/src/cryptofuzz/modules/botan/bn_ops.cpp
Line | Count | Source |
1 | | #include <cryptofuzz/util.h> |
2 | | #include <cryptofuzz/repository.h> |
3 | | #include <fuzzing/datasource/id.hpp> |
4 | | #include <botan/numthry.h> |
5 | | #include <botan/reducer.h> |
6 | | #include <botan/internal/divide.h> |
7 | | #include <botan/internal/barrett.h> |
8 | | #include <botan/internal/primality.h> |
9 | | #include <botan/system_rng.h> |
10 | | |
11 | | #include "bn_ops.h" |
12 | | |
13 | | namespace cryptofuzz { |
14 | | namespace module { |
15 | | namespace Botan_bignum { |
16 | | |
17 | | namespace detail { |
18 | 473 | std::optional<size_t> To_size_t(const Bignum& bn) { |
19 | | /* TODO use #if */ |
20 | | |
21 | 473 | if ( sizeof(size_t) == 4 ) { |
22 | 0 | try { |
23 | 0 | return bn.ConstRef().to_u32bit(); |
24 | 0 | } catch ( ::Botan::Encoding_Error ) { |
25 | 0 | return std::nullopt; |
26 | 0 | } |
27 | 473 | } else if ( sizeof(size_t) == 8 ) { |
28 | 473 | if( bn.ConstRef().is_negative() ) { |
29 | 18 | return std::nullopt; |
30 | 18 | } |
31 | | |
32 | 455 | if( bn.ConstRef().bits() > 64 ) { |
33 | 36 | return std::nullopt; |
34 | 36 | } |
35 | | |
36 | 419 | uint64_t out = 0; |
37 | | |
38 | 3.77k | for (size_t i = 0; i != 8; ++i) { |
39 | 3.35k | out = (out << 8) | bn.ConstRef().byte_at(7-i); |
40 | 3.35k | } |
41 | | |
42 | 419 | return out; |
43 | 455 | } else { |
44 | 0 | CF_UNREACHABLE(); |
45 | 0 | } |
46 | 473 | } |
47 | | } |
48 | | |
49 | | #if !defined(CRYPTOFUZZ_BOTAN_IS_ORACLE) |
50 | | #define GET_UINT8_FOR_SWITCH() ds.Get<uint8_t>() |
51 | | #else |
52 | 340 | #define GET_UINT8_FOR_SWITCH() 0 |
53 | | #endif /* CRYPTOFUZZ_BOTAN_IS_ORACLE */ |
54 | | |
55 | 791 | #define APPLY_MODULO if (modulo != std::nullopt) res = (res.ConstRef() % modulo->ConstRef()) |
56 | | |
57 | 203 | bool Add::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
58 | 203 | (void)ds; |
59 | | |
60 | 203 | res = bn[0].Ref() + bn[1].Ref(); |
61 | | |
62 | 203 | APPLY_MODULO; |
63 | | |
64 | 203 | return true; |
65 | 203 | } |
66 | | |
67 | 55 | bool Sub::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
68 | 55 | (void)ds; |
69 | | |
70 | 55 | res = bn[0].Ref() - bn[1].Ref(); |
71 | | |
72 | 55 | APPLY_MODULO; |
73 | | |
74 | 55 | return true; |
75 | 55 | } |
76 | | |
77 | 244 | bool Mul::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
78 | 244 | (void)ds; |
79 | | |
80 | 244 | res = bn[0].Ref() * bn[1].Ref(); |
81 | | |
82 | 244 | APPLY_MODULO; |
83 | | |
84 | 244 | return true; |
85 | 244 | } |
86 | | |
87 | 24 | bool Div::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
88 | 24 | (void)modulo; |
89 | 24 | (void)ds; |
90 | | |
91 | | /* Botan handles negative division different than |
92 | | * other libraries. |
93 | | */ |
94 | 24 | CF_CHECK_TRUE(bn[0].Ref() > 0); |
95 | 11 | CF_CHECK_TRUE(bn[1].Ref() > 0); |
96 | | |
97 | 8 | try { |
98 | 8 | switch ( GET_UINT8_FOR_SWITCH() ) { |
99 | 8 | case 0: |
100 | | /* / operator */ |
101 | 8 | res = bn[0].Ref() / bn[1].Ref(); |
102 | 8 | return true; |
103 | 0 | case 1: |
104 | 0 | { |
105 | 0 | CF_CHECK_TRUE(bn[1].Ref() != 0); |
106 | 0 | Bignum dummy; |
107 | 0 | /* noret */ ::Botan::vartime_divide(bn[0].Ref(), bn[1].Ref(), res.Ref(), dummy.Ref()); |
108 | 0 | } |
109 | 0 | return true; |
110 | 0 | case 2: |
111 | 0 | { |
112 | 0 | CF_CHECK_GT(bn[1].Ref(), 0); |
113 | 0 | CF_CHECK_TRUE(bn[1].Ref() < 256); |
114 | 0 | ::Botan::word dummy; |
115 | 0 | CF_NORET(::Botan::ct_divide_word(bn[0].Ref(), bn[1].Ref().word_at(0), res.Ref(), dummy)); |
116 | 0 | } |
117 | 0 | return true; |
118 | 0 | case 3: |
119 | 0 | CF_CHECK_TRUE(bn[1].Ref() != 0); |
120 | 0 | res = ::Botan::ct_divide(bn[0].Ref(), bn[1].Ref()); |
121 | 0 | return true; |
122 | 0 | case 4: |
123 | | /* /= operator */ |
124 | 0 | res = bn[0].Ref(); |
125 | 0 | res.Ref() /= bn[1].Ref(); |
126 | 0 | return true; |
127 | 8 | } |
128 | 8 | } catch ( fuzzing::datasource::Datasource::OutOfData ) { |
129 | 0 | return false; |
130 | 0 | } catch ( ::Botan::Invalid_Argument& e ) { |
131 | | /* Botan is expected to throw an exception when divisor is 0 */ |
132 | 0 | if ( bn[1].Ref() == 0 ) { |
133 | 0 | return false; |
134 | 0 | } |
135 | | |
136 | | /* Rethrow */ |
137 | 0 | throw e; |
138 | 0 | } |
139 | | |
140 | 16 | end: |
141 | 16 | return false; |
142 | 8 | } |
143 | | |
144 | 215 | bool Mod::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
145 | 215 | (void)modulo; |
146 | 215 | (void)ds; |
147 | | |
148 | 215 | try { |
149 | 215 | switch ( GET_UINT8_FOR_SWITCH() ) { |
150 | 215 | case 0: |
151 | 215 | { |
152 | 215 | try { |
153 | 215 | const Botan::Modular_Reducer reducer(bn[1].Ref()); |
154 | 215 | res = reducer.reduce(bn[0].Ref()); |
155 | 215 | } catch ( ::Botan::Invalid_State& e ) { |
156 | | /* Modular reducer is expected to throw an exception when modulo is 0 */ |
157 | 0 | if ( bn[1].Ref() == 0 ) { |
158 | 0 | return false; |
159 | 0 | } |
160 | | |
161 | | /* Rethrow */ |
162 | 0 | throw e; |
163 | 0 | } |
164 | 215 | } |
165 | 207 | return true; |
166 | 0 | case 1: |
167 | 0 | res = ct_modulo(bn[0].Ref(), bn[1].Ref()); |
168 | 0 | return true; |
169 | 0 | case 2: |
170 | | /* % operator */ |
171 | 0 | res = bn[0].Ref() % bn[1].Ref(); |
172 | 0 | return true; |
173 | 0 | case 3: |
174 | | /* %= operator */ |
175 | 0 | { |
176 | 0 | res = bn[0].Ref(); |
177 | |
|
178 | 0 | const ::Botan::word modulo = bn[1].Ref().word_at(0); |
179 | | |
180 | | /* Ensure no truncation occurred */ |
181 | 0 | if ( modulo != bn[1].Ref() ) { |
182 | 0 | return false; |
183 | 0 | } |
184 | | |
185 | 0 | res = bn[0].Ref() %= modulo; |
186 | 0 | } |
187 | 0 | return true; |
188 | 215 | } |
189 | 215 | } catch ( fuzzing::datasource::Datasource::OutOfData ) { |
190 | 0 | return false; |
191 | 8 | } catch ( ::Botan::Invalid_Argument& e ) { |
192 | | /* Botan is expected to throw an exception when modulo is <= 0 */ |
193 | 8 | if ( bn[1].Ref() <= 0 ) { |
194 | 8 | return false; |
195 | 8 | } |
196 | | |
197 | | /* Rethrow */ |
198 | 0 | throw e; |
199 | 8 | } |
200 | | |
201 | 0 | return false; |
202 | 215 | } |
203 | | |
204 | 139 | bool Exp::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
205 | 139 | (void)ds; |
206 | | |
207 | 139 | if ( modulo == std::nullopt ) { |
208 | 139 | return false; |
209 | 139 | } |
210 | | |
211 | 0 | res = ::Botan::power_mod(bn[0].Ref(), bn[1].Ref(), modulo->ConstRef()); |
212 | |
|
213 | 0 | return true; |
214 | 139 | } |
215 | | |
216 | 1.41k | bool ExpMod::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
217 | 1.41k | (void)modulo; |
218 | 1.41k | (void)ds; |
219 | | |
220 | | /* Exponent and modulus must be positive, according to the documentation */ |
221 | 1.41k | if ( bn[1].Ref() < 0 || bn[2].Ref() <= 0 ) { |
222 | 250 | return false; |
223 | 250 | } |
224 | | |
225 | 1.16k | res = ::Botan::power_mod(bn[0].Ref(), bn[1].Ref(), bn[2].Ref()); |
226 | | |
227 | 1.16k | return true; |
228 | 1.41k | } |
229 | | |
230 | 105 | bool Sqr::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
231 | 105 | (void)ds; |
232 | | |
233 | 105 | res = ::Botan::square(bn[0].Ref()); |
234 | | |
235 | 105 | APPLY_MODULO; |
236 | | |
237 | 105 | return true; |
238 | 105 | } |
239 | | |
240 | 149 | bool GCD::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
241 | 149 | (void)modulo; |
242 | 149 | (void)ds; |
243 | | |
244 | 149 | res = ::Botan::gcd(bn[0].Ref(), bn[1].Ref()); |
245 | | |
246 | 149 | return true; |
247 | 149 | } |
248 | | |
249 | 31 | bool SqrMod::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
250 | 31 | (void)modulo; |
251 | 31 | (void)ds; |
252 | | |
253 | 31 | if ( bn[1].Ref().is_negative() ) { |
254 | 1 | return false; |
255 | 30 | } else { |
256 | 30 | try { |
257 | 30 | switch ( GET_UINT8_FOR_SWITCH() ) { |
258 | 30 | case 0: |
259 | 30 | { |
260 | 30 | try { |
261 | 30 | ::Botan::Modular_Reducer mod(bn[1].Ref()); |
262 | 30 | res = mod.square(bn[0].Ref()); |
263 | 30 | } catch ( ::Botan::Invalid_State& e ) { |
264 | | /* Modular reducer is expected to throw an exception when modulo is 0 */ |
265 | 0 | if ( bn[1].Ref() == 0 ) { |
266 | 0 | return false; |
267 | 0 | } |
268 | | |
269 | | /* Rethrow */ |
270 | 0 | throw e; |
271 | 0 | } |
272 | 30 | } |
273 | 19 | break; |
274 | 0 | case 1: |
275 | 0 | res = ::Botan::square(bn[0].Ref()) % bn[1].Ref(); |
276 | 0 | break; |
277 | 0 | default: |
278 | 0 | return false; |
279 | 30 | } |
280 | 30 | } catch ( fuzzing::datasource::Datasource::OutOfData ) { |
281 | 0 | return false; |
282 | 11 | } catch ( ::Botan::Invalid_Argument& e ) { |
283 | | /* Botan is expected to throw an exception when modulo is 0 */ |
284 | 11 | if ( bn[1].Ref() == 0 ) { |
285 | 11 | return false; |
286 | 11 | } |
287 | | |
288 | | /* Rethrow */ |
289 | 0 | throw e; |
290 | 11 | } |
291 | 30 | } |
292 | | |
293 | 19 | return true; |
294 | 31 | } |
295 | | |
296 | 437 | bool InvMod::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
297 | 437 | (void)modulo; |
298 | 437 | (void)ds; |
299 | | |
300 | 437 | const auto mod = modulo == std::nullopt ? bn[1].ConstRef() : modulo->ConstRef(); |
301 | | |
302 | 437 | try { |
303 | 437 | res = ::Botan::inverse_mod(bn[0].Ref(), mod); |
304 | 437 | } catch ( ::Botan::Invalid_Argument& e ) { |
305 | | /* inverse_mod() is expected to throw an exception when modulo is 0 */ |
306 | 127 | if ( mod == 0 ) { |
307 | 18 | return false; |
308 | 18 | } |
309 | | |
310 | | /* inverse_mod() is expected to throw an exception when either argument is negative */ |
311 | 109 | if ( bn[0].Ref() < 0 || mod < 0 ) { |
312 | 109 | return false; |
313 | 109 | } |
314 | | |
315 | | /* Rethrow */ |
316 | 0 | throw e; |
317 | 109 | } |
318 | | |
319 | 310 | return true; |
320 | 437 | } |
321 | | |
322 | 26 | bool Cmp::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
323 | 26 | (void)modulo; |
324 | 26 | (void)ds; |
325 | | |
326 | 26 | if ( bn[0].Ref() < bn[1].Ref() ) { |
327 | 14 | res = Bignum("-1"); |
328 | 14 | } else if ( bn[0].Ref() > bn[1].Ref() ) { |
329 | 4 | res = 1; |
330 | 8 | } else { |
331 | 8 | res = 0; |
332 | 8 | } |
333 | | |
334 | 26 | return true; |
335 | 26 | } |
336 | | |
337 | 391 | bool LCM::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
338 | 391 | (void)modulo; |
339 | 391 | (void)ds; |
340 | | |
341 | 391 | try { |
342 | 391 | res = ::Botan::lcm(bn[0].Ref(), bn[1].Ref()); |
343 | 391 | } catch ( ::Botan::Invalid_Argument& e ) { |
344 | | /* lcm() is expected to throw in these cases */ |
345 | 0 | if ( bn[0].Ref() == 0 || bn[1].Ref() == 0 ) { |
346 | 0 | return false; |
347 | 0 | } |
348 | | |
349 | | /* Rethrow */ |
350 | 0 | throw e; |
351 | 0 | } |
352 | | |
353 | | |
354 | 391 | return true; |
355 | 391 | } |
356 | | |
357 | 45 | bool Abs::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
358 | 45 | (void)modulo; |
359 | 45 | (void)ds; |
360 | | |
361 | 45 | res = ::Botan::abs(bn[0].Ref()); |
362 | | |
363 | 45 | return true; |
364 | 45 | } |
365 | | |
366 | 115 | bool Jacobi::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
367 | 115 | (void)modulo; |
368 | 115 | (void)ds; |
369 | | |
370 | | |
371 | 115 | int resInt; |
372 | | |
373 | 115 | try { |
374 | 115 | resInt = ::Botan::jacobi(bn[0].Ref(), bn[1].Ref()); |
375 | 115 | } catch ( ::Botan::Invalid_Argument& e ) { |
376 | | /* jacobi() is expected to throw in these cases */ |
377 | 4 | if ( (bn[1].Ref() % 2) == 0 || bn[1].Ref() <= 1 ) { |
378 | 4 | return false; |
379 | 4 | } |
380 | | |
381 | | /* Rethrow */ |
382 | 0 | throw e; |
383 | 4 | } |
384 | | |
385 | 111 | if ( resInt == -1 ) { |
386 | 53 | res = Bignum("-1"); |
387 | 58 | } else { |
388 | 58 | res = resInt; |
389 | 58 | } |
390 | | |
391 | 111 | return true; |
392 | 115 | } |
393 | | |
394 | 22 | bool Neg::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
395 | 22 | (void)modulo; |
396 | 22 | (void)ds; |
397 | | |
398 | 22 | res = -bn[0].Ref(); |
399 | | |
400 | 22 | return true; |
401 | 22 | } |
402 | | |
403 | 220 | bool IsPrime::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
404 | 220 | (void)modulo; |
405 | 220 | (void)ds; |
406 | | |
407 | 220 | if ( bn[0].Ref().is_negative() ) { |
408 | 2 | return false; |
409 | 2 | } |
410 | | |
411 | | /* Avoid time-outs */ |
412 | 218 | if ( bn[0].Ref().bytes() > 300 ) { |
413 | 1 | return false; |
414 | 1 | } |
415 | | |
416 | 217 | auto mod_n = Botan::Barrett_Reduction::for_public_modulus(bn[0].Ref()); |
417 | 217 | if ( Botan::is_bailie_psw_probable_prime(bn[0].Ref(), mod_n) ) { |
418 | 60 | res = 1; |
419 | 157 | } else { |
420 | 157 | res = 0; |
421 | 157 | } |
422 | | |
423 | 217 | return true; |
424 | 218 | } |
425 | | |
426 | 157 | bool RShift::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
427 | 157 | (void)ds; |
428 | | |
429 | 157 | const auto count = detail::To_size_t(bn[1].Ref()); |
430 | | |
431 | 157 | if ( count == std::nullopt ) { |
432 | 23 | return false; |
433 | 23 | } |
434 | | |
435 | 134 | Bignum toShift = bn[0]; |
436 | 134 | if ( modulo && bn[0].Ref() % 2 ) { |
437 | 0 | toShift = toShift.Ref() + modulo->ConstRef(); |
438 | 0 | } |
439 | | |
440 | 134 | res = toShift.Ref() >> *count; |
441 | | |
442 | 134 | APPLY_MODULO; |
443 | | |
444 | 134 | return true; |
445 | 157 | } |
446 | | |
447 | 15 | bool LShift1::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
448 | 15 | (void)ds; |
449 | | |
450 | 15 | res = bn[0].Ref() << 1; |
451 | | |
452 | 15 | APPLY_MODULO; |
453 | | |
454 | 15 | return true; |
455 | 15 | } |
456 | | |
457 | 8 | bool IsNeg::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
458 | 8 | (void)modulo; |
459 | 8 | (void)ds; |
460 | | |
461 | 8 | res = bn[0].Ref() < 0 ? 1 : 0; |
462 | | |
463 | 8 | return true; |
464 | 8 | } |
465 | | |
466 | 246 | bool IsEq::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
467 | 246 | (void)ds; |
468 | | |
469 | 246 | auto A = modulo == std::nullopt ? bn[0] : bn[0].Ref() % modulo->ConstRef(); |
470 | 246 | auto B = modulo == std::nullopt ? bn[1] : bn[1].Ref() % modulo->ConstRef(); |
471 | | |
472 | 246 | res = A.Ref() == B.Ref() ? 1 : 0; |
473 | | |
474 | 246 | return true; |
475 | 246 | } |
476 | | |
477 | 41 | bool IsGt::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
478 | 41 | (void)modulo; |
479 | 41 | (void)ds; |
480 | | |
481 | 41 | res = bn[0].Ref() > bn[1].Ref() ? 1 : 0; |
482 | | |
483 | 41 | return true; |
484 | 41 | } |
485 | | |
486 | 115 | bool IsGte::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
487 | 115 | (void)modulo; |
488 | 115 | (void)ds; |
489 | | |
490 | 115 | res = bn[0].Ref() >= bn[1].Ref() ? 1 : 0; |
491 | | |
492 | 115 | return true; |
493 | 115 | } |
494 | | |
495 | 48 | bool IsLt::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
496 | 48 | (void)modulo; |
497 | 48 | (void)ds; |
498 | | |
499 | 48 | res = bn[0].Ref() < bn[1].Ref() ? 1 : 0; |
500 | | |
501 | 48 | return true; |
502 | 48 | } |
503 | | |
504 | 117 | bool IsLte::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
505 | 117 | (void)modulo; |
506 | 117 | (void)ds; |
507 | | |
508 | 117 | res = bn[0].Ref() <= bn[1].Ref() ? 1 : 0; |
509 | | |
510 | 117 | return true; |
511 | 117 | } |
512 | | |
513 | 14 | bool IsEven::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
514 | 14 | (void)modulo; |
515 | 14 | (void)ds; |
516 | | |
517 | 14 | res = !(bn[0].Ref() % 2) ? 1 : 0; |
518 | | |
519 | 14 | return true; |
520 | 14 | } |
521 | | |
522 | 17 | bool IsOdd::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
523 | 17 | (void)modulo; |
524 | 17 | (void)ds; |
525 | | |
526 | 17 | res = (bn[0].Ref() % 2) ? 1 : 0; |
527 | | |
528 | 17 | return true; |
529 | 17 | } |
530 | | |
531 | 13 | bool IsZero::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
532 | 13 | (void)ds; |
533 | | |
534 | 13 | auto A = modulo == std::nullopt ? bn[0] : bn[0].Ref() % modulo->ConstRef(); |
535 | | |
536 | 13 | res = A.Ref() == 0 ? 1 : 0; |
537 | | |
538 | 13 | return true; |
539 | 13 | } |
540 | | |
541 | 4 | bool IsNotZero::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
542 | 4 | (void)modulo; |
543 | 4 | (void)ds; |
544 | | |
545 | 4 | res = bn[0].Ref() == 0 ? 0 : 1; |
546 | | |
547 | 4 | return true; |
548 | 4 | } |
549 | | |
550 | 22 | bool IsOne::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
551 | 22 | (void)ds; |
552 | | |
553 | 22 | auto A = modulo == std::nullopt ? bn[0] : bn[0].Ref() % modulo->ConstRef(); |
554 | | |
555 | 22 | res = A.Ref() == 1 ? 1 : 0; |
556 | | |
557 | 22 | return true; |
558 | 22 | } |
559 | | |
560 | 8 | bool MulMod::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
561 | 8 | (void)modulo; |
562 | 8 | (void)ds; |
563 | | |
564 | 8 | try { |
565 | 8 | switch ( GET_UINT8_FOR_SWITCH() ) { |
566 | 8 | case 0: |
567 | 8 | { |
568 | 8 | try { |
569 | 8 | ::Botan::Modular_Reducer mod(bn[2].Ref()); |
570 | 8 | res = mod.multiply(bn[0].Ref(), bn[1].Ref()); |
571 | 8 | } catch ( ::Botan::Invalid_State& e ) { |
572 | | /* Modular reducer is expected to throw an exception when modulo is 0 */ |
573 | 0 | if ( bn[2].Ref() == 0 ) { |
574 | 0 | return false; |
575 | 0 | } |
576 | | |
577 | | /* Rethrow */ |
578 | 0 | throw e; |
579 | 0 | } |
580 | 8 | } |
581 | 3 | break; |
582 | 0 | case 1: |
583 | 0 | res = (bn[0].Ref() * bn[1].Ref()) % bn[2].Ref(); |
584 | 0 | break; |
585 | 0 | default: |
586 | 0 | return false; |
587 | 8 | } |
588 | 8 | } catch ( fuzzing::datasource::Datasource::OutOfData ) { |
589 | 0 | return false; |
590 | 5 | } catch ( ::Botan::Invalid_Argument& e ) { |
591 | | /* Botan is expected to throw an exception when modulo is <= 0 */ |
592 | 5 | if ( bn[2].Ref() <= 0 ) { |
593 | 5 | return false; |
594 | 5 | } |
595 | | |
596 | | /* Rethrow */ |
597 | 0 | throw e; |
598 | 5 | } |
599 | | |
600 | 3 | return true; |
601 | 8 | } |
602 | | |
603 | 138 | bool Bit::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
604 | 138 | (void)modulo; |
605 | 138 | (void)ds; |
606 | | |
607 | 138 | const auto pos = detail::To_size_t(bn[1].Ref()); |
608 | | |
609 | 138 | if ( pos == std::nullopt ) { |
610 | 14 | return false; |
611 | 14 | } |
612 | | |
613 | 124 | res = bn[0].Ref().get_bit(*pos) ? 1 : 0; |
614 | | |
615 | 124 | return true; |
616 | 138 | } |
617 | | |
618 | 10 | bool CmpAbs::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
619 | 10 | (void)modulo; |
620 | 10 | std::vector<Bignum> bnAbs = {bn[0].Ref().abs(), bn[1].Ref().abs()}; |
621 | 10 | auto cmp = std::make_unique<Cmp>(); |
622 | | |
623 | 10 | return cmp->Run(ds, res, bnAbs, modulo); |
624 | 10 | } |
625 | | |
626 | 91 | bool SetBit::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
627 | 91 | (void)modulo; |
628 | 91 | (void)ds; |
629 | | |
630 | 91 | res = bn[0].Ref(); |
631 | | |
632 | 91 | const auto pos = detail::To_size_t(bn[1].Ref()); |
633 | | |
634 | 91 | if ( pos == std::nullopt ) { |
635 | 5 | return false; |
636 | 5 | } |
637 | | |
638 | 86 | res.Ref().set_bit(*pos); |
639 | | |
640 | 86 | return true; |
641 | 91 | } |
642 | | |
643 | 87 | bool ClearBit::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
644 | 87 | (void)modulo; |
645 | 87 | (void)ds; |
646 | | |
647 | 87 | res = bn[0].Ref(); |
648 | | |
649 | 87 | const auto pos = detail::To_size_t(bn[1].Ref()); |
650 | | |
651 | 87 | if ( pos == std::nullopt ) { |
652 | 12 | return false; |
653 | 12 | } |
654 | | |
655 | 75 | res.Ref().clear_bit(*pos); |
656 | | |
657 | 75 | return true; |
658 | 87 | } |
659 | | |
660 | 32 | bool MulAdd::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
661 | 32 | (void)modulo; |
662 | 32 | (void)ds; |
663 | | |
664 | 32 | res = (bn[0].Ref()*bn[1].Ref()) + bn[2].Ref(); |
665 | | |
666 | 32 | return true; |
667 | 32 | } |
668 | | |
669 | 51 | bool MulDiv::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
670 | 51 | (void)modulo; |
671 | 51 | (void)ds; |
672 | | |
673 | 51 | if ( bn[2].Ref() == 0 ) { |
674 | 2 | return false; |
675 | 2 | } |
676 | | |
677 | 49 | res = (bn[0].Ref()*bn[1].Ref()+1) / bn[2].Ref(); |
678 | | |
679 | 49 | return true; |
680 | 51 | } |
681 | | |
682 | 159 | bool MulDivCeil::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
683 | 159 | (void)modulo; |
684 | 159 | (void)ds; |
685 | | |
686 | 159 | if ( bn[2].Ref() <= 0 ) { |
687 | 1 | return false; |
688 | 1 | } |
689 | | |
690 | 158 | const auto mulRes = bn[0].Ref() * bn[1].Ref(); |
691 | 158 | const auto modRes = mulRes % bn[2].Ref(); |
692 | 158 | res = mulRes / bn[2].Ref() + (modRes != 0 ? 1 : 0); |
693 | | |
694 | 158 | return true; |
695 | 159 | } |
696 | | |
697 | 10 | bool Exp2::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
698 | 10 | (void)modulo; |
699 | 10 | (void)ds; |
700 | | |
701 | 10 | if ( bn[0].Ref() < 1 ) { |
702 | 2 | return false; |
703 | 2 | } |
704 | | |
705 | 8 | const size_t exponent = bn[0].Ref().word_at(0) - 1; |
706 | | |
707 | 8 | res = Bignum(2).Ref() << exponent; |
708 | | |
709 | 8 | return true; |
710 | 10 | } |
711 | | |
712 | 118 | bool NumLSZeroBits::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
713 | 118 | (void)modulo; |
714 | 118 | (void)ds; |
715 | | |
716 | 118 | res = ::Botan::low_zero_bits(bn[0].Ref()); |
717 | | |
718 | 118 | return true; |
719 | 118 | } |
720 | | |
721 | 533 | bool Sqrt::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
722 | 533 | (void)ds; |
723 | | |
724 | 533 | try { |
725 | 533 | const auto res2 = ::Botan::is_perfect_square(bn[0].Ref()); |
726 | 533 | if ( res2 == 0 ) { |
727 | 511 | return false; |
728 | 511 | } |
729 | | |
730 | 22 | res = res2; |
731 | 22 | } catch ( ::Botan::Invalid_Argument& e ) { |
732 | | /* is_perfect_square() is expected to throw in this case */ |
733 | 9 | if ( bn[0].Ref() < 1 ) { |
734 | 9 | return false; |
735 | 9 | } |
736 | | |
737 | | /* Rethrow */ |
738 | 0 | throw e; |
739 | 9 | } |
740 | | |
741 | 13 | APPLY_MODULO; |
742 | | |
743 | 13 | return true; |
744 | 533 | } |
745 | | |
746 | 36 | bool AddMod::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
747 | 36 | (void)modulo; |
748 | 36 | (void)ds; |
749 | | |
750 | 36 | try { |
751 | 36 | switch ( GET_UINT8_FOR_SWITCH() ) { |
752 | 36 | case 0: |
753 | 36 | res = (bn[0].Ref() + bn[1].Ref()) % bn[2].Ref(); |
754 | 36 | break; |
755 | 0 | case 1: |
756 | 0 | { |
757 | 0 | if ( bn[0].Ref() >= bn[2].Ref() ) { |
758 | 0 | return false; |
759 | 0 | } |
760 | 0 | if ( bn[1].Ref() >= bn[2].Ref() ) { |
761 | 0 | return false; |
762 | 0 | } |
763 | | |
764 | 0 | ::Botan::secure_vector<::Botan::word> ws; |
765 | 0 | try { |
766 | 0 | res = bn[0].Ref().mod_add(bn[1].Ref(), bn[2].Ref(), ws); |
767 | 0 | } catch ( ::Botan::Invalid_Argument& e ) { |
768 | | /* mod_add is expected to throw an exception when any argument is negative */ |
769 | 0 | if ( bn[0].Ref() < 0 || bn[1].Ref() < 0 || bn[2].Ref() < 0) { |
770 | 0 | return false; |
771 | 0 | } |
772 | | |
773 | | /* Rethrow */ |
774 | 0 | throw e; |
775 | 0 | } |
776 | 0 | } |
777 | 0 | break; |
778 | 0 | default: |
779 | 0 | return false; |
780 | 36 | } |
781 | 36 | } catch ( fuzzing::datasource::Datasource::OutOfData ) { |
782 | 0 | return false; |
783 | 7 | } catch ( ::Botan::Invalid_Argument& e ) { |
784 | | /* Botan is expected to throw an exception when modulo is <= 0 */ |
785 | 7 | if ( bn[2].Ref() <= 0 ) { |
786 | 7 | return false; |
787 | 7 | } |
788 | | |
789 | | /* Rethrow */ |
790 | 0 | throw e; |
791 | 7 | } |
792 | | |
793 | 29 | return true; |
794 | 36 | } |
795 | | |
796 | 43 | bool SubMod::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
797 | 43 | (void)modulo; |
798 | 43 | (void)ds; |
799 | | |
800 | 43 | try { |
801 | 43 | switch ( GET_UINT8_FOR_SWITCH() ) { |
802 | 43 | case 0: |
803 | 43 | res = (bn[0].Ref() - bn[1].Ref()) % bn[2].Ref(); |
804 | 43 | break; |
805 | 0 | case 1: |
806 | 0 | { |
807 | 0 | if ( bn[0].Ref() >= bn[2].Ref() ) { |
808 | 0 | return false; |
809 | 0 | } |
810 | 0 | if ( bn[1].Ref() >= bn[2].Ref() ) { |
811 | 0 | return false; |
812 | 0 | } |
813 | | |
814 | 0 | ::Botan::secure_vector<::Botan::word> ws; |
815 | 0 | try { |
816 | 0 | res = bn[0].Ref().mod_sub(bn[1].Ref(), bn[2].Ref(), ws); |
817 | 0 | } catch ( ::Botan::Invalid_Argument& e ) { |
818 | | /* mod_sub is expected to throw an exception when any argument is negative */ |
819 | 0 | if ( bn[0].Ref() < 0 || bn[1].Ref() < 0 || bn[2].Ref() < 0) { |
820 | 0 | return false; |
821 | 0 | } |
822 | | |
823 | | /* Rethrow */ |
824 | 0 | throw e; |
825 | 0 | } |
826 | 0 | } |
827 | 0 | break; |
828 | 0 | default: |
829 | 0 | return false; |
830 | 43 | } |
831 | 43 | } catch ( fuzzing::datasource::Datasource::OutOfData ) { |
832 | 0 | return false; |
833 | 11 | } catch ( ::Botan::Invalid_Argument& e ) { |
834 | | /* Botan is expected to throw an exception when modulo is <= 0 */ |
835 | 11 | if ( bn[2].Ref() <= 0 ) { |
836 | 11 | return false; |
837 | 11 | } |
838 | | |
839 | | /* Rethrow */ |
840 | 0 | throw e; |
841 | 11 | } |
842 | | |
843 | 32 | return true; |
844 | 43 | } |
845 | | |
846 | 26 | bool NumBits::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
847 | 26 | (void)ds; |
848 | | |
849 | 26 | if ( modulo ) { |
850 | 0 | res = (bn[0].Ref() % modulo->ConstRef()).bits(); |
851 | 26 | } else { |
852 | 26 | res = bn[0].Ref().bits(); |
853 | 26 | } |
854 | | |
855 | 26 | return true; |
856 | 26 | } |
857 | | |
858 | 9 | bool Set::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
859 | 9 | (void)modulo; |
860 | 9 | (void)ds; |
861 | | |
862 | 9 | res = bn[0].Ref(); |
863 | | |
864 | 9 | APPLY_MODULO; |
865 | | |
866 | 9 | return true; |
867 | 9 | } |
868 | | |
869 | 51 | bool CondSet::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
870 | 51 | (void)modulo; |
871 | 51 | (void)ds; |
872 | | |
873 | 51 | res.Ref().ct_cond_assign(bn[1].Ref() != 0, bn[0].Ref()); |
874 | | |
875 | 51 | return true; |
876 | 51 | } |
877 | | |
878 | 0 | bool Ressol::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
879 | 0 | (void)ds; |
880 | |
|
881 | 0 | try { |
882 | 0 | auto mod = modulo == std::nullopt ? bn[1] : *modulo; |
883 | |
|
884 | 0 | const auto r = ::Botan::sqrt_modulo_prime(bn[0].Ref(), mod.Ref()); |
885 | |
|
886 | 0 | if ( r < 1 ) { |
887 | 0 | if ( modulo != std::nullopt ) { |
888 | 0 | res = 0; |
889 | 0 | return true; |
890 | 0 | } else { |
891 | 0 | return false; |
892 | 0 | } |
893 | 0 | } |
894 | | |
895 | 0 | if ( modulo != std::nullopt ) { |
896 | 0 | res = ::Botan::square(r) % mod.Ref(); |
897 | 0 | } |
898 | |
|
899 | 0 | return true; |
900 | 0 | } catch ( ::Botan::Invalid_Argument& e ) { |
901 | | /* Expected to throw if called with non-prime argument */ |
902 | |
|
903 | 0 | return false; |
904 | 0 | } |
905 | 0 | } |
906 | | |
907 | 15 | bool Not::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
908 | 15 | (void)ds; |
909 | | |
910 | 15 | Bignum max; |
911 | | |
912 | 15 | if ( modulo ) { |
913 | 0 | max = *modulo; |
914 | 15 | } else { |
915 | 15 | const size_t numBits = bn[0].Ref().bits(); |
916 | | |
917 | 15 | if ( numBits == 0 ) { |
918 | 2 | return false; |
919 | 2 | } |
920 | | |
921 | 13 | max = (::Botan::BigInt(1) << numBits) - 1; |
922 | 13 | } |
923 | | |
924 | 13 | res = max.Ref() - bn[0].Ref(); |
925 | | |
926 | 13 | APPLY_MODULO; |
927 | | |
928 | 13 | return true; |
929 | 15 | } |
930 | | |
931 | 387 | bool Prime::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
932 | 387 | (void)ds; |
933 | 387 | (void)bn; |
934 | 387 | (void)modulo; |
935 | | |
936 | 387 | ::Botan::System_RNG rng; |
937 | 387 | res = Botan::random_prime(rng, (rand() % 512) + 2); |
938 | | |
939 | 387 | return true; |
940 | 387 | } |
941 | | |
942 | 45 | bool RandRange::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
943 | 45 | (void)ds; |
944 | 45 | (void)modulo; |
945 | | |
946 | 45 | try { |
947 | 45 | ::Botan::System_RNG rng; |
948 | 45 | res = ::Botan::BigInt::random_integer(rng, bn[0].Ref(), bn[1].Ref()); |
949 | 45 | } catch ( ::Botan::Invalid_Argument ) { |
950 | 7 | return false; |
951 | 7 | } |
952 | | |
953 | 38 | return true; |
954 | 45 | } |
955 | | |
956 | 37 | bool IsSquare::Run(Datasource& ds, Bignum& res, std::vector<Bignum>& bn, const std::optional<Bignum>& modulo) const { |
957 | 37 | (void)ds; |
958 | | |
959 | 37 | if ( modulo != std::nullopt ) { |
960 | 0 | return false; |
961 | 0 | } |
962 | | |
963 | 37 | try { |
964 | 37 | res = ::Botan::is_perfect_square(bn[0].Ref()) == 0 ? 0 : 1; |
965 | 37 | } catch ( ::Botan::Invalid_Argument& e ) { |
966 | | /* is_perfect_square() is expected to throw in this case */ |
967 | 1 | if ( bn[0].Ref() < 1 ) { |
968 | 1 | return false; |
969 | 1 | } |
970 | | |
971 | | /* Rethrow */ |
972 | 0 | throw e; |
973 | 1 | } |
974 | | |
975 | 36 | return true; |
976 | 37 | } |
977 | | |
978 | | } /* namespace Botan_bignum */ |
979 | | } /* namespace module */ |
980 | | } /* namespace cryptofuzz */ |