initial commit

Signed-off-by: Kamal Tufekcic <kamal@lo.sh>

soliton/fuzz/fuzz_targets/fuzz_xwing_roundtrip.rs

@@ -0,0 +1,37 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+use soliton::primitives::xwing;
+use std::sync::LazyLock;
+
+// Fixed keypair for ciphertext mutation testing — keygen is expensive.
+static KP: LazyLock<(xwing::PublicKey, xwing::SecretKey)> =
+    LazyLock::new(|| xwing::keygen().unwrap());
+
+const CT_SIZE: usize = 1120;
+
+// Two modes selected by data[0] & 0x01:
+//   0 (even) — encapsulate + decapsulate roundtrip: proves freshly produced
+//              ciphertexts always decapsulate without error.
+//   1 (odd)  — fuzz ciphertext bytes: decapsulate must never panic on any ct.
+fuzz_target!(|data: &[u8]| {
+    if data.is_empty() {
+        return;
+    }
+    if data[0] & 0x01 != 0 {
+        // Mode A: arbitrary ciphertext → decapsulate must not panic.
+        if data.len() < 1 + CT_SIZE {
+            return;
+        }
+        let Ok(ct) = xwing::Ciphertext::from_bytes(data[1..1 + CT_SIZE].to_vec()) else { return; };
+        let _ = xwing::decapsulate(&KP.1, &ct);
+    } else {
+        // Mode B: encapsulate → decapsulate → must succeed.
+        // Exercises the full KEM path with freshly-generated randomness.
+        let Ok((ct, _ss)) = xwing::encapsulate(&KP.0) else {
+            panic!("encapsulate failed on a valid public key");
+        };
+        if xwing::decapsulate(&KP.1, &ct).is_err() {
+            panic!("decapsulate failed on a ciphertext produced by encapsulate");
+        }
+    }
+});