From 07f0779c161a4ca105068d8d3410d266c4b34a38 Mon Sep 17 00:00:00 2001 From: Miod Vallat Date: Fri, 20 Jun 2014 10:30:41 +0000 Subject: Move the crypto/bn regression test one directory deeper in preparation for it getting siblings. --- regress/lib/libcrypto/bn/Makefile | 13 +- regress/lib/libcrypto/bn/bntest.c | 2000 ----------------------------- regress/lib/libcrypto/bn/general/Makefile | 9 + regress/lib/libcrypto/bn/general/bntest.c | 2000 +++++++++++++++++++++++++++++ 4 files changed, 2015 insertions(+), 2007 deletions(-) delete mode 100644 regress/lib/libcrypto/bn/bntest.c create mode 100644 regress/lib/libcrypto/bn/general/Makefile create mode 100644 regress/lib/libcrypto/bn/general/bntest.c (limited to 'regress') diff --git a/regress/lib/libcrypto/bn/Makefile b/regress/lib/libcrypto/bn/Makefile index ecc2e79075c..a19e4568925 100644 --- a/regress/lib/libcrypto/bn/Makefile +++ b/regress/lib/libcrypto/bn/Makefile @@ -1,9 +1,8 @@ -# $OpenBSD: Makefile,v 1.2 2014/06/01 11:11:45 miod Exp $ +# $OpenBSD: Makefile,v 1.3 2014/06/20 10:30:40 miod Exp $ -PROG= bntest -LDADD= -lcrypto -DPADD= ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -Werror +SUBDIR= \ + general -.include +install: + +.include diff --git a/regress/lib/libcrypto/bn/bntest.c b/regress/lib/libcrypto/bn/bntest.c deleted file mode 100644 index 74a97e9c8a3..00000000000 --- a/regress/lib/libcrypto/bn/bntest.c +++ /dev/null @@ -1,2000 +0,0 @@ -/* crypto/bn/bntest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the Eric Young open source - * license provided above. - * - * The binary polynomial arithmetic software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - -/* Until the key-gen callbacks are modified to use newer prototypes, we allow - * deprecated functions for openssl-internal code */ -#ifdef OPENSSL_NO_DEPRECATED -#undef OPENSSL_NO_DEPRECATED -#endif - -#include -#include -#include - -#include -#include -#include -#include -#include - -const int num0 = 100; /* number of tests */ -const int num1 = 50; /* additional tests for some functions */ -const int num2 = 5; /* number of tests for slow functions */ - -int test_add(BIO *bp); -int test_sub(BIO *bp); -int test_lshift1(BIO *bp); -int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_); -int test_rshift1(BIO *bp); -int test_rshift(BIO *bp,BN_CTX *ctx); -int test_div(BIO *bp,BN_CTX *ctx); -int test_div_word(BIO *bp); -int test_div_recp(BIO *bp,BN_CTX *ctx); -int test_mul(BIO *bp); -int test_sqr(BIO *bp,BN_CTX *ctx); -int test_mont(BIO *bp,BN_CTX *ctx); -int test_mod(BIO *bp,BN_CTX *ctx); -int test_mod_mul(BIO *bp,BN_CTX *ctx); -int test_mod_exp(BIO *bp,BN_CTX *ctx); -int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); -int test_exp(BIO *bp,BN_CTX *ctx); -int test_gf2m_add(BIO *bp); -int test_gf2m_mod(BIO *bp); -int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx); -int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx); -int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx); -int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx); -int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx); -int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx); -int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx); -int test_kron(BIO *bp,BN_CTX *ctx); -int test_sqrt(BIO *bp,BN_CTX *ctx); -int rand_neg(void); -static int results=0; - -static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" -"\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; - -static void message(BIO *out, char *m) - { - fprintf(stderr, "test %s\n", m); - BIO_puts(out, "print \"test "); - BIO_puts(out, m); - BIO_puts(out, "\\n\"\n"); - } - -int main(int argc, char *argv[]) - { - BN_CTX *ctx; - BIO *out; - char *outfile=NULL; - - results = 0; - - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-results") == 0) - results=1; - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) break; - outfile= *(++argv); - } - argc--; - argv++; - } - - - ctx=BN_CTX_new(); - if (ctx == NULL) exit(1); - - out=BIO_new(BIO_s_file()); - if (out == NULL) exit(1); - if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); - } - else - { - if (!BIO_write_filename(out,outfile)) - { - perror(outfile); - exit(1); - } - } - - if (!results) - BIO_puts(out,"obase=16\nibase=16\n"); - - message(out,"BN_add"); - if (!test_add(out)) goto err; - (void)BIO_flush(out); - - message(out,"BN_sub"); - if (!test_sub(out)) goto err; - (void)BIO_flush(out); - - message(out,"BN_lshift1"); - if (!test_lshift1(out)) goto err; - (void)BIO_flush(out); - - message(out,"BN_lshift (fixed)"); - if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) - goto err; - (void)BIO_flush(out); - - message(out,"BN_lshift"); - if (!test_lshift(out,ctx,NULL)) goto err; - (void)BIO_flush(out); - - message(out,"BN_rshift1"); - if (!test_rshift1(out)) goto err; - (void)BIO_flush(out); - - message(out,"BN_rshift"); - if (!test_rshift(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_sqr"); - if (!test_sqr(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_mul"); - if (!test_mul(out)) goto err; - (void)BIO_flush(out); - - message(out,"BN_div"); - if (!test_div(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_div_word"); - if (!test_div_word(out)) goto err; - (void)BIO_flush(out); - - message(out,"BN_div_recp"); - if (!test_div_recp(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_mod"); - if (!test_mod(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_mod_mul"); - if (!test_mod_mul(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_mont"); - if (!test_mont(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_mod_exp"); - if (!test_mod_exp(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_mod_exp_mont_consttime"); - if (!test_mod_exp_mont_consttime(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_exp"); - if (!test_exp(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_kronecker"); - if (!test_kron(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_mod_sqrt"); - if (!test_sqrt(out,ctx)) goto err; - (void)BIO_flush(out); -#ifndef OPENSSL_NO_EC2M - message(out,"BN_GF2m_add"); - if (!test_gf2m_add(out)) goto err; - (void)BIO_flush(out); - - message(out,"BN_GF2m_mod"); - if (!test_gf2m_mod(out)) goto err; - (void)BIO_flush(out); - - message(out,"BN_GF2m_mod_mul"); - if (!test_gf2m_mod_mul(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_GF2m_mod_sqr"); - if (!test_gf2m_mod_sqr(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_GF2m_mod_inv"); - if (!test_gf2m_mod_inv(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_GF2m_mod_div"); - if (!test_gf2m_mod_div(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_GF2m_mod_exp"); - if (!test_gf2m_mod_exp(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_GF2m_mod_sqrt"); - if (!test_gf2m_mod_sqrt(out,ctx)) goto err; - (void)BIO_flush(out); - - message(out,"BN_GF2m_mod_solve_quad"); - if (!test_gf2m_mod_solve_quad(out,ctx)) goto err; - (void)BIO_flush(out); -#endif - BN_CTX_free(ctx); - BIO_free(out); - -/**/ - exit(0); -err: - BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices - * the failure, see test_bn in test/Makefile.ssl*/ - (void)BIO_flush(out); - ERR_load_crypto_strings(); - ERR_print_errors_fp(stderr); - exit(1); - } - -int test_add(BIO *bp) - { - BIGNUM a,b,c; - int i; - - BN_init(&a); - BN_init(&b); - BN_init(&c); - - BN_bntest_rand(&a,512,0,0); - for (i=0; i sizeof(unsigned long)) - { - unsigned long h=(unsigned long)(w>>32), - l=(unsigned long)(w); - - if (h) BIO_printf(bp,"%lX%08lX",h,l); - else BIO_printf(bp,"%lX",l); - return; - } -#endif - BIO_printf(bp,BN_HEX_FMT1,w); - } - -int test_div_word(BIO *bp) - { - BIGNUM a,b; - BN_ULONG r,s; - int i; - - BN_init(&a); - BN_init(&b); - - for (i=0; iN)); - BIO_puts(bp," - "); - } - BN_print(bp,&A); - BIO_puts(bp,"\n"); - } - BN_mod_mul(&d,&a,&b,&n,ctx); - BN_sub(&d,&d,&A); - if(!BN_is_zero(&d)) - { - fprintf(stderr,"Montgomery multiplication test failed!\n"); - return 0; - } - } - BN_MONT_CTX_free(mont); - BN_free(&a); - BN_free(&b); - BN_free(&c); - BN_free(&d); - BN_free(&A); - BN_free(&B); - BN_free(&n); - return(1); - } - -int test_mod(BIO *bp, BN_CTX *ctx) - { - BIGNUM *a,*b,*c,*d,*e; - int i; - - a=BN_new(); - b=BN_new(); - c=BN_new(); - d=BN_new(); - e=BN_new(); - - BN_bntest_rand(a,1024,0,0); /**/ - for (i=0; ineg=rand_neg(); - b->neg=rand_neg(); - BN_mod(c,a,b,ctx);/**/ - if (bp != NULL) - { - if (!results) - { - BN_print(bp,a); - BIO_puts(bp," % "); - BN_print(bp,b); - BIO_puts(bp," - "); - } - BN_print(bp,c); - BIO_puts(bp,"\n"); - } - BN_div(d,e,a,b,ctx); - BN_sub(e,e,c); - if(!BN_is_zero(e)) - { - fprintf(stderr,"Modulo test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - return(1); - } - -int test_mod_mul(BIO *bp, BN_CTX *ctx) - { - BIGNUM *a,*b,*c,*d,*e; - int i,j; - - a=BN_new(); - b=BN_new(); - c=BN_new(); - d=BN_new(); - e=BN_new(); - - for (j=0; j<3; j++) { - BN_bntest_rand(c,1024,0,0); /**/ - for (i=0; ineg=rand_neg(); - b->neg=rand_neg(); - if (!BN_mod_mul(e,a,b,c,ctx)) - { - unsigned long l; - - while ((l=ERR_get_error())) - fprintf(stderr,"ERROR:%s\n", - ERR_error_string(l,NULL)); - exit(1); - } - if (bp != NULL) - { - if (!results) - { - BN_print(bp,a); - BIO_puts(bp," * "); - BN_print(bp,b); - BIO_puts(bp," % "); - BN_print(bp,c); - if ((a->neg ^ b->neg) && !BN_is_zero(e)) - { - /* If (a*b) % c is negative, c must be added - * in order to obtain the normalized remainder - * (new with OpenSSL 0.9.7, previous versions of - * BN_mod_mul could generate negative results) - */ - BIO_puts(bp," + "); - BN_print(bp,c); - } - BIO_puts(bp," - "); - } - BN_print(bp,e); - BIO_puts(bp,"\n"); - } - BN_mul(d,a,b,ctx); - BN_sub(d,d,e); - BN_div(a,b,d,c,ctx); - if(!BN_is_zero(b)) - { - fprintf(stderr,"Modulo multiply test failed!\n"); - ERR_print_errors_fp(stderr); - return 0; - } - } - } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - return(1); - } - -int test_mod_exp(BIO *bp, BN_CTX *ctx) - { - BIGNUM *a,*b,*c,*d,*e; - int i; - - a=BN_new(); - b=BN_new(); - c=BN_new(); - d=BN_new(); - e=BN_new(); - - BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */ - for (i=0; ineg = rand_neg(); - putc('\n', stderr); - - for (i = 0; i < num0; i++) - { - if (!BN_bntest_rand(a, 512, 0, 0)) goto err; - a->neg = rand_neg(); - - /* t := (|b|-1)/2 (note that b is odd) */ - if (!BN_copy(t, b)) goto err; - t->neg = 0; - if (!BN_sub_word(t, 1)) goto err; - if (!BN_rshift1(t, t)) goto err; - /* r := a^t mod b */ - b->neg=0; - - if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err; - b->neg=1; - - if (BN_is_word(r, 1)) - legendre = 1; - else if (BN_is_zero(r)) - legendre = 0; - else - { - if (!BN_add_word(r, 1)) goto err; - if (0 != BN_ucmp(r, b)) - { - fprintf(stderr, "Legendre symbol computation failed\n"); - goto err; - } - legendre = -1; - } - - kronecker = BN_kronecker(a, b, ctx); - if (kronecker < -1) goto err; - /* we actually need BN_kronecker(a, |b|) */ - if (a->neg && b->neg) - kronecker = -kronecker; - - if (legendre != kronecker) - { - fprintf(stderr, "legendre != kronecker; a = "); - BN_print_fp(stderr, a); - fprintf(stderr, ", b = "); - BN_print_fp(stderr, b); - fprintf(stderr, "\n"); - goto err; - } - - putc('.', stderr); - fflush(stderr); - } - - putc('\n', stderr); - fflush(stderr); - ret = 1; - err: - if (a != NULL) BN_free(a); - if (b != NULL) BN_free(b); - if (r != NULL) BN_free(r); - if (t != NULL) BN_free(t); - return ret; - } - -int test_sqrt(BIO *bp, BN_CTX *ctx) - { - BN_GENCB cb; - BIGNUM *a,*p,*r; - int i, j; - int ret = 0; - - a = BN_new(); - p = BN_new(); - r = BN_new(); - if (a == NULL || p == NULL || r == NULL) goto err; - - BN_GENCB_set(&cb, genprime_cb, NULL); - - for (i = 0; i < 16; i++) - { - if (i < 8) - { - unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 }; - - if (!BN_set_word(p, primes[i])) goto err; - } - else - { - if (!BN_set_word(a, 32)) goto err; - if (!BN_set_word(r, 2*i + 1)) goto err; - - if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err; - putc('\n', stderr); - } - p->neg = rand_neg(); - - for (j = 0; j < num2; j++) - { - /* construct 'a' such that it is a square modulo p, - * but in general not a proper square and not reduced modulo p */ - if (!BN_bntest_rand(r, 256, 0, 3)) goto err; - if (!BN_nnmod(r, r, p, ctx)) goto err; - if (!BN_mod_sqr(r, r, p, ctx)) goto err; - if (!BN_bntest_rand(a, 256, 0, 3)) goto err; - if (!BN_nnmod(a, a, p, ctx)) goto err; - if (!BN_mod_sqr(a, a, p, ctx)) goto err; - if (!BN_mul(a, a, r, ctx)) goto err; - if (rand_neg()) - if (!BN_sub(a, a, p)) goto err; - - if (!BN_mod_sqrt(r, a, p, ctx)) goto err; - if (!BN_mod_sqr(r, r, p, ctx)) goto err; - - if (!BN_nnmod(a, a, p, ctx)) goto err; - - if (BN_cmp(a, r) != 0) - { - fprintf(stderr, "BN_mod_sqrt failed: a = "); - BN_print_fp(stderr, a); - fprintf(stderr, ", r = "); - BN_print_fp(stderr, r); - fprintf(stderr, ", p = "); - BN_print_fp(stderr, p); - fprintf(stderr, "\n"); - goto err; - } - - putc('.', stderr); - fflush(stderr); - } - - putc('\n', stderr); - fflush(stderr); - } - ret = 1; - err: - if (a != NULL) BN_free(a); - if (p != NULL) BN_free(p); - if (r != NULL) BN_free(r); - return ret; - } - -int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) - { - BIGNUM *a,*b,*c,*d; - int i; - - b=BN_new(); - c=BN_new(); - d=BN_new(); - BN_one(c); - - if(a_) - a=a_; - else - { - a=BN_new(); - BN_bntest_rand(a,200,0,0); /**/ - a->neg=rand_neg(); - } - for (i=0; ineg=rand_neg(); - for (i=0; ineg=rand_neg(); - for (i=0; ineg=rand_neg(); - for (i=0; i diff --git a/regress/lib/libcrypto/bn/general/bntest.c b/regress/lib/libcrypto/bn/general/bntest.c new file mode 100644 index 00000000000..74a97e9c8a3 --- /dev/null +++ b/regress/lib/libcrypto/bn/general/bntest.c @@ -0,0 +1,2000 @@ +/* crypto/bn/bntest.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the Eric Young open source + * license provided above. + * + * The binary polynomial arithmetic software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ + +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + +#include +#include +#include + +#include +#include +#include +#include +#include + +const int num0 = 100; /* number of tests */ +const int num1 = 50; /* additional tests for some functions */ +const int num2 = 5; /* number of tests for slow functions */ + +int test_add(BIO *bp); +int test_sub(BIO *bp); +int test_lshift1(BIO *bp); +int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_); +int test_rshift1(BIO *bp); +int test_rshift(BIO *bp,BN_CTX *ctx); +int test_div(BIO *bp,BN_CTX *ctx); +int test_div_word(BIO *bp); +int test_div_recp(BIO *bp,BN_CTX *ctx); +int test_mul(BIO *bp); +int test_sqr(BIO *bp,BN_CTX *ctx); +int test_mont(BIO *bp,BN_CTX *ctx); +int test_mod(BIO *bp,BN_CTX *ctx); +int test_mod_mul(BIO *bp,BN_CTX *ctx); +int test_mod_exp(BIO *bp,BN_CTX *ctx); +int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); +int test_exp(BIO *bp,BN_CTX *ctx); +int test_gf2m_add(BIO *bp); +int test_gf2m_mod(BIO *bp); +int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx); +int test_kron(BIO *bp,BN_CTX *ctx); +int test_sqrt(BIO *bp,BN_CTX *ctx); +int rand_neg(void); +static int results=0; + +static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" +"\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; + +static void message(BIO *out, char *m) + { + fprintf(stderr, "test %s\n", m); + BIO_puts(out, "print \"test "); + BIO_puts(out, m); + BIO_puts(out, "\\n\"\n"); + } + +int main(int argc, char *argv[]) + { + BN_CTX *ctx; + BIO *out; + char *outfile=NULL; + + results = 0; + + argc--; + argv++; + while (argc >= 1) + { + if (strcmp(*argv,"-results") == 0) + results=1; + else if (strcmp(*argv,"-out") == 0) + { + if (--argc < 1) break; + outfile= *(++argv); + } + argc--; + argv++; + } + + + ctx=BN_CTX_new(); + if (ctx == NULL) exit(1); + + out=BIO_new(BIO_s_file()); + if (out == NULL) exit(1); + if (outfile == NULL) + { + BIO_set_fp(out,stdout,BIO_NOCLOSE); + } + else + { + if (!BIO_write_filename(out,outfile)) + { + perror(outfile); + exit(1); + } + } + + if (!results) + BIO_puts(out,"obase=16\nibase=16\n"); + + message(out,"BN_add"); + if (!test_add(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_sub"); + if (!test_sub(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_lshift1"); + if (!test_lshift1(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_lshift (fixed)"); + if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) + goto err; + (void)BIO_flush(out); + + message(out,"BN_lshift"); + if (!test_lshift(out,ctx,NULL)) goto err; + (void)BIO_flush(out); + + message(out,"BN_rshift1"); + if (!test_rshift1(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_rshift"); + if (!test_rshift(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_sqr"); + if (!test_sqr(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_mul"); + if (!test_mul(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_div"); + if (!test_div(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_div_word"); + if (!test_div_word(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_div_recp"); + if (!test_div_recp(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_mod"); + if (!test_mod(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_mod_mul"); + if (!test_mod_mul(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_mont"); + if (!test_mont(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_mod_exp"); + if (!test_mod_exp(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_mod_exp_mont_consttime"); + if (!test_mod_exp_mont_consttime(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_exp"); + if (!test_exp(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_kronecker"); + if (!test_kron(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_mod_sqrt"); + if (!test_sqrt(out,ctx)) goto err; + (void)BIO_flush(out); +#ifndef OPENSSL_NO_EC2M + message(out,"BN_GF2m_add"); + if (!test_gf2m_add(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod"); + if (!test_gf2m_mod(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_mul"); + if (!test_gf2m_mod_mul(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_sqr"); + if (!test_gf2m_mod_sqr(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_inv"); + if (!test_gf2m_mod_inv(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_div"); + if (!test_gf2m_mod_div(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_exp"); + if (!test_gf2m_mod_exp(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_sqrt"); + if (!test_gf2m_mod_sqrt(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_solve_quad"); + if (!test_gf2m_mod_solve_quad(out,ctx)) goto err; + (void)BIO_flush(out); +#endif + BN_CTX_free(ctx); + BIO_free(out); + +/**/ + exit(0); +err: + BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices + * the failure, see test_bn in test/Makefile.ssl*/ + (void)BIO_flush(out); + ERR_load_crypto_strings(); + ERR_print_errors_fp(stderr); + exit(1); + } + +int test_add(BIO *bp) + { + BIGNUM a,b,c; + int i; + + BN_init(&a); + BN_init(&b); + BN_init(&c); + + BN_bntest_rand(&a,512,0,0); + for (i=0; i sizeof(unsigned long)) + { + unsigned long h=(unsigned long)(w>>32), + l=(unsigned long)(w); + + if (h) BIO_printf(bp,"%lX%08lX",h,l); + else BIO_printf(bp,"%lX",l); + return; + } +#endif + BIO_printf(bp,BN_HEX_FMT1,w); + } + +int test_div_word(BIO *bp) + { + BIGNUM a,b; + BN_ULONG r,s; + int i; + + BN_init(&a); + BN_init(&b); + + for (i=0; iN)); + BIO_puts(bp," - "); + } + BN_print(bp,&A); + BIO_puts(bp,"\n"); + } + BN_mod_mul(&d,&a,&b,&n,ctx); + BN_sub(&d,&d,&A); + if(!BN_is_zero(&d)) + { + fprintf(stderr,"Montgomery multiplication test failed!\n"); + return 0; + } + } + BN_MONT_CTX_free(mont); + BN_free(&a); + BN_free(&b); + BN_free(&c); + BN_free(&d); + BN_free(&A); + BN_free(&B); + BN_free(&n); + return(1); + } + +int test_mod(BIO *bp, BN_CTX *ctx) + { + BIGNUM *a,*b,*c,*d,*e; + int i; + + a=BN_new(); + b=BN_new(); + c=BN_new(); + d=BN_new(); + e=BN_new(); + + BN_bntest_rand(a,1024,0,0); /**/ + for (i=0; ineg=rand_neg(); + b->neg=rand_neg(); + BN_mod(c,a,b,ctx);/**/ + if (bp != NULL) + { + if (!results) + { + BN_print(bp,a); + BIO_puts(bp," % "); + BN_print(bp,b); + BIO_puts(bp," - "); + } + BN_print(bp,c); + BIO_puts(bp,"\n"); + } + BN_div(d,e,a,b,ctx); + BN_sub(e,e,c); + if(!BN_is_zero(e)) + { + fprintf(stderr,"Modulo test failed!\n"); + return 0; + } + } + BN_free(a); + BN_free(b); + BN_free(c); + BN_free(d); + BN_free(e); + return(1); + } + +int test_mod_mul(BIO *bp, BN_CTX *ctx) + { + BIGNUM *a,*b,*c,*d,*e; + int i,j; + + a=BN_new(); + b=BN_new(); + c=BN_new(); + d=BN_new(); + e=BN_new(); + + for (j=0; j<3; j++) { + BN_bntest_rand(c,1024,0,0); /**/ + for (i=0; ineg=rand_neg(); + b->neg=rand_neg(); + if (!BN_mod_mul(e,a,b,c,ctx)) + { + unsigned long l; + + while ((l=ERR_get_error())) + fprintf(stderr,"ERROR:%s\n", + ERR_error_string(l,NULL)); + exit(1); + } + if (bp != NULL) + { + if (!results) + { + BN_print(bp,a); + BIO_puts(bp," * "); + BN_print(bp,b); + BIO_puts(bp," % "); + BN_print(bp,c); + if ((a->neg ^ b->neg) && !BN_is_zero(e)) + { + /* If (a*b) % c is negative, c must be added + * in order to obtain the normalized remainder + * (new with OpenSSL 0.9.7, previous versions of + * BN_mod_mul could generate negative results) + */ + BIO_puts(bp," + "); + BN_print(bp,c); + } + BIO_puts(bp," - "); + } + BN_print(bp,e); + BIO_puts(bp,"\n"); + } + BN_mul(d,a,b,ctx); + BN_sub(d,d,e); + BN_div(a,b,d,c,ctx); + if(!BN_is_zero(b)) + { + fprintf(stderr,"Modulo multiply test failed!\n"); + ERR_print_errors_fp(stderr); + return 0; + } + } + } + BN_free(a); + BN_free(b); + BN_free(c); + BN_free(d); + BN_free(e); + return(1); + } + +int test_mod_exp(BIO *bp, BN_CTX *ctx) + { + BIGNUM *a,*b,*c,*d,*e; + int i; + + a=BN_new(); + b=BN_new(); + c=BN_new(); + d=BN_new(); + e=BN_new(); + + BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */ + for (i=0; ineg = rand_neg(); + putc('\n', stderr); + + for (i = 0; i < num0; i++) + { + if (!BN_bntest_rand(a, 512, 0, 0)) goto err; + a->neg = rand_neg(); + + /* t := (|b|-1)/2 (note that b is odd) */ + if (!BN_copy(t, b)) goto err; + t->neg = 0; + if (!BN_sub_word(t, 1)) goto err; + if (!BN_rshift1(t, t)) goto err; + /* r := a^t mod b */ + b->neg=0; + + if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err; + b->neg=1; + + if (BN_is_word(r, 1)) + legendre = 1; + else if (BN_is_zero(r)) + legendre = 0; + else + { + if (!BN_add_word(r, 1)) goto err; + if (0 != BN_ucmp(r, b)) + { + fprintf(stderr, "Legendre symbol computation failed\n"); + goto err; + } + legendre = -1; + } + + kronecker = BN_kronecker(a, b, ctx); + if (kronecker < -1) goto err; + /* we actually need BN_kronecker(a, |b|) */ + if (a->neg && b->neg) + kronecker = -kronecker; + + if (legendre != kronecker) + { + fprintf(stderr, "legendre != kronecker; a = "); + BN_print_fp(stderr, a); + fprintf(stderr, ", b = "); + BN_print_fp(stderr, b); + fprintf(stderr, "\n"); + goto err; + } + + putc('.', stderr); + fflush(stderr); + } + + putc('\n', stderr); + fflush(stderr); + ret = 1; + err: + if (a != NULL) BN_free(a); + if (b != NULL) BN_free(b); + if (r != NULL) BN_free(r); + if (t != NULL) BN_free(t); + return ret; + } + +int test_sqrt(BIO *bp, BN_CTX *ctx) + { + BN_GENCB cb; + BIGNUM *a,*p,*r; + int i, j; + int ret = 0; + + a = BN_new(); + p = BN_new(); + r = BN_new(); + if (a == NULL || p == NULL || r == NULL) goto err; + + BN_GENCB_set(&cb, genprime_cb, NULL); + + for (i = 0; i < 16; i++) + { + if (i < 8) + { + unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 }; + + if (!BN_set_word(p, primes[i])) goto err; + } + else + { + if (!BN_set_word(a, 32)) goto err; + if (!BN_set_word(r, 2*i + 1)) goto err; + + if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err; + putc('\n', stderr); + } + p->neg = rand_neg(); + + for (j = 0; j < num2; j++) + { + /* construct 'a' such that it is a square modulo p, + * but in general not a proper square and not reduced modulo p */ + if (!BN_bntest_rand(r, 256, 0, 3)) goto err; + if (!BN_nnmod(r, r, p, ctx)) goto err; + if (!BN_mod_sqr(r, r, p, ctx)) goto err; + if (!BN_bntest_rand(a, 256, 0, 3)) goto err; + if (!BN_nnmod(a, a, p, ctx)) goto err; + if (!BN_mod_sqr(a, a, p, ctx)) goto err; + if (!BN_mul(a, a, r, ctx)) goto err; + if (rand_neg()) + if (!BN_sub(a, a, p)) goto err; + + if (!BN_mod_sqrt(r, a, p, ctx)) goto err; + if (!BN_mod_sqr(r, r, p, ctx)) goto err; + + if (!BN_nnmod(a, a, p, ctx)) goto err; + + if (BN_cmp(a, r) != 0) + { + fprintf(stderr, "BN_mod_sqrt failed: a = "); + BN_print_fp(stderr, a); + fprintf(stderr, ", r = "); + BN_print_fp(stderr, r); + fprintf(stderr, ", p = "); + BN_print_fp(stderr, p); + fprintf(stderr, "\n"); + goto err; + } + + putc('.', stderr); + fflush(stderr); + } + + putc('\n', stderr); + fflush(stderr); + } + ret = 1; + err: + if (a != NULL) BN_free(a); + if (p != NULL) BN_free(p); + if (r != NULL) BN_free(r); + return ret; + } + +int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) + { + BIGNUM *a,*b,*c,*d; + int i; + + b=BN_new(); + c=BN_new(); + d=BN_new(); + BN_one(c); + + if(a_) + a=a_; + else + { + a=BN_new(); + BN_bntest_rand(a,200,0,0); /**/ + a->neg=rand_neg(); + } + for (i=0; ineg=rand_neg(); + for (i=0; ineg=rand_neg(); + for (i=0; ineg=rand_neg(); + for (i=0; i