5 files changed, 143 insertions, 8 deletions
diff --git a/src/regress/lib/libcrypto/bn/general/Makefile b/src/regress/lib/libcrypto/bn/general/Makefile
index 18207ffb01..d578d0fe12 100644
--- a/src/regress/lib/libcrypto/bn/general/Makefile
+++ b/src/regress/lib/libcrypto/bn/general/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.3 2016/12/21 15:51:05 jsing Exp $
+#       $OpenBSD: Makefile,v 1.4 2017/01/21 09:38:58 beck Exp $
 .include "../../Makefile.inc"
@@ -6,6 +6,6 @@ PROG=	bntest
 LDADD=  ${CRYPTO_INT}
 DPADD=  ${LIBCRYPTO}
 WARNINGS=       Yes
-CFLAGS+=        -DLIBRESSL_INTERNAL -Werror
+CFLAGS+=        -Werror
 .include <bsd.regress.mk>
diff --git a/src/regress/lib/libcrypto/bn/general/bntest.c b/src/regress/lib/libcrypto/bn/general/bntest.c
index 0247dacaa4..7e5e6ed81b 100644
--- a/src/regress/lib/libcrypto/bn/general/bntest.c
+++ b/src/regress/lib/libcrypto/bn/general/bntest.c
@@ -84,6 +84,15 @@
 #include <openssl/x509.h>
 #include <openssl/err.h>
+int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_mont_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
 const int num0 = 100; /* number of tests */
@@ -1037,6 +1046,14 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
                fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n");
                return (0);
        }
+        if (BN_mod_exp_ct(d, a, b, c, ctx)) {
+                fprintf(stderr, "BN_mod_exp_ct with zero modulus succeeded!\n");
+                return (0);
+        }
+        if (BN_mod_exp_nonct(d, a, b, c, ctx)) {
+                fprintf(stderr, "BN_mod_exp_nonct with zero modulus succeeded!\n");
+                return (0);
+        }
        BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
        for (i = 0; i < num2; i++) {
@@ -1069,6 +1086,70 @@ test_mod_exp(BIO *bp, BN_CTX *ctx)
                        break;
                }
        }
+        BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
+        for (i = 0; i < num2; i++) {
+                BN_bntest_rand(a, 20 + i * 5, 0, 0);
+                BN_bntest_rand(b, 2 + i, 0, 0);
+                if (!BN_mod_exp_ct(d, a, b, c, ctx)) {
+                        rc = 0;
+                        break;
+                }
+                if (bp != NULL) {
+                        if (!results) {
+                                BN_print(bp, a);
+                                BIO_puts(bp, " ^ ");
+                                BN_print(bp, b);
+                                BIO_puts(bp, " % ");
+                                BN_print(bp, c);
+                                BIO_puts(bp, " - ");
+                        }
+                        BN_print(bp, d);
+                        BIO_puts(bp, "\n");
+                }
+                BN_exp(e, a, b, ctx);
+                BN_sub(e, e, d);
+                BN_div(a, b, e, c, ctx);
+                if (!BN_is_zero(b)) {
+                        fprintf(stderr, "Modulo exponentiation test failed!\n");
+                        rc = 0;
+                        break;
+                }
+        }
+        BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
+        for (i = 0; i < num2; i++) {
+                BN_bntest_rand(a, 20 + i * 5, 0, 0);
+                BN_bntest_rand(b, 2 + i, 0, 0);
+                if (!BN_mod_exp_nonct(d, a, b, c, ctx)) {
+                        rc = 0;
+                        break;
+                }
+                if (bp != NULL) {
+                        if (!results) {
+                                BN_print(bp, a);
+                                BIO_puts(bp, " ^ ");
+                                BN_print(bp, b);
+                                BIO_puts(bp, " % ");
+                                BN_print(bp, c);
+                                BIO_puts(bp, " - ");
+                        }
+                        BN_print(bp, d);
+                        BIO_puts(bp, "\n");
+                }
+                BN_exp(e, a, b, ctx);
+                BN_sub(e, e, d);
+                BN_div(a, b, e, c, ctx);
+                if (!BN_is_zero(b)) {
+                        fprintf(stderr, "Modulo exponentiation test failed!\n");
+                        rc = 0;
+                        break;
+                }
+        }
        BN_free(a);
        BN_free(b);
        BN_free(c);
diff --git a/src/regress/lib/libcrypto/bn/mont/Makefile b/src/regress/lib/libcrypto/bn/mont/Makefile
index eda36001a3..55c48220d4 100644
--- a/src/regress/lib/libcrypto/bn/mont/Makefile
+++ b/src/regress/lib/libcrypto/bn/mont/Makefile
@@ -1,9 +1,9 @@
-#       $OpenBSD: Makefile,v 1.2 2014/07/08 15:53:52 jsing Exp $
+#       $OpenBSD: Makefile,v 1.3 2017/01/21 09:38:58 beck Exp $
 PROG=   mont
 LDADD=  -lcrypto
 DPADD=  ${LIBCRYPTO}
 WARNINGS=       Yes
-CFLAGS+=        -DLIBRESSL_INTERNAL -Werror
+CFLAGS+=        -Werror
 .include <bsd.regress.mk>
diff --git a/src/regress/lib/libcrypto/exp/Makefile b/src/regress/lib/libcrypto/exp/Makefile
index 3914201431..890b38e9fe 100644
--- a/src/regress/lib/libcrypto/exp/Makefile
+++ b/src/regress/lib/libcrypto/exp/Makefile
@@ -1,9 +1,9 @@
-#       $OpenBSD: Makefile,v 1.3 2014/07/08 15:53:52 jsing Exp $
+#       $OpenBSD: Makefile,v 1.4 2017/01/21 09:38:58 beck Exp $
 PROG=   exptest
-LDADD=  -lcrypto
+LDADD=  ${CRYPTO_INT}
 DPADD=  ${LIBCRYPTO}
 WARNINGS=       Yes
-CFLAGS+=        -DLIBRESSL_INTERNAL -Werror
+CFLAGS+=        -Werror
 .include <bsd.regress.mk>
diff --git a/src/regress/lib/libcrypto/exp/exptest.c b/src/regress/lib/libcrypto/exp/exptest.c
index 45ca5ac5f5..375628cb25 100644
--- a/src/regress/lib/libcrypto/exp/exptest.c
+++ b/src/regress/lib/libcrypto/exp/exptest.c
@@ -64,6 +64,15 @@
 #include <openssl/bn.h>
 #include <openssl/err.h>
+int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_mont_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 #define NUM_BITS        (BN_BITS*2)
 /*
@@ -116,6 +125,18 @@ static int test_exp_mod_zero(void)
        if (!a_is_zero_mod_one("BN_mod_exp", &r, &a))
                failed = 1;
+        if (!BN_mod_exp_ct(&r, &a, &p, &m, ctx))
+                goto err;
+        if (!a_is_zero_mod_one("BN_mod_exp_ct", &r, &a))
+                failed = 1;
+        if (!BN_mod_exp_nonct(&r, &a, &p, &m, ctx))
+                goto err;
+        if (!a_is_zero_mod_one("BN_mod_exp_nonct", &r, &a))
+                failed = 1;
        if (!BN_mod_exp_recp(&r, &a, &p, &m, ctx))
                goto err;
@@ -134,6 +155,18 @@ static int test_exp_mod_zero(void)
        if (!a_is_zero_mod_one("BN_mod_exp_mont", &r, &a))
                failed = 1;
+        if (!BN_mod_exp_mont_ct(&r, &a, &p, &m, ctx, NULL))
+                goto err;
+        if (!a_is_zero_mod_one("BN_mod_exp_mont_ct", &r, &a))
+                failed = 1;
+        if (!BN_mod_exp_mont_nonct(&r, &a, &p, &m, ctx, NULL))
+                goto err;
+        if (!a_is_zero_mod_one("BN_mod_exp_mont_nonct", &r, &a))
+                failed = 1;
        if (!BN_mod_exp_mont_consttime(&r, &a, &p, &m, ctx, NULL)) {
                goto err;
        }
@@ -175,7 +208,8 @@ int main(int argc, char *argv[])
        BIO *out = NULL;
        int i, ret;
        unsigned char c;
-        BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
+        BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple,
+            *r_mont_ct, *r_mont_nonct, *a, *b, *m;
        ERR_load_BN_strings();
@@ -184,6 +218,8 @@ int main(int argc, char *argv[])
                exit(1);
        r_mont = BN_new();
        r_mont_const = BN_new();
+        r_mont_ct = BN_new();
+        r_mont_nonct = BN_new();
        r_recp = BN_new();
        r_simple = BN_new();
        a = BN_new();
@@ -221,6 +257,20 @@ int main(int argc, char *argv[])
                        exit(1);
                }
+                ret = BN_mod_exp_mont_ct(r_mont_ct, a, b, m, ctx, NULL);
+                if (ret <= 0) {
+                        printf("BN_mod_exp_mont_ct() problems\n");
+                        ERR_print_errors(out);
+                        exit(1);
+                }
+                ret = BN_mod_exp_mont_nonct(r_mont_nonct, a, b, m, ctx, NULL);
+                if (ret <= 0) {
+                        printf("BN_mod_exp_mont_nonct() problems\n");
+                        ERR_print_errors(out);
+                        exit(1);
+                }
                ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
                if (ret <= 0) {
                        printf("BN_mod_exp_recp() problems\n");
@@ -254,6 +304,10 @@ int main(int argc, char *argv[])
                                printf("\nsimple and mont const time results differ\n");
                        if (BN_cmp(r_simple, r_recp) != 0)
                                printf("\nsimple and recp results differ\n");
+                        if (BN_cmp(r_mont, r_mont_ct) != 0)
+                                printf("\nmont_ct and mont results differ\n");
+                        if (BN_cmp(r_mont_ct, r_mont_nonct) != 0)
+                                printf("\nmont_ct and mont_nonct results differ\n");
                        printf("a (%3d) = ", BN_num_bits(a));
                        BN_print(out, a);

diff --git a/src/regress/lib/libcrypto/bn/general/Makefile b/src/regress/lib/libcrypto/bn/general/Makefile index 18207ffb01..d578d0fe12 100644 --- a/src/regress/lib/libcrypto/bn/general/Makefile +++ b/src/regress/lib/libcrypto/bn/general/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.3 2016/12/21 15:51:05 jsing Exp $	1	# $OpenBSD: Makefile,v 1.4 2017/01/21 09:38:58 beck Exp $
2		2
3	.include "../../Makefile.inc"	3	.include "../../Makefile.inc"
4		4
@@ -6,6 +6,6 @@ PROG= bntest
6	LDADD= ${CRYPTO_INT}	6	LDADD= ${CRYPTO_INT}
7	DPADD= ${LIBCRYPTO}	7	DPADD= ${LIBCRYPTO}
8	WARNINGS= Yes	8	WARNINGS= Yes
9	CFLAGS+= -DLIBRESSL_INTERNAL -Werror	9	CFLAGS+= -Werror
10		10
11	.include <bsd.regress.mk>	11	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libcrypto/bn/general/bntest.c b/src/regress/lib/libcrypto/bn/general/bntest.c index 0247dacaa4..7e5e6ed81b 100644 --- a/src/regress/lib/libcrypto/bn/general/bntest.c +++ b/src/regress/lib/libcrypto/bn/general/bntest.c
@@ -84,6 +84,15 @@
84	#include <openssl/x509.h>	84	#include <openssl/x509.h>
85	#include <openssl/err.h>	85	#include <openssl/err.h>
86		86
		87	int BN_mod_exp_ct(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		88	const BIGNUM m, BN_CTX ctx);
		89	int BN_mod_exp_nonct(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		90	const BIGNUM m, BN_CTX ctx);
		91	int BN_mod_exp_mont_ct(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		92	const BIGNUM m, BN_CTX ctx, BN_MONT_CTX *m_ctx);
		93	int BN_mod_exp_mont_nonct(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		94	const BIGNUM m, BN_CTX ctx, BN_MONT_CTX *m_ctx);
		95
87	int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);	96	int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
88		97
89	const int num0 = 100; /* number of tests */	98	const int num0 = 100; /* number of tests */
@@ -1037,6 +1046,14 @@ test_mod_exp(BIO bp, BN_CTX ctx)
1037	fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n");	1046	fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n");
1038	return (0);	1047	return (0);
1039	}	1048	}
		1049	if (BN_mod_exp_ct(d, a, b, c, ctx)) {
		1050	fprintf(stderr, "BN_mod_exp_ct with zero modulus succeeded!\n");
		1051	return (0);
		1052	}
		1053	if (BN_mod_exp_nonct(d, a, b, c, ctx)) {
		1054	fprintf(stderr, "BN_mod_exp_nonct with zero modulus succeeded!\n");
		1055	return (0);
		1056	}
1040		1057
1041	BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */	1058	BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
1042	for (i = 0; i < num2; i++) {	1059	for (i = 0; i < num2; i++) {
@@ -1069,6 +1086,70 @@ test_mod_exp(BIO bp, BN_CTX ctx)
1069	break;	1086	break;
1070	}	1087	}
1071	}	1088	}
		1089
		1090	BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
		1091	for (i = 0; i < num2; i++) {
		1092	BN_bntest_rand(a, 20 + i * 5, 0, 0);
		1093	BN_bntest_rand(b, 2 + i, 0, 0);
		1094
		1095	if (!BN_mod_exp_ct(d, a, b, c, ctx)) {
		1096	rc = 0;
		1097	break;
		1098	}
		1099
		1100	if (bp != NULL) {
		1101	if (!results) {
		1102	BN_print(bp, a);
		1103	BIO_puts(bp, " ^ ");
		1104	BN_print(bp, b);
		1105	BIO_puts(bp, " % ");
		1106	BN_print(bp, c);
		1107	BIO_puts(bp, " - ");
		1108	}
		1109	BN_print(bp, d);
		1110	BIO_puts(bp, "\n");
		1111	}
		1112	BN_exp(e, a, b, ctx);
		1113	BN_sub(e, e, d);
		1114	BN_div(a, b, e, c, ctx);
		1115	if (!BN_is_zero(b)) {
		1116	fprintf(stderr, "Modulo exponentiation test failed!\n");
		1117	rc = 0;
		1118	break;
		1119	}
		1120	}
		1121
		1122	BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
		1123	for (i = 0; i < num2; i++) {
		1124	BN_bntest_rand(a, 20 + i * 5, 0, 0);
		1125	BN_bntest_rand(b, 2 + i, 0, 0);
		1126
		1127	if (!BN_mod_exp_nonct(d, a, b, c, ctx)) {
		1128	rc = 0;
		1129	break;
		1130	}
		1131
		1132	if (bp != NULL) {
		1133	if (!results) {
		1134	BN_print(bp, a);
		1135	BIO_puts(bp, " ^ ");
		1136	BN_print(bp, b);
		1137	BIO_puts(bp, " % ");
		1138	BN_print(bp, c);
		1139	BIO_puts(bp, " - ");
		1140	}
		1141	BN_print(bp, d);
		1142	BIO_puts(bp, "\n");
		1143	}
		1144	BN_exp(e, a, b, ctx);
		1145	BN_sub(e, e, d);
		1146	BN_div(a, b, e, c, ctx);
		1147	if (!BN_is_zero(b)) {
		1148	fprintf(stderr, "Modulo exponentiation test failed!\n");
		1149	rc = 0;
		1150	break;
		1151	}
		1152	}
1072	BN_free(a);	1153	BN_free(a);
1073	BN_free(b);	1154	BN_free(b);
1074	BN_free(c);	1155	BN_free(c);


diff --git a/src/regress/lib/libcrypto/bn/mont/Makefile b/src/regress/lib/libcrypto/bn/mont/Makefile index eda36001a3..55c48220d4 100644 --- a/src/regress/lib/libcrypto/bn/mont/Makefile +++ b/src/regress/lib/libcrypto/bn/mont/Makefile
@@ -1,9 +1,9 @@
1	# $OpenBSD: Makefile,v 1.2 2014/07/08 15:53:52 jsing Exp $	1	# $OpenBSD: Makefile,v 1.3 2017/01/21 09:38:58 beck Exp $
2		2
3	PROG= mont	3	PROG= mont
4	LDADD= -lcrypto	4	LDADD= -lcrypto
5	DPADD= ${LIBCRYPTO}	5	DPADD= ${LIBCRYPTO}
6	WARNINGS= Yes	6	WARNINGS= Yes
7	CFLAGS+= -DLIBRESSL_INTERNAL -Werror	7	CFLAGS+= -Werror
8		8
9	.include <bsd.regress.mk>	9	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libcrypto/exp/Makefile b/src/regress/lib/libcrypto/exp/Makefile index 3914201431..890b38e9fe 100644 --- a/src/regress/lib/libcrypto/exp/Makefile +++ b/src/regress/lib/libcrypto/exp/Makefile
@@ -1,9 +1,9 @@
1	# $OpenBSD: Makefile,v 1.3 2014/07/08 15:53:52 jsing Exp $	1	# $OpenBSD: Makefile,v 1.4 2017/01/21 09:38:58 beck Exp $
2		2
3	PROG= exptest	3	PROG= exptest
4	LDADD= -lcrypto	4	LDADD= ${CRYPTO_INT}
5	DPADD= ${LIBCRYPTO}	5	DPADD= ${LIBCRYPTO}
6	WARNINGS= Yes	6	WARNINGS= Yes
7	CFLAGS+= -DLIBRESSL_INTERNAL -Werror	7	CFLAGS+= -Werror
8		8
9	.include <bsd.regress.mk>	9	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libcrypto/exp/exptest.c b/src/regress/lib/libcrypto/exp/exptest.c index 45ca5ac5f5..375628cb25 100644 --- a/src/regress/lib/libcrypto/exp/exptest.c +++ b/src/regress/lib/libcrypto/exp/exptest.c
@@ -64,6 +64,15 @@
64	#include <openssl/bn.h>	64	#include <openssl/bn.h>
65	#include <openssl/err.h>	65	#include <openssl/err.h>
66		66
		67	int BN_mod_exp_ct(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		68	const BIGNUM m, BN_CTX ctx);
		69	int BN_mod_exp_nonct(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		70	const BIGNUM m, BN_CTX ctx);
		71	int BN_mod_exp_mont_ct(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		72	const BIGNUM m, BN_CTX ctx, BN_MONT_CTX *m_ctx);
		73	int BN_mod_exp_mont_nonct(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		74	const BIGNUM m, BN_CTX ctx, BN_MONT_CTX *m_ctx);
		75
67	#define NUM_BITS (BN_BITS*2)	76	#define NUM_BITS (BN_BITS*2)
68		77
69	/*	78	/*
@@ -116,6 +125,18 @@ static int test_exp_mod_zero(void)
116	if (!a_is_zero_mod_one("BN_mod_exp", &r, &a))	125	if (!a_is_zero_mod_one("BN_mod_exp", &r, &a))
117	failed = 1;	126	failed = 1;
118		127
		128	if (!BN_mod_exp_ct(&r, &a, &p, &m, ctx))
		129	goto err;
		130
		131	if (!a_is_zero_mod_one("BN_mod_exp_ct", &r, &a))
		132	failed = 1;
		133
		134	if (!BN_mod_exp_nonct(&r, &a, &p, &m, ctx))
		135	goto err;
		136
		137	if (!a_is_zero_mod_one("BN_mod_exp_nonct", &r, &a))
		138	failed = 1;
		139
119	if (!BN_mod_exp_recp(&r, &a, &p, &m, ctx))	140	if (!BN_mod_exp_recp(&r, &a, &p, &m, ctx))
120	goto err;	141	goto err;
121		142
@@ -134,6 +155,18 @@ static int test_exp_mod_zero(void)
134	if (!a_is_zero_mod_one("BN_mod_exp_mont", &r, &a))	155	if (!a_is_zero_mod_one("BN_mod_exp_mont", &r, &a))
135	failed = 1;	156	failed = 1;
136		157
		158	if (!BN_mod_exp_mont_ct(&r, &a, &p, &m, ctx, NULL))
		159	goto err;
		160
		161	if (!a_is_zero_mod_one("BN_mod_exp_mont_ct", &r, &a))
		162	failed = 1;
		163
		164	if (!BN_mod_exp_mont_nonct(&r, &a, &p, &m, ctx, NULL))
		165	goto err;
		166
		167	if (!a_is_zero_mod_one("BN_mod_exp_mont_nonct", &r, &a))
		168	failed = 1;
		169
137	if (!BN_mod_exp_mont_consttime(&r, &a, &p, &m, ctx, NULL)) {	170	if (!BN_mod_exp_mont_consttime(&r, &a, &p, &m, ctx, NULL)) {
138	goto err;	171	goto err;
139	}	172	}
@@ -175,7 +208,8 @@ int main(int argc, char *argv[])
175	BIO *out = NULL;	208	BIO *out = NULL;
176	int i, ret;	209	int i, ret;
177	unsigned char c;	210	unsigned char c;
178	BIGNUM r_mont, r_mont_const, r_recp, r_simple, a, b, *m;	211	BIGNUM r_mont, r_mont_const, r_recp, r_simple,
		212	r_mont_ct, r_mont_nonct, a, b, *m;
179		213
180	ERR_load_BN_strings();	214	ERR_load_BN_strings();
181		215
@@ -184,6 +218,8 @@ int main(int argc, char *argv[])
184	exit(1);	218	exit(1);
185	r_mont = BN_new();	219	r_mont = BN_new();
186	r_mont_const = BN_new();	220	r_mont_const = BN_new();
		221	r_mont_ct = BN_new();
		222	r_mont_nonct = BN_new();
187	r_recp = BN_new();	223	r_recp = BN_new();
188	r_simple = BN_new();	224	r_simple = BN_new();
189	a = BN_new();	225	a = BN_new();
@@ -221,6 +257,20 @@ int main(int argc, char *argv[])
221	exit(1);	257	exit(1);
222	}	258	}
223		259
		260	ret = BN_mod_exp_mont_ct(r_mont_ct, a, b, m, ctx, NULL);
		261	if (ret <= 0) {
		262	printf("BN_mod_exp_mont_ct() problems\n");
		263	ERR_print_errors(out);
		264	exit(1);
		265	}
		266
		267	ret = BN_mod_exp_mont_nonct(r_mont_nonct, a, b, m, ctx, NULL);
		268	if (ret <= 0) {
		269	printf("BN_mod_exp_mont_nonct() problems\n");
		270	ERR_print_errors(out);
		271	exit(1);
		272	}
		273
224	ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);	274	ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
225	if (ret <= 0) {	275	if (ret <= 0) {
226	printf("BN_mod_exp_recp() problems\n");	276	printf("BN_mod_exp_recp() problems\n");
@@ -254,6 +304,10 @@ int main(int argc, char *argv[])
254	printf("\nsimple and mont const time results differ\n");	304	printf("\nsimple and mont const time results differ\n");
255	if (BN_cmp(r_simple, r_recp) != 0)	305	if (BN_cmp(r_simple, r_recp) != 0)
256	printf("\nsimple and recp results differ\n");	306	printf("\nsimple and recp results differ\n");
		307	if (BN_cmp(r_mont, r_mont_ct) != 0)
		308	printf("\nmont_ct and mont results differ\n");
		309	if (BN_cmp(r_mont_ct, r_mont_nonct) != 0)
		310	printf("\nmont_ct and mont_nonct results differ\n");
257		311
258	printf("a (%3d) = ", BN_num_bits(a));	312	printf("a (%3d) = ", BN_num_bits(a));
259	BN_print(out, a);	313	BN_print(out, a);