Add a facility for debug-mode assertions

When we want to check something but it is to expensive to do so in normal builds.
author: Jack Lloyd <[email protected]> 2018-03-14 08:03:28 -0400
committer: Jack Lloyd <[email protected]> 2018-03-14 08:03:28 -0400
commit: e4487e872877cb13a03974f741744eff847de801 (patch)
tree: 9c0e399238a5df614813e7d15a2deb04e0ea4425 /src/lib
parent: ea0ce769791640e883ec4b7f73dcbce4b0399783 (diff)
5 files changed, 33 insertions, 11 deletions
diff --git a/src/lib/math/numbertheory/monty.cpp b/src/lib/math/numbertheory/monty.cpp
index 6ab847ead..503141ada 100644
--- a/src/lib/math/numbertheory/monty.cpp
+++ b/src/lib/math/numbertheory/monty.cpp
@@ -126,8 +126,13 @@ BigInt Montgomery_Params::sqr(const BigInt& x, secure_vector<word>& ws) const
 
    BigInt z(BigInt::Positive, output_size);
 
+   // assume x.sig_words() is at most p_words
+   BOTAN_DEBUG_ASSERT(x.sig_words() <= m_p_words);
+
+   const size_t x_words = (x.size() >= m_p_words) ? m_p_words : x.sig_words();
+
    bigint_sqr(z.mutable_data(), z.size(),
-              x.data(), x.size(), x.sig_words(),
+              x.data(), x.size(), x_words,
               ws.data(), ws.size());
 
    bigint_monty_redc(z.mutable_data(),
@@ -299,8 +304,7 @@ Montgomery_Int& Montgomery_Int::square_this(secure_vector<word>& ws)
 
 Montgomery_Int Montgomery_Int::square(secure_vector<word>& ws) const
    {
-   const BigInt v = m_params->sqr(m_v, ws);
-   return Montgomery_Int(m_params, v, false);
+   return Montgomery_Int(m_params, m_params->sqr(m_v, ws), false);
    }
 
 Montgomery_Int Montgomery_Int::multiplicative_inverse() const
diff --git a/src/lib/pubkey/ec_group/curve_gfp.cpp b/src/lib/pubkey/ec_group/curve_gfp.cpp
index b57b8d3ef..fba9a419c 100644
--- a/src/lib/pubkey/ec_group/curve_gfp.cpp
+++ b/src/lib/pubkey/ec_group/curve_gfp.cpp
@@ -119,6 +119,9 @@ void CurveGFp_Montgomery::curve_mul(BigInt& z, const BigInt& x, const BigInt& y,
    if(z.size() < output_size)
       z.grow_to(output_size);
 
+   BOTAN_DEBUG_ASSERT(x.sig_words() <= m_p_words);
+   BOTAN_DEBUG_ASSERT(y.sig_words() <= m_p_words);
+
    const size_t x_words = (x.size() >= m_p_words) ? m_p_words : x.sig_words();
    const size_t y_words = (y.size() >= m_p_words) ? m_p_words : y.sig_words();
 
diff --git a/src/lib/pubkey/ec_group/point_gfp.cpp b/src/lib/pubkey/ec_group/point_gfp.cpp
index 6b22f4d01..51cb7d153 100644
--- a/src/lib/pubkey/ec_group/point_gfp.cpp
+++ b/src/lib/pubkey/ec_group/point_gfp.cpp
@@ -423,7 +423,7 @@ PointGFp multi_exponentiate(const PointGFp& x, const BigInt& z1,
 
 PointGFp operator*(const BigInt& scalar, const PointGFp& point)
    {
-   //BOTAN_ASSERT(point.on_the_curve(), "Input is on the curve");
+   BOTAN_DEBUG_ASSERT(point.on_the_curve());
 
    const size_t scalar_bits = scalar.bits();
 
@@ -441,7 +441,7 @@ PointGFp operator*(const BigInt& scalar, const PointGFp& point)
    if(scalar.is_negative())
       R[0].negate();
 
-   //BOTAN_ASSERT(R[0].on_the_curve(), "Output is on the curve");
+   BOTAN_DEBUG_ASSERT(R[0].on_the_curve());
 
    return R[0];
    }
diff --git a/src/lib/pubkey/ec_group/point_mul.cpp b/src/lib/pubkey/ec_group/point_mul.cpp
index bd9b0ca82..7b36d3fed 100644
--- a/src/lib/pubkey/ec_group/point_mul.cpp
+++ b/src/lib/pubkey/ec_group/point_mul.cpp
@@ -90,6 +90,8 @@ PointGFp PointGFp_Base_Point_Precompute::mul(const BigInt& k,
          R.add_affine(m_T[i], ws);
       }
 
+   BOTAN_DEBUG_ASSERT(R.on_the_curve());
+
    return R;
    }
 
@@ -160,6 +162,8 @@ PointGFp PointGFp_Var_Point_Precompute::mul(const BigInt& k,
          }
       }
 
+   BOTAN_DEBUG_ASSERT(R.on_the_curve());
+
    return R;
    }
 
diff --git a/src/lib/utils/assert.h b/src/lib/utils/assert.h
index 8211ec262..d23558cd0 100644
--- a/src/lib/utils/assert.h
+++ b/src/lib/utils/assert.h
@@ -1,6 +1,6 @@
 /*
 * Runtime assertion checking
-* (C) 2010 Jack Lloyd
+* (C) 2010,2018 Jack Lloyd
 *     2017 Simon Warta (Kullo GmbH)
 *
 * Botan is released under the Simplified BSD License (see license.txt)
@@ -17,11 +17,12 @@ namespace Botan {
 /**
 * Called when an assertion fails
 */
-BOTAN_NORETURN void BOTAN_PUBLIC_API(2,0) assertion_failure(const char* expr_str,
-                                 const char* assertion_made,
-                                 const char* func,
-                                 const char* file,
-                                 int line);
+BOTAN_NORETURN void BOTAN_PUBLIC_API(2,0)
+   assertion_failure(const char* expr_str,
+                     const char* assertion_made,
+                     const char* func,
+                     const char* file,
+                     int line);
 
 /**
 * Make an assertion
@@ -88,6 +89,16 @@ BOTAN_NORETURN void BOTAN_PUBLIC_API(2,0) assertion_failure(const char* expr_str
                                   __LINE__);               \
    } while(0)
 
+#if defined(BOTAN_ENABLE_DEBUG_ASSERTS)
+
+#define BOTAN_DEBUG_ASSERT(expr) BOTAN_ASSERT_NOMSG(expr)
+
+#else
+
+#define BOTAN_DEBUG_ASSERT(expr) do {} while(0)
+
+#endif
+
 /**
 * Mark variable as unused. Takes between 1 and 9 arguments and marks all as unused,
 * e.g. BOTAN_UNUSED(a); or BOTAN_UNUSED(x, y, z);
author	Jack Lloyd <[email protected]>	2018-03-14 08:03:28 -0400
committer	Jack Lloyd <[email protected]>	2018-03-14 08:03:28 -0400
commit	e4487e872877cb13a03974f741744eff847de801 (patch)
tree	9c0e399238a5df614813e7d15a2deb04e0ea4425 /src/lib
parent	ea0ce769791640e883ec4b7f73dcbce4b0399783 (diff)