/*
* Copyright (C) 2017 Red Hat
* Copyright (C) 1995-2017 Free Software Foundation, Inc.
* This file is part of the GNU C Library.
* Contributed by Ulrich Drepper <drepper@gnu.ai.mit.edu>, August 1995.
*
* This file is part of GnuTLS.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, see <https://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/types.h>
#include <drbg-aes.h>
#include <fips.h>
#include "gnutls_int.h"
#include "errors.h"
#include <stdlib.h>
#include <rnd-common.h>
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
struct r48_rand_data {
unsigned short int __x[3]; /* Current state. */
unsigned short int __old_x[3]; /* Old state. */
unsigned short int __c; /* Additive const. in congruential formula. */
unsigned short int __init; /* Flag for initializing. */
__extension__ unsigned long long int __a; /* Factor in congruential
formula. */
};
#ifdef __clang__
__attribute__((no_sanitize("integer")))
#endif
static int
__r48_rand_iterate(unsigned short int xsubi[3], struct r48_rand_data *buffer)
{
uint64_t X;
uint64_t result;
/* Initialize buffer, if not yet done. */
if (unlikely(!buffer->__init)) {
buffer->__a = 0x5deece66dull;
buffer->__c = 0xb;
buffer->__init = 1;
}
/* Do the real work. We choose a data type which contains at least
48 bits. Because we compute the modulus it does not care how
many bits really are computed. */
X = (uint64_t) xsubi[2] << 32 | (uint32_t) xsubi[1] << 16 | xsubi[0];
result = X * buffer->__a + buffer->__c;
xsubi[0] = result & 0xffff;
xsubi[1] = (result >> 16) & 0xffff;
xsubi[2] = (result >> 32) & 0xffff;
return 0;
}
#ifdef __clang__
__attribute__((no_sanitize("integer")))
#elif defined __GNUC__
__attribute__((no_sanitize("shift-base")))
#endif
static int
r48_r(unsigned short int xsubi[3], struct r48_rand_data *buffer,
long int *result)
{
/* Compute next state. */
if (__r48_rand_iterate(xsubi, buffer) < 0)
return -1;
/* Store the result. */
*result = (int32_t) ((xsubi[2] << 16) | xsubi[1]);
return 0;
}
static int r48(struct r48_rand_data *buffer, long int *result)
{
return r48_r(buffer->__x, buffer, result);
}
/* This is a dummy random generator intended to be reproducible
* for use in fuzzying targets.
*/
static int _rngfuzz_init(void **_ctx)
{
*_ctx = calloc(1, sizeof(struct r48_rand_data));
return 0;
}
static int _rngfuzz_rnd(void *_ctx, int level, void *buffer, size_t length)
{
struct r48_rand_data *ctx = _ctx;
uint8_t *p = buffer;
long r;
unsigned i;
memset(ctx, 0, sizeof(*ctx));
for (i = 0; i < length; i++) {
r48(ctx, &r);
p[i] = r;
}
return 0;
}
static void _rngfuzz_deinit(void *_ctx)
{
struct r48_rand_data *ctx = _ctx;
free(ctx);
}
static void _rngfuzz_refresh(void *_ctx)
{
/* this is predictable RNG. Don't refresh */
return;
}
gnutls_crypto_rnd_st _gnutls_fuzz_rnd_ops = {
.init = _rngfuzz_init,
.deinit = _rngfuzz_deinit,
.rnd = _rngfuzz_rnd,
.rnd_refresh = _rngfuzz_refresh,
.self_test = NULL,
};
#endif /* FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */