xref: /openbsd-src/regress/lib/libcrypto/bn/bn_mont.c (revision 20c8b67d55fe20bcc6261575f5d2ae6ebef4a344) 
1*20c8b67dStb /*	$OpenBSD: bn_mont.c,v 1.2 2022/12/06 18:23:29 tb Exp $	*/
2b8d22d11Stb 
3b8d22d11Stb /*
4b8d22d11Stb  * Copyright (c) 2014 Miodrag Vallat.
5b8d22d11Stb  *
6b8d22d11Stb  * Permission to use, copy, modify, and distribute this software for any
7b8d22d11Stb  * purpose with or without fee is hereby granted, provided that the above
8b8d22d11Stb  * copyright notice and this permission notice appear in all copies.
9b8d22d11Stb  *
10b8d22d11Stb  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11b8d22d11Stb  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12b8d22d11Stb  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13b8d22d11Stb  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14b8d22d11Stb  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15b8d22d11Stb  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16b8d22d11Stb  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17b8d22d11Stb  */
18b8d22d11Stb 
19*20c8b67dStb #include <err.h>
20b8d22d11Stb #include <stdio.h>
21b8d22d11Stb #include <stdlib.h>
22b8d22d11Stb 
23b8d22d11Stb #include <openssl/bn.h>
24b8d22d11Stb #include <openssl/crypto.h>
25b8d22d11Stb #include <openssl/dh.h>
26b8d22d11Stb #include <openssl/err.h>
27b8d22d11Stb 
28b8d22d11Stb /*
29b8d22d11Stb  * Test for proper bn_mul_mont behaviour when operands are of vastly different
30b8d22d11Stb  * sizes.
31b8d22d11Stb  */
32b8d22d11Stb 
33b8d22d11Stb int
main(int argc,char * argv[])34b8d22d11Stb main(int argc, char *argv[])
35b8d22d11Stb {
36b8d22d11Stb 	DH *dh = NULL;
37b8d22d11Stb 	BIGNUM *priv_key = NULL;
38b8d22d11Stb 	unsigned char *key = NULL;
39b8d22d11Stb 	unsigned char r[32 + 16 * 8];
40b8d22d11Stb 	size_t privsz;
41b8d22d11Stb 
42b8d22d11Stb 	arc4random_buf(r, sizeof(r));
43b8d22d11Stb 
44b8d22d11Stb 	for (privsz = 32; privsz <= sizeof(r); privsz += 8) {
45b8d22d11Stb 		dh = DH_new();
46b8d22d11Stb 		if (dh == NULL)
47b8d22d11Stb 			goto err;
48b8d22d11Stb 		if (DH_generate_parameters_ex(dh, 32, DH_GENERATOR_2,
49b8d22d11Stb 		    NULL) == 0)
50b8d22d11Stb 			goto err;
51b8d22d11Stb 
52b8d22d11Stb 		/* force private key to be much larger than public one */
53b8d22d11Stb 		priv_key = BN_bin2bn(r, privsz, NULL);
54b8d22d11Stb 		if (priv_key == NULL)
55b8d22d11Stb 			goto err;
56b8d22d11Stb 
57b8d22d11Stb 		if (!DH_set0_key(dh, NULL, priv_key))
58b8d22d11Stb 			goto err;
59b8d22d11Stb 		priv_key = NULL;
60b8d22d11Stb 
61b8d22d11Stb 		if (DH_generate_key(dh) == 0)
62b8d22d11Stb 			goto err;
63b8d22d11Stb 		key = malloc(DH_size(dh));
64b8d22d11Stb 		if (key == NULL)
65b8d22d11Stb 			err(1, "malloc");
66b8d22d11Stb 		if (DH_compute_key(key, DH_get0_pub_key(dh), dh) == -1)
67b8d22d11Stb 			goto err;
68b8d22d11Stb 
69b8d22d11Stb 		free(key);
70b8d22d11Stb 		key = NULL;
71b8d22d11Stb 		DH_free(dh);
72b8d22d11Stb 		dh = NULL;
73b8d22d11Stb 	}
74b8d22d11Stb 
75b8d22d11Stb 	return 0;
76b8d22d11Stb 
77b8d22d11Stb  err:
78b8d22d11Stb 	ERR_print_errors_fp(stderr);
79b8d22d11Stb 	free(key);
80b8d22d11Stb 	BN_free(priv_key);
81b8d22d11Stb 	DH_free(dh);
82b8d22d11Stb 	return 1;
83b8d22d11Stb }
84