X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fbntest.c;h=19880a77c8c1162738d56340ab82adfea3366f42;hp=a570d0099b979cb74cb01fee16bf908a72774f65;hb=97ea1e7f42eea97b117af08b3c1d29f6443850ab;hpb=ad887416f1e59c3294a7d8f83a0ca77120523b4a diff --git a/test/bntest.c b/test/bntest.c index a570d0099b..19880a77c8 100644 --- a/test/bntest.c +++ b/test/bntest.c @@ -12,28 +12,17 @@ #include #include -#include "e_os.h" -#include #include #include #include #include +#include "internal/nelem.h" +#include "internal/numbers.h" #include "testutil.h" -/* - * In bn_lcl.h, bn_expand() is defined as a static ossl_inline function. - * This is fine in itself, it will end up as an unused static function in - * the worst case. However, it references bn_expand2(), which is a private - * function in libcrypto and therefore unavailable on some systems. This - * may result in a linker error because of unresolved symbols. - * - * To avoid this, we define a dummy variant of bn_expand2() here, and to - * avoid possible clashes with libcrypto, we rename it first, using a macro. - */ -#define bn_expand2 dummy_bn_expand2 -BIGNUM *bn_expand2(BIGNUM *b, int words); -BIGNUM *bn_expand2(BIGNUM *b, int words) { return NULL; } -#include "../crypto/bn/bn_lcl.h" +#ifdef OPENSSL_SYS_WINDOWS +# define strcasecmp _stricmp +#endif /* * Things in boring, not in openssl. TODO we should add them. @@ -59,9 +48,10 @@ static BN_CTX *ctx; /* * Polynomial coefficients used in GFM tests. */ +#ifndef OPENSSL_NO_EC2M static int p0[] = { 163, 7, 6, 3, 0, -1 }; static int p1[] = { 193, 15, 0, -1 }; - +#endif /* * Look for |key| in the stanza and return it or NULL if not found. @@ -77,6 +67,18 @@ static const char *findattr(STANZA *s, const char *key) return NULL; } +/* + * Parse BIGNUM from sparse hex-strings, return |BN_hex2bn| result. + */ +static int parse_bigBN(BIGNUM **out, const char *bn_strings[]) +{ + char *bigstring = glue_strings(bn_strings, NULL); + int ret = BN_hex2bn(out, bigstring); + + OPENSSL_free(bigstring); + return ret; +} + /* * Parse BIGNUM, return number of bytes parsed. */ @@ -149,7 +151,7 @@ static int rand_neg(void) } -static int test_sub() +static int test_sub(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL; int i, st = 0; @@ -168,8 +170,8 @@ static int test_sub() BN_add_word(b, i); } else { BN_bntest_rand(b, 400 + i - NUM1, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); } BN_sub(c, a, b); BN_add(c, c, b); @@ -186,7 +188,7 @@ err: } -static int test_div_recip() +static int test_div_recip(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL; BN_RECP_CTX *recp = NULL; @@ -208,8 +210,8 @@ static int test_div_recip() BN_add_word(a, i); } else BN_bntest_rand(b, 50 + 3 * (i - NUM1), 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); BN_RECP_CTX_set(recp, b, ctx); BN_div_recp(d, c, a, recp, ctx); BN_mul(e, d, b, ctx); @@ -230,7 +232,7 @@ err: } -static int test_mod() +static int test_mod(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL; int st = 0, i; @@ -245,8 +247,8 @@ static int test_mod() BN_bntest_rand(a, 1024, 0, 0); for (i = 0; i < NUM0; i++) { BN_bntest_rand(b, 450 + i * 10, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); BN_mod(c, a, b, ctx); BN_div(d, e, a, b, ctx); BN_sub(e, e, c); @@ -303,31 +305,15 @@ static const char *bn2strings[] = { NULL }; -static char *glue(const char *list[]) -{ - size_t len = 0; - char *p, *save; - int i; - - for (i = 0; list[i] != NULL; i++) - len += strlen(list[i]); - if (!TEST_ptr(p = save = OPENSSL_malloc(len + 1))) - return NULL; - for (i = 0; list[i] != NULL; i++) - p += strlen(strcpy(p, list[i])); - return save; -} - /* * Test constant-time modular exponentiation with 1024-bit inputs, which on * x86_64 cause a different code branch to be taken. */ -static int test_modexp_mont5() +static int test_modexp_mont5(void) { BIGNUM *a = NULL, *p = NULL, *m = NULL, *d = NULL, *e = NULL; BIGNUM *b = NULL, *n = NULL, *c = NULL; BN_MONT_CTX *mont = NULL; - char *bigstring; int st = 0; if (!TEST_ptr(a = BN_new()) @@ -373,12 +359,8 @@ static int test_modexp_mont5() goto err; /* Regression test for carry bug in sqr[x]8x_mont */ - bigstring = glue(bn1strings); - BN_hex2bn(&n, bigstring); - OPENSSL_free(bigstring); - bigstring = glue(bn2strings); - BN_hex2bn(&a, bigstring); - OPENSSL_free(bigstring); + parse_bigBN(&n, bn1strings); + parse_bigBN(&a, bn2strings); BN_free(b); b = BN_dup(a); BN_MONT_CTX_set(mont, n, ctx); @@ -387,6 +369,72 @@ static int test_modexp_mont5() if (!TEST_BN_eq(c, d)) goto err; + /* Regression test for carry bug in bn_sqrx8x_internal */ + { + static const char *ahex[] = { + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8FFEADBCFC4DAE7FFF908E92820306B", + "9544D954000000006C0000000000000000000000000000000000000000000000", + "00000000000000000000FF030202FFFFF8FFEBDBCFC4DAE7FFF908E92820306B", + "9544D954000000006C000000FF0302030000000000FFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF01FC00FF02FFFFFFFF", + "00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FCFD", + "FCFFFFFFFFFF000000000000000000FF0302030000000000FFFFFFFFFFFFFFFF", + "FF00FCFDFDFF030202FF00000000FFFFFFFFFFFFFFFFFF00FCFDFCFFFFFFFFFF", + NULL + }; + static const char *nhex[] = { + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8F8F8F8000000", + "00000010000000006C0000000000000000000000000000000000000000000000", + "00000000000000000000000000000000000000FFFFFFFFFFFFF8F8F8F8000000", + "00000010000000006C000000000000000000000000FFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFF000000000000000000000000000000000000FFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + NULL + }; + + parse_bigBN(&a, ahex); + parse_bigBN(&n, nhex); + } + BN_free(b); + b = BN_dup(a); + BN_MONT_CTX_set(mont, n, ctx); + BN_mod_mul_montgomery(c, a, a, mont, ctx); + BN_mod_mul_montgomery(d, a, b, mont, ctx); + if (!TEST_BN_eq(c, d)) + goto err; + + /* Regression test for bug in rsaz_1024_mul_avx2 */ + BN_hex2bn(&a, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2020202020DF"); + BN_hex2bn(&b, + "2020202020202020202020202020202020202020202020202020202020202020" + "2020202020202020202020202020202020202020202020202020202020202020" + "20202020202020FF202020202020202020202020202020202020202020202020" + "2020202020202020202020202020202020202020202020202020202020202020"); + BN_hex2bn(&n, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2020202020FF"); + BN_MONT_CTX_set(mont, n, ctx); + BN_mod_exp_mont_consttime(c, a, b, n, ctx, mont); + BN_mod_exp_mont(d, a, b, n, ctx, mont); + if (!TEST_BN_eq(c, d)) + goto err; + /* Zero input */ BN_bntest_rand(p, 1024, 0, 0); BN_zero(a); @@ -430,7 +478,7 @@ err: } #ifndef OPENSSL_NO_EC2M -static int test_gf2m_add() +static int test_gf2m_add(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL; int i, st = 0; @@ -443,8 +491,8 @@ static int test_gf2m_add() for (i = 0; i < NUM0; i++) { BN_rand(a, 512, 0, 0); BN_copy(b, BN_value_one()); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); BN_GF2m_add(c, a, b); /* Test that two added values have the correct parity. */ if (!TEST_false((BN_is_odd(a) && BN_is_odd(c)) @@ -463,7 +511,7 @@ static int test_gf2m_add() return st; } -static int test_gf2m_mod() +static int test_gf2m_mod(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL, *e = NULL; int i, j, st = 0; @@ -501,7 +549,7 @@ static int test_gf2m_mod() return st; } -static int test_gf2m_mul() +static int test_gf2m_mul(void) { BIGNUM *a, *b[2] = {NULL, NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL, *f = NULL, *g = NULL, *h = NULL; @@ -552,7 +600,7 @@ static int test_gf2m_mul() return st; } -static int test_gf2m_sqr() +static int test_gf2m_sqr(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; int i, j, st = 0; @@ -589,7 +637,7 @@ static int test_gf2m_sqr() return st; } -static int test_gf2m_modinv() +static int test_gf2m_modinv(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; int i, j, st = 0; @@ -624,7 +672,7 @@ static int test_gf2m_modinv() return st; } -static int test_gf2m_moddiv() +static int test_gf2m_moddiv(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL, *f = NULL; @@ -666,7 +714,7 @@ static int test_gf2m_moddiv() return st; } -static int test_gf2m_modexp() +static int test_gf2m_modexp(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL, *f = NULL; @@ -712,7 +760,7 @@ static int test_gf2m_modexp() return st; } -static int test_gf2m_modsqrt() +static int test_gf2m_modsqrt(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL, *f = NULL; @@ -754,7 +802,7 @@ static int test_gf2m_modsqrt() return st; } -static int test_gf2m_modsolvequad() +static int test_gf2m_modsolvequad(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL; @@ -805,7 +853,7 @@ static int test_gf2m_modsolvequad() } #endif -static int test_kronecker() +static int test_kronecker(void) { BIGNUM *a = NULL, *b = NULL, *r = NULL, *t = NULL; int i, legendre, kronecker, st = 0; @@ -828,27 +876,27 @@ static int test_kronecker() if (!TEST_true(BN_generate_prime_ex(b, 512, 0, NULL, NULL, NULL))) goto err; - b->neg = rand_neg(); + BN_set_negative(b, rand_neg()); for (i = 0; i < NUM0; i++) { if (!TEST_true(BN_bntest_rand(a, 512, 0, 0))) goto err; - a->neg = rand_neg(); + BN_set_negative(a, rand_neg()); /* t := (|b|-1)/2 (note that b is odd) */ if (!TEST_true(BN_copy(t, b))) goto err; - t->neg = 0; + BN_set_negative(t, 0); if (!TEST_true(BN_sub_word(t, 1))) goto err; if (!TEST_true(BN_rshift1(t, t))) goto err; /* r := a^t mod b */ - b->neg = 0; + BN_set_negative(b, 0); if (!TEST_true(BN_mod_exp_recp(r, a, t, b, ctx))) goto err; - b->neg = 1; + BN_set_negative(b, 1); if (BN_is_word(r, 1)) legendre = 1; @@ -867,7 +915,7 @@ static int test_kronecker() if (!TEST_int_ge(kronecker = BN_kronecker(a, b, ctx), -1)) goto err; /* we actually need BN_kronecker(a, |b|) */ - if (a->neg && b->neg) + if (BN_is_negative(a) && BN_is_negative(b)) kronecker = -kronecker; if (!TEST_int_eq(legendre, kronecker)) @@ -1051,7 +1099,9 @@ static int file_lshift(STANZA *s) if (!TEST_ptr(a = getBN(s, "A")) || !TEST_ptr(lshift = getBN(s, "LShift")) - || !TEST_ptr(ret = BN_new())) + || !TEST_ptr(ret = BN_new()) + || !getint(s, &n, "N")) + goto err; if (!TEST_true(BN_lshift(ret, a, n)) || !equalBN("A << N", lshift, ret) @@ -1441,7 +1491,7 @@ err: return st; } -static int test_bn2padded() +static int test_bn2padded(void) { #if HAVE_BN_PADDED uint8_t zeros[256], out[256], reference[128]; @@ -1502,7 +1552,7 @@ err: #endif } -static int test_dec2bn() +static int test_dec2bn(void) { BIGNUM *bn = NULL; int st = 0; @@ -1571,7 +1621,7 @@ err: return st; } -static int test_hex2bn() +static int test_hex2bn(void) { BIGNUM *bn = NULL; int st = 0; @@ -1637,7 +1687,7 @@ err: return st; } -static int test_asc2bn() +static int test_asc2bn(void) { BIGNUM *bn = NULL; int st = 0; @@ -1735,7 +1785,7 @@ err: return st; } -static int test_rand() +static int test_rand(void) { BIGNUM *bn = NULL; int st = 0; @@ -1761,7 +1811,7 @@ err: return st; } -static int test_negzero() +static int test_negzero(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL; BIGNUM *numerator = NULL, *denominator = NULL; @@ -1830,7 +1880,7 @@ err: return st; } -static int test_badmod() +static int test_badmod(void) { BIGNUM *a = NULL, *b = NULL, *zero = NULL; BN_MONT_CTX *mont = NULL; @@ -1896,7 +1946,7 @@ err: return st; } -static int test_expmodzero() +static int test_expmodzero(void) { BIGNUM *a = NULL, *r = NULL, *zero = NULL; int st = 0; @@ -1929,7 +1979,7 @@ err: return st; } -static int test_smallprime() +static int test_smallprime(void) { static const int kBits = 10; BIGNUM *r; @@ -1947,7 +1997,7 @@ err: return st; } -static int test_3_is_prime() +static int test_3_is_prime(void) { int ret = 0; BIGNUM *r = NULL; @@ -2035,11 +2085,8 @@ static int run_file_tests(int i) int setup_tests(void) { - static const char rnd_seed[] = - "If not seeded, BN_generate_prime might fail"; int n = test_get_argument_count(); - RAND_seed(rnd_seed, sizeof(rnd_seed)); if (!TEST_ptr(ctx = BN_CTX_new())) return 0;