TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7f0817884eaf0d7fe04be9e187e6bfff50c772fe / . / tests / suites / test_suite_mpi.function
blob: eb91db4fa122ca58e7c2917b3b0d31b1d25dd409 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/bignum.h"
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]3#include "mbedtls/entropy.h"
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]4#include "bignum_core.h"
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]5#include "bignum_mod.h"
6#include "bignum_mod_raw.h"
Janos Follath23bdeca2022-07-22 18:24:06 +0100[diff] [blame]7#include "constant_time_internal.h"
8#include "test/constant_flow.h"
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]9
Chris Jonese64a46f2020-12-03 17:44:03 +0000[diff] [blame]10#if MBEDTLS_MPI_MAX_BITS > 792
11#define MPI_MAX_BITS_LARGER_THAN_792
Chris Jones4592bd82020-12-03 14:24:33 +0000[diff] [blame]12#endif
Gabor Mezei89e31462022-08-12 15:36:56 +0200[diff] [blame]13
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]14/* Check the validity of the sign bit in an MPI object. Reject representations
15 * that are not supported by the rest of the library and indicate a bug when
16 * constructing the value. */
17static int sign_is_valid( const mbedtls_mpi *X )
18{
19 if( X->s != 1 && X->s != -1 )
20 return( 0 ); // invalid sign bit, e.g. 0
21 if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 )
22 return( 0 ); // negative zero
23 return( 1 );
24}
25
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]26typedef struct mbedtls_test_mpi_random
27{
28 data_t *data;
29 size_t pos;
30 size_t chunk_len;
31} mbedtls_test_mpi_random;
32
33/*
34 * This function is called by the Miller-Rabin primality test each time it
35 * chooses a random witness. The witnesses (or non-witnesses as provided by the
36 * test) are stored in the data member of the state structure. Each number is in
37 * the format that mbedtls_mpi_read_string understands and is chunk_len long.
38 */
39int mbedtls_test_mpi_miller_rabin_determinizer( void* state,
40 unsigned char* buf,
41 size_t len )
42{
43 mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random*) state;
44
45 if( random == NULL || random->data->x == NULL || buf == NULL )
46 return( -1 );
47
48 if( random->pos + random->chunk_len > random->data->len
49 || random->chunk_len > len )
50 {
51 return( -1 );
52 }
53
54 memset( buf, 0, len );
55
56 /* The witness is written to the end of the buffer, since the buffer is
57 * used as big endian, unsigned binary data in mbedtls_mpi_read_binary.
58 * Writing the witness to the start of the buffer would result in the
59 * buffer being 'witness 000...000', which would be treated as
60 * witness * 2^n for some n. */
61 memcpy( buf + len - random->chunk_len, &random->data->x[random->pos],
62 random->chunk_len );
63
64 random->pos += random->chunk_len;
65
66 return( 0 );
67}
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]68
69/* Random generator that is told how many bytes to return. */
70static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len )
71{
72 size_t *bytes_left = state;
73 size_t i;
74 for( i = 0; i < len; i++ )
75 {
76 if( *bytes_left == 0 )
77 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
78 buf[i] = *bytes_left & 0xff;
79 --( *bytes_left );
80 }
81 return( 0 );
82}
83
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]84/* Test whether bytes represents (in big-endian base 256) a number b that
85 * is significantly above a power of 2. That is, b must not have a long run
86 * of unset bits after the most significant bit.
87 *
88 * Let n be the bit-size of b, i.e. the integer such that 2^n <= b < 2^{n+1}.
89 * This function returns 1 if, when drawing a number between 0 and b,
90 * the probability that this number is at least 2^n is not negligible.
91 * This probability is (b - 2^n) / b and this function checks that this
92 * number is above some threshold A. The threshold value is heuristic and
93 * based on the needs of mpi_random_many().
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]94 */
95static int is_significantly_above_a_power_of_2( data_t *bytes )
96{
97 const uint8_t *p = bytes->x;
98 size_t len = bytes->len;
99 unsigned x;
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]100
101 /* Skip leading null bytes */
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]102 while( len > 0 && p[0] == 0 )
103 {
104 ++p;
105 --len;
106 }
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]107 /* 0 is not significantly above a power of 2 */
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]108 if( len == 0 )
109 return( 0 );
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]110 /* Extract the (up to) 2 most significant bytes */
111 if( len == 1 )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]112 x = p[0];
113 else
114 x = ( p[0] << 8 ) | p[1];
115
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]116 /* Shift the most significant bit of x to position 8 and mask it out */
117 while( ( x & 0xfe00 ) != 0 )
118 x >>= 1;
119 x &= 0x00ff;
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]120
Gilles Peskineeedefa52021-04-13 19:50:04 +0200[diff] [blame]121 /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above
122 * a power of 2 iff x is significantly above 0 compared to 2^8.
123 * Testing x >= 2^4 amounts to picking A = 1/16 in the function
124 * description above. */
125 return( x >= 0x10 );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]126}
127
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]128/* END_HEADER */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]129
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]130/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]131 * depends_on:MBEDTLS_BIGNUM_C
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]132 * END_DEPENDENCIES
133 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]134
Hanno Beckerb48e1aa2018-12-18 23:25:01 +0000[diff] [blame]135/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]136void mpi_null( )
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]137{
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]138 mbedtls_mpi X, Y, Z;
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]139
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]140 mbedtls_mpi_init( &X );
141 mbedtls_mpi_init( &Y );
142 mbedtls_mpi_init( &Z );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]143
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]144 TEST_ASSERT( mbedtls_mpi_get_bit( &X, 42 ) == 0 );
145 TEST_ASSERT( mbedtls_mpi_lsb( &X ) == 0 );
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]146 TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == 0 );
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]147 TEST_ASSERT( mbedtls_mpi_size( &X ) == 0 );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]148
149exit:
Manuel Pégourié-Gonnardda61ed32015-04-30 10:28:51 +0200[diff] [blame]150 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard770b5e12015-04-29 17:02:01 +0200[diff] [blame]151}
152/* END_CASE */
153
154/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]155void mpi_read_write_string( int radix_X, char * input_X, int radix_A,
156 char * input_A, int output_size, int result_read,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]157 int result_write )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]158{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]159 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]160 char str[1000];
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]161 size_t len;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]162
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]163 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]164
Janos Follath04dadb72019-03-06 12:29:37 +0000[diff] [blame]165 memset( str, '!', sizeof( str ) );
166
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]167 TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]168 if( result_read == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]169 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]170 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]171 TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]172 if( result_write == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]173 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]174 TEST_ASSERT( strcasecmp( str, input_A ) == 0 );
Janos Follath04dadb72019-03-06 12:29:37 +0000[diff] [blame]175 TEST_ASSERT( str[len] == '!' );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]176 }
177 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]178
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]179exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]180 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]181}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]182/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]183
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]184/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]185void mbedtls_mpi_read_binary( data_t * buf, char * input_A )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]186{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]187 mbedtls_mpi X;
Janos Follathe5670f22019-02-25 16:11:58 +0000[diff] [blame]188 char str[1000];
Manuel Pégourié-Gonnardf79b4252015-06-02 15:41:48 +0100[diff] [blame]189 size_t len;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]190
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]191 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]192
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]193
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]194 TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]195 TEST_ASSERT( sign_is_valid( &X ) );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]196 TEST_ASSERT( mbedtls_mpi_write_string( &X, 16, str, sizeof( str ), &len ) == 0 );
Werner Lewisdc47fe72022-08-01 13:55:41 +0100[diff] [blame]197 TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]198
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]199exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]200 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]201}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]202/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]203
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]204/* BEGIN_CASE */
Janos Follath91dc67d2022-07-22 14:24:58 +0100[diff] [blame]205void mbedtls_mpi_core_io_null()
206{
207 mbedtls_mpi_uint X = 0;
208 int ret;
209
210 ret = mbedtls_mpi_core_read_be( &X, 1, NULL, 0 );
211 TEST_ASSERT( ret == 0 );
212 ret = mbedtls_mpi_core_write_be( &X, 1, NULL, 0 );
213 TEST_ASSERT( ret == 0 );
214
215 ret = mbedtls_mpi_core_read_be( NULL, 0, NULL, 0 );
216 TEST_ASSERT( ret == 0 );
217 ret = mbedtls_mpi_core_write_be( NULL, 0, NULL, 0 );
218 TEST_ASSERT( ret == 0 );
219
220 ret = mbedtls_mpi_core_read_le( &X, 1, NULL, 0 );
221 TEST_ASSERT( ret == 0 );
222 ret = mbedtls_mpi_core_write_le( &X, 1, NULL, 0 );
223 TEST_ASSERT( ret == 0 );
224
225 ret = mbedtls_mpi_core_read_le( NULL, 0, NULL, 0 );
226 TEST_ASSERT( ret == 0 );
227 ret = mbedtls_mpi_core_write_le( NULL, 0, NULL, 0 );
228 TEST_ASSERT( ret == 0 );
229
230exit:
231 ;
232}
233/* END_CASE */
234
235/* BEGIN_CASE */
Janos Follath1cb3b972022-08-11 10:50:04 +0100[diff] [blame]236void mbedtls_mpi_core_io_be( data_t *input, int nb_int, int nx_32_int, int iret,
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]237 int oret )
238{
Gabor Mezei89e31462022-08-12 15:36:56 +0200[diff] [blame]239#define BMAX 1024
240#define XMAX BMAX / sizeof( mbedtls_mpi_uint )
241
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]242 unsigned char buf[BMAX];
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]243 mbedtls_mpi_uint X[XMAX];
244 size_t nx, nb;
245 int ret;
246
247 if( iret != 0 )
248 TEST_ASSERT( oret == 0 );
249
250 TEST_ASSERT( 0 <= nb_int );
251 nb = nb_int;
252 TEST_ASSERT( nb <= BMAX );
253
Janos Follath1cb3b972022-08-11 10:50:04 +0100[diff] [blame]254 TEST_ASSERT( 0 <= nx_32_int );
255 nx = nx_32_int;
256 /* nx_32_int is the number of 32 bit limbs, if we have 64 bit limbs we need
257 * to halve the number of limbs to have the same size. */
258 if( sizeof( mbedtls_mpi_uint ) == 8 )
259 nx = nx / 2 + nx % 2;
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]260 TEST_ASSERT( nx <= XMAX );
261
262 ret = mbedtls_mpi_core_read_be( X, nx, input->x, input->len );
263 TEST_ASSERT( ret == iret );
264
265 if( iret == 0 )
266 {
267 ret = mbedtls_mpi_core_write_be( X, nx, buf, nb );
268 TEST_ASSERT( ret == oret );
269 }
270
271 if( ( iret == 0 ) && ( oret == 0 ) )
272 {
273 if( nb > input->len )
274 {
275 size_t leading_zeroes = nb - input->len;
276 TEST_ASSERT( memcmp( buf + nb - input->len, input->x, input->len ) == 0 );
277 for( size_t i = 0; i < leading_zeroes; i++ )
278 TEST_ASSERT( buf[i] == 0 );
279 }
280 else
281 {
282 size_t leading_zeroes = input->len - nb;
283 TEST_ASSERT( memcmp( input->x + input->len - nb, buf, nb ) == 0 );
284 for( size_t i = 0; i < leading_zeroes; i++ )
285 TEST_ASSERT( input->x[i] == 0 );
286 }
287 }
288
289exit:
290 ;
291
Gabor Mezei89e31462022-08-12 15:36:56 +0200[diff] [blame]292#undef BMAX
293#undef XMAX
Janos Follathf1d617d2022-07-21 09:29:32 +0100[diff] [blame]294}
295/* END_CASE */
296
297/* BEGIN_CASE */
Janos Follath9dfb5622022-08-11 12:15:55 +0100[diff] [blame]298void mbedtls_mpi_core_io_le( data_t *input, int nb_int, int nx_32_int, int iret,
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]299 int oret )
300{
Gabor Mezei89e31462022-08-12 15:36:56 +0200[diff] [blame]301#define BMAX 1024
302#define XMAX BMAX / sizeof( mbedtls_mpi_uint )
303
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]304 unsigned char buf[BMAX];
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]305 mbedtls_mpi_uint X[XMAX];
306 size_t nx, nb;
307 int ret;
308
309 if( iret != 0 )
310 TEST_ASSERT( oret == 0 );
311
312 TEST_ASSERT( 0 <= nb_int );
313 nb = nb_int;
314 TEST_ASSERT( nb <= BMAX );
315
Janos Follath9dfb5622022-08-11 12:15:55 +0100[diff] [blame]316 TEST_ASSERT( 0 <= nx_32_int );
317 nx = nx_32_int;
318 /* nx_32_int is the number of 32 bit limbs, if we have 64 bit limbs we need
319 * to halve the number of limbs to have the same size. */
320 if( sizeof( mbedtls_mpi_uint ) == 8 )
321 nx = nx / 2 + nx % 2;
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]322 TEST_ASSERT( nx <= XMAX );
323
324 ret = mbedtls_mpi_core_read_le( X, nx, input->x, input->len );
325 TEST_ASSERT( ret == iret );
326
327 if( iret == 0 )
328 {
329 ret = mbedtls_mpi_core_write_le( X, nx, buf, nb );
330 TEST_ASSERT( ret == oret );
331 }
332
333 if( ( iret == 0 ) && ( oret == 0 ) )
334 {
335 if( nb > input->len )
336 {
337 TEST_ASSERT( memcmp( buf, input->x, input->len ) == 0 );
338 for( size_t i = input->len; i < nb; i++ )
339 TEST_ASSERT( buf[i] == 0 );
340 }
341 else
342 {
343 TEST_ASSERT( memcmp( input->x, buf, nb ) == 0 );
344 for( size_t i = nb; i < input->len; i++ )
345 TEST_ASSERT( input->x[i] == 0 );
346 }
347 }
348
349exit:
350 ;
351
Gabor Mezei89e31462022-08-12 15:36:56 +0200[diff] [blame]352#undef BMAX
353#undef XMAX
Janos Follath6ff35362022-07-21 15:27:21 +0100[diff] [blame]354}
355/* END_CASE */
356
357/* BEGIN_CASE */
Janos Follath16949692022-08-08 13:37:20 +0100[diff] [blame]358void mbedtls_mpi_mod_setup( int ext_rep, int int_rep, int iret )
359{
360 #define MLIMBS 8
361 mbedtls_mpi_uint mp[MLIMBS];
362 mbedtls_mpi_mod_modulus m;
363 int ret;
364
365 memset( mp, 0xFF, sizeof(mp) );
366
367 mbedtls_mpi_mod_modulus_init( &m );
368 ret = mbedtls_mpi_mod_modulus_setup( &m, mp, MLIMBS, ext_rep, int_rep );
369 TEST_ASSERT( ret == iret );
370
371 /* Address sanitiser should catch if we try to free mp */
372 mbedtls_mpi_mod_modulus_free( &m );
373
374 /* Make sure that the modulus doesn't have reference to mp anymore */
375 TEST_ASSERT( m.p != mp );
376
377exit:
378 /* It should be safe to call an mbedtls free several times */
379 mbedtls_mpi_mod_modulus_free( &m );
380
381 #undef MLIMBS
382}
383/* END_CASE */
384
385
386/* BEGIN_CASE */
Gabor Mezei7f081782022-08-12 18:00:33 +0200[diff] [blame^]387void mbedtls_mpi_mod_raw_io( data_t *input, int nb_int, int nx_32_int,
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]388 int iendian, int iret, int oret )
389{
Gabor Mezei89e31462022-08-12 15:36:56 +0200[diff] [blame]390#define BMAX 1024
391#define XMAX BMAX / sizeof( mbedtls_mpi_uint )
392
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]393 unsigned char buf[BMAX];
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]394 mbedtls_mpi_uint X[XMAX];
395 mbedtls_mpi_uint init[XMAX];
396 mbedtls_mpi_mod_modulus m;
397 size_t nx, nb;
398 int ret;
399 int endian;
400
401 if( iret != 0 )
402 TEST_ASSERT( oret == 0 );
403
404 TEST_ASSERT( 0 <= nb_int );
405 nb = nb_int;
406 TEST_ASSERT( nb <= BMAX );
407
Gabor Mezei7f081782022-08-12 18:00:33 +0200[diff] [blame^]408 TEST_ASSERT( 0 <= nx_32_int );
409 nx = nx_32_int;
410 /* nx_32_int is the number of 32 bit limbs, if we have 64 bit limbs we need
411 * to halve the number of limbs to have the same size. */
412 if( sizeof( mbedtls_mpi_uint ) == 8 )
413 nx = nx / 2 + nx % 2;
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]414 TEST_ASSERT( nx <= XMAX );
415
416 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID )
417 endian = MBEDTLS_MPI_MOD_EXT_REP_LE;
418 else
419 endian = iendian;
420
421 mbedtls_mpi_mod_modulus_init( &m );
422 TEST_ASSERT( memset( init, 0xFF, sizeof( init ) ) );
423
424 ret = mbedtls_mpi_mod_modulus_setup( &m, init, nx, endian,
425 MBEDTLS_MPI_MOD_REP_MONTGOMERY );
426 TEST_ASSERT( ret == 0 );
427
428 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID && iret != 0 )
429 m.ext_rep = MBEDTLS_MPI_MOD_EXT_REP_INVALID;
430
431 ret = mbedtls_mpi_mod_raw_read( X, &m, input->x, input->len );
432 TEST_ASSERT( ret == iret );
433
434 if( iret == 0 )
435 {
436 if( iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID && oret != 0 )
437 m.ext_rep = MBEDTLS_MPI_MOD_EXT_REP_INVALID;
438
439 ret = mbedtls_mpi_mod_raw_write( X, &m, buf, nb );
440 TEST_ASSERT( ret == oret );
441 }
442
443 if( ( iret == 0 ) && ( oret == 0 ) )
444 {
445 if( nb > input->len )
446 {
447 if( endian == MBEDTLS_MPI_MOD_EXT_REP_BE )
448 {
449 size_t leading_zeroes = nb - input->len;
450 TEST_ASSERT( memcmp( buf + nb - input->len, input->x, input->len ) == 0 );
451 for( size_t i = 0; i < leading_zeroes; i++ )
452 TEST_ASSERT( buf[i] == 0 );
453 }
454 else
455 {
456 TEST_ASSERT( memcmp( buf, input->x, input->len ) == 0 );
457 for( size_t i = input->len; i < nb; i++ )
458 TEST_ASSERT( buf[i] == 0 );
459 }
460 }
461 else
462 {
463 if( endian == MBEDTLS_MPI_MOD_EXT_REP_BE )
464 {
465 size_t leading_zeroes = input->len - nb;
466 TEST_ASSERT( memcmp( input->x + input->len - nb, buf, nb ) == 0 );
467 for( size_t i = 0; i < leading_zeroes; i++ )
468 TEST_ASSERT( input->x[i] == 0 );
469 }
470 else
471 {
472 TEST_ASSERT( memcmp( input->x, buf, nb ) == 0 );
473 for( size_t i = nb; i < input->len; i++ )
474 TEST_ASSERT( input->x[i] == 0 );
475 }
476 }
477 }
478
479exit:
480 mbedtls_mpi_mod_modulus_free( &m );
481
Gabor Mezei89e31462022-08-12 15:36:56 +0200[diff] [blame]482#undef BMAX
483#undef XMAX
Gabor Mezei23a1ce92022-08-02 11:54:44 +0200[diff] [blame]484}
485/* END_CASE */
486
487/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]488void mbedtls_mpi_read_binary_le( data_t * buf, char * input_A )
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]489{
490 mbedtls_mpi X;
Janos Follathe5670f22019-02-25 16:11:58 +0000[diff] [blame]491 char str[1000];
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]492 size_t len;
493
494 mbedtls_mpi_init( &X );
495
496
497 TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]498 TEST_ASSERT( sign_is_valid( &X ) );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]499 TEST_ASSERT( mbedtls_mpi_write_string( &X, 16, str, sizeof( str ), &len ) == 0 );
Werner Lewisdc47fe72022-08-01 13:55:41 +0100[diff] [blame]500 TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
Janos Follatha778a942019-02-13 10:28:28 +0000[diff] [blame]501
502exit:
503 mbedtls_mpi_free( &X );
504}
505/* END_CASE */
506
507/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]508void mbedtls_mpi_write_binary( char * input_X, data_t * input_A,
509 int output_size, int result )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]510{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]511 mbedtls_mpi X;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]512 unsigned char buf[1000];
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]513 size_t buflen;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]514
515 memset( buf, 0x00, 1000 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]516
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]517 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]518
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]519 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnarde670f902015-10-30 09:23:19 +0100[diff] [blame]520
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]521 buflen = mbedtls_mpi_size( &X );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]522 if( buflen > (size_t) output_size )
523 buflen = (size_t) output_size;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]524
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]525 TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]526 if( result == 0)
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]527 {
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]528
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]529 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
530 buflen, input_A->len ) == 0 );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]531 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]532
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]533exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]534 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]535}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]536/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]537
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]538/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]539void mbedtls_mpi_write_binary_le( char * input_X, data_t * input_A,
540 int output_size, int result )
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]541{
542 mbedtls_mpi X;
543 unsigned char buf[1000];
544 size_t buflen;
545
546 memset( buf, 0x00, 1000 );
547
548 mbedtls_mpi_init( &X );
549
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]550 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]551
552 buflen = mbedtls_mpi_size( &X );
553 if( buflen > (size_t) output_size )
554 buflen = (size_t) output_size;
555
556 TEST_ASSERT( mbedtls_mpi_write_binary_le( &X, buf, buflen ) == result );
557 if( result == 0)
558 {
559
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]560 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
561 buflen, input_A->len ) == 0 );
Janos Follathe344d0f2019-02-19 16:17:40 +0000[diff] [blame]562 }
563
564exit:
565 mbedtls_mpi_free( &X );
566}
567/* END_CASE */
568
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]570void mbedtls_mpi_read_file( char * input_file, data_t * input_A, int result )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]571{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]572 mbedtls_mpi X;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]573 unsigned char buf[1000];
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]574 size_t buflen;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]575 FILE *file;
Manuel Pégourié-Gonnarde43187d2015-02-14 16:01:34 +0000[diff] [blame]576 int ret;
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]577
578 memset( buf, 0x00, 1000 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]579
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]580 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]581
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]582 file = fopen( input_file, "r" );
Paul Bakker8a0c0a92014-04-17 16:08:20 +0200[diff] [blame]583 TEST_ASSERT( file != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]584 ret = mbedtls_mpi_read_file( &X, 16, file );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]585 fclose(file);
Manuel Pégourié-Gonnarde43187d2015-02-14 16:01:34 +0000[diff] [blame]586 TEST_ASSERT( ret == result );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]587
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]588 if( result == 0 )
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]589 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]590 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]591 buflen = mbedtls_mpi_size( &X );
592 TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]593
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]594
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]595 TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
596 buflen, input_A->len ) == 0 );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]597 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]598
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]599exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]600 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]601}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]602/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]603
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]605void mbedtls_mpi_write_file( char * input_X, char * output_file )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]606{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]607 mbedtls_mpi X, Y;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]608 FILE *file_out, *file_in;
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]609 int ret;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]610
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]611 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]612
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]613 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]614
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]615 file_out = fopen( output_file, "w" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]616 TEST_ASSERT( file_out != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]617 ret = mbedtls_mpi_write_file( NULL, &X, 16, file_out );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]618 fclose(file_out);
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]619 TEST_ASSERT( ret == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]620
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]621 file_in = fopen( output_file, "r" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]622 TEST_ASSERT( file_in != NULL );
Werner Lewisf65a3272022-07-07 11:38:44 +0100[diff] [blame]623 ret = mbedtls_mpi_read_file( &Y, 16, file_in );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]624 fclose(file_in);
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]625 TEST_ASSERT( ret == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]626
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]628
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]629exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]630 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]631}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]632/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]633
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]634/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]635void mbedtls_mpi_get_bit( char * input_X, int pos, int val )
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]636{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]637 mbedtls_mpi X;
638 mbedtls_mpi_init( &X );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]639 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]640 TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]641
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]642exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]643 mbedtls_mpi_free( &X );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]644}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]645/* END_CASE */
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]646
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]647/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]648void mbedtls_mpi_set_bit( char * input_X, int pos, int val,
649 char * output_Y, int result )
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]650{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]651 mbedtls_mpi X, Y;
652 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]653
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]654 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
655 TEST_ASSERT( mbedtls_test_read_mpi( &Y, output_Y ) == 0 );
Paul Bakkerec5ceb62016-07-14 12:47:07 +0100[diff] [blame]656 TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result );
657
658 if( result == 0 )
659 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]660 TEST_ASSERT( sign_is_valid( &X ) );
Paul Bakkerec5ceb62016-07-14 12:47:07 +0100[diff] [blame]661 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
662 }
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]663
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]664exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]665 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]666}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]667/* END_CASE */
Paul Bakker2f5947e2011-05-18 15:47:11 +0000[diff] [blame]668
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]669/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]670void mbedtls_mpi_lsb( char * input_X, int nr_bits )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]671{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]672 mbedtls_mpi X;
673 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]674
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]675 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]676 TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]677
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]678exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]680}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]681/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]682
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]683/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]684void mbedtls_mpi_bitlen( char * input_X, int nr_bits )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]685{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]686 mbedtls_mpi X;
687 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]688
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]689 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]690 TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]691
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]692exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]693 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]694}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]695/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]696
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]697/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]698void mbedtls_mpi_gcd( char * input_X, char * input_Y,
699 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]700{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]701 mbedtls_mpi A, X, Y, Z;
702 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]703
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]704 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
705 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
706 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]707 TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]708 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]710
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]711exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]712 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]713}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]714/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]715
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]716/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]717void mbedtls_mpi_cmp_int( int input_X, int input_A, int result_CMP )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]718{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]719 mbedtls_mpi X;
720 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]721
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]722 TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0);
723 TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_A ) == result_CMP);
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]724
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]725exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]726 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]727}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]728/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]729
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]730/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]731void mbedtls_mpi_cmp_mpi( char * input_X, char * input_Y,
732 int input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]733{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]734 mbedtls_mpi X, Y;
735 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]736
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]737 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
738 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]739 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]740
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]741exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]742 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]743}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]744/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]745
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]746/* BEGIN_CASE */
Janos Follath23bdeca2022-07-22 18:24:06 +0100[diff] [blame]747void mbedtls_mpi_core_lt_ct( data_t * input_X, data_t * input_Y, int input_ret )
748{
749 #define MAX_LEN 64
750 mbedtls_mpi_uint X[MAX_LEN];
751 mbedtls_mpi_uint Y[MAX_LEN];
752 unsigned exp_ret = input_ret;
753 unsigned ret;
754 size_t len = CHARS_TO_LIMBS(
755 input_X->len > input_Y->len ? input_X->len : input_Y->len );
756
757 TEST_ASSERT( len <= MAX_LEN );
758
759 TEST_ASSERT( mbedtls_mpi_core_read_be( X, len, input_X->x, input_X->len )
760 == 0 );
761 TEST_ASSERT( mbedtls_mpi_core_read_be( Y, len, input_Y->x, input_Y->len )
762 == 0 );
763
764 TEST_CF_SECRET( X, len * sizeof( mbedtls_mpi_uint ) );
765 TEST_CF_SECRET( Y, len * sizeof( mbedtls_mpi_uint ) );
766
767 ret = mbedtls_mpi_core_lt_ct( X, Y, len );
768
769 TEST_CF_PUBLIC( X, len * sizeof( mbedtls_mpi_uint ) );
770 TEST_CF_PUBLIC( Y, len * sizeof( mbedtls_mpi_uint ) );
771 TEST_CF_PUBLIC( &ret, sizeof( ret ) );
772
773 TEST_ASSERT( ret == exp_ret );
774
775exit:
776 ;
777
778 #undef MAX_LEN
779}
780/* END_CASE */
781
782/* BEGIN_CASE */
Janos Follathb7e1b492019-10-14 09:21:49 +0100[diff] [blame]783void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X,
784 int size_Y, char * input_Y,
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]785 int input_ret, int input_err )
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]786{
Gilles Peskine0deccf12020-09-02 15:18:07 +0200[diff] [blame]787 unsigned ret = -1;
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]788 unsigned input_uret = input_ret;
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]789 mbedtls_mpi X, Y;
790 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
791
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]792 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
793 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]794
Gilles Peskine9018b112020-01-21 16:30:53 +0100[diff] [blame]795 TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 );
796 TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]797
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]798 TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]799 if( input_err == 0 )
Janos Follath0e5532d2019-10-11 14:21:53 +0100[diff] [blame]800 TEST_ASSERT( ret == input_uret );
Janos Follath385d5b82019-09-11 16:07:14 +0100[diff] [blame]801
802exit:
803 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
804}
805/* END_CASE */
806
807/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]808void mbedtls_mpi_cmp_abs( char * input_X, char * input_Y,
809 int input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]810{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]811 mbedtls_mpi X, Y;
812 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]813
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]814 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
815 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]816 TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]817
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]818exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]819 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]820}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]821/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]822
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]823/* BEGIN_CASE */
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]824void mbedtls_mpi_copy( char *src_hex, char *dst_hex )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]825{
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]826 mbedtls_mpi src, dst, ref;
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]827 mbedtls_mpi_init( &src );
828 mbedtls_mpi_init( &dst );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]829 mbedtls_mpi_init( &ref );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]830
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]831 TEST_ASSERT( mbedtls_test_read_mpi( &src, src_hex ) == 0 );
832 TEST_ASSERT( mbedtls_test_read_mpi( &ref, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]833
834 /* mbedtls_mpi_copy() */
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]835 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]836 TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]837 TEST_ASSERT( sign_is_valid( &dst ) );
838 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]839
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]840 /* mbedtls_mpi_safe_cond_assign(), assignment done */
841 mbedtls_mpi_free( &dst );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]842 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]843 TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 );
844 TEST_ASSERT( sign_is_valid( &dst ) );
845 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
846
847 /* mbedtls_mpi_safe_cond_assign(), assignment not done */
848 mbedtls_mpi_free( &dst );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]849 TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]850 TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 );
851 TEST_ASSERT( sign_is_valid( &dst ) );
852 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 );
853
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]854exit:
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]855 mbedtls_mpi_free( &src );
856 mbedtls_mpi_free( &dst );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]857 mbedtls_mpi_free( &ref );
Gilles Peskine7428b452020-01-20 21:01:51 +0100[diff] [blame]858}
859/* END_CASE */
860
861/* BEGIN_CASE */
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]862void mpi_copy_self( char *input_X )
Gilles Peskine7428b452020-01-20 21:01:51 +0100[diff] [blame]863{
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]864 mbedtls_mpi X, A;
865 mbedtls_mpi_init( &A );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]866 mbedtls_mpi_init( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]867
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]868 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]869 TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]870
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]871 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_X ) == 0 );
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]872 TEST_ASSERT( sign_is_valid( &X ) );
873 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]874
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]875exit:
Gilles Peskine90ec8e82021-06-10 15:17:30 +0200[diff] [blame]876 mbedtls_mpi_free( &A );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]877 mbedtls_mpi_free( &X );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]878}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]879/* END_CASE */
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]880
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]881/* BEGIN_CASE */
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]882void mbedtls_mpi_swap( char *X_hex, char *Y_hex )
883{
884 mbedtls_mpi X, Y, X0, Y0;
885 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
886 mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
887
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]888 TEST_ASSERT( mbedtls_test_read_mpi( &X0, X_hex ) == 0 );
889 TEST_ASSERT( mbedtls_test_read_mpi( &Y0, Y_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]890
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]891 /* mbedtls_mpi_swap() */
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]892 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
893 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]894 mbedtls_mpi_swap( &X, &Y );
895 TEST_ASSERT( sign_is_valid( &X ) );
896 TEST_ASSERT( sign_is_valid( &Y ) );
897 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
898 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
899
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]900 /* mbedtls_mpi_safe_cond_swap(), swap done */
901 mbedtls_mpi_free( &X );
902 mbedtls_mpi_free( &Y );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]903 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
904 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]905 TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
906 TEST_ASSERT( sign_is_valid( &X ) );
907 TEST_ASSERT( sign_is_valid( &Y ) );
908 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
909 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
910
911 /* mbedtls_mpi_safe_cond_swap(), swap not done */
912 mbedtls_mpi_free( &X );
913 mbedtls_mpi_free( &Y );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]914 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
915 TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 );
Gilles Peskined0722f82021-06-10 23:00:33 +0200[diff] [blame]916 TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
917 TEST_ASSERT( sign_is_valid( &X ) );
918 TEST_ASSERT( sign_is_valid( &Y ) );
919 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
920 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 );
921
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]922exit:
923 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
924 mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
925}
926/* END_CASE */
927
928/* BEGIN_CASE */
929void mpi_swap_self( char *X_hex )
930{
931 mbedtls_mpi X, X0;
932 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
933
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]934 TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 );
935 TEST_ASSERT( mbedtls_test_read_mpi( &X0, X_hex ) == 0 );
Gilles Peskinefc1eeef2021-06-10 22:29:57 +0200[diff] [blame]936
937 mbedtls_mpi_swap( &X, &X );
938 TEST_ASSERT( sign_is_valid( &X ) );
939 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
940
941exit:
942 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
943}
944/* END_CASE */
945
946/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947void mbedtls_mpi_shrink( int before, int used, int min, int after )
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]948{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]949 mbedtls_mpi X;
950 mbedtls_mpi_init( &X );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]951
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]952 TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 );
Gilles Peskinee1091752021-06-15 21:19:18 +0200[diff] [blame]953 if( used > 0 )
954 {
955 size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint );
956 TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 );
957 }
958 TEST_EQUAL( X.n, (size_t) before );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959 TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 );
Gilles Peskinee1091752021-06-15 21:19:18 +0200[diff] [blame]960 TEST_EQUAL( X.n, (size_t) after );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]961
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]962exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]963 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard58681632013-11-21 10:39:37 +0100[diff] [blame]964}
965/* END_CASE */
966
967/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]968void mbedtls_mpi_add_mpi( char * input_X, char * input_Y,
969 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]970{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971 mbedtls_mpi X, Y, Z, A;
972 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]973
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]974 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
975 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
976 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]977 TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]978 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]979 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]980
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]981 /* result == first operand */
982 TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]983 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]984 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]985 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]986
987 /* result == second operand */
988 TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]989 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]990 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
991
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]992exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]993 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]994}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]995/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]996
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]997/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]998void mbedtls_mpi_add_mpi_inplace( char * input_X, char * input_A )
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]999{
1000 mbedtls_mpi X, A;
1001 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
1002
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1003 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1004
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1005 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1006 TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 );
1007 TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1008 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1009
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1010 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1011 TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1012 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath6cbacec2015-10-25 12:29:13 +0100[diff] [blame]1013 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
1014
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1015 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]1016 TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1017 TEST_ASSERT( sign_is_valid( &X ) );
Janos Follath044a86b2015-10-25 10:58:03 +0100[diff] [blame]1018 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
1019
1020exit:
1021 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
1022}
1023/* END_CASE */
1024
1025
1026/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1027void mbedtls_mpi_add_abs( char * input_X, char * input_Y,
1028 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1029{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1030 mbedtls_mpi X, Y, Z, A;
1031 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1032
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1033 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1034 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1035 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1036 TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1037 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1038 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1039
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1040 /* result == first operand */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1041 TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1042 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1044 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1045
1046 /* result == second operand */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1047 TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1048 TEST_ASSERT( sign_is_valid( &Y ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1049 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1050
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1051exit:
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1052 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]1053}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1054/* END_CASE */
Paul Bakkerba48cb22009-07-12 11:01:32 +0000[diff] [blame]1055
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1056/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1057void mbedtls_mpi_add_int( char * input_X, int input_Y,
1058 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1059{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1060 mbedtls_mpi X, Z, A;
1061 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1062
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1063 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1064 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1065 TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1066 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1067 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1068
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1069exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1070 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1071}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1072/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1073
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1074/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1075void mbedtls_mpi_sub_mpi( char * input_X, char * input_Y,
1076 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1077{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1078 mbedtls_mpi X, Y, Z, A;
1079 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1080
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1081 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1082 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1083 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1084 TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1085 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1086 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1087
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1088 /* result == first operand */
1089 TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1090 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1091 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1092 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1093
1094 /* result == second operand */
1095 TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1096 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1097 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
1098
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1099exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1100 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1101}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1102/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1103
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1104/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1105void mbedtls_mpi_sub_abs( char * input_X, char * input_Y,
1106 char * input_A, int sub_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1107{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1108 mbedtls_mpi X, Y, Z, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1109 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1110 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1111
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1112 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1113 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1114 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnarde670f902015-10-30 09:23:19 +0100[diff] [blame]1115
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1116 res = mbedtls_mpi_sub_abs( &Z, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1117 TEST_ASSERT( res == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1118 TEST_ASSERT( sign_is_valid( &Z ) );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1119 if( res == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1120 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1121
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1122 /* result == first operand */
1123 TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1124 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1125 if( sub_result == 0 )
1126 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1127 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1128
1129 /* result == second operand */
1130 TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1131 TEST_ASSERT( sign_is_valid( &Y ) );
Gilles Peskine56f943a2020-07-23 01:18:11 +0200[diff] [blame]1132 if( sub_result == 0 )
1133 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
1134
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1135exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1136 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1137}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1138/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1139
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1140/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1141void mbedtls_mpi_sub_int( char * input_X, int input_Y,
1142 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1143{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1144 mbedtls_mpi X, Z, A;
1145 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1146
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1147 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1148 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1149 TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1150 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1151 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1152
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1153exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1154 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1155}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1156/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1157
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1158/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1159void mbedtls_mpi_mul_mpi( char * input_X, char * input_Y,
1160 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1161{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1162 mbedtls_mpi X, Y, Z, A;
1163 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1164
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1165 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1166 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1167 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1168 TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1169 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1170 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1171
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1172exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1173 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1174}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1175/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1176
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1177/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1178void mbedtls_mpi_mul_int( char * input_X, int input_Y,
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1179 char * input_A, char * result_comparison )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1180{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1181 mbedtls_mpi X, Z, A;
1182 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1183
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1184 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1185 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1186 TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1187 TEST_ASSERT( sign_is_valid( &Z ) );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1188 if( strcmp( result_comparison, "==" ) == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1189 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1190 else if( strcmp( result_comparison, "!=" ) == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1191 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) != 0 );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1192 else
1193 TEST_ASSERT( "unknown operator" == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1194
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1195exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1196 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1197}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1198/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1199
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1200/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1201void mbedtls_mpi_div_mpi( char * input_X, char * input_Y,
1202 char * input_A, char * input_B,
1203 int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1204{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1205 mbedtls_mpi X, Y, Q, R, A, B;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1206 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1207 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R );
1208 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1209
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1210 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1211 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1212 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1213 TEST_ASSERT( mbedtls_test_read_mpi( &B, input_B ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1214 res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1215 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1216 if( res == 0 )
1217 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1218 TEST_ASSERT( sign_is_valid( &Q ) );
1219 TEST_ASSERT( sign_is_valid( &R ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1220 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
1221 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1222 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1223
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1224exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1225 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R );
1226 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1227}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1228/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1229
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1230/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1231void mbedtls_mpi_div_int( char * input_X, int input_Y,
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1232 char * input_A, char * input_B,
1233 int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1234{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1235 mbedtls_mpi X, Q, R, A, B;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1236 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1237 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A );
1238 mbedtls_mpi_init( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1239
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1240 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1241 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1242 TEST_ASSERT( mbedtls_test_read_mpi( &B, input_B ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1243 res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1244 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1245 if( res == 0 )
1246 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1247 TEST_ASSERT( sign_is_valid( &Q ) );
1248 TEST_ASSERT( sign_is_valid( &R ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1249 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
1250 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1251 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1252
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1253exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1254 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &A );
1255 mbedtls_mpi_free( &B );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1256}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1257/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1258
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1259/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1260void mbedtls_mpi_mod_mpi( char * input_X, char * input_Y,
1261 char * input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1262{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1263 mbedtls_mpi X, Y, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1264 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1265 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1266
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1267 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1268 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1269 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1270 res = mbedtls_mpi_mod_mpi( &X, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1271 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1272 if( res == 0 )
1273 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1274 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1275 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1276 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1277
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1278exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1279 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1280}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1281/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1282
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1283/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1284void mbedtls_mpi_mod_int( char * input_X, int input_Y,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1285 int input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1286{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1287 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1288 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1289 mbedtls_mpi_uint r;
1290 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1291
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1292 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1293 res = mbedtls_mpi_mod_int( &r, &X, input_Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1294 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1295 if( res == 0 )
1296 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1297 TEST_ASSERT( r == (mbedtls_mpi_uint) input_A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1298 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1299
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1300exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1301 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1302}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1303/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1304
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1305/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1306void mbedtls_mpi_exp_mod( char * input_A, char * input_E,
1307 char * input_N, char * input_X,
1308 int exp_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1309{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1310 mbedtls_mpi A, E, N, RR, Z, X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1311 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1312 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
1313 mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1314
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1315 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
1316 TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 );
1317 TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 );
1318 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1319
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1320 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1321 TEST_ASSERT( res == exp_result );
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1322 if( res == 0 )
1323 {
1324 TEST_ASSERT( sign_is_valid( &Z ) );
1325 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
1326 }
1327
1328 /* Now test again with the speed-up parameter supplied as an output. */
1329 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1330 TEST_ASSERT( res == exp_result );
Gilles Peskine342f71b2021-06-09 18:31:35 +0200[diff] [blame]1331 if( res == 0 )
1332 {
1333 TEST_ASSERT( sign_is_valid( &Z ) );
1334 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
1335 }
1336
1337 /* Now test again with the speed-up parameter supplied in calculated form. */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1338 res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
Gilles Peskine722c62c2021-06-15 21:55:05 +0200[diff] [blame]1339 TEST_ASSERT( res == exp_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1340 if( res == 0 )
1341 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1342 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1343 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1344 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1345
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1346exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1347 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
1348 mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1349}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1350/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1351
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1352/* BEGIN_CASE */
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1353void mbedtls_mpi_exp_mod_size( int A_bytes, int E_bytes, int N_bytes,
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1354 char * input_RR, int exp_result )
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1355{
1356 mbedtls_mpi A, E, N, RR, Z;
1357 mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
1358 mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z );
1359
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1360 /* Set A to 2^(A_bytes - 1) + 1 */
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1361 TEST_ASSERT( mbedtls_mpi_lset( &A, 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1362 TEST_ASSERT( mbedtls_mpi_shift_l( &A, ( A_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1363 TEST_ASSERT( mbedtls_mpi_set_bit( &A, 0, 1 ) == 0 );
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1364
1365 /* Set E to 2^(E_bytes - 1) + 1 */
1366 TEST_ASSERT( mbedtls_mpi_lset( &E, 1 ) == 0 );
1367 TEST_ASSERT( mbedtls_mpi_shift_l( &E, ( E_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1368 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 1 ) == 0 );
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1369
1370 /* Set N to 2^(N_bytes - 1) + 1 */
1371 TEST_ASSERT( mbedtls_mpi_lset( &N, 1 ) == 0 );
1372 TEST_ASSERT( mbedtls_mpi_shift_l( &N, ( N_bytes * 8 ) - 1 ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1373 TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 );
1374
1375 if( strlen( input_RR ) )
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1376 TEST_ASSERT( mbedtls_test_read_mpi( &RR, input_RR ) == 0 );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1377
Chris Jonesaa850cd2020-12-03 11:35:41 +0000[diff] [blame]1378 TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result );
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]1379
1380exit:
1381 mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
1382 mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z );
1383}
1384/* END_CASE */
1385
1386/* BEGIN_CASE */
Werner Lewisefda01f2022-07-06 13:03:36 +0100[diff] [blame]1387void mbedtls_mpi_inv_mod( char * input_X, char * input_Y,
1388 char * input_A, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1389{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1390 mbedtls_mpi X, Y, Z, A;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1391 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1392 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1393
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1394 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1395 TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 );
1396 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1397 res = mbedtls_mpi_inv_mod( &Z, &X, &Y );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1398 TEST_ASSERT( res == div_result );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1399 if( res == 0 )
1400 {
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1401 TEST_ASSERT( sign_is_valid( &Z ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1402 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1403 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1404
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1405exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1406 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1407}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1408/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1409
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1410/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1411void mbedtls_mpi_is_prime( char * input_X, int div_result )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1412{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1413 mbedtls_mpi X;
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1414 int res;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1415 mbedtls_mpi_init( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1416
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1417 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]1418 res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1419 TEST_ASSERT( res == div_result );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1420
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1421exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1422 mbedtls_mpi_free( &X );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1423}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1424/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1425
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1426/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1427void mbedtls_mpi_is_prime_det( data_t * input_X, data_t * witnesses,
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1428 int chunk_len, int rounds )
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1429{
1430 mbedtls_mpi X;
1431 int res;
1432 mbedtls_test_mpi_random rand;
1433
1434 mbedtls_mpi_init( &X );
1435 rand.data = witnesses;
1436 rand.pos = 0;
1437 rand.chunk_len = chunk_len;
1438
1439 TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1440 res = mbedtls_mpi_is_prime_ext( &X, rounds - 1,
1441 mbedtls_test_mpi_miller_rabin_determinizer,
1442 &rand );
1443 TEST_ASSERT( res == 0 );
1444
1445 rand.data = witnesses;
1446 rand.pos = 0;
1447 rand.chunk_len = chunk_len;
1448
Janos Follatha0b67c22018-09-18 14:48:23 +0100[diff] [blame]1449 res = mbedtls_mpi_is_prime_ext( &X, rounds,
1450 mbedtls_test_mpi_miller_rabin_determinizer,
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1451 &rand );
Darryl Greenac2ead02018-10-02 15:30:39 +0100[diff] [blame]1452 TEST_ASSERT( res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
Janos Follath64eca052018-09-05 17:04:49 +0100[diff] [blame]1453
1454exit:
1455 mbedtls_mpi_free( &X );
1456}
1457/* END_CASE */
1458
1459/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
Janos Follatha3cb7eb2018-08-14 15:31:54 +0100[diff] [blame]1460void mbedtls_mpi_gen_prime( int bits, int flags, int ref_ret )
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1461{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1462 mbedtls_mpi X;
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1463 int my_ret;
1464
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1465 mbedtls_mpi_init( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1466
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1467 my_ret = mbedtls_mpi_gen_prime( &X, bits, flags,
1468 mbedtls_test_rnd_std_rand, NULL );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1469 TEST_ASSERT( my_ret == ref_ret );
1470
1471 if( ref_ret == 0 )
1472 {
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]1473 size_t actual_bits = mbedtls_mpi_bitlen( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1474
1475 TEST_ASSERT( actual_bits >= (size_t) bits );
1476 TEST_ASSERT( actual_bits <= (size_t) bits + 1 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1477 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1478
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1479 TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
1480 mbedtls_test_rnd_std_rand,
1481 NULL ) == 0 );
Janos Follatha3cb7eb2018-08-14 15:31:54 +0100[diff] [blame]1482 if( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH )
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1483 {
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1484 /* X = ( X - 1 ) / 2 */
1485 TEST_ASSERT( mbedtls_mpi_shift_r( &X, 1 ) == 0 );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]1486 TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
1487 mbedtls_test_rnd_std_rand,
1488 NULL ) == 0 );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1489 }
1490 }
1491
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1492exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1493 mbedtls_mpi_free( &X );
Manuel Pégourié-Gonnard15f58a82014-06-16 17:12:40 +0200[diff] [blame]1494}
1495/* END_CASE */
1496
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1497/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1498void mbedtls_mpi_shift_l( char * input_X, int shift_X,
1499 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1500{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1501 mbedtls_mpi X, A;
1502 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1503
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1504 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1505 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1506 TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1507 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1508 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1509
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1510exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1511 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1512}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1513/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1514
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1515/* BEGIN_CASE */
Werner Lewis9802d362022-07-07 11:37:24 +0100[diff] [blame]1516void mbedtls_mpi_shift_r( char * input_X, int shift_X,
1517 char * input_A )
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1518{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1519 mbedtls_mpi X, A;
1520 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1521
Werner Lewis19b4cd82022-07-07 11:02:27 +0100[diff] [blame]1522 TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
1523 TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1524 TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1525 TEST_ASSERT( sign_is_valid( &X ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1526 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]1527
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1528exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1529 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1530}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1531/* END_CASE */
Paul Bakker367dae42009-06-28 21:50:27 +0000[diff] [blame]1532
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1533/* BEGIN_CASE */
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1534void mpi_fill_random( int wanted_bytes, int rng_bytes,
1535 int before, int expected_ret )
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1536{
1537 mbedtls_mpi X;
1538 int ret;
1539 size_t bytes_left = rng_bytes;
1540 mbedtls_mpi_init( &X );
1541
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1542 if( before != 0 )
1543 {
1544 /* Set X to sign(before) * 2^(|before|-1) */
1545 TEST_ASSERT( mbedtls_mpi_lset( &X, before > 0 ? 1 : -1 ) == 0 );
1546 if( before < 0 )
1547 before = - before;
1548 TEST_ASSERT( mbedtls_mpi_shift_l( &X, before - 1 ) == 0 );
1549 }
1550
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1551 ret = mbedtls_mpi_fill_random( &X, wanted_bytes,
1552 f_rng_bytes_left, &bytes_left );
1553 TEST_ASSERT( ret == expected_ret );
1554
1555 if( expected_ret == 0 )
1556 {
1557 /* mbedtls_mpi_fill_random is documented to use bytes from the RNG
1558 * as a big-endian representation of the number. We know when
1559 * our RNG function returns null bytes, so we know how many
1560 * leading zero bytes the number has. */
1561 size_t leading_zeros = 0;
1562 if( wanted_bytes > 0 && rng_bytes % 256 == 0 )
1563 leading_zeros = 1;
1564 TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros ==
1565 (size_t) wanted_bytes );
1566 TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1567 TEST_ASSERT( sign_is_valid( &X ) );
Gilles Peskine3cb1e292020-11-25 15:37:20 +0100[diff] [blame]1568 }
1569
1570exit:
1571 mbedtls_mpi_free( &X );
1572}
1573/* END_CASE */
1574
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1575/* BEGIN_CASE */
1576void mpi_random_many( int min, data_t *bound_bytes, int iterations )
1577{
1578 /* Generate numbers in the range 1..bound-1. Do it iterations times.
1579 * This function assumes that the value of bound is at least 2 and
1580 * that iterations is large enough that a one-in-2^iterations chance
1581 * effectively never occurs.
1582 */
1583
1584 mbedtls_mpi upper_bound;
1585 size_t n_bits;
1586 mbedtls_mpi result;
1587 size_t b;
1588 /* If upper_bound is small, stats[b] is the number of times the value b
1589 * has been generated. Otherwise stats[b] is the number of times a
1590 * value with bit b set has been generated. */
1591 size_t *stats = NULL;
1592 size_t stats_len;
1593 int full_stats;
1594 size_t i;
1595
1596 mbedtls_mpi_init( &upper_bound );
1597 mbedtls_mpi_init( &result );
1598
1599 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1600 bound_bytes->x, bound_bytes->len ) );
1601 n_bits = mbedtls_mpi_bitlen( &upper_bound );
1602 /* Consider a bound "small" if it's less than 2^5. This value is chosen
1603 * to be small enough that the probability of missing one value is
1604 * negligible given the number of iterations. It must be less than
1605 * 256 because some of the code below assumes that "small" values
1606 * fit in a byte. */
1607 if( n_bits <= 5 )
1608 {
1609 full_stats = 1;
1610 stats_len = bound_bytes->x[bound_bytes->len - 1];
1611 }
1612 else
1613 {
1614 full_stats = 0;
1615 stats_len = n_bits;
1616 }
1617 ASSERT_ALLOC( stats, stats_len );
1618
1619 for( i = 0; i < (size_t) iterations; i++ )
1620 {
1621 mbedtls_test_set_step( i );
1622 TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
1623 mbedtls_test_rnd_std_rand, NULL ) );
1624
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1625 TEST_ASSERT( sign_is_valid( &result ) );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1626 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
1627 TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
1628 if( full_stats )
1629 {
1630 uint8_t value;
1631 TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) );
1632 TEST_ASSERT( value < stats_len );
1633 ++stats[value];
1634 }
1635 else
1636 {
1637 for( b = 0; b < n_bits; b++ )
1638 stats[b] += mbedtls_mpi_get_bit( &result, b );
1639 }
1640 }
1641
1642 if( full_stats )
1643 {
Gilles Peskined463edf2021-04-13 20:45:05 +0200[diff] [blame]1644 for( b = min; b < stats_len; b++ )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1645 {
1646 mbedtls_test_set_step( 1000000 + b );
1647 /* Assert that each value has been reached at least once.
1648 * This is almost guaranteed if the iteration count is large
1649 * enough. This is a very crude way of checking the distribution.
1650 */
1651 TEST_ASSERT( stats[b] > 0 );
1652 }
1653 }
1654 else
1655 {
Gilles Peskineceefe5d2021-06-02 21:24:04 +0200[diff] [blame]1656 int statistically_safe_all_the_way =
1657 is_significantly_above_a_power_of_2( bound_bytes );
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1658 for( b = 0; b < n_bits; b++ )
1659 {
1660 mbedtls_test_set_step( 1000000 + b );
1661 /* Assert that each bit has been set in at least one result and
1662 * clear in at least one result. Provided that iterations is not
1663 * too small, it would be extremely unlikely for this not to be
1664 * the case if the results are uniformly distributed.
1665 *
1666 * As an exception, the top bit may legitimately never be set
1667 * if bound is a power of 2 or only slightly above.
1668 */
Gilles Peskineceefe5d2021-06-02 21:24:04 +0200[diff] [blame]1669 if( statistically_safe_all_the_way || b != n_bits - 1 )
Gilles Peskine02ac93a2021-03-29 22:02:55 +0200[diff] [blame]1670 {
1671 TEST_ASSERT( stats[b] > 0 );
1672 }
1673 TEST_ASSERT( stats[b] < (size_t) iterations );
1674 }
1675 }
1676
1677exit:
1678 mbedtls_mpi_free( &upper_bound );
1679 mbedtls_mpi_free( &result );
1680 mbedtls_free( stats );
1681}
1682/* END_CASE */
1683
Gilles Peskine1e918f42021-03-29 22:14:51 +0200[diff] [blame]1684/* BEGIN_CASE */
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1685void mpi_random_sizes( int min, data_t *bound_bytes, int nlimbs, int before )
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1686{
1687 mbedtls_mpi upper_bound;
1688 mbedtls_mpi result;
1689
1690 mbedtls_mpi_init( &upper_bound );
1691 mbedtls_mpi_init( &result );
1692
Gilles Peskine422e8672021-04-02 00:02:27 +0200[diff] [blame]1693 if( before != 0 )
1694 {
1695 /* Set result to sign(before) * 2^(|before|-1) */
1696 TEST_ASSERT( mbedtls_mpi_lset( &result, before > 0 ? 1 : -1 ) == 0 );
1697 if( before < 0 )
1698 before = - before;
1699 TEST_ASSERT( mbedtls_mpi_shift_l( &result, before - 1 ) == 0 );
1700 }
1701
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1702 TEST_EQUAL( 0, mbedtls_mpi_grow( &result, nlimbs ) );
1703 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1704 bound_bytes->x, bound_bytes->len ) );
1705 TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
1706 mbedtls_test_rnd_std_rand, NULL ) );
Gilles Peskinedffc7102021-06-10 15:34:15 +0200[diff] [blame]1707 TEST_ASSERT( sign_is_valid( &result ) );
Gilles Peskine1a7df4e2021-04-01 15:57:18 +0200[diff] [blame]1708 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
1709 TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
1710
1711exit:
1712 mbedtls_mpi_free( &upper_bound );
1713 mbedtls_mpi_free( &result );
1714}
1715/* END_CASE */
1716
1717/* BEGIN_CASE */
Gilles Peskine1e918f42021-03-29 22:14:51 +0200[diff] [blame]1718void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret )
1719{
1720 mbedtls_mpi upper_bound;
1721 mbedtls_mpi result;
1722 int actual_ret;
1723
1724 mbedtls_mpi_init( &upper_bound );
1725 mbedtls_mpi_init( &result );
1726
1727 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound,
1728 bound_bytes->x, bound_bytes->len ) );
1729 actual_ret = mbedtls_mpi_random( &result, min, &upper_bound,
1730 mbedtls_test_rnd_std_rand, NULL );
1731 TEST_EQUAL( expected_ret, actual_ret );
1732
1733exit:
1734 mbedtls_mpi_free( &upper_bound );
1735 mbedtls_mpi_free( &result );
1736}
1737/* END_CASE */
1738
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1739/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1740void mpi_selftest( )
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]1741{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1742 TEST_ASSERT( mbedtls_mpi_self_test( 1 ) == 0 );
Paul Bakkere896fea2009-07-06 06:40:23 +0000[diff] [blame]1743}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1744/* END_CASE */