Add test for 3072-bit RSA and DH and fix modexp

2017-10-16 11:54:50 +10:00
parent 90f8f67982
commit f724206e37
4 changed files with 73 additions and 13 deletions
--- a/certs/dh3072.pem
+++ b/certs/dh3072.pem
@ -0,0 +1,11 @@
+-----BEGIN DH PARAMETERS-----
+MIIBiAKCAYEAiRt1P4S2Ee0h8QgPuAbJo8lB21rI+IJzD+uJHlQYvuZIQZ76wgxQ
+Z8NdtfUPI2pDM5HZQPNmxpn/l7Z7rydyO59+WBgUn5FuKxHBV0knNnjhCWicBVqs
+5gA4vpV0gVMo8K3ftYccchdO7ACRIqrkiNf1PR8DEy0c+95ZaK3gF6Hujcy//s8k
+Qu0m3SnQTmI8hTYbX2pHiCHlG4UKLOkv4CD8Hc1VZvWsMgCOo+nt+zWn5nZTQsZ3
+d6uQmXzC7MkYSjz0EXUng72ewo8jq1JG4lJdmgTDFR9pnHJpWVLUaT0ZdzYlrwdx
+gt63JGCCanK77bZ2rn68fS9zSwQW1aTzAyb78817d358jWWupdxs43DSKWvy63bJ
+5UYYElewVaV8zUGTJpn3pcU0vll53gpXXyH4mFLwL3tXtp38QKZV+6/ZFpsgT6ij
+CwRI43cixMxXFDOi8JrjEr3/covuUvPJWcKia6V1SFGCDnr//kHNfGPSU6gRA7kD
+B/5mOF+iPpwbAgEC
+-----END DH PARAMETERS-----
--- a/certs/include.am
+++ b/certs/include.am
@ -36,7 +36,10 @@ EXTRA_DIST += \
 	     certs/test-servercert.p12 \
 	     certs/dsaparams.pem \
             certs/ecc-privOnlyKey.pem \
-             certs/ecc-privOnlyCert.pem
+             certs/ecc-privOnlyCert.pem \
+	     certs/dh3072.pem \
+	     certs/client-cert-3072.pem \
+	     certs/client-key-3072.pem
 EXTRA_DIST += \
 	     certs/ca-key.der \
 	     certs/ca-cert.der \
--- a/tests/test.conf
+++ b/tests/test.conf
@ -2206,3 +2206,13 @@
 -v 3
 -F 1

+# server TLSv1.2 RSA 3072-bit DH 3072-bit
+-v 3
+-D certs/dh3072.pem
+-A certs/client-cert-3072.pem
+# client TLSv1.2 RSA 3072-bit DH 3072-bit
+-v 3
+-D certs/dh3072.pem
+-c certs/client-cert-3072.pem
+-k certs/client-key-3072.pem
+
--- a/wolfcrypt/src/sp.c
+++ b/wolfcrypt/src/sp.c
@ -1325,7 +1325,12 @@ static int sp_2048_mod_exp_49(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
        c = bits % 21;
        if (c == 0)
            c = 21;
-        n = e[i--] << (32 - c);
+        if (i < 49)
+            n = e[i--] << (32 - c);
+        else {
+            n = 0;
+            i--;
+        }
        if (c < 5) {
            n |= e[i--] << (11 - c);
            c += 21;
@ -2104,7 +2109,12 @@ static int sp_2048_mod_exp_98(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
        c = bits % 21;
        if (c == 0)
            c = 21;
-        n = e[i--] << (32 - c);
+        if (i < 98)
+            n = e[i--] << (32 - c);
+        else {
+            n = 0;
+            i--;
+        }
        if (c < 5) {
            n |= e[i--] << (11 - c);
            c += 21;
@ -2366,7 +2376,6 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
    }

    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 98, mm);
        sp_2048_to_bin(r, out);
        *outLen = 256;
    }
@ -4089,7 +4098,12 @@ static int sp_3072_mod_exp_70(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
        c = bits % 22;
        if (c == 0)
            c = 22;
-        n = e[i--] << (32 - c);
+        if (i < 70)
+            n = e[i--] << (32 - c);
+        else {
+            n = 0;
+            i--;
+        }
        if (c < 5) {
            n |= e[i--] << (10 - c);
            c += 22;
@ -4895,7 +4909,12 @@ static int sp_3072_mod_exp_140(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
        c = bits % 22;
        if (c == 0)
            c = 22;
-        n = e[i--] << (32 - c);
+        if (i < 140)
+            n = e[i--] << (32 - c);
+        else {
+            n = 0;
+            i--;
+        }
        if (c < 5) {
            n |= e[i--] << (10 - c);
            c += 22;
@ -5162,7 +5181,6 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
    }

    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 140, mm);
        sp_3072_to_bin(r, out);
        *outLen = 384;
    }
@ -7024,7 +7042,12 @@ static int sp_2048_mod_exp_18(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
        c = bits % 57;
        if (c == 0)
            c = 57;
-        n = e[i--] << (64 - c);
+        if (i < 18)
+            n = e[i--] << (64 - c);
+        else {
+            n = 0;
+            i--;
+        }
        if (c < 5) {
            n |= e[i--] << (7 - c);
            c += 57;
@ -7830,7 +7853,12 @@ static int sp_2048_mod_exp_36(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
        c = bits % 57;
        if (c == 0)
            c = 57;
-        n = e[i--] << (64 - c);
+        if (i < 36)
+            n = e[i--] << (64 - c);
+        else {
+            n = 0;
+            i--;
+        }
        if (c < 5) {
            n |= e[i--] << (7 - c);
            c += 57;
@ -8093,7 +8121,6 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
    }

    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 36, mm);
        sp_2048_to_bin(r, out);
        *outLen = 256;
    }
@ -10197,7 +10224,12 @@ static int sp_3072_mod_exp_27(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
        c = bits % 57;
        if (c == 0)
            c = 57;
-        n = e[i--] << (64 - c);
+        if (i < 27)
+            n = e[i--] << (64 - c);
+        else {
+            n = 0;
+            i--;
+        }
        if (c < 5) {
            n |= e[i--] << (7 - c);
            c += 57;
@ -11016,7 +11048,12 @@ static int sp_3072_mod_exp_54(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
        c = bits % 57;
        if (c == 0)
            c = 57;
-        n = e[i--] << (64 - c);
+        if (i < 54)
+            n = e[i--] << (64 - c);
+        else {
+            n = 0;
+            i--;
+        }
        if (c < 5) {
            n |= e[i--] << (7 - c);
            c += 57;
@ -11280,7 +11317,6 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
    }

    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 54, mm);
        sp_3072_to_bin(r, out);
        *outLen = 384;
    }