summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortb <>2023-04-17 19:56:39 +0000
committertb <>2023-04-17 19:56:39 +0000
commit032f9584cf89b41c93b6689824f88df7669ddba1 (patch)
tree285c41d7629d481ea8dbdf9aa0a8d2c723c5d46f /src
parent479d1af67b76ef61da4df1b019d68b21407471f6 (diff)
downloadopenbsd-032f9584cf89b41c93b6689824f88df7669ddba1.tar.gz
openbsd-032f9584cf89b41c93b6689824f88df7669ddba1.tar.bz2
openbsd-032f9584cf89b41c93b6689824f88df7669ddba1.zip
Drop GF2m tests
The code they test will go away soon.
Diffstat (limited to 'src')
-rw-r--r--src/regress/lib/libcrypto/bn/bn_test.c648
1 files changed, 1 insertions, 647 deletions
diff --git a/src/regress/lib/libcrypto/bn/bn_test.c b/src/regress/lib/libcrypto/bn/bn_test.c
index 51fd5873a6..37765ef137 100644
--- a/src/regress/lib/libcrypto/bn/bn_test.c
+++ b/src/regress/lib/libcrypto/bn/bn_test.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_test.c,v 1.15 2023/04/10 20:59:33 tb Exp $ */ 1/* $OpenBSD: bn_test.c,v 1.16 2023/04/17 19:56:39 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -102,15 +102,6 @@ int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx);
102int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx); 102int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx);
103int test_mod_exp_sizes(BIO *bp, BN_CTX *ctx); 103int test_mod_exp_sizes(BIO *bp, BN_CTX *ctx);
104int test_exp(BIO *bp, BN_CTX *ctx); 104int test_exp(BIO *bp, BN_CTX *ctx);
105int test_gf2m_add(BIO *bp, BN_CTX *ctx);
106int test_gf2m_mod(BIO *bp, BN_CTX *ctx);
107int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx);
108int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx);
109int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx);
110int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx);
111int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx);
112int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx);
113int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx);
114int test_kron(BIO *bp, BN_CTX *ctx); 105int test_kron(BIO *bp, BN_CTX *ctx);
115int test_sqrt(BIO *bp, BN_CTX *ctx); 106int test_sqrt(BIO *bp, BN_CTX *ctx);
116int rand_neg(void); 107int rand_neg(void);
@@ -288,53 +279,6 @@ main(int argc, char *argv[])
288 goto err; 279 goto err;
289 (void)BIO_flush(out); 280 (void)BIO_flush(out);
290 281
291#ifndef OPENSSL_NO_EC2M
292 message(out, "BN_GF2m_add");
293 if (!test_gf2m_add(out, ctx))
294 goto err;
295 (void)BIO_flush(out);
296
297 message(out, "BN_GF2m_mod");
298 if (!test_gf2m_mod(out, ctx))
299 goto err;
300 (void)BIO_flush(out);
301
302 message(out, "BN_GF2m_mod_mul");
303 if (!test_gf2m_mod_mul(out, ctx))
304 goto err;
305 (void)BIO_flush(out);
306
307 message(out, "BN_GF2m_mod_sqr");
308 if (!test_gf2m_mod_sqr(out, ctx))
309 goto err;
310 (void)BIO_flush(out);
311
312 message(out, "BN_GF2m_mod_inv");
313 if (!test_gf2m_mod_inv(out, ctx))
314 goto err;
315 (void)BIO_flush(out);
316
317 message(out, "BN_GF2m_mod_div");
318 if (!test_gf2m_mod_div(out, ctx))
319 goto err;
320 (void)BIO_flush(out);
321
322 message(out, "BN_GF2m_mod_exp");
323 if (!test_gf2m_mod_exp(out, ctx))
324 goto err;
325 (void)BIO_flush(out);
326
327 message(out, "BN_GF2m_mod_sqrt");
328 if (!test_gf2m_mod_sqrt(out, ctx))
329 goto err;
330 (void)BIO_flush(out);
331
332 message(out, "BN_GF2m_mod_solve_quad");
333 if (!test_gf2m_mod_solve_quad(out, ctx))
334 goto err;
335 (void)BIO_flush(out);
336#endif
337
338 BN_CTX_free(ctx); 282 BN_CTX_free(ctx);
339 BIO_free(out); 283 BIO_free(out);
340 284
@@ -1488,596 +1432,6 @@ test_exp(BIO *bp, BN_CTX *ctx)
1488 return ret; 1432 return ret;
1489} 1433}
1490 1434
1491#ifndef OPENSSL_NO_EC2M
1492int
1493test_gf2m_add(BIO *bp, BN_CTX *ctx)
1494{
1495 BIGNUM *a, *b, *c;
1496 int i;
1497 int ret = 0;
1498
1499 BN_CTX_start(ctx);
1500
1501 if ((a = BN_CTX_get(ctx)) == NULL)
1502 goto err;
1503 if ((b = BN_CTX_get(ctx)) == NULL)
1504 goto err;
1505 if ((c = BN_CTX_get(ctx)) == NULL)
1506 goto err;
1507
1508 for (i = 0; i < num0; i++) {
1509 CHECK_GOTO(BN_rand(a, 512, 0, 0));
1510 CHECK_GOTO(bn_copy(b, BN_value_one()));
1511 BN_set_negative(a, rand_neg());
1512 BN_set_negative(b, rand_neg());
1513 CHECK_GOTO(BN_GF2m_add(c, a, b));
1514#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1515 if (bp != NULL) {
1516 if (!results) {
1517 CHECK_GOTO(BN_print(bp, a));
1518 BIO_puts(bp, " ^ ");
1519 CHECK_GOTO(BN_print(bp, b));
1520 BIO_puts(bp, " = ");
1521 }
1522 CHECK_GOTO(BN_print(bp, c));
1523 BIO_puts(bp, "\n");
1524 }
1525#endif
1526 /* Test that two added values have the correct parity. */
1527 if ((BN_is_odd(a) && BN_is_odd(c))
1528 || (!BN_is_odd(a) && !BN_is_odd(c))) {
1529 fprintf(stderr, "GF(2^m) addition test (a) failed!\n");
1530 goto err;
1531 }
1532 CHECK_GOTO(BN_GF2m_add(c, c, c));
1533 /* Test that c + c = 0. */
1534 if (!BN_is_zero(c)) {
1535 fprintf(stderr, "GF(2^m) addition test (b) failed!\n");
1536 goto err;
1537 }
1538 }
1539
1540 ret = 1;
1541 err:
1542 BN_CTX_end(ctx);
1543
1544 return ret;
1545}
1546
1547int
1548test_gf2m_mod(BIO *bp, BN_CTX *ctx)
1549{
1550 BIGNUM *a, *b[2] = { 0 }, *c, *d, *e;
1551 int p0[] = { 163, 7, 6, 3, 0, -1 };
1552 int p1[] = { 193, 15, 0, -1, 0 };
1553 int i, j;
1554 int ret = 0;
1555
1556 BN_CTX_start(ctx);
1557
1558 if ((a = BN_CTX_get(ctx)) == NULL)
1559 goto err;
1560 if ((b[0] = BN_CTX_get(ctx)) == NULL)
1561 goto err;
1562 if ((b[1] = BN_CTX_get(ctx)) == NULL)
1563 goto err;
1564 if ((c = BN_CTX_get(ctx)) == NULL)
1565 goto err;
1566 if ((d = BN_CTX_get(ctx)) == NULL)
1567 goto err;
1568 if ((e = BN_CTX_get(ctx)) == NULL)
1569 goto err;
1570
1571 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1572 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1573
1574 for (i = 0; i < num0; i++) {
1575 CHECK_GOTO(BN_bntest_rand(a, 1024, 0, 0));
1576 for (j = 0; j < 2; j++) {
1577 CHECK_GOTO(BN_GF2m_mod(c, a, b[j]));
1578#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1579 if (bp != NULL) {
1580 if (!results) {
1581 CHECK_GOTO(BN_print(bp, a));
1582 BIO_puts(bp, " % ");
1583 CHECK_GOTO(BN_print(bp, b[j]));
1584 BIO_puts(bp, " - ");
1585 CHECK_GOTO(BN_print(bp, c));
1586 BIO_puts(bp, "\n");
1587 }
1588 }
1589#endif
1590 CHECK_GOTO(BN_GF2m_add(d, a, c));
1591 CHECK_GOTO(BN_GF2m_mod(e, d, b[j]));
1592 /* Test that a + (a mod p) mod p == 0. */
1593 if (!BN_is_zero(e)) {
1594 fprintf(stderr, "GF(2^m) modulo test failed!\n");
1595 goto err;
1596 }
1597 }
1598 }
1599
1600 ret = 1;
1601 err:
1602 BN_CTX_end(ctx);
1603
1604 return ret;
1605}
1606
1607int
1608test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx)
1609{
1610 BIGNUM *a, *b[2] = { 0 }, *c, *d, *e, *f, *g, *h;
1611 int p0[] = { 163, 7, 6, 3, 0, -1 };
1612 int p1[] = { 193, 15, 0, -1 };
1613 int i, j;
1614 int ret = 0;
1615
1616 BN_CTX_start(ctx);
1617
1618 if ((a = BN_CTX_get(ctx)) == NULL)
1619 goto err;
1620 if ((b[0] = BN_CTX_get(ctx)) == NULL)
1621 goto err;
1622 if ((b[1] = BN_CTX_get(ctx)) == NULL)
1623 goto err;
1624 if ((c = BN_CTX_get(ctx)) == NULL)
1625 goto err;
1626 if ((d = BN_CTX_get(ctx)) == NULL)
1627 goto err;
1628 if ((e = BN_CTX_get(ctx)) == NULL)
1629 goto err;
1630 if ((f = BN_CTX_get(ctx)) == NULL)
1631 goto err;
1632 if ((g = BN_CTX_get(ctx)) == NULL)
1633 goto err;
1634 if ((h = BN_CTX_get(ctx)) == NULL)
1635 goto err;
1636
1637 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1638 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1639
1640 for (i = 0; i < num0; i++) {
1641 CHECK_GOTO(BN_bntest_rand(a, 1024, 0, 0));
1642 CHECK_GOTO(BN_bntest_rand(c, 1024, 0, 0));
1643 CHECK_GOTO(BN_bntest_rand(d, 1024, 0, 0));
1644 for (j = 0; j < 2; j++) {
1645 CHECK_GOTO(BN_GF2m_mod_mul(e, a, c, b[j], ctx));
1646#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1647 if (bp != NULL) {
1648 if (!results) {
1649 CHECK_GOTO(BN_print(bp, a));
1650 BIO_puts(bp, " * ");
1651 CHECK_GOTO(BN_print(bp, c));
1652 BIO_puts(bp, " % ");
1653 CHECK_GOTO(BN_print(bp, b[j]));
1654 BIO_puts(bp, " - ");
1655 CHECK_GOTO(BN_print(bp, e));
1656 BIO_puts(bp, "\n");
1657 }
1658 }
1659#endif
1660 CHECK_GOTO(BN_GF2m_add(f, a, d));
1661 CHECK_GOTO(BN_GF2m_mod_mul(g, f, c, b[j], ctx));
1662 CHECK_GOTO(BN_GF2m_mod_mul(h, d, c, b[j], ctx));
1663 CHECK_GOTO(BN_GF2m_add(f, e, g));
1664 CHECK_GOTO(BN_GF2m_add(f, f, h));
1665 /* Test that (a+d)*c = a*c + d*c. */
1666 if (!BN_is_zero(f)) {
1667 fprintf(stderr, "GF(2^m) modular multiplication test failed!\n");
1668 goto err;
1669 }
1670 }
1671 }
1672
1673 ret = 1;
1674 err:
1675 BN_CTX_end(ctx);
1676
1677 return ret;
1678}
1679
1680int
1681test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx)
1682{
1683 BIGNUM *a, *b[2] = { 0 }, *c, *d;
1684 int p0[] = { 163, 7, 6, 3, 0, -1 };
1685 int p1[] = { 193, 15, 0, -1 };
1686 int i, j;
1687 int ret = 0;
1688
1689 BN_CTX_start(ctx);
1690
1691 if ((a = BN_CTX_get(ctx)) == NULL)
1692 goto err;
1693 if ((b[0] = BN_CTX_get(ctx)) == NULL)
1694 goto err;
1695 if ((b[1] = BN_CTX_get(ctx)) == NULL)
1696 goto err;
1697 if ((c = BN_CTX_get(ctx)) == NULL)
1698 goto err;
1699 if ((d = BN_CTX_get(ctx)) == NULL)
1700 goto err;
1701
1702 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1703 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1704
1705 for (i = 0; i < num0; i++) {
1706 CHECK_GOTO(BN_bntest_rand(a, 1024, 0, 0));
1707 for (j = 0; j < 2; j++) {
1708 CHECK_GOTO(BN_GF2m_mod_sqr(c, a, b[j], ctx));
1709 CHECK_GOTO(bn_copy(d, a));
1710 CHECK_GOTO(BN_GF2m_mod_mul(d, a, d, b[j], ctx));
1711#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1712 if (bp != NULL) {
1713 if (!results) {
1714 CHECK_GOTO(BN_print(bp, a));
1715 BIO_puts(bp, " ^ 2 % ");
1716 CHECK_GOTO(BN_print(bp, b[j]));
1717 BIO_puts(bp, " = ");
1718 CHECK_GOTO(BN_print(bp, c));
1719 BIO_puts(bp, "; a * a = ");
1720 CHECK_GOTO(BN_print(bp, d));
1721 BIO_puts(bp, "\n");
1722 }
1723 }
1724#endif
1725 CHECK_GOTO(BN_GF2m_add(d, c, d));
1726 /* Test that a*a = a^2. */
1727 if (!BN_is_zero(d)) {
1728 fprintf(stderr, "GF(2^m) modular squaring test failed!\n");
1729 goto err;
1730 }
1731 }
1732 }
1733
1734 ret = 1;
1735 err:
1736 BN_CTX_end(ctx);
1737
1738 return ret;
1739}
1740
1741int
1742test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx)
1743{
1744 BIGNUM *a, *b[2] = { 0 }, *c, *d;
1745 int p0[] = { 163, 7, 6, 3, 0, -1 };
1746 int p1[] = { 193, 15, 0, -1 };
1747 int i, j;
1748 int ret = 0;
1749
1750 BN_CTX_start(ctx);
1751
1752 if ((a = BN_CTX_get(ctx)) == NULL)
1753 goto err;
1754 if ((b[0] = BN_CTX_get(ctx)) == NULL)
1755 goto err;
1756 if ((b[1] = BN_CTX_get(ctx)) == NULL)
1757 goto err;
1758 if ((c = BN_CTX_get(ctx)) == NULL)
1759 goto err;
1760 if ((d = BN_CTX_get(ctx)) == NULL)
1761 goto err;
1762
1763 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1764 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1765
1766 for (i = 0; i < num0; i++) {
1767 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1768 for (j = 0; j < 2; j++) {
1769 CHECK_GOTO(BN_GF2m_mod_inv(c, a, b[j], ctx));
1770 CHECK_GOTO(BN_GF2m_mod_mul(d, a, c, b[j], ctx));
1771#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1772 if (bp != NULL) {
1773 if (!results) {
1774 CHECK_GOTO(BN_print(bp, a));
1775 BIO_puts(bp, " * ");
1776 CHECK_GOTO(BN_print(bp, c));
1777 BIO_puts(bp, " - 1 % ");
1778 CHECK_GOTO(BN_print(bp, b[j]));
1779 BIO_puts(bp, "\n");
1780 }
1781 }
1782#endif
1783 /* Test that ((1/a)*a) = 1. */
1784 if (!BN_is_one(d)) {
1785 fprintf(stderr, "GF(2^m) modular inversion test failed!\n");
1786 goto err;
1787 }
1788 }
1789 }
1790
1791 ret = 1;
1792 err:
1793 BN_CTX_end(ctx);
1794
1795 return ret;
1796}
1797
1798int
1799test_gf2m_mod_div(BIO *bp, BN_CTX *ctx)
1800{
1801 BIGNUM *a, *b[2] = { 0 }, *c, *d, *e, *f;
1802 int p0[] = { 163, 7, 6, 3, 0, -1 };
1803 int p1[] = { 193, 15, 0, -1 };
1804 int i, j;
1805 int ret = 0;
1806
1807 BN_CTX_start(ctx);
1808
1809 if ((a = BN_CTX_get(ctx)) == NULL)
1810 goto err;
1811 if ((b[0] = BN_CTX_get(ctx)) == NULL)
1812 goto err;
1813 if ((b[1] = BN_CTX_get(ctx)) == NULL)
1814 goto err;
1815 if ((c = BN_CTX_get(ctx)) == NULL)
1816 goto err;
1817 if ((d = BN_CTX_get(ctx)) == NULL)
1818 goto err;
1819 if ((e = BN_CTX_get(ctx)) == NULL)
1820 goto err;
1821 if ((f = BN_CTX_get(ctx)) == NULL)
1822 goto err;
1823
1824 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1825 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1826
1827 for (i = 0; i < num0; i++) {
1828 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1829 CHECK_GOTO(BN_bntest_rand(c, 512, 0, 0));
1830 for (j = 0; j < 2; j++) {
1831 CHECK_GOTO(BN_GF2m_mod_div(d, a, c, b[j], ctx));
1832 CHECK_GOTO(BN_GF2m_mod_mul(e, d, c, b[j], ctx));
1833 CHECK_GOTO(BN_GF2m_mod_div(f, a, e, b[j], ctx));
1834#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1835 if (bp != NULL) {
1836 if (!results) {
1837 CHECK_GOTO(BN_print(bp, a));
1838 BIO_puts(bp, " = ");
1839 CHECK_GOTO(BN_print(bp, c));
1840 BIO_puts(bp, " * ");
1841 CHECK_GOTO(BN_print(bp, d));
1842 BIO_puts(bp, " % ");
1843 CHECK_GOTO(BN_print(bp, b[j]));
1844 BIO_puts(bp, "\n");
1845 }
1846 }
1847#endif
1848 /* Test that ((a/c)*c)/a = 1. */
1849 if (!BN_is_one(f)) {
1850 fprintf(stderr, "GF(2^m) modular division test failed!\n");
1851 goto err;
1852 }
1853 }
1854 }
1855
1856 ret = 1;
1857 err:
1858 BN_CTX_end(ctx);
1859
1860 return ret;
1861}
1862
1863int
1864test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx)
1865{
1866 BIGNUM *a, *b[2] = { 0 }, *c, *d, *e, *f;
1867 int p0[] = { 163, 7, 6, 3, 0, -1 };
1868 int p1[] = { 193, 15, 0, -1 };
1869 int i, j;
1870 int ret = 0;
1871
1872 BN_CTX_start(ctx);
1873
1874 if ((a = BN_CTX_get(ctx)) == NULL)
1875 goto err;
1876 if ((b[0] = BN_CTX_get(ctx)) == NULL)
1877 goto err;
1878 if ((b[1] = BN_CTX_get(ctx)) == NULL)
1879 goto err;
1880 if ((c = BN_CTX_get(ctx)) == NULL)
1881 goto err;
1882 if ((d = BN_CTX_get(ctx)) == NULL)
1883 goto err;
1884 if ((e = BN_CTX_get(ctx)) == NULL)
1885 goto err;
1886 if ((f = BN_CTX_get(ctx)) == NULL)
1887 goto err;
1888
1889 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1890 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1891
1892 for (i = 0; i < num0; i++) {
1893 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1894 CHECK_GOTO(BN_bntest_rand(c, 512, 0, 0));
1895 CHECK_GOTO(BN_bntest_rand(d, 512, 0, 0));
1896 for (j = 0; j < 2; j++) {
1897 CHECK_GOTO(BN_GF2m_mod_exp(e, a, c, b[j], ctx));
1898 CHECK_GOTO(BN_GF2m_mod_exp(f, a, d, b[j], ctx));
1899 CHECK_GOTO(BN_GF2m_mod_mul(e, e, f, b[j], ctx));
1900 CHECK_GOTO(BN_add(f, c, d));
1901 CHECK_GOTO(BN_GF2m_mod_exp(f, a, f, b[j], ctx));
1902#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1903 if (bp != NULL) {
1904 if (!results) {
1905 CHECK_GOTO(BN_print(bp, a));
1906 BIO_puts(bp, " ^ (");
1907 CHECK_GOTO(BN_print(bp, c));
1908 BIO_puts(bp, " + ");
1909 CHECK_GOTO(BN_print(bp, d));
1910 BIO_puts(bp, ") = ");
1911 CHECK_GOTO(BN_print(bp, e));
1912 BIO_puts(bp, "; - ");
1913 CHECK_GOTO(BN_print(bp, f));
1914 BIO_puts(bp, " % ");
1915 CHECK_GOTO(BN_print(bp, b[j]));
1916 BIO_puts(bp, "\n");
1917 }
1918 }
1919#endif
1920 CHECK_GOTO(BN_GF2m_add(f, e, f));
1921 /* Test that a^(c+d)=a^c*a^d. */
1922 if (!BN_is_zero(f)) {
1923 fprintf(stderr, "GF(2^m) modular exponentiation test failed!\n");
1924 goto err;
1925 }
1926 }
1927 }
1928
1929 ret = 1;
1930 err:
1931 BN_CTX_end(ctx);
1932
1933 return ret;
1934}
1935
1936int
1937test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx)
1938{
1939 BIGNUM *a, *b[2] = { 0 }, *c, *d, *e, *f;
1940 int p0[] = { 163, 7, 6, 3, 0, -1 };
1941 int p1[] = { 193, 15, 0, -1 };
1942 int i, j;
1943 int ret = 0;
1944
1945 BN_CTX_start(ctx);
1946
1947 if ((a = BN_CTX_get(ctx)) == NULL)
1948 goto err;
1949 if ((b[0] = BN_CTX_get(ctx)) == NULL)
1950 goto err;
1951 if ((b[1] = BN_CTX_get(ctx)) == NULL)
1952 goto err;
1953 if ((c = BN_CTX_get(ctx)) == NULL)
1954 goto err;
1955 if ((d = BN_CTX_get(ctx)) == NULL)
1956 goto err;
1957 if ((e = BN_CTX_get(ctx)) == NULL)
1958 goto err;
1959 if ((f = BN_CTX_get(ctx)) == NULL)
1960 goto err;
1961
1962 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
1963 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
1964
1965 for (i = 0; i < num0; i++) {
1966 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
1967 for (j = 0; j < 2; j++) {
1968 CHECK_GOTO(BN_GF2m_mod(c, a, b[j]));
1969 CHECK_GOTO(BN_GF2m_mod_sqrt(d, a, b[j], ctx));
1970 CHECK_GOTO(BN_GF2m_mod_sqr(e, d, b[j], ctx));
1971#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1972 if (bp != NULL) {
1973 if (!results) {
1974 CHECK_GOTO(BN_print(bp, d));
1975 BIO_puts(bp, " ^ 2 - ");
1976 CHECK_GOTO(BN_print(bp, a));
1977 BIO_puts(bp, "\n");
1978 }
1979 }
1980#endif
1981 CHECK_GOTO(BN_GF2m_add(f, c, e));
1982 /* Test that d^2 = a, where d = sqrt(a). */
1983 if (!BN_is_zero(f)) {
1984 fprintf(stderr, "GF(2^m) modular square root test failed!\n");
1985 goto err;
1986 }
1987 }
1988 }
1989
1990 ret = 1;
1991 err:
1992 BN_CTX_end(ctx);
1993
1994 return ret;
1995}
1996
1997int
1998test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
1999{
2000 BIGNUM *a, *b[2] = { 0 }, *c, *d, *e;
2001 int p0[] = { 163, 7, 6, 3, 0, -1 };
2002 int p1[] = { 193, 15, 0, -1 };
2003 int i, j, s = 0, t;
2004 int ret = 0;
2005
2006 BN_CTX_start(ctx);
2007
2008 if ((a = BN_CTX_get(ctx)) == NULL)
2009 goto err;
2010 if ((b[0] = BN_CTX_get(ctx)) == NULL)
2011 goto err;
2012 if ((b[1] = BN_CTX_get(ctx)) == NULL)
2013 goto err;
2014 if ((c = BN_CTX_get(ctx)) == NULL)
2015 goto err;
2016 if ((d = BN_CTX_get(ctx)) == NULL)
2017 goto err;
2018 if ((e = BN_CTX_get(ctx)) == NULL)
2019 goto err;
2020
2021 CHECK_GOTO(BN_GF2m_arr2poly(p0, b[0]));
2022 CHECK_GOTO(BN_GF2m_arr2poly(p1, b[1]));
2023
2024 for (i = 0; i < num0; i++) {
2025 CHECK_GOTO(BN_bntest_rand(a, 512, 0, 0));
2026 for (j = 0; j < 2; j++) {
2027 t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
2028 if (t) {
2029 s++;
2030 CHECK_GOTO(BN_GF2m_mod_sqr(d, c, b[j], ctx));
2031 CHECK_GOTO(BN_GF2m_add(d, c, d));
2032 CHECK_GOTO(BN_GF2m_mod(e, a, b[j]));
2033#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
2034 if (bp != NULL) {
2035 if (!results) {
2036 CHECK_GOTO(BN_print(bp, c));
2037 BIO_puts(bp, " is root of z^2 + z = ");
2038 CHECK_GOTO(BN_print(bp, a));
2039 BIO_puts(bp, " % ");
2040 CHECK_GOTO(BN_print(bp, b[j]));
2041 BIO_puts(bp, "\n");
2042 }
2043 }
2044#endif
2045 CHECK_GOTO(BN_GF2m_add(e, e, d));
2046 /* Test that solution of quadratic c satisfies c^2 + c = a. */
2047 if (!BN_is_zero(e)) {
2048 fprintf(stderr, "GF(2^m) modular solve quadratic test failed!\n");
2049 goto err;
2050 }
2051
2052 } else {
2053#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
2054 if (bp != NULL) {
2055 if (!results) {
2056 BIO_puts(bp, "There are no roots of z^2 + z = ");
2057 CHECK_GOTO(BN_print(bp, a));
2058 BIO_puts(bp, " % ");
2059 CHECK_GOTO(BN_print(bp, b[j]));
2060 BIO_puts(bp, "\n");
2061 }
2062 }
2063#endif
2064 }
2065 }
2066 }
2067 if (s == 0) {
2068 fprintf(stderr, "All %d tests of GF(2^m) modular solve quadratic resulted in no roots;\n", num0);
2069 fprintf(stderr, "this is very unlikely and probably indicates an error.\n");
2070 goto err;
2071 }
2072
2073 ret = 1;
2074 err:
2075 BN_CTX_end(ctx);
2076
2077 return ret;
2078}
2079#endif
2080
2081static int 1435static int
2082genprime_cb(int p, int n, BN_GENCB *arg) 1436genprime_cb(int p, int n, BN_GENCB *arg)
2083{ 1437{
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-29 01:22:54 +0000