[][src]Crate sidefuzz

SideFuzz is an adaptive fuzzer that uses a genetic-algorithim optimizer in combination with t-statistics to find side-channel (timing) vulnerabilities in cryptography compiled to wasm.

See the README for complete documentation.

Creating a target in rust is done in the following way:

This example is not tested
// lib.rs
pub extern "C" fn fuzz() {
  let input = sidefuzz::fetch_input(32); // 32 bytes of of fuzzing input as a &[u8]
# Cargo.toml
crate-type = ["cdylib"]

sidefuzz = "0.1.2"

Compile and fuzz the target like so:

cargo build --release --target wasm32-unknown-unknown                # Always build in release mode
sidefuzz fuzz ./target/wasm32-unknown-unknown/release/my_target.wasm # Fuzzing!



A function that is opaque to the optimizer, to allow fuzzed functions to pretend to use outputs to assist in avoiding dead-code elimination.


Get an input of the desired length. This function should be called with a constant unchanging len argument. Calling it with different lengths will result in invalid fuzzing.