summaryrefslogtreecommitdiff
path: root/regress
diff options
context:
space:
mode:
authorKinichiro Inoguchi <inoguchi@cvs.openbsd.org>2017-01-31 13:19:06 +0000
committerKinichiro Inoguchi <inoguchi@cvs.openbsd.org>2017-01-31 13:19:06 +0000
commitb2062404c261c8c9bf56dcd8b415c077dc831001 (patch)
treeb281f859f5d1bd4845e5e9d90e8f57b9ee169859 /regress
parent1ff8a3d4d512b5f1ed3cdde5d08ac7537ced5b0e (diff)
LibreSSL : regress for carry bug in mulx4x_mont and sqr8x_mont
This regress bntest.c patch is originally from master branch of OpenSSL. - dca2e0e test/bntest.c: regression test for CVE-2016-7055. - 3e7a496 test/bntest.c: regression test for carry bug in bn_sqr8x_internal. These tests were added for these commit. - 2fac86d bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity). - 3f4bcf5 bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqr8x_internal. ok beck@
Diffstat (limited to 'regress')
-rw-r--r--regress/lib/libcrypto/bn/general/bntest.c79
1 files changed, 78 insertions, 1 deletions
diff --git a/regress/lib/libcrypto/bn/general/bntest.c b/regress/lib/libcrypto/bn/general/bntest.c
index 7e5e6ed81b9..98616c37b24 100644
--- a/regress/lib/libcrypto/bn/general/bntest.c
+++ b/regress/lib/libcrypto/bn/general/bntest.c
@@ -1236,15 +1236,19 @@ err:
int
test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
{
- BIGNUM *a, *p, *m, *d, *e;
+ BIGNUM *a, *p, *m, *d, *e, *b, *n, *c;
int rc = 1;
BN_MONT_CTX *mont;
+ char *bigstring;
a = BN_new();
p = BN_new();
m = BN_new();
d = BN_new();
e = BN_new();
+ b = BN_new();
+ n = BN_new();
+ c = BN_new();
mont = BN_MONT_CTX_new();
@@ -1261,6 +1265,76 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
rc = 0;
goto err;
}
+ /* Regression test for carry bug in mulx4x_mont */
+ BN_hex2bn(&a,
+ "7878787878787878787878787878787878787878787878787878787878787878"
+ "7878787878787878787878787878787878787878787878787878787878787878"
+ "7878787878787878787878787878787878787878787878787878787878787878"
+ "7878787878787878787878787878787878787878787878787878787878787878");
+ BN_hex2bn(&b,
+ "095D72C08C097BA488C5E439C655A192EAFB6380073D8C2664668EDDB4060744"
+ "E16E57FB4EDB9AE10A0CEFCDC28A894F689A128379DB279D48A2E20849D68593"
+ "9B7803BCF46CEBF5C533FB0DD35B080593DE5472E3FE5DB951B8BFF9B4CB8F03"
+ "9CC638A5EE8CDD703719F8000E6A9F63BEED5F2FCD52FF293EA05A251BB4AB81");
+ BN_hex2bn(&n,
+ "D78AF684E71DB0C39CFF4E64FB9DB567132CB9C50CC98009FEB820B26F2DED9B"
+ "91B9B5E2B83AE0AE4EB4E0523CA726BFBE969B89FD754F674CE99118C3F2D1C5"
+ "D81FDC7C54E02B60262B241D53C040E99E45826ECA37A804668E690E1AFC1CA4"
+ "2C9A15D84D4954425F0B7642FC0BD9D7B24E2618D2DCC9B729D944BADACFDDAF");
+ BN_MONT_CTX_set(mont, n, ctx);
+ BN_mod_mul_montgomery(c, a, b, mont, ctx);
+ BN_mod_mul_montgomery(d, b, a, mont, ctx);
+ if (BN_cmp(c, d)) {
+ fprintf(stderr, "Montgomery multiplication test failed:"
+ " a*b != b*a.\n");
+ rc = 0;
+ goto err;
+ }
+ /* Regression test for carry bug in sqr[x]8x_mont */
+ BN_hex2bn(&n,
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF00"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "00000000000000000000000000000000000000000000000000FFFFFFFFFFFFFF");
+ BN_hex2bn(&a,
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF0000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "0000000000000000000000000000000000000000000000000000000000000000"
+ "000000000000000000000000000000000000000000FFFFFFFFFFFFFF00000000");
+ b = BN_dup(a);
+ BN_MONT_CTX_set(mont, n, ctx);
+ BN_mod_mul_montgomery(c, a, a, mont, ctx);
+ BN_mod_mul_montgomery(d, a, b, mont, ctx);
+ if (BN_cmp(c, d)) {
+ fprintf(stderr, "Montgomery multiplication test failed:"
+ " a**2 != a*a.\n");
+ rc = 0;
+ goto err;
+ }
/* Zero input */
BN_bntest_rand(p, 1024, 0, 0);
BN_zero(a);
@@ -1318,6 +1392,9 @@ err:
BN_free(m);
BN_free(d);
BN_free(e);
+ BN_free(b);
+ BN_free(n);
+ BN_free(c);
return (rc);
}