X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fbntest.c;h=d042a3e2bacbc670ff0d600e801c73bc30e853f8;hp=ccedd7a7ec93c9e6c3a9b9716b8b50260767bef3;hb=3afd537a3c2319f68280804004e9bf2e798a43f7;hpb=281313e511381f3734f03233f8189d52771b2f6c diff --git a/test/bntest.c b/test/bntest.c index ccedd7a7ec..d042a3e2ba 100644 --- a/test/bntest.c +++ b/test/bntest.c @@ -1,7 +1,7 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html @@ -12,30 +12,17 @@ #include #include -#include "e_os.h" -#include #include #include #include #include +#include "internal/nelem.h" +#include "internal/numbers.h" #include "testutil.h" -/* - * In bn_lcl.h, bn_expand() is defined as a static ossl_inline function. - * This is fine in itself, it will end up as an unused static function in - * the worst case. However, it references bn_expand2(), which is a private - * function in libcrypto and therefore unavailable on some systems. This - * may result in a linker error because of unresolved symbols. - * - * To avoid this, we define a dummy variant of bn_expand2() here, and to - * avoid possible clashes with libcrypto, we rename it first, using a macro. - */ -#define bn_expand2 dummy_bn_expand2 -BIGNUM *bn_expand2(BIGNUM *b, int words); -BIGNUM *bn_expand2(BIGNUM *b, int words) { return NULL; } -#include "../crypto/bn/bn_lcl.h" - -#define MAXPAIRS 20 +#ifdef OPENSSL_SYS_WINDOWS +# define strcasecmp _stricmp +#endif /* * Things in boring, not in openssl. TODO we should add them. @@ -43,18 +30,6 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) { return NULL; } #define HAVE_BN_PADDED 0 #define HAVE_BN_SQRT 0 -typedef struct pair_st { - char *key; - char *value; -} PAIR; - -typedef struct stanza_st { - int curr; /* Current line in file */ - int start; /* Line where test starts */ - int numpairs; - PAIR pairs[MAXPAIRS]; -} STANZA; - typedef struct filetest_st { const char *name; int (*func)(STANZA *s); @@ -68,15 +43,15 @@ typedef struct mpitest_st { static const int NUM0 = 100; /* number of tests */ static const int NUM1 = 50; /* additional tests for some functions */ -static BIO *fp; static BN_CTX *ctx; /* * Polynomial coefficients used in GFM tests. */ +#ifndef OPENSSL_NO_EC2M static int p0[] = { 163, 7, 6, 3, 0, -1 }; static int p1[] = { 193, 15, 0, -1 }; - +#endif /* * Look for |key| in the stanza and return it or NULL if not found. @@ -92,6 +67,18 @@ static const char *findattr(STANZA *s, const char *key) return NULL; } +/* + * Parse BIGNUM from sparse hex-strings, return |BN_hex2bn| result. + */ +static int parse_bigBN(BIGNUM **out, const char *bn_strings[]) +{ + char *bigstring = glue_strings(bn_strings, NULL); + int ret = BN_hex2bn(out, bigstring); + + OPENSSL_free(bigstring); + return ret; +} + /* * Parse BIGNUM, return number of bytes parsed. */ @@ -113,7 +100,7 @@ static BIGNUM *getBN(STANZA *s, const char *attribute) BIGNUM *ret = NULL; if ((hex = findattr(s, attribute)) == NULL) { - TEST_error("Can't find %s in test at line %d", attribute, s->start); + TEST_error("%s:%d: Can't find %s", s->test_file, s->start, attribute); return NULL; } @@ -164,7 +151,79 @@ static int rand_neg(void) } -static int test_sub() +static int test_swap(void) +{ + BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL; + int top, cond, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new())) + goto err; + + BN_bntest_rand(a, 1024, 1, 0); + BN_bntest_rand(b, 1024, 1, 0); + BN_copy(c, a); + BN_copy(d, b); + top = BN_num_bits(a)/BN_BITS2; + + /* regular swap */ + BN_swap(a, b); + if (!equalBN("swap", a, d) + || !equalBN("swap", b, c)) + goto err; + + /* conditional swap: true */ + cond = 1; + BN_consttime_swap(cond, a, b, top); + if (!equalBN("cswap true", a, c) + || !equalBN("cswap true", b, d)) + goto err; + + /* conditional swap: false */ + cond = 0; + BN_consttime_swap(cond, a, b, top); + if (!equalBN("cswap false", a, c) + || !equalBN("cswap false", b, d)) + goto err; + + /* same tests but checking flag swap */ + BN_set_flags(a, BN_FLG_CONSTTIME); + + BN_swap(a, b); + if (!equalBN("swap, flags", a, d) + || !equalBN("swap, flags", b, c) + || !TEST_true(BN_get_flags(b, BN_FLG_CONSTTIME)) + || !TEST_false(BN_get_flags(a, BN_FLG_CONSTTIME))) + goto err; + + cond = 1; + BN_consttime_swap(cond, a, b, top); + if (!equalBN("cswap true, flags", a, c) + || !equalBN("cswap true, flags", b, d) + || !TEST_true(BN_get_flags(a, BN_FLG_CONSTTIME)) + || !TEST_false(BN_get_flags(b, BN_FLG_CONSTTIME))) + goto err; + + cond = 0; + BN_consttime_swap(cond, a, b, top); + if (!equalBN("cswap false, flags", a, c) + || !equalBN("cswap false, flags", b, d) + || !TEST_true(BN_get_flags(a, BN_FLG_CONSTTIME)) + || !TEST_false(BN_get_flags(b, BN_FLG_CONSTTIME))) + goto err; + + st = 1; + err: + BN_free(a); + BN_free(b); + BN_free(c); + BN_free(d); + return st; +} + +static int test_sub(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL; int i, st = 0; @@ -183,8 +242,8 @@ static int test_sub() BN_add_word(b, i); } else { BN_bntest_rand(b, 400 + i - NUM1, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); } BN_sub(c, a, b); BN_add(c, c, b); @@ -201,7 +260,7 @@ err: } -static int test_div_recip() +static int test_div_recip(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL; BN_RECP_CTX *recp = NULL; @@ -223,8 +282,8 @@ static int test_div_recip() BN_add_word(a, i); } else BN_bntest_rand(b, 50 + 3 * (i - NUM1), 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); BN_RECP_CTX_set(recp, b, ctx); BN_div_recp(d, c, a, recp, ctx); BN_mul(e, d, b, ctx); @@ -245,7 +304,7 @@ err: } -static int test_mod() +static int test_mod(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL; int st = 0, i; @@ -260,8 +319,8 @@ static int test_mod() BN_bntest_rand(a, 1024, 0, 0); for (i = 0; i < NUM0; i++) { BN_bntest_rand(b, 450 + i * 10, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); BN_mod(c, a, b, ctx); BN_div(d, e, a, b, ctx); BN_sub(e, e, c); @@ -318,31 +377,15 @@ static const char *bn2strings[] = { NULL }; -static char *glue(const char *list[]) -{ - size_t len = 0; - char *p, *save; - int i; - - for (i = 0; list[i] != NULL; i++) - len += strlen(list[i]); - if (!TEST_ptr(p = save = OPENSSL_malloc(len + 1))) - return NULL; - for (i = 0; list[i] != NULL; i++) - p += strlen(strcpy(p, list[i])); - return save; -} - /* * Test constant-time modular exponentiation with 1024-bit inputs, which on * x86_64 cause a different code branch to be taken. */ -static int test_modexp_mont5() +static int test_modexp_mont5(void) { BIGNUM *a = NULL, *p = NULL, *m = NULL, *d = NULL, *e = NULL; BIGNUM *b = NULL, *n = NULL, *c = NULL; BN_MONT_CTX *mont = NULL; - char *bigstring; int st = 0; if (!TEST_ptr(a = BN_new()) @@ -388,12 +431,8 @@ static int test_modexp_mont5() goto err; /* Regression test for carry bug in sqr[x]8x_mont */ - bigstring = glue(bn1strings); - BN_hex2bn(&n, bigstring); - OPENSSL_free(bigstring); - bigstring = glue(bn2strings); - BN_hex2bn(&a, bigstring); - OPENSSL_free(bigstring); + parse_bigBN(&n, bn1strings); + parse_bigBN(&a, bn2strings); BN_free(b); b = BN_dup(a); BN_MONT_CTX_set(mont, n, ctx); @@ -402,6 +441,109 @@ static int test_modexp_mont5() if (!TEST_BN_eq(c, d)) goto err; + /* Regression test for carry bug in bn_sqrx8x_internal */ + { + static const char *ahex[] = { + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8FFEADBCFC4DAE7FFF908E92820306B", + "9544D954000000006C0000000000000000000000000000000000000000000000", + "00000000000000000000FF030202FFFFF8FFEBDBCFC4DAE7FFF908E92820306B", + "9544D954000000006C000000FF0302030000000000FFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF01FC00FF02FFFFFFFF", + "00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FCFD", + "FCFFFFFFFFFF000000000000000000FF0302030000000000FFFFFFFFFFFFFFFF", + "FF00FCFDFDFF030202FF00000000FFFFFFFFFFFFFFFFFF00FCFDFCFFFFFFFFFF", + NULL + }; + static const char *nhex[] = { + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8F8F8F8000000", + "00000010000000006C0000000000000000000000000000000000000000000000", + "00000000000000000000000000000000000000FFFFFFFFFFFFF8F8F8F8000000", + "00000010000000006C000000000000000000000000FFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFF000000000000000000000000000000000000FFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + NULL + }; + + parse_bigBN(&a, ahex); + parse_bigBN(&n, nhex); + } + BN_free(b); + b = BN_dup(a); + BN_MONT_CTX_set(mont, n, ctx); + if (!TEST_true(BN_mod_mul_montgomery(c, a, a, mont, ctx)) + || !TEST_true(BN_mod_mul_montgomery(d, a, b, mont, ctx)) + || !TEST_BN_eq(c, d)) + goto err; + + /* Regression test for bug in BN_from_montgomery_word */ + BN_hex2bn(&a, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"); + BN_hex2bn(&n, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"); + BN_MONT_CTX_set(mont, n, ctx); + if (!TEST_false(BN_mod_mul_montgomery(d, a, a, mont, ctx))) + goto err; + + /* Regression test for bug in rsaz_1024_mul_avx2 */ + BN_hex2bn(&a, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2020202020DF"); + BN_hex2bn(&b, + "2020202020202020202020202020202020202020202020202020202020202020" + "2020202020202020202020202020202020202020202020202020202020202020" + "20202020202020FF202020202020202020202020202020202020202020202020" + "2020202020202020202020202020202020202020202020202020202020202020"); + BN_hex2bn(&n, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2020202020FF"); + BN_MONT_CTX_set(mont, n, ctx); + BN_mod_exp_mont_consttime(c, a, b, n, ctx, mont); + BN_mod_exp_mont(d, a, b, n, ctx, mont); + if (!TEST_BN_eq(c, d)) + goto err; + + /* + * rsaz_1024_mul_avx2 expects fully-reduced inputs. + * BN_mod_exp_mont_consttime should reduce the input first. + */ + BN_hex2bn(&a, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2020202020DF"); + BN_hex2bn(&b, + "1FA53F26F8811C58BE0357897AA5E165693230BC9DF5F01DFA6A2D59229EC69D" + "9DE6A89C36E3B6957B22D6FAAD5A3C73AE587B710DBE92E83D3A9A3339A085CB" + "B58F508CA4F837924BB52CC1698B7FDC2FD74362456A595A5B58E38E38E38E38" + "E38E38E38E38E38E38E38E38E38E38E38E38E38E38E38E38E38E38E38E38E38E"); + BN_hex2bn(&n, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2020202020DF"); + BN_MONT_CTX_set(mont, n, ctx); + BN_mod_exp_mont_consttime(c, a, b, n, ctx, mont); + BN_zero(d); + if (!TEST_BN_eq(c, d)) + goto err; + /* Zero input */ BN_bntest_rand(p, 1024, 0, 0); BN_zero(a); @@ -445,7 +587,7 @@ err: } #ifndef OPENSSL_NO_EC2M -static int test_gf2m_add() +static int test_gf2m_add(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL; int i, st = 0; @@ -458,8 +600,8 @@ static int test_gf2m_add() for (i = 0; i < NUM0; i++) { BN_rand(a, 512, 0, 0); BN_copy(b, BN_value_one()); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); BN_GF2m_add(c, a, b); /* Test that two added values have the correct parity. */ if (!TEST_false((BN_is_odd(a) && BN_is_odd(c)) @@ -478,7 +620,7 @@ static int test_gf2m_add() return st; } -static int test_gf2m_mod() +static int test_gf2m_mod(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL, *e = NULL; int i, j, st = 0; @@ -516,7 +658,7 @@ static int test_gf2m_mod() return st; } -static int test_gf2m_mul() +static int test_gf2m_mul(void) { BIGNUM *a, *b[2] = {NULL, NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL, *f = NULL, *g = NULL, *h = NULL; @@ -567,7 +709,7 @@ static int test_gf2m_mul() return st; } -static int test_gf2m_sqr() +static int test_gf2m_sqr(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; int i, j, st = 0; @@ -604,7 +746,7 @@ static int test_gf2m_sqr() return st; } -static int test_gf2m_modinv() +static int test_gf2m_modinv(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; int i, j, st = 0; @@ -639,7 +781,7 @@ static int test_gf2m_modinv() return st; } -static int test_gf2m_moddiv() +static int test_gf2m_moddiv(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL, *f = NULL; @@ -681,7 +823,7 @@ static int test_gf2m_moddiv() return st; } -static int test_gf2m_modexp() +static int test_gf2m_modexp(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL, *f = NULL; @@ -727,7 +869,7 @@ static int test_gf2m_modexp() return st; } -static int test_gf2m_modsqrt() +static int test_gf2m_modsqrt(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL, *f = NULL; @@ -769,7 +911,7 @@ static int test_gf2m_modsqrt() return st; } -static int test_gf2m_modsolvequad() +static int test_gf2m_modsolvequad(void) { BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; BIGNUM *e = NULL; @@ -820,7 +962,7 @@ static int test_gf2m_modsolvequad() } #endif -static int test_kronecker() +static int test_kronecker(void) { BIGNUM *a = NULL, *b = NULL, *r = NULL, *t = NULL; int i, legendre, kronecker, st = 0; @@ -843,27 +985,27 @@ static int test_kronecker() if (!TEST_true(BN_generate_prime_ex(b, 512, 0, NULL, NULL, NULL))) goto err; - b->neg = rand_neg(); + BN_set_negative(b, rand_neg()); for (i = 0; i < NUM0; i++) { if (!TEST_true(BN_bntest_rand(a, 512, 0, 0))) goto err; - a->neg = rand_neg(); + BN_set_negative(a, rand_neg()); /* t := (|b|-1)/2 (note that b is odd) */ if (!TEST_true(BN_copy(t, b))) goto err; - t->neg = 0; + BN_set_negative(t, 0); if (!TEST_true(BN_sub_word(t, 1))) goto err; if (!TEST_true(BN_rshift1(t, t))) goto err; /* r := a^t mod b */ - b->neg = 0; + BN_set_negative(b, 0); if (!TEST_true(BN_mod_exp_recp(r, a, t, b, ctx))) goto err; - b->neg = 1; + BN_set_negative(b, 1); if (BN_is_word(r, 1)) legendre = 1; @@ -882,7 +1024,7 @@ static int test_kronecker() if (!TEST_int_ge(kronecker = BN_kronecker(a, b, ctx), -1)) goto err; /* we actually need BN_kronecker(a, |b|) */ - if (a->neg && b->neg) + if (BN_is_negative(a) && BN_is_negative(b)) kronecker = -kronecker; if (!TEST_int_eq(legendre, kronecker)) @@ -1066,7 +1208,9 @@ static int file_lshift(STANZA *s) if (!TEST_ptr(a = getBN(s, "A")) || !TEST_ptr(lshift = getBN(s, "LShift")) - || !TEST_ptr(ret = BN_new())) + || !TEST_ptr(ret = BN_new()) + || !getint(s, &n, "N")) + goto err; if (!TEST_true(BN_lshift(ret, a, n)) || !equalBN("A << N", lshift, ret) @@ -1382,9 +1526,9 @@ static int file_modexp(STANZA *s) "0000000000000000000000000000000000000000000000000000000000000000" "0000000000000000000000000000000000000000000000000000000000000000" "0000000000000000000000000000000000000000000000000000000001"); - BN_mod_exp(d, a, b, c, ctx); - BN_mul(e, a, a, ctx); - if (!TEST_BN_eq(d, e)) + if (!TEST_true(BN_mod_exp(d, a, b, c, ctx)) + || !TEST_true(BN_mul(e, a, a, ctx)) + || !TEST_BN_eq(d, e)) goto err; st = 1; @@ -1456,7 +1600,7 @@ err: return st; } -static int test_bn2padded() +static int test_bn2padded(void) { #if HAVE_BN_PADDED uint8_t zeros[256], out[256], reference[128]; @@ -1517,7 +1661,7 @@ err: #endif } -static int test_dec2bn() +static int test_dec2bn(void) { BIGNUM *bn = NULL; int st = 0; @@ -1586,7 +1730,7 @@ err: return st; } -static int test_hex2bn() +static int test_hex2bn(void) { BIGNUM *bn = NULL; int st = 0; @@ -1652,7 +1796,7 @@ err: return st; } -static int test_asc2bn() +static int test_asc2bn(void) { BIGNUM *bn = NULL; int st = 0; @@ -1750,7 +1894,7 @@ err: return st; } -static int test_rand() +static int test_rand(void) { BIGNUM *bn = NULL; int st = 0; @@ -1776,7 +1920,7 @@ err: return st; } -static int test_negzero() +static int test_negzero(void) { BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL; BIGNUM *numerator = NULL, *denominator = NULL; @@ -1845,7 +1989,7 @@ err: return st; } -static int test_badmod() +static int test_badmod(void) { BIGNUM *a = NULL, *b = NULL, *zero = NULL; BN_MONT_CTX *mont = NULL; @@ -1911,7 +2055,7 @@ err: return st; } -static int test_expmodzero() +static int test_expmodzero(void) { BIGNUM *a = NULL, *r = NULL, *zero = NULL; int st = 0; @@ -1944,7 +2088,54 @@ err: return st; } -static int test_smallprime() +static int test_expmodone(void) +{ + int ret = 0, i; + BIGNUM *r = BN_new(); + BIGNUM *a = BN_new(); + BIGNUM *p = BN_new(); + BIGNUM *m = BN_new(); + + if (!TEST_ptr(r) + || !TEST_ptr(a) + || !TEST_ptr(p) + || !TEST_ptr(p) + || !TEST_ptr(m) + || !TEST_true(BN_set_word(a, 1)) + || !TEST_true(BN_set_word(p, 0)) + || !TEST_true(BN_set_word(m, 1))) + goto err; + + /* Calculate r = 1 ^ 0 mod 1, and check the result is always 0 */ + for (i = 0; i < 2; i++) { + if (!TEST_true(BN_mod_exp(r, a, p, m, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont(r, a, p, m, NULL, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont_consttime(r, a, p, m, NULL, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont_word(r, 1, p, m, NULL, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_simple(r, a, p, m, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_recp(r, a, p, m, NULL)) + || !TEST_BN_eq_zero(r)) + goto err; + /* Repeat for r = 1 ^ 0 mod -1 */ + if (i == 0) + BN_set_negative(m, 1); + } + + ret = 1; +err: + BN_free(r); + BN_free(a); + BN_free(p); + BN_free(m); + return ret; +} + +static int test_smallprime(void) { static const int kBits = 10; BIGNUM *r; @@ -1962,107 +2153,51 @@ err: return st; } -static int test_3_is_prime() +static int primes[] = { 2, 3, 5, 7, 17863 }; + +static int test_is_prime(int i) { int ret = 0; BIGNUM *r = NULL; + int trial; - /* - * For a long time, small primes were not considered prime when - * do_trial_division was set. - */ - if (!TEST_ptr(r = BN_new()) - || !TEST_true(BN_set_word(r, 3)) - || !TEST_int_eq(BN_is_prime_fasttest_ex(r, 3 /* nchecks */, ctx, - 0 /* do_trial_division */, NULL), 1) - || !TEST_int_eq(BN_is_prime_fasttest_ex(r, 3 /* nchecks */, ctx, - 1 /* do_trial_division */, NULL), 1)) + if (!TEST_ptr(r = BN_new())) goto err; - ret = 1; + for (trial = 0; trial <= 1; ++trial) { + if (!TEST_true(BN_set_word(r, primes[i])) + || !TEST_int_eq(BN_is_prime_fasttest_ex(r, 1, ctx, trial, NULL), + 1)) + goto err; + } + ret = 1; err: BN_free(r); return ret; } +static int not_primes[] = { -1, 0, 1, 4 }; -/* Delete leading and trailing spaces from a string */ -static char *strip_spaces(char *p) -{ - char *q; - - /* Skip over leading spaces */ - while (*p && isspace(*p)) - p++; - if (!*p) - return NULL; - - for (q = p + strlen(p) - 1; q != p && isspace(*q); ) - *q-- = '\0'; - return *p ? p : NULL; -} - -/* - * Read next test stanza; return 1 if found, 0 on EOF or error. - */ -static int readstanza(STANZA *s) +static int test_not_prime(int i) { - PAIR *pp = s->pairs; - char *p, *equals, *key, *value; - char buff[1024]; - - while (BIO_gets(fp, buff, sizeof(buff))) { - s->curr++; - if (!TEST_ptr(p = strchr(buff, '\n'))) { - TEST_info("Line %d too long", s->curr); - return 0; - } - *p = '\0'; - - /* Blank line marks end of tests. */ - if (buff[0] == '\0') - break; + int ret = 0; + BIGNUM *r = NULL; + int trial; - /* Lines starting with a pound sign are ignored. */ - if (buff[0] == '#') - continue; + if (!TEST_ptr(r = BN_new())) + goto err; - if (!TEST_ptr(equals = strchr(buff, '='))) { - TEST_info("Missing = at line %d\n", s->curr); - return 0; - } - *equals++ = '\0'; - if (s->numpairs == 0) - s->start = s->curr; - - if (!TEST_ptr(key = strip_spaces(buff)) - || !TEST_ptr(value = strip_spaces(equals)) - || !TEST_int_lt(s->numpairs++, MAXPAIRS) - || !TEST_ptr(pp->key = OPENSSL_strdup(key)) - || !TEST_ptr(pp->value = OPENSSL_strdup(value))) - return 0; - pp++; + for (trial = 0; trial <= 1; ++trial) { + if (!TEST_true(BN_set_word(r, not_primes[i])) + || !TEST_false(BN_is_prime_fasttest_ex(r, 1, ctx, trial, NULL))) + goto err; } - /* If we read anything, return ok. */ - return 1; -} - -static void clearstanza(STANZA *s) -{ - PAIR *pp = s->pairs; - int i = s->numpairs; - int start = s->start; - int curr = s->curr; - - for ( ; --i >= 0; pp++) { - OPENSSL_free(pp->key); - OPENSSL_free(pp->value); - } - memset(s, 0, sizeof(*s)); - s->curr = curr; - s->start = start; + ret = 1; +err: + BN_free(r); + return ret; } static int file_test_run(STANZA *s) @@ -2086,55 +2221,55 @@ static int file_test_run(STANZA *s) for ( ; --numtests >= 0; tp++) { if (findattr(s, tp->name) != NULL) { if (!tp->func(s)) { - TEST_info("Failed %s test at %d", tp->name, s->start); + TEST_info("%s:%d: Failed %s test", + s->test_file, s->start, tp->name); return 0; } return 1; } } - TEST_info("Unknown test at %d", s->start); + TEST_info("%s:%d: Unknown test", s->test_file, s->start); return 0; } -static char * const *testfiles; - static int run_file_tests(int i) { - STANZA s; - int errcnt = 0; + STANZA *s = NULL; + char *testfile = test_get_argument(i); + int c; - if (!TEST_ptr(fp = BIO_new_file(testfiles[i], "rb"))) + if (!TEST_ptr(s = OPENSSL_zalloc(sizeof(*s)))) + return 0; + if (!test_start_file(s, testfile)) { + OPENSSL_free(s); return 0; + } /* Read test file. */ - set_test_title(testfiles[i]); - memset(&s, 0, sizeof(s)); - while (!BIO_eof(fp) && readstanza(&s)) { - if (s.numpairs == 0) + while (!BIO_eof(s->fp) && test_readstanza(s)) { + if (s->numpairs == 0) continue; - if (!file_test_run(&s)) { - errcnt++; - } - clearstanza(&s); + if (!file_test_run(s)) + s->errors++; + s->numtests++; + test_clearstanza(s); } - BIO_free(fp); + test_end_file(s); + c = s->errors; + OPENSSL_free(s); - return errcnt == 0; + return c == 0; } -int test_main(int argc, char *argv[]) +int setup_tests(void) { - static const char rnd_seed[] = - "If not seeded, BN_generate_prime might fail"; - int result = EXIT_FAILURE; + int n = test_get_argument_count(); - - RAND_seed(rnd_seed, sizeof rnd_seed); if (!TEST_ptr(ctx = BN_CTX_new())) - goto end; + return 0; - if (argc < 2) { + if (n == 0) { ADD_TEST(test_sub); ADD_TEST(test_div_recip); ADD_TEST(test_mod); @@ -2149,7 +2284,9 @@ int test_main(int argc, char *argv[]) ADD_TEST(test_negzero); ADD_TEST(test_badmod); ADD_TEST(test_expmodzero); + ADD_TEST(test_expmodone); ADD_TEST(test_smallprime); + ADD_TEST(test_swap); #ifndef OPENSSL_NO_EC2M ADD_TEST(test_gf2m_add); ADD_TEST(test_gf2m_mod); @@ -2161,15 +2298,15 @@ int test_main(int argc, char *argv[]) ADD_TEST(test_gf2m_modsqrt); ADD_TEST(test_gf2m_modsolvequad); #endif - ADD_TEST(test_3_is_prime); + ADD_ALL_TESTS(test_is_prime, (int)OSSL_NELEM(primes)); + ADD_ALL_TESTS(test_not_prime, (int)OSSL_NELEM(not_primes)); } else { - testfiles = &argv[1]; - ADD_ALL_TESTS(run_file_tests, argc - 1); + ADD_ALL_TESTS(run_file_tests, n); } + return 1; +} - result = run_tests(argv[0]); - -end: +void cleanup_tests(void) +{ BN_CTX_free(ctx); - return result; }