Add test for 3072-bit RSA and DH and fix modexp

certs/dh3072.pem

@@ -0,0 +1,11 @@
+-----BEGIN DH PARAMETERS-----
+MIIBiAKCAYEAiRt1P4S2Ee0h8QgPuAbJo8lB21rI+IJzD+uJHlQYvuZIQZ76wgxQ
+Z8NdtfUPI2pDM5HZQPNmxpn/l7Z7rydyO59+WBgUn5FuKxHBV0knNnjhCWicBVqs
+5gA4vpV0gVMo8K3ftYccchdO7ACRIqrkiNf1PR8DEy0c+95ZaK3gF6Hujcy//s8k
+Qu0m3SnQTmI8hTYbX2pHiCHlG4UKLOkv4CD8Hc1VZvWsMgCOo+nt+zWn5nZTQsZ3
+d6uQmXzC7MkYSjz0EXUng72ewo8jq1JG4lJdmgTDFR9pnHJpWVLUaT0ZdzYlrwdx
+gt63JGCCanK77bZ2rn68fS9zSwQW1aTzAyb78817d358jWWupdxs43DSKWvy63bJ
+5UYYElewVaV8zUGTJpn3pcU0vll53gpXXyH4mFLwL3tXtp38QKZV+6/ZFpsgT6ij
+CwRI43cixMxXFDOi8JrjEr3/covuUvPJWcKia6V1SFGCDnr//kHNfGPSU6gRA7kD
+B/5mOF+iPpwbAgEC
+-----END DH PARAMETERS-----

certs/include.am

@@ -36,7 +36,10 @@ EXTRA_DIST += \
 	     certs/test-servercert.p12 \
 	     certs/dsaparams.pem \
              certs/ecc-privOnlyKey.pem \
-             certs/ecc-privOnlyCert.pem
+             certs/ecc-privOnlyCert.pem \
+	     certs/dh3072.pem \
+	     certs/client-cert-3072.pem \
+	     certs/client-key-3072.pem
 EXTRA_DIST += \
 	     certs/ca-key.der \
 	     certs/ca-cert.der \

tests/test.conf

@@ -2206,3 +2206,13 @@
 -v 3
 -F 1
 
+# server TLSv1.2 RSA 3072-bit DH 3072-bit
+-v 3
+-D certs/dh3072.pem
+-A certs/client-cert-3072.pem
+# client TLSv1.2 RSA 3072-bit DH 3072-bit
+-v 3
+-D certs/dh3072.pem
+-c certs/client-cert-3072.pem
+-k certs/client-key-3072.pem
+

wolfcrypt/src/sp.c

@@ -1325,7 +1325,12 @@ static int sp_2048_mod_exp_49(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
         c = bits % 21;
         if (c == 0)
             c = 21;
-        n = e[i--] << (32 - c);
+        if (i < 49)
+            n = e[i--] << (32 - c);
+        else {
+            n = 0;
+            i--;
+        }
         if (c < 5) {
             n |= e[i--] << (11 - c);
             c += 21;
@@ -2104,7 +2109,12 @@ static int sp_2048_mod_exp_98(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
         c = bits % 21;
         if (c == 0)
             c = 21;
-        n = e[i--] << (32 - c);
+        if (i < 98)
+            n = e[i--] << (32 - c);
+        else {
+            n = 0;
+            i--;
+        }
         if (c < 5) {
             n |= e[i--] << (11 - c);
             c += 21;
@@ -2366,7 +2376,6 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
     }
 
     if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 98, mm);
         sp_2048_to_bin(r, out);
         *outLen = 256;
     }
@@ -4089,7 +4098,12 @@ static int sp_3072_mod_exp_70(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
         c = bits % 22;
         if (c == 0)
             c = 22;
-        n = e[i--] << (32 - c);
+        if (i < 70)
+            n = e[i--] << (32 - c);
+        else {
+            n = 0;
+            i--;
+        }
         if (c < 5) {
             n |= e[i--] << (10 - c);
             c += 22;
@@ -4895,7 +4909,12 @@ static int sp_3072_mod_exp_140(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
         c = bits % 22;
         if (c == 0)
             c = 22;
-        n = e[i--] << (32 - c);
+        if (i < 140)
+            n = e[i--] << (32 - c);
+        else {
+            n = 0;
+            i--;
+        }
         if (c < 5) {
             n |= e[i--] << (10 - c);
             c += 22;
@@ -5162,7 +5181,6 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
     }
 
     if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 140, mm);
         sp_3072_to_bin(r, out);
         *outLen = 384;
     }
@@ -7024,7 +7042,12 @@ static int sp_2048_mod_exp_18(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
         c = bits % 57;
         if (c == 0)
             c = 57;
-        n = e[i--] << (64 - c);
+        if (i < 18)
+            n = e[i--] << (64 - c);
+        else {
+            n = 0;
+            i--;
+        }
         if (c < 5) {
             n |= e[i--] << (7 - c);
             c += 57;
@@ -7830,7 +7853,12 @@ static int sp_2048_mod_exp_36(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
         c = bits % 57;
         if (c == 0)
             c = 57;
-        n = e[i--] << (64 - c);
+        if (i < 36)
+            n = e[i--] << (64 - c);
+        else {
+            n = 0;
+            i--;
+        }
         if (c < 5) {
             n |= e[i--] << (7 - c);
             c += 57;
@@ -8093,7 +8121,6 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
     }
 
     if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 36, mm);
         sp_2048_to_bin(r, out);
         *outLen = 256;
     }
@@ -10197,7 +10224,12 @@ static int sp_3072_mod_exp_27(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
         c = bits % 57;
         if (c == 0)
             c = 57;
-        n = e[i--] << (64 - c);
+        if (i < 27)
+            n = e[i--] << (64 - c);
+        else {
+            n = 0;
+            i--;
+        }
         if (c < 5) {
             n |= e[i--] << (7 - c);
             c += 57;
@@ -11016,7 +11048,12 @@ static int sp_3072_mod_exp_54(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
         c = bits % 57;
         if (c == 0)
             c = 57;
-        n = e[i--] << (64 - c);
+        if (i < 54)
+            n = e[i--] << (64 - c);
+        else {
+            n = 0;
+            i--;
+        }
         if (c < 5) {
             n |= e[i--] << (7 - c);
             c += 57;
@@ -11280,7 +11317,6 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
     }
 
     if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 54, mm);
         sp_3072_to_bin(r, out);
         *outLen = 384;
     }