crypto/bn/exptest.c

   1 /* crypto/bn/exptest.c */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include <stdio.h>
  60 #include <stdlib.h>
  61 #include <string.h>
  62
  63 #include "../e_os.h"
  64
  65 #include <openssl/bio.h>
  66 #include <openssl/bn.h>
  67 #include <openssl/rand.h>
  68 #include <openssl/err.h>
  69
  70 #define NUM_BITS        (BN_BITS*2)
  71
  72 static const char rnd_seed[] =
  73     "string to make the random number generator think it has entropy";
  74
  75 /*
  76  * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
  77  */
  78 static int test_exp_mod_zero()
  79 {
  80     BIGNUM *a = NULL, *p = NULL, *m = NULL;
  81     BIGNUM *r = NULL;
  82     BN_CTX *ctx = BN_CTX_new();
  83     int ret = 1;
  84
  85     m = BN_new();
  86     if (!m)
  87         goto err;
  88     BN_one(m);
  89
  90     a = BN_new();
  91     if (!a)
  92         goto err;
  93     BN_one(a);
  94
  95     p = BN_new();
  96     if (!p)
  97         goto err;
  98     BN_zero(p);
  99
 100     r = BN_new();
 101     if (!r)
 102         goto err;
 103     BN_mod_exp(r, a, p, m, ctx);
 104     BN_CTX_free(ctx);
 105
 106     if (BN_is_zero(r))
 107         ret = 0;
 108     else {
 109         printf("1**0 mod 1 = ");
 110         BN_print_fp(stdout, r);
 111         printf(", should be 0\n");
 112     }
 113
 114  err:
 115     BN_free(r);
 116     BN_free(a);
 117     BN_free(p);
 118     BN_free(m);
 119
 120     return ret;
 121 }
 122
 123 int main(int argc, char *argv[])
 124 {
 125     BN_CTX *ctx;
 126     BIO *out = NULL;
 127     int i, ret;
 128     unsigned char c;
 129     BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
 130
 131     RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
 132                                            * don't even check its return
 133                                            * value (which we should) */
 134
 135     ERR_load_BN_strings();
 136
 137     ctx = BN_CTX_new();
 138     if (ctx == NULL)
 139         EXIT(1);
 140     r_mont = BN_new();
 141     r_mont_const = BN_new();
 142     r_recp = BN_new();
 143     r_simple = BN_new();
 144     a = BN_new();
 145     b = BN_new();
 146     m = BN_new();
 147     if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL))
 148         goto err;
 149
 150     out = BIO_new(BIO_s_file());
 151
 152     if (out == NULL)
 153         EXIT(1);
 154     BIO_set_fp(out, stdout, BIO_NOCLOSE);
 155
 156     for (i = 0; i < 200; i++) {
 157         RAND_bytes(&c, 1);
 158         c = (c % BN_BITS) - BN_BITS2;
 159         BN_rand(a, NUM_BITS + c, 0, 0);
 160
 161         RAND_bytes(&c, 1);
 162         c = (c % BN_BITS) - BN_BITS2;
 163         BN_rand(b, NUM_BITS + c, 0, 0);
 164
 165         RAND_bytes(&c, 1);
 166         c = (c % BN_BITS) - BN_BITS2;
 167         BN_rand(m, NUM_BITS + c, 0, 1);
 168
 169         BN_mod(a, a, m, ctx);
 170         BN_mod(b, b, m, ctx);
 171
 172         ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL);
 173         if (ret <= 0) {
 174             printf("BN_mod_exp_mont() problems\n");
 175             ERR_print_errors(out);
 176             EXIT(1);
 177         }
 178
 179         ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
 180         if (ret <= 0) {
 181             printf("BN_mod_exp_recp() problems\n");
 182             ERR_print_errors(out);
 183             EXIT(1);
 184         }
 185
 186         ret = BN_mod_exp_simple(r_simple, a, b, m, ctx);
 187         if (ret <= 0) {
 188             printf("BN_mod_exp_simple() problems\n");
 189             ERR_print_errors(out);
 190             EXIT(1);
 191         }
 192
 193         ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL);
 194         if (ret <= 0) {
 195             printf("BN_mod_exp_mont_consttime() problems\n");
 196             ERR_print_errors(out);
 197             EXIT(1);
 198         }
 199
 200         if (BN_cmp(r_simple, r_mont) == 0
 201             && BN_cmp(r_simple, r_recp) == 0
 202             && BN_cmp(r_simple, r_mont_const) == 0) {
 203             printf(".");
 204             fflush(stdout);
 205         } else {
 206             if (BN_cmp(r_simple, r_mont) != 0)
 207                 printf("\nsimple and mont results differ\n");
 208             if (BN_cmp(r_simple, r_mont_const) != 0)
 209                 printf("\nsimple and mont const time results differ\n");
 210             if (BN_cmp(r_simple, r_recp) != 0)
 211                 printf("\nsimple and recp results differ\n");
 212
 213             printf("a (%3d) = ", BN_num_bits(a));
 214             BN_print(out, a);
 215             printf("\nb (%3d) = ", BN_num_bits(b));
 216             BN_print(out, b);
 217             printf("\nm (%3d) = ", BN_num_bits(m));
 218             BN_print(out, m);
 219             printf("\nsimple   =");
 220             BN_print(out, r_simple);
 221             printf("\nrecp     =");
 222             BN_print(out, r_recp);
 223             printf("\nmont     =");
 224             BN_print(out, r_mont);
 225             printf("\nmont_ct  =");
 226             BN_print(out, r_mont_const);
 227             printf("\n");
 228             EXIT(1);
 229         }
 230     }
 231     BN_free(r_mont);
 232     BN_free(r_mont_const);
 233     BN_free(r_recp);
 234     BN_free(r_simple);
 235     BN_free(a);
 236     BN_free(b);
 237     BN_free(m);
 238     BN_CTX_free(ctx);
 239     ERR_remove_thread_state(NULL);
 240     CRYPTO_mem_leaks(out);
 241     BIO_free(out);
 242     printf("\n");
 243
 244     if (test_exp_mod_zero() != 0)
 245         goto err;
 246
 247     printf("done\n");
 248
 249     EXIT(0);
 250  err:
 251     ERR_load_crypto_strings();
 252     ERR_print_errors(out);
 253 #ifdef OPENSSL_SYS_NETWARE
 254     printf("ERROR\n");
 255 #endif
 256     EXIT(1);
 257     return (1);
 258 }