commit 1d26709dbd4a4f8ef9ea0ff58f2644a4bc3fc49c
author Gilles Peskine <Gilles.Peskine@arm.com> Sun Jan 28 18:13:03 2018 +0100
committer itayzafrir <itay.zafrir@arm.com> Wed Sep 05 11:53:24 2018 +0300
tree 0c3c7c9fe15b728223938c047d7e58963af0ec47
parent 4a6aaa4c513ce3484d2acf4ad86b6bc383ccd374

New function mbedtls_rsa_get_bitlen

Add a new function mbedtls_rsa_get_bitlen which returns the RSA key
size, i.e. the bit size of the modulus. In the pk module, call
mbedtls_rsa_get_bitlen instead of mbedtls_rsa_get_len, which gave the
wrong result for key sizes that are not a multiple of 8.

This commit adds one non-regression test in the pk suite. More tests
are needed for RSA key sizes that are a multiple of 8.

This commit does not address RSA alternative implementations, which
only provide an interface that return the modulus size in bytes.

tests/suites/test_suite_rsa.function

diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index c43ef20..46c8bf9 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -44,7 +44,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -86,7 +87,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -127,7 +129,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -192,7 +195,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -256,7 +260,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -294,7 +299,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -342,7 +348,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -381,7 +388,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -440,7 +448,8 @@
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );