TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 718a53db2c5bf4d615ce8e73aed3ba68fb1a8b9e / . / tests / suites / test_suite_rsa.function
blob: b9d7b59004f787876410f579a2efa4dbdd9f2cb9 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 sizeof( buf ), NULL,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 sizeof( buf ), buf,
115 NULL ) );
116
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]119 NULL, sizeof( buf ),
120 buf, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]121 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
122 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]123 NULL, sizeof( buf ),
124 NULL, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]127 NULL, sizeof( buf ),
128 buf, NULL ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]132 buf, sizeof( buf ),
133 sizeof( buf ), buf,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]137 NULL, sizeof( buf ),
138 sizeof( buf ), buf,
139 buf ) );
140 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
141 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]142 buf, sizeof( buf ),
143 sizeof( buf ), NULL,
144 buf ) );
145 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
146 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]147 buf, sizeof( buf ),
148 sizeof( buf ), buf,
149 NULL ) );
150
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]153 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]154 buf, buf, 42 ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]157 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]158 buf, buf, 42 ) );
159 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
160 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]161 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]162 NULL, buf, 42 ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]165 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]166 buf, NULL, 42 ) );
167
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]170 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]171 buf, buf, 42 ) );
172 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
173 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]174 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]175 buf, buf, 42 ) );
176 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
177 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]178 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]179 NULL, buf, 42 ) );
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]182 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 buf, NULL, 42 ) );
184
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]187 buf, sizeof( buf ),
188 &olen,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, sizeof( buf ),
193 NULL,
194 buf, buf, 42 ) );
195 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
196 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]197 buf, sizeof( buf ),
198 &olen,
199 NULL, buf, 42 ) );
200 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
201 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]202 buf, sizeof( buf ),
203 &olen,
204 buf, NULL, 42 ) );
205
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]208 0, sizeof( buf ), buf,
209 buf ) );
210 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
211 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]212 0, sizeof( buf ), NULL,
213 buf ) );
214 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
215 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]216 0, sizeof( buf ), buf,
217 NULL ) );
218 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
219 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]220 MBEDTLS_MD_SHA1,
221 0, NULL,
222 buf ) );
223
224 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
225 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]226 0, sizeof( buf ), buf,
227 buf ) );
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]230 0, sizeof( buf ), NULL,
231 buf ) );
232 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
233 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]234 0, sizeof( buf ), buf,
235 NULL ) );
236 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
237 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]238 MBEDTLS_MD_SHA1,
239 0, NULL,
240 buf ) );
241
242 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
243 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]244 0, sizeof( buf ), buf,
245 buf ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]248 0, sizeof( buf ), NULL,
249 buf ) );
250 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
251 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]252 0, sizeof( buf ), buf,
253 NULL ) );
254 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
255 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]256 MBEDTLS_MD_SHA1,
257 0, NULL,
258 buf ) );
259
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]261 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
262 0, sizeof( buf ), buf,
263 MBEDTLS_RSA_SALT_LEN_ANY,
264 buf ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
267 0, sizeof( buf ), NULL,
268 MBEDTLS_RSA_SALT_LEN_ANY,
269 buf ) );
270 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
271 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
272 0, sizeof( buf ), buf,
273 MBEDTLS_RSA_SALT_LEN_ANY,
274 NULL ) );
275 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
276 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
277 MBEDTLS_MD_SHA1,
278 0, NULL,
279 MBEDTLS_RSA_SALT_LEN_ANY,
280 buf ) );
281
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]283 mbedtls_rsa_pkcs1_verify( NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]284 0, sizeof( buf ), buf,
285 buf ) );
286 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]287 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]288 0, sizeof( buf ), NULL,
289 buf ) );
290 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]291 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]292 0, sizeof( buf ), buf,
293 NULL ) );
294 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]295 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]296 MBEDTLS_MD_SHA1, 0, NULL,
297 buf ) );
298
299 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney475053d2021-05-19 11:44:27 +0100[diff] [blame]300 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]301 0, sizeof( buf ), buf,
302 buf ) );
303 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney475053d2021-05-19 11:44:27 +0100[diff] [blame]304 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]305 0, sizeof( buf ),
306 NULL, buf ) );
307 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney475053d2021-05-19 11:44:27 +0100[diff] [blame]308 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]309 0, sizeof( buf ), buf,
310 NULL ) );
311 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney475053d2021-05-19 11:44:27 +0100[diff] [blame]312 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]313 MBEDTLS_MD_SHA1,
314 0, NULL,
315 buf ) );
316
317 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney718a53d2021-05-19 12:01:35 +0100[diff] [blame^]318 mbedtls_rsa_rsassa_pss_verify( NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]319 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]320 0, sizeof( buf ),
321 buf, buf ) );
322 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney718a53d2021-05-19 12:01:35 +0100[diff] [blame^]323 mbedtls_rsa_rsassa_pss_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]324 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]325 0, sizeof( buf ),
326 NULL, buf ) );
327 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney718a53d2021-05-19 12:01:35 +0100[diff] [blame^]328 mbedtls_rsa_rsassa_pss_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]329 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]330 0, sizeof( buf ),
331 buf, NULL ) );
332 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney718a53d2021-05-19 12:01:35 +0100[diff] [blame^]333 mbedtls_rsa_rsassa_pss_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]334 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]335 MBEDTLS_MD_SHA1,
336 0, NULL,
337 buf ) );
338
339 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
340 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]341 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]342 0, sizeof( buf ),
343 buf,
344 0, 0,
345 buf ) );
346 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
347 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]348 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]349 0, sizeof( buf ),
350 NULL, 0, 0,
351 buf ) );
352 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
353 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]354 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]355 0, sizeof( buf ),
356 buf, 0, 0,
357 NULL ) );
358 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
359 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]360 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]361 MBEDTLS_MD_SHA1,
362 0, NULL,
363 0, 0,
364 buf ) );
365
366 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
367 mbedtls_rsa_copy( NULL, &ctx ) );
368 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
369 mbedtls_rsa_copy( &ctx, NULL ) );
370
371exit:
372 return;
373}
374/* END_CASE */
375
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]376/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]377void rsa_init_free( int reinit )
378{
379 mbedtls_rsa_context ctx;
380
381 /* Double free is not explicitly documented to work, but we rely on it
382 * even inside the library so that you can call mbedtls_rsa_free()
383 * unconditionally on an error path without checking whether it has
384 * already been called in the success path. */
385
386 mbedtls_rsa_init( &ctx, 0, 0 );
387 mbedtls_rsa_free( &ctx );
388
389 if( reinit )
390 mbedtls_rsa_init( &ctx, 0, 0 );
391 mbedtls_rsa_free( &ctx );
392
393 /* This test case always succeeds, functionally speaking. A plausible
394 * bug might trigger an invalid pointer dereference or a memory leak. */
395 goto exit;
396}
397/* END_CASE */
398
399/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]400void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]401 int digest, int mod, int radix_P, char * input_P,
402 int radix_Q, char * input_Q, int radix_N,
403 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]404 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]405{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]406 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
407 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]408 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]409 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]410 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]411
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]412 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
413 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]414 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]415
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]416 memset( hash_result, 0x00, sizeof( hash_result ) );
417 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]418 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]419
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]420 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
421 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
422 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
423 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]424
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]425 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
426 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]427 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]428 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]429
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]430
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]431 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]432 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]433
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]434 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]435 &rnd_info, digest, 0, hash_result,
436 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]437 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]438 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]439
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]440 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
441 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]442 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]443
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]444exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]445 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
446 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]447 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]448}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]449/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]450
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]451/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]452void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]453 int digest, int mod, int radix_N,
454 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]455 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]456{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]457 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]458 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]459
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]460 mbedtls_mpi N, E;
461
462 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]463 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]464 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]465
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]466 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
467 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
468 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
469 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]470 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]471
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]472
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]473 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]474 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]475
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]476 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]477
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]478exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]479 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]480 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]481}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]482/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]483
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]484
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]485/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]486void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]487 int padding_mode, int mod, int radix_P,
488 char * input_P, int radix_Q, char * input_Q,
489 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]490 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]491{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]492 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]493 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]494 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]495 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]496
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]497 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]498 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
499 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]500
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]501 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]502 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]504 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
505 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
506 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
507 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]508
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]509 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
510 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]511 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]512 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]513
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]514
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]515 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]516 &rnd_info, MBEDTLS_MD_NONE,
517 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]518 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]519
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]520
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]521 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
522 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]523
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]524exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]525 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
526 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
527
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]528 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]529}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]530/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]532/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]533void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]534 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]535 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]536 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]537{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]538 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]539 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]540
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]541 mbedtls_mpi N, E;
542 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
543
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]544 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]545 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]546
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]547 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
548 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]549
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]550 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
551 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]552 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]553
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]554
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]555 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]556
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]557exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]558 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]559 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]560}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]561/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]562
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]563/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]564void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]565 int mod, int radix_N, char * input_N,
566 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]567 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]568{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]569 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]570 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]571 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]572
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]573 mbedtls_mpi N, E;
574 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
575
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]576 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]577
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]578 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]579 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]580
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]581 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
582 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]583
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]584 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
585 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]586 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]587
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]588
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]589 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
590 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]591 &rnd_info, message_str->len,
592 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]593 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]594 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]595 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]596
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]597 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
598 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]599 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]600
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]601exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]602 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]603 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]604}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]605/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]606
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]607/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]608void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]609 int mod, int radix_N, char * input_N,
610 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]611 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]612{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]613 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]614 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]615
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]616 mbedtls_mpi N, E;
617
618 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]619 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]620 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]621
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]622 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
623 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]624
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]625 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
626 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]628
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]629
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]630 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]631 NULL, message_str->len,
632 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]633 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]634 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]635 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]636
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]637 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
638 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]639 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]640
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]641exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]642 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]643 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]644}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]645/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]646
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]647/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]648void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]649 int mod, int radix_P, char * input_P,
650 int radix_Q, char * input_Q, int radix_N,
651 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]652 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]653 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]654{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]655 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]656 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]657 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]658 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]659 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]660
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]661 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
662 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
663
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]665
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]666 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]667 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]668
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]669
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]670 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
671 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
672 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
673 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]674
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]675 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
676 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]677 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]678 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]679
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]680 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]681
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]682 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]683 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]684 &output_len, message_str->x, output,
685 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]686 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]687 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]688
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]689 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]690 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]691 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]692 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]693
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]694exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]695 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
696 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]698}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]699/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]700
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]701/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]702void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]703 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]704 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]705{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]706 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]707 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]708
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]709 mbedtls_mpi N, E;
710
711 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]712 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
713 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]714 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]715
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]716 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
717 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]718
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]719 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
720 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]721 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]722
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]723
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]724 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]725 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]726 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]727
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]728 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
729 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]730 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]731
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]732 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]733 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]734 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]735 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]736
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]737 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]738
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]739 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]740 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]741 if( result == 0 )
742 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]743
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]744 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
745 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]746 }
747
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]748exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]749 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]750 mbedtls_rsa_free( &ctx );
751 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]752}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]753/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]754
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]755/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]756void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]757 char * input_P, int radix_Q, char * input_Q,
758 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]759 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]760 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]761{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]762 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]763 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]764 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]765 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]766 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]767
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]768 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
769 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]770 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
771 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]772
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]773 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]774
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]775 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
776 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
777 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
778 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]779
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]780 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
781 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]782 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]783 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]784
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]785
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]786 /* repeat three times to test updating of blinding values */
787 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]788 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]789 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]790 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
791 &rnd_info, message_str->x,
792 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]793 if( result == 0 )
794 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]795
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]796 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]797 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]798 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]799 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]800 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]801
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]802 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]803 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]804 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]805 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]806
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]807 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]808
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]809 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]810 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
811 &rnd_info, message_str->x,
812 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]813 if( result == 0 )
814 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]815
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]816 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]817 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]818 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]819 }
820
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]821exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]822 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
823 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
824
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]825 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]826}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]827/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]828
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]829/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]830void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]831{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]832 mbedtls_rsa_context ctx;
833 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]834
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]835 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]836}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]837/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]838
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]839/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]840void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
841 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]842{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]843 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]844 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]845
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]846 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]847 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]848
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]849 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]850 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]851 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]852 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]853 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]854 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]855 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]856 }
857
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]858 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]859 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]860
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]861exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]862 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]863 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]864}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]865/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]866
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]867/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]868void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
869 int radix_Q, char * input_Q, int radix_N,
870 char * input_N, int radix_E, char * input_E,
871 int radix_D, char * input_D, int radix_DP,
872 char * input_DP, int radix_DQ,
873 char * input_DQ, int radix_QP,
874 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]875{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]876 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]877
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]878 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]879
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]880 ctx.len = mod / 8;
881 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]882 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]883 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]884 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]885 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]886 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]887 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]888 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]889 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]890 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]892 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]893 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]894 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]896 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]897 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]898 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]899 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]901#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]902 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]903 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]904 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]905 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]906 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]907 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]908 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]909 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]910 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]911 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]912 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]913 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]914#else
915 ((void) radix_DP); ((void) input_DP);
916 ((void) radix_DQ); ((void) input_DQ);
917 ((void) radix_QP); ((void) input_QP);
918#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]919
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]920 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]921
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]922exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]923 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]924}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]925/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]926
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]927/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]928void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
929 int radix_Epub, char * input_Epub, int radix_P,
930 char * input_P, int radix_Q, char * input_Q,
931 int radix_N, char * input_N, int radix_E,
932 char * input_E, int radix_D, char * input_D,
933 int radix_DP, char * input_DP, int radix_DQ,
934 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]935 int result )
936{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]937 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]938
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]939 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
940 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]941
942 pub.len = mod / 8;
943 prv.len = mod / 8;
944
945 if( strlen( input_Npub ) )
946 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]948 }
949 if( strlen( input_Epub ) )
950 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]952 }
953
954 if( strlen( input_P ) )
955 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]956 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]957 }
958 if( strlen( input_Q ) )
959 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]960 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]961 }
962 if( strlen( input_N ) )
963 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]965 }
966 if( strlen( input_E ) )
967 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]968 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]969 }
970 if( strlen( input_D ) )
971 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]973 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]974#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]975 if( strlen( input_DP ) )
976 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]977 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]978 }
979 if( strlen( input_DQ ) )
980 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]981 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]982 }
983 if( strlen( input_QP ) )
984 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]985 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]986 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]987#else
988 ((void) radix_DP); ((void) input_DP);
989 ((void) radix_DQ); ((void) input_DQ);
990 ((void) radix_QP); ((void) input_QP);
991#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]992
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]993 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]994
995exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]996 mbedtls_rsa_free( &pub );
997 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]998}
999/* END_CASE */
1000
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1001/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1002void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1003{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1004 mbedtls_rsa_context ctx;
1005 mbedtls_entropy_context entropy;
1006 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1007 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1008
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1009 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1010 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1011 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1012
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1013 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1014 &entropy, (const unsigned char *) pers,
1015 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1016
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1017 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1018 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1019 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1021 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1022 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1023
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1024exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1025 mbedtls_rsa_free( &ctx );
1026 mbedtls_ctr_drbg_free( &ctr_drbg );
1027 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1028}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1029/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1030
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1031/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1032void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1033 int radix_D, char *input_D,
1034 int radix_E, char *input_E,
1035 int radix_P, char *output_P,
1036 int radix_Q, char *output_Q,
1037 int corrupt, int result )
1038{
1039 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1040
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1041 mbedtls_mpi_init( &N );
1042 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1043 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1044 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1045
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1046 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1047 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1048 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1049 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1050 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1051
1052 if( corrupt )
1053 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1054
1055 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1056 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1057
1058 if( !corrupt )
1059 {
1060 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1061 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1062 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1063 }
1064
1065exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1066 mbedtls_mpi_free( &N );
1067 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1068 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1069 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1070}
1071/* END_CASE */
1072
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1073/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1074void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1075 int radix_Q, char *input_Q,
1076 int radix_E, char *input_E,
1077 int radix_D, char *output_D,
1078 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1079{
1080 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1081
1082 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1083 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1084 mbedtls_mpi_init( &E );
1085 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1086
1087 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1088 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1089 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1090 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1091
1092 if( corrupt )
1093 {
1094 /* Make E even */
1095 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1096 }
1097
1098 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1099 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1100 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1101
1102 if( !corrupt )
1103 {
1104 /*
1105 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1106 */
1107
1108 /* Replace P,Q by P-1, Q-1 */
1109 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1110 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1111
1112 /* Check D == Dp modulo P-1 */
1113 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1114 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1115 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1116
1117 /* Check D == Dp modulo Q-1 */
1118 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1119 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1120 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1121 }
1122
1123exit:
1124
1125 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1126 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1127 mbedtls_mpi_free( &E );
1128 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1129}
1130/* END_CASE */
1131
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1132/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1133void mbedtls_rsa_import( int radix_N, char *input_N,
1134 int radix_P, char *input_P,
1135 int radix_Q, char *input_Q,
1136 int radix_D, char *input_D,
1137 int radix_E, char *input_E,
1138 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1139 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1140 int res_check,
1141 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1142{
1143 mbedtls_mpi N, P, Q, D, E;
1144 mbedtls_rsa_context ctx;
1145
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1146 /* Buffers used for encryption-decryption test */
1147 unsigned char *buf_orig = NULL;
1148 unsigned char *buf_enc = NULL;
1149 unsigned char *buf_dec = NULL;
1150
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1151 mbedtls_entropy_context entropy;
1152 mbedtls_ctr_drbg_context ctr_drbg;
1153 const char *pers = "test_suite_rsa";
1154
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1155 const int have_N = ( strlen( input_N ) > 0 );
1156 const int have_P = ( strlen( input_P ) > 0 );
1157 const int have_Q = ( strlen( input_Q ) > 0 );
1158 const int have_D = ( strlen( input_D ) > 0 );
1159 const int have_E = ( strlen( input_E ) > 0 );
1160
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1161 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1162 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1163 mbedtls_rsa_init( &ctx, 0, 0 );
1164
1165 mbedtls_mpi_init( &N );
1166 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1167 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1168
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1169 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1170 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1171
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1172 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1173 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1174
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1175 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1176 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1177
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1178 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1179 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1180
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1181 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1182 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1183
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1184 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1185 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1186
1187 if( !successive )
1188 {
1189 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1190 have_N ? &N : NULL,
1191 have_P ? &P : NULL,
1192 have_Q ? &Q : NULL,
1193 have_D ? &D : NULL,
1194 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1195 }
1196 else
1197 {
1198 /* Import N, P, Q, D, E separately.
1199 * This should make no functional difference. */
1200
1201 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1202 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1203 NULL, NULL, NULL, NULL ) == 0 );
1204
1205 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1206 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1207 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1208 NULL, NULL, NULL ) == 0 );
1209
1210 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1211 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1212 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1213 NULL, NULL ) == 0 );
1214
1215 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1216 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1217 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1218 NULL ) == 0 );
1219
1220 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1221 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1222 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1223 }
1224
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1225 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1226
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1227 /* On expected success, perform some public and private
1228 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1229 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1230 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1231 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1232 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1233 else
1234 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1235
1236 if( res_check != 0 )
1237 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1238
1239 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1240 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1241 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1242 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1243 goto exit;
1244
1245 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1246 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1247
1248 /* Make sure the number we're generating is smaller than the modulus */
1249 buf_orig[0] = 0x00;
1250
1251 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1252
1253 if( is_priv )
1254 {
1255 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1256 &ctr_drbg, buf_enc,
1257 buf_dec ) == 0 );
1258
1259 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1260 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1261 }
1262 }
1263
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1264exit:
1265
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1266 mbedtls_free( buf_orig );
1267 mbedtls_free( buf_enc );
1268 mbedtls_free( buf_dec );
1269
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1270 mbedtls_rsa_free( &ctx );
1271
1272 mbedtls_ctr_drbg_free( &ctr_drbg );
1273 mbedtls_entropy_free( &entropy );
1274
1275 mbedtls_mpi_free( &N );
1276 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1277 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1278}
1279/* END_CASE */
1280
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1281/* BEGIN_CASE */
1282void mbedtls_rsa_export( int radix_N, char *input_N,
1283 int radix_P, char *input_P,
1284 int radix_Q, char *input_Q,
1285 int radix_D, char *input_D,
1286 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1287 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1288 int successive )
1289{
1290 /* Original MPI's with which we set up the RSA context */
1291 mbedtls_mpi N, P, Q, D, E;
1292
1293 /* Exported MPI's */
1294 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1295
1296 const int have_N = ( strlen( input_N ) > 0 );
1297 const int have_P = ( strlen( input_P ) > 0 );
1298 const int have_Q = ( strlen( input_Q ) > 0 );
1299 const int have_D = ( strlen( input_D ) > 0 );
1300 const int have_E = ( strlen( input_E ) > 0 );
1301
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1302 mbedtls_rsa_context ctx;
1303
1304 mbedtls_rsa_init( &ctx, 0, 0 );
1305
1306 mbedtls_mpi_init( &N );
1307 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1308 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1309
1310 mbedtls_mpi_init( &Ne );
1311 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1312 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1313
1314 /* Setup RSA context */
1315
1316 if( have_N )
1317 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1318
1319 if( have_P )
1320 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1321
1322 if( have_Q )
1323 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1324
1325 if( have_D )
1326 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1327
1328 if( have_E )
1329 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1330
1331 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1332 strlen( input_N ) ? &N : NULL,
1333 strlen( input_P ) ? &P : NULL,
1334 strlen( input_Q ) ? &Q : NULL,
1335 strlen( input_D ) ? &D : NULL,
1336 strlen( input_E ) ? &E : NULL ) == 0 );
1337
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1338 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1339
1340 /*
1341 * Export parameters and compare to original ones.
1342 */
1343
1344 /* N and E must always be present. */
1345 if( !successive )
1346 {
1347 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1348 }
1349 else
1350 {
1351 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1352 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1353 }
1354 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1355 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1356
1357 /* If we were providing enough information to setup a complete private context,
1358 * we expect to be able to export all core parameters. */
1359
1360 if( is_priv )
1361 {
1362 if( !successive )
1363 {
1364 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1365 &De, NULL ) == 0 );
1366 }
1367 else
1368 {
1369 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1370 NULL, NULL ) == 0 );
1371 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1372 NULL, NULL ) == 0 );
1373 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1374 &De, NULL ) == 0 );
1375 }
1376
1377 if( have_P )
1378 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1379
1380 if( have_Q )
1381 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1382
1383 if( have_D )
1384 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1385
1386 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1387 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1388 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1389 }
1390
1391exit:
1392
1393 mbedtls_rsa_free( &ctx );
1394
1395 mbedtls_mpi_free( &N );
1396 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1397 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1398
1399 mbedtls_mpi_free( &Ne );
1400 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1401 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1402}
1403/* END_CASE */
1404
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1405/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1406void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1407 int radix_P, char *input_P,
1408 int radix_Q, char *input_Q,
1409 int radix_D, char *input_D,
1410 int radix_E, char *input_E,
1411 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1412{
1413 /* Original MPI's with which we set up the RSA context */
1414 mbedtls_mpi N, P, Q, D, E;
1415
1416 const int have_N = ( strlen( input_N ) > 0 );
1417 const int have_P = ( strlen( input_P ) > 0 );
1418 const int have_Q = ( strlen( input_Q ) > 0 );
1419 const int have_D = ( strlen( input_D ) > 0 );
1420 const int have_E = ( strlen( input_E ) > 0 );
1421
1422 mbedtls_entropy_context entropy;
1423 mbedtls_ctr_drbg_context ctr_drbg;
1424 const char *pers = "test_suite_rsa";
1425
1426 mbedtls_mpi_init( &N );
1427 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1428 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1429
1430 mbedtls_ctr_drbg_init( &ctr_drbg );
1431 mbedtls_entropy_init( &entropy );
1432 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1433 &entropy, (const unsigned char *) pers,
1434 strlen( pers ) ) == 0 );
1435
1436 if( have_N )
1437 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1438
1439 if( have_P )
1440 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1441
1442 if( have_Q )
1443 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1444
1445 if( have_D )
1446 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1447
1448 if( have_E )
1449 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1450
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1451 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1452 have_P ? &P : NULL,
1453 have_Q ? &Q : NULL,
1454 have_D ? &D : NULL,
1455 have_E ? &E : NULL,
1456 prng ? mbedtls_ctr_drbg_random : NULL,
1457 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1458exit:
1459
1460 mbedtls_ctr_drbg_free( &ctr_drbg );
1461 mbedtls_entropy_free( &entropy );
1462
1463 mbedtls_mpi_free( &N );
1464 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1465 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1466}
1467/* END_CASE */
1468
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1469/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1470void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1471 data_t *input_Q, data_t *input_D,
1472 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1473 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1474{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1475 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1476 unsigned char bufNe[256];
1477 unsigned char bufPe[128];
1478 unsigned char bufQe[128];
1479 unsigned char bufDe[256];
1480 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1481
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1482 mbedtls_rsa_context ctx;
1483
1484 mbedtls_rsa_init( &ctx, 0, 0 );
1485
1486 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1487 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1488 input_N->len ? input_N->x : NULL, input_N->len,
1489 input_P->len ? input_P->x : NULL, input_P->len,
1490 input_Q->len ? input_Q->x : NULL, input_Q->len,
1491 input_D->len ? input_D->x : NULL, input_D->len,
1492 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1493
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1494 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1495
1496 /*
1497 * Export parameters and compare to original ones.
1498 */
1499
1500 /* N and E must always be present. */
1501 if( !successive )
1502 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1503 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1504 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1505 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1506 }
1507 else
1508 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1509 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1510 NULL, 0, NULL, 0, NULL, 0,
1511 NULL, 0 ) == 0 );
1512 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1513 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1514 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1515 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1516 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1517 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1518
1519 /* If we were providing enough information to setup a complete private context,
1520 * we expect to be able to export all core parameters. */
1521
1522 if( is_priv )
1523 {
1524 if( !successive )
1525 {
1526 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1527 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1528 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1529 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1530 NULL, 0 ) == 0 );
1531 }
1532 else
1533 {
1534 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1535 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1536 NULL, 0, NULL, 0,
1537 NULL, 0 ) == 0 );
1538
1539 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1540 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1541 NULL, 0, NULL, 0 ) == 0 );
1542
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1543 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1544 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1545 NULL, 0 ) == 0 );
1546 }
1547
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1548 if( input_P->len )
1549 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1550
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1551 if( input_Q->len )
1552 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1553
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1554 if( input_D->len )
1555 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1556
1557 }
1558
1559exit:
1560 mbedtls_rsa_free( &ctx );
1561}
1562/* END_CASE */
1563
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1564/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1565void mbedtls_rsa_import_raw( data_t *input_N,
1566 data_t *input_P, data_t *input_Q,
1567 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1568 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1569 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1570 int res_check,
1571 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1572{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1573 /* Buffers used for encryption-decryption test */
1574 unsigned char *buf_orig = NULL;
1575 unsigned char *buf_enc = NULL;
1576 unsigned char *buf_dec = NULL;
1577
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1578 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1579 mbedtls_entropy_context entropy;
1580 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1581
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1582 const char *pers = "test_suite_rsa";
1583
1584 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1585 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1586 mbedtls_rsa_init( &ctx, 0, 0 );
1587
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1588 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1589 &entropy, (const unsigned char *) pers,
1590 strlen( pers ) ) == 0 );
1591
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1592 if( !successive )
1593 {
1594 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1595 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1596 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1597 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1598 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1599 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1600 }
1601 else
1602 {
1603 /* Import N, P, Q, D, E separately.
1604 * This should make no functional difference. */
1605
1606 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1607 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1608 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1609
1610 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1611 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1612 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1613 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1614
1615 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1616 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1617 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1618 NULL, 0, NULL, 0 ) == 0 );
1619
1620 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1621 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1622 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1623 NULL, 0 ) == 0 );
1624
1625 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1626 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1627 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1628 }
1629
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1630 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1631
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1632 /* On expected success, perform some public and private
1633 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1634 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1635 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1636 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1637 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1638 else
1639 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1640
1641 if( res_check != 0 )
1642 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1643
1644 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1645 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1646 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1647 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1648 goto exit;
1649
1650 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1651 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1652
1653 /* Make sure the number we're generating is smaller than the modulus */
1654 buf_orig[0] = 0x00;
1655
1656 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1657
1658 if( is_priv )
1659 {
1660 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1661 &ctr_drbg, buf_enc,
1662 buf_dec ) == 0 );
1663
1664 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1665 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1666 }
1667 }
1668
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1669exit:
1670
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1671 mbedtls_free( buf_orig );
1672 mbedtls_free( buf_enc );
1673 mbedtls_free( buf_dec );
1674
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1675 mbedtls_rsa_free( &ctx );
1676
1677 mbedtls_ctr_drbg_free( &ctr_drbg );
1678 mbedtls_entropy_free( &entropy );
1679
1680}
1681/* END_CASE */
1682
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1683/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1684void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1685{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1686 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1687}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1688/* END_CASE */