/src/botan/src/fuzzer/pow_mod.cpp

Source (jump to first uncovered line)
/*
* (C) 2016,2018 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "fuzzers.h"
#include <botan/numthry.h>
#include <botan/reducer.h>

namespace {

Botan::BigInt simple_power_mod(Botan::BigInt x,
                               Botan::BigInt n,
                               const Botan::BigInt& p)
   {
   if(n == 0)
      {
      if(p == 1)
         return 0;
      return 1;
      }

   Botan::Modular_Reducer mod_p(p);
   Botan::BigInt y = 1;

   while(n > 1)
      {
      if(n.is_odd())
         {
         y = mod_p.multiply(x, y);
         }
      x = mod_p.square(x);
      n >>= 1;
      }
   return mod_p.multiply(x, y);
   }

}

void fuzz(const uint8_t in[], size_t len)
   {
   static const size_t max_bits = 2048;

   if(len % 3 != 0)
      return;

   const size_t part_size = len / 3;

   if(part_size * 8 > max_bits)
      return;

   const Botan::BigInt g = Botan::BigInt::decode(in, part_size);
   const Botan::BigInt x = Botan::BigInt::decode(in + part_size, part_size);
   const Botan::BigInt p = Botan::BigInt::decode(in + 2*part_size, part_size);

   try
      {
      const Botan::BigInt ref = simple_power_mod(g, x, p);
      const Botan::BigInt z = Botan::power_mod(g, x, p);

      if(ref != z)
         {
         FUZZER_WRITE_AND_CRASH("G = " << g << "\n"
                                << "X = " << x << "\n"
                                << "P = " << p << "\n"
                                << "Z = " << z << "\n"
                                << "R = " << ref << "\n");
         }
      }
   catch(Botan::Exception& e) {}
   }

Line	Count	Source (jump to first uncovered line)
1		/*
2		* (C) 2016,2018 Jack Lloyd
3		*
4		* Botan is released under the Simplified BSD License (see license.txt)
5		*/
6
7		#include "fuzzers.h"
8		#include <botan/numthry.h>
9		#include <botan/reducer.h>
10
11		namespace {
12
13		Botan::BigInt simple_power_mod(Botan::BigInt x,
14		Botan::BigInt n,
15		const Botan::BigInt& p)
16	1.09k	{
17	1.09k	if(n == 0)
18	14	{
19	14	if(p == 1)
20	1	return 0;
21	13	return 1;
22	13	}
23	1.08k
24	1.08k	Botan::Modular_Reducer mod_p(p);
25	1.08k	Botan::BigInt y = 1;
26	1.08k
27	552k	while(n > 1)
28	551k	{
29	551k	if(n.is_odd())
30	184k	{
31	184k	y = mod_p.multiply(x, y);
32	184k	}
33	551k	x = mod_p.square(x);
34	551k	n >>= 1;
35	551k	}
36	1.08k	return mod_p.multiply(x, y);
37	1.08k	}
38
39		}
40
41		void fuzz(const uint8_t in[], size_t len)
42	1.12k	{
43	1.12k	static const size_t max_bits = 2048;
44	1.12k
45	1.12k	if(len % 3 != 0)
46	13	return;
47	1.10k
48	1.10k	const size_t part_size = len / 3;
49	1.10k
50	1.10k	if(part_size * 8 > max_bits)
51	10	return;
52	1.09k
53	1.09k	const Botan::BigInt g = Botan::BigInt::decode(in, part_size);
54	1.09k	const Botan::BigInt x = Botan::BigInt::decode(in + part_size, part_size);
55	1.09k	const Botan::BigInt p = Botan::BigInt::decode(in + 2*part_size, part_size);
56	1.09k
57	1.09k	try
58	1.09k	{
59	1.09k	const Botan::BigInt ref = simple_power_mod(g, x, p);
60	1.09k	const Botan::BigInt z = Botan::power_mod(g, x, p);
61	1.09k
62	1.09k	if(ref != z)
63	0	{
64	0	FUZZER_WRITE_AND_CRASH("G = " << g << "\n"
65	0	<< "X = " << x << "\n"
66	0	<< "P = " << p << "\n"
67	0	<< "Z = " << z << "\n"
68	0	<< "R = " << ref << "\n");
69	0	}
70	1.09k	}
71	1.09k	catch(Botan::Exception& e) {}
72	1.09k	}

Coverage Report

Created: 2020-02-14 15:38