For fuzz_verify, fuzz_sign, fuzz_keypair_gen, and fuzz_serialization
You only need to run these once. They test code that is common to all library variants.
For fuzz_decapsulate and fuzz_encapsulate
You must run these twice: once with the use_aes_gcm feature on, and a second time with the use_shake feature on.
This is to ensure you test both of your KEM/DEM implementations.
🎯 Available Fuzz Targets to Run
Since you are focusing on the two main PQC algorithms in your crate, here are the most critical, separate targets you can run at the same time:
Fuzz Target (Focus), Algorithm, Purpose
1 fuzz_decapsulate, Kyber KEM
High Priority: Stress-tests the KEM decryption (decapsulation) against malformed ciphertexts.
2 fuzz_verify, Dilithium DSA
High Priority: Stress-tests the signature verification against malformed signed messages.
3 fuzz_keypair_gen, Kyber / Dilithium
Stress-tests the key generation function for stability and absence of panics during entropy generation.
4 fuzz_encapsulate, Kyber KEM
Stress-tests the KEM encryption (encapsulation) against malformed public keys.
5 fuzz_sign, Dilithium DSA
Stress-tests the signing process against malformed messages.
6 fuzz_serialization, All
Stress-tests key/ciphertext/signature serialization and deserialization against random bytes.
You can easily run 6 different fuzz targets concurrently.
1. To fuzz the AES-GCM variant (using default features):
cargo fuzz run fuzz_decapsulate
2. To fuzz the SHAKE variant (disabling defaults and enabling use_shake):
cargo fuzz run fuzz_decapsulate --no-default-features --features "pqc-combo/std,pqc-combo/use_shake"
You'd do the same for fuzz_encapsulate. This ensures you are fuzzing both cryptographic implementations.