1 files changed, 78 insertions, 1 deletions
diff --git a/src/regress/lib/libcrypto/bn/general/bntest.c b/src/regress/lib/libcrypto/bn/general/bntest.c
index 7e5e6ed81b..98616c37b2 100644
--- a/src/regress/lib/libcrypto/bn/general/bntest.c
+++ b/src/regress/lib/libcrypto/bn/general/bntest.c
@@ -1236,15 +1236,19 @@ err:
 int
 test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
 {
-        BIGNUM *a, *p, *m, *d, *e;
+        BIGNUM *a, *p, *m, *d, *e, *b, *n, *c;
        int rc = 1;
        BN_MONT_CTX *mont;
+        char *bigstring;
        a = BN_new();
        p = BN_new();
        m = BN_new();
        d = BN_new();
        e = BN_new();
+        b = BN_new();
+        n = BN_new();
+        c = BN_new();
        mont = BN_MONT_CTX_new();
@@ -1261,6 +1265,76 @@ test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
                rc = 0;
                goto err;
        }
+        /* Regression test for carry bug in mulx4x_mont */
+        BN_hex2bn(&a,
+            "7878787878787878787878787878787878787878787878787878787878787878"
+            "7878787878787878787878787878787878787878787878787878787878787878"
+            "7878787878787878787878787878787878787878787878787878787878787878"
+            "7878787878787878787878787878787878787878787878787878787878787878");
+        BN_hex2bn(&b,
+            "095D72C08C097BA488C5E439C655A192EAFB6380073D8C2664668EDDB4060744"
+            "E16E57FB4EDB9AE10A0CEFCDC28A894F689A128379DB279D48A2E20849D68593"
+            "9B7803BCF46CEBF5C533FB0DD35B080593DE5472E3FE5DB951B8BFF9B4CB8F03"
+            "9CC638A5EE8CDD703719F8000E6A9F63BEED5F2FCD52FF293EA05A251BB4AB81");
+        BN_hex2bn(&n,
+            "D78AF684E71DB0C39CFF4E64FB9DB567132CB9C50CC98009FEB820B26F2DED9B"
+            "91B9B5E2B83AE0AE4EB4E0523CA726BFBE969B89FD754F674CE99118C3F2D1C5"
+            "D81FDC7C54E02B60262B241D53C040E99E45826ECA37A804668E690E1AFC1CA4"
+            "2C9A15D84D4954425F0B7642FC0BD9D7B24E2618D2DCC9B729D944BADACFDDAF");
+        BN_MONT_CTX_set(mont, n, ctx);
+        BN_mod_mul_montgomery(c, a, b, mont, ctx);
+        BN_mod_mul_montgomery(d, b, a, mont, ctx);
+        if (BN_cmp(c, d)) {
+                fprintf(stderr, "Montgomery multiplication test failed:"
+                    " a*b != b*a.\n");
+                rc = 0;
+                goto err;
+        }
+        /* Regression test for carry bug in sqr[x]8x_mont */
+        BN_hex2bn(&n,
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF00"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "00000000000000000000000000000000000000000000000000FFFFFFFFFFFFFF");
+        BN_hex2bn(&a,
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF0000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "0000000000000000000000000000000000000000000000000000000000000000"
+            "000000000000000000000000000000000000000000FFFFFFFFFFFFFF00000000");
+        b = BN_dup(a);
+        BN_MONT_CTX_set(mont, n, ctx);
+        BN_mod_mul_montgomery(c, a, a, mont, ctx);
+        BN_mod_mul_montgomery(d, a, b, mont, ctx);
+        if (BN_cmp(c, d)) {
+                fprintf(stderr, "Montgomery multiplication test failed:"
+                    " a**2 != a*a.\n");
+                rc = 0;
+                goto err;
+        }
        /* Zero input */
        BN_bntest_rand(p, 1024, 0, 0);
        BN_zero(a);
@@ -1318,6 +1392,9 @@ err:
        BN_free(m);
        BN_free(d);
        BN_free(e);
+        BN_free(b);
+        BN_free(n);
+        BN_free(c);
        return (rc);
 }

diff --git a/src/regress/lib/libcrypto/bn/general/bntest.c b/src/regress/lib/libcrypto/bn/general/bntest.c index 7e5e6ed81b..98616c37b2 100644 --- a/src/regress/lib/libcrypto/bn/general/bntest.c +++ b/src/regress/lib/libcrypto/bn/general/bntest.c
@@ -1236,15 +1236,19 @@ err:
1236	int	1236	int
1237	test_mod_exp_mont5(BIO bp, BN_CTX ctx)	1237	test_mod_exp_mont5(BIO bp, BN_CTX ctx)
1238	{	1238	{
1239	BIGNUM a, p, m, d, *e;	1239	BIGNUM a, p, m, d, e, b, n, c;
1240	int rc = 1;	1240	int rc = 1;
1241	BN_MONT_CTX *mont;	1241	BN_MONT_CTX *mont;
		1242	char *bigstring;
1242		1243
1243	a = BN_new();	1244	a = BN_new();
1244	p = BN_new();	1245	p = BN_new();
1245	m = BN_new();	1246	m = BN_new();
1246	d = BN_new();	1247	d = BN_new();
1247	e = BN_new();	1248	e = BN_new();
		1249	b = BN_new();
		1250	n = BN_new();
		1251	c = BN_new();
1248		1252
1249	mont = BN_MONT_CTX_new();	1253	mont = BN_MONT_CTX_new();
1250		1254
@@ -1261,6 +1265,76 @@ test_mod_exp_mont5(BIO bp, BN_CTX ctx)
1261	rc = 0;	1265	rc = 0;
1262	goto err;	1266	goto err;
1263	}	1267	}
		1268	/* Regression test for carry bug in mulx4x_mont */
		1269	BN_hex2bn(&a,
		1270	"7878787878787878787878787878787878787878787878787878787878787878"
		1271	"7878787878787878787878787878787878787878787878787878787878787878"
		1272	"7878787878787878787878787878787878787878787878787878787878787878"
		1273	"7878787878787878787878787878787878787878787878787878787878787878");
		1274	BN_hex2bn(&b,
		1275	"095D72C08C097BA488C5E439C655A192EAFB6380073D8C2664668EDDB4060744"
		1276	"E16E57FB4EDB9AE10A0CEFCDC28A894F689A128379DB279D48A2E20849D68593"
		1277	"9B7803BCF46CEBF5C533FB0DD35B080593DE5472E3FE5DB951B8BFF9B4CB8F03"
		1278	"9CC638A5EE8CDD703719F8000E6A9F63BEED5F2FCD52FF293EA05A251BB4AB81");
		1279	BN_hex2bn(&n,
		1280	"D78AF684E71DB0C39CFF4E64FB9DB567132CB9C50CC98009FEB820B26F2DED9B"
		1281	"91B9B5E2B83AE0AE4EB4E0523CA726BFBE969B89FD754F674CE99118C3F2D1C5"
		1282	"D81FDC7C54E02B60262B241D53C040E99E45826ECA37A804668E690E1AFC1CA4"
		1283	"2C9A15D84D4954425F0B7642FC0BD9D7B24E2618D2DCC9B729D944BADACFDDAF");
		1284	BN_MONT_CTX_set(mont, n, ctx);
		1285	BN_mod_mul_montgomery(c, a, b, mont, ctx);
		1286	BN_mod_mul_montgomery(d, b, a, mont, ctx);
		1287	if (BN_cmp(c, d)) {
		1288	fprintf(stderr, "Montgomery multiplication test failed:"
		1289	" ab != ba.\n");
		1290	rc = 0;
		1291	goto err;
		1292	}
		1293	/* Regression test for carry bug in sqr[x]8x_mont */
		1294	BN_hex2bn(&n,
		1295	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1296	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1297	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1298	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1299	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1300	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1301	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1302	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF00"
		1303	"0000000000000000000000000000000000000000000000000000000000000000"
		1304	"0000000000000000000000000000000000000000000000000000000000000000"
		1305	"0000000000000000000000000000000000000000000000000000000000000000"
		1306	"0000000000000000000000000000000000000000000000000000000000000000"
		1307	"0000000000000000000000000000000000000000000000000000000000000000"
		1308	"0000000000000000000000000000000000000000000000000000000000000000"
		1309	"0000000000000000000000000000000000000000000000000000000000000000"
		1310	"00000000000000000000000000000000000000000000000000FFFFFFFFFFFFFF");
		1311	BN_hex2bn(&a,
		1312	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1313	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1314	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1315	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1316	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1317	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1318	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
		1319	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF0000000000"
		1320	"0000000000000000000000000000000000000000000000000000000000000000"
		1321	"0000000000000000000000000000000000000000000000000000000000000000"
		1322	"0000000000000000000000000000000000000000000000000000000000000000"
		1323	"0000000000000000000000000000000000000000000000000000000000000000"
		1324	"0000000000000000000000000000000000000000000000000000000000000000"
		1325	"0000000000000000000000000000000000000000000000000000000000000000"
		1326	"0000000000000000000000000000000000000000000000000000000000000000"
		1327	"000000000000000000000000000000000000000000FFFFFFFFFFFFFF00000000");
		1328	b = BN_dup(a);
		1329	BN_MONT_CTX_set(mont, n, ctx);
		1330	BN_mod_mul_montgomery(c, a, a, mont, ctx);
		1331	BN_mod_mul_montgomery(d, a, b, mont, ctx);
		1332	if (BN_cmp(c, d)) {
		1333	fprintf(stderr, "Montgomery multiplication test failed:"
		1334	" a*2 != aa.\n");
		1335	rc = 0;
		1336	goto err;
		1337	}
1264	/* Zero input */	1338	/* Zero input */
1265	BN_bntest_rand(p, 1024, 0, 0);	1339	BN_bntest_rand(p, 1024, 0, 0);
1266	BN_zero(a);	1340	BN_zero(a);
@@ -1318,6 +1392,9 @@ err:
1318	BN_free(m);	1392	BN_free(m);
1319	BN_free(d);	1393	BN_free(d);
1320	BN_free(e);	1394	BN_free(e);
		1395	BN_free(b);
		1396	BN_free(n);
		1397	BN_free(c);
1321	return (rc);	1398	return (rc);
1322	}	1399	}
1323		1400