TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / c0eabdc63657f784dee45167b010534cd3924cfa / . / tests / suites / test_suite_rsa.function
blob: 7e22d58cf855da2acfebdb6d22fd55961b68315f [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md5.h"
5#include "mbedtls/sha1.h"
6#include "mbedtls/sha256.h"
7#include "mbedtls/sha512.h"
8#include "mbedtls/entropy.h"
9#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]10
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]11/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]14 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15 * END_DEPENDENCIES
16 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]17
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]18/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]19void rsa_invalid_param()
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]20{
21 mbedtls_rsa_context ctx;
22 const int invalid_padding = 42;
23 const int invalid_hash_id = 0xff;
24
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]25 mbedtls_rsa_init(&ctx);
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]26
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]27 TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, invalid_padding, MBEDTLS_MD_NONE),
28 MBEDTLS_ERR_RSA_INVALID_PADDING);
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]29
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]30 TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21,
31 invalid_hash_id),
32 MBEDTLS_ERR_RSA_INVALID_PADDING);
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]33
Ronald Cron3a0375f2021-06-08 10:22:28 +0200[diff] [blame]34#if !defined(MBEDTLS_PKCS1_V15)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]35 TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15,
36 MBEDTLS_MD_NONE),
37 MBEDTLS_ERR_RSA_INVALID_PADDING);
Ronald Cron3a0375f2021-06-08 10:22:28 +0200[diff] [blame]38#endif
39
40#if !defined(MBEDTLS_PKCS1_V21)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]41 TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21,
42 MBEDTLS_MD_NONE),
43 MBEDTLS_ERR_RSA_INVALID_PADDING);
Ronald Cron3a0375f2021-06-08 10:22:28 +0200[diff] [blame]44#endif
45
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]46exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]47 mbedtls_rsa_free(&ctx);
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]48}
49/* END_CASE */
50
51/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]52void rsa_init_free(int reinit)
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]53{
54 mbedtls_rsa_context ctx;
55
56 /* Double free is not explicitly documented to work, but we rely on it
57 * even inside the library so that you can call mbedtls_rsa_free()
58 * unconditionally on an error path without checking whether it has
59 * already been called in the success path. */
60
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]61 mbedtls_rsa_init(&ctx);
62 mbedtls_rsa_free(&ctx);
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]63
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]64 if (reinit)
65 mbedtls_rsa_init(&ctx);
66 mbedtls_rsa_free(&ctx);
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]67
68 /* This test case always succeeds, functionally speaking. A plausible
69 * bug might trigger an invalid pointer dereference or a memory leak. */
70 goto exit;
71}
72/* END_CASE */
73
74/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]75void mbedtls_rsa_pkcs1_sign(data_t *message_str,
76 int padding_mode,
77 int digest,
78 int mod,
79 int radix_P,
80 char *input_P,
81 int radix_Q,
82 char *input_Q,
83 int radix_N,
84 char *input_N,
85 int radix_E,
86 char *input_E,
87 data_t *result_str,
88 int result)
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]89{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]90 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]91 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(digest);
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]92 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]93 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]94 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]95 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]96
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]97 mbedtls_mpi_init(&N);
98 mbedtls_mpi_init(&P);
99 mbedtls_mpi_init(&Q);
100 mbedtls_mpi_init(&E);
101 mbedtls_rsa_init(&ctx);
102 TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, padding_mode, MBEDTLS_MD_NONE) ==
103 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]104
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]105 memset(hash_result, 0x00, sizeof(hash_result));
106 memset(output, 0x00, sizeof(output));
107 memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]108
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]109 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
110 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
111 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
112 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]113
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]114 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
115 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
116 TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
117 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]118
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]119 if (md_info != NULL)
120 TEST_ASSERT(mbedtls_md(md_info, message_str->x, message_str->len,
121 hash_result) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]122
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]123 TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_pseudo_rand,
124 &rnd_info, digest,
125 mbedtls_md_get_size(md_info),
126 hash_result, output) == result);
127 if (result == 0) {
128 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, ctx.len,
129 result_str->len) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]130 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]131
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]132exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]133 mbedtls_mpi_free(&N);
134 mbedtls_mpi_free(&P);
135 mbedtls_mpi_free(&Q);
136 mbedtls_mpi_free(&E);
137 mbedtls_rsa_free(&ctx);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]138}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]139/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]140
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]141/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]142void mbedtls_rsa_pkcs1_verify(data_t *message_str,
143 int padding_mode,
144 int digest,
145 int mod,
146 int radix_N,
147 char *input_N,
148 int radix_E,
149 char *input_E,
150 data_t *result_str,
151 int result)
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]152{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]153 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]154 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(digest);
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]155 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]156 mbedtls_mpi N, E;
157
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]158 mbedtls_mpi_init(&N);
159 mbedtls_mpi_init(&E);
160 mbedtls_rsa_init(&ctx);
161 TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, padding_mode, MBEDTLS_MD_NONE) ==
162 0);
163 memset(hash_result, 0x00, sizeof(hash_result));
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]164
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]165 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
166 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
167 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
168 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
169 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]170
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]171 if (md_info != NULL)
172 TEST_ASSERT(mbedtls_md(md_info, message_str->x, message_str->len,
173 hash_result) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]174
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]175 TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, digest,
176 mbedtls_md_get_size(md_info),
177 hash_result, result_str->x) == result);
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]178
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]179exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]180 mbedtls_mpi_free(&N);
181 mbedtls_mpi_free(&E);
182 mbedtls_rsa_free(&ctx);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]183}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]184/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]185
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]186/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]187void rsa_pkcs1_sign_raw(data_t *hash_result,
188 int padding_mode,
189 int mod,
190 int radix_P,
191 char *input_P,
192 int radix_Q,
193 char *input_Q,
194 int radix_N,
195 char *input_N,
196 int radix_E,
197 char *input_E,
198 data_t *result_str)
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]199{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]200 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]201 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]202 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]203 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]204
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]205 mbedtls_rsa_init(&ctx);
206 mbedtls_mpi_init(&N);
207 mbedtls_mpi_init(&P);
208 mbedtls_mpi_init(&Q);
209 mbedtls_mpi_init(&E);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]210
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]211 TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, padding_mode, MBEDTLS_MD_NONE) ==
212 0);
Paul Elliotte57dd2d2021-06-25 11:13:24 +0100[diff] [blame]213
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]214 memset(output, 0x00, sizeof(output));
215 memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]216
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]217 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
218 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
219 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
220 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]221
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]222 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
223 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
224 TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
225 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]226
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]227 TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_pseudo_rand,
228 &rnd_info, MBEDTLS_MD_NONE,
229 hash_result->len, hash_result->x,
230 output) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]231
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]232 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, ctx.len,
233 result_str->len) == 0);
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]234
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]235exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]236 mbedtls_mpi_free(&N);
237 mbedtls_mpi_free(&P);
238 mbedtls_mpi_free(&Q);
239 mbedtls_mpi_free(&E);
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]240
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]241 mbedtls_rsa_free(&ctx);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]242}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]243/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]244
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]245/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]246void rsa_pkcs1_verify_raw(data_t *hash_result,
247 int padding_mode,
248 int mod,
249 int radix_N,
250 char *input_N,
251 int radix_E,
252 char *input_E,
253 data_t *result_str,
254 int correct)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]255{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]256 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]257 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]258
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]259 mbedtls_mpi N, E;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]260 mbedtls_mpi_init(&N);
261 mbedtls_mpi_init(&E);
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]262
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]263 mbedtls_rsa_init(&ctx);
264 TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, padding_mode, MBEDTLS_MD_NONE) ==
265 0);
266 memset(output, 0x00, sizeof(output));
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]267
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]268 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
269 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]270
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]271 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
272 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
273 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]274
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]275 TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, MBEDTLS_MD_NONE,
276 hash_result->len, hash_result->x,
277 result_str->x) == correct);
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]278
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]279exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]280 mbedtls_mpi_free(&N);
281 mbedtls_mpi_free(&E);
282 mbedtls_rsa_free(&ctx);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]283}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]284/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]285
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]286/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]287void mbedtls_rsa_pkcs1_encrypt(data_t *message_str,
288 int padding_mode,
289 int mod,
290 int radix_N,
291 char *input_N,
292 int radix_E,
293 char *input_E,
294 data_t *result_str,
295 int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]296{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]297 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]298 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]299 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]300
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]301 mbedtls_mpi N, E;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]302 mbedtls_mpi_init(&N);
303 mbedtls_mpi_init(&E);
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]304
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]305 memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]306
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]307 mbedtls_rsa_init(&ctx);
308 TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, padding_mode, MBEDTLS_MD_NONE) ==
309 0);
310 memset(output, 0x00, sizeof(output));
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]311
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]312 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
313 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]314
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]315 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
316 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
317 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]318
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]319 TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, &mbedtls_test_rnd_pseudo_rand,
320 &rnd_info, message_str->len,
321 message_str->x, output) == result);
322 if (result == 0) {
323 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, ctx.len,
324 result_str->len) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]325 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]326
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]327exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]328 mbedtls_mpi_free(&N);
329 mbedtls_mpi_free(&E);
330 mbedtls_rsa_free(&ctx);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]331}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]332/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]333
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]334/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]335void rsa_pkcs1_encrypt_bad_rng(data_t *message_str,
336 int padding_mode,
337 int mod,
338 int radix_N,
339 char *input_N,
340 int radix_E,
341 char *input_E,
342 data_t *result_str,
343 int result)
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]344{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]345 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]346 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]347
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]348 mbedtls_mpi N, E;
349
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]350 mbedtls_mpi_init(&N);
351 mbedtls_mpi_init(&E);
352 mbedtls_rsa_init(&ctx);
353 TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, padding_mode, MBEDTLS_MD_NONE) ==
354 0);
355 memset(output, 0x00, sizeof(output));
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]356
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]357 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
358 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]359
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]360 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
361 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
362 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]363
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]364 TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, &mbedtls_test_rnd_zero_rand,
365 NULL, message_str->len,
366 message_str->x, output) == result);
367 if (result == 0) {
368 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, ctx.len,
369 result_str->len) == 0);
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]370 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]371
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]372exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]373 mbedtls_mpi_free(&N);
374 mbedtls_mpi_free(&E);
375 mbedtls_rsa_free(&ctx);
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]376}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]377/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]378
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]379/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]380void mbedtls_rsa_pkcs1_decrypt(data_t *message_str,
381 int padding_mode,
382 int mod,
383 int radix_P,
384 char *input_P,
385 int radix_Q,
386 char *input_Q,
387 int radix_N,
388 char *input_N,
389 int radix_E,
390 char *input_E,
391 int max_output,
392 data_t *result_str,
393 int result)
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]394{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]395 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]396 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]397 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]398 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]399 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]400
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]401 mbedtls_mpi_init(&N);
402 mbedtls_mpi_init(&P);
403 mbedtls_mpi_init(&Q);
404 mbedtls_mpi_init(&E);
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]405
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]406 mbedtls_rsa_init(&ctx);
407 TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, padding_mode, MBEDTLS_MD_NONE) ==
408 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]409
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]410 memset(output, 0x00, sizeof(output));
411 memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]412
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]413 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
414 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
415 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
416 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]417
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]418 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
419 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
420 TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
421 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]422
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]423 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]424
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]425 TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(
426 &ctx, mbedtls_test_rnd_pseudo_rand, &rnd_info, &output_len,
427 message_str->x, output, max_output) == result);
428 if (result == 0) {
429 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, output_len,
430 result_str->len) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]431 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]432
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]433exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]434 mbedtls_mpi_free(&N);
435 mbedtls_mpi_free(&P);
436 mbedtls_mpi_free(&Q);
437 mbedtls_mpi_free(&E);
438 mbedtls_rsa_free(&ctx);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]439}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]440/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]441
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]442/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]443void mbedtls_rsa_public(data_t *message_str,
444 int mod,
445 int radix_N,
446 char *input_N,
447 int radix_E,
448 char *input_E,
449 data_t *result_str,
450 int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]451{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]452 unsigned char output[256];
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]453 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it
454 */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]455
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]456 mbedtls_mpi N, E;
457
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]458 mbedtls_mpi_init(&N);
459 mbedtls_mpi_init(&E);
460 mbedtls_rsa_init(&ctx);
461 mbedtls_rsa_init(&ctx2);
462 memset(output, 0x00, sizeof(output));
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]463
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]464 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
465 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]466
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]467 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
Gilles Peskine058d0092021-06-09 16:24:35 +0200[diff] [blame]468
469 /* Check test data consistency */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]470 TEST_ASSERT(message_str->len == (size_t)(mod / 8));
471 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
472 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]473
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]474 TEST_ASSERT(mbedtls_rsa_public(&ctx, message_str->x, output) == result);
475 if (result == 0) {
476 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, ctx.len,
477 result_str->len) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]478 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]479
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]480 /* And now with the copy */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]481 TEST_ASSERT(mbedtls_rsa_copy(&ctx2, &ctx) == 0);
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]482 /* clear the original to be sure */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]483 mbedtls_rsa_free(&ctx);
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]484
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]485 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx2) == 0);
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]486
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]487 memset(output, 0x00, sizeof(output));
488 TEST_ASSERT(mbedtls_rsa_public(&ctx2, message_str->x, output) == result);
489 if (result == 0) {
490 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, ctx.len,
491 result_str->len) == 0);
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]492 }
493
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]494exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]495 mbedtls_mpi_free(&N);
496 mbedtls_mpi_free(&E);
497 mbedtls_rsa_free(&ctx);
498 mbedtls_rsa_free(&ctx2);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]499}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]500/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]501
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]502/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]503void mbedtls_rsa_private(data_t *message_str,
504 int mod,
505 int radix_P,
506 char *input_P,
507 int radix_Q,
508 char *input_Q,
509 int radix_N,
510 char *input_N,
511 int radix_E,
512 char *input_E,
513 data_t *result_str,
514 int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]515{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]516 unsigned char output[256];
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]517 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it
518 */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]519 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]520 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]521 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]522
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]523 mbedtls_mpi_init(&N);
524 mbedtls_mpi_init(&P);
525 mbedtls_mpi_init(&Q);
526 mbedtls_mpi_init(&E);
527 mbedtls_rsa_init(&ctx);
528 mbedtls_rsa_init(&ctx2);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]529
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]530 memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]532 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
533 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
534 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
535 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]536
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]537 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
Gilles Peskine058d0092021-06-09 16:24:35 +0200[diff] [blame]538
539 /* Check test data consistency */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]540 TEST_ASSERT(message_str->len == (size_t)(mod / 8));
541 TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t)(mod / 8));
542 TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
543 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]544
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]545 /* repeat three times to test updating of blinding values */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]546 for (i = 0; i < 3; i++) {
547 memset(output, 0x00, sizeof(output));
548 TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_test_rnd_pseudo_rand,
549 &rnd_info, message_str->x,
550 output) == result);
551 if (result == 0) {
552 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, ctx.len,
553 result_str->len) == 0);
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]554 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]555 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]556
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]557 /* And now one more time with the copy */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]558 TEST_ASSERT(mbedtls_rsa_copy(&ctx2, &ctx) == 0);
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]559 /* clear the original to be sure */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]560 mbedtls_rsa_free(&ctx);
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]561
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]562 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx2) == 0);
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]563
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]564 memset(output, 0x00, sizeof(output));
565 TEST_ASSERT(mbedtls_rsa_private(&ctx2, mbedtls_test_rnd_pseudo_rand,
566 &rnd_info, message_str->x,
567 output) == result);
568 if (result == 0) {
569 TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, ctx2.len,
570 result_str->len) == 0);
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]571 }
572
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]573exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]574 mbedtls_mpi_free(&N);
575 mbedtls_mpi_free(&P);
576 mbedtls_mpi_free(&Q);
577 mbedtls_mpi_free(&E);
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]578
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]579 mbedtls_rsa_free(&ctx);
580 mbedtls_rsa_free(&ctx2);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]581}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]582/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]583
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]584/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]585void rsa_check_privkey_null()
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]586{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]587 mbedtls_rsa_context ctx;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]588 memset(&ctx, 0x00, sizeof(mbedtls_rsa_context));
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]589
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]590 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) ==
591 MBEDTLS_ERR_RSA_KEY_CHECK_FAILED);
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]592}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]593/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]594
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]595/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]596void mbedtls_rsa_check_pubkey(int radix_N,
597 char *input_N,
598 int radix_E,
599 char *input_E,
600 int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]601{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]602 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]603 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]604
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]605 mbedtls_mpi_init(&N);
606 mbedtls_mpi_init(&E);
607 mbedtls_rsa_init(&ctx);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]608
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]609 if (strlen(input_N)) {
610 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]612 if (strlen(input_E)) {
613 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]614 }
615
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]616 TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
617 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == result);
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]618
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]619exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]620 mbedtls_mpi_free(&N);
621 mbedtls_mpi_free(&E);
622 mbedtls_rsa_free(&ctx);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]623}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]624/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]625
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]626/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]627void mbedtls_rsa_check_privkey(int mod,
628 int radix_P,
629 char *input_P,
630 int radix_Q,
631 char *input_Q,
632 int radix_N,
633 char *input_N,
634 int radix_E,
635 char *input_E,
636 int radix_D,
637 char *input_D,
638 int radix_DP,
639 char *input_DP,
640 int radix_DQ,
641 char *input_DQ,
642 int radix_QP,
643 char *input_QP,
644 int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]645{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]646 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]647
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]648 mbedtls_rsa_init(&ctx);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]649
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]650 ctx.len = mod / 8;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]651 if (strlen(input_P)) {
652 TEST_ASSERT(mbedtls_test_read_mpi(&ctx.P, radix_P, input_P) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]653 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]654 if (strlen(input_Q)) {
655 TEST_ASSERT(mbedtls_test_read_mpi(&ctx.Q, radix_Q, input_Q) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]656 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]657 if (strlen(input_N)) {
658 TEST_ASSERT(mbedtls_test_read_mpi(&ctx.N, radix_N, input_N) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]659 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]660 if (strlen(input_E)) {
661 TEST_ASSERT(mbedtls_test_read_mpi(&ctx.E, radix_E, input_E) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]662 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]663 if (strlen(input_D)) {
664 TEST_ASSERT(mbedtls_test_read_mpi(&ctx.D, radix_D, input_D) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]665 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]666#if !defined(MBEDTLS_RSA_NO_CRT)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]667 if (strlen(input_DP)) {
668 TEST_ASSERT(mbedtls_test_read_mpi(&ctx.DP, radix_DP, input_DP) == 0);
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]669 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]670 if (strlen(input_DQ)) {
671 TEST_ASSERT(mbedtls_test_read_mpi(&ctx.DQ, radix_DQ, input_DQ) == 0);
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]672 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]673 if (strlen(input_QP)) {
674 TEST_ASSERT(mbedtls_test_read_mpi(&ctx.QP, radix_QP, input_QP) == 0);
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]675 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]676#else
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]677 ((void)radix_DP);
678 ((void)input_DP);
679 ((void)radix_DQ);
680 ((void)input_DQ);
681 ((void)radix_QP);
682 ((void)input_QP);
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]683#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]684
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]685 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == result);
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]686
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]687exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]688 mbedtls_rsa_free(&ctx);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]689}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]690/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]691
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]692/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]693void rsa_check_pubpriv(int mod,
694 int radix_Npub,
695 char *input_Npub,
696 int radix_Epub,
697 char *input_Epub,
698 int radix_P,
699 char *input_P,
700 int radix_Q,
701 char *input_Q,
702 int radix_N,
703 char *input_N,
704 int radix_E,
705 char *input_E,
706 int radix_D,
707 char *input_D,
708 int radix_DP,
709 char *input_DP,
710 int radix_DQ,
711 char *input_DQ,
712 int radix_QP,
713 char *input_QP,
714 int result)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]715{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]716 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]717
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]718 mbedtls_rsa_init(&pub);
719 mbedtls_rsa_init(&prv);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]720
721 pub.len = mod / 8;
722 prv.len = mod / 8;
723
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]724 if (strlen(input_Npub)) {
725 TEST_ASSERT(mbedtls_test_read_mpi(&pub.N, radix_Npub, input_Npub) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]726 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]727 if (strlen(input_Epub)) {
728 TEST_ASSERT(mbedtls_test_read_mpi(&pub.E, radix_Epub, input_Epub) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]729 }
730
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]731 if (strlen(input_P)) {
732 TEST_ASSERT(mbedtls_test_read_mpi(&prv.P, radix_P, input_P) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]733 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]734 if (strlen(input_Q)) {
735 TEST_ASSERT(mbedtls_test_read_mpi(&prv.Q, radix_Q, input_Q) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]736 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]737 if (strlen(input_N)) {
738 TEST_ASSERT(mbedtls_test_read_mpi(&prv.N, radix_N, input_N) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]739 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]740 if (strlen(input_E)) {
741 TEST_ASSERT(mbedtls_test_read_mpi(&prv.E, radix_E, input_E) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]742 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]743 if (strlen(input_D)) {
744 TEST_ASSERT(mbedtls_test_read_mpi(&prv.D, radix_D, input_D) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]745 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]746#if !defined(MBEDTLS_RSA_NO_CRT)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]747 if (strlen(input_DP)) {
748 TEST_ASSERT(mbedtls_test_read_mpi(&prv.DP, radix_DP, input_DP) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]749 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]750 if (strlen(input_DQ)) {
751 TEST_ASSERT(mbedtls_test_read_mpi(&prv.DQ, radix_DQ, input_DQ) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]752 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]753 if (strlen(input_QP)) {
754 TEST_ASSERT(mbedtls_test_read_mpi(&prv.QP, radix_QP, input_QP) == 0);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]755 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]756#else
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]757 ((void)radix_DP);
758 ((void)input_DP);
759 ((void)radix_DQ);
760 ((void)input_DQ);
761 ((void)radix_QP);
762 ((void)input_QP);
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]763#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]764
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]765 TEST_ASSERT(mbedtls_rsa_check_pub_priv(&pub, &prv) == result);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]766
767exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]768 mbedtls_rsa_free(&pub);
769 mbedtls_rsa_free(&prv);
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]770}
771/* END_CASE */
772
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]773/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]774void mbedtls_rsa_gen_key(int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]775{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]776 mbedtls_rsa_context ctx;
777 mbedtls_entropy_context entropy;
778 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]779 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]780
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]781 mbedtls_ctr_drbg_init(&ctr_drbg);
782 mbedtls_entropy_init(&entropy);
783 mbedtls_rsa_init(&ctx);
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]784
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]785 TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
786 (const unsigned char *)pers,
787 strlen(pers)) == 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]788
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]789 TEST_ASSERT(mbedtls_rsa_gen_key(&ctx, mbedtls_ctr_drbg_random, &ctr_drbg,
790 nrbits, exponent) == result);
791 if (result == 0) {
792 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
793 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.P, &ctx.Q) > 0);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]794 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]795
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]796exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]797 mbedtls_rsa_free(&ctx);
798 mbedtls_ctr_drbg_free(&ctr_drbg);
799 mbedtls_entropy_free(&entropy);
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]800}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]801/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]802
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]803/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]804void mbedtls_rsa_deduce_primes(int radix_N,
805 char *input_N,
806 int radix_D,
807 char *input_D,
808 int radix_E,
809 char *input_E,
810 int radix_P,
811 char *output_P,
812 int radix_Q,
813 char *output_Q,
814 int corrupt,
815 int result)
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]816{
817 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
818
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]819 mbedtls_mpi_init(&N);
820 mbedtls_mpi_init(&P);
821 mbedtls_mpi_init(&Q);
822 mbedtls_mpi_init(&Pp);
823 mbedtls_mpi_init(&Qp);
824 mbedtls_mpi_init(&D);
825 mbedtls_mpi_init(&E);
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]826
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]827 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
828 TEST_ASSERT(mbedtls_test_read_mpi(&D, radix_D, input_D) == 0);
829 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
830 TEST_ASSERT(mbedtls_test_read_mpi(&Qp, radix_P, output_P) == 0);
831 TEST_ASSERT(mbedtls_test_read_mpi(&Pp, radix_Q, output_Q) == 0);
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]832
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]833 if (corrupt)
834 TEST_ASSERT(mbedtls_mpi_add_int(&D, &D, 2) == 0);
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]835
836 /* Try to deduce P, Q from N, D, E only. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]837 TEST_ASSERT(mbedtls_rsa_deduce_primes(&N, &D, &E, &P, &Q) == result);
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]838
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]839 if (!corrupt) {
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]840 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]841 TEST_ASSERT((mbedtls_mpi_cmp_mpi(&P, &Pp) == 0 &&
842 mbedtls_mpi_cmp_mpi(&Q, &Qp) == 0) ||
843 (mbedtls_mpi_cmp_mpi(&P, &Qp) == 0 &&
844 mbedtls_mpi_cmp_mpi(&Q, &Pp) == 0));
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]845 }
846
847exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]848 mbedtls_mpi_free(&N);
849 mbedtls_mpi_free(&P);
850 mbedtls_mpi_free(&Q);
851 mbedtls_mpi_free(&Pp);
852 mbedtls_mpi_free(&Qp);
853 mbedtls_mpi_free(&D);
854 mbedtls_mpi_free(&E);
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]855}
856/* END_CASE */
857
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]858/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]859void mbedtls_rsa_deduce_private_exponent(int radix_P,
860 char *input_P,
861 int radix_Q,
862 char *input_Q,
863 int radix_E,
864 char *input_E,
865 int radix_D,
866 char *output_D,
867 int corrupt,
868 int result)
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]869{
870 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
871
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]872 mbedtls_mpi_init(&P);
873 mbedtls_mpi_init(&Q);
874 mbedtls_mpi_init(&D);
875 mbedtls_mpi_init(&Dp);
876 mbedtls_mpi_init(&E);
877 mbedtls_mpi_init(&R);
878 mbedtls_mpi_init(&Rp);
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]879
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]880 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
881 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
882 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
883 TEST_ASSERT(mbedtls_test_read_mpi(&Dp, radix_D, output_D) == 0);
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]884
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]885 if (corrupt) {
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]886 /* Make E even */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]887 TEST_ASSERT(mbedtls_mpi_set_bit(&E, 0, 0) == 0);
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]888 }
889
890 /* Try to deduce D from N, P, Q, E. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]891 TEST_ASSERT(mbedtls_rsa_deduce_private_exponent(&P, &Q, &E, &D) == result);
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]892
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]893 if (!corrupt) {
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]894 /*
895 * Check that D and Dp agree modulo LCM(P-1, Q-1).
896 */
897
898 /* Replace P,Q by P-1, Q-1 */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]899 TEST_ASSERT(mbedtls_mpi_sub_int(&P, &P, 1) == 0);
900 TEST_ASSERT(mbedtls_mpi_sub_int(&Q, &Q, 1) == 0);
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]901
902 /* Check D == Dp modulo P-1 */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]903 TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &D, &P) == 0);
904 TEST_ASSERT(mbedtls_mpi_mod_mpi(&Rp, &Dp, &P) == 0);
905 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &Rp) == 0);
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]906
907 /* Check D == Dp modulo Q-1 */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]908 TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &D, &Q) == 0);
909 TEST_ASSERT(mbedtls_mpi_mod_mpi(&Rp, &Dp, &Q) == 0);
910 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &Rp) == 0);
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]911 }
912
913exit:
914
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]915 mbedtls_mpi_free(&P);
916 mbedtls_mpi_free(&Q);
917 mbedtls_mpi_free(&D);
918 mbedtls_mpi_free(&Dp);
919 mbedtls_mpi_free(&E);
920 mbedtls_mpi_free(&R);
921 mbedtls_mpi_free(&Rp);
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]922}
923/* END_CASE */
924
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]925/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]926void mbedtls_rsa_import(int radix_N,
927 char *input_N,
928 int radix_P,
929 char *input_P,
930 int radix_Q,
931 char *input_Q,
932 int radix_D,
933 char *input_D,
934 int radix_E,
935 char *input_E,
936 int successive,
937 int is_priv,
938 int res_check,
939 int res_complete)
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]940{
941 mbedtls_mpi N, P, Q, D, E;
942 mbedtls_rsa_context ctx;
943
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]944 /* Buffers used for encryption-decryption test */
945 unsigned char *buf_orig = NULL;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]946 unsigned char *buf_enc = NULL;
947 unsigned char *buf_dec = NULL;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]948
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]949 mbedtls_entropy_context entropy;
950 mbedtls_ctr_drbg_context ctr_drbg;
951 const char *pers = "test_suite_rsa";
952
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]953 const int have_N = (strlen(input_N) > 0);
954 const int have_P = (strlen(input_P) > 0);
955 const int have_Q = (strlen(input_Q) > 0);
956 const int have_D = (strlen(input_D) > 0);
957 const int have_E = (strlen(input_E) > 0);
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]958
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]959 mbedtls_ctr_drbg_init(&ctr_drbg);
960 mbedtls_entropy_init(&entropy);
961 mbedtls_rsa_init(&ctx);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]962
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]963 mbedtls_mpi_init(&N);
964 mbedtls_mpi_init(&P);
965 mbedtls_mpi_init(&Q);
966 mbedtls_mpi_init(&D);
967 mbedtls_mpi_init(&E);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]968
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]969 TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
970 (const unsigned char *)pers,
971 strlen(pers)) == 0);
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]972
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]973 if (have_N)
974 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]975
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]976 if (have_P)
977 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]978
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]979 if (have_Q)
980 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]981
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]982 if (have_D)
983 TEST_ASSERT(mbedtls_test_read_mpi(&D, radix_D, input_D) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]984
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]985 if (have_E)
986 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]987
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]988 if (!successive) {
989 TEST_ASSERT(mbedtls_rsa_import(&ctx, have_N ? &N : NULL,
990 have_P ? &P : NULL, have_Q ? &Q : NULL,
991 have_D ? &D : NULL,
992 have_E ? &E : NULL) == 0);
993 } else {
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]994 /* Import N, P, Q, D, E separately.
995 * This should make no functional difference. */
996
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]997 TEST_ASSERT(mbedtls_rsa_import(&ctx, have_N ? &N : NULL, NULL, NULL,
998 NULL, NULL) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]999
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1000 TEST_ASSERT(mbedtls_rsa_import(&ctx, NULL, have_P ? &P : NULL, NULL,
1001 NULL, NULL) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1002
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1003 TEST_ASSERT(mbedtls_rsa_import(&ctx, NULL, NULL, have_Q ? &Q : NULL,
1004 NULL, NULL) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1005
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1006 TEST_ASSERT(mbedtls_rsa_import(&ctx, NULL, NULL, NULL,
1007 have_D ? &D : NULL, NULL) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1008
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1009 TEST_ASSERT(mbedtls_rsa_import(&ctx, NULL, NULL, NULL, NULL,
1010 have_E ? &E : NULL) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1011 }
1012
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1013 TEST_ASSERT(mbedtls_rsa_complete(&ctx) == res_complete);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1014
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1015 /* On expected success, perform some public and private
1016 * key operations to check if the key is working properly. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1017 if (res_complete == 0) {
1018 if (is_priv)
1019 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == res_check);
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1020 else
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1021 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == res_check);
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1022
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1023 if (res_check != 0)
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1024 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1025
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1026 buf_orig = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
1027 buf_enc = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
1028 buf_dec = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
1029 if (buf_orig == NULL || buf_enc == NULL || buf_dec == NULL)
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1030 goto exit;
1031
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1032 TEST_ASSERT(mbedtls_ctr_drbg_random(&ctr_drbg, buf_orig,
1033 mbedtls_rsa_get_len(&ctx)) == 0);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1034
1035 /* Make sure the number we're generating is smaller than the modulus */
1036 buf_orig[0] = 0x00;
1037
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1038 TEST_ASSERT(mbedtls_rsa_public(&ctx, buf_orig, buf_enc) == 0);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1039
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1040 if (is_priv) {
1041 TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_ctr_drbg_random,
1042 &ctr_drbg, buf_enc, buf_dec) == 0);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1043
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1044 TEST_ASSERT(memcmp(buf_orig, buf_dec, mbedtls_rsa_get_len(&ctx)) ==
1045 0);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1046 }
1047 }
1048
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1049exit:
1050
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1051 mbedtls_free(buf_orig);
1052 mbedtls_free(buf_enc);
1053 mbedtls_free(buf_dec);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1054
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1055 mbedtls_rsa_free(&ctx);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1056
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1057 mbedtls_ctr_drbg_free(&ctr_drbg);
1058 mbedtls_entropy_free(&entropy);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1059
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1060 mbedtls_mpi_free(&N);
1061 mbedtls_mpi_free(&P);
1062 mbedtls_mpi_free(&Q);
1063 mbedtls_mpi_free(&D);
1064 mbedtls_mpi_free(&E);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1065}
1066/* END_CASE */
1067
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1068/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1069void mbedtls_rsa_export(int radix_N,
1070 char *input_N,
1071 int radix_P,
1072 char *input_P,
1073 int radix_Q,
1074 char *input_Q,
1075 int radix_D,
1076 char *input_D,
1077 int radix_E,
1078 char *input_E,
1079 int is_priv,
1080 int successive)
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1081{
1082 /* Original MPI's with which we set up the RSA context */
1083 mbedtls_mpi N, P, Q, D, E;
1084
1085 /* Exported MPI's */
1086 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1087
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1088 const int have_N = (strlen(input_N) > 0);
1089 const int have_P = (strlen(input_P) > 0);
1090 const int have_Q = (strlen(input_Q) > 0);
1091 const int have_D = (strlen(input_D) > 0);
1092 const int have_E = (strlen(input_E) > 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1093
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1094 mbedtls_rsa_context ctx;
1095
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1096 mbedtls_rsa_init(&ctx);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1097
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1098 mbedtls_mpi_init(&N);
1099 mbedtls_mpi_init(&P);
1100 mbedtls_mpi_init(&Q);
1101 mbedtls_mpi_init(&D);
1102 mbedtls_mpi_init(&E);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1103
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1104 mbedtls_mpi_init(&Ne);
1105 mbedtls_mpi_init(&Pe);
1106 mbedtls_mpi_init(&Qe);
1107 mbedtls_mpi_init(&De);
1108 mbedtls_mpi_init(&Ee);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1109
1110 /* Setup RSA context */
1111
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1112 if (have_N)
1113 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1114
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1115 if (have_P)
1116 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1117
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1118 if (have_Q)
1119 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1120
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1121 if (have_D)
1122 TEST_ASSERT(mbedtls_test_read_mpi(&D, radix_D, input_D) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1123
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1124 if (have_E)
1125 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1126
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1127 TEST_ASSERT(mbedtls_rsa_import(&ctx, strlen(input_N) ? &N : NULL,
1128 strlen(input_P) ? &P : NULL,
1129 strlen(input_Q) ? &Q : NULL,
1130 strlen(input_D) ? &D : NULL,
1131 strlen(input_E) ? &E : NULL) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1132
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1133 TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1134
1135 /*
1136 * Export parameters and compare to original ones.
1137 */
1138
1139 /* N and E must always be present. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1140 if (!successive) {
1141 TEST_ASSERT(mbedtls_rsa_export(&ctx, &Ne, NULL, NULL, NULL, &Ee) == 0);
1142 } else {
1143 TEST_ASSERT(mbedtls_rsa_export(&ctx, &Ne, NULL, NULL, NULL, NULL) == 0);
1144 TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, NULL, NULL, &Ee) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1145 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1146 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&N, &Ne) == 0);
1147 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&E, &Ee) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1148
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1149 /* If we were providing enough information to setup a complete private
1150 * context, we expect to be able to export all core parameters. */
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1151
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1152 if (is_priv) {
1153 if (!successive) {
1154 TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, &Pe, &Qe, &De, NULL) ==
1155 0);
1156 } else {
1157 TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, &Pe, NULL, NULL, NULL) ==
1158 0);
1159 TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, &Qe, NULL, NULL) ==
1160 0);
1161 TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, NULL, &De, NULL) ==
1162 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1163 }
1164
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1165 if (have_P)
1166 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P, &Pe) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1167
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1168 if (have_Q)
1169 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &Qe) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1170
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1171 if (have_D)
1172 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&D, &De) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1173
1174 /* While at it, perform a sanity check */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1175 TEST_ASSERT(mbedtls_rsa_validate_params(&Ne, &Pe, &Qe, &De, &Ee, NULL,
1176 NULL) == 0);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1177 }
1178
1179exit:
1180
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1181 mbedtls_rsa_free(&ctx);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1182
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1183 mbedtls_mpi_free(&N);
1184 mbedtls_mpi_free(&P);
1185 mbedtls_mpi_free(&Q);
1186 mbedtls_mpi_free(&D);
1187 mbedtls_mpi_free(&E);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1188
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1189 mbedtls_mpi_free(&Ne);
1190 mbedtls_mpi_free(&Pe);
1191 mbedtls_mpi_free(&Qe);
1192 mbedtls_mpi_free(&De);
1193 mbedtls_mpi_free(&Ee);
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1194}
1195/* END_CASE */
1196
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1197/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1198void mbedtls_rsa_validate_params(int radix_N,
1199 char *input_N,
1200 int radix_P,
1201 char *input_P,
1202 int radix_Q,
1203 char *input_Q,
1204 int radix_D,
1205 char *input_D,
1206 int radix_E,
1207 char *input_E,
1208 int prng,
1209 int result)
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1210{
1211 /* Original MPI's with which we set up the RSA context */
1212 mbedtls_mpi N, P, Q, D, E;
1213
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1214 const int have_N = (strlen(input_N) > 0);
1215 const int have_P = (strlen(input_P) > 0);
1216 const int have_Q = (strlen(input_Q) > 0);
1217 const int have_D = (strlen(input_D) > 0);
1218 const int have_E = (strlen(input_E) > 0);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1219
1220 mbedtls_entropy_context entropy;
1221 mbedtls_ctr_drbg_context ctr_drbg;
1222 const char *pers = "test_suite_rsa";
1223
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1224 mbedtls_mpi_init(&N);
1225 mbedtls_mpi_init(&P);
1226 mbedtls_mpi_init(&Q);
1227 mbedtls_mpi_init(&D);
1228 mbedtls_mpi_init(&E);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1229
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1230 mbedtls_ctr_drbg_init(&ctr_drbg);
1231 mbedtls_entropy_init(&entropy);
1232 TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
1233 (const unsigned char *)pers,
1234 strlen(pers)) == 0);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1235
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1236 if (have_N)
1237 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1238
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1239 if (have_P)
1240 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1241
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1242 if (have_Q)
1243 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1244
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1245 if (have_D)
1246 TEST_ASSERT(mbedtls_test_read_mpi(&D, radix_D, input_D) == 0);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1247
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1248 if (have_E)
1249 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1250
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1251 TEST_ASSERT(mbedtls_rsa_validate_params(
1252 have_N ? &N : NULL, have_P ? &P : NULL, have_Q ? &Q : NULL,
1253 have_D ? &D : NULL, have_E ? &E : NULL,
1254 prng ? mbedtls_ctr_drbg_random : NULL,
1255 prng ? &ctr_drbg : NULL) == result);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1256exit:
1257
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1258 mbedtls_ctr_drbg_free(&ctr_drbg);
1259 mbedtls_entropy_free(&entropy);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1260
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1261 mbedtls_mpi_free(&N);
1262 mbedtls_mpi_free(&P);
1263 mbedtls_mpi_free(&Q);
1264 mbedtls_mpi_free(&D);
1265 mbedtls_mpi_free(&E);
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1266}
1267/* END_CASE */
1268
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1269/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1270void mbedtls_rsa_export_raw(data_t *input_N,
1271 data_t *input_P,
1272 data_t *input_Q,
1273 data_t *input_D,
1274 data_t *input_E,
1275 int is_priv,
1276 int successive)
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1277{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1278 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1279 unsigned char bufNe[256];
1280 unsigned char bufPe[128];
1281 unsigned char bufQe[128];
1282 unsigned char bufDe[256];
1283 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1284
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1285 mbedtls_rsa_context ctx;
1286
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1287 mbedtls_rsa_init(&ctx);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1288
1289 /* Setup RSA context */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1290 TEST_ASSERT(mbedtls_rsa_import_raw(
1291 &ctx, input_N->len ? input_N->x : NULL, input_N->len,
1292 input_P->len ? input_P->x : NULL, input_P->len,
1293 input_Q->len ? input_Q->x : NULL, input_Q->len,
1294 input_D->len ? input_D->x : NULL, input_D->len,
1295 input_E->len ? input_E->x : NULL, input_E->len) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1296
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1297 TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1298
1299 /*
1300 * Export parameters and compare to original ones.
1301 */
1302
1303 /* N and E must always be present. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1304 if (!successive) {
1305 TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, bufNe, input_N->len, NULL, 0,
1306 NULL, 0, NULL, 0, bufEe,
1307 input_E->len) == 0);
1308 } else {
1309 TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, bufNe, input_N->len, NULL, 0,
1310 NULL, 0, NULL, 0, NULL, 0) == 0);
1311 TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, NULL, 0, NULL, 0,
1312 NULL, 0, bufEe, input_E->len) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1313 }
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1314 TEST_ASSERT(memcmp(input_N->x, bufNe, input_N->len) == 0);
1315 TEST_ASSERT(memcmp(input_E->x, bufEe, input_E->len) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1316
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1317 /* If we were providing enough information to setup a complete private
1318 * context, we expect to be able to export all core parameters. */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1319
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1320 if (is_priv) {
1321 if (!successive) {
1322 TEST_ASSERT(mbedtls_rsa_export_raw(
1323 &ctx, NULL, 0, bufPe,
1324 input_P->len ? input_P->len : sizeof(bufPe), bufQe,
1325 input_Q->len ? input_Q->len : sizeof(bufQe), bufDe,
1326 input_D->len ? input_D->len : sizeof(bufDe), NULL,
1327 0) == 0);
1328 } else {
1329 TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, bufPe,
1330 input_P->len ? input_P->len :
1331 sizeof(bufPe),
1332 NULL, 0, NULL, 0, NULL, 0) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1333
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1334 TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, NULL, 0, bufQe,
1335 input_Q->len ? input_Q->len :
1336 sizeof(bufQe),
1337 NULL, 0, NULL, 0) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1338
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1339 TEST_ASSERT(mbedtls_rsa_export_raw(
1340 &ctx, NULL, 0, NULL, 0, NULL, 0, bufDe,
1341 input_D->len ? input_D->len : sizeof(bufDe), NULL,
1342 0) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1343 }
1344
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1345 if (input_P->len)
1346 TEST_ASSERT(memcmp(input_P->x, bufPe, input_P->len) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1347
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1348 if (input_Q->len)
1349 TEST_ASSERT(memcmp(input_Q->x, bufQe, input_Q->len) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1350
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1351 if (input_D->len)
1352 TEST_ASSERT(memcmp(input_D->x, bufDe, input_D->len) == 0);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1353 }
1354
1355exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1356 mbedtls_rsa_free(&ctx);
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1357}
1358/* END_CASE */
1359
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1360/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1361void mbedtls_rsa_import_raw(data_t *input_N,
1362 data_t *input_P,
1363 data_t *input_Q,
1364 data_t *input_D,
1365 data_t *input_E,
1366 int successive,
1367 int is_priv,
1368 int res_check,
1369 int res_complete)
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1370{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1371 /* Buffers used for encryption-decryption test */
1372 unsigned char *buf_orig = NULL;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1373 unsigned char *buf_enc = NULL;
1374 unsigned char *buf_dec = NULL;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1375
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1376 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1377 mbedtls_entropy_context entropy;
1378 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1379
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1380 const char *pers = "test_suite_rsa";
1381
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1382 mbedtls_ctr_drbg_init(&ctr_drbg);
1383 mbedtls_entropy_init(&entropy);
1384 mbedtls_rsa_init(&ctx);
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1385
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1386 TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
1387 (const unsigned char *)pers,
1388 strlen(pers)) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1389
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1390 if (!successive) {
1391 TEST_ASSERT(mbedtls_rsa_import_raw(
1392 &ctx, (input_N->len > 0) ? input_N->x : NULL,
1393 input_N->len, (input_P->len > 0) ? input_P->x : NULL,
1394 input_P->len, (input_Q->len > 0) ? input_Q->x : NULL,
1395 input_Q->len, (input_D->len > 0) ? input_D->x : NULL,
1396 input_D->len, (input_E->len > 0) ? input_E->x : NULL,
1397 input_E->len) == 0);
1398 } else {
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1399 /* Import N, P, Q, D, E separately.
1400 * This should make no functional difference. */
1401
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1402 TEST_ASSERT(mbedtls_rsa_import_raw(
1403 &ctx, (input_N->len > 0) ? input_N->x : NULL,
1404 input_N->len, NULL, 0, NULL, 0, NULL, 0, NULL, 0) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1405
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1406 TEST_ASSERT(mbedtls_rsa_import_raw(
1407 &ctx, NULL, 0, (input_P->len > 0) ? input_P->x : NULL,
1408 input_P->len, NULL, 0, NULL, 0, NULL, 0) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1409
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1410 TEST_ASSERT(
1411 mbedtls_rsa_import_raw(&ctx, NULL, 0, NULL, 0,
1412 (input_Q->len > 0) ? input_Q->x : NULL,
1413 input_Q->len, NULL, 0, NULL, 0) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1414
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1415 TEST_ASSERT(
1416 mbedtls_rsa_import_raw(&ctx, NULL, 0, NULL, 0, NULL, 0,
1417 (input_D->len > 0) ? input_D->x : NULL,
1418 input_D->len, NULL, 0) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1419
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1420 TEST_ASSERT(
1421 mbedtls_rsa_import_raw(&ctx, NULL, 0, NULL, 0, NULL, 0, NULL, 0,
1422 (input_E->len > 0) ? input_E->x : NULL,
1423 input_E->len) == 0);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1424 }
1425
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1426 TEST_ASSERT(mbedtls_rsa_complete(&ctx) == res_complete);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1427
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1428 /* On expected success, perform some public and private
1429 * key operations to check if the key is working properly. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1430 if (res_complete == 0) {
1431 if (is_priv)
1432 TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == res_check);
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1433 else
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1434 TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == res_check);
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1435
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1436 if (res_check != 0)
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1437 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1438
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1439 buf_orig = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
1440 buf_enc = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
1441 buf_dec = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
1442 if (buf_orig == NULL || buf_enc == NULL || buf_dec == NULL)
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1443 goto exit;
1444
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1445 TEST_ASSERT(mbedtls_ctr_drbg_random(&ctr_drbg, buf_orig,
1446 mbedtls_rsa_get_len(&ctx)) == 0);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1447
1448 /* Make sure the number we're generating is smaller than the modulus */
1449 buf_orig[0] = 0x00;
1450
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1451 TEST_ASSERT(mbedtls_rsa_public(&ctx, buf_orig, buf_enc) == 0);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1452
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1453 if (is_priv) {
1454 TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_ctr_drbg_random,
1455 &ctr_drbg, buf_enc, buf_dec) == 0);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1456
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1457 TEST_ASSERT(memcmp(buf_orig, buf_dec, mbedtls_rsa_get_len(&ctx)) ==
1458 0);
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1459 }
1460 }
1461
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1462exit:
1463
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1464 mbedtls_free(buf_orig);
1465 mbedtls_free(buf_enc);
1466 mbedtls_free(buf_dec);
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1467
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1468 mbedtls_rsa_free(&ctx);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1469
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1470 mbedtls_ctr_drbg_free(&ctr_drbg);
1471 mbedtls_entropy_free(&entropy);
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1472}
1473/* END_CASE */
1474
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1475/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1476void rsa_selftest()
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1477{
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1478 TEST_ASSERT(mbedtls_rsa_self_test(1) == 0);
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1479}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1480/* END_CASE */