From 3a744dc46d3b9afd265c4a3a1f444f01a08772c0 Mon Sep 17 00:00:00 2001 From: Daniel Mendler Date: Thu, 5 Dec 2019 00:33:53 +0100 Subject: [PATCH 1/6] s_mp_radix_size_overestimate: remove overflow check --- mp_grow.c | 1 + mp_init_size.c | 1 + s_mp_radix_size_overestimate.c | 7 +------ 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/mp_grow.c b/mp_grow.c index 0de667984..344a5a876 100644 --- a/mp_grow.c +++ b/mp_grow.c @@ -8,6 +8,7 @@ mp_err mp_grow(mp_int *a, int size) { /* if the alloc size is smaller alloc more ram */ if (a->alloc < size) { + /* TODO */ /* reallocate the array a->dp * * We store the return in a temporary variable diff --git a/mp_init_size.c b/mp_init_size.c index 9aa98b970..fb7a37d51 100644 --- a/mp_init_size.c +++ b/mp_init_size.c @@ -8,6 +8,7 @@ mp_err mp_init_size(mp_int *a, int size) { size = MP_MAX(MP_MIN_PREC, size); + /*TODO*/ /* alloc mem */ a->dp = (mp_digit *) MP_CALLOC((size_t)size, sizeof(mp_digit)); if (a->dp == NULL) { diff --git a/s_mp_radix_size_overestimate.c b/s_mp_radix_size_overestimate.c index 35dd1e6b0..4f0599732 100644 --- a/s_mp_radix_size_overestimate.c +++ b/s_mp_radix_size_overestimate.c @@ -52,12 +52,7 @@ mp_err s_mp_radix_size_overestimate(const mp_int *a, const int radix, size_t *si if (MP_HAS(S_MP_LOG_2EXPT) && MP_IS_2EXPT((mp_digit)radix)) { /* floor(log_{2^n}(a)) + 1 + EOS + sign */ - *size = (size_t)(s_mp_log_2expt(a, (mp_digit)radix)); - /* Would overflow with base 2 otherwise */ - if (*size > (INT_MAX - 4)) { - return MP_VAL; - } - *size += 3u; + *size = (size_t)(s_mp_log_2expt(a, (mp_digit)radix) + 3); return MP_OKAY; } From 08d281c46218ef6ff30a512470813c785403897b Mon Sep 17 00:00:00 2001 From: Daniel Mendler Date: Thu, 5 Dec 2019 00:48:25 +0100 Subject: [PATCH 2/6] introduce MP_MAX_DIGIT_COUNT to prevent overflow --- demo/shared.c | 2 +- demo/test.c | 7 +++++++ mp_grow.c | 13 +++++++++---- mp_init.c | 4 ++-- mp_init_size.c | 7 +++++-- mp_shrink.c | 2 +- tommath_private.h | 21 ++++++++++++++------- 7 files changed, 39 insertions(+), 17 deletions(-) diff --git a/demo/shared.c b/demo/shared.c index 85c26ed8e..536a1de22 100644 --- a/demo/shared.c +++ b/demo/shared.c @@ -45,5 +45,5 @@ void print_header(void) printf("Size of mp_digit: %u\n", (unsigned int)sizeof(mp_digit)); printf("Size of mp_word: %u\n", (unsigned int)sizeof(mp_word)); printf("MP_DIGIT_BIT: %d\n", MP_DIGIT_BIT); - printf("MP_PREC: %d\n", MP_PREC); + printf("MP_DEFAULT_DIGIT_COUNT: %d\n", MP_DEFAULT_DIGIT_COUNT); } diff --git a/demo/test.c b/demo/test.c index 731c3982e..5009a8dc5 100644 --- a/demo/test.c +++ b/demo/test.c @@ -2220,6 +2220,8 @@ static int test_s_mp_radix_size_overestimate(void) 284u, 283u, 281u, 280u, 279u, 278u, 277u, 276u, 275u, 273u, 272u }; + +#if 0 size_t big_results[65] = { 0u, 0u, 0u, 1354911329u, 1073741825u, 924870867u, 830760078u, 764949110u, 715827883u, 677455665u, @@ -2235,6 +2237,7 @@ static int test_s_mp_radix_size_overestimate(void) 371449582u, 369786879u, 368168034u, 366591092u, 365054217u, 363555684u, 362093873u, 360667257u, 359274399u, 357913942 }; +#endif /* *INDENT-ON* */ if ((err = mp_init(&a)) != MP_OKAY) goto LBL_ERR; @@ -2265,6 +2268,8 @@ static int test_s_mp_radix_size_overestimate(void) } a.sign = MP_ZPOS; } + +#if 0 if ((err = mp_2expt(&a, INT_MAX - 1)) != MP_OKAY) { goto LBL_ERR; } @@ -2292,6 +2297,8 @@ static int test_s_mp_radix_size_overestimate(void) } a.sign = MP_ZPOS; } +#endif + mp_clear(&a); return EXIT_SUCCESS; LBL_ERR: diff --git a/mp_grow.c b/mp_grow.c index 344a5a876..ff3b96d1e 100644 --- a/mp_grow.c +++ b/mp_grow.c @@ -8,16 +8,21 @@ mp_err mp_grow(mp_int *a, int size) { /* if the alloc size is smaller alloc more ram */ if (a->alloc < size) { - /* TODO */ + mp_digit *dp; + + if (size > MP_MAX_DIGIT_COUNT) { + return MP_MEM; + } + /* reallocate the array a->dp * * We store the return in a temporary variable * in case the operation failed we don't want * to overwrite the dp member of a. */ - mp_digit *dp = (mp_digit *) MP_REALLOC(a->dp, - (size_t)a->alloc * sizeof(mp_digit), - (size_t)size * sizeof(mp_digit)); + dp = (mp_digit *) MP_REALLOC(a->dp, + (size_t)a->alloc * sizeof(mp_digit), + (size_t)size * sizeof(mp_digit)); if (dp == NULL) { /* reallocation failed but "a" is still valid [can be freed] */ return MP_MEM; diff --git a/mp_init.c b/mp_init.c index 9b8228262..af1674481 100644 --- a/mp_init.c +++ b/mp_init.c @@ -7,7 +7,7 @@ mp_err mp_init(mp_int *a) { /* allocate memory required and clear it */ - a->dp = (mp_digit *) MP_CALLOC((size_t)MP_PREC, sizeof(mp_digit)); + a->dp = (mp_digit *) MP_CALLOC((size_t)MP_DEFAULT_DIGIT_COUNT, sizeof(mp_digit)); if (a->dp == NULL) { return MP_MEM; } @@ -15,7 +15,7 @@ mp_err mp_init(mp_int *a) /* set the used to zero, allocated digits to the default precision * and sign to positive */ a->used = 0; - a->alloc = MP_PREC; + a->alloc = MP_DEFAULT_DIGIT_COUNT; a->sign = MP_ZPOS; return MP_OKAY; diff --git a/mp_init_size.c b/mp_init_size.c index fb7a37d51..979a0b7d0 100644 --- a/mp_init_size.c +++ b/mp_init_size.c @@ -6,9 +6,12 @@ /* init an mp_init for a given size */ mp_err mp_init_size(mp_int *a, int size) { - size = MP_MAX(MP_MIN_PREC, size); + size = MP_MAX(MP_MIN_DIGIT_COUNT, size); + + if (size > MP_MAX_DIGIT_COUNT) { + return MP_MEM; + } - /*TODO*/ /* alloc mem */ a->dp = (mp_digit *) MP_CALLOC((size_t)size, sizeof(mp_digit)); if (a->dp == NULL) { diff --git a/mp_shrink.c b/mp_shrink.c index e5814cbdf..3d9b1626d 100644 --- a/mp_shrink.c +++ b/mp_shrink.c @@ -6,7 +6,7 @@ /* shrink a bignum */ mp_err mp_shrink(mp_int *a) { - int alloc = MP_MAX(MP_MIN_PREC, a->used); + int alloc = MP_MAX(MP_MIN_DIGIT_COUNT, a->used); if (a->alloc != alloc) { mp_digit *dp = (mp_digit *) MP_REALLOC(a->dp, (size_t)a->alloc * sizeof(mp_digit), diff --git a/tommath_private.h b/tommath_private.h index 24e778145..0096479ec 100644 --- a/tommath_private.h +++ b/tommath_private.h @@ -140,22 +140,29 @@ typedef uint64_t mp_word; MP_STATIC_ASSERT(correct_word_size, sizeof(mp_word) == (2u * sizeof(mp_digit))) -/* default precision */ -#ifndef MP_PREC +/* default number of digits */ +#ifndef MP_DEFAULT_DIGIT_COUNT # ifndef MP_LOW_MEM -# define MP_PREC 32 /* default digits of precision */ +# define MP_DEFAULT_DIGIT_COUNT 32 # else -# define MP_PREC 8 /* default digits of precision */ +# define MP_DEFAULT_DIGIT_COUNT 8 # endif #endif -/* Minimum number of available digits in mp_int, MP_PREC >= MP_MIN_PREC +/* Minimum number of available digits in mp_int, MP_DEFAULT_DIGIT_COUNT >= MP_MIN_DIGIT_COUNT * - Must be at least 3 for s_mp_div_school. * - Must be large enough such that the mp_set_u64 setter can * store uint64_t in the mp_int without growing */ -#define MP_MIN_PREC MP_MAX(3, (((int)MP_SIZEOF_BITS(uint64_t) + MP_DIGIT_BIT) - 1) / MP_DIGIT_BIT) -MP_STATIC_ASSERT(prec_geq_min_prec, MP_PREC >= MP_MIN_PREC) +#define MP_MIN_DIGIT_COUNT MP_MAX(3, (((int)MP_SIZEOF_BITS(uint64_t) + MP_DIGIT_BIT) - 1) / MP_DIGIT_BIT) +MP_STATIC_ASSERT(prec_geq_min_prec, MP_DEFAULT_DIGIT_COUNT >= MP_MIN_DIGIT_COUNT) + +/* Maximum number of digits. + * - Must be small enough such that mp_bit_count does not overflow. + * - Must be small enough such that mp_radix_size for base 2 does not overflow. + * mp_radix_size needs two additional bytes for zero termination and sign. + */ +#define MP_MAX_DIGIT_COUNT ((INT_MAX - 2) / MP_DIGIT_BIT) /* random number source */ extern MP_PRIVATE mp_err(*s_mp_rand_source)(void *out, size_t size); From c375b038191f49118be806649f17d0bc2a30c12e Mon Sep 17 00:00:00 2001 From: Daniel Mendler Date: Thu, 5 Dec 2019 11:09:39 +0100 Subject: [PATCH 3/6] test cleanup; add randomized radix_size test --- demo/test.c | 530 +++++++++++----------------------------------------- 1 file changed, 114 insertions(+), 416 deletions(-) diff --git a/demo/test.c b/demo/test.c index 5009a8dc5..998f14b35 100644 --- a/demo/test.c +++ b/demo/test.c @@ -334,10 +334,7 @@ static int test_mp_kronecker(void) mp_set_ul(&a, 0uL); mp_set_ul(&b, 1uL); DO(mp_kronecker(&a, &b, &i)); - if (i != 1) { - printf("Failed trivial mp_kronecker(0 | 1) %d != 1\n", i); - goto LBL_ERR; - } + EXPECT(i == 1); for (cnt = 0; cnt < (int)(sizeof(kronecker)/sizeof(kronecker[0])); ++cnt) { k = kronecker[cnt].n; mp_set_l(&a, k); @@ -345,10 +342,7 @@ static int test_mp_kronecker(void) for (m = -10; m <= 10; m++) { mp_set_l(&b, m); DO(mp_kronecker(&a, &b, &i)); - if (i != kronecker[cnt].c[m + 10]) { - printf("Failed trivial mp_kronecker(%ld | %ld) %d != %d\n", kronecker[cnt].n, m, i, kronecker[cnt].c[m + 10]); - goto LBL_ERR; - } + EXPECT(i == kronecker[cnt].c[m + 10]); } } @@ -374,10 +368,7 @@ static int test_mp_complement(void) l = ~l; mp_set_l(&c, l); - if (mp_cmp(&b, &c) != MP_EQ) { - printf("\nmp_complement() bad result!"); - goto LBL_ERR; - } + EXPECT(mp_cmp(&b, &c) == MP_EQ); } mp_clear_multi(&a, &b, &c, NULL); @@ -406,10 +397,7 @@ static int test_mp_signed_rsh(void) mp_set_l(&d, l >> em); DO(mp_signed_rsh(&a, em, &b)); - if (mp_cmp(&b, &d) != MP_EQ) { - printf("\nmp_signed_rsh() bad result!"); - goto LBL_ERR; - } + EXPECT(mp_cmp(&b, &d) == MP_EQ); } mp_clear_multi(&a, &b, &d, NULL); @@ -439,10 +427,7 @@ static int test_mp_xor(void) mp_set_l(&d, l ^ em); DO(mp_xor(&a, &b, &c)); - if (mp_cmp(&c, &d) != MP_EQ) { - printf("\nmp_xor() bad result!"); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c, &d) == MP_EQ); } mp_clear_multi(&a, &b, &c, &d, NULL); @@ -472,10 +457,7 @@ static int test_mp_or(void) mp_set_l(&d, l | em); DO(mp_or(&a, &b, &c)); - if (mp_cmp(&c, &d) != MP_EQ) { - printf("\nmp_or() bad result!"); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c, &d) == MP_EQ); } mp_clear_multi(&a, &b, &c, &d, NULL); @@ -504,10 +486,7 @@ static int test_mp_and(void) mp_set_l(&d, l & em); DO(mp_and(&a, &b, &c)); - if (mp_cmp(&c, &d) != MP_EQ) { - printf("\nmp_and() bad result!"); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c, &d) == MP_EQ); } mp_clear_multi(&a, &b, &c, &d, NULL); @@ -528,28 +507,11 @@ static int test_mp_invmod(void) const char *b_ = "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF"; const char *should_ = "0521A82E10376F8E4FDEF9A32A427AC2A0FFF686E00290D39E3E4B5522409596"; - if (mp_read_radix(&a, a_, 16) != MP_OKAY) { - printf("\nmp_read_radix(a) failed!"); - goto LBL_ERR; - } - if (mp_read_radix(&b, b_, 16) != MP_OKAY) { - printf("\nmp_read_radix(b) failed!"); - goto LBL_ERR; - } - if (mp_read_radix(&c, should_, 16) != MP_OKAY) { - printf("\nmp_read_radix(should) failed!"); - goto LBL_ERR; - } - - if (mp_invmod(&a, &b, &d) != MP_OKAY) { - printf("\nmp_invmod() failed!"); - goto LBL_ERR; - } - - if (mp_cmp(&c, &d) != MP_EQ) { - printf("\nmp_invmod() bad result!"); - goto LBL_ERR; - } + DO(mp_read_radix(&a, a_, 16)); + DO(mp_read_radix(&b, b_, 16)); + DO(mp_read_radix(&c, should_, 16)); + DO(mp_invmod(&a, &b, &d)); + EXPECT(mp_cmp(&c, &d) == MP_EQ); } mp_clear_multi(&a, &b, &c, &d, NULL); @@ -569,42 +531,18 @@ static int test_mp_set_double(void) DOR(mp_init_multi(&a, &b, NULL)); /* test mp_get_double/mp_set_double */ - if (mp_set_double(&a, +1.0/0.0) != MP_VAL) { - printf("\nmp_set_double should return MP_VAL for +inf"); - goto LBL_ERR; - } - if (mp_set_double(&a, -1.0/0.0) != MP_VAL) { - printf("\nmp_set_double should return MP_VAL for -inf"); - goto LBL_ERR; - } - if (mp_set_double(&a, +0.0/0.0) != MP_VAL) { - printf("\nmp_set_double should return MP_VAL for NaN"); - goto LBL_ERR; - } - if (mp_set_double(&a, -0.0/0.0) != MP_VAL) { - printf("\nmp_set_double should return MP_VAL for NaN"); - goto LBL_ERR; - } + EXPECT(mp_set_double(&a, +1.0/0.0) == MP_VAL); + EXPECT(mp_set_double(&a, -1.0/0.0) == MP_VAL); + EXPECT(mp_set_double(&a, +0.0/0.0) == MP_VAL); + EXPECT(mp_set_double(&a, -0.0/0.0) == MP_VAL); for (i = 0; i < 1000; ++i) { int tmp = rand_int(); double dbl = (double)tmp * rand_int() + 1; - if (mp_set_double(&a, dbl) != MP_OKAY) { - printf("\nmp_set_double() failed"); - goto LBL_ERR; - } - if (dbl != mp_get_double(&a)) { - printf("\nmp_get_double() bad result!"); - goto LBL_ERR; - } - if (mp_set_double(&a, -dbl) != MP_OKAY) { - printf("\nmp_set_double() failed"); - goto LBL_ERR; - } - if (-dbl != mp_get_double(&a)) { - printf("\nmp_get_double() bad result!"); - goto LBL_ERR; - } + DO(mp_set_double(&a, dbl)); + EXPECT(dbl == mp_get_double(&a)); + DO(mp_set_double(&a, -dbl)); + EXPECT(-dbl == mp_get_double(&a)); } mp_clear_multi(&a, &b, NULL); @@ -627,21 +565,12 @@ static int test_mp_get_u32(void) for (i = 0; i < 1000; ++i) { t = (uint32_t)rand_long(); mp_set_ul(&a, t); - if (t != mp_get_u32(&a)) { - printf("\nmp_get_u32() bad result!"); - goto LBL_ERR; - } + EXPECT(t == mp_get_u32(&a)); } mp_set_ul(&a, 0uL); - if (mp_get_u32(&a) != 0) { - printf("\nmp_get_u32() bad result!"); - goto LBL_ERR; - } + EXPECT(mp_get_u32(&a) == 0); mp_set_ul(&a, UINT32_MAX); - if (mp_get_u32(&a) != UINT32_MAX) { - printf("\nmp_get_u32() bad result!"); - goto LBL_ERR; - } + EXPECT(mp_get_u32(&a) == UINT32_MAX); mp_clear_multi(&a, &b, NULL); return EXIT_SUCCESS; @@ -666,10 +595,7 @@ static int test_mp_get_ul(void) do { mp_set_ul(&a, t); s = mp_get_ul(&a); - if (s != t) { - printf("\nmp_get_ul() bad result! 0x%lx != 0x%lx", s, t); - goto LBL_ERR; - } + EXPECT(s == t); t <<= 1; } while (t != 0uL); } @@ -697,10 +623,7 @@ static int test_mp_get_u64(void) do { mp_set_u64(&a, r); q = mp_get_u64(&a); - if (q != r) { - printf("\nmp_get_u64() bad result! 0x%" PRIx64 " != 0x%" PRIx64, q, r); - goto LBL_ERR; - } + EXPECT(q == r); r <<= 1; } while (r != 0u); } @@ -725,15 +648,9 @@ static int test_mp_sqrt(void) fflush(stdout); n = (rand_int() & 15) + 1; DO(mp_rand(&a, n)); - if (mp_sqrt(&a, &b) != MP_OKAY) { - printf("\nmp_sqrt() error!"); - goto LBL_ERR; - } + DO(mp_sqrt(&a, &b)); DO(mp_root_n(&a, 2, &c)); - if (mp_cmp_mag(&b, &c) != MP_EQ) { - printf("mp_sqrt() bad result!\n"); - goto LBL_ERR; - } + EXPECT(mp_cmp_mag(&b, &c) == MP_EQ); } mp_clear_multi(&a, &b, &c, NULL); @@ -760,26 +677,13 @@ static int test_mp_is_square(void) n = (rand_int() & 7) + 1; DO(mp_rand(&a, n)); DO(mp_sqr(&a, &a)); - if (mp_is_square(&a, &res) != MP_OKAY) { - printf("\nfn:mp_is_square() error!"); - goto LBL_ERR; - } - if (!res) { - printf("\nfn:mp_is_square() bad result!"); - goto LBL_ERR; - } + DO(mp_is_square(&a, &res)); + EXPECT(res); /* test for false positives */ DO(mp_add_d(&a, 1u, &a)); - if (mp_is_square(&a, &res) != MP_OKAY) { - printf("\nfp:mp_is_square() error!"); - goto LBL_ERR; - } - if (res) { - printf("\nfp:mp_is_square() bad result!"); - goto LBL_ERR; - } - + DO(mp_is_square(&a, &res)); + EXPECT(!res); } mp_clear_multi(&a, &b, NULL); @@ -811,15 +715,8 @@ static int test_mp_sqrtmod_prime(void) for (i = 0; i < (int)(sizeof(sqrtmod_prime)/sizeof(sqrtmod_prime[0])); ++i) { mp_set_ul(&a, sqrtmod_prime[i].p); mp_set_ul(&b, sqrtmod_prime[i].n); - if (mp_sqrtmod_prime(&b, &a, &c) != MP_OKAY) { - printf("Failed executing %d. mp_sqrtmod_prime\n", (i+1)); - goto LBL_ERR; - } - if (mp_cmp_d(&c, sqrtmod_prime[i].r) != MP_EQ) { - printf("Failed %d. trivial mp_sqrtmod_prime\n", (i+1)); - ndraw(&c, "r"); - goto LBL_ERR; - } + DO(mp_sqrtmod_prime(&b, &a, &c)); + EXPECT(mp_cmp_d(&c, sqrtmod_prime[i].r) == MP_EQ); } mp_clear_multi(&a, &b, &c, NULL); @@ -832,23 +729,15 @@ static int test_mp_sqrtmod_prime(void) static int test_mp_prime_rand(void) { int ix; - mp_err e; mp_int a, b; DOR(mp_init_multi(&a, &b, NULL)); /* test for size */ for (ix = 10; ix < 128; ix++) { - printf("Testing (not safe-prime): %9d bits \r", ix); + printf("Testing (not safe-prime): %9d bits \n", ix); fflush(stdout); - e = mp_prime_rand(&a, 8, ix, (rand_int() & 1) ? 0 : MP_PRIME_2MSB_ON); - if (e != MP_OKAY) { - printf("\nfailed with error: %s\n", mp_error_to_string(e)); - goto LBL_ERR; - } - if (mp_count_bits(&a) != ix) { - printf("Prime is %d not %d bits!!!\n", mp_count_bits(&a), ix); - goto LBL_ERR; - } + DO(mp_prime_rand(&a, 8, ix, (rand_int() & 1) ? 0 : MP_PRIME_2MSB_ON)); + EXPECT(mp_count_bits(&a) == ix); } mp_clear_multi(&a, &b, NULL); @@ -902,31 +791,16 @@ static int test_mp_prime_is_prime(void) for (ix = 16; ix < 128; ix++) { printf("\rTesting ( safe-prime): %9d bits ", ix); fflush(stdout); - e = mp_prime_rand(&a, 8, ix, ((rand_int() & 1) ? 0 : MP_PRIME_2MSB_ON) | MP_PRIME_SAFE); - if (e != MP_OKAY) { - printf("\nfailed with error: %s\n", mp_error_to_string(e)); - goto LBL_ERR; - } - if (mp_count_bits(&a) != ix) { - printf("Prime is %d not %d bits!!!\n", mp_count_bits(&a), ix); - goto LBL_ERR; - } + DO(mp_prime_rand(&a, 8, ix, ((rand_int() & 1) ? 0 : MP_PRIME_2MSB_ON) | MP_PRIME_SAFE)); + EXPECT(mp_count_bits(&a) == ix); /* let's see if it's really a safe prime */ DO(mp_sub_d(&a, 1u, &b)); DO(mp_div_2(&b, &b)); - e = mp_prime_is_prime(&b, mp_prime_rabin_miller_trials(mp_count_bits(&b)), &cnt); - /* small problem */ - if (e != MP_OKAY) { - printf("\nfailed with error: %s\n", mp_error_to_string(e)); - } + DO(mp_prime_is_prime(&b, mp_prime_rabin_miller_trials(mp_count_bits(&b)), &cnt)); /* large problem */ - if (!cnt) { - printf("\nsub is not prime!\n"); - } + EXPECT(cnt); DO(mp_prime_frobenius_underwood(&b, &fu)); - if (!fu) { - printf("\nfrobenius-underwood says sub is not prime!\n"); - } + EXPECT(fu); if ((e != MP_OKAY) || !cnt) { printf("prime tested was: 0x"); DO(mp_fwrite(&a,16,stdout)); @@ -942,15 +816,9 @@ static int test_mp_prime_is_prime(void) DO(mp_read_radix(&a, "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF", 16)); - e = mp_prime_strong_lucas_selfridge(&a, &cnt); - /* small problem */ - if (e != MP_OKAY) { - printf("\nmp_prime_strong_lucas_selfridge failed with error: %s\n", mp_error_to_string(e)); - } + DO(mp_prime_strong_lucas_selfridge(&a, &cnt)); /* large problem */ - if (!cnt) { - printf("\n\nissue #143 - mp_prime_strong_lucas_selfridge FAILED!\n"); - } + EXPECT(cnt); if ((e != MP_OKAY) || !cnt) { printf("prime tested was: 0x"); DO(mp_fwrite(&a,16,stdout)); @@ -1185,10 +1053,7 @@ static int test_mp_cnt_lsb(void) mp_set(&a, 1u); for (ix = 0; ix < 1024; ix++) { - if (mp_cnt_lsb(&a) != ix) { - printf("Failed at %d, %d\n", ix, mp_cnt_lsb(&a)); - goto LBL_ERR; - } + EXPECT(mp_cnt_lsb(&a) == ix); DO(mp_mul_2(&a, &a)); } @@ -1227,10 +1092,7 @@ static int test_mp_reduce_2k(void) DO(mp_copy(&c, &b)); DO(mp_mod(&c, &a, &c)); DO(mp_reduce_2k(&b, &a, 2u)); - if (mp_cmp(&c, &b) != MP_EQ) { - printf("FAILED\n"); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c, &b) == MP_EQ); } } @@ -1261,10 +1123,7 @@ static int test_s_mp_div_3(void) DO(mp_div(&a, &d, &b, &e)); DO(s_mp_div_3(&a, &c, &r2)); - if (mp_cmp(&b, &c) || mp_cmp_d(&e, r2)) { - printf("\ns_mp_div_3 => Failure\n"); - goto LBL_ERR; - } + EXPECT(!mp_cmp(&b, &c) && !mp_cmp_d(&e, r2)); } printf("... passed!"); @@ -1313,10 +1172,7 @@ static int test_mp_dr_reduce(void) mp_dr_setup(&a, &mp); DO(mp_dr_reduce(&c, &a, mp)); - if (mp_cmp(&b, &c) != MP_EQ) { - printf("Failed on trial %u\n", rr); - goto LBL_ERR; - } + EXPECT(mp_cmp(&b, &c) == MP_EQ); } while (++rr < 500); printf(" passed"); fflush(stdout); @@ -1356,10 +1212,7 @@ static int test_mp_reduce_2k_l(void) DO(mp_to_radix(&a, buf, sizeof(buf), &length, 10)); printf("\n\np==%s, length = %zu\n", buf, length); /* now mp_reduce_is_2k_l() should return */ - if (mp_reduce_is_2k_l(&a) != 1) { - printf("mp_reduce_is_2k_l() return 0, should be 1\n"); - goto LBL_ERR; - } + EXPECT(mp_reduce_is_2k_l(&a) == 1); DO(mp_reduce_2k_setup_l(&a, &d)); /* now do a million square+1 to see if it varies */ DO(mp_rand(&b, 64)); @@ -1395,7 +1248,6 @@ static int test_mp_reduce_2k_l(void) } /* stripped down version of mp_radix_size. The faster version can be off by up t o +3 */ -/* TODO: This function should be removed, replaced by mp_radix_size, mp_radix_size_overestimate in 2.0 */ static mp_err s_rs(const mp_int *a, int radix, int *size) { mp_err res; @@ -1440,13 +1292,9 @@ static int test_mp_log_n(void) */ mp_set(&a, 42u); base = 0u; - if (mp_log_n(&a, base, &lb) != MP_VAL) { - goto LBL_ERR; - } + EXPECT(mp_log_n(&a, base, &lb) == MP_VAL); base = 1u; - if (mp_log_n(&a, base, &lb) != MP_VAL) { - goto LBL_ERR; - } + EXPECT(mp_log_n(&a, base, &lb) == MP_VAL); /* base a result 2 0 MP_VAL @@ -1456,16 +1304,12 @@ static int test_mp_log_n(void) */ base = 2u; mp_zero(&a); - if (mp_log_n(&a, base, &lb) != MP_VAL) { - goto LBL_ERR; - } + EXPECT(mp_log_n(&a, base, &lb) == MP_VAL); for (d = 1; d < 4; d++) { mp_set(&a, d); DO(mp_log_n(&a, base, &lb)); - if (lb != ((d == 1)?0:1)) { - goto LBL_ERR; - } + EXPECT(lb == ((d == 1)?0:1)); } /* base a result @@ -1476,15 +1320,11 @@ static int test_mp_log_n(void) */ base = 3u; mp_zero(&a); - if (mp_log_n(&a, base, &lb) != MP_VAL) { - goto LBL_ERR; - } + EXPECT(mp_log_n(&a, base, &lb) == MP_VAL); for (d = 1; d < 4; d++) { mp_set(&a, d); DO(mp_log_n(&a, base, &lb)); - if (lb != (((int)d < base)?0:1)) { - goto LBL_ERR; - } + EXPECT(lb == (((int)d < base)?0:1)); } /* @@ -1498,9 +1338,7 @@ static int test_mp_log_n(void) DO(s_rs(&a,(int)base, &size)); /* radix_size includes the memory needed for '\0', too*/ size -= 2; - if (lb != size) { - goto LBL_ERR; - } + EXPECT(lb == size); } /* @@ -1512,9 +1350,7 @@ static int test_mp_log_n(void) DO(mp_log_n(&a, base, &lb)); DO(s_rs(&a,(int)base, &size)); size -= 2; - if (lb != size) { - goto LBL_ERR; - } + EXPECT(lb == size); } /*Test upper edgecase with base UINT32_MAX and number (UINT32_MAX/2)*UINT32_MAX^10 */ @@ -1522,9 +1358,7 @@ static int test_mp_log_n(void) DO(mp_expt_n(&a, 10uL, &a)); DO(mp_add_d(&a, max_base / 2, &a)); DO(mp_log_n(&a, max_base, &lb)); - if (lb != 10u) { - goto LBL_ERR; - } + EXPECT(lb == 10u); mp_clear(&a); return EXIT_SUCCESS; @@ -1542,39 +1376,30 @@ static int test_mp_incr(void) /* Does it increment inside the limits of a MP_xBIT limb? */ mp_set(&a, MP_MASK/2); DO(mp_incr(&a)); - if (mp_cmp_d(&a, (MP_MASK/2u) + 1u) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp_d(&a, (MP_MASK/2u) + 1u) == MP_EQ); /* Does it increment outside of the limits of a MP_xBIT limb? */ mp_set(&a, MP_MASK); mp_set(&b, MP_MASK); DO(mp_incr(&a)); DO(mp_add_d(&b, 1u, &b)); - if (mp_cmp(&a, &b) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp(&a, &b) == MP_EQ); /* Does it increment from -1 to 0? */ mp_set(&a, 1u); a.sign = MP_NEG; DO(mp_incr(&a)); - if (mp_cmp_d(&a, 0u) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp_d(&a, 0u) == MP_EQ); /* Does it increment from -(MP_MASK + 1) to -MP_MASK? */ mp_set(&a, MP_MASK); DO(mp_add_d(&a, 1u, &a)); a.sign = MP_NEG; DO(mp_incr(&a)); - if (a.sign != MP_NEG) { - goto LBL_ERR; - } + EXPECT(a.sign == MP_NEG); + a.sign = MP_ZPOS; - if (mp_cmp_d(&a, MP_MASK) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp_d(&a, MP_MASK) == MP_EQ); mp_clear_multi(&a, &b, NULL); return EXIT_SUCCESS; @@ -1592,26 +1417,20 @@ static int test_mp_decr(void) /* Does it decrement inside the limits of a MP_xBIT limb? */ mp_set(&a, MP_MASK/2); DO(mp_decr(&a)); - if (mp_cmp_d(&a, (MP_MASK/2u) - 1u) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp_d(&a, (MP_MASK/2u) - 1u) == MP_EQ); /* Does it decrement outside of the limits of a MP_xBIT limb? */ mp_set(&a, MP_MASK); DO(mp_add_d(&a, 1u, &a)); DO(mp_decr(&a)); - if (mp_cmp_d(&a, MP_MASK) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp_d(&a, MP_MASK) == MP_EQ); /* Does it decrement from 0 to -1? */ mp_zero(&a); DO(mp_decr(&a)); if (a.sign == MP_NEG) { a.sign = MP_ZPOS; - if (mp_cmp_d(&a, 1u) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp_d(&a, 1u) == MP_EQ); } else { goto LBL_ERR; } @@ -1624,9 +1443,7 @@ static int test_mp_decr(void) b.sign = MP_NEG; DO(mp_sub_d(&b, 1u, &b)); DO(mp_decr(&a)); - if (mp_cmp(&a, &b) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp(&a, &b) == MP_EQ); mp_clear_multi(&a, &b, NULL); return EXIT_SUCCESS; @@ -1852,10 +1669,7 @@ static int test_mp_root_n(void) for (j = 3; j < 100; j++) { DO(mp_root_n(&a, j, &c)); DO(mp_read_radix(&r, root[i][j-3], 10)); - if (mp_cmp(&r, &c) != MP_EQ) { - fprintf(stderr, "mp_root_n failed at input #%d, root #%d\n", i, j); - goto LBL_ERR; - } + EXPECT(mp_cmp(&r, &c) == MP_EQ); } } mp_clear_multi(&a, &c, &r, NULL); @@ -1884,9 +1698,7 @@ static int test_s_mp_mul_balance(void) DO(mp_read_radix(&b, nc, 64)); - if (mp_cmp(&b, &c) != MP_EQ) { - goto LBL_ERR; - } + EXPECT(mp_cmp(&b, &c) == MP_EQ); mp_clear_multi(&a, &b, &c, NULL); return EXIT_SUCCESS; @@ -1907,10 +1719,7 @@ static int test_s_mp_mul_karatsuba(void) DO(mp_rand(&b, size)); DO(s_mp_mul_karatsuba(&a, &b, &c)); DO(s_mp_mul_full(&a,&b,&d)); - if (mp_cmp(&c, &d) != MP_EQ) { - fprintf(stderr, "Karatsuba multiplication failed at size %d\n", size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c, &d) == MP_EQ); } mp_clear_multi(&a, &b, &c, &d, NULL); @@ -1930,10 +1739,7 @@ static int test_s_mp_sqr_karatsuba(void) DO(mp_rand(&a, size)); DO(s_mp_sqr_karatsuba(&a, &b)); DO(s_mp_sqr(&a, &c)); - if (mp_cmp(&b, &c) != MP_EQ) { - fprintf(stderr, "Karatsuba squaring failed at size %d\n", size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&b, &c) == MP_EQ); } mp_clear_multi(&a, &b, &c, NULL); @@ -1969,10 +1775,7 @@ static int test_s_mp_mul_toom(void) DO(mp_mul(&a, &b, &c)); MP_MUL_TOOM_CUTOFF = tc_cutoff; DO(mp_mul(&a, &b, &d)); - if (mp_cmp(&c, &d) != MP_EQ) { - fprintf(stderr, "Toom-Cook 3-way multiplication failed for edgecase f1 * f2\n"); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c, &d) == MP_EQ); #endif for (size = MP_MUL_TOOM_CUTOFF; size < (MP_MUL_TOOM_CUTOFF + 20); size++) { @@ -1980,10 +1783,7 @@ static int test_s_mp_mul_toom(void) DO(mp_rand(&b, size)); DO(s_mp_mul_toom(&a, &b, &c)); DO(s_mp_mul_full(&a,&b,&d)); - if (mp_cmp(&c, &d) != MP_EQ) { - fprintf(stderr, "Toom-Cook 3-way multiplication failed at size %d\n", size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c, &d) == MP_EQ); } mp_clear_multi(&a, &b, &c, &d, NULL); @@ -2003,10 +1803,7 @@ static int test_s_mp_sqr_toom(void) DO(mp_rand(&a, size)); DO(s_mp_sqr_toom(&a, &b)); DO(s_mp_sqr(&a, &c)); - if (mp_cmp(&b, &c) != MP_EQ) { - fprintf(stderr, "Toom-Cook 3-way squaring failed at size %d\n", size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&b, &c) == MP_EQ); } mp_clear_multi(&a, &b, &c, NULL); @@ -2043,18 +1840,10 @@ static int test_mp_radix_size(void) for (radix = 2; radix < 65; radix++) { DO(mp_radix_size(&a, radix, &size)); - if (size != results[radix]) { - fprintf(stderr, "mp_radix_size: result for base %d was %zu instead of %zu\n", - radix, size, results[radix]); - goto LBL_ERR; - } + EXPECT(size == results[radix]); a.sign = MP_NEG; DO(mp_radix_size(&a, radix, &size)); - if (size != (results[radix] + 1)) { - fprintf(stderr, "mp_radix_size: result for base %d was %zu instead of %zu\n", - radix, size, results[radix]); - goto LBL_ERR; - } + EXPECT(size == (results[radix] + 1)); a.sign = MP_ZPOS; } @@ -2082,16 +1871,8 @@ static int test_s_mp_div_recursive(void) DO(mp_rand(&b, size)); DO(s_mp_div_recursive(&a, &b, &c_q, &c_r)); DO(s_mp_div_school(&a, &b, &d_q, &d_r)); - if (mp_cmp(&c_q, &d_q) != MP_EQ) { - fprintf(stderr, "1a. Recursive division failed at sizes %d / %d, wrong quotient\n", - 10 * size, size); - goto LBL_ERR; - } - if (mp_cmp(&c_r, &d_r) != MP_EQ) { - fprintf(stderr, "1a. Recursive division failed at sizes %d / %d, wrong remainder\n", - 10 * size, size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c_q, &d_q) == MP_EQ); + EXPECT(mp_cmp(&c_r, &d_r) == MP_EQ); printf("\rsizes = %d / %d", 2 * size, size); /* Relation 10:1 negative numerator*/ @@ -2100,16 +1881,8 @@ static int test_s_mp_div_recursive(void) DO(mp_rand(&b, size)); DO(s_mp_div_recursive(&a, &b, &c_q, &c_r)); DO(s_mp_div_school(&a, &b, &d_q, &d_r)); - if (mp_cmp(&c_q, &d_q) != MP_EQ) { - fprintf(stderr, "1b. Recursive division failed at sizes %d / %d, wrong quotient\n", - 10 * size, size); - goto LBL_ERR; - } - if (mp_cmp(&c_r, &d_r) != MP_EQ) { - fprintf(stderr, "1b. Recursive division failed at sizes %d / %d, wrong remainder\n", - 10 * size, size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c_q, &d_q) == MP_EQ); + EXPECT(mp_cmp(&c_r, &d_r) == MP_EQ); printf("\rsizes = %d / %d, negative numerator", 2 * size, size); /* Relation 10:1 negative denominator*/ @@ -2118,16 +1891,8 @@ static int test_s_mp_div_recursive(void) DO(mp_neg(&b, &b)); DO(s_mp_div_recursive(&a, &b, &c_q, &c_r)); DO(s_mp_div_school(&a, &b, &d_q, &d_r)); - if (mp_cmp(&c_q, &d_q) != MP_EQ) { - fprintf(stderr, "1c. Recursive division failed at sizes %d / %d, wrong quotient\n", - 10 * size, size); - goto LBL_ERR; - } - if (mp_cmp(&c_r, &d_r) != MP_EQ) { - fprintf(stderr, "1c. Recursive division failed at sizes %d / %d, wrong remainder\n", - 10 * size, size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c_q, &d_q) == MP_EQ); + EXPECT(mp_cmp(&c_r, &d_r) == MP_EQ); printf("\rsizes = %d / %d, negative denominator", 2 * size, size); /* Relation 2:1 */ @@ -2135,32 +1900,16 @@ static int test_s_mp_div_recursive(void) DO(mp_rand(&b, size)); DO(s_mp_div_recursive(&a, &b, &c_q, &c_r)); DO(s_mp_div_school(&a, &b, &d_q, &d_r)); - if (mp_cmp(&c_q, &d_q) != MP_EQ) { - fprintf(stderr, "2. Recursive division failed at sizes %d / %d, wrong quotient\n", - 2 * size, size); - goto LBL_ERR; - } - if (mp_cmp(&c_r, &d_r) != MP_EQ) { - fprintf(stderr, "2. Recursive division failed at sizes %d / %d, wrong remainder\n", - 2 * size, size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c_q, &d_q) == MP_EQ); + EXPECT(mp_cmp(&c_r, &d_r) == MP_EQ); printf("\rsizes = %d / %d", 3 * size, 2 * size); /* Upper limit 3:2 */ DO(mp_rand(&a, 3 * size)); DO(mp_rand(&b, 2 * size)); DO(s_mp_div_recursive(&a, &b, &c_q, &c_r)); DO(s_mp_div_school(&a, &b, &d_q, &d_r)); - if (mp_cmp(&c_q, &d_q) != MP_EQ) { - fprintf(stderr, "3. Recursive division failed at sizes %d / %d, wrong quotient\n", - 3 * size, 2 * size); - goto LBL_ERR; - } - if (mp_cmp(&c_r, &d_r) != MP_EQ) { - fprintf(stderr, "3. Recursive division failed at sizes %d / %d, wrong remainder\n", - 3 * size, 2 * size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c_q, &d_q) == MP_EQ); + EXPECT(mp_cmp(&c_r, &d_r) == MP_EQ); } mp_clear_multi(&a, &b, &c_q, &c_r, &d_q, &d_r, NULL); @@ -2183,16 +1932,8 @@ static int test_s_mp_div_small(void) DO(mp_rand(&b, size)); DO(s_mp_div_small(&a, &b, &c_q, &c_r)); DO(s_mp_div_school(&a, &b, &d_q, &d_r)); - if (mp_cmp(&c_q, &d_q) != MP_EQ) { - fprintf(stderr, "1. Small division failed at sizes %d / %d, wrong quotient\n", - 2 * size, size); - goto LBL_ERR; - } - if (mp_cmp(&c_r, &d_r) != MP_EQ) { - fprintf(stderr, "1. Small division failed at sizes %d / %d, wrong remainder\n", - 2 * size, size); - goto LBL_ERR; - } + EXPECT(mp_cmp(&c_q, &d_q) == MP_EQ); + EXPECT(mp_cmp(&c_r, &d_r) == MP_EQ); } mp_clear_multi(&a, &b, &c_q, &c_r, &d_q, &d_r, NULL); return EXIT_SUCCESS; @@ -2205,10 +1946,9 @@ static int test_s_mp_div_small(void) static int test_s_mp_radix_size_overestimate(void) { - mp_err err; mp_int a; - int radix; - size_t size; + int radix, n; + size_t size, size2; /* *INDENT-OFF* */ size_t results[65] = { 0u, 0u, 1627u, 1027u, 814u, 702u, 630u, 581u, 543u, @@ -2220,84 +1960,42 @@ static int test_s_mp_radix_size_overestimate(void) 284u, 283u, 281u, 280u, 279u, 278u, 277u, 276u, 275u, 273u, 272u }; - -#if 0 - size_t big_results[65] = { - 0u, 0u, 0u, 1354911329u, 1073741825u, - 924870867u, 830760078u, 764949110u, 715827883u, 677455665u, - 646456994u, 620761988u, 599025415u, 580332018u, 564035582u, - 549665673u, 536870913u, 525383039u, 514993351u, 505536793u, - 496880930u, 488918137u, 481559946u, 474732892u, 468375401u, - 462435434u, 456868672u, 451637110u, 446707948u, 442052707u, - 437646532u, 433467613u, 429496730u, 425716865u, 422112892u, - 418671312u, 415380039u, 412228213u, 409206043u, 406304679u, - 403516096u, 400833001u, 398248746u, 395757256u, 393352972u, - 391030789u, 388786017u, 386614331u, 384511740u, 382474555u, - 380499357u, 378582973u, 376722456u, 374915062u, 373158233u, - 371449582u, 369786879u, 368168034u, 366591092u, 365054217u, - 363555684u, 362093873u, 360667257u, 359274399u, 357913942 - }; -#endif - /* *INDENT-ON* */ - if ((err = mp_init(&a)) != MP_OKAY) goto LBL_ERR; + + DO(mp_init(&a)); /* number to result in a different size for every base: 67^(4 * 67) */ mp_set(&a, 67); - if ((err = mp_expt_n(&a, 268, &a)) != MP_OKAY) { - goto LBL_ERR; - } + DO(mp_expt_n(&a, 268, &a)); for (radix = 2; radix < 65; radix++) { - if ((err = s_mp_radix_size_overestimate(&a, radix, &size)) != MP_OKAY) { - goto LBL_ERR; - } - if (size < results[radix]) { - fprintf(stderr, "s_mp_radix_size_overestimate: result for base %d was %zu instead of %zu\n", - radix, size, results[radix]); - goto LBL_ERR; - } + DO(s_mp_radix_size_overestimate(&a, radix, &size)); + EXPECT(size >= results[radix]); + EXPECT(size < results[radix] + 20); /* some error bound */ a.sign = MP_NEG; - if ((err = s_mp_radix_size_overestimate(&a, radix, &size)) != MP_OKAY) { - goto LBL_ERR; - } - if (size < results[radix]) { - fprintf(stderr, "s_mp_radix_size_overestimate: result for base %d was %zu instead of %zu\n", - radix, size, results[radix]); - goto LBL_ERR; - } + DO(s_mp_radix_size_overestimate(&a, radix, &size)); + EXPECT(size >= results[radix]); + EXPECT(size < results[radix] + 20); /* some error bound */ a.sign = MP_ZPOS; } -#if 0 - if ((err = mp_2expt(&a, INT_MAX - 1)) != MP_OKAY) { - goto LBL_ERR; - } - printf("bitcount = %d, alloc = %d\n", mp_count_bits(&a), a.alloc); - /* Start at 3 to avoid integer overflow */ - for (radix = 3; radix < 65; radix++) { - printf("radix = %d, ",radix); - if ((err = s_mp_radix_size_overestimate(&a, radix, &size)) != MP_OKAY) { - goto LBL_ERR; - } - printf("size = %zu, diff = %zu\n", size, size - big_results[radix]); - if (size < big_results[radix]) { - fprintf(stderr, "s_mp_radix_size_overestimate: result for base %d was %zu instead of %zu\n", - radix, size, results[radix]); - goto LBL_ERR; - } - a.sign = MP_NEG; - if ((err = s_mp_radix_size_overestimate(&a, radix, &size)) != MP_OKAY) { - goto LBL_ERR; - } - if (size < big_results[radix]) { - fprintf(stderr, "s_mp_radix_size_overestimate: result for base %d was %zu instead of %zu\n", - radix, size, results[radix]); - goto LBL_ERR; + /* randomized test */ + for (n = 1; n < 1024; n += 1234) { + DO(mp_rand(&a, n)); + + for (radix = 2; radix < 65; radix++) { + DO(s_mp_radix_size_overestimate(&a, radix, &size)); + DO(mp_radix_size(&a, radix, &size2)); + EXPECT(size >= size2); + EXPECT(size < size2 + 20); /* some error bound */ + a.sign = MP_NEG; + DO(s_mp_radix_size_overestimate(&a, radix, &size)); + DO(mp_radix_size(&a, radix, &size2)); + EXPECT(size >= size2); + EXPECT(size < size2 + 20); /* some error bound */ + a.sign = MP_ZPOS; } - a.sign = MP_ZPOS; } -#endif mp_clear(&a); return EXIT_SUCCESS; From 40177e18e5c7f7b741a65048c6e75c1b92998265 Mon Sep 17 00:00:00 2001 From: Daniel Mendler Date: Thu, 5 Dec 2019 11:47:36 +0100 Subject: [PATCH 4/6] test: print __func__ --- demo/shared.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/demo/shared.h b/demo/shared.h index 5eae9732c..2a1ab3c9d 100644 --- a/demo/shared.h +++ b/demo/shared.h @@ -17,8 +17,8 @@ #include "tommath_private.h" -#define EXPECT(a) do { if (!(a)) { fprintf(stderr, "%d: EXPECT(%s) failed\n", __LINE__, #a); goto LBL_ERR; } } while(0) -#define DO_WHAT(a, what) do { mp_err err; if ((err = (a)) != MP_OKAY) { fprintf(stderr, "%d: DO(%s) failed: %s\n", __LINE__, #a, mp_error_to_string(err)); what; } } while(0) +#define EXPECT(a) do { if (!(a)) { fprintf(stderr, "%s, line %d: EXPECT(%s) failed\n", __func__, __LINE__, #a); goto LBL_ERR; } } while(0) +#define DO_WHAT(a, what) do { mp_err err; if ((err = (a)) != MP_OKAY) { fprintf(stderr, "%s, line %d: DO(%s) failed: %s\n", __func__, __LINE__, #a, mp_error_to_string(err)); what; } } while(0) #define DO(a) DO_WHAT(a, goto LBL_ERR) #define DOR(a) DO_WHAT(a, return EXIT_FAILURE) From 876c5fc3f6c6f100d85973eb185d961a2f8f8444 Mon Sep 17 00:00:00 2001 From: Daniel Mendler Date: Thu, 5 Dec 2019 11:47:36 +0100 Subject: [PATCH 5/6] disable __func__ in c89 compilers --- makefile | 2 ++ tommath_c89.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/makefile b/makefile index 1cd577886..b24fe85c0 100644 --- a/makefile +++ b/makefile @@ -172,6 +172,7 @@ c89: -e 's/\(PRI[iux]64\)/MP_\1/g' \ -e 's/uint\([0-9][0-9]*\)_t/mp_u\1/g' \ -e 's/int\([0-9][0-9]*\)_t/mp_i\1/g' \ + -e 's/__func__/MP_FUNCTION_NAME/g' \ *.c tommath.h tommath_private.h demo/*.c demo/*.h etc/*.c c99: @@ -194,6 +195,7 @@ c99: -e 's/MP_\(PRI[iux]64\)/\1/g' \ -e 's/mp_u\([0-9][0-9]*\)/uint\1_t/g' \ -e 's/mp_i\([0-9][0-9]*\)/int\1_t/g' \ + -e 's/MP_FUNCTION_NAME/__func__/g' \ *.c tommath.h tommath_private.h demo/*.c demo/*.h etc/*.c astyle: diff --git a/tommath_c89.h b/tommath_c89.h index 35fb828c4..e7b87f105 100644 --- a/tommath_c89.h +++ b/tommath_c89.h @@ -36,3 +36,5 @@ typedef __UINT64_TYPE__ mp_u64; #define MP_PRIi64 MP_PRI64_PREFIX "i" #define MP_PRIu64 MP_PRI64_PREFIX "u" #define MP_PRIx64 MP_PRI64_PREFIX "x" + +#define MP_FUNCTION_NAME __func__ From ca6924b7e64f862ffe2140493cfa9bd736366bbb Mon Sep 17 00:00:00 2001 From: Daniel Mendler Date: Mon, 23 Dec 2019 11:12:42 +0100 Subject: [PATCH 6/6] add error code MP_OVF for integer overflow (too many digits) --- mp_error_to_string.c | 2 ++ mp_grow.c | 2 +- mp_init_multi.c | 8 ++++---- mp_init_size.c | 2 +- tommath.h | 3 ++- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/mp_error_to_string.c b/mp_error_to_string.c index 1b34d02ed..39adcd124 100644 --- a/mp_error_to_string.c +++ b/mp_error_to_string.c @@ -19,6 +19,8 @@ const char *mp_error_to_string(mp_err code) return "Max. iterations reached"; case MP_BUF: return "Buffer overflow"; + case MP_OVF: + return "Integer overflow"; default: return "Invalid error code"; } diff --git a/mp_grow.c b/mp_grow.c index ff3b96d1e..5bca1b5ff 100644 --- a/mp_grow.c +++ b/mp_grow.c @@ -11,7 +11,7 @@ mp_err mp_grow(mp_int *a, int size) mp_digit *dp; if (size > MP_MAX_DIGIT_COUNT) { - return MP_MEM; + return MP_OVF; } /* reallocate the array a->dp diff --git a/mp_init_multi.c b/mp_init_multi.c index 6567cf1f2..908b4df45 100644 --- a/mp_init_multi.c +++ b/mp_init_multi.c @@ -7,14 +7,15 @@ mp_err mp_init_multi(mp_int *mp, ...) { - mp_err err = MP_OKAY; /* Assume ok until proven otherwise */ + mp_err err = MP_OKAY; int n = 0; /* Number of ok inits */ mp_int *cur_arg = mp; va_list args; va_start(args, mp); /* init args to next argument from caller */ while (cur_arg != NULL) { - if (mp_init(cur_arg) != MP_OKAY) { + err = mp_init(cur_arg); + if (err != MP_OKAY) { /* Oops - error! Back-track and mp_clear what we already succeeded in init-ing, then return error. */ @@ -28,14 +29,13 @@ mp_err mp_init_multi(mp_int *mp, ...) cur_arg = va_arg(clean_args, mp_int *); } va_end(clean_args); - err = MP_MEM; break; } n++; cur_arg = va_arg(args, mp_int *); } va_end(args); - return err; /* Assumed ok, if error flagged above. */ + return err; } #endif diff --git a/mp_init_size.c b/mp_init_size.c index 979a0b7d0..e28a3cd49 100644 --- a/mp_init_size.c +++ b/mp_init_size.c @@ -9,7 +9,7 @@ mp_err mp_init_size(mp_int *a, int size) size = MP_MAX(MP_MIN_DIGIT_COUNT, size); if (size > MP_MAX_DIGIT_COUNT) { - return MP_MEM; + return MP_OVF; } /* alloc mem */ diff --git a/tommath.h b/tommath.h index a2e758541..25a166e77 100644 --- a/tommath.h +++ b/tommath.h @@ -100,7 +100,8 @@ typedef enum { MP_MEM = -2, /* out of mem */ MP_VAL = -3, /* invalid input */ MP_ITER = -4, /* maximum iterations reached */ - MP_BUF = -5 /* buffer overflow, supplied buffer too small */ + MP_BUF = -5, /* buffer overflow, supplied buffer too small */ + MP_OVF = -6 /* mp_int overflow, too many digits */ } mp_err; typedef enum {