1a8e1175bSopenharmony_ci#include <stdint.h>
2a8e1175bSopenharmony_ci#include <stdlib.h>
3a8e1175bSopenharmony_ci#include "mbedtls/pk.h"
4a8e1175bSopenharmony_ci
5a8e1175bSopenharmony_ciint LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
6a8e1175bSopenharmony_ci{
7a8e1175bSopenharmony_ci#ifdef MBEDTLS_PK_PARSE_C
8a8e1175bSopenharmony_ci    int ret;
9a8e1175bSopenharmony_ci    mbedtls_pk_context pk;
10a8e1175bSopenharmony_ci
11a8e1175bSopenharmony_ci    mbedtls_pk_init(&pk);
12a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO)
13a8e1175bSopenharmony_ci    psa_status_t status = psa_crypto_init();
14a8e1175bSopenharmony_ci    if (status != PSA_SUCCESS) {
15a8e1175bSopenharmony_ci        goto exit;
16a8e1175bSopenharmony_ci    }
17a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */
18a8e1175bSopenharmony_ci    ret = mbedtls_pk_parse_public_key(&pk, Data, Size);
19a8e1175bSopenharmony_ci    if (ret == 0) {
20a8e1175bSopenharmony_ci#if defined(MBEDTLS_RSA_C)
21a8e1175bSopenharmony_ci        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
22a8e1175bSopenharmony_ci            mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
23a8e1175bSopenharmony_ci            mbedtls_rsa_context *rsa;
24a8e1175bSopenharmony_ci
25a8e1175bSopenharmony_ci            mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
26a8e1175bSopenharmony_ci            mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
27a8e1175bSopenharmony_ci            mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
28a8e1175bSopenharmony_ci
29a8e1175bSopenharmony_ci            rsa = mbedtls_pk_rsa(pk);
30a8e1175bSopenharmony_ci            if (mbedtls_rsa_export(rsa, &N, NULL, NULL, NULL, &E) != 0) {
31a8e1175bSopenharmony_ci                abort();
32a8e1175bSopenharmony_ci            }
33a8e1175bSopenharmony_ci            if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) {
34a8e1175bSopenharmony_ci                abort();
35a8e1175bSopenharmony_ci            }
36a8e1175bSopenharmony_ci            if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) {
37a8e1175bSopenharmony_ci                abort();
38a8e1175bSopenharmony_ci            }
39a8e1175bSopenharmony_ci
40a8e1175bSopenharmony_ci            mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
41a8e1175bSopenharmony_ci            mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
42a8e1175bSopenharmony_ci            mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
43a8e1175bSopenharmony_ci
44a8e1175bSopenharmony_ci        } else
45a8e1175bSopenharmony_ci#endif
46a8e1175bSopenharmony_ci#if defined(MBEDTLS_ECP_C)
47a8e1175bSopenharmony_ci        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY ||
48a8e1175bSopenharmony_ci            mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) {
49a8e1175bSopenharmony_ci            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
50a8e1175bSopenharmony_ci            mbedtls_ecp_group_id grp_id = mbedtls_ecp_keypair_get_group_id(ecp);
51a8e1175bSopenharmony_ci            const mbedtls_ecp_curve_info *curve_info =
52a8e1175bSopenharmony_ci                mbedtls_ecp_curve_info_from_grp_id(grp_id);
53a8e1175bSopenharmony_ci
54a8e1175bSopenharmony_ci            /* If the curve is not supported, the key should not have been
55a8e1175bSopenharmony_ci             * accepted. */
56a8e1175bSopenharmony_ci            if (curve_info == NULL) {
57a8e1175bSopenharmony_ci                abort();
58a8e1175bSopenharmony_ci            }
59a8e1175bSopenharmony_ci
60a8e1175bSopenharmony_ci            /* It's a public key, so the private value should not have
61a8e1175bSopenharmony_ci             * been changed from its initialization to 0. */
62a8e1175bSopenharmony_ci            mbedtls_mpi d;
63a8e1175bSopenharmony_ci            mbedtls_mpi_init(&d);
64a8e1175bSopenharmony_ci            if (mbedtls_ecp_export(ecp, NULL, &d, NULL) != 0) {
65a8e1175bSopenharmony_ci                abort();
66a8e1175bSopenharmony_ci            }
67a8e1175bSopenharmony_ci            if (mbedtls_mpi_cmp_int(&d, 0) != 0) {
68a8e1175bSopenharmony_ci                abort();
69a8e1175bSopenharmony_ci            }
70a8e1175bSopenharmony_ci            mbedtls_mpi_free(&d);
71a8e1175bSopenharmony_ci        } else
72a8e1175bSopenharmony_ci#endif
73a8e1175bSopenharmony_ci        {
74a8e1175bSopenharmony_ci            /* The key is valid but is not of a supported type.
75a8e1175bSopenharmony_ci             * This should not happen. */
76a8e1175bSopenharmony_ci            abort();
77a8e1175bSopenharmony_ci        }
78a8e1175bSopenharmony_ci    }
79a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO)
80a8e1175bSopenharmony_ciexit:
81a8e1175bSopenharmony_ci    mbedtls_psa_crypto_free();
82a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */
83a8e1175bSopenharmony_ci    mbedtls_pk_free(&pk);
84a8e1175bSopenharmony_ci#else
85a8e1175bSopenharmony_ci    (void) Data;
86a8e1175bSopenharmony_ci    (void) Size;
87a8e1175bSopenharmony_ci#endif //MBEDTLS_PK_PARSE_C
88a8e1175bSopenharmony_ci
89a8e1175bSopenharmony_ci    return 0;
90a8e1175bSopenharmony_ci}
91