As an implementer of a Cryptofuzz module, I want Cryptofuzz to have tests so that I can validate my module quickly. The idea is that ./cryptofuzz --unit-tests [--force-module=mymodule] would just run a small predefined set of test data, at least one per algorithm.
As a maintainer of a project fuzzed by Cryptofuz, I want Cryptofuzz to have tests that run regularly so that I can have confidence that Cryptofuzz is really fuzzing my module and not, for example, deciding that every algorithm is unsupported. (Example: unauthenticated ciphers silently skipped in Mbed TLS for over a year.)
I guess the tests in tests.c are a start. From that point:
I don't know how to run them (or if they are running when I run ./cryptofuzz without --disable-tests, how I can get information from them).
There needs to be a way to declare which mechanisms each module supports, and to report a failure if a mechanism should be supported but the module says nullopt.
There needs to be regular job that runs the tests.
As an implementer of a Cryptofuzz module, I want Cryptofuzz to have tests so that I can validate my module quickly. The idea is that
./cryptofuzz --unit-tests [--force-module=mymodule]
would just run a small predefined set of test data, at least one per algorithm.As a maintainer of a project fuzzed by Cryptofuz, I want Cryptofuzz to have tests that run regularly so that I can have confidence that Cryptofuzz is really fuzzing my module and not, for example, deciding that every algorithm is unsupported. (Example: unauthenticated ciphers silently skipped in Mbed TLS for over a year.)
I guess the tests in
tests.c
are a start. From that point:./cryptofuzz
without--disable-tests
, how I can get information from them).