Fuzz introspector: fuzz_sign_verify_with_valid_key
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
21 55 model_signing.manifest.Manifest.resource_descriptors call site: 00055 model_signing.verifying.Config._get_manifest_diff
5 20 ...model-transparency.tests.fuzzing.fuzz_sign_verify_with_valid_key.TestOneInput call site: 00020 model_signing._signing.sign_sigstore.Signature.read
4 35 model_signing.manifest.SerializationType.from_args call site: 00035 bytes.fromhex
3 50 model_signing.verifying.Config.verify call site: 00050 model_signing.manifest.Manifest.resource_descriptors
2 32 model_signing._signing.signing.Verifier.verify call site: 00032 model_signing._signing.signing.dsse_payload_to_manifest_compat
1 17 model_signing.verifying.Config.use_elliptic_key_verifier call site: 00017 public_key_path.read_bytes
1 29 model_signing._signing.signing.Verifier.verify call site: 00029 typing.cast

Fuzzer calltree

0 ...model-transparency.tests.fuzzing.fuzz_sign_verify_with_valid_key.TestOneInput [function] [call site] 00000
1 atheris.FuzzedDataProvider [function] [call site] 00001
1 tempfile.TemporaryDirectory [function] [call site] 00002
1 os.path.join [function] [call site] 00003
1 fdp.ConsumeIntInRange [function] [call site] 00004
1 <builtin>.open [function] [call site] 00005
1 fdp.ConsumeBytes [function] [call site] 00006
1 f.write [function] [call site] 00007
1 os.path.join [function] [call site] 00008
1 ...model-transparency.tests.fuzzing.fuzz_sign_verify_with_valid_key._pick_key_spec [function] [call site] 00009
2 <builtin>.len [function] [call site] 00010
2 fdp.ConsumeIntInRange [function] [call site] 00011
1 scfg.use_elliptic_key_signer [function] [call site] 00012
1 signer.sign [function] [call site] 00013
1 model_signing.verifying.Config.__init__ [function] [call site] 00014
1 model_signing.verifying.Config.use_elliptic_key_verifier [function] [call site] 00015
2 pathlib.Path [function] [call site] 00016
2 model_signing._signing.sign_ec_key.Verifier.__init__ [function] [call site] 00017
3 public_key_path.read_bytes [function] [call site] 00018
3 model_signing._signing.sign_ec_key._check_supported_ec_key [function] [call site] 00019
1 model_signing.verifying.Config.verify [function] [call site] 00020
2 pathlib.Path [function] [call site] 00021
2 model_signing._signing.sign_sigstore.Signature.read [function] [call site] 00022
3 path.read_text [function] [call site] 00023
3 sigstore.models.Bundle.from_json [function] [call site] 00024
3 model_signing._signing.sign_sigstore.Signature.__init__ [function] [call site] 00025
2 pathlib.Path [function] [call site] 00026
2 model_signing._signing.sign_sigstore.Signature.read [function] [call site] 00027
2 model_signing._signing.signing.Verifier.verify [function] [call site] 00028
3 model_signing._signing.sign_sigstore.Verifier._verify_signed_content [function] [call site] 00029
4 typing.cast [function] [call site] 00030
3 json.loads [function] [call site] 00031
3 model_signing._signing.signing.dsse_payload_to_manifest [function] [call site] 00032
4 model_signing._signing.signing.dsse_payload_to_manifest_compat [function] [call site] 00033
5 model_signing.manifest.SerializationType.from_args [function] [call site] 00034
6 subclass._from_args [function] [call site] 00035
5 bytes.fromhex [function] [call site] 00036
5 serialization.new_item [function] [call site] 00037
5 items.append [function] [call site] 00038
5 model_signing.manifest.Manifest.__init__ [function] [call site] 00039
4 <builtin>.len [function] [call site] 00040
4 model_signing.manifest.SerializationType.from_args [function] [call site] 00041
4 model_signing._hashing.memory.SHA256.__init__ [function] [call site] 00042
5 hashlib.sha256 [function] [call site] 00043
4 bytes.fromhex [function] [call site] 00044
4 model_signing._hashing.memory.SHA256.update [function] [call site] 00045
4 serialization.new_item [function] [call site] 00046
4 items.append [function] [call site] 00047
4 model_signing._hashing.memory.SHA256.compute [function] [call site] 00048
4 model_signing.manifest.Manifest.__init__ [function] [call site] 00049
2 model_signing.verifying.Config._guess_hashing_config [function] [call site] 00050
3 <builtin>.frozenset [function] [call site] 00051
3 <builtin>.frozenset [function] [call site] 00052
2 model_signing.manifest.Manifest.resource_descriptors [function] [call site] 00053
3 <builtin>.sorted [function] [call site] 00054
3 <builtin>.str [function] [call site] 00055
2 model_signing.verifying.Config._get_manifest_diff [function] [call site] 00056
3 actual.resource_descriptors [function] [call site] 00057
3 model_signing.manifest.Manifest.resource_descriptors [function] [call site] 00058
3 actual_hashes.keys [function] [call site] 00059
3 <builtin>.set [function] [call site] 00060
3 <builtin>.set [function] [call site] 00061
3 expected_hashes.keys [function] [call site] 00062
3 diffs.append [function] [call site] 00063
3 <builtin>.sorted [function] [call site] 00064
3 expected_hashes.keys [function] [call site] 00065
3 <builtin>.set [function] [call site] 00066
3 <builtin>.set [function] [call site] 00067
3 actual_hashes.keys [function] [call site] 00068
3 diffs.append [function] [call site] 00069
3 <builtin>.sorted [function] [call site] 00070
3 actual_hashes.keys [function] [call site] 00071
3 <builtin>.set [function] [call site] 00072
3 expected_hashes.keys [function] [call site] 00073
3 <builtin>.set [function] [call site] 00074
3 <builtin>.sorted [function] [call site] 00075
3 diffs.append [function] [call site] 00076