gecko-dev/security/nss/fuzz/mpi_helper.cc

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/* Helper functions for MPI fuzzing targets. */

#include "mpi_helper.h"
#include <cstdlib>
#include <random>

char *to_char(const uint8_t *x) {
  return reinterpret_cast<char *>(const_cast<unsigned char *>(x));
}

void print_bn(std::string label, BIGNUM *x) {
  char *xc = BN_bn2hex(x);
  std::cout << label << ": " << std::hex << xc << std::endl;
  OPENSSL_free(xc);
}

// Check that the two numbers are equal.
void check_equal(BIGNUM *b, mp_int *m, size_t max_size) {
  char *bnBc = BN_bn2hex(b);
  char mpiMc[max_size];
  mp_tohex(m, mpiMc);
  std::string bnA(bnBc);
  std::string mpiA(mpiMc);
  OPENSSL_free(bnBc);
  // We have to strip leading zeros from bignums, ignoring the sign.
  if (bnA.at(0) != '-') {
    bnA.erase(0, std::min(bnA.find_first_not_of('0'), bnA.size() - 1));
  } else if (bnA.at(1) == '0') {
    bnA.erase(1, std::min(bnA.find_first_not_of('0', 1) - 1, bnA.size() - 1));
  }

  if (mpiA != bnA) {
    std::cout << "openssl: " << std::hex << bnA << std::endl;
    std::cout << "nss:     " << std::hex << mpiA << std::endl;
  }

  assert(mpiA == bnA);
}

// Parse data into two numbers for MPI and OpenSSL Bignum.
void parse_input(const uint8_t *data, size_t size, BIGNUM *A, BIGNUM *B,
                 mp_int *a, mp_int *b) {
  // Note that b might overlap a.
  size_t len = (size_t)size / 2;
  assert(mp_read_raw(a, to_char(data), len) == MP_OKAY);
  assert(mp_read_raw(b, to_char(data) + len, len) == MP_OKAY);
  // Force a positive sign.
  // TODO: add tests for negatives.
  MP_SIGN(a) = MP_ZPOS;
  MP_SIGN(b) = MP_ZPOS;

  // Skip the first byte as it's interpreted as sign by NSS.
  assert(BN_bin2bn(data + 1, len - 1, A) != nullptr);
  assert(BN_bin2bn(data + len + 1, len - 1, B) != nullptr);

  check_equal(A, a, 2 * size + 1);
  check_equal(B, b, 2 * size + 1);
}

// Parse data into a number for MPI and OpenSSL Bignum.
void parse_input(const uint8_t *data, size_t size, BIGNUM *A, mp_int *a) {
  assert(mp_read_raw(a, to_char(data), size) == MP_OKAY);

  // Force a positive sign.
  // TODO: add tests for negatives.
  MP_SIGN(a) = MP_ZPOS;

  // Skip the first byte as it's interpreted as sign by NSS.
  assert(BN_bin2bn(data + 1, size - 1, A) != nullptr);

  check_equal(A, a, 4 * size + 1);
}

// Take a chunk in the middle of data and use it as modulus.
std::tuple<BIGNUM *, mp_int> get_modulus(const uint8_t *data, size_t size,
                                         BN_CTX *ctx) {
  BIGNUM *r1 = BN_CTX_get(ctx);
  mp_int r2;
  assert(mp_init(&r2) == MP_OKAY);

  size_t len = static_cast<size_t>(size / 4);
  if (len != 0) {
    assert(mp_read_raw(&r2, to_char(data + len), len) == MP_OKAY);
    MP_SIGN(&r2) = MP_ZPOS;

    assert(BN_bin2bn(data + len + 1, len - 1, r1) != nullptr);
    check_equal(r1, &r2, 2 * len + 1);
  }

  // If we happen to get 0 for the modulus, take a random number.
  if (mp_cmp_z(&r2) == 0 || len == 0) {
    mp_zero(&r2);
    BN_zero(r1);
    std::mt19937 rng(data[0]);
    std::uniform_int_distribution<mp_digit> dist(1, MP_DIGIT_MAX);
    mp_digit x = dist(rng);
    mp_add_d(&r2, x, &r2);
    BN_add_word(r1, x);
  }

  return std::make_tuple(r1, r2);
}
Bug 1334127 - land NSS 01d6c0dff06f, r=me --HG-- extra : rebase_source : 37ce5889894c3a0208c91c2fa254ab6a8c9ba080 2017-02-13 16:27:06 +03:00			`/* This Source Code Form is subject to the terms of the Mozilla Public`
			`* License, v. 2.0. If a copy of the MPL was not distributed with this`
			`* file, You can obtain one at http://mozilla.org/MPL/2.0/. */`

			`/* Helper functions for MPI fuzzing targets. */`

			`#include "mpi_helper.h"`
			`#include <cstdlib>`
			`#include <random>`

			`char to_char(const uint8_t x) {`
			`return reinterpret_cast<char >(const_cast<unsigned char >(x));`
			`}`

Bug 1386955 - land NSS fff2c933097d UPGRADE_NSS_RELEASE, r=me MozReview-Commit-ID: 5eTpylXNFGc --HG-- extra : rebase_source : 7e0b45f6dc9d9d8c29687573907e90211d05b6c4 2017-08-25 10:37:32 +03:00			`void print_bn(std::string label, BIGNUM *x) {`
			`char *xc = BN_bn2hex(x);`
			`std::cout << label << ": " << std::hex << xc << std::endl;`
			`OPENSSL_free(xc);`
			`}`

Bug 1334127 - land NSS 01d6c0dff06f, r=me --HG-- extra : rebase_source : 37ce5889894c3a0208c91c2fa254ab6a8c9ba080 2017-02-13 16:27:06 +03:00			`// Check that the two numbers are equal.`
			`void check_equal(BIGNUM b, mp_int m, size_t max_size) {`
			`char *bnBc = BN_bn2hex(b);`
			`char mpiMc[max_size];`
			`mp_tohex(m, mpiMc);`
			`std::string bnA(bnBc);`
			`std::string mpiA(mpiMc);`
			`OPENSSL_free(bnBc);`
			`// We have to strip leading zeros from bignums, ignoring the sign.`
			`if (bnA.at(0) != '-') {`
			`bnA.erase(0, std::min(bnA.find_first_not_of('0'), bnA.size() - 1));`
			`} else if (bnA.at(1) == '0') {`
			`bnA.erase(1, std::min(bnA.find_first_not_of('0', 1) - 1, bnA.size() - 1));`
			`}`

			`if (mpiA != bnA) {`
			`std::cout << "openssl: " << std::hex << bnA << std::endl;`
			`std::cout << "nss: " << std::hex << mpiA << std::endl;`
			`}`

			`assert(mpiA == bnA);`
			`}`

			`// Parse data into two numbers for MPI and OpenSSL Bignum.`
			`void parse_input(const uint8_t data, size_t size, BIGNUM A, BIGNUM *B,`
			`mp_int a, mp_int b) {`
			`// Note that b might overlap a.`
			`size_t len = (size_t)size / 2;`
			`assert(mp_read_raw(a, to_char(data), len) == MP_OKAY);`
			`assert(mp_read_raw(b, to_char(data) + len, len) == MP_OKAY);`
			`// Force a positive sign.`
			`// TODO: add tests for negatives.`
			`MP_SIGN(a) = MP_ZPOS;`
			`MP_SIGN(b) = MP_ZPOS;`

			`// Skip the first byte as it's interpreted as sign by NSS.`
			`assert(BN_bin2bn(data + 1, len - 1, A) != nullptr);`
			`assert(BN_bin2bn(data + len + 1, len - 1, B) != nullptr);`

			`check_equal(A, a, 2 * size + 1);`
			`check_equal(B, b, 2 * size + 1);`
			`}`

			`// Parse data into a number for MPI and OpenSSL Bignum.`
			`void parse_input(const uint8_t data, size_t size, BIGNUM A, mp_int *a) {`
			`assert(mp_read_raw(a, to_char(data), size) == MP_OKAY);`

			`// Force a positive sign.`
			`// TODO: add tests for negatives.`
			`MP_SIGN(a) = MP_ZPOS;`

			`// Skip the first byte as it's interpreted as sign by NSS.`
			`assert(BN_bin2bn(data + 1, size - 1, A) != nullptr);`

			`check_equal(A, a, 4 * size + 1);`
			`}`

			`// Take a chunk in the middle of data and use it as modulus.`
			`std::tuple<BIGNUM , mp_int> get_modulus(const uint8_t data, size_t size,`
			`BN_CTX *ctx) {`
			`BIGNUM *r1 = BN_CTX_get(ctx);`
			`mp_int r2;`
			`assert(mp_init(&r2) == MP_OKAY);`

			`size_t len = static_cast<size_t>(size / 4);`
			`if (len != 0) {`
			`assert(mp_read_raw(&r2, to_char(data + len), len) == MP_OKAY);`
			`MP_SIGN(&r2) = MP_ZPOS;`

			`assert(BN_bin2bn(data + len + 1, len - 1, r1) != nullptr);`
			`check_equal(r1, &r2, 2 * len + 1);`
			`}`

			`// If we happen to get 0 for the modulus, take a random number.`
			`if (mp_cmp_z(&r2) == 0 \|\| len == 0) {`
			`mp_zero(&r2);`
			`BN_zero(r1);`
			`std::mt19937 rng(data[0]);`
			`std::uniform_int_distribution<mp_digit> dist(1, MP_DIGIT_MAX);`
			`mp_digit x = dist(rng);`
			`mp_add_d(&r2, x, &r2);`
			`BN_add_word(r1, x);`
			`}`

			`return std::make_tuple(r1, r2);`
			`}`