TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 1694969a0a82545fa284ceede380cbfd9442e1b7 / . / tests / suites / test_suite_mpi.function
blob: 07bd03892aad22a7d53103b9662893fa60792a3d [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/bignum.h"
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]3#include "mbedtls/entropy.h"
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]4#include "bignum_core.h"
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]5#include "bignum_mod.h"
6#include "bignum_mod_raw.h"
Janos Follath23bdeca2022-07-22 18:24:06 +0100[diff] [blame]7#include "constant_time_internal.h"
8#include "test/constant_flow.h"
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]9
Chris Jonese64a46f2020-12-03 17:44:03 +0000[diff] [blame]10#if MBEDTLS_MPI_MAX_BITS > 792
11#define MPI_MAX_BITS_LARGER_THAN_792
Chris Jones4592bd82020-12-03 14:24:33 +0000[diff] [blame]12#endif
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]13
Gabor Mezeia200f6f2022-08-03 12:59:57 +0200[diff] [blame]14#define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */
15#define biL (ciL << 3) /* bits in limb */
16
17/*
18 * Convert between bits/chars and number of limbs
19 * Divide first in order to avoid potential overflows
20 */
21#define BITS_TO_LIMBS(i) ( (i) / biL + ( (i) % biL != 0 ) )
22#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) )
23
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]24/* Check the validity of the sign bit in an MPI object. Reject representations
25 * that are not supported by the rest of the library and indicate a bug when
26 * constructing the value. */
27static int sign_is_valid( const mbedtls_mpi *X )
28{
29 if( X->s != 1 && X->s != -1 )
30 return( 0 ); // invalid sign bit, e.g. 0
31 if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 )
32 return( 0 ); // negative zero
33 return( 1 );
34}
35
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]36typedef struct mbedtls_test_mpi_random
37{
38 data_t *data;
39 size_t pos;
40 size_t chunk_len;
41} mbedtls_test_mpi_random;
42
43/*
44 * This function is called by the Miller-Rabin primality test each time it
45 * chooses a random witness. The witnesses (or non-witnesses as provided by the
46 * test) are stored in the data member of the state structure. Each number is in
47 * the format that mbedtls_mpi_read_string understands and is chunk_len long.
48 */
49int mbedtls_test_mpi_miller_rabin_determinizer( void* state,
50 unsigned char* buf,
51 size_t len )
52{
53 mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random*) state;
54
55 if( random == NULL || random->data->x == NULL || buf == NULL )
56 return( -1 );
57
58 if( random->pos + random->chunk_len > random->data->len
59 || random->chunk_len > len )
60 {
61 return( -1 );
62 }
63
64 memset( buf, 0, len );
65
66 /* The witness is written to the end of the buffer, since the buffer is
67 * used as big endian, unsigned binary data in mbedtls_mpi_read_binary.
68 * Writing the witness to the start of the buffer would result in the
69 * buffer being 'witness 000...000', which would be treated as
70 * witness * 2^n for some n. */
71 memcpy( buf + len - random->chunk_len, &random->data->x[random->pos],
72 random->chunk_len );
73
74 random->pos += random->chunk_len;
75
76 return( 0 );
77}
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]78
79/* Random generator that is told how many bytes to return. */
80static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len )
81{
82 size_t *bytes_left = state;
83 size_t i;
84 for( i = 0; i < len; i++ )
85 {
86 if( *bytes_left == 0 )
87 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
88 buf[i] = *bytes_left & 0xff;
89 --( *bytes_left );
90 }
91 return( 0 );
92}
93
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]94/* Test whether bytes represents (in big-endian base 256) a number b that
95 * is significantly above a power of 2. That is, b must not have a long run
96 * of unset bits after the most significant bit.
97 *
98 * Let n be the bit-size of b, i.e. the integer such that 2^n <= b < 2^{n+1}.
99 * This function returns 1 if, when drawing a number between 0 and b,
100 * the probability that this number is at least 2^n is not negligible.
101 * This probability is (b - 2^n) / b and this function checks that this
102 * number is above some threshold A. The threshold value is heuristic and
103 * based on the needs of mpi_random_many().
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]104 */
105static int is_significantly_above_a_power_of_2( data_t *bytes )
106{
107 const uint8_t *p = bytes->x;
108 size_t len = bytes->len;
109 unsigned x;
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]110
111 /* Skip leading null bytes */
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]112 while( len > 0 && p[0] == 0 )
113 {
114 ++p;
115 --len;
116 }
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]117 /* 0 is not significantly above a power of 2 */
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]118 if( len == 0 )
119 return( 0 );
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]120 /* Extract the (up to) 2 most significant bytes */
121 if( len == 1 )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]122 x = p[0];
123 else
124 x = ( p[0] << 8 ) | p[1];
125
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]126 /* Shift the most significant bit of x to position 8 and mask it out */
127 while( ( x & 0xfe00 ) != 0 )
128 x >>= 1;
129 x &= 0x00ff;
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]130
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]131 /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above
132 * a power of 2 iff x is significantly above 0 compared to 2^8.
133 * Testing x >= 2^4 amounts to picking A = 1/16 in the function
134 * description above. */
135 return( x >= 0x10 );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]136}
137
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]138/* END_HEADER */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]139
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]140/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]141 * depends_on:MBEDTLS_BIGNUM_C
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]142 * END_DEPENDENCIES
143 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]144
Hanno Beckerb48e1aa2018-12-18 23:25:01 +0000[diff] [blame]145/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]146void mpi_null( )
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]147{
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]148 mbedtls_mpi X, Y, Z;
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]149
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]150 mbedtls_mpi_init( &X );
151 mbedtls_mpi_init( &Y );
152 mbedtls_mpi_init( &Z );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]153
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]154 TEST_ASSERT( mbedtls_mpi_get_bit( &X, 42 ) == 0 );
155 TEST_ASSERT( mbedtls_mpi_lsb( &X ) == 0 );
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]156 TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == 0 );
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]157 TEST_ASSERT( mbedtls_mpi_size( &X ) == 0 );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]158
159exit:
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]160 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]161}
162/* END_CASE */
163
164/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]165void mpi_read_write_string( int radix_X, char * input_X, int radix_A,
166 char * input_A, int output_size, int result_read,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]167 int result_write )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]168{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]169 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]170 char str[1000];
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]171 size_t len;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]172
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]173 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]174
Janos Follath04dadb72019-03-06 12:29:37 +0000[diff] [blame]175 memset( str, '!', sizeof( str ) );
176
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]177 TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]178 if( result_read == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]179 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]180 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]181 TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]182 if( result_write == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]183 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]184 TEST_ASSERT( strcasecmp( str, input_A ) == 0 );
Janos Follath04dadb72019-03-06 12:29:37 +0000[diff] [blame]185 TEST_ASSERT( str[len] == '!' );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]186 }
187 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]188
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]189exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]190 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]191}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]192/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]193
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]194/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]195void mbedtls_mpi_read_binary( data_t * buf, char * input_A )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]196{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]197 mbedtls_mpi X;
Janos Follathe5670f22019-02-25 16:11:58 +0000[diff] [blame]198 char str[1000];
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]199 size_t len;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]200
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]201 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]202
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]203
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]204 TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]205 TEST_ASSERT( sign_is_valid( &X ) );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]206 TEST_ASSERT( mbedtls_mpi_write_string( &X, 16, str, sizeof( str ), &len ) == 0 );
Werner Lewisdc47fe72022-08-01 13:55:41 +0100[diff] [blame]207 TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]208
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]209exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]210 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]211}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]212/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]213
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]214/* BEGIN_CASE */
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]215void mbedtls_mpi_core_io_null()
216{
217 mbedtls_mpi_uint X = 0;
218 int ret;
219
220 ret = mbedtls_mpi_core_read_be( &X, 1, NULL, 0 );
221 TEST_ASSERT( ret == 0 );
222 ret = mbedtls_mpi_core_write_be( &X, 1, NULL, 0 );
223 TEST_ASSERT( ret == 0 );
224
225 ret = mbedtls_mpi_core_read_be( NULL, 0, NULL, 0 );
226 TEST_ASSERT( ret == 0 );
227 ret = mbedtls_mpi_core_write_be( NULL, 0, NULL, 0 );
228 TEST_ASSERT( ret == 0 );
229
230 ret = mbedtls_mpi_core_read_le( &X, 1, NULL, 0 );
231 TEST_ASSERT( ret == 0 );
232 ret = mbedtls_mpi_core_write_le( &X, 1, NULL, 0 );
233 TEST_ASSERT( ret == 0 );
234
235 ret = mbedtls_mpi_core_read_le( NULL, 0, NULL, 0 );
236 TEST_ASSERT( ret == 0 );
237 ret = mbedtls_mpi_core_write_le( NULL, 0, NULL, 0 );
238 TEST_ASSERT( ret == 0 );
239
240exit:
241 ;
242}
243/* END_CASE */
244
245/* BEGIN_CASE */
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]246void mbedtls_mpi_core_io_be( data_t *input, int nb_int, int nx_64_int, int iret,
247 int oret )
248{
249 #define BMAX 1024
250 unsigned char buf[BMAX];
251 #define XMAX BMAX / sizeof( mbedtls_mpi_uint )
252 mbedtls_mpi_uint X[XMAX];
253 size_t nx, nb;
254 int ret;
255
256 if( iret != 0 )
257 TEST_ASSERT( oret == 0 );
258
259 TEST_ASSERT( 0 <= nb_int );
260 nb = nb_int;
261 TEST_ASSERT( nb <= BMAX );
262
263 TEST_ASSERT( 0 <= nx_64_int );
264 nx = nx_64_int;
265 /* nx_64_int is the number of 64 bit limbs, if we have 32 bit limbs we need
266 * to double the number of limbs to have the same size. */
267 if( sizeof( mbedtls_mpi_uint ) == 4 )
268 nx *= 2;
269 TEST_ASSERT( nx <= XMAX );
270
271 ret = mbedtls_mpi_core_read_be( X, nx, input->x, input->len );
272 TEST_ASSERT( ret == iret );
273
274 if( iret == 0 )
275 {
276 ret = mbedtls_mpi_core_write_be( X, nx, buf, nb );
277 TEST_ASSERT( ret == oret );
278 }
279
280 if( ( iret == 0 ) && ( oret == 0 ) )
281 {
282 if( nb > input->len )
283 {
284 size_t leading_zeroes = nb - input->len;
285 TEST_ASSERT( memcmp( buf + nb - input->len, input->x, input->len ) == 0 );
286 for( size_t i = 0; i < leading_zeroes; i++ )
287 TEST_ASSERT( buf[i] == 0 );
288 }
289 else
290 {
291 size_t leading_zeroes = input->len - nb;
292 TEST_ASSERT( memcmp( input->x + input->len - nb, buf, nb ) == 0 );
293 for( size_t i = 0; i < leading_zeroes; i++ )
294 TEST_ASSERT( input->x[i] == 0 );
295 }
296 }
297
298exit:
299 ;
300
301 #undef BMAX
302 #undef XMAX
303}
304/* END_CASE */
305
306/* BEGIN_CASE */
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]307void mbedtls_mpi_core_io_le( data_t *input, int nb_int, int nx_64_int, int iret,
308 int oret )
309{
310 #define BMAX 1024
311 unsigned char buf[BMAX];
312 #define XMAX BMAX / sizeof( mbedtls_mpi_uint )
313 mbedtls_mpi_uint X[XMAX];
314 size_t nx, nb;
315 int ret;
316
317 if( iret != 0 )
318 TEST_ASSERT( oret == 0 );
319
320 TEST_ASSERT( 0 <= nb_int );
321 nb = nb_int;
322 TEST_ASSERT( nb <= BMAX );
323
324 TEST_ASSERT( 0 <= nx_64_int );
325 nx = nx_64_int;
326 /* nx_64_int is the number of 64 bit limbs, if we have 32 bit limbs we need
327 * to double the number of limbs to have the same size. */
328 if( sizeof( mbedtls_mpi_uint ) == 4 )
329 nx *= 2;
330 TEST_ASSERT( nx <= XMAX );
331
332 ret = mbedtls_mpi_core_read_le( X, nx, input->x, input->len );
333 TEST_ASSERT( ret == iret );
334
335 if( iret == 0 )
336 {
337 ret = mbedtls_mpi_core_write_le( X, nx, buf, nb );
338 TEST_ASSERT( ret == oret );
339 }
340
341 if( ( iret == 0 ) && ( oret == 0 ) )
342 {
343 if( nb > input->len )
344 {
345 TEST_ASSERT( memcmp( buf, input->x, input->len ) == 0 );
346 for( size_t i = input->len; i < nb; i++ )
347 TEST_ASSERT( buf[i] == 0 );
348 }
349 else
350 {
351 TEST_ASSERT( memcmp( input->x, buf, nb ) == 0 );
352 for( size_t i = nb; i < input->len; i++ )
353 TEST_ASSERT( input->x[i] == 0 );
354 }
355 }
356
357exit:
358 ;
359
360 #undef BMAX
361 #undef XMAX
362}
363/* END_CASE */
364
365/* BEGIN_CASE */
Janos Follath16949692022-08-08 13:37:20 +0100[diff] [blame^]366void mbedtls_mpi_mod_setup( int ext_rep, int int_rep, int iret )
367{
368 #define MLIMBS 8
369 mbedtls_mpi_uint mp[MLIMBS];
370 mbedtls_mpi_mod_modulus m;
371 int ret;
372
373 memset( mp, 0xFF, sizeof(mp) );
374
375 mbedtls_mpi_mod_modulus_init( &m );
376 ret = mbedtls_mpi_mod_modulus_setup( &m, mp, MLIMBS, ext_rep, int_rep );
377 TEST_ASSERT( ret == iret );
378
379 /* Address sanitiser should catch if we try to free mp */
380 mbedtls_mpi_mod_modulus_free( &m );
381
382 /* Make sure that the modulus doesn't have reference to mp anymore */
383 TEST_ASSERT( m.p != mp );
384
385exit:
386 /* It should be safe to call an mbedtls free several times */
387 mbedtls_mpi_mod_modulus_free( &m );
388
389 #undef MLIMBS
390}
391/* END_CASE */
392
393
394/* BEGIN_CASE */
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]395void mbedtls_mpi_mod_raw_io( data_t *input, int nb_int, int nx_64_int,
396 int iendian, int iret, int oret )
397{
398 #define BMAX 1024
399 unsigned char buf[BMAX];
400 #define XMAX BMAX / sizeof( mbedtls_mpi_uint )
401 mbedtls_mpi_uint X[XMAX];
402 mbedtls_mpi_uint init[XMAX];
403 mbedtls_mpi_mod_modulus m;
404 size_t nx, nb;
405 int ret;
406 int endian;
407
408 if( iret != 0 )
409 TEST_ASSERT( oret == 0 );
410
411 TEST_ASSERT( 0 <= nb_int );
412 nb = nb_int;
413 TEST_ASSERT( nb <= BMAX );
414
415 TEST_ASSERT( 0 <= nx_64_int );
416 nx = nx_64_int;
417 /* nx_64_int is the number of 64 bit limbs, if we have 32 bit limbs we need
418 * to double the number of limbs to have the same size. */
419 if( sizeof( mbedtls_mpi_uint ) == 4 )
420 nx *= 2;
421 TEST_ASSERT( nx <= XMAX );
422
423 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID )
424 endian = MBEDTLS_MPI_MOD_EXT_REP_LE;
425 else
426 endian = iendian;
427
428 mbedtls_mpi_mod_modulus_init( &m );
429 TEST_ASSERT( memset( init, 0xFF, sizeof( init ) ) );
430
431 ret = mbedtls_mpi_mod_modulus_setup( &m, init, nx, endian,
432 MBEDTLS_MPI_MOD_REP_MONTGOMERY );
433 TEST_ASSERT( ret == 0 );
434
435 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID && iret != 0 )
436 m.ext_rep = MBEDTLS_MPI_MOD_EXT_REP_INVALID;
437
438 ret = mbedtls_mpi_mod_raw_read( X, &m, input->x, input->len );
439 TEST_ASSERT( ret == iret );
440
441 if( iret == 0 )
442 {
443 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID && oret != 0 )
444 m.ext_rep = MBEDTLS_MPI_MOD_EXT_REP_INVALID;
445
446 ret = mbedtls_mpi_mod_raw_write( X, &m, buf, nb );
447 TEST_ASSERT( ret == oret );
448 }
449
450 if( ( iret == 0 ) && ( oret == 0 ) )
451 {
452 if( nb > input->len )
453 {
454 if( endian == MBEDTLS_MPI_MOD_EXT_REP_BE )
455 {
456 size_t leading_zeroes = nb - input->len;
457 TEST_ASSERT( memcmp( buf + nb - input->len, input->x, input->len ) == 0 );
458 for( size_t i = 0; i < leading_zeroes; i++ )
459 TEST_ASSERT( buf[i] == 0 );
460 }
461 else
462 {
463 TEST_ASSERT( memcmp( buf, input->x, input->len ) == 0 );
464 for( size_t i = input->len; i < nb; i++ )
465 TEST_ASSERT( buf[i] == 0 );
466 }
467 }
468 else
469 {
470 if( endian == MBEDTLS_MPI_MOD_EXT_REP_BE )
471 {
472 size_t leading_zeroes = input->len - nb;
473 TEST_ASSERT( memcmp( input->x + input->len - nb, buf, nb ) == 0 );
474 for( size_t i = 0; i < leading_zeroes; i++ )
475 TEST_ASSERT( input->x[i] == 0 );
476 }
477 else
478 {
479 TEST_ASSERT( memcmp( input->x, buf, nb ) == 0 );
480 for( size_t i = nb; i < input->len; i++ )
481 TEST_ASSERT( input->x[i] == 0 );
482 }
483 }
484 }
485
486exit:
487 mbedtls_mpi_mod_modulus_free( &m );
488
489 #undef BMAX
490 #undef XMAX
491}
492/* END_CASE */
493
494/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]495void mbedtls_mpi_read_binary_le( data_t * buf, char * input_A )
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]496{
497 mbedtls_mpi X;
Janos Follathe5670f22019-02-25 16:11:58 +0000[diff] [blame]498 char str[1000];
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]499 size_t len;
500
501 mbedtls_mpi_init( &X );
502
503
504 TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]505 TEST_ASSERT( sign_is_valid( &X ) );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]506 TEST_ASSERT( mbedtls_mpi_write_string( &X, 16, str, sizeof( str ), &len ) == 0 );
Werner Lewisdc47fe72022-08-01 13:55:41 +0100[diff] [blame]507 TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]508
509exit:
510 mbedtls_mpi_free( &X );
511}
512/* END_CASE */
513
514/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]515void mbedtls_mpi_write_binary( char * input_X, data_t * input_A,
516 int output_size, int result )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]517{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]518 mbedtls_mpi X;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]519 unsigned char buf[1000];
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]520 size_t buflen;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]521
522 memset( buf, 0x00, 1000 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]523
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]525
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]526 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnarde670f902015-10-30 09:23:19 +0100[diff] [blame]527
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]528 buflen = mbedtls_mpi_size( &X );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]529 if( buflen > (size_t) output_size )
530 buflen = (size_t) output_size;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]531
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]532 TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]533 if( result == 0)
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]534 {
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]535
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]536 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
537 buflen, input_A->len ) == 0 );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]538 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]539
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]540exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]541 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]542}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]543/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]544
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]545/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]546void mbedtls_mpi_write_binary_le( char * input_X, data_t * input_A,
547 int output_size, int result )
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]548{
549 mbedtls_mpi X;
550 unsigned char buf[1000];
551 size_t buflen;
552
553 memset( buf, 0x00, 1000 );
554
555 mbedtls_mpi_init( &X );
556
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]557 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]558
559 buflen = mbedtls_mpi_size( &X );
560 if( buflen > (size_t) output_size )
561 buflen = (size_t) output_size;
562
563 TEST_ASSERT( mbedtls_mpi_write_binary_le( &X, buf, buflen ) == result );
564 if( result == 0)
565 {
566
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]567 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
568 buflen, input_A->len ) == 0 );
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]569 }
570
571exit:
572 mbedtls_mpi_free( &X );
573}
574/* END_CASE */
575
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]576/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]577void mbedtls_mpi_read_file( char * input_file, data_t * input_A, int result )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]578{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]579 mbedtls_mpi X;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]580 unsigned char buf[1000];
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]581 size_t buflen;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]582 FILE *file;
Manuel Pégourié-Gonnarde43187d2015-02-14 16:01:34 +0000[diff] [blame]583 int ret;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]584
585 memset( buf, 0x00, 1000 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]586
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]587 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]588
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]589 file = fopen( input_file, "r" );
Paul Bakker8a0c0a92014-04-17 16:08:20 +0200[diff] [blame]590 TEST_ASSERT( file != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]591 ret = mbedtls_mpi_read_file( &X, 16, file );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]592 fclose(file);
Manuel Pégourié-Gonnarde43187d2015-02-14 16:01:34 +0000[diff] [blame]593 TEST_ASSERT( ret == result );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]594
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]595 if( result == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]596 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]597 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]598 buflen = mbedtls_mpi_size( &X );
599 TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]600
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]601
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]602 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
603 buflen, input_A->len ) == 0 );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]604 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]605
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]606exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]607 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]608}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]609/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]610
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]611/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]612void mbedtls_mpi_write_file( char * input_X, char * output_file )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]613{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]614 mbedtls_mpi X, Y;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]615 FILE *file_out, *file_in;
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]616 int ret;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]617
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]618 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]619
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]620 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]621
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]622 file_out = fopen( output_file, "w" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]623 TEST_ASSERT( file_out != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]624 ret = mbedtls_mpi_write_file( NULL, &X, 16, file_out );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]625 fclose(file_out);
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]626 TEST_ASSERT( ret == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]627
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]628 file_in = fopen( output_file, "r" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]629 TEST_ASSERT( file_in != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]630 ret = mbedtls_mpi_read_file( &Y, 16, file_in );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]631 fclose(file_in);
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]632 TEST_ASSERT( ret == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]633
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]634 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]635
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]636exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]637 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]638}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]639/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]640
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]641/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]642void mbedtls_mpi_get_bit( char * input_X, int pos, int val )
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]643{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]644 mbedtls_mpi X;
645 mbedtls_mpi_init( &X );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]646 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]647 TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]648
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]649exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]650 mbedtls_mpi_free( &X );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]651}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]652/* END_CASE */
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]653
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]654/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]655void mbedtls_mpi_set_bit( char * input_X, int pos, int val,
656 char * output_Y, int result )
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]657{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]658 mbedtls_mpi X, Y;
659 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]660
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]661 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
662 TEST_ASSERT( mbedtls_test_read_mpi( &Y, output_Y ) == 0 );
Paul Bakkerec5ceb62016-07-14 12:47:07 +0100[diff] [blame]663 TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result );
664
665 if( result == 0 )
666 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]667 TEST_ASSERT( sign_is_valid( &X ) );
Paul Bakkerec5ceb62016-07-14 12:47:07 +0100[diff] [blame]668 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
669 }
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]670
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]671exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]672 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]673}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]674/* END_CASE */
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]675
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]676/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]677void mbedtls_mpi_lsb( char * input_X, int nr_bits )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]678{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679 mbedtls_mpi X;
680 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]681
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]682 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]683 TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]684
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]685exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]686 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]687}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]688/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]689
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]690/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]691void mbedtls_mpi_bitlen( char * input_X, int nr_bits )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]692{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]693 mbedtls_mpi X;
694 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]695
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]696 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]697 TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]698
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]699exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]700 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]701}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]702/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]703
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]704/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]705void mbedtls_mpi_gcd( char * input_X, char * input_Y,
706 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]707{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]708 mbedtls_mpi A, X, Y, Z;
709 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]710
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]711 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
712 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
713 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]714 TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]715 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]716 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]717
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]718exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]719 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]720}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]721/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]722
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]723/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]724void mbedtls_mpi_cmp_int( int input_X, int input_A, int result_CMP )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]725{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]726 mbedtls_mpi X;
727 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]728
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]729 TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0);
730 TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_A ) == result_CMP);
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]731
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]732exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]733 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]734}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]735/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]736
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]737/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]738void mbedtls_mpi_cmp_mpi( char * input_X, char * input_Y,
739 int input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]740{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]741 mbedtls_mpi X, Y;
742 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]743
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]744 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
745 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]746 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]747
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]748exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]749 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]750}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]751/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]752
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]753/* BEGIN_CASE */
Janos Follath23bdeca2022-07-22 18:24:06 +0100[diff] [blame]754void mbedtls_mpi_core_lt_ct( data_t * input_X, data_t * input_Y, int input_ret )
755{
756 #define MAX_LEN 64
757 mbedtls_mpi_uint X[MAX_LEN];
758 mbedtls_mpi_uint Y[MAX_LEN];
759 unsigned exp_ret = input_ret;
760 unsigned ret;
761 size_t len = CHARS_TO_LIMBS(
762 input_X->len > input_Y->len ? input_X->len : input_Y->len );
763
764 TEST_ASSERT( len <= MAX_LEN );
765
766 TEST_ASSERT( mbedtls_mpi_core_read_be( X, len, input_X->x, input_X->len )
767 == 0 );
768 TEST_ASSERT( mbedtls_mpi_core_read_be( Y, len, input_Y->x, input_Y->len )
769 == 0 );
770
771 TEST_CF_SECRET( X, len * sizeof( mbedtls_mpi_uint ) );
772 TEST_CF_SECRET( Y, len * sizeof( mbedtls_mpi_uint ) );
773
774 ret = mbedtls_mpi_core_lt_ct( X, Y, len );
775
776 TEST_CF_PUBLIC( X, len * sizeof( mbedtls_mpi_uint ) );
777 TEST_CF_PUBLIC( Y, len * sizeof( mbedtls_mpi_uint ) );
778 TEST_CF_PUBLIC( &ret, sizeof( ret ) );
779
780 TEST_ASSERT( ret == exp_ret );
781
782exit:
783 ;
784
785 #undef MAX_LEN
786}
787/* END_CASE */
788
789/* BEGIN_CASE */
Janos Follathb7e1b492019-10-14 09:21:49 +0100[diff] [blame]790void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X,
791 int size_Y, char * input_Y,
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]792 int input_ret, int input_err )
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]793{
Gilles Peskine0deccf12020-09-02 15:18:07 +0200[diff] [blame]794 unsigned ret = -1;
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]795 unsigned input_uret = input_ret;
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]796 mbedtls_mpi X, Y;
797 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
798
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]799 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
800 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]801
Gilles Peskine9018b112020-01-21 16:30:53 +0100[diff] [blame]802 TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 );
803 TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]804
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]805 TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]806 if( input_err == 0 )
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]807 TEST_ASSERT( ret == input_uret );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]808
809exit:
810 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
811}
812/* END_CASE */
813
814/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]815void mbedtls_mpi_cmp_abs( char * input_X, char * input_Y,
816 int input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]817{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]818 mbedtls_mpi X, Y;
819 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]820
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]821 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
822 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]823 TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]824
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]825exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]826 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]827}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]828/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]829
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]830/* BEGIN_CASE */
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]831void mbedtls_mpi_copy( char *src_hex, char *dst_hex )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]832{
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]833 mbedtls_mpi src, dst, ref;
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]834 mbedtls_mpi_init( &src );
835 mbedtls_mpi_init( &dst );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]836 mbedtls_mpi_init( &ref );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]837
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]838 TEST_ASSERT( mbedtls_test_read_mpi( &src, src_hex ) == 0 );
839 TEST_ASSERT( mbedtls_test_read_mpi( &ref, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]840
841 /* mbedtls_mpi_copy() */
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]842 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]843 TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]844 TEST_ASSERT( sign_is_valid( &dst ) );
845 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]846
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]847 /* mbedtls_mpi_safe_cond_assign(), assignment done */
848 mbedtls_mpi_free( &dst );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]849 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]850 TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 );
851 TEST_ASSERT( sign_is_valid( &dst ) );
852 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
853
854 /* mbedtls_mpi_safe_cond_assign(), assignment not done */
855 mbedtls_mpi_free( &dst );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]856 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]857 TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 );
858 TEST_ASSERT( sign_is_valid( &dst ) );
859 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 );
860
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]861exit:
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]862 mbedtls_mpi_free( &src );
863 mbedtls_mpi_free( &dst );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]864 mbedtls_mpi_free( &ref );
Gilles Peskine7428b452020-01-20 21:01:51 +0100[diff] [blame]865}
866/* END_CASE */
867
868/* BEGIN_CASE */
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]869void mpi_copy_self( char *input_X )
Gilles Peskine7428b452020-01-20 21:01:51 +0100[diff] [blame]870{
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]871 mbedtls_mpi X, A;
872 mbedtls_mpi_init( &A );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]873 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]874
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]875 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]876 TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]877
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]878 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_X ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]879 TEST_ASSERT( sign_is_valid( &X ) );
880 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]881
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]882exit:
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]883 mbedtls_mpi_free( &A );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]884 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]885}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]886/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]887
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]888/* BEGIN_CASE */
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]889void mbedtls_mpi_swap( char *X_hex, char *Y_hex )
890{
891 mbedtls_mpi X, Y, X0, Y0;
892 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
893 mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
894
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]895 TEST_ASSERT( mbedtls_test_read_mpi( &X0, X_hex ) == 0 );
896 TEST_ASSERT( mbedtls_test_read_mpi( &Y0, Y_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]897
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]898 /* mbedtls_mpi_swap() */
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]899 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
900 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]901 mbedtls_mpi_swap( &X, &Y );
902 TEST_ASSERT( sign_is_valid( &X ) );
903 TEST_ASSERT( sign_is_valid( &Y ) );
904 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
905 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
906
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]907 /* mbedtls_mpi_safe_cond_swap(), swap done */
908 mbedtls_mpi_free( &X );
909 mbedtls_mpi_free( &Y );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]910 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
911 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]912 TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
913 TEST_ASSERT( sign_is_valid( &X ) );
914 TEST_ASSERT( sign_is_valid( &Y ) );
915 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
916 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
917
918 /* mbedtls_mpi_safe_cond_swap(), swap not done */
919 mbedtls_mpi_free( &X );
920 mbedtls_mpi_free( &Y );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]921 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
922 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]923 TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
924 TEST_ASSERT( sign_is_valid( &X ) );
925 TEST_ASSERT( sign_is_valid( &Y ) );
926 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
927 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 );
928
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]929exit:
930 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
931 mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
932}
933/* END_CASE */
934
935/* BEGIN_CASE */
936void mpi_swap_self( char *X_hex )
937{
938 mbedtls_mpi X, X0;
939 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
940
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]941 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
942 TEST_ASSERT( mbedtls_test_read_mpi( &X0, X_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]943
944 mbedtls_mpi_swap( &X, &X );
945 TEST_ASSERT( sign_is_valid( &X ) );
946 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
947
948exit:
949 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
950}
951/* END_CASE */
952
953/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]954void mbedtls_mpi_shrink( int before, int used, int min, int after )
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]955{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]956 mbedtls_mpi X;
957 mbedtls_mpi_init( &X );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]958
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959 TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 );
Gilles Peskinee1091752021-06-15 21:19:18 +0200[diff] [blame]960 if( used > 0 )
961 {
962 size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint );
963 TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 );
964 }
965 TEST_EQUAL( X.n, (size_t) before );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]966 TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 );
Gilles Peskinee1091752021-06-15 21:19:18 +0200[diff] [blame]967 TEST_EQUAL( X.n, (size_t) after );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]968
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]969exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]970 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]971}
972/* END_CASE */
973
974/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]975void mbedtls_mpi_add_mpi( char * input_X, char * input_Y,
976 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]977{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]978 mbedtls_mpi X, Y, Z, A;
979 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]980
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]981 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
982 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
983 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]985 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]986 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]987
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]988 /* result == first operand */
989 TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]990 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]991 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]992 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]993
994 /* result == second operand */
995 TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]996 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]997 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
998
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]999exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1000 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1001}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1002/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1003
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1004/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1005void mbedtls_mpi_add_mpi_inplace( char * input_X, char * input_A )
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]1006{
1007 mbedtls_mpi X, A;
1008 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
1009
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1010 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1011
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1012 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1013 TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 );
1014 TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1015 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1016
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1017 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1018 TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1019 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1020 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
1021
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1022 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]1023 TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1024 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]1025 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
1026
1027exit:
1028 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
1029}
1030/* END_CASE */
1031
1032
1033/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1034void mbedtls_mpi_add_abs( char * input_X, char * input_Y,
1035 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1036{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1037 mbedtls_mpi X, Y, Z, A;
1038 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1039
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1040 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1041 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1042 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043 TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1044 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1045 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1046
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1047 /* result == first operand */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1048 TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1049 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1050 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1051 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1052
1053 /* result == second operand */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1054 TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1055 TEST_ASSERT( sign_is_valid( &Y ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1056 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1057
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1058exit:
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1059 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]1060}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1061/* END_CASE */
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]1062
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1063/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1064void mbedtls_mpi_add_int( char * input_X, int input_Y,
1065 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1066{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1067 mbedtls_mpi X, Z, A;
1068 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1069
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1070 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1071 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1072 TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1073 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1074 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1075
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1076exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1077 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1078}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1079/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1080
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1081/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1082void mbedtls_mpi_sub_mpi( char * input_X, char * input_Y,
1083 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1084{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1085 mbedtls_mpi X, Y, Z, A;
1086 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1087
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1088 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1089 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1090 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1091 TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1092 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1093 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1094
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1095 /* result == first operand */
1096 TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1097 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1098 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1099 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1100
1101 /* result == second operand */
1102 TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1103 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1104 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
1105
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1106exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1107 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1108}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1109/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1110
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1111/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1112void mbedtls_mpi_sub_abs( char * input_X, char * input_Y,
1113 char * input_A, int sub_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1114{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1115 mbedtls_mpi X, Y, Z, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1116 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1117 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1118
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1119 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1120 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1121 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnarde670f902015-10-30 09:23:19 +0100[diff] [blame]1122
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1123 res = mbedtls_mpi_sub_abs( &Z, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1124 TEST_ASSERT( res == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1125 TEST_ASSERT( sign_is_valid( &Z ) );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1126 if( res == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1127 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1128
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1129 /* result == first operand */
1130 TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1131 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1132 if( sub_result == 0 )
1133 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1134 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1135
1136 /* result == second operand */
1137 TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1138 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1139 if( sub_result == 0 )
1140 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
1141
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1142exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1143 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1144}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1145/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1146
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1147/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1148void mbedtls_mpi_sub_int( char * input_X, int input_Y,
1149 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1150{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1151 mbedtls_mpi X, Z, A;
1152 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1153
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1154 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1155 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1156 TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1157 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1158 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1159
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1160exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1161 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1162}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1163/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1164
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1165/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1166void mbedtls_mpi_mul_mpi( char * input_X, char * input_Y,
1167 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1168{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1169 mbedtls_mpi X, Y, Z, A;
1170 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1171
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1172 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1173 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1174 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1175 TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1176 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1177 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1178
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1179exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1180 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1181}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1182/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1183
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1184/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1185void mbedtls_mpi_mul_int( char * input_X, int input_Y,
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1186 char * input_A, char * result_comparison )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1187{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1188 mbedtls_mpi X, Z, A;
1189 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1190
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1191 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1192 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1193 TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1194 TEST_ASSERT( sign_is_valid( &Z ) );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1195 if( strcmp( result_comparison, "==" ) == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1196 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1197 else if( strcmp( result_comparison, "!=" ) == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1198 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) != 0 );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1199 else
1200 TEST_ASSERT( "unknown operator" == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1201
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1202exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1203 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1204}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1205/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1206
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1207/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1208void mbedtls_mpi_div_mpi( char * input_X, char * input_Y,
1209 char * input_A, char * input_B,
1210 int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1211{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1212 mbedtls_mpi X, Y, Q, R, A, B;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1213 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1214 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R );
1215 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1216
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1217 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1218 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1219 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1220 TEST_ASSERT( mbedtls_test_read_mpi( &B, input_B ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1221 res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1222 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1223 if( res == 0 )
1224 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1225 TEST_ASSERT( sign_is_valid( &Q ) );
1226 TEST_ASSERT( sign_is_valid( &R ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1227 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
1228 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1229 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1230
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1231exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1232 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R );
1233 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1234}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1235/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1236
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1237/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1238void mbedtls_mpi_div_int( char * input_X, int input_Y,
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1239 char * input_A, char * input_B,
1240 int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1241{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1242 mbedtls_mpi X, Q, R, A, B;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1243 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1244 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A );
1245 mbedtls_mpi_init( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1246
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1247 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1248 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1249 TEST_ASSERT( mbedtls_test_read_mpi( &B, input_B ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1250 res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1251 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1252 if( res == 0 )
1253 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1254 TEST_ASSERT( sign_is_valid( &Q ) );
1255 TEST_ASSERT( sign_is_valid( &R ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1256 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
1257 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1258 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1259
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1260exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1261 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &A );
1262 mbedtls_mpi_free( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1263}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1264/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1265
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1266/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1267void mbedtls_mpi_mod_mpi( char * input_X, char * input_Y,
1268 char * input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1269{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1270 mbedtls_mpi X, Y, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1271 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1272 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1273
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1274 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1275 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1276 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1277 res = mbedtls_mpi_mod_mpi( &X, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1278 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1279 if( res == 0 )
1280 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1281 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1282 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1283 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1284
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1285exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1286 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1287}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1288/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1289
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1290/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1291void mbedtls_mpi_mod_int( char * input_X, int input_Y,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1292 int input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1293{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1294 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1295 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1296 mbedtls_mpi_uint r;
1297 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1298
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1299 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1300 res = mbedtls_mpi_mod_int( &r, &X, input_Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1301 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1302 if( res == 0 )
1303 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1304 TEST_ASSERT( r == (mbedtls_mpi_uint) input_A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1305 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1306
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1307exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1308 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1309}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1310/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1311
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1312/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1313void mbedtls_mpi_exp_mod( char * input_A, char * input_E,
1314 char * input_N, char * input_X,
1315 int exp_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1316{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1317 mbedtls_mpi A, E, N, RR, Z, X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1318 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1319 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
1320 mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1321
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1322 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1323 TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 );
1324 TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 );
1325 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1326
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1327 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1328 TEST_ASSERT( res == exp_result );
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1329 if( res == 0 )
1330 {
1331 TEST_ASSERT( sign_is_valid( &Z ) );
1332 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
1333 }
1334
1335 /* Now test again with the speed-up parameter supplied as an output. */
1336 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1337 TEST_ASSERT( res == exp_result );
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1338 if( res == 0 )
1339 {
1340 TEST_ASSERT( sign_is_valid( &Z ) );
1341 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
1342 }
1343
1344 /* Now test again with the speed-up parameter supplied in calculated form. */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1345 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1346 TEST_ASSERT( res == exp_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1347 if( res == 0 )
1348 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1349 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1350 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1351 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1352
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1353exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1354 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
1355 mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1356}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1357/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1358
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1359/* BEGIN_CASE */
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1360void mbedtls_mpi_exp_mod_size( int A_bytes, int E_bytes, int N_bytes,
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1361 char * input_RR, int exp_result )
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1362{
1363 mbedtls_mpi A, E, N, RR, Z;
1364 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
1365 mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z );
1366
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1367 /* Set A to 2^(A_bytes - 1) + 1 */
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1368 TEST_ASSERT( mbedtls_mpi_lset( &A, 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1369 TEST_ASSERT( mbedtls_mpi_shift_l( &A, ( A_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1370 TEST_ASSERT( mbedtls_mpi_set_bit( &A, 0, 1 ) == 0 );
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1371
1372 /* Set E to 2^(E_bytes - 1) + 1 */
1373 TEST_ASSERT( mbedtls_mpi_lset( &E, 1 ) == 0 );
1374 TEST_ASSERT( mbedtls_mpi_shift_l( &E, ( E_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1375 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 1 ) == 0 );
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1376
1377 /* Set N to 2^(N_bytes - 1) + 1 */
1378 TEST_ASSERT( mbedtls_mpi_lset( &N, 1 ) == 0 );
1379 TEST_ASSERT( mbedtls_mpi_shift_l( &N, ( N_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1380 TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 );
1381
1382 if( strlen( input_RR ) )
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1383 TEST_ASSERT( mbedtls_test_read_mpi( &RR, input_RR ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1384
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1385 TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1386
1387exit:
1388 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
1389 mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z );
1390}
1391/* END_CASE */
1392
1393/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1394void mbedtls_mpi_inv_mod( char * input_X, char * input_Y,
1395 char * input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1396{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1397 mbedtls_mpi X, Y, Z, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1398 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1399 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1400
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1401 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1402 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1403 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1404 res = mbedtls_mpi_inv_mod( &Z, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1405 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1406 if( res == 0 )
1407 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1408 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1409 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1410 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1411
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1412exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1413 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1414}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1415/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1416
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1417/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1418void mbedtls_mpi_is_prime( char * input_X, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1419{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1420 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1421 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1422 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1423
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1424 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]1425 res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1426 TEST_ASSERT( res == div_result );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1427
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1428exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1429 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1430}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1431/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1432
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1433/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1434void mbedtls_mpi_is_prime_det( data_t * input_X, data_t * witnesses,
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1435 int chunk_len, int rounds )
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1436{
1437 mbedtls_mpi X;
1438 int res;
1439 mbedtls_test_mpi_random rand;
1440
1441 mbedtls_mpi_init( &X );
1442 rand.data = witnesses;
1443 rand.pos = 0;
1444 rand.chunk_len = chunk_len;
1445
1446 TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1447 res = mbedtls_mpi_is_prime_ext( &X, rounds - 1,
1448 mbedtls_test_mpi_miller_rabin_determinizer,
1449 &rand );
1450 TEST_ASSERT( res == 0 );
1451
1452 rand.data = witnesses;
1453 rand.pos = 0;
1454 rand.chunk_len = chunk_len;
1455
Janos Follatha0b67c22018-09-18 14:48:23 +0100[diff] [blame]1456 res = mbedtls_mpi_is_prime_ext( &X, rounds,
1457 mbedtls_test_mpi_miller_rabin_determinizer,
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1458 &rand );
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1459 TEST_ASSERT( res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1460
1461exit:
1462 mbedtls_mpi_free( &X );
1463}
1464/* END_CASE */
1465
1466/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Janos Follatha3cb7eb2018-08-14 15:31:54 +0100[diff] [blame]1467void mbedtls_mpi_gen_prime( int bits, int flags, int ref_ret )
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1468{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1469 mbedtls_mpi X;
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1470 int my_ret;
1471
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1472 mbedtls_mpi_init( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1473
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1474 my_ret = mbedtls_mpi_gen_prime( &X, bits, flags,
1475 mbedtls_test_rnd_std_rand, NULL );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1476 TEST_ASSERT( my_ret == ref_ret );
1477
1478 if( ref_ret == 0 )
1479 {
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]1480 size_t actual_bits = mbedtls_mpi_bitlen( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1481
1482 TEST_ASSERT( actual_bits >= (size_t) bits );
1483 TEST_ASSERT( actual_bits <= (size_t) bits + 1 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1484 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1485
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1486 TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
1487 mbedtls_test_rnd_std_rand,
1488 NULL ) == 0 );
Janos Follatha3cb7eb2018-08-14 15:31:54 +0100[diff] [blame]1489 if( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH )
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1490 {
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1491 /* X = ( X - 1 ) / 2 */
1492 TEST_ASSERT( mbedtls_mpi_shift_r( &X, 1 ) == 0 );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1493 TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
1494 mbedtls_test_rnd_std_rand,
1495 NULL ) == 0 );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1496 }
1497 }
1498
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1499exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1500 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1501}
1502/* END_CASE */
1503
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1504/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1505void mbedtls_mpi_shift_l( char * input_X, int shift_X,
1506 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1507{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1508 mbedtls_mpi X, A;
1509 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1510
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1511 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1512 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1513 TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1514 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1515 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1516
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1517exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1518 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1519}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1520/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1521
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1522/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1523void mbedtls_mpi_shift_r( char * input_X, int shift_X,
1524 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1525{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1526 mbedtls_mpi X, A;
1527 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1528
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1529 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1530 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1531 TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1532 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1533 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1534
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1535exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1536 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1537}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1538/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1539
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1540/* BEGIN_CASE */
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1541void mpi_fill_random( int wanted_bytes, int rng_bytes,
1542 int before, int expected_ret )
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1543{
1544 mbedtls_mpi X;
1545 int ret;
1546 size_t bytes_left = rng_bytes;
1547 mbedtls_mpi_init( &X );
1548
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1549 if( before != 0 )
1550 {
1551 /* Set X to sign(before) * 2^(|before|-1) */
1552 TEST_ASSERT( mbedtls_mpi_lset( &X, before > 0 ? 1 : -1 ) == 0 );
1553 if( before < 0 )
1554 before = - before;
1555 TEST_ASSERT( mbedtls_mpi_shift_l( &X, before - 1 ) == 0 );
1556 }
1557
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1558 ret = mbedtls_mpi_fill_random( &X, wanted_bytes,
1559 f_rng_bytes_left, &bytes_left );
1560 TEST_ASSERT( ret == expected_ret );
1561
1562 if( expected_ret == 0 )
1563 {
1564 /* mbedtls_mpi_fill_random is documented to use bytes from the RNG
1565 * as a big-endian representation of the number. We know when
1566 * our RNG function returns null bytes, so we know how many
1567 * leading zero bytes the number has. */
1568 size_t leading_zeros = 0;
1569 if( wanted_bytes > 0 && rng_bytes % 256 == 0 )
1570 leading_zeros = 1;
1571 TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros ==
1572 (size_t) wanted_bytes );
1573 TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1574 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1575 }
1576
1577exit:
1578 mbedtls_mpi_free( &X );
1579}
1580/* END_CASE */
1581
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1582/* BEGIN_CASE */
1583void mpi_random_many( int min, data_t *bound_bytes, int iterations )
1584{
1585 /* Generate numbers in the range 1..bound-1. Do it iterations times.
1586 * This function assumes that the value of bound is at least 2 and
1587 * that iterations is large enough that a one-in-2^iterations chance
1588 * effectively never occurs.
1589 */
1590
1591 mbedtls_mpi upper_bound;
1592 size_t n_bits;
1593 mbedtls_mpi result;
1594 size_t b;
1595 /* If upper_bound is small, stats[b] is the number of times the value b
1596 * has been generated. Otherwise stats[b] is the number of times a
1597 * value with bit b set has been generated. */
1598 size_t *stats = NULL;
1599 size_t stats_len;
1600 int full_stats;
1601 size_t i;
1602
1603 mbedtls_mpi_init( &upper_bound );
1604 mbedtls_mpi_init( &result );
1605
1606 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1607 bound_bytes->x, bound_bytes->len ) );
1608 n_bits = mbedtls_mpi_bitlen( &upper_bound );
1609 /* Consider a bound "small" if it's less than 2^5. This value is chosen
1610 * to be small enough that the probability of missing one value is
1611 * negligible given the number of iterations. It must be less than
1612 * 256 because some of the code below assumes that "small" values
1613 * fit in a byte. */
1614 if( n_bits <= 5 )
1615 {
1616 full_stats = 1;
1617 stats_len = bound_bytes->x[bound_bytes->len - 1];
1618 }
1619 else
1620 {
1621 full_stats = 0;
1622 stats_len = n_bits;
1623 }
1624 ASSERT_ALLOC( stats, stats_len );
1625
1626 for( i = 0; i < (size_t) iterations; i++ )
1627 {
1628 mbedtls_test_set_step( i );
1629 TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
1630 mbedtls_test_rnd_std_rand, NULL ) );
1631
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1632 TEST_ASSERT( sign_is_valid( &result ) );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1633 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
1634 TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
1635 if( full_stats )
1636 {
1637 uint8_t value;
1638 TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) );
1639 TEST_ASSERT( value < stats_len );
1640 ++stats[value];
1641 }
1642 else
1643 {
1644 for( b = 0; b < n_bits; b++ )
1645 stats[b] += mbedtls_mpi_get_bit( &result, b );
1646 }
1647 }
1648
1649 if( full_stats )
1650 {
Gilles Peskined463edf2021-04-13 20:45:05 +0200[diff] [blame]1651 for( b = min; b < stats_len; b++ )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1652 {
1653 mbedtls_test_set_step( 1000000 + b );
1654 /* Assert that each value has been reached at least once.
1655 * This is almost guaranteed if the iteration count is large
1656 * enough. This is a very crude way of checking the distribution.
1657 */
1658 TEST_ASSERT( stats[b] > 0 );
1659 }
1660 }
1661 else
1662 {
Gilles Peskineceefe5d2021-06-02 21:24:04 +0200[diff] [blame]1663 int statistically_safe_all_the_way =
1664 is_significantly_above_a_power_of_2( bound_bytes );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1665 for( b = 0; b < n_bits; b++ )
1666 {
1667 mbedtls_test_set_step( 1000000 + b );
1668 /* Assert that each bit has been set in at least one result and
1669 * clear in at least one result. Provided that iterations is not
1670 * too small, it would be extremely unlikely for this not to be
1671 * the case if the results are uniformly distributed.
1672 *
1673 * As an exception, the top bit may legitimately never be set
1674 * if bound is a power of 2 or only slightly above.
1675 */
Gilles Peskineceefe5d2021-06-02 21:24:04 +0200[diff] [blame]1676 if( statistically_safe_all_the_way || b != n_bits - 1 )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1677 {
1678 TEST_ASSERT( stats[b] > 0 );
1679 }
1680 TEST_ASSERT( stats[b] < (size_t) iterations );
1681 }
1682 }
1683
1684exit:
1685 mbedtls_mpi_free( &upper_bound );
1686 mbedtls_mpi_free( &result );
1687 mbedtls_free( stats );
1688}
1689/* END_CASE */
1690
Gilles Peskine1e918f42021-03-29 22:14:51 +0200[diff] [blame]1691/* BEGIN_CASE */
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1692void mpi_random_sizes( int min, data_t *bound_bytes, int nlimbs, int before )
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1693{
1694 mbedtls_mpi upper_bound;
1695 mbedtls_mpi result;
1696
1697 mbedtls_mpi_init( &upper_bound );
1698 mbedtls_mpi_init( &result );
1699
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1700 if( before != 0 )
1701 {
1702 /* Set result to sign(before) * 2^(|before|-1) */
1703 TEST_ASSERT( mbedtls_mpi_lset( &result, before > 0 ? 1 : -1 ) == 0 );
1704 if( before < 0 )
1705 before = - before;
1706 TEST_ASSERT( mbedtls_mpi_shift_l( &result, before - 1 ) == 0 );
1707 }
1708
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1709 TEST_EQUAL( 0, mbedtls_mpi_grow( &result, nlimbs ) );
1710 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1711 bound_bytes->x, bound_bytes->len ) );
1712 TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
1713 mbedtls_test_rnd_std_rand, NULL ) );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1714 TEST_ASSERT( sign_is_valid( &result ) );
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1715 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
1716 TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
1717
1718exit:
1719 mbedtls_mpi_free( &upper_bound );
1720 mbedtls_mpi_free( &result );
1721}
1722/* END_CASE */
1723
1724/* BEGIN_CASE */
Gilles Peskine1e918f42021-03-29 22:14:51 +0200[diff] [blame]1725void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret )
1726{
1727 mbedtls_mpi upper_bound;
1728 mbedtls_mpi result;
1729 int actual_ret;
1730
1731 mbedtls_mpi_init( &upper_bound );
1732 mbedtls_mpi_init( &result );
1733
1734 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1735 bound_bytes->x, bound_bytes->len ) );
1736 actual_ret = mbedtls_mpi_random( &result, min, &upper_bound,
1737 mbedtls_test_rnd_std_rand, NULL );
1738 TEST_EQUAL( expected_ret, actual_ret );
1739
1740exit:
1741 mbedtls_mpi_free( &upper_bound );
1742 mbedtls_mpi_free( &result );
1743}
1744/* END_CASE */
1745
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1746/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1747void mpi_selftest( )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]1748{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1749 TEST_ASSERT( mbedtls_mpi_self_test( 1 ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]1750}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1751/* END_CASE */