TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 058d009a61b60e3ec7784ada38a30d4a248f2bec / . / tests / suites / test_suite_rsa.function
blob: db30fc458da73921bab19a26375c0104a968c345 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md5.h"
5#include "mbedtls/sha1.h"
6#include "mbedtls/sha256.h"
7#include "mbedtls/sha512.h"
8#include "mbedtls/entropy.h"
9#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]10
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]11/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]14 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15 * END_DEPENDENCIES
16 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]17
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]18/* BEGIN_CASE */
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]19void rsa_invalid_param( )
20{
21 mbedtls_rsa_context ctx;
22 const int invalid_padding = 42;
23 const int invalid_hash_id = 0xff;
24
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]25 mbedtls_rsa_init( &ctx );
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]26
27 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
28 invalid_padding,
29 MBEDTLS_MD_NONE ),
30 MBEDTLS_ERR_RSA_INVALID_PADDING );
31
32 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
33 MBEDTLS_RSA_PKCS_V21,
34 invalid_hash_id ),
35 MBEDTLS_ERR_RSA_INVALID_PADDING );
36
Ronald Cron3a0375f2021-06-08 10:22:28 +0200[diff] [blame]37#if !defined(MBEDTLS_PKCS1_V15)
38 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
39 MBEDTLS_RSA_PKCS_V15,
40 MBEDTLS_MD_NONE ),
41 MBEDTLS_ERR_RSA_INVALID_PADDING );
42#endif
43
44#if !defined(MBEDTLS_PKCS1_V21)
45 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
46 MBEDTLS_RSA_PKCS_V21,
47 MBEDTLS_MD_NONE ),
48 MBEDTLS_ERR_RSA_INVALID_PADDING );
49#endif
50
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]51exit:
52 mbedtls_rsa_free( &ctx );
53}
54/* END_CASE */
55
56/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]57void rsa_init_free( int reinit )
58{
59 mbedtls_rsa_context ctx;
60
61 /* Double free is not explicitly documented to work, but we rely on it
62 * even inside the library so that you can call mbedtls_rsa_free()
63 * unconditionally on an error path without checking whether it has
64 * already been called in the success path. */
65
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]66 mbedtls_rsa_init( &ctx );
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]67 mbedtls_rsa_free( &ctx );
68
69 if( reinit )
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]70 mbedtls_rsa_init( &ctx );
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]71 mbedtls_rsa_free( &ctx );
72
73 /* This test case always succeeds, functionally speaking. A plausible
74 * bug might trigger an invalid pointer dereference or a memory leak. */
75 goto exit;
76}
77/* END_CASE */
78
79/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]80void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]81 int digest, int mod, int radix_P, char * input_P,
82 int radix_Q, char * input_Q, int radix_N,
83 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]84 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]85{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]86 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
87 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]88 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]89 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]90 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]91
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]92 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
93 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]94 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]95 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx,padding_mode,
96 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]97
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]98 memset( hash_result, 0x00, sizeof( hash_result ) );
99 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]100 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]101
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]102 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
103 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
104 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
105 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]106
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]107 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
108 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]109 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]110 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]111
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]112
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]113 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]114 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]115
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]116 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]117 &rnd_info, digest, 0, hash_result,
118 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]119 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]120 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]121
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]122 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
123 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]124 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]125
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]126exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]127 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
128 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]129 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]130}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]131/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]132
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]133/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]134void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]135 int digest, int mod, int radix_N,
136 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]137 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]138{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]139 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]140 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]141
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]142 mbedtls_mpi N, E;
143
144 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]145 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]146 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
147 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]148 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]149
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]150 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
151 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]152 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
153 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]154 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]155
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]156
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]157 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]158 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]159
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]160 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]161
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]162exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]163 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]164 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]165}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]166/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]167
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]168
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]169/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]170void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]171 int padding_mode, int mod, int radix_P,
172 char * input_P, int radix_Q, char * input_Q,
173 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]174 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]175{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]176 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]177 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]178 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]179 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]180
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]181 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]182 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
183 MBEDTLS_MD_NONE ) == 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]184 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
185 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]186
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]187 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]188 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]189
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]190 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
191 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
192 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
193 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]194
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]195 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
196 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]197 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]198 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]199
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]200
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]201 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]202 &rnd_info, MBEDTLS_MD_NONE,
203 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]204 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]205
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]206
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]207 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
208 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]209
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]210exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]211 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
212 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
213
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]214 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]215}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]216/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]217
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]218/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]219void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]220 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]221 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]222 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]223{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]224 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]225 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]226
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]227 mbedtls_mpi N, E;
228 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
229
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]230 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]231 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
232 MBEDTLS_MD_NONE ) == 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]233 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]234
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]235 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
236 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]237
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]238 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
239 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]240 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]241
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]242
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]243 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]244
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]245exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]246 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]247 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]248}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]249/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]250
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]251/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]252void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]253 int mod, int radix_N, char * input_N,
254 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]255 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]256{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]257 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]258 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]259 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]260
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]261 mbedtls_mpi N, E;
262 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
263
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]264 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]265
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]266 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]267 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
268 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]269 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]270
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]271 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
272 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]273
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]274 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
275 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]276 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]277
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]278
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]279 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
280 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]281 &rnd_info, message_str->len,
282 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]283 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]284 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]285 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]286
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]287 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
288 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]289 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]290
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]291exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]292 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]293 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]294}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]295/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]296
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]297/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]298void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]299 int mod, int radix_N, char * input_N,
300 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]301 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]302{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]303 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]304 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]305
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]306 mbedtls_mpi N, E;
307
308 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]309 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]310 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
311 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]312 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]313
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]314 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
315 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]316
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]317 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
318 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]319 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]320
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]321
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]322 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]323 NULL, message_str->len,
324 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]325 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]326 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]327 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]328
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]329 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
330 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]331 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]332
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]333exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]334 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]335 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]336}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]337/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]338
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]339/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]340void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]341 int mod, int radix_P, char * input_P,
342 int radix_Q, char * input_Q, int radix_N,
343 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]344 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]345 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]346{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]347 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]348 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]349 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]350 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]351 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]352
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]353 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
354 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
355
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]356 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]357 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
358 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]359
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]360 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]361 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]362
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]363
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]364 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
365 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
366 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
367 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]368
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]369 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
370 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]371 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]372 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]373
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]374 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]375
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]376 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]377 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]378 &output_len, message_str->x, output,
379 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]380 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]381 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]382
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]383 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]384 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]385 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]386 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]387
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]388exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]389 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
390 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]391 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]392}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]393/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]394
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]395/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]396void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]397 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]398 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]399{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]400 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]401 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]402
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]403 mbedtls_mpi N, E;
404
405 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]406 mbedtls_rsa_init( &ctx );
407 mbedtls_rsa_init( &ctx2 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]408 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]409
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]410 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
411 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]412
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]413 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine058d0092021-06-09 16:24:35 +0200[diff] [blame^]414
415 /* Check test data consistency */
416 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]417 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]418 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]419
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]420 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]421 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]422 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]423
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]424 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
425 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]426 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]427
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]428 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]429 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]430 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]431 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]432
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]433 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]434
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]435 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]436 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]437 if( result == 0 )
438 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]439
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]440 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
441 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]442 }
443
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]444exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]445 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]446 mbedtls_rsa_free( &ctx );
447 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]448}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]449/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]450
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]451/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]452void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]453 char * input_P, int radix_Q, char * input_Q,
454 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]455 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]456 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]457{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]458 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]459 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]460 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]461 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]462 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]463
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]464 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
465 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]466 mbedtls_rsa_init( &ctx );
467 mbedtls_rsa_init( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]468
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]469 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]470
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]471 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
472 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
473 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
474 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]475
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]476 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine058d0092021-06-09 16:24:35 +0200[diff] [blame^]477
478 /* Check test data consistency */
479 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]480 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]481 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]482 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]483
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]484 /* repeat three times to test updating of blinding values */
485 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]486 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]487 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]488 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
489 &rnd_info, message_str->x,
490 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]491 if( result == 0 )
492 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]493
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]494 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]495 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]496 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]497 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]498 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]499
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]500 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]502 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]503 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]504
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]505 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]506
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]507 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]508 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
509 &rnd_info, message_str->x,
510 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]511 if( result == 0 )
512 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]513
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]514 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]515 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]516 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]517 }
518
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]519exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]520 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
521 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
522
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]523 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]524}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]525/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]527/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]528void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]529{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]530 mbedtls_rsa_context ctx;
531 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]532
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]533 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]534}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]535/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]536
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]537/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]538void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
539 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]540{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]541 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]542 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]544 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]545 mbedtls_rsa_init( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]546
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]547 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]548 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]549 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]550 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]551 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]552 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]553 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]554 }
555
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]556 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]557 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]558
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]559exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]560 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]561 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]562}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]563/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]564
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]565/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]566void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
567 int radix_Q, char * input_Q, int radix_N,
568 char * input_N, int radix_E, char * input_E,
569 int radix_D, char * input_D, int radix_DP,
570 char * input_DP, int radix_DQ,
571 char * input_DQ, int radix_QP,
572 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]573{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]574 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]575
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]576 mbedtls_rsa_init( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]577
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]578 ctx.len = mod / 8;
579 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]580 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]581 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]582 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]583 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]585 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]586 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]587 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]588 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]589 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]590 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]591 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]593 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]594 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]595 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]596 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]597 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]598 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]599#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]600 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]601 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]602 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]603 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]604 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]605 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]606 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]607 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]608 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]609 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]610 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]611 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]612#else
613 ((void) radix_DP); ((void) input_DP);
614 ((void) radix_DQ); ((void) input_DQ);
615 ((void) radix_QP); ((void) input_QP);
616#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]617
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]618 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]619
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]620exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]622}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]623/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]624
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]625/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]626void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
627 int radix_Epub, char * input_Epub, int radix_P,
628 char * input_P, int radix_Q, char * input_Q,
629 int radix_N, char * input_N, int radix_E,
630 char * input_E, int radix_D, char * input_D,
631 int radix_DP, char * input_DP, int radix_DQ,
632 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]633 int result )
634{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]635 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]636
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]637 mbedtls_rsa_init( &pub );
638 mbedtls_rsa_init( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]639
640 pub.len = mod / 8;
641 prv.len = mod / 8;
642
643 if( strlen( input_Npub ) )
644 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]645 TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]646 }
647 if( strlen( input_Epub ) )
648 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]649 TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]650 }
651
652 if( strlen( input_P ) )
653 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]654 TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]655 }
656 if( strlen( input_Q ) )
657 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]658 TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]659 }
660 if( strlen( input_N ) )
661 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]662 TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]663 }
664 if( strlen( input_E ) )
665 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]666 TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]667 }
668 if( strlen( input_D ) )
669 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]670 TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]671 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]672#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]673 if( strlen( input_DP ) )
674 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]675 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]676 }
677 if( strlen( input_DQ ) )
678 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]679 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]680 }
681 if( strlen( input_QP ) )
682 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]683 TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]684 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]685#else
686 ((void) radix_DP); ((void) input_DP);
687 ((void) radix_DQ); ((void) input_DQ);
688 ((void) radix_QP); ((void) input_QP);
689#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]690
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]691 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]692
693exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]694 mbedtls_rsa_free( &pub );
695 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]696}
697/* END_CASE */
698
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]699/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]700void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]701{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]702 mbedtls_rsa_context ctx;
703 mbedtls_entropy_context entropy;
704 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]705 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]706
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]707 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]708 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]709 mbedtls_rsa_init ( &ctx );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]710
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]711 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
712 &entropy, (const unsigned char *) pers,
713 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]714
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]716 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]717 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]718 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]719 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]720 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]721
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]722exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]723 mbedtls_rsa_free( &ctx );
724 mbedtls_ctr_drbg_free( &ctr_drbg );
725 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]726}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]727/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]728
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]729/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]730void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]731 int radix_D, char *input_D,
732 int radix_E, char *input_E,
733 int radix_P, char *output_P,
734 int radix_Q, char *output_Q,
735 int corrupt, int result )
736{
737 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
738
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]739 mbedtls_mpi_init( &N );
740 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
741 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
742 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
743
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]744 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
745 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
746 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
747 TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
748 TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]749
750 if( corrupt )
751 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
752
753 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]754 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]755
756 if( !corrupt )
757 {
758 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
759 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
760 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
761 }
762
763exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]764 mbedtls_mpi_free( &N );
765 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
766 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
767 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]768}
769/* END_CASE */
770
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]771/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]772void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
773 int radix_Q, char *input_Q,
774 int radix_E, char *input_E,
775 int radix_D, char *output_D,
776 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]777{
778 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
779
780 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
781 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
782 mbedtls_mpi_init( &E );
783 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
784
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]785 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
786 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
787 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
788 TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]789
790 if( corrupt )
791 {
792 /* Make E even */
793 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
794 }
795
796 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]797 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
798 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]799
800 if( !corrupt )
801 {
802 /*
803 * Check that D and Dp agree modulo LCM(P-1, Q-1).
804 */
805
806 /* Replace P,Q by P-1, Q-1 */
807 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
808 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
809
810 /* Check D == Dp modulo P-1 */
811 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
812 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
813 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
814
815 /* Check D == Dp modulo Q-1 */
816 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
817 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
818 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
819 }
820
821exit:
822
823 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
824 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
825 mbedtls_mpi_free( &E );
826 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
827}
828/* END_CASE */
829
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]830/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]831void mbedtls_rsa_import( int radix_N, char *input_N,
832 int radix_P, char *input_P,
833 int radix_Q, char *input_Q,
834 int radix_D, char *input_D,
835 int radix_E, char *input_E,
836 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]837 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]838 int res_check,
839 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]840{
841 mbedtls_mpi N, P, Q, D, E;
842 mbedtls_rsa_context ctx;
843
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]844 /* Buffers used for encryption-decryption test */
845 unsigned char *buf_orig = NULL;
846 unsigned char *buf_enc = NULL;
847 unsigned char *buf_dec = NULL;
848
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]849 mbedtls_entropy_context entropy;
850 mbedtls_ctr_drbg_context ctr_drbg;
851 const char *pers = "test_suite_rsa";
852
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]853 const int have_N = ( strlen( input_N ) > 0 );
854 const int have_P = ( strlen( input_P ) > 0 );
855 const int have_Q = ( strlen( input_Q ) > 0 );
856 const int have_D = ( strlen( input_D ) > 0 );
857 const int have_E = ( strlen( input_E ) > 0 );
858
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]859 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]860 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]861 mbedtls_rsa_init( &ctx );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]862
863 mbedtls_mpi_init( &N );
864 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
865 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
866
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]867 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
868 (const unsigned char *) pers, strlen( pers ) ) == 0 );
869
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]870 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]871 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]872
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]873 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]874 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]875
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]876 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]877 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]878
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]879 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]880 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]881
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]882 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]883 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]884
885 if( !successive )
886 {
887 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]888 have_N ? &N : NULL,
889 have_P ? &P : NULL,
890 have_Q ? &Q : NULL,
891 have_D ? &D : NULL,
892 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]893 }
894 else
895 {
896 /* Import N, P, Q, D, E separately.
897 * This should make no functional difference. */
898
899 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]900 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]901 NULL, NULL, NULL, NULL ) == 0 );
902
903 TEST_ASSERT( mbedtls_rsa_import( &ctx,
904 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]905 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]906 NULL, NULL, NULL ) == 0 );
907
908 TEST_ASSERT( mbedtls_rsa_import( &ctx,
909 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]910 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]911 NULL, NULL ) == 0 );
912
913 TEST_ASSERT( mbedtls_rsa_import( &ctx,
914 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]915 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]916 NULL ) == 0 );
917
918 TEST_ASSERT( mbedtls_rsa_import( &ctx,
919 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]920 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]921 }
922
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]923 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]924
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]925 /* On expected success, perform some public and private
926 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]927 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]928 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]929 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]930 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
931 else
932 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
933
934 if( res_check != 0 )
935 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]936
937 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
938 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
939 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
940 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
941 goto exit;
942
943 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
944 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
945
946 /* Make sure the number we're generating is smaller than the modulus */
947 buf_orig[0] = 0x00;
948
949 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
950
951 if( is_priv )
952 {
953 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
954 &ctr_drbg, buf_enc,
955 buf_dec ) == 0 );
956
957 TEST_ASSERT( memcmp( buf_orig, buf_dec,
958 mbedtls_rsa_get_len( &ctx ) ) == 0 );
959 }
960 }
961
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]962exit:
963
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]964 mbedtls_free( buf_orig );
965 mbedtls_free( buf_enc );
966 mbedtls_free( buf_dec );
967
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]968 mbedtls_rsa_free( &ctx );
969
970 mbedtls_ctr_drbg_free( &ctr_drbg );
971 mbedtls_entropy_free( &entropy );
972
973 mbedtls_mpi_free( &N );
974 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
975 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
976}
977/* END_CASE */
978
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]979/* BEGIN_CASE */
980void mbedtls_rsa_export( int radix_N, char *input_N,
981 int radix_P, char *input_P,
982 int radix_Q, char *input_Q,
983 int radix_D, char *input_D,
984 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]985 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]986 int successive )
987{
988 /* Original MPI's with which we set up the RSA context */
989 mbedtls_mpi N, P, Q, D, E;
990
991 /* Exported MPI's */
992 mbedtls_mpi Ne, Pe, Qe, De, Ee;
993
994 const int have_N = ( strlen( input_N ) > 0 );
995 const int have_P = ( strlen( input_P ) > 0 );
996 const int have_Q = ( strlen( input_Q ) > 0 );
997 const int have_D = ( strlen( input_D ) > 0 );
998 const int have_E = ( strlen( input_E ) > 0 );
999
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1000 mbedtls_rsa_context ctx;
1001
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1002 mbedtls_rsa_init( &ctx );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1003
1004 mbedtls_mpi_init( &N );
1005 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1006 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1007
1008 mbedtls_mpi_init( &Ne );
1009 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1010 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1011
1012 /* Setup RSA context */
1013
1014 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1015 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1016
1017 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1018 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1019
1020 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1021 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1022
1023 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1025
1026 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1027 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1028
1029 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1030 strlen( input_N ) ? &N : NULL,
1031 strlen( input_P ) ? &P : NULL,
1032 strlen( input_Q ) ? &Q : NULL,
1033 strlen( input_D ) ? &D : NULL,
1034 strlen( input_E ) ? &E : NULL ) == 0 );
1035
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1036 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1037
1038 /*
1039 * Export parameters and compare to original ones.
1040 */
1041
1042 /* N and E must always be present. */
1043 if( !successive )
1044 {
1045 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1046 }
1047 else
1048 {
1049 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1050 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1051 }
1052 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1053 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1054
1055 /* If we were providing enough information to setup a complete private context,
1056 * we expect to be able to export all core parameters. */
1057
1058 if( is_priv )
1059 {
1060 if( !successive )
1061 {
1062 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1063 &De, NULL ) == 0 );
1064 }
1065 else
1066 {
1067 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1068 NULL, NULL ) == 0 );
1069 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1070 NULL, NULL ) == 0 );
1071 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1072 &De, NULL ) == 0 );
1073 }
1074
1075 if( have_P )
1076 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1077
1078 if( have_Q )
1079 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1080
1081 if( have_D )
1082 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1083
1084 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1085 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1086 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1087 }
1088
1089exit:
1090
1091 mbedtls_rsa_free( &ctx );
1092
1093 mbedtls_mpi_free( &N );
1094 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1095 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1096
1097 mbedtls_mpi_free( &Ne );
1098 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1099 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1100}
1101/* END_CASE */
1102
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1103/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1104void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1105 int radix_P, char *input_P,
1106 int radix_Q, char *input_Q,
1107 int radix_D, char *input_D,
1108 int radix_E, char *input_E,
1109 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1110{
1111 /* Original MPI's with which we set up the RSA context */
1112 mbedtls_mpi N, P, Q, D, E;
1113
1114 const int have_N = ( strlen( input_N ) > 0 );
1115 const int have_P = ( strlen( input_P ) > 0 );
1116 const int have_Q = ( strlen( input_Q ) > 0 );
1117 const int have_D = ( strlen( input_D ) > 0 );
1118 const int have_E = ( strlen( input_E ) > 0 );
1119
1120 mbedtls_entropy_context entropy;
1121 mbedtls_ctr_drbg_context ctr_drbg;
1122 const char *pers = "test_suite_rsa";
1123
1124 mbedtls_mpi_init( &N );
1125 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1126 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1127
1128 mbedtls_ctr_drbg_init( &ctr_drbg );
1129 mbedtls_entropy_init( &entropy );
1130 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1131 &entropy, (const unsigned char *) pers,
1132 strlen( pers ) ) == 0 );
1133
1134 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1135 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1136
1137 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1138 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1139
1140 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1141 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1142
1143 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1144 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1145
1146 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1147 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1148
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1149 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1150 have_P ? &P : NULL,
1151 have_Q ? &Q : NULL,
1152 have_D ? &D : NULL,
1153 have_E ? &E : NULL,
1154 prng ? mbedtls_ctr_drbg_random : NULL,
1155 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1156exit:
1157
1158 mbedtls_ctr_drbg_free( &ctr_drbg );
1159 mbedtls_entropy_free( &entropy );
1160
1161 mbedtls_mpi_free( &N );
1162 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1163 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1164}
1165/* END_CASE */
1166
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1167/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1168void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1169 data_t *input_Q, data_t *input_D,
1170 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1171 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1172{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1173 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1174 unsigned char bufNe[256];
1175 unsigned char bufPe[128];
1176 unsigned char bufQe[128];
1177 unsigned char bufDe[256];
1178 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1179
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1180 mbedtls_rsa_context ctx;
1181
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1182 mbedtls_rsa_init( &ctx );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1183
1184 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1185 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1186 input_N->len ? input_N->x : NULL, input_N->len,
1187 input_P->len ? input_P->x : NULL, input_P->len,
1188 input_Q->len ? input_Q->x : NULL, input_Q->len,
1189 input_D->len ? input_D->x : NULL, input_D->len,
1190 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1191
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1192 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1193
1194 /*
1195 * Export parameters and compare to original ones.
1196 */
1197
1198 /* N and E must always be present. */
1199 if( !successive )
1200 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1201 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1202 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1203 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1204 }
1205 else
1206 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1207 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1208 NULL, 0, NULL, 0, NULL, 0,
1209 NULL, 0 ) == 0 );
1210 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1211 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1212 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1213 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1214 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1215 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1216
1217 /* If we were providing enough information to setup a complete private context,
1218 * we expect to be able to export all core parameters. */
1219
1220 if( is_priv )
1221 {
1222 if( !successive )
1223 {
1224 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1225 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1226 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1227 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1228 NULL, 0 ) == 0 );
1229 }
1230 else
1231 {
1232 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1233 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1234 NULL, 0, NULL, 0,
1235 NULL, 0 ) == 0 );
1236
1237 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1238 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1239 NULL, 0, NULL, 0 ) == 0 );
1240
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1241 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1242 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1243 NULL, 0 ) == 0 );
1244 }
1245
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1246 if( input_P->len )
1247 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1248
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1249 if( input_Q->len )
1250 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1251
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1252 if( input_D->len )
1253 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1254
1255 }
1256
1257exit:
1258 mbedtls_rsa_free( &ctx );
1259}
1260/* END_CASE */
1261
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1262/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1263void mbedtls_rsa_import_raw( data_t *input_N,
1264 data_t *input_P, data_t *input_Q,
1265 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1266 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1267 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1268 int res_check,
1269 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1270{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1271 /* Buffers used for encryption-decryption test */
1272 unsigned char *buf_orig = NULL;
1273 unsigned char *buf_enc = NULL;
1274 unsigned char *buf_dec = NULL;
1275
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1276 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1277 mbedtls_entropy_context entropy;
1278 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1279
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1280 const char *pers = "test_suite_rsa";
1281
1282 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1283 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1284 mbedtls_rsa_init( &ctx );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1285
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1286 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1287 &entropy, (const unsigned char *) pers,
1288 strlen( pers ) ) == 0 );
1289
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1290 if( !successive )
1291 {
1292 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1293 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1294 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1295 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1296 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1297 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1298 }
1299 else
1300 {
1301 /* Import N, P, Q, D, E separately.
1302 * This should make no functional difference. */
1303
1304 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1305 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1306 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1307
1308 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1309 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1310 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1311 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1312
1313 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1314 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1315 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1316 NULL, 0, NULL, 0 ) == 0 );
1317
1318 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1319 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1320 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1321 NULL, 0 ) == 0 );
1322
1323 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1324 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1325 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1326 }
1327
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1328 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1329
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1330 /* On expected success, perform some public and private
1331 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1332 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1333 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1334 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1335 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1336 else
1337 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1338
1339 if( res_check != 0 )
1340 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1341
1342 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1343 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1344 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1345 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1346 goto exit;
1347
1348 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1349 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1350
1351 /* Make sure the number we're generating is smaller than the modulus */
1352 buf_orig[0] = 0x00;
1353
1354 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1355
1356 if( is_priv )
1357 {
1358 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1359 &ctr_drbg, buf_enc,
1360 buf_dec ) == 0 );
1361
1362 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1363 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1364 }
1365 }
1366
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1367exit:
1368
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1369 mbedtls_free( buf_orig );
1370 mbedtls_free( buf_enc );
1371 mbedtls_free( buf_dec );
1372
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1373 mbedtls_rsa_free( &ctx );
1374
1375 mbedtls_ctr_drbg_free( &ctr_drbg );
1376 mbedtls_entropy_free( &entropy );
1377
1378}
1379/* END_CASE */
1380
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1381/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1382void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1383{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1384 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1385}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1386/* END_CASE */