external/boringssl: Sync to 58e449904e248f34bdfc2be7a609c58bcb0257b7.
This includes the following changes:
https://boringssl.googlesource.com/boringssl/+log/2c1523733a71166943e52da11ac2eae82b0227b8..58e449904e248f34bdfc2be7a609c58bcb0257b7
Test: BoringSSL CTS Presubmits
Change-Id: I1a825139c8c7076d09b8a3acc5f09a547a7cbe0d
diff --git a/BORINGSSL_REVISION b/BORINGSSL_REVISION
index 080ffc3..44e39ef 100644
--- a/BORINGSSL_REVISION
+++ b/BORINGSSL_REVISION
@@ -1 +1 @@
-2c1523733a71166943e52da11ac2eae82b0227b8
+58e449904e248f34bdfc2be7a609c58bcb0257b7
diff --git a/linux-x86_64/crypto/fipsmodule/aes-x86_64.S b/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
index 0063c89..ff87f98 100644
--- a/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
@@ -1294,8 +1294,8 @@
.globl asm_AES_cbc_encrypt
.hidden asm_AES_cbc_encrypt
.type asm_AES_cbc_encrypt,@function
-.extern OPENSSL_ia32cap_addr
-.hidden OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
+.hidden OPENSSL_ia32cap_P
.hidden asm_AES_cbc_encrypt
asm_AES_cbc_encrypt:
cmpq $0,%rdx
@@ -1317,7 +1317,7 @@
cmpq $0,%r9
cmoveq %r10,%r14
- movq OPENSSL_ia32cap_addr(%rip),%r10
+ leaq OPENSSL_ia32cap_P(%rip),%r10
movl (%r10),%r10d
cmpq $512,%rdx
jb .Lcbc_slow_prologue
diff --git a/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S b/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
index b5056f2..0c980a3 100644
--- a/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
@@ -1,7 +1,7 @@
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
.text
-.extern OPENSSL_ia32cap_addr
-.hidden OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
+.hidden OPENSSL_ia32cap_P
.globl aesni_encrypt
.hidden aesni_encrypt
.type aesni_encrypt,@function
@@ -1087,7 +1087,7 @@
leaq 7(%r8),%r9
movl %r10d,96+12(%rsp)
bswapl %r9d
- movq OPENSSL_ia32cap_addr(%rip),%r10
+ leaq OPENSSL_ia32cap_P(%rip),%r10
movl 4(%r10),%r10d
xorl %ebp,%r9d
andl $71303168,%r10d
@@ -3474,7 +3474,7 @@
movdqa %xmm5,%xmm14
movdqu 80(%rdi),%xmm7
movdqa %xmm6,%xmm15
- movq OPENSSL_ia32cap_addr(%rip),%r9
+ leaq OPENSSL_ia32cap_P(%rip),%r9
movl 4(%r9),%r9d
cmpq $0x70,%rdx
jbe .Lcbc_dec_six_or_seven
@@ -3998,7 +3998,7 @@
movups (%rdi),%xmm0
xorps %xmm4,%xmm4
- movq OPENSSL_ia32cap_addr(%rip),%r10
+ leaq OPENSSL_ia32cap_P(%rip),%r10
movl 4(%r10),%r10d
andl $268437504,%r10d
leaq 16(%rdx),%rax
diff --git a/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S b/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S
index 7b563e1..64ef2c2 100644
--- a/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/ghash-x86_64.S
@@ -1,7 +1,7 @@
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
.text
-.extern OPENSSL_ia32cap_addr
-.hidden OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
+.hidden OPENSSL_ia32cap_P
.globl gcm_gmult_4bit
.hidden gcm_gmult_4bit
@@ -890,7 +890,7 @@
jz .Lodd_tail
movdqu 16(%rsi),%xmm6
- movq OPENSSL_ia32cap_addr(%rip),%rax
+ leaq OPENSSL_ia32cap_P(%rip),%rax
movl 4(%rax),%eax
cmpq $0x30,%rcx
jb .Lskip4x
diff --git a/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S b/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S
index b739537..7f924dc 100644
--- a/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/sha1-x86_64.S
@@ -1,15 +1,14 @@
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
.text
-.extern OPENSSL_ia32cap_addr
-.hidden OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
+.hidden OPENSSL_ia32cap_P
.globl sha1_block_data_order
.hidden sha1_block_data_order
.type sha1_block_data_order,@function
.align 16
sha1_block_data_order:
- leaq OPENSSL_ia32cap_addr(%rip),%r10
- movq (%r10),%r10
+ leaq OPENSSL_ia32cap_P(%rip),%r10
movl 0(%r10),%r9d
movl 4(%r10),%r8d
movl 8(%r10),%r10d
diff --git a/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S b/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S
index 5983039..c1a6256 100644
--- a/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/sha256-x86_64.S
@@ -1,15 +1,14 @@
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
.text
-.extern OPENSSL_ia32cap_addr
-.hidden OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
+.hidden OPENSSL_ia32cap_P
.globl sha256_block_data_order
.hidden sha256_block_data_order
.type sha256_block_data_order,@function
.align 16
sha256_block_data_order:
- leaq OPENSSL_ia32cap_addr(%rip),%r11
- movq (%r11),%r11
+ leaq OPENSSL_ia32cap_P(%rip),%r11
movl 0(%r11),%r9d
movl 4(%r11),%r10d
movl 8(%r11),%r11d
diff --git a/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S b/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S
index 6eedfbc..7ac6f94 100644
--- a/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/sha512-x86_64.S
@@ -1,15 +1,14 @@
#if defined(__x86_64__) && !defined(OPENSSL_NO_ASM)
.text
-.extern OPENSSL_ia32cap_addr
-.hidden OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
+.hidden OPENSSL_ia32cap_P
.globl sha512_block_data_order
.hidden sha512_block_data_order
.type sha512_block_data_order,@function
.align 16
sha512_block_data_order:
- leaq OPENSSL_ia32cap_addr(%rip),%r11
- movq (%r11),%r11
+ leaq OPENSSL_ia32cap_P(%rip),%r11
movl 0(%r11),%r9d
movl 4(%r11),%r10d
movl 8(%r11),%r11d
diff --git a/mac-x86_64/crypto/fipsmodule/aes-x86_64.S b/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
index 891861c..c7c4829 100644
--- a/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
@@ -1316,7 +1316,7 @@
cmpq $0,%r9
cmoveq %r10,%r14
- movq _OPENSSL_ia32cap_addr(%rip),%r10
+ leaq _OPENSSL_ia32cap_P(%rip),%r10
movl (%r10),%r10d
cmpq $512,%rdx
jb L$cbc_slow_prologue
diff --git a/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S b/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
index f77b955..4ee0dc4 100644
--- a/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
@@ -1086,7 +1086,7 @@
leaq 7(%r8),%r9
movl %r10d,96+12(%rsp)
bswapl %r9d
- movq _OPENSSL_ia32cap_addr(%rip),%r10
+ leaq _OPENSSL_ia32cap_P(%rip),%r10
movl 4(%r10),%r10d
xorl %ebp,%r9d
andl $71303168,%r10d
@@ -3473,7 +3473,7 @@
movdqa %xmm5,%xmm14
movdqu 80(%rdi),%xmm7
movdqa %xmm6,%xmm15
- movq _OPENSSL_ia32cap_addr(%rip),%r9
+ leaq _OPENSSL_ia32cap_P(%rip),%r9
movl 4(%r9),%r9d
cmpq $0x70,%rdx
jbe L$cbc_dec_six_or_seven
@@ -3997,7 +3997,7 @@
movups (%rdi),%xmm0
xorps %xmm4,%xmm4
- movq _OPENSSL_ia32cap_addr(%rip),%r10
+ leaq _OPENSSL_ia32cap_P(%rip),%r10
movl 4(%r10),%r10d
andl $268437504,%r10d
leaq 16(%rdx),%rax
diff --git a/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S b/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S
index d47f061..78b88cc 100644
--- a/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/ghash-x86_64.S
@@ -889,7 +889,7 @@
jz L$odd_tail
movdqu 16(%rsi),%xmm6
- movq _OPENSSL_ia32cap_addr(%rip),%rax
+ leaq _OPENSSL_ia32cap_P(%rip),%rax
movl 4(%rax),%eax
cmpq $0x30,%rcx
jb L$skip4x
diff --git a/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S b/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S
index e5eb4c7..c22431c 100644
--- a/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/sha1-x86_64.S
@@ -7,8 +7,7 @@
.p2align 4
_sha1_block_data_order:
- leaq _OPENSSL_ia32cap_addr(%rip),%r10
- movq (%r10),%r10
+ leaq _OPENSSL_ia32cap_P(%rip),%r10
movl 0(%r10),%r9d
movl 4(%r10),%r8d
movl 8(%r10),%r10d
diff --git a/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S b/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S
index 7699b54..9b9c94a 100644
--- a/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/sha256-x86_64.S
@@ -7,8 +7,7 @@
.p2align 4
_sha256_block_data_order:
- leaq _OPENSSL_ia32cap_addr(%rip),%r11
- movq (%r11),%r11
+ leaq _OPENSSL_ia32cap_P(%rip),%r11
movl 0(%r11),%r9d
movl 4(%r11),%r10d
movl 8(%r11),%r11d
diff --git a/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S b/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S
index e84bde7..05d0174 100644
--- a/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/sha512-x86_64.S
@@ -7,8 +7,7 @@
.p2align 4
_sha512_block_data_order:
- leaq _OPENSSL_ia32cap_addr(%rip),%r11
- movq (%r11),%r11
+ leaq _OPENSSL_ia32cap_P(%rip),%r11
movl 0(%r11),%r9d
movl 4(%r11),%r10d
movl 8(%r11),%r11d
diff --git a/sources.bp b/sources.bp
index d38b551..ad33e9b 100644
--- a/sources.bp
+++ b/sources.bp
@@ -71,7 +71,7 @@
"src/crypto/bn/exponentiation.c",
"src/crypto/bn/gcd.c",
"src/crypto/bn/generic.c",
- "src/crypto/bn/kronecker.c",
+ "src/crypto/bn/jacobi.c",
"src/crypto/bn/montgomery.c",
"src/crypto/bn/montgomery_inv.c",
"src/crypto/bn/mul.c",
@@ -461,8 +461,10 @@
"src/crypto/bio/bio_test.cc",
"src/crypto/bytestring/bytestring_test.cc",
"src/crypto/chacha/chacha_test.cc",
+ "src/crypto/cmac/cmac_test.cc",
"src/crypto/compiler_test.cc",
"src/crypto/constant_time_test.cc",
+ "src/crypto/curve25519/spake25519_test.cc",
"src/crypto/curve25519/x25519_test.cc",
"src/crypto/dh/dh_test.cc",
"src/crypto/dsa/dsa_test.cc",
@@ -489,9 +491,7 @@
"src/crypto/bn/bn_test.cc",
"src/crypto/cipher/aead_test.cc",
"src/crypto/cipher/cipher_test.cc",
- "src/crypto/cmac/cmac_test.cc",
"src/crypto/curve25519/ed25519_test.cc",
- "src/crypto/curve25519/spake25519_test.cc",
"src/crypto/digest_extra/digest_test.cc",
"src/crypto/ec/example_mul.c",
"src/crypto/ec/p256-x86_64_test.cc",
diff --git a/sources.mk b/sources.mk
index f734016..f25b23b 100644
--- a/sources.mk
+++ b/sources.mk
@@ -69,7 +69,7 @@
src/crypto/bn/exponentiation.c\
src/crypto/bn/gcd.c\
src/crypto/bn/generic.c\
- src/crypto/bn/kronecker.c\
+ src/crypto/bn/jacobi.c\
src/crypto/bn/montgomery.c\
src/crypto/bn/montgomery_inv.c\
src/crypto/bn/mul.c\
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 65a55a1..9b7ff79 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -268,6 +268,7 @@
add_subdirectory(crypto)
add_subdirectory(ssl)
add_subdirectory(ssl/test)
+add_subdirectory(fipsoracle)
add_subdirectory(tool)
add_subdirectory(decrepit)
diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt
index 56ce7eb..5996577 100644
--- a/src/crypto/CMakeLists.txt
+++ b/src/crypto/CMakeLists.txt
@@ -238,8 +238,10 @@
bio/bio_test.cc
bytestring/bytestring_test.cc
chacha/chacha_test.cc
+ cmac/cmac_test.cc
compiler_test.cc
constant_time_test.cc
+ curve25519/spake25519_test.cc
curve25519/x25519_test.cc
dh/dh_test.cc
dsa/dsa_test.cc
diff --git a/src/crypto/bn/CMakeLists.txt b/src/crypto/bn/CMakeLists.txt
index 9dd24b4..5da72e9 100644
--- a/src/crypto/bn/CMakeLists.txt
+++ b/src/crypto/bn/CMakeLists.txt
@@ -54,7 +54,7 @@
exponentiation.c
generic.c
gcd.c
- kronecker.c
+ jacobi.c
montgomery.c
montgomery_inv.c
mul.c
diff --git a/src/crypto/bn/bn_test.cc b/src/crypto/bn/bn_test.cc
index 2d92276..c5548db 100644
--- a/src/crypto/bn/bn_test.cc
+++ b/src/crypto/bn/bn_test.cc
@@ -1798,912 +1798,213 @@
return true;
}
-static const int kPrimes[10000] = {
- 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
- 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151,
- 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233,
- 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
- 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419,
- 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503,
- 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607,
- 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701,
- 709, 719, 727, 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811,
- 821, 823, 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911,
- 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997, 1009, 1013,
- 1019, 1021, 1031, 1033, 1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091,
- 1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163, 1171, 1181,
- 1187, 1193, 1201, 1213, 1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277,
- 1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321, 1327, 1361,
- 1367, 1373, 1381, 1399, 1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451,
- 1453, 1459, 1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511, 1523, 1531,
- 1543, 1549, 1553, 1559, 1567, 1571, 1579, 1583, 1597, 1601, 1607, 1609,
- 1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693, 1697, 1699,
- 1709, 1721, 1723, 1733, 1741, 1747, 1753, 1759, 1777, 1783, 1787, 1789,
- 1801, 1811, 1823, 1831, 1847, 1861, 1867, 1871, 1873, 1877, 1879, 1889,
- 1901, 1907, 1913, 1931, 1933, 1949, 1951, 1973, 1979, 1987, 1993, 1997,
- 1999, 2003, 2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069, 2081, 2083,
- 2087, 2089, 2099, 2111, 2113, 2129, 2131, 2137, 2141, 2143, 2153, 2161,
- 2179, 2203, 2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267, 2269, 2273,
- 2281, 2287, 2293, 2297, 2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357,
- 2371, 2377, 2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423, 2437, 2441,
- 2447, 2459, 2467, 2473, 2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551,
- 2557, 2579, 2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657, 2659, 2663,
- 2671, 2677, 2683, 2687, 2689, 2693, 2699, 2707, 2711, 2713, 2719, 2729,
- 2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801, 2803, 2819,
- 2833, 2837, 2843, 2851, 2857, 2861, 2879, 2887, 2897, 2903, 2909, 2917,
- 2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999, 3001, 3011, 3019, 3023,
- 3037, 3041, 3049, 3061, 3067, 3079, 3083, 3089, 3109, 3119, 3121, 3137,
- 3163, 3167, 3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221, 3229, 3251,
- 3253, 3257, 3259, 3271, 3299, 3301, 3307, 3313, 3319, 3323, 3329, 3331,
- 3343, 3347, 3359, 3361, 3371, 3373, 3389, 3391, 3407, 3413, 3433, 3449,
- 3457, 3461, 3463, 3467, 3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533,
- 3539, 3541, 3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607, 3613, 3617,
- 3623, 3631, 3637, 3643, 3659, 3671, 3673, 3677, 3691, 3697, 3701, 3709,
- 3719, 3727, 3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797, 3803, 3821,
- 3823, 3833, 3847, 3851, 3853, 3863, 3877, 3881, 3889, 3907, 3911, 3917,
- 3919, 3923, 3929, 3931, 3943, 3947, 3967, 3989, 4001, 4003, 4007, 4013,
- 4019, 4021, 4027, 4049, 4051, 4057, 4073, 4079, 4091, 4093, 4099, 4111,
- 4127, 4129, 4133, 4139, 4153, 4157, 4159, 4177, 4201, 4211, 4217, 4219,
- 4229, 4231, 4241, 4243, 4253, 4259, 4261, 4271, 4273, 4283, 4289, 4297,
- 4327, 4337, 4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409, 4421, 4423,
- 4441, 4447, 4451, 4457, 4463, 4481, 4483, 4493, 4507, 4513, 4517, 4519,
- 4523, 4547, 4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621, 4637, 4639,
- 4643, 4649, 4651, 4657, 4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729,
- 4733, 4751, 4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813, 4817, 4831,
- 4861, 4871, 4877, 4889, 4903, 4909, 4919, 4931, 4933, 4937, 4943, 4951,
- 4957, 4967, 4969, 4973, 4987, 4993, 4999, 5003, 5009, 5011, 5021, 5023,
- 5039, 5051, 5059, 5077, 5081, 5087, 5099, 5101, 5107, 5113, 5119, 5147,
- 5153, 5167, 5171, 5179, 5189, 5197, 5209, 5227, 5231, 5233, 5237, 5261,
- 5273, 5279, 5281, 5297, 5303, 5309, 5323, 5333, 5347, 5351, 5381, 5387,
- 5393, 5399, 5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443, 5449, 5471,
- 5477, 5479, 5483, 5501, 5503, 5507, 5519, 5521, 5527, 5531, 5557, 5563,
- 5569, 5573, 5581, 5591, 5623, 5639, 5641, 5647, 5651, 5653, 5657, 5659,
- 5669, 5683, 5689, 5693, 5701, 5711, 5717, 5737, 5741, 5743, 5749, 5779,
- 5783, 5791, 5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849, 5851, 5857,
- 5861, 5867, 5869, 5879, 5881, 5897, 5903, 5923, 5927, 5939, 5953, 5981,
- 5987, 6007, 6011, 6029, 6037, 6043, 6047, 6053, 6067, 6073, 6079, 6089,
- 6091, 6101, 6113, 6121, 6131, 6133, 6143, 6151, 6163, 6173, 6197, 6199,
- 6203, 6211, 6217, 6221, 6229, 6247, 6257, 6263, 6269, 6271, 6277, 6287,
- 6299, 6301, 6311, 6317, 6323, 6329, 6337, 6343, 6353, 6359, 6361, 6367,
- 6373, 6379, 6389, 6397, 6421, 6427, 6449, 6451, 6469, 6473, 6481, 6491,
- 6521, 6529, 6547, 6551, 6553, 6563, 6569, 6571, 6577, 6581, 6599, 6607,
- 6619, 6637, 6653, 6659, 6661, 6673, 6679, 6689, 6691, 6701, 6703, 6709,
- 6719, 6733, 6737, 6761, 6763, 6779, 6781, 6791, 6793, 6803, 6823, 6827,
- 6829, 6833, 6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907, 6911, 6917,
- 6947, 6949, 6959, 6961, 6967, 6971, 6977, 6983, 6991, 6997, 7001, 7013,
- 7019, 7027, 7039, 7043, 7057, 7069, 7079, 7103, 7109, 7121, 7127, 7129,
- 7151, 7159, 7177, 7187, 7193, 7207, 7211, 7213, 7219, 7229, 7237, 7243,
- 7247, 7253, 7283, 7297, 7307, 7309, 7321, 7331, 7333, 7349, 7351, 7369,
- 7393, 7411, 7417, 7433, 7451, 7457, 7459, 7477, 7481, 7487, 7489, 7499,
- 7507, 7517, 7523, 7529, 7537, 7541, 7547, 7549, 7559, 7561, 7573, 7577,
- 7583, 7589, 7591, 7603, 7607, 7621, 7639, 7643, 7649, 7669, 7673, 7681,
- 7687, 7691, 7699, 7703, 7717, 7723, 7727, 7741, 7753, 7757, 7759, 7789,
- 7793, 7817, 7823, 7829, 7841, 7853, 7867, 7873, 7877, 7879, 7883, 7901,
- 7907, 7919, 7927, 7933, 7937, 7949, 7951, 7963, 7993, 8009, 8011, 8017,
- 8039, 8053, 8059, 8069, 8081, 8087, 8089, 8093, 8101, 8111, 8117, 8123,
- 8147, 8161, 8167, 8171, 8179, 8191, 8209, 8219, 8221, 8231, 8233, 8237,
- 8243, 8263, 8269, 8273, 8287, 8291, 8293, 8297, 8311, 8317, 8329, 8353,
- 8363, 8369, 8377, 8387, 8389, 8419, 8423, 8429, 8431, 8443, 8447, 8461,
- 8467, 8501, 8513, 8521, 8527, 8537, 8539, 8543, 8563, 8573, 8581, 8597,
- 8599, 8609, 8623, 8627, 8629, 8641, 8647, 8663, 8669, 8677, 8681, 8689,
- 8693, 8699, 8707, 8713, 8719, 8731, 8737, 8741, 8747, 8753, 8761, 8779,
- 8783, 8803, 8807, 8819, 8821, 8831, 8837, 8839, 8849, 8861, 8863, 8867,
- 8887, 8893, 8923, 8929, 8933, 8941, 8951, 8963, 8969, 8971, 8999, 9001,
- 9007, 9011, 9013, 9029, 9041, 9043, 9049, 9059, 9067, 9091, 9103, 9109,
- 9127, 9133, 9137, 9151, 9157, 9161, 9173, 9181, 9187, 9199, 9203, 9209,
- 9221, 9227, 9239, 9241, 9257, 9277, 9281, 9283, 9293, 9311, 9319, 9323,
- 9337, 9341, 9343, 9349, 9371, 9377, 9391, 9397, 9403, 9413, 9419, 9421,
- 9431, 9433, 9437, 9439, 9461, 9463, 9467, 9473, 9479, 9491, 9497, 9511,
- 9521, 9533, 9539, 9547, 9551, 9587, 9601, 9613, 9619, 9623, 9629, 9631,
- 9643, 9649, 9661, 9677, 9679, 9689, 9697, 9719, 9721, 9733, 9739, 9743,
- 9749, 9767, 9769, 9781, 9787, 9791, 9803, 9811, 9817, 9829, 9833, 9839,
- 9851, 9857, 9859, 9871, 9883, 9887, 9901, 9907, 9923, 9929, 9931, 9941,
- 9949, 9967, 9973, 10007, 10009, 10037, 10039, 10061, 10067, 10069, 10079,
- 10091, 10093, 10099, 10103, 10111, 10133, 10139, 10141, 10151, 10159, 10163,
- 10169, 10177, 10181, 10193, 10211, 10223, 10243, 10247, 10253, 10259, 10267,
- 10271, 10273, 10289, 10301, 10303, 10313, 10321, 10331, 10333, 10337, 10343,
- 10357, 10369, 10391, 10399, 10427, 10429, 10433, 10453, 10457, 10459, 10463,
- 10477, 10487, 10499, 10501, 10513, 10529, 10531, 10559, 10567, 10589, 10597,
- 10601, 10607, 10613, 10627, 10631, 10639, 10651, 10657, 10663, 10667, 10687,
- 10691, 10709, 10711, 10723, 10729, 10733, 10739, 10753, 10771, 10781, 10789,
- 10799, 10831, 10837, 10847, 10853, 10859, 10861, 10867, 10883, 10889, 10891,
- 10903, 10909, 10937, 10939, 10949, 10957, 10973, 10979, 10987, 10993, 11003,
- 11027, 11047, 11057, 11059, 11069, 11071, 11083, 11087, 11093, 11113, 11117,
- 11119, 11131, 11149, 11159, 11161, 11171, 11173, 11177, 11197, 11213, 11239,
- 11243, 11251, 11257, 11261, 11273, 11279, 11287, 11299, 11311, 11317, 11321,
- 11329, 11351, 11353, 11369, 11383, 11393, 11399, 11411, 11423, 11437, 11443,
- 11447, 11467, 11471, 11483, 11489, 11491, 11497, 11503, 11519, 11527, 11549,
- 11551, 11579, 11587, 11593, 11597, 11617, 11621, 11633, 11657, 11677, 11681,
- 11689, 11699, 11701, 11717, 11719, 11731, 11743, 11777, 11779, 11783, 11789,
- 11801, 11807, 11813, 11821, 11827, 11831, 11833, 11839, 11863, 11867, 11887,
- 11897, 11903, 11909, 11923, 11927, 11933, 11939, 11941, 11953, 11959, 11969,
- 11971, 11981, 11987, 12007, 12011, 12037, 12041, 12043, 12049, 12071, 12073,
- 12097, 12101, 12107, 12109, 12113, 12119, 12143, 12149, 12157, 12161, 12163,
- 12197, 12203, 12211, 12227, 12239, 12241, 12251, 12253, 12263, 12269, 12277,
- 12281, 12289, 12301, 12323, 12329, 12343, 12347, 12373, 12377, 12379, 12391,
- 12401, 12409, 12413, 12421, 12433, 12437, 12451, 12457, 12473, 12479, 12487,
- 12491, 12497, 12503, 12511, 12517, 12527, 12539, 12541, 12547, 12553, 12569,
- 12577, 12583, 12589, 12601, 12611, 12613, 12619, 12637, 12641, 12647, 12653,
- 12659, 12671, 12689, 12697, 12703, 12713, 12721, 12739, 12743, 12757, 12763,
- 12781, 12791, 12799, 12809, 12821, 12823, 12829, 12841, 12853, 12889, 12893,
- 12899, 12907, 12911, 12917, 12919, 12923, 12941, 12953, 12959, 12967, 12973,
- 12979, 12983, 13001, 13003, 13007, 13009, 13033, 13037, 13043, 13049, 13063,
- 13093, 13099, 13103, 13109, 13121, 13127, 13147, 13151, 13159, 13163, 13171,
- 13177, 13183, 13187, 13217, 13219, 13229, 13241, 13249, 13259, 13267, 13291,
- 13297, 13309, 13313, 13327, 13331, 13337, 13339, 13367, 13381, 13397, 13399,
- 13411, 13417, 13421, 13441, 13451, 13457, 13463, 13469, 13477, 13487, 13499,
- 13513, 13523, 13537, 13553, 13567, 13577, 13591, 13597, 13613, 13619, 13627,
- 13633, 13649, 13669, 13679, 13681, 13687, 13691, 13693, 13697, 13709, 13711,
- 13721, 13723, 13729, 13751, 13757, 13759, 13763, 13781, 13789, 13799, 13807,
- 13829, 13831, 13841, 13859, 13873, 13877, 13879, 13883, 13901, 13903, 13907,
- 13913, 13921, 13931, 13933, 13963, 13967, 13997, 13999, 14009, 14011, 14029,
- 14033, 14051, 14057, 14071, 14081, 14083, 14087, 14107, 14143, 14149, 14153,
- 14159, 14173, 14177, 14197, 14207, 14221, 14243, 14249, 14251, 14281, 14293,
- 14303, 14321, 14323, 14327, 14341, 14347, 14369, 14387, 14389, 14401, 14407,
- 14411, 14419, 14423, 14431, 14437, 14447, 14449, 14461, 14479, 14489, 14503,
- 14519, 14533, 14537, 14543, 14549, 14551, 14557, 14561, 14563, 14591, 14593,
- 14621, 14627, 14629, 14633, 14639, 14653, 14657, 14669, 14683, 14699, 14713,
- 14717, 14723, 14731, 14737, 14741, 14747, 14753, 14759, 14767, 14771, 14779,
- 14783, 14797, 14813, 14821, 14827, 14831, 14843, 14851, 14867, 14869, 14879,
- 14887, 14891, 14897, 14923, 14929, 14939, 14947, 14951, 14957, 14969, 14983,
- 15013, 15017, 15031, 15053, 15061, 15073, 15077, 15083, 15091, 15101, 15107,
- 15121, 15131, 15137, 15139, 15149, 15161, 15173, 15187, 15193, 15199, 15217,
- 15227, 15233, 15241, 15259, 15263, 15269, 15271, 15277, 15287, 15289, 15299,
- 15307, 15313, 15319, 15329, 15331, 15349, 15359, 15361, 15373, 15377, 15383,
- 15391, 15401, 15413, 15427, 15439, 15443, 15451, 15461, 15467, 15473, 15493,
- 15497, 15511, 15527, 15541, 15551, 15559, 15569, 15581, 15583, 15601, 15607,
- 15619, 15629, 15641, 15643, 15647, 15649, 15661, 15667, 15671, 15679, 15683,
- 15727, 15731, 15733, 15737, 15739, 15749, 15761, 15767, 15773, 15787, 15791,
- 15797, 15803, 15809, 15817, 15823, 15859, 15877, 15881, 15887, 15889, 15901,
- 15907, 15913, 15919, 15923, 15937, 15959, 15971, 15973, 15991, 16001, 16007,
- 16033, 16057, 16061, 16063, 16067, 16069, 16073, 16087, 16091, 16097, 16103,
- 16111, 16127, 16139, 16141, 16183, 16187, 16189, 16193, 16217, 16223, 16229,
- 16231, 16249, 16253, 16267, 16273, 16301, 16319, 16333, 16339, 16349, 16361,
- 16363, 16369, 16381, 16411, 16417, 16421, 16427, 16433, 16447, 16451, 16453,
- 16477, 16481, 16487, 16493, 16519, 16529, 16547, 16553, 16561, 16567, 16573,
- 16603, 16607, 16619, 16631, 16633, 16649, 16651, 16657, 16661, 16673, 16691,
- 16693, 16699, 16703, 16729, 16741, 16747, 16759, 16763, 16787, 16811, 16823,
- 16829, 16831, 16843, 16871, 16879, 16883, 16889, 16901, 16903, 16921, 16927,
- 16931, 16937, 16943, 16963, 16979, 16981, 16987, 16993, 17011, 17021, 17027,
- 17029, 17033, 17041, 17047, 17053, 17077, 17093, 17099, 17107, 17117, 17123,
- 17137, 17159, 17167, 17183, 17189, 17191, 17203, 17207, 17209, 17231, 17239,
- 17257, 17291, 17293, 17299, 17317, 17321, 17327, 17333, 17341, 17351, 17359,
- 17377, 17383, 17387, 17389, 17393, 17401, 17417, 17419, 17431, 17443, 17449,
- 17467, 17471, 17477, 17483, 17489, 17491, 17497, 17509, 17519, 17539, 17551,
- 17569, 17573, 17579, 17581, 17597, 17599, 17609, 17623, 17627, 17657, 17659,
- 17669, 17681, 17683, 17707, 17713, 17729, 17737, 17747, 17749, 17761, 17783,
- 17789, 17791, 17807, 17827, 17837, 17839, 17851, 17863, 17881, 17891, 17903,
- 17909, 17911, 17921, 17923, 17929, 17939, 17957, 17959, 17971, 17977, 17981,
- 17987, 17989, 18013, 18041, 18043, 18047, 18049, 18059, 18061, 18077, 18089,
- 18097, 18119, 18121, 18127, 18131, 18133, 18143, 18149, 18169, 18181, 18191,
- 18199, 18211, 18217, 18223, 18229, 18233, 18251, 18253, 18257, 18269, 18287,
- 18289, 18301, 18307, 18311, 18313, 18329, 18341, 18353, 18367, 18371, 18379,
- 18397, 18401, 18413, 18427, 18433, 18439, 18443, 18451, 18457, 18461, 18481,
- 18493, 18503, 18517, 18521, 18523, 18539, 18541, 18553, 18583, 18587, 18593,
- 18617, 18637, 18661, 18671, 18679, 18691, 18701, 18713, 18719, 18731, 18743,
- 18749, 18757, 18773, 18787, 18793, 18797, 18803, 18839, 18859, 18869, 18899,
- 18911, 18913, 18917, 18919, 18947, 18959, 18973, 18979, 19001, 19009, 19013,
- 19031, 19037, 19051, 19069, 19073, 19079, 19081, 19087, 19121, 19139, 19141,
- 19157, 19163, 19181, 19183, 19207, 19211, 19213, 19219, 19231, 19237, 19249,
- 19259, 19267, 19273, 19289, 19301, 19309, 19319, 19333, 19373, 19379, 19381,
- 19387, 19391, 19403, 19417, 19421, 19423, 19427, 19429, 19433, 19441, 19447,
- 19457, 19463, 19469, 19471, 19477, 19483, 19489, 19501, 19507, 19531, 19541,
- 19543, 19553, 19559, 19571, 19577, 19583, 19597, 19603, 19609, 19661, 19681,
- 19687, 19697, 19699, 19709, 19717, 19727, 19739, 19751, 19753, 19759, 19763,
- 19777, 19793, 19801, 19813, 19819, 19841, 19843, 19853, 19861, 19867, 19889,
- 19891, 19913, 19919, 19927, 19937, 19949, 19961, 19963, 19973, 19979, 19991,
- 19993, 19997, 20011, 20021, 20023, 20029, 20047, 20051, 20063, 20071, 20089,
- 20101, 20107, 20113, 20117, 20123, 20129, 20143, 20147, 20149, 20161, 20173,
- 20177, 20183, 20201, 20219, 20231, 20233, 20249, 20261, 20269, 20287, 20297,
- 20323, 20327, 20333, 20341, 20347, 20353, 20357, 20359, 20369, 20389, 20393,
- 20399, 20407, 20411, 20431, 20441, 20443, 20477, 20479, 20483, 20507, 20509,
- 20521, 20533, 20543, 20549, 20551, 20563, 20593, 20599, 20611, 20627, 20639,
- 20641, 20663, 20681, 20693, 20707, 20717, 20719, 20731, 20743, 20747, 20749,
- 20753, 20759, 20771, 20773, 20789, 20807, 20809, 20849, 20857, 20873, 20879,
- 20887, 20897, 20899, 20903, 20921, 20929, 20939, 20947, 20959, 20963, 20981,
- 20983, 21001, 21011, 21013, 21017, 21019, 21023, 21031, 21059, 21061, 21067,
- 21089, 21101, 21107, 21121, 21139, 21143, 21149, 21157, 21163, 21169, 21179,
- 21187, 21191, 21193, 21211, 21221, 21227, 21247, 21269, 21277, 21283, 21313,
- 21317, 21319, 21323, 21341, 21347, 21377, 21379, 21383, 21391, 21397, 21401,
- 21407, 21419, 21433, 21467, 21481, 21487, 21491, 21493, 21499, 21503, 21517,
- 21521, 21523, 21529, 21557, 21559, 21563, 21569, 21577, 21587, 21589, 21599,
- 21601, 21611, 21613, 21617, 21647, 21649, 21661, 21673, 21683, 21701, 21713,
- 21727, 21737, 21739, 21751, 21757, 21767, 21773, 21787, 21799, 21803, 21817,
- 21821, 21839, 21841, 21851, 21859, 21863, 21871, 21881, 21893, 21911, 21929,
- 21937, 21943, 21961, 21977, 21991, 21997, 22003, 22013, 22027, 22031, 22037,
- 22039, 22051, 22063, 22067, 22073, 22079, 22091, 22093, 22109, 22111, 22123,
- 22129, 22133, 22147, 22153, 22157, 22159, 22171, 22189, 22193, 22229, 22247,
- 22259, 22271, 22273, 22277, 22279, 22283, 22291, 22303, 22307, 22343, 22349,
- 22367, 22369, 22381, 22391, 22397, 22409, 22433, 22441, 22447, 22453, 22469,
- 22481, 22483, 22501, 22511, 22531, 22541, 22543, 22549, 22567, 22571, 22573,
- 22613, 22619, 22621, 22637, 22639, 22643, 22651, 22669, 22679, 22691, 22697,
- 22699, 22709, 22717, 22721, 22727, 22739, 22741, 22751, 22769, 22777, 22783,
- 22787, 22807, 22811, 22817, 22853, 22859, 22861, 22871, 22877, 22901, 22907,
- 22921, 22937, 22943, 22961, 22963, 22973, 22993, 23003, 23011, 23017, 23021,
- 23027, 23029, 23039, 23041, 23053, 23057, 23059, 23063, 23071, 23081, 23087,
- 23099, 23117, 23131, 23143, 23159, 23167, 23173, 23189, 23197, 23201, 23203,
- 23209, 23227, 23251, 23269, 23279, 23291, 23293, 23297, 23311, 23321, 23327,
- 23333, 23339, 23357, 23369, 23371, 23399, 23417, 23431, 23447, 23459, 23473,
- 23497, 23509, 23531, 23537, 23539, 23549, 23557, 23561, 23563, 23567, 23581,
- 23593, 23599, 23603, 23609, 23623, 23627, 23629, 23633, 23663, 23669, 23671,
- 23677, 23687, 23689, 23719, 23741, 23743, 23747, 23753, 23761, 23767, 23773,
- 23789, 23801, 23813, 23819, 23827, 23831, 23833, 23857, 23869, 23873, 23879,
- 23887, 23893, 23899, 23909, 23911, 23917, 23929, 23957, 23971, 23977, 23981,
- 23993, 24001, 24007, 24019, 24023, 24029, 24043, 24049, 24061, 24071, 24077,
- 24083, 24091, 24097, 24103, 24107, 24109, 24113, 24121, 24133, 24137, 24151,
- 24169, 24179, 24181, 24197, 24203, 24223, 24229, 24239, 24247, 24251, 24281,
- 24317, 24329, 24337, 24359, 24371, 24373, 24379, 24391, 24407, 24413, 24419,
- 24421, 24439, 24443, 24469, 24473, 24481, 24499, 24509, 24517, 24527, 24533,
- 24547, 24551, 24571, 24593, 24611, 24623, 24631, 24659, 24671, 24677, 24683,
- 24691, 24697, 24709, 24733, 24749, 24763, 24767, 24781, 24793, 24799, 24809,
- 24821, 24841, 24847, 24851, 24859, 24877, 24889, 24907, 24917, 24919, 24923,
- 24943, 24953, 24967, 24971, 24977, 24979, 24989, 25013, 25031, 25033, 25037,
- 25057, 25073, 25087, 25097, 25111, 25117, 25121, 25127, 25147, 25153, 25163,
- 25169, 25171, 25183, 25189, 25219, 25229, 25237, 25243, 25247, 25253, 25261,
- 25301, 25303, 25307, 25309, 25321, 25339, 25343, 25349, 25357, 25367, 25373,
- 25391, 25409, 25411, 25423, 25439, 25447, 25453, 25457, 25463, 25469, 25471,
- 25523, 25537, 25541, 25561, 25577, 25579, 25583, 25589, 25601, 25603, 25609,
- 25621, 25633, 25639, 25643, 25657, 25667, 25673, 25679, 25693, 25703, 25717,
- 25733, 25741, 25747, 25759, 25763, 25771, 25793, 25799, 25801, 25819, 25841,
- 25847, 25849, 25867, 25873, 25889, 25903, 25913, 25919, 25931, 25933, 25939,
- 25943, 25951, 25969, 25981, 25997, 25999, 26003, 26017, 26021, 26029, 26041,
- 26053, 26083, 26099, 26107, 26111, 26113, 26119, 26141, 26153, 26161, 26171,
- 26177, 26183, 26189, 26203, 26209, 26227, 26237, 26249, 26251, 26261, 26263,
- 26267, 26293, 26297, 26309, 26317, 26321, 26339, 26347, 26357, 26371, 26387,
- 26393, 26399, 26407, 26417, 26423, 26431, 26437, 26449, 26459, 26479, 26489,
- 26497, 26501, 26513, 26539, 26557, 26561, 26573, 26591, 26597, 26627, 26633,
- 26641, 26647, 26669, 26681, 26683, 26687, 26693, 26699, 26701, 26711, 26713,
- 26717, 26723, 26729, 26731, 26737, 26759, 26777, 26783, 26801, 26813, 26821,
- 26833, 26839, 26849, 26861, 26863, 26879, 26881, 26891, 26893, 26903, 26921,
- 26927, 26947, 26951, 26953, 26959, 26981, 26987, 26993, 27011, 27017, 27031,
- 27043, 27059, 27061, 27067, 27073, 27077, 27091, 27103, 27107, 27109, 27127,
- 27143, 27179, 27191, 27197, 27211, 27239, 27241, 27253, 27259, 27271, 27277,
- 27281, 27283, 27299, 27329, 27337, 27361, 27367, 27397, 27407, 27409, 27427,
- 27431, 27437, 27449, 27457, 27479, 27481, 27487, 27509, 27527, 27529, 27539,
- 27541, 27551, 27581, 27583, 27611, 27617, 27631, 27647, 27653, 27673, 27689,
- 27691, 27697, 27701, 27733, 27737, 27739, 27743, 27749, 27751, 27763, 27767,
- 27773, 27779, 27791, 27793, 27799, 27803, 27809, 27817, 27823, 27827, 27847,
- 27851, 27883, 27893, 27901, 27917, 27919, 27941, 27943, 27947, 27953, 27961,
- 27967, 27983, 27997, 28001, 28019, 28027, 28031, 28051, 28057, 28069, 28081,
- 28087, 28097, 28099, 28109, 28111, 28123, 28151, 28163, 28181, 28183, 28201,
- 28211, 28219, 28229, 28277, 28279, 28283, 28289, 28297, 28307, 28309, 28319,
- 28349, 28351, 28387, 28393, 28403, 28409, 28411, 28429, 28433, 28439, 28447,
- 28463, 28477, 28493, 28499, 28513, 28517, 28537, 28541, 28547, 28549, 28559,
- 28571, 28573, 28579, 28591, 28597, 28603, 28607, 28619, 28621, 28627, 28631,
- 28643, 28649, 28657, 28661, 28663, 28669, 28687, 28697, 28703, 28711, 28723,
- 28729, 28751, 28753, 28759, 28771, 28789, 28793, 28807, 28813, 28817, 28837,
- 28843, 28859, 28867, 28871, 28879, 28901, 28909, 28921, 28927, 28933, 28949,
- 28961, 28979, 29009, 29017, 29021, 29023, 29027, 29033, 29059, 29063, 29077,
- 29101, 29123, 29129, 29131, 29137, 29147, 29153, 29167, 29173, 29179, 29191,
- 29201, 29207, 29209, 29221, 29231, 29243, 29251, 29269, 29287, 29297, 29303,
- 29311, 29327, 29333, 29339, 29347, 29363, 29383, 29387, 29389, 29399, 29401,
- 29411, 29423, 29429, 29437, 29443, 29453, 29473, 29483, 29501, 29527, 29531,
- 29537, 29567, 29569, 29573, 29581, 29587, 29599, 29611, 29629, 29633, 29641,
- 29663, 29669, 29671, 29683, 29717, 29723, 29741, 29753, 29759, 29761, 29789,
- 29803, 29819, 29833, 29837, 29851, 29863, 29867, 29873, 29879, 29881, 29917,
- 29921, 29927, 29947, 29959, 29983, 29989, 30011, 30013, 30029, 30047, 30059,
- 30071, 30089, 30091, 30097, 30103, 30109, 30113, 30119, 30133, 30137, 30139,
- 30161, 30169, 30181, 30187, 30197, 30203, 30211, 30223, 30241, 30253, 30259,
- 30269, 30271, 30293, 30307, 30313, 30319, 30323, 30341, 30347, 30367, 30389,
- 30391, 30403, 30427, 30431, 30449, 30467, 30469, 30491, 30493, 30497, 30509,
- 30517, 30529, 30539, 30553, 30557, 30559, 30577, 30593, 30631, 30637, 30643,
- 30649, 30661, 30671, 30677, 30689, 30697, 30703, 30707, 30713, 30727, 30757,
- 30763, 30773, 30781, 30803, 30809, 30817, 30829, 30839, 30841, 30851, 30853,
- 30859, 30869, 30871, 30881, 30893, 30911, 30931, 30937, 30941, 30949, 30971,
- 30977, 30983, 31013, 31019, 31033, 31039, 31051, 31063, 31069, 31079, 31081,
- 31091, 31121, 31123, 31139, 31147, 31151, 31153, 31159, 31177, 31181, 31183,
- 31189, 31193, 31219, 31223, 31231, 31237, 31247, 31249, 31253, 31259, 31267,
- 31271, 31277, 31307, 31319, 31321, 31327, 31333, 31337, 31357, 31379, 31387,
- 31391, 31393, 31397, 31469, 31477, 31481, 31489, 31511, 31513, 31517, 31531,
- 31541, 31543, 31547, 31567, 31573, 31583, 31601, 31607, 31627, 31643, 31649,
- 31657, 31663, 31667, 31687, 31699, 31721, 31723, 31727, 31729, 31741, 31751,
- 31769, 31771, 31793, 31799, 31817, 31847, 31849, 31859, 31873, 31883, 31891,
- 31907, 31957, 31963, 31973, 31981, 31991, 32003, 32009, 32027, 32029, 32051,
- 32057, 32059, 32063, 32069, 32077, 32083, 32089, 32099, 32117, 32119, 32141,
- 32143, 32159, 32173, 32183, 32189, 32191, 32203, 32213, 32233, 32237, 32251,
- 32257, 32261, 32297, 32299, 32303, 32309, 32321, 32323, 32327, 32341, 32353,
- 32359, 32363, 32369, 32371, 32377, 32381, 32401, 32411, 32413, 32423, 32429,
- 32441, 32443, 32467, 32479, 32491, 32497, 32503, 32507, 32531, 32533, 32537,
- 32561, 32563, 32569, 32573, 32579, 32587, 32603, 32609, 32611, 32621, 32633,
- 32647, 32653, 32687, 32693, 32707, 32713, 32717, 32719, 32749, 32771, 32779,
- 32783, 32789, 32797, 32801, 32803, 32831, 32833, 32839, 32843, 32869, 32887,
- 32909, 32911, 32917, 32933, 32939, 32941, 32957, 32969, 32971, 32983, 32987,
- 32993, 32999, 33013, 33023, 33029, 33037, 33049, 33053, 33071, 33073, 33083,
- 33091, 33107, 33113, 33119, 33149, 33151, 33161, 33179, 33181, 33191, 33199,
- 33203, 33211, 33223, 33247, 33287, 33289, 33301, 33311, 33317, 33329, 33331,
- 33343, 33347, 33349, 33353, 33359, 33377, 33391, 33403, 33409, 33413, 33427,
- 33457, 33461, 33469, 33479, 33487, 33493, 33503, 33521, 33529, 33533, 33547,
- 33563, 33569, 33577, 33581, 33587, 33589, 33599, 33601, 33613, 33617, 33619,
- 33623, 33629, 33637, 33641, 33647, 33679, 33703, 33713, 33721, 33739, 33749,
- 33751, 33757, 33767, 33769, 33773, 33791, 33797, 33809, 33811, 33827, 33829,
- 33851, 33857, 33863, 33871, 33889, 33893, 33911, 33923, 33931, 33937, 33941,
- 33961, 33967, 33997, 34019, 34031, 34033, 34039, 34057, 34061, 34123, 34127,
- 34129, 34141, 34147, 34157, 34159, 34171, 34183, 34211, 34213, 34217, 34231,
- 34253, 34259, 34261, 34267, 34273, 34283, 34297, 34301, 34303, 34313, 34319,
- 34327, 34337, 34351, 34361, 34367, 34369, 34381, 34403, 34421, 34429, 34439,
- 34457, 34469, 34471, 34483, 34487, 34499, 34501, 34511, 34513, 34519, 34537,
- 34543, 34549, 34583, 34589, 34591, 34603, 34607, 34613, 34631, 34649, 34651,
- 34667, 34673, 34679, 34687, 34693, 34703, 34721, 34729, 34739, 34747, 34757,
- 34759, 34763, 34781, 34807, 34819, 34841, 34843, 34847, 34849, 34871, 34877,
- 34883, 34897, 34913, 34919, 34939, 34949, 34961, 34963, 34981, 35023, 35027,
- 35051, 35053, 35059, 35069, 35081, 35083, 35089, 35099, 35107, 35111, 35117,
- 35129, 35141, 35149, 35153, 35159, 35171, 35201, 35221, 35227, 35251, 35257,
- 35267, 35279, 35281, 35291, 35311, 35317, 35323, 35327, 35339, 35353, 35363,
- 35381, 35393, 35401, 35407, 35419, 35423, 35437, 35447, 35449, 35461, 35491,
- 35507, 35509, 35521, 35527, 35531, 35533, 35537, 35543, 35569, 35573, 35591,
- 35593, 35597, 35603, 35617, 35671, 35677, 35729, 35731, 35747, 35753, 35759,
- 35771, 35797, 35801, 35803, 35809, 35831, 35837, 35839, 35851, 35863, 35869,
- 35879, 35897, 35899, 35911, 35923, 35933, 35951, 35963, 35969, 35977, 35983,
- 35993, 35999, 36007, 36011, 36013, 36017, 36037, 36061, 36067, 36073, 36083,
- 36097, 36107, 36109, 36131, 36137, 36151, 36161, 36187, 36191, 36209, 36217,
- 36229, 36241, 36251, 36263, 36269, 36277, 36293, 36299, 36307, 36313, 36319,
- 36341, 36343, 36353, 36373, 36383, 36389, 36433, 36451, 36457, 36467, 36469,
- 36473, 36479, 36493, 36497, 36523, 36527, 36529, 36541, 36551, 36559, 36563,
- 36571, 36583, 36587, 36599, 36607, 36629, 36637, 36643, 36653, 36671, 36677,
- 36683, 36691, 36697, 36709, 36713, 36721, 36739, 36749, 36761, 36767, 36779,
- 36781, 36787, 36791, 36793, 36809, 36821, 36833, 36847, 36857, 36871, 36877,
- 36887, 36899, 36901, 36913, 36919, 36923, 36929, 36931, 36943, 36947, 36973,
- 36979, 36997, 37003, 37013, 37019, 37021, 37039, 37049, 37057, 37061, 37087,
- 37097, 37117, 37123, 37139, 37159, 37171, 37181, 37189, 37199, 37201, 37217,
- 37223, 37243, 37253, 37273, 37277, 37307, 37309, 37313, 37321, 37337, 37339,
- 37357, 37361, 37363, 37369, 37379, 37397, 37409, 37423, 37441, 37447, 37463,
- 37483, 37489, 37493, 37501, 37507, 37511, 37517, 37529, 37537, 37547, 37549,
- 37561, 37567, 37571, 37573, 37579, 37589, 37591, 37607, 37619, 37633, 37643,
- 37649, 37657, 37663, 37691, 37693, 37699, 37717, 37747, 37781, 37783, 37799,
- 37811, 37813, 37831, 37847, 37853, 37861, 37871, 37879, 37889, 37897, 37907,
- 37951, 37957, 37963, 37967, 37987, 37991, 37993, 37997, 38011, 38039, 38047,
- 38053, 38069, 38083, 38113, 38119, 38149, 38153, 38167, 38177, 38183, 38189,
- 38197, 38201, 38219, 38231, 38237, 38239, 38261, 38273, 38281, 38287, 38299,
- 38303, 38317, 38321, 38327, 38329, 38333, 38351, 38371, 38377, 38393, 38431,
- 38447, 38449, 38453, 38459, 38461, 38501, 38543, 38557, 38561, 38567, 38569,
- 38593, 38603, 38609, 38611, 38629, 38639, 38651, 38653, 38669, 38671, 38677,
- 38693, 38699, 38707, 38711, 38713, 38723, 38729, 38737, 38747, 38749, 38767,
- 38783, 38791, 38803, 38821, 38833, 38839, 38851, 38861, 38867, 38873, 38891,
- 38903, 38917, 38921, 38923, 38933, 38953, 38959, 38971, 38977, 38993, 39019,
- 39023, 39041, 39043, 39047, 39079, 39089, 39097, 39103, 39107, 39113, 39119,
- 39133, 39139, 39157, 39161, 39163, 39181, 39191, 39199, 39209, 39217, 39227,
- 39229, 39233, 39239, 39241, 39251, 39293, 39301, 39313, 39317, 39323, 39341,
- 39343, 39359, 39367, 39371, 39373, 39383, 39397, 39409, 39419, 39439, 39443,
- 39451, 39461, 39499, 39503, 39509, 39511, 39521, 39541, 39551, 39563, 39569,
- 39581, 39607, 39619, 39623, 39631, 39659, 39667, 39671, 39679, 39703, 39709,
- 39719, 39727, 39733, 39749, 39761, 39769, 39779, 39791, 39799, 39821, 39827,
- 39829, 39839, 39841, 39847, 39857, 39863, 39869, 39877, 39883, 39887, 39901,
- 39929, 39937, 39953, 39971, 39979, 39983, 39989, 40009, 40013, 40031, 40037,
- 40039, 40063, 40087, 40093, 40099, 40111, 40123, 40127, 40129, 40151, 40153,
- 40163, 40169, 40177, 40189, 40193, 40213, 40231, 40237, 40241, 40253, 40277,
- 40283, 40289, 40343, 40351, 40357, 40361, 40387, 40423, 40427, 40429, 40433,
- 40459, 40471, 40483, 40487, 40493, 40499, 40507, 40519, 40529, 40531, 40543,
- 40559, 40577, 40583, 40591, 40597, 40609, 40627, 40637, 40639, 40693, 40697,
- 40699, 40709, 40739, 40751, 40759, 40763, 40771, 40787, 40801, 40813, 40819,
- 40823, 40829, 40841, 40847, 40849, 40853, 40867, 40879, 40883, 40897, 40903,
- 40927, 40933, 40939, 40949, 40961, 40973, 40993, 41011, 41017, 41023, 41039,
- 41047, 41051, 41057, 41077, 41081, 41113, 41117, 41131, 41141, 41143, 41149,
- 41161, 41177, 41179, 41183, 41189, 41201, 41203, 41213, 41221, 41227, 41231,
- 41233, 41243, 41257, 41263, 41269, 41281, 41299, 41333, 41341, 41351, 41357,
- 41381, 41387, 41389, 41399, 41411, 41413, 41443, 41453, 41467, 41479, 41491,
- 41507, 41513, 41519, 41521, 41539, 41543, 41549, 41579, 41593, 41597, 41603,
- 41609, 41611, 41617, 41621, 41627, 41641, 41647, 41651, 41659, 41669, 41681,
- 41687, 41719, 41729, 41737, 41759, 41761, 41771, 41777, 41801, 41809, 41813,
- 41843, 41849, 41851, 41863, 41879, 41887, 41893, 41897, 41903, 41911, 41927,
- 41941, 41947, 41953, 41957, 41959, 41969, 41981, 41983, 41999, 42013, 42017,
- 42019, 42023, 42043, 42061, 42071, 42073, 42083, 42089, 42101, 42131, 42139,
- 42157, 42169, 42179, 42181, 42187, 42193, 42197, 42209, 42221, 42223, 42227,
- 42239, 42257, 42281, 42283, 42293, 42299, 42307, 42323, 42331, 42337, 42349,
- 42359, 42373, 42379, 42391, 42397, 42403, 42407, 42409, 42433, 42437, 42443,
- 42451, 42457, 42461, 42463, 42467, 42473, 42487, 42491, 42499, 42509, 42533,
- 42557, 42569, 42571, 42577, 42589, 42611, 42641, 42643, 42649, 42667, 42677,
- 42683, 42689, 42697, 42701, 42703, 42709, 42719, 42727, 42737, 42743, 42751,
- 42767, 42773, 42787, 42793, 42797, 42821, 42829, 42839, 42841, 42853, 42859,
- 42863, 42899, 42901, 42923, 42929, 42937, 42943, 42953, 42961, 42967, 42979,
- 42989, 43003, 43013, 43019, 43037, 43049, 43051, 43063, 43067, 43093, 43103,
- 43117, 43133, 43151, 43159, 43177, 43189, 43201, 43207, 43223, 43237, 43261,
- 43271, 43283, 43291, 43313, 43319, 43321, 43331, 43391, 43397, 43399, 43403,
- 43411, 43427, 43441, 43451, 43457, 43481, 43487, 43499, 43517, 43541, 43543,
- 43573, 43577, 43579, 43591, 43597, 43607, 43609, 43613, 43627, 43633, 43649,
- 43651, 43661, 43669, 43691, 43711, 43717, 43721, 43753, 43759, 43777, 43781,
- 43783, 43787, 43789, 43793, 43801, 43853, 43867, 43889, 43891, 43913, 43933,
- 43943, 43951, 43961, 43963, 43969, 43973, 43987, 43991, 43997, 44017, 44021,
- 44027, 44029, 44041, 44053, 44059, 44071, 44087, 44089, 44101, 44111, 44119,
- 44123, 44129, 44131, 44159, 44171, 44179, 44189, 44201, 44203, 44207, 44221,
- 44249, 44257, 44263, 44267, 44269, 44273, 44279, 44281, 44293, 44351, 44357,
- 44371, 44381, 44383, 44389, 44417, 44449, 44453, 44483, 44491, 44497, 44501,
- 44507, 44519, 44531, 44533, 44537, 44543, 44549, 44563, 44579, 44587, 44617,
- 44621, 44623, 44633, 44641, 44647, 44651, 44657, 44683, 44687, 44699, 44701,
- 44711, 44729, 44741, 44753, 44771, 44773, 44777, 44789, 44797, 44809, 44819,
- 44839, 44843, 44851, 44867, 44879, 44887, 44893, 44909, 44917, 44927, 44939,
- 44953, 44959, 44963, 44971, 44983, 44987, 45007, 45013, 45053, 45061, 45077,
- 45083, 45119, 45121, 45127, 45131, 45137, 45139, 45161, 45179, 45181, 45191,
- 45197, 45233, 45247, 45259, 45263, 45281, 45289, 45293, 45307, 45317, 45319,
- 45329, 45337, 45341, 45343, 45361, 45377, 45389, 45403, 45413, 45427, 45433,
- 45439, 45481, 45491, 45497, 45503, 45523, 45533, 45541, 45553, 45557, 45569,
- 45587, 45589, 45599, 45613, 45631, 45641, 45659, 45667, 45673, 45677, 45691,
- 45697, 45707, 45737, 45751, 45757, 45763, 45767, 45779, 45817, 45821, 45823,
- 45827, 45833, 45841, 45853, 45863, 45869, 45887, 45893, 45943, 45949, 45953,
- 45959, 45971, 45979, 45989, 46021, 46027, 46049, 46051, 46061, 46073, 46091,
- 46093, 46099, 46103, 46133, 46141, 46147, 46153, 46171, 46181, 46183, 46187,
- 46199, 46219, 46229, 46237, 46261, 46271, 46273, 46279, 46301, 46307, 46309,
- 46327, 46337, 46349, 46351, 46381, 46399, 46411, 46439, 46441, 46447, 46451,
- 46457, 46471, 46477, 46489, 46499, 46507, 46511, 46523, 46549, 46559, 46567,
- 46573, 46589, 46591, 46601, 46619, 46633, 46639, 46643, 46649, 46663, 46679,
- 46681, 46687, 46691, 46703, 46723, 46727, 46747, 46751, 46757, 46769, 46771,
- 46807, 46811, 46817, 46819, 46829, 46831, 46853, 46861, 46867, 46877, 46889,
- 46901, 46919, 46933, 46957, 46993, 46997, 47017, 47041, 47051, 47057, 47059,
- 47087, 47093, 47111, 47119, 47123, 47129, 47137, 47143, 47147, 47149, 47161,
- 47189, 47207, 47221, 47237, 47251, 47269, 47279, 47287, 47293, 47297, 47303,
- 47309, 47317, 47339, 47351, 47353, 47363, 47381, 47387, 47389, 47407, 47417,
- 47419, 47431, 47441, 47459, 47491, 47497, 47501, 47507, 47513, 47521, 47527,
- 47533, 47543, 47563, 47569, 47581, 47591, 47599, 47609, 47623, 47629, 47639,
- 47653, 47657, 47659, 47681, 47699, 47701, 47711, 47713, 47717, 47737, 47741,
- 47743, 47777, 47779, 47791, 47797, 47807, 47809, 47819, 47837, 47843, 47857,
- 47869, 47881, 47903, 47911, 47917, 47933, 47939, 47947, 47951, 47963, 47969,
- 47977, 47981, 48017, 48023, 48029, 48049, 48073, 48079, 48091, 48109, 48119,
- 48121, 48131, 48157, 48163, 48179, 48187, 48193, 48197, 48221, 48239, 48247,
- 48259, 48271, 48281, 48299, 48311, 48313, 48337, 48341, 48353, 48371, 48383,
- 48397, 48407, 48409, 48413, 48437, 48449, 48463, 48473, 48479, 48481, 48487,
- 48491, 48497, 48523, 48527, 48533, 48539, 48541, 48563, 48571, 48589, 48593,
- 48611, 48619, 48623, 48647, 48649, 48661, 48673, 48677, 48679, 48731, 48733,
- 48751, 48757, 48761, 48767, 48779, 48781, 48787, 48799, 48809, 48817, 48821,
- 48823, 48847, 48857, 48859, 48869, 48871, 48883, 48889, 48907, 48947, 48953,
- 48973, 48989, 48991, 49003, 49009, 49019, 49031, 49033, 49037, 49043, 49057,
- 49069, 49081, 49103, 49109, 49117, 49121, 49123, 49139, 49157, 49169, 49171,
- 49177, 49193, 49199, 49201, 49207, 49211, 49223, 49253, 49261, 49277, 49279,
- 49297, 49307, 49331, 49333, 49339, 49363, 49367, 49369, 49391, 49393, 49409,
- 49411, 49417, 49429, 49433, 49451, 49459, 49463, 49477, 49481, 49499, 49523,
- 49529, 49531, 49537, 49547, 49549, 49559, 49597, 49603, 49613, 49627, 49633,
- 49639, 49663, 49667, 49669, 49681, 49697, 49711, 49727, 49739, 49741, 49747,
- 49757, 49783, 49787, 49789, 49801, 49807, 49811, 49823, 49831, 49843, 49853,
- 49871, 49877, 49891, 49919, 49921, 49927, 49937, 49939, 49943, 49957, 49991,
- 49993, 49999, 50021, 50023, 50033, 50047, 50051, 50053, 50069, 50077, 50087,
- 50093, 50101, 50111, 50119, 50123, 50129, 50131, 50147, 50153, 50159, 50177,
- 50207, 50221, 50227, 50231, 50261, 50263, 50273, 50287, 50291, 50311, 50321,
- 50329, 50333, 50341, 50359, 50363, 50377, 50383, 50387, 50411, 50417, 50423,
- 50441, 50459, 50461, 50497, 50503, 50513, 50527, 50539, 50543, 50549, 50551,
- 50581, 50587, 50591, 50593, 50599, 50627, 50647, 50651, 50671, 50683, 50707,
- 50723, 50741, 50753, 50767, 50773, 50777, 50789, 50821, 50833, 50839, 50849,
- 50857, 50867, 50873, 50891, 50893, 50909, 50923, 50929, 50951, 50957, 50969,
- 50971, 50989, 50993, 51001, 51031, 51043, 51047, 51059, 51061, 51071, 51109,
- 51131, 51133, 51137, 51151, 51157, 51169, 51193, 51197, 51199, 51203, 51217,
- 51229, 51239, 51241, 51257, 51263, 51283, 51287, 51307, 51329, 51341, 51343,
- 51347, 51349, 51361, 51383, 51407, 51413, 51419, 51421, 51427, 51431, 51437,
- 51439, 51449, 51461, 51473, 51479, 51481, 51487, 51503, 51511, 51517, 51521,
- 51539, 51551, 51563, 51577, 51581, 51593, 51599, 51607, 51613, 51631, 51637,
- 51647, 51659, 51673, 51679, 51683, 51691, 51713, 51719, 51721, 51749, 51767,
- 51769, 51787, 51797, 51803, 51817, 51827, 51829, 51839, 51853, 51859, 51869,
- 51871, 51893, 51899, 51907, 51913, 51929, 51941, 51949, 51971, 51973, 51977,
- 51991, 52009, 52021, 52027, 52051, 52057, 52067, 52069, 52081, 52103, 52121,
- 52127, 52147, 52153, 52163, 52177, 52181, 52183, 52189, 52201, 52223, 52237,
- 52249, 52253, 52259, 52267, 52289, 52291, 52301, 52313, 52321, 52361, 52363,
- 52369, 52379, 52387, 52391, 52433, 52453, 52457, 52489, 52501, 52511, 52517,
- 52529, 52541, 52543, 52553, 52561, 52567, 52571, 52579, 52583, 52609, 52627,
- 52631, 52639, 52667, 52673, 52691, 52697, 52709, 52711, 52721, 52727, 52733,
- 52747, 52757, 52769, 52783, 52807, 52813, 52817, 52837, 52859, 52861, 52879,
- 52883, 52889, 52901, 52903, 52919, 52937, 52951, 52957, 52963, 52967, 52973,
- 52981, 52999, 53003, 53017, 53047, 53051, 53069, 53077, 53087, 53089, 53093,
- 53101, 53113, 53117, 53129, 53147, 53149, 53161, 53171, 53173, 53189, 53197,
- 53201, 53231, 53233, 53239, 53267, 53269, 53279, 53281, 53299, 53309, 53323,
- 53327, 53353, 53359, 53377, 53381, 53401, 53407, 53411, 53419, 53437, 53441,
- 53453, 53479, 53503, 53507, 53527, 53549, 53551, 53569, 53591, 53593, 53597,
- 53609, 53611, 53617, 53623, 53629, 53633, 53639, 53653, 53657, 53681, 53693,
- 53699, 53717, 53719, 53731, 53759, 53773, 53777, 53783, 53791, 53813, 53819,
- 53831, 53849, 53857, 53861, 53881, 53887, 53891, 53897, 53899, 53917, 53923,
- 53927, 53939, 53951, 53959, 53987, 53993, 54001, 54011, 54013, 54037, 54049,
- 54059, 54083, 54091, 54101, 54121, 54133, 54139, 54151, 54163, 54167, 54181,
- 54193, 54217, 54251, 54269, 54277, 54287, 54293, 54311, 54319, 54323, 54331,
- 54347, 54361, 54367, 54371, 54377, 54401, 54403, 54409, 54413, 54419, 54421,
- 54437, 54443, 54449, 54469, 54493, 54497, 54499, 54503, 54517, 54521, 54539,
- 54541, 54547, 54559, 54563, 54577, 54581, 54583, 54601, 54617, 54623, 54629,
- 54631, 54647, 54667, 54673, 54679, 54709, 54713, 54721, 54727, 54751, 54767,
- 54773, 54779, 54787, 54799, 54829, 54833, 54851, 54869, 54877, 54881, 54907,
- 54917, 54919, 54941, 54949, 54959, 54973, 54979, 54983, 55001, 55009, 55021,
- 55049, 55051, 55057, 55061, 55073, 55079, 55103, 55109, 55117, 55127, 55147,
- 55163, 55171, 55201, 55207, 55213, 55217, 55219, 55229, 55243, 55249, 55259,
- 55291, 55313, 55331, 55333, 55337, 55339, 55343, 55351, 55373, 55381, 55399,
- 55411, 55439, 55441, 55457, 55469, 55487, 55501, 55511, 55529, 55541, 55547,
- 55579, 55589, 55603, 55609, 55619, 55621, 55631, 55633, 55639, 55661, 55663,
- 55667, 55673, 55681, 55691, 55697, 55711, 55717, 55721, 55733, 55763, 55787,
- 55793, 55799, 55807, 55813, 55817, 55819, 55823, 55829, 55837, 55843, 55849,
- 55871, 55889, 55897, 55901, 55903, 55921, 55927, 55931, 55933, 55949, 55967,
- 55987, 55997, 56003, 56009, 56039, 56041, 56053, 56081, 56087, 56093, 56099,
- 56101, 56113, 56123, 56131, 56149, 56167, 56171, 56179, 56197, 56207, 56209,
- 56237, 56239, 56249, 56263, 56267, 56269, 56299, 56311, 56333, 56359, 56369,
- 56377, 56383, 56393, 56401, 56417, 56431, 56437, 56443, 56453, 56467, 56473,
- 56477, 56479, 56489, 56501, 56503, 56509, 56519, 56527, 56531, 56533, 56543,
- 56569, 56591, 56597, 56599, 56611, 56629, 56633, 56659, 56663, 56671, 56681,
- 56687, 56701, 56711, 56713, 56731, 56737, 56747, 56767, 56773, 56779, 56783,
- 56807, 56809, 56813, 56821, 56827, 56843, 56857, 56873, 56891, 56893, 56897,
- 56909, 56911, 56921, 56923, 56929, 56941, 56951, 56957, 56963, 56983, 56989,
- 56993, 56999, 57037, 57041, 57047, 57059, 57073, 57077, 57089, 57097, 57107,
- 57119, 57131, 57139, 57143, 57149, 57163, 57173, 57179, 57191, 57193, 57203,
- 57221, 57223, 57241, 57251, 57259, 57269, 57271, 57283, 57287, 57301, 57329,
- 57331, 57347, 57349, 57367, 57373, 57383, 57389, 57397, 57413, 57427, 57457,
- 57467, 57487, 57493, 57503, 57527, 57529, 57557, 57559, 57571, 57587, 57593,
- 57601, 57637, 57641, 57649, 57653, 57667, 57679, 57689, 57697, 57709, 57713,
- 57719, 57727, 57731, 57737, 57751, 57773, 57781, 57787, 57791, 57793, 57803,
- 57809, 57829, 57839, 57847, 57853, 57859, 57881, 57899, 57901, 57917, 57923,
- 57943, 57947, 57973, 57977, 57991, 58013, 58027, 58031, 58043, 58049, 58057,
- 58061, 58067, 58073, 58099, 58109, 58111, 58129, 58147, 58151, 58153, 58169,
- 58171, 58189, 58193, 58199, 58207, 58211, 58217, 58229, 58231, 58237, 58243,
- 58271, 58309, 58313, 58321, 58337, 58363, 58367, 58369, 58379, 58391, 58393,
- 58403, 58411, 58417, 58427, 58439, 58441, 58451, 58453, 58477, 58481, 58511,
- 58537, 58543, 58549, 58567, 58573, 58579, 58601, 58603, 58613, 58631, 58657,
- 58661, 58679, 58687, 58693, 58699, 58711, 58727, 58733, 58741, 58757, 58763,
- 58771, 58787, 58789, 58831, 58889, 58897, 58901, 58907, 58909, 58913, 58921,
- 58937, 58943, 58963, 58967, 58979, 58991, 58997, 59009, 59011, 59021, 59023,
- 59029, 59051, 59053, 59063, 59069, 59077, 59083, 59093, 59107, 59113, 59119,
- 59123, 59141, 59149, 59159, 59167, 59183, 59197, 59207, 59209, 59219, 59221,
- 59233, 59239, 59243, 59263, 59273, 59281, 59333, 59341, 59351, 59357, 59359,
- 59369, 59377, 59387, 59393, 59399, 59407, 59417, 59419, 59441, 59443, 59447,
- 59453, 59467, 59471, 59473, 59497, 59509, 59513, 59539, 59557, 59561, 59567,
- 59581, 59611, 59617, 59621, 59627, 59629, 59651, 59659, 59663, 59669, 59671,
- 59693, 59699, 59707, 59723, 59729, 59743, 59747, 59753, 59771, 59779, 59791,
- 59797, 59809, 59833, 59863, 59879, 59887, 59921, 59929, 59951, 59957, 59971,
- 59981, 59999, 60013, 60017, 60029, 60037, 60041, 60077, 60083, 60089, 60091,
- 60101, 60103, 60107, 60127, 60133, 60139, 60149, 60161, 60167, 60169, 60209,
- 60217, 60223, 60251, 60257, 60259, 60271, 60289, 60293, 60317, 60331, 60337,
- 60343, 60353, 60373, 60383, 60397, 60413, 60427, 60443, 60449, 60457, 60493,
- 60497, 60509, 60521, 60527, 60539, 60589, 60601, 60607, 60611, 60617, 60623,
- 60631, 60637, 60647, 60649, 60659, 60661, 60679, 60689, 60703, 60719, 60727,
- 60733, 60737, 60757, 60761, 60763, 60773, 60779, 60793, 60811, 60821, 60859,
- 60869, 60887, 60889, 60899, 60901, 60913, 60917, 60919, 60923, 60937, 60943,
- 60953, 60961, 61001, 61007, 61027, 61031, 61043, 61051, 61057, 61091, 61099,
- 61121, 61129, 61141, 61151, 61153, 61169, 61211, 61223, 61231, 61253, 61261,
- 61283, 61291, 61297, 61331, 61333, 61339, 61343, 61357, 61363, 61379, 61381,
- 61403, 61409, 61417, 61441, 61463, 61469, 61471, 61483, 61487, 61493, 61507,
- 61511, 61519, 61543, 61547, 61553, 61559, 61561, 61583, 61603, 61609, 61613,
- 61627, 61631, 61637, 61643, 61651, 61657, 61667, 61673, 61681, 61687, 61703,
- 61717, 61723, 61729, 61751, 61757, 61781, 61813, 61819, 61837, 61843, 61861,
- 61871, 61879, 61909, 61927, 61933, 61949, 61961, 61967, 61979, 61981, 61987,
- 61991, 62003, 62011, 62017, 62039, 62047, 62053, 62057, 62071, 62081, 62099,
- 62119, 62129, 62131, 62137, 62141, 62143, 62171, 62189, 62191, 62201, 62207,
- 62213, 62219, 62233, 62273, 62297, 62299, 62303, 62311, 62323, 62327, 62347,
- 62351, 62383, 62401, 62417, 62423, 62459, 62467, 62473, 62477, 62483, 62497,
- 62501, 62507, 62533, 62539, 62549, 62563, 62581, 62591, 62597, 62603, 62617,
- 62627, 62633, 62639, 62653, 62659, 62683, 62687, 62701, 62723, 62731, 62743,
- 62753, 62761, 62773, 62791, 62801, 62819, 62827, 62851, 62861, 62869, 62873,
- 62897, 62903, 62921, 62927, 62929, 62939, 62969, 62971, 62981, 62983, 62987,
- 62989, 63029, 63031, 63059, 63067, 63073, 63079, 63097, 63103, 63113, 63127,
- 63131, 63149, 63179, 63197, 63199, 63211, 63241, 63247, 63277, 63281, 63299,
- 63311, 63313, 63317, 63331, 63337, 63347, 63353, 63361, 63367, 63377, 63389,
- 63391, 63397, 63409, 63419, 63421, 63439, 63443, 63463, 63467, 63473, 63487,
- 63493, 63499, 63521, 63527, 63533, 63541, 63559, 63577, 63587, 63589, 63599,
- 63601, 63607, 63611, 63617, 63629, 63647, 63649, 63659, 63667, 63671, 63689,
- 63691, 63697, 63703, 63709, 63719, 63727, 63737, 63743, 63761, 63773, 63781,
- 63793, 63799, 63803, 63809, 63823, 63839, 63841, 63853, 63857, 63863, 63901,
- 63907, 63913, 63929, 63949, 63977, 63997, 64007, 64013, 64019, 64033, 64037,
- 64063, 64067, 64081, 64091, 64109, 64123, 64151, 64153, 64157, 64171, 64187,
- 64189, 64217, 64223, 64231, 64237, 64271, 64279, 64283, 64301, 64303, 64319,
- 64327, 64333, 64373, 64381, 64399, 64403, 64433, 64439, 64451, 64453, 64483,
- 64489, 64499, 64513, 64553, 64567, 64577, 64579, 64591, 64601, 64609, 64613,
- 64621, 64627, 64633, 64661, 64663, 64667, 64679, 64693, 64709, 64717, 64747,
- 64763, 64781, 64783, 64793, 64811, 64817, 64849, 64853, 64871, 64877, 64879,
- 64891, 64901, 64919, 64921, 64927, 64937, 64951, 64969, 64997, 65003, 65011,
- 65027, 65029, 65033, 65053, 65063, 65071, 65089, 65099, 65101, 65111, 65119,
- 65123, 65129, 65141, 65147, 65167, 65171, 65173, 65179, 65183, 65203, 65213,
- 65239, 65257, 65267, 65269, 65287, 65293, 65309, 65323, 65327, 65353, 65357,
- 65371, 65381, 65393, 65407, 65413, 65419, 65423, 65437, 65447, 65449, 65479,
- 65497, 65519, 65521, 65537, 65539, 65543, 65551, 65557, 65563, 65579, 65581,
- 65587, 65599, 65609, 65617, 65629, 65633, 65647, 65651, 65657, 65677, 65687,
- 65699, 65701, 65707, 65713, 65717, 65719, 65729, 65731, 65761, 65777, 65789,
- 65809, 65827, 65831, 65837, 65839, 65843, 65851, 65867, 65881, 65899, 65921,
- 65927, 65929, 65951, 65957, 65963, 65981, 65983, 65993, 66029, 66037, 66041,
- 66047, 66067, 66071, 66083, 66089, 66103, 66107, 66109, 66137, 66161, 66169,
- 66173, 66179, 66191, 66221, 66239, 66271, 66293, 66301, 66337, 66343, 66347,
- 66359, 66361, 66373, 66377, 66383, 66403, 66413, 66431, 66449, 66457, 66463,
- 66467, 66491, 66499, 66509, 66523, 66529, 66533, 66541, 66553, 66569, 66571,
- 66587, 66593, 66601, 66617, 66629, 66643, 66653, 66683, 66697, 66701, 66713,
- 66721, 66733, 66739, 66749, 66751, 66763, 66791, 66797, 66809, 66821, 66841,
- 66851, 66853, 66863, 66877, 66883, 66889, 66919, 66923, 66931, 66943, 66947,
- 66949, 66959, 66973, 66977, 67003, 67021, 67033, 67043, 67049, 67057, 67061,
- 67073, 67079, 67103, 67121, 67129, 67139, 67141, 67153, 67157, 67169, 67181,
- 67187, 67189, 67211, 67213, 67217, 67219, 67231, 67247, 67261, 67271, 67273,
- 67289, 67307, 67339, 67343, 67349, 67369, 67391, 67399, 67409, 67411, 67421,
- 67427, 67429, 67433, 67447, 67453, 67477, 67481, 67489, 67493, 67499, 67511,
- 67523, 67531, 67537, 67547, 67559, 67567, 67577, 67579, 67589, 67601, 67607,
- 67619, 67631, 67651, 67679, 67699, 67709, 67723, 67733, 67741, 67751, 67757,
- 67759, 67763, 67777, 67783, 67789, 67801, 67807, 67819, 67829, 67843, 67853,
- 67867, 67883, 67891, 67901, 67927, 67931, 67933, 67939, 67943, 67957, 67961,
- 67967, 67979, 67987, 67993, 68023, 68041, 68053, 68059, 68071, 68087, 68099,
- 68111, 68113, 68141, 68147, 68161, 68171, 68207, 68209, 68213, 68219, 68227,
- 68239, 68261, 68279, 68281, 68311, 68329, 68351, 68371, 68389, 68399, 68437,
- 68443, 68447, 68449, 68473, 68477, 68483, 68489, 68491, 68501, 68507, 68521,
- 68531, 68539, 68543, 68567, 68581, 68597, 68611, 68633, 68639, 68659, 68669,
- 68683, 68687, 68699, 68711, 68713, 68729, 68737, 68743, 68749, 68767, 68771,
- 68777, 68791, 68813, 68819, 68821, 68863, 68879, 68881, 68891, 68897, 68899,
- 68903, 68909, 68917, 68927, 68947, 68963, 68993, 69001, 69011, 69019, 69029,
- 69031, 69061, 69067, 69073, 69109, 69119, 69127, 69143, 69149, 69151, 69163,
- 69191, 69193, 69197, 69203, 69221, 69233, 69239, 69247, 69257, 69259, 69263,
- 69313, 69317, 69337, 69341, 69371, 69379, 69383, 69389, 69401, 69403, 69427,
- 69431, 69439, 69457, 69463, 69467, 69473, 69481, 69491, 69493, 69497, 69499,
- 69539, 69557, 69593, 69623, 69653, 69661, 69677, 69691, 69697, 69709, 69737,
- 69739, 69761, 69763, 69767, 69779, 69809, 69821, 69827, 69829, 69833, 69847,
- 69857, 69859, 69877, 69899, 69911, 69929, 69931, 69941, 69959, 69991, 69997,
- 70001, 70003, 70009, 70019, 70039, 70051, 70061, 70067, 70079, 70099, 70111,
- 70117, 70121, 70123, 70139, 70141, 70157, 70163, 70177, 70181, 70183, 70199,
- 70201, 70207, 70223, 70229, 70237, 70241, 70249, 70271, 70289, 70297, 70309,
- 70313, 70321, 70327, 70351, 70373, 70379, 70381, 70393, 70423, 70429, 70439,
- 70451, 70457, 70459, 70481, 70487, 70489, 70501, 70507, 70529, 70537, 70549,
- 70571, 70573, 70583, 70589, 70607, 70619, 70621, 70627, 70639, 70657, 70663,
- 70667, 70687, 70709, 70717, 70729, 70753, 70769, 70783, 70793, 70823, 70841,
- 70843, 70849, 70853, 70867, 70877, 70879, 70891, 70901, 70913, 70919, 70921,
- 70937, 70949, 70951, 70957, 70969, 70979, 70981, 70991, 70997, 70999, 71011,
- 71023, 71039, 71059, 71069, 71081, 71089, 71119, 71129, 71143, 71147, 71153,
- 71161, 71167, 71171, 71191, 71209, 71233, 71237, 71249, 71257, 71261, 71263,
- 71287, 71293, 71317, 71327, 71329, 71333, 71339, 71341, 71347, 71353, 71359,
- 71363, 71387, 71389, 71399, 71411, 71413, 71419, 71429, 71437, 71443, 71453,
- 71471, 71473, 71479, 71483, 71503, 71527, 71537, 71549, 71551, 71563, 71569,
- 71593, 71597, 71633, 71647, 71663, 71671, 71693, 71699, 71707, 71711, 71713,
- 71719, 71741, 71761, 71777, 71789, 71807, 71809, 71821, 71837, 71843, 71849,
- 71861, 71867, 71879, 71881, 71887, 71899, 71909, 71917, 71933, 71941, 71947,
- 71963, 71971, 71983, 71987, 71993, 71999, 72019, 72031, 72043, 72047, 72053,
- 72073, 72077, 72089, 72091, 72101, 72103, 72109, 72139, 72161, 72167, 72169,
- 72173, 72211, 72221, 72223, 72227, 72229, 72251, 72253, 72269, 72271, 72277,
- 72287, 72307, 72313, 72337, 72341, 72353, 72367, 72379, 72383, 72421, 72431,
- 72461, 72467, 72469, 72481, 72493, 72497, 72503, 72533, 72547, 72551, 72559,
- 72577, 72613, 72617, 72623, 72643, 72647, 72649, 72661, 72671, 72673, 72679,
- 72689, 72701, 72707, 72719, 72727, 72733, 72739, 72763, 72767, 72797, 72817,
- 72823, 72859, 72869, 72871, 72883, 72889, 72893, 72901, 72907, 72911, 72923,
- 72931, 72937, 72949, 72953, 72959, 72973, 72977, 72997, 73009, 73013, 73019,
- 73037, 73039, 73043, 73061, 73063, 73079, 73091, 73121, 73127, 73133, 73141,
- 73181, 73189, 73237, 73243, 73259, 73277, 73291, 73303, 73309, 73327, 73331,
- 73351, 73361, 73363, 73369, 73379, 73387, 73417, 73421, 73433, 73453, 73459,
- 73471, 73477, 73483, 73517, 73523, 73529, 73547, 73553, 73561, 73571, 73583,
- 73589, 73597, 73607, 73609, 73613, 73637, 73643, 73651, 73673, 73679, 73681,
- 73693, 73699, 73709, 73721, 73727, 73751, 73757, 73771, 73783, 73819, 73823,
- 73847, 73849, 73859, 73867, 73877, 73883, 73897, 73907, 73939, 73943, 73951,
- 73961, 73973, 73999, 74017, 74021, 74027, 74047, 74051, 74071, 74077, 74093,
- 74099, 74101, 74131, 74143, 74149, 74159, 74161, 74167, 74177, 74189, 74197,
- 74201, 74203, 74209, 74219, 74231, 74257, 74279, 74287, 74293, 74297, 74311,
- 74317, 74323, 74353, 74357, 74363, 74377, 74381, 74383, 74411, 74413, 74419,
- 74441, 74449, 74453, 74471, 74489, 74507, 74509, 74521, 74527, 74531, 74551,
- 74561, 74567, 74573, 74587, 74597, 74609, 74611, 74623, 74653, 74687, 74699,
- 74707, 74713, 74717, 74719, 74729, 74731, 74747, 74759, 74761, 74771, 74779,
- 74797, 74821, 74827, 74831, 74843, 74857, 74861, 74869, 74873, 74887, 74891,
- 74897, 74903, 74923, 74929, 74933, 74941, 74959, 75011, 75013, 75017, 75029,
- 75037, 75041, 75079, 75083, 75109, 75133, 75149, 75161, 75167, 75169, 75181,
- 75193, 75209, 75211, 75217, 75223, 75227, 75239, 75253, 75269, 75277, 75289,
- 75307, 75323, 75329, 75337, 75347, 75353, 75367, 75377, 75389, 75391, 75401,
- 75403, 75407, 75431, 75437, 75479, 75503, 75511, 75521, 75527, 75533, 75539,
- 75541, 75553, 75557, 75571, 75577, 75583, 75611, 75617, 75619, 75629, 75641,
- 75653, 75659, 75679, 75683, 75689, 75703, 75707, 75709, 75721, 75731, 75743,
- 75767, 75773, 75781, 75787, 75793, 75797, 75821, 75833, 75853, 75869, 75883,
- 75913, 75931, 75937, 75941, 75967, 75979, 75983, 75989, 75991, 75997, 76001,
- 76003, 76031, 76039, 76079, 76081, 76091, 76099, 76103, 76123, 76129, 76147,
- 76157, 76159, 76163, 76207, 76213, 76231, 76243, 76249, 76253, 76259, 76261,
- 76283, 76289, 76303, 76333, 76343, 76367, 76369, 76379, 76387, 76403, 76421,
- 76423, 76441, 76463, 76471, 76481, 76487, 76493, 76507, 76511, 76519, 76537,
- 76541, 76543, 76561, 76579, 76597, 76603, 76607, 76631, 76649, 76651, 76667,
- 76673, 76679, 76697, 76717, 76733, 76753, 76757, 76771, 76777, 76781, 76801,
- 76819, 76829, 76831, 76837, 76847, 76871, 76873, 76883, 76907, 76913, 76919,
- 76943, 76949, 76961, 76963, 76991, 77003, 77017, 77023, 77029, 77041, 77047,
- 77069, 77081, 77093, 77101, 77137, 77141, 77153, 77167, 77171, 77191, 77201,
- 77213, 77237, 77239, 77243, 77249, 77261, 77263, 77267, 77269, 77279, 77291,
- 77317, 77323, 77339, 77347, 77351, 77359, 77369, 77377, 77383, 77417, 77419,
- 77431, 77447, 77471, 77477, 77479, 77489, 77491, 77509, 77513, 77521, 77527,
- 77543, 77549, 77551, 77557, 77563, 77569, 77573, 77587, 77591, 77611, 77617,
- 77621, 77641, 77647, 77659, 77681, 77687, 77689, 77699, 77711, 77713, 77719,
- 77723, 77731, 77743, 77747, 77761, 77773, 77783, 77797, 77801, 77813, 77839,
- 77849, 77863, 77867, 77893, 77899, 77929, 77933, 77951, 77969, 77977, 77983,
- 77999, 78007, 78017, 78031, 78041, 78049, 78059, 78079, 78101, 78121, 78137,
- 78139, 78157, 78163, 78167, 78173, 78179, 78191, 78193, 78203, 78229, 78233,
- 78241, 78259, 78277, 78283, 78301, 78307, 78311, 78317, 78341, 78347, 78367,
- 78401, 78427, 78437, 78439, 78467, 78479, 78487, 78497, 78509, 78511, 78517,
- 78539, 78541, 78553, 78569, 78571, 78577, 78583, 78593, 78607, 78623, 78643,
- 78649, 78653, 78691, 78697, 78707, 78713, 78721, 78737, 78779, 78781, 78787,
- 78791, 78797, 78803, 78809, 78823, 78839, 78853, 78857, 78877, 78887, 78889,
- 78893, 78901, 78919, 78929, 78941, 78977, 78979, 78989, 79031, 79039, 79043,
- 79063, 79087, 79103, 79111, 79133, 79139, 79147, 79151, 79153, 79159, 79181,
- 79187, 79193, 79201, 79229, 79231, 79241, 79259, 79273, 79279, 79283, 79301,
- 79309, 79319, 79333, 79337, 79349, 79357, 79367, 79379, 79393, 79397, 79399,
- 79411, 79423, 79427, 79433, 79451, 79481, 79493, 79531, 79537, 79549, 79559,
- 79561, 79579, 79589, 79601, 79609, 79613, 79621, 79627, 79631, 79633, 79657,
- 79669, 79687, 79691, 79693, 79697, 79699, 79757, 79769, 79777, 79801, 79811,
- 79813, 79817, 79823, 79829, 79841, 79843, 79847, 79861, 79867, 79873, 79889,
- 79901, 79903, 79907, 79939, 79943, 79967, 79973, 79979, 79987, 79997, 79999,
- 80021, 80039, 80051, 80071, 80077, 80107, 80111, 80141, 80147, 80149, 80153,
- 80167, 80173, 80177, 80191, 80207, 80209, 80221, 80231, 80233, 80239, 80251,
- 80263, 80273, 80279, 80287, 80309, 80317, 80329, 80341, 80347, 80363, 80369,
- 80387, 80407, 80429, 80447, 80449, 80471, 80473, 80489, 80491, 80513, 80527,
- 80537, 80557, 80567, 80599, 80603, 80611, 80621, 80627, 80629, 80651, 80657,
- 80669, 80671, 80677, 80681, 80683, 80687, 80701, 80713, 80737, 80747, 80749,
- 80761, 80777, 80779, 80783, 80789, 80803, 80809, 80819, 80831, 80833, 80849,
- 80863, 80897, 80909, 80911, 80917, 80923, 80929, 80933, 80953, 80963, 80989,
- 81001, 81013, 81017, 81019, 81023, 81031, 81041, 81043, 81047, 81049, 81071,
- 81077, 81083, 81097, 81101, 81119, 81131, 81157, 81163, 81173, 81181, 81197,
- 81199, 81203, 81223, 81233, 81239, 81281, 81283, 81293, 81299, 81307, 81331,
- 81343, 81349, 81353, 81359, 81371, 81373, 81401, 81409, 81421, 81439, 81457,
- 81463, 81509, 81517, 81527, 81533, 81547, 81551, 81553, 81559, 81563, 81569,
- 81611, 81619, 81629, 81637, 81647, 81649, 81667, 81671, 81677, 81689, 81701,
- 81703, 81707, 81727, 81737, 81749, 81761, 81769, 81773, 81799, 81817, 81839,
- 81847, 81853, 81869, 81883, 81899, 81901, 81919, 81929, 81931, 81937, 81943,
- 81953, 81967, 81971, 81973, 82003, 82007, 82009, 82013, 82021, 82031, 82037,
- 82039, 82051, 82067, 82073, 82129, 82139, 82141, 82153, 82163, 82171, 82183,
- 82189, 82193, 82207, 82217, 82219, 82223, 82231, 82237, 82241, 82261, 82267,
- 82279, 82301, 82307, 82339, 82349, 82351, 82361, 82373, 82387, 82393, 82421,
- 82457, 82463, 82469, 82471, 82483, 82487, 82493, 82499, 82507, 82529, 82531,
- 82549, 82559, 82561, 82567, 82571, 82591, 82601, 82609, 82613, 82619, 82633,
- 82651, 82657, 82699, 82721, 82723, 82727, 82729, 82757, 82759, 82763, 82781,
- 82787, 82793, 82799, 82811, 82813, 82837, 82847, 82883, 82889, 82891, 82903,
- 82913, 82939, 82963, 82981, 82997, 83003, 83009, 83023, 83047, 83059, 83063,
- 83071, 83077, 83089, 83093, 83101, 83117, 83137, 83177, 83203, 83207, 83219,
- 83221, 83227, 83231, 83233, 83243, 83257, 83267, 83269, 83273, 83299, 83311,
- 83339, 83341, 83357, 83383, 83389, 83399, 83401, 83407, 83417, 83423, 83431,
- 83437, 83443, 83449, 83459, 83471, 83477, 83497, 83537, 83557, 83561, 83563,
- 83579, 83591, 83597, 83609, 83617, 83621, 83639, 83641, 83653, 83663, 83689,
- 83701, 83717, 83719, 83737, 83761, 83773, 83777, 83791, 83813, 83833, 83843,
- 83857, 83869, 83873, 83891, 83903, 83911, 83921, 83933, 83939, 83969, 83983,
- 83987, 84011, 84017, 84047, 84053, 84059, 84061, 84067, 84089, 84121, 84127,
- 84131, 84137, 84143, 84163, 84179, 84181, 84191, 84199, 84211, 84221, 84223,
- 84229, 84239, 84247, 84263, 84299, 84307, 84313, 84317, 84319, 84347, 84349,
- 84377, 84389, 84391, 84401, 84407, 84421, 84431, 84437, 84443, 84449, 84457,
- 84463, 84467, 84481, 84499, 84503, 84509, 84521, 84523, 84533, 84551, 84559,
- 84589, 84629, 84631, 84649, 84653, 84659, 84673, 84691, 84697, 84701, 84713,
- 84719, 84731, 84737, 84751, 84761, 84787, 84793, 84809, 84811, 84827, 84857,
- 84859, 84869, 84871, 84913, 84919, 84947, 84961, 84967, 84977, 84979, 84991,
- 85009, 85021, 85027, 85037, 85049, 85061, 85081, 85087, 85091, 85093, 85103,
- 85109, 85121, 85133, 85147, 85159, 85193, 85199, 85201, 85213, 85223, 85229,
- 85237, 85243, 85247, 85259, 85297, 85303, 85313, 85331, 85333, 85361, 85363,
- 85369, 85381, 85411, 85427, 85429, 85439, 85447, 85451, 85453, 85469, 85487,
- 85513, 85517, 85523, 85531, 85549, 85571, 85577, 85597, 85601, 85607, 85619,
- 85621, 85627, 85639, 85643, 85661, 85667, 85669, 85691, 85703, 85711, 85717,
- 85733, 85751, 85781, 85793, 85817, 85819, 85829, 85831, 85837, 85843, 85847,
- 85853, 85889, 85903, 85909, 85931, 85933, 85991, 85999, 86011, 86017, 86027,
- 86029, 86069, 86077, 86083, 86111, 86113, 86117, 86131, 86137, 86143, 86161,
- 86171, 86179, 86183, 86197, 86201, 86209, 86239, 86243, 86249, 86257, 86263,
- 86269, 86287, 86291, 86293, 86297, 86311, 86323, 86341, 86351, 86353, 86357,
- 86369, 86371, 86381, 86389, 86399, 86413, 86423, 86441, 86453, 86461, 86467,
- 86477, 86491, 86501, 86509, 86531, 86533, 86539, 86561, 86573, 86579, 86587,
- 86599, 86627, 86629, 86677, 86689, 86693, 86711, 86719, 86729, 86743, 86753,
- 86767, 86771, 86783, 86813, 86837, 86843, 86851, 86857, 86861, 86869, 86923,
- 86927, 86929, 86939, 86951, 86959, 86969, 86981, 86993, 87011, 87013, 87037,
- 87041, 87049, 87071, 87083, 87103, 87107, 87119, 87121, 87133, 87149, 87151,
- 87179, 87181, 87187, 87211, 87221, 87223, 87251, 87253, 87257, 87277, 87281,
- 87293, 87299, 87313, 87317, 87323, 87337, 87359, 87383, 87403, 87407, 87421,
- 87427, 87433, 87443, 87473, 87481, 87491, 87509, 87511, 87517, 87523, 87539,
- 87541, 87547, 87553, 87557, 87559, 87583, 87587, 87589, 87613, 87623, 87629,
- 87631, 87641, 87643, 87649, 87671, 87679, 87683, 87691, 87697, 87701, 87719,
- 87721, 87739, 87743, 87751, 87767, 87793, 87797, 87803, 87811, 87833, 87853,
- 87869, 87877, 87881, 87887, 87911, 87917, 87931, 87943, 87959, 87961, 87973,
- 87977, 87991, 88001, 88003, 88007, 88019, 88037, 88069, 88079, 88093, 88117,
- 88129, 88169, 88177, 88211, 88223, 88237, 88241, 88259, 88261, 88289, 88301,
- 88321, 88327, 88337, 88339, 88379, 88397, 88411, 88423, 88427, 88463, 88469,
- 88471, 88493, 88499, 88513, 88523, 88547, 88589, 88591, 88607, 88609, 88643,
- 88651, 88657, 88661, 88663, 88667, 88681, 88721, 88729, 88741, 88747, 88771,
- 88789, 88793, 88799, 88801, 88807, 88811, 88813, 88817, 88819, 88843, 88853,
- 88861, 88867, 88873, 88883, 88897, 88903, 88919, 88937, 88951, 88969, 88993,
- 88997, 89003, 89009, 89017, 89021, 89041, 89051, 89057, 89069, 89071, 89083,
- 89087, 89101, 89107, 89113, 89119, 89123, 89137, 89153, 89189, 89203, 89209,
- 89213, 89227, 89231, 89237, 89261, 89269, 89273, 89293, 89303, 89317, 89329,
- 89363, 89371, 89381, 89387, 89393, 89399, 89413, 89417, 89431, 89443, 89449,
- 89459, 89477, 89491, 89501, 89513, 89519, 89521, 89527, 89533, 89561, 89563,
- 89567, 89591, 89597, 89599, 89603, 89611, 89627, 89633, 89653, 89657, 89659,
- 89669, 89671, 89681, 89689, 89753, 89759, 89767, 89779, 89783, 89797, 89809,
- 89819, 89821, 89833, 89839, 89849, 89867, 89891, 89897, 89899, 89909, 89917,
- 89923, 89939, 89959, 89963, 89977, 89983, 89989, 90001, 90007, 90011, 90017,
- 90019, 90023, 90031, 90053, 90059, 90067, 90071, 90073, 90089, 90107, 90121,
- 90127, 90149, 90163, 90173, 90187, 90191, 90197, 90199, 90203, 90217, 90227,
- 90239, 90247, 90263, 90271, 90281, 90289, 90313, 90353, 90359, 90371, 90373,
- 90379, 90397, 90401, 90403, 90407, 90437, 90439, 90469, 90473, 90481, 90499,
- 90511, 90523, 90527, 90529, 90533, 90547, 90583, 90599, 90617, 90619, 90631,
- 90641, 90647, 90659, 90677, 90679, 90697, 90703, 90709, 90731, 90749, 90787,
- 90793, 90803, 90821, 90823, 90833, 90841, 90847, 90863, 90887, 90901, 90907,
- 90911, 90917, 90931, 90947, 90971, 90977, 90989, 90997, 91009, 91019, 91033,
- 91079, 91081, 91097, 91099, 91121, 91127, 91129, 91139, 91141, 91151, 91153,
- 91159, 91163, 91183, 91193, 91199, 91229, 91237, 91243, 91249, 91253, 91283,
- 91291, 91297, 91303, 91309, 91331, 91367, 91369, 91373, 91381, 91387, 91393,
- 91397, 91411, 91423, 91433, 91453, 91457, 91459, 91463, 91493, 91499, 91513,
- 91529, 91541, 91571, 91573, 91577, 91583, 91591, 91621, 91631, 91639, 91673,
- 91691, 91703, 91711, 91733, 91753, 91757, 91771, 91781, 91801, 91807, 91811,
- 91813, 91823, 91837, 91841, 91867, 91873, 91909, 91921, 91939, 91943, 91951,
- 91957, 91961, 91967, 91969, 91997, 92003, 92009, 92033, 92041, 92051, 92077,
- 92083, 92107, 92111, 92119, 92143, 92153, 92173, 92177, 92179, 92189, 92203,
- 92219, 92221, 92227, 92233, 92237, 92243, 92251, 92269, 92297, 92311, 92317,
- 92333, 92347, 92353, 92357, 92363, 92369, 92377, 92381, 92383, 92387, 92399,
- 92401, 92413, 92419, 92431, 92459, 92461, 92467, 92479, 92489, 92503, 92507,
- 92551, 92557, 92567, 92569, 92581, 92593, 92623, 92627, 92639, 92641, 92647,
- 92657, 92669, 92671, 92681, 92683, 92693, 92699, 92707, 92717, 92723, 92737,
- 92753, 92761, 92767, 92779, 92789, 92791, 92801, 92809, 92821, 92831, 92849,
- 92857, 92861, 92863, 92867, 92893, 92899, 92921, 92927, 92941, 92951, 92957,
- 92959, 92987, 92993, 93001, 93047, 93053, 93059, 93077, 93083, 93089, 93097,
- 93103, 93113, 93131, 93133, 93139, 93151, 93169, 93179, 93187, 93199, 93229,
- 93239, 93241, 93251, 93253, 93257, 93263, 93281, 93283, 93287, 93307, 93319,
- 93323, 93329, 93337, 93371, 93377, 93383, 93407, 93419, 93427, 93463, 93479,
- 93481, 93487, 93491, 93493, 93497, 93503, 93523, 93529, 93553, 93557, 93559,
- 93563, 93581, 93601, 93607, 93629, 93637, 93683, 93701, 93703, 93719, 93739,
- 93761, 93763, 93787, 93809, 93811, 93827, 93851, 93871, 93887, 93889, 93893,
- 93901, 93911, 93913, 93923, 93937, 93941, 93949, 93967, 93971, 93979, 93983,
- 93997, 94007, 94009, 94033, 94049, 94057, 94063, 94079, 94099, 94109, 94111,
- 94117, 94121, 94151, 94153, 94169, 94201, 94207, 94219, 94229, 94253, 94261,
- 94273, 94291, 94307, 94309, 94321, 94327, 94331, 94343, 94349, 94351, 94379,
- 94397, 94399, 94421, 94427, 94433, 94439, 94441, 94447, 94463, 94477, 94483,
- 94513, 94529, 94531, 94541, 94543, 94547, 94559, 94561, 94573, 94583, 94597,
- 94603, 94613, 94621, 94649, 94651, 94687, 94693, 94709, 94723, 94727, 94747,
- 94771, 94777, 94781, 94789, 94793, 94811, 94819, 94823, 94837, 94841, 94847,
- 94849, 94873, 94889, 94903, 94907, 94933, 94949, 94951, 94961, 94993, 94999,
- 95003, 95009, 95021, 95027, 95063, 95071, 95083, 95087, 95089, 95093, 95101,
- 95107, 95111, 95131, 95143, 95153, 95177, 95189, 95191, 95203, 95213, 95219,
- 95231, 95233, 95239, 95257, 95261, 95267, 95273, 95279, 95287, 95311, 95317,
- 95327, 95339, 95369, 95383, 95393, 95401, 95413, 95419, 95429, 95441, 95443,
- 95461, 95467, 95471, 95479, 95483, 95507, 95527, 95531, 95539, 95549, 95561,
- 95569, 95581, 95597, 95603, 95617, 95621, 95629, 95633, 95651, 95701, 95707,
- 95713, 95717, 95723, 95731, 95737, 95747, 95773, 95783, 95789, 95791, 95801,
- 95803, 95813, 95819, 95857, 95869, 95873, 95881, 95891, 95911, 95917, 95923,
- 95929, 95947, 95957, 95959, 95971, 95987, 95989, 96001, 96013, 96017, 96043,
- 96053, 96059, 96079, 96097, 96137, 96149, 96157, 96167, 96179, 96181, 96199,
- 96211, 96221, 96223, 96233, 96259, 96263, 96269, 96281, 96289, 96293, 96323,
- 96329, 96331, 96337, 96353, 96377, 96401, 96419, 96431, 96443, 96451, 96457,
- 96461, 96469, 96479, 96487, 96493, 96497, 96517, 96527, 96553, 96557, 96581,
- 96587, 96589, 96601, 96643, 96661, 96667, 96671, 96697, 96703, 96731, 96737,
- 96739, 96749, 96757, 96763, 96769, 96779, 96787, 96797, 96799, 96821, 96823,
- 96827, 96847, 96851, 96857, 96893, 96907, 96911, 96931, 96953, 96959, 96973,
- 96979, 96989, 96997, 97001, 97003, 97007, 97021, 97039, 97073, 97081, 97103,
- 97117, 97127, 97151, 97157, 97159, 97169, 97171, 97177, 97187, 97213, 97231,
- 97241, 97259, 97283, 97301, 97303, 97327, 97367, 97369, 97373, 97379, 97381,
- 97387, 97397, 97423, 97429, 97441, 97453, 97459, 97463, 97499, 97501, 97511,
- 97523, 97547, 97549, 97553, 97561, 97571, 97577, 97579, 97583, 97607, 97609,
- 97613, 97649, 97651, 97673, 97687, 97711, 97729, 97771, 97777, 97787, 97789,
- 97813, 97829, 97841, 97843, 97847, 97849, 97859, 97861, 97871, 97879, 97883,
- 97919, 97927, 97931, 97943, 97961, 97967, 97973, 97987, 98009, 98011, 98017,
- 98041, 98047, 98057, 98081, 98101, 98123, 98129, 98143, 98179, 98207, 98213,
- 98221, 98227, 98251, 98257, 98269, 98297, 98299, 98317, 98321, 98323, 98327,
- 98347, 98369, 98377, 98387, 98389, 98407, 98411, 98419, 98429, 98443, 98453,
- 98459, 98467, 98473, 98479, 98491, 98507, 98519, 98533, 98543, 98561, 98563,
- 98573, 98597, 98621, 98627, 98639, 98641, 98663, 98669, 98689, 98711, 98713,
- 98717, 98729, 98731, 98737, 98773, 98779, 98801, 98807, 98809, 98837, 98849,
- 98867, 98869, 98873, 98887, 98893, 98897, 98899, 98909, 98911, 98927, 98929,
- 98939, 98947, 98953, 98963, 98981, 98993, 98999, 99013, 99017, 99023, 99041,
- 99053, 99079, 99083, 99089, 99103, 99109, 99119, 99131, 99133, 99137, 99139,
- 99149, 99173, 99181, 99191, 99223, 99233, 99241, 99251, 99257, 99259, 99277,
- 99289, 99317, 99347, 99349, 99367, 99371, 99377, 99391, 99397, 99401, 99409,
- 99431, 99439, 99469, 99487, 99497, 99523, 99527, 99529, 99551, 99559, 99563,
- 99571, 99577, 99581, 99607, 99611, 99623, 99643, 99661, 99667, 99679, 99689,
- 99707, 99709, 99713, 99719, 99721, 99733, 99761, 99767, 99787, 99793, 99809,
- 99817, 99823, 99829, 99833, 99839, 99859, 99871, 99877, 99881, 99901, 99907,
- 99923, 99929, 99961, 99971, 99989, 99991, 100003, 100019, 100043, 100049,
- 100057, 100069, 100103, 100109, 100129, 100151, 100153, 100169, 100183,
- 100189, 100193, 100207, 100213, 100237, 100267, 100271, 100279, 100291,
- 100297, 100313, 100333, 100343, 100357, 100361, 100363, 100379, 100391,
- 100393, 100403, 100411, 100417, 100447, 100459, 100469, 100483, 100493,
- 100501, 100511, 100517, 100519, 100523, 100537, 100547, 100549, 100559,
- 100591, 100609, 100613, 100621, 100649, 100669, 100673, 100693, 100699,
- 100703, 100733, 100741, 100747, 100769, 100787, 100799, 100801, 100811,
- 100823, 100829, 100847, 100853, 100907, 100913, 100927, 100931, 100937,
- 100943, 100957, 100981, 100987, 100999, 101009, 101021, 101027, 101051,
- 101063, 101081, 101089, 101107, 101111, 101113, 101117, 101119, 101141,
- 101149, 101159, 101161, 101173, 101183, 101197, 101203, 101207, 101209,
- 101221, 101267, 101273, 101279, 101281, 101287, 101293, 101323, 101333,
- 101341, 101347, 101359, 101363, 101377, 101383, 101399, 101411, 101419,
- 101429, 101449, 101467, 101477, 101483, 101489, 101501, 101503, 101513,
- 101527, 101531, 101533, 101537, 101561, 101573, 101581, 101599, 101603,
- 101611, 101627, 101641, 101653, 101663, 101681, 101693, 101701, 101719,
- 101723, 101737, 101741, 101747, 101749, 101771, 101789, 101797, 101807,
- 101833, 101837, 101839, 101863, 101869, 101873, 101879, 101891, 101917,
- 101921, 101929, 101939, 101957, 101963, 101977, 101987, 101999, 102001,
- 102013, 102019, 102023, 102031, 102043, 102059, 102061, 102071, 102077,
- 102079, 102101, 102103, 102107, 102121, 102139, 102149, 102161, 102181,
- 102191, 102197, 102199, 102203, 102217, 102229, 102233, 102241, 102251,
- 102253, 102259, 102293, 102299, 102301, 102317, 102329, 102337, 102359,
- 102367, 102397, 102407, 102409, 102433, 102437, 102451, 102461, 102481,
- 102497, 102499, 102503, 102523, 102533, 102539, 102547, 102551, 102559,
- 102563, 102587, 102593, 102607, 102611, 102643, 102647, 102653, 102667,
- 102673, 102677, 102679, 102701, 102761, 102763, 102769, 102793, 102797,
- 102811, 102829, 102841, 102859, 102871, 102877, 102881, 102911, 102913,
- 102929, 102931, 102953, 102967, 102983, 103001, 103007, 103043, 103049,
- 103067, 103069, 103079, 103087, 103091, 103093, 103099, 103123, 103141,
- 103171, 103177, 103183, 103217, 103231, 103237, 103289, 103291, 103307,
- 103319, 103333, 103349, 103357, 103387, 103391, 103393, 103399, 103409,
- 103421, 103423, 103451, 103457, 103471, 103483, 103511, 103529, 103549,
- 103553, 103561, 103567, 103573, 103577, 103583, 103591, 103613, 103619,
- 103643, 103651, 103657, 103669, 103681, 103687, 103699, 103703, 103723,
- 103769, 103787, 103801, 103811, 103813, 103837, 103841, 103843, 103867,
- 103889, 103903, 103913, 103919, 103951, 103963, 103967, 103969, 103979,
- 103981, 103991, 103993, 103997, 104003, 104009, 104021, 104033, 104047,
- 104053, 104059, 104087, 104089, 104107, 104113, 104119, 104123, 104147,
- 104149, 104161, 104173, 104179, 104183, 104207, 104231, 104233, 104239,
- 104243, 104281, 104287, 104297, 104309, 104311, 104323, 104327, 104347,
- 104369, 104381, 104383, 104393, 104399, 104417, 104459, 104471, 104473,
- 104479, 104491, 104513, 104527, 104537, 104543, 104549, 104551, 104561,
- 104579, 104593, 104597, 104623, 104639, 104651, 104659, 104677, 104681,
- 104683, 104693, 104701, 104707, 104711, 104717, 104723, 104729,
+static const int kPrimes[] = {
+ 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31,
+ 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79,
+ 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137,
+ 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193,
+ 197, 199, 211, 223, 227, 229, 233, 239, 241, 251, 257,
+ 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
+ 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389,
+ 397, 401, 409, 419, 421, 431, 433, 439, 443, 449, 457,
+ 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523,
+ 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601,
+ 607, 613, 617, 619, 631, 641, 643, 647, 653, 659, 661,
+ 673, 677, 683, 691, 701, 709, 719, 727, 733, 739, 743,
+ 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823,
+ 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887,
+ 907, 911, 919, 929, 937, 941, 947, 953, 967, 971, 977,
+ 983, 991, 997, 1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049,
+ 1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097, 1103, 1109, 1117,
+ 1123, 1129, 1151, 1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213,
+ 1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283, 1289,
+ 1291, 1297, 1301, 1303, 1307, 1319, 1321, 1327, 1361, 1367, 1373,
+ 1381, 1399, 1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451, 1453,
+ 1459, 1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511, 1523, 1531,
+ 1543, 1549, 1553, 1559, 1567, 1571, 1579, 1583, 1597, 1601, 1607,
+ 1609, 1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693,
+ 1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747, 1753, 1759, 1777,
+ 1783, 1787, 1789, 1801, 1811, 1823, 1831, 1847, 1861, 1867, 1871,
+ 1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949, 1951,
+ 1973, 1979, 1987, 1993, 1997, 1999, 2003, 2011, 2017, 2027, 2029,
+ 2039, 2053, 2063, 2069, 2081, 2083, 2087, 2089, 2099, 2111, 2113,
+ 2129, 2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203, 2207, 2213,
+ 2221, 2237, 2239, 2243, 2251, 2267, 2269, 2273, 2281, 2287, 2293,
+ 2297, 2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377,
+ 2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423, 2437, 2441, 2447,
+ 2459, 2467, 2473, 2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551,
+ 2557, 2579, 2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657, 2659,
+ 2663, 2671, 2677, 2683, 2687, 2689, 2693, 2699, 2707, 2711, 2713,
+ 2719, 2729, 2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791, 2797,
+ 2801, 2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861, 2879, 2887,
+ 2897, 2903, 2909, 2917, 2927, 2939, 2953, 2957, 2963, 2969, 2971,
+ 2999, 3001, 3011, 3019, 3023, 3037, 3041, 3049, 3061, 3067, 3079,
+ 3083, 3089, 3109, 3119, 3121, 3137, 3163, 3167, 3169, 3181, 3187,
+ 3191, 3203, 3209, 3217, 3221, 3229, 3251, 3253, 3257, 3259, 3271,
+ 3299, 3301, 3307, 3313, 3319, 3323, 3329, 3331, 3343, 3347, 3359,
+ 3361, 3371, 3373, 3389, 3391, 3407, 3413, 3433, 3449, 3457, 3461,
+ 3463, 3467, 3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533, 3539,
+ 3541, 3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607, 3613, 3617,
+ 3623, 3631, 3637, 3643, 3659, 3671, 3673, 3677, 3691, 3697, 3701,
+ 3709, 3719, 3727, 3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797,
+ 3803, 3821, 3823, 3833, 3847, 3851, 3853, 3863, 3877, 3881, 3889,
+ 3907, 3911, 3917, 3919, 3923, 3929, 3931, 3943, 3947, 3967, 3989,
+ 4001, 4003, 4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057, 4073,
+ 4079, 4091, 4093, 4099, 4111, 4127, 4129, 4133, 4139, 4153, 4157,
+ 4159, 4177, 4201, 4211, 4217, 4219, 4229, 4231, 4241, 4243, 4253,
+ 4259, 4261, 4271, 4273, 4283, 4289, 4297, 4327, 4337, 4339, 4349,
+ 4357, 4363, 4373, 4391, 4397, 4409, 4421, 4423, 4441, 4447, 4451,
+ 4457, 4463, 4481, 4483, 4493, 4507, 4513, 4517, 4519, 4523, 4547,
+ 4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621, 4637, 4639, 4643,
+ 4649, 4651, 4657, 4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729,
+ 4733, 4751, 4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813, 4817,
+ 4831, 4861, 4871, 4877, 4889, 4903, 4909, 4919, 4931, 4933, 4937,
+ 4943, 4951, 4957, 4967, 4969, 4973, 4987, 4993, 4999, 5003, 5009,
+ 5011, 5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087, 5099, 5101,
+ 5107, 5113, 5119, 5147, 5153, 5167, 5171, 5179, 5189, 5197, 5209,
+ 5227, 5231, 5233, 5237, 5261, 5273, 5279, 5281, 5297, 5303, 5309,
+ 5323, 5333, 5347, 5351, 5381, 5387, 5393, 5399, 5407, 5413, 5417,
+ 5419, 5431, 5437, 5441, 5443, 5449, 5471, 5477, 5479, 5483, 5501,
+ 5503, 5507, 5519, 5521, 5527, 5531, 5557, 5563, 5569, 5573, 5581,
+ 5591, 5623, 5639, 5641, 5647, 5651, 5653, 5657, 5659, 5669, 5683,
+ 5689, 5693, 5701, 5711, 5717, 5737, 5741, 5743, 5749, 5779, 5783,
+ 5791, 5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849, 5851, 5857,
+ 5861, 5867, 5869, 5879, 5881, 5897, 5903, 5923, 5927, 5939, 5953,
+ 5981, 5987, 6007, 6011, 6029, 6037, 6043, 6047, 6053, 6067, 6073,
+ 6079, 6089, 6091, 6101, 6113, 6121, 6131, 6133, 6143, 6151, 6163,
+ 6173, 6197, 6199, 6203, 6211, 6217, 6221, 6229, 6247, 6257, 6263,
+ 6269, 6271, 6277, 6287, 6299, 6301, 6311, 6317, 6323, 6329, 6337,
+ 6343, 6353, 6359, 6361, 6367, 6373, 6379, 6389, 6397, 6421, 6427,
+ 6449, 6451, 6469, 6473, 6481, 6491, 6521, 6529, 6547, 6551, 6553,
+ 6563, 6569, 6571, 6577, 6581, 6599, 6607, 6619, 6637, 6653, 6659,
+ 6661, 6673, 6679, 6689, 6691, 6701, 6703, 6709, 6719, 6733, 6737,
+ 6761, 6763, 6779, 6781, 6791, 6793, 6803, 6823, 6827, 6829, 6833,
+ 6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907, 6911, 6917, 6947,
+ 6949, 6959, 6961, 6967, 6971, 6977, 6983, 6991, 6997, 7001, 7013,
+ 7019, 7027, 7039, 7043, 7057, 7069, 7079, 7103, 7109, 7121, 7127,
+ 7129, 7151, 7159, 7177, 7187, 7193, 7207, 7211, 7213, 7219, 7229,
+ 7237, 7243, 7247, 7253, 7283, 7297, 7307, 7309, 7321, 7331, 7333,
+ 7349, 7351, 7369, 7393, 7411, 7417, 7433, 7451, 7457, 7459, 7477,
+ 7481, 7487, 7489, 7499, 7507, 7517, 7523, 7529, 7537, 7541, 7547,
+ 7549, 7559, 7561, 7573, 7577, 7583, 7589, 7591, 7603, 7607, 7621,
+ 7639, 7643, 7649, 7669, 7673, 7681, 7687, 7691, 7699, 7703, 7717,
+ 7723, 7727, 7741, 7753, 7757, 7759, 7789, 7793, 7817, 7823, 7829,
+ 7841, 7853, 7867, 7873, 7877, 7879, 7883, 7901, 7907, 7919, 7927,
+ 7933, 7937, 7949, 7951, 7963, 7993, 8009, 8011, 8017, 8039, 8053,
+ 8059, 8069, 8081, 8087, 8089, 8093, 8101, 8111, 8117, 8123, 8147,
+ 8161, 8167, 8171, 8179, 8191, 8209, 8219, 8221, 8231, 8233, 8237,
+ 8243, 8263, 8269, 8273, 8287, 8291, 8293, 8297, 8311, 8317, 8329,
+ 8353, 8363, 8369, 8377, 8387, 8389, 8419, 8423, 8429, 8431, 8443,
+ 8447, 8461, 8467, 8501, 8513, 8521, 8527, 8537, 8539, 8543, 8563,
+ 8573, 8581, 8597, 8599, 8609, 8623, 8627, 8629, 8641, 8647, 8663,
+ 8669, 8677, 8681, 8689, 8693, 8699, 8707, 8713, 8719, 8731, 8737,
+ 8741, 8747, 8753, 8761, 8779, 8783, 8803, 8807, 8819, 8821, 8831,
+ 8837, 8839, 8849, 8861, 8863, 8867, 8887, 8893, 8923, 8929, 8933,
+ 8941, 8951, 8963, 8969, 8971, 8999, 9001, 9007, 9011, 9013, 9029,
+ 9041, 9043, 9049, 9059, 9067, 9091, 9103, 9109, 9127, 9133, 9137,
+ 9151, 9157, 9161, 9173, 9181, 9187, 9199, 9203, 9209, 9221, 9227,
+ 9239, 9241, 9257, 9277, 9281, 9283, 9293, 9311, 9319, 9323, 9337,
+ 9341, 9343, 9349, 9371, 9377, 9391, 9397, 9403, 9413, 9419, 9421,
+ 9431, 9433, 9437, 9439, 9461, 9463, 9467, 9473, 9479, 9491, 9497,
+ 9511, 9521, 9533, 9539, 9547, 9551, 9587, 9601, 9613, 9619, 9623,
+ 9629, 9631, 9643, 9649, 9661, 9677, 9679, 9689, 9697, 9719, 9721,
+ 9733, 9739, 9743, 9749, 9767, 9769, 9781, 9787, 9791, 9803, 9811,
+ 9817, 9829, 9833, 9839, 9851, 9857, 9859, 9871, 9883, 9887, 9901,
+ 9907, 9923, 9929, 9931, 9941, 9949, 9967, 9973, 10007, 10009, 10037,
+ 10039, 10061, 10067, 10069, 10079, 10091, 10093, 10099, 10103, 10111, 10133,
+ 10139, 10141, 10151, 10159, 10163, 10169, 10177, 10181, 10193, 10211, 10223,
+ 10243, 10247, 10253, 10259, 10267, 10271, 10273, 10289, 10301, 10303, 10313,
+ 10321, 10331, 10333, 10337, 10343, 10357, 10369, 10391, 10399, 10427, 10429,
+ 10433, 10453, 10457, 10459, 10463, 10477, 10487, 10499, 10501, 10513, 10529,
+ 10531, 10559, 10567, 10589, 10597, 10601, 10607, 10613, 10627, 10631, 10639,
+ 10651, 10657, 10663, 10667, 10687, 10691, 10709, 10711, 10723, 10729, 10733,
+ 10739, 10753, 10771, 10781, 10789, 10799, 10831, 10837, 10847, 10853, 10859,
+ 10861, 10867, 10883, 10889, 10891, 10903, 10909, 10937, 10939, 10949, 10957,
+ 10973, 10979, 10987, 10993, 11003, 11027, 11047, 11057, 11059, 11069, 11071,
+ 11083, 11087, 11093, 11113, 11117, 11119, 11131, 11149, 11159, 11161, 11171,
+ 11173, 11177, 11197, 11213, 11239, 11243, 11251, 11257, 11261, 11273, 11279,
+ 11287, 11299, 11311, 11317, 11321, 11329, 11351, 11353, 11369, 11383, 11393,
+ 11399, 11411, 11423, 11437, 11443, 11447, 11467, 11471, 11483, 11489, 11491,
+ 11497, 11503, 11519, 11527, 11549, 11551, 11579, 11587, 11593, 11597, 11617,
+ 11621, 11633, 11657, 11677, 11681, 11689, 11699, 11701, 11717, 11719, 11731,
+ 11743, 11777, 11779, 11783, 11789, 11801, 11807, 11813, 11821, 11827, 11831,
+ 11833, 11839, 11863, 11867, 11887, 11897, 11903, 11909, 11923, 11927, 11933,
+ 11939, 11941, 11953, 11959, 11969, 11971, 11981, 11987, 12007, 12011, 12037,
+ 12041, 12043, 12049, 12071, 12073, 12097, 12101, 12107, 12109, 12113, 12119,
+ 12143, 12149, 12157, 12161, 12163, 12197, 12203, 12211, 12227, 12239, 12241,
+ 12251, 12253, 12263, 12269, 12277, 12281, 12289, 12301, 12323, 12329, 12343,
+ 12347, 12373, 12377, 12379, 12391, 12401, 12409, 12413, 12421, 12433, 12437,
+ 12451, 12457, 12473, 12479, 12487, 12491, 12497, 12503, 12511, 12517, 12527,
+ 12539, 12541, 12547, 12553, 12569, 12577, 12583, 12589, 12601, 12611, 12613,
+ 12619, 12637, 12641, 12647, 12653, 12659, 12671, 12689, 12697, 12703, 12713,
+ 12721, 12739, 12743, 12757, 12763, 12781, 12791, 12799, 12809, 12821, 12823,
+ 12829, 12841, 12853, 12889, 12893, 12899, 12907, 12911, 12917, 12919, 12923,
+ 12941, 12953, 12959, 12967, 12973, 12979, 12983, 13001, 13003, 13007, 13009,
+ 13033, 13037, 13043, 13049, 13063, 13093, 13099, 13103, 13109, 13121, 13127,
+ 13147, 13151, 13159, 13163, 13171, 13177, 13183, 13187, 13217, 13219, 13229,
+ 13241, 13249, 13259, 13267, 13291, 13297, 13309, 13313, 13327, 13331, 13337,
+ 13339, 13367, 13381, 13397, 13399, 13411, 13417, 13421, 13441, 13451, 13457,
+ 13463, 13469, 13477, 13487, 13499, 13513, 13523, 13537, 13553, 13567, 13577,
+ 13591, 13597, 13613, 13619, 13627, 13633, 13649, 13669, 13679, 13681, 13687,
+ 13691, 13693, 13697, 13709, 13711, 13721, 13723, 13729, 13751, 13757, 13759,
+ 13763, 13781, 13789, 13799, 13807, 13829, 13831, 13841, 13859, 13873, 13877,
+ 13879, 13883, 13901, 13903, 13907, 13913, 13921, 13931, 13933, 13963, 13967,
+ 13997, 13999, 14009, 14011, 14029, 14033, 14051, 14057, 14071, 14081, 14083,
+ 14087, 14107, 14143, 14149, 14153, 14159, 14173, 14177, 14197, 14207, 14221,
+ 14243, 14249, 14251, 14281, 14293, 14303, 14321, 14323, 14327, 14341, 14347,
+ 14369, 14387, 14389, 14401, 14407, 14411, 14419, 14423, 14431, 14437, 14447,
+ 14449, 14461, 14479, 14489, 14503, 14519, 14533, 14537, 14543, 14549, 14551,
+ 14557, 14561, 14563, 14591, 14593, 14621, 14627, 14629, 14633, 14639, 14653,
+ 14657, 14669, 14683, 14699, 14713, 14717, 14723, 14731, 14737, 14741, 14747,
+ 14753, 14759, 14767, 14771, 14779, 14783, 14797, 14813, 14821, 14827, 14831,
+ 14843, 14851, 14867, 14869, 14879, 14887, 14891, 14897, 14923, 14929, 14939,
+ 14947, 14951, 14957, 14969, 14983, 15013, 15017, 15031, 15053, 15061, 15073,
+ 15077, 15083, 15091, 15101, 15107, 15121, 15131, 15137, 15139, 15149, 15161,
+ 15173, 15187, 15193, 15199, 15217, 15227, 15233, 15241, 15259, 15263, 15269,
+ 15271, 15277, 15287, 15289, 15299, 15307, 15313, 15319, 15329, 15331, 15349,
+ 15359, 15361, 15373, 15377, 15383, 15391, 15401, 15413, 15427, 15439, 15443,
+ 15451, 15461, 15467, 15473, 15493, 15497, 15511, 15527, 15541, 15551, 15559,
+ 15569, 15581, 15583, 15601, 15607, 15619, 15629, 15641, 15643, 15647, 15649,
+ 15661, 15667, 15671, 15679, 15683, 15727, 15731, 15733, 15737, 15739, 15749,
+ 15761, 15767, 15773, 15787, 15791, 15797, 15803, 15809, 15817, 15823, 15859,
+ 15877, 15881, 15887, 15889, 15901, 15907, 15913, 15919, 15923, 15937, 15959,
+ 15971, 15973, 15991, 16001, 16007, 16033, 16057, 16061, 16063, 16067, 16069,
+ 16073, 16087, 16091, 16097, 16103, 16111, 16127, 16139, 16141, 16183, 16187,
+ 16189, 16193, 16217, 16223, 16229, 16231, 16249, 16253, 16267, 16273, 16301,
+ 16319, 16333, 16339, 16349, 16361, 16363, 16369, 16381, 16411, 16417, 16421,
+ 16427, 16433, 16447, 16451, 16453, 16477, 16481, 16487, 16493, 16519, 16529,
+ 16547, 16553, 16561, 16567, 16573, 16603, 16607, 16619, 16631, 16633, 16649,
+ 16651, 16657, 16661, 16673, 16691, 16693, 16699, 16703, 16729, 16741, 16747,
+ 16759, 16763, 16787, 16811, 16823, 16829, 16831, 16843, 16871, 16879, 16883,
+ 16889, 16901, 16903, 16921, 16927, 16931, 16937, 16943, 16963, 16979, 16981,
+ 16987, 16993, 17011, 17021, 17027, 17029, 17033, 17041, 17047, 17053, 17077,
+ 17093, 17099, 17107, 17117, 17123, 17137, 17159, 17167, 17183, 17189, 17191,
+ 17203, 17207, 17209, 17231, 17239, 17257, 17291, 17293, 17299, 17317, 17321,
+ 17327, 17333, 17341, 17351, 17359, 17377, 17383, 17387, 17389, 17393, 17401,
+ 17417, 17419, 17431, 17443, 17449, 17467, 17471, 17477, 17483, 17489, 17491,
+ 17497, 17509, 17519, 17539, 17551, 17569, 17573, 17579, 17581, 17597, 17599,
+ 17609, 17623, 17627, 17657, 17659, 17669, 17681, 17683, 17707, 17713, 17729,
+ 17737, 17747, 17749, 17761, 17783, 17789, 17791, 17807, 17827, 17837, 17839,
+ 17851, 17863, 17881, 17891, 17903, 17909, 17911, 17921, 17923, 17929, 17939,
+ 17957, 17959, 17971, 17977, 17981, 17987, 17989, 18013, 18041, 18043, 18047,
+ 18049, 18059, 18061, 18077, 18089, 18097, 18119, 18121, 18127, 18131, 18133,
+ 18143, 18149, 18169, 18181, 18191, 18199, 18211, 18217, 18223, 18229, 18233,
+ 18251, 18253, 18257, 18269, 18287, 18289, 18301, 18307, 18311, 18313, 18329,
+ 18341, 18353, 18367, 18371, 18379, 18397, 18401, 18413, 18427, 18433, 18439,
+ 18443, 18451, 18457, 18461, 18481, 18493, 18503, 18517, 18521, 18523, 18539,
+ 18541, 18553, 18583, 18587, 18593, 18617, 18637, 18661, 18671, 18679, 18691,
+ 18701, 18713, 18719, 18731, 18743, 18749, 18757, 18773, 18787, 18793, 18797,
+ 18803, 18839, 18859, 18869, 18899, 18911, 18913, 18917, 18919, 18947, 18959,
+ 18973, 18979, 19001, 19009, 19013, 19031, 19037, 19051, 19069, 19073, 19079,
+ 19081, 19087, 19121, 19139, 19141, 19157, 19163, 19181, 19183, 19207, 19211,
+ 19213, 19219, 19231, 19237, 19249, 19259, 19267, 19273, 19289, 19301, 19309,
+ 19319, 19333, 19373, 19379, 19381, 19387, 19391, 19403, 19417, 19421, 19423,
+ 19427, 19429, 19433, 19441, 19447, 19457, 19463, 19469, 19471, 19477, 19483,
+ 19489, 19501, 19507, 19531, 19541, 19543, 19553, 19559, 19571, 19577, 19583,
+ 19597, 19603, 19609, 19661, 19681, 19687, 19697, 19699, 19709, 19717, 19727,
+ 19739, 19751, 19753, 19759, 19763, 19777, 19793, 19801, 19813, 19819, 19841,
+ 19843, 19853, 19861, 19867, 19889, 19891, 19913, 19919, 19927, 19937, 19949,
+ 19961, 19963, 19973, 19979, 19991, 19993, 19997,
};
static bool TestPrimeChecking(BN_CTX *ctx) {
diff --git a/src/crypto/bn/internal.h b/src/crypto/bn/internal.h
index 7a3903b..e90b435 100644
--- a/src/crypto/bn/internal.h
+++ b/src/crypto/bn/internal.h
@@ -259,6 +259,10 @@
int bn_mod_inverse_secret_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx, const BN_MONT_CTX *mont_p);
+/* bn_jacobi returns the Jacobi symbol of |a| and |b| (which is -1, 0 or 1), or
+ * -2 on error. */
+int bn_jacobi(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+
#if defined(__cplusplus)
} /* extern C */
diff --git a/src/crypto/bn/kronecker.c b/src/crypto/bn/jacobi.c
similarity index 78%
rename from src/crypto/bn/kronecker.c
rename to src/crypto/bn/jacobi.c
index 2089851..93e8fd9 100644
--- a/src/crypto/bn/kronecker.c
+++ b/src/crypto/bn/jacobi.c
@@ -52,17 +52,15 @@
#include <openssl/bn.h>
+#include <openssl/err.h>
+
#include "internal.h"
/* least significant word */
#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
-/* Returns -2 for errors because both -1 and 0 are valid results. */
-int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) {
- int i;
- int ret = -2;
- BIGNUM *A, *B, *tmp;
+int bn_jacobi(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) {
/* In 'tab', only odd-indexed entries are relevant:
* For any odd BIGNUM n,
* tab[BN_lsw(n) & 7]
@@ -70,9 +68,22 @@
* Note that the sign of n does not matter. */
static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1};
+ /* The Jacobi symbol is only defined for odd modulus. */
+ if (!BN_is_odd(b)) {
+ OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS);
+ return -2;
+ }
+
+ /* Require b be positive. */
+ if (BN_is_negative(b)) {
+ OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
+ return -2;
+ }
+
+ int ret = -2;
BN_CTX_start(ctx);
- A = BN_CTX_get(ctx);
- B = BN_CTX_get(ctx);
+ BIGNUM *A = BN_CTX_get(ctx);
+ BIGNUM *B = BN_CTX_get(ctx);
if (B == NULL) {
goto end;
}
@@ -82,52 +93,11 @@
goto end;
}
- /* Kronecker symbol, imlemented according to Henri Cohen,
- * "A Course in Computational Algebraic Number Theory"
- * (algorithm 1.4.10). */
+ /* Adapted from logic to compute the Kronecker symbol, originally implemented
+ * according to Henri Cohen, "A Course in Computational Algebraic Number
+ * Theory" (algorithm 1.4.10). */
- /* Cohen's step 1: */
-
- if (BN_is_zero(B)) {
- ret = BN_abs_is_word(A, 1);
- goto end;
- }
-
- /* Cohen's step 2: */
-
- if (!BN_is_odd(A) && !BN_is_odd(B)) {
- ret = 0;
- goto end;
- }
-
- /* now B is non-zero */
- i = 0;
- while (!BN_is_bit_set(B, i)) {
- i++;
- }
- if (!BN_rshift(B, B, i)) {
- goto end;
- }
- if (i & 1) {
- /* i is odd */
- /* (thus B was even, thus A must be odd!) */
-
- /* set 'ret' to $(-1)^{(A^2-1)/8}$ */
- ret = tab[BN_lsw(A) & 7];
- } else {
- /* i is even */
- ret = 1;
- }
-
- if (B->neg) {
- B->neg = 0;
- if (A->neg) {
- ret = -ret;
- }
- }
-
- /* now B is positive and odd, so what remains to be done is to compute the
- * Jacobi symbol (A/B) and multiply it by 'ret' */
+ ret = 1;
while (1) {
/* Cohen's step 3: */
@@ -139,7 +109,7 @@
}
/* now A is non-zero */
- i = 0;
+ int i = 0;
while (!BN_is_bit_set(A, i)) {
i++;
}
@@ -164,7 +134,7 @@
ret = -2;
goto end;
}
- tmp = A;
+ BIGNUM *tmp = A;
A = B;
B = tmp;
tmp->neg = 0;
diff --git a/src/crypto/bn/prime.c b/src/crypto/bn/prime.c
index 8225c5b..3e2e6f5 100644
--- a/src/crypto/bn/prime.c
+++ b/src/crypto/bn/prime.c
@@ -117,7 +117,6 @@
* Zimmermann's, as implemented in PGP. I have had a read of his comments and
* implemented my own version. */
-/* NUMPRIMES is the number of primes that fit into a uint16_t. */
#define NUMPRIMES 2048
/* primes contains all the primes that fit into a uint16_t. */
diff --git a/src/crypto/bn/sqrt.c b/src/crypto/bn/sqrt.c
index f806ea2..0342bc0 100644
--- a/src/crypto/bn/sqrt.c
+++ b/src/crypto/bn/sqrt.c
@@ -56,6 +56,8 @@
#include <openssl/err.h>
+#include "internal.h"
+
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) {
/* Compute a square root of |a| mod |p| using the Tonelli/Shanks algorithm
@@ -253,7 +255,7 @@
}
}
- r = BN_kronecker(y, q, ctx); /* here 'q' is |p| */
+ r = bn_jacobi(y, q, ctx); /* here 'q' is |p| */
if (r < -1) {
goto end;
}
diff --git a/src/crypto/cmac/CMakeLists.txt b/src/crypto/cmac/CMakeLists.txt
index a346b24..4429903 100644
--- a/src/crypto/cmac/CMakeLists.txt
+++ b/src/crypto/cmac/CMakeLists.txt
@@ -7,14 +7,3 @@
cmac.c
)
-
-add_executable(
- cmac_test
-
- cmac_test.cc
-
- $<TARGET_OBJECTS:test_support>
-)
-
-target_link_libraries(cmac_test crypto)
-add_dependencies(all_tests cmac_test)
diff --git a/src/crypto/cmac/cmac_test.cc b/src/crypto/cmac/cmac_test.cc
index 7cb1df5..dbd63ea 100644
--- a/src/crypto/cmac/cmac_test.cc
+++ b/src/crypto/cmac/cmac_test.cc
@@ -16,6 +16,8 @@
#include <algorithm>
+#include <gtest/gtest.h>
+
#include <openssl/cipher.h>
#include <openssl/cmac.h>
#include <openssl/mem.h>
@@ -23,73 +25,38 @@
#include "../test/test_util.h"
-static void dump(const uint8_t *got, const uint8_t *want, size_t len) {
- hexdump(stderr, "got :", got, len);
- hexdump(stderr, "want:", want, len);
- fflush(stderr);
-}
+static void test(const char *name, const uint8_t *key, size_t key_len,
+ const uint8_t *msg, size_t msg_len, const uint8_t *expected) {
+ SCOPED_TRACE(name);
-static int test(const char *name, const uint8_t *key, size_t key_len,
- const uint8_t *msg, size_t msg_len, const uint8_t *expected) {
+ // Test the single-shot API.
uint8_t out[16];
-
- if (!AES_CMAC(out, key, key_len, msg, msg_len)) {
- fprintf(stderr, "%s: AES_CMAC failed\n", name);
- return 0;
- }
-
- if (CRYPTO_memcmp(out, expected, sizeof(out)) != 0) {
- fprintf(stderr, "%s: CMAC result differs:\n", name);
- dump(out, expected, sizeof(out));
- return 0;
- }
+ ASSERT_TRUE(AES_CMAC(out, key, key_len, msg, msg_len));
+ EXPECT_EQ(Bytes(expected, sizeof(out)), Bytes(out));
bssl::UniquePtr<CMAC_CTX> ctx(CMAC_CTX_new());
- if (!ctx || !CMAC_Init(ctx.get(), key, key_len, EVP_aes_128_cbc(), NULL)) {
- fprintf(stderr, "%s: CMAC_Init failed.\n", name);
- return 0;
- }
+ ASSERT_TRUE(ctx);
+ ASSERT_TRUE(CMAC_Init(ctx.get(), key, key_len, EVP_aes_128_cbc(), NULL));
for (unsigned chunk_size = 1; chunk_size <= msg_len; chunk_size++) {
- if (!CMAC_Reset(ctx.get())) {
- fprintf(stderr, "%s/%u: CMAC_Reset failed.\n", name, chunk_size);
- return 0;
- }
+ SCOPED_TRACE(chunk_size);
+
+ ASSERT_TRUE(CMAC_Reset(ctx.get()));
size_t done = 0;
while (done < msg_len) {
size_t todo = std::min(msg_len - done, static_cast<size_t>(chunk_size));
- if (!CMAC_Update(ctx.get(), msg + done, todo)) {
- fprintf(stderr, "%s/%u: CMAC_Update failed.\n", name, chunk_size);
- return 0;
- }
-
+ ASSERT_TRUE(CMAC_Update(ctx.get(), msg + done, todo));
done += todo;
}
size_t out_len;
- if (!CMAC_Final(ctx.get(), out, &out_len)) {
- fprintf(stderr, "%s/%u: CMAC_Final failed.\n", name, chunk_size);
- return 0;
- }
-
- if (out_len != sizeof(out)) {
- fprintf(stderr, "%s/%u: incorrect out_len: %u.\n", name, chunk_size,
- static_cast<unsigned>(out_len));
- return 0;
- }
-
- if (CRYPTO_memcmp(out, expected, sizeof(out)) != 0) {
- fprintf(stderr, "%s/%u: CMAC result differs:\n", name, chunk_size);
- dump(out, expected, sizeof(out));
- return 0;
- }
+ ASSERT_TRUE(CMAC_Final(ctx.get(), out, &out_len));
+ EXPECT_EQ(Bytes(expected, sizeof(out)), Bytes(out, out_len));
}
-
- return 1;
}
-static int rfc_4493_test_vectors(void) {
+TEST(CMACTest, RFC4493TestVectors) {
static const uint8_t kKey[16] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
@@ -132,21 +99,8 @@
0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe,
};
- if (!test("RFC 4493 #1", kKey, sizeof(kKey), NULL, 0, kOut1) ||
- !test("RFC 4493 #2", kKey, sizeof(kKey), kMsg2, sizeof(kMsg2), kOut2) ||
- !test("RFC 4493 #3", kKey, sizeof(kKey), kMsg3, sizeof(kMsg3), kOut3) ||
- !test("RFC 4493 #4", kKey, sizeof(kKey), kMsg4, sizeof(kMsg4), kOut4)) {
- return 0;
- }
-
- return 1;
-}
-
-int main(int argc, char **argv) {
- if (!rfc_4493_test_vectors()) {
- return 1;
- }
-
- printf("PASS\n");
- return 0;
+ test("RFC 4493 #1", kKey, sizeof(kKey), NULL, 0, kOut1);
+ test("RFC 4493 #2", kKey, sizeof(kKey), kMsg2, sizeof(kMsg2), kOut2);
+ test("RFC 4493 #3", kKey, sizeof(kKey), kMsg3, sizeof(kMsg3), kOut3);
+ test("RFC 4493 #4", kKey, sizeof(kKey), kMsg4, sizeof(kMsg4), kOut4);
}
diff --git a/src/crypto/crypto.c b/src/crypto/crypto.c
index 5d35289..a52b808 100644
--- a/src/crypto/crypto.c
+++ b/src/crypto/crypto.c
@@ -58,9 +58,6 @@
* initialising it to zero, it becomes a "data symbol", which isn't so
* affected. */
uint32_t OPENSSL_ia32cap_P[4] = {0};
-#if !defined(BORINGSSL_FIPS)
-uint32_t *OPENSSL_ia32cap_addr = OPENSSL_ia32cap_P;
-#endif
#elif defined(OPENSSL_PPC64LE)
diff --git a/src/crypto/curve25519/CMakeLists.txt b/src/crypto/curve25519/CMakeLists.txt
index 198d6af..ae95be0 100644
--- a/src/crypto/curve25519/CMakeLists.txt
+++ b/src/crypto/curve25519/CMakeLists.txt
@@ -37,12 +37,3 @@
target_link_libraries(ed25519_test crypto)
add_dependencies(all_tests ed25519_test)
-
-add_executable(
- spake25519_test
-
- spake25519_test.cc
-)
-
-target_link_libraries(spake25519_test crypto)
-add_dependencies(all_tests spake25519_test)
diff --git a/src/crypto/curve25519/spake25519_test.cc b/src/crypto/curve25519/spake25519_test.cc
index 3af073d..97f17b7 100644
--- a/src/crypto/curve25519/spake25519_test.cc
+++ b/src/crypto/curve25519/spake25519_test.cc
@@ -12,17 +12,21 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+#include <openssl/curve25519.h>
+
#include <string>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
-#include <openssl/curve25519.h>
+#include <gtest/gtest.h>
#include "../internal.h"
+/* TODO(agl): add tests with fixed vectors once SPAKE2 is nailed down. */
+
struct SPAKE2Run {
bool Run() {
bssl::UniquePtr<SPAKE2_CTX> alice(SPAKE2_CTX_new(
@@ -92,79 +96,34 @@
bool key_matches_ = false;
};
-static bool TestSPAKE2() {
+TEST(SPAKE25519Test, SPAKE2) {
for (unsigned i = 0; i < 20; i++) {
SPAKE2Run spake2;
- if (!spake2.Run()) {
- fprintf(stderr, "TestSPAKE2: SPAKE2 failed.\n");
- return false;
- }
-
- if (!spake2.key_matches()) {
- fprintf(stderr, "Key didn't match for equal passwords.\n");
- return false;
- }
+ ASSERT_TRUE(spake2.Run());
+ EXPECT_TRUE(spake2.key_matches());
}
-
- return true;
}
-static bool TestWrongPassword() {
+TEST(SPAKE25519Test, WrongPassword) {
SPAKE2Run spake2;
spake2.bob_password = "wrong password";
- if (!spake2.Run()) {
- fprintf(stderr, "TestSPAKE2: SPAKE2 failed.\n");
- return false;
- }
-
- if (spake2.key_matches()) {
- fprintf(stderr, "Key matched for unequal passwords.\n");
- return false;
- }
-
- return true;
+ ASSERT_TRUE(spake2.Run());
+ EXPECT_FALSE(spake2.key_matches()) << "Key matched for unequal passwords.";
}
-static bool TestWrongNames() {
+TEST(SPAKE25519Test, WrongNames) {
SPAKE2Run spake2;
spake2.alice_names.second = "charlie";
spake2.bob_names.second = "charlie";
- if (!spake2.Run()) {
- fprintf(stderr, "TestSPAKE2: SPAKE2 failed.\n");
- return false;
- }
-
- if (spake2.key_matches()) {
- fprintf(stderr, "Key matched for unequal names.\n");
- return false;
- }
-
- return true;
+ ASSERT_TRUE(spake2.Run());
+ EXPECT_FALSE(spake2.key_matches()) << "Key matched for unequal names.";
}
-static bool TestCorruptMessages() {
+TEST(SPAKE25519Test, CorruptMessages) {
for (int i = 0; i < 8 * SPAKE2_MAX_MSG_SIZE; i++) {
SPAKE2Run spake2;
spake2.alice_corrupt_msg_bit = i;
- if (spake2.Run() && spake2.key_matches()) {
- fprintf(stderr, "Passed after corrupting Alice's message, bit %d\n", i);
- return false;
- }
+ EXPECT_FALSE(spake2.Run() && spake2.key_matches())
+ << "Passed after corrupting Alice's message, bit " << i;
}
-
- return true;
-}
-
-/* TODO(agl): add tests with fixed vectors once SPAKE2 is nailed down. */
-
-int main(int argc, char **argv) {
- if (!TestSPAKE2() ||
- !TestWrongPassword() ||
- !TestWrongNames() ||
- !TestCorruptMessages()) {
- return 1;
- }
-
- printf("PASS\n");
- return 0;
}
diff --git a/src/crypto/ecdsa/ecdsa.c b/src/crypto/ecdsa/ecdsa.c
index 5df494e..99b1177 100644
--- a/src/crypto/ecdsa/ecdsa.c
+++ b/src/crypto/ecdsa/ecdsa.c
@@ -175,7 +175,6 @@
BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) ||
BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) {
OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE);
- ret = 0; /* signature is invalid */
goto err;
}
/* calculate tmp1 = inv(S) mod order */
@@ -216,7 +215,12 @@
goto err;
}
/* if the signature is correct u1 is equal to sig->r */
- ret = (BN_ucmp(u1, sig->r) == 0);
+ if (BN_ucmp(u1, sig->r) != 0) {
+ OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE);
+ goto err;
+ }
+
+ ret = 1;
err:
BN_CTX_end(ctx);
diff --git a/src/crypto/evp/evp_tests.txt b/src/crypto/evp/evp_tests.txt
index 9f69664..d6b3beb 100644
--- a/src/crypto/evp/evp_tests.txt
+++ b/src/crypto/evp/evp_tests.txt
@@ -463,39 +463,34 @@
Digest = SHA1
Input = "0123456789ABCDEF12345"
Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
-Error = public key routines
+Error = BAD_SIGNATURE
# Digest too short
Verify = P-256
Digest = SHA1
Input = "0123456789ABCDEF123"
Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
-Error = public key routines
+Error = BAD_SIGNATURE
# Digest invalid
Verify = P-256
Digest = SHA1
Input = "0123456789ABCDEF1235"
Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
-Error = public key routines
+Error = BAD_SIGNATURE
# Invalid signature
Verify = P-256
Digest = SHA1
Input = "0123456789ABCDEF1234"
Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec7
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
-Error = public key routines
+Error = BAD_SIGNATURE
# Garbage after signature
Verify = P-256
Digest = SHA1
Input = "0123456789ABCDEF1234"
Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800
-# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced.
Error = BAD_SIGNATURE
# BER signature
diff --git a/src/crypto/fipsmodule/CMakeLists.txt b/src/crypto/fipsmodule/CMakeLists.txt
index 7250ccb..fcda1db 100644
--- a/src/crypto/fipsmodule/CMakeLists.txt
+++ b/src/crypto/fipsmodule/CMakeLists.txt
@@ -111,26 +111,22 @@
bcm.c
)
- SET_TARGET_PROPERTIES(bcm_c_generated_asm PROPERTIES COMPILE_OPTIONS "-S")
- SET_TARGET_PROPERTIES(bcm_c_generated_asm PROPERTIES POSITION_INDEPENDENT_CODE ON)
+ set_target_properties(bcm_c_generated_asm PROPERTIES COMPILE_OPTIONS "-S")
+ set_target_properties(bcm_c_generated_asm PROPERTIES POSITION_INDEPENDENT_CODE ON)
- function(JOIN VALUES GLUE OUTPUT)
- string (REPLACE ";" "${GLUE}" _TMP_STR "${VALUES}")
- set (${OUTPUT} "${_TMP_STR}" PARENT_SCOPE)
+ function(prepend_path values prefix output)
+ set(result)
+ foreach(value ${values})
+ list(APPEND result "${prefix}/${value}")
+ endforeach(value)
+ set(${output} ${result} PARENT_SCOPE)
endfunction()
- set(DELOCATE_AS_FLAG)
- set(DELOCATE_AS_ARG)
-
- if(NOT "${BCM_ASM_SOURCES}" STREQUAL "")
- set(DELOCATE_AS_FLAG "-as")
- JOIN("${BCM_ASM_SOURCES}" ",${CMAKE_CURRENT_BINARY_DIR}/" BCM_ASM_SOURCES_COMMA_SEP)
- SET(DELOCATE_AS_ARG "${CMAKE_CURRENT_BINARY_DIR}/${BCM_ASM_SOURCES_COMMA_SEP}")
- endif()
+ prepend_path("${BCM_ASM_SOURCES}" "${CMAKE_CURRENT_BINARY_DIR}" DELOCATE_ASM_ARGS)
add_custom_command(
OUTPUT bcm-delocated.S
- COMMAND ${GO_EXECUTABLE} run crypto/fipsmodule/delocate.go crypto/fipsmodule/ar.go crypto/fipsmodule/const.go -a $<TARGET_FILE:bcm_c_generated_asm> ${DELOCATE_AS_FLAG} ${DELOCATE_AS_ARG} -o ${CMAKE_CURRENT_BINARY_DIR}/bcm-delocated.S
+ COMMAND ${GO_EXECUTABLE} run crypto/fipsmodule/delocate.go crypto/fipsmodule/ar.go crypto/fipsmodule/const.go -a $<TARGET_FILE:bcm_c_generated_asm> -o ${CMAKE_CURRENT_BINARY_DIR}/bcm-delocated.S ${DELOCATE_ASM_ARGS}
DEPENDS bcm_c_generated_asm ${BCM_ASM_SOURCES} delocate.go ar.go const.go
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
)
diff --git a/src/crypto/fipsmodule/aes/asm/aes-x86_64.pl b/src/crypto/fipsmodule/aes/asm/aes-x86_64.pl
index 362c1c9..4bf7db3 100755
--- a/src/crypto/fipsmodule/aes/asm/aes-x86_64.pl
+++ b/src/crypto/fipsmodule/aes/asm/aes-x86_64.pl
@@ -1642,7 +1642,7 @@
.align 16
.globl asm_AES_cbc_encrypt
.type asm_AES_cbc_encrypt,\@function,6
-.extern OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
.hidden asm_AES_cbc_encrypt
asm_AES_cbc_encrypt:
cmp \$0,%rdx # check length
@@ -1664,7 +1664,7 @@
cmp \$0,%r9
cmoveq %r10,$sbox
- mov OPENSSL_ia32cap_addr(%rip),%r10
+ leaq OPENSSL_ia32cap_P(%rip),%r10
mov (%r10), %r10d
cmp \$$speed_limit,%rdx
jb .Lcbc_slow_prologue
diff --git a/src/crypto/fipsmodule/aes/asm/aesni-x86_64.pl b/src/crypto/fipsmodule/aes/asm/aesni-x86_64.pl
index 5810980..4ad0fb1 100644
--- a/src/crypto/fipsmodule/aes/asm/aesni-x86_64.pl
+++ b/src/crypto/fipsmodule/aes/asm/aesni-x86_64.pl
@@ -209,7 +209,7 @@
("%rdi","%rsi","%rdx","%rcx"); # Unix order
$code=".text\n";
-$code.=".extern OPENSSL_ia32cap_addr\n";
+$code.=".extern OPENSSL_ia32cap_P\n";
$rounds="%eax"; # input to and changed by aesni_[en|de]cryptN !!!
# this is natural Unix argument order for public $PREFIX_[ecb|cbc]_encrypt ...
@@ -1271,7 +1271,7 @@
lea 7($ctr),%r9
mov %r10d,0x60+12(%rsp)
bswap %r9d
- movq OPENSSL_ia32cap_addr(%rip),%r10
+ leaq OPENSSL_ia32cap_P(%rip),%r10
mov 4(%r10),%r10d
xor $key0,%r9d
and \$`1<<26|1<<22`,%r10d # isolate XSAVE+MOVBE
@@ -3772,7 +3772,7 @@
movdqa $inout3,$in3
movdqu 0x50($inp),$inout5
movdqa $inout4,$in4
- movq OPENSSL_ia32cap_addr(%rip),%r9
+ leaq OPENSSL_ia32cap_P(%rip),%r9
mov 4(%r9),%r9d
cmp \$0x70,$len
jbe .Lcbc_dec_six_or_seven
@@ -4278,7 +4278,7 @@
movups ($inp),%xmm0 # pull first 128 bits of *userKey
xorps %xmm4,%xmm4 # low dword of xmm4 is assumed 0
- movq OPENSSL_ia32cap_addr(%rip),%r10
+ leaq OPENSSL_ia32cap_P(%rip),%r10
movl 4(%r10),%r10d
and \$`1<<28|1<<11`,%r10d # AVX and XOP bits
lea 16($key),%rax # %rax is used as modifiable copy of $key
diff --git a/src/crypto/fipsmodule/delocate.go b/src/crypto/fipsmodule/delocate.go
index 0549cf3..fd11a21 100644
--- a/src/crypto/fipsmodule/delocate.go
+++ b/src/crypto/fipsmodule/delocate.go
@@ -26,6 +26,7 @@
"sort"
"strconv"
"strings"
+ "unicode"
"unicode/utf8"
)
@@ -36,7 +37,6 @@
arInput := flag.String("a", "", "Path to a .a file containing assembly sources")
outFile := flag.String("o", "", "Path to output assembly")
- asmFiles := flag.String("as", "", "Comma separated list of assembly inputs")
flag.Parse()
@@ -48,8 +48,7 @@
}
}
- asPaths := strings.Split(*asmFiles, ",")
- for i, path := range asPaths {
+ for i, path := range flag.Args() {
if len(path) == 0 {
continue
}
@@ -122,16 +121,6 @@
return symbols
}
-func referencesIA32CapDirectly(line string) bool {
- const symbol = "OPENSSL_ia32cap_P"
- i := strings.Index(line, symbol)
- if i < 0 {
- return false
- }
- i += len(symbol)
- return i == len(line) || line[i] == '+' || line[i] == '(' || line[i] == '@'
-}
-
// threadLocalOffsetFunc describes a function that fetches the offset to symbol
// in the thread-local space and writes it to the given target register.
type threadLocalOffsetFunc struct {
@@ -158,6 +147,71 @@
ls.lineNo--
}
+func parseInstruction(line string) (instr string, args []string) {
+ line = strings.TrimSpace(line)
+ if len(line) == 0 || line[0] == '#' {
+ return "", nil
+ }
+
+ idx := strings.IndexFunc(line, unicode.IsSpace)
+ if idx < 0 {
+ return line, nil
+ }
+
+ instr = strings.TrimSpace(line[:idx])
+ line = strings.TrimSpace(line[idx:])
+ for len(line) > 0 {
+ var inQuote bool
+ var parens int
+ Loop:
+ for idx = 0; idx < len(line); idx++ {
+ if inQuote {
+ if line[idx] == '\\' {
+ if idx == len(line)-1 {
+ panic(fmt.Sprintf("could not parse %q", line))
+ }
+ idx++
+ } else {
+ inQuote = line[idx] != '"'
+ }
+ continue
+ }
+ switch line[idx] {
+ case '"':
+ inQuote = true
+ case '(':
+ parens++
+ case ')':
+ if parens == 0 {
+ panic(fmt.Sprintf("could not parse %q", line))
+ }
+ parens--
+ case ',':
+ if parens == 0 {
+ break Loop
+ }
+ case '#':
+ line = line[:idx]
+ break Loop
+ }
+ }
+
+ if inQuote || parens > 0 {
+ panic(fmt.Sprintf("could not parse %q", line))
+ }
+
+ args = append(args, strings.TrimSpace(line[:idx]))
+ if idx < len(line) {
+ // Skip the comma.
+ line = line[idx+1:]
+ } else {
+ line = line[idx:]
+ }
+ }
+
+ return
+}
+
// transform performs a number of transformations on the given assembly code.
// See FIPS.md in the current directory for an overview.
func transform(lines []string, symbols map[string]bool) (ret []string) {
@@ -167,9 +221,13 @@
// redirector function for that symbol.
redirectors := make(map[string]string)
- // ia32capAddrNeeded is true iff OPENSSL_ia32cap_addr has been
- // referenced and thus needs to be emitted outside the module.
- ia32capAddrNeeded := false
+ // ia32capAddrDeltaNeeded is true iff OPENSSL_ia32cap_addr_delta has
+ // been referenced and thus needs to be emitted outside the module.
+ ia32capAddrDeltaNeeded := false
+
+ // ia32capGetNeeded is true iff OPENSSL_ia32cap_get has been referenced
+ // and thus needs to be emitted outside the module.
+ ia32capGetNeeded := false
// bssAccessorsNeeded maps the names of BSS variables for which
// accessor functions need to be emitted outside of the module, to the
@@ -190,30 +248,21 @@
break
}
- // References to OPENSSL_ia32cap_P via the GOT result from C
- // code. The OPENSSL_ia32cap_addr symbol, generated by this
- // script, is just like a GOT entry, but at a known offset.
- line = strings.Replace(line, "OPENSSL_ia32cap_P@GOTPCREL(%rip)", "OPENSSL_ia32cap_addr(%rip)", -1)
-
- if referencesIA32CapDirectly(line) {
- panic("reference to OPENSSL_ia32cap_P needs to be changed to indirect via OPENSSL_ia32cap_addr")
- }
-
- if strings.Contains(line, "OPENSSL_ia32cap_addr(%rip)") {
- ia32capAddrNeeded = true
+ if strings.Contains(line, "OPENSSL_ia32cap_get@PLT") {
+ ia32capGetNeeded = true
}
line = strings.Replace(line, "@PLT", "", -1)
- parts := strings.Fields(strings.TrimSpace(line))
- if len(parts) == 0 {
+ instr, args := parseInstruction(line)
+ if len(instr) == 0 {
ret = append(ret, line)
continue
}
- switch parts[0] {
+ switch instr {
case "call", "callq", "jmp", "jne", "jb", "jz", "jnz", "ja":
- target := parts[1]
+ target := args[0]
// indirect via register or local label
if strings.HasPrefix(target, "*") || strings.HasPrefix(target, ".L") {
ret = append(ret, line)
@@ -232,17 +281,34 @@
if isGlobal {
newTarget = localTargetName(target)
}
- ret = append(ret, fmt.Sprintf("\t%s %s", parts[0], newTarget))
+ ret = append(ret, fmt.Sprintf("\t%s %s", instr, newTarget))
continue
}
redirectorName := "bcm_redirector_" + target
- ret = append(ret, fmt.Sprintf("\t%s %s", parts[0], redirectorName))
+ ret = append(ret, fmt.Sprintf("\t%s %s", instr, redirectorName))
redirectors[redirectorName] = target
continue
+ case "pushq":
+ target := args[0]
+ if strings.HasSuffix(target, "@GOTPCREL(%rip)") {
+ target = target[:len(target)-15]
+ if !symbols[target] {
+ panic(fmt.Sprintf("Reference to unknown symbol on line %d: %s", source.lineNo, line))
+ }
+
+ ret = append(ret, "\tpushq %rax")
+ ret = append(ret, "\tleaq "+localTargetName(target)+"(%rip), %rax")
+ ret = append(ret, "\txchg %rax, (%rsp)")
+ continue
+ }
+
+ ret = append(ret, line)
+ continue
+
case "leaq", "movq", "cmpq":
- if parts[0] == "movq" && strings.Contains(line, "@GOTTPOFF(%rip)") {
+ if instr == "movq" && strings.Contains(line, "@GOTTPOFF(%rip)") {
// GOTTPOFF are offsets into the thread-local
// storage that are stored in the GOT. We have
// to move these relocations out of the module,
@@ -255,22 +321,24 @@
// (BoringSSL itself does not use __thread
// variables, but ASAN and MSAN may add these
// references for their bookkeeping.)
- targetRegister := parts[2][1:]
- symbol := strings.SplitN(parts[1], "@", 2)[0]
+ targetRegister := args[1][1:]
+ symbol := strings.SplitN(args[0], "@", 2)[0]
functionName := fmt.Sprintf("BORINGSSL_bcm_tpoff_to_%s_for_%s", targetRegister, symbol)
threadLocalOffsets[functionName] = threadLocalOffsetFunc{target: targetRegister, symbol: symbol}
+ ret = append(ret, "leaq -128(%rsp), %rsp") // Clear the red zone.
ret = append(ret, "\tcallq "+functionName+"\n")
+ ret = append(ret, "leaq 128(%rsp), %rsp")
continue
}
- target := strings.SplitN(parts[1], ",", 2)[0]
+ target := args[0]
if strings.HasSuffix(target, "(%rip)") {
target = target[:len(target)-6]
if isGlobal := symbols[target]; isGlobal {
line = strings.Replace(line, target, localTargetName(target), 1)
}
- if strings.Contains(line, "@GOTPCREL") && parts[0] == "movq" {
+ if strings.Contains(line, "@GOTPCREL") && instr == "movq" {
line = strings.Replace(line, "@GOTPCREL", "", -1)
target = strings.Replace(target, "@GOTPCREL", "", -1)
@@ -284,6 +352,35 @@
// referencing the symbol directly,
// needs to be transformed into an LEA.
line = strings.Replace(line, "movq", "leaq", 1)
+ instr = "leaq"
+ }
+
+ if target == "OPENSSL_ia32cap_P" {
+ if instr != "leaq" {
+ panic("reference to OPENSSL_ia32cap_P needs to be changed to go through leaq or GOTPCREL")
+ }
+ if args[1][0] != '%' {
+ panic("reference to OPENSSL_ia32cap_P must target a register.")
+ }
+
+ // We assume pushfq is safe, after
+ // clearing the red zone, because any
+ // signals will be delivered using
+ // %rsp. Thus perlasm and
+ // compiler-generated code must not use
+ // %rsp as a general-purpose register.
+ //
+ // TODO(davidben): This messes up CFI
+ // for a small window if %rsp is the CFI
+ // register.
+ ia32capAddrDeltaNeeded = true
+ ret = append(ret, "leaq -128(%rsp), %rsp") // Clear the red zone.
+ ret = append(ret, "pushfq")
+ ret = append(ret, fmt.Sprintf("leaq OPENSSL_ia32cap_addr_delta(%%rip), %s", args[1]))
+ ret = append(ret, fmt.Sprintf("addq OPENSSL_ia32cap_addr_delta(%%rip), %s", args[1]))
+ ret = append(ret, "popfq")
+ ret = append(ret, "leaq 128(%rsp), %rsp")
+ continue
}
}
@@ -291,15 +388,12 @@
continue
case ".comm":
- p := strings.Split(parts[1], ",")
- name := p[0]
+ name := args[0]
bssAccessorsNeeded[name] = name
ret = append(ret, line)
case ".section":
- p := strings.Split(parts[1], ",")
-
- section := strings.Trim(p[0], "\"")
+ section := strings.Trim(args[0], "\"")
if section == ".data.rel.ro" {
// In a normal build, this is an indication of
// a problem but any references from the module
@@ -328,7 +422,7 @@
ret = append(ret, ".text # "+section)
case ".data":
- panic(fmt.Sprintf("bad section %q on line %d", parts[1], source.lineNo))
+ panic(fmt.Sprintf("bad section %q on line %d", args[0], source.lineNo))
case ".init_array", ".fini_array", ".ctors", ".dtors":
// init_array/ctors/dtors contains function
@@ -395,13 +489,21 @@
ret = append(ret, "\tret")
}
+ // Emit an OPENSSL_ia32cap_get accessor.
+ if ia32capGetNeeded {
+ ret = append(ret, ".type OPENSSL_ia32cap_get, @function")
+ ret = append(ret, "OPENSSL_ia32cap_get:")
+ ret = append(ret, "\tleaq OPENSSL_ia32cap_P(%rip), %rax")
+ ret = append(ret, "\tret")
+ }
+
// Emit an indirect reference to OPENSSL_ia32cap_P.
- if ia32capAddrNeeded {
+ if ia32capAddrDeltaNeeded {
ret = append(ret, ".extern OPENSSL_ia32cap_P")
- ret = append(ret, ".type OPENSSL_ia32cap_addr,@object")
- ret = append(ret, ".size OPENSSL_ia32cap_addr,8")
- ret = append(ret, "OPENSSL_ia32cap_addr:")
- ret = append(ret, "\t.quad OPENSSL_ia32cap_P")
+ ret = append(ret, ".type OPENSSL_ia32cap_addr_delta,@object")
+ ret = append(ret, ".size OPENSSL_ia32cap_addr_delta,8")
+ ret = append(ret, "OPENSSL_ia32cap_addr_delta:")
+ ret = append(ret, "\t.quad OPENSSL_ia32cap_P-OPENSSL_ia32cap_addr_delta")
}
// Emit accessors for thread-local offsets.
diff --git a/src/crypto/fipsmodule/modes/asm/ghash-x86_64.pl b/src/crypto/fipsmodule/modes/asm/ghash-x86_64.pl
index 1a74edf..1778ac0 100644
--- a/src/crypto/fipsmodule/modes/asm/ghash-x86_64.pl
+++ b/src/crypto/fipsmodule/modes/asm/ghash-x86_64.pl
@@ -212,7 +212,7 @@
$code=<<___;
.text
-.extern OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
.globl gcm_gmult_4bit
.type gcm_gmult_4bit,\@function,2
@@ -644,7 +644,7 @@
my ($Xl,$Xm,$Xh,$Hkey3,$Hkey4)=map("%xmm$_",(11..15));
$code.=<<___;
- mov OPENSSL_ia32cap_addr(%rip),%rax
+ leaq OPENSSL_ia32cap_P(%rip),%rax
mov 4(%rax),%eax
cmp \$0x30,$len
jb .Lskip4x
diff --git a/src/crypto/fipsmodule/modes/gcm.c b/src/crypto/fipsmodule/modes/gcm.c
index dbc798e..90f5ab4 100644
--- a/src/crypto/fipsmodule/modes/gcm.c
+++ b/src/crypto/fipsmodule/modes/gcm.c
@@ -365,7 +365,7 @@
#if defined(GHASH_ASM_X86_64)
if (crypto_gcm_clmul_enabled()) {
- if (((OPENSSL_ia32cap_P[1] >> 22) & 0x41) == 0x41) { /* AVX+MOVBE */
+ if (((OPENSSL_ia32cap_get()[1] >> 22) & 0x41) == 0x41) { /* AVX+MOVBE */
gcm_init_avx(out_table, H.u);
*out_mult = gcm_gmult_avx;
*out_hash = gcm_ghash_avx;
@@ -1064,8 +1064,9 @@
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
int crypto_gcm_clmul_enabled(void) {
#ifdef GHASH_ASM
- return (OPENSSL_ia32cap_P[0] & (1 << 24)) && /* check FXSR bit */
- (OPENSSL_ia32cap_P[1] & (1 << 1)); /* check PCLMULQDQ bit */
+ const uint32_t *ia32cap = OPENSSL_ia32cap_get();
+ return (ia32cap[0] & (1 << 24)) && /* check FXSR bit */
+ (ia32cap[1] & (1 << 1)); /* check PCLMULQDQ bit */
#else
return 0;
#endif
diff --git a/src/crypto/fipsmodule/rand/rand.c b/src/crypto/fipsmodule/rand/rand.c
index e42ad46..4f5e579 100644
--- a/src/crypto/fipsmodule/rand/rand.c
+++ b/src/crypto/fipsmodule/rand/rand.c
@@ -82,7 +82,7 @@
extern int CRYPTO_rdrand_multiple8_buf(uint8_t *buf, size_t len);
static int have_rdrand(void) {
- return (OPENSSL_ia32cap_P[1] & (1u << 30)) != 0;
+ return (OPENSSL_ia32cap_get()[1] & (1u << 30)) != 0;
}
static int hwrand(uint8_t *buf, size_t len) {
diff --git a/src/crypto/fipsmodule/rand/urandom.c b/src/crypto/fipsmodule/rand/urandom.c
index 474c4bc..7f76145 100644
--- a/src/crypto/fipsmodule/rand/urandom.c
+++ b/src/crypto/fipsmodule/rand/urandom.c
@@ -166,7 +166,6 @@
* continuing. This is automatically handled by getrandom, which requires
* that the entropy pool has been initialised, but for urandom we have to
* poll. */
- int first_iteration = 1;
for (;;) {
int entropy_bits;
if (ioctl(fd, RNDGETENTCNT, &entropy_bits)) {
@@ -181,14 +180,6 @@
break;
}
- if (first_iteration) {
- message(
- "The kernel entropy pool contains too few bits. This process is "
- "built in FIPS mode and will block until sufficient entropy is "
- "available.\n");
- }
- first_iteration = 0;
-
usleep(250000);
}
#endif
diff --git a/src/crypto/fipsmodule/sha/asm/sha1-x86_64.pl b/src/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
index 25a1cad..b269e84 100755
--- a/src/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
+++ b/src/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
@@ -236,14 +236,13 @@
$code.=<<___;
.text
-.extern OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
.globl sha1_block_data_order
.type sha1_block_data_order,\@function,3
.align 16
sha1_block_data_order:
- lea OPENSSL_ia32cap_addr(%rip),%r10
- mov (%r10),%r10
+ leaq OPENSSL_ia32cap_P(%rip),%r10
mov 0(%r10),%r9d
mov 4(%r10),%r8d
mov 8(%r10),%r10d
diff --git a/src/crypto/fipsmodule/sha/asm/sha512-x86_64.pl b/src/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
index c638595..7ad7491 100755
--- a/src/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
+++ b/src/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
@@ -249,15 +249,14 @@
$code=<<___;
.text
-.extern OPENSSL_ia32cap_addr
+.extern OPENSSL_ia32cap_P
.globl $func
.type $func,\@function,3
.align 16
$func:
___
$code.=<<___ if ($SZ==4 || $avx);
- lea OPENSSL_ia32cap_addr(%rip),%r11
- mov (%r11),%r11
+ leaq OPENSSL_ia32cap_P(%rip),%r11
mov 0(%r11),%r9d
mov 4(%r11),%r10d
mov 8(%r11),%r11d
diff --git a/src/crypto/rand_extra/CMakeLists.txt b/src/crypto/rand_extra/CMakeLists.txt
index 2841ef6..cdd7aa8 100644
--- a/src/crypto/rand_extra/CMakeLists.txt
+++ b/src/crypto/rand_extra/CMakeLists.txt
@@ -5,6 +5,7 @@
OBJECT
+ deterministic.c
forkunsafe.c
fuchsia.c
rand_extra.c
diff --git a/src/crypto/test/file_test.cc b/src/crypto/test/file_test.cc
index 715907e..676b039 100644
--- a/src/crypto/test/file_test.cc
+++ b/src/crypto/test/file_test.cc
@@ -14,6 +14,7 @@
#include "file_test.h"
+#include <algorithm>
#include <memory>
#include <ctype.h>
@@ -60,26 +61,46 @@
str++;
len--;
}
- while (len > 0 && isspace(str[len-1])) {
+ while (len > 0 && isspace(str[len - 1])) {
len--;
}
return std::string(str, len);
}
+static std::pair<std::string, std::string> ParseKeyValue(const char *str, const size_t len) {
+ const char *delimiter = FindDelimiter(str);
+ std::string key, value;
+ if (delimiter == nullptr) {
+ key = StripSpace(str, len);
+ } else {
+ key = StripSpace(str, delimiter - str);
+ value = StripSpace(delimiter + 1, str + len - delimiter - 1);
+ }
+ return {key, value};
+}
+
FileTest::ReadResult FileTest::ReadNext() {
- // If the previous test had unused attributes, it is an error.
- if (!unused_attributes_.empty()) {
+ // If the previous test had unused attributes or instructions, it is an error.
+ if (!unused_attributes_.empty() && !ignore_unused_attributes_) {
for (const std::string &key : unused_attributes_) {
PrintLine("Unused attribute: %s", key.c_str());
}
return kReadError;
}
+ if (!unused_instructions_.empty() && !ignore_unused_attributes_) {
+ for (const std::string &key : unused_instructions_) {
+ PrintLine("Unused instruction: %s", key.c_str());
+ }
+ return kReadError;
+ }
ClearTest();
- static const size_t kBufLen = 64 + 8192*2;
+ static const size_t kBufLen = 8192 * 4;
std::unique_ptr<char[]> buf(new char[kBufLen]);
+ bool in_instruction_block = false;
+
while (true) {
// Read the next line.
if (fgets(buf.get(), kBufLen, file_) == nullptr) {
@@ -99,21 +120,60 @@
return kReadError;
}
- if (buf[0] == '\n' || buf[0] == '\0') {
+ if (buf[0] == '\n' || buf[0] == '\r' || buf[0] == '\0') {
// Empty lines delimit tests.
if (start_line_ > 0) {
return kReadSuccess;
}
- } else if (buf[0] != '#') { // Comment lines are ignored.
- // Parse the line as an attribute.
- const char *delimiter = FindDelimiter(buf.get());
- if (delimiter == nullptr) {
- fprintf(stderr, "Line %u: Could not parse attribute.\n", line_);
+ if (in_instruction_block) {
+ in_instruction_block = false;
+ // Delimit instruction block from test with a blank line.
+ current_test_ += "\r\n";
+ }
+ } else if (buf[0] == '[') { // Inside an instruction block.
+ if (start_line_ != 0) {
+ // Instructions should be separate blocks.
+ fprintf(stderr, "Line %u is an instruction in a test case.\n", line_);
return kReadError;
}
- std::string key = StripSpace(buf.get(), delimiter - buf.get());
- std::string value = StripSpace(delimiter + 1,
- buf.get() + len - delimiter - 1);
+ if (!in_instruction_block) {
+ ClearInstructions();
+ in_instruction_block = true;
+ }
+
+ // Parse the line as an instruction ("[key = value]" or "[key]").
+ std::string kv = StripSpace(buf.get(), len);
+ if (kv[kv.size() - 1] != ']') {
+ fprintf(stderr, "Line %u, invalid instruction: %s\n", line_,
+ kv.c_str());
+ return kReadError;
+ }
+ current_test_ += kv + "\r\n";
+ kv = std::string(kv.begin() + 1, kv.end() - 1);
+
+ for (;;) {
+ size_t idx = kv.find(",");
+ if (idx == std::string::npos) {
+ idx = kv.size();
+ }
+ std::string key, value;
+ std::tie(key, value) = ParseKeyValue(kv.c_str(), idx);
+ instructions_[key] = value;
+ if (idx == kv.size())
+ break;
+ kv = kv.substr(idx + 1);
+ }
+ } else if (buf[0] != '#') { // Comment lines are ignored.
+ if (in_instruction_block) {
+ // Test cases should be separate blocks.
+ fprintf(stderr, "Line %u is a test case attribute in an instruction block.\n",
+ line_);
+ return kReadError;
+ }
+
+ current_test_ += std::string(buf.get(), len);
+ std::string key, value;
+ std::tie(key, value) = ParseKeyValue(buf.get(), len);
unused_attributes_.insert(key);
attributes_[key] = value;
@@ -122,6 +182,9 @@
type_ = key;
parameter_ = value;
start_line_ = line_;
+ for (const auto &kv : instructions_) {
+ unused_instructions_.insert(kv.first);
+ }
}
}
}
@@ -171,6 +234,26 @@
return attributes_[key];
}
+bool FileTest::HasInstruction(const std::string &key) {
+ OnInstructionUsed(key);
+ return instructions_.count(key) > 0;
+}
+
+bool FileTest::GetInstruction(std::string *out_value, const std::string &key) {
+ OnInstructionUsed(key);
+ auto iter = instructions_.find(key);
+ if (iter == instructions_.end()) {
+ PrintLine("Missing instruction '%s'.", key.c_str());
+ return false;
+ }
+ *out_value = iter->second;
+ return true;
+}
+
+const std::string &FileTest::CurrentTestToString() const {
+ return current_test_;
+}
+
static bool FromHexDigit(uint8_t *out, char c) {
if ('0' <= c && c <= '9') {
*out = c - '0';
@@ -206,7 +289,7 @@
out->reserve(value.size() / 2);
for (size_t i = 0; i < value.size(); i += 2) {
uint8_t hi, lo;
- if (!FromHexDigit(&hi, value[i]) || !FromHexDigit(&lo, value[i+1])) {
+ if (!FromHexDigit(&hi, value[i]) || !FromHexDigit(&lo, value[i + 1])) {
PrintLine("Error decoding value: %s", value.c_str());
return false;
}
@@ -246,14 +329,28 @@
parameter_.clear();
attributes_.clear();
unused_attributes_.clear();
+ current_test_ = "";
+}
+
+void FileTest::ClearInstructions() {
+ instructions_.clear();
+ unused_attributes_.clear();
}
void FileTest::OnKeyUsed(const std::string &key) {
unused_attributes_.erase(key);
}
-int FileTestMain(bool (*run_test)(FileTest *t, void *arg), void *arg,
- const char *path) {
+void FileTest::OnInstructionUsed(const std::string &key) {
+ unused_instructions_.erase(key);
+}
+
+void FileTest::SetIgnoreUnusedAttributes(bool ignore) {
+ ignore_unused_attributes_ = ignore;
+}
+
+int FileTestMainSilent(bool (*run_test)(FileTest *t, void *arg), void *arg,
+ const char *path) {
FileTest t(path);
if (!t.is_open()) {
return 1;
@@ -278,8 +375,8 @@
uint32_t err = ERR_peek_error();
if (ERR_reason_error_string(err) != t.GetAttributeOrDie("Error")) {
t.PrintLine("Unexpected error; wanted '%s', got '%s'.",
- t.GetAttributeOrDie("Error").c_str(),
- ERR_reason_error_string(err));
+ t.GetAttributeOrDie("Error").c_str(),
+ ERR_reason_error_string(err));
failed = true;
ERR_clear_error();
continue;
@@ -295,10 +392,14 @@
}
}
- if (failed) {
- return 1;
- }
+ return failed ? 1 : 0;
+}
- printf("PASS\n");
- return 0;
+int FileTestMain(bool (*run_test)(FileTest *t, void *arg), void *arg,
+ const char *path) {
+ int result = FileTestMainSilent(run_test, arg, path);
+ if (!result) {
+ printf("PASS\n");
+ }
+ return result;
}
diff --git a/src/crypto/test/file_test.h b/src/crypto/test/file_test.h
index a859127..aac9289 100644
--- a/src/crypto/test/file_test.h
+++ b/src/crypto/test/file_test.h
@@ -21,11 +21,11 @@
#include <stdio.h>
OPENSSL_MSVC_PRAGMA(warning(push))
-OPENSSL_MSVC_PRAGMA(warning(disable: 4702))
+OPENSSL_MSVC_PRAGMA(warning(disable : 4702))
-#include <string>
#include <map>
#include <set>
+#include <string>
#include <vector>
OPENSSL_MSVC_PRAGMA(warning(pop))
@@ -33,31 +33,55 @@
// File-based test framework.
//
// This module provides a file-based test framework. The file format is based on
-// that of OpenSSL upstream's evp_test and BoringSSL's aead_test. Each input
-// file is a sequence of attributes and blank lines.
+// that of OpenSSL upstream's evp_test and BoringSSL's aead_test. NIST CAVP test
+// vector files are also supported. Each input file is a sequence of attributes,
+// instructions and blank lines.
//
// Each attribute has the form:
//
// Name = Value
//
+// Instructions are enclosed in square brackets and may appear without a value:
+//
+// [Name = Value]
+//
+// or
+//
+// [Name]
+//
+// Commas in instruction lines are treated as separate instructions. Thus this:
+//
+// [Name1,Name2]
+//
+// is the same as:
+//
+// [Name1]
+// [Name2]
+//
// Either '=' or ':' may be used to delimit the name from the value. Both the
// name and value have leading and trailing spaces stripped.
//
-// Lines beginning with # are ignored.
+// Each file contains a number of instruction blocks and test cases.
//
-// A test is a sequence of one or more attributes followed by a blank line.
-// Blank lines are otherwise ignored. For tests that process multiple kinds of
-// test cases, the first attribute is parsed out as the test's type and
-// parameter. Otherwise, attributes are unordered. The first attribute is also
-// included in the set of attributes, so tests which do not dispatch may ignore
-// this mechanism.
+// An instruction block is a sequence of instructions followed by a blank line.
+// Instructions apply to all test cases following its appearance, until the next
+// instruction block. Instructions are unordered.
+//
+// A test is a sequence of one or more attributes followed by a blank line. For
+// tests that process multiple kinds of test cases, the first attribute is
+// parsed out as the test's type and parameter. Otherwise, attributes are
+// unordered. The first attribute is also included in the set of attributes, so
+// tests which do not dispatch may ignore this mechanism.
+//
+// Additional blank lines and lines beginning with # are ignored.
//
// Functions in this module freely output to |stderr| on failure. Tests should
// also do so, and it is recommended they include the corresponding test's line
// number in any output. |PrintLine| does this automatically.
//
-// Each attribute in a test must be consumed. When a test completes, if any
-// attributes haven't been processed, the framework reports an error.
+// Each attribute in a test and all instructions applying to it must be
+// consumed. When a test completes, if any attributes or insturctions haven't
+// been processed, the framework reports an error.
class FileTest {
@@ -115,9 +139,28 @@
bool ExpectBytesEqual(const uint8_t *expected, size_t expected_len,
const uint8_t *actual, size_t actual_len);
+ // HasInstruction returns true if the current test has an instruction.
+ bool HasInstruction(const std::string &key);
+
+ // GetInstruction looks up the instruction with key |key|. It sets
+ // |*out_value| to the value (empty string if the instruction has no value)
+ // and returns true if it exists and returns false with an error to |stderr|
+ // otherwise.
+ bool GetInstruction(std::string *out_value, const std::string &key);
+
+ // CurrentTestToString returns the file content parsed for the current test.
+ // If the current test was preceded by an instruction block, the return test
+ // case is preceded by the instruction block and a single blank line. All
+ // other blank or comment lines are omitted.
+ const std::string &CurrentTestToString() const;
+
+ void SetIgnoreUnusedAttributes(bool ignore);
+
private:
void ClearTest();
+ void ClearInstructions();
void OnKeyUsed(const std::string &key);
+ void OnInstructionUsed(const std::string &key);
FILE *file_ = nullptr;
// line_ is the number of lines read.
@@ -131,12 +174,21 @@
std::string parameter_;
// attributes_ contains all attributes in the test, including the first.
std::map<std::string, std::string> attributes_;
+ // instructions_ contains all instructions in scope for the test.
+ std::map<std::string, std::string> instructions_;
- // unused_attributes_ is the set of attributes that have been queried.
+ // unused_attributes_ is the set of attributes that have not been queried.
std::set<std::string> unused_attributes_;
- FileTest(const FileTest&) = delete;
- FileTest &operator=(const FileTest&) = delete;
+ // unused_instructions_ is the set of instructions that have not been queried.
+ std::set<std::string> unused_instructions_;
+
+ std::string current_test_;
+
+ bool ignore_unused_attributes_ = false;
+
+ FileTest(const FileTest &) = delete;
+ FileTest &operator=(const FileTest &) = delete;
};
// FileTestMain runs a file-based test out of |path| and returns an exit code
@@ -153,5 +205,9 @@
int FileTestMain(bool (*run_test)(FileTest *t, void *arg), void *arg,
const char *path);
+// FileTestMainSilent behaves like FileTestMain but does not print a final
+// FAIL/PASS message to stdout.
+int FileTestMainSilent(bool (*run_test)(FileTest *t, void *arg), void *arg,
+ const char *path);
#endif /* OPENSSL_HEADER_CRYPTO_TEST_FILE_TEST_H */
diff --git a/src/crypto/test/gtest_main.cc b/src/crypto/test/gtest_main.cc
index ea1135c..4071040 100644
--- a/src/crypto/test/gtest_main.cc
+++ b/src/crypto/test/gtest_main.cc
@@ -14,58 +14,11 @@
#include <gtest/gtest.h>
-#include <stdio.h>
+#include "gtest_main.h"
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-#if defined(OPENSSL_WINDOWS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
-#include <winsock2.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
-#endif
-
-
-namespace {
-
-class ErrorTestEventListener : public testing::EmptyTestEventListener {
- public:
- ErrorTestEventListener() {}
- ~ErrorTestEventListener() override {}
-
- void OnTestEnd(const testing::TestInfo &test_info) override {
- // If the test failed, print any errors left in the error queue.
- if (test_info.result()->Failed()) {
- ERR_print_errors_fp(stdout);
- }
-
- // Clean up the error queue for the next run.
- ERR_clear_error();
- }
-};
-
-} // namespace
int main(int argc, char **argv) {
- CRYPTO_library_init();
-
-#if defined(OPENSSL_WINDOWS)
- // Initialize Winsock.
- WORD wsa_version = MAKEWORD(2, 2);
- WSADATA wsa_data;
- int wsa_err = WSAStartup(wsa_version, &wsa_data);
- if (wsa_err != 0) {
- fprintf(stderr, "WSAStartup failed: %d\n", wsa_err);
- return 1;
- }
- if (wsa_data.wVersion != wsa_version) {
- fprintf(stderr, "Didn't get expected version: %x\n", wsa_data.wVersion);
- return 1;
- }
-#endif
-
testing::InitGoogleTest(&argc, argv);
- testing::UnitTest::GetInstance()->listeners().Append(
- new ErrorTestEventListener);
+ bssl::SetupGoogleTest();
return RUN_ALL_TESTS();
}
diff --git a/src/crypto/test/gtest_main.h b/src/crypto/test/gtest_main.h
new file mode 100644
index 0000000..395b281
--- /dev/null
+++ b/src/crypto/test/gtest_main.h
@@ -0,0 +1,78 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_CRYPTO_TEST_GTEST_MAIN_H
+#define OPENSSL_HEADER_CRYPTO_TEST_GTEST_MAIN_H
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <gtest/gtest.h>
+
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+
+#if defined(OPENSSL_WINDOWS)
+OPENSSL_MSVC_PRAGMA(warning(push, 3))
+#include <winsock2.h>
+OPENSSL_MSVC_PRAGMA(warning(pop))
+#endif
+
+
+namespace bssl {
+
+class ErrorTestEventListener : public testing::EmptyTestEventListener {
+ public:
+ ErrorTestEventListener() {}
+ ~ErrorTestEventListener() override {}
+
+ void OnTestEnd(const testing::TestInfo &test_info) override {
+ // If the test failed, print any errors left in the error queue.
+ if (test_info.result()->Failed()) {
+ ERR_print_errors_fp(stdout);
+ }
+
+ // Clean up the error queue for the next run.
+ ERR_clear_error();
+ }
+};
+
+// SetupGoogleTest should be called by the test runner after
+// testing::InitGoogleTest has been called and before RUN_ALL_TESTS.
+inline void SetupGoogleTest() {
+ CRYPTO_library_init();
+
+#if defined(OPENSSL_WINDOWS)
+ // Initialize Winsock.
+ WORD wsa_version = MAKEWORD(2, 2);
+ WSADATA wsa_data;
+ int wsa_err = WSAStartup(wsa_version, &wsa_data);
+ if (wsa_err != 0) {
+ fprintf(stderr, "WSAStartup failed: %d\n", wsa_err);
+ exit(1);
+ }
+ if (wsa_data.wVersion != wsa_version) {
+ fprintf(stderr, "Didn't get expected version: %x\n", wsa_data.wVersion);
+ exit(1);
+ }
+#endif
+
+ testing::UnitTest::GetInstance()->listeners().Append(
+ new ErrorTestEventListener);
+}
+
+} // namespace bssl
+
+
+#endif /* OPENSSL_HEADER_CRYPTO_TEST_GTEST_MAIN_H */
diff --git a/src/fipsoracle/CMakeLists.txt b/src/fipsoracle/CMakeLists.txt
new file mode 100644
index 0000000..04634ac
--- /dev/null
+++ b/src/fipsoracle/CMakeLists.txt
@@ -0,0 +1,62 @@
+include_directories(../include)
+
+if (FIPS)
+ add_executable(
+ cavp_aes_test
+
+ cavp_aes_test.cc
+ cavp_test_util.cc
+ $<TARGET_OBJECTS:test_support>
+ )
+
+ add_executable(
+ cavp_aes_gcm_test
+
+ cavp_aes_gcm_test.cc
+ cavp_test_util.cc
+ $<TARGET_OBJECTS:test_support>
+ )
+
+ add_executable(
+ cavp_ecdsa2_pkv_test
+
+ cavp_ecdsa2_pkv_test.cc
+ cavp_test_util.cc
+ $<TARGET_OBJECTS:test_support>
+ )
+
+ add_executable(
+ cavp_ecdsa2_sigver_test
+
+ cavp_ecdsa2_sigver_test.cc
+ cavp_test_util.cc
+ $<TARGET_OBJECTS:test_support>
+ )
+
+ add_executable(
+ cavp_sha_test
+
+ cavp_sha_test.cc
+ cavp_test_util.h
+ cavp_test_util.cc
+ $<TARGET_OBJECTS:test_support>
+ )
+
+ add_executable(
+ cavp_sha_monte_test
+
+ cavp_sha_monte_test.cc
+ cavp_test_util.h
+ cavp_test_util.cc
+ $<TARGET_OBJECTS:test_support>
+ )
+
+ target_link_libraries(cavp_aes_test crypto)
+ target_link_libraries(cavp_aes_gcm_test crypto)
+
+ target_link_libraries(cavp_ecdsa2_pkv_test crypto)
+ target_link_libraries(cavp_ecdsa2_sigver_test crypto)
+
+ target_link_libraries(cavp_sha_test crypto)
+ target_link_libraries(cavp_sha_monte_test crypto)
+endif()
diff --git a/src/fipsoracle/cavp_aes_gcm_test.cc b/src/fipsoracle/cavp_aes_gcm_test.cc
new file mode 100644
index 0000000..9871b73
--- /dev/null
+++ b/src/fipsoracle/cavp_aes_gcm_test.cc
@@ -0,0 +1,211 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+// cavp_aes_gcm_test processes a NIST CAVP AES GCM test vector request file and
+// emits the corresponding response. An optional sample vector file can be
+// passed to verify the result.
+
+#include <stdlib.h>
+
+#include <openssl/aead.h>
+#include <openssl/cipher.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+
+#include "../crypto/test/file_test.h"
+#include "cavp_test_util.h"
+
+
+struct TestCtx {
+ const EVP_AEAD *aead;
+ std::unique_ptr<FileTest> response_sample;
+};
+
+static const EVP_AEAD *GetAEAD(const std::string &name, const bool enc) {
+ if (name == "aes-128-gcm") {
+ return EVP_aead_aes_128_gcm_fips_testonly();
+ } else if (name == "aes-256-gcm") {
+ return EVP_aead_aes_256_gcm_fips_testonly();
+ }
+ return nullptr;
+}
+
+static bool TestAEADEncrypt(FileTest *t, void *arg) {
+ TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
+
+ std::string key_len_str, iv_len_str, pt_len_str, aad_len_str, tag_len_str;
+ if (!t->GetInstruction(&key_len_str, "Keylen") ||
+ !t->GetInstruction(&iv_len_str, "IVlen") ||
+ !t->GetInstruction(&pt_len_str, "PTlen") ||
+ !t->GetInstruction(&aad_len_str, "AADlen") ||
+ !t->GetInstruction(&tag_len_str, "Taglen")) {
+ return false;
+ }
+
+ std::string count;
+ std::vector<uint8_t> key, iv, pt, aad, tag, ct;
+ if (!t->GetAttribute(&count, "Count") ||
+ !t->GetBytes(&key, "Key") ||
+ !t->GetBytes(&aad, "AAD") ||
+ !t->GetBytes(&pt, "PT") ||
+ key.size() * 8 != strtoul(key_len_str.c_str(), nullptr, 0) ||
+ pt.size() * 8 != strtoul(pt_len_str.c_str(), nullptr, 0) ||
+ aad.size() * 8 != strtoul(aad_len_str.c_str(), nullptr, 0)) {
+ return false;
+ }
+
+ size_t tag_len = strtoul(tag_len_str.c_str(), nullptr, 0) / 8;
+ if (!AEADEncrypt(ctx->aead, &ct, &tag, tag_len, key, pt, aad, &iv)) {
+ return false;
+ }
+ printf("%s", t->CurrentTestToString().c_str());
+ printf("IV = %s\r\n", EncodeHex(iv.data(), iv.size()).c_str());
+ printf("CT = %s\r\n", EncodeHex(ct.data(), ct.size()).c_str());
+ printf("Tag = %s\r\n\r\n", EncodeHex(tag.data(), tag.size()).c_str());
+
+ // Check if sample response file matches.
+ if (ctx->response_sample) {
+ ctx->response_sample->ReadNext();
+ std::string expected_count;
+ std::vector<uint8_t> expected_iv, expected_ct, expected_tag;
+ if (!ctx->response_sample->GetAttribute(&expected_count, "Count") ||
+ count != expected_count ||
+ !ctx->response_sample->GetBytes(&expected_iv, "IV") ||
+ !t->ExpectBytesEqual(expected_iv.data(), expected_iv.size(), iv.data(),
+ iv.size()) ||
+ !ctx->response_sample->GetBytes(&expected_ct, "CT") ||
+ !t->ExpectBytesEqual(expected_ct.data(), expected_ct.size(), ct.data(),
+ ct.size()) ||
+ !ctx->response_sample->GetBytes(&expected_tag, "Tag") ||
+ !t->ExpectBytesEqual(expected_tag.data(), expected_tag.size(),
+ tag.data(), tag.size())) {
+ t->PrintLine("result doesn't match");
+ return false;
+ }
+ }
+
+ return true;
+}
+
+static bool TestAEADDecrypt(FileTest *t, void *arg) {
+ TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
+
+ std::string key_len, iv_len, pt_len_str, aad_len_str, tag_len;
+ if (!t->GetInstruction(&key_len, "Keylen") ||
+ !t->GetInstruction(&iv_len, "IVlen") ||
+ !t->GetInstruction(&pt_len_str, "PTlen") ||
+ !t->GetInstruction(&aad_len_str, "AADlen") ||
+ !t->GetInstruction(&tag_len, "Taglen")) {
+ t->PrintLine("Invalid instruction block.");
+ return false;
+ }
+ size_t aad_len = strtoul(aad_len_str.c_str(), nullptr, 0) / 8;
+ size_t pt_len = strtoul(pt_len_str.c_str(), nullptr, 0) / 8;
+
+ std::string count;
+ std::vector<uint8_t> key, iv, ct, aad, tag, pt;
+ if (!t->GetAttribute(&count, "Count") ||
+ !t->GetBytes(&key, "Key") ||
+ !t->GetBytes(&aad, "AAD") ||
+ !t->GetBytes(&tag, "Tag") ||
+ !t->GetBytes(&iv, "IV") ||
+ !t->GetBytes(&ct, "CT") ||
+ key.size() * 8 != strtoul(key_len.c_str(), nullptr, 0) ||
+ iv.size() * 8 != strtoul(iv_len.c_str(), nullptr, 0) ||
+ ct.size() != pt_len ||
+ aad.size() != aad_len ||
+ tag.size() * 8 != strtoul(tag_len.c_str(), nullptr, 0)) {
+ t->PrintLine("Invalid test case");
+ return false;
+ }
+
+ printf("%s", t->CurrentTestToString().c_str());
+ bool aead_result =
+ AEADDecrypt(ctx->aead, &pt, &aad, pt_len, aad_len, key, ct, tag, iv);
+ if (aead_result) {
+ printf("PT = %s\r\n\r\n", EncodeHex(pt.data(), pt.size()).c_str());
+ } else {
+ printf("FAIL\r\n\r\n");
+ }
+
+ // Check if sample response file matches.
+ if (ctx->response_sample) {
+ ctx->response_sample->ReadNext();
+ std::string expected_count;
+ std::vector<uint8_t> expected_pt;
+ if (!ctx->response_sample->GetAttribute(&expected_count, "Count") ||
+ count != expected_count ||
+ (!aead_result && (ctx->response_sample->HasAttribute("PT") ||
+ !ctx->response_sample->HasAttribute("FAIL"))) ||
+ (aead_result &&
+ (ctx->response_sample->HasAttribute("FAIL") ||
+ !ctx->response_sample->GetBytes(&expected_pt, "PT") ||
+ !t->ExpectBytesEqual(expected_pt.data(), expected_pt.size(),
+ pt.data(), pt.size())))) {
+ t->PrintLine("result doesn't match");
+ return false;
+ }
+ }
+
+ return true;
+}
+
+static int usage(char *arg) {
+ fprintf(stderr,
+ "usage: %s (enc|dec) <cipher> <test file> [<sample response file>]\n",
+ arg);
+ return 1;
+}
+
+int main(int argc, char **argv) {
+ CRYPTO_library_init();
+
+ if (argc < 4 || argc > 5) {
+ return usage(argv[0]);
+ }
+
+ const std::string mode(argv[1]);
+ bool (*test_fn)(FileTest * t, void *arg);
+ if (mode == "enc") {
+ test_fn = &TestAEADEncrypt;
+ } else if (mode == "dec") {
+ test_fn = &TestAEADDecrypt;
+ } else {
+ return usage(argv[0]);
+ }
+
+ const EVP_AEAD *aead = GetAEAD(argv[2], mode == "enc");
+ if (aead == nullptr) {
+ fprintf(stderr, "invalid aead: %s\n", argv[2]);
+ return 1;
+ }
+
+ TestCtx ctx = {aead, nullptr};
+
+ if (argc == 5) {
+ ctx.response_sample.reset(new FileTest(argv[4]));
+ if (!ctx.response_sample->is_open()) {
+ return 1;
+ }
+ ctx.response_sample->SetIgnoreUnusedAttributes(true);
+ }
+
+ printf("# Generated by");
+ for (int i = 0; i < argc; i++) {
+ printf(" %s", argv[i]);
+ }
+ printf("\n\n");
+
+ return FileTestMainSilent(test_fn, &ctx, argv[3]);
+}
diff --git a/src/fipsoracle/cavp_aes_test.cc b/src/fipsoracle/cavp_aes_test.cc
new file mode 100644
index 0000000..c341e85
--- /dev/null
+++ b/src/fipsoracle/cavp_aes_test.cc
@@ -0,0 +1,280 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+// cavp_aes_test processes a NIST CAVP AES test vector request file and emits
+// the corresponding response. An optional sample vector file can be passed to
+// verify the result.
+
+#include <stdlib.h>
+
+#include <openssl/cipher.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+
+#include "../crypto/test/file_test.h"
+#include "cavp_test_util.h"
+
+
+struct TestCtx {
+ const EVP_CIPHER *cipher;
+ std::unique_ptr<FileTest> response_sample;
+ bool has_iv;
+ enum Mode {
+ kKAT, // Known Answer Test
+ kMCT, // Monte Carlo Test
+ };
+ Mode mode;
+};
+
+static bool MonteCarlo(const TestCtx *ctx, FileTest *t,
+ const EVP_CIPHER *cipher, std::vector<uint8_t> *out,
+ bool encrypt, std::vector<uint8_t> key,
+ std::vector<uint8_t> iv, std::vector<uint8_t> in) {
+ const std::string in_label = encrypt ? "PLAINTEXT" : "CIPHERTEXT",
+ result_label = encrypt ? "CIPHERTEXT" : "PLAINTEXT";
+ std::vector<uint8_t> prev_result, result, prev_in;
+ for (int i = 0; i < 100; i++) {
+ printf("COUNT = %d\r\nKEY = %s\r\n", i,
+ EncodeHex(key.data(), key.size()).c_str());
+ if (ctx->has_iv) {
+ printf("IV = %s\r\n", EncodeHex(iv.data(), iv.size()).c_str());
+ }
+ printf("%s = %s\r\n", in_label.c_str(),
+ EncodeHex(in.data(), in.size()).c_str());
+
+ if (!ctx->has_iv) { // ECB mode
+ for (int j = 0; j < 1000; j++) {
+ prev_result = result;
+ if (!CipherOperation(cipher, &result, encrypt, key, iv, in)) {
+ return false;
+ }
+ in = result;
+ }
+ } else {
+ for (int j = 0; j < 1000; j++) {
+ prev_result = result;
+ if (j > 0) {
+ if (encrypt) {
+ iv = result;
+ } else {
+ iv = prev_in;
+ }
+ }
+
+ if (!CipherOperation(cipher, &result, encrypt, key, iv, in)) {
+ return false;
+ }
+
+ prev_in = in;
+
+ if (j == 0) {
+ in = iv;
+ } else {
+ in = prev_result;
+ }
+ }
+ }
+
+ printf("%s = %s\r\n\r\n", result_label.c_str(),
+ EncodeHex(result.data(), result.size()).c_str());
+
+ // Check if sample response file matches.
+ if (ctx->response_sample) {
+ if (ctx->response_sample->ReadNext() != FileTest::kReadSuccess) {
+ t->PrintLine("invalid sample file");
+ return false;
+ }
+ std::string expected_count;
+ std::vector<uint8_t> expected_key, expected_result;
+ if (!ctx->response_sample->GetBytes(&expected_key, "KEY") ||
+ !t->ExpectBytesEqual(expected_key.data(), expected_key.size(),
+ key.data(), key.size()) ||
+ !ctx->response_sample->GetBytes(&expected_result, result_label) ||
+ !t->ExpectBytesEqual(expected_result.data(), expected_result.size(),
+ result.data(), result.size())) {
+ t->PrintLine("result doesn't match");
+ return false;
+ }
+ }
+
+ const size_t key_len = key.size() * 8;
+ if (key_len == 128) {
+ for (size_t k = 0; k < key.size(); k++) {
+ key[k] ^= result[k];
+ }
+ } else if (key_len == 192) {
+ for (size_t k = 0; k < key.size(); k++) {
+ // Key[i+1] = Key[i] xor (last 64-bits of CT[j-1] || CT[j])
+ if (k < 8) {
+ key[k] ^= prev_result[prev_result.size() - 8 + k];
+ } else {
+ key[k] ^= result[k - 8];
+ }
+ }
+ } else { // key_len == 256
+ for (size_t k = 0; k < key.size(); k++) {
+ // Key[i+1] = Key[i] xor (CT[j-1] || CT[j])
+ if (k < 16) {
+ key[k] ^= prev_result[k];
+ } else {
+ key[k] ^= result[k - 16];
+ }
+ }
+ }
+
+ if (ctx->has_iv) {
+ iv = result;
+ in = prev_result;
+ } else {
+ in = result;
+ }
+ }
+
+ return true;
+}
+
+static bool TestCipher(FileTest *t, void *arg) {
+ TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
+
+ if (t->HasInstruction("ENCRYPT") == t->HasInstruction("DECRYPT")) {
+ t->PrintLine("Want either ENCRYPT or DECRYPT");
+ return false;
+ }
+ enum {
+ kEncrypt,
+ kDecrypt,
+ } operation = t->HasInstruction("ENCRYPT") ? kEncrypt : kDecrypt;
+
+ std::string count;
+ std::vector<uint8_t> key, iv, in, result;
+ if (!t->GetAttribute(&count, "COUNT") ||
+ !t->GetBytes(&key, "KEY") ||
+ (ctx->has_iv && !t->GetBytes(&iv, "IV"))) {
+ return false;
+ }
+
+ const EVP_CIPHER *cipher = ctx->cipher;
+ if (operation == kEncrypt) {
+ if (!t->GetBytes(&in, "PLAINTEXT")) {
+ return false;
+ }
+ } else { // operation == kDecrypt
+ if (!t->GetBytes(&in, "CIPHERTEXT")) {
+ return false;
+ }
+ }
+
+ if (ctx->mode == TestCtx::kKAT) {
+ if (!CipherOperation(cipher, &result, operation == kEncrypt, key, iv, in)) {
+ return false;
+ }
+ const std::string label =
+ operation == kEncrypt ? "CIPHERTEXT" : "PLAINTEXT";
+ printf("%s%s = %s\r\n\r\n", t->CurrentTestToString().c_str(), label.c_str(),
+ EncodeHex(result.data(), result.size()).c_str());
+
+ // Check if sample response file matches.
+ if (ctx->response_sample) {
+ if (ctx->response_sample->ReadNext() != FileTest::kReadSuccess) {
+ t->PrintLine("invalid sample file");
+ return false;
+ }
+ std::string expected_count;
+ std::vector<uint8_t> expected_result;
+ if (!ctx->response_sample->GetAttribute(&expected_count, "COUNT") ||
+ count != expected_count ||
+ (operation == kEncrypt &&
+ (!ctx->response_sample->GetBytes(&expected_result, "CIPHERTEXT") ||
+ !t->ExpectBytesEqual(expected_result.data(), expected_result.size(),
+ result.data(), result.size()))) ||
+ (operation == kDecrypt &&
+ (!ctx->response_sample->GetBytes(&expected_result, "PLAINTEXT") ||
+ !t->ExpectBytesEqual(expected_result.data(), expected_result.size(),
+ result.data(), result.size())))) {
+ t->PrintLine("result doesn't match");
+ return false;
+ }
+ }
+
+ } else { // ctx->mode == kMCT
+ const std::string op_label =
+ operation == kEncrypt ? "[ENCRYPT]" : "[DECRYPT]";
+ printf("%s\r\n\r\n", op_label.c_str());
+ if (!MonteCarlo(ctx, t, cipher, &result, operation == kEncrypt, key, iv,
+ in)) {
+ return false;
+ }
+ if (operation == kEncrypt) {
+ // MCT tests contain a stray blank line after the ENCRYPT section.
+ printf("\r\n");
+ }
+ }
+
+ return true;
+}
+
+static int usage(char *arg) {
+ fprintf(stderr,
+ "usage: %s (kat|mct) <cipher> <test file> [<sample response file>]\n",
+ arg);
+ return 1;
+}
+
+int main(int argc, char **argv) {
+ CRYPTO_library_init();
+
+ if (argc < 4 || argc > 5) {
+ return usage(argv[0]);
+ }
+
+ const std::string tm(argv[1]);
+ enum TestCtx::Mode test_mode;
+ if (tm == "kat") {
+ test_mode = TestCtx::kKAT;
+ } else if (tm == "mct") {
+ test_mode = TestCtx::kMCT;
+ } else {
+ fprintf(stderr, "invalid test_mode: %s\n", tm.c_str());
+ return usage(argv[0]);
+ }
+
+ const std::string cipher_name(argv[2]);
+ const EVP_CIPHER *cipher = GetCipher(argv[2]);
+ if (cipher == nullptr) {
+ fprintf(stderr, "invalid cipher: %s\n", argv[2]);
+ return 1;
+ }
+ const bool has_iv =
+ (cipher_name != "aes-128-ecb" &&
+ cipher_name != "aes-192-ecb" &&
+ cipher_name != "aes-256-ecb");
+
+ TestCtx ctx = {cipher, nullptr, has_iv, test_mode};
+
+ if (argc == 5) {
+ ctx.response_sample.reset(new FileTest(argv[4]));
+ if (!ctx.response_sample->is_open()) {
+ return 1;
+ }
+ ctx.response_sample->SetIgnoreUnusedAttributes(true);
+ }
+
+ printf("# Generated by");
+ for (int i = 0; i < argc; i++) {
+ printf(" %s", argv[i]);
+ }
+ printf("\r\n\r\n");
+
+ return FileTestMainSilent(TestCipher, &ctx, argv[3]);
+}
diff --git a/src/fipsoracle/cavp_ecdsa2_pkv_test.cc b/src/fipsoracle/cavp_ecdsa2_pkv_test.cc
new file mode 100644
index 0000000..74c9da1
--- /dev/null
+++ b/src/fipsoracle/cavp_ecdsa2_pkv_test.cc
@@ -0,0 +1,70 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+// cavp_ecdsa2_pkv_test processes a NIST CAVP ECDSA2 PKV test vector request file
+// and emits the corresponding response. An optional sample vector file can be
+// passed to verify the result.
+
+#include <vector>
+
+#include <openssl/bn.h>
+#include <openssl/crypto.h>
+#include <openssl/ec_key.h>
+#include <openssl/err.h>
+#include <openssl/nid.h>
+
+#include "../crypto/test/file_test.h"
+#include "cavp_test_util.h"
+
+
+static bool TestECDSA2PKV(FileTest *t, void *arg) {
+ int nid = GetECGroupNIDFromInstruction(t);
+ if (nid == NID_undef) {
+ return false;
+ }
+ bssl::UniquePtr<EC_KEY> key(EC_KEY_new_by_curve_name(nid));
+ bssl::UniquePtr<BIGNUM> qx = GetBIGNUM(t, "Qx");
+ bssl::UniquePtr<BIGNUM> qy = GetBIGNUM(t, "Qy");
+ if (!key || !qx || !qy) {
+ return false;
+ }
+
+ if (EC_KEY_set_public_key_affine_coordinates(key.get(), qx.get(), qy.get())) {
+ printf("%sResult = P\r\n\r\n", t->CurrentTestToString().c_str());
+ } else {
+ char buf[256];
+ ERR_error_string_n(ERR_get_error(), buf, sizeof(buf));
+ printf("%sResult = F (%s)\r\n\r\n", t->CurrentTestToString().c_str(), buf);
+ }
+ ERR_clear_error();
+ return true;
+}
+
+int main(int argc, char **argv) {
+ CRYPTO_library_init();
+
+ if (argc != 2) {
+ fprintf(stderr, "usage: %s <test file>\n",
+ argv[0]);
+ return 1;
+ }
+
+ printf("# Generated by");
+ for (int i = 0; i < argc; i++) {
+ printf(" %s", argv[i]);
+ }
+ printf("\r\n\r\n");
+
+ return FileTestMainSilent(TestECDSA2PKV, nullptr, argv[1]);
+}
diff --git a/src/fipsoracle/cavp_ecdsa2_sigver_test.cc b/src/fipsoracle/cavp_ecdsa2_sigver_test.cc
new file mode 100644
index 0000000..9401854
--- /dev/null
+++ b/src/fipsoracle/cavp_ecdsa2_sigver_test.cc
@@ -0,0 +1,88 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+// cavp_ecdsa2_sigver_test processes a NIST CAVP ECDSA2 SigVer test vector
+// request file and emits the corresponding response. An optional sample vector
+// file can be passed to verify the result.
+
+#include <vector>
+
+#include <openssl/bn.h>
+#include <openssl/crypto.h>
+#include <openssl/digest.h>
+#include <openssl/ec_key.h>
+#include <openssl/ecdsa.h>
+#include <openssl/err.h>
+#include <openssl/nid.h>
+
+#include "../crypto/test/file_test.h"
+#include "cavp_test_util.h"
+
+
+static bool TestECDSA2SigVer(FileTest *t, void *arg) {
+ int nid = GetECGroupNIDFromInstruction(t);
+ const EVP_MD *md = GetDigestFromInstruction(t);
+ if (nid == NID_undef || md == nullptr) {
+ return false;
+ }
+ bssl::UniquePtr<ECDSA_SIG> sig(ECDSA_SIG_new());
+ bssl::UniquePtr<EC_KEY> key(EC_KEY_new_by_curve_name(nid));
+ bssl::UniquePtr<BIGNUM> qx = GetBIGNUM(t, "Qx");
+ bssl::UniquePtr<BIGNUM> qy = GetBIGNUM(t, "Qy");
+ bssl::UniquePtr<BIGNUM> r = GetBIGNUM(t, "R");
+ bssl::UniquePtr<BIGNUM> s = GetBIGNUM(t, "S");
+ std::vector<uint8_t> msg;
+ uint8_t digest[EVP_MAX_MD_SIZE];
+ unsigned digest_len;
+ if (!sig || !key || !qx || !qy || !r || !s ||
+ !EC_KEY_set_public_key_affine_coordinates(key.get(), qx.get(),
+ qy.get()) ||
+ !t->GetBytes(&msg, "Msg") ||
+ !EVP_Digest(msg.data(), msg.size(), digest, &digest_len, md, nullptr)) {
+ return false;
+ }
+
+ BN_free(sig->r);
+ sig->r = r.release();
+ BN_free(sig->s);
+ sig->s = s.release();
+
+ if (ECDSA_do_verify(digest, digest_len, sig.get(), key.get())) {
+ printf("%sResult = P\r\n\r\n", t->CurrentTestToString().c_str());
+ } else {
+ char buf[256];
+ ERR_error_string_n(ERR_get_error(), buf, sizeof(buf));
+ printf("%sResult = F (%s)\r\n\r\n", t->CurrentTestToString().c_str(), buf);
+ }
+ ERR_clear_error();
+ return true;
+}
+
+int main(int argc, char **argv) {
+ CRYPTO_library_init();
+
+ if (argc != 2) {
+ fprintf(stderr, "usage: %s <test file>\n",
+ argv[0]);
+ return 1;
+ }
+
+ printf("# Generated by");
+ for (int i = 0; i < argc; i++) {
+ printf(" %s", argv[i]);
+ }
+ printf("\r\n\r\n");
+
+ return FileTestMainSilent(TestECDSA2SigVer, nullptr, argv[1]);
+}
diff --git a/src/fipsoracle/cavp_sha_monte_test.cc b/src/fipsoracle/cavp_sha_monte_test.cc
new file mode 100644
index 0000000..47b885e
--- /dev/null
+++ b/src/fipsoracle/cavp_sha_monte_test.cc
@@ -0,0 +1,101 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+// cavp_sha_monte_test processes a NIST CAVP SHA-Monte test vector request file
+// and emits the corresponding response. An optional sample vector file can be
+// passed to verify the result.
+
+#include <stdlib.h>
+
+#include <openssl/crypto.h>
+#include <openssl/digest.h>
+
+#include "../crypto/test/file_test.h"
+#include "cavp_test_util.h"
+
+
+struct TestCtx {
+ std::string hash;
+};
+
+static bool TestSHAMonte(FileTest *t, void *arg) {
+ TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
+
+ const EVP_MD *md = EVP_get_digestbyname(ctx->hash.c_str());
+ if (md == nullptr) {
+ return false;
+ }
+ const size_t md_len = EVP_MD_size(md);
+
+ std::string out_len;
+ if (!t->GetInstruction(&out_len, "L") ||
+ md_len != strtoul(out_len.c_str(), nullptr, 0)) {
+ return false;
+ }
+
+ std::vector<uint8_t> seed;
+ if (!t->GetBytes(&seed, "Seed") ||
+ seed.size() != md_len) {
+ return false;
+ }
+
+ std::vector<uint8_t> out = seed;
+
+ printf("%s\r\n", t->CurrentTestToString().c_str());
+
+ for (int count = 0; count < 100; count++) {
+ std::vector<uint8_t> msg;
+ msg.insert(msg.end(), out.begin(), out.end());
+ msg.insert(msg.end(), out.begin(), out.end());
+ msg.insert(msg.end(), out.begin(), out.end());
+ for (int i = 0; i < 1000; i++) {
+ unsigned digest_len;
+ if (!EVP_Digest(msg.data(), msg.size(), out.data(), &digest_len, md,
+ nullptr) ||
+ digest_len != out.size()) {
+ return false;
+ }
+
+ msg.erase(msg.begin(), msg.begin() + out.size());
+ msg.insert(msg.end(), out.begin(), out.end());
+ }
+ printf("COUNT = %d\r\n", count);
+ printf("MD = %s\r\n\r\n", EncodeHex(out.data(), out.size()).c_str());
+ }
+
+ return true;
+}
+
+static int usage(char *arg) {
+ fprintf(stderr, "usage: %s <hash> <test file>\n", arg);
+ return 1;
+}
+
+int main(int argc, char **argv) {
+ CRYPTO_library_init();
+
+ if (argc != 3) {
+ return usage(argv[0]);
+ }
+
+ TestCtx ctx = {std::string(argv[1])};
+
+ printf("# Generated by");
+ for (int i = 0; i < argc; i++) {
+ printf(" %s", argv[i]);
+ }
+ printf("\r\n\r\n");
+
+ return FileTestMainSilent(TestSHAMonte, &ctx, argv[2]);
+}
diff --git a/src/fipsoracle/cavp_sha_test.cc b/src/fipsoracle/cavp_sha_test.cc
new file mode 100644
index 0000000..ca60bb0
--- /dev/null
+++ b/src/fipsoracle/cavp_sha_test.cc
@@ -0,0 +1,96 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+// cavp_sha_test processes a NIST CAVP SHA test vector request file and emits
+// the corresponding response. An optional sample vector file can be passed to
+// verify the result.
+
+#include <stdlib.h>
+
+#include <openssl/crypto.h>
+#include <openssl/digest.h>
+
+#include "../crypto/test/file_test.h"
+#include "cavp_test_util.h"
+
+
+struct TestCtx {
+ std::string hash;
+};
+
+static bool TestSHA(FileTest *t, void *arg) {
+ TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
+
+ const EVP_MD *md = EVP_get_digestbyname(ctx->hash.c_str());
+ if (md == nullptr) {
+ return false;
+ }
+ const size_t md_len = EVP_MD_size(md);
+
+ std::string out_len;
+ if (!t->GetInstruction(&out_len, "L") ||
+ md_len != strtoul(out_len.c_str(), nullptr, 0)) {
+ return false;
+ }
+
+ std::string msg_len_str;
+ std::vector<uint8_t> msg;
+ if (!t->GetAttribute(&msg_len_str, "Len") ||
+ !t->GetBytes(&msg, "Msg")) {
+ return false;
+ }
+
+ size_t msg_len = strtoul(msg_len_str.c_str(), nullptr, 0);
+ if (msg_len % 8 != 0 ||
+ msg_len / 8 > msg.size()) {
+ return false;
+ }
+ msg_len /= 8;
+
+ std::vector<uint8_t> out;
+ out.resize(md_len);
+ unsigned digest_len;
+ if (!EVP_Digest(msg.data(), msg_len, out.data(), &digest_len, md, nullptr) ||
+ digest_len != out.size()) {
+ return false;
+ }
+
+ printf("%s", t->CurrentTestToString().c_str());
+ printf("MD = %s\r\n\r\n", EncodeHex(out.data(), out.size()).c_str());
+
+ return true;
+}
+
+static int usage(char *arg) {
+ fprintf(stderr, "usage: %s <hash> <test file>\n", arg);
+ return 1;
+}
+
+int main(int argc, char **argv) {
+ CRYPTO_library_init();
+
+ if (argc != 3) {
+ return usage(argv[0]);
+ }
+
+ TestCtx ctx = {std::string(argv[1])};
+
+ printf("# Generated by");
+ for (int i = 0; i < argc; i++) {
+ printf(" %s", argv[i]);
+ }
+ printf("\r\n\r\n");
+
+ return FileTestMainSilent(TestSHA, &ctx, argv[2]);
+}
diff --git a/src/fipsoracle/cavp_test_util.cc b/src/fipsoracle/cavp_test_util.cc
new file mode 100644
index 0000000..c3d2cdf
--- /dev/null
+++ b/src/fipsoracle/cavp_test_util.cc
@@ -0,0 +1,219 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include "cavp_test_util.h"
+
+#include <openssl/bn.h>
+#include <openssl/digest.h>
+#include <openssl/ec.h>
+#include <openssl/nid.h>
+
+
+std::string EncodeHex(const uint8_t *in, size_t in_len) {
+ static const char kHexDigits[] = "0123456789abcdef";
+ std::string ret;
+ ret.reserve(in_len * 2);
+ for (size_t i = 0; i < in_len; i++) {
+ ret += kHexDigits[in[i] >> 4];
+ ret += kHexDigits[in[i] & 0xf];
+ }
+ return ret;
+}
+
+const EVP_CIPHER *GetCipher(const std::string &name) {
+ if (name == "des-cbc") {
+ return EVP_des_cbc();
+ } else if (name == "des-ecb") {
+ return EVP_des_ecb();
+ } else if (name == "des-ede") {
+ return EVP_des_ede();
+ } else if (name == "des-ede3") {
+ return EVP_des_ede3();
+ } else if (name == "des-ede-cbc") {
+ return EVP_des_ede_cbc();
+ } else if (name == "des-ede3-cbc") {
+ return EVP_des_ede3_cbc();
+ } else if (name == "rc4") {
+ return EVP_rc4();
+ } else if (name == "aes-128-ecb") {
+ return EVP_aes_128_ecb();
+ } else if (name == "aes-256-ecb") {
+ return EVP_aes_256_ecb();
+ } else if (name == "aes-128-cbc") {
+ return EVP_aes_128_cbc();
+ } else if (name == "aes-128-gcm") {
+ return EVP_aes_128_gcm();
+ } else if (name == "aes-128-ofb") {
+ return EVP_aes_128_ofb();
+ } else if (name == "aes-192-cbc") {
+ return EVP_aes_192_cbc();
+ } else if (name == "aes-192-ctr") {
+ return EVP_aes_192_ctr();
+ } else if (name == "aes-192-ecb") {
+ return EVP_aes_192_ecb();
+ } else if (name == "aes-256-cbc") {
+ return EVP_aes_256_cbc();
+ } else if (name == "aes-128-ctr") {
+ return EVP_aes_128_ctr();
+ } else if (name == "aes-256-ctr") {
+ return EVP_aes_256_ctr();
+ } else if (name == "aes-256-gcm") {
+ return EVP_aes_256_gcm();
+ } else if (name == "aes-256-ofb") {
+ return EVP_aes_256_ofb();
+ }
+ return nullptr;
+}
+
+bool CipherOperation(const EVP_CIPHER *cipher, std::vector<uint8_t> *out,
+ bool encrypt, const std::vector<uint8_t> &key,
+ const std::vector<uint8_t> &iv,
+ const std::vector<uint8_t> &in) {
+ bssl::ScopedEVP_CIPHER_CTX ctx;
+ if (!EVP_CipherInit_ex(ctx.get(), cipher, nullptr, nullptr, nullptr,
+ encrypt ? 1 : 0)) {
+ return false;
+ }
+ if (!iv.empty() && iv.size() != EVP_CIPHER_CTX_iv_length(ctx.get())) {
+ return false;
+ }
+
+ int result_len1 = 0, result_len2;
+ *out = std::vector<uint8_t>(in.size());
+ if (!EVP_CIPHER_CTX_set_key_length(ctx.get(), key.size()) ||
+ !EVP_CipherInit_ex(ctx.get(), nullptr, nullptr, key.data(), iv.data(),
+ -1) ||
+ !EVP_CIPHER_CTX_set_padding(ctx.get(), 0) ||
+ !EVP_CipherUpdate(ctx.get(), out->data(), &result_len1, in.data(),
+ in.size()) ||
+ !EVP_CipherFinal_ex(ctx.get(), out->data() + result_len1, &result_len2)) {
+ return false;
+ }
+ out->resize(result_len1 + result_len2);
+
+ return true;
+}
+
+bool AEADEncrypt(const EVP_AEAD *aead, std::vector<uint8_t> *ct,
+ std::vector<uint8_t> *tag, size_t tag_len,
+ const std::vector<uint8_t> &key,
+ const std::vector<uint8_t> &pt,
+ const std::vector<uint8_t> &aad, std::vector<uint8_t> *iv) {
+ bssl::ScopedEVP_AEAD_CTX ctx;
+ if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, key.data(), key.size(),
+ tag->size(), evp_aead_seal)) {
+ return false;
+ }
+
+ std::vector<uint8_t> out;
+ out.resize(pt.size() + EVP_AEAD_max_overhead(aead));
+ size_t out_len;
+ if (!EVP_AEAD_CTX_seal(ctx.get(), out.data(), &out_len, out.size(),
+ nullptr /* iv */, 0 /* iv_len */, pt.data(), pt.size(),
+ aad.data(), aad.size())) {
+ return false;
+ }
+
+ static const size_t iv_len = EVP_AEAD_nonce_length(aead);
+ iv->assign(out.begin(), out.begin() + iv_len);
+ ct->assign(out.begin() + iv_len, out.end() - tag_len);
+ tag->assign(out.end() - tag_len, out.end());
+
+ return true;
+}
+
+bool AEADDecrypt(const EVP_AEAD *aead, std::vector<uint8_t> *pt,
+ std::vector<uint8_t> *aad, size_t pt_len, size_t aad_len,
+ const std::vector<uint8_t> &key,
+ const std::vector<uint8_t> &ct,
+ const std::vector<uint8_t> &tag, std::vector<uint8_t> &iv) {
+ bssl::ScopedEVP_AEAD_CTX ctx;
+ if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, key.data(), key.size(),
+ tag.size(), evp_aead_open)) {
+ return false;
+ }
+ std::vector<uint8_t> in = iv;
+ in.reserve(in.size() + ct.size() + tag.size());
+ in.insert(in.end(), ct.begin(), ct.end());
+ in.insert(in.end(), tag.begin(), tag.end());
+
+ pt->resize(pt_len);
+ aad->resize(aad_len);
+ size_t out_pt_len;
+ if (!EVP_AEAD_CTX_open(ctx.get(), pt->data(), &out_pt_len, pt->size(),
+ nullptr /* iv */, 0 /* iv_len */, in.data(), in.size(),
+ aad->data(), aad->size()) ||
+ out_pt_len != pt_len) {
+ return false;
+ }
+ return true;
+}
+
+static int HexToBIGNUM(bssl::UniquePtr<BIGNUM> *out, const char *in) {
+ BIGNUM *raw = NULL;
+ int ret = BN_hex2bn(&raw, in);
+ out->reset(raw);
+ return ret;
+}
+
+bssl::UniquePtr<BIGNUM> GetBIGNUM(FileTest *t, const char *attribute) {
+ std::string hex;
+ if (!t->GetAttribute(&hex, attribute)) {
+ return nullptr;
+ }
+
+ bssl::UniquePtr<BIGNUM> ret;
+ if (HexToBIGNUM(&ret, hex.c_str()) != static_cast<int>(hex.size())) {
+ t->PrintLine("Could not decode '%s'.", hex.c_str());
+ return nullptr;
+ }
+ return ret;
+}
+
+int GetECGroupNIDFromInstruction(FileTest *t) {
+ if (t->HasInstruction("P-224")) {
+ return NID_secp224r1;
+ }
+ if (t->HasInstruction("P-256")) {
+ return NID_X9_62_prime256v1;
+ }
+ if (t->HasInstruction("P-384")) {
+ return NID_secp384r1;
+ }
+ if (t->HasInstruction("P-521")) {
+ return NID_secp521r1;
+ }
+ t->PrintLine("No supported group specified.");
+ return NID_undef;
+}
+
+const EVP_MD *GetDigestFromInstruction(FileTest *t) {
+ if (t->HasInstruction("SHA-1")) {
+ return EVP_sha1();
+ }
+ if (t->HasInstruction("SHA-224")) {
+ return EVP_sha224();
+ }
+ if (t->HasInstruction("SHA-256")) {
+ return EVP_sha256();
+ }
+ if (t->HasInstruction("SHA-384")) {
+ return EVP_sha384();
+ }
+ if (t->HasInstruction("SHA-512")) {
+ return EVP_sha512();
+ }
+ t->PrintLine("No supported digest function specified.");
+ return nullptr;
+}
diff --git a/src/fipsoracle/cavp_test_util.h b/src/fipsoracle/cavp_test_util.h
new file mode 100644
index 0000000..44bb496
--- /dev/null
+++ b/src/fipsoracle/cavp_test_util.h
@@ -0,0 +1,56 @@
+/* Copyright (c) 2017, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_CAVP_TEST_UTIL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_CAVP_TEST_UTIL_H
+
+#include <stdlib.h>
+#include <string>
+#include <vector>
+
+#include <openssl/aead.h>
+#include <openssl/cipher.h>
+
+#include "../crypto/test/file_test.h"
+
+
+std::string EncodeHex(const uint8_t *in, size_t in_len);
+
+const EVP_CIPHER *GetCipher(const std::string &name);
+
+bool CipherOperation(const EVP_CIPHER *cipher, std::vector<uint8_t> *out,
+ bool encrypt, const std::vector<uint8_t> &key,
+ const std::vector<uint8_t> &iv,
+ const std::vector<uint8_t> &in);
+
+bool AEADEncrypt(const EVP_AEAD *aead, std::vector<uint8_t> *ct,
+ std::vector<uint8_t> *tag, size_t tag_len,
+ const std::vector<uint8_t> &key,
+ const std::vector<uint8_t> &pt,
+ const std::vector<uint8_t> &aad, std::vector<uint8_t> *iv);
+
+bool AEADDecrypt(const EVP_AEAD *aead, std::vector<uint8_t> *pt,
+ std::vector<uint8_t> *aad, size_t pt_len, size_t aad_len,
+ const std::vector<uint8_t> &key,
+ const std::vector<uint8_t> &ct,
+ const std::vector<uint8_t> &tag, std::vector<uint8_t> &iv);
+
+bssl::UniquePtr<BIGNUM> GetBIGNUM(FileTest *t, const char *attribute);
+
+int GetECGroupNIDFromInstruction(FileTest *t);
+
+const EVP_MD *GetDigestFromInstruction(FileTest *t);
+
+
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_CAVP_TEST_UTIL_H
diff --git a/src/fipsoracle/run_cavp.go b/src/fipsoracle/run_cavp.go
new file mode 100644
index 0000000..449f1c5
--- /dev/null
+++ b/src/fipsoracle/run_cavp.go
@@ -0,0 +1,285 @@
+// run_cavp.go processes CAVP input files and generates suitable response
+// files, optionally comparing the results against the provided FAX files.
+package main
+
+import (
+ "bufio"
+ "flag"
+ "fmt"
+ "os"
+ "os/exec"
+ "path/filepath"
+ "strings"
+)
+
+var (
+ binaryDir = flag.String("bin-dir", "", "Directory containing fipsoracle binaries")
+ suiteDir = flag.String("suite-dir", "", "Base directory containing the CAVP test suite")
+)
+
+// test describes a single request file.
+type test struct {
+ // inFile is the base of the filename without an extension, i.e.
+ // “ECBMCT128”.
+ inFile string
+ // args are the arguments (not including the input filename) to the
+ // oracle binary.
+ args []string
+ // noFAX, if true, indicates that the output cannot be compared against
+ // the FAX file. (E.g. because the primitive is non-deterministic.)
+ noFAX bool
+}
+
+// testSuite describes a series of tests that are handled by a single oracle
+// binary.
+type testSuite struct {
+ // directory is the name of the directory in the CAVP input, i.e. “AES”.
+ directory string
+ // binary is the name of the binary that can process these tests.
+ binary string
+ tests []test
+}
+
+func (t *testSuite) getDirectory() string {
+ return filepath.Join(*suiteDir, t.directory)
+}
+
+var aesGCMTests = testSuite{
+ "AES_GCM",
+ "cavp_aes_gcm_test",
+ []test{
+ {"gcmDecrypt128", []string{"dec", "aes-128-gcm"}, false},
+ {"gcmDecrypt256", []string{"dec", "aes-256-gcm"}, false},
+ {"gcmEncryptIntIV128", []string{"enc", "aes-128-gcm"}, true},
+ {"gcmEncryptIntIV256", []string{"enc", "aes-256-gcm"}, true},
+ },
+}
+
+var aesTests = testSuite{
+ "AES",
+ "cavp_aes_test",
+ []test{
+ {"CBCGFSbox128", []string{"kat", "aes-128-cbc"}, false},
+ {"CBCGFSbox192", []string{"kat", "aes-192-cbc"}, false},
+ {"CBCGFSbox256", []string{"kat", "aes-256-cbc"}, false},
+ {"CBCKeySbox128", []string{"kat", "aes-128-cbc"}, false},
+ {"CBCKeySbox192", []string{"kat", "aes-192-cbc"}, false},
+ {"CBCKeySbox256", []string{"kat", "aes-256-cbc"}, false},
+ {"CBCMMT128", []string{"kat", "aes-128-cbc"}, false},
+ {"CBCMMT192", []string{"kat", "aes-192-cbc"}, false},
+ {"CBCMMT256", []string{"kat", "aes-256-cbc"}, false},
+ {"CBCVarKey128", []string{"kat", "aes-128-cbc"}, false},
+ {"CBCVarKey192", []string{"kat", "aes-192-cbc"}, false},
+ {"CBCVarKey256", []string{"kat", "aes-256-cbc"}, false},
+ {"CBCVarTxt128", []string{"kat", "aes-128-cbc"}, false},
+ {"CBCVarTxt192", []string{"kat", "aes-192-cbc"}, false},
+ {"CBCVarTxt256", []string{"kat", "aes-256-cbc"}, false},
+ {"ECBGFSbox128", []string{"kat", "aes-128-ecb"}, false},
+ {"ECBGFSbox192", []string{"kat", "aes-192-ecb"}, false},
+ {"ECBGFSbox256", []string{"kat", "aes-256-ecb"}, false},
+ {"ECBKeySbox128", []string{"kat", "aes-128-ecb"}, false},
+ {"ECBKeySbox192", []string{"kat", "aes-192-ecb"}, false},
+ {"ECBKeySbox256", []string{"kat", "aes-256-ecb"}, false},
+ {"ECBMMT128", []string{"kat", "aes-128-ecb"}, false},
+ {"ECBMMT192", []string{"kat", "aes-192-ecb"}, false},
+ {"ECBMMT256", []string{"kat", "aes-256-ecb"}, false},
+ {"ECBVarKey128", []string{"kat", "aes-128-ecb"}, false},
+ {"ECBVarKey192", []string{"kat", "aes-192-ecb"}, false},
+ {"ECBVarKey256", []string{"kat", "aes-256-ecb"}, false},
+ {"ECBVarTxt128", []string{"kat", "aes-128-ecb"}, false},
+ {"ECBVarTxt192", []string{"kat", "aes-192-ecb"}, false},
+ {"ECBVarTxt256", []string{"kat", "aes-256-ecb"}, false},
+ // AES Monte-Carlo tests
+ {"ECBMCT128", []string{"mct", "aes-128-ecb"}, false},
+ {"ECBMCT192", []string{"mct", "aes-192-ecb"}, false},
+ {"ECBMCT256", []string{"mct", "aes-256-ecb"}, false},
+ {"CBCMCT128", []string{"mct", "aes-128-cbc"}, false},
+ {"CBCMCT192", []string{"mct", "aes-192-cbc"}, false},
+ {"CBCMCT256", []string{"mct", "aes-256-cbc"}, false},
+ },
+}
+
+var ecdsa2PKVTests = testSuite{
+ "ECDSA2",
+ "cavp_ecdsa2_pkv_test",
+ []test{{"PKV", nil, false}},
+}
+
+var ecdsa2SigVerTests = testSuite{
+ "ECDSA2",
+ "cavp_ecdsa2_sigver_test",
+ []test{{"SigVer", nil, false}},
+}
+
+var shaTests = testSuite{
+ "SHA",
+ "cavp_sha_test",
+ []test{
+ {"SHA1LongMsg", []string{"SHA1"}, false},
+ {"SHA1ShortMsg", []string{"SHA1"}, false},
+ {"SHA224LongMsg", []string{"SHA224"}, false},
+ {"SHA224ShortMsg", []string{"SHA224"}, false},
+ {"SHA256LongMsg", []string{"SHA256"}, false},
+ {"SHA256ShortMsg", []string{"SHA256"}, false},
+ {"SHA384LongMsg", []string{"SHA384"}, false},
+ {"SHA384ShortMsg", []string{"SHA384"}, false},
+ {"SHA512LongMsg", []string{"SHA512"}, false},
+ {"SHA512ShortMsg", []string{"SHA512"}, false},
+ },
+}
+
+var shaMonteTests = testSuite{
+ "SHA",
+ "cavp_sha_monte_test",
+ []test{
+ {"SHA1Monte", []string{"SHA1"}, false},
+ {"SHA224Monte", []string{"SHA224"}, false},
+ {"SHA256Monte", []string{"SHA256"}, false},
+ {"SHA384Monte", []string{"SHA384"}, false},
+ {"SHA512Monte", []string{"SHA512"}, false},
+ },
+}
+
+var allTestSuites = []*testSuite{
+ &aesGCMTests,
+ &aesTests,
+ &ecdsa2PKVTests,
+ &ecdsa2SigVerTests,
+ &shaTests,
+ &shaMonteTests,
+}
+
+func main() {
+ flag.Parse()
+
+ if len(*binaryDir) == 0 {
+ fmt.Fprintf(os.Stderr, "Must give -bin-dir\n")
+ os.Exit(1)
+ }
+
+ for _, suite := range allTestSuites {
+ for _, test := range suite.tests {
+ if err := doTest(suite, test); err != nil {
+ fmt.Fprintf(os.Stderr, "%s\n", err)
+ os.Exit(2)
+ }
+
+ if !test.noFAX {
+ if err := compareFAX(suite, test); err != nil {
+ fmt.Fprintf(os.Stderr, "%s\n", err)
+ os.Exit(3)
+ }
+ }
+ }
+ }
+}
+
+func doTest(suite *testSuite, test test) error {
+ binary := filepath.Join(*binaryDir, suite.binary)
+
+ var args []string
+ args = append(args, test.args...)
+ args = append(args, filepath.Join(suite.getDirectory(), "req", test.inFile+".req"))
+
+ outPath := filepath.Join(suite.getDirectory(), "resp", test.inFile+".resp")
+ outFile, err := os.OpenFile(outPath, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644)
+ if err != nil {
+ return fmt.Errorf("cannot open output file for %q %q: %s", suite.getDirectory(), test.inFile, err)
+ }
+ defer outFile.Close()
+
+ cmd := exec.Command(binary, args...)
+ cmd.Stdout = outFile
+ cmd.Stderr = os.Stderr
+
+ if err := cmd.Run(); err != nil {
+ return fmt.Errorf("cannot run command for %q %q: %s", suite.getDirectory(), test.inFile, err)
+ }
+
+ return nil
+}
+
+func canonicalizeLine(in string) string {
+ if strings.HasPrefix(in, "Result = P (") {
+ return "Result = P"
+ }
+ if strings.HasPrefix(in, "Result = F (") {
+ return "Result = F"
+ }
+ return in
+}
+
+func compareFAX(suite *testSuite, test test) error {
+ respPath := filepath.Join(suite.getDirectory(), "resp", test.inFile+".resp")
+ respFile, err := os.Open(respPath)
+ if err != nil {
+ return fmt.Errorf("cannot read output of %q %q: %s", suite.getDirectory(), test.inFile, err)
+ }
+ defer respFile.Close()
+
+ faxPath := filepath.Join(suite.getDirectory(), "fax", test.inFile+".fax")
+ faxFile, err := os.Open(faxPath)
+ if err != nil {
+ return fmt.Errorf("cannot open fax file for %q %q: %s", suite.getDirectory(), test.inFile, err)
+ }
+ defer faxFile.Close()
+
+ respScanner := bufio.NewScanner(respFile)
+ faxScanner := bufio.NewScanner(faxFile)
+
+ lineNo := 0
+ inHeader := true
+
+ for respScanner.Scan() {
+ lineNo++
+ respLine := respScanner.Text()
+ var faxLine string
+
+ if inHeader && (len(respLine) == 0 || respLine[0] == '#') {
+ continue
+ }
+
+ for {
+ haveFaxLine := false
+
+ if inHeader {
+ for faxScanner.Scan() {
+ faxLine = faxScanner.Text()
+ if len(faxLine) != 0 && faxLine[0] != '#' {
+ haveFaxLine = true
+ break
+ }
+ }
+
+ inHeader = false
+ } else {
+ if faxScanner.Scan() {
+ faxLine = faxScanner.Text()
+ haveFaxLine = true
+ }
+ }
+
+ if !haveFaxLine {
+ return fmt.Errorf("resp file is longer than fax for %q %q", suite.getDirectory(), test.inFile)
+ }
+
+ if strings.HasPrefix(faxLine, " (Reason: ") {
+ continue
+ }
+
+ break
+ }
+
+ if canonicalizeLine(faxLine) == canonicalizeLine(respLine) {
+ continue
+ }
+
+ return fmt.Errorf("resp and fax differ at line %d for %q %q: %q vs %q", lineNo, suite.getDirectory(), test.inFile, respLine, faxLine)
+ }
+
+ if faxScanner.Scan() {
+ return fmt.Errorf("fax file is longer than resp for %q %q", suite.getDirectory(), test.inFile)
+ }
+
+ return nil
+}
diff --git a/src/include/openssl/bn.h b/src/include/openssl/bn.h
index 49d4495..5ebdade 100644
--- a/src/include/openssl/bn.h
+++ b/src/include/openssl/bn.h
@@ -797,10 +797,6 @@
int BN_mod_inverse_odd(BIGNUM *out, int *out_no_inverse, const BIGNUM *a,
const BIGNUM *n, BN_CTX *ctx);
-/* BN_kronecker returns the Kronecker symbol of |a| and |b| (which is -1, 0 or
- * 1), or -2 on error. */
-OPENSSL_EXPORT int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-
/* Montgomery arithmetic. */
diff --git a/src/include/openssl/cpu.h b/src/include/openssl/cpu.h
index 1a4294a..81cc5ba 100644
--- a/src/include/openssl/cpu.h
+++ b/src/include/openssl/cpu.h
@@ -91,6 +91,15 @@
* Note: the CPUID bits are pre-adjusted for the OSXSAVE bit and the YMM and XMM
* bits in XCR0, so it is not necessary to check those. */
extern uint32_t OPENSSL_ia32cap_P[4];
+
+#if defined(BORINGSSL_FIPS)
+const uint32_t *OPENSSL_ia32cap_get(void);
+#else
+static inline const uint32_t *OPENSSL_ia32cap_get(void) {
+ return OPENSSL_ia32cap_P;
+}
+#endif
+
#endif
#if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
diff --git a/src/include/openssl/err.h b/src/include/openssl/err.h
index a747b30..33a0bda 100644
--- a/src/include/openssl/err.h
+++ b/src/include/openssl/err.h
@@ -192,28 +192,17 @@
const char **data,
int *flags);
-/* ERR_error_string generates a human-readable string representing
- * |packed_error|, places it at |buf| (which must be at least
- * ERR_ERROR_STRING_BUF_LEN bytes long) and returns |buf|. If |buf| is NULL,
- * the error string is placed in a static buffer which is returned. (The static
- * buffer may be overridden by concurrent calls in other threads so this form
- * is deprecated.)
+/* ERR_error_string_n generates a human-readable string representing
+ * |packed_error| and places it at |buf|. It writes at most |len| bytes
+ * (including the terminating NUL) and truncates the string if necessary. If
+ * |len| is greater than zero then |buf| is always NUL terminated.
*
* The string will have the following format:
*
* error:[error code]:[library name]:OPENSSL_internal:[reason string]
*
* error code is an 8 digit hexadecimal number; library name and reason string
- * are ASCII text.
- *
- * TODO(fork): remove in favour of |ERR_error_string_n|. */
-OPENSSL_EXPORT char *ERR_error_string(uint32_t packed_error, char *buf);
-#define ERR_ERROR_STRING_BUF_LEN 256
-
-/* ERR_error_string_n is a variant of |ERR_error_string| that writes at most
- * len characters (including the terminating NUL) and truncates the string if
- * necessary. If |len| is greater than zero then |buf| is always NUL
- * terminated. */
+ * are ASCII text. */
OPENSSL_EXPORT void ERR_error_string_n(uint32_t packed_error, char *buf,
size_t len);
@@ -288,6 +277,18 @@
/* ERR_func_error_string returns the string "OPENSSL_internal". */
OPENSSL_EXPORT const char *ERR_func_error_string(uint32_t packed_error);
+/* ERR_error_string behaves like |ERR_error_string_n| but |len| is implicitly
+ * |ERR_ERROR_STRING_BUF_LEN| and it returns |buf|. If |buf| is NULL, the error
+ * string is placed in a static buffer which is returned. (The static buffer may
+ * be overridden by concurrent calls in other threads so this form should not be
+ * used.)
+ *
+ * Use |ERR_error_string_n| instead.
+ *
+ * TODO(fork): remove this function. */
+OPENSSL_EXPORT char *ERR_error_string(uint32_t packed_error, char *buf);
+#define ERR_ERROR_STRING_BUF_LEN 256
+
/* Private functions. */
diff --git a/src/ssl/handshake_client.c b/src/ssl/handshake_client.c
index 0629078..f204286 100644
--- a/src/ssl/handshake_client.c
+++ b/src/ssl/handshake_client.c
@@ -1255,11 +1255,8 @@
goto f_err;
}
hs->new_session->peer_signature_algorithm = signature_algorithm;
- } else if (hs->peer_pubkey->type == EVP_PKEY_RSA) {
- signature_algorithm = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
- } else if (hs->peer_pubkey->type == EVP_PKEY_EC) {
- signature_algorithm = SSL_SIGN_ECDSA_SHA1;
- } else {
+ } else if (!tls1_get_legacy_signature_algorithm(&signature_algorithm,
+ hs->peer_pubkey)) {
al = SSL_AD_UNSUPPORTED_CERTIFICATE;
OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
goto f_err;
diff --git a/src/ssl/handshake_server.c b/src/ssl/handshake_server.c
index 63027d6..4eaf3cb 100644
--- a/src/ssl/handshake_server.c
+++ b/src/ssl/handshake_server.c
@@ -1722,11 +1722,8 @@
goto f_err;
}
hs->new_session->peer_signature_algorithm = signature_algorithm;
- } else if (hs->peer_pubkey->type == EVP_PKEY_RSA) {
- signature_algorithm = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
- } else if (hs->peer_pubkey->type == EVP_PKEY_EC) {
- signature_algorithm = SSL_SIGN_ECDSA_SHA1;
- } else {
+ } else if (!tls1_get_legacy_signature_algorithm(&signature_algorithm,
+ hs->peer_pubkey)) {
al = SSL_AD_UNSUPPORTED_CERTIFICATE;
OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
goto f_err;
diff --git a/src/ssl/internal.h b/src/ssl/internal.h
index 1ed7e15..e7a3f7a 100644
--- a/src/ssl/internal.h
+++ b/src/ssl/internal.h
@@ -1272,6 +1272,11 @@
* error. */
int tls1_parse_peer_sigalgs(SSL_HANDSHAKE *hs, const CBS *sigalgs);
+/* tls1_get_legacy_signature_algorithm sets |*out| to the signature algorithm
+ * that should be used with |pkey| in TLS 1.1 and earlier. It returns one on
+ * success and zero if |pkey| may not be used at those versions. */
+int tls1_get_legacy_signature_algorithm(uint16_t *out, const EVP_PKEY *pkey);
+
/* tls1_choose_signature_algorithm sets |*out| to a signature algorithm for use
* with |hs|'s private key based on the peer's preferences and the algorithms
* supported. It returns one on success and zero on error. */
diff --git a/src/ssl/ssl_test.cc b/src/ssl/ssl_test.cc
index 3296c17..80465ce 100644
--- a/src/ssl/ssl_test.cc
+++ b/src/ssl/ssl_test.cc
@@ -306,57 +306,39 @@
":X25519:P-256",
};
-static void PrintCipherPreferenceList(ssl_cipher_preference_list_st *list) {
+static std::string CipherListToString(ssl_cipher_preference_list_st *list) {
bool in_group = false;
+ std::string ret;
for (size_t i = 0; i < sk_SSL_CIPHER_num(list->ciphers); i++) {
const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(list->ciphers, i);
if (!in_group && list->in_group_flags[i]) {
- fprintf(stderr, "\t[\n");
+ ret += "\t[\n";
in_group = true;
}
- fprintf(stderr, "\t");
+ ret += "\t";
if (in_group) {
- fprintf(stderr, " ");
+ ret += " ";
}
- fprintf(stderr, "%s\n", SSL_CIPHER_get_name(cipher));
+ ret += SSL_CIPHER_get_name(cipher);
+ ret += "\n";
if (in_group && !list->in_group_flags[i]) {
- fprintf(stderr, "\t]\n");
+ ret += "\t]\n";
in_group = false;
}
}
+ return ret;
}
-static bool TestCipherRule(const CipherTest &t) {
- bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
- if (!ctx) {
+static bool CipherListsEqual(ssl_cipher_preference_list_st *list,
+ const std::vector<ExpectedCipher> &expected) {
+ if (sk_SSL_CIPHER_num(list->ciphers) != expected.size()) {
return false;
}
- if (!SSL_CTX_set_cipher_list(ctx.get(), t.rule)) {
- fprintf(stderr, "Error testing cipher rule '%s'\n", t.rule);
- return false;
- }
-
- if (!SSL_CTX_set_strict_cipher_list(ctx.get(), t.rule) != t.strict_fail) {
- fprintf(stderr, "Unexpected strict failure result testing cipher rule '%s':"
- " expected %d\n", t.rule, t.strict_fail);
- return false;
- }
-
- // Compare the two lists.
- if (sk_SSL_CIPHER_num(ctx->cipher_list->ciphers) != t.expected.size()) {
- fprintf(stderr, "Error: cipher rule '%s' evaluated to:\n", t.rule);
- PrintCipherPreferenceList(ctx->cipher_list);
- return false;
- }
-
- for (size_t i = 0; i < t.expected.size(); i++) {
- const SSL_CIPHER *cipher =
- sk_SSL_CIPHER_value(ctx->cipher_list->ciphers, i);
- if (t.expected[i].id != SSL_CIPHER_get_id(cipher) ||
- t.expected[i].in_group_flag != ctx->cipher_list->in_group_flags[i]) {
- fprintf(stderr, "Error: cipher rule '%s' evaluated to:\n", t.rule);
- PrintCipherPreferenceList(ctx->cipher_list);
+ for (size_t i = 0; i < expected.size(); i++) {
+ const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(list->ciphers, i);
+ if (expected[i].id != SSL_CIPHER_get_id(cipher) ||
+ expected[i].in_group_flag != list->in_group_flags[i]) {
return false;
}
}
@@ -364,99 +346,72 @@
return true;
}
-static bool TestRuleDoesNotIncludeNull(const char *rule) {
- bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(SSLv23_server_method()));
- if (!ctx) {
- return false;
- }
- if (!SSL_CTX_set_strict_cipher_list(ctx.get(), rule)) {
- fprintf(stderr, "Error: cipher rule '%s' failed\n", rule);
- return false;
- }
- for (size_t i = 0; i < sk_SSL_CIPHER_num(ctx->cipher_list->ciphers); i++) {
- if (SSL_CIPHER_is_NULL(sk_SSL_CIPHER_value(ctx->cipher_list->ciphers, i))) {
- fprintf(stderr, "Error: cipher rule '%s' includes NULL\n",rule);
- return false;
- }
- }
- return true;
-}
+TEST(SSLTest, CipherRules) {
+ for (const CipherTest &t : kCipherTests) {
+ SCOPED_TRACE(t.rule);
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
+ ASSERT_TRUE(ctx);
-static bool TestCipherRules() {
- for (const CipherTest &test : kCipherTests) {
- if (!TestCipherRule(test)) {
- return false;
+ // Test lax mode.
+ ASSERT_TRUE(SSL_CTX_set_cipher_list(ctx.get(), t.rule));
+ EXPECT_TRUE(CipherListsEqual(ctx->cipher_list, t.expected))
+ << "Cipher rule evaluated to:\n"
+ << CipherListToString(ctx->cipher_list);
+
+ // Test strict mode.
+ if (t.strict_fail) {
+ EXPECT_FALSE(SSL_CTX_set_strict_cipher_list(ctx.get(), t.rule));
+ } else {
+ ASSERT_TRUE(SSL_CTX_set_strict_cipher_list(ctx.get(), t.rule));
+ EXPECT_TRUE(CipherListsEqual(ctx->cipher_list, t.expected))
+ << "Cipher rule evaluated to:\n"
+ << CipherListToString(ctx->cipher_list);
}
}
for (const char *rule : kBadRules) {
- bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(SSLv23_server_method()));
- if (!ctx) {
- return false;
- }
- if (SSL_CTX_set_cipher_list(ctx.get(), rule)) {
- fprintf(stderr, "Cipher rule '%s' unexpectedly succeeded\n", rule);
- return false;
- }
+ SCOPED_TRACE(rule);
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
+ ASSERT_TRUE(ctx);
+
+ EXPECT_FALSE(SSL_CTX_set_cipher_list(ctx.get(), rule));
ERR_clear_error();
}
for (const char *rule : kMustNotIncludeNull) {
- if (!TestRuleDoesNotIncludeNull(rule)) {
- return false;
+ SCOPED_TRACE(rule);
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
+ ASSERT_TRUE(ctx);
+
+ ASSERT_TRUE(SSL_CTX_set_strict_cipher_list(ctx.get(), rule));
+ for (size_t i = 0; i < sk_SSL_CIPHER_num(ctx->cipher_list->ciphers); i++) {
+ EXPECT_FALSE(SSL_CIPHER_is_NULL(
+ sk_SSL_CIPHER_value(ctx->cipher_list->ciphers, i)));
}
}
-
- return true;
}
-static bool TestCurveRule(const CurveTest &t) {
- bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
- if (!ctx) {
- return false;
- }
+TEST(SSLTest, CurveRules) {
+ for (const CurveTest &t : kCurveTests) {
+ SCOPED_TRACE(t.rule);
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
+ ASSERT_TRUE(ctx);
- if (!SSL_CTX_set1_curves_list(ctx.get(), t.rule)) {
- fprintf(stderr, "Error testing curves list '%s'\n", t.rule);
- return false;
- }
-
- // Compare the two lists.
- if (ctx->supported_group_list_len != t.expected.size()) {
- fprintf(stderr, "Error testing curves list '%s': length\n", t.rule);
- return false;
- }
-
- for (size_t i = 0; i < t.expected.size(); i++) {
- if (t.expected[i] != ctx->supported_group_list[i]) {
- fprintf(stderr, "Error testing curves list '%s': mismatch\n", t.rule);
- return false;
- }
- }
-
- return true;
-}
-
-static bool TestCurveRules() {
- for (const CurveTest &test : kCurveTests) {
- if (!TestCurveRule(test)) {
- return false;
+ ASSERT_TRUE(SSL_CTX_set1_curves_list(ctx.get(), t.rule));
+ ASSERT_EQ(t.expected.size(), ctx->supported_group_list_len);
+ for (size_t i = 0; i < t.expected.size(); i++) {
+ EXPECT_EQ(t.expected[i], ctx->supported_group_list[i]);
}
}
for (const char *rule : kBadCurvesLists) {
- bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(SSLv23_server_method()));
- if (!ctx) {
- return false;
- }
- if (SSL_CTX_set1_curves_list(ctx.get(), rule)) {
- fprintf(stderr, "Curves list '%s' unexpectedly succeeded\n", rule);
- return false;
- }
+ SCOPED_TRACE(rule);
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
+ ASSERT_TRUE(ctx);
+
+ EXPECT_FALSE(SSL_CTX_set1_curves_list(ctx.get(), rule));
ERR_clear_error();
}
-
- return true;
}
// kOpenSSLSession is a serialized SSL_SESSION.
@@ -756,31 +711,23 @@
return true;
}
-static bool TestDefaultVersion(uint16_t min_version, uint16_t max_version,
- const SSL_METHOD *(*method)(void)) {
+static void ExpectDefaultVersion(uint16_t min_version, uint16_t max_version,
+ const SSL_METHOD *(*method)(void)) {
bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(method()));
- if (!ctx) {
- return false;
- }
- if (ctx->min_version != min_version || ctx->max_version != max_version) {
- fprintf(stderr, "Got min %04x, max %04x; wanted min %04x, max %04x\n",
- ctx->min_version, ctx->max_version, min_version, max_version);
- return false;
- }
- return true;
+ ASSERT_TRUE(ctx);
+ EXPECT_EQ(min_version, ctx->min_version);
+ EXPECT_EQ(max_version, ctx->max_version);
}
-static bool CipherGetRFCName(std::string *out, uint16_t value) {
- const SSL_CIPHER *cipher = SSL_get_cipher_by_value(value);
- if (cipher == NULL) {
- return false;
- }
- bssl::UniquePtr<char> rfc_name(SSL_CIPHER_get_rfc_name(cipher));
- if (!rfc_name) {
- return false;
- }
- out->assign(rfc_name.get());
- return true;
+TEST(SSLTest, DefaultVersion) {
+ // TODO(svaldez): Update this when TLS 1.3 is enabled by default.
+ ExpectDefaultVersion(TLS1_VERSION, TLS1_2_VERSION, &TLS_method);
+ ExpectDefaultVersion(TLS1_VERSION, TLS1_VERSION, &TLSv1_method);
+ ExpectDefaultVersion(TLS1_1_VERSION, TLS1_1_VERSION, &TLSv1_1_method);
+ ExpectDefaultVersion(TLS1_2_VERSION, TLS1_2_VERSION, &TLSv1_2_method);
+ ExpectDefaultVersion(TLS1_1_VERSION, TLS1_2_VERSION, &DTLS_method);
+ ExpectDefaultVersion(TLS1_1_VERSION, TLS1_1_VERSION, &DTLSv1_method);
+ ExpectDefaultVersion(TLS1_2_VERSION, TLS1_2_VERSION, &DTLSv1_2_method);
}
typedef struct {
@@ -810,22 +757,17 @@
{TLS1_CK_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256"},
};
-static bool TestCipherGetRFCName(void) {
- for (size_t i = 0;
- i < OPENSSL_ARRAY_SIZE(kCipherRFCNameTests); i++) {
- const CIPHER_RFC_NAME_TEST *test = &kCipherRFCNameTests[i];
- std::string rfc_name;
- if (!CipherGetRFCName(&rfc_name, test->id & 0xffff)) {
- fprintf(stderr, "SSL_CIPHER_get_rfc_name failed\n");
- return false;
- }
- if (rfc_name != test->rfc_name) {
- fprintf(stderr, "SSL_CIPHER_get_rfc_name: got '%s', wanted '%s'\n",
- rfc_name.c_str(), test->rfc_name);
- return false;
- }
+TEST(SSLTest, CipherGetRFCName) {
+ for (const CIPHER_RFC_NAME_TEST &t : kCipherRFCNameTests) {
+ SCOPED_TRACE(t.rfc_name);
+
+ const SSL_CIPHER *cipher = SSL_get_cipher_by_value(t.id & 0xffff);
+ ASSERT_TRUE(cipher);
+ bssl::UniquePtr<char> rfc_name(SSL_CIPHER_get_rfc_name(cipher));
+ ASSERT_TRUE(rfc_name);
+
+ EXPECT_STREQ(t.rfc_name, rfc_name.get());
}
- return true;
}
// CreateSessionWithTicket returns a sample |SSL_SESSION| with the specified
@@ -1014,9 +956,9 @@
out->push_back(session);
}
-// ExpectCache returns true if |ctx|'s session cache consists of |expected|, in
+// CacheEquals returns true if |ctx|'s session cache consists of |expected|, in
// order.
-static bool ExpectCache(SSL_CTX *ctx,
+static bool CacheEquals(SSL_CTX *ctx,
const std::vector<SSL_SESSION*> &expected) {
// Check the linked list.
SSL_SESSION *ptr = ctx->session_cache_head;
@@ -1064,19 +1006,15 @@
}
// Test that the internal session cache behaves as expected.
-static bool TestInternalSessionCache() {
+TEST(SSLTest, InternalSessionCache) {
bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
- if (!ctx) {
- return false;
- }
+ ASSERT_TRUE(ctx);
// Prepare 10 test sessions.
std::vector<bssl::UniquePtr<SSL_SESSION>> sessions;
for (int i = 0; i < 10; i++) {
bssl::UniquePtr<SSL_SESSION> session = CreateTestSession(i);
- if (!session) {
- return false;
- }
+ ASSERT_TRUE(session);
sessions.push_back(std::move(session));
}
@@ -1084,68 +1022,42 @@
// Insert all the test sessions.
for (const auto &session : sessions) {
- if (!SSL_CTX_add_session(ctx.get(), session.get())) {
- return false;
- }
+ ASSERT_TRUE(SSL_CTX_add_session(ctx.get(), session.get()));
}
// Only the last five should be in the list.
- std::vector<SSL_SESSION*> expected = {
- sessions[9].get(),
- sessions[8].get(),
- sessions[7].get(),
- sessions[6].get(),
- sessions[5].get(),
- };
- if (!ExpectCache(ctx.get(), expected)) {
- return false;
- }
+ ASSERT_TRUE(CacheEquals(
+ ctx.get(), {sessions[9].get(), sessions[8].get(), sessions[7].get(),
+ sessions[6].get(), sessions[5].get()}));
- // Inserting an element already in the cache should fail.
- if (SSL_CTX_add_session(ctx.get(), sessions[7].get()) ||
- !ExpectCache(ctx.get(), expected)) {
- return false;
- }
+ // Inserting an element already in the cache should fail and leave the cache
+ // unchanged.
+ ASSERT_FALSE(SSL_CTX_add_session(ctx.get(), sessions[7].get()));
+ ASSERT_TRUE(CacheEquals(
+ ctx.get(), {sessions[9].get(), sessions[8].get(), sessions[7].get(),
+ sessions[6].get(), sessions[5].get()}));
// Although collisions should be impossible (256-bit session IDs), the cache
// must handle them gracefully.
bssl::UniquePtr<SSL_SESSION> collision(CreateTestSession(7));
- if (!collision || !SSL_CTX_add_session(ctx.get(), collision.get())) {
- return false;
- }
- expected = {
- collision.get(),
- sessions[9].get(),
- sessions[8].get(),
- sessions[6].get(),
- sessions[5].get(),
- };
- if (!ExpectCache(ctx.get(), expected)) {
- return false;
- }
+ ASSERT_TRUE(collision);
+ ASSERT_TRUE(SSL_CTX_add_session(ctx.get(), collision.get()));
+ ASSERT_TRUE(CacheEquals(
+ ctx.get(), {collision.get(), sessions[9].get(), sessions[8].get(),
+ sessions[6].get(), sessions[5].get()}));
// Removing sessions behaves correctly.
- if (!SSL_CTX_remove_session(ctx.get(), sessions[6].get())) {
- return false;
- }
- expected = {
- collision.get(),
- sessions[9].get(),
- sessions[8].get(),
- sessions[5].get(),
- };
- if (!ExpectCache(ctx.get(), expected)) {
- return false;
- }
+ ASSERT_TRUE(SSL_CTX_remove_session(ctx.get(), sessions[6].get()));
+ ASSERT_TRUE(CacheEquals(ctx.get(), {collision.get(), sessions[9].get(),
+ sessions[8].get(), sessions[5].get()}));
// Removing sessions requires an exact match.
- if (SSL_CTX_remove_session(ctx.get(), sessions[0].get()) ||
- SSL_CTX_remove_session(ctx.get(), sessions[7].get()) ||
- !ExpectCache(ctx.get(), expected)) {
- return false;
- }
+ ASSERT_FALSE(SSL_CTX_remove_session(ctx.get(), sessions[0].get()));
+ ASSERT_FALSE(SSL_CTX_remove_session(ctx.get(), sessions[7].get()));
- return true;
+ // The cache remains unchanged.
+ ASSERT_TRUE(CacheEquals(ctx.get(), {collision.get(), sessions[9].get(),
+ sessions[8].get(), sessions[5].get()}));
}
static uint16_t EpochFromSequence(uint64_t seq) {
@@ -3544,23 +3456,12 @@
// TODO(davidben): Convert this file to GTest properly.
TEST(SSLTest, AllTests) {
- if (!TestCipherRules() ||
- !TestCurveRules() ||
- !TestSSL_SESSIONEncoding(kOpenSSLSession) ||
+ if (!TestSSL_SESSIONEncoding(kOpenSSLSession) ||
!TestSSL_SESSIONEncoding(kCustomSession) ||
!TestSSL_SESSIONEncoding(kBoringSSLSession) ||
!TestBadSSL_SESSIONEncoding(kBadSessionExtraField) ||
!TestBadSSL_SESSIONEncoding(kBadSessionVersion) ||
!TestBadSSL_SESSIONEncoding(kBadSessionTrailingData) ||
- // TODO(svaldez): Update this when TLS 1.3 is enabled by default.
- !TestDefaultVersion(TLS1_VERSION, TLS1_2_VERSION, &TLS_method) ||
- !TestDefaultVersion(TLS1_VERSION, TLS1_VERSION, &TLSv1_method) ||
- !TestDefaultVersion(TLS1_1_VERSION, TLS1_1_VERSION, &TLSv1_1_method) ||
- !TestDefaultVersion(TLS1_2_VERSION, TLS1_2_VERSION, &TLSv1_2_method) ||
- !TestDefaultVersion(TLS1_1_VERSION, TLS1_2_VERSION, &DTLS_method) ||
- !TestDefaultVersion(TLS1_1_VERSION, TLS1_1_VERSION, &DTLSv1_method) ||
- !TestDefaultVersion(TLS1_2_VERSION, TLS1_2_VERSION, &DTLSv1_2_method) ||
- !TestCipherGetRFCName() ||
// Test the padding extension at TLS 1.2.
!TestPaddingExtension(TLS1_2_VERSION, TLS1_2_VERSION) ||
// Test the padding extension at TLS 1.3 with a TLS 1.2 session, so there
@@ -3569,7 +3470,6 @@
// Test the padding extension at TLS 1.3 with a TLS 1.3 session, so there
// will be a PSK binder after the padding extension.
!TestPaddingExtension(TLS1_3_VERSION, TLS1_3_DRAFT_VERSION) ||
- !TestInternalSessionCache() ||
!ForEachVersion(TestSequenceNumber) ||
!ForEachVersion(TestOneSidedShutdown) ||
!ForEachVersion(TestGetPeerCertificate) ||
diff --git a/src/ssl/t1_lib.c b/src/ssl/t1_lib.c
index c2a5dde..000a8cd 100644
--- a/src/ssl/t1_lib.c
+++ b/src/ssl/t1_lib.c
@@ -3328,24 +3328,31 @@
return 1;
}
+int tls1_get_legacy_signature_algorithm(uint16_t *out, const EVP_PKEY *pkey) {
+ switch (EVP_PKEY_id(pkey)) {
+ case EVP_PKEY_RSA:
+ *out = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
+ return 1;
+ case EVP_PKEY_EC:
+ *out = SSL_SIGN_ECDSA_SHA1;
+ return 1;
+ default:
+ return 0;
+ }
+}
+
int tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs, uint16_t *out) {
SSL *const ssl = hs->ssl;
CERT *cert = ssl->cert;
/* Before TLS 1.2, the signature algorithm isn't negotiated as part of the
- * handshake. It is fixed at MD5-SHA1 for RSA and SHA1 for ECDSA. */
+ * handshake. */
if (ssl3_protocol_version(ssl) < TLS1_2_VERSION) {
- switch (EVP_PKEY_id(hs->local_pubkey)) {
- case EVP_PKEY_RSA:
- *out = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
- return 1;
- case EVP_PKEY_EC:
- *out = SSL_SIGN_ECDSA_SHA1;
- return 1;
- default:
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS);
- return 0;
+ if (!tls1_get_legacy_signature_algorithm(out, hs->local_pubkey)) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS);
+ return 0;
}
+ return 1;
}
const uint16_t *sigalgs = cert->sigalgs;
diff --git a/src/ssl/test/runner/cipher_suites.go b/src/ssl/test/runner/cipher_suites.go
index 3b2298e..2490bee 100644
--- a/src/ssl/test/runner/cipher_suites.go
+++ b/src/ssl/test/runner/cipher_suites.go
@@ -122,12 +122,6 @@
{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 32, 48, ivLenAES, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteSHA384, cipherAES, macSHA384, nil},
{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, ivLenAES, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, ivLenAES, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil},
- {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 16, 0, ivLenAESGCM, dheRSAKA, suiteTLS12 | suiteDHE, nil, nil, aeadAESGCM},
- {TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, 32, 0, ivLenAESGCM, dheRSAKA, suiteTLS12 | suiteSHA384 | suiteDHE, nil, nil, aeadAESGCM},
- {TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, ivLenAES, dheRSAKA, suiteTLS12 | suiteDHE, cipherAES, macSHA256, nil},
- {TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 32, 32, ivLenAES, dheRSAKA, suiteTLS12 | suiteDHE, cipherAES, macSHA256, nil},
- {TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, ivLenAES, dheRSAKA, suiteDHE, cipherAES, macSHA1, nil},
- {TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, ivLenAES, dheRSAKA, suiteDHE, cipherAES, macSHA1, nil},
{TLS_RSA_WITH_AES_128_GCM_SHA256, 16, 0, ivLenAESGCM, rsaKA, suiteTLS12, nil, nil, aeadAESGCM},
{TLS_RSA_WITH_AES_256_GCM_SHA384, 32, 0, ivLenAESGCM, rsaKA, suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
{TLS_RSA_WITH_RC4_128_SHA, 16, 20, noIV, rsaKA, suiteNoDTLS, cipherRC4, macSHA1, nil},
@@ -137,7 +131,6 @@
{TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, ivLenAES, rsaKA, 0, cipherAES, macSHA1, nil},
{TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, ivLenAES, rsaKA, 0, cipherAES, macSHA1, nil},
{TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, ivLen3DES, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil},
- {TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, ivLen3DES, dheRSAKA, suiteDHE, cipher3DES, macSHA1, nil},
{TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, ivLen3DES, rsaKA, 0, cipher3DES, macSHA1, nil},
{TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 32, 0, ivLenChaCha20Poly1305, ecdhePSKKA, suiteECDHE | suitePSK | suiteTLS12, nil, nil, aeadCHACHA20POLY1305},
{TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, 16, 20, ivLenAES, ecdhePSKKA, suiteECDHE | suitePSK, cipherAES, macSHA1, nil},
@@ -419,15 +412,6 @@
}
}
-func dheRSAKA(version uint16) keyAgreement {
- return &dheKeyAgreement{
- auth: &signedKeyAgreement{
- keyType: keyTypeRSA,
- version: version,
- },
- }
-}
-
func pskKA(version uint16) keyAgreement {
return &pskKeyAgreement{
base: &nilKeyAgreement{},
@@ -469,22 +453,15 @@
TLS_RSA_WITH_RC4_128_MD5 uint16 = 0x0004
TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005
TLS_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x000a
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x0016
TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0x0033
TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0039
TLS_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003c
TLS_RSA_WITH_AES_256_CBC_SHA256 uint16 = 0x003d
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x0067
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 uint16 = 0x006b
TLS_PSK_WITH_RC4_128_SHA uint16 = 0x008a
TLS_PSK_WITH_AES_128_CBC_SHA uint16 = 0x008c
TLS_PSK_WITH_AES_256_CBC_SHA uint16 = 0x008d
TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009c
TLS_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009d
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009e
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009f
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xc009
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xc00a
diff --git a/src/ssl/test/runner/common.go b/src/ssl/test/runner/common.go
index 0f54800..052f879 100644
--- a/src/ssl/test/runner/common.go
+++ b/src/ssl/test/runner/common.go
@@ -879,10 +879,6 @@
// BadFinished, if true, causes the Finished hash to be broken.
BadFinished bool
- // DHGroupPrime, if not nil, is used to define the (finite field)
- // Diffie-Hellman group. The generator used is always two.
- DHGroupPrime *big.Int
-
// PackHandshakeFragments, if true, causes handshake fragments in DTLS
// to be packed into individual handshake records, up to the specified
// record size.
@@ -1005,11 +1001,6 @@
// message. This only makes sense for a server.
SendHelloRequestBeforeEveryHandshakeMessage bool
- // RequireDHPublicValueLen causes a fatal error if the length (in
- // bytes) of the server's Diffie-Hellman public value is not equal to
- // this.
- RequireDHPublicValueLen int
-
// BadChangeCipherSpec, if not nil, is the body to be sent in
// ChangeCipherSpec records instead of {1}.
BadChangeCipherSpec []byte
diff --git a/src/ssl/test/runner/key_agreement.go b/src/ssl/test/runner/key_agreement.go
index 3936d88..e33557b 100644
--- a/src/ssl/test/runner/key_agreement.go
+++ b/src/ssl/test/runner/key_agreement.go
@@ -7,7 +7,6 @@
import (
"crypto/ecdsa"
"crypto/elliptic"
- "crypto/rand"
"crypto/rsa"
"crypto/subtle"
"crypto/x509"
@@ -545,147 +544,6 @@
return 0
}
-// dheRSAKeyAgreement implements a TLS key agreement where the server generates
-// an ephemeral Diffie-Hellman public/private key pair and signs it. The
-// pre-master secret is then calculated using Diffie-Hellman.
-type dheKeyAgreement struct {
- auth keyAgreementAuthentication
- p, g *big.Int
- yTheirs *big.Int
- xOurs *big.Int
-}
-
-func (ka *dheKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
- var q *big.Int
- if p := config.Bugs.DHGroupPrime; p != nil {
- ka.p = p
- ka.g = big.NewInt(2)
- q = p
- } else {
- // 2048-bit MODP Group with 256-bit Prime Order Subgroup (RFC
- // 5114, Section 2.3)
- ka.p, _ = new(big.Int).SetString("87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597", 16)
- ka.g, _ = new(big.Int).SetString("3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659", 16)
- q, _ = new(big.Int).SetString("8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3", 16)
- }
-
- var err error
- ka.xOurs, err = rand.Int(config.rand(), q)
- if err != nil {
- return nil, err
- }
- yOurs := new(big.Int).Exp(ka.g, ka.xOurs, ka.p)
-
- // http://tools.ietf.org/html/rfc5246#section-7.4.3
- pBytes := ka.p.Bytes()
- gBytes := ka.g.Bytes()
- yBytes := yOurs.Bytes()
- serverDHParams := make([]byte, 0, 2+len(pBytes)+2+len(gBytes)+2+len(yBytes))
- serverDHParams = append(serverDHParams, byte(len(pBytes)>>8), byte(len(pBytes)))
- serverDHParams = append(serverDHParams, pBytes...)
- serverDHParams = append(serverDHParams, byte(len(gBytes)>>8), byte(len(gBytes)))
- serverDHParams = append(serverDHParams, gBytes...)
- serverDHParams = append(serverDHParams, byte(len(yBytes)>>8), byte(len(yBytes)))
- serverDHParams = append(serverDHParams, yBytes...)
-
- return ka.auth.signParameters(config, cert, clientHello, hello, serverDHParams)
-}
-
-func (ka *dheKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
- if len(ckx.ciphertext) < 2 {
- return nil, errClientKeyExchange
- }
- yLen := (int(ckx.ciphertext[0]) << 8) | int(ckx.ciphertext[1])
- if yLen != len(ckx.ciphertext)-2 {
- return nil, errClientKeyExchange
- }
- yTheirs := new(big.Int).SetBytes(ckx.ciphertext[2:])
- if yTheirs.Sign() <= 0 || yTheirs.Cmp(ka.p) >= 0 {
- return nil, errClientKeyExchange
- }
- return new(big.Int).Exp(yTheirs, ka.xOurs, ka.p).Bytes(), nil
-}
-
-func (ka *dheKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
- // Read dh_p
- k := skx.key
- if len(k) < 2 {
- return errServerKeyExchange
- }
- pLen := (int(k[0]) << 8) | int(k[1])
- k = k[2:]
- if len(k) < pLen {
- return errServerKeyExchange
- }
- ka.p = new(big.Int).SetBytes(k[:pLen])
- k = k[pLen:]
-
- // Read dh_g
- if len(k) < 2 {
- return errServerKeyExchange
- }
- gLen := (int(k[0]) << 8) | int(k[1])
- k = k[2:]
- if len(k) < gLen {
- return errServerKeyExchange
- }
- ka.g = new(big.Int).SetBytes(k[:gLen])
- k = k[gLen:]
-
- // Read dh_Ys
- if len(k) < 2 {
- return errServerKeyExchange
- }
- yLen := (int(k[0]) << 8) | int(k[1])
- k = k[2:]
- if len(k) < yLen {
- return errServerKeyExchange
- }
- ka.yTheirs = new(big.Int).SetBytes(k[:yLen])
- k = k[yLen:]
- if ka.yTheirs.Sign() <= 0 || ka.yTheirs.Cmp(ka.p) >= 0 {
- return errServerKeyExchange
- }
-
- if l := config.Bugs.RequireDHPublicValueLen; l != 0 && l != yLen {
- return fmt.Errorf("RequireDHPublicValueLen set to %d, but server's public value was %d bytes on the wire and %d bytes if minimal", l, yLen, (ka.yTheirs.BitLen()+7)/8)
- }
-
- sig := k
- serverDHParams := skx.key[:len(skx.key)-len(sig)]
-
- return ka.auth.verifyParameters(config, clientHello, serverHello, cert, serverDHParams, sig)
-}
-
-func (ka *dheKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
- if ka.p == nil || ka.g == nil || ka.yTheirs == nil {
- return nil, nil, errors.New("missing ServerKeyExchange message")
- }
-
- xOurs, err := rand.Int(config.rand(), ka.p)
- if err != nil {
- return nil, nil, err
- }
- preMasterSecret := new(big.Int).Exp(ka.yTheirs, xOurs, ka.p).Bytes()
-
- yOurs := new(big.Int).Exp(ka.g, xOurs, ka.p)
- yBytes := yOurs.Bytes()
- ckx := new(clientKeyExchangeMsg)
- ckx.ciphertext = make([]byte, 2+len(yBytes))
- ckx.ciphertext[0] = byte(len(yBytes) >> 8)
- ckx.ciphertext[1] = byte(len(yBytes))
- copy(ckx.ciphertext[2:], yBytes)
-
- return preMasterSecret, ckx, nil
-}
-
-func (ka *dheKeyAgreement) peerSignatureAlgorithm() signatureAlgorithm {
- if auth, ok := ka.auth.(*signedKeyAgreement); ok {
- return auth.peerSignatureAlgorithm
- }
- return 0
-}
-
// nilKeyAgreement is a fake key agreement used to implement the plain PSK key
// exchange.
type nilKeyAgreement struct{}
diff --git a/src/ssl/test/runner/runner.go b/src/ssl/test/runner/runner.go
index 378ac57..55e22b6 100644
--- a/src/ssl/test/runner/runner.go
+++ b/src/ssl/test/runner/runner.go
@@ -1106,10 +1106,7 @@
}
if len(extraStderr) > 0 || (!failed && len(stderr) > 0) {
- lines := strings.Split(stderr, "\n")
- if len(lines) != 2 || lines[1] != "" || !strings.Contains(lines[0], "The kernel entropy pool contains too few bits") {
- return fmt.Errorf("unexpected error output:\n%s\n%s", stderr, extraStderr)
- }
+ return fmt.Errorf("unexpected error output:\n%s\n%s", stderr, extraStderr)
}
if *useValgrind && isValgrindError {
@@ -3644,8 +3641,7 @@
MaxVersion: VersionTLS13,
MinVersion: VersionTLS13,
Bugs: ProtocolBugs{
- SendEarlyData: [][]byte{bytes.Repeat([]byte{1},
- 14336 + 1)},
+ SendEarlyData: [][]byte{bytes.Repeat([]byte{1}, 14336+1)},
ExpectEarlyDataAccepted: true,
},
},
diff --git a/src/util/all_tests.json b/src/util/all_tests.json
index 8eab730..83dc5e3 100644
--- a/src/util/all_tests.json
+++ b/src/util/all_tests.json
@@ -32,10 +32,8 @@
["crypto/cipher/cipher_test", "crypto/cipher/test/nist_cavp/aes_256_ctr.txt"],
["crypto/cipher/cipher_test", "crypto/cipher/test/nist_cavp/tdes_cbc.txt"],
["crypto/cipher/cipher_test", "crypto/cipher/test/nist_cavp/tdes_ecb.txt"],
- ["crypto/cmac/cmac_test"],
["crypto/crypto_test"],
["crypto/curve25519/ed25519_test", "crypto/curve25519/ed25519_tests.txt"],
- ["crypto/curve25519/spake25519_test"],
["crypto/digest_extra/digest_test"],
["crypto/ecdh/ecdh_test", "crypto/ecdh/ecdh_tests.txt"],
["crypto/ecdsa/ecdsa_sign_test", "crypto/ecdsa/ecdsa_sign_tests.txt"],
diff --git a/src/util/generate_build_files.py b/src/util/generate_build_files.py
index 0554b14..1d56059 100644
--- a/src/util/generate_build_files.py
+++ b/src/util/generate_build_files.py
@@ -250,13 +250,22 @@
name_counts[name] = name_counts.get(name, 0) + 1
first = True
+ test_names = set()
for test in files['tests']:
name = os.path.basename(test[0])
if name_counts[name] > 1:
- if '/' in test[1]:
- name += '_' + os.path.splitext(os.path.basename(test[1]))[0]
+ if '/' in test[-1]:
+ arg = test[-1].replace('crypto/cipher/test/','') # boooring
+ arg = arg.replace('/', '_')
+ arg = os.path.splitext(arg)[0] # remove .txt
+ arg = arg.replace('_tests', '')
+ name += '_' + arg
else:
- name += '_' + test[1].replace('-', '_')
+ name += '_' + test[-1].replace('-', '_')
+
+ if name in test_names:
+ raise ValueError("test name %s is not unique" % name)
+ test_names.add(name)
if not first:
out.write('\n')
diff --git a/win-x86_64/crypto/fipsmodule/aes-x86_64.asm b/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
index f40c0fe..f6a4edf 100644
--- a/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
@@ -1337,7 +1337,7 @@
ALIGN 16
global asm_AES_cbc_encrypt
-EXTERN OPENSSL_ia32cap_addr
+EXTERN OPENSSL_ia32cap_P
asm_AES_cbc_encrypt:
mov QWORD[8+rsp],rdi ;WIN64 prologue
@@ -1371,7 +1371,7 @@
cmp r9,0
cmove r14,r10
- mov r10,QWORD[OPENSSL_ia32cap_addr]
+ lea r10,[OPENSSL_ia32cap_P]
mov r10d,DWORD[r10]
cmp rdx,512
jb NEAR $L$cbc_slow_prologue
diff --git a/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm b/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
index ef8ef26..13e9c5e 100644
--- a/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
@@ -4,7 +4,7 @@
%define ZMMWORD
section .text code align=64
-EXTERN OPENSSL_ia32cap_addr
+EXTERN OPENSSL_ia32cap_P
global aesni_encrypt
ALIGN 16
@@ -1195,7 +1195,7 @@
lea r9,[7+r8]
mov DWORD[((96+12))+rsp],r10d
bswap r9d
- mov r10,QWORD[OPENSSL_ia32cap_addr]
+ lea r10,[OPENSSL_ia32cap_P]
mov r10d,DWORD[4+r10]
xor r9d,ebp
and r10d,71303168
@@ -3756,7 +3756,7 @@
movdqa xmm14,xmm5
movdqu xmm7,XMMWORD[80+rdi]
movdqa xmm15,xmm6
- mov r9,QWORD[OPENSSL_ia32cap_addr]
+ lea r9,[OPENSSL_ia32cap_P]
mov r9d,DWORD[4+r9]
cmp rdx,0x70
jbe NEAR $L$cbc_dec_six_or_seven
@@ -4296,7 +4296,7 @@
movups xmm0,XMMWORD[rcx]
xorps xmm4,xmm4
- mov r10,QWORD[OPENSSL_ia32cap_addr]
+ lea r10,[OPENSSL_ia32cap_P]
mov r10d,DWORD[4+r10]
and r10d,268437504
lea rax,[16+r8]
diff --git a/win-x86_64/crypto/fipsmodule/ghash-x86_64.asm b/win-x86_64/crypto/fipsmodule/ghash-x86_64.asm
index cfccae5..8ef16f5 100644
--- a/win-x86_64/crypto/fipsmodule/ghash-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/ghash-x86_64.asm
@@ -4,7 +4,7 @@
%define ZMMWORD
section .text code align=64
-EXTERN OPENSSL_ia32cap_addr
+EXTERN OPENSSL_ia32cap_P
global gcm_gmult_4bit
@@ -931,7 +931,7 @@
jz NEAR $L$odd_tail
movdqu xmm6,XMMWORD[16+rdx]
- mov rax,QWORD[OPENSSL_ia32cap_addr]
+ lea rax,[OPENSSL_ia32cap_P]
mov eax,DWORD[4+rax]
cmp r9,0x30
jb NEAR $L$skip4x
diff --git a/win-x86_64/crypto/fipsmodule/sha1-x86_64.asm b/win-x86_64/crypto/fipsmodule/sha1-x86_64.asm
index 8324ab6..65b040f 100644
--- a/win-x86_64/crypto/fipsmodule/sha1-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/sha1-x86_64.asm
@@ -4,7 +4,7 @@
%define ZMMWORD
section .text code align=64
-EXTERN OPENSSL_ia32cap_addr
+EXTERN OPENSSL_ia32cap_P
global sha1_block_data_order
@@ -19,8 +19,7 @@
mov rdx,r8
- lea r10,[OPENSSL_ia32cap_addr]
- mov r10,QWORD[r10]
+ lea r10,[OPENSSL_ia32cap_P]
mov r9d,DWORD[r10]
mov r8d,DWORD[4+r10]
mov r10d,DWORD[8+r10]
diff --git a/win-x86_64/crypto/fipsmodule/sha256-x86_64.asm b/win-x86_64/crypto/fipsmodule/sha256-x86_64.asm
index 68da567..6edd06b 100644
--- a/win-x86_64/crypto/fipsmodule/sha256-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/sha256-x86_64.asm
@@ -5,7 +5,7 @@
section .text code align=64
-EXTERN OPENSSL_ia32cap_addr
+EXTERN OPENSSL_ia32cap_P
global sha256_block_data_order
ALIGN 16
@@ -19,8 +19,7 @@
mov rdx,r8
- lea r11,[OPENSSL_ia32cap_addr]
- mov r11,QWORD[r11]
+ lea r11,[OPENSSL_ia32cap_P]
mov r9d,DWORD[r11]
mov r10d,DWORD[4+r11]
mov r11d,DWORD[8+r11]
diff --git a/win-x86_64/crypto/fipsmodule/sha512-x86_64.asm b/win-x86_64/crypto/fipsmodule/sha512-x86_64.asm
index 1ee43c6..5cc1d0b 100644
--- a/win-x86_64/crypto/fipsmodule/sha512-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/sha512-x86_64.asm
@@ -5,7 +5,7 @@
section .text code align=64
-EXTERN OPENSSL_ia32cap_addr
+EXTERN OPENSSL_ia32cap_P
global sha512_block_data_order
ALIGN 16
@@ -19,8 +19,7 @@
mov rdx,r8
- lea r11,[OPENSSL_ia32cap_addr]
- mov r11,QWORD[r11]
+ lea r11,[OPENSSL_ia32cap_P]
mov r9d,DWORD[r11]
mov r10d,DWORD[4+r11]
mov r11d,DWORD[8+r11]
