X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fbn%2Fbntest.c;h=443cf420e5ce9cd54a2f420676adf465d1b08db0;hp=8f5b72c7f2d537328f8e6cd4f5d1a3cccab92748;hb=ac0f1d0b1406b426bc67b84ea51a7fa593609b9b;hpb=cd2eebfd6497ac1ca4d450960ba843f14643a9b2

diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index 8f5b72c7f2..443cf420e5 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include "openssl/e_os.h"
+#include "e_os.h"
 
 #include <openssl/bio.h>
 #include <openssl/bn.h>
@@ -68,7 +68,7 @@
 #include <openssl/x509.h>
 #include <openssl/err.h>
 
-#ifdef WINDOWS
+#ifdef OPENSSL_SYS_WINDOWS
 #include "../bio/bss_file.c"
 #endif
 
@@ -96,7 +96,7 @@ int test_sqrt(BIO *bp,BN_CTX *ctx);
 int rand_neg(void);
 static int results=0;
 
-#ifdef NO_STDIO
+#ifdef OPENSSL_NO_STDIO
 #define APPS_WIN16
 #include "bss_file.c"
 #endif
@@ -109,11 +109,9 @@ static const char rnd_seed[] = "string to make the random number generator think
 static void message(BIO *out, char *m)
 	{
 	fprintf(stderr, "test %s\n", m);
-#if defined(linux) || defined(__FreeBSD__) /* can we use GNU bc features? */
 	BIO_puts(out, "print \"test ");
 	BIO_puts(out, m);
 	BIO_puts(out, "\\n\"\n");
-#endif
 	}
 
 int main(int argc, char *argv[])
@@ -124,9 +122,7 @@ int main(int argc, char *argv[])
 
 	results = 0;
 
-	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
-	                                       * even check its return value
-	                                       * (which we should) */
+	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
 
 	argc--;
 	argv++;
@@ -257,21 +253,17 @@ int test_add(BIO *bp)
 	{
 	BIGNUM a,b,c;
 	int i;
-	int j;
 
 	BN_init(&a);
 	BN_init(&b);
 	BN_init(&c);
 
-	BN_rand(&a,512,0,0);
+	BN_bntest_rand(&a,512,0,0);
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(&b,450+i,0,0);
+		BN_bntest_rand(&b,450+i,0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
-		if (bp == NULL)
-			for (j=0; j<10000; j++)
-				BN_add(&c,&a,&b);
 		BN_add(&c,&a,&b);
 		if (bp != NULL)
 			{
@@ -305,7 +297,6 @@ int test_sub(BIO *bp)
 	{
 	BIGNUM a,b,c;
 	int i;
-	int j;
 
 	BN_init(&a);
 	BN_init(&b);
@@ -315,20 +306,17 @@ int test_sub(BIO *bp)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,512,0,0);
+			BN_bntest_rand(&a,512,0,0);
 			BN_copy(&b,&a);
 			if (BN_set_bit(&a,i)==0) return(0);
 			BN_add_word(&b,i);
 			}
 		else
 			{
-			BN_rand(&b,400+i-num1,0,0);
+			BN_bntest_rand(&b,400+i-num1,0,0);
 			a.neg=rand_neg();
 			b.neg=rand_neg();
 			}
-		if (bp == NULL)
-			for (j=0; j<10000; j++)
-				BN_sub(&c,&a,&b);
 		BN_sub(&c,&a,&b);
 		if (bp != NULL)
 			{
@@ -360,7 +348,6 @@ int test_div(BIO *bp, BN_CTX *ctx)
 	{
 	BIGNUM a,b,c,d,e;
 	int i;
-	int j;
 
 	BN_init(&a);
 	BN_init(&b);
@@ -372,18 +359,15 @@ int test_div(BIO *bp, BN_CTX *ctx)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,400,0,0);
+			BN_bntest_rand(&a,400,0,0);
 			BN_copy(&b,&a);
 			BN_lshift(&a,&a,i);
 			BN_add_word(&a,i);
 			}
 		else
-			BN_rand(&b,50+3*(i-num1),0,0);
+			BN_bntest_rand(&b,50+3*(i-num1),0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
-		if (bp == NULL)
-			for (j=0; j<100; j++)
-				BN_div(&d,&c,&a,&b,ctx);
 		BN_div(&d,&c,&a,&b,ctx);
 		if (bp != NULL)
 			{
@@ -429,7 +413,6 @@ int test_div_recp(BIO *bp, BN_CTX *ctx)
 	BIGNUM a,b,c,d,e;
 	BN_RECP_CTX recp;
 	int i;
-	int j;
 
 	BN_RECP_CTX_init(&recp);
 	BN_init(&a);
@@ -442,19 +425,16 @@ int test_div_recp(BIO *bp, BN_CTX *ctx)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,400,0,0);
+			BN_bntest_rand(&a,400,0,0);
 			BN_copy(&b,&a);
 			BN_lshift(&a,&a,i);
 			BN_add_word(&a,i);
 			}
 		else
-			BN_rand(&b,50+3*(i-num1),0,0);
+			BN_bntest_rand(&b,50+3*(i-num1),0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		BN_RECP_CTX_set(&recp,&b,ctx);
-		if (bp == NULL)
-			for (j=0; j<100; j++)
-				BN_div_recp(&d,&c,&a,&recp,ctx);
 		BN_div_recp(&d,&c,&a,&recp,ctx);
 		if (bp != NULL)
 			{
@@ -505,10 +485,11 @@ int test_mul(BIO *bp)
 	{
 	BIGNUM a,b,c,d,e;
 	int i;
-	int j;
-	BN_CTX ctx;
+	BN_CTX *ctx;
 
-	BN_CTX_init(&ctx);
+	ctx = BN_CTX_new();
+	if (ctx == NULL) exit(1);
+	
 	BN_init(&a);
 	BN_init(&b);
 	BN_init(&c);
@@ -519,17 +500,14 @@ int test_mul(BIO *bp)
 		{
 		if (i <= num1)
 			{
-			BN_rand(&a,100,0,0);
-			BN_rand(&b,100,0,0);
+			BN_bntest_rand(&a,100,0,0);
+			BN_bntest_rand(&b,100,0,0);
 			}
 		else
-			BN_rand(&b,i-num1,0,0);
+			BN_bntest_rand(&b,i-num1,0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
-		if (bp == NULL)
-			for (j=0; j<100; j++)
-				BN_mul(&c,&a,&b,&ctx);
-		BN_mul(&c,&a,&b,&ctx);
+		BN_mul(&c,&a,&b,ctx);
 		if (bp != NULL)
 			{
 			if (!results)
@@ -542,7 +520,7 @@ int test_mul(BIO *bp)
 			BN_print(bp,&c);
 			BIO_puts(bp,"\n");
 			}
-		BN_div(&d,&e,&c,&a,&ctx);
+		BN_div(&d,&e,&c,&a,ctx);
 		BN_sub(&d,&d,&b);
 		if(!BN_is_zero(&d) || !BN_is_zero(&e))
 		    {
@@ -555,7 +533,7 @@ int test_mul(BIO *bp)
 	BN_free(&c);
 	BN_free(&d);
 	BN_free(&e);
-	BN_CTX_free(&ctx);
+	BN_CTX_free(ctx);
 	return(1);
 	}
 
@@ -563,7 +541,6 @@ int test_sqr(BIO *bp, BN_CTX *ctx)
 	{
 	BIGNUM a,c,d,e;
 	int i;
-	int j;
 
 	BN_init(&a);
 	BN_init(&c);
@@ -572,11 +549,8 @@ int test_sqr(BIO *bp, BN_CTX *ctx)
 
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(&a,40+i*10,0,0);
+		BN_bntest_rand(&a,40+i*10,0,0);
 		a.neg=rand_neg();
-		if (bp == NULL)
-			for (j=0; j<100; j++)
-				BN_sqr(&c,&a,ctx);
 		BN_sqr(&c,&a,ctx);
 		if (bp != NULL)
 			{
@@ -610,7 +584,6 @@ int test_mont(BIO *bp, BN_CTX *ctx)
 	BIGNUM a,b,c,d,A,B;
 	BIGNUM n;
 	int i;
-	int j;
 	BN_MONT_CTX *mont;
 
 	BN_init(&a);
@@ -623,15 +596,15 @@ int test_mont(BIO *bp, BN_CTX *ctx)
 
 	mont=BN_MONT_CTX_new();
 
-	BN_rand(&a,100,0,0); /**/
-	BN_rand(&b,100,0,0); /**/
+	BN_bntest_rand(&a,100,0,0); /**/
+	BN_bntest_rand(&b,100,0,0); /**/
 	for (i=0; i<num2; i++)
 		{
 		int bits = (200*(i+1))/num2;
 
 		if (bits == 0)
 			continue;
-		BN_rand(&n,bits,0,1);
+		BN_bntest_rand(&n,bits,0,1);
 		BN_MONT_CTX_set(mont,&n,ctx);
 
 		BN_nnmod(&a,&a,&n,ctx);
@@ -640,9 +613,6 @@ int test_mont(BIO *bp, BN_CTX *ctx)
 		BN_to_montgomery(&A,&a,mont,ctx);
 		BN_to_montgomery(&B,&b,mont,ctx);
 
-		if (bp == NULL)
-			for (j=0; j<100; j++)
-				BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/
 		BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/
 		BN_from_montgomery(&A,&c,mont,ctx);/**/
 		if (bp != NULL)
@@ -688,7 +658,6 @@ int test_mod(BIO *bp, BN_CTX *ctx)
 	{
 	BIGNUM *a,*b,*c,*d,*e;
 	int i;
-	int j;
 
 	a=BN_new();
 	b=BN_new();
@@ -696,15 +665,12 @@ int test_mod(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(a,1024,0,0); /**/
+	BN_bntest_rand(a,1024,0,0); /**/
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(b,450+i*10,0,0); /**/
+		BN_bntest_rand(b,450+i*10,0,0); /**/
 		a->neg=rand_neg();
 		b->neg=rand_neg();
-		if (bp == NULL)
-			for (j=0; j<100; j++)
-				BN_mod(c,a,b,ctx);/**/
 		BN_mod(c,a,b,ctx);/**/
 		if (bp != NULL)
 			{
@@ -737,7 +703,7 @@ int test_mod(BIO *bp, BN_CTX *ctx)
 int test_mod_mul(BIO *bp, BN_CTX *ctx)
 	{
 	BIGNUM *a,*b,*c,*d,*e;
-	int i;
+	int i,j;
 
 	a=BN_new();
 	b=BN_new();
@@ -745,17 +711,14 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(c,1024,0,0); /**/
+	for (j=0; j<3; j++) {
+	BN_bntest_rand(c,1024,0,0); /**/
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(a,475+i*10,0,0); /**/
-		BN_rand(b,425+i*11,0,0); /**/
+		BN_bntest_rand(a,475+i*10,0,0); /**/
+		BN_bntest_rand(b,425+i*11,0,0); /**/
 		a->neg=rand_neg();
 		b->neg=rand_neg();
-	/*	if (bp == NULL)
-			for (j=0; j<100; j++)
-				BN_mod_mul(d,a,b,c,ctx);*/ /**/
-
 		if (!BN_mod_mul(e,a,b,c,ctx))
 			{
 			unsigned long l;
@@ -799,6 +762,7 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx)
 		    return 0;
 		    }
 		}
+	}
 	BN_free(a);
 	BN_free(b);
 	BN_free(c);
@@ -818,11 +782,11 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(c,30,0,1); /* must be odd for montgomery */
+	BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
 	for (i=0; i<num2; i++)
 		{
-		BN_rand(a,20+i*5,0,0); /**/
-		BN_rand(b,2+i,0,0); /**/
+		BN_bntest_rand(a,20+i*5,0,0); /**/
+		BN_bntest_rand(b,2+i,0,0); /**/
 
 		if (!BN_mod_exp(d,a,b,c,ctx))
 			return(00);
@@ -872,8 +836,8 @@ int test_exp(BIO *bp, BN_CTX *ctx)
 
 	for (i=0; i<num2; i++)
 		{
-		BN_rand(a,20+i*5,0,0); /**/
-		BN_rand(b,2+i,0,0); /**/
+		BN_bntest_rand(a,20+i*5,0,0); /**/
+		BN_bntest_rand(b,2+i,0,0); /**/
 
 		if (!BN_exp(d,a,b,ctx))
 			return(00);
@@ -924,7 +888,7 @@ static void genprime_cb(int p, int n, void *arg)
 
 int test_kron(BIO *bp, BN_CTX *ctx)
 	{
-	BIGNUM *a,*b,*r;
+	BIGNUM *a,*b,*r,*t;
 	int i;
 	int legendre, kronecker;
 	int ret = 0;
@@ -932,7 +896,8 @@ int test_kron(BIO *bp, BN_CTX *ctx)
 	a = BN_new();
 	b = BN_new();
 	r = BN_new();
-	if (a == NULL || b == NULL || r == NULL) goto err;
+	t = BN_new();
+	if (a == NULL || b == NULL || r == NULL || t == NULL) goto err;
 	
 	/* We test BN_kronecker(a, b, ctx) just for  b  odd (Jacobi symbol).
 	 * In this case we know that if  b  is prime, then BN_kronecker(a, b, ctx)
@@ -944,41 +909,51 @@ int test_kron(BIO *bp, BN_CTX *ctx)
 	 * works.) */
 
 	if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err;
+	b->neg = rand_neg();
 	putc('\n', stderr);
 
 	for (i = 0; i < num0; i++)
 		{
-		if (!BN_rand(a, 512, 0, 0)) goto err;
+		if (!BN_bntest_rand(a, 512, 0, 0)) goto err;
 		a->neg = rand_neg();
 
-		/* r := (b-1)/2  (note that b is odd) */
-		if (!BN_copy(r, b)) goto err;
-		if (!BN_sub_word(r, 1)) goto err;
-		if (!BN_rshift1(r, r)) goto err;
-		/* r := a^r mod b */
-		if (!BN_mod_exp(r, a, r, b, ctx)) goto err;
+		/* t := (|b|-1)/2  (note that b is odd) */
+		if (!BN_copy(t, b)) goto err;
+		t->neg = 0;
+		if (!BN_sub_word(t, 1)) goto err;
+		if (!BN_rshift1(t, t)) goto err;
+		/* r := a^t mod b */
+		b->neg=0;
+		
+		if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err; /* XXX should be BN_mod_exp_recp, but ..._recp triggers a bug that must be fixed */
+		b->neg=1;
 
 		if (BN_is_word(r, 1))
 			legendre = 1;
+		else if (BN_is_zero(r))
+			legendre = 0;
 		else
 			{
 			if (!BN_add_word(r, 1)) goto err;
-			if (0 != BN_cmp(r, b))
+			if (0 != BN_ucmp(r, b))
 				{
 				fprintf(stderr, "Legendre symbol computation failed\n");
 				goto err;
 				}
 			legendre = -1;
 			}
-
+		
 		kronecker = BN_kronecker(a, b, ctx);
 		if (kronecker < -1) goto err;
+		/* we actually need BN_kronecker(a, |b|) */
+		if (a->neg && b->neg)
+			kronecker = -kronecker;
 		
 		if (legendre != kronecker)
 			{
 			fprintf(stderr, "legendre != kronecker; a = ");
 			BN_print_fp(stderr, a);
-			fprintf(stderr, ", a = ");
+			fprintf(stderr, ", b = ");
 			BN_print_fp(stderr, b);
 			fprintf(stderr, "\n");
 			goto err;
@@ -995,6 +970,7 @@ int test_kron(BIO *bp, BN_CTX *ctx)
 	if (a != NULL) BN_free(a);
 	if (b != NULL) BN_free(b);
 	if (r != NULL) BN_free(r);
+	if (t != NULL) BN_free(t);
 	return ret;
 	}
 
@@ -1013,7 +989,7 @@ int test_sqrt(BIO *bp, BN_CTX *ctx)
 		{
 		if (i < 8)
 			{
-			unsigned primes[8] = { 2, 3, 7, 11, 13, 17, 19 };
+			unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 };
 			
 			if (!BN_set_word(p, primes[i])) goto err;
 			}
@@ -1025,18 +1001,21 @@ int test_sqrt(BIO *bp, BN_CTX *ctx)
 			if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err;
 			putc('\n', stderr);
 			}
+		p->neg = rand_neg();
 
 		for (j = 0; j < num2; j++)
 			{
 			/* construct 'a' such that it is a square modulo p,
 			 * but in general not a proper square and not reduced modulo p */
-			if (!BN_rand(r, 256, 0, 3)) goto err;
+			if (!BN_bntest_rand(r, 256, 0, 3)) goto err;
 			if (!BN_nnmod(r, r, p, ctx)) goto err;
 			if (!BN_mod_sqr(r, r, p, ctx)) goto err;
-			if (!BN_rand(a, 256, 0, 3)) goto err;
+			if (!BN_bntest_rand(a, 256, 0, 3)) goto err;
 			if (!BN_nnmod(a, a, p, ctx)) goto err;
 			if (!BN_mod_sqr(a, a, p, ctx)) goto err;
 			if (!BN_mul(a, a, r, ctx)) goto err;
+			if (rand_neg())
+				if (!BN_sub(a, a, p)) goto err;
 
 			if (!BN_mod_sqrt(r, a, p, ctx)) goto err;
 			if (!BN_mod_sqr(r, r, p, ctx)) goto err;
@@ -1085,7 +1064,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_)
 	else
 	    {
 	    a=BN_new();
-	    BN_rand(a,200,0,0); /**/
+	    BN_bntest_rand(a,200,0,0); /**/
 	    a->neg=rand_neg();
 	    }
 	for (i=0; i<num0; i++)
@@ -1137,7 +1116,7 @@ int test_lshift1(BIO *bp)
 	b=BN_new();
 	c=BN_new();
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{
@@ -1181,7 +1160,7 @@ int test_rshift(BIO *bp,BN_CTX *ctx)
 	e=BN_new();
 	BN_one(c);
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{
@@ -1224,7 +1203,7 @@ int test_rshift1(BIO *bp)
 	b=BN_new();
 	c=BN_new();
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{
@@ -1242,7 +1221,7 @@ int test_rshift1(BIO *bp)
 			}
 		BN_sub(c,a,b);
 		BN_sub(c,c,b);
-		if(!BN_is_zero(c) && !BN_is_one(c))
+		if(!BN_is_zero(c) && !BN_abs_is_word(c, 1))
 		    {
 		    fprintf(stderr,"Right shift one test failed!\n");
 		    return 0;