From 1a1b1755548b2b0e773df39922f87def8820ea20 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Mon, 10 Oct 2022 14:50:06 +0100 Subject: [PATCH] test_suite_bignum: Added tests for `mpi_get_montgomery_constant_unsafe()` This patch adds the test for the method calculating the RR. The input/expected data are generated manually using the following Python3 snippet: ~~~~~ import math title="mpi_get_montgomery_constant_unsafe" tt = title + " #{}" in_data = [ "0f", ... ] def limb_no(number, bil=64): return int(math.ceil(int.bit_length(number)/(bil * 1.0))) def calc_rr(number, bil=64 ): return '{:x}'.format(pow(pow(2, limb_no(number, bil) * bil), 2, number)) def calc_rr_str(number, prefix=""): rr64 = calc_rr(number) rr32 = calc_rr(number, bil=32) return '{}:"{:x}":"{}":"{}"'.format(prefix,number, rr32, rr64) print("\n\n".join(["{}\n{}".format(tt.format(in_data.index(v)+1), calc_rr_str(int(v,base=16), title)) for v in in_data])) ~~~~~ Signed-off-by: Minos Galanakis --- tests/suites/test_suite_bignum.function | 78 ++++++++++++++++++++++++ tests/suites/test_suite_bignum.misc.data | 33 ++++++++++ 2 files changed, 111 insertions(+) diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function index 4cec0a7c71..e94681a28b 100644 --- a/tests/suites/test_suite_bignum.function +++ b/tests/suites/test_suite_bignum.function @@ -1,8 +1,10 @@ /* BEGIN_HEADER */ #include "mbedtls/bignum.h" +#include "bignum_core.h" #include "mbedtls/entropy.h" #include "constant_time_internal.h" #include "test/constant_flow.h" +#include "mbedtls/error.h" #if MBEDTLS_MPI_MAX_BITS > 792 #define MPI_MAX_BITS_LARGER_THAN_792 @@ -1414,6 +1416,82 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mpi_get_montgomery_constant_unsafe_neg( ) +{ + mbedtls_mpi N, RR; + mbedtls_mpi_init( &N ); + mbedtls_mpi_init( &RR ); + const char * n = "7ffffffffffffff1"; + + /* Test for NULL input pointers */ + TEST_EQUAL( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED, + mbedtls_mpi_get_montgomery_constant_unsafe( NULL, &N ) ); + + TEST_EQUAL( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED, + mbedtls_mpi_get_montgomery_constant_unsafe( &RR, NULL ) ); + + /* Test for zero divisor */ + TEST_EQUAL( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO, + mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) ); + + /* Test for negative input */ + TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, n ) ); + N.s = -1; + TEST_EQUAL( MBEDTLS_ERR_MPI_NEGATIVE_VALUE, + mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) ); + N.s = 1; + +exit: + mbedtls_mpi_free( &N ); + mbedtls_mpi_free( &RR ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_get_montgomery_constant_unsafe( char * input_N, + char * input_RR_X4, + char * input_RR_X8 ) +{ + mbedtls_mpi N, RR, RR_REF; + + /* Select the appropriate output */ + char * input_rr = ( sizeof(mbedtls_mpi_uint) == 4 ) ? input_RR_X4: input_RR_X8; + + mbedtls_mpi_init( &N ); + mbedtls_mpi_init( &RR ); + mbedtls_mpi_init( &RR_REF ); + + /* Read inputs */ + TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, input_N ) ); + TEST_EQUAL( 0, mbedtls_test_read_mpi( &RR_REF, input_rr ) ); + + /* All of the inputs are +ve (or zero) */ + TEST_EQUAL( 1, sign_is_valid(&N)); + TEST_EQUAL( 1, sign_is_valid(&RR_REF)); + + /* Test valid input */ + TEST_EQUAL( 0, mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) ); + + /* Test that the moduli is odd */ + TEST_EQUAL(N.p[0] ^ 1, N.p[0] - 1); + + /* Output is +ve (or zero) */ + TEST_EQUAL( 1, sign_is_valid(&RR)); + + /* rr is updated to a valid pointer */ + TEST_ASSERT( RR.p != NULL ); + + /* Calculated rr matches expected value */ + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &RR, &RR_REF ) == 0 ); + +exit: + mbedtls_mpi_free( &N ); + mbedtls_mpi_free( &RR ); + mbedtls_mpi_free( &RR_REF ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void mpi_selftest( ) { diff --git a/tests/suites/test_suite_bignum.misc.data b/tests/suites/test_suite_bignum.misc.data index 78afcb64c5..b93b18391d 100644 --- a/tests/suites/test_suite_bignum.misc.data +++ b/tests/suites/test_suite_bignum.misc.data @@ -1902,6 +1902,39 @@ mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA MPI random bad arguments: min > N = 1, 0 limb in upper bound mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_mpi_get_montgomery_constant_unsafe_neg +mpi_get_montgomery_constant_unsafe_neg: + +mbedtls_mpi_get_montgomery_constant_unsafe #1 +mpi_get_montgomery_constant_unsafe:"f":"1":"1" + +mbedtls_mpi_get_montgomery_constant_unsafe #2 +mpi_get_montgomery_constant_unsafe:"fd":"ec":"24" + +mbedtls_mpi_get_montgomery_constant_unsafe #3 +mpi_get_montgomery_constant_unsafe:"eeff99aa37":"a23bd6a686":"a23bd6a686" + +mbedtls_mpi_get_montgomery_constant_unsafe #4 +mpi_get_montgomery_constant_unsafe:"eeff99aa11":"3308cb71":"3308cb71" + +mbedtls_mpi_get_montgomery_constant_unsafe #5 +mpi_get_montgomery_constant_unsafe:"800000000005":"6400000000":"6400000000" + +mbedtls_mpi_get_montgomery_constant_unsafe #6 +mpi_get_montgomery_constant_unsafe:"7fffffffffffffff":"4":"4" + +mbedtls_mpi_get_montgomery_constant_unsafe #7 +mpi_get_montgomery_constant_unsafe:"80fe000a10000001":"5dbc6e833bad575a":"5dbc6e833bad575a" + +mbedtls_mpi_get_montgomery_constant_unsafe #8 +mpi_get_montgomery_constant_unsafe:"25a55a46e5da99c71c7":"11637ce1347edeaf669":"1e455bf7451c05bc711" + +mbedtls_mpi_get_montgomery_constant_unsafe #9 +mpi_get_montgomery_constant_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1" + +mbedtls_mpi_get_montgomery_constant_unsafe #10 +mpi_get_montgomery_constant_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa6af813c808dbf33dbfa11dabd6e6144bef37c6800000000000000000000000000000000051":"78a9f16233856e722242e964006ed8666bfe8e55ea736ea86ce7aa71511e36d9ea1509ad5d821f7777e4a2d885924d15cc11e2ccd85eba69ab04989":"5c9d20a5636b6d7abdec003c1ad87e7c88ebf7238a5d85800d3bc214512cd6269558728307ae94eb389e2ccd85eba69ab0493e8277211ce1be22db" + MPI Selftest depends_on:MBEDTLS_SELF_TEST mpi_selftest: