1*62c56f98SSadaf Ebrahimi/* BEGIN_HEADER */ 2*62c56f98SSadaf Ebrahimi#include "mbedtls/bignum.h" 3*62c56f98SSadaf Ebrahimi#include "mbedtls/entropy.h" 4*62c56f98SSadaf Ebrahimi#include "constant_time_internal.h" 5*62c56f98SSadaf Ebrahimi#include "bignum_core.h" 6*62c56f98SSadaf Ebrahimi#include "test/constant_flow.h" 7*62c56f98SSadaf Ebrahimi 8*62c56f98SSadaf Ebrahimi#if MBEDTLS_MPI_MAX_BITS > 792 9*62c56f98SSadaf Ebrahimi#define MPI_MAX_BITS_LARGER_THAN_792 10*62c56f98SSadaf Ebrahimi#endif 11*62c56f98SSadaf Ebrahimi 12*62c56f98SSadaf Ebrahimi/* Check the validity of the sign bit in an MPI object. Reject representations 13*62c56f98SSadaf Ebrahimi * that are not supported by the rest of the library and indicate a bug when 14*62c56f98SSadaf Ebrahimi * constructing the value. */ 15*62c56f98SSadaf Ebrahimistatic int sign_is_valid(const mbedtls_mpi *X) 16*62c56f98SSadaf Ebrahimi{ 17*62c56f98SSadaf Ebrahimi /* Only +1 and -1 are valid sign bits, not e.g. 0 */ 18*62c56f98SSadaf Ebrahimi if (X->s != 1 && X->s != -1) { 19*62c56f98SSadaf Ebrahimi return 0; 20*62c56f98SSadaf Ebrahimi } 21*62c56f98SSadaf Ebrahimi 22*62c56f98SSadaf Ebrahimi /* The value 0 must be represented with the sign +1. A "negative zero" 23*62c56f98SSadaf Ebrahimi * with s=-1 is an invalid representation. Forbid that. As an exception, 24*62c56f98SSadaf Ebrahimi * we sometimes test the robustness of library functions when given 25*62c56f98SSadaf Ebrahimi * a negative zero input. If a test case has a negative zero as input, 26*62c56f98SSadaf Ebrahimi * we don't mind if the function has a negative zero output. */ 27*62c56f98SSadaf Ebrahimi if (!mbedtls_test_case_uses_negative_0 && 28*62c56f98SSadaf Ebrahimi mbedtls_mpi_bitlen(X) == 0 && X->s != 1) { 29*62c56f98SSadaf Ebrahimi return 0; 30*62c56f98SSadaf Ebrahimi } 31*62c56f98SSadaf Ebrahimi 32*62c56f98SSadaf Ebrahimi return 1; 33*62c56f98SSadaf Ebrahimi} 34*62c56f98SSadaf Ebrahimi 35*62c56f98SSadaf Ebrahimitypedef struct mbedtls_test_mpi_random { 36*62c56f98SSadaf Ebrahimi data_t *data; 37*62c56f98SSadaf Ebrahimi size_t pos; 38*62c56f98SSadaf Ebrahimi size_t chunk_len; 39*62c56f98SSadaf Ebrahimi} mbedtls_test_mpi_random; 40*62c56f98SSadaf Ebrahimi 41*62c56f98SSadaf Ebrahimi/* 42*62c56f98SSadaf Ebrahimi * This function is called by the Miller-Rabin primality test each time it 43*62c56f98SSadaf Ebrahimi * chooses a random witness. The witnesses (or non-witnesses as provided by the 44*62c56f98SSadaf Ebrahimi * test) are stored in the data member of the state structure. Each number is in 45*62c56f98SSadaf Ebrahimi * the format that mbedtls_mpi_read_string understands and is chunk_len long. 46*62c56f98SSadaf Ebrahimi */ 47*62c56f98SSadaf Ebrahimiint mbedtls_test_mpi_miller_rabin_determinizer(void *state, 48*62c56f98SSadaf Ebrahimi unsigned char *buf, 49*62c56f98SSadaf Ebrahimi size_t len) 50*62c56f98SSadaf Ebrahimi{ 51*62c56f98SSadaf Ebrahimi mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random *) state; 52*62c56f98SSadaf Ebrahimi 53*62c56f98SSadaf Ebrahimi if (random == NULL || random->data->x == NULL || buf == NULL) { 54*62c56f98SSadaf Ebrahimi return -1; 55*62c56f98SSadaf Ebrahimi } 56*62c56f98SSadaf Ebrahimi 57*62c56f98SSadaf Ebrahimi if (random->pos + random->chunk_len > random->data->len 58*62c56f98SSadaf Ebrahimi || random->chunk_len > len) { 59*62c56f98SSadaf Ebrahimi return -1; 60*62c56f98SSadaf Ebrahimi } 61*62c56f98SSadaf Ebrahimi 62*62c56f98SSadaf Ebrahimi memset(buf, 0, len); 63*62c56f98SSadaf Ebrahimi 64*62c56f98SSadaf Ebrahimi /* The witness is written to the end of the buffer, since the buffer is 65*62c56f98SSadaf Ebrahimi * used as big endian, unsigned binary data in mbedtls_mpi_read_binary. 66*62c56f98SSadaf Ebrahimi * Writing the witness to the start of the buffer would result in the 67*62c56f98SSadaf Ebrahimi * buffer being 'witness 000...000', which would be treated as 68*62c56f98SSadaf Ebrahimi * witness * 2^n for some n. */ 69*62c56f98SSadaf Ebrahimi memcpy(buf + len - random->chunk_len, &random->data->x[random->pos], 70*62c56f98SSadaf Ebrahimi random->chunk_len); 71*62c56f98SSadaf Ebrahimi 72*62c56f98SSadaf Ebrahimi random->pos += random->chunk_len; 73*62c56f98SSadaf Ebrahimi 74*62c56f98SSadaf Ebrahimi return 0; 75*62c56f98SSadaf Ebrahimi} 76*62c56f98SSadaf Ebrahimi 77*62c56f98SSadaf Ebrahimi/* Random generator that is told how many bytes to return. */ 78*62c56f98SSadaf Ebrahimistatic int f_rng_bytes_left(void *state, unsigned char *buf, size_t len) 79*62c56f98SSadaf Ebrahimi{ 80*62c56f98SSadaf Ebrahimi size_t *bytes_left = state; 81*62c56f98SSadaf Ebrahimi size_t i; 82*62c56f98SSadaf Ebrahimi for (i = 0; i < len; i++) { 83*62c56f98SSadaf Ebrahimi if (*bytes_left == 0) { 84*62c56f98SSadaf Ebrahimi return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; 85*62c56f98SSadaf Ebrahimi } 86*62c56f98SSadaf Ebrahimi buf[i] = *bytes_left & 0xff; 87*62c56f98SSadaf Ebrahimi --(*bytes_left); 88*62c56f98SSadaf Ebrahimi } 89*62c56f98SSadaf Ebrahimi return 0; 90*62c56f98SSadaf Ebrahimi} 91*62c56f98SSadaf Ebrahimi 92*62c56f98SSadaf Ebrahimi/* END_HEADER */ 93*62c56f98SSadaf Ebrahimi 94*62c56f98SSadaf Ebrahimi/* BEGIN_DEPENDENCIES 95*62c56f98SSadaf Ebrahimi * depends_on:MBEDTLS_BIGNUM_C 96*62c56f98SSadaf Ebrahimi * END_DEPENDENCIES 97*62c56f98SSadaf Ebrahimi */ 98*62c56f98SSadaf Ebrahimi 99*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 100*62c56f98SSadaf Ebrahimivoid mpi_null() 101*62c56f98SSadaf Ebrahimi{ 102*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, Z; 103*62c56f98SSadaf Ebrahimi 104*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 105*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&Y); 106*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&Z); 107*62c56f98SSadaf Ebrahimi 108*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_get_bit(&X, 42) == 0); 109*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_lsb(&X) == 0); 110*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_bitlen(&X) == 0); 111*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_size(&X) == 0); 112*62c56f98SSadaf Ebrahimi 113*62c56f98SSadaf Ebrahimiexit: 114*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 115*62c56f98SSadaf Ebrahimi} 116*62c56f98SSadaf Ebrahimi/* END_CASE */ 117*62c56f98SSadaf Ebrahimi 118*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 119*62c56f98SSadaf Ebrahimivoid mpi_read_write_string(int radix_X, char *input_X, int radix_A, 120*62c56f98SSadaf Ebrahimi char *input_A, int output_size, int result_read, 121*62c56f98SSadaf Ebrahimi int result_write) 122*62c56f98SSadaf Ebrahimi{ 123*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 124*62c56f98SSadaf Ebrahimi char str[1000]; 125*62c56f98SSadaf Ebrahimi size_t len; 126*62c56f98SSadaf Ebrahimi 127*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 128*62c56f98SSadaf Ebrahimi 129*62c56f98SSadaf Ebrahimi memset(str, '!', sizeof(str)); 130*62c56f98SSadaf Ebrahimi 131*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_read_string(&X, radix_X, input_X) == result_read); 132*62c56f98SSadaf Ebrahimi if (result_read == 0) { 133*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 134*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_write_string(&X, radix_A, str, output_size, &len) == result_write); 135*62c56f98SSadaf Ebrahimi if (result_write == 0) { 136*62c56f98SSadaf Ebrahimi TEST_ASSERT(strcmp(str, input_A) == 0); 137*62c56f98SSadaf Ebrahimi TEST_ASSERT(str[len] == '!'); 138*62c56f98SSadaf Ebrahimi } 139*62c56f98SSadaf Ebrahimi } 140*62c56f98SSadaf Ebrahimi 141*62c56f98SSadaf Ebrahimiexit: 142*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 143*62c56f98SSadaf Ebrahimi} 144*62c56f98SSadaf Ebrahimi/* END_CASE */ 145*62c56f98SSadaf Ebrahimi 146*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 147*62c56f98SSadaf Ebrahimivoid mpi_read_binary(data_t *buf, char *input_A) 148*62c56f98SSadaf Ebrahimi{ 149*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 150*62c56f98SSadaf Ebrahimi char str[1000]; 151*62c56f98SSadaf Ebrahimi size_t len; 152*62c56f98SSadaf Ebrahimi 153*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 154*62c56f98SSadaf Ebrahimi 155*62c56f98SSadaf Ebrahimi 156*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_read_binary(&X, buf->x, buf->len) == 0); 157*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 158*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_write_string(&X, 16, str, sizeof(str), &len) == 0); 159*62c56f98SSadaf Ebrahimi TEST_ASSERT(strcmp((char *) str, input_A) == 0); 160*62c56f98SSadaf Ebrahimi 161*62c56f98SSadaf Ebrahimiexit: 162*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 163*62c56f98SSadaf Ebrahimi} 164*62c56f98SSadaf Ebrahimi/* END_CASE */ 165*62c56f98SSadaf Ebrahimi 166*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 167*62c56f98SSadaf Ebrahimivoid mpi_read_binary_le(data_t *buf, char *input_A) 168*62c56f98SSadaf Ebrahimi{ 169*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 170*62c56f98SSadaf Ebrahimi char str[1000]; 171*62c56f98SSadaf Ebrahimi size_t len; 172*62c56f98SSadaf Ebrahimi 173*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 174*62c56f98SSadaf Ebrahimi 175*62c56f98SSadaf Ebrahimi 176*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_read_binary_le(&X, buf->x, buf->len) == 0); 177*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 178*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_write_string(&X, 16, str, sizeof(str), &len) == 0); 179*62c56f98SSadaf Ebrahimi TEST_ASSERT(strcmp((char *) str, input_A) == 0); 180*62c56f98SSadaf Ebrahimi 181*62c56f98SSadaf Ebrahimiexit: 182*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 183*62c56f98SSadaf Ebrahimi} 184*62c56f98SSadaf Ebrahimi/* END_CASE */ 185*62c56f98SSadaf Ebrahimi 186*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 187*62c56f98SSadaf Ebrahimivoid mpi_write_binary(char *input_X, data_t *input_A, 188*62c56f98SSadaf Ebrahimi int output_size, int result) 189*62c56f98SSadaf Ebrahimi{ 190*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 191*62c56f98SSadaf Ebrahimi unsigned char buf[1000]; 192*62c56f98SSadaf Ebrahimi size_t buflen; 193*62c56f98SSadaf Ebrahimi 194*62c56f98SSadaf Ebrahimi memset(buf, 0x00, 1000); 195*62c56f98SSadaf Ebrahimi 196*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 197*62c56f98SSadaf Ebrahimi 198*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 199*62c56f98SSadaf Ebrahimi 200*62c56f98SSadaf Ebrahimi buflen = mbedtls_mpi_size(&X); 201*62c56f98SSadaf Ebrahimi if (buflen > (size_t) output_size) { 202*62c56f98SSadaf Ebrahimi buflen = (size_t) output_size; 203*62c56f98SSadaf Ebrahimi } 204*62c56f98SSadaf Ebrahimi 205*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == result); 206*62c56f98SSadaf Ebrahimi if (result == 0) { 207*62c56f98SSadaf Ebrahimi 208*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, 209*62c56f98SSadaf Ebrahimi buflen, input_A->len) == 0); 210*62c56f98SSadaf Ebrahimi } 211*62c56f98SSadaf Ebrahimi 212*62c56f98SSadaf Ebrahimiexit: 213*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 214*62c56f98SSadaf Ebrahimi} 215*62c56f98SSadaf Ebrahimi/* END_CASE */ 216*62c56f98SSadaf Ebrahimi 217*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 218*62c56f98SSadaf Ebrahimivoid mpi_write_binary_le(char *input_X, data_t *input_A, 219*62c56f98SSadaf Ebrahimi int output_size, int result) 220*62c56f98SSadaf Ebrahimi{ 221*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 222*62c56f98SSadaf Ebrahimi unsigned char buf[1000]; 223*62c56f98SSadaf Ebrahimi size_t buflen; 224*62c56f98SSadaf Ebrahimi 225*62c56f98SSadaf Ebrahimi memset(buf, 0x00, 1000); 226*62c56f98SSadaf Ebrahimi 227*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 228*62c56f98SSadaf Ebrahimi 229*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 230*62c56f98SSadaf Ebrahimi 231*62c56f98SSadaf Ebrahimi buflen = mbedtls_mpi_size(&X); 232*62c56f98SSadaf Ebrahimi if (buflen > (size_t) output_size) { 233*62c56f98SSadaf Ebrahimi buflen = (size_t) output_size; 234*62c56f98SSadaf Ebrahimi } 235*62c56f98SSadaf Ebrahimi 236*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_write_binary_le(&X, buf, buflen) == result); 237*62c56f98SSadaf Ebrahimi if (result == 0) { 238*62c56f98SSadaf Ebrahimi 239*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, 240*62c56f98SSadaf Ebrahimi buflen, input_A->len) == 0); 241*62c56f98SSadaf Ebrahimi } 242*62c56f98SSadaf Ebrahimi 243*62c56f98SSadaf Ebrahimiexit: 244*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 245*62c56f98SSadaf Ebrahimi} 246*62c56f98SSadaf Ebrahimi/* END_CASE */ 247*62c56f98SSadaf Ebrahimi 248*62c56f98SSadaf Ebrahimi/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ 249*62c56f98SSadaf Ebrahimivoid mpi_read_file(char *input_file, data_t *input_A, int result) 250*62c56f98SSadaf Ebrahimi{ 251*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 252*62c56f98SSadaf Ebrahimi unsigned char buf[1000]; 253*62c56f98SSadaf Ebrahimi size_t buflen; 254*62c56f98SSadaf Ebrahimi FILE *file; 255*62c56f98SSadaf Ebrahimi int ret; 256*62c56f98SSadaf Ebrahimi 257*62c56f98SSadaf Ebrahimi memset(buf, 0x00, 1000); 258*62c56f98SSadaf Ebrahimi 259*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 260*62c56f98SSadaf Ebrahimi 261*62c56f98SSadaf Ebrahimi file = fopen(input_file, "r"); 262*62c56f98SSadaf Ebrahimi TEST_ASSERT(file != NULL); 263*62c56f98SSadaf Ebrahimi ret = mbedtls_mpi_read_file(&X, 16, file); 264*62c56f98SSadaf Ebrahimi fclose(file); 265*62c56f98SSadaf Ebrahimi TEST_ASSERT(ret == result); 266*62c56f98SSadaf Ebrahimi 267*62c56f98SSadaf Ebrahimi if (result == 0) { 268*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 269*62c56f98SSadaf Ebrahimi buflen = mbedtls_mpi_size(&X); 270*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == 0); 271*62c56f98SSadaf Ebrahimi 272*62c56f98SSadaf Ebrahimi 273*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, 274*62c56f98SSadaf Ebrahimi buflen, input_A->len) == 0); 275*62c56f98SSadaf Ebrahimi } 276*62c56f98SSadaf Ebrahimi 277*62c56f98SSadaf Ebrahimiexit: 278*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 279*62c56f98SSadaf Ebrahimi} 280*62c56f98SSadaf Ebrahimi/* END_CASE */ 281*62c56f98SSadaf Ebrahimi 282*62c56f98SSadaf Ebrahimi/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ 283*62c56f98SSadaf Ebrahimivoid mpi_write_file(char *input_X, char *output_file) 284*62c56f98SSadaf Ebrahimi{ 285*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y; 286*62c56f98SSadaf Ebrahimi FILE *file_out, *file_in; 287*62c56f98SSadaf Ebrahimi int ret; 288*62c56f98SSadaf Ebrahimi 289*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); 290*62c56f98SSadaf Ebrahimi 291*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 292*62c56f98SSadaf Ebrahimi 293*62c56f98SSadaf Ebrahimi file_out = fopen(output_file, "w"); 294*62c56f98SSadaf Ebrahimi TEST_ASSERT(file_out != NULL); 295*62c56f98SSadaf Ebrahimi ret = mbedtls_mpi_write_file(NULL, &X, 16, file_out); 296*62c56f98SSadaf Ebrahimi fclose(file_out); 297*62c56f98SSadaf Ebrahimi TEST_ASSERT(ret == 0); 298*62c56f98SSadaf Ebrahimi 299*62c56f98SSadaf Ebrahimi file_in = fopen(output_file, "r"); 300*62c56f98SSadaf Ebrahimi TEST_ASSERT(file_in != NULL); 301*62c56f98SSadaf Ebrahimi ret = mbedtls_mpi_read_file(&Y, 16, file_in); 302*62c56f98SSadaf Ebrahimi fclose(file_in); 303*62c56f98SSadaf Ebrahimi TEST_ASSERT(ret == 0); 304*62c56f98SSadaf Ebrahimi 305*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == 0); 306*62c56f98SSadaf Ebrahimi 307*62c56f98SSadaf Ebrahimiexit: 308*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); 309*62c56f98SSadaf Ebrahimi} 310*62c56f98SSadaf Ebrahimi/* END_CASE */ 311*62c56f98SSadaf Ebrahimi 312*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 313*62c56f98SSadaf Ebrahimivoid mpi_get_bit(char *input_X, int pos, int val) 314*62c56f98SSadaf Ebrahimi{ 315*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 316*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 317*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 318*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_get_bit(&X, pos) == val); 319*62c56f98SSadaf Ebrahimi 320*62c56f98SSadaf Ebrahimiexit: 321*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 322*62c56f98SSadaf Ebrahimi} 323*62c56f98SSadaf Ebrahimi/* END_CASE */ 324*62c56f98SSadaf Ebrahimi 325*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 326*62c56f98SSadaf Ebrahimivoid mpi_set_bit(char *input_X, int pos, int val, 327*62c56f98SSadaf Ebrahimi char *output_Y, int result) 328*62c56f98SSadaf Ebrahimi{ 329*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y; 330*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); 331*62c56f98SSadaf Ebrahimi 332*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 333*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, output_Y) == 0); 334*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_set_bit(&X, pos, val) == result); 335*62c56f98SSadaf Ebrahimi 336*62c56f98SSadaf Ebrahimi if (result == 0) { 337*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 338*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == 0); 339*62c56f98SSadaf Ebrahimi } 340*62c56f98SSadaf Ebrahimi 341*62c56f98SSadaf Ebrahimiexit: 342*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); 343*62c56f98SSadaf Ebrahimi} 344*62c56f98SSadaf Ebrahimi/* END_CASE */ 345*62c56f98SSadaf Ebrahimi 346*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 347*62c56f98SSadaf Ebrahimivoid mpi_lsb(char *input_X, int nr_bits) 348*62c56f98SSadaf Ebrahimi{ 349*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 350*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 351*62c56f98SSadaf Ebrahimi 352*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 353*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_lsb(&X) == (size_t) nr_bits); 354*62c56f98SSadaf Ebrahimi 355*62c56f98SSadaf Ebrahimiexit: 356*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 357*62c56f98SSadaf Ebrahimi} 358*62c56f98SSadaf Ebrahimi/* END_CASE */ 359*62c56f98SSadaf Ebrahimi 360*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 361*62c56f98SSadaf Ebrahimivoid mpi_bitlen(char *input_X, int nr_bits) 362*62c56f98SSadaf Ebrahimi{ 363*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 364*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 365*62c56f98SSadaf Ebrahimi 366*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 367*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_bitlen(&X) == (size_t) nr_bits); 368*62c56f98SSadaf Ebrahimi 369*62c56f98SSadaf Ebrahimiexit: 370*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 371*62c56f98SSadaf Ebrahimi} 372*62c56f98SSadaf Ebrahimi/* END_CASE */ 373*62c56f98SSadaf Ebrahimi 374*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 375*62c56f98SSadaf Ebrahimivoid mpi_gcd(char *input_X, char *input_Y, 376*62c56f98SSadaf Ebrahimi char *input_A) 377*62c56f98SSadaf Ebrahimi{ 378*62c56f98SSadaf Ebrahimi mbedtls_mpi A, X, Y, Z; 379*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&A); mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); 380*62c56f98SSadaf Ebrahimi 381*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 382*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 383*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 384*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_gcd(&Z, &X, &Y) == 0); 385*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 386*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 387*62c56f98SSadaf Ebrahimi 388*62c56f98SSadaf Ebrahimiexit: 389*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&A); mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); 390*62c56f98SSadaf Ebrahimi} 391*62c56f98SSadaf Ebrahimi/* END_CASE */ 392*62c56f98SSadaf Ebrahimi 393*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 394*62c56f98SSadaf Ebrahimivoid mpi_cmp_int(int input_X, int input_A, int result_CMP) 395*62c56f98SSadaf Ebrahimi{ 396*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 397*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 398*62c56f98SSadaf Ebrahimi 399*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_lset(&X, input_X) == 0); 400*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_int(&X, input_A) == result_CMP); 401*62c56f98SSadaf Ebrahimi 402*62c56f98SSadaf Ebrahimiexit: 403*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 404*62c56f98SSadaf Ebrahimi} 405*62c56f98SSadaf Ebrahimi/* END_CASE */ 406*62c56f98SSadaf Ebrahimi 407*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 408*62c56f98SSadaf Ebrahimivoid mpi_cmp_mpi(char *input_X, char *input_Y, 409*62c56f98SSadaf Ebrahimi int input_A) 410*62c56f98SSadaf Ebrahimi{ 411*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y; 412*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); 413*62c56f98SSadaf Ebrahimi 414*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 415*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 416*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == input_A); 417*62c56f98SSadaf Ebrahimi 418*62c56f98SSadaf Ebrahimiexit: 419*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); 420*62c56f98SSadaf Ebrahimi} 421*62c56f98SSadaf Ebrahimi/* END_CASE */ 422*62c56f98SSadaf Ebrahimi 423*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 424*62c56f98SSadaf Ebrahimivoid mpi_lt_mpi_ct(int size_X, char *input_X, 425*62c56f98SSadaf Ebrahimi int size_Y, char *input_Y, 426*62c56f98SSadaf Ebrahimi int input_ret, int input_err) 427*62c56f98SSadaf Ebrahimi{ 428*62c56f98SSadaf Ebrahimi unsigned ret = -1; 429*62c56f98SSadaf Ebrahimi unsigned input_uret = input_ret; 430*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y; 431*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); 432*62c56f98SSadaf Ebrahimi 433*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 434*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 435*62c56f98SSadaf Ebrahimi 436*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_grow(&X, size_X) == 0); 437*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_grow(&Y, size_Y) == 0); 438*62c56f98SSadaf Ebrahimi 439*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_lt_mpi_ct(&X, &Y, &ret) == input_err); 440*62c56f98SSadaf Ebrahimi if (input_err == 0) { 441*62c56f98SSadaf Ebrahimi TEST_EQUAL(ret, input_uret); 442*62c56f98SSadaf Ebrahimi } 443*62c56f98SSadaf Ebrahimi 444*62c56f98SSadaf Ebrahimiexit: 445*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); 446*62c56f98SSadaf Ebrahimi} 447*62c56f98SSadaf Ebrahimi/* END_CASE */ 448*62c56f98SSadaf Ebrahimi 449*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 450*62c56f98SSadaf Ebrahimivoid mpi_cmp_abs(char *input_X, char *input_Y, 451*62c56f98SSadaf Ebrahimi int input_A) 452*62c56f98SSadaf Ebrahimi{ 453*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y; 454*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); 455*62c56f98SSadaf Ebrahimi 456*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 457*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 458*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_abs(&X, &Y) == input_A); 459*62c56f98SSadaf Ebrahimi 460*62c56f98SSadaf Ebrahimiexit: 461*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); 462*62c56f98SSadaf Ebrahimi} 463*62c56f98SSadaf Ebrahimi/* END_CASE */ 464*62c56f98SSadaf Ebrahimi 465*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 466*62c56f98SSadaf Ebrahimivoid mpi_copy(char *src_hex, char *dst_hex) 467*62c56f98SSadaf Ebrahimi{ 468*62c56f98SSadaf Ebrahimi mbedtls_mpi src, dst, ref; 469*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&src); 470*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&dst); 471*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&ref); 472*62c56f98SSadaf Ebrahimi 473*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&src, src_hex) == 0); 474*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&ref, dst_hex) == 0); 475*62c56f98SSadaf Ebrahimi 476*62c56f98SSadaf Ebrahimi /* mbedtls_mpi_copy() */ 477*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); 478*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_copy(&dst, &src) == 0); 479*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&dst)); 480*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &src) == 0); 481*62c56f98SSadaf Ebrahimi 482*62c56f98SSadaf Ebrahimi /* mbedtls_mpi_safe_cond_assign(), assignment done */ 483*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&dst); 484*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); 485*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_safe_cond_assign(&dst, &src, 1) == 0); 486*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&dst)); 487*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &src) == 0); 488*62c56f98SSadaf Ebrahimi 489*62c56f98SSadaf Ebrahimi /* mbedtls_mpi_safe_cond_assign(), assignment not done */ 490*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&dst); 491*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); 492*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_safe_cond_assign(&dst, &src, 0) == 0); 493*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&dst)); 494*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &ref) == 0); 495*62c56f98SSadaf Ebrahimi 496*62c56f98SSadaf Ebrahimiexit: 497*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&src); 498*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&dst); 499*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&ref); 500*62c56f98SSadaf Ebrahimi} 501*62c56f98SSadaf Ebrahimi/* END_CASE */ 502*62c56f98SSadaf Ebrahimi 503*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 504*62c56f98SSadaf Ebrahimivoid mpi_copy_self(char *input_X) 505*62c56f98SSadaf Ebrahimi{ 506*62c56f98SSadaf Ebrahimi mbedtls_mpi X, A; 507*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&A); 508*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 509*62c56f98SSadaf Ebrahimi 510*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 511*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_copy(&X, &X) == 0); 512*62c56f98SSadaf Ebrahimi 513*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_X) == 0); 514*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 515*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 516*62c56f98SSadaf Ebrahimi 517*62c56f98SSadaf Ebrahimiexit: 518*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&A); 519*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 520*62c56f98SSadaf Ebrahimi} 521*62c56f98SSadaf Ebrahimi/* END_CASE */ 522*62c56f98SSadaf Ebrahimi 523*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 524*62c56f98SSadaf Ebrahimivoid mpi_swap(char *X_hex, char *Y_hex) 525*62c56f98SSadaf Ebrahimi{ 526*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, X0, Y0; 527*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); 528*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X0); mbedtls_mpi_init(&Y0); 529*62c56f98SSadaf Ebrahimi 530*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X0, X_hex) == 0); 531*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y0, Y_hex) == 0); 532*62c56f98SSadaf Ebrahimi 533*62c56f98SSadaf Ebrahimi /* mbedtls_mpi_swap() */ 534*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); 535*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); 536*62c56f98SSadaf Ebrahimi mbedtls_mpi_swap(&X, &Y); 537*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 538*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Y)); 539*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y0) == 0); 540*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &X0) == 0); 541*62c56f98SSadaf Ebrahimi 542*62c56f98SSadaf Ebrahimi /* mbedtls_mpi_safe_cond_swap(), swap done */ 543*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 544*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&Y); 545*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); 546*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); 547*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_safe_cond_swap(&X, &Y, 1) == 0); 548*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 549*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Y)); 550*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y0) == 0); 551*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &X0) == 0); 552*62c56f98SSadaf Ebrahimi 553*62c56f98SSadaf Ebrahimi /* mbedtls_mpi_safe_cond_swap(), swap not done */ 554*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 555*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&Y); 556*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); 557*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); 558*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_safe_cond_swap(&X, &Y, 0) == 0); 559*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 560*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Y)); 561*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &X0) == 0); 562*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &Y0) == 0); 563*62c56f98SSadaf Ebrahimi 564*62c56f98SSadaf Ebrahimiexit: 565*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); 566*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X0); mbedtls_mpi_free(&Y0); 567*62c56f98SSadaf Ebrahimi} 568*62c56f98SSadaf Ebrahimi/* END_CASE */ 569*62c56f98SSadaf Ebrahimi 570*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 571*62c56f98SSadaf Ebrahimivoid mpi_swap_self(char *X_hex) 572*62c56f98SSadaf Ebrahimi{ 573*62c56f98SSadaf Ebrahimi mbedtls_mpi X, X0; 574*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&X0); 575*62c56f98SSadaf Ebrahimi 576*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); 577*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X0, X_hex) == 0); 578*62c56f98SSadaf Ebrahimi 579*62c56f98SSadaf Ebrahimi mbedtls_mpi_swap(&X, &X); 580*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 581*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &X0) == 0); 582*62c56f98SSadaf Ebrahimi 583*62c56f98SSadaf Ebrahimiexit: 584*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&X0); 585*62c56f98SSadaf Ebrahimi} 586*62c56f98SSadaf Ebrahimi/* END_CASE */ 587*62c56f98SSadaf Ebrahimi 588*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 589*62c56f98SSadaf Ebrahimivoid mpi_shrink(int before, int used, int min, int after) 590*62c56f98SSadaf Ebrahimi{ 591*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 592*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 593*62c56f98SSadaf Ebrahimi 594*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_grow(&X, before) == 0); 595*62c56f98SSadaf Ebrahimi if (used > 0) { 596*62c56f98SSadaf Ebrahimi size_t used_bit_count = used * 8 * sizeof(mbedtls_mpi_uint); 597*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_set_bit(&X, used_bit_count - 1, 1) == 0); 598*62c56f98SSadaf Ebrahimi } 599*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.n, (size_t) before); 600*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_shrink(&X, min) == 0); 601*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.n, (size_t) after); 602*62c56f98SSadaf Ebrahimi 603*62c56f98SSadaf Ebrahimiexit: 604*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 605*62c56f98SSadaf Ebrahimi} 606*62c56f98SSadaf Ebrahimi/* END_CASE */ 607*62c56f98SSadaf Ebrahimi 608*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 609*62c56f98SSadaf Ebrahimivoid mpi_add_mpi(char *input_X, char *input_Y, 610*62c56f98SSadaf Ebrahimi char *input_A) 611*62c56f98SSadaf Ebrahimi{ 612*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, Z, A; 613*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 614*62c56f98SSadaf Ebrahimi 615*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 616*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 617*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 618*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_mpi(&Z, &X, &Y) == 0); 619*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 620*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 621*62c56f98SSadaf Ebrahimi 622*62c56f98SSadaf Ebrahimi /* result == first operand */ 623*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_mpi(&X, &X, &Y) == 0); 624*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 625*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 626*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 627*62c56f98SSadaf Ebrahimi 628*62c56f98SSadaf Ebrahimi /* result == second operand */ 629*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_mpi(&Y, &X, &Y) == 0); 630*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Y)); 631*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); 632*62c56f98SSadaf Ebrahimi 633*62c56f98SSadaf Ebrahimiexit: 634*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 635*62c56f98SSadaf Ebrahimi} 636*62c56f98SSadaf Ebrahimi/* END_CASE */ 637*62c56f98SSadaf Ebrahimi 638*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 639*62c56f98SSadaf Ebrahimivoid mpi_add_mpi_inplace(char *input_X, char *input_A) 640*62c56f98SSadaf Ebrahimi{ 641*62c56f98SSadaf Ebrahimi mbedtls_mpi X, A; 642*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); 643*62c56f98SSadaf Ebrahimi 644*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 645*62c56f98SSadaf Ebrahimi 646*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 647*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_sub_abs(&X, &X, &X) == 0); 648*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_int(&X, 0) == 0); 649*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 650*62c56f98SSadaf Ebrahimi 651*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 652*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_abs(&X, &X, &X) == 0); 653*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 654*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 655*62c56f98SSadaf Ebrahimi 656*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 657*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_mpi(&X, &X, &X) == 0); 658*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 659*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 660*62c56f98SSadaf Ebrahimi 661*62c56f98SSadaf Ebrahimiexit: 662*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); 663*62c56f98SSadaf Ebrahimi} 664*62c56f98SSadaf Ebrahimi/* END_CASE */ 665*62c56f98SSadaf Ebrahimi 666*62c56f98SSadaf Ebrahimi 667*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 668*62c56f98SSadaf Ebrahimivoid mpi_add_abs(char *input_X, char *input_Y, 669*62c56f98SSadaf Ebrahimi char *input_A) 670*62c56f98SSadaf Ebrahimi{ 671*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, Z, A; 672*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 673*62c56f98SSadaf Ebrahimi 674*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 675*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 676*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 677*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_abs(&Z, &X, &Y) == 0); 678*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 679*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 680*62c56f98SSadaf Ebrahimi 681*62c56f98SSadaf Ebrahimi /* result == first operand */ 682*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_abs(&X, &X, &Y) == 0); 683*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 684*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 685*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 686*62c56f98SSadaf Ebrahimi 687*62c56f98SSadaf Ebrahimi /* result == second operand */ 688*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_abs(&Y, &X, &Y) == 0); 689*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Y)); 690*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); 691*62c56f98SSadaf Ebrahimi 692*62c56f98SSadaf Ebrahimiexit: 693*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 694*62c56f98SSadaf Ebrahimi} 695*62c56f98SSadaf Ebrahimi/* END_CASE */ 696*62c56f98SSadaf Ebrahimi 697*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 698*62c56f98SSadaf Ebrahimivoid mpi_add_int(char *input_X, int input_Y, 699*62c56f98SSadaf Ebrahimi char *input_A) 700*62c56f98SSadaf Ebrahimi{ 701*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Z, A; 702*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 703*62c56f98SSadaf Ebrahimi 704*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 705*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 706*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_add_int(&Z, &X, input_Y) == 0); 707*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 708*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 709*62c56f98SSadaf Ebrahimi 710*62c56f98SSadaf Ebrahimiexit: 711*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 712*62c56f98SSadaf Ebrahimi} 713*62c56f98SSadaf Ebrahimi/* END_CASE */ 714*62c56f98SSadaf Ebrahimi 715*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 716*62c56f98SSadaf Ebrahimivoid mpi_sub_mpi(char *input_X, char *input_Y, 717*62c56f98SSadaf Ebrahimi char *input_A) 718*62c56f98SSadaf Ebrahimi{ 719*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, Z, A; 720*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 721*62c56f98SSadaf Ebrahimi 722*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 723*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 724*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 725*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_sub_mpi(&Z, &X, &Y) == 0); 726*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 727*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 728*62c56f98SSadaf Ebrahimi 729*62c56f98SSadaf Ebrahimi /* result == first operand */ 730*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_sub_mpi(&X, &X, &Y) == 0); 731*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 732*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 733*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 734*62c56f98SSadaf Ebrahimi 735*62c56f98SSadaf Ebrahimi /* result == second operand */ 736*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_sub_mpi(&Y, &X, &Y) == 0); 737*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Y)); 738*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); 739*62c56f98SSadaf Ebrahimi 740*62c56f98SSadaf Ebrahimiexit: 741*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 742*62c56f98SSadaf Ebrahimi} 743*62c56f98SSadaf Ebrahimi/* END_CASE */ 744*62c56f98SSadaf Ebrahimi 745*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 746*62c56f98SSadaf Ebrahimivoid mpi_sub_abs(char *input_X, char *input_Y, 747*62c56f98SSadaf Ebrahimi char *input_A, int sub_result) 748*62c56f98SSadaf Ebrahimi{ 749*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, Z, A; 750*62c56f98SSadaf Ebrahimi int res; 751*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 752*62c56f98SSadaf Ebrahimi 753*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 754*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 755*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 756*62c56f98SSadaf Ebrahimi 757*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_sub_abs(&Z, &X, &Y); 758*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == sub_result); 759*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 760*62c56f98SSadaf Ebrahimi if (res == 0) { 761*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 762*62c56f98SSadaf Ebrahimi } 763*62c56f98SSadaf Ebrahimi 764*62c56f98SSadaf Ebrahimi /* result == first operand */ 765*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_sub_abs(&X, &X, &Y) == sub_result); 766*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 767*62c56f98SSadaf Ebrahimi if (sub_result == 0) { 768*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 769*62c56f98SSadaf Ebrahimi } 770*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 771*62c56f98SSadaf Ebrahimi 772*62c56f98SSadaf Ebrahimi /* result == second operand */ 773*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_sub_abs(&Y, &X, &Y) == sub_result); 774*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Y)); 775*62c56f98SSadaf Ebrahimi if (sub_result == 0) { 776*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); 777*62c56f98SSadaf Ebrahimi } 778*62c56f98SSadaf Ebrahimi 779*62c56f98SSadaf Ebrahimiexit: 780*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 781*62c56f98SSadaf Ebrahimi} 782*62c56f98SSadaf Ebrahimi/* END_CASE */ 783*62c56f98SSadaf Ebrahimi 784*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 785*62c56f98SSadaf Ebrahimivoid mpi_sub_int(char *input_X, int input_Y, 786*62c56f98SSadaf Ebrahimi char *input_A) 787*62c56f98SSadaf Ebrahimi{ 788*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Z, A; 789*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 790*62c56f98SSadaf Ebrahimi 791*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 792*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 793*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_sub_int(&Z, &X, input_Y) == 0); 794*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 795*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 796*62c56f98SSadaf Ebrahimi 797*62c56f98SSadaf Ebrahimiexit: 798*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 799*62c56f98SSadaf Ebrahimi} 800*62c56f98SSadaf Ebrahimi/* END_CASE */ 801*62c56f98SSadaf Ebrahimi 802*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 803*62c56f98SSadaf Ebrahimivoid mpi_mul_mpi(char *input_X, char *input_Y, 804*62c56f98SSadaf Ebrahimi char *input_A) 805*62c56f98SSadaf Ebrahimi{ 806*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, Z, A; 807*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 808*62c56f98SSadaf Ebrahimi 809*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 810*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 811*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 812*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_mul_mpi(&Z, &X, &Y) == 0); 813*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 814*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 815*62c56f98SSadaf Ebrahimi 816*62c56f98SSadaf Ebrahimiexit: 817*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 818*62c56f98SSadaf Ebrahimi} 819*62c56f98SSadaf Ebrahimi/* END_CASE */ 820*62c56f98SSadaf Ebrahimi 821*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 822*62c56f98SSadaf Ebrahimivoid mpi_mul_int(char *input_X, int input_Y, 823*62c56f98SSadaf Ebrahimi char *input_A, char *result_comparison) 824*62c56f98SSadaf Ebrahimi{ 825*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Z, A; 826*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 827*62c56f98SSadaf Ebrahimi 828*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 829*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 830*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_mul_int(&Z, &X, input_Y) == 0); 831*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 832*62c56f98SSadaf Ebrahimi if (strcmp(result_comparison, "==") == 0) { 833*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 834*62c56f98SSadaf Ebrahimi } else if (strcmp(result_comparison, "!=") == 0) { 835*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) != 0); 836*62c56f98SSadaf Ebrahimi } else { 837*62c56f98SSadaf Ebrahimi TEST_FAIL("unknown operator"); 838*62c56f98SSadaf Ebrahimi } 839*62c56f98SSadaf Ebrahimi 840*62c56f98SSadaf Ebrahimiexit: 841*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 842*62c56f98SSadaf Ebrahimi} 843*62c56f98SSadaf Ebrahimi/* END_CASE */ 844*62c56f98SSadaf Ebrahimi 845*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 846*62c56f98SSadaf Ebrahimivoid mpi_div_mpi(char *input_X, char *input_Y, 847*62c56f98SSadaf Ebrahimi char *input_A, char *input_B, 848*62c56f98SSadaf Ebrahimi int div_result) 849*62c56f98SSadaf Ebrahimi{ 850*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, Q, R, A, B; 851*62c56f98SSadaf Ebrahimi int res; 852*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&R); 853*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&A); mbedtls_mpi_init(&B); 854*62c56f98SSadaf Ebrahimi 855*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 856*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 857*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 858*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&B, input_B) == 0); 859*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_div_mpi(&Q, &R, &X, &Y); 860*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == div_result); 861*62c56f98SSadaf Ebrahimi if (res == 0) { 862*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Q)); 863*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&R)); 864*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &A) == 0); 865*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) == 0); 866*62c56f98SSadaf Ebrahimi } 867*62c56f98SSadaf Ebrahimi 868*62c56f98SSadaf Ebrahimiexit: 869*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&R); 870*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&A); mbedtls_mpi_free(&B); 871*62c56f98SSadaf Ebrahimi} 872*62c56f98SSadaf Ebrahimi/* END_CASE */ 873*62c56f98SSadaf Ebrahimi 874*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 875*62c56f98SSadaf Ebrahimivoid mpi_div_int(char *input_X, int input_Y, 876*62c56f98SSadaf Ebrahimi char *input_A, char *input_B, 877*62c56f98SSadaf Ebrahimi int div_result) 878*62c56f98SSadaf Ebrahimi{ 879*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Q, R, A, B; 880*62c56f98SSadaf Ebrahimi int res; 881*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&R); mbedtls_mpi_init(&A); 882*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&B); 883*62c56f98SSadaf Ebrahimi 884*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 885*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 886*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&B, input_B) == 0); 887*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_div_int(&Q, &R, &X, input_Y); 888*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == div_result); 889*62c56f98SSadaf Ebrahimi if (res == 0) { 890*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Q)); 891*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&R)); 892*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &A) == 0); 893*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) == 0); 894*62c56f98SSadaf Ebrahimi } 895*62c56f98SSadaf Ebrahimi 896*62c56f98SSadaf Ebrahimiexit: 897*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&R); mbedtls_mpi_free(&A); 898*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&B); 899*62c56f98SSadaf Ebrahimi} 900*62c56f98SSadaf Ebrahimi/* END_CASE */ 901*62c56f98SSadaf Ebrahimi 902*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 903*62c56f98SSadaf Ebrahimivoid mpi_mod_mpi(char *input_X, char *input_Y, 904*62c56f98SSadaf Ebrahimi char *input_A, int div_result) 905*62c56f98SSadaf Ebrahimi{ 906*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, A; 907*62c56f98SSadaf Ebrahimi int res; 908*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&A); 909*62c56f98SSadaf Ebrahimi 910*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 911*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 912*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 913*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_mod_mpi(&X, &X, &Y); 914*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == div_result); 915*62c56f98SSadaf Ebrahimi if (res == 0) { 916*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 917*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 918*62c56f98SSadaf Ebrahimi } 919*62c56f98SSadaf Ebrahimi 920*62c56f98SSadaf Ebrahimiexit: 921*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&A); 922*62c56f98SSadaf Ebrahimi} 923*62c56f98SSadaf Ebrahimi/* END_CASE */ 924*62c56f98SSadaf Ebrahimi 925*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 926*62c56f98SSadaf Ebrahimivoid mpi_mod_int(char *input_X, mbedtls_mpi_sint y, 927*62c56f98SSadaf Ebrahimi mbedtls_mpi_sint a, int mod_result) 928*62c56f98SSadaf Ebrahimi{ 929*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 930*62c56f98SSadaf Ebrahimi int res; 931*62c56f98SSadaf Ebrahimi mbedtls_mpi_uint r; 932*62c56f98SSadaf Ebrahimi 933*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 934*62c56f98SSadaf Ebrahimi 935*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0); 936*62c56f98SSadaf Ebrahimi 937*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_mod_int(&r, &X, y); 938*62c56f98SSadaf Ebrahimi TEST_EQUAL(res, mod_result); 939*62c56f98SSadaf Ebrahimi if (res == 0) { 940*62c56f98SSadaf Ebrahimi TEST_EQUAL(r, a); 941*62c56f98SSadaf Ebrahimi } 942*62c56f98SSadaf Ebrahimi 943*62c56f98SSadaf Ebrahimiexit: 944*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 945*62c56f98SSadaf Ebrahimi} 946*62c56f98SSadaf Ebrahimi/* END_CASE */ 947*62c56f98SSadaf Ebrahimi 948*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 949*62c56f98SSadaf Ebrahimivoid mpi_exp_mod(char *input_A, char *input_E, 950*62c56f98SSadaf Ebrahimi char *input_N, char *input_X, 951*62c56f98SSadaf Ebrahimi int exp_result) 952*62c56f98SSadaf Ebrahimi{ 953*62c56f98SSadaf Ebrahimi mbedtls_mpi A, E, N, RR, Z, X; 954*62c56f98SSadaf Ebrahimi int res; 955*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); 956*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&RR); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&X); 957*62c56f98SSadaf Ebrahimi 958*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 959*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); 960*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); 961*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 962*62c56f98SSadaf Ebrahimi 963*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, NULL); 964*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == exp_result); 965*62c56f98SSadaf Ebrahimi if (res == 0) { 966*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 967*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); 968*62c56f98SSadaf Ebrahimi } 969*62c56f98SSadaf Ebrahimi 970*62c56f98SSadaf Ebrahimi /* Now test again with the speed-up parameter supplied as an output. */ 971*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); 972*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == exp_result); 973*62c56f98SSadaf Ebrahimi if (res == 0) { 974*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 975*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); 976*62c56f98SSadaf Ebrahimi } 977*62c56f98SSadaf Ebrahimi 978*62c56f98SSadaf Ebrahimi /* Now test again with the speed-up parameter supplied in calculated form. */ 979*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); 980*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == exp_result); 981*62c56f98SSadaf Ebrahimi if (res == 0) { 982*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 983*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); 984*62c56f98SSadaf Ebrahimi } 985*62c56f98SSadaf Ebrahimi 986*62c56f98SSadaf Ebrahimiexit: 987*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); 988*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&RR); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&X); 989*62c56f98SSadaf Ebrahimi} 990*62c56f98SSadaf Ebrahimi/* END_CASE */ 991*62c56f98SSadaf Ebrahimi 992*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 993*62c56f98SSadaf Ebrahimivoid mpi_exp_mod_size(int A_bytes, int E_bytes, int N_bytes, 994*62c56f98SSadaf Ebrahimi char *input_RR, int exp_result) 995*62c56f98SSadaf Ebrahimi{ 996*62c56f98SSadaf Ebrahimi mbedtls_mpi A, E, N, RR, Z; 997*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); 998*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&RR); mbedtls_mpi_init(&Z); 999*62c56f98SSadaf Ebrahimi 1000*62c56f98SSadaf Ebrahimi /* Set A to 2^(A_bytes - 1) + 1 */ 1001*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_lset(&A, 1) == 0); 1002*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_shift_l(&A, (A_bytes * 8) - 1) == 0); 1003*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_set_bit(&A, 0, 1) == 0); 1004*62c56f98SSadaf Ebrahimi 1005*62c56f98SSadaf Ebrahimi /* Set E to 2^(E_bytes - 1) + 1 */ 1006*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_lset(&E, 1) == 0); 1007*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_shift_l(&E, (E_bytes * 8) - 1) == 0); 1008*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_set_bit(&E, 0, 1) == 0); 1009*62c56f98SSadaf Ebrahimi 1010*62c56f98SSadaf Ebrahimi /* Set N to 2^(N_bytes - 1) + 1 */ 1011*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_lset(&N, 1) == 0); 1012*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_shift_l(&N, (N_bytes * 8) - 1) == 0); 1013*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_set_bit(&N, 0, 1) == 0); 1014*62c56f98SSadaf Ebrahimi 1015*62c56f98SSadaf Ebrahimi if (strlen(input_RR)) { 1016*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&RR, input_RR) == 0); 1017*62c56f98SSadaf Ebrahimi } 1018*62c56f98SSadaf Ebrahimi 1019*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR) == exp_result); 1020*62c56f98SSadaf Ebrahimi 1021*62c56f98SSadaf Ebrahimiexit: 1022*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); 1023*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&RR); mbedtls_mpi_free(&Z); 1024*62c56f98SSadaf Ebrahimi} 1025*62c56f98SSadaf Ebrahimi/* END_CASE */ 1026*62c56f98SSadaf Ebrahimi 1027*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 1028*62c56f98SSadaf Ebrahimivoid mpi_inv_mod(char *input_X, char *input_Y, 1029*62c56f98SSadaf Ebrahimi char *input_A, int div_result) 1030*62c56f98SSadaf Ebrahimi{ 1031*62c56f98SSadaf Ebrahimi mbedtls_mpi X, Y, Z, A; 1032*62c56f98SSadaf Ebrahimi int res; 1033*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); 1034*62c56f98SSadaf Ebrahimi 1035*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 1036*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); 1037*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 1038*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_inv_mod(&Z, &X, &Y); 1039*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == div_result); 1040*62c56f98SSadaf Ebrahimi if (res == 0) { 1041*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&Z)); 1042*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); 1043*62c56f98SSadaf Ebrahimi } 1044*62c56f98SSadaf Ebrahimi 1045*62c56f98SSadaf Ebrahimiexit: 1046*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); 1047*62c56f98SSadaf Ebrahimi} 1048*62c56f98SSadaf Ebrahimi/* END_CASE */ 1049*62c56f98SSadaf Ebrahimi 1050*62c56f98SSadaf Ebrahimi/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ 1051*62c56f98SSadaf Ebrahimivoid mpi_is_prime(char *input_X, int div_result) 1052*62c56f98SSadaf Ebrahimi{ 1053*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 1054*62c56f98SSadaf Ebrahimi int res; 1055*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 1056*62c56f98SSadaf Ebrahimi 1057*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 1058*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_is_prime_ext(&X, 40, mbedtls_test_rnd_std_rand, NULL); 1059*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == div_result); 1060*62c56f98SSadaf Ebrahimi 1061*62c56f98SSadaf Ebrahimiexit: 1062*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 1063*62c56f98SSadaf Ebrahimi} 1064*62c56f98SSadaf Ebrahimi/* END_CASE */ 1065*62c56f98SSadaf Ebrahimi 1066*62c56f98SSadaf Ebrahimi/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ 1067*62c56f98SSadaf Ebrahimivoid mpi_is_prime_det(data_t *input_X, data_t *witnesses, 1068*62c56f98SSadaf Ebrahimi int chunk_len, int rounds) 1069*62c56f98SSadaf Ebrahimi{ 1070*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 1071*62c56f98SSadaf Ebrahimi int res; 1072*62c56f98SSadaf Ebrahimi mbedtls_test_mpi_random rand; 1073*62c56f98SSadaf Ebrahimi 1074*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 1075*62c56f98SSadaf Ebrahimi rand.data = witnesses; 1076*62c56f98SSadaf Ebrahimi rand.pos = 0; 1077*62c56f98SSadaf Ebrahimi rand.chunk_len = chunk_len; 1078*62c56f98SSadaf Ebrahimi 1079*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_read_binary(&X, input_X->x, input_X->len) == 0); 1080*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_is_prime_ext(&X, rounds - 1, 1081*62c56f98SSadaf Ebrahimi mbedtls_test_mpi_miller_rabin_determinizer, 1082*62c56f98SSadaf Ebrahimi &rand); 1083*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == 0); 1084*62c56f98SSadaf Ebrahimi 1085*62c56f98SSadaf Ebrahimi rand.data = witnesses; 1086*62c56f98SSadaf Ebrahimi rand.pos = 0; 1087*62c56f98SSadaf Ebrahimi rand.chunk_len = chunk_len; 1088*62c56f98SSadaf Ebrahimi 1089*62c56f98SSadaf Ebrahimi res = mbedtls_mpi_is_prime_ext(&X, rounds, 1090*62c56f98SSadaf Ebrahimi mbedtls_test_mpi_miller_rabin_determinizer, 1091*62c56f98SSadaf Ebrahimi &rand); 1092*62c56f98SSadaf Ebrahimi TEST_ASSERT(res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE); 1093*62c56f98SSadaf Ebrahimi 1094*62c56f98SSadaf Ebrahimiexit: 1095*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 1096*62c56f98SSadaf Ebrahimi} 1097*62c56f98SSadaf Ebrahimi/* END_CASE */ 1098*62c56f98SSadaf Ebrahimi 1099*62c56f98SSadaf Ebrahimi/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ 1100*62c56f98SSadaf Ebrahimivoid mpi_gen_prime(int bits, int flags, int ref_ret) 1101*62c56f98SSadaf Ebrahimi{ 1102*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 1103*62c56f98SSadaf Ebrahimi int my_ret; 1104*62c56f98SSadaf Ebrahimi 1105*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 1106*62c56f98SSadaf Ebrahimi 1107*62c56f98SSadaf Ebrahimi my_ret = mbedtls_mpi_gen_prime(&X, bits, flags, 1108*62c56f98SSadaf Ebrahimi mbedtls_test_rnd_std_rand, NULL); 1109*62c56f98SSadaf Ebrahimi TEST_ASSERT(my_ret == ref_ret); 1110*62c56f98SSadaf Ebrahimi 1111*62c56f98SSadaf Ebrahimi if (ref_ret == 0) { 1112*62c56f98SSadaf Ebrahimi size_t actual_bits = mbedtls_mpi_bitlen(&X); 1113*62c56f98SSadaf Ebrahimi 1114*62c56f98SSadaf Ebrahimi TEST_ASSERT(actual_bits >= (size_t) bits); 1115*62c56f98SSadaf Ebrahimi TEST_ASSERT(actual_bits <= (size_t) bits + 1); 1116*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 1117*62c56f98SSadaf Ebrahimi 1118*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_is_prime_ext(&X, 40, 1119*62c56f98SSadaf Ebrahimi mbedtls_test_rnd_std_rand, 1120*62c56f98SSadaf Ebrahimi NULL) == 0); 1121*62c56f98SSadaf Ebrahimi if (flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH) { 1122*62c56f98SSadaf Ebrahimi /* X = ( X - 1 ) / 2 */ 1123*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_shift_r(&X, 1) == 0); 1124*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_is_prime_ext(&X, 40, 1125*62c56f98SSadaf Ebrahimi mbedtls_test_rnd_std_rand, 1126*62c56f98SSadaf Ebrahimi NULL) == 0); 1127*62c56f98SSadaf Ebrahimi } 1128*62c56f98SSadaf Ebrahimi } 1129*62c56f98SSadaf Ebrahimi 1130*62c56f98SSadaf Ebrahimiexit: 1131*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 1132*62c56f98SSadaf Ebrahimi} 1133*62c56f98SSadaf Ebrahimi/* END_CASE */ 1134*62c56f98SSadaf Ebrahimi 1135*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 1136*62c56f98SSadaf Ebrahimivoid mpi_shift_l(char *input_X, int shift_X, 1137*62c56f98SSadaf Ebrahimi char *input_A) 1138*62c56f98SSadaf Ebrahimi{ 1139*62c56f98SSadaf Ebrahimi mbedtls_mpi X, A; 1140*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); 1141*62c56f98SSadaf Ebrahimi 1142*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 1143*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 1144*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_shift_l(&X, shift_X) == 0); 1145*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 1146*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 1147*62c56f98SSadaf Ebrahimi 1148*62c56f98SSadaf Ebrahimiexit: 1149*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); 1150*62c56f98SSadaf Ebrahimi} 1151*62c56f98SSadaf Ebrahimi/* END_CASE */ 1152*62c56f98SSadaf Ebrahimi 1153*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 1154*62c56f98SSadaf Ebrahimivoid mpi_shift_r(char *input_X, int shift_X, 1155*62c56f98SSadaf Ebrahimi char *input_A) 1156*62c56f98SSadaf Ebrahimi{ 1157*62c56f98SSadaf Ebrahimi mbedtls_mpi X, A; 1158*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); 1159*62c56f98SSadaf Ebrahimi 1160*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); 1161*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); 1162*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_shift_r(&X, shift_X) == 0); 1163*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 1164*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); 1165*62c56f98SSadaf Ebrahimi 1166*62c56f98SSadaf Ebrahimiexit: 1167*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); 1168*62c56f98SSadaf Ebrahimi} 1169*62c56f98SSadaf Ebrahimi/* END_CASE */ 1170*62c56f98SSadaf Ebrahimi 1171*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 1172*62c56f98SSadaf Ebrahimivoid mpi_fill_random(int wanted_bytes, int rng_bytes, 1173*62c56f98SSadaf Ebrahimi int before, int expected_ret) 1174*62c56f98SSadaf Ebrahimi{ 1175*62c56f98SSadaf Ebrahimi mbedtls_mpi X; 1176*62c56f98SSadaf Ebrahimi int ret; 1177*62c56f98SSadaf Ebrahimi size_t bytes_left = rng_bytes; 1178*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 1179*62c56f98SSadaf Ebrahimi 1180*62c56f98SSadaf Ebrahimi if (before != 0) { 1181*62c56f98SSadaf Ebrahimi /* Set X to sign(before) * 2^(|before|-1) */ 1182*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_lset(&X, before > 0 ? 1 : -1) == 0); 1183*62c56f98SSadaf Ebrahimi if (before < 0) { 1184*62c56f98SSadaf Ebrahimi before = -before; 1185*62c56f98SSadaf Ebrahimi } 1186*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_shift_l(&X, before - 1) == 0); 1187*62c56f98SSadaf Ebrahimi } 1188*62c56f98SSadaf Ebrahimi 1189*62c56f98SSadaf Ebrahimi ret = mbedtls_mpi_fill_random(&X, wanted_bytes, 1190*62c56f98SSadaf Ebrahimi f_rng_bytes_left, &bytes_left); 1191*62c56f98SSadaf Ebrahimi TEST_ASSERT(ret == expected_ret); 1192*62c56f98SSadaf Ebrahimi 1193*62c56f98SSadaf Ebrahimi if (expected_ret == 0) { 1194*62c56f98SSadaf Ebrahimi /* mbedtls_mpi_fill_random is documented to use bytes from the RNG 1195*62c56f98SSadaf Ebrahimi * as a big-endian representation of the number. We know when 1196*62c56f98SSadaf Ebrahimi * our RNG function returns null bytes, so we know how many 1197*62c56f98SSadaf Ebrahimi * leading zero bytes the number has. */ 1198*62c56f98SSadaf Ebrahimi size_t leading_zeros = 0; 1199*62c56f98SSadaf Ebrahimi if (wanted_bytes > 0 && rng_bytes % 256 == 0) { 1200*62c56f98SSadaf Ebrahimi leading_zeros = 1; 1201*62c56f98SSadaf Ebrahimi } 1202*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_size(&X) + leading_zeros == 1203*62c56f98SSadaf Ebrahimi (size_t) wanted_bytes); 1204*62c56f98SSadaf Ebrahimi TEST_ASSERT((int) bytes_left == rng_bytes - wanted_bytes); 1205*62c56f98SSadaf Ebrahimi TEST_ASSERT(sign_is_valid(&X)); 1206*62c56f98SSadaf Ebrahimi } 1207*62c56f98SSadaf Ebrahimi 1208*62c56f98SSadaf Ebrahimiexit: 1209*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 1210*62c56f98SSadaf Ebrahimi} 1211*62c56f98SSadaf Ebrahimi/* END_CASE */ 1212*62c56f98SSadaf Ebrahimi 1213*62c56f98SSadaf Ebrahimi/* BEGIN_CASE */ 1214*62c56f98SSadaf Ebrahimivoid most_negative_mpi_sint() 1215*62c56f98SSadaf Ebrahimi{ 1216*62c56f98SSadaf Ebrahimi /* Ad hoc tests for n = -p = -2^(biL-1) as a mbedtls_mpi_sint. We 1217*62c56f98SSadaf Ebrahimi * guarantee that mbedtls_mpi_sint is a two's complement type, so this 1218*62c56f98SSadaf Ebrahimi * is a valid value. However, negating it (`-n`) has undefined behavior 1219*62c56f98SSadaf Ebrahimi * (although in practice `-n` evaluates to the value n). 1220*62c56f98SSadaf Ebrahimi * 1221*62c56f98SSadaf Ebrahimi * This function has ad hoc tests for this value. It's separated from other 1222*62c56f98SSadaf Ebrahimi * functions because the test framework makes it hard to pass this value 1223*62c56f98SSadaf Ebrahimi * into test cases. 1224*62c56f98SSadaf Ebrahimi * 1225*62c56f98SSadaf Ebrahimi * In the comments here: 1226*62c56f98SSadaf Ebrahimi * - biL = number of bits in limbs 1227*62c56f98SSadaf Ebrahimi * - p = 2^(biL-1) (smallest positive value not in mbedtls_mpi_sint range) 1228*62c56f98SSadaf Ebrahimi * - n = -2^(biL-1) (largest negative value in mbedtls_mpi_sint range) 1229*62c56f98SSadaf Ebrahimi */ 1230*62c56f98SSadaf Ebrahimi 1231*62c56f98SSadaf Ebrahimi mbedtls_mpi A, R, X; 1232*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&A); 1233*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&R); 1234*62c56f98SSadaf Ebrahimi mbedtls_mpi_init(&X); 1235*62c56f98SSadaf Ebrahimi 1236*62c56f98SSadaf Ebrahimi mbedtls_mpi_uint most_positive_plus_1 = (mbedtls_mpi_uint) 1 << (biL - 1); 1237*62c56f98SSadaf Ebrahimi const mbedtls_mpi_sint most_positive = most_positive_plus_1 - 1; 1238*62c56f98SSadaf Ebrahimi const mbedtls_mpi_sint most_negative = -most_positive - 1; 1239*62c56f98SSadaf Ebrahimi TEST_EQUAL((mbedtls_mpi_uint) most_negative, 1240*62c56f98SSadaf Ebrahimi (mbedtls_mpi_uint) 1 << (biL - 1)); 1241*62c56f98SSadaf Ebrahimi TEST_EQUAL((mbedtls_mpi_uint) most_negative << 1, 0); 1242*62c56f98SSadaf Ebrahimi 1243*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_lset() */ 1244*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); 1245*62c56f98SSadaf Ebrahimi TEST_EQUAL(A.s, -1); 1246*62c56f98SSadaf Ebrahimi TEST_EQUAL(A.n, 1); 1247*62c56f98SSadaf Ebrahimi TEST_EQUAL(A.p[0], most_positive_plus_1); 1248*62c56f98SSadaf Ebrahimi 1249*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_cmp_int(): -p == -p */ 1250*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), 0); 1251*62c56f98SSadaf Ebrahimi 1252*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_cmp_int(): -(p+1) < -p */ 1253*62c56f98SSadaf Ebrahimi A.p[0] = most_positive_plus_1 + 1; 1254*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), -1); 1255*62c56f98SSadaf Ebrahimi 1256*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_cmp_int(): -(p-1) > -p */ 1257*62c56f98SSadaf Ebrahimi A.p[0] = most_positive_plus_1 - 1; 1258*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), 1); 1259*62c56f98SSadaf Ebrahimi 1260*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_add_int(): (p-1) + (-p) */ 1261*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); 1262*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); 1263*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -1), 0); 1264*62c56f98SSadaf Ebrahimi 1265*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_add_int(): (0) + (-p) */ 1266*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, 0), 0); 1267*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); 1268*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, most_negative), 0); 1269*62c56f98SSadaf Ebrahimi 1270*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_add_int(): (-p) + (-p) */ 1271*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); 1272*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); 1273*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.s, -1); 1274*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.n, 2); 1275*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.p[0], 0); 1276*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.p[1], 1); 1277*62c56f98SSadaf Ebrahimi 1278*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_sub_int(): (p) - (-p) */ 1279*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 1280*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); 1281*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); 1282*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.s, 1); 1283*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.n, 1); 1284*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.p[0], ~(mbedtls_mpi_uint) 0); 1285*62c56f98SSadaf Ebrahimi 1286*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_sub_int(): (0) - (-p) */ 1287*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, 0), 0); 1288*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); 1289*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.s, 1); 1290*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.n, 1); 1291*62c56f98SSadaf Ebrahimi TEST_EQUAL(X.p[0], most_positive_plus_1); 1292*62c56f98SSadaf Ebrahimi 1293*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_sub_int(): (-p) - (-p) */ 1294*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); 1295*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); 1296*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); 1297*62c56f98SSadaf Ebrahimi 1298*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_div_int(): (-p+1) / (-p) */ 1299*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, -most_positive), 0); 1300*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); 1301*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); 1302*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&R, -most_positive), 0); 1303*62c56f98SSadaf Ebrahimi 1304*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_div_int(): (-p) / (-p) */ 1305*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); 1306*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); 1307*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 1), 0); 1308*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); 1309*62c56f98SSadaf Ebrahimi 1310*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_div_int(): (-2*p) / (-p) */ 1311*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_shift_l(&A, 1), 0); 1312*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); 1313*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 2), 0); 1314*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); 1315*62c56f98SSadaf Ebrahimi 1316*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_div_int(): (-2*p+1) / (-p) */ 1317*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_add_int(&A, &A, 1), 0); 1318*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); 1319*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 1), 0); 1320*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&R, -most_positive), 0); 1321*62c56f98SSadaf Ebrahimi 1322*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_div_int(): (p-1) / (-p) */ 1323*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); 1324*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); 1325*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); 1326*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&R, most_positive), 0); 1327*62c56f98SSadaf Ebrahimi 1328*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_div_int(): (p) / (-p) */ 1329*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_add_int(&A, &A, 1), 0); 1330*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); 1331*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -1), 0); 1332*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); 1333*62c56f98SSadaf Ebrahimi 1334*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_div_int(): (2*p) / (-p) */ 1335*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_shift_l(&A, 1), 0); 1336*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); 1337*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -2), 0); 1338*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); 1339*62c56f98SSadaf Ebrahimi 1340*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_mod_int(): never valid */ 1341*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_mod_int(X.p, &A, most_negative), 1342*62c56f98SSadaf Ebrahimi MBEDTLS_ERR_MPI_NEGATIVE_VALUE); 1343*62c56f98SSadaf Ebrahimi 1344*62c56f98SSadaf Ebrahimi /* Test mbedtls_mpi_random(): never valid */ 1345*62c56f98SSadaf Ebrahimi TEST_EQUAL(mbedtls_mpi_random(&X, most_negative, &A, 1346*62c56f98SSadaf Ebrahimi mbedtls_test_rnd_std_rand, NULL), 1347*62c56f98SSadaf Ebrahimi MBEDTLS_ERR_MPI_BAD_INPUT_DATA); 1348*62c56f98SSadaf Ebrahimi 1349*62c56f98SSadaf Ebrahimiexit: 1350*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&A); 1351*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&R); 1352*62c56f98SSadaf Ebrahimi mbedtls_mpi_free(&X); 1353*62c56f98SSadaf Ebrahimi} 1354*62c56f98SSadaf Ebrahimi/* END_CASE */ 1355*62c56f98SSadaf Ebrahimi 1356*62c56f98SSadaf Ebrahimi/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ 1357*62c56f98SSadaf Ebrahimivoid mpi_selftest() 1358*62c56f98SSadaf Ebrahimi{ 1359*62c56f98SSadaf Ebrahimi TEST_ASSERT(mbedtls_mpi_self_test(1) == 0); 1360*62c56f98SSadaf Ebrahimi} 1361*62c56f98SSadaf Ebrahimi/* END_CASE */ 1362