1 /* crypto/bn/bntest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
63 #include "openssl/e_os.h"
65 #include <openssl/bio.h>
66 #include <openssl/bn.h>
67 #include <openssl/rand.h>
68 #include <openssl/x509.h>
69 #include <openssl/err.h>
72 #include "../bio/bss_file.c"
75 const int num0 = 100; /* number of tests */
76 const int num1 = 50; /* additional tests for some functions */
77 const int num2 = 5; /* number of tests for slow functions */
79 int test_add(BIO *bp);
80 int test_sub(BIO *bp);
81 int test_lshift1(BIO *bp);
82 int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_);
83 int test_rshift1(BIO *bp);
84 int test_rshift(BIO *bp,BN_CTX *ctx);
85 int test_div(BIO *bp,BN_CTX *ctx);
86 int test_div_recp(BIO *bp,BN_CTX *ctx);
87 int test_mul(BIO *bp);
88 int test_sqr(BIO *bp,BN_CTX *ctx);
89 int test_mont(BIO *bp,BN_CTX *ctx);
90 int test_mod(BIO *bp,BN_CTX *ctx);
91 int test_mod_mul(BIO *bp,BN_CTX *ctx);
92 int test_mod_exp(BIO *bp,BN_CTX *ctx);
93 int test_exp(BIO *bp,BN_CTX *ctx);
94 int test_kron(BIO *bp,BN_CTX *ctx);
100 #include "bss_file.c"
103 static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9"
104 "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0";
106 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
108 static void message(BIO *out, char *m)
110 fprintf(stderr, "test %s\n", m);
111 #if defined(linux) || defined(__FreeBSD__) /* can we use GNU bc features? */
112 BIO_puts(out, "print \"test ");
114 BIO_puts(out, "\\n\"\n");
118 int main(int argc, char *argv[])
126 RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
127 * even check its return value
128 * (which we should) */
134 if (strcmp(*argv,"-results") == 0)
136 else if (strcmp(*argv,"-out") == 0)
138 if (--argc < 1) break;
147 if (ctx == NULL) exit(1);
149 out=BIO_new(BIO_s_file());
150 if (out == NULL) exit(1);
153 BIO_set_fp(out,stdout,BIO_NOCLOSE);
157 if (!BIO_write_filename(out,outfile))
165 BIO_puts(out,"obase=16\nibase=16\n");
167 message(out,"BN_add");
168 if (!test_add(out)) goto err;
171 message(out,"BN_sub");
172 if (!test_sub(out)) goto err;
175 message(out,"BN_lshift1");
176 if (!test_lshift1(out)) goto err;
179 message(out,"BN_lshift (fixed)");
180 if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))
184 message(out,"BN_lshift");
185 if (!test_lshift(out,ctx,NULL)) goto err;
188 message(out,"BN_rshift1");
189 if (!test_rshift1(out)) goto err;
192 message(out,"BN_rshift");
193 if (!test_rshift(out,ctx)) goto err;
196 message(out,"BN_sqr");
197 if (!test_sqr(out,ctx)) goto err;
200 message(out,"BN_mul");
201 if (!test_mul(out)) goto err;
204 message(out,"BN_div");
205 if (!test_div(out,ctx)) goto err;
208 message(out,"BN_div_recp");
209 if (!test_div_recp(out,ctx)) goto err;
212 message(out,"BN_mod");
213 if (!test_mod(out,ctx)) goto err;
216 message(out,"BN_mod_mul");
217 if (!test_mod_mul(out,ctx)) goto err;
220 message(out,"BN_mont");
221 if (!test_mont(out,ctx)) goto err;
224 message(out,"BN_mod_exp");
225 if (!test_mod_exp(out,ctx)) goto err;
228 message(out,"BN_exp");
229 if (!test_exp(out,ctx)) goto err;
232 message(out,"BN_kronecker");
233 if (!test_kron(out,ctx)) goto err;
242 BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
243 * the failure, see test_bn in test/Makefile.ssl*/
245 ERR_load_crypto_strings();
246 ERR_print_errors_fp(stderr);
251 int test_add(BIO *bp)
262 for (i=0; i<num0; i++)
264 BN_rand(&b,450+i,0,0);
268 for (j=0; j<10000; j++)
289 fprintf(stderr,"Add test failed!\n");
299 int test_sub(BIO *bp)
309 for (i=0; i<num0+num1; i++)
315 if (BN_set_bit(&a,i)==0) return(0);
320 BN_rand(&b,400+i-num1,0,0);
325 for (j=0; j<10000; j++)
344 fprintf(stderr,"Subtract test failed!\n");
354 int test_div(BIO *bp, BN_CTX *ctx)
366 for (i=0; i<num0+num1; i++)
376 BN_rand(&b,50+3*(i-num1),0,0);
380 for (j=0; j<100; j++)
381 BN_div(&d,&c,&a,&b,ctx);
382 BN_div(&d,&c,&a,&b,ctx);
405 BN_mul(&e,&d,&b,ctx);
410 fprintf(stderr,"Division test failed!\n");
422 int test_div_recp(BIO *bp, BN_CTX *ctx)
429 BN_RECP_CTX_init(&recp);
436 for (i=0; i<num0+num1; i++)
446 BN_rand(&b,50+3*(i-num1),0,0);
449 BN_RECP_CTX_set(&recp,&b,ctx);
451 for (j=0; j<100; j++)
452 BN_div_recp(&d,&c,&a,&recp,ctx);
453 BN_div_recp(&d,&c,&a,&recp,ctx);
476 BN_mul(&e,&d,&b,ctx);
481 fprintf(stderr,"Reciprocal division test failed!\n");
482 fprintf(stderr,"a=");
483 BN_print_fp(stderr,&a);
484 fprintf(stderr,"\nb=");
485 BN_print_fp(stderr,&b);
486 fprintf(stderr,"\n");
495 BN_RECP_CTX_free(&recp);
499 int test_mul(BIO *bp)
513 for (i=0; i<num0+num1; i++)
521 BN_rand(&b,i-num1,0,0);
525 for (j=0; j<100; j++)
526 BN_mul(&c,&a,&b,&ctx);
527 BN_mul(&c,&a,&b,&ctx);
540 BN_div(&d,&e,&c,&a,&ctx);
542 if(!BN_is_zero(&d) || !BN_is_zero(&e))
544 fprintf(stderr,"Multiplication test failed!\n");
557 int test_sqr(BIO *bp, BN_CTX *ctx)
568 for (i=0; i<num0; i++)
570 BN_rand(&a,40+i*10,0,0);
573 for (j=0; j<100; j++)
588 BN_div(&d,&e,&c,&a,ctx);
590 if(!BN_is_zero(&d) || !BN_is_zero(&e))
592 fprintf(stderr,"Square test failed!\n");
603 int test_mont(BIO *bp, BN_CTX *ctx)
619 mont=BN_MONT_CTX_new();
621 BN_rand(&a,100,0,0); /**/
622 BN_rand(&b,100,0,0); /**/
623 for (i=0; i<num2; i++)
625 int bits = (200*(i+1))/num2;
629 BN_rand(&n,bits,0,1);
630 BN_MONT_CTX_set(mont,&n,ctx);
632 BN_nnmod(&a,&a,&n,ctx);
633 BN_nnmod(&b,&b,&n,ctx);
635 BN_to_montgomery(&A,&a,mont,ctx);
636 BN_to_montgomery(&B,&b,mont,ctx);
639 for (j=0; j<100; j++)
640 BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/
641 BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/
642 BN_from_montgomery(&A,&c,mont,ctx);/**/
648 fprintf(stderr,"%d * %d %% %d\n",
651 BN_num_bits(mont->N));
657 BN_print(bp,&(mont->N));
663 BN_mod_mul(&d,&a,&b,&n,ctx);
667 fprintf(stderr,"Montgomery multiplication test failed!\n");
671 BN_MONT_CTX_free(mont);
682 int test_mod(BIO *bp, BN_CTX *ctx)
684 BIGNUM *a,*b,*c,*d,*e;
694 BN_rand(a,1024,0,0); /**/
695 for (i=0; i<num0; i++)
697 BN_rand(b,450+i*10,0,0); /**/
701 for (j=0; j<100; j++)
702 BN_mod(c,a,b,ctx);/**/
703 BN_mod(c,a,b,ctx);/**/
720 fprintf(stderr,"Modulo test failed!\n");
732 int test_mod_mul(BIO *bp, BN_CTX *ctx)
734 BIGNUM *a,*b,*c,*d,*e;
743 BN_rand(c,1024,0,0); /**/
744 for (i=0; i<num0; i++)
746 BN_rand(a,475+i*10,0,0); /**/
747 BN_rand(b,425+i*11,0,0); /**/
751 for (j=0; j<100; j++)
752 BN_mod_mul(d,a,b,c,ctx);*/ /**/
754 if (!BN_mod_mul(e,a,b,c,ctx))
758 while ((l=ERR_get_error()))
759 fprintf(stderr,"ERROR:%s\n",
760 ERR_error_string(l,NULL));
772 if ((a->neg ^ b->neg) && !BN_is_zero(e))
774 /* If (a*b) % c is negative, c must be added
775 * in order to obtain the normalized remainder
776 * (new with OpenSSL 0.9.7, previous versions of
777 * BN_mod_mul could generate negative results)
792 fprintf(stderr,"Modulo multiply test failed!\n");
793 ERR_print_errors_fp(stderr);
805 int test_mod_exp(BIO *bp, BN_CTX *ctx)
807 BIGNUM *a,*b,*c,*d,*e;
816 BN_rand(c,30,0,1); /* must be odd for montgomery */
817 for (i=0; i<num2; i++)
819 BN_rand(a,20+i*5,0,0); /**/
820 BN_rand(b,2+i,0,0); /**/
822 if (!BN_mod_exp(d,a,b,c,ctx))
844 fprintf(stderr,"Modulo exponentiation test failed!\n");
856 int test_exp(BIO *bp, BN_CTX *ctx)
858 BIGNUM *a,*b,*d,*e,*one;
868 for (i=0; i<num2; i++)
870 BN_rand(a,20+i*5,0,0); /**/
871 BN_rand(b,2+i,0,0); /**/
873 if (!BN_exp(d,a,b,ctx))
889 for( ; !BN_is_zero(b) ; BN_sub(b,b,one))
894 fprintf(stderr,"Exponentiation test failed!\n");
906 static void genprime_cb(int p, int n, void *arg)
920 int test_kron(BIO *bp, BN_CTX *ctx)
924 int legendre, kronecker;
930 if (a == NULL || b == NULL || r == NULL) goto err;
932 /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol).
933 * In this case we know that if b is prime, then BN_kronecker(a, b, ctx)
934 * is congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol).
935 * So we generate a random prime b and compare these values
936 * for a number of random a's. (That is, we run the Solovay-Strassen
937 * primality test to confirm that b is prime, except that we
938 * don't want to test whether b is prime but whether BN_kronecker
941 if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err;
943 if (1 != BN_is_prime(b, 10, NULL, ctx, NULL))
945 fprintf(stderr, "BN_is_prime failed\n");
949 for (i = 0; i < num0; i++)
951 if (!BN_rand(a, 512, 0, 0)) goto err;
952 if (!BN_nnmod(a, a, b, ctx)) goto err;
954 /* r := (b-1)/2 (note that b is odd) */
955 if (!BN_copy(r, b)) goto err;
956 if (!BN_sub_word(r, 1)) goto err;
957 if (!BN_rshift1(r, r)) goto err;
959 if (!BN_mod_exp(r, a, r, b, ctx)) goto err;
961 if (BN_is_word(r, 1))
965 if (!BN_add_word(r, 1)) goto err;
966 if (0 != BN_cmp(r, b))
968 fprintf(stderr, "Legendre symbol computation failed\n");
974 kronecker = BN_kronecker(a, b, ctx);
975 if (kronecker < -1) goto err;
977 if (legendre != kronecker)
979 fprintf(stderr, "legendre != kronecker; a = ");
980 BN_print_fp(stderr, a);
981 fprintf(stderr, ", a = ");
982 BN_print_fp(stderr, b);
983 fprintf(stderr, "\n");
995 if (a != NULL) BN_free(a);
996 if (b != NULL) BN_free(b);
997 if (r != NULL) BN_free(r);
1001 int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_)
1016 BN_rand(a,200,0,0); /**/
1019 for (i=0; i<num0; i++)
1039 fprintf(stderr,"Left shift test failed!\n");
1040 fprintf(stderr,"a=");
1041 BN_print_fp(stderr,a);
1042 fprintf(stderr,"\nb=");
1043 BN_print_fp(stderr,b);
1044 fprintf(stderr,"\nc=");
1045 BN_print_fp(stderr,c);
1046 fprintf(stderr,"\nd=");
1047 BN_print_fp(stderr,d);
1048 fprintf(stderr,"\n");
1059 int test_lshift1(BIO *bp)
1068 BN_rand(a,200,0,0); /**/
1070 for (i=0; i<num0; i++)
1078 BIO_puts(bp," * 2");
1088 fprintf(stderr,"Left shift one test failed!\n");
1100 int test_rshift(BIO *bp,BN_CTX *ctx)
1102 BIGNUM *a,*b,*c,*d,*e;
1112 BN_rand(a,200,0,0); /**/
1114 for (i=0; i<num0; i++)
1130 BN_div(d,e,a,c,ctx);
1134 fprintf(stderr,"Right shift test failed!\n");
1146 int test_rshift1(BIO *bp)
1155 BN_rand(a,200,0,0); /**/
1157 for (i=0; i<num0; i++)
1165 BIO_puts(bp," / 2");
1173 if(!BN_is_zero(c) && !BN_is_one(c))
1175 fprintf(stderr,"Right shift one test failed!\n");
1188 static unsigned int neg=0;
1189 static int sign[8]={0,0,0,1,1,0,1,1};
1191 return(sign[(neg++)%8]);
projects / openssl.git / blob