/src/botan/src/fuzzer/pow_mod.cpp

Source (jump to first uncovered line)
/*
* (C) 2016,2018 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "fuzzers.h"
#include <botan/numthry.h>
#include <botan/reducer.h>

namespace {

Botan::BigInt simple_power_mod(Botan::BigInt x,
                               Botan::BigInt n,
                               const Botan::BigInt& p)
   {
   if(n == 0)
      {
      if(p == 1)
         return 0;
      return 1;
      }

   Botan::Modular_Reducer mod_p(p);
   Botan::BigInt y = 1;

   while(n > 1)
      {
      if(n.is_odd())
         {
         y = mod_p.multiply(x, y);
         }
      x = mod_p.square(x);
      n >>= 1;
      }
   return mod_p.multiply(x, y);
   }

}

void fuzz(const uint8_t in[], size_t len)
   {
   static const size_t max_bits = 2048;

   if(len % 3 != 0)
      return;

   const size_t part_size = len / 3;

   if(part_size * 8 > max_bits)
      return;

   const Botan::BigInt g = Botan::BigInt::decode(in, part_size);
   const Botan::BigInt x = Botan::BigInt::decode(in + part_size, part_size);
   const Botan::BigInt p = Botan::BigInt::decode(in + 2*part_size, part_size);

   try
      {
      const Botan::BigInt ref = simple_power_mod(g, x, p);
      const Botan::BigInt z = Botan::power_mod(g, x, p);

      if(ref != z)
         {
         FUZZER_WRITE_AND_CRASH("G = " << g << "\n"
                                << "X = " << x << "\n"
                                << "P = " << p << "\n"
                                << "Z = " << z << "\n"
                                << "R = " << ref << "\n");
         }
      }
   catch(Botan::Exception& e) {}
   }

Line	Count	Source (jump to first uncovered line)
1		/*
2		* (C) 2016,2018 Jack Lloyd
3		*
4		* Botan is released under the Simplified BSD License (see license.txt)
5		*/
6
7		#include "fuzzers.h"
8		#include <botan/numthry.h>
9		#include <botan/reducer.h>
10
11		namespace {
12
13		Botan::BigInt simple_power_mod(Botan::BigInt x,
14		Botan::BigInt n,
15		const Botan::BigInt& p)
16	1.12k	{
17	1.12k	if(n == 0)
18	16	{
19	16	if(p == 1)
20	1	return 0;
21	15	return 1;
22	16	}
23
24	1.11k	Botan::Modular_Reducer mod_p(p);
25	1.11k	Botan::BigInt y = 1;
26
27	663k	while(n > 1)
28	662k	{
29	662k	if(n.is_odd())
30	236k	{
31	236k	y = mod_p.multiply(x, y);
32	236k	}
33	662k	x = mod_p.square(x);
34	662k	n >>= 1;
35	662k	}
36	1.11k	return mod_p.multiply(x, y);
37	1.12k	}
38
39		}
40
41		void fuzz(const uint8_t in[], size_t len)
42	1.15k	{
43	1.15k	static const size_t max_bits = 2048;
44
45	1.15k	if(len % 3 != 0)
46	12	return;
47
48	1.13k	const size_t part_size = len / 3;
49
50	1.13k	if(part_size * 8 > max_bits)
51	10	return;
52
53	1.12k	const Botan::BigInt g = Botan::BigInt::decode(in, part_size);
54	1.12k	const Botan::BigInt x = Botan::BigInt::decode(in + part_size, part_size);
55	1.12k	const Botan::BigInt p = Botan::BigInt::decode(in + 2*part_size, part_size);
56
57	1.12k	try
58	1.12k	{
59	1.12k	const Botan::BigInt ref = simple_power_mod(g, x, p);
60	1.12k	const Botan::BigInt z = Botan::power_mod(g, x, p);
61
62	1.12k	if(ref != z)
63	0	{
64	0	FUZZER_WRITE_AND_CRASH("G = " << g << "\n"
65	0	<< "X = " << x << "\n"
66	0	<< "P = " << p << "\n"
67	0	<< "Z = " << z << "\n"
68	0	<< "R = " << ref << "\n");
69	0	}
70	1.12k	}
71	1.12k	catch(Botan::Exception& e) {}
72	1.12k	}

Coverage Report

Created: 2021-10-13 08:49