This is a step towards replacing bn_test.cc with Rust code for tests.
These scenerios are not relevant to *ring* as it details with only
positive inputs to the tested functions.
The output path is usually in a directory with a (hex) numerical name, and
it is very possible that that name may contain the substring "512". If so,
the old regex will do the wrong thing, generating the SHA-512 code twice
instead of generating one copy of the SHA-256 code and one copy of the
SHA-512 code. This has actually happened on Travis CI.
Rename sha-{x86_64, armv8}.pl back to sha512-{x86_64, armv8}.pl. This
will simplify copmarisons between BoringSSL and *ring*.
Replace the *ring*-specific hacky logic done in Perl with hacky logic
done in Rust. The purpose of this hack is to deal with the fact that
sha512-{x86_64, armv8}.pl need to be run twice, once with "512" in the
output file path to generate
`GFp_sha512_block_data_order`, and again with "256" in the output file
path to generate `GFp_sha256_block_data_order`.
The truncation is intentional so the warnings were false positives.
Still, it is easy to avoid triggering them. The warnings are currently
disabled globally; this is a step towards enabling them.
The test isn't necessary because we ensure that we pass in properly-
reduced values to `GFp_BN_mod_inverse_odd()`. It needs to be removed
so that we can remove `BN_MONT_CTX`.
Instead of normalizing the inputs during the test to be in range,
the inputs are normalized ahead of time. Also, the tests with even
moduli were removed.
Require that the input be reduced (mod n), simplifying the code.
Also, move the tests for `elem_exp_consttime()` to Rust and split the
vectors out into their own file, like was done for the
`elem_exp_vartime()` tests. The test vectors were taken directly from
BoringSSL, filtered as described in the comment at the top of the file.
The tests in bn_tests.cc are now redundant, since the only way to
construct a `Modulus` is to construct a `PositiveInteger` then convert
into to an `OddPositive` and then to a `Modulus`. There were already
tests that conversion to `PositiveInteger` properly rejects zero.
Cargo-cult the way other Perlasm scripts do it.
Change-Id: I86aaf725e41b601f24595518a8a6bc481fa0c7fc
Reviewed-on: https://boringssl-review.googlesource.com/13382
Reviewed-by: Adam Langley <agl@google.com>
Perlasm requires the size suffix when targeting NASM and Yasm; without
it, the resulting .asm file has |imu| instead of |imul|.
Change-Id: Icb95b8c0b68cf4f93becdc1930dc217398f56bec
Reviewed-on: https://boringssl-review.googlesource.com/13381
Reviewed-by: Adam Langley <agl@google.com>
Use the same quoting used in other files so that this file can be built
the same way as other files on platforms that require the other kind of
quoting.
Change-Id: I808769bf014fbfe526fedcdc1e1f617b3490d03b
Reviewed-on: https://boringssl-review.googlesource.com/13380
Reviewed-by: Adam Langley <agl@google.com>
Otherwise we could pass a negative value into |d2i_X509|.
Change-Id: I52a35dd9648269094110b69eddd7667a56ec8253
Reviewed-on: https://boringssl-review.googlesource.com/13363
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>