1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/js/src/jit-test/tests/sunspider/check-mont.js Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,119 @@
1.4 +// regression test for Bug 452008 - TM: SRP in Clipperz crypto library fails when JIT (TraceMonkey) is enabled.
1.5 +
1.6 +var x = [9385, 32112, 25383, 16317, 30138, 14565, 17812, 24500, 2719, 30174, 3546, 9096, 15352, 19120, 20648, 14334, 7426, 0, 0, 0];
1.7 +var n = [27875, 25925, 30422, 12227, 27798, 32170, 10873, 21748, 30629, 26296, 20697, 5125, 4815, 2221, 14392, 23369, 5560, 2, 0, 0];
1.8 +var np = 18229;
1.9 +var expected = [18770, 31456, 17999, 32635, 27508, 29131, 2856, 16233, 5439, 27580, 7093, 18192, 30804, 5472, 8529, 28649, 14852, 0, 0, 0];
1.10 +
1.11 +//globals
1.12 +bpe=0; //bits stored per array element
1.13 +mask=0; //AND this with an array element to chop it down to bpe bits
1.14 +
1.15 +//initialize the global variables
1.16 +for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++); //bpe=number of bits in the mantissa on this platform
1.17 +bpe>>=1; //bpe=number of bits in one element of the array representing the bigInt
1.18 +mask=(1<<bpe)-1; //AND the mask with an integer to get its bpe least significant bits
1.19 +
1.20 +
1.21 +//the following global variables are scratchpad memory to
1.22 +//reduce dynamic memory allocation in the inner loop
1.23 +sa = new Array(0); //used in mont_()
1.24 +
1.25 +//do x=y on bigInts x and y. x must be an array at least as big as y (not counting the leading zeros in y).
1.26 +function copy_(x,y) {
1.27 + var i;
1.28 + var k=x.length<y.length ? x.length : y.length;
1.29 + for (i=0;i<k;i++)
1.30 + x[i]=y[i];
1.31 + for (i=k;i<x.length;i++)
1.32 + x[i]=0;
1.33 +}
1.34 +
1.35 +//do x=y on bigInt x and integer y.
1.36 +function copyInt_(x,n) {
1.37 + var i,c;
1.38 + for (c=n,i=0;i<x.length;i++) {
1.39 + x[i]=c & mask;
1.40 + c>>=bpe;
1.41 + }
1.42 +}
1.43 +
1.44 +//is x > y? (x and y both nonnegative)
1.45 +function greater(x,y) {
1.46 + var i;
1.47 + var k=(x.length<y.length) ? x.length : y.length;
1.48 +
1.49 + for (i=x.length;i<y.length;i++)
1.50 + if (y[i])
1.51 + return 0; //y has more digits
1.52 +
1.53 + for (i=y.length;i<x.length;i++)
1.54 + if (x[i])
1.55 + return 1; //x has more digits
1.56 +
1.57 + for (i=k-1;i>=0;i--)
1.58 + if (x[i]>y[i])
1.59 + return 1;
1.60 + else if (x[i]<y[i])
1.61 + return 0;
1.62 + return 0;
1.63 +}
1.64 +
1.65 +
1.66 +//do x=x*y*Ri mod n for bigInts x,y,n,
1.67 +// where Ri = 2**(-kn*bpe) mod n, and kn is the
1.68 +// number of elements in the n array, not
1.69 +// counting leading zeros.
1.70 +//x must be large enough to hold the answer.
1.71 +//It's OK if x and y are the same variable.
1.72 +//must have:
1.73 +// x,y < n
1.74 +// n is odd
1.75 +// np = -(n^(-1)) mod radix
1.76 +function mont_(x,y,n,np) {
1.77 + var i,j,c,ui,t;
1.78 + var kn=n.length;
1.79 + var ky=y.length;
1.80 +
1.81 + if (sa.length!=kn)
1.82 + sa=new Array(kn);
1.83 +
1.84 + for (;kn>0 && n[kn-1]==0;kn--); //ignore leading zeros of n
1.85 + for (;ky>0 && y[ky-1]==0;ky--); //ignore leading zeros of y
1.86 +
1.87 + copyInt_(sa,0);
1.88 +
1.89 + //the following loop consumes 95% of the runtime for randTruePrime_() and powMod_() for large keys
1.90 + for (i=0; i<kn; i++) {
1.91 + t=sa[0]+x[i]*y[0];
1.92 + ui=((t & mask) * np) & mask; //the inner "& mask" is needed on Macintosh MSIE, but not windows MSIE
1.93 + c=(t+ui*n[0]) >> bpe;
1.94 + t=x[i];
1.95 +
1.96 + //do sa=(sa+x[i]*y+ui*n)/b where b=2**bpe
1.97 + for (j=1;j<ky;j++) {
1.98 + c+=sa[j]+t*y[j]+ui*n[j];
1.99 + sa[j-1]=c & mask;
1.100 + c>>=bpe;
1.101 + }
1.102 + for (;j<kn;j++) {
1.103 + c+=sa[j]+ui*n[j];
1.104 + sa[j-1]=c & mask;
1.105 + c>>=bpe;
1.106 + }
1.107 + sa[j-1]=c & mask;
1.108 + }
1.109 +
1.110 + if (!greater(n,sa))
1.111 + sub_(sa,n);
1.112 + copy_(x,sa);
1.113 +}
1.114 +
1.115 +mont_(x, x, n, np);
1.116 +
1.117 +var passed = expected.length == x.length;
1.118 +for (var i = 0; i < expected.length; i++) {
1.119 + if (passed)
1.120 + passed = expected[i] == x[i];
1.121 +}
1.122 +assertEq(passed, true);
