TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f4998b0a202951a35ed8a06d15b99b78d5f46a56 / . / tests / suites / test_suite_rsa.function
blob: bb2df8d93046c5bef7bd9404c9b7b25c9de2ffe5 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md5.h"
5#include "mbedtls/sha1.h"
6#include "mbedtls/sha256.h"
7#include "mbedtls/sha512.h"
8#include "mbedtls/entropy.h"
9#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]10
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]11/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]14 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15 * END_DEPENDENCIES
16 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]17
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]18/* BEGIN_CASE */
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]19void rsa_invalid_param( )
20{
21 mbedtls_rsa_context ctx;
22 const int invalid_padding = 42;
23 const int invalid_hash_id = 0xff;
24
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]25 mbedtls_rsa_init( &ctx );
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]26
27 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
28 invalid_padding,
29 MBEDTLS_MD_NONE ),
30 MBEDTLS_ERR_RSA_INVALID_PADDING );
31
32 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
33 MBEDTLS_RSA_PKCS_V21,
34 invalid_hash_id ),
35 MBEDTLS_ERR_RSA_INVALID_PADDING );
36
Ronald Cron3a0375f2021-06-08 10:22:28 +0200[diff] [blame]37#if !defined(MBEDTLS_PKCS1_V15)
38 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
39 MBEDTLS_RSA_PKCS_V15,
40 MBEDTLS_MD_NONE ),
41 MBEDTLS_ERR_RSA_INVALID_PADDING );
42#endif
43
44#if !defined(MBEDTLS_PKCS1_V21)
45 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
46 MBEDTLS_RSA_PKCS_V21,
47 MBEDTLS_MD_NONE ),
48 MBEDTLS_ERR_RSA_INVALID_PADDING );
49#endif
50
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]51exit:
52 mbedtls_rsa_free( &ctx );
53}
54/* END_CASE */
55
56/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]57void rsa_init_free( int reinit )
58{
59 mbedtls_rsa_context ctx;
60
61 /* Double free is not explicitly documented to work, but we rely on it
62 * even inside the library so that you can call mbedtls_rsa_free()
63 * unconditionally on an error path without checking whether it has
64 * already been called in the success path. */
65
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]66 mbedtls_rsa_init( &ctx );
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]67 mbedtls_rsa_free( &ctx );
68
69 if( reinit )
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]70 mbedtls_rsa_init( &ctx );
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]71 mbedtls_rsa_free( &ctx );
72
73 /* This test case always succeeds, functionally speaking. A plausible
74 * bug might trigger an invalid pointer dereference or a memory leak. */
75 goto exit;
76}
77/* END_CASE */
78
79/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]80void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]81 int digest, int mod, int radix_P, char * input_P,
82 int radix_Q, char * input_Q, int radix_N,
83 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]84 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]85{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]86 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
87 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]88 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]89 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]90 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]91
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]92 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
93 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]94 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]95 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx,padding_mode,
96 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]97
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]98 memset( hash_result, 0x00, sizeof( hash_result ) );
99 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]100 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]101
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]102 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
103 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
104 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
105 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]106
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]107 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
108 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]109 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]110 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]111
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]112
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]113 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]114 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]115
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]116 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]117 &rnd_info, digest, 0, hash_result,
118 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]119 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]120 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]121
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]122 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
123 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]124 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]125
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]126exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]127 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
128 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]129 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]130}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]131/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]132
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]133/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]134void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]135 int digest, int mod, int radix_N,
136 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]137 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]138{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]139 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]140 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]141
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]142 mbedtls_mpi N, E;
143
144 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]145 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]146 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
147 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]148 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]149
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]150 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
151 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]152 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
153 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]154 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]155
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]156
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]157 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]158 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]159
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]160 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]161
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]162exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]163 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]164 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]165}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]166/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]167
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]168
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]169/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]170void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]171 int padding_mode, int mod, int radix_P,
172 char * input_P, int radix_Q, char * input_Q,
173 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]174 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]175{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]176 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]177 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]178 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]179 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]180
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]181 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]182 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
183 MBEDTLS_MD_NONE ) == 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]184 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
185 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]186
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]187 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]188 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]189
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]190 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
191 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
192 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
193 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]194
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]195 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
196 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]197 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]198 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]199
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]200
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]201 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]202 &rnd_info, MBEDTLS_MD_NONE,
203 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]204 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]205
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]206
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]207 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
208 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]209
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]210exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]211 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
212 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
213
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]214 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]215}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]216/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]217
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]218/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]219void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]220 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]221 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]222 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]223{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]224 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]225 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]226
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]227 mbedtls_mpi N, E;
228 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
229
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]230 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]231 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
232 MBEDTLS_MD_NONE ) == 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]233 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]234
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]235 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
236 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]237
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]238 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
239 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]240 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]241
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]242
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]243 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]244
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]245exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]246 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]247 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]248}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]249/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]250
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]251/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]252void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]253 int mod, int radix_N, char * input_N,
254 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]255 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]256{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]257 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]258 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]259 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]260
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]261 mbedtls_mpi N, E;
262 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
263
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]264 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]265
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]266 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]267 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
268 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]269 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]270
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]271 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
272 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]273
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]274 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
275 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]276 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]277
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]278
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]279 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
280 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]281 &rnd_info, message_str->len,
282 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]283 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]284 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]285 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]286
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]287 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
288 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]289 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]290
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]291exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]292 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]293 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]294}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]295/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]296
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]297/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]298void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]299 int mod, int radix_N, char * input_N,
300 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]301 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]302{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]303 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]304 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]305
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]306 mbedtls_mpi N, E;
307
308 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]309 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]310 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
311 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]312 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]313
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]314 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
315 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]316
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]317 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
318 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]319 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]320
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]321
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]322 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]323 NULL, message_str->len,
324 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]325 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]326 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]327 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]328
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]329 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
330 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]331 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]332
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]333exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]334 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]335 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]336}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]337/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]338
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]339/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]340void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]341 int mod, int radix_P, char * input_P,
342 int radix_Q, char * input_Q, int radix_N,
343 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]344 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]345 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]346{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]347 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]348 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]349 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]350 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]351 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]352
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]353 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
354 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
355
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]356 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]357 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
358 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]359
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]360 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]361 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]362
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]363
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]364 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
365 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
366 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
367 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]368
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]369 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
370 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]371 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]372 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]373
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]374 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]375
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]376 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]377 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]378 &output_len, message_str->x, output,
379 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]380 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]381 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]382
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]383 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]384 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]385 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]386 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]387
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]388exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]389 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
390 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]391 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]392}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]393/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]394
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]395/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]396void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]397 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]398 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]399{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]400 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]401 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]402
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]403 mbedtls_mpi N, E;
404
405 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]406 mbedtls_rsa_init( &ctx );
407 mbedtls_rsa_init( &ctx2 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]408 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]409
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]410 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
411 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]412
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]413 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
414 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]415 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]416
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]417
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]418 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]419 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]420 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]421
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]422 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
423 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]424 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]425
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]426 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]427 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]428 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]429 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]430
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]431 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]432
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]433 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]434 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]435 if( result == 0 )
436 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]437
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]438 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
439 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]440 }
441
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]442exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]443 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]444 mbedtls_rsa_free( &ctx );
445 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]446}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]447/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]448
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]449/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]450void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]451 char * input_P, int radix_Q, char * input_Q,
452 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]453 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]454 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]455{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]456 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]457 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]458 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]459 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]460 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]461
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]462 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
463 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]464 mbedtls_rsa_init( &ctx );
465 mbedtls_rsa_init( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]466
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]467 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]468
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]469 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
470 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
471 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
472 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]473
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]474 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
475 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]476 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]477 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]478
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]479
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]480 /* repeat three times to test updating of blinding values */
481 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]482 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]483 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]484 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
485 &rnd_info, message_str->x,
486 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]487 if( result == 0 )
488 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]489
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]490 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]491 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]492 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]493 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]494 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]495
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]496 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]497 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]498 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]499 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]502
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]503 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]504 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
505 &rnd_info, message_str->x,
506 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]507 if( result == 0 )
508 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]509
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]510 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]511 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]512 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]513 }
514
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]515exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]516 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
517 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
518
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]519 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]520}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]521/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]522
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]523/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]524void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]525{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]526 mbedtls_rsa_context ctx;
527 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]528
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]529 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]530}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]531/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]532
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]533/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]534void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
535 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]536{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]537 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]538 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]539
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]540 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]541 mbedtls_rsa_init( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]542
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]543 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]544 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]545 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]546 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]547 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]548 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]549 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]550 }
551
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]552 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]553 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]554
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]555exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]556 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]557 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]558}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]559/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]560
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]561/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]562void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
563 int radix_Q, char * input_Q, int radix_N,
564 char * input_N, int radix_E, char * input_E,
565 int radix_D, char * input_D, int radix_DP,
566 char * input_DP, int radix_DQ,
567 char * input_DQ, int radix_QP,
568 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]569{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]570 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]571
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]572 mbedtls_rsa_init( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]573
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]574 ctx.len = mod / 8;
575 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]576 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]577 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]578 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]579 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]580 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]581 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]582 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]583 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]585 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]586 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]587 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]588 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]589 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]590 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]591 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]593 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]594 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]595#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]596 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]597 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]598 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]599 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]600 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]601 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]602 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]603 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]604 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]605 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]606 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]607 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]608#else
609 ((void) radix_DP); ((void) input_DP);
610 ((void) radix_DQ); ((void) input_DQ);
611 ((void) radix_QP); ((void) input_QP);
612#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]613
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]614 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]615
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]616exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]617 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]618}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]619/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]620
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]621/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]622void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
623 int radix_Epub, char * input_Epub, int radix_P,
624 char * input_P, int radix_Q, char * input_Q,
625 int radix_N, char * input_N, int radix_E,
626 char * input_E, int radix_D, char * input_D,
627 int radix_DP, char * input_DP, int radix_DQ,
628 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]629 int result )
630{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]631 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]632
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]633 mbedtls_rsa_init( &pub );
634 mbedtls_rsa_init( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]635
636 pub.len = mod / 8;
637 prv.len = mod / 8;
638
639 if( strlen( input_Npub ) )
640 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]641 TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]642 }
643 if( strlen( input_Epub ) )
644 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]645 TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]646 }
647
648 if( strlen( input_P ) )
649 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]650 TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]651 }
652 if( strlen( input_Q ) )
653 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]654 TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]655 }
656 if( strlen( input_N ) )
657 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]658 TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]659 }
660 if( strlen( input_E ) )
661 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]662 TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]663 }
664 if( strlen( input_D ) )
665 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]666 TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]667 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]668#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]669 if( strlen( input_DP ) )
670 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]671 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]672 }
673 if( strlen( input_DQ ) )
674 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]675 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]676 }
677 if( strlen( input_QP ) )
678 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]679 TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]680 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]681#else
682 ((void) radix_DP); ((void) input_DP);
683 ((void) radix_DQ); ((void) input_DQ);
684 ((void) radix_QP); ((void) input_QP);
685#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]686
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]687 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]688
689exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]690 mbedtls_rsa_free( &pub );
691 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]692}
693/* END_CASE */
694
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]695/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]696void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]697{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]698 mbedtls_rsa_context ctx;
699 mbedtls_entropy_context entropy;
700 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]701 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]702
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]703 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]704 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]705 mbedtls_rsa_init ( &ctx );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]706
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]707 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
708 &entropy, (const unsigned char *) pers,
709 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]710
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]711 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]712 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]713 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]714 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]715 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]716 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]717
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]718exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]719 mbedtls_rsa_free( &ctx );
720 mbedtls_ctr_drbg_free( &ctr_drbg );
721 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]722}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]723/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]724
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]725/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]726void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]727 int radix_D, char *input_D,
728 int radix_E, char *input_E,
729 int radix_P, char *output_P,
730 int radix_Q, char *output_Q,
731 int corrupt, int result )
732{
733 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
734
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]735 mbedtls_mpi_init( &N );
736 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
737 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
738 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
739
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]740 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
741 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
742 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
743 TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
744 TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]745
746 if( corrupt )
747 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
748
749 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]750 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]751
752 if( !corrupt )
753 {
754 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
755 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
756 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
757 }
758
759exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]760 mbedtls_mpi_free( &N );
761 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
762 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
763 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]764}
765/* END_CASE */
766
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]767/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]768void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
769 int radix_Q, char *input_Q,
770 int radix_E, char *input_E,
771 int radix_D, char *output_D,
772 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]773{
774 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
775
776 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
777 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
778 mbedtls_mpi_init( &E );
779 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
780
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]781 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
782 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
783 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
784 TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]785
786 if( corrupt )
787 {
788 /* Make E even */
789 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
790 }
791
792 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]793 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
794 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]795
796 if( !corrupt )
797 {
798 /*
799 * Check that D and Dp agree modulo LCM(P-1, Q-1).
800 */
801
802 /* Replace P,Q by P-1, Q-1 */
803 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
804 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
805
806 /* Check D == Dp modulo P-1 */
807 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
808 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
809 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
810
811 /* Check D == Dp modulo Q-1 */
812 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
813 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
814 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
815 }
816
817exit:
818
819 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
820 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
821 mbedtls_mpi_free( &E );
822 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
823}
824/* END_CASE */
825
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]826/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]827void mbedtls_rsa_import( int radix_N, char *input_N,
828 int radix_P, char *input_P,
829 int radix_Q, char *input_Q,
830 int radix_D, char *input_D,
831 int radix_E, char *input_E,
832 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]833 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]834 int res_check,
835 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]836{
837 mbedtls_mpi N, P, Q, D, E;
838 mbedtls_rsa_context ctx;
839
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]840 /* Buffers used for encryption-decryption test */
841 unsigned char *buf_orig = NULL;
842 unsigned char *buf_enc = NULL;
843 unsigned char *buf_dec = NULL;
844
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]845 mbedtls_entropy_context entropy;
846 mbedtls_ctr_drbg_context ctr_drbg;
847 const char *pers = "test_suite_rsa";
848
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]849 const int have_N = ( strlen( input_N ) > 0 );
850 const int have_P = ( strlen( input_P ) > 0 );
851 const int have_Q = ( strlen( input_Q ) > 0 );
852 const int have_D = ( strlen( input_D ) > 0 );
853 const int have_E = ( strlen( input_E ) > 0 );
854
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]855 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]856 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]857 mbedtls_rsa_init( &ctx );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]858
859 mbedtls_mpi_init( &N );
860 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
861 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
862
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]863 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
864 (const unsigned char *) pers, strlen( pers ) ) == 0 );
865
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]866 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]867 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]868
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]869 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]870 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]871
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]872 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]873 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]874
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]875 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]876 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]877
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]878 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]879 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]880
881 if( !successive )
882 {
883 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]884 have_N ? &N : NULL,
885 have_P ? &P : NULL,
886 have_Q ? &Q : NULL,
887 have_D ? &D : NULL,
888 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]889 }
890 else
891 {
892 /* Import N, P, Q, D, E separately.
893 * This should make no functional difference. */
894
895 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]896 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]897 NULL, NULL, NULL, NULL ) == 0 );
898
899 TEST_ASSERT( mbedtls_rsa_import( &ctx,
900 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]901 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]902 NULL, NULL, NULL ) == 0 );
903
904 TEST_ASSERT( mbedtls_rsa_import( &ctx,
905 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]906 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]907 NULL, NULL ) == 0 );
908
909 TEST_ASSERT( mbedtls_rsa_import( &ctx,
910 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]911 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]912 NULL ) == 0 );
913
914 TEST_ASSERT( mbedtls_rsa_import( &ctx,
915 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]916 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]917 }
918
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]919 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]920
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]921 /* On expected success, perform some public and private
922 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]923 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]924 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]925 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]926 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
927 else
928 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
929
930 if( res_check != 0 )
931 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]932
933 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
934 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
935 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
936 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
937 goto exit;
938
939 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
940 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
941
942 /* Make sure the number we're generating is smaller than the modulus */
943 buf_orig[0] = 0x00;
944
945 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
946
947 if( is_priv )
948 {
949 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
950 &ctr_drbg, buf_enc,
951 buf_dec ) == 0 );
952
953 TEST_ASSERT( memcmp( buf_orig, buf_dec,
954 mbedtls_rsa_get_len( &ctx ) ) == 0 );
955 }
956 }
957
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]958exit:
959
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]960 mbedtls_free( buf_orig );
961 mbedtls_free( buf_enc );
962 mbedtls_free( buf_dec );
963
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]964 mbedtls_rsa_free( &ctx );
965
966 mbedtls_ctr_drbg_free( &ctr_drbg );
967 mbedtls_entropy_free( &entropy );
968
969 mbedtls_mpi_free( &N );
970 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
971 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
972}
973/* END_CASE */
974
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]975/* BEGIN_CASE */
976void mbedtls_rsa_export( int radix_N, char *input_N,
977 int radix_P, char *input_P,
978 int radix_Q, char *input_Q,
979 int radix_D, char *input_D,
980 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]981 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]982 int successive )
983{
984 /* Original MPI's with which we set up the RSA context */
985 mbedtls_mpi N, P, Q, D, E;
986
987 /* Exported MPI's */
988 mbedtls_mpi Ne, Pe, Qe, De, Ee;
989
990 const int have_N = ( strlen( input_N ) > 0 );
991 const int have_P = ( strlen( input_P ) > 0 );
992 const int have_Q = ( strlen( input_Q ) > 0 );
993 const int have_D = ( strlen( input_D ) > 0 );
994 const int have_E = ( strlen( input_E ) > 0 );
995
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]996 mbedtls_rsa_context ctx;
997
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]998 mbedtls_rsa_init( &ctx );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]999
1000 mbedtls_mpi_init( &N );
1001 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1002 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1003
1004 mbedtls_mpi_init( &Ne );
1005 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1006 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1007
1008 /* Setup RSA context */
1009
1010 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1011 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1012
1013 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1014 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1015
1016 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1017 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1018
1019 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1021
1022 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1023 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1024
1025 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1026 strlen( input_N ) ? &N : NULL,
1027 strlen( input_P ) ? &P : NULL,
1028 strlen( input_Q ) ? &Q : NULL,
1029 strlen( input_D ) ? &D : NULL,
1030 strlen( input_E ) ? &E : NULL ) == 0 );
1031
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1032 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1033
1034 /*
1035 * Export parameters and compare to original ones.
1036 */
1037
1038 /* N and E must always be present. */
1039 if( !successive )
1040 {
1041 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1042 }
1043 else
1044 {
1045 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1046 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1047 }
1048 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1049 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1050
1051 /* If we were providing enough information to setup a complete private context,
1052 * we expect to be able to export all core parameters. */
1053
1054 if( is_priv )
1055 {
1056 if( !successive )
1057 {
1058 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1059 &De, NULL ) == 0 );
1060 }
1061 else
1062 {
1063 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1064 NULL, NULL ) == 0 );
1065 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1066 NULL, NULL ) == 0 );
1067 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1068 &De, NULL ) == 0 );
1069 }
1070
1071 if( have_P )
1072 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1073
1074 if( have_Q )
1075 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1076
1077 if( have_D )
1078 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1079
1080 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1081 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1082 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1083 }
1084
1085exit:
1086
1087 mbedtls_rsa_free( &ctx );
1088
1089 mbedtls_mpi_free( &N );
1090 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1091 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1092
1093 mbedtls_mpi_free( &Ne );
1094 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1095 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1096}
1097/* END_CASE */
1098
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1099/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1100void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1101 int radix_P, char *input_P,
1102 int radix_Q, char *input_Q,
1103 int radix_D, char *input_D,
1104 int radix_E, char *input_E,
1105 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1106{
1107 /* Original MPI's with which we set up the RSA context */
1108 mbedtls_mpi N, P, Q, D, E;
1109
1110 const int have_N = ( strlen( input_N ) > 0 );
1111 const int have_P = ( strlen( input_P ) > 0 );
1112 const int have_Q = ( strlen( input_Q ) > 0 );
1113 const int have_D = ( strlen( input_D ) > 0 );
1114 const int have_E = ( strlen( input_E ) > 0 );
1115
1116 mbedtls_entropy_context entropy;
1117 mbedtls_ctr_drbg_context ctr_drbg;
1118 const char *pers = "test_suite_rsa";
1119
1120 mbedtls_mpi_init( &N );
1121 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1122 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1123
1124 mbedtls_ctr_drbg_init( &ctr_drbg );
1125 mbedtls_entropy_init( &entropy );
1126 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1127 &entropy, (const unsigned char *) pers,
1128 strlen( pers ) ) == 0 );
1129
1130 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1131 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1132
1133 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1134 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1135
1136 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1137 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1138
1139 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1140 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1141
1142 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1143 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1144
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1145 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1146 have_P ? &P : NULL,
1147 have_Q ? &Q : NULL,
1148 have_D ? &D : NULL,
1149 have_E ? &E : NULL,
1150 prng ? mbedtls_ctr_drbg_random : NULL,
1151 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1152exit:
1153
1154 mbedtls_ctr_drbg_free( &ctr_drbg );
1155 mbedtls_entropy_free( &entropy );
1156
1157 mbedtls_mpi_free( &N );
1158 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1159 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1160}
1161/* END_CASE */
1162
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1163/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1164void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1165 data_t *input_Q, data_t *input_D,
1166 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1167 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1168{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1169 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1170 unsigned char bufNe[256];
1171 unsigned char bufPe[128];
1172 unsigned char bufQe[128];
1173 unsigned char bufDe[256];
1174 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1175
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1176 mbedtls_rsa_context ctx;
1177
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1178 mbedtls_rsa_init( &ctx );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1179
1180 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1181 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1182 input_N->len ? input_N->x : NULL, input_N->len,
1183 input_P->len ? input_P->x : NULL, input_P->len,
1184 input_Q->len ? input_Q->x : NULL, input_Q->len,
1185 input_D->len ? input_D->x : NULL, input_D->len,
1186 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1187
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1188 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1189
1190 /*
1191 * Export parameters and compare to original ones.
1192 */
1193
1194 /* N and E must always be present. */
1195 if( !successive )
1196 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1197 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1198 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1199 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1200 }
1201 else
1202 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1203 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1204 NULL, 0, NULL, 0, NULL, 0,
1205 NULL, 0 ) == 0 );
1206 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1207 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1208 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1209 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1210 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1211 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1212
1213 /* If we were providing enough information to setup a complete private context,
1214 * we expect to be able to export all core parameters. */
1215
1216 if( is_priv )
1217 {
1218 if( !successive )
1219 {
1220 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1221 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1222 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1223 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1224 NULL, 0 ) == 0 );
1225 }
1226 else
1227 {
1228 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1229 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1230 NULL, 0, NULL, 0,
1231 NULL, 0 ) == 0 );
1232
1233 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1234 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1235 NULL, 0, NULL, 0 ) == 0 );
1236
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1237 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1238 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1239 NULL, 0 ) == 0 );
1240 }
1241
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1242 if( input_P->len )
1243 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1244
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1245 if( input_Q->len )
1246 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1247
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1248 if( input_D->len )
1249 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1250
1251 }
1252
1253exit:
1254 mbedtls_rsa_free( &ctx );
1255}
1256/* END_CASE */
1257
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1258/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1259void mbedtls_rsa_import_raw( data_t *input_N,
1260 data_t *input_P, data_t *input_Q,
1261 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1262 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1263 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1264 int res_check,
1265 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1266{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1267 /* Buffers used for encryption-decryption test */
1268 unsigned char *buf_orig = NULL;
1269 unsigned char *buf_enc = NULL;
1270 unsigned char *buf_dec = NULL;
1271
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1272 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1273 mbedtls_entropy_context entropy;
1274 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1275
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1276 const char *pers = "test_suite_rsa";
1277
1278 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1279 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1280 mbedtls_rsa_init( &ctx );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1281
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1282 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1283 &entropy, (const unsigned char *) pers,
1284 strlen( pers ) ) == 0 );
1285
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1286 if( !successive )
1287 {
1288 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1289 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1290 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1291 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1292 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1293 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1294 }
1295 else
1296 {
1297 /* Import N, P, Q, D, E separately.
1298 * This should make no functional difference. */
1299
1300 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1301 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1302 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1303
1304 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1305 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1306 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1307 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1308
1309 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1310 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1311 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1312 NULL, 0, NULL, 0 ) == 0 );
1313
1314 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1315 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1316 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1317 NULL, 0 ) == 0 );
1318
1319 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1320 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1321 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1322 }
1323
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1324 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1325
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1326 /* On expected success, perform some public and private
1327 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1328 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1329 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1330 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1331 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1332 else
1333 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1334
1335 if( res_check != 0 )
1336 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1337
1338 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1339 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1340 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1341 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1342 goto exit;
1343
1344 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1345 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1346
1347 /* Make sure the number we're generating is smaller than the modulus */
1348 buf_orig[0] = 0x00;
1349
1350 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1351
1352 if( is_priv )
1353 {
1354 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1355 &ctr_drbg, buf_enc,
1356 buf_dec ) == 0 );
1357
1358 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1359 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1360 }
1361 }
1362
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1363exit:
1364
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1365 mbedtls_free( buf_orig );
1366 mbedtls_free( buf_enc );
1367 mbedtls_free( buf_dec );
1368
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1369 mbedtls_rsa_free( &ctx );
1370
1371 mbedtls_ctr_drbg_free( &ctr_drbg );
1372 mbedtls_entropy_free( &entropy );
1373
1374}
1375/* END_CASE */
1376
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1377/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1378void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1379{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1380 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1381}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1382/* END_CASE */