driver_wrappers.h	37
library/psa_crypto_se.c	9
library/psa_its_file.c	6
library/psa_crypto_slot_management.c	22
library/platform.c	3
library/psa_crypto_random_impl.h	3
library/aesni.c	8
library/platform_util.c	4
library/ctr.h	1
library/md5.c	8
library/ripemd160.c	8
library/sha1.c	8
library/sha256.c	9
library/sha512.c	10
library/sha3.c	8
library/psa_crypto_storage.c	15
programs/fuzz/common.c	6
library/asn1parse.c	15
include/mbedtls/error.h	1
library/x509.c	32
library/oid.c	27
library/pkparse.c	14
include/mbedtls/pk.h	2
library/rsa.c	34
library/bignum.c	50
library/bignum_core.c	36
library/rsa_alt_helpers.c	4
library/constant_time_impl.h	16
library/constant_time.c	3
library/pk_ecc.c	4
library/pk_internal.h	3
library/ecp_curves.c	6
library/ecp.c	77
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	13
library/psa_util.c	6
include/psa/crypto_struct.h	15
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
library/psa_crypto_storage.h	1
library/psa_crypto_ffdh.c	5
library/psa_crypto_ecp.c	10
library/psa_crypto_rsa.c	11
library/asn1write.c	6
include/psa/crypto_values.h	2
include/psa/crypto_extra.h	5
framework/tests/src/drivers/platform_builtin_keys.c	1
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c	3
library/pkcs12.c	6
library/cipher.c	14
include/mbedtls/cipher.h	6
include/mbedtls/md.h	1
library/psa_crypto_cipher.c	11
library/chacha20.c	8
library/gcm.c	16
library/ccm.c	16
library/chachapoly.c	12
library/poly1305.c	8
library/pkcs5.c	4
library/ssl_misc.h	53
library/ssl_ciphersuites.c	10
library/psa_crypto_aead.c	5
include/mbedtls/ssl.h	3
library/debug.c	9
library/ssl_msg.c	87
library/psa_crypto_hash.c	6
library/dhm.c	15
library/psa_crypto_pake.c	9
library/ecjpake.c	20
library/psa_crypto_client.c	1
library/psa_crypto_mac.c	15
library/cmac.c	6
build-usepsa/library/ssl_debug_helpers_generated.c	3
library/ssl_client.c	8
library/ssl_tls13_client.c	57
library/ssl_tls13_generic.c	33
library/ssl_tls12_client.c	35
include/mbedtls/psa_util.h	2
library/ssl_tls13_keys.c	27
library/ecdh.c	12
3rdparty/everest/library/everest.c	4
3rdparty/everest/library/x25519.c	4
3rdparty/everest/library/Hacl_Curve25519.c	38
3rdparty/everest/include/everest/kremlin/c_endianness.h	2
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h	1
3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c	2
library/ecdsa.c	14
library/bignum_core.h	1
library/hmac_drbg.c	8
library/pk_wrap.c	1
library/ssl_ciphersuites_internal.h	7
library/ssl_tls13_server.c	54
library/ssl_tls12_server.c	43

Fuzzer: fuzz_dtlsclient

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	4445	65.8%
gold	[1:9]	234	3.46%
yellow	[10:29]	98	1.45%
greenyellow	[30:49]	59	0.87%
lawngreen	50+	1919	28.4%
All colors	6755	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
14220	14220	2 : View List ['mbedtls_ssl_tls13_handshake_server_step', 'mbedtls_ssl_handshake_server_step']	14220	15031	mbedtls_ssl_handshake_step	call site: 04873	/src/mbedtls/library/ssl_tls.c:4555
8464	8464	1 : View List ['mbedtls_ssl_tls13_handshake_client_step']	22684	23495	mbedtls_ssl_handshake_step	call site: 01764	/src/mbedtls/library/ssl_tls.c:4540
6298	6298	4 : View List ['mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext', 'mbedtls_ssl_finish_handshake_msg', 'mbedtls_ssl_tls13_finalize_client_hello', 'mbedtls_ssl_add_hs_hdr_to_checksum']	6298	6397	mbedtls_ssl_write_client_hello	call site: 01783	/src/mbedtls/library/ssl_client.c:933
3165	3165	1 : View List ['mbedtls_ssl_tls13_write_client_hello_exts']	3270	4810	ssl_write_client_hello_body	call site: 01815	/src/mbedtls/library/ssl_client.c:596
2378	2378	2 : View List ['mbedtls_ecjpake_derive_secret', 'mbedtls_ecjpake_write_round_two']	2378	2425	ssl_write_client_key_exchange	call site: 05498	/src/mbedtls/library/ssl_tls12_client.c:3146
2065	2978	9 : View List ['mbedtls_pk_can_do', 'mbedtls_debug_print_ret', 'mbedtls_x509_crt_verify_with_ca_cb', 'mbedtls_x509_crt_verify_restartable', 'mbedtls_ssl_check_curve', 'mbedtls_debug_print_msg', 'mbedtls_ssl_check_cert_usage', 'mbedtls_ssl_send_alert_message', 'mbedtls_pk_get_ec_group_id']	2065	2978	mbedtls_ssl_verify_certificate	call site: 04347	/src/mbedtls/library/ssl_tls.c:9793
1524	1554	5 : View List ['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']	1524	1554	mbedtls_pem_read_buffer	call site: 00865	/src/mbedtls/library/pem.c:428
1469	2517	6 : View List ['mbedtls_ecdh_make_public', 'mbedtls_dhm_get_len', 'mbedtls_ssl_conf_has_static_psk', 'mbedtls_debug_printf_ecdh', 'mbedtls_ssl_psk_derive_premaster', 'mbedtls_dhm_make_public']	1469	2628	ssl_write_client_key_exchange	call site: 05467	/src/mbedtls/library/ssl_tls12_client.c:3023
859	1727	5 : View List ['ssl_double_retransmit_timeout', 'mbedtls_debug_print_ret', 'mbedtls_ssl_set_timer', 'mbedtls_ssl_resend_hello_request', 'mbedtls_ssl_resend']	859	1757	mbedtls_ssl_fetch_input	call site: 03453	/src/mbedtls/library/ssl_msg.c:2256
512	512	11 : View List ['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']	512	512	psa_destroy_key	call site: 01254	/src/mbedtls/library/psa_crypto.c:1286
492	555	2 : View List ['mbedtls_dhm_calc_secret', 'mbedtls_debug_print_mpi']	917	1017	ssl_write_client_key_exchange	call site: 05401	/src/mbedtls/library/ssl_tls12_client.c:2717
441	441	1 : View List ['ecp_mul_mxz']	441	1117	ecp_mul_restartable_internal	call site: 02439	/src/mbedtls/library/ecp.c:2667

Runtime coverage analysis

Covered functions

779

Functions that are reachable but not covered

779

Reachable functions

1442

Percentage of reachable functions covered

45.98%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
programs/fuzz/fuzz_dtlsclient.c	1
library/x509_crt.c	50
library/platform.c	3
library/asn1parse.c	15
library/pk.c	20
library/platform_util.c	4
include/mbedtls/error.h	1
library/x509.c	32
library/oid.c	20
library/pkparse.c	7
include/mbedtls/pk.h	2
library/rsa.c	26
library/bignum.c	50
library/bignum_core.c	36
library/rsa_alt_helpers.c	5
library/constant_time_impl.h	18
library/constant_time.c	4
library/pk_ecc.c	2
library/pk_internal.h	3
library/ecp_curves.c	6
library/ecp.c	77
include/mbedtls/ecp.h	1
library/pem.c	9
library/base64.c	2
library/des.c	13
library/md.c	15
library/md5.c	8
library/ripemd160.c	8
library/sha1.c	8
library/sha256.c	9
library/sha512.c	10
library/sha3.c	8
library/aes.c	9
library/aesni.c	8
programs/fuzz/common.c	7
library/ssl_tls.c	111
library/ctr_drbg.c	10
library/entropy.c	8
library/entropy_poll.c	3
library/ctr.h	1
library/ssl_misc.h	53
library/ssl_ciphersuites.c	8
library/debug.c	11
library/ssl_msg.c	86
library/cipher.c	17
library/dhm.c	15
library/ecdh.c	22
library/ecjpake.c	21
library/psa_crypto.c	99
include/psa/crypto_values.h	2
library/psa_crypto_slot_management.c	22
library/psa_crypto_slot_management.h	4
library/psa_crypto_core.h	2
include/psa/crypto_extra.h	2
framework/tests/src/drivers/platform_builtin_keys.c	1
include/psa/crypto_struct.h	12
build/library/psa_crypto_driver_wrappers_no_static.c	3
library/psa_crypto_storage.c	15
library/psa_its_file.c	6
library/psa_crypto_se.c	9
library/psa_crypto_storage.h	1
library/timing.c	3
include/mbedtls/cipher.h	8
library/nist_kw.c	4
library/gcm.c	10
library/ccm.c	13
library/chachapoly.c	9
library/poly1305.c	6
library/chacha20.c	5
include/mbedtls/ssl.h	2
build/library/ssl_debug_helpers_generated.c	3
library/ssl_client.c	8
library/ssl_tls13_client.c	57
library/ssl_tls13_generic.c	33
build/library/psa_crypto_driver_wrappers.h	16
library/psa_crypto_random_impl.h	3
library/psa_util.c	5
library/psa_crypto_rsa.c	7
library/asn1write.c	6
library/psa_crypto_ecp.c	7
library/psa_crypto_ffdh.c	5
library/ssl_tls12_client.c	35
include/mbedtls/md.h	1
include/mbedtls/psa_util.h	2
library/ssl_tls13_keys.c	27
library/psa_crypto_hash.c	5
library/psa_crypto_mac.c	13
library/psa_crypto_cipher.c	3
library/cmac.c	6
library/psa_crypto_client.c	1
library/bignum_core.h	1
library/ssl_ciphersuites_internal.h	7
library/ssl_tls13_server.c	53
library/ssl_tls12_server.c	42