summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn/bntest.c
diff options
context:
space:
mode:
authordjm <>2008-09-06 12:17:54 +0000
committerdjm <>2008-09-06 12:17:54 +0000
commit38ce604e3cc97706b876b0525ddff0121115456d (patch)
tree7ccc28afe1789ea3dbedf72365f955d5b8e105b5 /src/lib/libcrypto/bn/bntest.c
parent12867252827c8efaa8ddd1fa3b3d6e321e2bcdef (diff)
downloadopenbsd-38ce604e3cc97706b876b0525ddff0121115456d.tar.gz
openbsd-38ce604e3cc97706b876b0525ddff0121115456d.tar.bz2
openbsd-38ce604e3cc97706b876b0525ddff0121115456d.zip
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/bn/bntest.c')
-rw-r--r--src/lib/libcrypto/bn/bntest.c775
1 files changed, 748 insertions, 27 deletions
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c
index 792a75ff4f..cf190380f5 100644
--- a/src/lib/libcrypto/bn/bntest.c
+++ b/src/lib/libcrypto/bn/bntest.c
@@ -55,6 +55,25 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 *
61 * Portions of the attached software ("Contribution") are developed by
62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
63 *
64 * The Contribution is licensed pursuant to the Eric Young open source
65 * license provided above.
66 *
67 * The binary polynomial arithmetic software is originally written by
68 * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
69 *
70 */
71
72/* Until the key-gen callbacks are modified to use newer prototypes, we allow
73 * deprecated functions for openssl-internal code */
74#ifdef OPENSSL_NO_DEPRECATED
75#undef OPENSSL_NO_DEPRECATED
76#endif
58 77
59#include <stdio.h> 78#include <stdio.h>
60#include <stdlib.h> 79#include <stdlib.h>
@@ -79,6 +98,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_);
79int test_rshift1(BIO *bp); 98int test_rshift1(BIO *bp);
80int test_rshift(BIO *bp,BN_CTX *ctx); 99int test_rshift(BIO *bp,BN_CTX *ctx);
81int test_div(BIO *bp,BN_CTX *ctx); 100int test_div(BIO *bp,BN_CTX *ctx);
101int test_div_word(BIO *bp);
82int test_div_recp(BIO *bp,BN_CTX *ctx); 102int test_div_recp(BIO *bp,BN_CTX *ctx);
83int test_mul(BIO *bp); 103int test_mul(BIO *bp);
84int test_sqr(BIO *bp,BN_CTX *ctx); 104int test_sqr(BIO *bp,BN_CTX *ctx);
@@ -88,6 +108,15 @@ int test_mod_mul(BIO *bp,BN_CTX *ctx);
88int test_mod_exp(BIO *bp,BN_CTX *ctx); 108int test_mod_exp(BIO *bp,BN_CTX *ctx);
89int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); 109int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx);
90int test_exp(BIO *bp,BN_CTX *ctx); 110int test_exp(BIO *bp,BN_CTX *ctx);
111int test_gf2m_add(BIO *bp);
112int test_gf2m_mod(BIO *bp);
113int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx);
114int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx);
115int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx);
116int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx);
117int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx);
118int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx);
119int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx);
91int test_kron(BIO *bp,BN_CTX *ctx); 120int test_kron(BIO *bp,BN_CTX *ctx);
92int test_sqrt(BIO *bp,BN_CTX *ctx); 121int test_sqrt(BIO *bp,BN_CTX *ctx);
93int rand_neg(void); 122int rand_neg(void);
@@ -155,80 +184,120 @@ int main(int argc, char *argv[])
155 184
156 message(out,"BN_add"); 185 message(out,"BN_add");
157 if (!test_add(out)) goto err; 186 if (!test_add(out)) goto err;
158 BIO_flush(out); 187 (void)BIO_flush(out);
159 188
160 message(out,"BN_sub"); 189 message(out,"BN_sub");
161 if (!test_sub(out)) goto err; 190 if (!test_sub(out)) goto err;
162 BIO_flush(out); 191 (void)BIO_flush(out);
163 192
164 message(out,"BN_lshift1"); 193 message(out,"BN_lshift1");
165 if (!test_lshift1(out)) goto err; 194 if (!test_lshift1(out)) goto err;
166 BIO_flush(out); 195 (void)BIO_flush(out);
167 196
168 message(out,"BN_lshift (fixed)"); 197 message(out,"BN_lshift (fixed)");
169 if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) 198 if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))
170 goto err; 199 goto err;
171 BIO_flush(out); 200 (void)BIO_flush(out);
172 201
173 message(out,"BN_lshift"); 202 message(out,"BN_lshift");
174 if (!test_lshift(out,ctx,NULL)) goto err; 203 if (!test_lshift(out,ctx,NULL)) goto err;
175 BIO_flush(out); 204 (void)BIO_flush(out);
176 205
177 message(out,"BN_rshift1"); 206 message(out,"BN_rshift1");
178 if (!test_rshift1(out)) goto err; 207 if (!test_rshift1(out)) goto err;
179 BIO_flush(out); 208 (void)BIO_flush(out);
180 209
181 message(out,"BN_rshift"); 210 message(out,"BN_rshift");
182 if (!test_rshift(out,ctx)) goto err; 211 if (!test_rshift(out,ctx)) goto err;
183 BIO_flush(out); 212 (void)BIO_flush(out);
184 213
185 message(out,"BN_sqr"); 214 message(out,"BN_sqr");
186 if (!test_sqr(out,ctx)) goto err; 215 if (!test_sqr(out,ctx)) goto err;
187 BIO_flush(out); 216 (void)BIO_flush(out);
188 217
189 message(out,"BN_mul"); 218 message(out,"BN_mul");
190 if (!test_mul(out)) goto err; 219 if (!test_mul(out)) goto err;
191 BIO_flush(out); 220 (void)BIO_flush(out);
192 221
193 message(out,"BN_div"); 222 message(out,"BN_div");
194 if (!test_div(out,ctx)) goto err; 223 if (!test_div(out,ctx)) goto err;
195 BIO_flush(out); 224 (void)BIO_flush(out);
225
226 message(out,"BN_div_word");
227 if (!test_div_word(out)) goto err;
228 (void)BIO_flush(out);
196 229
197 message(out,"BN_div_recp"); 230 message(out,"BN_div_recp");
198 if (!test_div_recp(out,ctx)) goto err; 231 if (!test_div_recp(out,ctx)) goto err;
199 BIO_flush(out); 232 (void)BIO_flush(out);
200 233
201 message(out,"BN_mod"); 234 message(out,"BN_mod");
202 if (!test_mod(out,ctx)) goto err; 235 if (!test_mod(out,ctx)) goto err;
203 BIO_flush(out); 236 (void)BIO_flush(out);
204 237
205 message(out,"BN_mod_mul"); 238 message(out,"BN_mod_mul");
206 if (!test_mod_mul(out,ctx)) goto err; 239 if (!test_mod_mul(out,ctx)) goto err;
207 BIO_flush(out); 240 (void)BIO_flush(out);
208 241
209 message(out,"BN_mont"); 242 message(out,"BN_mont");
210 if (!test_mont(out,ctx)) goto err; 243 if (!test_mont(out,ctx)) goto err;
211 BIO_flush(out); 244 (void)BIO_flush(out);
212 245
213 message(out,"BN_mod_exp"); 246 message(out,"BN_mod_exp");
214 if (!test_mod_exp(out,ctx)) goto err; 247 if (!test_mod_exp(out,ctx)) goto err;
215 BIO_flush(out); 248 (void)BIO_flush(out);
216 249
217 message(out,"BN_mod_exp_mont_consttime"); 250 message(out,"BN_mod_exp_mont_consttime");
218 if (!test_mod_exp_mont_consttime(out,ctx)) goto err; 251 if (!test_mod_exp_mont_consttime(out,ctx)) goto err;
219 BIO_flush(out); 252 (void)BIO_flush(out);
220 253
221 message(out,"BN_exp"); 254 message(out,"BN_exp");
222 if (!test_exp(out,ctx)) goto err; 255 if (!test_exp(out,ctx)) goto err;
223 BIO_flush(out); 256 (void)BIO_flush(out);
224 257
225 message(out,"BN_kronecker"); 258 message(out,"BN_kronecker");
226 if (!test_kron(out,ctx)) goto err; 259 if (!test_kron(out,ctx)) goto err;
227 BIO_flush(out); 260 (void)BIO_flush(out);
228 261
229 message(out,"BN_mod_sqrt"); 262 message(out,"BN_mod_sqrt");
230 if (!test_sqrt(out,ctx)) goto err; 263 if (!test_sqrt(out,ctx)) goto err;
231 BIO_flush(out); 264 (void)BIO_flush(out);
265
266 message(out,"BN_GF2m_add");
267 if (!test_gf2m_add(out)) goto err;
268 (void)BIO_flush(out);
269
270 message(out,"BN_GF2m_mod");
271 if (!test_gf2m_mod(out)) goto err;
272 (void)BIO_flush(out);
273
274 message(out,"BN_GF2m_mod_mul");
275 if (!test_gf2m_mod_mul(out,ctx)) goto err;
276 (void)BIO_flush(out);
277
278 message(out,"BN_GF2m_mod_sqr");
279 if (!test_gf2m_mod_sqr(out,ctx)) goto err;
280 (void)BIO_flush(out);
281
282 message(out,"BN_GF2m_mod_inv");
283 if (!test_gf2m_mod_inv(out,ctx)) goto err;
284 (void)BIO_flush(out);
285
286 message(out,"BN_GF2m_mod_div");
287 if (!test_gf2m_mod_div(out,ctx)) goto err;
288 (void)BIO_flush(out);
289
290 message(out,"BN_GF2m_mod_exp");
291 if (!test_gf2m_mod_exp(out,ctx)) goto err;
292 (void)BIO_flush(out);
293
294 message(out,"BN_GF2m_mod_sqrt");
295 if (!test_gf2m_mod_sqrt(out,ctx)) goto err;
296 (void)BIO_flush(out);
297
298 message(out,"BN_GF2m_mod_solve_quad");
299 if (!test_gf2m_mod_solve_quad(out,ctx)) goto err;
300 (void)BIO_flush(out);
232 301
233 BN_CTX_free(ctx); 302 BN_CTX_free(ctx);
234 BIO_free(out); 303 BIO_free(out);
@@ -237,8 +306,8 @@ int main(int argc, char *argv[])
237 EXIT(0); 306 EXIT(0);
238err: 307err:
239 BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices 308 BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
240 * the failure, see test_bn in test/Makefile */ 309 * the failure, see test_bn in test/Makefile.ssl*/
241 BIO_flush(out); 310 (void)BIO_flush(out);
242 ERR_load_crypto_strings(); 311 ERR_load_crypto_strings();
243 ERR_print_errors_fp(stderr); 312 ERR_print_errors_fp(stderr);
244 EXIT(1); 313 EXIT(1);
@@ -404,6 +473,78 @@ int test_div(BIO *bp, BN_CTX *ctx)
404 return(1); 473 return(1);
405 } 474 }
406 475
476static void print_word(BIO *bp,BN_ULONG w)
477 {
478#ifdef SIXTY_FOUR_BIT
479 if (sizeof(w) > sizeof(unsigned long))
480 {
481 unsigned long h=(unsigned long)(w>>32),
482 l=(unsigned long)(w);
483
484 if (h) BIO_printf(bp,"%lX%08lX",h,l);
485 else BIO_printf(bp,"%lX",l);
486 return;
487 }
488#endif
489 BIO_printf(bp,"%lX",w);
490 }
491
492int test_div_word(BIO *bp)
493 {
494 BIGNUM a,b;
495 BN_ULONG r,s;
496 int i;
497
498 BN_init(&a);
499 BN_init(&b);
500
501 for (i=0; i<num0; i++)
502 {
503 do {
504 BN_bntest_rand(&a,512,-1,0);
505 BN_bntest_rand(&b,BN_BITS2,-1,0);
506 s = b.d[0];
507 } while (!s);
508
509 BN_copy(&b, &a);
510 r = BN_div_word(&b, s);
511
512 if (bp != NULL)
513 {
514 if (!results)
515 {
516 BN_print(bp,&a);
517 BIO_puts(bp," / ");
518 print_word(bp,s);
519 BIO_puts(bp," - ");
520 }
521 BN_print(bp,&b);
522 BIO_puts(bp,"\n");
523
524 if (!results)
525 {
526 BN_print(bp,&a);
527 BIO_puts(bp," % ");
528 print_word(bp,s);
529 BIO_puts(bp," - ");
530 }
531 print_word(bp,r);
532 BIO_puts(bp,"\n");
533 }
534 BN_mul_word(&b,s);
535 BN_add_word(&b,r);
536 BN_sub(&b,&a,&b);
537 if(!BN_is_zero(&b))
538 {
539 fprintf(stderr,"Division (word) test failed!\n");
540 return 0;
541 }
542 }
543 BN_free(&a);
544 BN_free(&b);
545 return(1);
546 }
547
407int test_div_recp(BIO *bp, BN_CTX *ctx) 548int test_div_recp(BIO *bp, BN_CTX *ctx)
408 { 549 {
409 BIGNUM a,b,c,d,e; 550 BIGNUM a,b,c,d,e;
@@ -919,7 +1060,582 @@ int test_exp(BIO *bp, BN_CTX *ctx)
919 return(1); 1060 return(1);
920 } 1061 }
921 1062
922static void genprime_cb(int p, int n, void *arg) 1063int test_gf2m_add(BIO *bp)
1064 {
1065 BIGNUM a,b,c;
1066 int i, ret = 0;
1067
1068 BN_init(&a);
1069 BN_init(&b);
1070 BN_init(&c);
1071
1072 for (i=0; i<num0; i++)
1073 {
1074 BN_rand(&a,512,0,0);
1075 BN_copy(&b, BN_value_one());
1076 a.neg=rand_neg();
1077 b.neg=rand_neg();
1078 BN_GF2m_add(&c,&a,&b);
1079#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1080 if (bp != NULL)
1081 {
1082 if (!results)
1083 {
1084 BN_print(bp,&a);
1085 BIO_puts(bp," ^ ");
1086 BN_print(bp,&b);
1087 BIO_puts(bp," = ");
1088 }
1089 BN_print(bp,&c);
1090 BIO_puts(bp,"\n");
1091 }
1092#endif
1093 /* Test that two added values have the correct parity. */
1094 if((BN_is_odd(&a) && BN_is_odd(&c)) || (!BN_is_odd(&a) && !BN_is_odd(&c)))
1095 {
1096 fprintf(stderr,"GF(2^m) addition test (a) failed!\n");
1097 goto err;
1098 }
1099 BN_GF2m_add(&c,&c,&c);
1100 /* Test that c + c = 0. */
1101 if(!BN_is_zero(&c))
1102 {
1103 fprintf(stderr,"GF(2^m) addition test (b) failed!\n");
1104 goto err;
1105 }
1106 }
1107 ret = 1;
1108 err:
1109 BN_free(&a);
1110 BN_free(&b);
1111 BN_free(&c);
1112 return ret;
1113 }
1114
1115int test_gf2m_mod(BIO *bp)
1116 {
1117 BIGNUM *a,*b[2],*c,*d,*e;
1118 int i, j, ret = 0;
1119 unsigned int p0[] = {163,7,6,3,0};
1120 unsigned int p1[] = {193,15,0};
1121
1122 a=BN_new();
1123 b[0]=BN_new();
1124 b[1]=BN_new();
1125 c=BN_new();
1126 d=BN_new();
1127 e=BN_new();
1128
1129 BN_GF2m_arr2poly(p0, b[0]);
1130 BN_GF2m_arr2poly(p1, b[1]);
1131
1132 for (i=0; i<num0; i++)
1133 {
1134 BN_bntest_rand(a, 1024, 0, 0);
1135 for (j=0; j < 2; j++)
1136 {
1137 BN_GF2m_mod(c, a, b[j]);
1138#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1139 if (bp != NULL)
1140 {
1141 if (!results)
1142 {
1143 BN_print(bp,a);
1144 BIO_puts(bp," % ");
1145 BN_print(bp,b[j]);
1146 BIO_puts(bp," - ");
1147 BN_print(bp,c);
1148 BIO_puts(bp,"\n");
1149 }
1150 }
1151#endif
1152 BN_GF2m_add(d, a, c);
1153 BN_GF2m_mod(e, d, b[j]);
1154 /* Test that a + (a mod p) mod p == 0. */
1155 if(!BN_is_zero(e))
1156 {
1157 fprintf(stderr,"GF(2^m) modulo test failed!\n");
1158 goto err;
1159 }
1160 }
1161 }
1162 ret = 1;
1163 err:
1164 BN_free(a);
1165 BN_free(b[0]);
1166 BN_free(b[1]);
1167 BN_free(c);
1168 BN_free(d);
1169 BN_free(e);
1170 return ret;
1171 }
1172
1173int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx)
1174 {
1175 BIGNUM *a,*b[2],*c,*d,*e,*f,*g,*h;
1176 int i, j, ret = 0;
1177 unsigned int p0[] = {163,7,6,3,0};
1178 unsigned int p1[] = {193,15,0};
1179
1180 a=BN_new();
1181 b[0]=BN_new();
1182 b[1]=BN_new();
1183 c=BN_new();
1184 d=BN_new();
1185 e=BN_new();
1186 f=BN_new();
1187 g=BN_new();
1188 h=BN_new();
1189
1190 BN_GF2m_arr2poly(p0, b[0]);
1191 BN_GF2m_arr2poly(p1, b[1]);
1192
1193 for (i=0; i<num0; i++)
1194 {
1195 BN_bntest_rand(a, 1024, 0, 0);
1196 BN_bntest_rand(c, 1024, 0, 0);
1197 BN_bntest_rand(d, 1024, 0, 0);
1198 for (j=0; j < 2; j++)
1199 {
1200 BN_GF2m_mod_mul(e, a, c, b[j], ctx);
1201#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1202 if (bp != NULL)
1203 {
1204 if (!results)
1205 {
1206 BN_print(bp,a);
1207 BIO_puts(bp," * ");
1208 BN_print(bp,c);
1209 BIO_puts(bp," % ");
1210 BN_print(bp,b[j]);
1211 BIO_puts(bp," - ");
1212 BN_print(bp,e);
1213 BIO_puts(bp,"\n");
1214 }
1215 }
1216#endif
1217 BN_GF2m_add(f, a, d);
1218 BN_GF2m_mod_mul(g, f, c, b[j], ctx);
1219 BN_GF2m_mod_mul(h, d, c, b[j], ctx);
1220 BN_GF2m_add(f, e, g);
1221 BN_GF2m_add(f, f, h);
1222 /* Test that (a+d)*c = a*c + d*c. */
1223 if(!BN_is_zero(f))
1224 {
1225 fprintf(stderr,"GF(2^m) modular multiplication test failed!\n");
1226 goto err;
1227 }
1228 }
1229 }
1230 ret = 1;
1231 err:
1232 BN_free(a);
1233 BN_free(b[0]);
1234 BN_free(b[1]);
1235 BN_free(c);
1236 BN_free(d);
1237 BN_free(e);
1238 BN_free(f);
1239 BN_free(g);
1240 BN_free(h);
1241 return ret;
1242 }
1243
1244int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx)
1245 {
1246 BIGNUM *a,*b[2],*c,*d;
1247 int i, j, ret = 0;
1248 unsigned int p0[] = {163,7,6,3,0};
1249 unsigned int p1[] = {193,15,0};
1250
1251 a=BN_new();
1252 b[0]=BN_new();
1253 b[1]=BN_new();
1254 c=BN_new();
1255 d=BN_new();
1256
1257 BN_GF2m_arr2poly(p0, b[0]);
1258 BN_GF2m_arr2poly(p1, b[1]);
1259
1260 for (i=0; i<num0; i++)
1261 {
1262 BN_bntest_rand(a, 1024, 0, 0);
1263 for (j=0; j < 2; j++)
1264 {
1265 BN_GF2m_mod_sqr(c, a, b[j], ctx);
1266 BN_copy(d, a);
1267 BN_GF2m_mod_mul(d, a, d, b[j], ctx);
1268#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1269 if (bp != NULL)
1270 {
1271 if (!results)
1272 {
1273 BN_print(bp,a);
1274 BIO_puts(bp," ^ 2 % ");
1275 BN_print(bp,b[j]);
1276 BIO_puts(bp, " = ");
1277 BN_print(bp,c);
1278 BIO_puts(bp,"; a * a = ");
1279 BN_print(bp,d);
1280 BIO_puts(bp,"\n");
1281 }
1282 }
1283#endif
1284 BN_GF2m_add(d, c, d);
1285 /* Test that a*a = a^2. */
1286 if(!BN_is_zero(d))
1287 {
1288 fprintf(stderr,"GF(2^m) modular squaring test failed!\n");
1289 goto err;
1290 }
1291 }
1292 }
1293 ret = 1;
1294 err:
1295 BN_free(a);
1296 BN_free(b[0]);
1297 BN_free(b[1]);
1298 BN_free(c);
1299 BN_free(d);
1300 return ret;
1301 }
1302
1303int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx)
1304 {
1305 BIGNUM *a,*b[2],*c,*d;
1306 int i, j, ret = 0;
1307 unsigned int p0[] = {163,7,6,3,0};
1308 unsigned int p1[] = {193,15,0};
1309
1310 a=BN_new();
1311 b[0]=BN_new();
1312 b[1]=BN_new();
1313 c=BN_new();
1314 d=BN_new();
1315
1316 BN_GF2m_arr2poly(p0, b[0]);
1317 BN_GF2m_arr2poly(p1, b[1]);
1318
1319 for (i=0; i<num0; i++)
1320 {
1321 BN_bntest_rand(a, 512, 0, 0);
1322 for (j=0; j < 2; j++)
1323 {
1324 BN_GF2m_mod_inv(c, a, b[j], ctx);
1325 BN_GF2m_mod_mul(d, a, c, b[j], ctx);
1326#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1327 if (bp != NULL)
1328 {
1329 if (!results)
1330 {
1331 BN_print(bp,a);
1332 BIO_puts(bp, " * ");
1333 BN_print(bp,c);
1334 BIO_puts(bp," - 1 % ");
1335 BN_print(bp,b[j]);
1336 BIO_puts(bp,"\n");
1337 }
1338 }
1339#endif
1340 /* Test that ((1/a)*a) = 1. */
1341 if(!BN_is_one(d))
1342 {
1343 fprintf(stderr,"GF(2^m) modular inversion test failed!\n");
1344 goto err;
1345 }
1346 }
1347 }
1348 ret = 1;
1349 err:
1350 BN_free(a);
1351 BN_free(b[0]);
1352 BN_free(b[1]);
1353 BN_free(c);
1354 BN_free(d);
1355 return ret;
1356 }
1357
1358int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx)
1359 {
1360 BIGNUM *a,*b[2],*c,*d,*e,*f;
1361 int i, j, ret = 0;
1362 unsigned int p0[] = {163,7,6,3,0};
1363 unsigned int p1[] = {193,15,0};
1364
1365 a=BN_new();
1366 b[0]=BN_new();
1367 b[1]=BN_new();
1368 c=BN_new();
1369 d=BN_new();
1370 e=BN_new();
1371 f=BN_new();
1372
1373 BN_GF2m_arr2poly(p0, b[0]);
1374 BN_GF2m_arr2poly(p1, b[1]);
1375
1376 for (i=0; i<num0; i++)
1377 {
1378 BN_bntest_rand(a, 512, 0, 0);
1379 BN_bntest_rand(c, 512, 0, 0);
1380 for (j=0; j < 2; j++)
1381 {
1382 BN_GF2m_mod_div(d, a, c, b[j], ctx);
1383 BN_GF2m_mod_mul(e, d, c, b[j], ctx);
1384 BN_GF2m_mod_div(f, a, e, b[j], ctx);
1385#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1386 if (bp != NULL)
1387 {
1388 if (!results)
1389 {
1390 BN_print(bp,a);
1391 BIO_puts(bp, " = ");
1392 BN_print(bp,c);
1393 BIO_puts(bp," * ");
1394 BN_print(bp,d);
1395 BIO_puts(bp, " % ");
1396 BN_print(bp,b[j]);
1397 BIO_puts(bp,"\n");
1398 }
1399 }
1400#endif
1401 /* Test that ((a/c)*c)/a = 1. */
1402 if(!BN_is_one(f))
1403 {
1404 fprintf(stderr,"GF(2^m) modular division test failed!\n");
1405 goto err;
1406 }
1407 }
1408 }
1409 ret = 1;
1410 err:
1411 BN_free(a);
1412 BN_free(b[0]);
1413 BN_free(b[1]);
1414 BN_free(c);
1415 BN_free(d);
1416 BN_free(e);
1417 BN_free(f);
1418 return ret;
1419 }
1420
1421int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx)
1422 {
1423 BIGNUM *a,*b[2],*c,*d,*e,*f;
1424 int i, j, ret = 0;
1425 unsigned int p0[] = {163,7,6,3,0};
1426 unsigned int p1[] = {193,15,0};
1427
1428 a=BN_new();
1429 b[0]=BN_new();
1430 b[1]=BN_new();
1431 c=BN_new();
1432 d=BN_new();
1433 e=BN_new();
1434 f=BN_new();
1435
1436 BN_GF2m_arr2poly(p0, b[0]);
1437 BN_GF2m_arr2poly(p1, b[1]);
1438
1439 for (i=0; i<num0; i++)
1440 {
1441 BN_bntest_rand(a, 512, 0, 0);
1442 BN_bntest_rand(c, 512, 0, 0);
1443 BN_bntest_rand(d, 512, 0, 0);
1444 for (j=0; j < 2; j++)
1445 {
1446 BN_GF2m_mod_exp(e, a, c, b[j], ctx);
1447 BN_GF2m_mod_exp(f, a, d, b[j], ctx);
1448 BN_GF2m_mod_mul(e, e, f, b[j], ctx);
1449 BN_add(f, c, d);
1450 BN_GF2m_mod_exp(f, a, f, b[j], ctx);
1451#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1452 if (bp != NULL)
1453 {
1454 if (!results)
1455 {
1456 BN_print(bp,a);
1457 BIO_puts(bp, " ^ (");
1458 BN_print(bp,c);
1459 BIO_puts(bp," + ");
1460 BN_print(bp,d);
1461 BIO_puts(bp, ") = ");
1462 BN_print(bp,e);
1463 BIO_puts(bp, "; - ");
1464 BN_print(bp,f);
1465 BIO_puts(bp, " % ");
1466 BN_print(bp,b[j]);
1467 BIO_puts(bp,"\n");
1468 }
1469 }
1470#endif
1471 BN_GF2m_add(f, e, f);
1472 /* Test that a^(c+d)=a^c*a^d. */
1473 if(!BN_is_zero(f))
1474 {
1475 fprintf(stderr,"GF(2^m) modular exponentiation test failed!\n");
1476 goto err;
1477 }
1478 }
1479 }
1480 ret = 1;
1481 err:
1482 BN_free(a);
1483 BN_free(b[0]);
1484 BN_free(b[1]);
1485 BN_free(c);
1486 BN_free(d);
1487 BN_free(e);
1488 BN_free(f);
1489 return ret;
1490 }
1491
1492int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx)
1493 {
1494 BIGNUM *a,*b[2],*c,*d,*e,*f;
1495 int i, j, ret = 0;
1496 unsigned int p0[] = {163,7,6,3,0};
1497 unsigned int p1[] = {193,15,0};
1498
1499 a=BN_new();
1500 b[0]=BN_new();
1501 b[1]=BN_new();
1502 c=BN_new();
1503 d=BN_new();
1504 e=BN_new();
1505 f=BN_new();
1506
1507 BN_GF2m_arr2poly(p0, b[0]);
1508 BN_GF2m_arr2poly(p1, b[1]);
1509
1510 for (i=0; i<num0; i++)
1511 {
1512 BN_bntest_rand(a, 512, 0, 0);
1513 for (j=0; j < 2; j++)
1514 {
1515 BN_GF2m_mod(c, a, b[j]);
1516 BN_GF2m_mod_sqrt(d, a, b[j], ctx);
1517 BN_GF2m_mod_sqr(e, d, b[j], ctx);
1518#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1519 if (bp != NULL)
1520 {
1521 if (!results)
1522 {
1523 BN_print(bp,d);
1524 BIO_puts(bp, " ^ 2 - ");
1525 BN_print(bp,a);
1526 BIO_puts(bp,"\n");
1527 }
1528 }
1529#endif
1530 BN_GF2m_add(f, c, e);
1531 /* Test that d^2 = a, where d = sqrt(a). */
1532 if(!BN_is_zero(f))
1533 {
1534 fprintf(stderr,"GF(2^m) modular square root test failed!\n");
1535 goto err;
1536 }
1537 }
1538 }
1539 ret = 1;
1540 err:
1541 BN_free(a);
1542 BN_free(b[0]);
1543 BN_free(b[1]);
1544 BN_free(c);
1545 BN_free(d);
1546 BN_free(e);
1547 BN_free(f);
1548 return ret;
1549 }
1550
1551int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx)
1552 {
1553 BIGNUM *a,*b[2],*c,*d,*e;
1554 int i, j, s = 0, t, ret = 0;
1555 unsigned int p0[] = {163,7,6,3,0};
1556 unsigned int p1[] = {193,15,0};
1557
1558 a=BN_new();
1559 b[0]=BN_new();
1560 b[1]=BN_new();
1561 c=BN_new();
1562 d=BN_new();
1563 e=BN_new();
1564
1565 BN_GF2m_arr2poly(p0, b[0]);
1566 BN_GF2m_arr2poly(p1, b[1]);
1567
1568 for (i=0; i<num0; i++)
1569 {
1570 BN_bntest_rand(a, 512, 0, 0);
1571 for (j=0; j < 2; j++)
1572 {
1573 t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
1574 if (t)
1575 {
1576 s++;
1577 BN_GF2m_mod_sqr(d, c, b[j], ctx);
1578 BN_GF2m_add(d, c, d);
1579 BN_GF2m_mod(e, a, b[j]);
1580#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1581 if (bp != NULL)
1582 {
1583 if (!results)
1584 {
1585 BN_print(bp,c);
1586 BIO_puts(bp, " is root of z^2 + z = ");
1587 BN_print(bp,a);
1588 BIO_puts(bp, " % ");
1589 BN_print(bp,b[j]);
1590 BIO_puts(bp, "\n");
1591 }
1592 }
1593#endif
1594 BN_GF2m_add(e, e, d);
1595 /* Test that solution of quadratic c satisfies c^2 + c = a. */
1596 if(!BN_is_zero(e))
1597 {
1598 fprintf(stderr,"GF(2^m) modular solve quadratic test failed!\n");
1599 goto err;
1600 }
1601
1602 }
1603 else
1604 {
1605#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1606 if (bp != NULL)
1607 {
1608 if (!results)
1609 {
1610 BIO_puts(bp, "There are no roots of z^2 + z = ");
1611 BN_print(bp,a);
1612 BIO_puts(bp, " % ");
1613 BN_print(bp,b[j]);
1614 BIO_puts(bp, "\n");
1615 }
1616 }
1617#endif
1618 }
1619 }
1620 }
1621 if (s == 0)
1622 {
1623 fprintf(stderr,"All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n", num0);
1624 fprintf(stderr,"this is very unlikely and probably indicates an error.\n");
1625 goto err;
1626 }
1627 ret = 1;
1628 err:
1629 BN_free(a);
1630 BN_free(b[0]);
1631 BN_free(b[1]);
1632 BN_free(c);
1633 BN_free(d);
1634 BN_free(e);
1635 return ret;
1636 }
1637
1638static int genprime_cb(int p, int n, BN_GENCB *arg)
923 { 1639 {
924 char c='*'; 1640 char c='*';
925 1641
@@ -929,12 +1645,12 @@ static void genprime_cb(int p, int n, void *arg)
929 if (p == 3) c='\n'; 1645 if (p == 3) c='\n';
930 putc(c, stderr); 1646 putc(c, stderr);
931 fflush(stderr); 1647 fflush(stderr);
932 (void)n; 1648 return 1;
933 (void)arg;
934 } 1649 }
935 1650
936int test_kron(BIO *bp, BN_CTX *ctx) 1651int test_kron(BIO *bp, BN_CTX *ctx)
937 { 1652 {
1653 BN_GENCB cb;
938 BIGNUM *a,*b,*r,*t; 1654 BIGNUM *a,*b,*r,*t;
939 int i; 1655 int i;
940 int legendre, kronecker; 1656 int legendre, kronecker;
@@ -945,6 +1661,8 @@ int test_kron(BIO *bp, BN_CTX *ctx)
945 r = BN_new(); 1661 r = BN_new();
946 t = BN_new(); 1662 t = BN_new();
947 if (a == NULL || b == NULL || r == NULL || t == NULL) goto err; 1663 if (a == NULL || b == NULL || r == NULL || t == NULL) goto err;
1664
1665 BN_GENCB_set(&cb, genprime_cb, NULL);
948 1666
949 /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). 1667 /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol).
950 * In this case we know that if b is prime, then BN_kronecker(a, b, ctx) 1668 * In this case we know that if b is prime, then BN_kronecker(a, b, ctx)
@@ -955,7 +1673,7 @@ int test_kron(BIO *bp, BN_CTX *ctx)
955 * don't want to test whether b is prime but whether BN_kronecker 1673 * don't want to test whether b is prime but whether BN_kronecker
956 * works.) */ 1674 * works.) */
957 1675
958 if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err; 1676 if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb)) goto err;
959 b->neg = rand_neg(); 1677 b->neg = rand_neg();
960 putc('\n', stderr); 1678 putc('\n', stderr);
961 1679
@@ -1023,6 +1741,7 @@ int test_kron(BIO *bp, BN_CTX *ctx)
1023 1741
1024int test_sqrt(BIO *bp, BN_CTX *ctx) 1742int test_sqrt(BIO *bp, BN_CTX *ctx)
1025 { 1743 {
1744 BN_GENCB cb;
1026 BIGNUM *a,*p,*r; 1745 BIGNUM *a,*p,*r;
1027 int i, j; 1746 int i, j;
1028 int ret = 0; 1747 int ret = 0;
@@ -1031,7 +1750,9 @@ int test_sqrt(BIO *bp, BN_CTX *ctx)
1031 p = BN_new(); 1750 p = BN_new();
1032 r = BN_new(); 1751 r = BN_new();
1033 if (a == NULL || p == NULL || r == NULL) goto err; 1752 if (a == NULL || p == NULL || r == NULL) goto err;
1034 1753
1754 BN_GENCB_set(&cb, genprime_cb, NULL);
1755
1035 for (i = 0; i < 16; i++) 1756 for (i = 0; i < 16; i++)
1036 { 1757 {
1037 if (i < 8) 1758 if (i < 8)
@@ -1045,7 +1766,7 @@ int test_sqrt(BIO *bp, BN_CTX *ctx)
1045 if (!BN_set_word(a, 32)) goto err; 1766 if (!BN_set_word(a, 32)) goto err;
1046 if (!BN_set_word(r, 2*i + 1)) goto err; 1767 if (!BN_set_word(r, 2*i + 1)) goto err;
1047 1768
1048 if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; 1769 if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err;
1049 putc('\n', stderr); 1770 putc('\n', stderr);
1050 } 1771 }
1051 p->neg = rand_neg(); 1772 p->neg = rand_neg();
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 21:48:09 +0000