TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 475053df2c9188ae8ead34de32e620451d4e8d07 / . / tests / suites / test_suite_rsa.function
blob: 8f952b38f8b49174629b48e61d3b26eddf0ff68f [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 sizeof( buf ), NULL,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 sizeof( buf ), buf,
115 NULL ) );
116
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]119 NULL, sizeof( buf ),
120 buf, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]121 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
122 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]123 NULL, sizeof( buf ),
124 NULL, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]127 NULL, sizeof( buf ),
128 buf, NULL ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]132 buf, sizeof( buf ),
133 sizeof( buf ), buf,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]137 NULL, sizeof( buf ),
138 sizeof( buf ), buf,
139 buf ) );
140 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
141 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]142 buf, sizeof( buf ),
143 sizeof( buf ), NULL,
144 buf ) );
145 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
146 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]147 buf, sizeof( buf ),
148 sizeof( buf ), buf,
149 NULL ) );
150
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]153 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]154 buf, buf, 42 ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]157 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]158 buf, buf, 42 ) );
159 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
160 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]161 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]162 NULL, buf, 42 ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]165 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]166 buf, NULL, 42 ) );
167
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]170 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]171 buf, buf, 42 ) );
172 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
173 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]174 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]175 buf, buf, 42 ) );
176 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
177 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]178 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]179 NULL, buf, 42 ) );
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]182 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 buf, NULL, 42 ) );
184
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]187 buf, sizeof( buf ),
188 &olen,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, sizeof( buf ),
193 NULL,
194 buf, buf, 42 ) );
195 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
196 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]197 buf, sizeof( buf ),
198 &olen,
199 NULL, buf, 42 ) );
200 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
201 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]202 buf, sizeof( buf ),
203 &olen,
204 buf, NULL, 42 ) );
205
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]208 0, sizeof( buf ), buf,
209 buf ) );
210 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
211 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]212 0, sizeof( buf ), NULL,
213 buf ) );
214 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
215 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]216 0, sizeof( buf ), buf,
217 NULL ) );
218 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
219 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]220 MBEDTLS_MD_SHA1,
221 0, NULL,
222 buf ) );
223
224 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
225 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]226 0, sizeof( buf ), buf,
227 buf ) );
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]230 0, sizeof( buf ), NULL,
231 buf ) );
232 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
233 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]234 0, sizeof( buf ), buf,
235 NULL ) );
236 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
237 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]238 MBEDTLS_MD_SHA1,
239 0, NULL,
240 buf ) );
241
242 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
243 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]244 0, sizeof( buf ), buf,
245 buf ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]248 0, sizeof( buf ), NULL,
249 buf ) );
250 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
251 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]252 0, sizeof( buf ), buf,
253 NULL ) );
254 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
255 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]256 MBEDTLS_MD_SHA1,
257 0, NULL,
258 buf ) );
259
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]261 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
262 0, sizeof( buf ), buf,
263 MBEDTLS_RSA_SALT_LEN_ANY,
264 buf ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
267 0, sizeof( buf ), NULL,
268 MBEDTLS_RSA_SALT_LEN_ANY,
269 buf ) );
270 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
271 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
272 0, sizeof( buf ), buf,
273 MBEDTLS_RSA_SALT_LEN_ANY,
274 NULL ) );
275 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
276 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
277 MBEDTLS_MD_SHA1,
278 0, NULL,
279 MBEDTLS_RSA_SALT_LEN_ANY,
280 buf ) );
281
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]283 mbedtls_rsa_pkcs1_verify( NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]284 0, sizeof( buf ), buf,
285 buf ) );
286 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]287 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]288 0, sizeof( buf ), NULL,
289 buf ) );
290 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]291 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]292 0, sizeof( buf ), buf,
293 NULL ) );
294 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]295 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]296 MBEDTLS_MD_SHA1, 0, NULL,
297 buf ) );
298
299 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney475053d2021-05-19 11:44:27 +0100[diff] [blame^]300 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]301 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]302 0, sizeof( buf ), buf,
303 buf ) );
304 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney475053d2021-05-19 11:44:27 +0100[diff] [blame^]305 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]306 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]307 0, sizeof( buf ),
308 NULL, buf ) );
309 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney475053d2021-05-19 11:44:27 +0100[diff] [blame^]310 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]311 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]312 0, sizeof( buf ), buf,
313 NULL ) );
314 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney475053d2021-05-19 11:44:27 +0100[diff] [blame^]315 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]316 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]317 MBEDTLS_MD_SHA1,
318 0, NULL,
319 buf ) );
320
321 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
322 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]323 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]324 0, sizeof( buf ),
325 buf, buf ) );
326 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
327 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]328 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]329 0, sizeof( buf ),
330 NULL, buf ) );
331 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
332 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]333 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]334 0, sizeof( buf ),
335 buf, NULL ) );
336 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
337 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]338 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]339 MBEDTLS_MD_SHA1,
340 0, NULL,
341 buf ) );
342
343 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
344 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]345 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]346 0, sizeof( buf ),
347 buf,
348 0, 0,
349 buf ) );
350 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
351 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]352 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]353 0, sizeof( buf ),
354 NULL, 0, 0,
355 buf ) );
356 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
357 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]358 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]359 0, sizeof( buf ),
360 buf, 0, 0,
361 NULL ) );
362 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
363 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]364 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]365 MBEDTLS_MD_SHA1,
366 0, NULL,
367 0, 0,
368 buf ) );
369
370 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
371 mbedtls_rsa_copy( NULL, &ctx ) );
372 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
373 mbedtls_rsa_copy( &ctx, NULL ) );
374
375exit:
376 return;
377}
378/* END_CASE */
379
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]380/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]381void rsa_init_free( int reinit )
382{
383 mbedtls_rsa_context ctx;
384
385 /* Double free is not explicitly documented to work, but we rely on it
386 * even inside the library so that you can call mbedtls_rsa_free()
387 * unconditionally on an error path without checking whether it has
388 * already been called in the success path. */
389
390 mbedtls_rsa_init( &ctx, 0, 0 );
391 mbedtls_rsa_free( &ctx );
392
393 if( reinit )
394 mbedtls_rsa_init( &ctx, 0, 0 );
395 mbedtls_rsa_free( &ctx );
396
397 /* This test case always succeeds, functionally speaking. A plausible
398 * bug might trigger an invalid pointer dereference or a memory leak. */
399 goto exit;
400}
401/* END_CASE */
402
403/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]404void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]405 int digest, int mod, int radix_P, char * input_P,
406 int radix_Q, char * input_Q, int radix_N,
407 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]408 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]409{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]410 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
411 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]412 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]413 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]414 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]415
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]416 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
417 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]418 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]419
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]420 memset( hash_result, 0x00, sizeof( hash_result ) );
421 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]422 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]423
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]424 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
425 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
426 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
427 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]428
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]429 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
430 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]431 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]432 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]433
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]434
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]435 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]436 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]437
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]438 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]439 &rnd_info, digest, 0, hash_result,
440 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]441 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]442 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]443
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]444 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
445 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]446 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]447
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]448exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]449 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
450 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]451 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]452}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]453/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]454
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]455/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]456void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]457 int digest, int mod, int radix_N,
458 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]459 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]460{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]461 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]462 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]463
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]464 mbedtls_mpi N, E;
465
466 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]467 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]468 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]469
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]470 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
471 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
472 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
473 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]474 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]475
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]476
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]477 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]478 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]479
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]480 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]481
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]482exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]483 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]484 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]485}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]486/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]487
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]488
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]489/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]490void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]491 int padding_mode, int mod, int radix_P,
492 char * input_P, int radix_Q, char * input_Q,
493 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]494 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]495{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]496 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]497 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]498 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]499 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]502 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
503 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]504
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]505 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]506 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]507
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]508 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
509 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
510 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
511 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]512
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]513 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
514 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]515 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]516 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]517
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]518
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]519 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]520 &rnd_info, MBEDTLS_MD_NONE,
521 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]522 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]523
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]524
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]525 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
526 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]527
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]528exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]529 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
530 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
531
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]532 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]533}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]534/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]535
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]536/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]537void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]538 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]539 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]540 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]541{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]542 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]543 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]544
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]545 mbedtls_mpi N, E;
546 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
547
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]548 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]549 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]550
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]551 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
552 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]553
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]554 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
555 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]556 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]557
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]558
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]559 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]560
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]561exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]562 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]563 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]564}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]565/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]566
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]567/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]568void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]569 int mod, int radix_N, char * input_N,
570 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]571 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]572{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]573 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]574 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]575 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]576
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]577 mbedtls_mpi N, E;
578 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
579
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]580 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]581
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]582 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]583 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]585 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
586 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]587
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]588 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
589 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]590 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]591
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]592
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]593 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
594 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]595 &rnd_info, message_str->len,
596 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]597 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]598 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]599 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]600
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]601 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
602 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]603 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]604
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]605exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]606 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]607 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]608}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]609/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]610
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]611/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]612void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]613 int mod, int radix_N, char * input_N,
614 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]615 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]616{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]617 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]618 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]619
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]620 mbedtls_mpi N, E;
621
622 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]623 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]624 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]625
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]626 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
627 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]628
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]629 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
630 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]631 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]632
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]633
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]634 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]635 NULL, message_str->len,
636 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]637 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]638 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]639 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]640
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]641 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
642 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]643 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]644
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]645exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]646 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]647 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]648}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]649/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]650
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]651/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]652void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]653 int mod, int radix_P, char * input_P,
654 int radix_Q, char * input_Q, int radix_N,
655 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]656 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]657 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]658{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]659 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]660 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]661 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]662 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]663 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]664
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]665 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
666 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
667
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]668 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]669
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]670 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]671 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]672
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]673
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]674 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
675 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
676 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
677 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]678
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]679 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
680 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]681 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]682 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]683
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]684 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]685
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]686 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]687 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]688 &output_len, message_str->x, output,
689 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]690 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]691 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]692
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]693 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]694 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]695 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]696 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]697
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]698exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]699 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
700 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]701 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]702}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]703/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]704
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]705/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]706void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]707 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]708 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]709{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]710 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]711 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]712
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]713 mbedtls_mpi N, E;
714
715 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]716 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
717 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]718 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]719
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]720 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
721 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]722
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]723 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
724 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]725 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]726
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]727
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]728 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]729 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]730 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]731
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]732 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
733 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]734 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]735
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]736 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]737 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]738 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]739 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]740
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]741 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]742
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]743 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]744 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]745 if( result == 0 )
746 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]747
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]748 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
749 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]750 }
751
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]752exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]753 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]754 mbedtls_rsa_free( &ctx );
755 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]756}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]757/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]758
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]759/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]760void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]761 char * input_P, int radix_Q, char * input_Q,
762 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]763 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]764 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]765{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]766 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]767 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]768 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]769 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]770 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]771
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]772 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
773 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]774 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
775 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]776
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]777 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]778
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]779 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
780 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
781 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
782 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]783
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]784 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
785 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]786 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]787 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]788
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]789
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]790 /* repeat three times to test updating of blinding values */
791 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]792 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]793 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]794 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
795 &rnd_info, message_str->x,
796 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]797 if( result == 0 )
798 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]799
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]800 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]801 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]802 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]803 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]804 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]805
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]806 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]807 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]808 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]809 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]810
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]811 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]812
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]813 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]814 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
815 &rnd_info, message_str->x,
816 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]817 if( result == 0 )
818 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]819
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]820 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]821 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]822 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]823 }
824
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]825exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]826 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
827 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
828
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]829 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]830}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]831/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]832
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]833/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]834void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]835{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]836 mbedtls_rsa_context ctx;
837 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]838
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]839 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]840}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]841/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]842
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]843/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]844void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
845 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]846{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]847 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]848 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]849
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]850 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]851 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]852
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]853 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]854 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]855 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]856 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]857 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]858 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]859 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]860 }
861
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]862 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]863 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]864
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]865exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]866 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]868}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]869/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]870
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]871/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]872void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
873 int radix_Q, char * input_Q, int radix_N,
874 char * input_N, int radix_E, char * input_E,
875 int radix_D, char * input_D, int radix_DP,
876 char * input_DP, int radix_DQ,
877 char * input_DQ, int radix_QP,
878 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]879{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]880 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]881
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]882 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]883
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]884 ctx.len = mod / 8;
885 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]886 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]887 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]888 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]889 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]890 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]892 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]893 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]894 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]896 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]897 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]898 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]899 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]901 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]902 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]903 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]904 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]905#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]906 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]907 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]908 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]909 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]910 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]911 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]912 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]913 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]914 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]915 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]916 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]917 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]918#else
919 ((void) radix_DP); ((void) input_DP);
920 ((void) radix_DQ); ((void) input_DQ);
921 ((void) radix_QP); ((void) input_QP);
922#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]923
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]924 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]925
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]926exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]927 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]928}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]929/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]930
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]931/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]932void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
933 int radix_Epub, char * input_Epub, int radix_P,
934 char * input_P, int radix_Q, char * input_Q,
935 int radix_N, char * input_N, int radix_E,
936 char * input_E, int radix_D, char * input_D,
937 int radix_DP, char * input_DP, int radix_DQ,
938 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]939 int result )
940{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]941 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]942
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]943 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
944 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]945
946 pub.len = mod / 8;
947 prv.len = mod / 8;
948
949 if( strlen( input_Npub ) )
950 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]952 }
953 if( strlen( input_Epub ) )
954 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]956 }
957
958 if( strlen( input_P ) )
959 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]960 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]961 }
962 if( strlen( input_Q ) )
963 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]965 }
966 if( strlen( input_N ) )
967 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]968 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]969 }
970 if( strlen( input_E ) )
971 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]973 }
974 if( strlen( input_D ) )
975 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]977 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]978#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]979 if( strlen( input_DP ) )
980 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]981 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]982 }
983 if( strlen( input_DQ ) )
984 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]985 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]986 }
987 if( strlen( input_QP ) )
988 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]989 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]990 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]991#else
992 ((void) radix_DP); ((void) input_DP);
993 ((void) radix_DQ); ((void) input_DQ);
994 ((void) radix_QP); ((void) input_QP);
995#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]996
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]997 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]998
999exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1000 mbedtls_rsa_free( &pub );
1001 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1002}
1003/* END_CASE */
1004
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1005/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1006void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1007{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008 mbedtls_rsa_context ctx;
1009 mbedtls_entropy_context entropy;
1010 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1011 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1012
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1013 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1014 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1015 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1016
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1017 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1018 &entropy, (const unsigned char *) pers,
1019 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1020
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1021 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1022 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1023 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1025 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1026 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1027
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1028exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1029 mbedtls_rsa_free( &ctx );
1030 mbedtls_ctr_drbg_free( &ctr_drbg );
1031 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1032}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1033/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1034
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1035/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1036void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1037 int radix_D, char *input_D,
1038 int radix_E, char *input_E,
1039 int radix_P, char *output_P,
1040 int radix_Q, char *output_Q,
1041 int corrupt, int result )
1042{
1043 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1044
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1045 mbedtls_mpi_init( &N );
1046 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1047 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1048 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1049
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1050 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1051 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1052 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1053 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1054 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1055
1056 if( corrupt )
1057 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1058
1059 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1060 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1061
1062 if( !corrupt )
1063 {
1064 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1065 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1066 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1067 }
1068
1069exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1070 mbedtls_mpi_free( &N );
1071 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1072 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1073 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1074}
1075/* END_CASE */
1076
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1077/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1078void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1079 int radix_Q, char *input_Q,
1080 int radix_E, char *input_E,
1081 int radix_D, char *output_D,
1082 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1083{
1084 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1085
1086 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1087 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1088 mbedtls_mpi_init( &E );
1089 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1090
1091 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1092 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1093 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1094 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1095
1096 if( corrupt )
1097 {
1098 /* Make E even */
1099 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1100 }
1101
1102 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1103 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1104 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1105
1106 if( !corrupt )
1107 {
1108 /*
1109 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1110 */
1111
1112 /* Replace P,Q by P-1, Q-1 */
1113 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1114 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1115
1116 /* Check D == Dp modulo P-1 */
1117 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1118 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1119 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1120
1121 /* Check D == Dp modulo Q-1 */
1122 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1123 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1124 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1125 }
1126
1127exit:
1128
1129 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1130 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1131 mbedtls_mpi_free( &E );
1132 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1133}
1134/* END_CASE */
1135
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1136/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1137void mbedtls_rsa_import( int radix_N, char *input_N,
1138 int radix_P, char *input_P,
1139 int radix_Q, char *input_Q,
1140 int radix_D, char *input_D,
1141 int radix_E, char *input_E,
1142 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1143 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1144 int res_check,
1145 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1146{
1147 mbedtls_mpi N, P, Q, D, E;
1148 mbedtls_rsa_context ctx;
1149
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1150 /* Buffers used for encryption-decryption test */
1151 unsigned char *buf_orig = NULL;
1152 unsigned char *buf_enc = NULL;
1153 unsigned char *buf_dec = NULL;
1154
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1155 mbedtls_entropy_context entropy;
1156 mbedtls_ctr_drbg_context ctr_drbg;
1157 const char *pers = "test_suite_rsa";
1158
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1159 const int have_N = ( strlen( input_N ) > 0 );
1160 const int have_P = ( strlen( input_P ) > 0 );
1161 const int have_Q = ( strlen( input_Q ) > 0 );
1162 const int have_D = ( strlen( input_D ) > 0 );
1163 const int have_E = ( strlen( input_E ) > 0 );
1164
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1165 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1166 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1167 mbedtls_rsa_init( &ctx, 0, 0 );
1168
1169 mbedtls_mpi_init( &N );
1170 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1171 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1172
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1173 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1174 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1175
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1176 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1177 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1178
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1179 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1180 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1181
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1182 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1183 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1184
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1185 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1186 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1187
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1188 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1189 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1190
1191 if( !successive )
1192 {
1193 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1194 have_N ? &N : NULL,
1195 have_P ? &P : NULL,
1196 have_Q ? &Q : NULL,
1197 have_D ? &D : NULL,
1198 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1199 }
1200 else
1201 {
1202 /* Import N, P, Q, D, E separately.
1203 * This should make no functional difference. */
1204
1205 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1206 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1207 NULL, NULL, NULL, NULL ) == 0 );
1208
1209 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1210 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1211 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1212 NULL, NULL, NULL ) == 0 );
1213
1214 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1215 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1216 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1217 NULL, NULL ) == 0 );
1218
1219 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1220 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1221 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1222 NULL ) == 0 );
1223
1224 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1225 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1226 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1227 }
1228
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1229 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1230
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1231 /* On expected success, perform some public and private
1232 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1233 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1234 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1235 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1236 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1237 else
1238 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1239
1240 if( res_check != 0 )
1241 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1242
1243 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1244 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1245 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1246 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1247 goto exit;
1248
1249 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1250 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1251
1252 /* Make sure the number we're generating is smaller than the modulus */
1253 buf_orig[0] = 0x00;
1254
1255 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1256
1257 if( is_priv )
1258 {
1259 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1260 &ctr_drbg, buf_enc,
1261 buf_dec ) == 0 );
1262
1263 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1264 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1265 }
1266 }
1267
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1268exit:
1269
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1270 mbedtls_free( buf_orig );
1271 mbedtls_free( buf_enc );
1272 mbedtls_free( buf_dec );
1273
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1274 mbedtls_rsa_free( &ctx );
1275
1276 mbedtls_ctr_drbg_free( &ctr_drbg );
1277 mbedtls_entropy_free( &entropy );
1278
1279 mbedtls_mpi_free( &N );
1280 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1281 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1282}
1283/* END_CASE */
1284
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1285/* BEGIN_CASE */
1286void mbedtls_rsa_export( int radix_N, char *input_N,
1287 int radix_P, char *input_P,
1288 int radix_Q, char *input_Q,
1289 int radix_D, char *input_D,
1290 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1291 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1292 int successive )
1293{
1294 /* Original MPI's with which we set up the RSA context */
1295 mbedtls_mpi N, P, Q, D, E;
1296
1297 /* Exported MPI's */
1298 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1299
1300 const int have_N = ( strlen( input_N ) > 0 );
1301 const int have_P = ( strlen( input_P ) > 0 );
1302 const int have_Q = ( strlen( input_Q ) > 0 );
1303 const int have_D = ( strlen( input_D ) > 0 );
1304 const int have_E = ( strlen( input_E ) > 0 );
1305
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1306 mbedtls_rsa_context ctx;
1307
1308 mbedtls_rsa_init( &ctx, 0, 0 );
1309
1310 mbedtls_mpi_init( &N );
1311 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1312 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1313
1314 mbedtls_mpi_init( &Ne );
1315 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1316 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1317
1318 /* Setup RSA context */
1319
1320 if( have_N )
1321 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1322
1323 if( have_P )
1324 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1325
1326 if( have_Q )
1327 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1328
1329 if( have_D )
1330 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1331
1332 if( have_E )
1333 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1334
1335 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1336 strlen( input_N ) ? &N : NULL,
1337 strlen( input_P ) ? &P : NULL,
1338 strlen( input_Q ) ? &Q : NULL,
1339 strlen( input_D ) ? &D : NULL,
1340 strlen( input_E ) ? &E : NULL ) == 0 );
1341
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1342 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1343
1344 /*
1345 * Export parameters and compare to original ones.
1346 */
1347
1348 /* N and E must always be present. */
1349 if( !successive )
1350 {
1351 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1352 }
1353 else
1354 {
1355 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1356 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1357 }
1358 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1359 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1360
1361 /* If we were providing enough information to setup a complete private context,
1362 * we expect to be able to export all core parameters. */
1363
1364 if( is_priv )
1365 {
1366 if( !successive )
1367 {
1368 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1369 &De, NULL ) == 0 );
1370 }
1371 else
1372 {
1373 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1374 NULL, NULL ) == 0 );
1375 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1376 NULL, NULL ) == 0 );
1377 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1378 &De, NULL ) == 0 );
1379 }
1380
1381 if( have_P )
1382 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1383
1384 if( have_Q )
1385 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1386
1387 if( have_D )
1388 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1389
1390 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1391 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1392 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1393 }
1394
1395exit:
1396
1397 mbedtls_rsa_free( &ctx );
1398
1399 mbedtls_mpi_free( &N );
1400 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1401 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1402
1403 mbedtls_mpi_free( &Ne );
1404 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1405 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1406}
1407/* END_CASE */
1408
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1409/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1410void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1411 int radix_P, char *input_P,
1412 int radix_Q, char *input_Q,
1413 int radix_D, char *input_D,
1414 int radix_E, char *input_E,
1415 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1416{
1417 /* Original MPI's with which we set up the RSA context */
1418 mbedtls_mpi N, P, Q, D, E;
1419
1420 const int have_N = ( strlen( input_N ) > 0 );
1421 const int have_P = ( strlen( input_P ) > 0 );
1422 const int have_Q = ( strlen( input_Q ) > 0 );
1423 const int have_D = ( strlen( input_D ) > 0 );
1424 const int have_E = ( strlen( input_E ) > 0 );
1425
1426 mbedtls_entropy_context entropy;
1427 mbedtls_ctr_drbg_context ctr_drbg;
1428 const char *pers = "test_suite_rsa";
1429
1430 mbedtls_mpi_init( &N );
1431 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1432 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1433
1434 mbedtls_ctr_drbg_init( &ctr_drbg );
1435 mbedtls_entropy_init( &entropy );
1436 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1437 &entropy, (const unsigned char *) pers,
1438 strlen( pers ) ) == 0 );
1439
1440 if( have_N )
1441 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1442
1443 if( have_P )
1444 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1445
1446 if( have_Q )
1447 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1448
1449 if( have_D )
1450 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1451
1452 if( have_E )
1453 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1454
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1455 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1456 have_P ? &P : NULL,
1457 have_Q ? &Q : NULL,
1458 have_D ? &D : NULL,
1459 have_E ? &E : NULL,
1460 prng ? mbedtls_ctr_drbg_random : NULL,
1461 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1462exit:
1463
1464 mbedtls_ctr_drbg_free( &ctr_drbg );
1465 mbedtls_entropy_free( &entropy );
1466
1467 mbedtls_mpi_free( &N );
1468 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1469 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1470}
1471/* END_CASE */
1472
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1473/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1474void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1475 data_t *input_Q, data_t *input_D,
1476 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1477 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1478{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1479 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1480 unsigned char bufNe[256];
1481 unsigned char bufPe[128];
1482 unsigned char bufQe[128];
1483 unsigned char bufDe[256];
1484 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1485
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1486 mbedtls_rsa_context ctx;
1487
1488 mbedtls_rsa_init( &ctx, 0, 0 );
1489
1490 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1491 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1492 input_N->len ? input_N->x : NULL, input_N->len,
1493 input_P->len ? input_P->x : NULL, input_P->len,
1494 input_Q->len ? input_Q->x : NULL, input_Q->len,
1495 input_D->len ? input_D->x : NULL, input_D->len,
1496 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1497
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1498 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1499
1500 /*
1501 * Export parameters and compare to original ones.
1502 */
1503
1504 /* N and E must always be present. */
1505 if( !successive )
1506 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1507 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1508 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1509 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1510 }
1511 else
1512 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1513 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1514 NULL, 0, NULL, 0, NULL, 0,
1515 NULL, 0 ) == 0 );
1516 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1517 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1518 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1519 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1520 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1521 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1522
1523 /* If we were providing enough information to setup a complete private context,
1524 * we expect to be able to export all core parameters. */
1525
1526 if( is_priv )
1527 {
1528 if( !successive )
1529 {
1530 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1531 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1532 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1533 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1534 NULL, 0 ) == 0 );
1535 }
1536 else
1537 {
1538 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1539 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1540 NULL, 0, NULL, 0,
1541 NULL, 0 ) == 0 );
1542
1543 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1544 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1545 NULL, 0, NULL, 0 ) == 0 );
1546
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1547 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1548 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1549 NULL, 0 ) == 0 );
1550 }
1551
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1552 if( input_P->len )
1553 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1554
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1555 if( input_Q->len )
1556 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1557
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1558 if( input_D->len )
1559 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1560
1561 }
1562
1563exit:
1564 mbedtls_rsa_free( &ctx );
1565}
1566/* END_CASE */
1567
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1568/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1569void mbedtls_rsa_import_raw( data_t *input_N,
1570 data_t *input_P, data_t *input_Q,
1571 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1572 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1573 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1574 int res_check,
1575 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1576{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1577 /* Buffers used for encryption-decryption test */
1578 unsigned char *buf_orig = NULL;
1579 unsigned char *buf_enc = NULL;
1580 unsigned char *buf_dec = NULL;
1581
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1582 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1583 mbedtls_entropy_context entropy;
1584 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1585
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1586 const char *pers = "test_suite_rsa";
1587
1588 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1589 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1590 mbedtls_rsa_init( &ctx, 0, 0 );
1591
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1592 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1593 &entropy, (const unsigned char *) pers,
1594 strlen( pers ) ) == 0 );
1595
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1596 if( !successive )
1597 {
1598 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1599 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1600 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1601 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1602 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1603 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1604 }
1605 else
1606 {
1607 /* Import N, P, Q, D, E separately.
1608 * This should make no functional difference. */
1609
1610 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1611 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1612 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1613
1614 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1615 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1616 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1617 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1618
1619 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1620 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1621 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1622 NULL, 0, NULL, 0 ) == 0 );
1623
1624 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1625 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1626 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1627 NULL, 0 ) == 0 );
1628
1629 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1630 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1631 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1632 }
1633
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1634 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1635
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1636 /* On expected success, perform some public and private
1637 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1638 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1639 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1640 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1641 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1642 else
1643 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1644
1645 if( res_check != 0 )
1646 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1647
1648 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1649 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1650 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1651 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1652 goto exit;
1653
1654 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1655 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1656
1657 /* Make sure the number we're generating is smaller than the modulus */
1658 buf_orig[0] = 0x00;
1659
1660 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1661
1662 if( is_priv )
1663 {
1664 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1665 &ctr_drbg, buf_enc,
1666 buf_dec ) == 0 );
1667
1668 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1669 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1670 }
1671 }
1672
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1673exit:
1674
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1675 mbedtls_free( buf_orig );
1676 mbedtls_free( buf_enc );
1677 mbedtls_free( buf_dec );
1678
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1679 mbedtls_rsa_free( &ctx );
1680
1681 mbedtls_ctr_drbg_free( &ctr_drbg );
1682 mbedtls_entropy_free( &entropy );
1683
1684}
1685/* END_CASE */
1686
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1687/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1688void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1689{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1690 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1691}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1692/* END_CASE */