From 98486a93109a9e01183f11fb6f8090941e422068 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Ulf=20M=C3=B6ller?= <ulf@openssl.org>
Date: Tue, 27 Feb 2001 23:00:42 +0000
Subject: [PATCH] improved bignum test as in 0.9.7. We need this to find out if
 the bignum failures on Irix and Alpha are caused by new 0.9.7 code or just
 aren't triggered in the 0.9.6 test suite.

---
 CHANGES             |  3 +++
 crypto/bn/bn.h      |  2 ++
 crypto/bn/bn_rand.c | 28 ++++++++++++++++++++
 crypto/bn/bntest.c  | 62 ++++++++++++++++++++++-----------------------
 4 files changed, 63 insertions(+), 32 deletions(-)

diff --git a/CHANGES b/CHANGES
index 215bda7a15..7707467d34 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 0.9.6 and 0.9.6a  [xx XXX 2001]
 
+  *) Use better test patterns in bntest.
+     [Ulf Möller]
+
   *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling
      the method-specific "init()" handler. Also clean up ex_data after
      calling the method-specific "finish()" handler. Previously, this was
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index ef1cfb0259..b232c2ceae 100644
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -468,6 +468,8 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
 # define bn_dump(a,b)
 #endif
 
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index 2e45770e8f..acd0619921 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -100,6 +100,27 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
 			goto err;
 		}
 
+#if 1
+	if (pseudorand == 2)
+		{
+		/* generate patterns that are more likely to trigger BN
+		   library bugs */
+		int i;
+		unsigned char c;
+
+		for (i = 0; i < bytes; i++)
+			{
+			RAND_pseudo_bytes(&c, 1);
+			if (c >= 128 && i > 0)
+				buf[i] = buf[i-1];
+			else if (c < 42)
+				buf[i] = 0;
+			else if (c < 84)
+				buf[i] = 255;
+			}
+		}
+#endif
+
 	if (top != -1)
 		{
 		if (top)
@@ -143,6 +164,13 @@ int     BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
 	return bnrand(1, rnd, bits, top, bottom);
 	}
 
+#if 1
+int     BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
+	{
+	return bnrand(2, rnd, bits, top, bottom);
+	}
+#endif
+
 /* random number r:  0 <= r < range */
 int	BN_rand_range(BIGNUM *r, BIGNUM *range)
 	{
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index c9801dc016..af0c2629e8 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -120,9 +120,7 @@ int main(int argc, char *argv[])
 
 	results = 0;
 
-	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
-	                                       * even check its return value
-	                                       * (which we should) */
+	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
 
 	argc--;
 	argv++;
@@ -251,10 +249,10 @@ int test_add(BIO *bp)
 	BN_init(&b);
 	BN_init(&c);
 
-	BN_rand(&a,512,0,0);
+	BN_bntest_rand(&a,512,0,0);
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(&b,450+i,0,0);
+		BN_bntest_rand(&b,450+i,0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		if (bp == NULL)
@@ -303,14 +301,14 @@ int test_sub(BIO *bp)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,512,0,0);
+			BN_bntest_rand(&a,512,0,0);
 			BN_copy(&b,&a);
 			if (BN_set_bit(&a,i)==0) return(0);
 			BN_add_word(&b,i);
 			}
 		else
 			{
-			BN_rand(&b,400+i-num1,0,0);
+			BN_bntest_rand(&b,400+i-num1,0,0);
 			a.neg=rand_neg();
 			b.neg=rand_neg();
 			}
@@ -360,13 +358,13 @@ int test_div(BIO *bp, BN_CTX *ctx)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,400,0,0);
+			BN_bntest_rand(&a,400,0,0);
 			BN_copy(&b,&a);
 			BN_lshift(&a,&a,i);
 			BN_add_word(&a,i);
 			}
 		else
-			BN_rand(&b,50+3*(i-num1),0,0);
+			BN_bntest_rand(&b,50+3*(i-num1),0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		if (bp == NULL)
@@ -430,13 +428,13 @@ int test_div_recp(BIO *bp, BN_CTX *ctx)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,400,0,0);
+			BN_bntest_rand(&a,400,0,0);
 			BN_copy(&b,&a);
 			BN_lshift(&a,&a,i);
 			BN_add_word(&a,i);
 			}
 		else
-			BN_rand(&b,50+3*(i-num1),0,0);
+			BN_bntest_rand(&b,50+3*(i-num1),0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		BN_RECP_CTX_set(&recp,&b,ctx);
@@ -507,11 +505,11 @@ int test_mul(BIO *bp)
 		{
 		if (i <= num1)
 			{
-			BN_rand(&a,100,0,0);
-			BN_rand(&b,100,0,0);
+			BN_bntest_rand(&a,100,0,0);
+			BN_bntest_rand(&b,100,0,0);
 			}
 		else
-			BN_rand(&b,i-num1,0,0);
+			BN_bntest_rand(&b,i-num1,0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		if (bp == NULL)
@@ -560,7 +558,7 @@ int test_sqr(BIO *bp, BN_CTX *ctx)
 
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(&a,40+i*10,0,0);
+		BN_bntest_rand(&a,40+i*10,0,0);
 		a.neg=rand_neg();
 		if (bp == NULL)
 			for (j=0; j<100; j++)
@@ -611,15 +609,15 @@ int test_mont(BIO *bp, BN_CTX *ctx)
 
 	mont=BN_MONT_CTX_new();
 
-	BN_rand(&a,100,0,0); /**/
-	BN_rand(&b,100,0,0); /**/
+	BN_bntest_rand(&a,100,0,0); /**/
+	BN_bntest_rand(&b,100,0,0); /**/
 	for (i=0; i<num2; i++)
 		{
 		int bits = (200*(i+1))/num2;
 
 		if (bits == 0)
 			continue;
-		BN_rand(&n,bits,0,1);
+		BN_bntest_rand(&n,bits,0,1);
 		BN_MONT_CTX_set(mont,&n,ctx);
 
 		BN_to_montgomery(&A,&a,mont,ctx);
@@ -681,10 +679,10 @@ int test_mod(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(a,1024,0,0); /**/
+	BN_bntest_rand(a,1024,0,0); /**/
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(b,450+i*10,0,0); /**/
+		BN_bntest_rand(b,450+i*10,0,0); /**/
 		a->neg=rand_neg();
 		b->neg=rand_neg();
 		if (bp == NULL)
@@ -730,11 +728,11 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(c,1024,0,0); /**/
+	BN_bntest_rand(c,1024,0,0); /**/
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(a,475+i*10,0,0); /**/
-		BN_rand(b,425+i*11,0,0); /**/
+		BN_bntest_rand(a,475+i*10,0,0); /**/
+		BN_bntest_rand(b,425+i*11,0,0); /**/
 		a->neg=rand_neg();
 		b->neg=rand_neg();
 	/*	if (bp == NULL)
@@ -792,11 +790,11 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(c,30,0,1); /* must be odd for montgomery */
+	BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
 	for (i=0; i<num2; i++)
 		{
-		BN_rand(a,20+i*5,0,0); /**/
-		BN_rand(b,2+i,0,0); /**/
+		BN_bntest_rand(a,20+i*5,0,0); /**/
+		BN_bntest_rand(b,2+i,0,0); /**/
 
 		if (!BN_mod_exp(d,a,b,c,ctx))
 			return(00);
@@ -846,8 +844,8 @@ int test_exp(BIO *bp, BN_CTX *ctx)
 
 	for (i=0; i<num2; i++)
 		{
-		BN_rand(a,20+i*5,0,0); /**/
-		BN_rand(b,2+i,0,0); /**/
+		BN_bntest_rand(a,20+i*5,0,0); /**/
+		BN_bntest_rand(b,2+i,0,0); /**/
 
 		if (!BN_exp(d,a,b,ctx))
 			return(00);
@@ -897,7 +895,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_)
 	else
 	    {
 	    a=BN_new();
-	    BN_rand(a,200,0,0); /**/
+	    BN_bntest_rand(a,200,0,0); /**/
 	    a->neg=rand_neg();
 	    }
 	for (i=0; i<num0; i++)
@@ -949,7 +947,7 @@ int test_lshift1(BIO *bp)
 	b=BN_new();
 	c=BN_new();
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{
@@ -993,7 +991,7 @@ int test_rshift(BIO *bp,BN_CTX *ctx)
 	e=BN_new();
 	BN_one(c);
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{
@@ -1036,7 +1034,7 @@ int test_rshift1(BIO *bp)
 	b=BN_new();
 	c=BN_new();
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{
-- 
2.25.1