Import Wycheproof primality tests.

Change-Id: I885fb8f282b6339bdb061fde1c8d3d74706de5b5 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/39196 Reviewed-by: Adam Langley <agl@google.com>
2019-12-15 16:35:54 -05:00 · 2019-12-15 16:35:54 -05:00 · be1d14b789
commit be1d14b789
parent 0df6edff4f
4 changed files with 1633 additions and 0 deletions
--- a/crypto/fipsmodule/bn/bn_test.cc
+++ b/crypto/fipsmodule/bn/bn_test.cc
@ -73,6 +73,7 @@
 #include <stdio.h>
 #include <string.h>

+#include <algorithm>
 #include <utility>

 #include <gtest/gtest.h>
@ -91,6 +92,7 @@
 #include "../../test/abi_test.h"
 #include "../../test/file_test.h"
 #include "../../test/test_util.h"
+#include "../../test/wycheproof_util.h"


 static int HexToBIGNUM(bssl::UniquePtr<BIGNUM> *out, const char *in) {
@ -2309,6 +2311,41 @@ TEST_F(BNTest, MillerRabinIteration) {
      });
 }

+TEST_F(BNTest, WycheproofPrimality) {
+  FileTestGTest(
+      "third_party/wycheproof_testvectors/primality_test.txt",
+      [&](FileTest *t) {
+        WycheproofResult result;
+        ASSERT_TRUE(GetWycheproofResult(t, &result));
+        bssl::UniquePtr<BIGNUM> value = GetWycheproofBIGNUM(t, "value", false);
+        ASSERT_TRUE(value);
+
+        for (int checks :
+             {BN_prime_checks_for_validation, BN_prime_checks_for_generation}) {
+          SCOPED_TRACE(checks);
+          if (checks == BN_prime_checks_for_generation &&
+              std::find(result.flags.begin(), result.flags.end(),
+                        "WorstCaseMillerRabin") != result.flags.end()) {
+            // Skip the worst case Miller-Rabin cases.
+            // |BN_prime_checks_for_generation| relies on such values being rare
+            // when generating primes.
+            continue;
+          }
+
+          int is_probably_prime;
+          ASSERT_TRUE(BN_primality_test(&is_probably_prime, value.get(), checks,
+                                        ctx(),
+                                        /*do_trial_division=*/false, nullptr));
+          EXPECT_EQ(result.IsValid() ? 1 : 0, is_probably_prime);
+
+          ASSERT_TRUE(BN_primality_test(&is_probably_prime, value.get(), checks,
+                                        ctx(),
+                                        /*do_trial_division=*/true, nullptr));
+          EXPECT_EQ(result.IsValid() ? 1 : 0, is_probably_prime);
+        }
+      });
+}
+
 TEST_F(BNTest, NumBitsWord) {
  constexpr BN_ULONG kOne = 1;

--- a/sources.cmake
+++ b/sources.cmake
@ -94,6 +94,7 @@ set(
  third_party/wycheproof_testvectors/hmac_sha512_test.txt
  third_party/wycheproof_testvectors/kwp_test.txt
  third_party/wycheproof_testvectors/kw_test.txt
+  third_party/wycheproof_testvectors/primality_test.txt
  third_party/wycheproof_testvectors/rsa_oaep_2048_sha1_mgf1sha1_test.txt
  third_party/wycheproof_testvectors/rsa_oaep_2048_sha224_mgf1sha1_test.txt
  third_party/wycheproof_testvectors/rsa_oaep_2048_sha224_mgf1sha224_test.txt
--- a/third_party/wycheproof_testvectors/primality_test.txt
+++ b/third_party/wycheproof_testvectors/primality_test.txt
--- a/util/convert_wycheproof.go
+++ b/util/convert_wycheproof.go
@ -225,6 +225,7 @@ var defaultInputs = []string{
 	"hmac_sha512_test.json",
 	"kw_test.json",
 	"kwp_test.json",
+	"primality_test.json",
 	"rsa_oaep_2048_sha1_mgf1sha1_test.json",
 	"rsa_oaep_2048_sha224_mgf1sha1_test.json",
 	"rsa_oaep_2048_sha224_mgf1sha224_test.json",