summaryrefslogtreecommitdiff
path: root/src/regress
diff options
context:
space:
mode:
authorinoguchi <>2017-02-23 14:14:37 +0000
committerinoguchi <>2017-02-23 14:14:37 +0000
commit113f337f839a990f2dcfed14e4cf6d27f44e4406 (patch)
tree32092fc99ffd955e9362e94cfb7c37caf545665e /src/regress
parentbbf39c51547681478cc1780b967a50a231e69774 (diff)
downloadopenbsd-113f337f839a990f2dcfed14e4cf6d27f44e4406.tar.gz
openbsd-113f337f839a990f2dcfed14e4cf6d27f44e4406.tar.bz2
openbsd-113f337f839a990f2dcfed14e4cf6d27f44e4406.zip
Check return value of every BN_* functions in bntest
- add macro CHECK_GOTO - unify function return code to rc - add err: label for error goto ok bcook@
Diffstat (limited to 'src/regress')
-rw-r--r--src/regress/lib/libcrypto/bn/general/bntest.c819
1 files changed, 426 insertions, 393 deletions
diff --git a/src/regress/lib/libcrypto/bn/general/bntest.c b/src/regress/lib/libcrypto/bn/general/bntest.c
index 89186dd582..5faa653022 100644
--- a/src/regress/lib/libcrypto/bn/general/bntest.c
+++ b/src/regress/lib/libcrypto/bn/general/bntest.c
@@ -136,6 +136,17 @@ static unsigned char lst[] =
136 "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" 136 "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9"
137 "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; 137 "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0";
138 138
139#define PRINT_ERROR printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
140 __LINE__)
141
142#define CHECK_GOTO(a) do { \
143 if (!(a)) { \
144 PRINT_ERROR; \
145 rc = 0; \
146 goto err; \
147 } \
148} while (0)
149
139static void 150static void
140message(BIO *out, char *m) 151message(BIO *out, char *m)
141{ 152{
@@ -369,32 +380,33 @@ test_add(BIO *bp)
369 BN_init(&b); 380 BN_init(&b);
370 BN_init(&c); 381 BN_init(&c);
371 382
372 BN_bntest_rand(&a, 512, 0, 0); 383 CHECK_GOTO(BN_bntest_rand(&a, 512, 0, 0));
373 for (i = 0; i < num0; i++) { 384 for (i = 0; i < num0; i++) {
374 BN_bntest_rand(&b, 450 + i, 0, 0); 385 CHECK_GOTO(BN_bntest_rand(&b, 450 + i, 0, 0));
375 a.neg = rand_neg(); 386 a.neg = rand_neg();
376 b.neg = rand_neg(); 387 b.neg = rand_neg();
377 BN_add(&c, &a, &b); 388 CHECK_GOTO(BN_add(&c, &a, &b));
378 if (bp != NULL) { 389 if (bp != NULL) {
379 if (!results) { 390 if (!results) {
380 BN_print(bp, &a); 391 CHECK_GOTO(BN_print(bp, &a));
381 BIO_puts(bp, " + "); 392 BIO_puts(bp, " + ");
382 BN_print(bp, &b); 393 CHECK_GOTO(BN_print(bp, &b));
383 BIO_puts(bp, " - "); 394 BIO_puts(bp, " - ");
384 } 395 }
385 BN_print(bp, &c); 396 CHECK_GOTO(BN_print(bp, &c));
386 BIO_puts(bp, "\n"); 397 BIO_puts(bp, "\n");
387 } 398 }
388 a.neg = !a.neg; 399 a.neg = !a.neg;
389 b.neg = !b.neg; 400 b.neg = !b.neg;
390 BN_add(&c, &c, &b); 401 CHECK_GOTO(BN_add(&c, &c, &b));
391 BN_add(&c, &c, &a); 402 CHECK_GOTO(BN_add(&c, &c, &a));
392 if (!BN_is_zero(&c)) { 403 if (!BN_is_zero(&c)) {
393 fprintf(stderr, "Add test failed!\n"); 404 fprintf(stderr, "Add test failed!\n");
394 rc = 0; 405 rc = 0;
395 break; 406 break;
396 } 407 }
397 } 408 }
409err:
398 BN_free(&a); 410 BN_free(&a);
399 BN_free(&b); 411 BN_free(&b);
400 BN_free(&c); 412 BN_free(&c);
@@ -414,37 +426,38 @@ test_sub(BIO *bp)
414 426
415 for (i = 0; i < num0 + num1; i++) { 427 for (i = 0; i < num0 + num1; i++) {
416 if (i < num1) { 428 if (i < num1) {
417 BN_bntest_rand(&a, 512, 0, 0); 429 CHECK_GOTO(BN_bntest_rand(&a, 512, 0, 0));
418 BN_copy(&b, &a); 430 CHECK_GOTO(BN_copy(&b, &a));
419 if (BN_set_bit(&a, i) == 0) { 431 if (BN_set_bit(&a, i) == 0) {
420 rc = 0; 432 rc = 0;
421 break; 433 break;
422 } 434 }
423 BN_add_word(&b, i); 435 CHECK_GOTO(BN_add_word(&b, i));
424 } else { 436 } else {
425 BN_bntest_rand(&b, 400 + i - num1, 0, 0); 437 CHECK_GOTO(BN_bntest_rand(&b, 400 + i - num1, 0, 0));
426 a.neg = rand_neg(); 438 a.neg = rand_neg();
427 b.neg = rand_neg(); 439 b.neg = rand_neg();
428 } 440 }
429 BN_sub(&c, &a, &b); 441 CHECK_GOTO(BN_sub(&c, &a, &b));
430 if (bp != NULL) { 442 if (bp != NULL) {
431 if (!results) { 443 if (!results) {
432 BN_print(bp, &a); 444 CHECK_GOTO(BN_print(bp, &a));
433 BIO_puts(bp, " - "); 445 BIO_puts(bp, " - ");
434 BN_print(bp, &b); 446 CHECK_GOTO(BN_print(bp, &b));
435 BIO_puts(bp, " - "); 447 BIO_puts(bp, " - ");
436 } 448 }
437 BN_print(bp, &c); 449 CHECK_GOTO(BN_print(bp, &c));
438 BIO_puts(bp, "\n"); 450 BIO_puts(bp, "\n");
439 } 451 }
440 BN_add(&c, &c, &b); 452 CHECK_GOTO(BN_add(&c, &c, &b));
441 BN_sub(&c, &c, &a); 453 CHECK_GOTO(BN_sub(&c, &c, &a));
442 if (!BN_is_zero(&c)) { 454 if (!BN_is_zero(&c)) {
443 fprintf(stderr, "Subtract test failed!\n"); 455 fprintf(stderr, "Subtract test failed!\n");
444 rc = 0; 456 rc = 0;
445 break; 457 break;
446 } 458 }
447 } 459 }
460err:
448 BN_free(&a); 461 BN_free(&a);
449 BN_free(&b); 462 BN_free(&b);
450 BN_free(&c); 463 BN_free(&c);
@@ -464,8 +477,8 @@ test_div(BIO *bp, BN_CTX *ctx)
464 BN_init(&d); 477 BN_init(&d);
465 BN_init(&e); 478 BN_init(&e);
466 479
467 BN_one(&a); 480 CHECK_GOTO(BN_one(&a));
468 BN_zero(&b); 481 CHECK_GOTO(BN_zero(&b));
469 482
470 if (BN_div(&d, &c, &a, &b, ctx)) { 483 if (BN_div(&d, &c, &a, &b, ctx)) {
471 fprintf(stderr, "Division by zero succeeded!\n"); 484 fprintf(stderr, "Division by zero succeeded!\n");
@@ -474,43 +487,44 @@ test_div(BIO *bp, BN_CTX *ctx)
474 487
475 for (i = 0; i < num0 + num1; i++) { 488 for (i = 0; i < num0 + num1; i++) {
476 if (i < num1) { 489 if (i < num1) {
477 BN_bntest_rand(&a, 400, 0, 0); 490 CHECK_GOTO(BN_bntest_rand(&a, 400, 0, 0));
478 BN_copy(&b, &a); 491 CHECK_GOTO(BN_copy(&b, &a));
479 BN_lshift(&a, &a, i); 492 CHECK_GOTO(BN_lshift(&a, &a, i));
480 BN_add_word(&a, i); 493 CHECK_GOTO(BN_add_word(&a, i));
481 } else 494 } else
482 BN_bntest_rand(&b, 50 + 3 * (i - num1), 0, 0); 495 CHECK_GOTO(BN_bntest_rand(&b, 50 + 3 * (i - num1), 0, 0));
483 a.neg = rand_neg(); 496 a.neg = rand_neg();
484 b.neg = rand_neg(); 497 b.neg = rand_neg();
485 BN_div(&d, &c, &a, &b, ctx); 498 CHECK_GOTO(BN_div(&d, &c, &a, &b, ctx));
486 if (bp != NULL) { 499 if (bp != NULL) {
487 if (!results) { 500 if (!results) {
488 BN_print(bp, &a); 501 CHECK_GOTO(BN_print(bp, &a));
489 BIO_puts(bp, " / "); 502 BIO_puts(bp, " / ");
490 BN_print(bp, &b); 503 CHECK_GOTO(BN_print(bp, &b));
491 BIO_puts(bp, " - "); 504 BIO_puts(bp, " - ");
492 } 505 }
493 BN_print(bp, &d); 506 CHECK_GOTO(BN_print(bp, &d));
494 BIO_puts(bp, "\n"); 507 BIO_puts(bp, "\n");
495 508
496 if (!results) { 509 if (!results) {
497 BN_print(bp, &a); 510 CHECK_GOTO(BN_print(bp, &a));
498 BIO_puts(bp, " % "); 511 BIO_puts(bp, " % ");
499 BN_print(bp, &b); 512 CHECK_GOTO(BN_print(bp, &b));
500 BIO_puts(bp, " - "); 513 BIO_puts(bp, " - ");
501 } 514 }
502 BN_print(bp, &c); 515 CHECK_GOTO(BN_print(bp, &c));
503 BIO_puts(bp, "\n"); 516 BIO_puts(bp, "\n");
504 } 517 }
505 BN_mul(&e, &d, &b, ctx); 518 CHECK_GOTO(BN_mul(&e, &d, &b, ctx));
506 BN_add(&d, &e, &c); 519 CHECK_GOTO(BN_add(&d, &e, &c));
507 BN_sub(&d, &d, &a); 520 CHECK_GOTO(BN_sub(&d, &d, &a));
508 if (!BN_is_zero(&d)) { 521 if (!BN_is_zero(&d)) {
509 fprintf(stderr, "Division test failed!\n"); 522 fprintf(stderr, "Division test failed!\n");
510 rc = 0; 523 rc = 0;
511 break; 524 break;
512 } 525 }
513 } 526 }
527err:
514 BN_free(&a); 528 BN_free(&a);
515 BN_free(&b); 529 BN_free(&b);
516 BN_free(&c); 530 BN_free(&c);
@@ -578,16 +592,16 @@ test_div_word(BIO *bp)
578 592
579 if (bp != NULL) { 593 if (bp != NULL) {
580 if (!results) { 594 if (!results) {
581 BN_print(bp, &a); 595 CHECK_GOTO(BN_print(bp, &a));
582 BIO_puts(bp, " / "); 596 BIO_puts(bp, " / ");
583 print_word(bp, s); 597 print_word(bp, s);
584 BIO_puts(bp, " - "); 598 BIO_puts(bp, " - ");
585 } 599 }
586 BN_print(bp, &b); 600 CHECK_GOTO(BN_print(bp, &b));
587 BIO_puts(bp, "\n"); 601 BIO_puts(bp, "\n");
588 602
589 if (!results) { 603 if (!results) {
590 BN_print(bp, &a); 604 CHECK_GOTO(BN_print(bp, &a));
591 BIO_puts(bp, " % "); 605 BIO_puts(bp, " % ");
592 print_word(bp, s); 606 print_word(bp, s);
593 BIO_puts(bp, " - "); 607 BIO_puts(bp, " - ");
@@ -595,15 +609,16 @@ test_div_word(BIO *bp)
595 print_word(bp, r); 609 print_word(bp, r);
596 BIO_puts(bp, "\n"); 610 BIO_puts(bp, "\n");
597 } 611 }
598 BN_mul_word(&b, s); 612 CHECK_GOTO(BN_mul_word(&b, s));
599 BN_add_word(&b, r); 613 CHECK_GOTO(BN_add_word(&b, r));
600 BN_sub(&b, &a, &b); 614 CHECK_GOTO(BN_sub(&b, &a, &b));
601 if (!BN_is_zero(&b)) { 615 if (!BN_is_zero(&b)) {
602 fprintf(stderr, "Division (word) test failed!\n"); 616 fprintf(stderr, "Division (word) test failed!\n");
603 rc = 0; 617 rc = 0;
604 break; 618 break;
605 } 619 }
606 } 620 }
621err:
607 BN_free(&a); 622 BN_free(&a);
608 BN_free(&b); 623 BN_free(&b);
609 return (rc); 624 return (rc);
@@ -626,49 +641,50 @@ test_div_recp(BIO *bp, BN_CTX *ctx)
626 641
627 for (i = 0; i < num0 + num1; i++) { 642 for (i = 0; i < num0 + num1; i++) {
628 if (i < num1) { 643 if (i < num1) {
629 BN_bntest_rand(&a, 400, 0, 0); 644 CHECK_GOTO(BN_bntest_rand(&a, 400, 0, 0));
630 BN_copy(&b, &a); 645 CHECK_GOTO(BN_copy(&b, &a));
631 BN_lshift(&a, &a, i); 646 CHECK_GOTO(BN_lshift(&a, &a, i));
632 BN_add_word(&a, i); 647 CHECK_GOTO(BN_add_word(&a, i));
633 } else 648 } else
634 BN_bntest_rand(&b, 50 + 3 * (i - num1), 0, 0); 649 CHECK_GOTO(BN_bntest_rand(&b, 50 + 3 * (i - num1), 0, 0));
635 a.neg = rand_neg(); 650 a.neg = rand_neg();
636 b.neg = rand_neg(); 651 b.neg = rand_neg();
637 BN_RECP_CTX_set(&recp, &b, ctx); 652 CHECK_GOTO(BN_RECP_CTX_set(&recp, &b, ctx));
638 BN_div_recp(&d, &c, &a, &recp, ctx); 653 CHECK_GOTO(BN_div_recp(&d, &c, &a, &recp, ctx));
639 if (bp != NULL) { 654 if (bp != NULL) {
640 if (!results) { 655 if (!results) {
641 BN_print(bp, &a); 656 CHECK_GOTO(BN_print(bp, &a));
642 BIO_puts(bp, " / "); 657 BIO_puts(bp, " / ");
643 BN_print(bp, &b); 658 CHECK_GOTO(BN_print(bp, &b));
644 BIO_puts(bp, " - "); 659 BIO_puts(bp, " - ");
645 } 660 }
646 BN_print(bp, &d); 661 CHECK_GOTO(BN_print(bp, &d));
647 BIO_puts(bp, "\n"); 662 BIO_puts(bp, "\n");
648 663
649 if (!results) { 664 if (!results) {
650 BN_print(bp, &a); 665 CHECK_GOTO(BN_print(bp, &a));
651 BIO_puts(bp, " % "); 666 BIO_puts(bp, " % ");
652 BN_print(bp, &b); 667 CHECK_GOTO(BN_print(bp, &b));
653 BIO_puts(bp, " - "); 668 BIO_puts(bp, " - ");
654 } 669 }
655 BN_print(bp, &c); 670 CHECK_GOTO(BN_print(bp, &c));
656 BIO_puts(bp, "\n"); 671 BIO_puts(bp, "\n");
657 } 672 }
658 BN_mul(&e, &d, &b, ctx); 673 CHECK_GOTO(BN_mul(&e, &d, &b, ctx));
659 BN_add(&d, &e, &c); 674 CHECK_GOTO(BN_add(&d, &e, &c));
660 BN_sub(&d, &d, &a); 675 CHECK_GOTO(BN_sub(&d, &d, &a));
661 if (!BN_is_zero(&d)) { 676 if (!BN_is_zero(&d)) {
662 fprintf(stderr, "Reciprocal division test failed!\n"); 677 fprintf(stderr, "Reciprocal division test failed!\n");
663 fprintf(stderr, "a="); 678 fprintf(stderr, "a=");
664 BN_print_fp(stderr, &a); 679 CHECK_GOTO(BN_print_fp(stderr, &a));
665 fprintf(stderr, "\nb="); 680 fprintf(stderr, "\nb=");
666 BN_print_fp(stderr, &b); 681 CHECK_GOTO(BN_print_fp(stderr, &b));
667 fprintf(stderr, "\n"); 682 fprintf(stderr, "\n");
668 rc = 0; 683 rc = 0;
669 break; 684 break;
670 } 685 }
671 } 686 }
687err:
672 BN_free(&a); 688 BN_free(&a);
673 BN_free(&b); 689 BN_free(&b);
674 BN_free(&c); 690 BN_free(&c);
@@ -698,31 +714,32 @@ test_mul(BIO *bp)
698 714
699 for (i = 0; i < num0 + num1; i++) { 715 for (i = 0; i < num0 + num1; i++) {
700 if (i <= num1) { 716 if (i <= num1) {
701 BN_bntest_rand(&a, 100, 0, 0); 717 CHECK_GOTO(BN_bntest_rand(&a, 100, 0, 0));
702 BN_bntest_rand(&b, 100, 0, 0); 718 CHECK_GOTO(BN_bntest_rand(&b, 100, 0, 0));
703 } else 719 } else
704 BN_bntest_rand(&b, i - num1, 0, 0); 720 CHECK_GOTO(BN_bntest_rand(&b, i - num1, 0, 0));
705 a.neg = rand_neg(); 721 a.neg = rand_neg();
706 b.neg = rand_neg(); 722 b.neg = rand_neg();
707 BN_mul(&c, &a, &b, ctx); 723 CHECK_GOTO(BN_mul(&c, &a, &b, ctx));
708 if (bp != NULL) { 724 if (bp != NULL) {
709 if (!results) { 725 if (!results) {
710 BN_print(bp, &a); 726 CHECK_GOTO(BN_print(bp, &a));
711 BIO_puts(bp, " * "); 727 BIO_puts(bp, " * ");
712 BN_print(bp, &b); 728 CHECK_GOTO(BN_print(bp, &b));
713 BIO_puts(bp, " - "); 729 BIO_puts(bp, " - ");
714 } 730 }
715 BN_print(bp, &c); 731 CHECK_GOTO(BN_print(bp, &c));
716 BIO_puts(bp, "\n"); 732 BIO_puts(bp, "\n");
717 } 733 }
718 BN_div(&d, &e, &c, &a, ctx); 734 CHECK_GOTO(BN_div(&d, &e, &c, &a, ctx));
719 BN_sub(&d, &d, &b); 735 CHECK_GOTO(BN_sub(&d, &d, &b));
720 if (!BN_is_zero(&d) || !BN_is_zero(&e)) { 736 if (!BN_is_zero(&d) || !BN_is_zero(&e)) {
721 fprintf(stderr, "Multiplication test failed!\n"); 737 fprintf(stderr, "Multiplication test failed!\n");
722 rc = 0; 738 rc = 0;
723 break; 739 break;
724 } 740 }
725 } 741 }
742err:
726 BN_free(&a); 743 BN_free(&a);
727 BN_free(&b); 744 BN_free(&b);
728 BN_free(&c); 745 BN_free(&c);
@@ -736,7 +753,7 @@ int
736test_sqr(BIO *bp, BN_CTX *ctx) 753test_sqr(BIO *bp, BN_CTX *ctx)
737{ 754{
738 BIGNUM *a, *c, *d, *e; 755 BIGNUM *a, *c, *d, *e;
739 int i, ret = 0; 756 int i, rc = 0;
740 757
741 a = BN_new(); 758 a = BN_new();
742 c = BN_new(); 759 c = BN_new();
@@ -744,21 +761,21 @@ test_sqr(BIO *bp, BN_CTX *ctx)
744 e = BN_new(); 761 e = BN_new();
745 762
746 for (i = 0; i < num0; i++) { 763 for (i = 0; i < num0; i++) {
747 BN_bntest_rand(a, 40 + i * 10, 0, 0); 764 CHECK_GOTO(BN_bntest_rand(a, 40 + i * 10, 0, 0));
748 a->neg = rand_neg(); 765 a->neg = rand_neg();
749 BN_sqr(c, a, ctx); 766 CHECK_GOTO(BN_sqr(c, a, ctx));
750 if (bp != NULL) { 767 if (bp != NULL) {
751 if (!results) { 768 if (!results) {
752 BN_print(bp, a); 769 CHECK_GOTO(BN_print(bp, a));
753 BIO_puts(bp, " * "); 770 BIO_puts(bp, " * ");
754 BN_print(bp, a); 771 CHECK_GOTO(BN_print(bp, a));
755 BIO_puts(bp, " - "); 772 BIO_puts(bp, " - ");
756 } 773 }
757 BN_print(bp, c); 774 CHECK_GOTO(BN_print(bp, c));
758 BIO_puts(bp, "\n"); 775 BIO_puts(bp, "\n");
759 } 776 }
760 BN_div(d, e, c, a, ctx); 777 CHECK_GOTO(BN_div(d, e, c, a, ctx));
761 BN_sub(d, d, a); 778 CHECK_GOTO(BN_sub(d, d, a));
762 if (!BN_is_zero(d) || !BN_is_zero(e)) { 779 if (!BN_is_zero(d) || !BN_is_zero(e)) {
763 fprintf(stderr, "Square test failed!\n"); 780 fprintf(stderr, "Square test failed!\n");
764 goto err; 781 goto err;
@@ -771,18 +788,18 @@ test_sqr(BIO *bp, BN_CTX *ctx)
771 fprintf(stderr, "BN_hex2bn failed\n"); 788 fprintf(stderr, "BN_hex2bn failed\n");
772 goto err; 789 goto err;
773 } 790 }
774 BN_sqr(c, a, ctx); 791 CHECK_GOTO(BN_sqr(c, a, ctx));
775 if (bp != NULL) { 792 if (bp != NULL) {
776 if (!results) { 793 if (!results) {
777 BN_print(bp, a); 794 CHECK_GOTO(BN_print(bp, a));
778 BIO_puts(bp, " * "); 795 BIO_puts(bp, " * ");
779 BN_print(bp, a); 796 CHECK_GOTO(BN_print(bp, a));
780 BIO_puts(bp, " - "); 797 BIO_puts(bp, " - ");
781 } 798 }
782 BN_print(bp, c); 799 CHECK_GOTO(BN_print(bp, c));
783 BIO_puts(bp, "\n"); 800 BIO_puts(bp, "\n");
784 } 801 }
785 BN_mul(d, a, a, ctx); 802 CHECK_GOTO(BN_mul(d, a, a, ctx));
786 if (BN_cmp(c, d)) { 803 if (BN_cmp(c, d)) {
787 fprintf(stderr, 804 fprintf(stderr,
788 "Square test failed: BN_sqr and BN_mul produce " 805 "Square test failed: BN_sqr and BN_mul produce "
@@ -796,30 +813,30 @@ test_sqr(BIO *bp, BN_CTX *ctx)
796 fprintf(stderr, "BN_hex2bn failed\n"); 813 fprintf(stderr, "BN_hex2bn failed\n");
797 goto err; 814 goto err;
798 } 815 }
799 BN_sqr(c, a, ctx); 816 CHECK_GOTO(BN_sqr(c, a, ctx));
800 if (bp != NULL) { 817 if (bp != NULL) {
801 if (!results) { 818 if (!results) {
802 BN_print(bp, a); 819 CHECK_GOTO(BN_print(bp, a));
803 BIO_puts(bp, " * "); 820 BIO_puts(bp, " * ");
804 BN_print(bp, a); 821 CHECK_GOTO(BN_print(bp, a));
805 BIO_puts(bp, " - "); 822 BIO_puts(bp, " - ");
806 } 823 }
807 BN_print(bp, c); 824 CHECK_GOTO(BN_print(bp, c));
808 BIO_puts(bp, "\n"); 825 BIO_puts(bp, "\n");
809 } 826 }
810 BN_mul(d, a, a, ctx); 827 CHECK_GOTO(BN_mul(d, a, a, ctx));
811 if (BN_cmp(c, d)) { 828 if (BN_cmp(c, d)) {
812 fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce " 829 fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
813 "different results!\n"); 830 "different results!\n");
814 goto err; 831 goto err;
815 } 832 }
816 ret = 1; 833 rc = 1;
817err: 834err:
818 BN_free(a); 835 BN_free(a);
819 BN_free(c); 836 BN_free(c);
820 BN_free(d); 837 BN_free(d);
821 BN_free(e); 838 BN_free(e);
822 return ret; 839 return rc;
823} 840}
824 841
825int 842int
@@ -843,56 +860,57 @@ test_mont(BIO *bp, BN_CTX *ctx)
843 BN_init(&B); 860 BN_init(&B);
844 BN_init(&n); 861 BN_init(&n);
845 862
846 BN_zero(&n); 863 CHECK_GOTO(BN_zero(&n));
847 if (BN_MONT_CTX_set(mont, &n, ctx)) { 864 if (BN_MONT_CTX_set(mont, &n, ctx)) {
848 fprintf(stderr, "BN_MONT_CTX_set succeeded for zero modulus!\n"); 865 fprintf(stderr, "BN_MONT_CTX_set succeeded for zero modulus!\n");
849 return (0); 866 return (0);
850 } 867 }
851 868
852 BN_set_word(&n, 16); 869 CHECK_GOTO(BN_set_word(&n, 16));
853 if (BN_MONT_CTX_set(mont, &n, ctx)) { 870 if (BN_MONT_CTX_set(mont, &n, ctx)) {
854 fprintf(stderr, "BN_MONT_CTX_set succeeded for even modulus!\n"); 871 fprintf(stderr, "BN_MONT_CTX_set succeeded for even modulus!\n");
855 return (0); 872 return (0);
856 } 873 }
857 874
858 BN_bntest_rand(&a, 100, 0, 0); 875 CHECK_GOTO(BN_bntest_rand(&a, 100, 0, 0));
859 BN_bntest_rand(&b, 100, 0, 0); 876 CHECK_GOTO(BN_bntest_rand(&b, 100, 0, 0));
860 for (i = 0; i < num2; i++) { 877 for (i = 0; i < num2; i++) {
861 int bits = (200 * (i + 1)) / num2; 878 int bits = (200 * (i + 1)) / num2;
862 879
863 if (bits == 0) 880 if (bits == 0)
864 continue; 881 continue;
865 BN_bntest_rand(&n, bits, 0, 1); 882 CHECK_GOTO(BN_bntest_rand(&n, bits, 0, 1));
866 (void)BN_MONT_CTX_set(mont, &n, ctx); 883 CHECK_GOTO(BN_MONT_CTX_set(mont, &n, ctx));
867 884
868 BN_nnmod(&a, &a, &n, ctx); 885 CHECK_GOTO(BN_nnmod(&a, &a, &n, ctx));
869 BN_nnmod(&b, &b, &n, ctx); 886 CHECK_GOTO(BN_nnmod(&b, &b, &n, ctx));
870 887
871 BN_to_montgomery(&A, &a, mont, ctx); 888 CHECK_GOTO(BN_to_montgomery(&A, &a, mont, ctx));
872 BN_to_montgomery(&B, &b, mont, ctx); 889 CHECK_GOTO(BN_to_montgomery(&B, &b, mont, ctx));
873 890
874 BN_mod_mul_montgomery(&c, &A, &B, mont, ctx); 891 CHECK_GOTO(BN_mod_mul_montgomery(&c, &A, &B, mont, ctx));
875 BN_from_montgomery(&A, &c, mont, ctx); 892 CHECK_GOTO(BN_from_montgomery(&A, &c, mont, ctx));
876 if (bp != NULL) { 893 if (bp != NULL) {
877 if (!results) { 894 if (!results) {
878 BN_print(bp, &a); 895 CHECK_GOTO(BN_print(bp, &a));
879 BIO_puts(bp, " * "); 896 BIO_puts(bp, " * ");
880 BN_print(bp, &b); 897 CHECK_GOTO(BN_print(bp, &b));
881 BIO_puts(bp, " % "); 898 BIO_puts(bp, " % ");
882 BN_print(bp, &(mont->N)); 899 CHECK_GOTO(BN_print(bp, &(mont->N)));
883 BIO_puts(bp, " - "); 900 BIO_puts(bp, " - ");
884 } 901 }
885 BN_print(bp, &A); 902 CHECK_GOTO(BN_print(bp, &A));
886 BIO_puts(bp, "\n"); 903 BIO_puts(bp, "\n");
887 } 904 }
888 BN_mod_mul(&d, &a, &b, &n, ctx); 905 CHECK_GOTO(BN_mod_mul(&d, &a, &b, &n, ctx));
889 BN_sub(&d, &d, &A); 906 CHECK_GOTO(BN_sub(&d, &d, &A));
890 if (!BN_is_zero(&d)) { 907 if (!BN_is_zero(&d)) {
891 fprintf(stderr, "Montgomery multiplication test failed!\n"); 908 fprintf(stderr, "Montgomery multiplication test failed!\n");
892 rc = 0; 909 rc = 0;
893 break; 910 break;
894 } 911 }
895 } 912 }
913err:
896 BN_MONT_CTX_free(mont); 914 BN_MONT_CTX_free(mont);
897 BN_free(&a); 915 BN_free(&a);
898 BN_free(&b); 916 BN_free(&b);
@@ -917,30 +935,31 @@ test_mod(BIO *bp, BN_CTX *ctx)
917 d = BN_new(); 935 d = BN_new();
918 e = BN_new(); 936 e = BN_new();
919 937
920 BN_bntest_rand(a, 1024, 0, 0); 938 CHECK_GOTO(BN_bntest_rand(a, 1024, 0, 0));
921 for (i = 0; i < num0; i++) { 939 for (i = 0; i < num0; i++) {
922 BN_bntest_rand(b, 450 + i * 10, 0, 0); 940 CHECK_GOTO(BN_bntest_rand(b, 450 + i * 10, 0, 0));
923 a->neg = rand_neg(); 941 a->neg = rand_neg();
924 b->neg = rand_neg(); 942 b->neg = rand_neg();
925 BN_mod(c, a, b, ctx); 943 CHECK_GOTO(BN_mod(c, a, b, ctx));
926 if (bp != NULL) { 944 if (bp != NULL) {
927 if (!results) { 945 if (!results) {
928 BN_print(bp, a); 946 CHECK_GOTO(BN_print(bp, a));
929 BIO_puts(bp, " % "); 947 BIO_puts(bp, " % ");
930 BN_print(bp, b); 948 CHECK_GOTO(BN_print(bp, b));
931 BIO_puts(bp, " - "); 949 BIO_puts(bp, " - ");
932 } 950 }
933 BN_print(bp, c); 951 CHECK_GOTO(BN_print(bp, c));
934 BIO_puts(bp, "\n"); 952 BIO_puts(bp, "\n");
935 } 953 }
936 BN_div(d, e, a, b, ctx); 954 CHECK_GOTO(BN_div(d, e, a, b, ctx));
937 BN_sub(e, e, c); 955 CHECK_GOTO(BN_sub(e, e, c));
938 if (!BN_is_zero(e)) { 956 if (!BN_is_zero(e)) {
939 fprintf(stderr, "Modulo test failed!\n"); 957 fprintf(stderr, "Modulo test failed!\n");
940 rc = 0; 958 rc = 0;
941 break; 959 break;
942 } 960 }
943 } 961 }
962err:
944 BN_free(a); 963 BN_free(a);
945 BN_free(b); 964 BN_free(b);
946 BN_free(c); 965 BN_free(c);
@@ -962,19 +981,19 @@ test_mod_mul(BIO *bp, BN_CTX *ctx)
962 d = BN_new(); 981 d = BN_new();
963 e = BN_new(); 982 e = BN_new();
964 983
965 BN_one(a); 984 CHECK_GOTO(BN_one(a));
966 BN_one(b); 985 CHECK_GOTO(BN_one(b));
967 BN_zero(c); 986 CHECK_GOTO(BN_zero(c));
968 if (BN_mod_mul(e, a, b, c, ctx)) { 987 if (BN_mod_mul(e, a, b, c, ctx)) {
969 fprintf(stderr, "BN_mod_mul with zero modulus succeeded!\n"); 988 fprintf(stderr, "BN_mod_mul with zero modulus succeeded!\n");
970 return (0); 989 return (0);
971 } 990 }
972 991
973 for (j = 0; j < 3; j++) { 992 for (j = 0; j < 3; j++) {
974 BN_bntest_rand(c, 1024, 0, 0); 993 CHECK_GOTO(BN_bntest_rand(c, 1024, 0, 0));
975 for (i = 0; i < num0; i++) { 994 for (i = 0; i < num0; i++) {
976 BN_bntest_rand(a, 475 + i * 10, 0, 0); 995 CHECK_GOTO(BN_bntest_rand(a, 475 + i * 10, 0, 0));
977 BN_bntest_rand(b, 425 + i * 11, 0, 0); 996 CHECK_GOTO(BN_bntest_rand(b, 425 + i * 11, 0, 0));
978 a->neg = rand_neg(); 997 a->neg = rand_neg();
979 b->neg = rand_neg(); 998 b->neg = rand_neg();
980 if (!BN_mod_mul(e, a, b, c, ctx)) { 999 if (!BN_mod_mul(e, a, b, c, ctx)) {
@@ -987,11 +1006,11 @@ test_mod_mul(BIO *bp, BN_CTX *ctx)
987 } 1006 }
988 if (bp != NULL) { 1007 if (bp != NULL) {
989 if (!results) { 1008 if (!results) {
990 BN_print(bp, a); 1009 CHECK_GOTO(BN_print(bp, a));
991 BIO_puts(bp, " * "); 1010 BIO_puts(bp, " * ");
992 BN_print(bp, b); 1011 CHECK_GOTO(BN_print(bp, b));
993 BIO_puts(bp, " % "); 1012 BIO_puts(bp, " % ");
994 BN_print(bp, c); 1013 CHECK_GOTO(BN_print(bp, c));
995 if ((a->neg ^ b->neg) && !BN_is_zero(e)) { 1014 if ((a->neg ^ b->neg) && !BN_is_zero(e)) {
996 /* If (a*b) % c is negative, c must be added 1015 /* If (a*b) % c is negative, c must be added
997 * in order to obtain the normalized remainder 1016 * in order to obtain the normalized remainder
@@ -999,25 +1018,25 @@ test_mod_mul(BIO *bp, BN_CTX *ctx)
999 * BN_mod_mul could generate negative results) 1018 * BN_mod_mul could generate negative results)
1000 */ 1019 */
1001 BIO_puts(bp, " + "); 1020 BIO_puts(bp, " + ");
1002 BN_print(bp, c); 1021 CHECK_GOTO(BN_print(bp, c));
1003 } 1022 }
1004 BIO_puts(bp, " - "); 1023 BIO_puts(bp, " - ");
1005 } 1024 }
1006 BN_print(bp, e); 1025 CHECK_GOTO(BN_print(bp, e));
1007 BIO_puts(bp, "\n"); 1026 BIO_puts(bp, "\n");
1008 } 1027 }
1009 BN_mul(d, a, b, ctx); 1028 CHECK_GOTO(BN_mul(d, a, b, ctx));
1010 BN_sub(d, d, e); 1029 CHECK_GOTO(BN_sub(d, d, e));
1011 BN_div(a, b, d, c, ctx); 1030 CHECK_GOTO(BN_div(a, b, d, c, ctx));
1012 if (!BN_is_zero(b)) { 1031 if (!BN_is_zero(b)) {
1013 fprintf(stderr, "Modulo multiply test failed!\n"); 1032 fprintf(stderr, "Modulo multiply test failed!\n");
1014 ERR_print_errors_fp(stderr); 1033 ERR_print_errors_fp(stderr);
1015 rc = 0; 1034 rc = 0;
1016 goto done; 1035 goto err;
1017 } 1036 }
1018 } 1037 }
1019 } 1038 }
1020done: 1039err:
1021 BN_free(a); 1040 BN_free(a);
1022 BN_free(b); 1041 BN_free(b);
1023 BN_free(c); 1042 BN_free(c);
@@ -1039,9 +1058,9 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
1039 d = BN_new(); 1058 d = BN_new();
1040 e = BN_new(); 1059 e = BN_new();
1041 1060
1042 BN_one(a); 1061 CHECK_GOTO(BN_one(a));
1043 BN_one(b); 1062 CHECK_GOTO(BN_one(b));
1044 BN_zero(c); 1063 CHECK_GOTO(BN_zero(c));
1045 if (BN_mod_exp(d, a, b, c, ctx)) { 1064 if (BN_mod_exp(d, a, b, c, ctx)) {
1046 fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n"); 1065 fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n");
1047 return (0); 1066 return (0);
@@ -1055,10 +1074,10 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
1055 return (0); 1074 return (0);
1056 } 1075 }
1057 1076
1058 BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */ 1077 CHECK_GOTO(BN_bntest_rand(c, 30, 0, 1)); /* must be odd for montgomery */
1059 for (i = 0; i < num2; i++) { 1078 for (i = 0; i < num2; i++) {
1060 BN_bntest_rand(a, 20 + i * 5, 0, 0); 1079 CHECK_GOTO(BN_bntest_rand(a, 20 + i * 5, 0, 0));
1061 BN_bntest_rand(b, 2 + i, 0, 0); 1080 CHECK_GOTO(BN_bntest_rand(b, 2 + i, 0, 0));
1062 1081
1063 if (!BN_mod_exp(d, a, b, c, ctx)) { 1082 if (!BN_mod_exp(d, a, b, c, ctx)) {
1064 rc = 0; 1083 rc = 0;
@@ -1067,19 +1086,19 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
1067 1086
1068 if (bp != NULL) { 1087 if (bp != NULL) {
1069 if (!results) { 1088 if (!results) {
1070 BN_print(bp, a); 1089 CHECK_GOTO(BN_print(bp, a));
1071 BIO_puts(bp, " ^ "); 1090 BIO_puts(bp, " ^ ");
1072 BN_print(bp, b); 1091 CHECK_GOTO(BN_print(bp, b));
1073 BIO_puts(bp, " % "); 1092 BIO_puts(bp, " % ");
1074 BN_print(bp, c); 1093 CHECK_GOTO(BN_print(bp, c));
1075 BIO_puts(bp, " - "); 1094 BIO_puts(bp, " - ");
1076 } 1095 }
1077 BN_print(bp, d); 1096 CHECK_GOTO(BN_print(bp, d));
1078 BIO_puts(bp, "\n"); 1097 BIO_puts(bp, "\n");
1079 } 1098 }
1080 BN_exp(e, a, b, ctx); 1099 CHECK_GOTO(BN_exp(e, a, b, ctx));
1081 BN_sub(e, e, d); 1100 CHECK_GOTO(BN_sub(e, e, d));
1082 BN_div(a, b, e, c, ctx); 1101 CHECK_GOTO(BN_div(a, b, e, c, ctx));
1083 if (!BN_is_zero(b)) { 1102 if (!BN_is_zero(b)) {
1084 fprintf(stderr, "Modulo exponentiation test failed!\n"); 1103 fprintf(stderr, "Modulo exponentiation test failed!\n");
1085 rc = 0; 1104 rc = 0;
@@ -1087,10 +1106,10 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
1087 } 1106 }
1088 } 1107 }
1089 1108
1090 BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */ 1109 CHECK_GOTO(BN_bntest_rand(c, 30, 0, 1)); /* must be odd for montgomery */
1091 for (i = 0; i < num2; i++) { 1110 for (i = 0; i < num2; i++) {
1092 BN_bntest_rand(a, 20 + i * 5, 0, 0); 1111 CHECK_GOTO(BN_bntest_rand(a, 20 + i * 5, 0, 0));
1093 BN_bntest_rand(b, 2 + i, 0, 0); 1112 CHECK_GOTO(BN_bntest_rand(b, 2 + i, 0, 0));
1094 1113
1095 if (!BN_mod_exp_ct(d, a, b, c, ctx)) { 1114 if (!BN_mod_exp_ct(d, a, b, c, ctx)) {
1096 rc = 0; 1115 rc = 0;
@@ -1099,19 +1118,19 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
1099 1118
1100 if (bp != NULL) { 1119 if (bp != NULL) {
1101 if (!results) { 1120 if (!results) {
1102 BN_print(bp, a); 1121 CHECK_GOTO(BN_print(bp, a));
1103 BIO_puts(bp, " ^ "); 1122 BIO_puts(bp, " ^ ");
1104 BN_print(bp, b); 1123 CHECK_GOTO(BN_print(bp, b));
1105 BIO_puts(bp, " % "); 1124 BIO_puts(bp, " % ");
1106 BN_print(bp, c); 1125 CHECK_GOTO(BN_print(bp, c));
1107 BIO_puts(bp, " - "); 1126 BIO_puts(bp, " - ");
1108 } 1127 }
1109 BN_print(bp, d); 1128 CHECK_GOTO(BN_print(bp, d));
1110 BIO_puts(bp, "\n"); 1129 BIO_puts(bp, "\n");
1111 } 1130 }
1112 BN_exp(e, a, b, ctx); 1131 CHECK_GOTO(BN_exp(e, a, b, ctx));
1113 BN_sub(e, e, d); 1132 CHECK_GOTO(BN_sub(e, e, d));
1114 BN_div(a, b, e, c, ctx); 1133 CHECK_GOTO(BN_div(a, b, e, c, ctx));
1115 if (!BN_is_zero(b)) { 1134 if (!BN_is_zero(b)) {
1116 fprintf(stderr, "Modulo exponentiation test failed!\n"); 1135 fprintf(stderr, "Modulo exponentiation test failed!\n");
1117 rc = 0; 1136 rc = 0;
@@ -1119,10 +1138,10 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
1119 } 1138 }
1120 } 1139 }
1121 1140
1122 BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */ 1141 CHECK_GOTO(BN_bntest_rand(c, 30, 0, 1)); /* must be odd for montgomery */
1123 for (i = 0; i < num2; i++) { 1142 for (i = 0; i < num2; i++) {
1124 BN_bntest_rand(a, 20 + i * 5, 0, 0); 1143 CHECK_GOTO(BN_bntest_rand(a, 20 + i * 5, 0, 0));
1125 BN_bntest_rand(b, 2 + i, 0, 0); 1144 CHECK_GOTO(BN_bntest_rand(b, 2 + i, 0, 0));
1126 1145
1127 if (!BN_mod_exp_nonct(d, a, b, c, ctx)) { 1146 if (!BN_mod_exp_nonct(d, a, b, c, ctx)) {
1128 rc = 0; 1147 rc = 0;
@@ -1131,25 +1150,26 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
1131 1150
1132 if (bp != NULL) { 1151 if (bp != NULL) {
1133 if (!results) { 1152 if (!results) {
1134 BN_print(bp, a); 1153 CHECK_GOTO(BN_print(bp, a));
1135 BIO_puts(bp, " ^ "); 1154 BIO_puts(bp, " ^ ");
1136 BN_print(bp, b); 1155 CHECK_GOTO(BN_print(bp, b));
1137 BIO_puts(bp, " % "); 1156 BIO_puts(bp, " % ");
1138 BN_print(bp, c); 1157 CHECK_GOTO(BN_print(bp, c));
1139 BIO_puts(bp, " - "); 1158 BIO_puts(bp, " - ");
1140 } 1159 }
1141 BN_print(bp, d); 1160 CHECK_GOTO(BN_print(bp, d));
1142 BIO_puts(bp, "\n"); 1161 BIO_puts(bp, "\n");
1143 } 1162 }
1144 BN_exp(e, a, b, ctx); 1163 CHECK_GOTO(BN_exp(e, a, b, ctx));
1145 BN_sub(e, e, d); 1164 CHECK_GOTO(BN_sub(e, e, d));
1146 BN_div(a, b, e, c, ctx); 1165 CHECK_GOTO(BN_div(a, b, e, c, ctx));
1147 if (!BN_is_zero(b)) { 1166 if (!BN_is_zero(b)) {
1148 fprintf(stderr, "Modulo exponentiation test failed!\n"); 1167 fprintf(stderr, "Modulo exponentiation test failed!\n");
1149 rc = 0; 1168 rc = 0;
1150 break; 1169 break;
1151 } 1170 }
1152 } 1171 }
1172err:
1153 BN_free(a); 1173 BN_free(a);
1154 BN_free(b); 1174 BN_free(b);
1155 BN_free(c); 1175 BN_free(c);
@@ -1171,9 +1191,9 @@ test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
1171 d = BN_new(); 1191 d = BN_new();
1172 e = BN_new(); 1192 e = BN_new();
1173 1193
1174 BN_one(a); 1194 CHECK_GOTO(BN_one(a));
1175 BN_one(b); 1195 CHECK_GOTO(BN_one(b));
1176 BN_zero(c); 1196 CHECK_GOTO(BN_zero(c));
1177 if (BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) { 1197 if (BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) {
1178 fprintf(stderr, "BN_mod_exp_mont_consttime with zero modulus " 1198 fprintf(stderr, "BN_mod_exp_mont_consttime with zero modulus "
1179 "succeeded\n"); 1199 "succeeded\n");
@@ -1181,7 +1201,7 @@ test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
1181 goto err; 1201 goto err;
1182 } 1202 }
1183 1203
1184 BN_set_word(c, 16); 1204 CHECK_GOTO(BN_set_word(c, 16));
1185 if (BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) { 1205 if (BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) {
1186 fprintf(stderr, "BN_mod_exp_mont_consttime with even modulus " 1206 fprintf(stderr, "BN_mod_exp_mont_consttime with even modulus "
1187 "succeeded\n"); 1207 "succeeded\n");
@@ -1189,10 +1209,10 @@ test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
1189 goto err; 1209 goto err;
1190 } 1210 }
1191 1211
1192 BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */ 1212 CHECK_GOTO(BN_bntest_rand(c, 30, 0, 1)); /* must be odd for montgomery */
1193 for (i = 0; i < num2; i++) { 1213 for (i = 0; i < num2; i++) {
1194 BN_bntest_rand(a, 20 + i * 5, 0, 0); 1214 CHECK_GOTO(BN_bntest_rand(a, 20 + i * 5, 0, 0));
1195 BN_bntest_rand(b, 2 + i, 0, 0); 1215 CHECK_GOTO(BN_bntest_rand(b, 2 + i, 0, 0));
1196 1216
1197 if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) { 1217 if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) {
1198 rc = 0; 1218 rc = 0;
@@ -1201,19 +1221,19 @@ test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
1201 1221
1202 if (bp != NULL) { 1222 if (bp != NULL) {
1203 if (!results) { 1223 if (!results) {
1204 BN_print(bp, a); 1224 CHECK_GOTO(BN_print(bp, a));
1205 BIO_puts(bp, " ^ "); 1225 BIO_puts(bp, " ^ ");
1206 BN_print(bp, b); 1226 CHECK_GOTO(BN_print(bp, b));
1207 BIO_puts(bp, " % "); 1227 BIO_puts(bp, " % ");
1208 BN_print(bp, c); 1228 CHECK_GOTO(BN_print(bp, c));
1209 BIO_puts(bp, " - "); 1229 BIO_puts(bp, " - ");
1210 } 1230 }
1211 BN_print(bp, d); 1231 CHECK_GOTO(BN_print(bp, d));
1212 BIO_puts(bp, "\n"); 1232 BIO_puts(bp, "\n");
1213 } 1233 }
1214 BN_exp(e, a, b, ctx); 1234 CHECK_GOTO(BN_exp(e, a, b, ctx));
1215 BN_sub(e, e, d); 1235 CHECK_GOTO(BN_sub(e, e, d));
1216 BN_div(a, b, e, c, ctx); 1236 CHECK_GOTO(BN_div(a, b, e, c, ctx));
1217 if (!BN_is_zero(b)) { 1237 if (!BN_is_zero(b)) {
1218 fprintf(stderr, "Modulo exponentiation test failed!\n"); 1238 fprintf(stderr, "Modulo exponentiation test failed!\n");
1219 rc = 0; 1239 rc = 0;
@@ -1237,7 +1257,7 @@ int
1237test_mod_exp_mont5(BIO *bp, BN_CTX *ctx) 1257test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1238{ 1258{
1239 BIGNUM *a, *p, *m, *d, *e, *b, *n, *c; 1259 BIGNUM *a, *p, *m, *d, *e, *b, *n, *c;
1240 int rc = 1; 1260 int len, rc = 1;
1241 BN_MONT_CTX *mont; 1261 BN_MONT_CTX *mont;
1242 1262
1243 a = BN_new(); 1263 a = BN_new();
@@ -1249,12 +1269,12 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1249 n = BN_new(); 1269 n = BN_new();
1250 c = BN_new(); 1270 c = BN_new();
1251 1271
1252 mont = BN_MONT_CTX_new(); 1272 CHECK_GOTO(mont = BN_MONT_CTX_new());
1253 1273
1254 BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */ 1274 CHECK_GOTO(BN_bntest_rand(m, 1024, 0, 1)); /* must be odd for montgomery */
1255 /* Zero exponent */ 1275 /* Zero exponent */
1256 BN_bntest_rand(a, 1024, 0, 0); 1276 CHECK_GOTO(BN_bntest_rand(a, 1024, 0, 0));
1257 BN_zero(p); 1277 CHECK_GOTO(BN_zero(p));
1258 if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) { 1278 if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) {
1259 rc = 0; 1279 rc = 0;
1260 goto err; 1280 goto err;
@@ -1265,24 +1285,27 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1265 goto err; 1285 goto err;
1266 } 1286 }
1267 /* Regression test for carry bug in mulx4x_mont */ 1287 /* Regression test for carry bug in mulx4x_mont */
1268 BN_hex2bn(&a, 1288 len = BN_hex2bn(&a,
1269 "7878787878787878787878787878787878787878787878787878787878787878" 1289 "7878787878787878787878787878787878787878787878787878787878787878"
1270 "7878787878787878787878787878787878787878787878787878787878787878" 1290 "7878787878787878787878787878787878787878787878787878787878787878"
1271 "7878787878787878787878787878787878787878787878787878787878787878" 1291 "7878787878787878787878787878787878787878787878787878787878787878"
1272 "7878787878787878787878787878787878787878787878787878787878787878"); 1292 "7878787878787878787878787878787878787878787878787878787878787878");
1273 BN_hex2bn(&b, 1293 CHECK_GOTO(len);
1294 len = BN_hex2bn(&b,
1274 "095D72C08C097BA488C5E439C655A192EAFB6380073D8C2664668EDDB4060744" 1295 "095D72C08C097BA488C5E439C655A192EAFB6380073D8C2664668EDDB4060744"
1275 "E16E57FB4EDB9AE10A0CEFCDC28A894F689A128379DB279D48A2E20849D68593" 1296 "E16E57FB4EDB9AE10A0CEFCDC28A894F689A128379DB279D48A2E20849D68593"
1276 "9B7803BCF46CEBF5C533FB0DD35B080593DE5472E3FE5DB951B8BFF9B4CB8F03" 1297 "9B7803BCF46CEBF5C533FB0DD35B080593DE5472E3FE5DB951B8BFF9B4CB8F03"
1277 "9CC638A5EE8CDD703719F8000E6A9F63BEED5F2FCD52FF293EA05A251BB4AB81"); 1298 "9CC638A5EE8CDD703719F8000E6A9F63BEED5F2FCD52FF293EA05A251BB4AB81");
1278 BN_hex2bn(&n, 1299 CHECK_GOTO(len);
1300 len = BN_hex2bn(&n,
1279 "D78AF684E71DB0C39CFF4E64FB9DB567132CB9C50CC98009FEB820B26F2DED9B" 1301 "D78AF684E71DB0C39CFF4E64FB9DB567132CB9C50CC98009FEB820B26F2DED9B"
1280 "91B9B5E2B83AE0AE4EB4E0523CA726BFBE969B89FD754F674CE99118C3F2D1C5" 1302 "91B9B5E2B83AE0AE4EB4E0523CA726BFBE969B89FD754F674CE99118C3F2D1C5"
1281 "D81FDC7C54E02B60262B241D53C040E99E45826ECA37A804668E690E1AFC1CA4" 1303 "D81FDC7C54E02B60262B241D53C040E99E45826ECA37A804668E690E1AFC1CA4"
1282 "2C9A15D84D4954425F0B7642FC0BD9D7B24E2618D2DCC9B729D944BADACFDDAF"); 1304 "2C9A15D84D4954425F0B7642FC0BD9D7B24E2618D2DCC9B729D944BADACFDDAF");
1283 BN_MONT_CTX_set(mont, n, ctx); 1305 CHECK_GOTO(len);
1284 BN_mod_mul_montgomery(c, a, b, mont, ctx); 1306 CHECK_GOTO(BN_MONT_CTX_set(mont, n, ctx));
1285 BN_mod_mul_montgomery(d, b, a, mont, ctx); 1307 CHECK_GOTO(BN_mod_mul_montgomery(c, a, b, mont, ctx));
1308 CHECK_GOTO(BN_mod_mul_montgomery(d, b, a, mont, ctx));
1286 if (BN_cmp(c, d)) { 1309 if (BN_cmp(c, d)) {
1287 fprintf(stderr, "Montgomery multiplication test failed:" 1310 fprintf(stderr, "Montgomery multiplication test failed:"
1288 " a*b != b*a.\n"); 1311 " a*b != b*a.\n");
@@ -1290,7 +1313,7 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1290 goto err; 1313 goto err;
1291 } 1314 }
1292 /* Regression test for carry bug in sqr[x]8x_mont */ 1315 /* Regression test for carry bug in sqr[x]8x_mont */
1293 BN_hex2bn(&n, 1316 len = BN_hex2bn(&n,
1294 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" 1317 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
1295 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" 1318 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
1296 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" 1319 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
@@ -1307,7 +1330,8 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1307 "0000000000000000000000000000000000000000000000000000000000000000" 1330 "0000000000000000000000000000000000000000000000000000000000000000"
1308 "0000000000000000000000000000000000000000000000000000000000000000" 1331 "0000000000000000000000000000000000000000000000000000000000000000"
1309 "00000000000000000000000000000000000000000000000000FFFFFFFFFFFFFF"); 1332 "00000000000000000000000000000000000000000000000000FFFFFFFFFFFFFF");
1310 BN_hex2bn(&a, 1333 CHECK_GOTO(len);
1334 len = BN_hex2bn(&a,
1311 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" 1335 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
1312 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" 1336 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
1313 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" 1337 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
@@ -1324,10 +1348,12 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1324 "0000000000000000000000000000000000000000000000000000000000000000" 1348 "0000000000000000000000000000000000000000000000000000000000000000"
1325 "0000000000000000000000000000000000000000000000000000000000000000" 1349 "0000000000000000000000000000000000000000000000000000000000000000"
1326 "000000000000000000000000000000000000000000FFFFFFFFFFFFFF00000000"); 1350 "000000000000000000000000000000000000000000FFFFFFFFFFFFFF00000000");
1327 b = BN_dup(a); 1351 CHECK_GOTO(len);
1328 BN_MONT_CTX_set(mont, n, ctx); 1352 BN_free(b);
1329 BN_mod_mul_montgomery(c, a, a, mont, ctx); 1353 CHECK_GOTO(b = BN_dup(a));
1330 BN_mod_mul_montgomery(d, a, b, mont, ctx); 1354 CHECK_GOTO(BN_MONT_CTX_set(mont, n, ctx));
1355 CHECK_GOTO(BN_mod_mul_montgomery(c, a, a, mont, ctx));
1356 CHECK_GOTO(BN_mod_mul_montgomery(d, a, b, mont, ctx));
1331 if (BN_cmp(c, d)) { 1357 if (BN_cmp(c, d)) {
1332 fprintf(stderr, "Montgomery multiplication test failed:" 1358 fprintf(stderr, "Montgomery multiplication test failed:"
1333 " a**2 != a*a.\n"); 1359 " a**2 != a*a.\n");
@@ -1335,8 +1361,8 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1335 goto err; 1361 goto err;
1336 } 1362 }
1337 /* Zero input */ 1363 /* Zero input */
1338 BN_bntest_rand(p, 1024, 0, 0); 1364 CHECK_GOTO(BN_bntest_rand(p, 1024, 0, 0));
1339 BN_zero(a); 1365 CHECK_GOTO(BN_zero(a));
1340 if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) { 1366 if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) {
1341 rc = 0; 1367 rc = 0;
1342 goto err; 1368 goto err;
@@ -1351,8 +1377,8 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1351 * than the modulus m, in order to test the const time precomputation 1377 * than the modulus m, in order to test the const time precomputation
1352 * scattering/gathering. 1378 * scattering/gathering.
1353 */ 1379 */
1354 BN_one(a); 1380 CHECK_GOTO(BN_one(a));
1355 BN_MONT_CTX_set(mont, m, ctx); 1381 CHECK_GOTO(BN_MONT_CTX_set(mont, m, ctx));
1356 if (!BN_from_montgomery(e, a, mont, ctx)) { 1382 if (!BN_from_montgomery(e, a, mont, ctx)) {
1357 rc = 0; 1383 rc = 0;
1358 goto err; 1384 goto err;
@@ -1371,7 +1397,7 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
1371 goto err; 1397 goto err;
1372 } 1398 }
1373 /* Finally, some regular test vectors. */ 1399 /* Finally, some regular test vectors. */
1374 BN_bntest_rand(e, 1024, 0, 0); 1400 CHECK_GOTO(BN_bntest_rand(e, 1024, 0, 0));
1375 if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL)) { 1401 if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL)) {
1376 rc = 0; 1402 rc = 0;
1377 goto err; 1403 goto err;
@@ -1409,11 +1435,11 @@ test_exp(BIO *bp, BN_CTX *ctx)
1409 d = BN_new(); 1435 d = BN_new();
1410 e = BN_new(); 1436 e = BN_new();
1411 one = BN_new(); 1437 one = BN_new();
1412 BN_one(one); 1438 CHECK_GOTO(BN_one(one));
1413 1439
1414 for (i = 0; i < num2; i++) { 1440 for (i = 0; i < num2; i++) {
1415 BN_bntest_rand(a, 20 + i * 5, 0, 0); 1441 CHECK_GOTO(BN_bntest_rand(a, 20 + i * 5, 0, 0));
1416 BN_bntest_rand(b, 2 + i, 0, 0); 1442 CHECK_GOTO(BN_bntest_rand(b, 2 + i, 0, 0));
1417 1443
1418 if (BN_exp(d, a, b, ctx) <= 0) { 1444 if (BN_exp(d, a, b, ctx) <= 0) {
1419 rc = 0; 1445 rc = 0;
@@ -1422,24 +1448,25 @@ test_exp(BIO *bp, BN_CTX *ctx)
1422 1448
1423 if (bp != NULL) { 1449 if (bp != NULL) {
1424 if (!results) { 1450 if (!results) {
1425 BN_print(bp, a); 1451 CHECK_GOTO(BN_print(bp, a));
1426 BIO_puts(bp, " ^ "); 1452 BIO_puts(bp, " ^ ");
1427 BN_print(bp, b); 1453 CHECK_GOTO(BN_print(bp, b));
1428 BIO_puts(bp, " - "); 1454 BIO_puts(bp, " - ");
1429 } 1455 }
1430 BN_print(bp, d); 1456 CHECK_GOTO(BN_print(bp, d));
1431 BIO_puts(bp, "\n"); 1457 BIO_puts(bp, "\n");
1432 } 1458 }
1433 BN_one(e); 1459 CHECK_GOTO(BN_one(e));
1434 for (; !BN_is_zero(b); BN_sub(b, b, one)) 1460 for (; !BN_is_zero(b); BN_sub(b, b, one))
1435 BN_mul(e, e, a, ctx); 1461 CHECK_GOTO(BN_mul(e, e, a, ctx));
1436 BN_sub(e, e, d); 1462 CHECK_GOTO(BN_sub(e, e, d));
1437 if (!BN_is_zero(e)) { 1463 if (!BN_is_zero(e)) {
1438 fprintf(stderr, "Exponentiation test failed!\n"); 1464 fprintf(stderr, "Exponentiation test failed!\n");
1439 rc = 0; 1465 rc = 0;
1440 break; 1466 break;
1441 } 1467 }
1442 } 1468 }
1469err:
1443 BN_free(a); 1470 BN_free(a);
1444 BN_free(b); 1471 BN_free(b);
1445 BN_free(d); 1472 BN_free(d);
@@ -1453,27 +1480,27 @@ int
1453test_gf2m_add(BIO *bp) 1480test_gf2m_add(BIO *bp)
1454{ 1481{
1455 BIGNUM a, b, c; 1482 BIGNUM a, b, c;
1456 int i, ret = 0; 1483 int i, rc = 0;
1457 1484
1458 BN_init(&a); 1485 BN_init(&a);
1459 BN_init(&b); 1486 BN_init(&b);
1460 BN_init(&c); 1487 BN_init(&c);
1461 1488
1462 for (i = 0; i < num0; i++) { 1489 for (i = 0; i < num0; i++) {
1463 BN_rand(&a, 512, 0, 0); 1490 CHECK_GOTO(BN_rand(&a, 512, 0, 0));
1464 BN_copy(&b, BN_value_one()); 1491 CHECK_GOTO(BN_copy(&b, BN_value_one()));
1465 a.neg = rand_neg(); 1492 a.neg = rand_neg();
1466 b.neg = rand_neg(); 1493 b.neg = rand_neg();
1467 BN_GF2m_add(&c, &a, &b); 1494 CHECK_GOTO(BN_GF2m_add(&c, &a, &b));
1468#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1495#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1469 if (bp != NULL) { 1496 if (bp != NULL) {
1470 if (!results) { 1497 if (!results) {
1471 BN_print(bp, &a); 1498 CHECK_GOTO(BN_print(bp, &a));
1472 BIO_puts(bp, " ^ "); 1499 BIO_puts(bp, " ^ ");
1473 BN_print(bp, &b); 1500 CHECK_GOTO(BN_print(bp, &b));
1474 BIO_puts(bp, " = "); 1501 BIO_puts(bp, " = ");
1475 } 1502 }
1476 BN_print(bp, &c); 1503 CHECK_GOTO(BN_print(bp, &c));
1477 BIO_puts(bp, "\n"); 1504 BIO_puts(bp, "\n");
1478 } 1505 }
1479#endif 1506#endif
@@ -1483,26 +1510,26 @@ test_gf2m_add(BIO *bp)
1483 fprintf(stderr, "GF(2^m) addition test (a) failed!\n"); 1510 fprintf(stderr, "GF(2^m) addition test (a) failed!\n");
1484 goto err; 1511 goto err;
1485 } 1512 }
1486 BN_GF2m_add(&c, &c, &c); 1513 CHECK_GOTO(BN_GF2m_add(&c, &c, &c));
1487 /* Test that c + c = 0. */ 1514 /* Test that c + c = 0. */
1488 if (!BN_is_zero(&c)) { 1515 if (!BN_is_zero(&c)) {
1489 fprintf(stderr, "GF(2^m) addition test (b) failed!\n"); 1516 fprintf(stderr, "GF(2^m) addition test (b) failed!\n");
1490 goto err; 1517 goto err;
1491 } 1518 }
1492 } 1519 }
1493 ret = 1; 1520 rc = 1;
1494err: 1521err:
1495 BN_free(&a); 1522 BN_free(&a);
1496 BN_free(&b); 1523 BN_free(&b);
1497 BN_free(&c); 1524 BN_free(&c);
1498 return ret; 1525 return rc;
1499} 1526}
1500 1527
1501int 1528int
1502test_gf2m_mod(BIO *bp) 1529test_gf2m_mod(BIO *bp)
1503{ 1530{
1504 BIGNUM *a, *b[2], *c, *d, *e; 1531 BIGNUM *a, *b[2], *c, *d, *e;
1505 int i, j, ret = 0; 1532 int i, j, rc = 0;
1506 int p0[] = { 163, 7, 6, 3, 0, -1 }; 1533 int p0[] = { 163, 7, 6, 3, 0, -1 };
1507 int p1[] = { 193, 15, 0, -1 }; 1534 int p1[] = { 193, 15, 0, -1 };
1508 1535
@@ -1513,27 +1540,27 @@ test_gf2m_mod(BIO *bp)
1513 d = BN_new(); 1540 d = BN_new();
1514 e = BN_new(); 1541 e = BN_new();
1515 1542
1516 BN_GF2m_arr2poly(p0, b[0]); 1543 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1517 BN_GF2m_arr2poly(p1, b[1]); 1544 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1518 1545
1519 for (i = 0; i < num0; i++) { 1546 for (i = 0; i < num0; i++) {
1520 BN_bntest_rand(a, 1024, 0, 0); 1547 CHECK_GOTO(BN_bntest_rand(a, 1024, 0, 0));
1521 for (j = 0; j < 2; j++) { 1548 for (j = 0; j < 2; j++) {
1522 BN_GF2m_mod(c, a, b[j]); 1549 CHECK_GOTO(BN_GF2m_mod(c, a, b[j]));
1523#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1550#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1524 if (bp != NULL) { 1551 if (bp != NULL) {
1525 if (!results) { 1552 if (!results) {
1526 BN_print(bp, a); 1553 CHECK_GOTO(BN_print(bp, a));
1527 BIO_puts(bp, " % "); 1554 BIO_puts(bp, " % ");
1528 BN_print(bp, b[j]); 1555 CHECK_GOTO(BN_print(bp, b[j]));
1529 BIO_puts(bp, " - "); 1556 BIO_puts(bp, " - ");
1530 BN_print(bp, c); 1557 CHECK_GOTO(BN_print(bp, c));
1531 BIO_puts(bp, "\n"); 1558 BIO_puts(bp, "\n");
1532 } 1559 }
1533 } 1560 }
1534#endif 1561#endif
1535 BN_GF2m_add(d, a, c); 1562 CHECK_GOTO(BN_GF2m_add(d, a, c));
1536 BN_GF2m_mod(e, d, b[j]); 1563 CHECK_GOTO(BN_GF2m_mod(e, d, b[j]));
1537 /* Test that a + (a mod p) mod p == 0. */ 1564 /* Test that a + (a mod p) mod p == 0. */
1538 if (!BN_is_zero(e)) { 1565 if (!BN_is_zero(e)) {
1539 fprintf(stderr, "GF(2^m) modulo test failed!\n"); 1566 fprintf(stderr, "GF(2^m) modulo test failed!\n");
@@ -1541,7 +1568,7 @@ test_gf2m_mod(BIO *bp)
1541 } 1568 }
1542 } 1569 }
1543 } 1570 }
1544 ret = 1; 1571 rc = 1;
1545err: 1572err:
1546 BN_free(a); 1573 BN_free(a);
1547 BN_free(b[0]); 1574 BN_free(b[0]);
@@ -1549,14 +1576,14 @@ err:
1549 BN_free(c); 1576 BN_free(c);
1550 BN_free(d); 1577 BN_free(d);
1551 BN_free(e); 1578 BN_free(e);
1552 return ret; 1579 return rc;
1553} 1580}
1554 1581
1555int 1582int
1556test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx) 1583test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx)
1557{ 1584{
1558 BIGNUM *a, *b[2], *c, *d, *e, *f, *g, *h; 1585 BIGNUM *a, *b[2], *c, *d, *e, *f, *g, *h;
1559 int i, j, ret = 0; 1586 int i, j, rc = 0;
1560 int p0[] = { 163, 7, 6, 3, 0, -1 }; 1587 int p0[] = { 163, 7, 6, 3, 0, -1 };
1561 int p1[] = { 193, 15, 0, -1 }; 1588 int p1[] = { 193, 15, 0, -1 };
1562 1589
@@ -1570,34 +1597,34 @@ test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx)
1570 g = BN_new(); 1597 g = BN_new();
1571 h = BN_new(); 1598 h = BN_new();
1572 1599
1573 BN_GF2m_arr2poly(p0, b[0]); 1600 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1574 BN_GF2m_arr2poly(p1, b[1]); 1601 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1575 1602
1576 for (i = 0; i < num0; i++) { 1603 for (i = 0; i < num0; i++) {
1577 BN_bntest_rand(a, 1024, 0, 0); 1604 CHECK_GOTO(BN_bntest_rand(a, 1024, 0, 0));
1578 BN_bntest_rand(c, 1024, 0, 0); 1605 CHECK_GOTO(BN_bntest_rand(c, 1024, 0, 0));
1579 BN_bntest_rand(d, 1024, 0, 0); 1606 CHECK_GOTO(BN_bntest_rand(d, 1024, 0, 0));
1580 for (j = 0; j < 2; j++) { 1607 for (j = 0; j < 2; j++) {
1581 BN_GF2m_mod_mul(e, a, c, b[j], ctx); 1608 CHECK_GOTO(BN_GF2m_mod_mul(e, a, c, b[j], ctx));
1582#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1609#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1583 if (bp != NULL) { 1610 if (bp != NULL) {
1584 if (!results) { 1611 if (!results) {
1585 BN_print(bp, a); 1612 CHECK_GOTO(BN_print(bp, a));
1586 BIO_puts(bp, " * "); 1613 BIO_puts(bp, " * ");
1587 BN_print(bp, c); 1614 CHECK_GOTO(BN_print(bp, c));
1588 BIO_puts(bp, " % "); 1615 BIO_puts(bp, " % ");
1589 BN_print(bp, b[j]); 1616 CHECK_GOTO(BN_print(bp, b[j]));
1590 BIO_puts(bp, " - "); 1617 BIO_puts(bp, " - ");
1591 BN_print(bp, e); 1618 CHECK_GOTO(BN_print(bp, e));
1592 BIO_puts(bp, "\n"); 1619 BIO_puts(bp, "\n");
1593 } 1620 }
1594 } 1621 }
1595#endif 1622#endif
1596 BN_GF2m_add(f, a, d); 1623 CHECK_GOTO(BN_GF2m_add(f, a, d));
1597 BN_GF2m_mod_mul(g, f, c, b[j], ctx); 1624 CHECK_GOTO(BN_GF2m_mod_mul(g, f, c, b[j], ctx));
1598 BN_GF2m_mod_mul(h, d, c, b[j], ctx); 1625 CHECK_GOTO(BN_GF2m_mod_mul(h, d, c, b[j], ctx));
1599 BN_GF2m_add(f, e, g); 1626 CHECK_GOTO(BN_GF2m_add(f, e, g));
1600 BN_GF2m_add(f, f, h); 1627 CHECK_GOTO(BN_GF2m_add(f, f, h));
1601 /* Test that (a+d)*c = a*c + d*c. */ 1628 /* Test that (a+d)*c = a*c + d*c. */
1602 if (!BN_is_zero(f)) { 1629 if (!BN_is_zero(f)) {
1603 fprintf(stderr, "GF(2^m) modular multiplication test failed!\n"); 1630 fprintf(stderr, "GF(2^m) modular multiplication test failed!\n");
@@ -1605,7 +1632,7 @@ test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx)
1605 } 1632 }
1606 } 1633 }
1607 } 1634 }
1608 ret = 1; 1635 rc = 1;
1609err: 1636err:
1610 BN_free(a); 1637 BN_free(a);
1611 BN_free(b[0]); 1638 BN_free(b[0]);
@@ -1616,14 +1643,14 @@ err:
1616 BN_free(f); 1643 BN_free(f);
1617 BN_free(g); 1644 BN_free(g);
1618 BN_free(h); 1645 BN_free(h);
1619 return ret; 1646 return rc;
1620} 1647}
1621 1648
1622int 1649int
1623test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx) 1650test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx)
1624{ 1651{
1625 BIGNUM *a, *b[2], *c, *d; 1652 BIGNUM *a, *b[2], *c, *d;
1626 int i, j, ret = 0; 1653 int i, j, rc = 0;
1627 int p0[] = { 163, 7, 6, 3, 0, -1 }; 1654 int p0[] = { 163, 7, 6, 3, 0, -1 };
1628 int p1[] = { 193, 15, 0, -1 }; 1655 int p1[] = { 193, 15, 0, -1 };
1629 1656
@@ -1633,30 +1660,30 @@ test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx)
1633 c = BN_new(); 1660 c = BN_new();
1634 d = BN_new(); 1661 d = BN_new();
1635 1662
1636 BN_GF2m_arr2poly(p0, b[0]); 1663 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1637 BN_GF2m_arr2poly(p1, b[1]); 1664 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1638 1665
1639 for (i = 0; i < num0; i++) { 1666 for (i = 0; i < num0; i++) {
1640 BN_bntest_rand(a, 1024, 0, 0); 1667 CHECK_GOTO(BN_bntest_rand(a, 1024, 0, 0));
1641 for (j = 0; j < 2; j++) { 1668 for (j = 0; j < 2; j++) {
1642 BN_GF2m_mod_sqr(c, a, b[j], ctx); 1669 CHECK_GOTO(BN_GF2m_mod_sqr(c, a, b[j], ctx));
1643 BN_copy(d, a); 1670 CHECK_GOTO(BN_copy(d, a));
1644 BN_GF2m_mod_mul(d, a, d, b[j], ctx); 1671 CHECK_GOTO(BN_GF2m_mod_mul(d, a, d, b[j], ctx));
1645#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1672#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1646 if (bp != NULL) { 1673 if (bp != NULL) {
1647 if (!results) { 1674 if (!results) {
1648 BN_print(bp, a); 1675 CHECK_GOTO(BN_print(bp, a));
1649 BIO_puts(bp, " ^ 2 % "); 1676 BIO_puts(bp, " ^ 2 % ");
1650 BN_print(bp, b[j]); 1677 CHECK_GOTO(BN_print(bp, b[j]));
1651 BIO_puts(bp, " = "); 1678 BIO_puts(bp, " = ");
1652 BN_print(bp, c); 1679 CHECK_GOTO(BN_print(bp, c));
1653 BIO_puts(bp, "; a * a = "); 1680 BIO_puts(bp, "; a * a = ");
1654 BN_print(bp, d); 1681 CHECK_GOTO(BN_print(bp, d));
1655 BIO_puts(bp, "\n"); 1682 BIO_puts(bp, "\n");
1656 } 1683 }
1657 } 1684 }
1658#endif 1685#endif
1659 BN_GF2m_add(d, c, d); 1686 CHECK_GOTO(BN_GF2m_add(d, c, d));
1660 /* Test that a*a = a^2. */ 1687 /* Test that a*a = a^2. */
1661 if (!BN_is_zero(d)) { 1688 if (!BN_is_zero(d)) {
1662 fprintf(stderr, "GF(2^m) modular squaring test failed!\n"); 1689 fprintf(stderr, "GF(2^m) modular squaring test failed!\n");
@@ -1664,21 +1691,21 @@ test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx)
1664 } 1691 }
1665 } 1692 }
1666 } 1693 }
1667 ret = 1; 1694 rc = 1;
1668err: 1695err:
1669 BN_free(a); 1696 BN_free(a);
1670 BN_free(b[0]); 1697 BN_free(b[0]);
1671 BN_free(b[1]); 1698 BN_free(b[1]);
1672 BN_free(c); 1699 BN_free(c);
1673 BN_free(d); 1700 BN_free(d);
1674 return ret; 1701 return rc;
1675} 1702}
1676 1703
1677int 1704int
1678test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx) 1705test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx)
1679{ 1706{
1680 BIGNUM *a, *b[2], *c, *d; 1707 BIGNUM *a, *b[2], *c, *d;
1681 int i, j, ret = 0; 1708 int i, j, rc = 0;
1682 int p0[] = { 163, 7, 6, 3, 0, -1 }; 1709 int p0[] = { 163, 7, 6, 3, 0, -1 };
1683 int p1[] = { 193, 15, 0, -1 }; 1710 int p1[] = { 193, 15, 0, -1 };
1684 1711
@@ -1688,22 +1715,22 @@ test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx)
1688 c = BN_new(); 1715 c = BN_new();
1689 d = BN_new(); 1716 d = BN_new();
1690 1717
1691 BN_GF2m_arr2poly(p0, b[0]); 1718 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1692 BN_GF2m_arr2poly(p1, b[1]); 1719 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1693 1720
1694 for (i = 0; i < num0; i++) { 1721 for (i = 0; i < num0; i++) {
1695 BN_bntest_rand(a, 512, 0, 0); 1722 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1696 for (j = 0; j < 2; j++) { 1723 for (j = 0; j < 2; j++) {
1697 BN_GF2m_mod_inv(c, a, b[j], ctx); 1724 CHECK_GOTO(BN_GF2m_mod_inv(c, a, b[j], ctx));
1698 BN_GF2m_mod_mul(d, a, c, b[j], ctx); 1725 CHECK_GOTO(BN_GF2m_mod_mul(d, a, c, b[j], ctx));
1699#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1726#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1700 if (bp != NULL) { 1727 if (bp != NULL) {
1701 if (!results) { 1728 if (!results) {
1702 BN_print(bp, a); 1729 CHECK_GOTO(BN_print(bp, a));
1703 BIO_puts(bp, " * "); 1730 BIO_puts(bp, " * ");
1704 BN_print(bp, c); 1731 CHECK_GOTO(BN_print(bp, c));
1705 BIO_puts(bp, " - 1 % "); 1732 BIO_puts(bp, " - 1 % ");
1706 BN_print(bp, b[j]); 1733 CHECK_GOTO(BN_print(bp, b[j]));
1707 BIO_puts(bp, "\n"); 1734 BIO_puts(bp, "\n");
1708 } 1735 }
1709 } 1736 }
@@ -1715,21 +1742,21 @@ test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx)
1715 } 1742 }
1716 } 1743 }
1717 } 1744 }
1718 ret = 1; 1745 rc = 1;
1719err: 1746err:
1720 BN_free(a); 1747 BN_free(a);
1721 BN_free(b[0]); 1748 BN_free(b[0]);
1722 BN_free(b[1]); 1749 BN_free(b[1]);
1723 BN_free(c); 1750 BN_free(c);
1724 BN_free(d); 1751 BN_free(d);
1725 return ret; 1752 return rc;
1726} 1753}
1727 1754
1728int 1755int
1729test_gf2m_mod_div(BIO *bp, BN_CTX *ctx) 1756test_gf2m_mod_div(BIO *bp, BN_CTX *ctx)
1730{ 1757{
1731 BIGNUM *a, *b[2], *c, *d, *e, *f; 1758 BIGNUM *a, *b[2], *c, *d, *e, *f;
1732 int i, j, ret = 0; 1759 int i, j, rc = 0;
1733 int p0[] = { 163, 7, 6, 3, 0, -1 }; 1760 int p0[] = { 163, 7, 6, 3, 0, -1 };
1734 int p1[] = { 193, 15, 0, -1 }; 1761 int p1[] = { 193, 15, 0, -1 };
1735 1762
@@ -1741,26 +1768,26 @@ test_gf2m_mod_div(BIO *bp, BN_CTX *ctx)
1741 e = BN_new(); 1768 e = BN_new();
1742 f = BN_new(); 1769 f = BN_new();
1743 1770
1744 BN_GF2m_arr2poly(p0, b[0]); 1771 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1745 BN_GF2m_arr2poly(p1, b[1]); 1772 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1746 1773
1747 for (i = 0; i < num0; i++) { 1774 for (i = 0; i < num0; i++) {
1748 BN_bntest_rand(a, 512, 0, 0); 1775 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1749 BN_bntest_rand(c, 512, 0, 0); 1776 CHECK_GOTO(BN_bntest_rand(c, 512, 0, 0));
1750 for (j = 0; j < 2; j++) { 1777 for (j = 0; j < 2; j++) {
1751 BN_GF2m_mod_div(d, a, c, b[j], ctx); 1778 CHECK_GOTO(BN_GF2m_mod_div(d, a, c, b[j], ctx));
1752 BN_GF2m_mod_mul(e, d, c, b[j], ctx); 1779 CHECK_GOTO(BN_GF2m_mod_mul(e, d, c, b[j], ctx));
1753 BN_GF2m_mod_div(f, a, e, b[j], ctx); 1780 CHECK_GOTO(BN_GF2m_mod_div(f, a, e, b[j], ctx));
1754#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1781#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1755 if (bp != NULL) { 1782 if (bp != NULL) {
1756 if (!results) { 1783 if (!results) {
1757 BN_print(bp, a); 1784 CHECK_GOTO(BN_print(bp, a));
1758 BIO_puts(bp, " = "); 1785 BIO_puts(bp, " = ");
1759 BN_print(bp, c); 1786 CHECK_GOTO(BN_print(bp, c));
1760 BIO_puts(bp, " * "); 1787 BIO_puts(bp, " * ");
1761 BN_print(bp, d); 1788 CHECK_GOTO(BN_print(bp, d));
1762 BIO_puts(bp, " % "); 1789 BIO_puts(bp, " % ");
1763 BN_print(bp, b[j]); 1790 CHECK_GOTO(BN_print(bp, b[j]));
1764 BIO_puts(bp, "\n"); 1791 BIO_puts(bp, "\n");
1765 } 1792 }
1766 } 1793 }
@@ -1772,7 +1799,7 @@ test_gf2m_mod_div(BIO *bp, BN_CTX *ctx)
1772 } 1799 }
1773 } 1800 }
1774 } 1801 }
1775 ret = 1; 1802 rc = 1;
1776err: 1803err:
1777 BN_free(a); 1804 BN_free(a);
1778 BN_free(b[0]); 1805 BN_free(b[0]);
@@ -1781,14 +1808,14 @@ err:
1781 BN_free(d); 1808 BN_free(d);
1782 BN_free(e); 1809 BN_free(e);
1783 BN_free(f); 1810 BN_free(f);
1784 return ret; 1811 return rc;
1785} 1812}
1786 1813
1787int 1814int
1788test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx) 1815test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx)
1789{ 1816{
1790 BIGNUM *a, *b[2], *c, *d, *e, *f; 1817 BIGNUM *a, *b[2], *c, *d, *e, *f;
1791 int i, j, ret = 0; 1818 int i, j, rc = 0;
1792 int p0[] = { 163, 7, 6, 3, 0, -1 }; 1819 int p0[] = { 163, 7, 6, 3, 0, -1 };
1793 int p1[] = { 193, 15, 0, -1 }; 1820 int p1[] = { 193, 15, 0, -1 };
1794 1821
@@ -1800,38 +1827,38 @@ test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx)
1800 e = BN_new(); 1827 e = BN_new();
1801 f = BN_new(); 1828 f = BN_new();
1802 1829
1803 BN_GF2m_arr2poly(p0, b[0]); 1830 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1804 BN_GF2m_arr2poly(p1, b[1]); 1831 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1805 1832
1806 for (i = 0; i < num0; i++) { 1833 for (i = 0; i < num0; i++) {
1807 BN_bntest_rand(a, 512, 0, 0); 1834 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1808 BN_bntest_rand(c, 512, 0, 0); 1835 CHECK_GOTO(BN_bntest_rand(c, 512, 0, 0));
1809 BN_bntest_rand(d, 512, 0, 0); 1836 CHECK_GOTO(BN_bntest_rand(d, 512, 0, 0));
1810 for (j = 0; j < 2; j++) { 1837 for (j = 0; j < 2; j++) {
1811 BN_GF2m_mod_exp(e, a, c, b[j], ctx); 1838 CHECK_GOTO(BN_GF2m_mod_exp(e, a, c, b[j], ctx));
1812 BN_GF2m_mod_exp(f, a, d, b[j], ctx); 1839 CHECK_GOTO(BN_GF2m_mod_exp(f, a, d, b[j], ctx));
1813 BN_GF2m_mod_mul(e, e, f, b[j], ctx); 1840 CHECK_GOTO(BN_GF2m_mod_mul(e, e, f, b[j], ctx));
1814 BN_add(f, c, d); 1841 CHECK_GOTO(BN_add(f, c, d));
1815 BN_GF2m_mod_exp(f, a, f, b[j], ctx); 1842 CHECK_GOTO(BN_GF2m_mod_exp(f, a, f, b[j], ctx));
1816#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1843#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1817 if (bp != NULL) { 1844 if (bp != NULL) {
1818 if (!results) { 1845 if (!results) {
1819 BN_print(bp, a); 1846 CHECK_GOTO(BN_print(bp, a));
1820 BIO_puts(bp, " ^ ("); 1847 BIO_puts(bp, " ^ (");
1821 BN_print(bp, c); 1848 CHECK_GOTO(BN_print(bp, c));
1822 BIO_puts(bp, " + "); 1849 BIO_puts(bp, " + ");
1823 BN_print(bp, d); 1850 CHECK_GOTO(BN_print(bp, d));
1824 BIO_puts(bp, ") = "); 1851 BIO_puts(bp, ") = ");
1825 BN_print(bp, e); 1852 CHECK_GOTO(BN_print(bp, e));
1826 BIO_puts(bp, "; - "); 1853 BIO_puts(bp, "; - ");
1827 BN_print(bp, f); 1854 CHECK_GOTO(BN_print(bp, f));
1828 BIO_puts(bp, " % "); 1855 BIO_puts(bp, " % ");
1829 BN_print(bp, b[j]); 1856 CHECK_GOTO(BN_print(bp, b[j]));
1830 BIO_puts(bp, "\n"); 1857 BIO_puts(bp, "\n");
1831 } 1858 }
1832 } 1859 }
1833#endif 1860#endif
1834 BN_GF2m_add(f, e, f); 1861 CHECK_GOTO(BN_GF2m_add(f, e, f));
1835 /* Test that a^(c+d)=a^c*a^d. */ 1862 /* Test that a^(c+d)=a^c*a^d. */
1836 if (!BN_is_zero(f)) { 1863 if (!BN_is_zero(f)) {
1837 fprintf(stderr, "GF(2^m) modular exponentiation test failed!\n"); 1864 fprintf(stderr, "GF(2^m) modular exponentiation test failed!\n");
@@ -1839,7 +1866,7 @@ test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx)
1839 } 1866 }
1840 } 1867 }
1841 } 1868 }
1842 ret = 1; 1869 rc = 1;
1843err: 1870err:
1844 BN_free(a); 1871 BN_free(a);
1845 BN_free(b[0]); 1872 BN_free(b[0]);
@@ -1848,14 +1875,14 @@ err:
1848 BN_free(d); 1875 BN_free(d);
1849 BN_free(e); 1876 BN_free(e);
1850 BN_free(f); 1877 BN_free(f);
1851 return ret; 1878 return rc;
1852} 1879}
1853 1880
1854int 1881int
1855test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx) 1882test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx)
1856{ 1883{
1857 BIGNUM *a, *b[2], *c, *d, *e, *f; 1884 BIGNUM *a, *b[2], *c, *d, *e, *f;
1858 int i, j, ret = 0; 1885 int i, j, rc = 0;
1859 int p0[] = { 163, 7, 6, 3, 0, -1 }; 1886 int p0[] = { 163, 7, 6, 3, 0, -1 };
1860 int p1[] = { 193, 15, 0, -1 }; 1887 int p1[] = { 193, 15, 0, -1 };
1861 1888
@@ -1867,26 +1894,26 @@ test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx)
1867 e = BN_new(); 1894 e = BN_new();
1868 f = BN_new(); 1895 f = BN_new();
1869 1896
1870 BN_GF2m_arr2poly(p0, b[0]); 1897 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1871 BN_GF2m_arr2poly(p1, b[1]); 1898 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1872 1899
1873 for (i = 0; i < num0; i++) { 1900 for (i = 0; i < num0; i++) {
1874 BN_bntest_rand(a, 512, 0, 0); 1901 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1875 for (j = 0; j < 2; j++) { 1902 for (j = 0; j < 2; j++) {
1876 BN_GF2m_mod(c, a, b[j]); 1903 CHECK_GOTO(BN_GF2m_mod(c, a, b[j]));
1877 BN_GF2m_mod_sqrt(d, a, b[j], ctx); 1904 CHECK_GOTO(BN_GF2m_mod_sqrt(d, a, b[j], ctx));
1878 BN_GF2m_mod_sqr(e, d, b[j], ctx); 1905 CHECK_GOTO(BN_GF2m_mod_sqr(e, d, b[j], ctx));
1879#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1906#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1880 if (bp != NULL) { 1907 if (bp != NULL) {
1881 if (!results) { 1908 if (!results) {
1882 BN_print(bp, d); 1909 CHECK_GOTO(BN_print(bp, d));
1883 BIO_puts(bp, " ^ 2 - "); 1910 BIO_puts(bp, " ^ 2 - ");
1884 BN_print(bp, a); 1911 CHECK_GOTO(BN_print(bp, a));
1885 BIO_puts(bp, "\n"); 1912 BIO_puts(bp, "\n");
1886 } 1913 }
1887 } 1914 }
1888#endif 1915#endif
1889 BN_GF2m_add(f, c, e); 1916 CHECK_GOTO(BN_GF2m_add(f, c, e));
1890 /* Test that d^2 = a, where d = sqrt(a). */ 1917 /* Test that d^2 = a, where d = sqrt(a). */
1891 if (!BN_is_zero(f)) { 1918 if (!BN_is_zero(f)) {
1892 fprintf(stderr, "GF(2^m) modular square root test failed!\n"); 1919 fprintf(stderr, "GF(2^m) modular square root test failed!\n");
@@ -1894,7 +1921,7 @@ test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx)
1894 } 1921 }
1895 } 1922 }
1896 } 1923 }
1897 ret = 1; 1924 rc = 1;
1898err: 1925err:
1899 BN_free(a); 1926 BN_free(a);
1900 BN_free(b[0]); 1927 BN_free(b[0]);
@@ -1903,14 +1930,14 @@ err:
1903 BN_free(d); 1930 BN_free(d);
1904 BN_free(e); 1931 BN_free(e);
1905 BN_free(f); 1932 BN_free(f);
1906 return ret; 1933 return rc;
1907} 1934}
1908 1935
1909int 1936int
1910test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx) 1937test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
1911{ 1938{
1912 BIGNUM *a, *b[2], *c, *d, *e; 1939 BIGNUM *a, *b[2], *c, *d, *e;
1913 int i, j, s = 0, t, ret = 0; 1940 int i, j, s = 0, t, rc = 0;
1914 int p0[] = { 163, 7, 6, 3, 0, -1 }; 1941 int p0[] = { 163, 7, 6, 3, 0, -1 };
1915 int p1[] = { 193, 15, 0, -1 }; 1942 int p1[] = { 193, 15, 0, -1 };
1916 1943
@@ -1921,31 +1948,31 @@ test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
1921 d = BN_new(); 1948 d = BN_new();
1922 e = BN_new(); 1949 e = BN_new();
1923 1950
1924 BN_GF2m_arr2poly(p0, b[0]); 1951 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1925 BN_GF2m_arr2poly(p1, b[1]); 1952 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1926 1953
1927 for (i = 0; i < num0; i++) { 1954 for (i = 0; i < num0; i++) {
1928 BN_bntest_rand(a, 512, 0, 0); 1955 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1929 for (j = 0; j < 2; j++) { 1956 for (j = 0; j < 2; j++) {
1930 t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx); 1957 t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
1931 if (t) { 1958 if (t) {
1932 s++; 1959 s++;
1933 BN_GF2m_mod_sqr(d, c, b[j], ctx); 1960 CHECK_GOTO(BN_GF2m_mod_sqr(d, c, b[j], ctx));
1934 BN_GF2m_add(d, c, d); 1961 CHECK_GOTO(BN_GF2m_add(d, c, d));
1935 BN_GF2m_mod(e, a, b[j]); 1962 CHECK_GOTO(BN_GF2m_mod(e, a, b[j]));
1936#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */ 1963#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1937 if (bp != NULL) { 1964 if (bp != NULL) {
1938 if (!results) { 1965 if (!results) {
1939 BN_print(bp, c); 1966 CHECK_GOTO(BN_print(bp, c));
1940 BIO_puts(bp, " is root of z^2 + z = "); 1967 BIO_puts(bp, " is root of z^2 + z = ");
1941 BN_print(bp, a); 1968 CHECK_GOTO(BN_print(bp, a));
1942 BIO_puts(bp, " % "); 1969 BIO_puts(bp, " % ");
1943 BN_print(bp, b[j]); 1970 CHECK_GOTO(BN_print(bp, b[j]));
1944 BIO_puts(bp, "\n"); 1971 BIO_puts(bp, "\n");
1945 } 1972 }
1946 } 1973 }
1947#endif 1974#endif
1948 BN_GF2m_add(e, e, d); 1975 CHECK_GOTO(BN_GF2m_add(e, e, d));
1949 /* Test that solution of quadratic c satisfies c^2 + c = a. */ 1976 /* Test that solution of quadratic c satisfies c^2 + c = a. */
1950 if (!BN_is_zero(e)) { 1977 if (!BN_is_zero(e)) {
1951 fprintf(stderr, "GF(2^m) modular solve quadratic test failed!\n"); 1978 fprintf(stderr, "GF(2^m) modular solve quadratic test failed!\n");
@@ -1957,9 +1984,9 @@ test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
1957 if (bp != NULL) { 1984 if (bp != NULL) {
1958 if (!results) { 1985 if (!results) {
1959 BIO_puts(bp, "There are no roots of z^2 + z = "); 1986 BIO_puts(bp, "There are no roots of z^2 + z = ");
1960 BN_print(bp, a); 1987 CHECK_GOTO(BN_print(bp, a));
1961 BIO_puts(bp, " % "); 1988 BIO_puts(bp, " % ");
1962 BN_print(bp, b[j]); 1989 CHECK_GOTO(BN_print(bp, b[j]));
1963 BIO_puts(bp, "\n"); 1990 BIO_puts(bp, "\n");
1964 } 1991 }
1965 } 1992 }
@@ -1972,7 +1999,7 @@ test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
1972 fprintf(stderr, "this is very unlikely and probably indicates an error.\n"); 1999 fprintf(stderr, "this is very unlikely and probably indicates an error.\n");
1973 goto err; 2000 goto err;
1974 } 2001 }
1975 ret = 1; 2002 rc = 1;
1976err: 2003err:
1977 BN_free(a); 2004 BN_free(a);
1978 BN_free(b[0]); 2005 BN_free(b[0]);
@@ -1980,7 +2007,7 @@ err:
1980 BN_free(c); 2007 BN_free(c);
1981 BN_free(d); 2008 BN_free(d);
1982 BN_free(e); 2009 BN_free(e);
1983 return ret; 2010 return rc;
1984} 2011}
1985#endif 2012#endif
1986static int 2013static int
@@ -2008,7 +2035,7 @@ test_kron(BIO *bp, BN_CTX *ctx)
2008 BIGNUM *a, *b, *r, *t; 2035 BIGNUM *a, *b, *r, *t;
2009 int i; 2036 int i;
2010 int legendre, kronecker; 2037 int legendre, kronecker;
2011 int ret = 0; 2038 int rc = 0;
2012 2039
2013 a = BN_new(); 2040 a = BN_new();
2014 b = BN_new(); 2041 b = BN_new();
@@ -2077,9 +2104,9 @@ test_kron(BIO *bp, BN_CTX *ctx)
2077 2104
2078 if (legendre != kronecker) { 2105 if (legendre != kronecker) {
2079 fprintf(stderr, "legendre != kronecker; a = "); 2106 fprintf(stderr, "legendre != kronecker; a = ");
2080 BN_print_fp(stderr, a); 2107 CHECK_GOTO(BN_print_fp(stderr, a));
2081 fprintf(stderr, ", b = "); 2108 fprintf(stderr, ", b = ");
2082 BN_print_fp(stderr, b); 2109 CHECK_GOTO(BN_print_fp(stderr, b));
2083 fprintf(stderr, "\n"); 2110 fprintf(stderr, "\n");
2084 goto err; 2111 goto err;
2085 } 2112 }
@@ -2090,13 +2117,13 @@ test_kron(BIO *bp, BN_CTX *ctx)
2090 2117
2091 putc('\n', stderr); 2118 putc('\n', stderr);
2092 fflush(stderr); 2119 fflush(stderr);
2093 ret = 1; 2120 rc = 1;
2094err: 2121err:
2095 BN_free(a); 2122 BN_free(a);
2096 BN_free(b); 2123 BN_free(b);
2097 BN_free(r); 2124 BN_free(r);
2098 BN_free(t); 2125 BN_free(t);
2099 return ret; 2126 return rc;
2100} 2127}
2101 2128
2102int 2129int
@@ -2105,7 +2132,7 @@ test_sqrt(BIO *bp, BN_CTX *ctx)
2105 BN_GENCB cb; 2132 BN_GENCB cb;
2106 BIGNUM *a, *p, *r; 2133 BIGNUM *a, *p, *r;
2107 int i, j; 2134 int i, j;
2108 int ret = 0; 2135 int rc = 0;
2109 2136
2110 a = BN_new(); 2137 a = BN_new();
2111 p = BN_new(); 2138 p = BN_new();
@@ -2166,11 +2193,11 @@ test_sqrt(BIO *bp, BN_CTX *ctx)
2166 2193
2167 if (BN_cmp(a, r) != 0) { 2194 if (BN_cmp(a, r) != 0) {
2168 fprintf(stderr, "BN_mod_sqrt failed: a = "); 2195 fprintf(stderr, "BN_mod_sqrt failed: a = ");
2169 BN_print_fp(stderr, a); 2196 CHECK_GOTO(BN_print_fp(stderr, a));
2170 fprintf(stderr, ", r = "); 2197 fprintf(stderr, ", r = ");
2171 BN_print_fp(stderr, r); 2198 CHECK_GOTO(BN_print_fp(stderr, r));
2172 fprintf(stderr, ", p = "); 2199 fprintf(stderr, ", p = ");
2173 BN_print_fp(stderr, p); 2200 CHECK_GOTO(BN_print_fp(stderr, p));
2174 fprintf(stderr, "\n"); 2201 fprintf(stderr, "\n");
2175 goto err; 2202 goto err;
2176 } 2203 }
@@ -2182,63 +2209,64 @@ test_sqrt(BIO *bp, BN_CTX *ctx)
2182 putc('\n', stderr); 2209 putc('\n', stderr);
2183 fflush(stderr); 2210 fflush(stderr);
2184 } 2211 }
2185 ret = 1; 2212 rc = 1;
2186err: 2213err:
2187 BN_free(a); 2214 BN_free(a);
2188 BN_free(p); 2215 BN_free(p);
2189 BN_free(r); 2216 BN_free(r);
2190 return ret; 2217 return rc;
2191} 2218}
2192 2219
2193int 2220int
2194test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_) 2221test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_)
2195{ 2222{
2196 BIGNUM *a, *b, *c, *d; 2223 BIGNUM *a = NULL, *b, *c, *d;
2197 int i; 2224 int i;
2198 int rc = 1; 2225 int rc = 1;
2199 2226
2200 b = BN_new(); 2227 b = BN_new();
2201 c = BN_new(); 2228 c = BN_new();
2202 d = BN_new(); 2229 d = BN_new();
2203 BN_one(c); 2230 CHECK_GOTO(BN_one(c));
2204 2231
2205 if (a_) 2232 if (a_)
2206 a = a_; 2233 a = a_;
2207 else { 2234 else {
2208 a = BN_new(); 2235 a = BN_new();
2209 BN_bntest_rand(a, 200, 0, 0); 2236 CHECK_GOTO(BN_bntest_rand(a, 200, 0, 0));
2210 a->neg = rand_neg(); 2237 a->neg = rand_neg();
2211 } 2238 }
2212 for (i = 0; i < num0; i++) { 2239 for (i = 0; i < num0; i++) {
2213 (void)BN_lshift(b, a, i + 1); 2240 CHECK_GOTO(BN_lshift(b, a, i + 1));
2214 BN_add(c, c, c); 2241 CHECK_GOTO(BN_add(c, c, c));
2215 if (bp != NULL) { 2242 if (bp != NULL) {
2216 if (!results) { 2243 if (!results) {
2217 BN_print(bp, a); 2244 CHECK_GOTO(BN_print(bp, a));
2218 BIO_puts(bp, " * "); 2245 BIO_puts(bp, " * ");
2219 BN_print(bp, c); 2246 CHECK_GOTO(BN_print(bp, c));
2220 BIO_puts(bp, " - "); 2247 BIO_puts(bp, " - ");
2221 } 2248 }
2222 BN_print(bp, b); 2249 CHECK_GOTO(BN_print(bp, b));
2223 BIO_puts(bp, "\n"); 2250 BIO_puts(bp, "\n");
2224 } 2251 }
2225 BN_mul(d, a, c, ctx); 2252 CHECK_GOTO(BN_mul(d, a, c, ctx));
2226 BN_sub(d, d, b); 2253 CHECK_GOTO(BN_sub(d, d, b));
2227 if (!BN_is_zero(d)) { 2254 if (!BN_is_zero(d)) {
2228 fprintf(stderr, "Left shift test failed!\n"); 2255 fprintf(stderr, "Left shift test failed!\n");
2229 fprintf(stderr, "a="); 2256 fprintf(stderr, "a=");
2230 BN_print_fp(stderr, a); 2257 CHECK_GOTO(BN_print_fp(stderr, a));
2231 fprintf(stderr, "\nb="); 2258 fprintf(stderr, "\nb=");
2232 BN_print_fp(stderr, b); 2259 CHECK_GOTO(BN_print_fp(stderr, b));
2233 fprintf(stderr, "\nc="); 2260 fprintf(stderr, "\nc=");
2234 BN_print_fp(stderr, c); 2261 CHECK_GOTO(BN_print_fp(stderr, c));
2235 fprintf(stderr, "\nd="); 2262 fprintf(stderr, "\nd=");
2236 BN_print_fp(stderr, d); 2263 CHECK_GOTO(BN_print_fp(stderr, d));
2237 fprintf(stderr, "\n"); 2264 fprintf(stderr, "\n");
2238 rc = 0; 2265 rc = 0;
2239 break; 2266 break;
2240 } 2267 }
2241 } 2268 }
2269err:
2242 BN_free(a); 2270 BN_free(a);
2243 BN_free(b); 2271 BN_free(b);
2244 BN_free(c); 2272 BN_free(c);
@@ -2257,29 +2285,30 @@ test_lshift1(BIO *bp)
2257 b = BN_new(); 2285 b = BN_new();
2258 c = BN_new(); 2286 c = BN_new();
2259 2287
2260 BN_bntest_rand(a, 200, 0, 0); 2288 CHECK_GOTO(BN_bntest_rand(a, 200, 0, 0));
2261 a->neg = rand_neg(); 2289 a->neg = rand_neg();
2262 for (i = 0; i < num0; i++) { 2290 for (i = 0; i < num0; i++) {
2263 (void)BN_lshift1(b, a); 2291 CHECK_GOTO(BN_lshift1(b, a));
2264 if (bp != NULL) { 2292 if (bp != NULL) {
2265 if (!results) { 2293 if (!results) {
2266 BN_print(bp, a); 2294 CHECK_GOTO(BN_print(bp, a));
2267 BIO_puts(bp, " * 2"); 2295 BIO_puts(bp, " * 2");
2268 BIO_puts(bp, " - "); 2296 BIO_puts(bp, " - ");
2269 } 2297 }
2270 BN_print(bp, b); 2298 CHECK_GOTO(BN_print(bp, b));
2271 BIO_puts(bp, "\n"); 2299 BIO_puts(bp, "\n");
2272 } 2300 }
2273 BN_add(c, a, a); 2301 CHECK_GOTO(BN_add(c, a, a));
2274 BN_sub(a, b, c); 2302 CHECK_GOTO(BN_sub(a, b, c));
2275 if (!BN_is_zero(a)) { 2303 if (!BN_is_zero(a)) {
2276 fprintf(stderr, "Left shift one test failed!\n"); 2304 fprintf(stderr, "Left shift one test failed!\n");
2277 rc = 0; 2305 rc = 0;
2278 break; 2306 break;
2279 } 2307 }
2280 2308
2281 BN_copy(a, b); 2309 CHECK_GOTO(BN_copy(a, b));
2282 } 2310 }
2311err:
2283 BN_free(a); 2312 BN_free(a);
2284 BN_free(b); 2313 BN_free(b);
2285 BN_free(c); 2314 BN_free(c);
@@ -2298,31 +2327,32 @@ test_rshift(BIO *bp, BN_CTX *ctx)
2298 c = BN_new(); 2327 c = BN_new();
2299 d = BN_new(); 2328 d = BN_new();
2300 e = BN_new(); 2329 e = BN_new();
2301 BN_one(c); 2330 CHECK_GOTO(BN_one(c));
2302 2331
2303 BN_bntest_rand(a, 200, 0, 0); 2332 CHECK_GOTO(BN_bntest_rand(a, 200, 0, 0));
2304 a->neg = rand_neg(); 2333 a->neg = rand_neg();
2305 for (i = 0; i < num0; i++) { 2334 for (i = 0; i < num0; i++) {
2306 (void)BN_rshift(b, a, i + 1); 2335 CHECK_GOTO(BN_rshift(b, a, i + 1));
2307 BN_add(c, c, c); 2336 CHECK_GOTO(BN_add(c, c, c));
2308 if (bp != NULL) { 2337 if (bp != NULL) {
2309 if (!results) { 2338 if (!results) {
2310 BN_print(bp, a); 2339 CHECK_GOTO(BN_print(bp, a));
2311 BIO_puts(bp, " / "); 2340 BIO_puts(bp, " / ");
2312 BN_print(bp, c); 2341 CHECK_GOTO(BN_print(bp, c));
2313 BIO_puts(bp, " - "); 2342 BIO_puts(bp, " - ");
2314 } 2343 }
2315 BN_print(bp, b); 2344 CHECK_GOTO(BN_print(bp, b));
2316 BIO_puts(bp, "\n"); 2345 BIO_puts(bp, "\n");
2317 } 2346 }
2318 BN_div(d, e, a, c, ctx); 2347 CHECK_GOTO(BN_div(d, e, a, c, ctx));
2319 BN_sub(d, d, b); 2348 CHECK_GOTO(BN_sub(d, d, b));
2320 if (!BN_is_zero(d)) { 2349 if (!BN_is_zero(d)) {
2321 fprintf(stderr, "Right shift test failed!\n"); 2350 fprintf(stderr, "Right shift test failed!\n");
2322 rc = 0; 2351 rc = 0;
2323 break; 2352 break;
2324 } 2353 }
2325 } 2354 }
2355err:
2326 BN_free(a); 2356 BN_free(a);
2327 BN_free(b); 2357 BN_free(b);
2328 BN_free(c); 2358 BN_free(c);
@@ -2342,28 +2372,29 @@ test_rshift1(BIO *bp)
2342 b = BN_new(); 2372 b = BN_new();
2343 c = BN_new(); 2373 c = BN_new();
2344 2374
2345 BN_bntest_rand(a, 200, 0, 0); 2375 CHECK_GOTO(BN_bntest_rand(a, 200, 0, 0));
2346 a->neg = rand_neg(); 2376 a->neg = rand_neg();
2347 for (i = 0; i < num0; i++) { 2377 for (i = 0; i < num0; i++) {
2348 (void)BN_rshift1(b, a); 2378 CHECK_GOTO(BN_rshift1(b, a));
2349 if (bp != NULL) { 2379 if (bp != NULL) {
2350 if (!results) { 2380 if (!results) {
2351 BN_print(bp, a); 2381 CHECK_GOTO(BN_print(bp, a));
2352 BIO_puts(bp, " / 2"); 2382 BIO_puts(bp, " / 2");
2353 BIO_puts(bp, " - "); 2383 BIO_puts(bp, " - ");
2354 } 2384 }
2355 BN_print(bp, b); 2385 CHECK_GOTO(BN_print(bp, b));
2356 BIO_puts(bp, "\n"); 2386 BIO_puts(bp, "\n");
2357 } 2387 }
2358 BN_sub(c, a, b); 2388 CHECK_GOTO(BN_sub(c, a, b));
2359 BN_sub(c, c, b); 2389 CHECK_GOTO(BN_sub(c, c, b));
2360 if (!BN_is_zero(c) && !BN_abs_is_word(c, 1)) { 2390 if (!BN_is_zero(c) && !BN_abs_is_word(c, 1)) {
2361 fprintf(stderr, "Right shift one test failed!\n"); 2391 fprintf(stderr, "Right shift one test failed!\n");
2362 rc = 0; 2392 rc = 0;
2363 break; 2393 break;
2364 } 2394 }
2365 BN_copy(a, b); 2395 CHECK_GOTO(BN_copy(a, b));
2366 } 2396 }
2397err:
2367 BN_free(a); 2398 BN_free(a);
2368 BN_free(b); 2399 BN_free(b);
2369 BN_free(c); 2400 BN_free(c);
@@ -2382,17 +2413,17 @@ rand_neg(void)
2382int 2413int
2383test_mod_exp_sizes(BIO *bp, BN_CTX *ctx) 2414test_mod_exp_sizes(BIO *bp, BN_CTX *ctx)
2384{ 2415{
2385 BN_MONT_CTX *mont_ctx; 2416 BN_MONT_CTX *mont_ctx = NULL;
2386 BIGNUM *p, *x, *y, *r, *r2; 2417 BIGNUM *p, *x, *y, *r, *r2;
2387 int size; 2418 int size;
2388 int ok = 0; 2419 int rc = 0;
2389 2420
2390 BN_CTX_start(ctx); 2421 BN_CTX_start(ctx);
2391 p = BN_CTX_get(ctx); 2422 CHECK_GOTO(p = BN_CTX_get(ctx));
2392 x = BN_CTX_get(ctx); 2423 CHECK_GOTO(x = BN_CTX_get(ctx));
2393 y = BN_CTX_get(ctx); 2424 CHECK_GOTO(y = BN_CTX_get(ctx));
2394 r = BN_CTX_get(ctx); 2425 CHECK_GOTO(r = BN_CTX_get(ctx));
2395 r2 = BN_CTX_get(ctx); 2426 CHECK_GOTO(r2 = BN_CTX_get(ctx));
2396 mont_ctx = BN_MONT_CTX_new(); 2427 mont_ctx = BN_MONT_CTX_new();
2397 2428
2398 if (r2 == NULL || mont_ctx == NULL) 2429 if (r2 == NULL || mont_ctx == NULL)
@@ -2410,8 +2441,10 @@ test_mod_exp_sizes(BIO *bp, BN_CTX *ctx)
2410 goto err; 2441 goto err;
2411 2442
2412 if (BN_cmp(r, r2) != 0) { 2443 if (BN_cmp(r, r2) != 0) {
2413 char *r_str = BN_bn2hex(r); 2444 char *r_str = NULL;
2414 char *r2_str = BN_bn2hex(r2); 2445 char *r2_str = NULL;
2446 CHECK_GOTO(r_str = BN_bn2hex(r));
2447 CHECK_GOTO(r2_str = BN_bn2hex(r2));
2415 2448
2416 printf("Incorrect answer at size %d: %s vs %s\n", 2449 printf("Incorrect answer at size %d: %s vs %s\n",
2417 size, r_str, r2_str); 2450 size, r_str, r2_str);
@@ -2421,10 +2454,10 @@ test_mod_exp_sizes(BIO *bp, BN_CTX *ctx)
2421 } 2454 }
2422 } 2455 }
2423 2456
2424 ok = 1; 2457 rc = 1;
2425 2458
2426err: 2459err:
2427 BN_MONT_CTX_free(mont_ctx); 2460 BN_MONT_CTX_free(mont_ctx);
2428 BN_CTX_end(ctx); 2461 BN_CTX_end(ctx);
2429 return ok; 2462 return rc;
2430} 2463}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 20:03:55 +0000