1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
//-----------------------------------------------------------------------------
var BUGNUMBER = 452008;
var summary = 'Bad math with JIT';
var actual = '';
var expect = '';
//-----------------------------------------------------------------------------
test();
//-----------------------------------------------------------------------------
function test()
{
enterFunc ('test');
printBugNumber(BUGNUMBER);
printStatus (summary);
// regression test for Bug 452008 - TM: SRP in Clipperz crypto library fails when JIT (TraceMonkey) is enabled.
var x = [9385, 32112, 25383, 16317, 30138, 14565, 17812, 24500, 2719, 30174, 3546, 9096, 15352, 19120, 20648, 14334, 7426, 0, 0, 0];
var n = [27875, 25925, 30422, 12227, 27798, 32170, 10873, 21748, 30629, 26296, 20697, 5125, 4815, 2221, 14392, 23369, 5560, 2, 0, 0];
var np = 18229;
var expected = [18770, 31456, 17999, 32635, 27508, 29131, 2856, 16233, 5439, 27580, 7093, 18192, 30804, 5472, 8529, 28649, 14852, 0, 0, 0];
//globals
bpe=0; //bits stored per array element
mask=0; //AND this with an array element to chop it down to bpe bits
//initialize the global variables
for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++); //bpe=number of bits in the mantissa on this platform
bpe>>=1; //bpe=number of bits in one element of the array representing the bigInt
mask=(1<<bpe)-1; //AND the mask with an integer to get its bpe least significant bits
//the following global variables are scratchpad memory to
//reduce dynamic memory allocation in the inner loop
sa = new Array(0); //used in mont_()
//do x=y on bigInts x and y. x must be an array at least as big as y (not counting the leading zeros in y).
function copy_(x,y) {
var i;
var k=x.length<y.length ? x.length : y.length;
for (i=0;i<k;i++)
x[i]=y[i];
for (i=k;i<x.length;i++)
x[i]=0;
}
//do x=y on bigInt x and integer y.
function copyInt_(x,n) {
var i,c;
for (c=n,i=0;i<x.length;i++) {
x[i]=c & mask;
c>>=bpe;
}
}
//is x > y? (x and y both nonnegative)
function greater(x,y) {
var i;
var k=(x.length<y.length) ? x.length : y.length;
for (i=x.length;i<y.length;i++)
if (y[i])
return 0; //y has more digits
for (i=y.length;i<x.length;i++)
if (x[i])
return 1; //x has more digits
for (i=k-1;i>=0;i--)
if (x[i]>y[i])
return 1;
else if (x[i]<y[i])
return 0;
return 0;
}
//do x=x*y*Ri mod n for bigInts x,y,n,
// where Ri = 2**(-kn*bpe) mod n, and kn is the
// number of elements in the n array, not
// counting leading zeros.
//x must be large enough to hold the answer.
//It's OK if x and y are the same variable.
//must have:
// x,y < n
// n is odd
// np = -(n^(-1)) mod radix
function mont_(x,y,n,np) {
var i,j,c,ui,t;
var kn=n.length;
var ky=y.length;
if (sa.length!=kn)
sa=new Array(kn);
for (;kn>0 && n[kn-1]==0;kn--); //ignore leading zeros of n
for (;ky>0 && y[ky-1]==0;ky--); //ignore leading zeros of y
copyInt_(sa,0);
//the following loop consumes 95% of the runtime for randTruePrime_() and powMod_() for large keys
for (i=0; i<kn; i++) {
t=sa[0]+x[i]*y[0];
ui=((t & mask) * np) & mask; //the inner "& mask" is needed on Macintosh MSIE, but not windows MSIE
c=(t+ui*n[0]) >> bpe;
t=x[i];
//do sa=(sa+x[i]*y+ui*n)/b where b=2**bpe
for (j=1;j<ky;j++) {
c+=sa[j]+t*y[j]+ui*n[j];
sa[j-1]=c & mask;
c>>=bpe;
}
for (;j<kn;j++) {
c+=sa[j]+ui*n[j];
sa[j-1]=c & mask;
c>>=bpe;
}
sa[j-1]=c & mask;
}
if (!greater(n,sa))
sub_(sa,n);
copy_(x,sa);
}
mont_(x, x, n, np);
var passed = expected.length == x.length;
for (var i = 0; i < expected.length; i++) {
if (passed)
passed = expected[i] == x[i];
}
print(passed);
expect = true;
actual = passed;
reportCompare(expect, actual, summary);
exitFunc ('test');
}
|