TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 494a6d22bd77c6991805b4fc1f5a95bf97742a46 / . / tests / suites / test_suite_mpi.function
blob: 8c40b229a9c9078297b89a0752f8cb3f60c3988f [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/bignum.h"
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]3#include "mbedtls/entropy.h"
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]4#include "bignum_core.h"
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]5#include "bignum_mod.h"
6#include "bignum_mod_raw.h"
Janos Follath23bdeca2022-07-22 18:24:06 +0100[diff] [blame]7#include "constant_time_internal.h"
8#include "test/constant_flow.h"
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]9
Chris Jonese64a46f2020-12-03 17:44:03 +0000[diff] [blame]10#if MBEDTLS_MPI_MAX_BITS > 792
11#define MPI_MAX_BITS_LARGER_THAN_792
Chris Jones4592bd82020-12-03 14:24:33 +0000[diff] [blame]12#endif
Gabor Mezei89e31462022-08-12 15:36:56 +0200[diff] [blame]13
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]14/* Check the validity of the sign bit in an MPI object. Reject representations
15 * that are not supported by the rest of the library and indicate a bug when
16 * constructing the value. */
17static int sign_is_valid( const mbedtls_mpi *X )
18{
19 if( X->s != 1 && X->s != -1 )
20 return( 0 ); // invalid sign bit, e.g. 0
21 if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 )
22 return( 0 ); // negative zero
23 return( 1 );
24}
25
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]26typedef struct mbedtls_test_mpi_random
27{
28 data_t *data;
29 size_t pos;
30 size_t chunk_len;
31} mbedtls_test_mpi_random;
32
33/*
34 * This function is called by the Miller-Rabin primality test each time it
35 * chooses a random witness. The witnesses (or non-witnesses as provided by the
36 * test) are stored in the data member of the state structure. Each number is in
37 * the format that mbedtls_mpi_read_string understands and is chunk_len long.
38 */
39int mbedtls_test_mpi_miller_rabin_determinizer( void* state,
40 unsigned char* buf,
41 size_t len )
42{
43 mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random*) state;
44
45 if( random == NULL || random->data->x == NULL || buf == NULL )
46 return( -1 );
47
48 if( random->pos + random->chunk_len > random->data->len
49 || random->chunk_len > len )
50 {
51 return( -1 );
52 }
53
54 memset( buf, 0, len );
55
56 /* The witness is written to the end of the buffer, since the buffer is
57 * used as big endian, unsigned binary data in mbedtls_mpi_read_binary.
58 * Writing the witness to the start of the buffer would result in the
59 * buffer being 'witness 000...000', which would be treated as
60 * witness * 2^n for some n. */
61 memcpy( buf + len - random->chunk_len, &random->data->x[random->pos],
62 random->chunk_len );
63
64 random->pos += random->chunk_len;
65
66 return( 0 );
67}
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]68
69/* Random generator that is told how many bytes to return. */
70static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len )
71{
72 size_t *bytes_left = state;
73 size_t i;
74 for( i = 0; i < len; i++ )
75 {
76 if( *bytes_left == 0 )
77 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
78 buf[i] = *bytes_left & 0xff;
79 --( *bytes_left );
80 }
81 return( 0 );
82}
83
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]84/* Test whether bytes represents (in big-endian base 256) a number b that
85 * is significantly above a power of 2. That is, b must not have a long run
86 * of unset bits after the most significant bit.
87 *
88 * Let n be the bit-size of b, i.e. the integer such that 2^n <= b < 2^{n+1}.
89 * This function returns 1 if, when drawing a number between 0 and b,
90 * the probability that this number is at least 2^n is not negligible.
91 * This probability is (b - 2^n) / b and this function checks that this
92 * number is above some threshold A. The threshold value is heuristic and
93 * based on the needs of mpi_random_many().
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]94 */
95static int is_significantly_above_a_power_of_2( data_t *bytes )
96{
97 const uint8_t *p = bytes->x;
98 size_t len = bytes->len;
99 unsigned x;
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]100
101 /* Skip leading null bytes */
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]102 while( len > 0 && p[0] == 0 )
103 {
104 ++p;
105 --len;
106 }
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]107 /* 0 is not significantly above a power of 2 */
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]108 if( len == 0 )
109 return( 0 );
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]110 /* Extract the (up to) 2 most significant bytes */
111 if( len == 1 )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]112 x = p[0];
113 else
114 x = ( p[0] << 8 ) | p[1];
115
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]116 /* Shift the most significant bit of x to position 8 and mask it out */
117 while( ( x & 0xfe00 ) != 0 )
118 x >>= 1;
119 x &= 0x00ff;
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]120
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]121 /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above
122 * a power of 2 iff x is significantly above 0 compared to 2^8.
123 * Testing x >= 2^4 amounts to picking A = 1/16 in the function
124 * description above. */
125 return( x >= 0x10 );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]126}
127
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]128/* END_HEADER */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]129
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]130/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]131 * depends_on:MBEDTLS_BIGNUM_C
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]132 * END_DEPENDENCIES
133 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]134
Hanno Beckerb48e1aa2018-12-18 23:25:01 +0000[diff] [blame]135/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]136void mpi_null( )
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]137{
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]138 mbedtls_mpi X, Y, Z;
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]139
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]140 mbedtls_mpi_init( &X );
141 mbedtls_mpi_init( &Y );
142 mbedtls_mpi_init( &Z );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]143
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]144 TEST_ASSERT( mbedtls_mpi_get_bit( &X, 42 ) == 0 );
145 TEST_ASSERT( mbedtls_mpi_lsb( &X ) == 0 );
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]146 TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == 0 );
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]147 TEST_ASSERT( mbedtls_mpi_size( &X ) == 0 );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]148
149exit:
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]150 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]151}
152/* END_CASE */
153
154/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]155void mpi_read_write_string( int radix_X, char * input_X, int radix_A,
156 char * input_A, int output_size, int result_read,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]157 int result_write )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]158{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]159 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]160 char str[1000];
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]161 size_t len;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]162
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]163 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]164
Janos Follath04dadb72019-03-06 12:29:37 +0000[diff] [blame]165 memset( str, '!', sizeof( str ) );
166
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]167 TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]168 if( result_read == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]169 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]170 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]171 TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]172 if( result_write == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]173 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]174 TEST_ASSERT( strcasecmp( str, input_A ) == 0 );
Janos Follath04dadb72019-03-06 12:29:37 +0000[diff] [blame]175 TEST_ASSERT( str[len] == '!' );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]176 }
177 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]178
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]179exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]180 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]181}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]182/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]183
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]184/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]185void mbedtls_mpi_read_binary( data_t * buf, char * input_A )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]186{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]187 mbedtls_mpi X;
Janos Follathe5670f22019-02-25 16:11:58 +0000[diff] [blame]188 char str[1000];
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]189 size_t len;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]190
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]191 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]192
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]193
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]194 TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]195 TEST_ASSERT( sign_is_valid( &X ) );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]196 TEST_ASSERT( mbedtls_mpi_write_string( &X, 16, str, sizeof( str ), &len ) == 0 );
Werner Lewisdc47fe72022-08-01 13:55:41 +0100[diff] [blame]197 TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]198
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]199exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]200 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]201}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]202/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]203
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]204/* BEGIN_CASE */
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]205void mbedtls_mpi_core_io_null()
206{
207 mbedtls_mpi_uint X = 0;
208 int ret;
209
210 ret = mbedtls_mpi_core_read_be( &X, 1, NULL, 0 );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]211 TEST_EQUAL( ret, 0 );
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]212 ret = mbedtls_mpi_core_write_be( &X, 1, NULL, 0 );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]213 TEST_EQUAL( ret, 0 );
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]214
215 ret = mbedtls_mpi_core_read_be( NULL, 0, NULL, 0 );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]216 TEST_EQUAL( ret, 0 );
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]217 ret = mbedtls_mpi_core_write_be( NULL, 0, NULL, 0 );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]218 TEST_EQUAL( ret, 0 );
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]219
220 ret = mbedtls_mpi_core_read_le( &X, 1, NULL, 0 );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]221 TEST_EQUAL( ret, 0 );
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]222 ret = mbedtls_mpi_core_write_le( &X, 1, NULL, 0 );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]223 TEST_EQUAL( ret, 0 );
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]224
225 ret = mbedtls_mpi_core_read_le( NULL, 0, NULL, 0 );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]226 TEST_EQUAL( ret, 0 );
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]227 ret = mbedtls_mpi_core_write_le( NULL, 0, NULL, 0 );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]228 TEST_EQUAL( ret, 0 );
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]229
230exit:
231 ;
232}
233/* END_CASE */
234
235/* BEGIN_CASE */
Janos Follath1cb3b972022-08-11 10:50:04 +0100[diff] [blame]236void mbedtls_mpi_core_io_be( data_t *input, int nb_int, int nx_32_int, int iret,
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]237 int oret )
238{
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]239 if( iret != 0 )
240 TEST_ASSERT( oret == 0 );
241
242 TEST_ASSERT( 0 <= nb_int );
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]243 size_t nb = nb_int;
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]244
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]245 unsigned char buf[1024];
246 TEST_ASSERT( nb <= sizeof( buf ) );
247
Janos Follath1cb3b972022-08-11 10:50:04 +0100[diff] [blame]248 /* nx_32_int is the number of 32 bit limbs, if we have 64 bit limbs we need
249 * to halve the number of limbs to have the same size. */
250 if( sizeof( mbedtls_mpi_uint ) == 8 )
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]251 nx_32_int = nx_32_int / 2 + nx_32_int % 2;
252 TEST_ASSERT( 0 <= nx_32_int );
253 size_t nx = nx_32_int;
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]254
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]255 mbedtls_mpi_uint X[sizeof( buf ) / sizeof( mbedtls_mpi_uint )];
256 TEST_ASSERT( nx <= sizeof( X ) / sizeof( X[0] ) );
257
258 int ret = mbedtls_mpi_core_read_be( X, nx, input->x, input->len );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]259 TEST_EQUAL( ret, iret );
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]260
261 if( iret == 0 )
262 {
263 ret = mbedtls_mpi_core_write_be( X, nx, buf, nb );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]264 TEST_EQUAL( ret, oret );
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]265 }
266
267 if( ( iret == 0 ) && ( oret == 0 ) )
268 {
269 if( nb > input->len )
270 {
271 size_t leading_zeroes = nb - input->len;
272 TEST_ASSERT( memcmp( buf + nb - input->len, input->x, input->len ) == 0 );
273 for( size_t i = 0; i < leading_zeroes; i++ )
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]274 TEST_EQUAL( buf[i], 0 );
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]275 }
276 else
277 {
278 size_t leading_zeroes = input->len - nb;
279 TEST_ASSERT( memcmp( input->x + input->len - nb, buf, nb ) == 0 );
280 for( size_t i = 0; i < leading_zeroes; i++ )
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]281 TEST_EQUAL( input->x[i], 0 );
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]282 }
283 }
284
285exit:
286 ;
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]287}
288/* END_CASE */
289
290/* BEGIN_CASE */
Janos Follath9dfb5622022-08-11 12:15:55 +0100[diff] [blame]291void mbedtls_mpi_core_io_le( data_t *input, int nb_int, int nx_32_int, int iret,
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]292 int oret )
293{
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]294 if( iret != 0 )
295 TEST_ASSERT( oret == 0 );
296
297 TEST_ASSERT( 0 <= nb_int );
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]298 size_t nb = nb_int;
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]299
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]300 unsigned char buf[1024];
301 TEST_ASSERT( nb <= sizeof( buf ) );
302
Janos Follath9dfb5622022-08-11 12:15:55 +0100[diff] [blame]303 /* nx_32_int is the number of 32 bit limbs, if we have 64 bit limbs we need
304 * to halve the number of limbs to have the same size. */
305 if( sizeof( mbedtls_mpi_uint ) == 8 )
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]306 nx_32_int = nx_32_int / 2 + nx_32_int % 2;
307 TEST_ASSERT( 0 <= nx_32_int );
308 size_t nx = nx_32_int;
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]309
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]310 mbedtls_mpi_uint X[sizeof( buf ) / sizeof( mbedtls_mpi_uint )];
311 TEST_ASSERT( nx <= sizeof( X ) / sizeof( X[0] ) );
312
313 int ret = mbedtls_mpi_core_read_le( X, nx, input->x, input->len );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]314 TEST_EQUAL( ret, iret );
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]315
316 if( iret == 0 )
317 {
318 ret = mbedtls_mpi_core_write_le( X, nx, buf, nb );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]319 TEST_EQUAL( ret, oret );
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]320 }
321
322 if( ( iret == 0 ) && ( oret == 0 ) )
323 {
324 if( nb > input->len )
325 {
326 TEST_ASSERT( memcmp( buf, input->x, input->len ) == 0 );
327 for( size_t i = input->len; i < nb; i++ )
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]328 TEST_EQUAL( buf[i], 0 );
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]329 }
330 else
331 {
332 TEST_ASSERT( memcmp( input->x, buf, nb ) == 0 );
333 for( size_t i = nb; i < input->len; i++ )
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]334 TEST_EQUAL( input->x[i], 0 );
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]335 }
336 }
337
338exit:
339 ;
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]340}
341/* END_CASE */
342
343/* BEGIN_CASE */
Janos Follath16949692022-08-08 13:37:20 +0100[diff] [blame]344void mbedtls_mpi_mod_setup( int ext_rep, int int_rep, int iret )
345{
346 #define MLIMBS 8
347 mbedtls_mpi_uint mp[MLIMBS];
348 mbedtls_mpi_mod_modulus m;
349 int ret;
350
351 memset( mp, 0xFF, sizeof(mp) );
352
353 mbedtls_mpi_mod_modulus_init( &m );
354 ret = mbedtls_mpi_mod_modulus_setup( &m, mp, MLIMBS, ext_rep, int_rep );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]355 TEST_EQUAL( ret, iret );
Janos Follath16949692022-08-08 13:37:20 +0100[diff] [blame]356
357 /* Address sanitiser should catch if we try to free mp */
358 mbedtls_mpi_mod_modulus_free( &m );
359
360 /* Make sure that the modulus doesn't have reference to mp anymore */
361 TEST_ASSERT( m.p != mp );
362
363exit:
364 /* It should be safe to call an mbedtls free several times */
365 mbedtls_mpi_mod_modulus_free( &m );
366
367 #undef MLIMBS
368}
369/* END_CASE */
370
371
372/* BEGIN_CASE */
Gabor Mezei7f081782022-08-12 18:00:33 +0200[diff] [blame]373void mbedtls_mpi_mod_raw_io( data_t *input, int nb_int, int nx_32_int,
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]374 int iendian, int iret, int oret )
375{
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]376 if( iret != 0 )
377 TEST_ASSERT( oret == 0 );
378
379 TEST_ASSERT( 0 <= nb_int );
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]380 size_t nb = nb_int;
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]381
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]382 unsigned char buf[1024];
383 TEST_ASSERT( nb <= sizeof( buf ) );
384
Gabor Mezei7f081782022-08-12 18:00:33 +0200[diff] [blame]385 /* nx_32_int is the number of 32 bit limbs, if we have 64 bit limbs we need
386 * to halve the number of limbs to have the same size. */
387 if( sizeof( mbedtls_mpi_uint ) == 8 )
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]388 nx_32_int = nx_32_int / 2 + nx_32_int % 2;
389 TEST_ASSERT( 0 <= nx_32_int );
390 size_t nx = nx_32_int;
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]391
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]392 mbedtls_mpi_uint X[sizeof( buf ) / sizeof( mbedtls_mpi_uint )];
393 TEST_ASSERT( nx <= sizeof( X ) / sizeof( X[0] ) );
394
395 int endian;
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]396 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID )
397 endian = MBEDTLS_MPI_MOD_EXT_REP_LE;
398 else
399 endian = iendian;
400
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]401 mbedtls_mpi_mod_modulus m;
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]402 mbedtls_mpi_mod_modulus_init( &m );
Janos Follath81620642022-08-15 11:13:38 +0100[diff] [blame]403 mbedtls_mpi_uint init[sizeof( X ) / sizeof( X[0] )];
404 memset( init, 0xFF, sizeof( init ) );
405 int ret = mbedtls_mpi_mod_modulus_setup( &m, init, nx, endian,
406 MBEDTLS_MPI_MOD_REP_MONTGOMERY );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]407 TEST_EQUAL( ret, 0 );
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]408
409 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID && iret != 0 )
410 m.ext_rep = MBEDTLS_MPI_MOD_EXT_REP_INVALID;
411
412 ret = mbedtls_mpi_mod_raw_read( X, &m, input->x, input->len );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]413 TEST_EQUAL( ret, iret );
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]414
415 if( iret == 0 )
416 {
417 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID && oret != 0 )
418 m.ext_rep = MBEDTLS_MPI_MOD_EXT_REP_INVALID;
419
420 ret = mbedtls_mpi_mod_raw_write( X, &m, buf, nb );
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]421 TEST_EQUAL( ret, oret );
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]422 }
423
424 if( ( iret == 0 ) && ( oret == 0 ) )
425 {
426 if( nb > input->len )
427 {
428 if( endian == MBEDTLS_MPI_MOD_EXT_REP_BE )
429 {
430 size_t leading_zeroes = nb - input->len;
431 TEST_ASSERT( memcmp( buf + nb - input->len, input->x, input->len ) == 0 );
432 for( size_t i = 0; i < leading_zeroes; i++ )
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]433 TEST_EQUAL( buf[i], 0 );
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]434 }
435 else
436 {
437 TEST_ASSERT( memcmp( buf, input->x, input->len ) == 0 );
438 for( size_t i = input->len; i < nb; i++ )
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]439 TEST_EQUAL( buf[i], 0 );
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]440 }
441 }
442 else
443 {
444 if( endian == MBEDTLS_MPI_MOD_EXT_REP_BE )
445 {
446 size_t leading_zeroes = input->len - nb;
447 TEST_ASSERT( memcmp( input->x + input->len - nb, buf, nb ) == 0 );
448 for( size_t i = 0; i < leading_zeroes; i++ )
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]449 TEST_EQUAL( input->x[i], 0 );
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]450 }
451 else
452 {
453 TEST_ASSERT( memcmp( input->x, buf, nb ) == 0 );
454 for( size_t i = nb; i < input->len; i++ )
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]455 TEST_EQUAL( input->x[i], 0 );
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]456 }
457 }
458 }
459
460exit:
461 mbedtls_mpi_mod_modulus_free( &m );
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]462}
463/* END_CASE */
464
465/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]466void mbedtls_mpi_read_binary_le( data_t * buf, char * input_A )
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]467{
468 mbedtls_mpi X;
Janos Follathe5670f22019-02-25 16:11:58 +0000[diff] [blame]469 char str[1000];
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]470 size_t len;
471
472 mbedtls_mpi_init( &X );
473
474
475 TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]476 TEST_ASSERT( sign_is_valid( &X ) );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]477 TEST_ASSERT( mbedtls_mpi_write_string( &X, 16, str, sizeof( str ), &len ) == 0 );
Werner Lewisdc47fe72022-08-01 13:55:41 +0100[diff] [blame]478 TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]479
480exit:
481 mbedtls_mpi_free( &X );
482}
483/* END_CASE */
484
485/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]486void mbedtls_mpi_write_binary( char * input_X, data_t * input_A,
487 int output_size, int result )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]488{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]489 mbedtls_mpi X;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]490 unsigned char buf[1000];
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]491 size_t buflen;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]492
493 memset( buf, 0x00, 1000 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]494
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]495 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]496
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]497 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnarde670f902015-10-30 09:23:19 +0100[diff] [blame]498
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]499 buflen = mbedtls_mpi_size( &X );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]500 if( buflen > (size_t) output_size )
501 buflen = (size_t) output_size;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]502
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]503 TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]504 if( result == 0)
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]505 {
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]506
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]507 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
508 buflen, input_A->len ) == 0 );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]509 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]510
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]511exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]512 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]513}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]514/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]515
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]516/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]517void mbedtls_mpi_write_binary_le( char * input_X, data_t * input_A,
518 int output_size, int result )
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]519{
520 mbedtls_mpi X;
521 unsigned char buf[1000];
522 size_t buflen;
523
524 memset( buf, 0x00, 1000 );
525
526 mbedtls_mpi_init( &X );
527
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]528 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]529
530 buflen = mbedtls_mpi_size( &X );
531 if( buflen > (size_t) output_size )
532 buflen = (size_t) output_size;
533
534 TEST_ASSERT( mbedtls_mpi_write_binary_le( &X, buf, buflen ) == result );
535 if( result == 0)
536 {
537
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]538 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
539 buflen, input_A->len ) == 0 );
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]540 }
541
542exit:
543 mbedtls_mpi_free( &X );
544}
545/* END_CASE */
546
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]547/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]548void mbedtls_mpi_read_file( char * input_file, data_t * input_A, int result )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]549{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]550 mbedtls_mpi X;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]551 unsigned char buf[1000];
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]552 size_t buflen;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]553 FILE *file;
Manuel Pégourié-Gonnarde43187d2015-02-14 16:01:34 +0000[diff] [blame]554 int ret;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]555
556 memset( buf, 0x00, 1000 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]557
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]558 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]559
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]560 file = fopen( input_file, "r" );
Paul Bakker8a0c0a92014-04-17 16:08:20 +0200[diff] [blame]561 TEST_ASSERT( file != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]562 ret = mbedtls_mpi_read_file( &X, 16, file );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]563 fclose(file);
Manuel Pégourié-Gonnarde43187d2015-02-14 16:01:34 +0000[diff] [blame]564 TEST_ASSERT( ret == result );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]565
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]566 if( result == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]567 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]568 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569 buflen = mbedtls_mpi_size( &X );
570 TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]571
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]572
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]573 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
574 buflen, input_A->len ) == 0 );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]575 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]576
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]577exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]578 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]579}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]580/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]581
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]582/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]583void mbedtls_mpi_write_file( char * input_X, char * output_file )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]584{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]585 mbedtls_mpi X, Y;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]586 FILE *file_out, *file_in;
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]587 int ret;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]588
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]589 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]590
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]591 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]592
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]593 file_out = fopen( output_file, "w" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]594 TEST_ASSERT( file_out != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]595 ret = mbedtls_mpi_write_file( NULL, &X, 16, file_out );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]596 fclose(file_out);
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]597 TEST_ASSERT( ret == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]598
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]599 file_in = fopen( output_file, "r" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]600 TEST_ASSERT( file_in != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]601 ret = mbedtls_mpi_read_file( &Y, 16, file_in );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]602 fclose(file_in);
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]603 TEST_ASSERT( ret == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]604
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]605 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]606
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]607exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]608 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]609}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]610/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]611
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]612/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]613void mbedtls_mpi_get_bit( char * input_X, int pos, int val )
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]614{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]615 mbedtls_mpi X;
616 mbedtls_mpi_init( &X );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]617 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]618 TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]619
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]620exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621 mbedtls_mpi_free( &X );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]622}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]623/* END_CASE */
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]624
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]625/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]626void mbedtls_mpi_set_bit( char * input_X, int pos, int val,
627 char * output_Y, int result )
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]628{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]629 mbedtls_mpi X, Y;
630 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]631
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]632 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
633 TEST_ASSERT( mbedtls_test_read_mpi( &Y, output_Y ) == 0 );
Paul Bakkerec5ceb62016-07-14 12:47:07 +0100[diff] [blame]634 TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result );
635
636 if( result == 0 )
637 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]638 TEST_ASSERT( sign_is_valid( &X ) );
Paul Bakkerec5ceb62016-07-14 12:47:07 +0100[diff] [blame]639 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
640 }
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]641
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]642exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]643 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]644}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]645/* END_CASE */
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]646
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]647/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]648void mbedtls_mpi_lsb( char * input_X, int nr_bits )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]649{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]650 mbedtls_mpi X;
651 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]652
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]653 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]654 TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]655
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]656exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]658}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]659/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]660
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]661/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]662void mbedtls_mpi_bitlen( char * input_X, int nr_bits )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]663{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664 mbedtls_mpi X;
665 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]666
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]667 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]668 TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]669
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]670exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]671 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]672}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]673/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]674
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]675/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]676void mbedtls_mpi_gcd( char * input_X, char * input_Y,
677 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]678{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679 mbedtls_mpi A, X, Y, Z;
680 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]681
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]682 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
683 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
684 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]686 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]687 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]688
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]689exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]690 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]691}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]692/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]693
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]694/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695void mbedtls_mpi_cmp_int( int input_X, int input_A, int result_CMP )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]696{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697 mbedtls_mpi X;
698 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]699
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]700 TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0);
701 TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_A ) == result_CMP);
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]702
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]703exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]704 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]705}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]706/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]707
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]708/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]709void mbedtls_mpi_cmp_mpi( char * input_X, char * input_Y,
710 int input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]711{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]712 mbedtls_mpi X, Y;
713 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]714
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]715 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
716 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]717 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]718
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]719exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]720 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]721}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]722/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]723
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]724/* BEGIN_CASE */
Janos Follathdeb80302022-08-19 13:32:17 +0100[diff] [blame]725void mpi_core_lt_ct( data_t * input_X, data_t * input_Y, int input_ret )
Janos Follath23bdeca2022-07-22 18:24:06 +0100[diff] [blame]726{
727 #define MAX_LEN 64
728 mbedtls_mpi_uint X[MAX_LEN];
729 mbedtls_mpi_uint Y[MAX_LEN];
730 unsigned exp_ret = input_ret;
731 unsigned ret;
732 size_t len = CHARS_TO_LIMBS(
733 input_X->len > input_Y->len ? input_X->len : input_Y->len );
734
735 TEST_ASSERT( len <= MAX_LEN );
736
737 TEST_ASSERT( mbedtls_mpi_core_read_be( X, len, input_X->x, input_X->len )
738 == 0 );
739 TEST_ASSERT( mbedtls_mpi_core_read_be( Y, len, input_Y->x, input_Y->len )
740 == 0 );
741
742 TEST_CF_SECRET( X, len * sizeof( mbedtls_mpi_uint ) );
743 TEST_CF_SECRET( Y, len * sizeof( mbedtls_mpi_uint ) );
744
745 ret = mbedtls_mpi_core_lt_ct( X, Y, len );
746
747 TEST_CF_PUBLIC( X, len * sizeof( mbedtls_mpi_uint ) );
748 TEST_CF_PUBLIC( Y, len * sizeof( mbedtls_mpi_uint ) );
749 TEST_CF_PUBLIC( &ret, sizeof( ret ) );
750
Janos Follath494a6d22022-08-22 09:36:17 +0100[diff] [blame^]751 TEST_EQUAL( ret, exp_ret );
Janos Follath23bdeca2022-07-22 18:24:06 +0100[diff] [blame]752
753exit:
754 ;
755
756 #undef MAX_LEN
757}
758/* END_CASE */
759
760/* BEGIN_CASE */
Janos Follathb7e1b492019-10-14 09:21:49 +0100[diff] [blame]761void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X,
762 int size_Y, char * input_Y,
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]763 int input_ret, int input_err )
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]764{
Gilles Peskine0deccf12020-09-02 15:18:07 +0200[diff] [blame]765 unsigned ret = -1;
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]766 unsigned input_uret = input_ret;
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]767 mbedtls_mpi X, Y;
768 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
769
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]770 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
771 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]772
Gilles Peskine9018b112020-01-21 16:30:53 +0100[diff] [blame]773 TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 );
774 TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]775
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]776 TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]777 if( input_err == 0 )
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]778 TEST_ASSERT( ret == input_uret );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]779
780exit:
781 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
782}
783/* END_CASE */
784
785/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]786void mbedtls_mpi_cmp_abs( char * input_X, char * input_Y,
787 int input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]788{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]789 mbedtls_mpi X, Y;
790 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]791
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]792 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
793 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]794 TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]795
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]796exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]797 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]798}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]799/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]800
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]801/* BEGIN_CASE */
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]802void mbedtls_mpi_copy( char *src_hex, char *dst_hex )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]803{
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]804 mbedtls_mpi src, dst, ref;
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]805 mbedtls_mpi_init( &src );
806 mbedtls_mpi_init( &dst );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]807 mbedtls_mpi_init( &ref );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]808
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]809 TEST_ASSERT( mbedtls_test_read_mpi( &src, src_hex ) == 0 );
810 TEST_ASSERT( mbedtls_test_read_mpi( &ref, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]811
812 /* mbedtls_mpi_copy() */
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]813 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]814 TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]815 TEST_ASSERT( sign_is_valid( &dst ) );
816 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]817
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]818 /* mbedtls_mpi_safe_cond_assign(), assignment done */
819 mbedtls_mpi_free( &dst );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]820 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]821 TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 );
822 TEST_ASSERT( sign_is_valid( &dst ) );
823 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
824
825 /* mbedtls_mpi_safe_cond_assign(), assignment not done */
826 mbedtls_mpi_free( &dst );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]827 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]828 TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 );
829 TEST_ASSERT( sign_is_valid( &dst ) );
830 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 );
831
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]832exit:
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]833 mbedtls_mpi_free( &src );
834 mbedtls_mpi_free( &dst );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]835 mbedtls_mpi_free( &ref );
Gilles Peskine7428b452020-01-20 21:01:51 +0100[diff] [blame]836}
837/* END_CASE */
838
839/* BEGIN_CASE */
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]840void mpi_copy_self( char *input_X )
Gilles Peskine7428b452020-01-20 21:01:51 +0100[diff] [blame]841{
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]842 mbedtls_mpi X, A;
843 mbedtls_mpi_init( &A );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]844 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]845
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]846 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]847 TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]848
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]849 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_X ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]850 TEST_ASSERT( sign_is_valid( &X ) );
851 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]852
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]853exit:
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]854 mbedtls_mpi_free( &A );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]855 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]856}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]857/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]858
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]859/* BEGIN_CASE */
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]860void mbedtls_mpi_swap( char *X_hex, char *Y_hex )
861{
862 mbedtls_mpi X, Y, X0, Y0;
863 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
864 mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
865
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]866 TEST_ASSERT( mbedtls_test_read_mpi( &X0, X_hex ) == 0 );
867 TEST_ASSERT( mbedtls_test_read_mpi( &Y0, Y_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]868
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]869 /* mbedtls_mpi_swap() */
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]870 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
871 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]872 mbedtls_mpi_swap( &X, &Y );
873 TEST_ASSERT( sign_is_valid( &X ) );
874 TEST_ASSERT( sign_is_valid( &Y ) );
875 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
876 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
877
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]878 /* mbedtls_mpi_safe_cond_swap(), swap done */
879 mbedtls_mpi_free( &X );
880 mbedtls_mpi_free( &Y );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]881 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
882 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]883 TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
884 TEST_ASSERT( sign_is_valid( &X ) );
885 TEST_ASSERT( sign_is_valid( &Y ) );
886 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
887 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
888
889 /* mbedtls_mpi_safe_cond_swap(), swap not done */
890 mbedtls_mpi_free( &X );
891 mbedtls_mpi_free( &Y );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]892 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
893 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]894 TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
895 TEST_ASSERT( sign_is_valid( &X ) );
896 TEST_ASSERT( sign_is_valid( &Y ) );
897 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
898 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 );
899
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]900exit:
901 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
902 mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
903}
904/* END_CASE */
905
906/* BEGIN_CASE */
907void mpi_swap_self( char *X_hex )
908{
909 mbedtls_mpi X, X0;
910 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
911
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]912 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
913 TEST_ASSERT( mbedtls_test_read_mpi( &X0, X_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]914
915 mbedtls_mpi_swap( &X, &X );
916 TEST_ASSERT( sign_is_valid( &X ) );
917 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
918
919exit:
920 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
921}
922/* END_CASE */
923
924/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]925void mbedtls_mpi_shrink( int before, int used, int min, int after )
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]926{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]927 mbedtls_mpi X;
928 mbedtls_mpi_init( &X );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]929
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]930 TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 );
Gilles Peskinee1091752021-06-15 21:19:18 +0200[diff] [blame]931 if( used > 0 )
932 {
933 size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint );
934 TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 );
935 }
936 TEST_EQUAL( X.n, (size_t) before );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]937 TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 );
Gilles Peskinee1091752021-06-15 21:19:18 +0200[diff] [blame]938 TEST_EQUAL( X.n, (size_t) after );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]939
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]940exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]941 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]942}
943/* END_CASE */
944
945/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]946void mbedtls_mpi_add_mpi( char * input_X, char * input_Y,
947 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]948{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]949 mbedtls_mpi X, Y, Z, A;
950 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]951
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]952 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
953 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
954 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]956 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]957 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]958
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]959 /* result == first operand */
960 TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]961 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]962 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]963 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]964
965 /* result == second operand */
966 TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]967 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]968 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
969
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]970exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]972}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]973/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]974
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]975/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]976void mbedtls_mpi_add_mpi_inplace( char * input_X, char * input_A )
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]977{
978 mbedtls_mpi X, A;
979 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
980
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]981 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]982
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]983 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]984 TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 );
985 TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]986 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]987
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]988 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]989 TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]990 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]991 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
992
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]993 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]994 TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]995 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]996 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
997
998exit:
999 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
1000}
1001/* END_CASE */
1002
1003
1004/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1005void mbedtls_mpi_add_abs( char * input_X, char * input_Y,
1006 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1007{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008 mbedtls_mpi X, Y, Z, A;
1009 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1010
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1011 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1012 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1013 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1014 TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1015 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1016 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1017
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1018 /* result == first operand */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1019 TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1020 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1021 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1022 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1023
1024 /* result == second operand */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1025 TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1026 TEST_ASSERT( sign_is_valid( &Y ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1027 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1028
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1029exit:
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1030 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]1031}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1032/* END_CASE */
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]1033
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1034/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1035void mbedtls_mpi_add_int( char * input_X, int input_Y,
1036 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1037{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1038 mbedtls_mpi X, Z, A;
1039 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1040
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1041 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1042 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043 TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1044 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1045 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1046
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1047exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1048 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1049}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1050/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1051
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1052/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1053void mbedtls_mpi_sub_mpi( char * input_X, char * input_Y,
1054 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1055{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1056 mbedtls_mpi X, Y, Z, A;
1057 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1058
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1059 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1060 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1061 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1062 TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1063 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1064 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1065
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1066 /* result == first operand */
1067 TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1068 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1069 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1070 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1071
1072 /* result == second operand */
1073 TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1074 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1075 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
1076
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1077exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1078 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1079}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1080/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1081
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1082/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1083void mbedtls_mpi_sub_abs( char * input_X, char * input_Y,
1084 char * input_A, int sub_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1085{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1086 mbedtls_mpi X, Y, Z, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1087 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1088 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1089
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1090 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1091 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1092 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnarde670f902015-10-30 09:23:19 +0100[diff] [blame]1093
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1094 res = mbedtls_mpi_sub_abs( &Z, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1095 TEST_ASSERT( res == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1096 TEST_ASSERT( sign_is_valid( &Z ) );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1097 if( res == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1098 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1099
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1100 /* result == first operand */
1101 TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1102 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1103 if( sub_result == 0 )
1104 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1105 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1106
1107 /* result == second operand */
1108 TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1109 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1110 if( sub_result == 0 )
1111 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
1112
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1113exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1114 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1115}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1116/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1117
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1118/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1119void mbedtls_mpi_sub_int( char * input_X, int input_Y,
1120 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1121{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1122 mbedtls_mpi X, Z, A;
1123 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1124
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1125 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1126 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1127 TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1128 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1129 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1130
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1131exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1132 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1133}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1134/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1135
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1136/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1137void mbedtls_mpi_mul_mpi( char * input_X, char * input_Y,
1138 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1139{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1140 mbedtls_mpi X, Y, Z, A;
1141 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1142
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1143 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1144 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1145 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1146 TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1147 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1148 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1149
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1150exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1151 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1152}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1153/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1154
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1155/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1156void mbedtls_mpi_mul_int( char * input_X, int input_Y,
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1157 char * input_A, char * result_comparison )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1158{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1159 mbedtls_mpi X, Z, A;
1160 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1161
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1162 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1163 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1164 TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1165 TEST_ASSERT( sign_is_valid( &Z ) );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1166 if( strcmp( result_comparison, "==" ) == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1167 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1168 else if( strcmp( result_comparison, "!=" ) == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1169 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) != 0 );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1170 else
1171 TEST_ASSERT( "unknown operator" == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1172
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1173exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1174 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1175}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1176/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1177
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1178/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1179void mbedtls_mpi_div_mpi( char * input_X, char * input_Y,
1180 char * input_A, char * input_B,
1181 int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1182{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1183 mbedtls_mpi X, Y, Q, R, A, B;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1184 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1185 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R );
1186 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1187
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1188 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1189 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1190 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1191 TEST_ASSERT( mbedtls_test_read_mpi( &B, input_B ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1192 res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1193 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1194 if( res == 0 )
1195 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1196 TEST_ASSERT( sign_is_valid( &Q ) );
1197 TEST_ASSERT( sign_is_valid( &R ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1198 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
1199 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1200 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1201
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1202exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1203 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R );
1204 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1205}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1206/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1207
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1208/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1209void mbedtls_mpi_div_int( char * input_X, int input_Y,
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1210 char * input_A, char * input_B,
1211 int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1212{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1213 mbedtls_mpi X, Q, R, A, B;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1214 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1215 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A );
1216 mbedtls_mpi_init( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1217
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1218 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1219 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1220 TEST_ASSERT( mbedtls_test_read_mpi( &B, input_B ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1221 res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1222 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1223 if( res == 0 )
1224 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1225 TEST_ASSERT( sign_is_valid( &Q ) );
1226 TEST_ASSERT( sign_is_valid( &R ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1227 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
1228 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1229 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1230
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1231exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1232 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &A );
1233 mbedtls_mpi_free( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1234}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1235/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1236
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1237/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1238void mbedtls_mpi_mod_mpi( char * input_X, char * input_Y,
1239 char * input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1240{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1241 mbedtls_mpi X, Y, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1242 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1243 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1244
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1245 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1246 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1247 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1248 res = mbedtls_mpi_mod_mpi( &X, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1249 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1250 if( res == 0 )
1251 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1252 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1253 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1254 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1255
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1256exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1257 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1258}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1259/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1260
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1261/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1262void mbedtls_mpi_mod_int( char * input_X, int input_Y,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1263 int input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1264{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1265 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1266 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1267 mbedtls_mpi_uint r;
1268 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1269
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1270 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1271 res = mbedtls_mpi_mod_int( &r, &X, input_Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1272 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1273 if( res == 0 )
1274 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1275 TEST_ASSERT( r == (mbedtls_mpi_uint) input_A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1276 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1277
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1278exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1279 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1280}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1281/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1282
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1283/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1284void mbedtls_mpi_exp_mod( char * input_A, char * input_E,
1285 char * input_N, char * input_X,
1286 int exp_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1287{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1288 mbedtls_mpi A, E, N, RR, Z, X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1289 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1290 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
1291 mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1292
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1293 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1294 TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 );
1295 TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 );
1296 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1297
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1298 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1299 TEST_ASSERT( res == exp_result );
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1300 if( res == 0 )
1301 {
1302 TEST_ASSERT( sign_is_valid( &Z ) );
1303 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
1304 }
1305
1306 /* Now test again with the speed-up parameter supplied as an output. */
1307 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1308 TEST_ASSERT( res == exp_result );
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1309 if( res == 0 )
1310 {
1311 TEST_ASSERT( sign_is_valid( &Z ) );
1312 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
1313 }
1314
1315 /* Now test again with the speed-up parameter supplied in calculated form. */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1316 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1317 TEST_ASSERT( res == exp_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1318 if( res == 0 )
1319 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1320 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1321 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1322 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1323
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1324exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1325 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
1326 mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1327}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1328/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1329
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1330/* BEGIN_CASE */
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1331void mbedtls_mpi_exp_mod_size( int A_bytes, int E_bytes, int N_bytes,
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1332 char * input_RR, int exp_result )
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1333{
1334 mbedtls_mpi A, E, N, RR, Z;
1335 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
1336 mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z );
1337
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1338 /* Set A to 2^(A_bytes - 1) + 1 */
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1339 TEST_ASSERT( mbedtls_mpi_lset( &A, 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1340 TEST_ASSERT( mbedtls_mpi_shift_l( &A, ( A_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1341 TEST_ASSERT( mbedtls_mpi_set_bit( &A, 0, 1 ) == 0 );
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1342
1343 /* Set E to 2^(E_bytes - 1) + 1 */
1344 TEST_ASSERT( mbedtls_mpi_lset( &E, 1 ) == 0 );
1345 TEST_ASSERT( mbedtls_mpi_shift_l( &E, ( E_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1346 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 1 ) == 0 );
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1347
1348 /* Set N to 2^(N_bytes - 1) + 1 */
1349 TEST_ASSERT( mbedtls_mpi_lset( &N, 1 ) == 0 );
1350 TEST_ASSERT( mbedtls_mpi_shift_l( &N, ( N_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1351 TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 );
1352
1353 if( strlen( input_RR ) )
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1354 TEST_ASSERT( mbedtls_test_read_mpi( &RR, input_RR ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1355
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1356 TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1357
1358exit:
1359 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
1360 mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z );
1361}
1362/* END_CASE */
1363
1364/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1365void mbedtls_mpi_inv_mod( char * input_X, char * input_Y,
1366 char * input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1367{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1368 mbedtls_mpi X, Y, Z, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1369 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1370 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1371
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1372 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1373 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1374 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1375 res = mbedtls_mpi_inv_mod( &Z, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1376 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1377 if( res == 0 )
1378 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1379 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1380 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1381 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1382
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1383exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1384 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1385}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1386/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1387
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1388/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1389void mbedtls_mpi_is_prime( char * input_X, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1390{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1391 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1392 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1393 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1394
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1395 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]1396 res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1397 TEST_ASSERT( res == div_result );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1398
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1399exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1400 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1401}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1402/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1403
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1404/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1405void mbedtls_mpi_is_prime_det( data_t * input_X, data_t * witnesses,
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1406 int chunk_len, int rounds )
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1407{
1408 mbedtls_mpi X;
1409 int res;
1410 mbedtls_test_mpi_random rand;
1411
1412 mbedtls_mpi_init( &X );
1413 rand.data = witnesses;
1414 rand.pos = 0;
1415 rand.chunk_len = chunk_len;
1416
1417 TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1418 res = mbedtls_mpi_is_prime_ext( &X, rounds - 1,
1419 mbedtls_test_mpi_miller_rabin_determinizer,
1420 &rand );
1421 TEST_ASSERT( res == 0 );
1422
1423 rand.data = witnesses;
1424 rand.pos = 0;
1425 rand.chunk_len = chunk_len;
1426
Janos Follatha0b67c22018-09-18 14:48:23 +0100[diff] [blame]1427 res = mbedtls_mpi_is_prime_ext( &X, rounds,
1428 mbedtls_test_mpi_miller_rabin_determinizer,
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1429 &rand );
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1430 TEST_ASSERT( res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1431
1432exit:
1433 mbedtls_mpi_free( &X );
1434}
1435/* END_CASE */
1436
1437/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Janos Follatha3cb7eb2018-08-14 15:31:54 +0100[diff] [blame]1438void mbedtls_mpi_gen_prime( int bits, int flags, int ref_ret )
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1439{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1440 mbedtls_mpi X;
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1441 int my_ret;
1442
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1443 mbedtls_mpi_init( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1444
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1445 my_ret = mbedtls_mpi_gen_prime( &X, bits, flags,
1446 mbedtls_test_rnd_std_rand, NULL );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1447 TEST_ASSERT( my_ret == ref_ret );
1448
1449 if( ref_ret == 0 )
1450 {
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]1451 size_t actual_bits = mbedtls_mpi_bitlen( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1452
1453 TEST_ASSERT( actual_bits >= (size_t) bits );
1454 TEST_ASSERT( actual_bits <= (size_t) bits + 1 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1455 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1456
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1457 TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
1458 mbedtls_test_rnd_std_rand,
1459 NULL ) == 0 );
Janos Follatha3cb7eb2018-08-14 15:31:54 +0100[diff] [blame]1460 if( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH )
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1461 {
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1462 /* X = ( X - 1 ) / 2 */
1463 TEST_ASSERT( mbedtls_mpi_shift_r( &X, 1 ) == 0 );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1464 TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
1465 mbedtls_test_rnd_std_rand,
1466 NULL ) == 0 );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1467 }
1468 }
1469
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1470exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1471 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1472}
1473/* END_CASE */
1474
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1475/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1476void mbedtls_mpi_shift_l( char * input_X, int shift_X,
1477 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1478{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1479 mbedtls_mpi X, A;
1480 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1481
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1482 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1483 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1484 TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1485 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1486 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1487
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1488exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1489 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1490}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1491/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1492
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1493/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1494void mbedtls_mpi_shift_r( char * input_X, int shift_X,
1495 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1496{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1497 mbedtls_mpi X, A;
1498 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1499
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1500 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1501 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1502 TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1503 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1504 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1505
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1506exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1507 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1508}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1509/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1510
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1511/* BEGIN_CASE */
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1512void mpi_fill_random( int wanted_bytes, int rng_bytes,
1513 int before, int expected_ret )
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1514{
1515 mbedtls_mpi X;
1516 int ret;
1517 size_t bytes_left = rng_bytes;
1518 mbedtls_mpi_init( &X );
1519
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1520 if( before != 0 )
1521 {
1522 /* Set X to sign(before) * 2^(|before|-1) */
1523 TEST_ASSERT( mbedtls_mpi_lset( &X, before > 0 ? 1 : -1 ) == 0 );
1524 if( before < 0 )
1525 before = - before;
1526 TEST_ASSERT( mbedtls_mpi_shift_l( &X, before - 1 ) == 0 );
1527 }
1528
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1529 ret = mbedtls_mpi_fill_random( &X, wanted_bytes,
1530 f_rng_bytes_left, &bytes_left );
1531 TEST_ASSERT( ret == expected_ret );
1532
1533 if( expected_ret == 0 )
1534 {
1535 /* mbedtls_mpi_fill_random is documented to use bytes from the RNG
1536 * as a big-endian representation of the number. We know when
1537 * our RNG function returns null bytes, so we know how many
1538 * leading zero bytes the number has. */
1539 size_t leading_zeros = 0;
1540 if( wanted_bytes > 0 && rng_bytes % 256 == 0 )
1541 leading_zeros = 1;
1542 TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros ==
1543 (size_t) wanted_bytes );
1544 TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1545 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1546 }
1547
1548exit:
1549 mbedtls_mpi_free( &X );
1550}
1551/* END_CASE */
1552
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1553/* BEGIN_CASE */
1554void mpi_random_many( int min, data_t *bound_bytes, int iterations )
1555{
1556 /* Generate numbers in the range 1..bound-1. Do it iterations times.
1557 * This function assumes that the value of bound is at least 2 and
1558 * that iterations is large enough that a one-in-2^iterations chance
1559 * effectively never occurs.
1560 */
1561
1562 mbedtls_mpi upper_bound;
1563 size_t n_bits;
1564 mbedtls_mpi result;
1565 size_t b;
1566 /* If upper_bound is small, stats[b] is the number of times the value b
1567 * has been generated. Otherwise stats[b] is the number of times a
1568 * value with bit b set has been generated. */
1569 size_t *stats = NULL;
1570 size_t stats_len;
1571 int full_stats;
1572 size_t i;
1573
1574 mbedtls_mpi_init( &upper_bound );
1575 mbedtls_mpi_init( &result );
1576
1577 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1578 bound_bytes->x, bound_bytes->len ) );
1579 n_bits = mbedtls_mpi_bitlen( &upper_bound );
1580 /* Consider a bound "small" if it's less than 2^5. This value is chosen
1581 * to be small enough that the probability of missing one value is
1582 * negligible given the number of iterations. It must be less than
1583 * 256 because some of the code below assumes that "small" values
1584 * fit in a byte. */
1585 if( n_bits <= 5 )
1586 {
1587 full_stats = 1;
1588 stats_len = bound_bytes->x[bound_bytes->len - 1];
1589 }
1590 else
1591 {
1592 full_stats = 0;
1593 stats_len = n_bits;
1594 }
1595 ASSERT_ALLOC( stats, stats_len );
1596
1597 for( i = 0; i < (size_t) iterations; i++ )
1598 {
1599 mbedtls_test_set_step( i );
1600 TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
1601 mbedtls_test_rnd_std_rand, NULL ) );
1602
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1603 TEST_ASSERT( sign_is_valid( &result ) );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1604 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
1605 TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
1606 if( full_stats )
1607 {
1608 uint8_t value;
1609 TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) );
1610 TEST_ASSERT( value < stats_len );
1611 ++stats[value];
1612 }
1613 else
1614 {
1615 for( b = 0; b < n_bits; b++ )
1616 stats[b] += mbedtls_mpi_get_bit( &result, b );
1617 }
1618 }
1619
1620 if( full_stats )
1621 {
Gilles Peskined463edf2021-04-13 20:45:05 +0200[diff] [blame]1622 for( b = min; b < stats_len; b++ )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1623 {
1624 mbedtls_test_set_step( 1000000 + b );
1625 /* Assert that each value has been reached at least once.
1626 * This is almost guaranteed if the iteration count is large
1627 * enough. This is a very crude way of checking the distribution.
1628 */
1629 TEST_ASSERT( stats[b] > 0 );
1630 }
1631 }
1632 else
1633 {
Gilles Peskineceefe5d2021-06-02 21:24:04 +0200[diff] [blame]1634 int statistically_safe_all_the_way =
1635 is_significantly_above_a_power_of_2( bound_bytes );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1636 for( b = 0; b < n_bits; b++ )
1637 {
1638 mbedtls_test_set_step( 1000000 + b );
1639 /* Assert that each bit has been set in at least one result and
1640 * clear in at least one result. Provided that iterations is not
1641 * too small, it would be extremely unlikely for this not to be
1642 * the case if the results are uniformly distributed.
1643 *
1644 * As an exception, the top bit may legitimately never be set
1645 * if bound is a power of 2 or only slightly above.
1646 */
Gilles Peskineceefe5d2021-06-02 21:24:04 +0200[diff] [blame]1647 if( statistically_safe_all_the_way || b != n_bits - 1 )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1648 {
1649 TEST_ASSERT( stats[b] > 0 );
1650 }
1651 TEST_ASSERT( stats[b] < (size_t) iterations );
1652 }
1653 }
1654
1655exit:
1656 mbedtls_mpi_free( &upper_bound );
1657 mbedtls_mpi_free( &result );
1658 mbedtls_free( stats );
1659}
1660/* END_CASE */
1661
Gilles Peskine1e918f42021-03-29 22:14:51 +0200[diff] [blame]1662/* BEGIN_CASE */
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1663void mpi_random_sizes( int min, data_t *bound_bytes, int nlimbs, int before )
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1664{
1665 mbedtls_mpi upper_bound;
1666 mbedtls_mpi result;
1667
1668 mbedtls_mpi_init( &upper_bound );
1669 mbedtls_mpi_init( &result );
1670
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1671 if( before != 0 )
1672 {
1673 /* Set result to sign(before) * 2^(|before|-1) */
1674 TEST_ASSERT( mbedtls_mpi_lset( &result, before > 0 ? 1 : -1 ) == 0 );
1675 if( before < 0 )
1676 before = - before;
1677 TEST_ASSERT( mbedtls_mpi_shift_l( &result, before - 1 ) == 0 );
1678 }
1679
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1680 TEST_EQUAL( 0, mbedtls_mpi_grow( &result, nlimbs ) );
1681 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1682 bound_bytes->x, bound_bytes->len ) );
1683 TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
1684 mbedtls_test_rnd_std_rand, NULL ) );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1685 TEST_ASSERT( sign_is_valid( &result ) );
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1686 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
1687 TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
1688
1689exit:
1690 mbedtls_mpi_free( &upper_bound );
1691 mbedtls_mpi_free( &result );
1692}
1693/* END_CASE */
1694
1695/* BEGIN_CASE */
Gilles Peskine1e918f42021-03-29 22:14:51 +0200[diff] [blame]1696void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret )
1697{
1698 mbedtls_mpi upper_bound;
1699 mbedtls_mpi result;
1700 int actual_ret;
1701
1702 mbedtls_mpi_init( &upper_bound );
1703 mbedtls_mpi_init( &result );
1704
1705 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1706 bound_bytes->x, bound_bytes->len ) );
1707 actual_ret = mbedtls_mpi_random( &result, min, &upper_bound,
1708 mbedtls_test_rnd_std_rand, NULL );
1709 TEST_EQUAL( expected_ret, actual_ret );
1710
1711exit:
1712 mbedtls_mpi_free( &upper_bound );
1713 mbedtls_mpi_free( &result );
1714}
1715/* END_CASE */
1716
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1717/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1718void mpi_selftest( )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]1719{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1720 TEST_ASSERT( mbedtls_mpi_self_test( 1 ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]1721}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1722/* END_CASE */