High level conclusions

Fuzzer fuzz_sign_verify_with_valid_key is blocked:

The runtime code coverage of fuzz_sign_verify_with_valid_key covers 28.22% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_simple_sigstore is blocked:

The runtime code coverage of fuzz_simple_sigstore covers 23.59% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_sign_then_mutate_verify_with_valid_key is blocked:

The runtime code coverage of fuzz_sign_then_mutate_verify_with_valid_key covers 20.25% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_with_cert_chain is blocked:

The runtime code coverage of fuzz_with_cert_chain covers 27.35% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_sign_with_valid_key_verify_with_invalid_key is blocked:

The runtime code coverage of fuzz_sign_with_valid_key_verify_with_invalid_key covers 25.15% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_sign_with_invalid_key is blocked:

The runtime code coverage of fuzz_sign_with_invalid_key covers 0.0% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Reachability and coverage overview

Functions statically reachable by fuzzers

158 / 1390

Cyclomatic complexity statically reachable by fuzzers

549 / 4507

Runtime code coverage of functions

368 / 1390

Warning: The number of runtime covered functions are larger than the number of reachable functions. This means that Fuzz Introspector found there are more functions covered at runtime than what is considered reachable based on the static analysis. This is a limitation in the analysis as anything covered at runtime is by definition reachable by the fuzzers.
This is likely due to a limitation in the static analysis. In this case, the count of functions covered at runtime is the true value, which means this is what should be considered "achieved" by the fuzzer.

Use the project functions table below to query all functions that were not covered at runtime.

The following table shows data about each function in the project. The functions included in this table correspond to all functions that exist in the executables of the fuzzers. As such, there may be functions that are from third-party libraries.

For further technical details on the meaning of columns in the below table, please see the Glossary .

Func name	Functions filename	Args	Function call depth	Reached by Fuzzers	Runtime reached by Fuzzers	Combined reached by Fuzzers	Fuzzers runtime hit	Func lines hit %	I Count	BB Count	Cyclomatic complexity	Functions reached	Reached by functions	Accumulated cyclomatic complexity	Undiscovered complexity

Fuzzer: fuzz_sign_with_invalid_key

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	14	77.7%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	4	22.2%
All colors	18	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
5	8	...model-transparency.tests.fuzzing.fuzz_sign_with_invalid_key.TestOneInput	call site: 00008	os.path.join
3	0	EP	call site: 00000	atheris.FuzzedDataProvider
3	4	...model-transparency.tests.fuzzing.fuzz_sign_with_invalid_key.TestOneInput	call site: 00004	tempfile.TemporaryDirectory
3	14	...model-transparency.tests.fuzzing.fuzz_sign_with_invalid_key.TestOneInput	call site: 00014	scfg.set_hashing_config

Runtime coverage analysis

Covered functions

458

Functions that are reachable but not covered

16

Reachable functions

16

Percentage of reachable functions covered

0.0%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...model-transparency.tests.fuzzing.fuzz_sign_with_invalid_key	15

Fuzzer: fuzz_sign_with_valid_key_verify_with_invalid_key

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	353	64.2%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	196	35.7%
All colors	549	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
41	231	sigstore.oidc.IdentityToken.__init__	call site: 00231	sigstore.oidc.Issuer.identity_token
38	349	model_signing._signing.signing.Verifier.verify	call site: 00349	sigstore.verify.verifier.Verifier.verify_dsse
30	457	sigstore._utils.sha256_digest	call site: 00457	sigstore.verify.verifier._validate_dsse_v001_entry_body
26	81	sigstore._internal.tuf.TrustUpdater.get_signing_config_path	call site: 00081	sigstore.models.ClientTrustConfig.from_tuf
26	273	model_signing.signing.Config.sign	call site: 00273	model_signing._signing.sign_pkcs11.CertSigner._get_verification_material
25	315	...model-transparency.tests.fuzzing.fuzz_sign_with_valid_key_verify_with_invalid_key.TestOneInput	call site: 00315	sigstore.models.Bundle.__init__
24	432	sigstore.verify.policy._SingleX509ExtPolicy.verify	call site: 00432	sigstore.verify.verifier._validate_dsse_v002_entry_body
23	56	sigstore._internal.tuf.TrustUpdater.__init__	call site: 00056	sigstore._internal.tuf.TrustUpdater.get_trusted_root_path
19	388	sigstore._internal.sct._get_signed_certificate_timestamp	call site: 00388	sigstore._internal.sct._pack_digitally_signed
16	415	sigstore._internal.sct._pack_signed_entry	call site: 00415	sigstore.verify.policy.Identity.verify
6	1	...model-transparency.tests.fuzzing.fuzz_sign_with_valid_key_verify_with_invalid_key.TestOneInput	call site: 00001	fdp.ConsumeIntInRange
6	44	sigstore._internal.tuf.TrustUpdater.__init__	call site: 00044	sigstore._internal.tuf._get_dirs

Runtime coverage analysis

Covered functions

493

Functions that are reachable but not covered

241

Reachable functions

322

Percentage of reachable functions covered

25.16%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...model-transparency.tests.fuzzing.fuzz_sign_with_valid_key_verify_with_invalid_key	20
model_signing.signing	12
model_signing.hashing	23
model_signing._serialization.file	22
model_signing._hashing.io	3
model_signing._hashing.memory	3
model_signing.manifest	3
model_signing._signing.sign_ec_key	18
model_signing._signing.sign_sigstore	20
sigstore.models	23
sigstore._internal.tuf	20
sigstore._utils	18
sigstore.oidc	26
sigstore.sign	4
model_signing._serialization.file_shard	27
model_signing._serialization.serialization	5
model_signing._signing.signing	18
model_signing._signing.sign_sigstore_pb	6
cryptography.hazmat.primitives.asymmetric.ec	1
model_signing._signing.sign_certificate	7
sigstore.dsse	7
sigstore._internal.oidc.oauth	9
model_signing._signing.sign_pkcs11	23
model_signing.verifying	20
sigstore.verify.verifier	47
sigstore._internal.sct	26
sigstore.verify.policy	8

Fuzzer: fuzz_with_cert_chain

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	292	71.3%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	117	28.6%
All colors	409	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
60	115	cryptography.x509.extensions.AuthorityKeyIdentifier.__init__	call site: 00115	model_signing.verifying.Config.use_certificate_verifier
38	221	model_signing._signing.signing.Verifier.verify	call site: 00221	sigstore.verify.verifier.Verifier.verify_dsse
30	330	sigstore._utils.sha256_digest	call site: 00330	sigstore.verify.verifier._validate_dsse_v001_entry_body
28	184	model_signing._signing.sign_certificate.Verifier.__init__	call site: 00184	model_signing.verifying.Config.verify
25	304	sigstore.verify.policy._SingleX509ExtPolicy.verify	call site: 00304	sigstore.verify.verifier._validate_dsse_v002_entry_body
19	260	sigstore._internal.sct._get_signed_certificate_timestamp	call site: 00260	sigstore._internal.sct._pack_digitally_signed
18	92	...model-transparency.tests.fuzzing.fuzz_with_cert_chain._pick_sig_hash	call site: 00092	...model-transparency.tests.fuzzing.fuzz_with_cert_chain.gen_name
16	287	sigstore._internal.sct._pack_signed_entry	call site: 00287	sigstore.verify.policy.Identity.verify
5	0	EP	call site: 00000	...model-transparency.tests.fuzzing.fuzz_with_cert_chain.build_valid_chain
4	85	cryptography.x509.extensions.SubjectKeyIdentifier.from_public_key	call site: 00085	cryptography.x509.base.CertificateBuilder.sign
4	365	model_signing.manifest.SerializationType.from_args	call site: 00365	bytes.fromhex
4	379	model_signing._signing.signing.dsse_payload_to_manifest	call site: 00379	model_signing.verifying.Config._guess_hashing_config

Runtime coverage analysis

Covered functions

497

Functions that are reachable but not covered

154

Reachable functions

212

Percentage of reachable functions covered

27.36%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...model-transparency.tests.fuzzing.fuzz_with_cert_chain	57
cryptography.hazmat.primitives.asymmetric.rsa	2
cryptography.x509.base	10
cryptography.x509.extensions	9
model_signing.verifying	15
model_signing._signing.sign_certificate	8
model_signing._signing.sign_sigstore	5
sigstore.models	12
sigstore._utils	15
model_signing._signing.sign_sigstore_pb	4
model_signing._signing.signing	14
sigstore.verify.verifier	47
sigstore._internal.sct	26
sigstore.verify.policy	8
sigstore.dsse	4
cryptography.hazmat.primitives.asymmetric.ec	1
model_signing.manifest	3
model_signing._hashing.memory	1

Fuzzer: fuzz_sign_then_mutate_verify_with_valid_key

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	175	69.1%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	78	30.8%
All colors	253	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
38	65	model_signing._signing.signing.Verifier.verify	call site: 00065	sigstore.verify.verifier.Verifier.verify_dsse
30	174	sigstore._utils.sha256_digest	call site: 00174	sigstore.verify.verifier._validate_dsse_v001_entry_body
25	32	...model-transparency.tests.fuzzing.fuzz_sign_then_mutate_verify_with_valid_key.TestOneInput	call site: 00032	sigstore.models.Bundle.__init__
25	148	sigstore.verify.policy._SingleX509ExtPolicy.verify	call site: 00148	sigstore.verify.verifier._validate_dsse_v002_entry_body
19	104	sigstore._internal.sct._get_signed_certificate_timestamp	call site: 00104	sigstore._internal.sct._pack_digitally_signed
16	131	sigstore._internal.sct._pack_signed_entry	call site: 00131	sigstore.verify.policy.Identity.verify
4	209	model_signing.manifest.SerializationType.from_args	call site: 00209	bytes.fromhex
3	223	model_signing._signing.signing.dsse_payload_to_manifest	call site: 00223	model_signing.verifying.Config._guess_hashing_config
2	1	...model-transparency.tests.fuzzing.fuzz_sign_then_mutate_verify_with_valid_key.TestOneInput	call site: 00001	tempfile.TemporaryDirectory
2	125	sigstore._internal.sct._pack_signed_entry	call site: 00125	.len
2	206	model_signing._signing.signing.Verifier.verify	call site: 00206	model_signing._signing.signing.dsse_payload_to_manifest_compat
2	232	model_signing.verifying.Config.verify	call site: 00232	model_signing.manifest.Manifest.resource_descriptors

Runtime coverage analysis

Covered functions

493

Functions that are reachable but not covered

126

Reachable functions

158

Percentage of reachable functions covered

20.25%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...model-transparency.tests.fuzzing.fuzz_sign_then_mutate_verify_with_valid_key	24
model_signing.verifying	17
model_signing._signing.sign_ec_key	2
model_signing._signing.sign_sigstore	5
sigstore.models	12
sigstore._utils	15
model_signing._signing.sign_sigstore_pb	4
model_signing._signing.signing	13
sigstore.verify.verifier	47
sigstore._internal.sct	26
sigstore.verify.policy	8
sigstore.dsse	4
cryptography.hazmat.primitives.asymmetric.ec	1
model_signing.manifest	3
model_signing._hashing.memory	1

Fuzzer: fuzz_simple_sigstore

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	268	61.8%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	165	38.1%
All colors	433	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
38	136	model_signing._signing.signing.Verifier.verify	call site: 00136	sigstore.verify.verifier.Verifier.verify_dsse
30	245	sigstore._utils.sha256_digest	call site: 00245	sigstore.verify.verifier._validate_dsse_v001_entry_body
25	103	...model-transparency.tests.fuzzing.fuzz_simple_sigstore.TestOneInput	call site: 00103	sigstore.models.Bundle.__init__
25	219	sigstore.verify.policy._SingleX509ExtPolicy.verify	call site: 00219	sigstore.verify.verifier._validate_dsse_v002_entry_body
23	65	sigstore._internal.tuf.TrustUpdater.__init__	call site: 00065	sigstore._internal.tuf.TrustUpdater.get_trusted_root_path
19	175	sigstore._internal.sct._get_signed_certificate_timestamp	call site: 00175	sigstore._internal.sct._pack_digitally_signed
16	202	sigstore._internal.sct._pack_signed_entry	call site: 00202	sigstore.verify.policy.Identity.verify
15	1	...model-transparency.tests.fuzzing.fuzz_simple_sigstore.TestOneInput	call site: 00001	sigstore.models.TrustedRoot.from_file
12	90	sigstore._internal.tuf.TrustUpdater.get_signing_config_path	call site: 00090	sigstore.models.ClientTrustConfig.from_tuf
9	43	...model-transparency.tests.fuzzing.fuzz_simple_sigstore.TestOneInput	call site: 00043	sigstore.models.ClientTrustConfig.from_tuf
6	53	sigstore._internal.tuf.TrustUpdater.__init__	call site: 00053	sigstore._internal.tuf._get_dirs
5	312	model_signing.manifest._FileSerialization.__init__	call site: 00312	model_signing.hashing.Config.use_shard_serialization

Runtime coverage analysis

Covered functions

494

Functions that are reachable but not covered

191

Reachable functions

250

Percentage of reachable functions covered

23.6%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...model-transparency.tests.fuzzing.fuzz_simple_sigstore	25
sigstore.models	25
model_signing.verifying	20
model_signing._signing.sign_sigstore	10
sigstore._internal.tuf	20
sigstore._utils	18
sigstore.verify.policy	9
model_signing._signing.sign_sigstore_pb	4
model_signing._signing.signing	13
sigstore.verify.verifier	47
sigstore._internal.sct	26
sigstore.dsse	4
cryptography.hazmat.primitives.asymmetric.ec	1
model_signing.manifest	3
model_signing._hashing.memory	3
model_signing.hashing	23
model_signing._serialization.file	22
model_signing._hashing.io	3
model_signing._serialization.file_shard	27
model_signing._serialization.serialization	5

Fuzzer: fuzz_sign_verify_with_valid_key

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	197	55.6%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	157	44.3%
All colors	354	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
38	57	model_signing._signing.signing.Verifier.verify	call site: 00057	sigstore.verify.verifier.Verifier.verify_dsse
30	166	sigstore._utils.sha256_digest	call site: 00166	sigstore.verify.verifier._validate_dsse_v001_entry_body
25	23	...model-transparency.tests.fuzzing.fuzz_sign_verify_with_valid_key.TestOneInput	call site: 00023	sigstore.models.Bundle.__init__
25	140	sigstore.verify.policy._SingleX509ExtPolicy.verify	call site: 00140	sigstore.verify.verifier._validate_dsse_v002_entry_body
19	96	sigstore._internal.sct._get_signed_certificate_timestamp	call site: 00096	sigstore._internal.sct._pack_digitally_signed
16	123	sigstore._internal.sct._pack_signed_entry	call site: 00123	sigstore.verify.policy.Identity.verify
5	233	model_signing.manifest._FileSerialization.__init__	call site: 00233	model_signing.hashing.Config.use_shard_serialization
4	201	model_signing.manifest.SerializationType.from_args	call site: 00201	bytes.fromhex
4	302	model_signing._serialization.file_shard.Serializer.serialize	call site: 00302	.list
4	326	model_signing._serialization.file.Serializer.serialize	call site: 00326	.list
2	1	...model-transparency.tests.fuzzing.fuzz_sign_verify_with_valid_key.TestOneInput	call site: 00001	tempfile.TemporaryDirectory
2	117	sigstore._internal.sct._pack_signed_entry	call site: 00117	.len

Runtime coverage analysis

Covered functions

493

Functions that are reachable but not covered

150

Reachable functions

209

Percentage of reachable functions covered

28.23%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...model-transparency.tests.fuzzing.fuzz_sign_verify_with_valid_key	18
model_signing.verifying	20
model_signing._signing.sign_ec_key	2
model_signing._signing.sign_sigstore	5
sigstore.models	12
sigstore._utils	15
model_signing._signing.sign_sigstore_pb	4
model_signing._signing.signing	14
sigstore.verify.verifier	47
sigstore._internal.sct	26
sigstore.verify.policy	8
sigstore.dsse	4
cryptography.hazmat.primitives.asymmetric.ec	1
model_signing.manifest	3
model_signing._hashing.memory	3
model_signing.hashing	23
model_signing._serialization.file	22
model_signing._hashing.io	3
model_signing._serialization.file_shard	27
model_signing._serialization.serialization	5

Optimal target analysis

Remaining optimal interesting functions

The following table shows a list of functions that are optimal targets. Optimal targets are identified by finding the functions that in combination, yield a high code coverage.

Func name	Functions filename	Arg count	Args	Function depth	hitcount	instr count	bb count	cyclomatic complexity	Reachable functions	Incoming references	total cyclomatic complexity	Unreached complexity
sigstore._cli.main	sigstore._cli	1	['N/A']	7	0	13	13	8	242	1	787	418
cryptography.hazmat.primitives.serialization.ssh.SSHCertificateBuilder.sign	cryptography.hazmat.primitives.serialization.ssh	2	['N/A', 'N/A']	5	0	37	11	7	52	0	174	141
model_signing._signing.pkcs11uri.Pkcs11URI.login	model_signing._signing.pkcs11uri	1	['N/A']	4	0	2	4	5	31	2	108	90
cryptography.hazmat.primitives.serialization.ssh.load_ssh_private_key	cryptography.hazmat.primitives.serialization.ssh	4	['N/A', 'N/A', 'N/A', 'N/A']	4	0	12	15	9	35	0	116	82
cryptography.fernet.Fernet._decrypt_data	cryptography.fernet	4	['N/A', 'N/A', 'N/A', 'N/A']	3	0	1	3	4	25	2	81	50
sigstore._internal.rekor.checkpoint.verify_checkpoint	sigstore._internal.rekor.checkpoint	2	['N/A', 'N/A']	2	0	2	2	4	18	1	61	43
model_signing._signing.pkcs11uri.Pkcs11URI.parse	model_signing._signing.pkcs11uri	2	['N/A', 'N/A']	3	0	5	5	5	17	2	59	40

Implementing fuzzers that target the above functions will improve reachability such that it becomes:

Functions statically reachable by fuzzers

248 / 1390

Cyclomatic complexity statically reachable by fuzzers

903 / 4507

All functions overview

If you implement fuzzers for these functions, the status of all functions in the project will be:

Func name	Functions filename	Args	Function call depth	Reached by Fuzzers	Runtime reached by Fuzzers	Combined reached by Fuzzers	Fuzzers runtime hit	Func lines hit %	I Count	BB Count	Cyclomatic complexity	Functions reached	Reached by functions	Accumulated cyclomatic complexity	Undiscovered complexity

This sections provides heuristics that can be used as input to a fuzz engine when running a given fuzz target. The current focus is on providing input that is usable by libFuzzer.

/src/model-transparency/tests/fuzzing/fuzz_sign_with_invalid_key.py

Dictionary

Use this with the libFuzzer -dict=DICT.file flag

Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['...model-transparency.tests.fuzzing.fuzz_sign_with_invalid_key.TestOneInput']

/src/model-transparency/tests/fuzzing/fuzz_sign_with_valid_key_verify_with_invalid_key.py

Dictionary

Use this with the libFuzzer -dict=DICT.file flag

Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['sigstore.oidc.IdentityToken.__init__', 'model_signing._signing.signing.Verifier.verify', 'sigstore._utils.sha256_digest', 'sigstore._internal.tuf.TrustUpdater.get_signing_config_path', 'model_signing.signing.Config.sign', '...model-transparency.tests.fuzzing.fuzz_sign_with_valid_key_verify_with_invalid_key.TestOneInput', 'sigstore.verify.policy._SingleX509ExtPolicy.verify', 'sigstore._internal.tuf.TrustUpdater.__init__', 'sigstore._internal.sct._get_signed_certificate_timestamp', 'sigstore._internal.sct._pack_signed_entry']

/src/model-transparency/tests/fuzzing/fuzz_with_cert_chain.py

Dictionary

Use this with the libFuzzer -dict=DICT.file flag

Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['cryptography.x509.extensions.AuthorityKeyIdentifier.__init__', 'model_signing._signing.signing.Verifier.verify', 'sigstore._utils.sha256_digest', 'model_signing._signing.sign_certificate.Verifier.__init__', 'sigstore.verify.policy._SingleX509ExtPolicy.verify', 'sigstore._internal.sct._get_signed_certificate_timestamp', '...model-transparency.tests.fuzzing.fuzz_with_cert_chain._pick_sig_hash', 'sigstore._internal.sct._pack_signed_entry', 'cryptography.x509.extensions.SubjectKeyIdentifier.from_public_key']

/src/model-transparency/tests/fuzzing/fuzz_sign_then_mutate_verify_with_valid_key.py

Dictionary

Use this with the libFuzzer -dict=DICT.file flag

Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['model_signing._signing.signing.Verifier.verify', 'sigstore._utils.sha256_digest', '...model-transparency.tests.fuzzing.fuzz_sign_then_mutate_verify_with_valid_key.TestOneInput', 'sigstore.verify.policy._SingleX509ExtPolicy.verify', 'sigstore._internal.sct._get_signed_certificate_timestamp', 'sigstore._internal.sct._pack_signed_entry', 'model_signing.manifest.SerializationType.from_args', 'model_signing._signing.signing.dsse_payload_to_manifest']

/src/model-transparency/tests/fuzzing/fuzz_simple_sigstore.py

Dictionary

Use this with the libFuzzer -dict=DICT.file flag

Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['model_signing._signing.signing.Verifier.verify', 'sigstore._utils.sha256_digest', '...model-transparency.tests.fuzzing.fuzz_simple_sigstore.TestOneInput', 'sigstore.verify.policy._SingleX509ExtPolicy.verify', 'sigstore._internal.tuf.TrustUpdater.__init__', 'sigstore._internal.sct._get_signed_certificate_timestamp', 'sigstore._internal.sct._pack_signed_entry', 'sigstore._internal.tuf.TrustUpdater.get_signing_config_path']

/src/model-transparency/tests/fuzzing/fuzz_sign_verify_with_valid_key.py

Dictionary

Use this with the libFuzzer -dict=DICT.file flag

Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['model_signing._signing.signing.Verifier.verify', 'sigstore._utils.sha256_digest', '...model-transparency.tests.fuzzing.fuzz_sign_verify_with_valid_key.TestOneInput', 'sigstore.verify.policy._SingleX509ExtPolicy.verify', 'sigstore._internal.sct._get_signed_certificate_timestamp', 'sigstore._internal.sct._pack_signed_entry', 'model_signing.manifest._FileSerialization.__init__', 'model_signing.manifest.SerializationType.from_args', 'model_signing._serialization.file_shard.Serializer.serialize', 'model_signing._serialization.file.Serializer.serialize']

This section shows analysis of runtime coverage data.

For futher technical details on how this section is generated, please see the Glossary .

Complex functions with low coverage

Func name	Function total lines	Lines covered at runtime	percentage covered	Reached by fuzzers
os.path.isdir	290	131	45.17%	['fuzz_sign_with_invalid_key']
signer.sign_dsse	89	31	34.83%	['fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
typing_extensions.dataclass_transform	1714	560	32.67%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
resources.append	1640	2	0.121%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
statement.Statement	31	13	41.93%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
OpenSSL.crypto.X509StoreContext	880	267	30.34%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
re.match	80	15	18.75%	['fuzz_sign_with_invalid_key']
cryptography.hazmat.primitives.serialization.ssh.load_ssh_private_key	68	0	0.0%	[]
cryptography.hazmat.primitives.serialization.ssh._serialize_ssh_private_key	52	5	9.615%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
cryptography.hazmat.primitives.serialization.ssh._load_ssh_public_identity	56	0	0.0%	[]
cryptography.hazmat.primitives.serialization.ssh.SSHCertificateBuilder.sign	85	0	0.0%	[]
val.to_bytes	91	38	41.75%	['fuzz_sign_with_invalid_key']
point.tobytes	96	43	44.79%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
google.protobuf.json_format.MessageToJson	500	142	28.4%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
asn1crypto.keys.PublicKeyInfo.dump	350	177	50.57%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
asn1crypto.core.OctetString.load	2168	465	21.44%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
hash.finalize	73	27	36.98%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
i.isdigit	141	16	11.34%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
p.is_absolute	46	21	45.65%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
r.pop	109	13	11.92%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_invalid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
os.getenv	290	131	45.17%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
val.lower	91	38	41.75%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
OpenSSL.crypto.X509StoreContext.get_verified_chain	880	267	30.34%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
signer._signing_cert	89	31	34.83%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
verifier.verify_artifact	235	51	21.70%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
pydantic.model_validator	56	28	50.0%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
response.raise_for_status	658	142	21.58%	['fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain']
collections.defaultdict	234	76	32.47%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
jwt.decode	165	37	22.42%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
url.rstrip	204	60	29.41%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
fields.extend	54	4	7.407%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
sct.log_id.hex	88	21	23.86%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
timestamp.timestamp	46	25	54.34%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
sign.add_argument_group	93	39	41.93%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']
verify.add_subparsers	190	41	21.57%	['fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_with_cert_chain', 'fuzz_sign_with_valid_key_verify_with_invalid_key']

This section shows which files and directories are considered in this report. The main reason for showing this is fuzz introspector may include more code in the reasoning than is desired. This section helps identify if too many files/directories are included, e.g. third party code, which may be irrelevant for the threat model. In the event too much is included, fuzz introspector supports a configuration file that can exclude data from the report. See the following link for more information on how to create a config file: link

Files in report

Source file	Reached by	Covered by
	[]	[]
cryptography.hazmat.primitives.hashes	[]	[]
model_signing._signing.sign_sigstore_pb	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
...model-transparency.tests.fuzzing.fuzz_sign_with_invalid_key	['fuzz_sign_with_invalid_key']	[]
cryptography.__about__	[]	[]
cryptography.hazmat._oid	[]	[]
cryptography.hazmat.primitives.asymmetric.types	[]	[]
sigstore._internal.rekor.client	[]	[]
	[]	[]
cryptography.hazmat.primitives.kdf.concatkdf	[]	[]
cryptography.hazmat.primitives._cipheralgorithm	[]	[]
cryptography.hazmat.asn1	[]	[]
cryptography.hazmat.primitives.keywrap	[]	[]
cryptography.hazmat.bindings.openssl.binding	[]	[]
model_signing._signing.sign_ec_key	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_sign_verify_with_valid_key']	[]
cryptography.hazmat.primitives.asymmetric.dh	[]	[]
cryptography.hazmat.primitives.ciphers.base	[]	[]
sigstore.dsse	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
urllib	[]	[]
model_signing._cli	[]	[]
json	[]	[]
sigstore.verify.verifier	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
tempfile	[]	[]
sigstore._internal.timestamp	[]	[]
re	[]	[]
sigstore._internal.rekor.client_v2	[]	[]
cryptography.x509	[]	[]
sigstore.models	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
tuf	[]	[]
atheris	[]	[]
enum	[]	[]
cryptography.hazmat.primitives.serialization.pkcs7	[]	[]
cryptography.hazmat.primitives.ciphers.modes	[]	[]
model_signing._serialization.serialization	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
cryptography.hazmat.backends.openssl	[]	[]
atexit	[]	[]
model_signing._signing	[]	[]
rfc3161_client	[]	[]
binascii	[]	[]
model_signing.signing	['fuzz_sign_with_valid_key_verify_with_invalid_key']	[]
itertools	[]	[]
model_signing._hashing.hashing	[]	[]
cryptography.hazmat.primitives.kdf.x963kdf	[]	[]
cryptography.hazmat.primitives.padding	[]	[]
sigstore.__main__	[]	[]
cryptography.hazmat.primitives.asymmetric.x448	[]	[]
sigstore.hashes	[]	[]
OpenSSL	[]	[]
cryptography.hazmat.asn1.asn1	[]	[]
cryptography.hazmat.primitives.kdf	[]	[]
os	[]	[]
sigstore._internal.key_details	[]	[]
logging	[]	[]
glob	[]	[]
blake3	[]	[]
model_signing._signing.sign_sigstore	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
math	[]	[]
model_signing._serialization.file_shard	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
model_signing._signing.pkcs11uri	[]	[]
cryptography.hazmat.bindings	[]	[]
rekor_types	[]	[]
sigstore.oidc	['fuzz_sign_with_valid_key_verify_with_invalid_key']	[]
sigstore.sign	['fuzz_sign_with_valid_key_verify_with_invalid_key']	[]
...model-transparency.tests.fuzzing.fuzz_sign_with_valid_key_verify_with_invalid_key	['fuzz_sign_with_valid_key_verify_with_invalid_key']	[]
cryptography.hazmat.primitives.asymmetric.ed448	[]	[]
opentelemetry	[]	[]
sigstore._internal.trust	[]	[]
uuid	[]	[]
cryptography.hazmat.primitives.asymmetric.ec	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
sigstore._internal.merkle	[]	[]
cryptography.hazmat.bindings.openssl._conditional	[]	[]
cryptography.hazmat.primitives.ciphers.algorithms	[]	[]
sigstore_models	[]	[]
id	[]	[]
certifi	[]	[]
cryptography.hazmat.decrepit	[]	[]
cryptography.x509.base	['fuzz_with_cert_chain']	[]
model_signing._hashing	[]	[]
sigstore._internal.oidc	[]	[]
model_signing.hashing	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
cryptography.x509.ocsp	[]	[]
functools	[]	[]
cryptography.hazmat.bindings.openssl	[]	[]
model_signing._serialization	[]	[]
cryptography.hazmat.primitives.constant_time	[]	[]
cryptography.hazmat.primitives.asymmetric.utils	[]	[]
cryptography.x509.general_name	[]	[]
cryptography.hazmat.primitives.ciphers	[]	[]
collections	[]	[]
typing	[]	[]
requests	[]	[]
rfc8785	[]	[]
cryptography.hazmat.primitives.twofactor.totp	[]	[]
cryptography.hazmat.primitives._asymmetric	[]	[]
...model-transparency.tests.fuzzing.fuzz_sign_verify_with_valid_key	['fuzz_sign_verify_with_valid_key']	[]
base64	[]	[]
datetime	[]	[]
cryptography.hazmat.primitives.asymmetric.dsa	[]	[]
cryptography.hazmat.primitives.kdf.kbkdf	[]	[]
...model-transparency.tests.fuzzing.fuzz_with_cert_chain	['fuzz_with_cert_chain']	[]
sigstore._internal	[]	[]
model_signing	[]	[]
cryptography.x509.extensions	['fuzz_with_cert_chain']	[]
cryptography.hazmat.decrepit.ciphers.algorithms	[]	[]
cryptography.x509.verification	[]	[]
cryptography.hazmat.bindings._rust	[]	[]
utils	[]	[]
cryptography.hazmat.primitives.kdf.hkdf	[]	[]
sigstore._internal.fulcio	[]	[]
google	[]	[]
cryptography.utils	[]	[]
...model-transparency.tests.fuzzing.fuzz_simple_sigstore	['fuzz_simple_sigstore']	[]
sigstore._utils	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
...model-transparency.tests.fuzzing.fuzz_sign_then_mutate_verify_with_valid_key	['fuzz_sign_then_mutate_verify_with_valid_key']	[]
model_signing._hashing.io	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
cryptography.hazmat.primitives.asymmetric	[]	[]
cryptography.hazmat.primitives	[]	[]
jwt	[]	[]
cryptography.x509.oid	[]	[]
model_signing.verifying	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
cryptography.hazmat.primitives.poly1305	[]	[]
typing_extensions	[]	[]
hashlib	[]	[]
cryptography.hazmat.primitives.ciphers.aead	[]	[]
asn1crypto	[]	[]
platformdirs	[]	[]
warnings	[]	[]
sigstore._store	[]	[]
importlib	[]	[]
click	[]	[]
cryptography.x509.name	[]	[]
sigstore._internal.fulcio.client	[]	[]
cryptography.hazmat.primitives.cmac	[]	[]
sigstore._internal.rekor	[]	[]
hmac	[]	[]
cryptography.hazmat.primitives.asymmetric.x25519	[]	[]
cryptography.hazmat.primitives._serialization	[]	[]
cryptography.hazmat.decrepit.ciphers	[]	[]
cryptography.hazmat.primitives.twofactor	[]	[]
model_signing._signing.sign_pkcs11	['fuzz_sign_with_valid_key_verify_with_invalid_key']	[]
cryptography.hazmat.primitives.asymmetric.padding	[]	[]
textwrap	[]	[]
types	[]	[]
bcrypt	[]	[]
cryptography.hazmat.backends.openssl.backend	[]	[]
model_signing._hashing.memory	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
cryptography.hazmat.primitives.twofactor.hotp	[]	[]
sigstore._internal.sct	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
webbrowser	[]	[]
cryptography.hazmat.primitives.hmac	[]	[]
rich	[]	[]
email	[]	[]
PyKCS11	[]	[]
shutil	[]	[]
cryptography.hazmat.backends	[]	[]
sigstore.verify.policy	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
io	[]	[]
time	[]	[]
pathlib	[]	[]
cryptography.hazmat.primitives.asymmetric.rsa	['fuzz_with_cert_chain']	[]
cryptography.hazmat.primitives.serialization.base	[]	[]
sigstore.verify	[]	[]
pyasn1	[]	[]
sigstore._internal.tuf	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_simple_sigstore']	[]
pydantic	[]	[]
sigstore._cli	[]	[]
cryptography.x509.certificate_transparency	[]	[]
sys	[]	[]
sigstore.dsse._predicate	[]	[]
model_signing._signing.signing	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
random	[]	[]
cryptography.hazmat.primitives.kdf.argon2	[]	[]
sigstore._internal.oidc.oauth	['fuzz_sign_with_valid_key_verify_with_invalid_key']	[]
cryptography.exceptions	[]	[]
sigstore	[]	[]
cryptography.hazmat.primitives.kdf.pbkdf2	[]	[]
cryptography.hazmat.primitives.serialization.pkcs12	[]	[]
model_signing._serialization.file	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]
cryptography.hazmat.primitives.asymmetric.ed25519	[]	[]
model_signing.__main__	[]	[]
sigstore.errors	[]	[]
struct	[]	[]
importlib_resources	[]	[]
threading	[]	[]
model_signing._signing.sign_certificate	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain']	[]
cryptography.hazmat.primitives.kdf.scrypt	[]	[]
cryptography.fernet	[]	[]
stat	[]	[]
argparse	[]	[]
sigstore._internal.rekor.checkpoint	[]	[]
cryptography.hazmat.primitives.serialization	[]	[]
dataclasses	[]	[]
cryptography.hazmat	[]	[]
cryptography.hazmat.primitives.serialization.ssh	[]	[]
cryptography	[]	[]
model_signing.manifest	['fuzz_sign_with_valid_key_verify_with_invalid_key', 'fuzz_with_cert_chain', 'fuzz_sign_then_mutate_verify_with_valid_key', 'fuzz_simple_sigstore', 'fuzz_sign_verify_with_valid_key']	[]

Directories in report

Directory