Certificate Fuzzer

 Download Certificate Fuzzer for Linux

Certificate Fuzzer is tool which applies the fuzz-testing approach to the validation of X.509 certificates. For this purpose, the tool reads a syntactically correct X.509 certificate in the DER-encoding as a reference and creates a set of manipulated X.509 certificates derived from the reference certificate. It is capable of applying a new valid signature to the generated certificates, making them verifiable if the manipulations still allow this. The manipulated certificates can be used in a testbed in order to check implementations of a routine that verifies X.509 certificates. On the one hand, this allows to test for memory access errors by letting the verification run under memory debugging tools such as Address Sanitizer or Valgrind On the other hand, it is also possible to determine logical errors, by verifying that certificates with invalid signatures are rejected.