|
|
@@ -387,15 +387,15 @@ static void TestSquare(FileTest *t, BN_CTX *ctx) { |
|
|
|
} |
|
|
|
|
|
|
|
#if !defined(BORINGSSL_SHARED_LIBRARY) |
|
|
|
if (static_cast<size_t>(a->top) <= BN_SMALL_MAX_WORDS) { |
|
|
|
for (size_t num_a = a->top; num_a <= BN_SMALL_MAX_WORDS; num_a++) { |
|
|
|
int a_width = bn_minimal_width(a.get()); |
|
|
|
if (a_width <= BN_SMALL_MAX_WORDS) { |
|
|
|
for (size_t num_a = a_width; num_a <= BN_SMALL_MAX_WORDS; num_a++) { |
|
|
|
SCOPED_TRACE(num_a); |
|
|
|
size_t num_r = 2 * num_a; |
|
|
|
// Use newly-allocated buffers so ASan will catch out-of-bounds writes. |
|
|
|
std::unique_ptr<BN_ULONG[]> a_words(new BN_ULONG[num_a]), |
|
|
|
r_words(new BN_ULONG[num_r]); |
|
|
|
OPENSSL_memset(a_words.get(), 0, num_a * sizeof(BN_ULONG)); |
|
|
|
OPENSSL_memcpy(a_words.get(), a->d, a->top * sizeof(BN_ULONG)); |
|
|
|
ASSERT_TRUE(bn_copy_words(a_words.get(), num_a, a.get())); |
|
|
|
|
|
|
|
ASSERT_TRUE(bn_mul_small(r_words.get(), num_r, a_words.get(), num_a, |
|
|
|
a_words.get(), num_a)); |
|
|
@@ -445,22 +445,25 @@ static void TestProduct(FileTest *t, BN_CTX *ctx) { |
|
|
|
} |
|
|
|
|
|
|
|
#if !defined(BORINGSSL_SHARED_LIBRARY) |
|
|
|
if (!BN_is_negative(product.get()) && |
|
|
|
static_cast<size_t>(a->top) <= BN_SMALL_MAX_WORDS && |
|
|
|
static_cast<size_t>(b->top) <= BN_SMALL_MAX_WORDS) { |
|
|
|
for (size_t num_a = a->top; num_a <= BN_SMALL_MAX_WORDS; num_a++) { |
|
|
|
BN_set_negative(a.get(), 0); |
|
|
|
BN_set_negative(b.get(), 0); |
|
|
|
BN_set_negative(product.get(), 0); |
|
|
|
|
|
|
|
int a_width = bn_minimal_width(a.get()); |
|
|
|
int b_width = bn_minimal_width(b.get()); |
|
|
|
if (a_width <= BN_SMALL_MAX_WORDS && b_width <= BN_SMALL_MAX_WORDS) { |
|
|
|
for (size_t num_a = static_cast<size_t>(a_width); |
|
|
|
num_a <= BN_SMALL_MAX_WORDS; num_a++) { |
|
|
|
SCOPED_TRACE(num_a); |
|
|
|
for (size_t num_b = b->top; num_b <= BN_SMALL_MAX_WORDS; num_b++) { |
|
|
|
for (size_t num_b = static_cast<size_t>(b_width); |
|
|
|
num_b <= BN_SMALL_MAX_WORDS; num_b++) { |
|
|
|
SCOPED_TRACE(num_b); |
|
|
|
size_t num_r = num_a + num_b; |
|
|
|
// Use newly-allocated buffers so ASan will catch out-of-bounds writes. |
|
|
|
std::unique_ptr<BN_ULONG[]> a_words(new BN_ULONG[num_a]), |
|
|
|
b_words(new BN_ULONG[num_b]), r_words(new BN_ULONG[num_r]); |
|
|
|
OPENSSL_memset(a_words.get(), 0, num_a * sizeof(BN_ULONG)); |
|
|
|
OPENSSL_memcpy(a_words.get(), a->d, a->top * sizeof(BN_ULONG)); |
|
|
|
|
|
|
|
OPENSSL_memset(b_words.get(), 0, num_b * sizeof(BN_ULONG)); |
|
|
|
OPENSSL_memcpy(b_words.get(), b->d, b->top * sizeof(BN_ULONG)); |
|
|
|
ASSERT_TRUE(bn_copy_words(a_words.get(), num_a, a.get())); |
|
|
|
ASSERT_TRUE(bn_copy_words(b_words.get(), num_b, b.get())); |
|
|
|
|
|
|
|
ASSERT_TRUE(bn_mul_small(r_words.get(), num_r, a_words.get(), num_a, |
|
|
|
b_words.get(), num_b)); |
|
|
@@ -554,24 +557,23 @@ static void TestModMul(FileTest *t, BN_CTX *ctx) { |
|
|
|
ret.get()); |
|
|
|
|
|
|
|
#if !defined(BORINGSSL_SHARED_LIBRARY) |
|
|
|
if (m->top <= BN_SMALL_MAX_WORDS) { |
|
|
|
std::unique_ptr<BN_ULONG[]> a_words(new BN_ULONG[m->top]), |
|
|
|
b_words(new BN_ULONG[m->top]), r_words(new BN_ULONG[m->top]); |
|
|
|
OPENSSL_memset(a_words.get(), 0, m->top * sizeof(BN_ULONG)); |
|
|
|
OPENSSL_memcpy(a_words.get(), a->d, a->top * sizeof(BN_ULONG)); |
|
|
|
OPENSSL_memset(b_words.get(), 0, m->top * sizeof(BN_ULONG)); |
|
|
|
OPENSSL_memcpy(b_words.get(), b->d, b->top * sizeof(BN_ULONG)); |
|
|
|
ASSERT_TRUE(bn_to_montgomery_small(a_words.get(), m->top, a_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
ASSERT_TRUE(bn_to_montgomery_small(b_words.get(), m->top, b_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
size_t m_width = static_cast<size_t>(bn_minimal_width(m.get())); |
|
|
|
if (m_width <= BN_SMALL_MAX_WORDS) { |
|
|
|
std::unique_ptr<BN_ULONG[]> a_words(new BN_ULONG[m_width]), |
|
|
|
b_words(new BN_ULONG[m_width]), r_words(new BN_ULONG[m_width]); |
|
|
|
ASSERT_TRUE(bn_copy_words(a_words.get(), m_width, a.get())); |
|
|
|
ASSERT_TRUE(bn_copy_words(b_words.get(), m_width, b.get())); |
|
|
|
ASSERT_TRUE(bn_to_montgomery_small(a_words.get(), m_width, a_words.get(), |
|
|
|
m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_to_montgomery_small(b_words.get(), m_width, b_words.get(), |
|
|
|
m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_mod_mul_montgomery_small( |
|
|
|
r_words.get(), m->top, a_words.get(), m->top, b_words.get(), m->top, |
|
|
|
r_words.get(), m_width, a_words.get(), m_width, b_words.get(), m_width, |
|
|
|
mont.get())); |
|
|
|
// Use the second half of |tmp| so ASan will catch out-of-bounds writes. |
|
|
|
ASSERT_TRUE(bn_from_montgomery_small(r_words.get(), m->top, r_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
ASSERT_TRUE(bn_set_words(ret.get(), r_words.get(), m->top)); |
|
|
|
ASSERT_TRUE(bn_from_montgomery_small(r_words.get(), m_width, r_words.get(), |
|
|
|
m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_set_words(ret.get(), r_words.get(), m_width)); |
|
|
|
EXPECT_BIGNUMS_EQUAL("A * B (mod M) (Montgomery, words)", mod_mul.get(), |
|
|
|
ret.get()); |
|
|
|
} |
|
|
@@ -623,32 +625,32 @@ static void TestModSquare(FileTest *t, BN_CTX *ctx) { |
|
|
|
ret.get()); |
|
|
|
|
|
|
|
#if !defined(BORINGSSL_SHARED_LIBRARY) |
|
|
|
if (m->top <= BN_SMALL_MAX_WORDS) { |
|
|
|
std::unique_ptr<BN_ULONG[]> a_words(new BN_ULONG[m->top]), |
|
|
|
a_copy_words(new BN_ULONG[m->top]), r_words(new BN_ULONG[m->top]); |
|
|
|
OPENSSL_memset(a_words.get(), 0, m->top * sizeof(BN_ULONG)); |
|
|
|
OPENSSL_memcpy(a_words.get(), a->d, a->top * sizeof(BN_ULONG)); |
|
|
|
ASSERT_TRUE(bn_to_montgomery_small(a_words.get(), m->top, a_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
size_t m_width = static_cast<size_t>(bn_minimal_width(m.get())); |
|
|
|
if (m_width <= BN_SMALL_MAX_WORDS) { |
|
|
|
std::unique_ptr<BN_ULONG[]> a_words(new BN_ULONG[m_width]), |
|
|
|
a_copy_words(new BN_ULONG[m_width]), r_words(new BN_ULONG[m_width]); |
|
|
|
ASSERT_TRUE(bn_copy_words(a_words.get(), m_width, a.get())); |
|
|
|
ASSERT_TRUE(bn_to_montgomery_small(a_words.get(), m_width, a_words.get(), |
|
|
|
m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_mod_mul_montgomery_small( |
|
|
|
r_words.get(), m->top, a_words.get(), m->top, a_words.get(), m->top, |
|
|
|
mont.get())); |
|
|
|
ASSERT_TRUE(bn_from_montgomery_small(r_words.get(), m->top, r_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
ASSERT_TRUE(bn_set_words(ret.get(), r_words.get(), m->top)); |
|
|
|
r_words.get(), m_width, a_words.get(), m_width, a_words.get(), |
|
|
|
m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_from_montgomery_small(r_words.get(), m_width, |
|
|
|
r_words.get(), m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_set_words(ret.get(), r_words.get(), m_width)); |
|
|
|
EXPECT_BIGNUMS_EQUAL("A * A (mod M) (Montgomery, words)", |
|
|
|
mod_square.get(), ret.get()); |
|
|
|
|
|
|
|
// Repeat the operation with |a_copy_words|. |
|
|
|
OPENSSL_memcpy(a_copy_words.get(), a_words.get(), |
|
|
|
m->top * sizeof(BN_ULONG)); |
|
|
|
m_width * sizeof(BN_ULONG)); |
|
|
|
ASSERT_TRUE(bn_mod_mul_montgomery_small( |
|
|
|
r_words.get(), m->top, a_words.get(), m->top, a_copy_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
r_words.get(), m_width, a_words.get(), m_width, a_copy_words.get(), |
|
|
|
m_width, mont.get())); |
|
|
|
// Use the second half of |tmp| so ASan will catch out-of-bounds writes. |
|
|
|
ASSERT_TRUE(bn_from_montgomery_small(r_words.get(), m->top, r_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
ASSERT_TRUE(bn_set_words(ret.get(), r_words.get(), m->top)); |
|
|
|
ASSERT_TRUE(bn_from_montgomery_small(r_words.get(), m_width, |
|
|
|
r_words.get(), m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_set_words(ret.get(), r_words.get(), m_width)); |
|
|
|
EXPECT_BIGNUMS_EQUAL("A * A_copy (mod M) (Montgomery, words)", |
|
|
|
mod_square.get(), ret.get()); |
|
|
|
} |
|
|
@@ -683,22 +685,22 @@ static void TestModExp(FileTest *t, BN_CTX *ctx) { |
|
|
|
ret.get()); |
|
|
|
|
|
|
|
#if !defined(BORINGSSL_SHARED_LIBRARY) |
|
|
|
if (m->top <= BN_SMALL_MAX_WORDS) { |
|
|
|
size_t m_width = static_cast<size_t>(bn_minimal_width(m.get())); |
|
|
|
if (m_width <= BN_SMALL_MAX_WORDS) { |
|
|
|
bssl::UniquePtr<BN_MONT_CTX> mont(BN_MONT_CTX_new()); |
|
|
|
ASSERT_TRUE(mont.get()); |
|
|
|
ASSERT_TRUE(BN_MONT_CTX_set(mont.get(), m.get(), ctx)); |
|
|
|
ASSERT_TRUE(BN_nnmod(a.get(), a.get(), m.get(), ctx)); |
|
|
|
std::unique_ptr<BN_ULONG[]> r_words(new BN_ULONG[m->top]), |
|
|
|
a_words(new BN_ULONG[m->top]); |
|
|
|
OPENSSL_memset(a_words.get(), 0, m->top * sizeof(BN_ULONG)); |
|
|
|
OPENSSL_memcpy(a_words.get(), a->d, a->top * sizeof(BN_ULONG)); |
|
|
|
ASSERT_TRUE(bn_to_montgomery_small(a_words.get(), m->top, a_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
ASSERT_TRUE(bn_mod_exp_mont_small(r_words.get(), m->top, a_words.get(), |
|
|
|
m->top, e->d, e->top, mont.get())); |
|
|
|
ASSERT_TRUE(bn_from_montgomery_small(r_words.get(), m->top, r_words.get(), |
|
|
|
m->top, mont.get())); |
|
|
|
ASSERT_TRUE(bn_set_words(ret.get(), r_words.get(), m->top)); |
|
|
|
std::unique_ptr<BN_ULONG[]> r_words(new BN_ULONG[m_width]), |
|
|
|
a_words(new BN_ULONG[m_width]); |
|
|
|
ASSERT_TRUE(bn_copy_words(a_words.get(), m_width, a.get())); |
|
|
|
ASSERT_TRUE(bn_to_montgomery_small(a_words.get(), m_width, a_words.get(), |
|
|
|
m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_mod_exp_mont_small(r_words.get(), m_width, a_words.get(), |
|
|
|
m_width, e->d, e->top, mont.get())); |
|
|
|
ASSERT_TRUE(bn_from_montgomery_small(r_words.get(), m_width, |
|
|
|
r_words.get(), m_width, mont.get())); |
|
|
|
ASSERT_TRUE(bn_set_words(ret.get(), r_words.get(), m_width)); |
|
|
|
EXPECT_BIGNUMS_EQUAL("A ^ E (mod M) (Montgomery, words)", mod_exp.get(), |
|
|
|
ret.get()); |
|
|
|
} |
|
|
|