/src/botan/src/fuzzer/ressol.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * (C) 2015,2016 Jack Lloyd |
3 | | * |
4 | | * Botan is released under the Simplified BSD License (see license.txt) |
5 | | */ |
6 | | |
7 | | #include "fuzzers.h" |
8 | | |
9 | | #include <botan/numthry.h> |
10 | | #include <botan/reducer.h> |
11 | | |
12 | 893 | void fuzz(std::span<const uint8_t> in) { |
13 | | // Ressol is mostly used for ECC point decompression so best to test smaller sizes |
14 | 893 | static const size_t p_bits = 256; |
15 | 893 | static const Botan::BigInt p = random_prime(fuzzer_rng(), p_bits); |
16 | 893 | static const Botan::Modular_Reducer mod_p(p); |
17 | | |
18 | 893 | if(in.size() > p_bits / 8) { |
19 | 26 | return; |
20 | 26 | } |
21 | | |
22 | 867 | try { |
23 | 867 | const Botan::BigInt a = Botan::BigInt::from_bytes(in); |
24 | 867 | Botan::BigInt a_sqrt = Botan::sqrt_modulo_prime(a, p); |
25 | | |
26 | 867 | if(a_sqrt > 0) { |
27 | 533 | const Botan::BigInt a_redc = mod_p.reduce(a); |
28 | 533 | const Botan::BigInt z = mod_p.square(a_sqrt); |
29 | | |
30 | 533 | if(z != a_redc) { |
31 | 0 | FUZZER_WRITE_AND_CRASH("A = " << a.to_hex_string() << "\n" |
32 | 0 | << "P = " << p.to_hex_string() << "\n" |
33 | 0 | << "R = " << a_sqrt.to_hex_string() << "\n" |
34 | 0 | << "Z = " << z.to_hex_string() << "\n"); |
35 | 0 | } |
36 | 533 | } |
37 | 867 | } catch(Botan::Exception& e) {} |
38 | 867 | } |