Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1542077 - Added extra controls and tests to mp_set_int and mp_set…
…_ulong. r=jcj,kjacobs

Differential Revision: https://phabricator.services.mozilla.com/D40649

--HG--
extra : moz-landing-system : lando
  • Loading branch information
Marcus Burghardt committed Aug 13, 2019
1 parent b9ce9a0 commit ef4664f
Show file tree
Hide file tree
Showing 4 changed files with 41 additions and 13 deletions.
2 changes: 1 addition & 1 deletion gtests/freebl_gtest/mpi_unittest.cc
Expand Up @@ -290,4 +290,4 @@ TEST_F(DISABLED_MPITest, MpiCmpConstTest) {
mp_clear(&c);
}

} // nss_test
} // namespace nss_test
1 change: 1 addition & 0 deletions lib/freebl/mpi/README
Expand Up @@ -167,6 +167,7 @@ To set an mp_int to a given value, the following functions are given:

mp_set(mp_int *mp, mp_digit d);
mp_set_int(mp_int *mp, long z);
mp_set_ulong(mp_int *mp, unsigned long z);

The mp_set() function sets the mp_int to a single digit value, while
mp_set_int() sets the mp_int to a signed long integer value.
Expand Down
42 changes: 30 additions & 12 deletions lib/freebl/mpi/mpi.c
Expand Up @@ -344,6 +344,8 @@ mp_set_int(mp_int *mp, long z)
unsigned long v = labs(z);
mp_err res;

ARGCHK(mp != NULL, MP_BADARG);

/* https://bugzilla.mozilla.org/show_bug.cgi?id=1509432 */
if ((res = mp_set_ulong(mp, v)) != MP_OKAY) { /* avoids duplicated code */
return res;
Expand Down Expand Up @@ -1427,7 +1429,7 @@ s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
mp_digit d;
unsigned int dig, bit;

ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
ARGCHK(a != NULL && b != NULL && c != NULL && m != NULL, MP_BADARG);

if (mp_cmp_z(b) < 0 || mp_cmp_z(m) <= 0)
return MP_RANGE;
Expand Down Expand Up @@ -1514,7 +1516,7 @@ mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c)
mp_int s, x;
mp_err res;

ARGCHK(a != NULL && c != NULL, MP_BADARG);
ARGCHK(a != NULL && c != NULL && m != NULL, MP_BADARG);

if ((res = mp_init(&s)) != MP_OKAY)
return res;
Expand Down Expand Up @@ -1567,6 +1569,8 @@ mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c)
int
mp_cmp_z(const mp_int *a)
{
ARGMPCHK(a != NULL);

if (SIGN(a) == NEG)
return MP_LT;
else if (USED(a) == 1 && DIGIT(a, 0) == 0)
Expand Down Expand Up @@ -1657,7 +1661,7 @@ mp_cmp_mag(const mp_int *a, const mp_int *b)
int
mp_isodd(const mp_int *a)
{
ARGCHK(a != NULL, 0);
ARGMPCHK(a != NULL);

return (int)(DIGIT(a, 0) & 1);

Expand Down Expand Up @@ -2001,7 +2005,7 @@ s_mp_almost_inverse(const mp_int *a, const mp_int *p, mp_int *c)
mp_err k = 0;
mp_int d, f, g;

ARGCHK(a && p && c, MP_BADARG);
ARGCHK(a != NULL && p != NULL && c != NULL, MP_BADARG);

MP_DIGITS(&d) = 0;
MP_DIGITS(&f) = 0;
Expand Down Expand Up @@ -2135,7 +2139,7 @@ s_mp_invmod_odd_m(const mp_int *a, const mp_int *m, mp_int *c)
mp_err res;
mp_int x;

ARGCHK(a && m && c, MP_BADARG);
ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);

if (mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
return MP_RANGE;
Expand Down Expand Up @@ -2173,7 +2177,7 @@ mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c)
mp_int g, x;
mp_err res;

ARGCHK(a && m && c, MP_BADARG);
ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);

if (mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
return MP_RANGE;
Expand Down Expand Up @@ -2269,6 +2273,8 @@ s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c)
mp_int oddPart, evenPart; /* parts to combine via CRT. */
mp_int C2, tmp1, tmp2;

ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);

/*static const mp_digit d1 = 1; */
/*static const mp_int one = { MP_ZPOS, 1, 1, (mp_digit *)&d1 }; */

Expand Down Expand Up @@ -2347,8 +2353,7 @@ s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c)
mp_err
mp_invmod(const mp_int *a, const mp_int *m, mp_int *c)
{

ARGCHK(a && m && c, MP_BADARG);
ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);

if (mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
return MP_RANGE;
Expand Down Expand Up @@ -2715,6 +2720,8 @@ mp_strerror(mp_err ec)
mp_err
s_mp_grow(mp_int *mp, mp_size min)
{
ARGCHK(mp != NULL, MP_BADARG);

if (min > ALLOC(mp)) {
mp_digit *tmp;

Expand Down Expand Up @@ -2744,6 +2751,8 @@ s_mp_grow(mp_int *mp, mp_size min)
mp_err
s_mp_pad(mp_int *mp, mp_size min)
{
ARGCHK(mp != NULL, MP_BADARG);

if (min > USED(mp)) {
mp_err res;

Expand Down Expand Up @@ -2863,6 +2872,8 @@ s_mp_lshd(mp_int *mp, mp_size p)
mp_err res;
unsigned int ix;

ARGCHK(mp != NULL, MP_BADARG);

if (p == 0)
return MP_OKAY;

Expand Down Expand Up @@ -2995,6 +3006,8 @@ s_mp_mul_2(mp_int *mp)
unsigned int ix, used;
mp_digit kin = 0;

ARGCHK(mp != NULL, MP_BADARG);

/* Shift digits leftward by 1 bit */
used = MP_USED(mp);
pd = MP_DIGITS(mp);
Expand Down Expand Up @@ -3104,6 +3117,8 @@ s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd)
mp_digit b_msd;
mp_err res = MP_OKAY;

ARGCHK(a != NULL && b != NULL && pd != NULL, MP_BADARG);

d = 0;
mask = DIGIT_MAX & ~(DIGIT_MAX >> 1); /* mask is msb of digit */
b_msd = DIGIT(b, USED(b) - 1);
Expand Down Expand Up @@ -4368,6 +4383,8 @@ s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu)
int
s_mp_cmp(const mp_int *a, const mp_int *b)
{
ARGMPCHK(a != NULL && b != NULL);

mp_size used_a = MP_USED(a);
{
mp_size used_b = MP_USED(b);
Expand Down Expand Up @@ -4419,6 +4436,8 @@ s_mp_cmp(const mp_int *a, const mp_int *b)
int
s_mp_cmp_d(const mp_int *a, mp_digit d)
{
ARGMPCHK(a != NULL);

if (USED(a) > 1)
return MP_GT;

Expand All @@ -4445,6 +4464,8 @@ s_mp_ispow2(const mp_int *v)
mp_digit d;
int extra = 0, ix;

ARGMPCHK(v != NULL);

ix = MP_USED(v) - 1;
d = MP_DIGIT(v, ix); /* most significant digit of v */

Expand Down Expand Up @@ -4772,10 +4793,7 @@ mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size length)
int ix, jx;
unsigned int bytes;

ARGCHK(mp != NULL, MP_BADARG);
ARGCHK(str != NULL, MP_BADARG);
ARGCHK(!SIGN(mp), MP_BADARG);
ARGCHK(length > 0, MP_BADARG);
ARGCHK(mp != NULL && str != NULL && !SIGN(mp) && length > 0, MP_BADARG);

/* Constant time on the value of mp. Don't use mp_unsigned_octet_size. */
bytes = USED(mp) * MP_DIGIT_SIZE;
Expand Down
9 changes: 9 additions & 0 deletions lib/freebl/mpi/mpi.h
Expand Up @@ -288,7 +288,14 @@ void freebl_cpuid(unsigned long op, unsigned long *eax,
#define DIGITS(MP) MP_DIGITS(MP)
#define DIGIT(MP, N) MP_DIGIT(MP, N)

/* Functions which return an mp_err value will NULL-check their arguments via
* ARGCHK(condition, return), where the caller is responsible for checking the
* mp_err return code. For functions that return an integer type, the caller
* has no way to tell if the value is an error code or a legitimate value.
* Therefore, ARGMPCHK(condition) will trigger an assertion failure on debug
* builds, but no-op in optimized builds. */
#if MP_ARGCHK == 1
#define ARGMPCHK(X) /* */
#define ARGCHK(X, Y) \
{ \
if (!(X)) { \
Expand All @@ -297,8 +304,10 @@ void freebl_cpuid(unsigned long op, unsigned long *eax,
}
#elif MP_ARGCHK == 2
#include <assert.h>
#define ARGMPCHK(X) assert(X)
#define ARGCHK(X, Y) assert(X)
#else
#define ARGMPCHK(X) /* */
#define ARGCHK(X, Y) /* */
#endif

Expand Down

0 comments on commit ef4664f

Please sign in to comment.