/src/botan/src/fuzzer/ressol.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * (C) 2015,2016 Jack Lloyd |
3 | | * |
4 | | * Botan is released under the Simplified BSD License (see license.txt) |
5 | | */ |
6 | | |
7 | | #include "fuzzers.h" |
8 | | #include <botan/numthry.h> |
9 | | #include <botan/reducer.h> |
10 | | |
11 | | void fuzz(const uint8_t in[], size_t len) |
12 | 1.13k | { |
13 | | // Ressol is mostly used for ECC point decompression so best to test smaller sizes |
14 | 1.13k | static const size_t p_bits = 256; |
15 | 1.13k | static const Botan::BigInt p = random_prime(fuzzer_rng(), p_bits); |
16 | 1.13k | static const Botan::Modular_Reducer mod_p(p); |
17 | | |
18 | 1.13k | if(len > p_bits / 8) |
19 | 27 | return; |
20 | | |
21 | 1.10k | try |
22 | 1.10k | { |
23 | 1.10k | const Botan::BigInt a = Botan::BigInt::decode(in, len); |
24 | 1.10k | Botan::BigInt a_sqrt = Botan::sqrt_modulo_prime(a, p); |
25 | | |
26 | 1.10k | if(a_sqrt > 0) |
27 | 699 | { |
28 | 699 | const Botan::BigInt a_redc = mod_p.reduce(a); |
29 | 699 | const Botan::BigInt z = mod_p.square(a_sqrt); |
30 | | |
31 | 699 | if(z != a_redc) |
32 | 0 | { |
33 | 0 | FUZZER_WRITE_AND_CRASH("A = " << a << "\n" |
34 | 0 | << "P = " << p << "\n" |
35 | 0 | << "R = " << a_sqrt << "\n" |
36 | 0 | << "Z = " << z << "\n"); |
37 | 0 | } |
38 | 699 | } |
39 | 1.10k | } |
40 | 1.10k | catch(Botan::Exception& e) {} |
41 | | |
42 | 1.10k | return; |
43 | 1.10k | } |
44 | | |