diff options
author | Rich Salz <rsalz@openssl.org> | 2016-11-28 12:26:05 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-11-28 12:26:05 -0500 |
commit | 8d1ebff41c75e4eebc7d5cc5a561a1bab6b50e70 (patch) | |
tree | 7b8ce132ea9c1cf999e72bd67cfe1b4a1a30fbcb /test | |
parent | b3618f44a7b8504bfb0a64e8a33e6b8e56d4d516 (diff) |
Make bntest be (mostly) file-based.
Test suite used from boring, written by David Benjamin.
Test driver converted from C++ to C.
Added a Perl program to check the testsuite file.
Extensive review feedback incorporated (thanks folks).
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'test')
-rw-r--r-- | test/bntest.c | 2817 | ||||
-rwxr-xr-x | test/bntests.pl | 156 | ||||
-rw-r--r-- | test/bntests.txt | 10538 | ||||
-rw-r--r-- | test/build.info | 2 | ||||
-rw-r--r-- | test/recipes/10-test_bn.t | 68 | ||||
-rw-r--r-- | test/recipes/bc.pl | 113 |
6 files changed, 12150 insertions, 1544 deletions
diff --git a/test/bntest.c b/test/bntest.c index 3af2b83e0a..2f51aaab27 100644 --- a/test/bntest.c +++ b/test/bntest.c @@ -6,37 +6,25 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ - -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the Eric Young open source - * license provided above. - * - * The binary polynomial arithmetic software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - +#include <assert.h> +#include <errno.h> #include <stdio.h> -#include <stdlib.h> #include <string.h> +#include <ctype.h> #include "e_os.h" - -#include <openssl/bio.h> +#include <internal/numbers.h> #include <openssl/bn.h> -#include <openssl/rand.h> -#include <openssl/x509.h> +#include <openssl/crypto.h> #include <openssl/err.h> +#include <openssl/rand.h> +#include "testutil.h" +#include "test_main_custom.h" /* * In bn_lcl.h, bn_expand() is defined as a static ossl_inline function. * This is fine in itself, it will end up as an unused static function in - * the worst case. However, it referenses bn_expand2(), which is a private + * the worst case. However, it references bn_expand2(), which is a private * function in libcrypto and therefore unavailable on some systems. This * may result in a linker error because of unresolved symbols. * @@ -46,335 +34,148 @@ #define bn_expand2 dummy_bn_expand2 BIGNUM *bn_expand2(BIGNUM *b, int words); BIGNUM *bn_expand2(BIGNUM *b, int words) { return NULL; } - #include "../crypto/bn/bn_lcl.h" -static const int num0 = 100; /* number of tests */ -static const int num1 = 50; /* additional tests for some functions */ -static const int num2 = 5; /* number of tests for slow functions */ - -int test_add(BIO *bp); -int test_sub(BIO *bp); -int test_lshift1(BIO *bp); -int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_); -int test_rshift1(BIO *bp); -int test_rshift(BIO *bp, BN_CTX *ctx); -int test_div(BIO *bp, BN_CTX *ctx); -int test_div_word(BIO *bp); -int test_div_recp(BIO *bp, BN_CTX *ctx); -int test_mul(BIO *bp); -int test_sqr(BIO *bp, BN_CTX *ctx); -int test_mont(BIO *bp, BN_CTX *ctx); -int test_mod(BIO *bp, BN_CTX *ctx); -int test_mod_mul(BIO *bp, BN_CTX *ctx); -int test_mod_exp(BIO *bp, BN_CTX *ctx); -int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx); -int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx); -int test_exp(BIO *bp, BN_CTX *ctx); -int test_gf2m_add(BIO *bp); -int test_gf2m_mod(BIO *bp); -int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx); -int test_kron(BIO *bp, BN_CTX *ctx); -int test_sqrt(BIO *bp, BN_CTX *ctx); -int test_small_prime(BIO *bp, BN_CTX *ctx); -int test_bn2dec(BIO *bp); -int rand_neg(void); -static int results = 0; - -static unsigned char lst[] = - "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" - "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; - -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; - -static void message(BIO *out, char *m) -{ - fprintf(stderr, "test %s\n", m); - BIO_puts(out, "print \"test "); - BIO_puts(out, m); - BIO_puts(out, "\\n\"\n"); -} - -int main(int argc, char *argv[]) -{ - BN_CTX *ctx; - BIO *out; - char *outfile = NULL; - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - results = 0; - - RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ - - argc--; - argv++; - while (argc >= 1) { - if (strcmp(*argv, "-results") == 0) - results = 1; - else if (strcmp(*argv, "-out") == 0) { - if (--argc < 1) - break; - outfile = *(++argv); - } - argc--; - argv++; - } - - ctx = BN_CTX_new(); - if (ctx == NULL) - EXIT(1); - - out = BIO_new(BIO_s_file()); - if (out == NULL) - EXIT(1); - if (outfile == NULL) { - BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); - } else { - if (!BIO_write_filename(out, outfile)) { - perror(outfile); - EXIT(1); - } - } -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - - if (!results) - BIO_puts(out, "obase=16\nibase=16\n"); - - message(out, "BN_add"); - if (!test_add(out)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_sub"); - if (!test_sub(out)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_lshift1"); - if (!test_lshift1(out)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_lshift (fixed)"); - if (!test_lshift(out, ctx, BN_bin2bn(lst, sizeof(lst) - 1, NULL))) - goto err; - (void)BIO_flush(out); - - message(out, "BN_lshift"); - if (!test_lshift(out, ctx, NULL)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_rshift1"); - if (!test_rshift1(out)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_rshift"); - if (!test_rshift(out, ctx)) - goto err; - (void)BIO_flush(out); +#define MAXPAIRS 20 - message(out, "BN_sqr"); - if (!test_sqr(out, ctx)) - goto err; - (void)BIO_flush(out); +/* + * Things in boring, not in openssl. TODO we should add them. + */ +#define HAVE_BN_PADDED 0 +#define HAVE_BN_SQRT 0 - message(out, "BN_mul"); - if (!test_mul(out)) - goto err; - (void)BIO_flush(out); +typedef struct pair_st { + char *key; + char *value; +} PAIR; - message(out, "BN_div"); - if (!test_div(out, ctx)) - goto err; - (void)BIO_flush(out); +typedef struct stanza_st { + int start; + int numpairs; + PAIR pairs[MAXPAIRS]; +} STANZA; - message(out, "BN_div_word"); - if (!test_div_word(out)) - goto err; - (void)BIO_flush(out); +typedef struct filetest_st { + const char *name; + int (*func)(STANZA *s); +} FILETEST; - message(out, "BN_div_recp"); - if (!test_div_recp(out, ctx)) - goto err; - (void)BIO_flush(out); +typedef struct mpitest_st { + const char *base10; + const char *mpi; + size_t mpi_len; +} MPITEST; - message(out, "BN_mod"); - if (!test_mod(out, ctx)) - goto err; - (void)BIO_flush(out); +static const int NUM0 = 100; /* number of tests */ +static const int NUM1 = 50; /* additional tests for some functions */ +static FILE *fp; +static BN_CTX *ctx; - message(out, "BN_mod_mul"); - if (!test_mod_mul(out, ctx)) - goto err; - (void)BIO_flush(out); - message(out, "BN_mont"); - if (!test_mont(out, ctx)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_mod_exp"); - if (!test_mod_exp(out, ctx)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_mod_exp_mont_consttime"); - if (!test_mod_exp_mont_consttime(out, ctx)) - goto err; - if (!test_mod_exp_mont5(out, ctx)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_exp"); - if (!test_exp(out, ctx)) - goto err; - (void)BIO_flush(out); +/* + * Look for |key| in the stanza and return it or NULL if not found. + */ +static const char *findattr(STANZA *s, const char *key) +{ + int i = s->numpairs; + PAIR *pp = s->pairs; - message(out, "BN_kronecker"); - if (!test_kron(out, ctx)) - goto err; - (void)BIO_flush(out); + for ( ; --i >= 0; pp++) + if (strcasecmp(pp->key, key) == 0) + return pp->value; + return NULL; +} - message(out, "BN_mod_sqrt"); - if (!test_sqrt(out, ctx)) - goto err; - (void)BIO_flush(out); +/* + * Parse BIGNUM, return number of bytes parsed. + */ +static int parseBN(BIGNUM **out, const char *in) +{ + *out = NULL; + return BN_hex2bn(out, in); +} - message(out, "Small prime generation"); - if (!test_small_prime(out, ctx)) - goto err; - (void)BIO_flush(out); +static int parsedecBN(BIGNUM **out, const char *in) +{ + *out = NULL; + return BN_dec2bn(out, in); +} - message(out, "BN_bn2dec"); - if (!test_bn2dec(out)) - goto err; - (void)BIO_flush(out); +static BIGNUM *getBN(STANZA *s, const char *attribute) +{ + const char *hex; + BIGNUM *ret = NULL; -#ifndef OPENSSL_NO_EC2M - message(out, "BN_GF2m_add"); - if (!test_gf2m_add(out)) - goto err; - (void)BIO_flush(out); + if ((hex = findattr(s, attribute)) == NULL) { + fprintf(stderr, "Can't find %s in test at line %d\n", + attribute, s->start); + return NULL; + } - message(out, "BN_GF2m_mod"); - if (!test_gf2m_mod(out)) - goto err; - (void)BIO_flush(out); + if (parseBN(&ret, hex) != (int)strlen(hex)) { + fprintf(stderr, "Could not decode '%s'.\n", hex); + return NULL; + } + return ret; +} - message(out, "BN_GF2m_mod_mul"); - if (!test_gf2m_mod_mul(out, ctx)) - goto err; - (void)BIO_flush(out); +static int getint(STANZA *s, int *out, const char *attribute) +{ + BIGNUM *ret = getBN(s, attribute); + BN_ULONG word; + int st = 0; - message(out, "BN_GF2m_mod_sqr"); - if (!test_gf2m_mod_sqr(out, ctx)) + if (ret == NULL) goto err; - (void)BIO_flush(out); - message(out, "BN_GF2m_mod_inv"); - if (!test_gf2m_mod_inv(out, ctx)) + if ((word = BN_get_word(ret)) > INT_MAX) goto err; - (void)BIO_flush(out); - message(out, "BN_GF2m_mod_div"); - if (!test_gf2m_mod_div(out, ctx)) - goto err; - (void)BIO_flush(out); + *out = (int)word; + st = 1; +err: + BN_free(ret); + return st; +} - message(out, "BN_GF2m_mod_exp"); - if (!test_gf2m_mod_exp(out, ctx)) - goto err; - (void)BIO_flush(out); +static int equalBN(const char *op, const BIGNUM *expected, const BIGNUM *actual) +{ + char *exstr = NULL; + char *actstr = NULL; - message(out, "BN_GF2m_mod_sqrt"); - if (!test_gf2m_mod_sqrt(out, ctx)) - goto err; - (void)BIO_flush(out); + if (BN_cmp(expected, actual) == 0) + return 1; - message(out, "BN_GF2m_mod_solve_quad"); - if (!test_gf2m_mod_solve_quad(out, ctx)) + exstr = BN_bn2hex(expected); + actstr = BN_bn2hex(actual); + if (exstr == NULL || actstr == NULL) goto err; - (void)BIO_flush(out); -#endif - BN_CTX_free(ctx); - BIO_free(out); - ERR_print_errors_fp(stderr); + fprintf(stderr, "Got %s =\n", op); + fprintf(stderr, "\t%s\n", actstr); + fprintf(stderr, "wanted:\n"); + fprintf(stderr, "\t%s\n", exstr); -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - EXIT(1); -#endif - EXIT(0); - err: - BIO_puts(out, "1\n"); /* make sure the Perl script fed by bc - * notices the failure, see test_bn in - * test/Makefile.ssl */ - (void)BIO_flush(out); - BN_CTX_free(ctx); - BIO_free(out); - - ERR_print_errors_fp(stderr); - EXIT(1); +err: + OPENSSL_free(exstr); + OPENSSL_free(actstr); + return 0; } -int test_add(BIO *bp) -{ - BIGNUM *a, *b, *c; - int i; - a = BN_new(); - b = BN_new(); - c = BN_new(); +/* + * Return a "random" flag for if a BN should be negated. + */ +static int rand_neg(void) +{ + static unsigned int neg = 0; + static int sign[8] = { 0, 0, 0, 1, 1, 0, 1, 1 }; - BN_bntest_rand(a, 512, 0, 0); - for (i = 0; i < num0; i++) { - BN_bntest_rand(b, 450 + i, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - BN_add(c, a, b); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " + "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - a->neg = !a->neg; - b->neg = !b->neg; - BN_add(c, c, b); - BN_add(c, c, a); - if (!BN_is_zero(c)) { - fprintf(stderr, "Add test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - BN_free(c); - return (1); + return sign[(neg++) % 8]; } -int test_sub(BIO *bp) + +static int test_sub() { BIGNUM *a, *b, *c; int i; @@ -383,188 +184,34 @@ int test_sub(BIO *bp) b = BN_new(); c = BN_new(); - for (i = 0; i < num0 + num1; i++) { - if (i < num1) { + for (i = 0; i < NUM0 + NUM1; i++) { + if (i < NUM1) { BN_bntest_rand(a, 512, 0, 0); BN_copy(b, a); if (BN_set_bit(a, i) == 0) - return (0); + return 0; BN_add_word(b, i); } else { - BN_bntest_rand(b, 400 + i - num1, 0, 0); + BN_bntest_rand(b, 400 + i - NUM1, 0, 0); a->neg = rand_neg(); b->neg = rand_neg(); } BN_sub(c, a, b); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " - "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } BN_add(c, c, b); BN_sub(c, c, a); if (!BN_is_zero(c)) { - fprintf(stderr, "Subtract test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - BN_free(c); - return (1); -} - -int test_div(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - BN_one(a); - BN_zero(b); - - if (BN_div(d, c, a, b, ctx)) { - fprintf(stderr, "Division by zero succeeded!\n"); - return 0; - } - - for (i = 0; i < num0 + num1; i++) { - if (i < num1) { - BN_bntest_rand(a, 400, 0, 0); - BN_copy(b, a); - BN_lshift(a, a, i); - BN_add_word(a, i); - } else - BN_bntest_rand(b, 50 + 3 * (i - num1), 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - BN_div(d, c, a, b, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " / "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, d); - BIO_puts(bp, "\n"); - - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " % "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_mul(e, d, b, ctx); - BN_add(d, e, c); - BN_sub(d, d, a); - if (!BN_is_zero(d)) { - fprintf(stderr, "Division test failed!\n"); + printf("Subtract test failed!\n"); return 0; } } BN_free(a); BN_free(b); BN_free(c); - BN_free(d); - BN_free(e); - return (1); + return 1; } -static void print_word(BIO *bp, BN_ULONG w) -{ - int i = sizeof(w) * 8; - char *fmt = NULL; - unsigned char byte; - - do { - i -= 8; - byte = (unsigned char)(w >> i); - if (fmt == NULL) - fmt = byte ? "%X" : NULL; - else - fmt = "%02X"; - - if (fmt != NULL) - BIO_printf(bp, fmt, byte); - } while (i); - - /* If we haven't printed anything, at least print a zero! */ - if (fmt == NULL) - BIO_printf(bp, "0"); -} -int test_div_word(BIO *bp) -{ - BIGNUM *a, *b; - BN_ULONG r, rmod, s; - int i; - - a = BN_new(); - b = BN_new(); - - for (i = 0; i < num0; i++) { - do { - BN_bntest_rand(a, 512, -1, 0); - BN_bntest_rand(b, BN_BITS2, -1, 0); - } while (BN_is_zero(b)); - - s = b->d[0]; - BN_copy(b, a); - rmod = BN_mod_word(b, s); - r = BN_div_word(b, s); - - if (rmod != r) { - fprintf(stderr, "Mod (word) test failed!\n"); - return 0; - } - - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " / "); - print_word(bp, s); - BIO_puts(bp, " - "); - } - BN_print(bp, b); - BIO_puts(bp, "\n"); - - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " % "); - print_word(bp, s); - BIO_puts(bp, " - "); - } - print_word(bp, r); - BIO_puts(bp, "\n"); - } - BN_mul_word(b, s); - BN_add_word(b, r); - BN_sub(b, a, b); - if (!BN_is_zero(b)) { - fprintf(stderr, "Division (word) test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - return (1); -} - -int test_div_recp(BIO *bp, BN_CTX *ctx) +static int test_div_recip() { BIGNUM *a, *b, *c, *d, *e; BN_RECP_CTX *recp; @@ -577,47 +224,28 @@ int test_div_recp(BIO *bp, BN_CTX *ctx) d = BN_new(); e = BN_new(); - for (i = 0; i < num0 + num1; i++) { - if (i < num1) { + for (i = 0; i < NUM0 + NUM1; i++) { + if (i < NUM1) { BN_bntest_rand(a, 400, 0, 0); BN_copy(b, a); BN_lshift(a, a, i); BN_add_word(a, i); } else - BN_bntest_rand(b, 50 + 3 * (i - num1), 0, 0); + BN_bntest_rand(b, 50 + 3 * (i - NUM1), 0, 0); a->neg = rand_neg(); b->neg = rand_neg(); BN_RECP_CTX_set(recp, b, ctx); BN_div_recp(d, c, a, recp, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " / "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, d); - BIO_puts(bp, "\n"); - - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " % "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } BN_mul(e, d, b, ctx); BN_add(d, e, c); BN_sub(d, d, a); if (!BN_is_zero(d)) { - fprintf(stderr, "Reciprocal division test failed!\n"); - fprintf(stderr, "a="); - BN_print_fp(stderr, a); - fprintf(stderr, "\nb="); - BN_print_fp(stderr, b); - fprintf(stderr, "\n"); + printf("Reciprocal division test failed!\n"); + printf("a="); + BN_print_fp(stdout, a); + printf("\nb="); + BN_print_fp(stdout, b); + printf("\n"); return 0; } } @@ -627,18 +255,14 @@ int test_div_recp(BIO *bp, BN_CTX *ctx) BN_free(d); BN_free(e); BN_RECP_CTX_free(recp); - return (1); + return 1; } -int test_mul(BIO *bp) + +static int test_mod() { BIGNUM *a, *b, *c, *d, *e; int i; - BN_CTX *ctx; - - ctx = BN_CTX_new(); - if (ctx == NULL) - EXIT(1); a = BN_new(); b = BN_new(); @@ -646,29 +270,16 @@ int test_mul(BIO *bp) d = BN_new(); e = BN_new(); - for (i = 0; i < num0 + num1; i++) { - if (i <= num1) { - BN_bntest_rand(a, 100, 0, 0); - BN_bntest_rand(b, 100, 0, 0); - } else - BN_bntest_rand(b, i - num1, 0, 0); + BN_bntest_rand(a, 1024, 0, 0); + for (i = 0; i < NUM0; i++) { + BN_bntest_rand(b, 450 + i * 10, 0, 0); a->neg = rand_neg(); b->neg = rand_neg(); - BN_mul(c, a, b, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_div(d, e, c, a, ctx); - BN_sub(d, d, b); - if (!BN_is_zero(d) || !BN_is_zero(e)) { - fprintf(stderr, "Multiplication test failed!\n"); + BN_mod(c, a, b, ctx); + BN_div(d, e, a, b, ctx); + BN_sub(e, e, c); + if (!BN_is_zero(e)) { + printf("Modulo test failed!\n"); return 0; } } @@ -677,166 +288,39 @@ int test_mul(BIO *bp) BN_free(c); BN_free(d); BN_free(e); - BN_CTX_free(ctx); - return (1); + return 1; } -int test_sqr(BIO *bp, BN_CTX *ctx) +/* + * Test constant-time modular exponentiation with 1024-bit inputs, which on + * x86_64 cause a different code branch to be taken. + */ +static int test_modexp_mont5() { - BIGNUM *a, *c, *d, *e; - int i, ret = 0; + BIGNUM *a, *p, *m, *d, *e, *b, *n, *c; + BN_MONT_CTX *mont; a = BN_new(); - c = BN_new(); + p = BN_new(); + m = BN_new(); d = BN_new(); e = BN_new(); - if (a == NULL || c == NULL || d == NULL || e == NULL) { - goto err; - } - - for (i = 0; i < num0; i++) { - BN_bntest_rand(a, 40 + i * 10, 0, 0); - a->neg = rand_neg(); - BN_sqr(c, a, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, a); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_div(d, e, c, a, ctx); - BN_sub(d, d, a); - if (!BN_is_zero(d) || !BN_is_zero(e)) { - fprintf(stderr, "Square test failed!\n"); - goto err; - } - } - - /* Regression test for a BN_sqr overflow bug. */ - BN_hex2bn(&a, - "80000000000000008000000000000001" - "FFFFFFFFFFFFFFFE0000000000000000"); - BN_sqr(c, a, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, a); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_mul(d, a, a, ctx); - if (BN_cmp(c, d)) { - fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce " - "different results!\n"); - goto err; - } - - /* Regression test for a BN_sqr overflow bug. */ - BN_hex2bn(&a, - "80000000000000000000000080000001" - "FFFFFFFE000000000000000000000000"); - BN_sqr(c, a, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, a); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_mul(d, a, a, ctx); - if (BN_cmp(c, d)) { - fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce " - "different results!\n"); - goto err; - } - ret = 1; - err: - BN_free(a); - BN_free(c); - BN_free(d); - BN_free(e); - return ret; -} - -int test_mont(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *A, *B; - BIGNUM *n; - int i; - BN_MONT_CTX *mont; - - a = BN_new(); b = BN_new(); - c = BN_new(); - d = BN_new(); - A = BN_new(); - B = BN_new(); n = BN_new(); - + c = BN_new(); mont = BN_MONT_CTX_new(); - if (mont == NULL) - return 0; - BN_zero(n); - if (BN_MONT_CTX_set(mont, n, ctx)) { - fprintf(stderr, "BN_MONT_CTX_set succeeded for zero modulus!\n"); + BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */ + /* Zero exponent */ + BN_bntest_rand(a, 1024, 0, 0); + BN_zero(p); + if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) return 0; - } - - BN_set_word(n, 16); - if (BN_MONT_CTX_set(mont, n, ctx)) { - fprintf(stderr, "BN_MONT_CTX_set succeeded for even modulus!\n"); + if (!BN_is_one(d)) { + printf("Modular exponentiation test failed!\n"); return 0; } - BN_bntest_rand(a, 100, 0, 0); - BN_bntest_rand(b, 100, 0, 0); - for (i = 0; i < num2; i++) { - int bits = (200 * (i + 1)) / num2; - - if (bits == 0) - continue; - BN_bntest_rand(n, bits, 0, 1); - BN_MONT_CTX_set(mont, n, ctx); - - BN_nnmod(a, a, n, ctx); - BN_nnmod(b, b, n, ctx); - - BN_to_montgomery(A, a, mont, ctx); - BN_to_montgomery(B, b, mont, ctx); - - BN_mod_mul_montgomery(c, A, B, mont, ctx); - BN_from_montgomery(A, c, mont, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, b); - BIO_puts(bp, " % "); - BN_print(bp, &mont->N); - BIO_puts(bp, " - "); - } - BN_print(bp, A); - BIO_puts(bp, "\n"); - } - BN_mod_mul(d, a, b, n, ctx); - BN_sub(d, d, A); - if (!BN_is_zero(d)) { - fprintf(stderr, "Montgomery multiplication test failed!\n"); - return 0; - } - } - /* Regression test for carry bug in mulx4x_mont */ BN_hex2bn(&a, "7878787878787878787878787878787878787878787878787878787878787878" @@ -862,294 +346,6 @@ int test_mont(BIO *bp, BN_CTX *ctx) return 0; } - BN_MONT_CTX_free(mont); - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(A); - BN_free(B); - BN_free(n); - return (1); -} - -int test_mod(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - BN_bntest_rand(a, 1024, 0, 0); - for (i = 0; i < num0; i++) { - BN_bntest_rand(b, 450 + i * 10, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - BN_mod(c, a, b, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " % "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_div(d, e, a, b, ctx); - BN_sub(e, e, c); - if (!BN_is_zero(e)) { - fprintf(stderr, "Modulo test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - return (1); -} - -int test_mod_mul(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - int i, j; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - BN_one(a); - BN_one(b); - BN_zero(c); - if (BN_mod_mul(e, a, b, c, ctx)) { - fprintf(stderr, "BN_mod_mul with zero modulus succeeded!\n"); - return 0; - } - - for (j = 0; j < 3; j++) { - BN_bntest_rand(c, 1024, 0, 0); - for (i = 0; i < num0; i++) { - BN_bntest_rand(a, 475 + i * 10, 0, 0); - BN_bntest_rand(b, 425 + i * 11, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - if (!BN_mod_mul(e, a, b, c, ctx)) { - unsigned long l; - - while ((l = ERR_get_error())) - fprintf(stderr, "ERROR:%s\n", ERR_error_string(l, NULL)); - EXIT(1); - } - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, b); - BIO_puts(bp, " % "); - BN_print(bp, c); - if ((a->neg ^ b->neg) && !BN_is_zero(e)) { - /* - * If (a*b) % c is negative, c must be added in order - * to obtain the normalized remainder (new with - * OpenSSL 0.9.7, previous versions of BN_mod_mul - * could generate negative results) - */ - BIO_puts(bp, " + "); - BN_print(bp, c); - } - BIO_puts(bp, " - "); - } - BN_print(bp, e); - BIO_puts(bp, "\n"); - } - BN_mul(d, a, b, ctx); - BN_sub(d, d, e); - BN_div(a, b, d, c, ctx); - if (!BN_is_zero(b)) { - fprintf(stderr, "Modulo multiply test failed!\n"); - ERR_print_errors_fp(stderr); - return 0; - } - } - } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - return (1); -} - -int test_mod_exp(BIO *bp, BN_CTX *ctx) -{ - |