diff options
author | Kinichiro Inoguchi <inoguchi@cvs.openbsd.org> | 2017-01-31 13:19:06 +0000 |
---|---|---|
committer | Kinichiro Inoguchi <inoguchi@cvs.openbsd.org> | 2017-01-31 13:19:06 +0000 |
commit | b2062404c261c8c9bf56dcd8b415c077dc831001 (patch) | |
tree | b281f859f5d1bd4845e5e9d90e8f57b9ee169859 /regress/lib/libcrypto/bn/general/bntest.c | |
parent | 1ff8a3d4d512b5f1ed3cdde5d08ac7537ced5b0e (diff) |
LibreSSL : regress for carry bug in mulx4x_mont and sqr8x_mont
This regress bntest.c patch is originally from master branch of OpenSSL.
- dca2e0e test/bntest.c: regression test for CVE-2016-7055.
- 3e7a496 test/bntest.c: regression test for carry bug in bn_sqr8x_internal.
These tests were added for these commit.
- 2fac86d bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity).
- 3f4bcf5 bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqr8x_internal.
ok beck@
Diffstat (limited to 'regress/lib/libcrypto/bn/general/bntest.c')
-rw-r--r-- | regress/lib/libcrypto/bn/general/bntest.c | 79 |
1 files changed, 78 insertions, 1 deletions
diff --git a/regress/lib/libcrypto/bn/general/bntest.c b/regress/lib/libcrypto/bn/general/bntest.c index 7e5e6ed81b9..98616c37b24 100644 --- a/regress/lib/libcrypto/bn/general/bntest.c +++ b/regress/lib/libcrypto/bn/general/bntest.c @@ -1236,15 +1236,19 @@ err: int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx) { - BIGNUM *a, *p, *m, *d, *e; + BIGNUM *a, *p, *m, *d, *e, *b, *n, *c; int rc = 1; BN_MONT_CTX *mont; + char *bigstring; a = BN_new(); p = BN_new(); m = BN_new(); d = BN_new(); e = BN_new(); + b = BN_new(); + n = BN_new(); + c = BN_new(); mont = BN_MONT_CTX_new(); @@ -1261,6 +1265,76 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx) rc = 0; goto err; } + /* Regression test for carry bug in mulx4x_mont */ + BN_hex2bn(&a, + "7878787878787878787878787878787878787878787878787878787878787878" + "7878787878787878787878787878787878787878787878787878787878787878" + "7878787878787878787878787878787878787878787878787878787878787878" + "7878787878787878787878787878787878787878787878787878787878787878"); + BN_hex2bn(&b, + "095D72C08C097BA488C5E439C655A192EAFB6380073D8C2664668EDDB4060744" + "E16E57FB4EDB9AE10A0CEFCDC28A894F689A128379DB279D48A2E20849D68593" + "9B7803BCF46CEBF5C533FB0DD35B080593DE5472E3FE5DB951B8BFF9B4CB8F03" + "9CC638A5EE8CDD703719F8000E6A9F63BEED5F2FCD52FF293EA05A251BB4AB81"); + BN_hex2bn(&n, + "D78AF684E71DB0C39CFF4E64FB9DB567132CB9C50CC98009FEB820B26F2DED9B" + "91B9B5E2B83AE0AE4EB4E0523CA726BFBE969B89FD754F674CE99118C3F2D1C5" + "D81FDC7C54E02B60262B241D53C040E99E45826ECA37A804668E690E1AFC1CA4" + "2C9A15D84D4954425F0B7642FC0BD9D7B24E2618D2DCC9B729D944BADACFDDAF"); + BN_MONT_CTX_set(mont, n, ctx); + BN_mod_mul_montgomery(c, a, b, mont, ctx); + BN_mod_mul_montgomery(d, b, a, mont, ctx); + if (BN_cmp(c, d)) { + fprintf(stderr, "Montgomery multiplication test failed:" + " a*b != b*a.\n"); + rc = 0; + goto err; + } + /* Regression test for carry bug in sqr[x]8x_mont */ + BN_hex2bn(&n, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF00" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000FFFFFFFFFFFFFF"); + BN_hex2bn(&a, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF0000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "000000000000000000000000000000000000000000FFFFFFFFFFFFFF00000000"); + b = BN_dup(a); + BN_MONT_CTX_set(mont, n, ctx); + BN_mod_mul_montgomery(c, a, a, mont, ctx); + BN_mod_mul_montgomery(d, a, b, mont, ctx); + if (BN_cmp(c, d)) { + fprintf(stderr, "Montgomery multiplication test failed:" + " a**2 != a*a.\n"); + rc = 0; + goto err; + } /* Zero input */ BN_bntest_rand(p, 1024, 0, 0); BN_zero(a); @@ -1318,6 +1392,9 @@ err: BN_free(m); BN_free(d); BN_free(e); + BN_free(b); + BN_free(n); + BN_free(c); return (rc); } |