/* * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. */ static int test_exp_mod_zero() { BIGNUM *a = NULL, *p = NULL, *m = NULL; BIGNUM *r = NULL; BN_ULONG one_word = 1; BN_CTX *ctx = BN_CTX_new(); int ret = 1, failed = 0; m = BN_new(); if (!m) goto err; BN_one(m); a = BN_new(); if (!a) goto err; BN_one(a); p = BN_new(); if (!p) goto err; BN_zero(p); r = BN_new(); if (!r) goto err; if (!BN_rand(a, 1024, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) goto err; if (!BN_mod_exp(r, a, p, m, ctx)) goto err; if (!a_is_zero_mod_one("BN_mod_exp", r, a)) failed = 1; if (!BN_mod_exp_recp(r, a, p, m, ctx)) goto err; if (!a_is_zero_mod_one("BN_mod_exp_recp", r, a)) failed = 1; if (!BN_mod_exp_simple(r, a, p, m, ctx)) goto err; if (!a_is_zero_mod_one("BN_mod_exp_simple", r, a)) failed = 1; if (!BN_mod_exp_mont(r, a, p, m, ctx, NULL)) goto err; if (!a_is_zero_mod_one("BN_mod_exp_mont", r, a)) failed = 1; if (!BN_mod_exp_mont_consttime(r, a, p, m, ctx, NULL)) { goto err; } if (!a_is_zero_mod_one("BN_mod_exp_mont_consttime", r, a)) failed = 1; /* * A different codepath exists for single word multiplication * in non-constant-time only. */ if (!BN_mod_exp_mont_word(r, one_word, p, m, ctx, NULL)) goto err; if (!BN_is_zero(r)) { fprintf(stderr, "BN_mod_exp_mont_word failed:\n"); fprintf(stderr, "1 ** 0 mod 1 = r (should be 0)\n"); fprintf(stderr, "r = "); BN_print_fp(stderr, r); fprintf(stderr, "\n"); return 0; } ret = failed; err: BN_free(r); BN_free(a); BN_free(p); BN_free(m); BN_CTX_free(ctx); return ret; }
int main(int argc, char *argv[]) { BN_CTX *ctx; BIO *out = NULL; int i, ret; unsigned char c; BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m; RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we * don't even check its return * value (which we should) */ ERR_load_BN_strings(); ctx = BN_CTX_new(); if (ctx == NULL) EXIT(1); r_mont = BN_new(); r_mont_const = BN_new(); r_recp = BN_new(); r_simple = BN_new(); a = BN_new(); b = BN_new(); m = BN_new(); if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL)) goto err; out = BIO_new(BIO_s_file()); if (out == NULL) EXIT(1); BIO_set_fp(out, stdout, BIO_NOCLOSE); for (i = 0; i < 200; i++) { RAND_bytes(&c, 1); c = (c % BN_BITS) - BN_BITS2; BN_rand(a, NUM_BITS + c, 0, 0); RAND_bytes(&c, 1); c = (c % BN_BITS) - BN_BITS2; BN_rand(b, NUM_BITS + c, 0, 0); RAND_bytes(&c, 1); c = (c % BN_BITS) - BN_BITS2; BN_rand(m, NUM_BITS + c, 0, 1); BN_mod(a, a, m, ctx); BN_mod(b, b, m, ctx); ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL); if (ret <= 0) { printf("BN_mod_exp_mont() problems\n"); ERR_print_errors(out); EXIT(1); } ret = BN_mod_exp_recp(r_recp, a, b, m, ctx); if (ret <= 0) { printf("BN_mod_exp_recp() problems\n"); ERR_print_errors(out); EXIT(1); } ret = BN_mod_exp_simple(r_simple, a, b, m, ctx); if (ret <= 0) { printf("BN_mod_exp_simple() problems\n"); ERR_print_errors(out); EXIT(1); } ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL); if (ret <= 0) { printf("BN_mod_exp_mont_consttime() problems\n"); ERR_print_errors(out); EXIT(1); } if (BN_cmp(r_simple, r_mont) == 0 && BN_cmp(r_simple, r_recp) == 0 && BN_cmp(r_simple, r_mont_const) == 0) { printf("."); fflush(stdout); } else { if (BN_cmp(r_simple, r_mont) != 0) printf("\nsimple and mont results differ\n"); if (BN_cmp(r_simple, r_mont_const) != 0) printf("\nsimple and mont const time results differ\n"); if (BN_cmp(r_simple, r_recp) != 0) printf("\nsimple and recp results differ\n"); printf("a (%3d) = ", BN_num_bits(a)); BN_print(out, a); printf("\nb (%3d) = ", BN_num_bits(b)); BN_print(out, b); printf("\nm (%3d) = ", BN_num_bits(m)); BN_print(out, m); printf("\nsimple ="); BN_print(out, r_simple); printf("\nrecp ="); BN_print(out, r_recp); printf("\nmont ="); BN_print(out, r_mont); printf("\nmont_ct ="); BN_print(out, r_mont_const); printf("\n"); EXIT(1); } } BN_free(r_mont); BN_free(r_mont_const); BN_free(r_recp); BN_free(r_simple); BN_free(a); BN_free(b); BN_free(m); BN_CTX_free(ctx); ERR_remove_thread_state(NULL); CRYPTO_mem_leaks(out); BIO_free(out); printf("\n"); if (test_exp_mod_zero() != 0) goto err; printf("done\n"); EXIT(0); err: ERR_load_crypto_strings(); ERR_print_errors(out); #ifdef OPENSSL_SYS_NETWARE printf("ERROR\n"); #endif EXIT(1); return (1); }
int FuzzerTestOneInput(const uint8_t *buf, size_t len) { int success = 0; static BN_CTX *ctx; static BN_MONT_CTX *mont; static BIGNUM *b1; static BIGNUM *b2; static BIGNUM *b3; static BIGNUM *b4; static BIGNUM *b5; if (ctx == NULL) { b1 = BN_new(); b2 = BN_new(); b3 = BN_new(); b4 = BN_new(); b5 = BN_new(); ctx = BN_CTX_new(); mont = BN_MONT_CTX_new(); } // Divide the input into three parts, using the values of the first two // bytes to choose lengths, which generate b1, b2 and b3. Use three bits // of the third byte to choose signs for the three numbers. size_t l1 = 0, l2 = 0, l3 = 0; int s1 = 0, s2 = 0, s3 = 0; if (len > 2) { len -= 3; l1 = (buf[0] * len) / 255; ++buf; l2 = (buf[0] * (len - l1)) / 255; ++buf; l3 = len - l1 - l2; s1 = buf[0] & 1; s2 = buf[0] & 2; s3 = buf[0] & 4; ++buf; } OPENSSL_assert(BN_bin2bn(buf, l1, b1) == b1); BN_set_negative(b1, s1); OPENSSL_assert(BN_bin2bn(buf + l1, l2, b2) == b2); BN_set_negative(b2, s2); OPENSSL_assert(BN_bin2bn(buf + l1 + l2, l3, b3) == b3); BN_set_negative(b3, s3); // mod 0 is undefined if (BN_is_zero(b3)) { success = 1; goto done; } OPENSSL_assert(BN_mod_exp(b4, b1, b2, b3, ctx)); OPENSSL_assert(BN_mod_exp_simple(b5, b1, b2, b3, ctx)); success = BN_cmp(b4, b5) == 0; if (!success) { BN_print_fp(stdout, b1); putchar('\n'); BN_print_fp(stdout, b2); putchar('\n'); BN_print_fp(stdout, b3); putchar('\n'); BN_print_fp(stdout, b4); putchar('\n'); BN_print_fp(stdout, b5); putchar('\n'); } done: OPENSSL_assert(success); return 0; }
/* * test_mod_exp_zero tests that x**0 mod 1 == 0. It returns zero on success. */ static int test_mod_exp_zero(void) { BIGNUM *a = NULL, *p = NULL, *m = NULL; BIGNUM *r = NULL; BN_ULONG one_word = 1; BN_CTX *ctx = BN_CTX_new(); int ret = 1, failed = 0; if (!TEST_ptr(m = BN_new()) || !TEST_ptr(a = BN_new()) || !TEST_ptr(p = BN_new()) || !TEST_ptr(r = BN_new())) goto err; BN_one(m); BN_one(a); BN_zero(p); if (!TEST_true(BN_rand(a, 1024, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))) goto err; if (!TEST_true(BN_mod_exp(r, a, p, m, ctx))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp", r, a))) failed = 1; if (!TEST_true(BN_mod_exp_recp(r, a, p, m, ctx))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_recp", r, a))) failed = 1; if (!TEST_true(BN_mod_exp_simple(r, a, p, m, ctx))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_simple", r, a))) failed = 1; if (!TEST_true(BN_mod_exp_mont(r, a, p, m, ctx, NULL))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_mont", r, a))) failed = 1; if (!TEST_true(BN_mod_exp_mont_consttime(r, a, p, m, ctx, NULL))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_mont_consttime", r, a))) failed = 1; /* * A different codepath exists for single word multiplication * in non-constant-time only. */ if (!TEST_true(BN_mod_exp_mont_word(r, one_word, p, m, ctx, NULL))) goto err; if (!TEST_BN_eq_zero(r)) { TEST_error("BN_mod_exp_mont_word failed: " "1 ** 0 mod 1 = r (should be 0)"); BN_print_var(r); goto err; } ret = !failed; err: BN_free(r); BN_free(a); BN_free(p); BN_free(m); BN_CTX_free(ctx); return ret; }
static int test_mod_exp(int round) { BN_CTX *ctx; unsigned char c; int ret = 0; BIGNUM *r_mont = NULL; BIGNUM *r_mont_const = NULL; BIGNUM *r_recp = NULL; BIGNUM *r_simple = NULL; BIGNUM *a = NULL; BIGNUM *b = NULL; BIGNUM *m = NULL; if (!TEST_ptr(ctx = BN_CTX_new())) goto err; if (!TEST_ptr(r_mont = BN_new()) || !TEST_ptr(r_mont_const = BN_new()) || !TEST_ptr(r_recp = BN_new()) || !TEST_ptr(r_simple = BN_new()) || !TEST_ptr(a = BN_new()) || !TEST_ptr(b = BN_new()) || !TEST_ptr(m = BN_new())) goto err; RAND_bytes(&c, 1); c = (c % BN_BITS) - BN_BITS2; BN_rand(a, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY); RAND_bytes(&c, 1); c = (c % BN_BITS) - BN_BITS2; BN_rand(b, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY); RAND_bytes(&c, 1); c = (c % BN_BITS) - BN_BITS2; BN_rand(m, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD); if (!TEST_true(BN_mod(a, a, m, ctx)) || !TEST_true(BN_mod(b, b, m, ctx)) || !TEST_true(BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL)) || !TEST_true(BN_mod_exp_recp(r_recp, a, b, m, ctx)) || !TEST_true(BN_mod_exp_simple(r_simple, a, b, m, ctx)) || !TEST_true(BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL))) goto err; if (!TEST_BN_eq(r_simple, r_mont) || !TEST_BN_eq(r_simple, r_recp) || !TEST_BN_eq(r_simple, r_mont_const)) { if (BN_cmp(r_simple, r_mont) != 0) TEST_info("simple and mont results differ"); if (BN_cmp(r_simple, r_mont_const) != 0) TEST_info("simple and mont const time results differ"); if (BN_cmp(r_simple, r_recp) != 0) TEST_info("simple and recp results differ"); BN_print_var(a); BN_print_var(b); BN_print_var(m); BN_print_var(r_simple); BN_print_var(r_recp); BN_print_var(r_mont); BN_print_var(r_mont_const); goto err; } ret = 1; err: BN_free(r_mont); BN_free(r_mont_const); BN_free(r_recp); BN_free(r_simple); BN_free(a); BN_free(b); BN_free(m); BN_CTX_free(ctx); return ret; }
int exp_main(int argc, char *argv[]) #endif { BN_CTX *ctx; BIO *out=NULL; int i,ret; unsigned char c; BIGNUM *r_mont,*r_mont_const,*r_recp,*r_simple,*a,*b,*m; // FILE* temp; RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't * even check its return value * (which we should) */ if(errno==ENOMEM) { return 1; } ERR_load_BN_strings(); if(errno==ENOMEM) { return 1; } ctx=BN_CTX_new(); if (ctx == NULL) { if(errno==ENOMEM) { return 1; } return 1; } r_mont=BN_new(); if(r_mont==NULL&&errno==ENOMEM) { return 1; } r_mont_const=BN_new(); if(r_mont_const==NULL&&errno==ENOMEM) { return 1; } r_recp=BN_new(); if(r_recp==NULL&&errno==ENOMEM) { return 1; } r_simple=BN_new(); if(r_simple==NULL&&errno==ENOMEM) { return 1; } a=BN_new(); if(a==NULL&&errno==ENOMEM) { return 1; } b=BN_new(); if(b==NULL&&errno==ENOMEM) { return 1; } m=BN_new(); if(m==NULL&&errno==ENOMEM) { return 1; } if ( (r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL)) goto err; out=BIO_new(BIO_s_file()); if(out==NULL&&errno==ENOMEM) { return 1; } if (out == NULL) return 1; BIO_set_fp(out,stdout,BIO_NOCLOSE); if(errno==ENOMEM) { return 1; } // temp = fopen("sanjeev.txt", "w"); for (i=0; i<200; i++) { // fputc(i,temp); RAND_bytes(&c,1); if(errno==ENOMEM) { return 1; } c=(c%BN_BITS)-BN_BITS2; BN_rand(a,NUM_BITS+c,0,0); if(errno==ENOMEM) { return 1; } RAND_bytes(&c,1); if(errno==ENOMEM) { return 1; } c=(c%BN_BITS)-BN_BITS2; BN_rand(b,NUM_BITS+c,0,0); if(errno==ENOMEM) { return 1; } RAND_bytes(&c,1); if(errno==ENOMEM) { return 1; } c=(c%BN_BITS)-BN_BITS2; BN_rand(m,NUM_BITS+c,0,1); if(errno==ENOMEM) { return 1; } BN_mod(a,a,m,ctx); if(errno==ENOMEM) { return 1; } BN_mod(b,b,m,ctx); if(errno==ENOMEM) { return 1; } ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL); if (ret <= 0) { if(errno==ENOMEM) { return 1; } fprintf(stdout,"BN_mod_exp_mont() problems\n"); ERR_print_errors(out); if(errno==ENOMEM) { return 1; } return 1; } ret=BN_mod_exp_recp(r_recp,a,b,m,ctx); if (ret <= 0) { if(errno==ENOMEM) { return 1; } fprintf(stdout,"BN_mod_exp_recp() problems\n"); ERR_print_errors(out); if(errno==ENOMEM) { return 1; } return 1; } ret=BN_mod_exp_simple(r_simple,a,b,m,ctx); if (ret <= 0) { if(errno==ENOMEM) { return 1; } fprintf(stdout,"BN_mod_exp_simple() problems\n"); ERR_print_errors(out); if(errno==ENOMEM) { return 1; } return 1; } ret=BN_mod_exp_mont_consttime(r_mont_const,a,b,m,ctx,NULL); if (ret <= 0) { if(errno==ENOMEM) { return 1; } fprintf(stdout,"BN_mod_exp_mont_consttime() problems\n"); ERR_print_errors(out); if(errno==ENOMEM) { return 1; } return 1; } if (BN_cmp(r_simple, r_mont) == 0 && BN_cmp(r_simple,r_recp) == 0 && BN_cmp(r_simple,r_mont_const) == 0) { if(errno==ENOMEM) { return 1; } fprintf(stdout,"."); fflush(stdout); } else { if (BN_cmp(r_simple,r_mont) != 0) { if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nsimple and mont results differ\n"); } if (BN_cmp(r_simple,r_mont) != 0) { if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nsimple and mont const time results differ\n"); } if (BN_cmp(r_simple,r_recp) != 0) { if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nsimple and recp results differ\n"); } fprintf(stdout,"a (%3d) = ",BN_num_bits(a)); BN_print(out,a); if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nb (%3d) = ",BN_num_bits(b)); BN_print(out,b); if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nm (%3d) = ",BN_num_bits(m)); BN_print(out,m); if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nsimple ="); BN_print(out,r_simple); if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nrecp ="); BN_print(out,r_recp); if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nmont ="); BN_print(out,r_mont); if(errno==ENOMEM) { return 1; } fprintf(stdout,"\nmont_ct ="); BN_print(out,r_mont_const); if(errno==ENOMEM) { return 1; } fprintf(stdout,"\n"); return 1; } } BN_free(r_mont); BN_free(r_mont_const); BN_free(r_recp); BN_free(r_simple); BN_free(a); BN_free(b); BN_free(m); BN_CTX_free(ctx); ERR_remove_state(0); if(errno==ENOMEM) { return 1; } CRYPTO_mem_leaks(out); if(errno==ENOMEM) { return 1; } BIO_free(out); if(errno==ENOMEM) { return 1; } CRYPTO_cleanup_all_ex_data(); if(errno==ENOMEM) { return 1; } fprintf(stdout," done\n"); fprintf(stdout," Test case passed\n"); return 0; err: ERR_load_crypto_strings(); if(errno==ENOMEM) { return 1; } ERR_print_errors(out); if(errno==ENOMEM) { return 1; } #ifdef OPENSSL_SYS_NETWARE fprintf(stdout,"ERROR\n"); #endif return(1); }
/* * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. */ static int test_exp_mod_zero(void) { BIGNUM a, p, m; BIGNUM r; BN_ULONG one_word = 1; BN_CTX *ctx = BN_CTX_new(); int ret = 1, failed = 0; BN_init(&m); BN_one(&m); BN_init(&a); BN_one(&a); BN_init(&p); BN_zero(&p); BN_init(&r); if (!BN_rand(&a, 1024, 0, 0)) goto err; if (!BN_mod_exp(&r, &a, &p, &m, ctx)) goto err; if (!a_is_zero_mod_one("BN_mod_exp", &r, &a)) failed = 1; if (!BN_mod_exp_recp(&r, &a, &p, &m, ctx)) goto err; if (!a_is_zero_mod_one("BN_mod_exp_recp", &r, &a)) failed = 1; if (!BN_mod_exp_simple(&r, &a, &p, &m, ctx)) goto err; if (!a_is_zero_mod_one("BN_mod_exp_simple", &r, &a)) failed = 1; if (!BN_mod_exp_mont(&r, &a, &p, &m, ctx, NULL)) goto err; if (!a_is_zero_mod_one("BN_mod_exp_mont", &r, &a)) failed = 1; if (!BN_mod_exp_mont_consttime(&r, &a, &p, &m, ctx, NULL)) { goto err; } if (!a_is_zero_mod_one("BN_mod_exp_mont_consttime", &r, &a)) failed = 1; /* * A different codepath exists for single word multiplication * in non-constant-time only. */ if (!BN_mod_exp_mont_word(&r, one_word, &p, &m, ctx, NULL)) goto err; if (!BN_is_zero(&r)) { fprintf(stderr, "BN_mod_exp_mont_word failed:\n"); fprintf(stderr, "1 ** 0 mod 1 = r (should be 0)\n"); fprintf(stderr, "r = "); BN_print_fp(stderr, &r); fprintf(stderr, "\n"); return 0; } ret = failed; err: BN_free(&r); BN_free(&a); BN_free(&p); BN_free(&m); BN_CTX_free(ctx); return ret; }