2 files changed, 108 insertions, 2 deletions
diff --git a/src/regress/lib/libcrypto/bn/Makefile b/src/regress/lib/libcrypto/bn/Makefile
index 8e4c74a129..36149a7b84 100644
--- a/src/regress/lib/libcrypto/bn/Makefile
+++ b/src/regress/lib/libcrypto/bn/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.35 2023/08/03 18:44:31 tb Exp $
+#       $OpenBSD: Makefile,v 1.36 2023/10/19 10:17:24 tb Exp $
 PROGS +=        bn_add_sub
 PROGS +=        bn_cmp
@@ -35,6 +35,8 @@ CFLAGS +=	-I${.CURDIR}/../../../../lib/libcrypto/bn/arch/${MACHINE_CPU}/
 # Use default targets from bsd.regress.mk unless overridden below
 REGRESS_TARGETS = ${PROGS:S/^/run-regress-/}
+REGRESS_EXPECTED_FAILURES = run-regress-bn_mod_exp
 # Verify that the bn_isqrt -C output isn't changed by accident.
 isqrt-print-tables: bn_isqrt
        @./bn_isqrt -C
diff --git a/src/regress/lib/libcrypto/bn/bn_mod_exp.c b/src/regress/lib/libcrypto/bn/bn_mod_exp.c
index 14e1883979..61157385bf 100644
--- a/src/regress/lib/libcrypto/bn/bn_mod_exp.c
+++ b/src/regress/lib/libcrypto/bn/bn_mod_exp.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bn_mod_exp.c,v 1.38 2023/05/09 05:39:24 tb Exp $ */
+/*      $OpenBSD: bn_mod_exp.c,v 1.39 2023/10/19 10:17:24 tb Exp $ */
 /*
 * Copyright (c) 2022,2023 Theo Buehler <tb@openbsd.org>
@@ -561,6 +561,109 @@ test_bn_mod_exp2_mont_crash(void)
        return failed;
 }
+static int
+test_mod_exp_aliased(const char *alias, int want_ret, BIGNUM *got,
+    const BIGNUM *want, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
+    BN_CTX *ctx, const struct mod_exp_test *test)
+{
+        int mod_exp_ret;
+        int ret = 0;
+        BN_CTX_start(ctx);
+        if (test->mod_exp_fn != NULL)
+                mod_exp_ret = test->mod_exp_fn(got, a, p, m, ctx);
+        else
+                mod_exp_ret = test->mod_exp_mont_fn(got, a, p, m, ctx, NULL);
+        if (mod_exp_ret != want_ret)
+                errx(1, "%s() %s aliased with result failed", test->name, alias);
+        if (!mod_exp_ret)
+                goto done;
+        if (BN_cmp(want, got) != 0) {
+                dump_results(a, p, NULL, NULL, m, want, got, test->name);
+                goto err;
+        }
+ done:
+        ret = 1;
+ err:
+        BN_CTX_end(ctx);
+        return ret;
+}
+static void
+test_bn_mod_exp_aliasing_setup(BIGNUM *want, BIGNUM *a, BIGNUM *p, BIGNUM *m,
+    BN_CTX *ctx)
+{
+        if (!BN_set_word(a, 1031))
+                errx(1, "BN_set_word");
+        if (!BN_set_word(p, 1033))
+                errx(1, "BN_set_word");
+        if (!BN_set_word(m, 1039))
+                errx(1, "BN_set_word");
+        if (!BN_mod_exp_simple(want, a, p, m, ctx))
+                errx(1, "BN_mod_exp");
+}
+static int
+test_bn_mod_exp_aliasing(void)
+{
+        BN_CTX *ctx;
+        BIGNUM *a, *p, *m, *want, *got;
+        size_t i;
+        int failed = 0;
+        if ((ctx = BN_CTX_new()) == NULL)
+                errx(1, "BN_CTX_new");
+        BN_CTX_start(ctx);
+        if ((a = BN_CTX_get(ctx)) == NULL)
+                errx(1, "a = BN_CTX_get()");
+        if ((p = BN_CTX_get(ctx)) == NULL)
+                errx(1, "p = BN_CTX_get()");
+        if ((m = BN_CTX_get(ctx)) == NULL)
+                errx(1, "m = BN_CTX_get()");
+        if ((want = BN_CTX_get(ctx)) == NULL)
+                errx(1, "want = BN_CTX_get()");
+        if ((got = BN_CTX_get(ctx)) == NULL)
+                errx(1, "got = BN_CTX_get()");
+        for (i = 0; i < N_MOD_EXP_FN; i++) {
+                const struct mod_exp_test *test = &mod_exp_fn[i];
+                int aliasing_allowed = 1;
+                test_bn_mod_exp_aliasing_setup(want, a, p, m, ctx);
+                if (!test_mod_exp_aliased("nothing", 1, got, want, a, p, m, ctx,
+                    test))
+                        failed |= 1;
+                test_bn_mod_exp_aliasing_setup(want, a, p, m, ctx);
+                if (!test_mod_exp_aliased("a", 1, a, want, a, p, m, ctx, test))
+                        failed |= 1;
+                test_bn_mod_exp_aliasing_setup(want, a, p, m, ctx);
+                if (!test_mod_exp_aliased("p", 1, p, want, a, p, m, ctx, test))
+                        failed |= 1;
+                if (test->mod_exp_fn == BN_mod_exp_simple)
+                        aliasing_allowed = 0;
+                test_bn_mod_exp_aliasing_setup(want, a, p, m, ctx);
+                if (!test_mod_exp_aliased("m", aliasing_allowed, m, want,
+                    a, p, m, ctx, test))
+                        failed |= 1;
+        }
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+        return failed;
+}
 int
 main(void)
 {
@@ -570,6 +673,7 @@ main(void)
        failed |= test_bn_mod_exp();
        failed |= test_bn_mod_exp2();
        failed |= test_bn_mod_exp2_mont_crash();
+        failed |= test_bn_mod_exp_aliasing();
        return failed;
 }

diff --git a/src/regress/lib/libcrypto/bn/Makefile b/src/regress/lib/libcrypto/bn/Makefile index 8e4c74a129..36149a7b84 100644 --- a/src/regress/lib/libcrypto/bn/Makefile +++ b/src/regress/lib/libcrypto/bn/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.35 2023/08/03 18:44:31 tb Exp $	1	# $OpenBSD: Makefile,v 1.36 2023/10/19 10:17:24 tb Exp $
2		2
3	PROGS += bn_add_sub	3	PROGS += bn_add_sub
4	PROGS += bn_cmp	4	PROGS += bn_cmp
@@ -35,6 +35,8 @@ CFLAGS += -I${.CURDIR}/../../../../lib/libcrypto/bn/arch/${MACHINE_CPU}/
35	# Use default targets from bsd.regress.mk unless overridden below	35	# Use default targets from bsd.regress.mk unless overridden below
36	REGRESS_TARGETS = ${PROGS:S/^/run-regress-/}	36	REGRESS_TARGETS = ${PROGS:S/^/run-regress-/}
37		37
		38	REGRESS_EXPECTED_FAILURES = run-regress-bn_mod_exp
		39
38	# Verify that the bn_isqrt -C output isn't changed by accident.	40	# Verify that the bn_isqrt -C output isn't changed by accident.
39	isqrt-print-tables: bn_isqrt	41	isqrt-print-tables: bn_isqrt
40	@./bn_isqrt -C	42	@./bn_isqrt -C


diff --git a/src/regress/lib/libcrypto/bn/bn_mod_exp.c b/src/regress/lib/libcrypto/bn/bn_mod_exp.c index 14e1883979..61157385bf 100644 --- a/src/regress/lib/libcrypto/bn/bn_mod_exp.c +++ b/src/regress/lib/libcrypto/bn/bn_mod_exp.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_mod_exp.c,v 1.38 2023/05/09 05:39:24 tb Exp $ */	1	/* $OpenBSD: bn_mod_exp.c,v 1.39 2023/10/19 10:17:24 tb Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2022,2023 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2022,2023 Theo Buehler <tb@openbsd.org>
@@ -561,6 +561,109 @@ test_bn_mod_exp2_mont_crash(void)
561	return failed;	561	return failed;
562	}	562	}
563		563
		564	static int
		565	test_mod_exp_aliased(const char alias, int want_ret, BIGNUM got,
		566	const BIGNUM want, const BIGNUM a, const BIGNUM p, const BIGNUM m,
		567	BN_CTX ctx, const struct mod_exp_test test)
		568	{
		569	int mod_exp_ret;
		570	int ret = 0;
		571
		572	BN_CTX_start(ctx);
		573
		574	if (test->mod_exp_fn != NULL)
		575	mod_exp_ret = test->mod_exp_fn(got, a, p, m, ctx);
		576	else
		577	mod_exp_ret = test->mod_exp_mont_fn(got, a, p, m, ctx, NULL);
		578
		579	if (mod_exp_ret != want_ret)
		580	errx(1, "%s() %s aliased with result failed", test->name, alias);
		581
		582	if (!mod_exp_ret)
		583	goto done;
		584
		585	if (BN_cmp(want, got) != 0) {
		586	dump_results(a, p, NULL, NULL, m, want, got, test->name);
		587	goto err;
		588	}
		589
		590	done:
		591	ret = 1;
		592
		593	err:
		594	BN_CTX_end(ctx);
		595
		596	return ret;
		597	}
		598
		599	static void
		600	test_bn_mod_exp_aliasing_setup(BIGNUM want, BIGNUM a, BIGNUM p, BIGNUM m,
		601	BN_CTX *ctx)
		602	{
		603	if (!BN_set_word(a, 1031))
		604	errx(1, "BN_set_word");
		605	if (!BN_set_word(p, 1033))
		606	errx(1, "BN_set_word");
		607	if (!BN_set_word(m, 1039))
		608	errx(1, "BN_set_word");
		609
		610	if (!BN_mod_exp_simple(want, a, p, m, ctx))
		611	errx(1, "BN_mod_exp");
		612	}
		613
		614	static int
		615	test_bn_mod_exp_aliasing(void)
		616	{
		617	BN_CTX *ctx;
		618	BIGNUM a, p, m, want, *got;
		619	size_t i;
		620	int failed = 0;
		621
		622	if ((ctx = BN_CTX_new()) == NULL)
		623	errx(1, "BN_CTX_new");
		624
		625	BN_CTX_start(ctx);
		626
		627	if ((a = BN_CTX_get(ctx)) == NULL)
		628	errx(1, "a = BN_CTX_get()");
		629	if ((p = BN_CTX_get(ctx)) == NULL)
		630	errx(1, "p = BN_CTX_get()");
		631	if ((m = BN_CTX_get(ctx)) == NULL)
		632	errx(1, "m = BN_CTX_get()");
		633	if ((want = BN_CTX_get(ctx)) == NULL)
		634	errx(1, "want = BN_CTX_get()");
		635	if ((got = BN_CTX_get(ctx)) == NULL)
		636	errx(1, "got = BN_CTX_get()");
		637
		638	for (i = 0; i < N_MOD_EXP_FN; i++) {
		639	const struct mod_exp_test *test = &mod_exp_fn[i];
		640	int aliasing_allowed = 1;
		641
		642	test_bn_mod_exp_aliasing_setup(want, a, p, m, ctx);
		643	if (!test_mod_exp_aliased("nothing", 1, got, want, a, p, m, ctx,
		644	test))
		645	failed \|= 1;
		646	test_bn_mod_exp_aliasing_setup(want, a, p, m, ctx);
		647	if (!test_mod_exp_aliased("a", 1, a, want, a, p, m, ctx, test))
		648	failed \|= 1;
		649	test_bn_mod_exp_aliasing_setup(want, a, p, m, ctx);
		650	if (!test_mod_exp_aliased("p", 1, p, want, a, p, m, ctx, test))
		651	failed \|= 1;
		652
		653	if (test->mod_exp_fn == BN_mod_exp_simple)
		654	aliasing_allowed = 0;
		655	test_bn_mod_exp_aliasing_setup(want, a, p, m, ctx);
		656	if (!test_mod_exp_aliased("m", aliasing_allowed, m, want,
		657	a, p, m, ctx, test))
		658	failed \|= 1;
		659	}
		660
		661	BN_CTX_end(ctx);
		662	BN_CTX_free(ctx);
		663
		664	return failed;
		665	}
		666
564	int	667	int
565	main(void)	668	main(void)
566	{	669	{
@@ -570,6 +673,7 @@ main(void)
570	failed \|= test_bn_mod_exp();	673	failed \|= test_bn_mod_exp();
571	failed \|= test_bn_mod_exp2();	674	failed \|= test_bn_mod_exp2();
572	failed \|= test_bn_mod_exp2_mont_crash();	675	failed \|= test_bn_mod_exp2_mont_crash();
		676	failed \|= test_bn_mod_exp_aliasing();
573		677
574	return failed;	678	return failed;
575	}	679	}