Fuzz introspector
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues
Report generation date: 2025-03-01

Project overview: mbedtls

High level conclusions

Reachability and coverage overview

Functions statically reachable by fuzzers
67.0%
1732 / 2566
Cyclomatic complexity statically reachable by fuzzers
73.0%
12965 / 17694
Runtime code coverage of functions
37.0%
951 / 2566

Fuzzers overview

Fuzzer Fuzzer filename Functions Reached Functions unreached Fuzzer depth Files reached Basic blocks reached Cyclomatic complexity Details
usepsa-fuzz_privkey programs/fuzz/fuzz_privkey.c 585 1191 20 68 10536 4037 fuzz_privkey.c
fuzz_pubkey programs/fuzz/fuzz_pubkey.c 245 1438 13 32 4665 1525 fuzz_pubkey.c
usepsa-fuzz_x509crl programs/fuzz/fuzz_x509crl.c 205 1608 14 32 3872 1328 fuzz_x509crl.c
usepsa-fuzz_pubkey programs/fuzz/fuzz_pubkey.c 305 1464 14 42 5459 1925 fuzz_pubkey.c
fuzz_privkey programs/fuzz/fuzz_privkey.c 391 1299 17 47 7626 2675 fuzz_privkey.c
usepsa-fuzz_x509csr programs/fuzz/fuzz_x509csr.c 345 1469 16 45 6587 2332 fuzz_x509csr.c
fuzz_x509crl programs/fuzz/fuzz_x509crl.c 145 1582 8 22 3042 914 fuzz_x509crl.c
fuzz_x509csr programs/fuzz/fuzz_x509csr.c 286 1442 16 35 5812 1937 fuzz_x509csr.c
fuzz_pkcs7 programs/fuzz/fuzz_pkcs7.c 210 1598 19 24 3618 1470 fuzz_pkcs7.c
fuzz_dtlsserver programs/fuzz/fuzz_dtlsserver.c 1477 979 21 97 27806 11057 fuzz_dtlsserver.c
usepsa-fuzz_client programs/fuzz/fuzz_client.c 1615 924 29 103 29748 11994 fuzz_client.c
fuzz_server programs/fuzz/fuzz_server.c 1490 965 21 96 28123 11190 fuzz_server.c
usepsa-fuzz_pkcs7 programs/fuzz/fuzz_pkcs7.c 209 1685 19 24 3563 1451 fuzz_pkcs7.c
usepsa-fuzz_dtlsserver programs/fuzz/fuzz_dtlsserver.c 1651 899 26 107 30475 12308 fuzz_dtlsserver.c
fuzz_client programs/fuzz/fuzz_client.c 1443 1001 21 93 27115 10760 fuzz_client.c
fuzz_x509crt programs/fuzz/fuzz_x509crt.c 309 1472 17 35 6397 2164 fuzz_x509crt.c
usepsa-fuzz_x509crt programs/fuzz/fuzz_x509crt.c 368 1499 17 45 7172 2559 fuzz_x509crt.c
usepsa-fuzz_dtlsclient programs/fuzz/fuzz_dtlsclient.c 1614 930 29 104 29700 11974 fuzz_dtlsclient.c
usepsa-fuzz_server programs/fuzz/fuzz_server.c 1664 885 26 106 30797 12442 fuzz_server.c
fuzz_dtlsclient programs/fuzz/fuzz_dtlsclient.c 1442 1007 21 94 27070 10741 fuzz_dtlsclient.c

Fuzzer details

Fuzzer: usepsa-fuzz_privkey

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1929 94.9%
gold [1:9] 0 0.0%
yellow [10:29] 83 4.08%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 19 0.93%
All colors 2031 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 00078 /src/mbedtls/library/entropy.c:389
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 00049 /src/mbedtls/library/ctr_drbg.c:469
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 00077 /src/mbedtls/library/entropy.c:308
10 10 1 :

['mbedtls_zeroize_and_free']

10 15 mbedtls_md_free call site: 00205 /src/mbedtls/library/md.c:325
6 11 3 :

['mbedtls_platform_zeroize', 'fread', 'fclose']

6 11 mbedtls_platform_std_nv_seed_read call site: 00000 /src/mbedtls/library/platform.c:298
0 630 1 :

['mbedtls_psa_crypto_init_subsystem']

0 696 psa_crypto_init call site: 00273 /src/mbedtls/library/psa_crypto.c:8472
0 35 2 :

['mbedtls_calloc', 'mbedtls_md_free']

0 35 mbedtls_md_setup call site: 00194 /src/mbedtls/library/md.c:497
0 0 None 34 42 psa_wipe_all_key_slots call site: 00278 /src/mbedtls/library/psa_crypto_slot_management.c:475
0 0 None 32 32 psa_init_all_se_drivers call site: 00021 /src/mbedtls/library/psa_crypto_se.c:264
0 0 None 0 113 mbedtls_ctr_drbg_seed call site: 00040 /src/mbedtls/library/ctr_drbg.c:562
0 0 None 0 72 mbedtls_psa_crypto_free call site: 00275 /src/mbedtls/library/psa_crypto.c:8251
0 0 None 0 66 psa_crypto_init call site: 00019 /src/mbedtls/library/psa_crypto.c:8462

Runtime coverage analysis

Covered functions
70
Functions that are reachable but not covered
522
Reachable functions
585
Percentage of reachable functions covered
10.77%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_privkey.c 1
library/ctr_drbg.c 10
library/aes.c 9
library/entropy.c 8
library/md.c 13
library/entropy_poll.c 3
library/pk.c 5
library/psa_crypto.c 48
build-usepsa/library/psa_crypto_driver_wrappers.h 10
library/psa_crypto_se.c 9
library/psa_its_file.c 6
library/psa_crypto_slot_management.c 22
library/platform.c 2
library/psa_crypto_random_impl.h 3
library/aesni.c 8
library/platform_util.c 2
library/ctr.h 1
library/md5.c 7
library/ripemd160.c 7
library/sha1.c 7
library/sha256.c 8
library/sha512.c 9
library/sha3.c 7
library/psa_crypto_storage.c 15
programs/fuzz/common.c 2
library/pkparse.c 13
library/pem.c 9
library/base64.c 2
library/constant_time_impl.h 14
include/mbedtls/error.h 1
library/des.c 12
include/mbedtls/pk.h 2
library/rsa.c 15
library/bignum.c 42
library/asn1parse.c 8
library/bignum_core.c 36
library/rsa_alt_helpers.c 3
library/constant_time.c 1
library/oid.c 12
library/ecp.c 60
include/mbedtls/ecp.h 1
library/ecp_curves.c 6
library/pk_ecc.c 4
library/pk_internal.h 2
library/psa_util.c 5
include/psa/crypto_struct.h 10
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
library/psa_crypto_storage.h 1
library/psa_crypto_ffdh.c 3
library/psa_crypto_ecp.c 5
library/psa_crypto_rsa.c 5
library/asn1write.c 6
include/psa/crypto_values.h 2
include/psa/crypto_extra.h 1
framework/tests/src/drivers/platform_builtin_keys.c 1
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c 3
library/pkcs12.c 6
library/cipher.c 14
include/mbedtls/cipher.h 5
include/mbedtls/md.h 1
library/psa_crypto_cipher.c 11
library/chacha20.c 5
library/gcm.c 6
library/ccm.c 5
library/chachapoly.c 2
library/poly1305.c 3
library/pkcs5.c 4

Fuzzer: fuzz_pubkey

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 355 41.2%
gold [1:9] 23 2.67%
yellow [10:29] 33 3.83%
greenyellow [30:49] 9 1.04%
lawngreen 50+ 440 51.1%
All colors 860 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1524 1524 4 :

['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']

1524 1544 mbedtls_pem_read_buffer call site: 00036 /src/mbedtls/library/pem.c:430
389 389 1 :

['mbedtls_rsa_deduce_primes']

389 434 mbedtls_rsa_complete call site: 00282 /src/mbedtls/library/rsa.c:782
65 65 1 :

['mbedtls_mpi_core_exp_mod_unsafe']

76 198 mbedtls_mpi_exp_mod_optionally_safe call site: 00408 /src/mbedtls/library/bignum.c:1703
0 206 1 :

['mbedtls_mpi_mod_mpi']

76 511 mbedtls_mpi_exp_mod_optionally_safe call site: 00404 /src/mbedtls/library/bignum.c:1692
0 72 2 :

['mbedtls_mpi_mul_mpi', 'mbedtls_mpi_size']

692 809 mbedtls_rsa_complete call site: 00267 /src/mbedtls/library/rsa.c:769
0 27 1 :

['mbedtls_mpi_copy']

0 105 mbedtls_mpi_mul_mpi call site: 00271 /src/mbedtls/library/bignum.c:1206
0 23 1 :

['mbedtls_mpi_lset']

0 111 mbedtls_mpi_div_mpi call site: 00356 /src/mbedtls/library/bignum.c:1419
0 23 1 :

['mbedtls_mpi_lset']

0 23 mbedtls_mpi_exp_mod_optionally_safe call site: 00341 /src/mbedtls/library/bignum.c:1640
0 18 1 :

['mbedtls_mpi_grow']

0 18 mbedtls_mpi_shrink call site: 00398 /src/mbedtls/library/bignum.c:250
0 6 1 :

['mbedtls_mpi_core_bitlen']

0 6 exp_mod_calc_first_bit_optionally_safe call site: 00418 /src/mbedtls/library/bignum_core.c:767
0 0 None 282 282 mbedtls_rsa_export_crt call site: 00828 /src/mbedtls/library/rsa.c:929
0 0 None 76 572 mbedtls_mpi_exp_mod_optionally_safe call site: 00346 /src/mbedtls/library/bignum.c:1660

Runtime coverage analysis

Covered functions
175
Functions that are reachable but not covered
96
Reachable functions
245
Percentage of reachable functions covered
60.82%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_pubkey.c 1
library/pk.c 5
library/pkparse.c 8
library/pem.c 9
library/base64.c 2
library/constant_time_impl.h 8
include/mbedtls/error.h 1
library/platform.c 2
library/platform_util.c 2
library/des.c 12
library/md.c 7
library/md5.c 6
library/ripemd160.c 6
library/sha1.c 6
library/sha256.c 7
library/sha512.c 8
library/sha3.c 6
library/aes.c 9
library/aesni.c 7
include/mbedtls/pk.h 2
library/rsa.c 7
library/asn1parse.c 7
library/bignum.c 37
library/bignum_core.c 29
library/rsa_alt_helpers.c 3
library/constant_time.c 1
library/oid.c 6
library/pk_ecc.c 2
library/pk_internal.h 2
library/ecp_curves.c 6
library/ecp.c 25
include/mbedtls/ecp.h 1

Fuzzer: usepsa-fuzz_x509crl

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 486 84.3%
gold [1:9] 86 14.9%
yellow [10:29] 0 0.0%
greenyellow [30:49] 1 0.17%
lawngreen 50+ 3 0.52%
All colors 576 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 00064 /src/mbedtls/library/entropy.c:389
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 00035 /src/mbedtls/library/ctr_drbg.c:469
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 00063 /src/mbedtls/library/entropy.c:308
10 10 1 :

['mbedtls_zeroize_and_free']

10 15 mbedtls_md_free call site: 00191 /src/mbedtls/library/md.c:325
6 11 3 :

['mbedtls_platform_zeroize', 'fread', 'fclose']

6 11 mbedtls_platform_std_nv_seed_read call site: 00000 /src/mbedtls/library/platform.c:298
0 630 1 :

['mbedtls_psa_crypto_init_subsystem']

0 696 psa_crypto_init call site: 00259 /src/mbedtls/library/psa_crypto.c:8472
0 35 2 :

['mbedtls_calloc', 'mbedtls_md_free']

0 35 mbedtls_md_setup call site: 00180 /src/mbedtls/library/md.c:497
0 0 None 34 42 psa_wipe_all_key_slots call site: 00264 /src/mbedtls/library/psa_crypto_slot_management.c:475
0 0 None 32 32 psa_init_all_se_drivers call site: 00006 /src/mbedtls/library/psa_crypto_se.c:264
0 0 None 20 34 mbedtls_x509_crl_free call site: 00381 /src/mbedtls/library/x509_crl.c:699
0 0 None 0 113 mbedtls_ctr_drbg_seed call site: 00026 /src/mbedtls/library/ctr_drbg.c:562
0 0 None 0 72 mbedtls_psa_crypto_free call site: 00261 /src/mbedtls/library/psa_crypto.c:8251

Runtime coverage analysis

Covered functions
71
Functions that are reachable but not covered
147
Reachable functions
205
Percentage of reachable functions covered
28.29%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_x509crl.c 1
library/x509_crl.c 9
library/psa_crypto.c 11
build-usepsa/library/psa_crypto_driver_wrappers.h 2
library/psa_crypto_se.c 5
library/psa_its_file.c 5
library/psa_crypto_slot_management.c 5
library/platform.c 2
library/psa_crypto_random_impl.h 3
library/ctr_drbg.c 7
library/aes.c 9
library/aesni.c 7
library/platform_util.c 2
library/ctr.h 1
library/entropy.c 5
library/md.c 8
library/md5.c 7
library/ripemd160.c 7
library/sha1.c 7
library/sha256.c 8
library/sha512.c 9
library/sha3.c 7
library/psa_crypto_storage.c 2
library/pem.c 9
library/base64.c 2
library/constant_time_impl.h 2
include/mbedtls/error.h 1
library/des.c 12
library/asn1parse.c 9
library/x509.c 19
library/oid.c 8
library/asn1write.c 2

Fuzzer: usepsa-fuzz_pubkey

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 917 91.2%
gold [1:9] 84 8.35%
yellow [10:29] 0 0.0%
greenyellow [30:49] 1 0.09%
lawngreen 50+ 3 0.29%
All colors 1005 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 00064 /src/mbedtls/library/entropy.c:389
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 00035 /src/mbedtls/library/ctr_drbg.c:469
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 00063 /src/mbedtls/library/entropy.c:308
10 10 1 :

['mbedtls_zeroize_and_free']

10 15 mbedtls_md_free call site: 00191 /src/mbedtls/library/md.c:325
6 11 3 :

['mbedtls_platform_zeroize', 'fread', 'fclose']

6 11 mbedtls_platform_std_nv_seed_read call site: 00000 /src/mbedtls/library/platform.c:298
0 630 1 :

['mbedtls_psa_crypto_init_subsystem']

0 696 psa_crypto_init call site: 00259 /src/mbedtls/library/psa_crypto.c:8472
0 35 2 :

['mbedtls_calloc', 'mbedtls_md_free']

0 35 mbedtls_md_setup call site: 00180 /src/mbedtls/library/md.c:497
0 0 None 34 42 psa_wipe_all_key_slots call site: 00264 /src/mbedtls/library/psa_crypto_slot_management.c:475
0 0 None 32 32 psa_init_all_se_drivers call site: 00006 /src/mbedtls/library/psa_crypto_se.c:264
0 0 None 0 113 mbedtls_ctr_drbg_seed call site: 00026 /src/mbedtls/library/ctr_drbg.c:562
0 0 None 0 72 mbedtls_psa_crypto_free call site: 00261 /src/mbedtls/library/psa_crypto.c:8251
0 0 None 0 66 psa_crypto_init call site: 00004 /src/mbedtls/library/psa_crypto.c:8462

Runtime coverage analysis

Covered functions
70
Functions that are reachable but not covered
248
Reachable functions
305
Percentage of reachable functions covered
18.69%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_pubkey.c 1
library/pk.c 5
library/psa_crypto.c 11
build-usepsa/library/psa_crypto_driver_wrappers.h 2
library/psa_crypto_se.c 5
library/psa_its_file.c 5
library/psa_crypto_slot_management.c 5
library/platform.c 2
library/psa_crypto_random_impl.h 3
library/ctr_drbg.c 7
library/aes.c 9
library/aesni.c 7
library/platform_util.c 2
library/ctr.h 1
library/entropy.c 5
library/md.c 8
library/md5.c 7
library/ripemd160.c 7
library/sha1.c 7
library/sha256.c 8
library/sha512.c 9
library/sha3.c 7
library/psa_crypto_storage.c 2
library/pkparse.c 8
library/pem.c 9
library/base64.c 2
library/constant_time_impl.h 8
include/mbedtls/error.h 1
library/des.c 12
include/mbedtls/pk.h 2
library/rsa.c 7
library/asn1parse.c 7
library/bignum.c 37
library/bignum_core.c 29
library/rsa_alt_helpers.c 3
library/constant_time.c 1
library/oid.c 6
library/pk_ecc.c 2
library/pk_internal.h 2
library/ecp_curves.c 6
library/ecp.c 25
include/mbedtls/ecp.h 1

Fuzzer: fuzz_privkey

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 597 38.5%
gold [1:9] 39 2.51%
yellow [10:29] 85 5.49%
greenyellow [30:49] 32 2.06%
lawngreen 50+ 795 51.3%
All colors 1548 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
6040 8713 8 :

['mbedtls_asn1_get_tag', 'mbedtls_asn1_get_alg', 'mbedtls_error_add.1604', 'mbedtls_oid_get_pkcs12_pbe_alg', 'memcmp', 'mbedtls_pkcs12_pbe_ext', 'pk_parse_key_pkcs8_unencrypted_der', 'mbedtls_pkcs5_pbes2_ext']

6040 8713 mbedtls_pk_parse_key_pkcs8_encrypted_der call site: 01209 /src/mbedtls/library/pkparse.c:885
1524 1524 4 :

['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']

1524 1544 mbedtls_pem_read_buffer call site: 00089 /src/mbedtls/library/pem.c:430
389 389 1 :

['mbedtls_rsa_deduce_primes']

389 434 mbedtls_rsa_complete call site: 00337 /src/mbedtls/library/rsa.c:782
89 89 1 :

['mbedtls_ctr_drbg_reseed']

89 294 mbedtls_ctr_drbg_random_with_add call site: 01491 /src/mbedtls/library/ctr_drbg.c:632
65 65 1 :

['mbedtls_mpi_core_exp_mod_unsafe']

70 198 mbedtls_mpi_exp_mod_optionally_safe call site: 00463 /src/mbedtls/library/bignum.c:1703
16 16 2 :

['mbedtls_internal_aes_decrypt', 'mbedtls_internal_aes_encrypt']

16 16 mbedtls_aes_crypt_ecb call site: 00032 /src/mbedtls/library/aes.c:1038
0 3591 3 :

['mbedtls_calloc', 'mbedtls_zeroize_and_free', 'mbedtls_pk_parse_key_pkcs8_encrypted_der']

0 9405 mbedtls_pk_parse_key call site: 01470 /src/mbedtls/library/pkparse.c:1107
0 211 6 :

['mbedtls_mpi_set_bit', 'mbedtls_mpi_read_binary_le', 'mbedtls_mpi_read_binary', 'mbedtls_ecp_check_privkey', 'mbedtls_mpi_free', 'mbedtls_ecp_get_type']

0 211 mbedtls_ecp_read_key call site: 00832 /src/mbedtls/library/ecp.c:3265
0 206 1 :

['mbedtls_mpi_mod_mpi']

70 511 mbedtls_mpi_exp_mod_optionally_safe call site: 00459 /src/mbedtls/library/bignum.c:1692
0 73 3 :

['mbedtls_mpi_set_bit', 'mbedtls_mpi_read_binary_le', 'mbedtls_mpi_free']

0 616 mbedtls_ecp_point_read_binary call site: 00677 /src/mbedtls/library/ecp.c:782
0 72 2 :

['mbedtls_mpi_mul_mpi', 'mbedtls_mpi_size']

692 809 mbedtls_rsa_complete call site: 00323 /src/mbedtls/library/rsa.c:769
0 65 1 :

['block_cipher_df']

0 205 mbedtls_ctr_drbg_random_with_add call site: 01492 /src/mbedtls/library/ctr_drbg.c:640

Runtime coverage analysis

Covered functions
262
Functions that are reachable but not covered
160
Reachable functions
391
Percentage of reachable functions covered
59.08%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_privkey.c 1
library/ctr_drbg.c 10
library/aes.c 9
library/entropy.c 3
library/md.c 13
library/entropy_poll.c 3
library/pk.c 5
library/aesni.c 8
library/platform_util.c 2
library/ctr.h 1
programs/fuzz/common.c 2
library/pkparse.c 13
library/pem.c 9
library/base64.c 2
library/constant_time_impl.h 14
include/mbedtls/error.h 1
library/platform.c 2
library/des.c 12
library/md5.c 7
library/ripemd160.c 7
library/sha1.c 7
library/sha256.c 8
library/sha512.c 9
library/sha3.c 7
include/mbedtls/pk.h 2
library/rsa.c 9
library/bignum.c 40
library/asn1parse.c 8
library/bignum_core.c 34
library/rsa_alt_helpers.c 3
library/constant_time.c 1
library/oid.c 12
library/ecp.c 55
include/mbedtls/ecp.h 1
library/ecp_curves.c 6
library/pk_ecc.c 4
library/pk_internal.h 2
library/pkcs12.c 6
library/cipher.c 12
include/mbedtls/cipher.h 4
include/mbedtls/md.h 1
library/chacha20.c 5
library/gcm.c 6
library/ccm.c 5
library/chachapoly.c 2
library/poly1305.c 3
library/pkcs5.c 4

Fuzzer: usepsa-fuzz_x509csr

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1044 91.8%
gold [1:9] 89 7.82%
yellow [10:29] 0 0.0%
greenyellow [30:49] 1 0.08%
lawngreen 50+ 3 0.26%
All colors 1137 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 00064 /src/mbedtls/library/entropy.c:389
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 00035 /src/mbedtls/library/ctr_drbg.c:469
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 00063 /src/mbedtls/library/entropy.c:308
10 10 1 :

['mbedtls_zeroize_and_free']

10 15 mbedtls_md_free call site: 00191 /src/mbedtls/library/md.c:325
10 10 1 :

['mbedtls_zeroize_and_free']

10 15 mbedtls_x509_csr_free call site: 00388 /src/mbedtls/library/x509_csr.c:632
6 11 3 :

['mbedtls_platform_zeroize', 'fread', 'fclose']

6 11 mbedtls_platform_std_nv_seed_read call site: 00000 /src/mbedtls/library/platform.c:298
0 630 1 :

['mbedtls_psa_crypto_init_subsystem']

0 696 psa_crypto_init call site: 00259 /src/mbedtls/library/psa_crypto.c:8472
0 35 2 :

['mbedtls_calloc', 'mbedtls_md_free']

0 35 mbedtls_md_setup call site: 00180 /src/mbedtls/library/md.c:497
0 0 None 34 42 psa_wipe_all_key_slots call site: 00264 /src/mbedtls/library/psa_crypto_slot_management.c:475
0 0 None 32 32 psa_init_all_se_drivers call site: 00006 /src/mbedtls/library/psa_crypto_se.c:264
0 0 None 0 113 mbedtls_ctr_drbg_seed call site: 00026 /src/mbedtls/library/ctr_drbg.c:562
0 0 None 0 72 mbedtls_psa_crypto_free call site: 00261 /src/mbedtls/library/psa_crypto.c:8251

Runtime coverage analysis

Covered functions
73
Functions that are reachable but not covered
285
Reachable functions
345
Percentage of reachable functions covered
17.39%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_x509csr.c 1
library/x509_csr.c 9
library/psa_crypto.c 11
build-usepsa/library/psa_crypto_driver_wrappers.h 2
library/psa_crypto_se.c 5
library/psa_its_file.c 5
library/psa_crypto_slot_management.c 5
library/platform.c 2
library/psa_crypto_random_impl.h 3
library/ctr_drbg.c 7
library/aes.c 9
library/aesni.c 7
library/platform_util.c 2
library/ctr.h 1
library/entropy.c 5
library/md.c 8
library/md5.c 7
library/ripemd160.c 7
library/sha1.c 7
library/sha256.c 8
library/sha512.c 9
library/sha3.c 7
library/psa_crypto_storage.c 2
library/pem.c 9
library/base64.c 2
library/constant_time_impl.h 8
include/mbedtls/error.h 1
library/des.c 12
library/asn1parse.c 12
library/pk.c 6
library/x509.c 23
library/pkparse.c 7
library/oid.c 16
include/mbedtls/pk.h 1
library/rsa.c 5
library/bignum.c 37
library/bignum_core.c 29
library/rsa_alt_helpers.c 2
library/constant_time.c 1
library/pk_ecc.c 2
library/pk_internal.h 2
library/ecp_curves.c 6
library/ecp.c 20
include/mbedtls/ecp.h 1
library/asn1write.c 2

Fuzzer: fuzz_x509crl

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 194 46.1%
gold [1:9] 34 8.09%
yellow [10:29] 19 4.52%
greenyellow [30:49] 6 1.42%
lawngreen 50+ 167 39.7%
All colors 420 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1524 1524 4 :

['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']

1524 1544 mbedtls_pem_read_buffer call site: 00036 /src/mbedtls/library/pem.c:430
0 3 1 :

['mbedtls_error_add']

0 3 x509_get_crl_entry_ext call site: 00355 /src/mbedtls/library/x509_crl.c:204
0 0 None 4 52 mbedtls_x509_dn_gets call site: 00398 /src/mbedtls/library/x509.c:833
0 0 None 0 22 mbedtls_x509_sig_alg_gets call site: 00415 /src/mbedtls/library/x509.c:989
0 0 None 0 19 mbedtls_x509_crl_parse_der call site: 00221 /src/mbedtls/library/x509_crl.c:313
0 0 1 :

['mbedtls_error_add.4717']

0 10 mbedtls_pem_read_buffer call site: 00031 /src/mbedtls/library/pem.c:423
0 0 None 0 5 mbedtls_x509_get_name call site: 00318 /src/mbedtls/library/x509.c:533
0 0 None 0 5 mbedtls_x509_get_name call site: 00319 /src/mbedtls/library/x509.c:550
0 0 None 0 3 x509_get_crl_entry_ext call site: 00352 /src/mbedtls/library/x509_crl.c:190
0 0 None 0 0 mbedtls_asn1_write_len call site: 00403 /src/mbedtls/library/asn1write.c:27
0 0 None 0 0 mbedtls_asn1_write_len call site: 00403 /src/mbedtls/library/asn1write.c:34
0 0 None 0 0 mbedtls_asn1_write_len call site: 00403 /src/mbedtls/library/asn1write.c:40

Runtime coverage analysis

Covered functions
61
Functions that are reachable but not covered
84
Reachable functions
145
Percentage of reachable functions covered
42.07%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_x509crl.c 1
library/x509_crl.c 9
library/pem.c 9
library/base64.c 2
library/constant_time_impl.h 2
include/mbedtls/error.h 1
library/platform.c 2
library/platform_util.c 2
library/des.c 12
library/md.c 7
library/md5.c 6
library/ripemd160.c 6
library/sha1.c 6
library/sha256.c 7
library/sha512.c 8
library/sha3.c 6
library/aes.c 9
library/aesni.c 7
library/asn1parse.c 9
library/x509.c 19
library/oid.c 8
library/asn1write.c 2

Fuzzer: fuzz_x509csr

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 447 44.8%
gold [1:9] 87 8.72%
yellow [10:29] 27 2.70%
greenyellow [30:49] 7 0.70%
lawngreen 50+ 429 43.0%
All colors 997 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1524 1524 4 :

['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']

1524 1544 mbedtls_pem_read_buffer call site: 00036 /src/mbedtls/library/pem.c:430
389 389 1 :

['mbedtls_rsa_deduce_primes']

389 434 mbedtls_rsa_complete call site: 00346 /src/mbedtls/library/rsa.c:782
239 239 1 :

['pk_group_id_from_group']

239 312 pk_ecc_group_id_from_specified call site: 00697 /src/mbedtls/library/pkparse.c:310
193 193 1 :

['mbedtls_x509_info_subject_alt_name']

248 248 mbedtls_x509_csr_info call site: 00985 /src/mbedtls/library/x509_csr.c:568
131 131 1 :

['ecp_check_pubkey_mx']

131 131 mbedtls_ecp_check_pubkey call site: 00800 /src/mbedtls/library/ecp.c:3036
112 815 8 :

['mbedtls_mpi_size', 'mbedtls_asn1_get_tag', 'mbedtls_mpi_bitlen', 'mbedtls_asn1_get_mpi', 'mbedtls_mpi_read_binary', 'mbedtls_error_add.1604', 'mbedtls_ecp_point_read_binary', 'mbedtls_mpi_lset']

112 815 pk_group_from_specified call site: 00701 /src/mbedtls/library/pkparse.c:152
65 65 1 :

['mbedtls_mpi_core_exp_mod_unsafe']

76 198 mbedtls_mpi_exp_mod_optionally_safe call site: 00472 /src/mbedtls/library/bignum.c:1703
34 616 8 :

['mbedtls_mpi_read_binary_le', 'mbedtls_ecp_get_type', 'mbedtls_ecp_sw_derive_y', 'mbedtls_mpi_set_bit', 'mbedtls_mpi_read_binary', 'mbedtls_ecp_set_zero', 'mbedtls_mpi_free', 'mbedtls_mpi_lset']

34 616 mbedtls_ecp_point_read_binary call site: 00722 /src/mbedtls/library/ecp.c:783
29 29 1 :

['mbedtls_x509_info_key_usage']

29 29 mbedtls_x509_csr_info call site: 00994 /src/mbedtls/library/x509_csr.c:588
26 26 1 :

['mbedtls_x509_info_cert_type']

55 55 mbedtls_x509_csr_info call site: 00986 /src/mbedtls/library/x509_csr.c:579
0 228 7 :

['mbedtls_x509_get_subject_alt_name', 'mbedtls_asn1_get_bool', 'mbedtls_asn1_get_tag', 'mbedtls_x509_get_key_usage', 'mbedtls_error_add', 'mbedtls_oid_get_x509_ext_type', 'mbedtls_x509_get_ns_cert_type']

0 228 x509_csr_parse_extensions call site: 00893 /src/mbedtls/library/x509_csr.c:169
0 206 1 :

['mbedtls_mpi_mod_mpi']

76 511 mbedtls_mpi_exp_mod_optionally_safe call site: 00468 /src/mbedtls/library/bignum.c:1692

Runtime coverage analysis

Covered functions
203
Functions that are reachable but not covered
105
Reachable functions
286
Percentage of reachable functions covered
63.29%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_x509csr.c 1
library/x509_csr.c 9
library/pem.c 9
library/base64.c 2
library/constant_time_impl.h 8
include/mbedtls/error.h 1
library/platform.c 2
library/platform_util.c 2
library/des.c 12
library/md.c 7
library/md5.c 6
library/ripemd160.c 6
library/sha1.c 6
library/sha256.c 7
library/sha512.c 8
library/sha3.c 6
library/aes.c 9
library/aesni.c 7
library/asn1parse.c 12
library/pk.c 6
library/x509.c 23
library/pkparse.c 7
library/oid.c 16
include/mbedtls/pk.h 1
library/rsa.c 5
library/bignum.c 37
library/bignum_core.c 29
library/rsa_alt_helpers.c 3
library/constant_time.c 1
library/pk_ecc.c 2
library/pk_internal.h 2
library/ecp_curves.c 6
library/ecp.c 20
include/mbedtls/ecp.h 1
library/asn1write.c 2

Fuzzer: fuzz_pkcs7

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 695 75.8%
gold [1:9] 63 6.87%
yellow [10:29] 23 2.51%
greenyellow [30:49] 10 1.09%
lawngreen 50+ 125 13.6%
All colors 916 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1935 1945 10 :

['pk_use_ecparams', 'mbedtls_pk_ecc_set_pubkey', 'mbedtls_pk_rsa.1608', 'pk_use_ecparams_rfc8410', 'mbedtls_pk_info_from_type', 'mbedtls_pk_free', 'mbedtls_rsa_parse_pubkey', 'mbedtls_error_add.1604', 'mbedtls_pk_setup', 'mbedtls_asn1_get_bitstring_null']

1935 1945 mbedtls_pk_parse_subpubkey call site: 00194 /src/mbedtls/library/pkparse.c:534
299 330 6 :

['mbedtls_x509_get_sig', 'mbedtls_error_add.689', 'memcmp', 'x509_get_crt_ext', 'x509_get_uid', 'mbedtls_x509_get_alg']

299 546 x509_crt_parse_der_core call site: 00191 /src/mbedtls/library/x509_crt.c:1227
24 24 2 :

['mbedtls_oid_get_pk_alg', 'mbedtls_oid_get_ec_grp_algid']

24 24 pk_get_pk_alg call site: 00195 /src/mbedtls/library/pkparse.c:481
0 119 2 :

['mbedtls_calloc', 'pkcs7_get_signer_info']

0 135 pkcs7_get_signers_info_set call site: 00897 /src/mbedtls/library/pkcs7.c:415
0 4 2 :

['mbedtls_calloc', 'mbedtls_x509_crt_init']

0 1335 mbedtls_x509_crt_parse_der_internal call site: 00058 /src/mbedtls/library/x509_crt.c:1338
0 2 1 :

['mbedtls_free']

0 2 mbedtls_x509_crt_parse_der_internal call site: 00061 /src/mbedtls/library/x509_crt.c:1356
0 0 None 299 2142 x509_crt_parse_der_core call site: 00063 /src/mbedtls/library/x509_crt.c:1115
0 0 None 0 135 pkcs7_get_signers_info_set call site: 00896 /src/mbedtls/library/pkcs7.c:409
0 0 None 0 42 mbedtls_pkcs7_parse_der call site: 00003 /src/mbedtls/library/pkcs7.c:567
0 0 None 0 34 mbedtls_x509_crl_free call site: 00908 /src/mbedtls/library/x509_crl.c:699
0 0 None 0 27 x509_crt_parse_der_core call site: 00062 /src/mbedtls/library/x509_crt.c:1107
0 0 None 0 5 mbedtls_pk_free call site: 00064 /src/mbedtls/library/pk.c:65

Runtime coverage analysis

Covered functions
55
Functions that are reachable but not covered
155
Reachable functions
210
Percentage of reachable functions covered
26.19%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_pkcs7.c 1
library/pkcs7.c 14
library/platform.c 2
library/asn1parse.c 15
include/mbedtls/error.h 1
library/platform_util.c 2
library/oid.c 12
library/x509_crt.c 14
library/pk.c 4
library/x509.c 21
library/pkparse.c 7
include/mbedtls/pk.h 1
library/rsa.c 5
library/bignum.c 37
library/bignum_core.c 29
library/rsa_alt_helpers.c 3
library/constant_time_impl.h 7
library/constant_time.c 1
library/pk_ecc.c 2
library/pk_internal.h 2
library/ecp_curves.c 6
library/ecp.c 20
include/mbedtls/ecp.h 1
library/x509_crl.c 1

Fuzzer: fuzz_dtlsserver

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 6127 87.6%
gold [1:9] 284 4.06%
yellow [10:29] 37 0.52%
greenyellow [30:49] 28 0.40%
lawngreen 50+ 512 7.32%
All colors 6988 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
22505 22515 5 :

['mbedtls_ssl_handshake_client_step', 'mbedtls_ssl_write_client_hello', 'mbedtls_debug_print_msg', 'mbedtls_ssl_states_str', 'mbedtls_ssl_tls13_handshake_client_step']

30807 37546 mbedtls_ssl_handshake_step call site: 02369 /src/mbedtls/library/ssl_tls.c:4524
8302 8302 1 :

['mbedtls_ssl_tls13_handshake_server_step']

8302 9113 mbedtls_ssl_handshake_step call site: 05099 /src/mbedtls/library/ssl_tls.c:4557
1696 1727 5 :

['ssl_double_retransmit_timeout', 'mbedtls_debug_print_ret', 'mbedtls_ssl_set_timer', 'mbedtls_ssl_resend_hello_request', 'mbedtls_ssl_resend']

1696 1757 mbedtls_ssl_fetch_input call site: 03679 /src/mbedtls/library/ssl_msg.c:2256
1524 1554 5 :

['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']

1524 1554 mbedtls_pem_read_buffer call site: 00923 /src/mbedtls/library/pem.c:428
1320 2135 3 :

['mbedtls_ssl_send_alert_message', 'mbedtls_ecjpake_read_round_one', 'mbedtls_debug_print_ret']

1320 2135 ssl_parse_ecjpake_kkpp call site: 05217 /src/mbedtls/library/ssl_tls12_server.c:299
720 722 2 :

['mbedtls_ssl_encrypt_buf', 'mbedtls_ssl_write_version']

776 933 mbedtls_ssl_write_record call site: 02243 /src/mbedtls/library/ssl_msg.c:2969
600 600 1 :

['pk_ecc_group_id_from_specified']

600 827 pk_use_ecparams call site: 00623 /src/mbedtls/library/pkparse.c:394
512 512 11 :

['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']

512 512 psa_destroy_key call site: 01971 /src/mbedtls/library/psa_crypto.c:1286
389 389 1 :

['mbedtls_rsa_deduce_primes']

389 434 mbedtls_rsa_complete call site: 00278 /src/mbedtls/library/rsa.c:782
206 206 1 :

['mbedtls_mpi_mod_mpi']

206 206 ecp_modp call site: 00676 /src/mbedtls/library/ecp.c:1003
131 131 1 :

['ecp_check_pubkey_mx']

131 131 mbedtls_ecp_check_pubkey call site: 00732 /src/mbedtls/library/ecp.c:3036
104 108 3 :

['mbedtls_calloc', 'mbedtls_free', 'mbedtls_x509_get_rsassa_pss_params']

104 108 mbedtls_x509_get_sig_alg call site: 00117 /src/mbedtls/library/x509.c:733

Runtime coverage analysis

Covered functions
343
Functions that are reachable but not covered
1154
Reachable functions
1477
Percentage of reachable functions covered
21.87%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_dtlsserver.c 1
library/ctr_drbg.c 10
library/aes.c 9
library/entropy.c 8
library/md.c 15
library/entropy_poll.c 3
library/x509_crt.c 50
library/pk.c 21
library/ssl_tls.c 112
library/ssl_cookie.c 6
library/aesni.c 8
library/platform_util.c 4
library/ctr.h 1
programs/fuzz/common.c 7
library/platform.c 3
library/asn1parse.c 15
include/mbedtls/error.h 1
library/x509.c 32
library/oid.c 26
library/pkparse.c 14
include/mbedtls/pk.h 2
library/rsa.c 26
library/bignum.c 50
library/bignum_core.c 36
library/rsa_alt_helpers.c 5
library/constant_time_impl.h 18
library/constant_time.c 4
library/pk_ecc.c 4
library/pk_internal.h 3
library/ecp_curves.c 6
library/ecp.c 77
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 13
library/md5.c 8
library/ripemd160.c 8
library/sha1.c 8
library/sha256.c 9
library/sha512.c 10
library/sha3.c 8
library/pkcs12.c 6
library/cipher.c 17
include/mbedtls/cipher.h 8
include/mbedtls/md.h 1
library/chacha20.c 5
library/gcm.c 10
library/ccm.c 13
library/chachapoly.c 9
library/poly1305.c 6
library/pkcs5.c 4
library/ssl_misc.h 53
library/ssl_ciphersuites.c 8
library/ssl_tls12_server.c 44
library/debug.c 11
library/ssl_msg.c 86
library/dhm.c 15
library/ecdh.c 22
library/ecjpake.c 21
library/psa_crypto.c 99
include/psa/crypto_values.h 2
library/psa_crypto_slot_management.c 22
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
include/psa/crypto_extra.h 2
framework/tests/src/drivers/platform_builtin_keys.c 1
include/psa/crypto_struct.h 12
build/library/psa_crypto_driver_wrappers_no_static.c 3
library/psa_crypto_storage.c 15
library/psa_its_file.c 6
library/psa_crypto_se.c 9
library/psa_crypto_storage.h 1
library/timing.c 3
library/nist_kw.c 4
include/mbedtls/ssl.h 2
build/library/ssl_debug_helpers_generated.c 3
library/ssl_client.c 8
library/ssl_tls13_client.c 57
library/ssl_tls13_generic.c 33
build/library/psa_crypto_driver_wrappers.h 16
library/psa_crypto_random_impl.h 3
library/psa_util.c 5
library/psa_crypto_rsa.c 7
library/asn1write.c 6
library/psa_crypto_ecp.c 7
library/psa_crypto_ffdh.c 5
library/ssl_tls12_client.c 35
include/mbedtls/psa_util.h 2
library/ssl_tls13_keys.c 27
library/psa_crypto_hash.c 5
library/psa_crypto_mac.c 13
library/psa_crypto_cipher.c 3
library/cmac.c 6
library/psa_crypto_client.c 1
library/bignum_core.h 1
library/ssl_ciphersuites_internal.h 7
library/ssl_tls13_server.c 53

Fuzzer: usepsa-fuzz_client

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7079 94.9%
gold [1:9] 237 3.17%
yellow [10:29] 108 1.44%
greenyellow [30:49] 16 0.21%
lawngreen 50+ 15 0.20%
All colors 7455 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1524 1554 5 :

['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']

1524 1554 mbedtls_pem_read_buffer call site: 00849 /src/mbedtls/library/pem.c:428
674 745 3 :

['mbedtls_platform_zeroize', 'mbedtls_md_free', 'mbedtls_cipher_free']

674 745 mbedtls_ssl_transform_free call site: 01297 /src/mbedtls/library/ssl_msg.c:6208
600 600 1 :

['pk_ecc_group_id_from_specified']

600 827 pk_use_ecparams call site: 00549 /src/mbedtls/library/pkparse.c:394
537 537 1 :

['mbedtls_ssl_handshake_free']

605 734 mbedtls_ssl_free call site: 07438 /src/mbedtls/library/ssl_tls.c:5550
389 389 1 :

['mbedtls_rsa_deduce_primes']

389 434 mbedtls_rsa_complete call site: 00217 /src/mbedtls/library/rsa.c:782
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 01106 /src/mbedtls/library/entropy.c:389
206 206 1 :

['mbedtls_mpi_mod_mpi']

206 206 ecp_modp call site: 00602 /src/mbedtls/library/ecp.c:1003
131 131 1 :

['ecp_check_pubkey_mx']

131 131 mbedtls_ecp_check_pubkey call site: 00658 /src/mbedtls/library/ecp.c:3036
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 01085 /src/mbedtls/library/ctr_drbg.c:469
104 108 3 :

['mbedtls_calloc', 'mbedtls_free', 'mbedtls_x509_get_rsassa_pss_params']

104 108 mbedtls_x509_get_sig_alg call site: 00059 /src/mbedtls/library/x509.c:733
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 01105 /src/mbedtls/library/entropy.c:308
83 107 3 :

['mbedtls_asn1_get_tag', 'mbedtls_x509_get_subject_alt_name_ext', 'mbedtls_error_add.689']

83 107 x509_get_authority_key_id call site: 00746 /src/mbedtls/library/x509_crt.c:654

Runtime coverage analysis

Covered functions
198
Functions that are reachable but not covered
1430
Reachable functions
1615
Percentage of reachable functions covered
11.46%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_client.c 1
library/x509_crt.c 50
library/platform.c 3
library/asn1parse.c 15
library/pk.c 21
library/platform_util.c 4
include/mbedtls/error.h 1
library/x509.c 32
library/oid.c 21
library/pkparse.c 7
include/mbedtls/pk.h 2
library/rsa.c 34
library/bignum.c 50
library/bignum_core.c 36
library/rsa_alt_helpers.c 4
library/constant_time_impl.h 16
library/constant_time.c 3
library/pk_ecc.c 2
library/pk_internal.h 3
library/ecp_curves.c 6
library/ecp.c 77
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 13
library/md.c 14
library/md5.c 8
library/ripemd160.c 8
library/sha1.c 8
library/sha256.c 9
library/sha512.c 10
library/sha3.c 8
library/aes.c 9
library/aesni.c 8
programs/fuzz/common.c 6
library/ssl_tls.c 119
library/ctr_drbg.c 10
library/entropy.c 8
library/entropy_poll.c 3
library/psa_crypto.c 145
build-usepsa/library/psa_crypto_driver_wrappers.h 37
library/psa_crypto_se.c 9
library/psa_its_file.c 6
library/psa_crypto_slot_management.c 22
library/psa_crypto_random_impl.h 3
library/ctr.h 1
library/psa_crypto_storage.c 15
library/ssl_misc.h 53
library/ssl_ciphersuites.c 10
include/psa/crypto_values.h 2
library/debug.c 9
library/ssl_msg.c 87
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
include/psa/crypto_extra.h 5
framework/tests/src/drivers/platform_builtin_keys.c 1
include/psa/crypto_struct.h 15
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c 3
library/psa_crypto_storage.h 1
library/psa_crypto_hash.c 6
library/dhm.c 15
library/psa_crypto_pake.c 9
library/ecjpake.c 20
library/psa_util.c 6
library/psa_crypto_client.c 1
library/psa_crypto_mac.c 15
library/cipher.c 11
library/psa_crypto_cipher.c 11
include/mbedtls/cipher.h 6
library/cmac.c 6
library/psa_crypto_ffdh.c 5
library/psa_crypto_ecp.c 10
library/psa_crypto_rsa.c 11
library/asn1write.c 6
library/gcm.c 16
library/ccm.c 16
library/chachapoly.c 12
library/poly1305.c 8
library/chacha20.c 8
library/psa_crypto_aead.c 5
include/mbedtls/ssl.h 2
build-usepsa/library/ssl_debug_helpers_generated.c 3
library/ssl_client.c 8
library/ssl_tls13_client.c 57
library/ssl_tls13_generic.c 33
library/ssl_tls12_client.c 35
include/mbedtls/md.h 1
include/mbedtls/psa_util.h 2
library/ssl_tls13_keys.c 27
library/ecdh.c 12
3rdparty/everest/library/everest.c 4
3rdparty/everest/library/x25519.c 4
3rdparty/everest/library/Hacl_Curve25519.c 38
3rdparty/everest/include/everest/kremlin/c_endianness.h 2
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h 1
3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c 2
library/ecdsa.c 14
library/bignum_core.h 1
library/hmac_drbg.c 8
library/pk_wrap.c 1
library/ssl_ciphersuites_internal.h 7
library/ssl_tls13_server.c 54
library/ssl_tls12_server.c 43

Fuzzer: fuzz_server

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 5325 75.9%
gold [1:9] 340 4.85%
yellow [10:29] 110 1.56%
greenyellow [30:49] 18 0.25%
lawngreen 50+ 1215 17.3%
All colors 7008 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
22472 22515 5 :

['mbedtls_ssl_handshake_client_step', 'mbedtls_ssl_write_client_hello', 'mbedtls_debug_print_msg', 'mbedtls_ssl_states_str', 'mbedtls_ssl_tls13_handshake_client_step']

22472 37546 mbedtls_ssl_handshake_step call site: 02454 /src/mbedtls/library/ssl_tls.c:4524
4435 4989 20 :

['ssl_tls13_parse_supported_groups_ext', 'mbedtls_debug_print_ret', 'mbedtls_ssl_parse_alpn_ext', 'ssl_tls13_select_ciphersuite', 'ssl_tls13_parse_key_shares_ext', 'mbedtls_ssl_tls13_check_received_extension', 'mbedtls_ssl_add_hs_hdr_to_checksum', 'mbedtls_ssl_parse_server_name_ext', 'mbedtls_ssl_print_extension', 'mbedtls_debug_print_buf', 'ssl_tls13_key_exchange_is_ephemeral_available', 'mbedtls_ssl_tls13_parse_record_size_limit_ext', 'mbedtls_ssl_pend_fatal_alert', 'ssl_tls13_parse_key_exchange_modes_ext', 'mbedtls_ssl_optimize_checksum', 'mbedtls_debug_print_msg', 'ssl_tls13_parse_pre_shared_key_ext', 'mbedtls_ssl_parse_sig_alg_ext', 'mbedtls_ssl_print_extensions', 'mbedtls_ssl_chk_buf_ptr.1814']

4435 4989 ssl_tls13_parse_client_hello call site: 05932 /src/mbedtls/library/ssl_tls13_server.c:1417
4250 7107 9 :

['mbedtls_ssl_verify_certificate', 'mbedtls_debug_print_ret', 'ssl_srv_check_client_no_crt_notification', 'mbedtls_ssl_read_record', 'mbedtls_calloc', 'ssl_parse_certificate_chain', 'mbedtls_ssl_send_alert_message', 'ssl_clear_peer_cert', 'mbedtls_x509_crt_init']

4250 7156 mbedtls_ssl_parse_certificate call site: 05413 /src/mbedtls/library/ssl_tls.c:7965
2606 2606 3 :

['mbedtls_ecjpake_derive_secret', 'mbedtls_ecjpake_read_round_two', 'ssl_parse_encrypted_pms']

2989 3045 ssl_parse_client_key_exchange call site: 06854 /src/mbedtls/library/ssl_tls12_server.c:3922
1897 1945 5 :

['mbedtls_ecdh_read_public', 'mbedtls_ssl_derive_keys', 'mbedtls_debug_print_msg', 'mbedtls_debug_printf_ecdh', 'mbedtls_ssl_psk_derive_premaster']

1897 1972 ssl_parse_client_key_exchange call site: 06855 /src/mbedtls/library/ssl_tls12_server.c:4006
1696 1711 5 :

['ssl_double_retransmit_timeout', 'mbedtls_ssl_set_timer', 'mbedtls_ssl_is_handshake_over', 'mbedtls_ssl_resend_hello_request', 'mbedtls_ssl_resend']

1696 1852 mbedtls_ssl_fetch_input call site: 03751 /src/mbedtls/library/ssl_msg.c:2168
1636 1636 2 :

['mbedtls_ssl_handshake_set_state.1836', 'ssl_tls13_postprocess_client_hello']

1636 1646 ssl_tls13_process_client_hello call site: 05898 /src/mbedtls/library/ssl_tls13_server.c:1976
1524 1554 5 :

['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']

1524 1554 mbedtls_pem_read_buffer call site: 00922 /src/mbedtls/library/pem.c:428
1521 1541 4 :

['mbedtls_debug_print_msg', 'ssl_parse_client_dh_public', 'mbedtls_ssl_derive_keys', 'mbedtls_ssl_psk_derive_premaster']

1521 1568 ssl_parse_client_key_exchange call site: 06848 /src/mbedtls/library/ssl_tls12_server.c:3881
1427 1447 3 :

['mbedtls_debug_print_msg', 'mbedtls_ssl_derive_keys', 'mbedtls_ssl_psk_derive_premaster']

1427 1465 ssl_parse_client_key_exchange call site: 06799 /src/mbedtls/library/ssl_tls12_server.c:3826
1424 1424 3 :

['mbedtls_ssl_session_get_ticket_creation_time', 'mbedtls_ms_time', 'mbedtls_ssl_session_load']

1424 1424 mbedtls_ssl_ticket_parse call site: 01921 /src/mbedtls/library/ssl_ticket.c:479
1320 2135 3 :

['mbedtls_ssl_send_alert_message', 'mbedtls_ecjpake_read_round_one', 'mbedtls_debug_print_ret']

1320 2135 ssl_parse_ecjpake_kkpp call site: 05248 /src/mbedtls/library/ssl_tls12_server.c:299

Runtime coverage analysis

Covered functions
589
Functions that are reachable but not covered
938
Reachable functions
1490
Percentage of reachable functions covered
37.05%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_server.c 1
library/ctr_drbg.c 10
library/aes.c 9
library/entropy.c 8
library/md.c 15
library/entropy_poll.c 3
library/x509_crt.c 50
library/pk.c 21
library/ssl_tls.c 128
library/ssl_ticket.c 8
library/aesni.c 8
library/platform_util.c 4
library/ctr.h 1
programs/fuzz/common.c 6
library/platform.c 3
library/asn1parse.c 15
include/mbedtls/error.h 1
library/x509.c 32
library/oid.c 26
library/pkparse.c 14
include/mbedtls/pk.h 2
library/rsa.c 26
library/bignum.c 50
library/bignum_core.c 36
library/rsa_alt_helpers.c 5
library/constant_time_impl.h 18
library/constant_time.c 4
library/pk_ecc.c 4
library/pk_internal.h 3
library/ecp_curves.c 6
library/ecp.c 77
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 13
library/md5.c 8
library/ripemd160.c 8
library/sha1.c 8
library/sha256.c 9
library/sha512.c 10
library/sha3.c 8
library/pkcs12.c 6
library/cipher.c 17
include/mbedtls/cipher.h 9
include/mbedtls/md.h 1
library/chacha20.c 5
library/gcm.c 10
library/ccm.c 13
library/chachapoly.c 9
library/poly1305.c 6
library/pkcs5.c 4
library/ssl_misc.h 53
library/ssl_ciphersuites.c 8
library/nist_kw.c 4
include/mbedtls/ssl.h 3
library/debug.c 11
library/ssl_msg.c 86
library/dhm.c 15
library/ecdh.c 22
library/ecjpake.c 21
library/psa_crypto.c 99
include/psa/crypto_values.h 2
library/psa_crypto_slot_management.c 22
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
include/psa/crypto_extra.h 2
framework/tests/src/drivers/platform_builtin_keys.c 1
include/psa/crypto_struct.h 12
build/library/psa_crypto_driver_wrappers_no_static.c 3
library/psa_crypto_storage.c 15
library/psa_its_file.c 6
library/psa_crypto_se.c 9
library/psa_crypto_storage.h 1
build/library/ssl_debug_helpers_generated.c 3
library/ssl_client.c 8
library/ssl_tls13_client.c 57
library/ssl_tls13_generic.c 33
build/library/psa_crypto_driver_wrappers.h 16
library/psa_crypto_random_impl.h 3
library/psa_util.c 5
library/psa_crypto_rsa.c 7
library/asn1write.c 6
library/psa_crypto_ecp.c 7
library/psa_crypto_ffdh.c 5
library/ssl_tls12_client.c 35
include/mbedtls/psa_util.h 2
library/ssl_tls13_keys.c 27
library/psa_crypto_hash.c 5
library/psa_crypto_mac.c 13
library/psa_crypto_cipher.c 3
library/cmac.c 6
library/psa_crypto_client.c 1
library/bignum_core.h 1
library/ssl_ciphersuites_internal.h 7
library/ssl_tls13_server.c 53
library/ssl_tls12_server.c 42

Fuzzer: usepsa-fuzz_pkcs7

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 679 75.4%
gold [1:9] 66 7.33%
yellow [10:29] 21 2.33%
greenyellow [30:49] 9 1.0%
lawngreen 50+ 125 13.8%
All colors 900 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1935 1945 10 :

['pk_use_ecparams', 'mbedtls_pk_ecc_set_pubkey', 'mbedtls_pk_rsa.1608', 'pk_use_ecparams_rfc8410', 'mbedtls_pk_info_from_type', 'mbedtls_pk_free', 'mbedtls_rsa_parse_pubkey', 'mbedtls_error_add.1604', 'mbedtls_pk_setup', 'mbedtls_asn1_get_bitstring_null']

1935 1945 mbedtls_pk_parse_subpubkey call site: 00194 /src/mbedtls/library/pkparse.c:534
299 330 6 :

['mbedtls_x509_get_sig', 'mbedtls_error_add.689', 'memcmp', 'x509_get_crt_ext', 'x509_get_uid', 'mbedtls_x509_get_alg']

299 546 x509_crt_parse_der_core call site: 00191 /src/mbedtls/library/x509_crt.c:1227
24 24 2 :

['mbedtls_oid_get_pk_alg', 'mbedtls_oid_get_ec_grp_algid']

24 24 pk_get_pk_alg call site: 00195 /src/mbedtls/library/pkparse.c:481
0 119 2 :

['mbedtls_calloc', 'pkcs7_get_signer_info']

0 135 pkcs7_get_signers_info_set call site: 00881 /src/mbedtls/library/pkcs7.c:415
0 4 2 :

['mbedtls_calloc', 'mbedtls_x509_crt_init']

0 1335 mbedtls_x509_crt_parse_der_internal call site: 00058 /src/mbedtls/library/x509_crt.c:1338
0 2 1 :

['mbedtls_free']

0 2 mbedtls_x509_crt_parse_der_internal call site: 00061 /src/mbedtls/library/x509_crt.c:1356
0 0 None 299 2142 x509_crt_parse_der_core call site: 00063 /src/mbedtls/library/x509_crt.c:1115
0 0 None 0 135 pkcs7_get_signers_info_set call site: 00880 /src/mbedtls/library/pkcs7.c:409
0 0 None 0 42 mbedtls_pkcs7_parse_der call site: 00003 /src/mbedtls/library/pkcs7.c:567
0 0 None 0 34 mbedtls_x509_crl_free call site: 00892 /src/mbedtls/library/x509_crl.c:699
0 0 None 0 27 x509_crt_parse_der_core call site: 00062 /src/mbedtls/library/x509_crt.c:1107
0 0 None 0 5 mbedtls_pk_free call site: 00064 /src/mbedtls/library/pk.c:65

Runtime coverage analysis

Covered functions
55
Functions that are reachable but not covered
154
Reachable functions
209
Percentage of reachable functions covered
26.32%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_pkcs7.c 1
library/pkcs7.c 14
library/platform.c 2
library/asn1parse.c 15
include/mbedtls/error.h 1
library/platform_util.c 2
library/oid.c 12
library/x509_crt.c 14
library/pk.c 4
library/x509.c 21
library/pkparse.c 7
include/mbedtls/pk.h 1
library/rsa.c 5
library/bignum.c 37
library/bignum_core.c 29
library/rsa_alt_helpers.c 2
library/constant_time_impl.h 7
library/constant_time.c 1
library/pk_ecc.c 2
library/pk_internal.h 2
library/ecp_curves.c 6
library/ecp.c 20
include/mbedtls/ecp.h 1
library/x509_crl.c 1

Fuzzer: usepsa-fuzz_dtlsserver

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7577 98.2%
gold [1:9] 129 1.67%
yellow [10:29] 0 0.0%
greenyellow [30:49] 1 0.01%
lawngreen 50+ 3 0.03%
All colors 7710 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
674 745 3 :

['mbedtls_platform_zeroize', 'mbedtls_md_free', 'mbedtls_cipher_free']

674 745 mbedtls_ssl_transform_free call site: 02731 /src/mbedtls/library/ssl_msg.c:6208
537 537 1 :

['mbedtls_ssl_handshake_free']

615 734 mbedtls_ssl_free call site: 07693 /src/mbedtls/library/ssl_tls.c:5550
512 512 11 :

['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']

512 512 psa_destroy_key call site: 01931 /src/mbedtls/library/psa_crypto.c:1286
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 00082 /src/mbedtls/library/entropy.c:389
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 00053 /src/mbedtls/library/ctr_drbg.c:469
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 00081 /src/mbedtls/library/entropy.c:308
33 33 1 :

['mbedtls_ssl_session_free']

45 64 mbedtls_ssl_free call site: 07701 /src/mbedtls/library/ssl_tls.c:5568
12 12 2 :

['mbedtls_zeroize_and_free', 'strlen']

12 29 mbedtls_ssl_free call site: 07703 /src/mbedtls/library/ssl_tls.c:5574
10 10 1 :

['mbedtls_zeroize_and_free']

10 20 mbedtls_ssl_config_free call site: 07684 /src/mbedtls/library/ssl_tls.c:6080
10 10 1 :

['mbedtls_zeroize_and_free']

10 15 mbedtls_md_free call site: 00209 /src/mbedtls/library/md.c:325
10 10 1 :

['mbedtls_zeroize_and_free']

10 10 mbedtls_mpi_free call site: 00473 /src/mbedtls/library/bignum.c:197
6 11 3 :

['mbedtls_platform_zeroize', 'fread', 'fclose']

6 11 mbedtls_platform_std_nv_seed_read call site: 00000 /src/mbedtls/library/platform.c:298

Runtime coverage analysis

Covered functions
86
Functions that are reachable but not covered
1572
Reachable functions
1651
Percentage of reachable functions covered
4.78%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_dtlsserver.c 1
library/ctr_drbg.c 10
library/aes.c 9
library/entropy.c 8
library/md.c 14
library/entropy_poll.c 3
library/x509_crt.c 50
library/pk.c 22
library/ssl_tls.c 114
library/ssl_cookie.c 6
library/psa_crypto.c 145
build-usepsa/library/psa_crypto_driver_wrappers.h 37
library/psa_crypto_se.c 9
library/psa_its_file.c 6
library/psa_crypto_slot_management.c 22
library/platform.c 3
library/psa_crypto_random_impl.h 3
library/aesni.c 8
library/platform_util.c 4
library/ctr.h 1
library/md5.c 8
library/ripemd160.c 8
library/sha1.c 8
library/sha256.c 9
library/sha512.c 10
library/sha3.c 8
library/psa_crypto_storage.c 15
programs/fuzz/common.c 7
library/asn1parse.c 15
include/mbedtls/error.h 1
library/x509.c 32
library/oid.c 27
library/pkparse.c 14
include/mbedtls/pk.h 2
library/rsa.c 34
library/bignum.c 50
library/bignum_core.c 36
library/rsa_alt_helpers.c 4
library/constant_time_impl.h 16
library/constant_time.c 3
library/pk_ecc.c 4
library/pk_internal.h 3
library/ecp_curves.c 6
library/ecp.c 77
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 13
library/psa_util.c 6
include/psa/crypto_struct.h 15
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
library/psa_crypto_storage.h 1
library/psa_crypto_ffdh.c 5
library/psa_crypto_ecp.c 10
library/psa_crypto_rsa.c 11
library/asn1write.c 6
include/psa/crypto_values.h 2
include/psa/crypto_extra.h 5
framework/tests/src/drivers/platform_builtin_keys.c 1
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c 3
library/pkcs12.c 6
library/cipher.c 14
include/mbedtls/cipher.h 6
include/mbedtls/md.h 1
library/psa_crypto_cipher.c 11
library/chacha20.c 8
library/gcm.c 16
library/ccm.c 16
library/chachapoly.c 12
library/poly1305.c 8
library/pkcs5.c 4
library/ssl_misc.h 53
library/ssl_ciphersuites.c 10
include/mbedtls/psa_util.h 2
library/ssl_tls12_server.c 45
library/psa_crypto_mac.c 15
library/cmac.c 6
library/psa_crypto_hash.c 6
library/debug.c 9
library/ssl_msg.c 87
library/dhm.c 15
library/psa_crypto_pake.c 9
library/ecjpake.c 20
library/timing.c 3
library/psa_crypto_client.c 1
library/psa_crypto_aead.c 5
include/mbedtls/ssl.h 2
build-usepsa/library/ssl_debug_helpers_generated.c 3
library/ssl_client.c 8
library/ssl_tls13_client.c 57
library/ssl_tls13_generic.c 33
library/ssl_tls12_client.c 35
library/ssl_tls13_keys.c 27
library/ecdh.c 12
3rdparty/everest/library/everest.c 4
3rdparty/everest/library/x25519.c 4
3rdparty/everest/library/Hacl_Curve25519.c 38
3rdparty/everest/include/everest/kremlin/c_endianness.h 2
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h 1
3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c 2
library/ecdsa.c 14
library/bignum_core.h 1
library/hmac_drbg.c 8
library/pk_wrap.c 1
library/ssl_ciphersuites_internal.h 7
library/ssl_tls13_server.c 54

Fuzzer: fuzz_client

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 6093 90.1%
gold [1:9] 242 3.57%
yellow [10:29] 329 4.86%
greenyellow [30:49] 50 0.73%
lawngreen 50+ 47 0.69%
All colors 6761 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
14220 14220 2 :

['mbedtls_ssl_tls13_handshake_server_step', 'mbedtls_ssl_handshake_server_step']

14220 15031 mbedtls_ssl_handshake_step call site: 04879 /src/mbedtls/library/ssl_tls.c:4555
1619 1645 9 :

['mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled.2884', 'mbedtls_ssl_write_sig_alg_ext', 'mbedtls_debug_print_msg', 'mbedtls_ssl_conf_tls13_is_ephemeral_enabled.2876', 'mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext', 'ssl_write_supported_groups_ext', 'mbedtls_ssl_conf_tls13_is_some_psk_enabled.2875', 'mbedtls_debug_print_buf', 'mbedtls_ssl_tls12_write_client_hello_exts']

1619 1645 ssl_write_client_hello_body call site: 01827 /src/mbedtls/library/ssl_client.c:599
1524 1554 5 :

['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']

1524 1554 mbedtls_pem_read_buffer call site: 00865 /src/mbedtls/library/pem.c:428
835 835 1 :

['mbedtls_ssl_flight_transmit']

835 835 ssl_prepare_handshake_step call site: 01494 /src/mbedtls/library/ssl_tls.c:4487
806 806 1 :

['mbedtls_ssl_send_alert_message']

806 806 mbedtls_ssl_handle_pending_alert call site: 01760 /src/mbedtls/library/ssl_msg.c:6337
600 600 1 :

['pk_ecc_group_id_from_specified']

600 827 pk_use_ecparams call site: 00565 /src/mbedtls/library/pkparse.c:394
512 512 11 :

['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']

512 512 psa_destroy_key call site: 01269 /src/mbedtls/library/psa_crypto.c:1286
389 389 1 :

['mbedtls_rsa_deduce_primes']

389 434 mbedtls_rsa_complete call site: 00220 /src/mbedtls/library/rsa.c:782
322 322 9 :

['mbedtls_ssl_tls13_write_early_data_ext', 'ssl_tls13_write_cookie_ext', 'ssl_tls13_write_key_share_ext.2287', 'ssl_tls13_early_data_has_valid_ticket', 'mbedtls_ssl_tls13_write_record_size_limit_ext', 'ssl_tls13_write_supported_versions_ext', 'ssl_tls13_write_psk_key_exchange_modes_ext', 'mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled', 'mbedtls_ssl_conf_tls13_is_some_psk_enabled']

322 322 mbedtls_ssl_tls13_write_client_hello_exts call site: 01828 /src/mbedtls/library/ssl_tls13_client.c:1146
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 01846 /src/mbedtls/library/entropy.c:389
206 206 1 :

['mbedtls_mpi_mod_mpi']

206 206 ecp_modp call site: 00618 /src/mbedtls/library/ecp.c:1003
131 131 1 :

['ecp_check_pubkey_mx']

131 131 mbedtls_ecp_check_pubkey call site: 00674 /src/mbedtls/library/ecp.c:3036

Runtime coverage analysis

Covered functions
316
Functions that are reachable but not covered
1144
Reachable functions
1443
Percentage of reachable functions covered
20.72%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_client.c 1
library/x509_crt.c 50
library/platform.c 3
library/asn1parse.c 15
library/pk.c 20
library/platform_util.c 4
include/mbedtls/error.h 1
library/x509.c 32
library/oid.c 20
library/pkparse.c 7
include/mbedtls/pk.h 2
library/rsa.c 26
library/bignum.c 50
library/bignum_core.c 36
library/rsa_alt_helpers.c 5
library/constant_time_impl.h 18
library/constant_time.c 4
library/pk_ecc.c 2
library/pk_internal.h 3
library/ecp_curves.c 6
library/ecp.c 77
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 13
library/md.c 15
library/md5.c 8
library/ripemd160.c 8
library/sha1.c 8
library/sha256.c 9
library/sha512.c 10
library/sha3.c 8
library/aes.c 9
library/aesni.c 8
programs/fuzz/common.c 6
library/ssl_tls.c 117
library/ctr_drbg.c 10
library/entropy.c 8
library/entropy_poll.c 3
library/ctr.h 1
library/ssl_misc.h 53
library/ssl_ciphersuites.c 8
library/debug.c 11
library/ssl_msg.c 86
library/cipher.c 17
library/dhm.c 15
library/ecdh.c 22
library/ecjpake.c 21
library/psa_crypto.c 99
include/psa/crypto_values.h 2
library/psa_crypto_slot_management.c 22
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
include/psa/crypto_extra.h 2
framework/tests/src/drivers/platform_builtin_keys.c 1
include/psa/crypto_struct.h 12
build/library/psa_crypto_driver_wrappers_no_static.c 3
library/psa_crypto_storage.c 15
library/psa_its_file.c 6
library/psa_crypto_se.c 9
library/psa_crypto_storage.h 1
include/mbedtls/cipher.h 8
library/nist_kw.c 4
library/gcm.c 10
library/ccm.c 13
library/chachapoly.c 9
library/poly1305.c 6
library/chacha20.c 5
include/mbedtls/ssl.h 2
build/library/ssl_debug_helpers_generated.c 3
library/ssl_client.c 8
library/ssl_tls13_client.c 57
library/ssl_tls13_generic.c 33
build/library/psa_crypto_driver_wrappers.h 16
library/psa_crypto_random_impl.h 3
library/psa_util.c 5
library/psa_crypto_rsa.c 7
library/asn1write.c 6
library/psa_crypto_ecp.c 7
library/psa_crypto_ffdh.c 5
library/ssl_tls12_client.c 35
include/mbedtls/md.h 1
include/mbedtls/psa_util.h 2
library/ssl_tls13_keys.c 27
library/psa_crypto_hash.c 5
library/psa_crypto_mac.c 13
library/psa_crypto_cipher.c 3
library/cmac.c 6
library/psa_crypto_client.c 1
library/bignum_core.h 1
library/ssl_ciphersuites_internal.h 7
library/ssl_tls13_server.c 53
library/ssl_tls12_server.c 42

Fuzzer: fuzz_x509crt

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 363 33.0%
gold [1:9] 45 4.09%
yellow [10:29] 16 1.45%
greenyellow [30:49] 3 0.27%
lawngreen 50+ 673 61.1%
All colors 1100 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1524 1524 4 :

['pem_des3_decrypt', 'pem_des_decrypt', 'pem_aes_decrypt', 'pem_check_pkcs_padding']

1524 1544 mbedtls_pem_read_buffer call site: 00865 /src/mbedtls/library/pem.c:430
389 389 1 :

['mbedtls_rsa_deduce_primes']

389 434 mbedtls_rsa_complete call site: 00220 /src/mbedtls/library/rsa.c:782
65 65 1 :

['mbedtls_mpi_core_exp_mod_unsafe']

76 198 mbedtls_mpi_exp_mod_optionally_safe call site: 00346 /src/mbedtls/library/bignum.c:1703
0 206 1 :

['mbedtls_mpi_mod_mpi']

76 511 mbedtls_mpi_exp_mod_optionally_safe call site: 00342 /src/mbedtls/library/bignum.c:1692
0 206 1 :

['mbedtls_mpi_mod_mpi']

0 206 ecp_modp call site: 00618 /src/mbedtls/library/ecp.c:1003
0 72 2 :

['mbedtls_mpi_mul_mpi', 'mbedtls_mpi_size']

692 809 mbedtls_rsa_complete call site: 00205 /src/mbedtls/library/rsa.c:769
0 27 1 :

['mbedtls_mpi_copy']

0 105 mbedtls_mpi_mul_mpi call site: 00209 /src/mbedtls/library/bignum.c:1206
0 23 1 :

['mbedtls_mpi_lset']

0 23 mbedtls_mpi_exp_mod_optionally_safe call site: 00279 /src/mbedtls/library/bignum.c:1640
0 18 1 :

['mbedtls_mpi_grow']

0 18 mbedtls_mpi_shrink call site: 00336 /src/mbedtls/library/bignum.c:250
0 6 1 :

['mbedtls_mpi_core_bitlen']

0 6 exp_mod_calc_first_bit_optionally_safe call site: 00356 /src/mbedtls/library/bignum_core.c:767
0 0 None 76 572 mbedtls_mpi_exp_mod_optionally_safe call site: 00284 /src/mbedtls/library/bignum.c:1660
0 0 None 76 554 mbedtls_mpi_exp_mod_optionally_safe call site: 00285 /src/mbedtls/library/bignum.c:1663

Runtime coverage analysis

Covered functions
244
Functions that are reachable but not covered
94
Reachable functions
309
Percentage of reachable functions covered
69.58%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_x509crt.c 1
library/x509_crt.c 18
library/platform.c 2
library/asn1parse.c 15
library/pk.c 6
library/platform_util.c 2
include/mbedtls/error.h 1
library/x509.c 30
library/oid.c 20
library/pkparse.c 7
include/mbedtls/pk.h 1
library/rsa.c 5
library/bignum.c 37
library/bignum_core.c 29
library/rsa_alt_helpers.c 3
library/constant_time_impl.h 8
library/constant_time.c 1
library/pk_ecc.c 2
library/pk_internal.h 2
library/ecp_curves.c 6
library/ecp.c 20
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 12
library/md.c 7
library/md5.c 6
library/ripemd160.c 6
library/sha1.c 6
library/sha256.c 7
library/sha512.c 8
library/sha3.c 6
library/aes.c 9
library/aesni.c 7
library/asn1write.c 2

Fuzzer: usepsa-fuzz_x509crt

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1143 92.1%
gold [1:9] 93 7.5%
yellow [10:29] 0 0.0%
greenyellow [30:49] 1 0.08%
lawngreen 50+ 3 0.24%
All colors 1240 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 00064 /src/mbedtls/library/entropy.c:389
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 00035 /src/mbedtls/library/ctr_drbg.c:469
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 00063 /src/mbedtls/library/entropy.c:308
10 10 1 :

['mbedtls_zeroize_and_free']

10 15 mbedtls_md_free call site: 00191 /src/mbedtls/library/md.c:325
6 11 3 :

['mbedtls_platform_zeroize', 'fread', 'fclose']

6 11 mbedtls_platform_std_nv_seed_read call site: 00000 /src/mbedtls/library/platform.c:298
0 630 1 :

['mbedtls_psa_crypto_init_subsystem']

0 696 psa_crypto_init call site: 00259 /src/mbedtls/library/psa_crypto.c:8472
0 35 2 :

['mbedtls_calloc', 'mbedtls_md_free']

0 35 mbedtls_md_setup call site: 00180 /src/mbedtls/library/md.c:497
0 0 None 34 42 psa_wipe_all_key_slots call site: 00264 /src/mbedtls/library/psa_crypto_slot_management.c:475
0 0 None 32 32 psa_init_all_se_drivers call site: 00006 /src/mbedtls/library/psa_crypto_se.c:264
0 0 None 10 59 mbedtls_x509_crt_free call site: 00302 /src/mbedtls/library/x509_crt.c:3248
0 0 None 0 113 mbedtls_ctr_drbg_seed call site: 00026 /src/mbedtls/library/ctr_drbg.c:562
0 0 None 0 72 mbedtls_psa_crypto_free call site: 00261 /src/mbedtls/library/psa_crypto.c:8251

Runtime coverage analysis

Covered functions
73
Functions that are reachable but not covered
308
Reachable functions
368
Percentage of reachable functions covered
16.3%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_x509crt.c 1
library/x509_crt.c 18
library/psa_crypto.c 11
build-usepsa/library/psa_crypto_driver_wrappers.h 2
library/psa_crypto_se.c 5
library/psa_its_file.c 5
library/psa_crypto_slot_management.c 5
library/platform.c 2
library/psa_crypto_random_impl.h 3
library/ctr_drbg.c 7
library/aes.c 9
library/aesni.c 7
library/platform_util.c 2
library/ctr.h 1
library/entropy.c 5
library/md.c 8
library/md5.c 7
library/ripemd160.c 7
library/sha1.c 7
library/sha256.c 8
library/sha512.c 9
library/sha3.c 7
library/psa_crypto_storage.c 2
library/asn1parse.c 15
library/pk.c 6
include/mbedtls/error.h 1
library/x509.c 30
library/oid.c 20
library/pkparse.c 7
include/mbedtls/pk.h 1
library/rsa.c 5
library/bignum.c 37
library/bignum_core.c 29
library/rsa_alt_helpers.c 2
library/constant_time_impl.h 8
library/constant_time.c 1
library/pk_ecc.c 2
library/pk_internal.h 2
library/ecp_curves.c 6
library/ecp.c 20
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 12
library/asn1write.c 2

Fuzzer: usepsa-fuzz_dtlsclient

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7072 94.9%
gold [1:9] 347 4.65%
yellow [10:29] 13 0.17%
greenyellow [30:49] 2 0.02%
lawngreen 50+ 14 0.18%
All colors 7448 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
1524 1554 5 :

['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']

1524 1554 mbedtls_pem_read_buffer call site: 00849 /src/mbedtls/library/pem.c:428
674 745 3 :

['mbedtls_platform_zeroize', 'mbedtls_md_free', 'mbedtls_cipher_free']

674 745 mbedtls_ssl_transform_free call site: 01280 /src/mbedtls/library/ssl_msg.c:6208
600 600 1 :

['pk_ecc_group_id_from_specified']

600 827 pk_use_ecparams call site: 00549 /src/mbedtls/library/pkparse.c:394
537 537 1 :

['mbedtls_ssl_handshake_free']

605 734 mbedtls_ssl_free call site: 07431 /src/mbedtls/library/ssl_tls.c:5550
389 389 1 :

['mbedtls_rsa_deduce_primes']

389 434 mbedtls_rsa_complete call site: 00217 /src/mbedtls/library/rsa.c:782
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 01106 /src/mbedtls/library/entropy.c:389
206 206 1 :

['mbedtls_mpi_mod_mpi']

206 206 ecp_modp call site: 00602 /src/mbedtls/library/ecp.c:1003
131 131 1 :

['ecp_check_pubkey_mx']

131 131 mbedtls_ecp_check_pubkey call site: 00658 /src/mbedtls/library/ecp.c:3036
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 01085 /src/mbedtls/library/ctr_drbg.c:469
104 108 3 :

['mbedtls_calloc', 'mbedtls_free', 'mbedtls_x509_get_rsassa_pss_params']

104 108 mbedtls_x509_get_sig_alg call site: 00059 /src/mbedtls/library/x509.c:733
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 01105 /src/mbedtls/library/entropy.c:308
83 107 3 :

['mbedtls_asn1_get_tag', 'mbedtls_x509_get_subject_alt_name_ext', 'mbedtls_error_add.689']

83 107 x509_get_authority_key_id call site: 00746 /src/mbedtls/library/x509_crt.c:654

Runtime coverage analysis

Covered functions
198
Functions that are reachable but not covered
1429
Reachable functions
1614
Percentage of reachable functions covered
11.46%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_dtlsclient.c 1
library/x509_crt.c 50
library/platform.c 3
library/asn1parse.c 15
library/pk.c 21
library/platform_util.c 4
include/mbedtls/error.h 1
library/x509.c 32
library/oid.c 21
library/pkparse.c 7
include/mbedtls/pk.h 2
library/rsa.c 34
library/bignum.c 50
library/bignum_core.c 36
library/rsa_alt_helpers.c 4
library/constant_time_impl.h 16
library/constant_time.c 3
library/pk_ecc.c 2
library/pk_internal.h 3
library/ecp_curves.c 6
library/ecp.c 77
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 13
library/md.c 14
library/md5.c 8
library/ripemd160.c 8
library/sha1.c 8
library/sha256.c 9
library/sha512.c 10
library/sha3.c 8
library/aes.c 9
library/aesni.c 8
programs/fuzz/common.c 7
library/ssl_tls.c 113
library/ctr_drbg.c 10
library/entropy.c 8
library/entropy_poll.c 3
library/psa_crypto.c 145
build-usepsa/library/psa_crypto_driver_wrappers.h 37
library/psa_crypto_se.c 9
library/psa_its_file.c 6
library/psa_crypto_slot_management.c 22
library/psa_crypto_random_impl.h 3
library/ctr.h 1
library/psa_crypto_storage.c 15
library/ssl_misc.h 53
library/ssl_ciphersuites.c 10
library/debug.c 9
library/ssl_msg.c 87
include/psa/crypto_values.h 2
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
include/psa/crypto_extra.h 5
framework/tests/src/drivers/platform_builtin_keys.c 1
include/psa/crypto_struct.h 15
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c 3
library/psa_crypto_storage.h 1
library/psa_crypto_hash.c 6
library/dhm.c 15
library/psa_crypto_pake.c 9
library/ecjpake.c 20
library/psa_util.c 6
library/timing.c 3
library/psa_crypto_client.c 1
library/psa_crypto_mac.c 15
library/cipher.c 11
library/psa_crypto_cipher.c 11
include/mbedtls/cipher.h 6
library/cmac.c 6
library/psa_crypto_ffdh.c 5
library/psa_crypto_ecp.c 10
library/psa_crypto_rsa.c 11
library/asn1write.c 6
library/gcm.c 16
library/ccm.c 16
library/chachapoly.c 12
library/poly1305.c 8
library/chacha20.c 8
library/psa_crypto_aead.c 5
include/mbedtls/ssl.h 2
build-usepsa/library/ssl_debug_helpers_generated.c 3
library/ssl_client.c 8
library/ssl_tls13_client.c 57
library/ssl_tls13_generic.c 33
library/ssl_tls12_client.c 35
include/mbedtls/md.h 1
include/mbedtls/psa_util.h 2
library/ssl_tls13_keys.c 27
library/ecdh.c 12
3rdparty/everest/library/everest.c 4
3rdparty/everest/library/x25519.c 4
3rdparty/everest/library/Hacl_Curve25519.c 38
3rdparty/everest/include/everest/kremlin/c_endianness.h 2
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h 1
3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c 2
library/ecdsa.c 14
library/bignum_core.h 1
library/hmac_drbg.c 8
library/pk_wrap.c 1
library/ssl_ciphersuites_internal.h 7
library/ssl_tls13_server.c 54
library/ssl_tls12_server.c 43

Fuzzer: usepsa-fuzz_server

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7590 98.2%
gold [1:9] 0 0.0%
yellow [10:29] 113 1.46%
greenyellow [30:49] 16 0.20%
lawngreen 50+ 5 0.06%
All colors 7724 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
674 745 3 :

['mbedtls_platform_zeroize', 'mbedtls_md_free', 'mbedtls_cipher_free']

674 745 mbedtls_ssl_transform_free call site: 02570 /src/mbedtls/library/ssl_msg.c:6208
537 537 1 :

['mbedtls_ssl_handshake_free']

615 734 mbedtls_ssl_free call site: 07707 /src/mbedtls/library/ssl_tls.c:5550
512 512 11 :

['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']

512 512 psa_destroy_key call site: 01931 /src/mbedtls/library/psa_crypto.c:1286
276 276 1 :

['mbedtls_entropy_update_manual']

276 276 mbedtls_entropy_update_nv_seed call site: 00082 /src/mbedtls/library/entropy.c:389
120 125 3 :

['block_cipher_df', 'ctr_drbg_update_internal', 'mbedtls_platform_zeroize']

120 125 mbedtls_ctr_drbg_reseed_internal call site: 00053 /src/mbedtls/library/ctr_drbg.c:469
94 841 9 :

['mbedtls_md_finish', 'mbedtls_md_setup', 'mbedtls_md_update', 'mbedtls_md', 'mbedtls_md_starts', 'entropy_gather_internal', 'mbedtls_md_init', 'mbedtls_md_info_from_type', 'mbedtls_md_free']

94 846 mbedtls_entropy_func call site: 00081 /src/mbedtls/library/entropy.c:308
33 33 1 :

['mbedtls_ssl_session_free']

45 64 mbedtls_ssl_free call site: 07715 /src/mbedtls/library/ssl_tls.c:5568
12 12 2 :

['mbedtls_zeroize_and_free', 'strlen']

12 29 mbedtls_ssl_free call site: 07717 /src/mbedtls/library/ssl_tls.c:5574
10 10 1 :

['mbedtls_zeroize_and_free']

10 20 mbedtls_ssl_config_free call site: 07696 /src/mbedtls/library/ssl_tls.c:6080
10 10 1 :

['mbedtls_zeroize_and_free']

10 15 mbedtls_md_free call site: 00209 /src/mbedtls/library/md.c:325
10 10 1 :

['mbedtls_zeroize_and_free']

10 10 mbedtls_mpi_free call site: 00473 /src/mbedtls/library/bignum.c:197
6 11 3 :

['mbedtls_platform_zeroize', 'fread', 'fclose']

6 11 mbedtls_platform_std_nv_seed_read call site: 00000 /src/mbedtls/library/platform.c:298

Runtime coverage analysis

Covered functions
86
Functions that are reachable but not covered
1585
Reachable functions
1664
Percentage of reachable functions covered
4.75%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_server.c 1
library/ctr_drbg.c 10
library/aes.c 9
library/entropy.c 8
library/md.c 14
library/entropy_poll.c 3
library/x509_crt.c 50
library/pk.c 22
library/ssl_tls.c 130
library/ssl_ticket.c 9
library/psa_crypto.c 145
build-usepsa/library/psa_crypto_driver_wrappers.h 37
library/psa_crypto_se.c 9
library/psa_its_file.c 6
library/psa_crypto_slot_management.c 22
library/platform.c 3
library/psa_crypto_random_impl.h 3
library/aesni.c 8
library/platform_util.c 4
library/ctr.h 1
library/md5.c 8
library/ripemd160.c 8
library/sha1.c 8
library/sha256.c 9
library/sha512.c 10
library/sha3.c 8
library/psa_crypto_storage.c 15
programs/fuzz/common.c 6
library/asn1parse.c 15
include/mbedtls/error.h 1
library/x509.c 32
library/oid.c 27
library/pkparse.c 14
include/mbedtls/pk.h 2
library/rsa.c 34
library/bignum.c 50
library/bignum_core.c 36
library/rsa_alt_helpers.c 4
library/constant_time_impl.h 16
library/constant_time.c 3
library/pk_ecc.c 4
library/pk_internal.h 3
library/ecp_curves.c 6
library/ecp.c 77
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 13
library/psa_util.c 6
include/psa/crypto_struct.h 15
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
library/psa_crypto_storage.h 1
library/psa_crypto_ffdh.c 5
library/psa_crypto_ecp.c 10
library/psa_crypto_rsa.c 11
library/asn1write.c 6
include/psa/crypto_values.h 2
include/psa/crypto_extra.h 5
framework/tests/src/drivers/platform_builtin_keys.c 1
build-usepsa/library/psa_crypto_driver_wrappers_no_static.c 3
library/pkcs12.c 6
library/cipher.c 14
include/mbedtls/cipher.h 6
include/mbedtls/md.h 1
library/psa_crypto_cipher.c 11
library/chacha20.c 8
library/gcm.c 16
library/ccm.c 16
library/chachapoly.c 12
library/poly1305.c 8
library/pkcs5.c 4
library/ssl_misc.h 53
library/ssl_ciphersuites.c 10
library/psa_crypto_aead.c 5
include/mbedtls/ssl.h 3
library/debug.c 9
library/ssl_msg.c 87
library/psa_crypto_hash.c 6
library/dhm.c 15
library/psa_crypto_pake.c 9
library/ecjpake.c 20
library/psa_crypto_client.c 1
library/psa_crypto_mac.c 15
library/cmac.c 6
build-usepsa/library/ssl_debug_helpers_generated.c 3
library/ssl_client.c 8
library/ssl_tls13_client.c 57
library/ssl_tls13_generic.c 33
library/ssl_tls12_client.c 35
include/mbedtls/psa_util.h 2
library/ssl_tls13_keys.c 27
library/ecdh.c 12
3rdparty/everest/library/everest.c 4
3rdparty/everest/library/x25519.c 4
3rdparty/everest/library/Hacl_Curve25519.c 38
3rdparty/everest/include/everest/kremlin/c_endianness.h 2
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h 1
3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c 2
library/ecdsa.c 14
library/bignum_core.h 1
library/hmac_drbg.c 8
library/pk_wrap.c 1
library/ssl_ciphersuites_internal.h 7
library/ssl_tls13_server.c 54
library/ssl_tls12_server.c 43

Fuzzer: fuzz_dtlsclient

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 4445 65.8%
gold [1:9] 234 3.46%
yellow [10:29] 98 1.45%
greenyellow [30:49] 59 0.87%
lawngreen 50+ 1919 28.4%
All colors 6755 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
14220 14220 2 :

['mbedtls_ssl_tls13_handshake_server_step', 'mbedtls_ssl_handshake_server_step']

14220 15031 mbedtls_ssl_handshake_step call site: 04873 /src/mbedtls/library/ssl_tls.c:4555
8464 8464 1 :

['mbedtls_ssl_tls13_handshake_client_step']

22684 23495 mbedtls_ssl_handshake_step call site: 01764 /src/mbedtls/library/ssl_tls.c:4540
6298 6298 4 :

['mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext', 'mbedtls_ssl_finish_handshake_msg', 'mbedtls_ssl_tls13_finalize_client_hello', 'mbedtls_ssl_add_hs_hdr_to_checksum']

6298 6397 mbedtls_ssl_write_client_hello call site: 01783 /src/mbedtls/library/ssl_client.c:933
3165 3165 1 :

['mbedtls_ssl_tls13_write_client_hello_exts']

3270 4810 ssl_write_client_hello_body call site: 01815 /src/mbedtls/library/ssl_client.c:596
2378 2378 2 :

['mbedtls_ecjpake_derive_secret', 'mbedtls_ecjpake_write_round_two']

2378 2425 ssl_write_client_key_exchange call site: 05498 /src/mbedtls/library/ssl_tls12_client.c:3146
2065 2978 9 :

['mbedtls_pk_can_do', 'mbedtls_debug_print_ret', 'mbedtls_x509_crt_verify_with_ca_cb', 'mbedtls_x509_crt_verify_restartable', 'mbedtls_ssl_check_curve', 'mbedtls_debug_print_msg', 'mbedtls_ssl_check_cert_usage', 'mbedtls_ssl_send_alert_message', 'mbedtls_pk_get_ec_group_id']

2065 2978 mbedtls_ssl_verify_certificate call site: 04347 /src/mbedtls/library/ssl_tls.c:9793
1524 1554 5 :

['mbedtls_zeroize_and_free', 'pem_des3_decrypt', 'pem_check_pkcs_padding', 'pem_des_decrypt', 'pem_aes_decrypt']

1524 1554 mbedtls_pem_read_buffer call site: 00865 /src/mbedtls/library/pem.c:428
1469 2517 6 :

['mbedtls_ecdh_make_public', 'mbedtls_dhm_get_len', 'mbedtls_ssl_conf_has_static_psk', 'mbedtls_debug_printf_ecdh', 'mbedtls_ssl_psk_derive_premaster', 'mbedtls_dhm_make_public']

1469 2628 ssl_write_client_key_exchange call site: 05467 /src/mbedtls/library/ssl_tls12_client.c:3023
859 1727 5 :

['ssl_double_retransmit_timeout', 'mbedtls_debug_print_ret', 'mbedtls_ssl_set_timer', 'mbedtls_ssl_resend_hello_request', 'mbedtls_ssl_resend']

859 1757 mbedtls_ssl_fetch_input call site: 03453 /src/mbedtls/library/ssl_msg.c:2256
512 512 11 :

['psa_key_slot_get_slot_number', 'psa_crypto_save_transaction', 'psa_get_and_lock_key_slot', 'psa_crypto_stop_transaction', 'psa_destroy_se_key', 'psa_crypto_prepare_transaction', 'psa_save_se_persistent_data', 'psa_unregister_read', 'psa_key_slot_state_transition', 'psa_get_se_driver_entry', 'psa_destroy_persistent_key']

512 512 psa_destroy_key call site: 01254 /src/mbedtls/library/psa_crypto.c:1286
492 555 2 :

['mbedtls_dhm_calc_secret', 'mbedtls_debug_print_mpi']

917 1017 ssl_write_client_key_exchange call site: 05401 /src/mbedtls/library/ssl_tls12_client.c:2717
441 441 1 :

['ecp_mul_mxz']

441 1117 ecp_mul_restartable_internal call site: 02439 /src/mbedtls/library/ecp.c:2667

Runtime coverage analysis

Covered functions
779
Functions that are reachable but not covered
779
Reachable functions
1442
Percentage of reachable functions covered
45.98%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
programs/fuzz/fuzz_dtlsclient.c 1
library/x509_crt.c 50
library/platform.c 3
library/asn1parse.c 15
library/pk.c 20
library/platform_util.c 4
include/mbedtls/error.h 1
library/x509.c 32
library/oid.c 20
library/pkparse.c 7
include/mbedtls/pk.h 2
library/rsa.c 26
library/bignum.c 50
library/bignum_core.c 36
library/rsa_alt_helpers.c 5
library/constant_time_impl.h 18
library/constant_time.c 4
library/pk_ecc.c 2
library/pk_internal.h 3
library/ecp_curves.c 6
library/ecp.c 77
include/mbedtls/ecp.h 1
library/pem.c 9
library/base64.c 2
library/des.c 13
library/md.c 15
library/md5.c 8
library/ripemd160.c 8
library/sha1.c 8
library/sha256.c 9
library/sha512.c 10
library/sha3.c 8
library/aes.c 9
library/aesni.c 8
programs/fuzz/common.c 7
library/ssl_tls.c 111
library/ctr_drbg.c 10
library/entropy.c 8
library/entropy_poll.c 3
library/ctr.h 1
library/ssl_misc.h 53
library/ssl_ciphersuites.c 8
library/debug.c 11
library/ssl_msg.c 86
library/cipher.c 17
library/dhm.c 15
library/ecdh.c 22
library/ecjpake.c 21
library/psa_crypto.c 99
include/psa/crypto_values.h 2
library/psa_crypto_slot_management.c 22
library/psa_crypto_slot_management.h 4
library/psa_crypto_core.h 2
include/psa/crypto_extra.h 2
framework/tests/src/drivers/platform_builtin_keys.c 1
include/psa/crypto_struct.h 12
build/library/psa_crypto_driver_wrappers_no_static.c 3
library/psa_crypto_storage.c 15
library/psa_its_file.c 6
library/psa_crypto_se.c 9
library/psa_crypto_storage.h 1
library/timing.c 3
include/mbedtls/cipher.h 8
library/nist_kw.c 4
library/gcm.c 10
library/ccm.c 13
library/chachapoly.c 9
library/poly1305.c 6
library/chacha20.c 5
include/mbedtls/ssl.h 2
build/library/ssl_debug_helpers_generated.c 3
library/ssl_client.c 8
library/ssl_tls13_client.c 57
library/ssl_tls13_generic.c 33
build/library/psa_crypto_driver_wrappers.h 16
library/psa_crypto_random_impl.h 3
library/psa_util.c 5
library/psa_crypto_rsa.c 7
library/asn1write.c 6
library/psa_crypto_ecp.c 7
library/psa_crypto_ffdh.c 5
library/ssl_tls12_client.c 35
include/mbedtls/md.h 1
include/mbedtls/psa_util.h 2
library/ssl_tls13_keys.c 27
library/psa_crypto_hash.c 5
library/psa_crypto_mac.c 13
library/psa_crypto_cipher.c 3
library/cmac.c 6
library/psa_crypto_client.c 1
library/bignum_core.h 1
library/ssl_ciphersuites_internal.h 7
library/ssl_tls13_server.c 53
library/ssl_tls12_server.c 42

Analyses and suggestions

Optimal target analysis

Remaining optimal interesting functions

The following table shows a list of functions that are optimal targets. Optimal targets are identified by finding the functions that in combination, yield a high code coverage.

Func name Functions filename Arg count Args Function depth hitcount instr count bb count cyclomatic complexity Reachable functions Incoming references total cyclomatic complexity Unreached complexity
mbedtls_test_psa_exercise_key /src/mbedtls/framework/tests/src/psa_exercise_key.c 4 ['int', 'int', 'int', 'int'] 28 0 243 45 15 798 0 5750 639
mbedtls_aes_self_test /src/mbedtls/library/aes.c 1 ['int'] 5 0 1195 184 66 30 0 219 140
mbedtls_pk_import_into_psa /src/mbedtls/library/pk.c 3 ['N/A', 'N/A', 'N/A'] 26 0 66 8 4 354 0 2540 139
mbedtls_aria_self_test /src/mbedtls/library/aria.c 1 ['int'] 3 0 751 144 42 16 0 113 106
mbedtls_camellia_self_test /src/mbedtls/library/camellia.c 1 ['int'] 4 0 629 83 28 11 0 101 94
mbedtls_cmac_self_test /src/mbedtls/library/cmac.c 1 ['int'] 28 0 169 29 14 367 0 2546 72
mbedtls_mpi_self_test /src/mbedtls/library/bignum.c 1 ['int'] 9 0 570 134 42 72 0 468 69

Implementing fuzzers that target the above functions will improve reachability such that it becomes:

Functions statically reachable by fuzzers
72.0%
1836 / 2566
Cyclomatic complexity statically reachable by fuzzers
80.0%
14224 / 17694

All functions overview

If you implement fuzzers for these functions, the status of all functions in the project will be:

Func name Functions filename Args Function call depth Reached by Fuzzers Fuzzers runtime hit Func lines hit % I Count BB Count Cyclomatic complexity Functions reached Reached by functions Accumulated cyclomatic complexity Undiscovered complexity

Fuzz engine guidance

This sections provides heuristics that can be used as input to a fuzz engine when running a given fuzz target. The current focus is on providing input that is usable by libFuzzer.

programs/fuzz/fuzz_privkey.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_pk_free', 'psa_driver_wrapper_free', 'entropy_update', 'entropy_gather_internal', 'mbedtls_psa_random_seed', 'mbedtls_md', 'psa_driver_wrapper_init', 'mbedtls_aes_free', 'mbedtls_md_setup']

programs/fuzz/fuzz_pubkey.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_pem_read_buffer', 'mbedtls_mpi_add_int', 'mbedtls_mpi_shift_r', 'mbedtls_mpi_mul_mpi', 'mbedtls_mpi_core_from_mont_rep', 'mbedtls_rsa_export_crt', 'mbedtls_mpi_shift_l', 'mbedtls_ecp_export', 'mbedtls_mpi_core_bitlen', 'rsa_check_context']

programs/fuzz/fuzz_x509crl.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_x509_crl_free', 'psa_driver_wrapper_free', 'entropy_update', 'entropy_gather_internal', 'mbedtls_psa_random_seed', 'mbedtls_md', 'psa_driver_wrapper_init', 'mbedtls_aes_free', 'mbedtls_md_setup']

programs/fuzz/fuzz_pubkey.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['psa_driver_wrapper_free', 'mbedtls_pk_free', 'entropy_update', 'entropy_gather_internal', 'mbedtls_psa_random_seed', 'mbedtls_md', 'psa_driver_wrapper_init', 'mbedtls_aes_free', 'mbedtls_md_setup']

programs/fuzz/fuzz_privkey.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_pk_parse_key', 'mbedtls_pem_read_buffer', 'mbedtls_mpi_add_int', 'ecp_normalize_jac', 'mbedtls_mpi_mul_mpi', 'mbedtls_mpi_inv_mod', 'ecp_pick_window_size', 'mbedtls_entropy_init', 'mbedtls_ecp_read_key', 'ecp_add_mixed']

programs/fuzz/fuzz_x509csr.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_x509_csr_free', 'psa_driver_wrapper_free', 'entropy_update', 'entropy_gather_internal', 'mbedtls_psa_random_seed', 'mbedtls_md', 'psa_driver_wrapper_init', 'mbedtls_aes_free', 'mbedtls_md_setup']

programs/fuzz/fuzz_x509crl.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_pem_read_buffer', 'mbedtls_x509_get_sig_alg', 'mbedtls_x509_get_rsassa_pss_params', 'mbedtls_x509_dn_gets', 'mbedtls_zeroize_and_free', 'mbedtls_x509_crl_parse_der', 'x509_get_crl_entry_ext', 'x509_get_crl_ext', 'mbedtls_x509_sig_alg_gets']

programs/fuzz/fuzz_x509csr.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_pem_read_buffer', 'mbedtls_mpi_add_int', 'mbedtls_ecp_sw_derive_y', 'mbedtls_mpi_shift_r', 'pk_group_from_specified', 'mbedtls_ecp_check_pubkey', 'mbedtls_mpi_mul_mpi', 'mbedtls_x509_csr_info', 'x509_get_hash_alg', 'mbedtls_mpi_core_from_mont_rep']

programs/fuzz/fuzz_pkcs7.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['pk_get_pk_alg', 'x509_crt_parse_der_core', 'pkcs7_get_signed_data', 'mbedtls_x509_crt_parse_der', 'mbedtls_x509_get_sig_alg', 'pkcs7_get_signers_info_set', 'mbedtls_x509_crl_free', 'mbedtls_pkcs7_free', 'mbedtls_x509_crt_free']

programs/fuzz/fuzz_dtlsserver.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_ssl_parse_sig_alg_ext', 'mbedtls_ssl_sig_alg_is_supported', 'mbedtls_pk_parse_key', 'mbedtls_ssl_dtls_replay_update', 'mbedtls_ssl_parse_server_name_ext', 'ssl_parse_client_hello', 'mbedtls_ctr_drbg_free', 'mbedtls_ssl_dtls_replay_check', 'mbedtls_ecp_keypair_free', 'mbedtls_mpi_add_mpi']

programs/fuzz/fuzz_client.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_ecp_keypair_init', 'psa_driver_wrapper_free', 'mbedtls_mpi_add_mpi', 'mbedtls_mpi_add_abs', 'x509_get_authority_key_id', 'mbedtls_x509_get_sig_alg', 'mbedtls_sha512_finish', 'mbedtls_ecp_group_load', 'ecp_sw_rhs', 'pk_use_ecparams']

programs/fuzz/fuzz_server.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_ssl_parse_sig_alg_ext', 'mbedtls_cipher_info_from_values', 'mbedtls_ssl_tls13_is_supported_versions_ext_present_in_exts', 'ecdh_setup_internal', 'mbedtls_ssl_write_handshake_msg_ext', 'mbedtls_ssl_write_alpn_ext', 'mbedtls_mpi_fill_random', 'dhm_check_range', 'mbedtls_ecp_curve_info_from_grp_id', 'psa_destroy_key']

programs/fuzz/fuzz_pkcs7.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['pk_get_pk_alg', 'x509_crt_parse_der_core', 'pkcs7_get_signed_data', 'mbedtls_x509_crt_parse_der', 'mbedtls_x509_get_sig_alg', 'pkcs7_get_signers_info_set', 'mbedtls_x509_crl_free', 'mbedtls_pkcs7_free', 'mbedtls_x509_crt_free']

programs/fuzz/fuzz_dtlsserver.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['psa_destroy_key', 'mbedtls_x509_crt_free', 'entropy_update', 'entropy_gather_internal', 'mbedtls_psa_random_seed', 'mbedtls_md', 'psa_driver_wrapper_free', 'psa_driver_wrapper_init', 'mbedtls_aes_free']

programs/fuzz/fuzz_client.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_ssl_write_client_hello', 'mbedtls_ecp_keypair_init', 'local_err_translation', 'mbedtls_ssl_flush_output', 'mbedtls_mpi_add_mpi', 'psa_destroy_key', 'mbedtls_mpi_add_abs', 'x509_get_authority_key_id', 'mbedtls_ssl_handshake', 'mbedtls_x509_get_sig_alg']

programs/fuzz/fuzz_x509crt.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_pem_read_buffer', 'mbedtls_mpi_add_int', 'mbedtls_mpi_shift_r', 'mbedtls_mpi_mul_mpi', 'mbedtls_mpi_core_from_mont_rep', 'mbedtls_mpi_shift_l', 'mbedtls_mpi_core_bitlen', 'mbedtls_mpi_div_mpi', 'rsa_check_context', 'mbedtls_x509_get_sig_alg']

programs/fuzz/fuzz_x509crt.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_x509_crt_free', 'entropy_update', 'entropy_gather_internal', 'mbedtls_psa_random_seed', 'mbedtls_md', 'psa_driver_wrapper_init', 'mbedtls_aes_free', 'psa_driver_wrapper_free', 'mbedtls_md_setup']

programs/fuzz/fuzz_dtlsclient.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_ecp_keypair_init', 'psa_driver_wrapper_free', 'mbedtls_mpi_add_mpi', 'mbedtls_mpi_add_abs', 'x509_get_authority_key_id', 'mbedtls_x509_get_sig_alg', 'mbedtls_sha512_finish', 'mbedtls_ecp_group_load', 'ecp_sw_rhs', 'pk_use_ecparams']

programs/fuzz/fuzz_server.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['psa_destroy_key', 'mbedtls_x509_crt_free', 'entropy_update', 'entropy_gather_internal', 'mbedtls_psa_random_seed', 'mbedtls_md', 'psa_driver_wrapper_free', 'psa_driver_wrapper_init', 'mbedtls_aes_free']

programs/fuzz/fuzz_dtlsclient.c

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mbedtls_ssl_parse_finished', 'mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg', 'mbedtls_cipher_setkey', 'mbedtls_ssl_read_record', 'ecdh_calc_secret_internal', 'mbedtls_ecp_keypair_free', 'mbedtls_md_clone', 'psa_destroy_key', 'mbedtls_mpi_core_fill_random', 'mbedtls_ctr_drbg_free']

Runtime coverage analysis

This section shows analysis of runtime coverage data.

For futher technical details on how this section is generated, please see the Glossary .

Complex functions with low coverage

Func name Function total lines Lines covered at runtime percentage covered Reached by fuzzers
mbedtls_aes_setkey_enc 74 12 16.21% ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_entropy_func 77 29 37.66% ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_md_info_from_type 50 16 32.0% ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_md_starts 49 19 38.77% ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_md_update 46 19 41.30% ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_md 47 7 14.89% ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_to_psa_error 198 7 3.535% ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_pk_parse_key_pkcs8_encrypted_der 61 16 26.22% ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_server']
mbedtls_x509_csr_info 55 30 54.54% ['usepsa-fuzz_x509csr', 'fuzz_x509csr']
mbedtls_debug_print_buf 40 10 25.0% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_md_finish 46 19 41.30% ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
psa_destroy_key 85 10 11.76% ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_setup 58 25 43.10% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_handshake_init 169 88 52.07% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
handle_buffer_resizing 46 22 47.82% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_handshake_server_step 68 34 50.0% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_pick_cert 60 32 53.33% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_states_str 66 32 48.48% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_cipher_update 176 56 31.81% ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_debug_print_mpi 39 11 28.20% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
gcm_gen_table 35 16 45.71% ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server']
ssl_prepare_record_content 120 38 31.66% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_handle_id_based_session_resumption 37 11 29.72% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_prepare_server_key_exchange 193 93 48.18% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_write_certificate_request 95 21 22.10% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_parse_client_key_exchange 207 62 29.95% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_tls13_handshake_server_step 123 20 16.26% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_tls13_parse_client_hello 346 80 23.12% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_write_client_hello 73 29 39.72% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_tls13_write_client_hello_exts 63 9 14.28% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_named_group_to_str 42 21 50.0% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_aes_setkey_dec 45 21 46.66% ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_cipher_set_iv 69 28 40.57% ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_cipher_finish 67 32 47.76% ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_cipher_set_padding_mode 39 11 28.20% ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_md_clone 55 20 36.36% ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
mbedtls_pk_verify_ext 49 26 53.06% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
hash_mprime 31 17 54.83% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_parse_finished 69 14 20.28% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_get_key_exchange_md_tls1_2 35 17 48.57% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
mbedtls_ssl_verify_certificate 132 4 3.030% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_parse_alpn_ext 40 11 27.50% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_write_client_key_exchange 223 63 28.25% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
ssl_write_certificate_verify 90 25 27.77% ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']

Files and Directories in report

This section shows which files and directories are considered in this report. The main reason for showing this is fuzz introspector may include more code in the reasoning than is desired. This section helps identify if too many files/directories are included, e.g. third party code, which may be irrelevant for the threat model. In the event too much is included, fuzz introspector supports a configuration file that can exclude data from the report. See the following link for more information on how to create a config file: link

Files in report

Source file Reached by Covered by
[] []
/src/mbedtls/library/ccm.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsclient']
/src/mbedtls/library/dhm.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/library/entropy.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/ssl_tls12_server.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/ssl_tls13_generic.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_server', 'fuzz_client']
/src/mbedtls/library/entropy_poll.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server']
/src/mbedtls/library/ssl_tls.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/psa_crypto_storage.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/nist_kw.c ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient'] []
/src/mbedtls/include/psa/crypto_values.h ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/psa_crypto_slot_management.h ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/ctr_drbg.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/programs/fuzz/fuzz_x509crt.c ['fuzz_x509crt', 'usepsa-fuzz_x509crt'] ['fuzz_x509crt', 'usepsa-fuzz_x509crt']
/src/mbedtls/library/ecp.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/rsa_alt_helpers.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/gcm.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/framework/tests/src/random.c [] []
/src/mbedtls/3rdparty/everest/library/x25519.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/library/pk_wrap.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsclient']
/src/mbedtls/library/x509_crt.c ['fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/ssl_cookie.c ['fuzz_dtlsserver', 'usepsa-fuzz_dtlsserver'] ['fuzz_dtlsserver', 'usepsa-fuzz_dtlsserver']
/src/mbedtls/library/ecp_curves.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/include/psa/crypto_struct.h ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/ssl_client.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/library/pkcs7.c ['fuzz_pkcs7', 'usepsa-fuzz_pkcs7'] ['fuzz_pkcs7', 'usepsa-fuzz_pkcs7']
/src/mbedtls/library/aes.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/include/mbedtls/ecp.h ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/psa_crypto_ffdh.c ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/platform_util.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/include/mbedtls/psa_util.h ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/psa_crypto_rsa.c ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/ssl_msg.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/programs/fuzz/fuzz_x509csr.c ['usepsa-fuzz_x509csr', 'fuzz_x509csr'] ['usepsa-fuzz_x509csr', 'fuzz_x509csr']
/src/mbedtls/library/psa_crypto_se.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server']
/src/mbedtls/library/rsa.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/pem.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/programs/fuzz/fuzz_pkcs7.c ['fuzz_pkcs7', 'usepsa-fuzz_pkcs7'] ['fuzz_pkcs7', 'usepsa-fuzz_pkcs7']
/src/mbedtls/library/psa_crypto_storage.h ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/asn1parse.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'usepsa-fuzz_x509crl', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/cipher_wrap.c [] []
/src/mbedtls/include/psa/crypto_compat.h [] []
/src/mbedtls/library/x509_csr.c ['usepsa-fuzz_x509csr', 'fuzz_x509csr'] ['usepsa-fuzz_x509csr', 'fuzz_x509csr']
/src/mbedtls/programs/fuzz/common.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/programs/fuzz/fuzz_privkey.c ['usepsa-fuzz_privkey', 'fuzz_privkey'] ['usepsa-fuzz_privkey', 'fuzz_privkey']
/src/mbedtls/library/common.h [] []
/src/mbedtls/library/ssl_ciphersuites_internal.h ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/include/psa/crypto_extra.h ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/programs/fuzz/fuzz_x509crl.c ['usepsa-fuzz_x509crl', 'fuzz_x509crl'] ['usepsa-fuzz_x509crl', 'fuzz_x509crl']
/src/mbedtls/library/des.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/framework/tests/src/psa_exercise_key.c [] []
/src/mbedtls/library/camellia.c [] []
/src/mbedtls/library/ssl_tls13_keys.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_server', 'fuzz_client']
/src/mbedtls/3rdparty/everest/library/everest.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/library/constant_time_impl.h ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/ssl_ciphersuites.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/programs/fuzz/fuzz_dtlsclient.c ['usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient'] ['usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/platform.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/programs/fuzz/fuzz_pubkey.c ['fuzz_pubkey', 'usepsa-fuzz_pubkey'] ['fuzz_pubkey', 'usepsa-fuzz_pubkey']
/src/mbedtls/include/mbedtls/md.h ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsclient']
/src/mbedtls/library/ssl_misc.h ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/include/mbedtls/cipher.h ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/psa_crypto_slot_management.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server']
/src/mbedtls/library/chachapoly.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/md.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/include/mbedtls/pk.h ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/framework/tests/src/helpers.c [] []
/src/mbedtls/include/mbedtls/error.h ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'usepsa-fuzz_pkcs7', 'fuzz_x509crt', 'fuzz_dtlsclient']
/src/mbedtls/library/psa_crypto_hash.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/pk_internal.h ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/sha256.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/library/ecjpake.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/library/psa_crypto_core.h ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/aesni.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/timing.c ['fuzz_dtlsserver', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_dtlsclient']
/src/mbedtls/library/ctr.h ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_privkey', 'fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/library/constant_time.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'fuzz_server', 'fuzz_x509crt', 'fuzz_dtlsclient']
/src/mbedtls/library/x509_crl.c ['usepsa-fuzz_x509crl', 'fuzz_x509crl', 'fuzz_pkcs7', 'usepsa-fuzz_pkcs7'] ['usepsa-fuzz_x509crl', 'fuzz_x509crl', 'fuzz_pkcs7', 'usepsa-fuzz_pkcs7']
/src/mbedtls/library/psa_crypto_random_impl.h ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server']
/src/mbedtls/build/library/psa_crypto_driver_wrappers.h ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient'] ['fuzz_server', 'fuzz_client']
/src/mbedtls/include/mbedtls/ssl.h ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/pkparse.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/oid.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/pkcs5.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_server'] []
/src/mbedtls/library/ssl_ticket.c ['fuzz_server', 'usepsa-fuzz_server'] ['fuzz_server', 'usepsa-fuzz_server']
/src/mbedtls/library/bignum_core.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/cipher.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/library/x509.c ['usepsa-fuzz_x509crl', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_x509crl', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/ecdh.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/3rdparty/everest/library/Hacl_Curve25519.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/library/ssl_tls13_server.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_server']
/src/mbedtls/programs/fuzz/fuzz_client.c ['usepsa-fuzz_client', 'fuzz_client'] ['usepsa-fuzz_client', 'fuzz_client']
/src/mbedtls/library/psa_crypto_client.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/bignum_core.h ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/build-usepsa/library/ssl_debug_helpers_generated.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/build-usepsa/library/psa_crypto_driver_wrappers_no_static.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/build/library/psa_crypto_driver_wrappers_no_static.c ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient'] []
/src/mbedtls/library/sha1.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsclient']
/src/mbedtls/library/base64.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/pk.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/build-usepsa/library/psa_crypto_driver_wrappers.h ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server']
/src/mbedtls/programs/fuzz/fuzz_server.c ['fuzz_server', 'usepsa-fuzz_server'] ['fuzz_server', 'usepsa-fuzz_server']
/src/mbedtls/framework/tests/src/drivers/platform_builtin_keys.c ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/chacha20.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/ssl_tls12_client.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsclient']
/src/mbedtls/library/threading.c [] []
/src/mbedtls/framework/tests/src/psa_crypto_helpers.c [] []
/src/mbedtls/library/debug.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/poly1305.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/asn1write.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_x509crl', 'fuzz_x509csr', 'fuzz_x509crt', 'fuzz_dtlsclient']
/src/mbedtls/framework/tests/src/asn1_helpers.c [] []
/src/mbedtls/framework/tests/src/bignum_helpers.c [] []
/src/mbedtls/library/pk_ecc.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'fuzz_dtlsclient']
/src/mbedtls/library/aria.c [] []
/src/mbedtls/library/ripemd160.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/md5.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_dtlsclient']
/src/mbedtls/build/library/ssl_debug_helpers_generated.c ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient'] ['fuzz_dtlsserver', 'fuzz_server', 'fuzz_client', 'fuzz_dtlsclient']
/src/mbedtls/library/bignum.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509csr', 'fuzz_pkcs7', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_pkcs7', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_pubkey', 'fuzz_privkey', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/sha3.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/pkcs12.c ['usepsa-fuzz_privkey', 'fuzz_privkey', 'fuzz_dtlsserver', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_server'] []
/src/mbedtls/library/cmac.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/psa_crypto_ecp.c ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/psa_util.c ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_server', 'fuzz_client']
/src/mbedtls/library/ecdsa.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/library/psa_crypto_mac.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/psa_crypto_aead.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/library/psa_crypto_core_common.h [] []
/src/mbedtls/library/psa_crypto_cipher.c ['usepsa-fuzz_privkey', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/psa_crypto.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/library/psa_its_file.c ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] []
/src/mbedtls/library/psa_crypto_pake.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/library/hmac_drbg.c ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/framework/tests/src/threading_helpers.c [] []
/src/mbedtls/programs/fuzz/fuzz_dtlsserver.c ['fuzz_dtlsserver', 'usepsa-fuzz_dtlsserver'] ['fuzz_dtlsserver', 'usepsa-fuzz_dtlsserver']
/src/mbedtls/3rdparty/everest/include/everest/kremlin/c_endianness.h ['usepsa-fuzz_client', 'usepsa-fuzz_dtlsserver', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server'] []
/src/mbedtls/library/sha512.c ['usepsa-fuzz_privkey', 'fuzz_pubkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'fuzz_privkey', 'usepsa-fuzz_x509csr', 'fuzz_x509crl', 'fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'fuzz_x509crt', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['usepsa-fuzz_privkey', 'usepsa-fuzz_x509crl', 'usepsa-fuzz_pubkey', 'usepsa-fuzz_x509csr', 'fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_x509crt', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient']
/src/mbedtls/tests/src/psa_test_wrappers.c [] []
/src/mbedtls/library/ssl_tls13_client.c ['fuzz_dtlsserver', 'usepsa-fuzz_client', 'fuzz_server', 'usepsa-fuzz_dtlsserver', 'fuzz_client', 'usepsa-fuzz_dtlsclient', 'usepsa-fuzz_server', 'fuzz_dtlsclient'] ['fuzz_server', 'fuzz_client']

Directories in report

Directory
/src/mbedtls/library/
/src/mbedtls/3rdparty/everest/library/kremlib/
/src/mbedtls/framework/tests/src/
/src/mbedtls/framework/tests/src/drivers/
/src/mbedtls/tests/src/
/src/mbedtls/build/library/
/src/mbedtls/3rdparty/everest/library/
/src/mbedtls/3rdparty/everest/include/everest/kremlin/
/src/mbedtls/build-usepsa/library/
/src/mbedtls/programs/fuzz/
/usr/include/x86_64-linux-gnu/bits/
/src/mbedtls/include/mbedtls/
/src/mbedtls/include/psa/

Metadata section

This sections shows the raw data that is used to produce this report. This is mainly used for further processing and developer debugging.

Fuzzer Calltree file Program data file Coverage file
usepsa-fuzz_privkey fuzzerLogFile-0-PLhdvwLf4v.data fuzzerLogFile-0-PLhdvwLf4v.data.yaml usepsa-fuzz_privkey.covreport
fuzz_pubkey fuzzerLogFile-0-YLVlEPXl8u.data fuzzerLogFile-0-YLVlEPXl8u.data.yaml fuzz_pubkey.covreport
usepsa-fuzz_x509crl fuzzerLogFile-0-HcWKUPoI3h.data fuzzerLogFile-0-HcWKUPoI3h.data.yaml usepsa-fuzz_x509crl.covreport
usepsa-fuzz_pubkey fuzzerLogFile-0-sSBKnYkI3c.data fuzzerLogFile-0-sSBKnYkI3c.data.yaml usepsa-fuzz_pubkey.covreport
fuzz_privkey fuzzerLogFile-0-Fxc0wKGJNy.data fuzzerLogFile-0-Fxc0wKGJNy.data.yaml fuzz_privkey.covreport
usepsa-fuzz_x509csr fuzzerLogFile-0-0ODodNbMPI.data fuzzerLogFile-0-0ODodNbMPI.data.yaml usepsa-fuzz_x509csr.covreport
fuzz_x509crl fuzzerLogFile-0-ZglAh5v9jY.data fuzzerLogFile-0-ZglAh5v9jY.data.yaml fuzz_x509crl.covreport
fuzz_x509csr fuzzerLogFile-0-lvQ91fsOSm.data fuzzerLogFile-0-lvQ91fsOSm.data.yaml fuzz_x509csr.covreport
fuzz_pkcs7 fuzzerLogFile-0-FRXILzozHj.data fuzzerLogFile-0-FRXILzozHj.data.yaml fuzz_pkcs7.covreport
fuzz_dtlsserver fuzzerLogFile-0-8EtIzuFLCD.data fuzzerLogFile-0-8EtIzuFLCD.data.yaml fuzz_dtlsserver.covreport
usepsa-fuzz_client fuzzerLogFile-0-5rdfko3CuJ.data fuzzerLogFile-0-5rdfko3CuJ.data.yaml usepsa-fuzz_client.covreport
fuzz_server fuzzerLogFile-0-K8h76p8msa.data fuzzerLogFile-0-K8h76p8msa.data.yaml fuzz_server.covreport
usepsa-fuzz_pkcs7 fuzzerLogFile-0-zoA8BQVpf1.data fuzzerLogFile-0-zoA8BQVpf1.data.yaml usepsa-fuzz_pkcs7.covreport
usepsa-fuzz_dtlsserver fuzzerLogFile-0-50oNOwMzBE.data fuzzerLogFile-0-50oNOwMzBE.data.yaml usepsa-fuzz_dtlsserver.covreport
fuzz_client fuzzerLogFile-0-RKHpfcUkXm.data fuzzerLogFile-0-RKHpfcUkXm.data.yaml fuzz_client.covreport
fuzz_x509crt fuzzerLogFile-0-p68XImitVJ.data fuzzerLogFile-0-p68XImitVJ.data.yaml fuzz_x509crt.covreport
usepsa-fuzz_x509crt fuzzerLogFile-0-50eG6J7hez.data fuzzerLogFile-0-50eG6J7hez.data.yaml usepsa-fuzz_x509crt.covreport
usepsa-fuzz_dtlsclient fuzzerLogFile-0-G3m8NGlUdL.data fuzzerLogFile-0-G3m8NGlUdL.data.yaml usepsa-fuzz_dtlsclient.covreport
usepsa-fuzz_server fuzzerLogFile-0-AzIUsRgWZ8.data fuzzerLogFile-0-AzIUsRgWZ8.data.yaml usepsa-fuzz_server.covreport
fuzz_dtlsclient fuzzerLogFile-0-T6GXNoL3R3.data fuzzerLogFile-0-T6GXNoL3R3.data.yaml fuzz_dtlsclient.covreport