| Janos Follath | b2a850c | 2022-11-20 10:56:05 +0000 | [diff] [blame] | 1 | """Base values and datasets for bignum generated tests and helper functions that |
| 2 | produced them.""" |
| 3 | # Copyright The Mbed TLS Contributors |
| 4 | # SPDX-License-Identifier: Apache-2.0 |
| 5 | # |
| 6 | # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 7 | # not use this file except in compliance with the License. |
| 8 | # You may obtain a copy of the License at |
| 9 | # |
| 10 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | # |
| 12 | # Unless required by applicable law or agreed to in writing, software |
| 13 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 14 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 15 | # See the License for the specific language governing permissions and |
| 16 | # limitations under the License. |
| 17 | |
| 18 | import random |
| 19 | |
| 20 | # Functions calling these were used to produce test data and are here only for |
| Tom Cosgrove | 1797b05 | 2022-12-04 17:19:59 +0000 | [diff] [blame] | 21 | # reproducibility, they are not used by the test generation framework/classes |
| Janos Follath | b2a850c | 2022-11-20 10:56:05 +0000 | [diff] [blame] | 22 | try: |
| 23 | from Cryptodome.Util.number import isPrime, getPrime #type: ignore #pylint: disable=import-error |
| 24 | except ImportError: |
| 25 | pass |
| 26 | |
| 27 | # Generated by bignum_common.gen_safe_prime(192,1) |
| 28 | SAFE_PRIME_192_BIT_SEED_1 = "d1c127a667786703830500038ebaef20e5a3e2dc378fb75b" |
| 29 | |
| 30 | # First number generated by random.getrandbits(192) - seed(2,2), not a prime |
| 31 | RANDOM_192_BIT_SEED_2_NO1 = "177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973" |
| 32 | |
| 33 | # Second number generated by random.getrandbits(192) - seed(2,2), not a prime |
| 34 | RANDOM_192_BIT_SEED_2_NO2 = "cf1822ffbc6887782b491044d5e341245c6e433715ba2bdd" |
| 35 | |
| 36 | # Third number generated by random.getrandbits(192) - seed(2,2), not a prime |
| 37 | RANDOM_192_BIT_SEED_2_NO3 = "3653f8dd9b1f282e4067c3584ee207f8da94e3e8ab73738f" |
| 38 | |
| 39 | # Fourth number generated by random.getrandbits(192) - seed(2,2), not a prime |
| 40 | RANDOM_192_BIT_SEED_2_NO4 = "ffed9235288bc781ae66267594c9c9500925e4749b575bd1" |
| 41 | |
| 42 | # Ninth number generated by random.getrandbits(192) - seed(2,2), not a prime |
| 43 | RANDOM_192_BIT_SEED_2_NO9 = "2a1be9cd8697bbd0e2520e33e44c50556c71c4a66148a86f" |
| 44 | |
| 45 | # Generated by bignum_common.gen_safe_prime(1024,3) |
| 46 | SAFE_PRIME_1024_BIT_SEED_3 = ("c93ba7ec74d96f411ba008bdb78e63ff11bb5df46a51e16b" |
| 47 | "2c9d156f8e4e18abf5e052cb01f47d0d1925a77f60991577" |
| 48 | "e128fb6f52f34a27950a594baadd3d8057abeb222cf3cca9" |
| 49 | "62db16abf79f2ada5bd29ab2f51244bf295eff9f6aaba130" |
| 50 | "2efc449b128be75eeaca04bc3c1a155d11d14e8be32a2c82" |
| 51 | "87b3996cf6ad5223") |
| 52 | |
| 53 | # First number generated by random.getrandbits(1024) - seed(4,2), not a prime |
| 54 | RANDOM_1024_BIT_SEED_4_NO1 = ("6905269ed6f0b09f165c8ce36e2f24b43000de01b2ed40ed" |
| 55 | "3addccb2c33be0ac79d679346d4ac7a5c3902b38963dc6e8" |
| 56 | "534f45738d048ec0f1099c6c3e1b258fd724452ccea71ff4" |
| 57 | "a14876aeaff1a098ca5996666ceab360512bd13110722311" |
| 58 | "710cf5327ac435a7a97c643656412a9b8a1abcd1a6916c74" |
| 59 | "da4f9fc3c6da5d7") |
| 60 | |
| 61 | # Second number generated by random.getrandbits(1024) - seed(4,2), not a prime |
| 62 | RANDOM_1024_BIT_SEED_4_NO2 = ("f1cfd99216df648647adec26793d0e453f5082492d83a823" |
| 63 | "3fb62d2c81862fc9634f806fabf4a07c566002249b191bf4" |
| 64 | "d8441b5616332aca5f552773e14b0190d93936e1daca3c06" |
| 65 | "f5ff0c03bb5d7385de08caa1a08179104a25e4664f5253a0" |
| 66 | "2a3187853184ff27459142deccea264542a00403ce80c4b0" |
| 67 | "a4042bb3d4341aad") |
| 68 | |
| 69 | # Third number generated by random.getrandbits(1024) - seed(4,2), not a prime |
| 70 | RANDOM_1024_BIT_SEED_4_NO3 = ("14c15c910b11ad28cc21ce88d0060cc54278c2614e1bcb38" |
| 71 | "3bb4a570294c4ea3738d243a6e58d5ca49c7b59b995253fd" |
| 72 | "6c79a3de69f85e3131f3b9238224b122c3e4a892d9196ada" |
| 73 | "4fcfa583e1df8af9b474c7e89286a1754abcb06ae8abb93f" |
| 74 | "01d89a024cdce7a6d7288ff68c320f89f1347e0cdd905ecf" |
| 75 | "d160c5d0ef412ed6") |
| 76 | |
| 77 | # Fourth number generated by random.getrandbits(1024) - seed(4,2), not a prime |
| 78 | RANDOM_1024_BIT_SEED_4_NO4 = ("32decd6b8efbc170a26a25c852175b7a96b98b5fbf37a2be" |
| 79 | "6f98bca35b17b9662f0733c846bbe9e870ef55b1a1f65507" |
| 80 | "a2909cb633e238b4e9dd38b869ace91311021c9e32111ac1" |
| 81 | "ac7cc4a4ff4dab102522d53857c49391b36cc9aa78a330a1" |
| 82 | "a5e333cb88dcf94384d4cd1f47ca7883ff5a52f1a05885ac" |
| 83 | "7671863c0bdbc23a") |
| 84 | |
| 85 | # Fifth number generated by random.getrandbits(1024) - seed(4,2), not a prime |
| 86 | RANDOM_1024_BIT_SEED_4_NO5 = ("53be4721f5b9e1f5acdac615bc20f6264922b9ccf469aef8" |
| 87 | "f6e7d078e55b85dd1525f363b281b8885b69dc230af5ac87" |
| 88 | "0692b534758240df4a7a03052d733dcdef40af2e54c0ce68" |
| 89 | "1f44ebd13cc75f3edcb285f89d8cf4d4950b16ffc3e1ac3b" |
| 90 | "4708d9893a973000b54a23020fc5b043d6e4a51519d9c9cc" |
| 91 | "52d32377e78131c1") |
| 92 | |
| Tom Cosgrove | 6129268 | 2022-12-08 09:44:10 +0000 | [diff] [blame] | 93 | # Adding 192 bit and 1024 bit numbers because these are the shortest required |
| 94 | # for ECC and RSA respectively. |
| Janos Follath | dac44e6 | 2022-11-20 11:58:12 +0000 | [diff] [blame] | 95 | INPUTS_DEFAULT = [ |
| 96 | "0", "1", # corner cases |
| 97 | "2", "3", # small primes |
| 98 | "4", # non-prime even |
| 99 | "38", # small random |
| 100 | SAFE_PRIME_192_BIT_SEED_1, # prime |
| 101 | RANDOM_192_BIT_SEED_2_NO1, # not a prime |
| 102 | RANDOM_192_BIT_SEED_2_NO2, # not a prime |
| 103 | SAFE_PRIME_1024_BIT_SEED_3, # prime |
| 104 | RANDOM_1024_BIT_SEED_4_NO1, # not a prime |
| 105 | RANDOM_1024_BIT_SEED_4_NO3, # not a prime |
| 106 | RANDOM_1024_BIT_SEED_4_NO2, # largest (not a prime) |
| 107 | ] |
| 108 | |
| Agathiyan Bragadeesh | ab329c0 | 2023-08-01 17:18:31 +0100 | [diff] [blame] | 109 | ADD_SUB_DATA = [ |
| Agathiyan Bragadeesh | 3c963ee | 2023-08-03 12:32:09 +0100 | [diff] [blame] | 110 | "0", "1", "3", "f", "fe", "ff", "100", "ff00", |
| Agathiyan Bragadeesh | 7847eae | 2023-08-01 16:30:51 +0100 | [diff] [blame] | 111 | "fffe", "ffff", "10000", # 2^16 - 1, 2^16, 2^16 + 1 |
| 112 | "fffffffe", "ffffffff", "100000000", # 2^32 - 1, 2^32, 2^32 + 1 |
| 113 | "1f7f7f7f7f7f7f", |
| 114 | "8000000000000000", "fefefefefefefefe", |
| 115 | "fffffffffffffffe", "ffffffffffffffff", "10000000000000000", # 2^64 - 1, 2^64, 2^64 + 1 |
| 116 | "1234567890abcdef0", |
| 117 | "fffffffffffffffffffffffe", |
| 118 | "ffffffffffffffffffffffff", |
| 119 | "1000000000000000000000000", |
| 120 | "fffffffffffffffffefefefefefefefe", |
| 121 | "fffffffffffffffffffffffffffffffe", |
| 122 | "ffffffffffffffffffffffffffffffff", |
| 123 | "100000000000000000000000000000000", |
| 124 | "1234567890abcdef01234567890abcdef0", |
| 125 | "fffffffffffffffffffffffffffffffffffffffffffffffffefefefefefefefe", |
| 126 | "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe", |
| 127 | "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", |
| 128 | "10000000000000000000000000000000000000000000000000000000000000000", |
| 129 | "1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0", |
| 130 | ] |
| 131 | |
| Janos Follath | dac44e6 | 2022-11-20 11:58:12 +0000 | [diff] [blame] | 132 | # Only odd moduli are present as in the new bignum code only odd moduli are |
| 133 | # supported for now. |
| 134 | MODULI_DEFAULT = [ |
| 135 | "53", # safe prime |
| Tom Cosgrove | 6129268 | 2022-12-08 09:44:10 +0000 | [diff] [blame] | 136 | "45", # non-prime |
| Janos Follath | dac44e6 | 2022-11-20 11:58:12 +0000 | [diff] [blame] | 137 | SAFE_PRIME_192_BIT_SEED_1, # safe prime |
| 138 | RANDOM_192_BIT_SEED_2_NO4, # not a prime |
| 139 | SAFE_PRIME_1024_BIT_SEED_3, # safe prime |
| 140 | RANDOM_1024_BIT_SEED_4_NO5, # not a prime |
| 141 | ] |
| 142 | |
| Tom Cosgrove | 6129268 | 2022-12-08 09:44:10 +0000 | [diff] [blame] | 143 | # Some functions, e.g. mbedtls_mpi_mod_raw_inv_prime(), only support prime moduli. |
| 144 | ONLY_PRIME_MODULI = [ |
| 145 | "53", # safe prime |
| 146 | "8ac72304057392b5", # 9999999997777777333 (longer, not safe, prime) |
| Tom Cosgrove | dbac609 | 2022-12-14 08:27:18 +0000 | [diff] [blame] | 147 | # The next prime has a different R in Montgomery form depending on |
| 148 | # whether 32- or 64-bit MPIs are used. |
| 149 | "152d02c7e14af67fe0bf", # 99999999999999999991999 |
| Tom Cosgrove | 6129268 | 2022-12-08 09:44:10 +0000 | [diff] [blame] | 150 | SAFE_PRIME_192_BIT_SEED_1, # safe prime |
| 151 | SAFE_PRIME_1024_BIT_SEED_3, # safe prime |
| 152 | ] |
| 153 | |
| Janos Follath | b2a850c | 2022-11-20 10:56:05 +0000 | [diff] [blame] | 154 | def __gen_safe_prime(bits, seed): |
| 155 | ''' |
| 156 | Generate a safe prime. |
| 157 | |
| 158 | This function is intended for generating constants offline and shouldn't be |
| 159 | used in test generation classes. |
| 160 | |
| 161 | Requires pycryptodomex for getPrime and isPrime and python 3.9 or later for |
| 162 | randbytes. |
| 163 | ''' |
| 164 | rng = random.Random() |
| Tom Cosgrove | 1797b05 | 2022-12-04 17:19:59 +0000 | [diff] [blame] | 165 | # We want reproducibility across python versions |
| Janos Follath | b2a850c | 2022-11-20 10:56:05 +0000 | [diff] [blame] | 166 | rng.seed(seed, version=2) |
| 167 | while True: |
| 168 | prime = 2*getPrime(bits-1, rng.randbytes)+1 #pylint: disable=no-member |
| 169 | if isPrime(prime, 1e-30): |
| 170 | return prime |