summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn/bntest.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/bn/bntest.c')
-rw-r--r--src/lib/libcrypto/bn/bntest.c779
1 files changed, 29 insertions, 750 deletions
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c
index 310763eca0..792a75ff4f 100644
--- a/src/lib/libcrypto/bn/bntest.c
+++ b/src/lib/libcrypto/bn/bntest.c
@@ -55,25 +55,6 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 *
61 * Portions of the attached software ("Contribution") are developed by
62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
63 *
64 * The Contribution is licensed pursuant to the Eric Young open source
65 * license provided above.
66 *
67 * The binary polynomial arithmetic software is originally written by
68 * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
69 *
70 */
71
72/* Until the key-gen callbacks are modified to use newer prototypes, we allow
73 * deprecated functions for openssl-internal code */
74#ifdef OPENSSL_NO_DEPRECATED
75#undef OPENSSL_NO_DEPRECATED
76#endif
77 58
78#include <stdio.h> 59#include <stdio.h>
79#include <stdlib.h> 60#include <stdlib.h>
@@ -98,7 +79,6 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_);
98int test_rshift1(BIO *bp); 79int test_rshift1(BIO *bp);
99int test_rshift(BIO *bp,BN_CTX *ctx); 80int test_rshift(BIO *bp,BN_CTX *ctx);
100int test_div(BIO *bp,BN_CTX *ctx); 81int test_div(BIO *bp,BN_CTX *ctx);
101int test_div_word(BIO *bp);
102int test_div_recp(BIO *bp,BN_CTX *ctx); 82int test_div_recp(BIO *bp,BN_CTX *ctx);
103int test_mul(BIO *bp); 83int test_mul(BIO *bp);
104int test_sqr(BIO *bp,BN_CTX *ctx); 84int test_sqr(BIO *bp,BN_CTX *ctx);
@@ -108,15 +88,6 @@ int test_mod_mul(BIO *bp,BN_CTX *ctx);
108int test_mod_exp(BIO *bp,BN_CTX *ctx); 88int test_mod_exp(BIO *bp,BN_CTX *ctx);
109int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); 89int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx);
110int test_exp(BIO *bp,BN_CTX *ctx); 90int test_exp(BIO *bp,BN_CTX *ctx);
111int test_gf2m_add(BIO *bp);
112int test_gf2m_mod(BIO *bp);
113int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx);
114int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx);
115int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx);
116int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx);
117int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx);
118int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx);
119int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx);
120int test_kron(BIO *bp,BN_CTX *ctx); 91int test_kron(BIO *bp,BN_CTX *ctx);
121int test_sqrt(BIO *bp,BN_CTX *ctx); 92int test_sqrt(BIO *bp,BN_CTX *ctx);
122int rand_neg(void); 93int rand_neg(void);
@@ -184,120 +155,80 @@ int main(int argc, char *argv[])
184 155
185 message(out,"BN_add"); 156 message(out,"BN_add");
186 if (!test_add(out)) goto err; 157 if (!test_add(out)) goto err;
187 (void)BIO_flush(out); 158 BIO_flush(out);
188 159
189 message(out,"BN_sub"); 160 message(out,"BN_sub");
190 if (!test_sub(out)) goto err; 161 if (!test_sub(out)) goto err;
191 (void)BIO_flush(out); 162 BIO_flush(out);
192 163
193 message(out,"BN_lshift1"); 164 message(out,"BN_lshift1");
194 if (!test_lshift1(out)) goto err; 165 if (!test_lshift1(out)) goto err;
195 (void)BIO_flush(out); 166 BIO_flush(out);
196 167
197 message(out,"BN_lshift (fixed)"); 168 message(out,"BN_lshift (fixed)");
198 if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) 169 if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))
199 goto err; 170 goto err;
200 (void)BIO_flush(out); 171 BIO_flush(out);
201 172
202 message(out,"BN_lshift"); 173 message(out,"BN_lshift");
203 if (!test_lshift(out,ctx,NULL)) goto err; 174 if (!test_lshift(out,ctx,NULL)) goto err;
204 (void)BIO_flush(out); 175 BIO_flush(out);
205 176
206 message(out,"BN_rshift1"); 177 message(out,"BN_rshift1");
207 if (!test_rshift1(out)) goto err; 178 if (!test_rshift1(out)) goto err;
208 (void)BIO_flush(out); 179 BIO_flush(out);
209 180
210 message(out,"BN_rshift"); 181 message(out,"BN_rshift");
211 if (!test_rshift(out,ctx)) goto err; 182 if (!test_rshift(out,ctx)) goto err;
212 (void)BIO_flush(out); 183 BIO_flush(out);
213 184
214 message(out,"BN_sqr"); 185 message(out,"BN_sqr");
215 if (!test_sqr(out,ctx)) goto err; 186 if (!test_sqr(out,ctx)) goto err;
216 (void)BIO_flush(out); 187 BIO_flush(out);
217 188
218 message(out,"BN_mul"); 189 message(out,"BN_mul");
219 if (!test_mul(out)) goto err; 190 if (!test_mul(out)) goto err;
220 (void)BIO_flush(out); 191 BIO_flush(out);
221 192
222 message(out,"BN_div"); 193 message(out,"BN_div");
223 if (!test_div(out,ctx)) goto err; 194 if (!test_div(out,ctx)) goto err;
224 (void)BIO_flush(out); 195 BIO_flush(out);
225
226 message(out,"BN_div_word");
227 if (!test_div_word(out)) goto err;
228 (void)BIO_flush(out);
229 196
230 message(out,"BN_div_recp"); 197 message(out,"BN_div_recp");
231 if (!test_div_recp(out,ctx)) goto err; 198 if (!test_div_recp(out,ctx)) goto err;
232 (void)BIO_flush(out); 199 BIO_flush(out);
233 200
234 message(out,"BN_mod"); 201 message(out,"BN_mod");
235 if (!test_mod(out,ctx)) goto err; 202 if (!test_mod(out,ctx)) goto err;
236 (void)BIO_flush(out); 203 BIO_flush(out);
237 204
238 message(out,"BN_mod_mul"); 205 message(out,"BN_mod_mul");
239 if (!test_mod_mul(out,ctx)) goto err; 206 if (!test_mod_mul(out,ctx)) goto err;
240 (void)BIO_flush(out); 207 BIO_flush(out);
241 208
242 message(out,"BN_mont"); 209 message(out,"BN_mont");
243 if (!test_mont(out,ctx)) goto err; 210 if (!test_mont(out,ctx)) goto err;
244 (void)BIO_flush(out); 211 BIO_flush(out);
245 212
246 message(out,"BN_mod_exp"); 213 message(out,"BN_mod_exp");
247 if (!test_mod_exp(out,ctx)) goto err; 214 if (!test_mod_exp(out,ctx)) goto err;
248 (void)BIO_flush(out); 215 BIO_flush(out);
249 216
250 message(out,"BN_mod_exp_mont_consttime"); 217 message(out,"BN_mod_exp_mont_consttime");
251 if (!test_mod_exp_mont_consttime(out,ctx)) goto err; 218 if (!test_mod_exp_mont_consttime(out,ctx)) goto err;
252 (void)BIO_flush(out); 219 BIO_flush(out);
253 220
254 message(out,"BN_exp"); 221 message(out,"BN_exp");
255 if (!test_exp(out,ctx)) goto err; 222 if (!test_exp(out,ctx)) goto err;
256 (void)BIO_flush(out); 223 BIO_flush(out);
257 224
258 message(out,"BN_kronecker"); 225 message(out,"BN_kronecker");
259 if (!test_kron(out,ctx)) goto err; 226 if (!test_kron(out,ctx)) goto err;
260 (void)BIO_flush(out); 227 BIO_flush(out);
261 228
262 message(out,"BN_mod_sqrt"); 229 message(out,"BN_mod_sqrt");
263 if (!test_sqrt(out,ctx)) goto err; 230 if (!test_sqrt(out,ctx)) goto err;
264 (void)BIO_flush(out); 231 BIO_flush(out);
265
266 message(out,"BN_GF2m_add");
267 if (!test_gf2m_add(out)) goto err;
268 (void)BIO_flush(out);
269
270 message(out,"BN_GF2m_mod");
271 if (!test_gf2m_mod(out)) goto err;
272 (void)BIO_flush(out);
273
274 message(out,"BN_GF2m_mod_mul");
275 if (!test_gf2m_mod_mul(out,ctx)) goto err;
276 (void)BIO_flush(out);
277
278 message(out,"BN_GF2m_mod_sqr");
279 if (!test_gf2m_mod_sqr(out,ctx)) goto err;
280 (void)BIO_flush(out);
281
282 message(out,"BN_GF2m_mod_inv");
283 if (!test_gf2m_mod_inv(out,ctx)) goto err;
284 (void)BIO_flush(out);
285
286 message(out,"BN_GF2m_mod_div");
287 if (!test_gf2m_mod_div(out,ctx)) goto err;
288 (void)BIO_flush(out);
289
290 message(out,"BN_GF2m_mod_exp");
291 if (!test_gf2m_mod_exp(out,ctx)) goto err;
292 (void)BIO_flush(out);
293
294 message(out,"BN_GF2m_mod_sqrt");
295 if (!test_gf2m_mod_sqrt(out,ctx)) goto err;
296 (void)BIO_flush(out);
297
298 message(out,"BN_GF2m_mod_solve_quad");
299 if (!test_gf2m_mod_solve_quad(out,ctx)) goto err;
300 (void)BIO_flush(out);
301 232
302 BN_CTX_free(ctx); 233 BN_CTX_free(ctx);
303 BIO_free(out); 234 BIO_free(out);
@@ -306,8 +237,8 @@ int main(int argc, char *argv[])
306 EXIT(0); 237 EXIT(0);
307err: 238err:
308 BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices 239 BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
309 * the failure, see test_bn in test/Makefile.ssl*/ 240 * the failure, see test_bn in test/Makefile */
310 (void)BIO_flush(out); 241 BIO_flush(out);
311 ERR_load_crypto_strings(); 242 ERR_load_crypto_strings();
312 ERR_print_errors_fp(stderr); 243 ERR_print_errors_fp(stderr);
313 EXIT(1); 244 EXIT(1);
@@ -473,78 +404,6 @@ int test_div(BIO *bp, BN_CTX *ctx)
473 return(1); 404 return(1);
474 } 405 }
475 406
476static void print_word(BIO *bp,BN_ULONG w)
477 {
478#ifdef SIXTY_FOUR_BIT
479 if (sizeof(w) > sizeof(unsigned long))
480 {
481 unsigned long h=(unsigned long)(w>>32),
482 l=(unsigned long)(w);
483
484 if (h) BIO_printf(bp,"%lX%08lX",h,l);
485 else BIO_printf(bp,"%lX",l);
486 return;
487 }
488#endif
489 BIO_printf(bp,"%lX",w);
490 }
491
492int test_div_word(BIO *bp)
493 {
494 BIGNUM a,b;
495 BN_ULONG r,s;
496 int i;
497
498 BN_init(&a);
499 BN_init(&b);
500
501 for (i=0; i<num0; i++)
502 {
503 do {
504 BN_bntest_rand(&a,512,-1,0);
505 BN_bntest_rand(&b,BN_BITS2,-1,0);
506 s = b.d[0];
507 } while (!s);
508
509 BN_copy(&b, &a);
510 r = BN_div_word(&b, s);
511
512 if (bp != NULL)
513 {
514 if (!results)
515 {
516 BN_print(bp,&a);
517 BIO_puts(bp," / ");
518 print_word(bp,s);
519 BIO_puts(bp," - ");
520 }
521 BN_print(bp,&b);
522 BIO_puts(bp,"\n");
523
524 if (!results)
525 {
526 BN_print(bp,&a);
527 BIO_puts(bp," % ");
528 print_word(bp,s);
529 BIO_puts(bp," - ");
530 }
531 print_word(bp,r);
532 BIO_puts(bp,"\n");
533 }
534 BN_mul_word(&b,s);
535 BN_add_word(&b,r);
536 BN_sub(&b,&a,&b);
537 if(!BN_is_zero(&b))
538 {
539 fprintf(stderr,"Division (word) test failed!\n");
540 return 0;
541 }
542 }
543 BN_free(&a);
544 BN_free(&b);
545 return(1);
546 }
547
548int test_div_recp(BIO *bp, BN_CTX *ctx) 407int test_div_recp(BIO *bp, BN_CTX *ctx)
549 { 408 {
550 BIGNUM a,b,c,d,e; 409 BIGNUM a,b,c,d,e;
@@ -926,7 +785,7 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
926 BN_bntest_rand(b,2+i,0,0); /**/ 785 BN_bntest_rand(b,2+i,0,0); /**/
927 786
928 if (!BN_mod_exp(d,a,b,c,ctx)) 787 if (!BN_mod_exp(d,a,b,c,ctx))
929 return(00); 788 return(0);
930 789
931 if (bp != NULL) 790 if (bp != NULL)
932 { 791 {
@@ -1028,7 +887,7 @@ int test_exp(BIO *bp, BN_CTX *ctx)
1028 BN_bntest_rand(b,2+i,0,0); /**/ 887 BN_bntest_rand(b,2+i,0,0); /**/
1029 888
1030 if (!BN_exp(d,a,b,ctx)) 889 if (!BN_exp(d,a,b,ctx))
1031 return(00); 890 return(0);
1032 891
1033 if (bp != NULL) 892 if (bp != NULL)
1034 { 893 {
@@ -1060,582 +919,7 @@ int test_exp(BIO *bp, BN_CTX *ctx)
1060 return(1); 919 return(1);
1061 } 920 }
1062 921
1063int test_gf2m_add(BIO *bp) 922static void genprime_cb(int p, int n, void *arg)
1064 {
1065 BIGNUM a,b,c;
1066 int i, ret = 0;
1067
1068 BN_init(&a);
1069 BN_init(&b);
1070 BN_init(&c);
1071
1072 for (i=0; i<num0; i++)
1073 {
1074 BN_rand(&a,512,0,0);
1075 BN_copy(&b, BN_value_one());
1076 a.neg=rand_neg();
1077 b.neg=rand_neg();
1078 BN_GF2m_add(&c,&a,&b);
1079#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1080 if (bp != NULL)
1081 {
1082 if (!results)
1083 {
1084 BN_print(bp,&a);
1085 BIO_puts(bp," ^ ");
1086 BN_print(bp,&b);
1087 BIO_puts(bp," = ");
1088 }
1089 BN_print(bp,&c);
1090 BIO_puts(bp,"\n");
1091 }
1092#endif
1093 /* Test that two added values have the correct parity. */
1094 if((BN_is_odd(&a) && BN_is_odd(&c)) || (!BN_is_odd(&a) && !BN_is_odd(&c)))
1095 {
1096 fprintf(stderr,"GF(2^m) addition test (a) failed!\n");
1097 goto err;
1098 }
1099 BN_GF2m_add(&c,&c,&c);
1100 /* Test that c + c = 0. */
1101 if(!BN_is_zero(&c))
1102 {
1103 fprintf(stderr,"GF(2^m) addition test (b) failed!\n");
1104 goto err;
1105 }
1106 }
1107 ret = 1;
1108 err:
1109 BN_free(&a);
1110 BN_free(&b);
1111 BN_free(&c);
1112 return ret;
1113 }
1114
1115int test_gf2m_mod(BIO *bp)
1116 {
1117 BIGNUM *a,*b[2],*c,*d,*e;
1118 int i, j, ret = 0;
1119 unsigned int p0[] = {163,7,6,3,0};
1120 unsigned int p1[] = {193,15,0};
1121
1122 a=BN_new();
1123 b[0]=BN_new();
1124 b[1]=BN_new();
1125 c=BN_new();
1126 d=BN_new();
1127 e=BN_new();
1128
1129 BN_GF2m_arr2poly(p0, b[0]);
1130 BN_GF2m_arr2poly(p1, b[1]);
1131
1132 for (i=0; i<num0; i++)
1133 {
1134 BN_bntest_rand(a, 1024, 0, 0);
1135 for (j=0; j < 2; j++)
1136 {
1137 BN_GF2m_mod(c, a, b[j]);
1138#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1139 if (bp != NULL)
1140 {
1141 if (!results)
1142 {
1143 BN_print(bp,a);
1144 BIO_puts(bp," % ");
1145 BN_print(bp,b[j]);
1146 BIO_puts(bp," - ");
1147 BN_print(bp,c);
1148 BIO_puts(bp,"\n");
1149 }
1150 }
1151#endif
1152 BN_GF2m_add(d, a, c);
1153 BN_GF2m_mod(e, d, b[j]);
1154 /* Test that a + (a mod p) mod p == 0. */
1155 if(!BN_is_zero(e))
1156 {
1157 fprintf(stderr,"GF(2^m) modulo test failed!\n");
1158 goto err;
1159 }
1160 }
1161 }
1162 ret = 1;
1163 err:
1164 BN_free(a);
1165 BN_free(b[0]);
1166 BN_free(b[1]);
1167 BN_free(c);
1168 BN_free(d);
1169 BN_free(e);
1170 return ret;
1171 }
1172
1173int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx)
1174 {
1175 BIGNUM *a,*b[2],*c,*d,*e,*f,*g,*h;
1176 int i, j, ret = 0;
1177 unsigned int p0[] = {163,7,6,3,0};
1178 unsigned int p1[] = {193,15,0};
1179
1180 a=BN_new();
1181 b[0]=BN_new();
1182 b[1]=BN_new();
1183 c=BN_new();
1184 d=BN_new();
1185 e=BN_new();
1186 f=BN_new();
1187 g=BN_new();
1188 h=BN_new();
1189
1190 BN_GF2m_arr2poly(p0, b[0]);
1191 BN_GF2m_arr2poly(p1, b[1]);
1192
1193 for (i=0; i<num0; i++)
1194 {
1195 BN_bntest_rand(a, 1024, 0, 0);
1196 BN_bntest_rand(c, 1024, 0, 0);
1197 BN_bntest_rand(d, 1024, 0, 0);
1198 for (j=0; j < 2; j++)
1199 {
1200 BN_GF2m_mod_mul(e, a, c, b[j], ctx);
1201#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1202 if (bp != NULL)
1203 {
1204 if (!results)
1205 {
1206 BN_print(bp,a);
1207 BIO_puts(bp," * ");
1208 BN_print(bp,c);
1209 BIO_puts(bp," % ");
1210 BN_print(bp,b[j]);
1211 BIO_puts(bp," - ");
1212 BN_print(bp,e);
1213 BIO_puts(bp,"\n");
1214 }
1215 }
1216#endif
1217 BN_GF2m_add(f, a, d);
1218 BN_GF2m_mod_mul(g, f, c, b[j], ctx);
1219 BN_GF2m_mod_mul(h, d, c, b[j], ctx);
1220 BN_GF2m_add(f, e, g);
1221 BN_GF2m_add(f, f, h);
1222 /* Test that (a+d)*c = a*c + d*c. */
1223 if(!BN_is_zero(f))
1224 {
1225 fprintf(stderr,"GF(2^m) modular multiplication test failed!\n");
1226 goto err;
1227 }
1228 }
1229 }
1230 ret = 1;
1231 err:
1232 BN_free(a);
1233 BN_free(b[0]);
1234 BN_free(b[1]);
1235 BN_free(c);
1236 BN_free(d);
1237 BN_free(e);
1238 BN_free(f);
1239 BN_free(g);
1240 BN_free(h);
1241 return ret;
1242 }
1243
1244int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx)
1245 {
1246 BIGNUM *a,*b[2],*c,*d;
1247 int i, j, ret = 0;
1248 unsigned int p0[] = {163,7,6,3,0};
1249 unsigned int p1[] = {193,15,0};
1250
1251 a=BN_new();
1252 b[0]=BN_new();
1253 b[1]=BN_new();
1254 c=BN_new();
1255 d=BN_new();
1256
1257 BN_GF2m_arr2poly(p0, b[0]);
1258 BN_GF2m_arr2poly(p1, b[1]);
1259
1260 for (i=0; i<num0; i++)
1261 {
1262 BN_bntest_rand(a, 1024, 0, 0);
1263 for (j=0; j < 2; j++)
1264 {
1265 BN_GF2m_mod_sqr(c, a, b[j], ctx);
1266 BN_copy(d, a);
1267 BN_GF2m_mod_mul(d, a, d, b[j], ctx);
1268#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1269 if (bp != NULL)
1270 {
1271 if (!results)
1272 {
1273 BN_print(bp,a);
1274 BIO_puts(bp," ^ 2 % ");
1275 BN_print(bp,b[j]);
1276 BIO_puts(bp, " = ");
1277 BN_print(bp,c);
1278 BIO_puts(bp,"; a * a = ");
1279 BN_print(bp,d);
1280 BIO_puts(bp,"\n");
1281 }
1282 }
1283#endif
1284 BN_GF2m_add(d, c, d);
1285 /* Test that a*a = a^2. */
1286 if(!BN_is_zero(d))
1287 {
1288 fprintf(stderr,"GF(2^m) modular squaring test failed!\n");
1289 goto err;
1290 }
1291 }
1292 }
1293 ret = 1;
1294 err:
1295 BN_free(a);
1296 BN_free(b[0]);
1297 BN_free(b[1]);
1298 BN_free(c);
1299 BN_free(d);
1300 return ret;
1301 }
1302
1303int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx)
1304 {
1305 BIGNUM *a,*b[2],*c,*d;
1306 int i, j, ret = 0;
1307 unsigned int p0[] = {163,7,6,3,0};
1308 unsigned int p1[] = {193,15,0};
1309
1310 a=BN_new();
1311 b[0]=BN_new();
1312 b[1]=BN_new();
1313 c=BN_new();
1314 d=BN_new();
1315
1316 BN_GF2m_arr2poly(p0, b[0]);
1317 BN_GF2m_arr2poly(p1, b[1]);
1318
1319 for (i=0; i<num0; i++)
1320 {
1321 BN_bntest_rand(a, 512, 0, 0);
1322 for (j=0; j < 2; j++)
1323 {
1324 BN_GF2m_mod_inv(c, a, b[j], ctx);
1325 BN_GF2m_mod_mul(d, a, c, b[j], ctx);
1326#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1327 if (bp != NULL)
1328 {
1329 if (!results)
1330 {
1331 BN_print(bp,a);
1332 BIO_puts(bp, " * ");
1333 BN_print(bp,c);
1334 BIO_puts(bp," - 1 % ");
1335 BN_print(bp,b[j]);
1336 BIO_puts(bp,"\n");
1337 }
1338 }
1339#endif
1340 /* Test that ((1/a)*a) = 1. */
1341 if(!BN_is_one(d))
1342 {
1343 fprintf(stderr,"GF(2^m) modular inversion test failed!\n");
1344 goto err;
1345 }
1346 }
1347 }
1348 ret = 1;
1349 err:
1350 BN_free(a);
1351 BN_free(b[0]);
1352 BN_free(b[1]);
1353 BN_free(c);
1354 BN_free(d);
1355 return ret;
1356 }
1357
1358int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx)
1359 {
1360 BIGNUM *a,*b[2],*c,*d,*e,*f;
1361 int i, j, ret = 0;
1362 unsigned int p0[] = {163,7,6,3,0};
1363 unsigned int p1[] = {193,15,0};
1364
1365 a=BN_new();
1366 b[0]=BN_new();
1367 b[1]=BN_new();
1368 c=BN_new();
1369 d=BN_new();
1370 e=BN_new();
1371 f=BN_new();
1372
1373 BN_GF2m_arr2poly(p0, b[0]);
1374 BN_GF2m_arr2poly(p1, b[1]);
1375
1376 for (i=0; i<num0; i++)
1377 {
1378 BN_bntest_rand(a, 512, 0, 0);
1379 BN_bntest_rand(c, 512, 0, 0);
1380 for (j=0; j < 2; j++)
1381 {
1382 BN_GF2m_mod_div(d, a, c, b[j], ctx);
1383 BN_GF2m_mod_mul(e, d, c, b[j], ctx);
1384 BN_GF2m_mod_div(f, a, e, b[j], ctx);
1385#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1386 if (bp != NULL)
1387 {
1388 if (!results)
1389 {
1390 BN_print(bp,a);
1391 BIO_puts(bp, " = ");
1392 BN_print(bp,c);
1393 BIO_puts(bp," * ");
1394 BN_print(bp,d);
1395 BIO_puts(bp, " % ");
1396 BN_print(bp,b[j]);
1397 BIO_puts(bp,"\n");
1398 }
1399 }
1400#endif
1401 /* Test that ((a/c)*c)/a = 1. */
1402 if(!BN_is_one(f))
1403 {
1404 fprintf(stderr,"GF(2^m) modular division test failed!\n");
1405 goto err;
1406 }
1407 }
1408 }
1409 ret = 1;
1410 err:
1411 BN_free(a);
1412 BN_free(b[0]);
1413 BN_free(b[1]);
1414 BN_free(c);
1415 BN_free(d);
1416 BN_free(e);
1417 BN_free(f);
1418 return ret;
1419 }
1420
1421int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx)
1422 {
1423 BIGNUM *a,*b[2],*c,*d,*e,*f;
1424 int i, j, ret = 0;
1425 unsigned int p0[] = {163,7,6,3,0};
1426 unsigned int p1[] = {193,15,0};
1427
1428 a=BN_new();
1429 b[0]=BN_new();
1430 b[1]=BN_new();
1431 c=BN_new();
1432 d=BN_new();
1433 e=BN_new();
1434 f=BN_new();
1435
1436 BN_GF2m_arr2poly(p0, b[0]);
1437 BN_GF2m_arr2poly(p1, b[1]);
1438
1439 for (i=0; i<num0; i++)
1440 {
1441 BN_bntest_rand(a, 512, 0, 0);
1442 BN_bntest_rand(c, 512, 0, 0);
1443 BN_bntest_rand(d, 512, 0, 0);
1444 for (j=0; j < 2; j++)
1445 {
1446 BN_GF2m_mod_exp(e, a, c, b[j], ctx);
1447 BN_GF2m_mod_exp(f, a, d, b[j], ctx);
1448 BN_GF2m_mod_mul(e, e, f, b[j], ctx);
1449 BN_add(f, c, d);
1450 BN_GF2m_mod_exp(f, a, f, b[j], ctx);
1451#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1452 if (bp != NULL)
1453 {
1454 if (!results)
1455 {
1456 BN_print(bp,a);
1457 BIO_puts(bp, " ^ (");
1458 BN_print(bp,c);
1459 BIO_puts(bp," + ");
1460 BN_print(bp,d);
1461 BIO_puts(bp, ") = ");
1462 BN_print(bp,e);
1463 BIO_puts(bp, "; - ");
1464 BN_print(bp,f);
1465 BIO_puts(bp, " % ");
1466 BN_print(bp,b[j]);
1467 BIO_puts(bp,"\n");
1468 }
1469 }
1470#endif
1471 BN_GF2m_add(f, e, f);
1472 /* Test that a^(c+d)=a^c*a^d. */
1473 if(!BN_is_zero(f))
1474 {
1475 fprintf(stderr,"GF(2^m) modular exponentiation test failed!\n");
1476 goto err;
1477 }
1478 }
1479 }
1480 ret = 1;
1481 err:
1482 BN_free(a);
1483 BN_free(b[0]);
1484 BN_free(b[1]);
1485 BN_free(c);
1486 BN_free(d);
1487 BN_free(e);
1488 BN_free(f);
1489 return ret;
1490 }
1491
1492int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx)
1493 {
1494 BIGNUM *a,*b[2],*c,*d,*e,*f;
1495 int i, j, ret = 0;
1496 unsigned int p0[] = {163,7,6,3,0};
1497 unsigned int p1[] = {193,15,0};
1498
1499 a=BN_new();
1500 b[0]=BN_new();
1501 b[1]=BN_new();
1502 c=BN_new();
1503 d=BN_new();
1504 e=BN_new();
1505 f=BN_new();
1506
1507 BN_GF2m_arr2poly(p0, b[0]);
1508 BN_GF2m_arr2poly(p1, b[1]);
1509
1510 for (i=0; i<num0; i++)
1511 {
1512 BN_bntest_rand(a, 512, 0, 0);
1513 for (j=0; j < 2; j++)
1514 {
1515 BN_GF2m_mod(c, a, b[j]);
1516 BN_GF2m_mod_sqrt(d, a, b[j], ctx);
1517 BN_GF2m_mod_sqr(e, d, b[j], ctx);
1518#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1519 if (bp != NULL)
1520 {
1521 if (!results)
1522 {
1523 BN_print(bp,d);
1524 BIO_puts(bp, " ^ 2 - ");
1525 BN_print(bp,a);
1526 BIO_puts(bp,"\n");
1527 }
1528 }
1529#endif
1530 BN_GF2m_add(f, c, e);
1531 /* Test that d^2 = a, where d = sqrt(a). */
1532 if(!BN_is_zero(f))
1533 {
1534 fprintf(stderr,"GF(2^m) modular square root test failed!\n");
1535 goto err;
1536 }
1537 }
1538 }
1539 ret = 1;
1540 err:
1541 BN_free(a);
1542 BN_free(b[0]);
1543 BN_free(b[1]);
1544 BN_free(c);
1545 BN_free(d);
1546 BN_free(e);
1547 BN_free(f);
1548 return ret;
1549 }
1550
1551int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx)
1552 {
1553 BIGNUM *a,*b[2],*c,*d,*e;
1554 int i, j, s = 0, t, ret = 0;
1555 unsigned int p0[] = {163,7,6,3,0};
1556 unsigned int p1[] = {193,15,0};
1557
1558 a=BN_new();
1559 b[0]=BN_new();
1560 b[1]=BN_new();
1561 c=BN_new();
1562 d=BN_new();
1563 e=BN_new();
1564
1565 BN_GF2m_arr2poly(p0, b[0]);
1566 BN_GF2m_arr2poly(p1, b[1]);
1567
1568 for (i=0; i<num0; i++)
1569 {
1570 BN_bntest_rand(a, 512, 0, 0);
1571 for (j=0; j < 2; j++)
1572 {
1573 t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
1574 if (t)
1575 {
1576 s++;
1577 BN_GF2m_mod_sqr(d, c, b[j], ctx);
1578 BN_GF2m_add(d, c, d);
1579 BN_GF2m_mod(e, a, b[j]);
1580#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1581 if (bp != NULL)
1582 {
1583 if (!results)
1584 {
1585 BN_print(bp,c);
1586 BIO_puts(bp, " is root of z^2 + z = ");
1587 BN_print(bp,a);
1588 BIO_puts(bp, " % ");
1589 BN_print(bp,b[j]);
1590 BIO_puts(bp, "\n");
1591 }
1592 }
1593#endif
1594 BN_GF2m_add(e, e, d);
1595 /* Test that solution of quadratic c satisfies c^2 + c = a. */
1596 if(!BN_is_zero(e))
1597 {
1598 fprintf(stderr,"GF(2^m) modular solve quadratic test failed!\n");
1599 goto err;
1600 }
1601
1602 }
1603 else
1604 {
1605#if 0 /* make test uses ouput in bc but bc can't handle GF(2^m) arithmetic */
1606 if (bp != NULL)
1607 {
1608 if (!results)
1609 {
1610 BIO_puts(bp, "There are no roots of z^2 + z = ");
1611 BN_print(bp,a);
1612 BIO_puts(bp, " % ");
1613 BN_print(bp,b[j]);
1614 BIO_puts(bp, "\n");
1615 }
1616 }
1617#endif
1618 }
1619 }
1620 }
1621 if (s == 0)
1622 {
1623 fprintf(stderr,"All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n", num0);
1624 fprintf(stderr,"this is very unlikely and probably indicates an error.\n");
1625 goto err;
1626 }
1627 ret = 1;
1628 err:
1629 BN_free(a);
1630 BN_free(b[0]);
1631 BN_free(b[1]);
1632 BN_free(c);
1633 BN_free(d);
1634 BN_free(e);
1635 return ret;
1636 }
1637
1638static int genprime_cb(int p, int n, BN_GENCB *arg)
1639 { 923 {
1640 char c='*'; 924 char c='*';
1641 925
@@ -1645,12 +929,12 @@ static int genprime_cb(int p, int n, BN_GENCB *arg)
1645 if (p == 3) c='\n'; 929 if (p == 3) c='\n';
1646 putc(c, stderr); 930 putc(c, stderr);
1647 fflush(stderr); 931 fflush(stderr);
1648 return 1; 932 (void)n;
933 (void)arg;
1649 } 934 }
1650 935
1651int test_kron(BIO *bp, BN_CTX *ctx) 936int test_kron(BIO *bp, BN_CTX *ctx)
1652 { 937 {
1653 BN_GENCB cb;
1654 BIGNUM *a,*b,*r,*t; 938 BIGNUM *a,*b,*r,*t;
1655 int i; 939 int i;
1656 int legendre, kronecker; 940 int legendre, kronecker;
@@ -1661,8 +945,6 @@ int test_kron(BIO *bp, BN_CTX *ctx)
1661 r = BN_new(); 945 r = BN_new();
1662 t = BN_new(); 946 t = BN_new();
1663 if (a == NULL || b == NULL || r == NULL || t == NULL) goto err; 947 if (a == NULL || b == NULL || r == NULL || t == NULL) goto err;
1664
1665 BN_GENCB_set(&cb, genprime_cb, NULL);
1666 948
1667 /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). 949 /* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol).
1668 * In this case we know that if b is prime, then BN_kronecker(a, b, ctx) 950 * In this case we know that if b is prime, then BN_kronecker(a, b, ctx)
@@ -1673,7 +955,7 @@ int test_kron(BIO *bp, BN_CTX *ctx)
1673 * don't want to test whether b is prime but whether BN_kronecker 955 * don't want to test whether b is prime but whether BN_kronecker
1674 * works.) */ 956 * works.) */
1675 957
1676 if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb)) goto err; 958 if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err;
1677 b->neg = rand_neg(); 959 b->neg = rand_neg();
1678 putc('\n', stderr); 960 putc('\n', stderr);
1679 961
@@ -1741,7 +1023,6 @@ int test_kron(BIO *bp, BN_CTX *ctx)
1741 1023
1742int test_sqrt(BIO *bp, BN_CTX *ctx) 1024int test_sqrt(BIO *bp, BN_CTX *ctx)
1743 { 1025 {
1744 BN_GENCB cb;
1745 BIGNUM *a,*p,*r; 1026 BIGNUM *a,*p,*r;
1746 int i, j; 1027 int i, j;
1747 int ret = 0; 1028 int ret = 0;
@@ -1750,9 +1031,7 @@ int test_sqrt(BIO *bp, BN_CTX *ctx)
1750 p = BN_new(); 1031 p = BN_new();
1751 r = BN_new(); 1032 r = BN_new();
1752 if (a == NULL || p == NULL || r == NULL) goto err; 1033 if (a == NULL || p == NULL || r == NULL) goto err;
1753 1034
1754 BN_GENCB_set(&cb, genprime_cb, NULL);
1755
1756 for (i = 0; i < 16; i++) 1035 for (i = 0; i < 16; i++)
1757 { 1036 {
1758 if (i < 8) 1037 if (i < 8)
@@ -1766,7 +1045,7 @@ int test_sqrt(BIO *bp, BN_CTX *ctx)
1766 if (!BN_set_word(a, 32)) goto err; 1045 if (!BN_set_word(a, 32)) goto err;
1767 if (!BN_set_word(r, 2*i + 1)) goto err; 1046 if (!BN_set_word(r, 2*i + 1)) goto err;
1768 1047
1769 if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err; 1048 if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err;
1770 putc('\n', stderr); 1049 putc('\n', stderr);
1771 } 1050 }
1772 p->neg = rand_neg(); 1051 p->neg = rand_neg();
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 04:15:44 +0000