1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/cmd/rsapoptst/rsapoptst.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,516 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +#include <stdio.h>
1.9 +#include <stdlib.h>
1.10 +#include "plgetopt.h"
1.11 +#include "nss.h"
1.12 +#include "secutil.h"
1.13 +#include "pk11table.h"
1.14 +#include "secmodt.h"
1.15 +#include "pk11pub.h"
1.16 +
1.17 +
1.18 +struct test_args {
1.19 + char *arg;
1.20 + int mask_value;
1.21 + char *description;
1.22 +};
1.23 +
1.24 +static const struct test_args test_array[] = {
1.25 + {"all", 0x1f, "run all the tests" },
1.26 + {"e_n_p", 0x01, "public exponent, modulus, prime1"},
1.27 + {"d_n_q", 0x02, "private exponent, modulus, prime2"},
1.28 + {"d_p_q", 0x04, "private exponent, prime1, prime2"},
1.29 + {"e_d_q", 0x08, "public exponent, private exponent, prime2"},
1.30 + {"e_d_n", 0x10, "public exponent, private exponent, moduls"}
1.31 +};
1.32 +static const int test_array_size =
1.33 + (sizeof(test_array)/sizeof(struct test_args));
1.34 +
1.35 +static void Usage(char *progName)
1.36 +{
1.37 + int i;
1.38 +#define PRINTUSAGE(subject, option, predicate) \
1.39 + fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate);
1.40 + fprintf(stderr, "%s [-k keysize] [-e exp] [-r rounds] [-t tests]\n "
1.41 + "Test creating RSA private keys from Partial components\n",
1.42 + progName);
1.43 + PRINTUSAGE("", "-k", "key size (in bit)");
1.44 + PRINTUSAGE("", "-e", "rsa public exponent");
1.45 + PRINTUSAGE("", "-r", "number times to repeat the test");
1.46 + PRINTUSAGE("", "-t", "run the specified tests");
1.47 + for (i=0; i < test_array_size; i++) {
1.48 + PRINTUSAGE("", test_array[i].arg, test_array[i].description);
1.49 + }
1.50 + fprintf(stderr,"\n");
1.51 +}
1.52 +
1.53 +/*
1.54 + * Test the RSA populate command to see that it can really build
1.55 + * keys from it's components.
1.56 + */
1.57 +
1.58 +const static CK_ATTRIBUTE rsaTemplate[] = {
1.59 + {CKA_CLASS, NULL, 0 },
1.60 + {CKA_KEY_TYPE, NULL, 0 },
1.61 + {CKA_TOKEN, NULL, 0 },
1.62 + {CKA_SENSITIVE, NULL, 0 },
1.63 + {CKA_PRIVATE, NULL, 0 },
1.64 + {CKA_MODULUS, NULL, 0 },
1.65 + {CKA_PUBLIC_EXPONENT, NULL, 0 },
1.66 + {CKA_PRIVATE_EXPONENT, NULL, 0 },
1.67 + {CKA_PRIME_1, NULL, 0 },
1.68 + {CKA_PRIME_2, NULL, 0 },
1.69 + {CKA_EXPONENT_1, NULL, 0 },
1.70 + {CKA_EXPONENT_2, NULL, 0 },
1.71 + {CKA_COEFFICIENT, NULL, 0 },
1.72 +};
1.73 +
1.74 +#define RSA_SIZE (sizeof(rsaTemplate))
1.75 +#define RSA_ATTRIBUTES (sizeof(rsaTemplate)/sizeof(CK_ATTRIBUTE))
1.76 +
1.77 +static void
1.78 +resetTemplate(CK_ATTRIBUTE *attribute, int start, int end)
1.79 +{
1.80 + int i;
1.81 + for (i=start; i < end; i++) {
1.82 + if (attribute[i].pValue) {
1.83 + PORT_Free(attribute[i].pValue);
1.84 + }
1.85 + attribute[i].pValue = NULL;
1.86 + attribute[i].ulValueLen = 0;
1.87 + }
1.88 +}
1.89 +
1.90 +static SECStatus
1.91 +copyAttribute(PK11ObjectType objType, void *object, CK_ATTRIBUTE *template,
1.92 + int offset, CK_ATTRIBUTE_TYPE attrType)
1.93 +{
1.94 + SECItem attributeItem = {0, 0, 0};
1.95 + SECStatus rv;
1.96 +
1.97 + rv = PK11_ReadRawAttribute(objType, object, attrType, &attributeItem);
1.98 + if (rv != SECSuccess) {
1.99 + return rv;
1.100 + }
1.101 + template[offset].type = attrType;
1.102 + template[offset].pValue = attributeItem.data;
1.103 + template[offset].ulValueLen = attributeItem.len;
1.104 + return SECSuccess;
1.105 +}
1.106 +
1.107 +static SECStatus
1.108 +readKey(PK11ObjectType objType, void *object, CK_ATTRIBUTE *template,
1.109 + int start, int end)
1.110 +{
1.111 + int i;
1.112 + SECStatus rv;
1.113 +
1.114 + for (i=start; i < end; i++) {
1.115 + rv = copyAttribute(objType, object, template, i, template[i].type);
1.116 + if (rv != SECSuccess) {
1.117 + goto fail;
1.118 + }
1.119 + }
1.120 + return SECSuccess;
1.121 +
1.122 +fail:
1.123 + resetTemplate(template, start, i);
1.124 + return rv;
1.125 +}
1.126 +
1.127 +#define ATTR_STRING(x) getNameFromAttribute(x)
1.128 +
1.129 +void
1.130 +dumpTemplate(CK_ATTRIBUTE *template, int start, int end)
1.131 +{
1.132 + int i,j;
1.133 + for (i=0; i < end; i++) {
1.134 + unsigned char cval;
1.135 + CK_ULONG ulval;
1.136 + unsigned char *cpval;
1.137 +
1.138 + fprintf(stderr, "%s:", ATTR_STRING(template[i].type));
1.139 + switch (template[i].ulValueLen) {
1.140 + case 1:
1.141 + cval =*(unsigned char *)template[i].pValue;
1.142 + switch(cval) {
1.143 + case 0: fprintf(stderr, " false"); break;
1.144 + case 1: fprintf(stderr, " true"); break;
1.145 + default:
1.146 + fprintf(stderr, " %d (=0x%02x,'%c')",cval,cval,cval);
1.147 + break;
1.148 + }
1.149 + break;
1.150 + case sizeof(CK_ULONG):
1.151 + ulval = *(CK_ULONG *)template[i].pValue;
1.152 + fprintf(stderr," %ld (=0x%04lx)", ulval, ulval);
1.153 + break;
1.154 + default:
1.155 + cpval = (unsigned char *)template[i].pValue;
1.156 + for (j=0; j < template[i].ulValueLen; j++) {
1.157 + if ((j % 16) == 0) fprintf(stderr, "\n ");
1.158 + fprintf(stderr," %02x",cpval[j]);
1.159 + }
1.160 + break;
1.161 + }
1.162 + fprintf(stderr,"\n");
1.163 + }
1.164 +}
1.165 +
1.166 +PRBool
1.167 +rsaKeysAreEqual(PK11ObjectType srcType, void *src,
1.168 + PK11ObjectType destType, void *dest)
1.169 +{
1.170 +
1.171 + CK_ATTRIBUTE srcTemplate[RSA_ATTRIBUTES];
1.172 + CK_ATTRIBUTE destTemplate[RSA_ATTRIBUTES];
1.173 + PRBool areEqual = PR_TRUE;
1.174 + SECStatus rv;
1.175 + int i;
1.176 +
1.177 + memcpy(srcTemplate, rsaTemplate, RSA_SIZE);
1.178 + memcpy(destTemplate, rsaTemplate, RSA_SIZE);
1.179 +
1.180 + rv = readKey(srcType, src, srcTemplate, 0, RSA_ATTRIBUTES);
1.181 + if (rv != SECSuccess) {
1.182 + printf("Could read source key\n");
1.183 + return PR_FALSE;
1.184 + }
1.185 + readKey(destType, dest, destTemplate, 0, RSA_ATTRIBUTES);
1.186 + if (rv != SECSuccess) {
1.187 + printf("Could read dest key\n");
1.188 + return PR_FALSE;
1.189 + }
1.190 +
1.191 + for (i=0; i < RSA_ATTRIBUTES; i++) {
1.192 + if (srcTemplate[i].ulValueLen != destTemplate[i].ulValueLen) {
1.193 + printf("key->%s not equal src_len = %ld, dest_len=%ld\n",
1.194 + ATTR_STRING(srcTemplate[i].type),
1.195 + srcTemplate[i].ulValueLen, destTemplate[i].ulValueLen);
1.196 + areEqual = 0;
1.197 + } else if (memcmp(srcTemplate[i].pValue, destTemplate[i].pValue,
1.198 + destTemplate[i].ulValueLen) != 0) {
1.199 + printf("key->%s not equal.\n", ATTR_STRING(srcTemplate[i].type));
1.200 + areEqual = 0;
1.201 + }
1.202 + }
1.203 + if (!areEqual) {
1.204 + fprintf(stderr, "original key:\n");
1.205 + dumpTemplate(srcTemplate,0, RSA_ATTRIBUTES);
1.206 + fprintf(stderr, "created key:\n");
1.207 + dumpTemplate(destTemplate,0, RSA_ATTRIBUTES);
1.208 + }
1.209 + return areEqual;
1.210 +}
1.211 +
1.212 +static int exp_exp_prime_fail_count = 0;
1.213 +
1.214 +static int
1.215 +doRSAPopulateTest(unsigned int keySize, unsigned long exponent,
1.216 + int mask, void *pwarg)
1.217 +{
1.218 + SECKEYPrivateKey *rsaPrivKey;
1.219 + SECKEYPublicKey *rsaPubKey;
1.220 + PK11GenericObject *tstPrivKey;
1.221 + CK_ATTRIBUTE tstTemplate[RSA_ATTRIBUTES];
1.222 + int tstHeaderCount;
1.223 + PK11SlotInfo *slot = NULL;
1.224 + PK11RSAGenParams rsaParams;
1.225 + CK_OBJECT_CLASS obj_class = CKO_PRIVATE_KEY;
1.226 + CK_KEY_TYPE key_type = CKK_RSA;
1.227 + CK_BBOOL ck_false = CK_FALSE;
1.228 + int failed = 0;
1.229 +
1.230 + rsaParams.pe = exponent;
1.231 + rsaParams.keySizeInBits = keySize;
1.232 +
1.233 + slot = PK11_GetInternalSlot();
1.234 + if (slot == NULL) {
1.235 + fprintf(stderr, "Couldn't get the internal slot for the test \n");
1.236 + return -1;
1.237 + }
1.238 +
1.239 + rsaPrivKey = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN,
1.240 + &rsaParams, &rsaPubKey, PR_FALSE,
1.241 + PR_FALSE, pwarg);
1.242 + if (rsaPrivKey == NULL) {
1.243 + fprintf(stderr, "RSA Key Gen failed");
1.244 + PK11_FreeSlot(slot);
1.245 + return -1;
1.246 + }
1.247 +
1.248 + memcpy(tstTemplate, rsaTemplate, RSA_SIZE);
1.249 +
1.250 + tstTemplate[0].pValue = &obj_class;
1.251 + tstTemplate[0].ulValueLen = sizeof(obj_class);
1.252 + tstTemplate[1].pValue = &key_type;
1.253 + tstTemplate[1].ulValueLen = sizeof(key_type);
1.254 + tstTemplate[2].pValue = &ck_false;
1.255 + tstTemplate[2].ulValueLen = sizeof(ck_false);
1.256 + tstTemplate[3].pValue = &ck_false;
1.257 + tstTemplate[3].ulValueLen = sizeof(ck_false);
1.258 + tstTemplate[4].pValue = &ck_false;
1.259 + tstTemplate[4].ulValueLen = sizeof(ck_false);
1.260 + tstHeaderCount = 5;
1.261 +
1.262 + if (mask & 1) {
1.263 + printf("%s\n",test_array[1].description);
1.264 + resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
1.265 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.266 + tstHeaderCount, CKA_PUBLIC_EXPONENT);
1.267 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.268 + tstHeaderCount+1, CKA_MODULUS);
1.269 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.270 + tstHeaderCount+2, CKA_PRIME_1);
1.271 +
1.272 + tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate,
1.273 + tstHeaderCount+3, PR_FALSE);
1.274 + if (tstPrivKey == NULL) {
1.275 + fprintf(stderr, "RSA Populate failed: pubExp mod p\n");
1.276 + failed = 1;
1.277 + } else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey,
1.278 + PK11_TypeGeneric, tstPrivKey)) {
1.279 + fprintf(stderr, "RSA Populate key mismatch: pubExp mod p\n");
1.280 + failed = 1;
1.281 + }
1.282 + if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
1.283 + }
1.284 + if (mask & 2) {
1.285 + printf("%s\n",test_array[2].description);
1.286 + /* test the basic2 case, public exponent, modulus, prime2 */
1.287 + resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
1.288 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.289 + tstHeaderCount, CKA_PUBLIC_EXPONENT);
1.290 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.291 + tstHeaderCount+1, CKA_MODULUS);
1.292 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.293 + tstHeaderCount+2, CKA_PRIME_2);
1.294 + /* test with q in the prime1 position */
1.295 + tstTemplate[tstHeaderCount+2].type = CKA_PRIME_1;
1.296 +
1.297 + tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate,
1.298 + tstHeaderCount+3, PR_FALSE);
1.299 + if (tstPrivKey == NULL) {
1.300 + fprintf(stderr, "RSA Populate failed: pubExp mod q\n");
1.301 + failed = 1;
1.302 + } else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey,
1.303 + PK11_TypeGeneric, tstPrivKey)) {
1.304 + fprintf(stderr, "RSA Populate key mismatch: pubExp mod q\n");
1.305 + failed = 1;
1.306 + }
1.307 + if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
1.308 + }
1.309 + if (mask & 4) {
1.310 + printf("%s\n",test_array[3].description);
1.311 + /* test the medium case, private exponent, prime1, prime2 */
1.312 + resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
1.313 +
1.314 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.315 + tstHeaderCount, CKA_PRIVATE_EXPONENT);
1.316 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.317 + tstHeaderCount+1, CKA_PRIME_1);
1.318 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.319 + tstHeaderCount+2, CKA_PRIME_2);
1.320 + /* test with p & q swapped. Underlying code should swap these back */
1.321 + tstTemplate[tstHeaderCount+2].type = CKA_PRIME_1;
1.322 + tstTemplate[tstHeaderCount+1].type = CKA_PRIME_2;
1.323 +
1.324 + tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate,
1.325 + tstHeaderCount+3, PR_FALSE);
1.326 + if (tstPrivKey == NULL) {
1.327 + fprintf(stderr, "RSA Populate failed: privExp p q\n");
1.328 + failed = 1;
1.329 + } else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey,
1.330 + PK11_TypeGeneric, tstPrivKey)) {
1.331 + fprintf(stderr, "RSA Populate key mismatch: privExp p q\n");
1.332 + failed = 1;
1.333 + }
1.334 + if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
1.335 + }
1.336 + if (mask & 8) {
1.337 + printf("%s\n",test_array[4].description);
1.338 + /* test the advanced case, public exponent, private exponent, prime2 */
1.339 + resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
1.340 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.341 + tstHeaderCount, CKA_PRIVATE_EXPONENT);
1.342 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.343 + tstHeaderCount+1, CKA_PUBLIC_EXPONENT);
1.344 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.345 + tstHeaderCount+2, CKA_PRIME_2);
1.346 +
1.347 + tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate,
1.348 + tstHeaderCount+3, PR_FALSE);
1.349 + if (tstPrivKey == NULL) {
1.350 + fprintf(stderr, "RSA Populate failed: pubExp privExp q\n");
1.351 + fprintf(stderr, " this is expected periodically. It means we\n");
1.352 + fprintf(stderr, " had more than one key that meets the "
1.353 + "specification\n");
1.354 + exp_exp_prime_fail_count++;
1.355 + } else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey,
1.356 + PK11_TypeGeneric, tstPrivKey)) {
1.357 + fprintf(stderr, "RSA Populate key mismatch: pubExp privExp q\n");
1.358 + failed = 1;
1.359 + }
1.360 + if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
1.361 + }
1.362 + if (mask & 16) {
1.363 + printf("%s\n",test_array[5].description);
1.364 + /* test the advanced case2, public exponent, private exponent, modulus
1.365 + */
1.366 + resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
1.367 +
1.368 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.369 + tstHeaderCount, CKA_PRIVATE_EXPONENT);
1.370 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.371 + tstHeaderCount+1, CKA_PUBLIC_EXPONENT);
1.372 + copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate,
1.373 + tstHeaderCount+2, CKA_MODULUS);
1.374 +
1.375 + tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate,
1.376 + tstHeaderCount+3, PR_FALSE);
1.377 + if (tstPrivKey == NULL) {
1.378 + fprintf(stderr, "RSA Populate failed: pubExp privExp mod\n");
1.379 + failed = 1;
1.380 + } else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey,
1.381 + PK11_TypeGeneric, tstPrivKey)) {
1.382 + fprintf(stderr, "RSA Populate key mismatch: pubExp privExp mod\n");
1.383 + failed = 1;
1.384 + }
1.385 + if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
1.386 + }
1.387 +
1.388 +
1.389 + PK11_FreeSlot(slot);
1.390 + return failed ? -1 : 0;
1.391 +}
1.392 +
1.393 +/* populate options */
1.394 +enum {
1.395 + opt_Exponent = 0,
1.396 + opt_KeySize,
1.397 + opt_Repeat,
1.398 + opt_Tests
1.399 +};
1.400 +
1.401 +static secuCommandFlag populate_options[] =
1.402 +{
1.403 + { /* opt_Exponent */ 'e', PR_TRUE, 0, PR_FALSE },
1.404 + { /* opt_KeySize */ 'k', PR_TRUE, 0, PR_FALSE },
1.405 + { /* opt_Repeat */ 'r', PR_TRUE, 0, PR_FALSE },
1.406 + { /* opt_Tests */ 't', PR_TRUE, 0, PR_FALSE },
1.407 +};
1.408 +
1.409 +int
1.410 +is_delimiter(char c)
1.411 +{
1.412 + if ((c=='+') || (c==',') || (c=='|')) {
1.413 + return 1;
1.414 + }
1.415 + return 0;
1.416 +}
1.417 +
1.418 +int
1.419 +parse_tests(char *test_string)
1.420 +{
1.421 + int mask = 0;
1.422 + int i;
1.423 +
1.424 + while (*test_string) {
1.425 + if (is_delimiter(*test_string)) {
1.426 + test_string++;
1.427 + }
1.428 + for (i=0; i < test_array_size; i++) {
1.429 + char *arg = test_array[i].arg;
1.430 + int len = strlen(arg);
1.431 + if (strncmp(test_string,arg,len) == 0) {
1.432 + test_string += len;
1.433 + mask |= test_array[i].mask_value;
1.434 + break;
1.435 + }
1.436 + }
1.437 + if (i == test_array_size) {
1.438 + break;
1.439 + }
1.440 + }
1.441 + return mask;
1.442 +}
1.443 +
1.444 +int main(int argc, char **argv)
1.445 +{
1.446 + unsigned int keySize = 1024;
1.447 + unsigned long exponent = 65537;
1.448 + int i, repeat = 1, ret = 0;
1.449 + SECStatus rv = SECFailure;
1.450 + secuCommand populateArgs;
1.451 + char *progName;
1.452 + int mask = 0xff;
1.453 +
1.454 + populateArgs.numCommands = 0;
1.455 + populateArgs.numOptions = sizeof(populate_options) /
1.456 + sizeof(secuCommandFlag);
1.457 + populateArgs.commands = NULL;
1.458 + populateArgs.options = populate_options;
1.459 +
1.460 + progName = strrchr(argv[0], '/');
1.461 + if (!progName)
1.462 + progName = strrchr(argv[0], '\\');
1.463 + progName = progName ? progName+1 : argv[0];
1.464 +
1.465 + rv = NSS_NoDB_Init(NULL);
1.466 + if (rv != SECSuccess) {
1.467 + SECU_PrintPRandOSError(progName);
1.468 + return -1;
1.469 + }
1.470 +
1.471 + rv = SECU_ParseCommandLine(argc, argv, progName, &populateArgs);
1.472 + if (rv == SECFailure) {
1.473 + fprintf(stderr, "%s: command line parsing error!\n", progName);
1.474 + Usage(progName);
1.475 + return -1;
1.476 + }
1.477 + rv = SECFailure;
1.478 +
1.479 +
1.480 + if (populateArgs.options[opt_KeySize].activated) {
1.481 + keySize = PORT_Atoi(populateArgs.options[opt_KeySize].arg);
1.482 + }
1.483 + if (populateArgs.options[opt_Repeat].activated) {
1.484 + repeat = PORT_Atoi(populateArgs.options[opt_Repeat].arg);
1.485 + }
1.486 + if (populateArgs.options[opt_Exponent].activated) {
1.487 + exponent = PORT_Atoi(populateArgs.options[opt_Exponent].arg);
1.488 + }
1.489 + if (populateArgs.options[opt_Tests].activated) {
1.490 + char * test_string = populateArgs.options[opt_Tests].arg;
1.491 + mask = PORT_Atoi(test_string);
1.492 + if (mask == 0) {
1.493 + mask = parse_tests(test_string);
1.494 + }
1.495 + if (mask == 0) {
1.496 + Usage(progName);
1.497 + return -1;
1.498 + }
1.499 + }
1.500 +
1.501 + exp_exp_prime_fail_count = 0;
1.502 + for (i=0; i < repeat; i++) {
1.503 + printf("Running RSA Populate test run %d\n",i);
1.504 + ret = doRSAPopulateTest(keySize, exponent, mask, NULL);
1.505 + if (ret != 0) {
1.506 + i++;
1.507 + break;
1.508 + }
1.509 + }
1.510 + if (ret != 0) {
1.511 + fprintf(stderr,"RSA Populate test round %d: FAILED\n",i);
1.512 + }
1.513 + if (repeat > 1) {
1.514 + printf(" pub priv prime test: %d failures out of %d runs (%f %%)\n",
1.515 + exp_exp_prime_fail_count, i,
1.516 + (((double)exp_exp_prime_fail_count) * 100.0)/(double) i);
1.517 + }
1.518 + return ret;
1.519 +}
