diff options
Diffstat (limited to 'src/lib/libcrypto/bn/bntest.c')
-rw-r--r-- | src/lib/libcrypto/bn/bntest.c | 1008 |
1 files changed, 737 insertions, 271 deletions
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c index 9ebd68b429..443cf420e5 100644 --- a/src/lib/libcrypto/bn/bntest.c +++ b/src/lib/libcrypto/bn/bntest.c | |||
@@ -59,65 +59,70 @@ | |||
59 | #include <stdio.h> | 59 | #include <stdio.h> |
60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
61 | #include <string.h> | 61 | #include <string.h> |
62 | |||
62 | #include "e_os.h" | 63 | #include "e_os.h" |
63 | #include "bio.h" | ||
64 | #include "bn.h" | ||
65 | #include "rand.h" | ||
66 | #include "x509.h" | ||
67 | #include "err.h" | ||
68 | 64 | ||
69 | #ifdef WINDOWS | 65 | #include <openssl/bio.h> |
66 | #include <openssl/bn.h> | ||
67 | #include <openssl/rand.h> | ||
68 | #include <openssl/x509.h> | ||
69 | #include <openssl/err.h> | ||
70 | |||
71 | #ifdef OPENSSL_SYS_WINDOWS | ||
70 | #include "../bio/bss_file.c" | 72 | #include "../bio/bss_file.c" |
71 | #endif | 73 | #endif |
72 | 74 | ||
73 | #ifndef NOPROTO | 75 | const int num0 = 100; /* number of tests */ |
74 | int test_add (BIO *bp); | 76 | const int num1 = 50; /* additional tests for some functions */ |
75 | int test_sub (BIO *bp); | 77 | const int num2 = 5; /* number of tests for slow functions */ |
76 | int test_lshift1 (BIO *bp); | 78 | |
77 | int test_lshift (BIO *bp); | 79 | int test_add(BIO *bp); |
78 | int test_rshift1 (BIO *bp); | 80 | int test_sub(BIO *bp); |
79 | int test_rshift (BIO *bp); | 81 | int test_lshift1(BIO *bp); |
80 | int test_div (BIO *bp,BN_CTX *ctx); | 82 | int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_); |
81 | int test_mul (BIO *bp); | 83 | int test_rshift1(BIO *bp); |
82 | int test_sqr (BIO *bp,BN_CTX *ctx); | 84 | int test_rshift(BIO *bp,BN_CTX *ctx); |
83 | int test_mont (BIO *bp,BN_CTX *ctx); | 85 | int test_div(BIO *bp,BN_CTX *ctx); |
84 | int test_mod (BIO *bp,BN_CTX *ctx); | 86 | int test_div_recp(BIO *bp,BN_CTX *ctx); |
85 | int test_mod_mul (BIO *bp,BN_CTX *ctx); | 87 | int test_mul(BIO *bp); |
86 | int test_mod_exp (BIO *bp,BN_CTX *ctx); | 88 | int test_sqr(BIO *bp,BN_CTX *ctx); |
89 | int test_mont(BIO *bp,BN_CTX *ctx); | ||
90 | int test_mod(BIO *bp,BN_CTX *ctx); | ||
91 | int test_mod_mul(BIO *bp,BN_CTX *ctx); | ||
92 | int test_mod_exp(BIO *bp,BN_CTX *ctx); | ||
93 | int test_exp(BIO *bp,BN_CTX *ctx); | ||
94 | int test_kron(BIO *bp,BN_CTX *ctx); | ||
95 | int test_sqrt(BIO *bp,BN_CTX *ctx); | ||
87 | int rand_neg(void); | 96 | int rand_neg(void); |
88 | #else | ||
89 | int test_add (); | ||
90 | int test_sub (); | ||
91 | int test_lshift1 (); | ||
92 | int test_lshift (); | ||
93 | int test_rshift1 (); | ||
94 | int test_rshift (); | ||
95 | int test_div (); | ||
96 | int test_mul (); | ||
97 | int test_sqr (); | ||
98 | int test_mont (); | ||
99 | int test_mod (); | ||
100 | int test_mod_mul (); | ||
101 | int test_mod_exp (); | ||
102 | int rand_neg(); | ||
103 | #endif | ||
104 | |||
105 | static int results=0; | 97 | static int results=0; |
106 | 98 | ||
107 | #ifdef NO_STDIO | 99 | #ifdef OPENSSL_NO_STDIO |
108 | #define APPS_WIN16 | 100 | #define APPS_WIN16 |
109 | #include "bss_file.c" | 101 | #include "bss_file.c" |
110 | #endif | 102 | #endif |
111 | 103 | ||
112 | int main(argc,argv) | 104 | static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" |
113 | int argc; | 105 | "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; |
114 | char *argv[]; | 106 | |
107 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | ||
108 | |||
109 | static void message(BIO *out, char *m) | ||
110 | { | ||
111 | fprintf(stderr, "test %s\n", m); | ||
112 | BIO_puts(out, "print \"test "); | ||
113 | BIO_puts(out, m); | ||
114 | BIO_puts(out, "\\n\"\n"); | ||
115 | } | ||
116 | |||
117 | int main(int argc, char *argv[]) | ||
115 | { | 118 | { |
116 | BN_CTX *ctx; | 119 | BN_CTX *ctx; |
117 | BIO *out; | 120 | BIO *out; |
118 | char *outfile=NULL; | 121 | char *outfile=NULL; |
119 | 122 | ||
120 | srand((unsigned int)time(NULL)); | 123 | results = 0; |
124 | |||
125 | RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ | ||
121 | 126 | ||
122 | argc--; | 127 | argc--; |
123 | argv++; | 128 | argv++; |
@@ -156,361 +161,516 @@ char *argv[]; | |||
156 | if (!results) | 161 | if (!results) |
157 | BIO_puts(out,"obase=16\nibase=16\n"); | 162 | BIO_puts(out,"obase=16\nibase=16\n"); |
158 | 163 | ||
159 | fprintf(stderr,"test BN_add\n"); | 164 | message(out,"BN_add"); |
160 | if (!test_add(out)) goto err; | 165 | if (!test_add(out)) goto err; |
161 | fflush(stdout); | 166 | BIO_flush(out); |
162 | 167 | ||
163 | fprintf(stderr,"test BN_sub\n"); | 168 | message(out,"BN_sub"); |
164 | if (!test_sub(out)) goto err; | 169 | if (!test_sub(out)) goto err; |
165 | fflush(stdout); | 170 | BIO_flush(out); |
166 | 171 | ||
167 | fprintf(stderr,"test BN_lshift1\n"); | 172 | message(out,"BN_lshift1"); |
168 | if (!test_lshift1(out)) goto err; | 173 | if (!test_lshift1(out)) goto err; |
169 | fflush(stdout); | 174 | BIO_flush(out); |
175 | |||
176 | message(out,"BN_lshift (fixed)"); | ||
177 | if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) | ||
178 | goto err; | ||
179 | BIO_flush(out); | ||
170 | 180 | ||
171 | fprintf(stderr,"test BN_lshift\n"); | 181 | message(out,"BN_lshift"); |
172 | if (!test_lshift(out)) goto err; | 182 | if (!test_lshift(out,ctx,NULL)) goto err; |
173 | fflush(stdout); | 183 | BIO_flush(out); |
174 | 184 | ||
175 | fprintf(stderr,"test BN_rshift1\n"); | 185 | message(out,"BN_rshift1"); |
176 | if (!test_rshift1(out)) goto err; | 186 | if (!test_rshift1(out)) goto err; |
177 | fflush(stdout); | 187 | BIO_flush(out); |
178 | 188 | ||
179 | fprintf(stderr,"test BN_rshift\n"); | 189 | message(out,"BN_rshift"); |
180 | if (!test_rshift(out)) goto err; | 190 | if (!test_rshift(out,ctx)) goto err; |
181 | fflush(stdout); | 191 | BIO_flush(out); |
182 | 192 | ||
183 | fprintf(stderr,"test BN_sqr\n"); | 193 | message(out,"BN_sqr"); |
184 | if (!test_sqr(out,ctx)) goto err; | 194 | if (!test_sqr(out,ctx)) goto err; |
185 | fflush(stdout); | 195 | BIO_flush(out); |
186 | 196 | ||
187 | fprintf(stderr,"test BN_mul\n"); | 197 | message(out,"BN_mul"); |
188 | if (!test_mul(out)) goto err; | 198 | if (!test_mul(out)) goto err; |
189 | fflush(stdout); | 199 | BIO_flush(out); |
190 | 200 | ||
191 | fprintf(stderr,"test BN_div\n"); | 201 | message(out,"BN_div"); |
192 | if (!test_div(out,ctx)) goto err; | 202 | if (!test_div(out,ctx)) goto err; |
193 | fflush(stdout); | 203 | BIO_flush(out); |
194 | 204 | ||
195 | fprintf(stderr,"test BN_mod\n"); | 205 | message(out,"BN_div_recp"); |
206 | if (!test_div_recp(out,ctx)) goto err; | ||
207 | BIO_flush(out); | ||
208 | |||
209 | message(out,"BN_mod"); | ||
196 | if (!test_mod(out,ctx)) goto err; | 210 | if (!test_mod(out,ctx)) goto err; |
197 | fflush(stdout); | 211 | BIO_flush(out); |
198 | 212 | ||
199 | fprintf(stderr,"test BN_mod_mul\n"); | 213 | message(out,"BN_mod_mul"); |
200 | if (!test_mod_mul(out,ctx)) goto err; | 214 | if (!test_mod_mul(out,ctx)) goto err; |
201 | fflush(stdout); | 215 | BIO_flush(out); |
202 | 216 | ||
203 | /* | 217 | message(out,"BN_mont"); |
204 | fprintf(stderr,"test BN_mont\n"); | ||
205 | if (!test_mont(out,ctx)) goto err; | 218 | if (!test_mont(out,ctx)) goto err; |
206 | fflush(stdout); | 219 | BIO_flush(out); |
207 | */ | 220 | |
208 | fprintf(stderr,"test BN_mod_exp\n"); | 221 | message(out,"BN_mod_exp"); |
209 | if (!test_mod_exp(out,ctx)) goto err; | 222 | if (!test_mod_exp(out,ctx)) goto err; |
210 | fflush(stdout); | 223 | BIO_flush(out); |
224 | |||
225 | message(out,"BN_exp"); | ||
226 | if (!test_exp(out,ctx)) goto err; | ||
227 | BIO_flush(out); | ||
228 | |||
229 | message(out,"BN_kronecker"); | ||
230 | if (!test_kron(out,ctx)) goto err; | ||
231 | BIO_flush(out); | ||
232 | |||
233 | message(out,"BN_mod_sqrt"); | ||
234 | if (!test_sqrt(out,ctx)) goto err; | ||
235 | BIO_flush(out); | ||
236 | |||
237 | BN_CTX_free(ctx); | ||
238 | BIO_free(out); | ||
211 | 239 | ||
212 | /**/ | 240 | /**/ |
213 | exit(0); | 241 | exit(0); |
214 | err: | 242 | err: |
243 | BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices | ||
244 | * the failure, see test_bn in test/Makefile.ssl*/ | ||
245 | BIO_flush(out); | ||
215 | ERR_load_crypto_strings(); | 246 | ERR_load_crypto_strings(); |
216 | ERR_print_errors(out); | 247 | ERR_print_errors_fp(stderr); |
217 | exit(1); | 248 | exit(1); |
218 | return(1); | 249 | return(1); |
219 | } | 250 | } |
220 | 251 | ||
221 | int test_add(bp) | 252 | int test_add(BIO *bp) |
222 | BIO *bp; | ||
223 | { | 253 | { |
224 | BIGNUM *a,*b,*c; | 254 | BIGNUM a,b,c; |
225 | int i; | 255 | int i; |
226 | int j; | ||
227 | 256 | ||
228 | a=BN_new(); | 257 | BN_init(&a); |
229 | b=BN_new(); | 258 | BN_init(&b); |
230 | c=BN_new(); | 259 | BN_init(&c); |
231 | 260 | ||
232 | BN_rand(a,512,0,0); | 261 | BN_bntest_rand(&a,512,0,0); |
233 | for (i=0; i<100; i++) | 262 | for (i=0; i<num0; i++) |
234 | { | 263 | { |
235 | BN_rand(b,450+i,0,0); | 264 | BN_bntest_rand(&b,450+i,0,0); |
236 | a->neg=rand_neg(); | 265 | a.neg=rand_neg(); |
237 | b->neg=rand_neg(); | 266 | b.neg=rand_neg(); |
238 | if (bp == NULL) | 267 | BN_add(&c,&a,&b); |
239 | for (j=0; j<10000; j++) | ||
240 | BN_add(c,a,b); | ||
241 | BN_add(c,a,b); | ||
242 | if (bp != NULL) | 268 | if (bp != NULL) |
243 | { | 269 | { |
244 | if (!results) | 270 | if (!results) |
245 | { | 271 | { |
246 | BN_print(bp,a); | 272 | BN_print(bp,&a); |
247 | BIO_puts(bp," + "); | 273 | BIO_puts(bp," + "); |
248 | BN_print(bp,b); | 274 | BN_print(bp,&b); |
249 | BIO_puts(bp," - "); | 275 | BIO_puts(bp," - "); |
250 | } | 276 | } |
251 | BN_print(bp,c); | 277 | BN_print(bp,&c); |
252 | BIO_puts(bp,"\n"); | 278 | BIO_puts(bp,"\n"); |
253 | } | 279 | } |
280 | a.neg=!a.neg; | ||
281 | b.neg=!b.neg; | ||
282 | BN_add(&c,&c,&b); | ||
283 | BN_add(&c,&c,&a); | ||
284 | if(!BN_is_zero(&c)) | ||
285 | { | ||
286 | fprintf(stderr,"Add test failed!\n"); | ||
287 | return 0; | ||
288 | } | ||
254 | } | 289 | } |
255 | BN_free(a); | 290 | BN_free(&a); |
256 | BN_free(b); | 291 | BN_free(&b); |
257 | BN_free(c); | 292 | BN_free(&c); |
258 | return(1); | 293 | return(1); |
259 | } | 294 | } |
260 | 295 | ||
261 | int test_sub(bp) | 296 | int test_sub(BIO *bp) |
262 | BIO *bp; | ||
263 | { | 297 | { |
264 | BIGNUM *a,*b,*c; | 298 | BIGNUM a,b,c; |
265 | int i; | 299 | int i; |
266 | int j; | ||
267 | 300 | ||
268 | a=BN_new(); | 301 | BN_init(&a); |
269 | b=BN_new(); | 302 | BN_init(&b); |
270 | c=BN_new(); | 303 | BN_init(&c); |
271 | 304 | ||
272 | BN_rand(a,512,0,0); | 305 | for (i=0; i<num0+num1; i++) |
273 | for (i=0; i<100; i++) | ||
274 | { | 306 | { |
275 | BN_rand(b,400+i,0,0); | 307 | if (i < num1) |
276 | a->neg=rand_neg(); | 308 | { |
277 | b->neg=rand_neg(); | 309 | BN_bntest_rand(&a,512,0,0); |
278 | if (bp == NULL) | 310 | BN_copy(&b,&a); |
279 | for (j=0; j<10000; j++) | 311 | if (BN_set_bit(&a,i)==0) return(0); |
280 | BN_sub(c,a,b); | 312 | BN_add_word(&b,i); |
281 | BN_sub(c,a,b); | 313 | } |
314 | else | ||
315 | { | ||
316 | BN_bntest_rand(&b,400+i-num1,0,0); | ||
317 | a.neg=rand_neg(); | ||
318 | b.neg=rand_neg(); | ||
319 | } | ||
320 | BN_sub(&c,&a,&b); | ||
282 | if (bp != NULL) | 321 | if (bp != NULL) |
283 | { | 322 | { |
284 | if (!results) | 323 | if (!results) |
285 | { | 324 | { |
286 | BN_print(bp,a); | 325 | BN_print(bp,&a); |
287 | BIO_puts(bp," - "); | 326 | BIO_puts(bp," - "); |
288 | BN_print(bp,b); | 327 | BN_print(bp,&b); |
289 | BIO_puts(bp," - "); | 328 | BIO_puts(bp," - "); |
290 | } | 329 | } |
291 | BN_print(bp,c); | 330 | BN_print(bp,&c); |
292 | BIO_puts(bp,"\n"); | 331 | BIO_puts(bp,"\n"); |
293 | } | 332 | } |
333 | BN_add(&c,&c,&b); | ||
334 | BN_sub(&c,&c,&a); | ||
335 | if(!BN_is_zero(&c)) | ||
336 | { | ||
337 | fprintf(stderr,"Subtract test failed!\n"); | ||
338 | return 0; | ||
339 | } | ||
294 | } | 340 | } |
295 | BN_free(a); | 341 | BN_free(&a); |
296 | BN_free(b); | 342 | BN_free(&b); |
297 | BN_free(c); | 343 | BN_free(&c); |
298 | return(1); | 344 | return(1); |
299 | } | 345 | } |
300 | 346 | ||
301 | int test_div(bp,ctx) | 347 | int test_div(BIO *bp, BN_CTX *ctx) |
302 | BIO *bp; | ||
303 | BN_CTX *ctx; | ||
304 | { | 348 | { |
305 | BIGNUM *a,*b,*c,*d; | 349 | BIGNUM a,b,c,d,e; |
306 | int i; | 350 | int i; |
307 | int j; | ||
308 | 351 | ||
309 | a=BN_new(); | 352 | BN_init(&a); |
310 | b=BN_new(); | 353 | BN_init(&b); |
311 | c=BN_new(); | 354 | BN_init(&c); |
312 | d=BN_new(); | 355 | BN_init(&d); |
356 | BN_init(&e); | ||
313 | 357 | ||
314 | BN_rand(a,400,0,0); | 358 | for (i=0; i<num0+num1; i++) |
315 | for (i=0; i<100; i++) | ||
316 | { | 359 | { |
317 | BN_rand(b,50+i,0,0); | 360 | if (i < num1) |
318 | a->neg=rand_neg(); | 361 | { |
319 | b->neg=rand_neg(); | 362 | BN_bntest_rand(&a,400,0,0); |
320 | if (bp == NULL) | 363 | BN_copy(&b,&a); |
321 | for (j=0; j<100; j++) | 364 | BN_lshift(&a,&a,i); |
322 | BN_div(d,c,a,b,ctx); | 365 | BN_add_word(&a,i); |
323 | BN_div(d,c,a,b,ctx); | 366 | } |
367 | else | ||
368 | BN_bntest_rand(&b,50+3*(i-num1),0,0); | ||
369 | a.neg=rand_neg(); | ||
370 | b.neg=rand_neg(); | ||
371 | BN_div(&d,&c,&a,&b,ctx); | ||
324 | if (bp != NULL) | 372 | if (bp != NULL) |
325 | { | 373 | { |
326 | if (!results) | 374 | if (!results) |
327 | { | 375 | { |
328 | BN_print(bp,a); | 376 | BN_print(bp,&a); |
329 | BIO_puts(bp," / "); | 377 | BIO_puts(bp," / "); |
330 | BN_print(bp,b); | 378 | BN_print(bp,&b); |
331 | BIO_puts(bp," - "); | 379 | BIO_puts(bp," - "); |
332 | } | 380 | } |
333 | BN_print(bp,d); | 381 | BN_print(bp,&d); |
334 | BIO_puts(bp,"\n"); | 382 | BIO_puts(bp,"\n"); |
335 | 383 | ||
336 | if (!results) | 384 | if (!results) |
337 | { | 385 | { |
338 | BN_print(bp,a); | 386 | BN_print(bp,&a); |
339 | BIO_puts(bp," % "); | 387 | BIO_puts(bp," % "); |
340 | BN_print(bp,b); | 388 | BN_print(bp,&b); |
341 | BIO_puts(bp," - "); | 389 | BIO_puts(bp," - "); |
342 | } | 390 | } |
343 | BN_print(bp,c); | 391 | BN_print(bp,&c); |
344 | BIO_puts(bp,"\n"); | 392 | BIO_puts(bp,"\n"); |
345 | } | 393 | } |
394 | BN_mul(&e,&d,&b,ctx); | ||
395 | BN_add(&d,&e,&c); | ||
396 | BN_sub(&d,&d,&a); | ||
397 | if(!BN_is_zero(&d)) | ||
398 | { | ||
399 | fprintf(stderr,"Division test failed!\n"); | ||
400 | return 0; | ||
401 | } | ||
346 | } | 402 | } |
347 | BN_free(a); | 403 | BN_free(&a); |
348 | BN_free(b); | 404 | BN_free(&b); |
349 | BN_free(c); | 405 | BN_free(&c); |
350 | BN_free(d); | 406 | BN_free(&d); |
407 | BN_free(&e); | ||
351 | return(1); | 408 | return(1); |
352 | } | 409 | } |
353 | 410 | ||
354 | int test_mul(bp) | 411 | int test_div_recp(BIO *bp, BN_CTX *ctx) |
355 | BIO *bp; | ||
356 | { | 412 | { |
357 | BIGNUM *a,*b,*c; | 413 | BIGNUM a,b,c,d,e; |
414 | BN_RECP_CTX recp; | ||
358 | int i; | 415 | int i; |
359 | int j; | ||
360 | 416 | ||
361 | a=BN_new(); | 417 | BN_RECP_CTX_init(&recp); |
362 | b=BN_new(); | 418 | BN_init(&a); |
363 | c=BN_new(); | 419 | BN_init(&b); |
420 | BN_init(&c); | ||
421 | BN_init(&d); | ||
422 | BN_init(&e); | ||
364 | 423 | ||
365 | BN_rand(a,200,0,0); | 424 | for (i=0; i<num0+num1; i++) |
366 | for (i=0; i<100; i++) | ||
367 | { | 425 | { |
368 | BN_rand(b,250+i,0,0); | 426 | if (i < num1) |
369 | a->neg=rand_neg(); | 427 | { |
370 | b->neg=rand_neg(); | 428 | BN_bntest_rand(&a,400,0,0); |
371 | if (bp == NULL) | 429 | BN_copy(&b,&a); |
372 | for (j=0; j<100; j++) | 430 | BN_lshift(&a,&a,i); |
373 | BN_mul(c,a,b); | 431 | BN_add_word(&a,i); |
374 | BN_mul(c,a,b); | 432 | } |
433 | else | ||
434 | BN_bntest_rand(&b,50+3*(i-num1),0,0); | ||
435 | a.neg=rand_neg(); | ||
436 | b.neg=rand_neg(); | ||
437 | BN_RECP_CTX_set(&recp,&b,ctx); | ||
438 | BN_div_recp(&d,&c,&a,&recp,ctx); | ||
375 | if (bp != NULL) | 439 | if (bp != NULL) |
376 | { | 440 | { |
377 | if (!results) | 441 | if (!results) |
378 | { | 442 | { |
379 | BN_print(bp,a); | 443 | BN_print(bp,&a); |
444 | BIO_puts(bp," / "); | ||
445 | BN_print(bp,&b); | ||
446 | BIO_puts(bp," - "); | ||
447 | } | ||
448 | BN_print(bp,&d); | ||
449 | BIO_puts(bp,"\n"); | ||
450 | |||
451 | if (!results) | ||
452 | { | ||
453 | BN_print(bp,&a); | ||
454 | BIO_puts(bp," % "); | ||
455 | BN_print(bp,&b); | ||
456 | BIO_puts(bp," - "); | ||
457 | } | ||
458 | BN_print(bp,&c); | ||
459 | BIO_puts(bp,"\n"); | ||
460 | } | ||
461 | BN_mul(&e,&d,&b,ctx); | ||
462 | BN_add(&d,&e,&c); | ||
463 | BN_sub(&d,&d,&a); | ||
464 | if(!BN_is_zero(&d)) | ||
465 | { | ||
466 | fprintf(stderr,"Reciprocal division test failed!\n"); | ||
467 | fprintf(stderr,"a="); | ||
468 | BN_print_fp(stderr,&a); | ||
469 | fprintf(stderr,"\nb="); | ||
470 | BN_print_fp(stderr,&b); | ||
471 | fprintf(stderr,"\n"); | ||
472 | return 0; | ||
473 | } | ||
474 | } | ||
475 | BN_free(&a); | ||
476 | BN_free(&b); | ||
477 | BN_free(&c); | ||
478 | BN_free(&d); | ||
479 | BN_free(&e); | ||
480 | BN_RECP_CTX_free(&recp); | ||
481 | return(1); | ||
482 | } | ||
483 | |||
484 | int test_mul(BIO *bp) | ||
485 | { | ||
486 | BIGNUM a,b,c,d,e; | ||
487 | int i; | ||
488 | BN_CTX *ctx; | ||
489 | |||
490 | ctx = BN_CTX_new(); | ||
491 | if (ctx == NULL) exit(1); | ||
492 | |||
493 | BN_init(&a); | ||
494 | BN_init(&b); | ||
495 | BN_init(&c); | ||
496 | BN_init(&d); | ||
497 | BN_init(&e); | ||
498 | |||
499 | for (i=0; i<num0+num1; i++) | ||
500 | { | ||
501 | if (i <= num1) | ||
502 | { | ||
503 | BN_bntest_rand(&a,100,0,0); | ||
504 | BN_bntest_rand(&b,100,0,0); | ||
505 | } | ||
506 | else | ||
507 | BN_bntest_rand(&b,i-num1,0,0); | ||
508 | a.neg=rand_neg(); | ||
509 | b.neg=rand_neg(); | ||
510 | BN_mul(&c,&a,&b,ctx); | ||
511 | if (bp != NULL) | ||
512 | { | ||
513 | if (!results) | ||
514 | { | ||
515 | BN_print(bp,&a); | ||
380 | BIO_puts(bp," * "); | 516 | BIO_puts(bp," * "); |
381 | BN_print(bp,b); | 517 | BN_print(bp,&b); |
382 | BIO_puts(bp," - "); | 518 | BIO_puts(bp," - "); |
383 | } | 519 | } |
384 | BN_print(bp,c); | 520 | BN_print(bp,&c); |
385 | BIO_puts(bp,"\n"); | 521 | BIO_puts(bp,"\n"); |
386 | } | 522 | } |
523 | BN_div(&d,&e,&c,&a,ctx); | ||
524 | BN_sub(&d,&d,&b); | ||
525 | if(!BN_is_zero(&d) || !BN_is_zero(&e)) | ||
526 | { | ||
527 | fprintf(stderr,"Multiplication test failed!\n"); | ||
528 | return 0; | ||
529 | } | ||
387 | } | 530 | } |
388 | BN_free(a); | 531 | BN_free(&a); |
389 | BN_free(b); | 532 | BN_free(&b); |
390 | BN_free(c); | 533 | BN_free(&c); |
534 | BN_free(&d); | ||
535 | BN_free(&e); | ||
536 | BN_CTX_free(ctx); | ||
391 | return(1); | 537 | return(1); |
392 | } | 538 | } |
393 | 539 | ||
394 | int test_sqr(bp,ctx) | 540 | int test_sqr(BIO *bp, BN_CTX *ctx) |
395 | BIO *bp; | ||
396 | BN_CTX *ctx; | ||
397 | { | 541 | { |
398 | BIGNUM *a,*c; | 542 | BIGNUM a,c,d,e; |
399 | int i; | 543 | int i; |
400 | int j; | ||
401 | 544 | ||
402 | a=BN_new(); | 545 | BN_init(&a); |
403 | c=BN_new(); | 546 | BN_init(&c); |
547 | BN_init(&d); | ||
548 | BN_init(&e); | ||
404 | 549 | ||
405 | for (i=0; i<40; i++) | 550 | for (i=0; i<num0; i++) |
406 | { | 551 | { |
407 | BN_rand(a,40+i*10,0,0); | 552 | BN_bntest_rand(&a,40+i*10,0,0); |
408 | a->neg=rand_neg(); | 553 | a.neg=rand_neg(); |
409 | if (bp == NULL) | 554 | BN_sqr(&c,&a,ctx); |
410 | for (j=0; j<100; j++) | ||
411 | BN_sqr(c,a,ctx); | ||
412 | BN_sqr(c,a,ctx); | ||
413 | if (bp != NULL) | 555 | if (bp != NULL) |
414 | { | 556 | { |
415 | if (!results) | 557 | if (!results) |
416 | { | 558 | { |
417 | BN_print(bp,a); | 559 | BN_print(bp,&a); |
418 | BIO_puts(bp," * "); | 560 | BIO_puts(bp," * "); |
419 | BN_print(bp,a); | 561 | BN_print(bp,&a); |
420 | BIO_puts(bp," - "); | 562 | BIO_puts(bp," - "); |
421 | } | 563 | } |
422 | BN_print(bp,c); | 564 | BN_print(bp,&c); |
423 | BIO_puts(bp,"\n"); | 565 | BIO_puts(bp,"\n"); |
424 | } | 566 | } |
567 | BN_div(&d,&e,&c,&a,ctx); | ||
568 | BN_sub(&d,&d,&a); | ||
569 | if(!BN_is_zero(&d) || !BN_is_zero(&e)) | ||
570 | { | ||
571 | fprintf(stderr,"Square test failed!\n"); | ||
572 | return 0; | ||
573 | } | ||
425 | } | 574 | } |
426 | BN_free(a); | 575 | BN_free(&a); |
427 | BN_free(c); | 576 | BN_free(&c); |
577 | BN_free(&d); | ||
578 | BN_free(&e); | ||
428 | return(1); | 579 | return(1); |
429 | } | 580 | } |
430 | 581 | ||
431 | int test_mont(bp,ctx) | 582 | int test_mont(BIO *bp, BN_CTX *ctx) |
432 | BIO *bp; | ||
433 | BN_CTX *ctx; | ||
434 | { | 583 | { |
435 | BIGNUM *a,*b,*c,*A,*B; | 584 | BIGNUM a,b,c,d,A,B; |
436 | BIGNUM *n; | 585 | BIGNUM n; |
437 | int i; | 586 | int i; |
438 | int j; | ||
439 | BN_MONT_CTX *mont; | 587 | BN_MONT_CTX *mont; |
440 | 588 | ||
441 | a=BN_new(); | 589 | BN_init(&a); |
442 | b=BN_new(); | 590 | BN_init(&b); |
443 | c=BN_new(); | 591 | BN_init(&c); |
444 | A=BN_new(); | 592 | BN_init(&d); |
445 | B=BN_new(); | 593 | BN_init(&A); |
446 | n=BN_new(); | 594 | BN_init(&B); |
595 | BN_init(&n); | ||
447 | 596 | ||
448 | mont=BN_MONT_CTX_new(); | 597 | mont=BN_MONT_CTX_new(); |
449 | 598 | ||
450 | BN_rand(a,100,0,0); /**/ | 599 | BN_bntest_rand(&a,100,0,0); /**/ |
451 | BN_rand(b,100,0,0); /**/ | 600 | BN_bntest_rand(&b,100,0,0); /**/ |
452 | for (i=0; i<10; i++) | 601 | for (i=0; i<num2; i++) |
453 | { | 602 | { |
454 | BN_rand(n,(100%BN_BITS2+1)*BN_BITS2*i*BN_BITS2,0,1); /**/ | 603 | int bits = (200*(i+1))/num2; |
455 | BN_MONT_CTX_set(mont,n,ctx); | 604 | |
605 | if (bits == 0) | ||
606 | continue; | ||
607 | BN_bntest_rand(&n,bits,0,1); | ||
608 | BN_MONT_CTX_set(mont,&n,ctx); | ||
456 | 609 | ||
457 | BN_to_montgomery(A,a,mont,ctx); | 610 | BN_nnmod(&a,&a,&n,ctx); |
458 | BN_to_montgomery(B,b,mont,ctx); | 611 | BN_nnmod(&b,&b,&n,ctx); |
459 | 612 | ||
460 | if (bp == NULL) | 613 | BN_to_montgomery(&A,&a,mont,ctx); |
461 | for (j=0; j<100; j++) | 614 | BN_to_montgomery(&B,&b,mont,ctx); |
462 | BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/ | 615 | |
463 | BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/ | 616 | BN_mod_mul_montgomery(&c,&A,&B,mont,ctx);/**/ |
464 | BN_from_montgomery(A,c,mont,ctx);/**/ | 617 | BN_from_montgomery(&A,&c,mont,ctx);/**/ |
465 | if (bp != NULL) | 618 | if (bp != NULL) |
466 | { | 619 | { |
467 | if (!results) | 620 | if (!results) |
468 | { | 621 | { |
469 | #ifdef undef | 622 | #ifdef undef |
470 | fprintf(stderr,"%d * %d %% %d\n", | 623 | fprintf(stderr,"%d * %d %% %d\n", |
471 | BN_num_bits(a), | 624 | BN_num_bits(&a), |
472 | BN_num_bits(b), | 625 | BN_num_bits(&b), |
473 | BN_num_bits(mont->N)); | 626 | BN_num_bits(mont->N)); |
474 | #endif | 627 | #endif |
475 | BN_print(bp,a); | 628 | BN_print(bp,&a); |
476 | BIO_puts(bp," * "); | 629 | BIO_puts(bp," * "); |
477 | BN_print(bp,b); | 630 | BN_print(bp,&b); |
478 | BIO_puts(bp," % "); | 631 | BIO_puts(bp," % "); |
479 | BN_print(bp,mont->N); | 632 | BN_print(bp,&(mont->N)); |
480 | BIO_puts(bp," - "); | 633 | BIO_puts(bp," - "); |
481 | } | 634 | } |
482 | BN_print(bp,A); | 635 | BN_print(bp,&A); |
483 | BIO_puts(bp,"\n"); | 636 | BIO_puts(bp,"\n"); |
484 | } | 637 | } |
638 | BN_mod_mul(&d,&a,&b,&n,ctx); | ||
639 | BN_sub(&d,&d,&A); | ||
640 | if(!BN_is_zero(&d)) | ||
641 | { | ||
642 | fprintf(stderr,"Montgomery multiplication test failed!\n"); | ||
643 | return 0; | ||
644 | } | ||
485 | } | 645 | } |
486 | BN_MONT_CTX_free(mont); | 646 | BN_MONT_CTX_free(mont); |
487 | BN_free(a); | 647 | BN_free(&a); |
488 | BN_free(b); | 648 | BN_free(&b); |
489 | BN_free(c); | 649 | BN_free(&c); |
650 | BN_free(&d); | ||
651 | BN_free(&A); | ||
652 | BN_free(&B); | ||
653 | BN_free(&n); | ||
490 | return(1); | 654 | return(1); |
491 | } | 655 | } |
492 | 656 | ||
493 | int test_mod(bp,ctx) | 657 | int test_mod(BIO *bp, BN_CTX *ctx) |
494 | BIO *bp; | ||
495 | BN_CTX *ctx; | ||
496 | { | 658 | { |
497 | BIGNUM *a,*b,*c; | 659 | BIGNUM *a,*b,*c,*d,*e; |
498 | int i; | 660 | int i; |
499 | int j; | ||
500 | 661 | ||
501 | a=BN_new(); | 662 | a=BN_new(); |
502 | b=BN_new(); | 663 | b=BN_new(); |
503 | c=BN_new(); | 664 | c=BN_new(); |
665 | d=BN_new(); | ||
666 | e=BN_new(); | ||
504 | 667 | ||
505 | BN_rand(a,1024,0,0); /**/ | 668 | BN_bntest_rand(a,1024,0,0); /**/ |
506 | for (i=0; i<20; i++) | 669 | for (i=0; i<num0; i++) |
507 | { | 670 | { |
508 | BN_rand(b,450+i*10,0,0); /**/ | 671 | BN_bntest_rand(b,450+i*10,0,0); /**/ |
509 | a->neg=rand_neg(); | 672 | a->neg=rand_neg(); |
510 | b->neg=rand_neg(); | 673 | b->neg=rand_neg(); |
511 | if (bp == NULL) | ||
512 | for (j=0; j<100; j++) | ||
513 | BN_mod(c,a,b,ctx);/**/ | ||
514 | BN_mod(c,a,b,ctx);/**/ | 674 | BN_mod(c,a,b,ctx);/**/ |
515 | if (bp != NULL) | 675 | if (bp != NULL) |
516 | { | 676 | { |
@@ -524,19 +684,26 @@ BN_CTX *ctx; | |||
524 | BN_print(bp,c); | 684 | BN_print(bp,c); |
525 | BIO_puts(bp,"\n"); | 685 | BIO_puts(bp,"\n"); |
526 | } | 686 | } |
687 | BN_div(d,e,a,b,ctx); | ||
688 | BN_sub(e,e,c); | ||
689 | if(!BN_is_zero(e)) | ||
690 | { | ||
691 | fprintf(stderr,"Modulo test failed!\n"); | ||
692 | return 0; | ||
693 | } | ||
527 | } | 694 | } |
528 | BN_free(a); | 695 | BN_free(a); |
529 | BN_free(b); | 696 | BN_free(b); |
530 | BN_free(c); | 697 | BN_free(c); |
698 | BN_free(d); | ||
699 | BN_free(e); | ||
531 | return(1); | 700 | return(1); |
532 | } | 701 | } |
533 | 702 | ||
534 | int test_mod_mul(bp,ctx) | 703 | int test_mod_mul(BIO *bp, BN_CTX *ctx) |
535 | BIO *bp; | ||
536 | BN_CTX *ctx; | ||
537 | { | 704 | { |
538 | BIGNUM *a,*b,*c,*d,*e; | 705 | BIGNUM *a,*b,*c,*d,*e; |
539 | int i; | 706 | int i,j; |
540 | 707 | ||
541 | a=BN_new(); | 708 | a=BN_new(); |
542 | b=BN_new(); | 709 | b=BN_new(); |
@@ -544,17 +711,14 @@ BN_CTX *ctx; | |||
544 | d=BN_new(); | 711 | d=BN_new(); |
545 | e=BN_new(); | 712 | e=BN_new(); |
546 | 713 | ||
547 | BN_rand(c,1024,0,0); /**/ | 714 | for (j=0; j<3; j++) { |
548 | for (i=0; i<10; i++) | 715 | BN_bntest_rand(c,1024,0,0); /**/ |
716 | for (i=0; i<num0; i++) | ||
549 | { | 717 | { |
550 | BN_rand(a,475+i*10,0,0); /**/ | 718 | BN_bntest_rand(a,475+i*10,0,0); /**/ |
551 | BN_rand(b,425+i*10,0,0); /**/ | 719 | BN_bntest_rand(b,425+i*11,0,0); /**/ |
552 | a->neg=rand_neg(); | 720 | a->neg=rand_neg(); |
553 | b->neg=rand_neg(); | 721 | b->neg=rand_neg(); |
554 | /* if (bp == NULL) | ||
555 | for (j=0; j<100; j++) | ||
556 | BN_mod_mul(d,a,b,c,ctx);*/ /**/ | ||
557 | |||
558 | if (!BN_mod_mul(e,a,b,c,ctx)) | 722 | if (!BN_mod_mul(e,a,b,c,ctx)) |
559 | { | 723 | { |
560 | unsigned long l; | 724 | unsigned long l; |
@@ -573,12 +737,32 @@ BN_CTX *ctx; | |||
573 | BN_print(bp,b); | 737 | BN_print(bp,b); |
574 | BIO_puts(bp," % "); | 738 | BIO_puts(bp," % "); |
575 | BN_print(bp,c); | 739 | BN_print(bp,c); |
740 | if ((a->neg ^ b->neg) && !BN_is_zero(e)) | ||
741 | { | ||
742 | /* If (a*b) % c is negative, c must be added | ||
743 | * in order to obtain the normalized remainder | ||
744 | * (new with OpenSSL 0.9.7, previous versions of | ||
745 | * BN_mod_mul could generate negative results) | ||
746 | */ | ||
747 | BIO_puts(bp," + "); | ||
748 | BN_print(bp,c); | ||
749 | } | ||
576 | BIO_puts(bp," - "); | 750 | BIO_puts(bp," - "); |
577 | } | 751 | } |
578 | BN_print(bp,e); | 752 | BN_print(bp,e); |
579 | BIO_puts(bp,"\n"); | 753 | BIO_puts(bp,"\n"); |
580 | } | 754 | } |
755 | BN_mul(d,a,b,ctx); | ||
756 | BN_sub(d,d,e); | ||
757 | BN_div(a,b,d,c,ctx); | ||
758 | if(!BN_is_zero(b)) | ||
759 | { | ||
760 | fprintf(stderr,"Modulo multiply test failed!\n"); | ||
761 | ERR_print_errors_fp(stderr); | ||
762 | return 0; | ||
763 | } | ||
581 | } | 764 | } |
765 | } | ||
582 | BN_free(a); | 766 | BN_free(a); |
583 | BN_free(b); | 767 | BN_free(b); |
584 | BN_free(c); | 768 | BN_free(c); |
@@ -587,9 +771,7 @@ BN_CTX *ctx; | |||
587 | return(1); | 771 | return(1); |
588 | } | 772 | } |
589 | 773 | ||
590 | int test_mod_exp(bp,ctx) | 774 | int test_mod_exp(BIO *bp, BN_CTX *ctx) |
591 | BIO *bp; | ||
592 | BN_CTX *ctx; | ||
593 | { | 775 | { |
594 | BIGNUM *a,*b,*c,*d,*e; | 776 | BIGNUM *a,*b,*c,*d,*e; |
595 | int i; | 777 | int i; |
@@ -600,11 +782,11 @@ BN_CTX *ctx; | |||
600 | d=BN_new(); | 782 | d=BN_new(); |
601 | e=BN_new(); | 783 | e=BN_new(); |
602 | 784 | ||
603 | BN_rand(c,30,0,1); /* must be odd for montgomery */ | 785 | BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */ |
604 | for (i=0; i<6; i++) | 786 | for (i=0; i<num2; i++) |
605 | { | 787 | { |
606 | BN_rand(a,20+i*5,0,0); /**/ | 788 | BN_bntest_rand(a,20+i*5,0,0); /**/ |
607 | BN_rand(b,2+i,0,0); /**/ | 789 | BN_bntest_rand(b,2+i,0,0); /**/ |
608 | 790 | ||
609 | if (!BN_mod_exp(d,a,b,c,ctx)) | 791 | if (!BN_mod_exp(d,a,b,c,ctx)) |
610 | return(00); | 792 | return(00); |
@@ -623,6 +805,14 @@ BN_CTX *ctx; | |||
623 | BN_print(bp,d); | 805 | BN_print(bp,d); |
624 | BIO_puts(bp,"\n"); | 806 | BIO_puts(bp,"\n"); |
625 | } | 807 | } |
808 | BN_exp(e,a,b,ctx); | ||
809 | BN_sub(e,e,d); | ||
810 | BN_div(a,b,e,c,ctx); | ||
811 | if(!BN_is_zero(b)) | ||
812 | { | ||
813 | fprintf(stderr,"Modulo exponentiation test failed!\n"); | ||
814 | return 0; | ||
815 | } | ||
626 | } | 816 | } |
627 | BN_free(a); | 817 | BN_free(a); |
628 | BN_free(b); | 818 | BN_free(b); |
@@ -632,20 +822,252 @@ BN_CTX *ctx; | |||
632 | return(1); | 822 | return(1); |
633 | } | 823 | } |
634 | 824 | ||
635 | int test_lshift(bp) | 825 | int test_exp(BIO *bp, BN_CTX *ctx) |
636 | BIO *bp; | ||
637 | { | 826 | { |
638 | BIGNUM *a,*b,*c; | 827 | BIGNUM *a,*b,*d,*e,*one; |
639 | int i; | 828 | int i; |
640 | 829 | ||
641 | a=BN_new(); | 830 | a=BN_new(); |
642 | b=BN_new(); | 831 | b=BN_new(); |
832 | d=BN_new(); | ||
833 | e=BN_new(); | ||
834 | one=BN_new(); | ||
835 | BN_one(one); | ||
836 | |||
837 | for (i=0; i<num2; i++) | ||
838 | { | ||
839 | BN_bntest_rand(a,20+i*5,0,0); /**/ | ||
840 | BN_bntest_rand(b,2+i,0,0); /**/ | ||
841 | |||
842 | if (!BN_exp(d,a,b,ctx)) | ||
843 | return(00); | ||
844 | |||
845 | if (bp != NULL) | ||
846 | { | ||
847 | if (!results) | ||
848 | { | ||
849 | BN_print(bp,a); | ||
850 | BIO_puts(bp," ^ "); | ||
851 | BN_print(bp,b); | ||
852 | BIO_puts(bp," - "); | ||
853 | } | ||
854 | BN_print(bp,d); | ||
855 | BIO_puts(bp,"\n"); | ||
856 | } | ||
857 | BN_one(e); | ||
858 | for( ; !BN_is_zero(b) ; BN_sub(b,b,one)) | ||
859 | BN_mul(e,e,a,ctx); | ||
860 | BN_sub(e,e,d); | ||
861 | if(!BN_is_zero(e)) | ||
862 | { | ||
863 | fprintf(stderr,"Exponentiation test failed!\n"); | ||
864 | return 0; | ||
865 | } | ||
866 | } | ||
867 | BN_free(a); | ||
868 | BN_free(b); | ||
869 | BN_free(d); | ||
870 | BN_free(e); | ||
871 | BN_free(one); | ||
872 | return(1); | ||
873 | } | ||
874 | |||
875 | static void genprime_cb(int p, int n, void *arg) | ||
876 | { | ||
877 | char c='*'; | ||
878 | |||
879 | if (p == 0) c='.'; | ||
880 | if (p == 1) c='+'; | ||
881 | if (p == 2) c='*'; | ||
882 | if (p == 3) c='\n'; | ||
883 | putc(c, stderr); | ||
884 | fflush(stderr); | ||
885 | (void)n; | ||
886 | (void)arg; | ||
887 | } | ||
888 | |||
889 | int test_kron(BIO *bp, BN_CTX *ctx) | ||
890 | { | ||
891 | BIGNUM *a,*b,*r,*t; | ||
892 | int i; | ||
893 | int legendre, kronecker; | ||
894 | int ret = 0; | ||
895 | |||
896 | a = BN_new(); | ||
897 | b = BN_new(); | ||
898 | r = BN_new(); | ||
899 | t = BN_new(); | ||
900 | if (a == NULL || b == NULL || r == NULL || t == NULL) goto err; | ||
901 | |||
902 | /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). | ||
903 | * In this case we know that if b is prime, then BN_kronecker(a, b, ctx) | ||
904 | * is congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol). | ||
905 | * So we generate a random prime b and compare these values | ||
906 | * for a number of random a's. (That is, we run the Solovay-Strassen | ||
907 | * primality test to confirm that b is prime, except that we | ||
908 | * don't want to test whether b is prime but whether BN_kronecker | ||
909 | * works.) */ | ||
910 | |||
911 | if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err; | ||
912 | b->neg = rand_neg(); | ||
913 | putc('\n', stderr); | ||
914 | |||
915 | for (i = 0; i < num0; i++) | ||
916 | { | ||
917 | if (!BN_bntest_rand(a, 512, 0, 0)) goto err; | ||
918 | a->neg = rand_neg(); | ||
919 | |||
920 | /* t := (|b|-1)/2 (note that b is odd) */ | ||
921 | if (!BN_copy(t, b)) goto err; | ||
922 | t->neg = 0; | ||
923 | if (!BN_sub_word(t, 1)) goto err; | ||
924 | if (!BN_rshift1(t, t)) goto err; | ||
925 | /* r := a^t mod b */ | ||
926 | b->neg=0; | ||
927 | |||
928 | if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err; /* XXX should be BN_mod_exp_recp, but ..._recp triggers a bug that must be fixed */ | ||
929 | b->neg=1; | ||
930 | |||
931 | if (BN_is_word(r, 1)) | ||
932 | legendre = 1; | ||
933 | else if (BN_is_zero(r)) | ||
934 | legendre = 0; | ||
935 | else | ||
936 | { | ||
937 | if (!BN_add_word(r, 1)) goto err; | ||
938 | if (0 != BN_ucmp(r, b)) | ||
939 | { | ||
940 | fprintf(stderr, "Legendre symbol computation failed\n"); | ||
941 | goto err; | ||
942 | } | ||
943 | legendre = -1; | ||
944 | } | ||
945 | |||
946 | kronecker = BN_kronecker(a, b, ctx); | ||
947 | if (kronecker < -1) goto err; | ||
948 | /* we actually need BN_kronecker(a, |b|) */ | ||
949 | if (a->neg && b->neg) | ||
950 | kronecker = -kronecker; | ||
951 | |||
952 | if (legendre != kronecker) | ||
953 | { | ||
954 | fprintf(stderr, "legendre != kronecker; a = "); | ||
955 | BN_print_fp(stderr, a); | ||
956 | fprintf(stderr, ", b = "); | ||
957 | BN_print_fp(stderr, b); | ||
958 | fprintf(stderr, "\n"); | ||
959 | goto err; | ||
960 | } | ||
961 | |||
962 | putc('.', stderr); | ||
963 | fflush(stderr); | ||
964 | } | ||
965 | |||
966 | putc('\n', stderr); | ||
967 | fflush(stderr); | ||
968 | ret = 1; | ||
969 | err: | ||
970 | if (a != NULL) BN_free(a); | ||
971 | if (b != NULL) BN_free(b); | ||
972 | if (r != NULL) BN_free(r); | ||
973 | if (t != NULL) BN_free(t); | ||
974 | return ret; | ||
975 | } | ||
976 | |||
977 | int test_sqrt(BIO *bp, BN_CTX *ctx) | ||
978 | { | ||
979 | BIGNUM *a,*p,*r; | ||
980 | int i, j; | ||
981 | int ret = 0; | ||
982 | |||
983 | a = BN_new(); | ||
984 | p = BN_new(); | ||
985 | r = BN_new(); | ||
986 | if (a == NULL || p == NULL || r == NULL) goto err; | ||
987 | |||
988 | for (i = 0; i < 16; i++) | ||
989 | { | ||
990 | if (i < 8) | ||
991 | { | ||
992 | unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 }; | ||
993 | |||
994 | if (!BN_set_word(p, primes[i])) goto err; | ||
995 | } | ||
996 | else | ||
997 | { | ||
998 | if (!BN_set_word(a, 32)) goto err; | ||
999 | if (!BN_set_word(r, 2*i + 1)) goto err; | ||
1000 | |||
1001 | if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; | ||
1002 | putc('\n', stderr); | ||
1003 | } | ||
1004 | p->neg = rand_neg(); | ||
1005 | |||
1006 | for (j = 0; j < num2; j++) | ||
1007 | { | ||
1008 | /* construct 'a' such that it is a square modulo p, | ||
1009 | * but in general not a proper square and not reduced modulo p */ | ||
1010 | if (!BN_bntest_rand(r, 256, 0, 3)) goto err; | ||
1011 | if (!BN_nnmod(r, r, p, ctx)) goto err; | ||
1012 | if (!BN_mod_sqr(r, r, p, ctx)) goto err; | ||
1013 | if (!BN_bntest_rand(a, 256, 0, 3)) goto err; | ||
1014 | if (!BN_nnmod(a, a, p, ctx)) goto err; | ||
1015 | if (!BN_mod_sqr(a, a, p, ctx)) goto err; | ||
1016 | if (!BN_mul(a, a, r, ctx)) goto err; | ||
1017 | if (rand_neg()) | ||
1018 | if (!BN_sub(a, a, p)) goto err; | ||
1019 | |||
1020 | if (!BN_mod_sqrt(r, a, p, ctx)) goto err; | ||
1021 | if (!BN_mod_sqr(r, r, p, ctx)) goto err; | ||
1022 | |||
1023 | if (!BN_nnmod(a, a, p, ctx)) goto err; | ||
1024 | |||
1025 | if (BN_cmp(a, r) != 0) | ||
1026 | { | ||
1027 | fprintf(stderr, "BN_mod_sqrt failed: a = "); | ||
1028 | BN_print_fp(stderr, a); | ||
1029 | fprintf(stderr, ", r = "); | ||
1030 | BN_print_fp(stderr, r); | ||
1031 | fprintf(stderr, ", p = "); | ||
1032 | BN_print_fp(stderr, p); | ||
1033 | fprintf(stderr, "\n"); | ||
1034 | goto err; | ||
1035 | } | ||
1036 | |||
1037 | putc('.', stderr); | ||
1038 | fflush(stderr); | ||
1039 | } | ||
1040 | |||
1041 | putc('\n', stderr); | ||
1042 | fflush(stderr); | ||
1043 | } | ||
1044 | ret = 1; | ||
1045 | err: | ||
1046 | if (a != NULL) BN_free(a); | ||
1047 | if (p != NULL) BN_free(p); | ||
1048 | if (r != NULL) BN_free(r); | ||
1049 | return ret; | ||
1050 | } | ||
1051 | |||
1052 | int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) | ||
1053 | { | ||
1054 | BIGNUM *a,*b,*c,*d; | ||
1055 | int i; | ||
1056 | |||
1057 | b=BN_new(); | ||
643 | c=BN_new(); | 1058 | c=BN_new(); |
1059 | d=BN_new(); | ||
644 | BN_one(c); | 1060 | BN_one(c); |
645 | 1061 | ||
646 | BN_rand(a,200,0,0); /**/ | 1062 | if(a_) |
647 | a->neg=rand_neg(); | 1063 | a=a_; |
648 | for (i=0; i<70; i++) | 1064 | else |
1065 | { | ||
1066 | a=BN_new(); | ||
1067 | BN_bntest_rand(a,200,0,0); /**/ | ||
1068 | a->neg=rand_neg(); | ||
1069 | } | ||
1070 | for (i=0; i<num0; i++) | ||
649 | { | 1071 | { |
650 | BN_lshift(b,a,i+1); | 1072 | BN_lshift(b,a,i+1); |
651 | BN_add(c,c,c); | 1073 | BN_add(c,c,c); |
@@ -661,25 +1083,42 @@ BIO *bp; | |||
661 | BN_print(bp,b); | 1083 | BN_print(bp,b); |
662 | BIO_puts(bp,"\n"); | 1084 | BIO_puts(bp,"\n"); |
663 | } | 1085 | } |
1086 | BN_mul(d,a,c,ctx); | ||
1087 | BN_sub(d,d,b); | ||
1088 | if(!BN_is_zero(d)) | ||
1089 | { | ||
1090 | fprintf(stderr,"Left shift test failed!\n"); | ||
1091 | fprintf(stderr,"a="); | ||
1092 | BN_print_fp(stderr,a); | ||
1093 | fprintf(stderr,"\nb="); | ||
1094 | BN_print_fp(stderr,b); | ||
1095 | fprintf(stderr,"\nc="); | ||
1096 | BN_print_fp(stderr,c); | ||
1097 | fprintf(stderr,"\nd="); | ||
1098 | BN_print_fp(stderr,d); | ||
1099 | fprintf(stderr,"\n"); | ||
1100 | return 0; | ||
1101 | } | ||
664 | } | 1102 | } |
665 | BN_free(a); | 1103 | BN_free(a); |
666 | BN_free(b); | 1104 | BN_free(b); |
667 | BN_free(c); | 1105 | BN_free(c); |
1106 | BN_free(d); | ||
668 | return(1); | 1107 | return(1); |
669 | } | 1108 | } |
670 | 1109 | ||
671 | int test_lshift1(bp) | 1110 | int test_lshift1(BIO *bp) |
672 | BIO *bp; | ||
673 | { | 1111 | { |
674 | BIGNUM *a,*b; | 1112 | BIGNUM *a,*b,*c; |
675 | int i; | 1113 | int i; |
676 | 1114 | ||
677 | a=BN_new(); | 1115 | a=BN_new(); |
678 | b=BN_new(); | 1116 | b=BN_new(); |
1117 | c=BN_new(); | ||
679 | 1118 | ||
680 | BN_rand(a,200,0,0); /**/ | 1119 | BN_bntest_rand(a,200,0,0); /**/ |
681 | a->neg=rand_neg(); | 1120 | a->neg=rand_neg(); |
682 | for (i=0; i<70; i++) | 1121 | for (i=0; i<num0; i++) |
683 | { | 1122 | { |
684 | BN_lshift1(b,a); | 1123 | BN_lshift1(b,a); |
685 | if (bp != NULL) | 1124 | if (bp != NULL) |
@@ -693,27 +1132,37 @@ BIO *bp; | |||
693 | BN_print(bp,b); | 1132 | BN_print(bp,b); |
694 | BIO_puts(bp,"\n"); | 1133 | BIO_puts(bp,"\n"); |
695 | } | 1134 | } |
1135 | BN_add(c,a,a); | ||
1136 | BN_sub(a,b,c); | ||
1137 | if(!BN_is_zero(a)) | ||
1138 | { | ||
1139 | fprintf(stderr,"Left shift one test failed!\n"); | ||
1140 | return 0; | ||
1141 | } | ||
1142 | |||
696 | BN_copy(a,b); | 1143 | BN_copy(a,b); |
697 | } | 1144 | } |
698 | BN_free(a); | 1145 | BN_free(a); |
699 | BN_free(b); | 1146 | BN_free(b); |
1147 | BN_free(c); | ||
700 | return(1); | 1148 | return(1); |
701 | } | 1149 | } |
702 | 1150 | ||
703 | int test_rshift(bp) | 1151 | int test_rshift(BIO *bp,BN_CTX *ctx) |
704 | BIO *bp; | ||
705 | { | 1152 | { |
706 | BIGNUM *a,*b,*c; | 1153 | BIGNUM *a,*b,*c,*d,*e; |
707 | int i; | 1154 | int i; |
708 | 1155 | ||
709 | a=BN_new(); | 1156 | a=BN_new(); |
710 | b=BN_new(); | 1157 | b=BN_new(); |
711 | c=BN_new(); | 1158 | c=BN_new(); |
1159 | d=BN_new(); | ||
1160 | e=BN_new(); | ||
712 | BN_one(c); | 1161 | BN_one(c); |
713 | 1162 | ||
714 | BN_rand(a,200,0,0); /**/ | 1163 | BN_bntest_rand(a,200,0,0); /**/ |
715 | a->neg=rand_neg(); | 1164 | a->neg=rand_neg(); |
716 | for (i=0; i<70; i++) | 1165 | for (i=0; i<num0; i++) |
717 | { | 1166 | { |
718 | BN_rshift(b,a,i+1); | 1167 | BN_rshift(b,a,i+1); |
719 | BN_add(c,c,c); | 1168 | BN_add(c,c,c); |
@@ -729,25 +1178,34 @@ BIO *bp; | |||
729 | BN_print(bp,b); | 1178 | BN_print(bp,b); |
730 | BIO_puts(bp,"\n"); | 1179 | BIO_puts(bp,"\n"); |
731 | } | 1180 | } |
1181 | BN_div(d,e,a,c,ctx); | ||
1182 | BN_sub(d,d,b); | ||
1183 | if(!BN_is_zero(d)) | ||
1184 | { | ||
1185 | fprintf(stderr,"Right shift test failed!\n"); | ||
1186 | return 0; | ||
1187 | } | ||
732 | } | 1188 | } |
733 | BN_free(a); | 1189 | BN_free(a); |
734 | BN_free(b); | 1190 | BN_free(b); |
735 | BN_free(c); | 1191 | BN_free(c); |
1192 | BN_free(d); | ||
1193 | BN_free(e); | ||
736 | return(1); | 1194 | return(1); |
737 | } | 1195 | } |
738 | 1196 | ||
739 | int test_rshift1(bp) | 1197 | int test_rshift1(BIO *bp) |
740 | BIO *bp; | ||
741 | { | 1198 | { |
742 | BIGNUM *a,*b; | 1199 | BIGNUM *a,*b,*c; |
743 | int i; | 1200 | int i; |
744 | 1201 | ||
745 | a=BN_new(); | 1202 | a=BN_new(); |
746 | b=BN_new(); | 1203 | b=BN_new(); |
1204 | c=BN_new(); | ||
747 | 1205 | ||
748 | BN_rand(a,200,0,0); /**/ | 1206 | BN_bntest_rand(a,200,0,0); /**/ |
749 | a->neg=rand_neg(); | 1207 | a->neg=rand_neg(); |
750 | for (i=0; i<70; i++) | 1208 | for (i=0; i<num0; i++) |
751 | { | 1209 | { |
752 | BN_rshift1(b,a); | 1210 | BN_rshift1(b,a); |
753 | if (bp != NULL) | 1211 | if (bp != NULL) |
@@ -761,14 +1219,22 @@ BIO *bp; | |||
761 | BN_print(bp,b); | 1219 | BN_print(bp,b); |
762 | BIO_puts(bp,"\n"); | 1220 | BIO_puts(bp,"\n"); |
763 | } | 1221 | } |
1222 | BN_sub(c,a,b); | ||
1223 | BN_sub(c,c,b); | ||
1224 | if(!BN_is_zero(c) && !BN_abs_is_word(c, 1)) | ||
1225 | { | ||
1226 | fprintf(stderr,"Right shift one test failed!\n"); | ||
1227 | return 0; | ||
1228 | } | ||
764 | BN_copy(a,b); | 1229 | BN_copy(a,b); |
765 | } | 1230 | } |
766 | BN_free(a); | 1231 | BN_free(a); |
767 | BN_free(b); | 1232 | BN_free(b); |
1233 | BN_free(c); | ||
768 | return(1); | 1234 | return(1); |
769 | } | 1235 | } |
770 | 1236 | ||
771 | int rand_neg() | 1237 | int rand_neg(void) |
772 | { | 1238 | { |
773 | static unsigned int neg=0; | 1239 | static unsigned int neg=0; |
774 | static int sign[8]={0,0,0,1,1,0,1,1}; | 1240 | static int sign[8]={0,0,0,1,1,0,1,1}; |