TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f04d923834765efc3d3738be603ee5f5ae67b495 / . / tests / suites / test_suite_rsa.function
blob: 60c13c84ee06e27a602678678308ae2321639a6a [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
Hanno Beckera7ee0022018-12-18 13:30:20 +0000[diff] [blame]31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Hanno Beckerf04d9232018-12-18 13:30:42 +0000[diff] [blame^]70 mbedtls_rsa_gen_key( NULL, rnd_std_rand,
71 NULL, 0, 0 ) );
72 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
73 mbedtls_rsa_gen_key( &ctx, NULL,
74 NULL, 0, 0 ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]75
76 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
77 mbedtls_rsa_check_pubkey( NULL ) );
78 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
79 mbedtls_rsa_check_privkey( NULL ) );
80
81 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
82 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
83 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
84 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
85
86 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
87 mbedtls_rsa_public( NULL, buf, buf ) );
88 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
89 mbedtls_rsa_public( &ctx, NULL, buf ) );
90 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
91 mbedtls_rsa_public( &ctx, buf, NULL ) );
92
93 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
94 mbedtls_rsa_private( NULL, NULL, NULL,
95 buf, buf ) );
96 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
97 mbedtls_rsa_private( &ctx, NULL, NULL,
98 NULL, buf ) );
99 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
100 mbedtls_rsa_private( &ctx, NULL, NULL,
101 buf, NULL ) );
102
103 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
104 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
105 valid_mode,
106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
110 invalid_mode,
111 sizeof( buf ), buf,
112 buf ) );
113 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
114 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
115 valid_mode,
116 sizeof( buf ), NULL,
117 buf ) );
118 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
119 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
120 valid_mode,
121 sizeof( buf ), buf,
122 NULL ) );
123
124 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
125 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
126 NULL,
127 valid_mode,
128 sizeof( buf ), buf,
129 buf ) );
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
132 NULL,
133 invalid_mode,
134 sizeof( buf ), buf,
135 buf ) );
136 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
137 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
138 NULL,
139 valid_mode,
140 sizeof( buf ), NULL,
141 buf ) );
142 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
143 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
144 NULL,
145 valid_mode,
146 sizeof( buf ), buf,
147 NULL ) );
148
149 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
150 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
151 valid_mode,
152 buf, sizeof( buf ),
153 sizeof( buf ), buf,
154 buf ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
157 invalid_mode,
158 buf, sizeof( buf ),
159 sizeof( buf ), buf,
160 buf ) );
161 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
162 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
163 valid_mode,
164 NULL, sizeof( buf ),
165 sizeof( buf ), buf,
166 buf ) );
167 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
168 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
169 valid_mode,
170 buf, sizeof( buf ),
171 sizeof( buf ), NULL,
172 buf ) );
173 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
174 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
175 valid_mode,
176 buf, sizeof( buf ),
177 sizeof( buf ), buf,
178 NULL ) );
179
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
182 valid_mode, &olen,
183 buf, buf, 42 ) );
184 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
185 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
186 invalid_mode, &olen,
187 buf, buf, 42 ) );
188 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
189 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
190 valid_mode, NULL,
191 buf, buf, 42 ) );
192 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
193 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
194 valid_mode, &olen,
195 NULL, buf, 42 ) );
196 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
197 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
198 valid_mode, &olen,
199 buf, NULL, 42 ) );
200
201 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
202 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
203 NULL,
204 valid_mode, &olen,
205 buf, buf, 42 ) );
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
208 NULL,
209 invalid_mode, &olen,
210 buf, buf, 42 ) );
211 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
212 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
213 NULL,
214 valid_mode, NULL,
215 buf, buf, 42 ) );
216 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
217 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
218 NULL,
219 valid_mode, &olen,
220 NULL, buf, 42 ) );
221 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
222 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
223 NULL,
224 valid_mode, &olen,
225 buf, NULL, 42 ) );
226
227 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
228 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
229 valid_mode,
230 buf, sizeof( buf ),
231 &olen,
232 buf, buf, 42 ) );
233 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
234 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
235 invalid_mode,
236 buf, sizeof( buf ),
237 &olen,
238 buf, buf, 42 ) );
239 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
240 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
241 valid_mode,
242 NULL, sizeof( buf ),
243 NULL,
244 buf, buf, 42 ) );
245 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
246 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
247 valid_mode,
248 buf, sizeof( buf ),
249 &olen,
250 NULL, buf, 42 ) );
251 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
252 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
253 valid_mode,
254 buf, sizeof( buf ),
255 &olen,
256 buf, NULL, 42 ) );
257
258 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
259 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
260 valid_mode,
261 0, sizeof( buf ), buf,
262 buf ) );
263 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
264 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
265 invalid_mode,
266 0, sizeof( buf ), buf,
267 buf ) );
268 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
269 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
270 valid_mode,
271 0, sizeof( buf ), NULL,
272 buf ) );
273 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
274 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
275 valid_mode,
276 0, sizeof( buf ), buf,
277 NULL ) );
278
279 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
280 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
281 valid_mode,
282 0, sizeof( buf ), buf,
283 buf ) );
284 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
285 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
286 invalid_mode,
287 0, sizeof( buf ), buf,
288 buf ) );
289 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
290 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
291 valid_mode,
292 0, sizeof( buf ), NULL,
293 buf ) );
294 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
295 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
296 valid_mode,
297 0, sizeof( buf ), buf,
298 NULL ) );
299
300 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
301 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
302 valid_mode,
303 0, sizeof( buf ), buf,
304 buf ) );
305 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
306 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
307 invalid_mode,
308 0, sizeof( buf ), buf,
309 buf ) );
310 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
311 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
312 valid_mode,
313 0, sizeof( buf ), NULL,
314 buf ) );
315 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
316 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
317 valid_mode,
318 0, sizeof( buf ), buf,
319 NULL ) );
320
321 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
322 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
323 valid_mode,
324 0, sizeof( buf ), buf,
325 buf ) );
326 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
327 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
328 invalid_mode,
329 0, sizeof( buf ), buf,
330 buf ) );
331 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
332 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
333 valid_mode,
334 0, sizeof( buf ), NULL,
335 buf ) );
336 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
337 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
338 valid_mode,
339 0, sizeof( buf ), buf,
340 NULL ) );
341
342 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
343 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
344 NULL,
345 valid_mode,
346 0, sizeof( buf ), buf,
347 buf ) );
348 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
349 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
350 NULL,
351 invalid_mode,
352 0, sizeof( buf ), buf,
353 buf ) );
354 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
355 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
356 NULL,
357 valid_mode,
358 0, sizeof( buf ),
359 NULL, buf ) );
360 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
361 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
362 NULL,
363 valid_mode,
364 0, sizeof( buf ), buf,
365 NULL ) );
366
367 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
368 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
369 valid_mode,
370 0, sizeof( buf ),
371 buf, buf ) );
372 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
373 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
374 invalid_mode,
375 0, sizeof( buf ),
376 buf, buf ) );
377 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
378 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
379 valid_mode,
380 0, sizeof( buf ),
381 NULL, buf ) );
382 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
383 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
384 valid_mode,
385 0, sizeof( buf ),
386 buf, NULL ) );
387
388 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
389 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
390 valid_mode,
391 0, sizeof( buf ),
392 buf,
393 0, 0,
394 buf ) );
395 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
396 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
397 invalid_mode,
398 0, sizeof( buf ),
399 buf,
400 0, 0,
401 buf ) );
402 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
403 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
404 valid_mode,
405 0, sizeof( buf ),
406 NULL, 0, 0,
407 buf ) );
408 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
409 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
410 valid_mode,
411 0, sizeof( buf ),
412 buf, 0, 0,
413 NULL ) );
414
415 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
416 mbedtls_rsa_copy( NULL, &ctx ) );
417 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
418 mbedtls_rsa_copy( &ctx, NULL ) );
419
420exit:
421 return;
422}
423/* END_CASE */
424
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]425/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]426void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]427 int digest, int mod, int radix_P, char * input_P,
428 int radix_Q, char * input_Q, int radix_N,
429 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]430 data_t * result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]431{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]432 unsigned char hash_result[1000];
433 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]434 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]435 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]436 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]437
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]438 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
439 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]440 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]441
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]442 memset( hash_result, 0x00, 1000 );
443 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]444 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]445
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]446 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
447 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
448 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
449 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]450
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]451 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
452 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]453 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]454 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]455
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]456
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]457 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]458 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]459
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]460 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
461 MBEDTLS_RSA_PRIVATE, digest, 0,
462 hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]463 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]464 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]465
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]466 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]467 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]468
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]469exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]470 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
471 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]472 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]473}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]474/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]475
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]476/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]477void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]478 int digest, int mod, int radix_N,
479 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]480 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]481{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]482 unsigned char hash_result[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]483 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]484
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]485 mbedtls_mpi N, E;
486
487 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]488 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]489 memset( hash_result, 0x00, 1000 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]490
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]491 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
492 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
493 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
494 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]495 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]496
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]497
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]498 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]499 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]500
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]501 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]502
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]503exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]504 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]505 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]506}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]507/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]508
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]509
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]510/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]511void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]512 int padding_mode, int mod, int radix_P,
513 char * input_P, int radix_Q, char * input_Q,
514 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]515 char * input_E, data_t * result_hex_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]516{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]517 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]518 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]519 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]520 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]521
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]522 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]523 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
524 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]525
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]527 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]528
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]529 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
530 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
531 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
532 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]533
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]534 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
535 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]536 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]537 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]538
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]539
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]540 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
541 MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]542 hash_result->len, hash_result->x,
543 output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]544
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]545
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]546 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]547
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]548#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]549 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]550 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]551 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]552 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]553 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]554
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]555 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]556 &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]557 hash_result->len, hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]558
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]559#if !defined(MBEDTLS_RSA_ALT)
560 TEST_ASSERT( res == 0 );
561#else
562 TEST_ASSERT( ( res == 0 ) ||
563 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
564#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]565
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]566 if( res == 0 )
567 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]568 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]569 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]570 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]571#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]572
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]573exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]574 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
575 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
576
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]577 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]578}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]579/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]580
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]581/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]582void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]583 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]584 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]585 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]586{
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]587 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]588 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]589
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]590 mbedtls_mpi N, E;
591 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
592
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]593 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]594 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]595
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]596 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
597 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]598
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]599 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
600 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]601 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]602
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]603
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]604 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]605
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]606#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]607 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]608 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]609 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]610 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]611 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]612 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]613
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]614 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]615 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]616 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]617
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]618#if !defined(MBEDTLS_RSA_ALT)
619 TEST_ASSERT( res == 0 );
620#else
621 TEST_ASSERT( ( res == 0 ) ||
622 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
623#endif
624
625 if( res == 0 )
626 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]627 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]628 if( correct == 0 )
629 TEST_ASSERT( ok == 1 );
630 else
631 TEST_ASSERT( ok == 0 );
632 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]633 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]634#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]635
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]636exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]637 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]638 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]639}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]640/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]641
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]642/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]643void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]644 int mod, int radix_N, char * input_N,
645 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]646 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]647{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]648 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]649 mbedtls_rsa_context ctx;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]650 rnd_pseudo_info rnd_info;
651
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]652 mbedtls_mpi N, E;
653 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
654
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]655 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]656
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]658 memset( output, 0x00, 1000 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]659
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]660 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
661 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]662
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]663 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
664 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]665 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]666
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]667
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]668 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]669 MBEDTLS_RSA_PUBLIC, message_str->len,
670 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]671 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]672 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]673
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]674 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]675 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]676
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]677exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]678 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]680}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]681/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]682
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]683/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]684void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]685 int mod, int radix_N, char * input_N,
686 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]687 data_t * result_hex_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]688{
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]689 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]690 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]691
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]692 mbedtls_mpi N, E;
693
694 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]696 memset( output, 0x00, 1000 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]697
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]698 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
699 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]700
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]701 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
702 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]703 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]704
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]705
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]706 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]707 MBEDTLS_RSA_PUBLIC, message_str->len,
708 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]709 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]710 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]711
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]712 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]713 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]714
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]715exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]716 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]717 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]718}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]719/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]720
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]721/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]722void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]723 int mod, int radix_P, char * input_P,
724 int radix_Q, char * input_Q, int radix_N,
725 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]726 int max_output, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]727 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]728{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]729 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]730 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]731 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]732 rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]733 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]734
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]735 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
736 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
737
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]738 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]739
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]740 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]741 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]742
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]743
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]744 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
745 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
746 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
747 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]748
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]749 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
750 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]751 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]752 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]753
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]754 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]755
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]756 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]757 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]758 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]759
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]760 TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]761 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]762
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]763exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]764 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
765 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]766 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]767}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]768/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]769
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]770/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]771void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]772 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]773 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]774{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]775 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]776 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]777
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]778 mbedtls_mpi N, E;
779
780 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]781 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
782 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]783 memset( output, 0x00, 1000 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]784
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]785 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
786 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]787
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]788 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
789 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]790 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]791
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]792
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]793 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]794 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]795 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]796
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]797 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]798 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]799
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]800 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]801 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]802 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]803 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]804
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]805 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]806
807 memset( output, 0x00, 1000 );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]808 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]809 if( result == 0 )
810 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]811
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]812 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]813 }
814
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]815exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]816 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]817 mbedtls_rsa_free( &ctx );
818 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]819}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]820/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]821
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]822/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]823void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]824 char * input_P, int radix_Q, char * input_Q,
825 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]826 char * input_E, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]827 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]828{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]829 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]830 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]831 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]832 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]833 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]834
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]835 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
836 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]837 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
838 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]839
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]840 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]841
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]842 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
843 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
844 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
845 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]846
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]847 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
848 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]849 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]850 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]851
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]852
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]853 /* repeat three times to test updating of blinding values */
854 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]855 {
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]856 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]857 TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]858 message_str->x, output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]859 if( result == 0 )
860 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]861
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]862 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]863 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]864 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]865
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]866 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]868 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]869 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]870
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]871 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]872
873 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]874 TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]875 message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]876 if( result == 0 )
877 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]878
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]879 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx2.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]880 }
881
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]882exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]883 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
884 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
885
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]886 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]887}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]888/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]889
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]890/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]891void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]892{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]893 mbedtls_rsa_context ctx;
894 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]895
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]896 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]897}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]898/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]899
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]900/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]901void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
902 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]903{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]904 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]905 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]906
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]907 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]908 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]909
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]910 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]911 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]912 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]913 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]914 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]915 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]916 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]917 }
918
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]919 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]920 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]921
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]922exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]923 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]924 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]925}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]926/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]927
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]928/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]929void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
930 int radix_Q, char * input_Q, int radix_N,
931 char * input_N, int radix_E, char * input_E,
932 int radix_D, char * input_D, int radix_DP,
933 char * input_DP, int radix_DQ,
934 char * input_DQ, int radix_QP,
935 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]936{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]937 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]938
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]939 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]940
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]941 ctx.len = mod / 8;
942 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]943 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]944 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]945 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]946 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]947 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]948 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]949 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]950 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]951 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]952 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]953 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]954 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]955 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]956 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]957 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]958 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]959 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]960 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]961 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]962#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]963 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]964 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]965 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]966 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]967 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]968 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]969 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]970 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]971 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]972 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]973 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]974 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]975#else
976 ((void) radix_DP); ((void) input_DP);
977 ((void) radix_DQ); ((void) input_DQ);
978 ((void) radix_QP); ((void) input_QP);
979#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]980
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]981 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]982
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]983exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]985}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]986/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]987
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]988/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]989void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
990 int radix_Epub, char * input_Epub, int radix_P,
991 char * input_P, int radix_Q, char * input_Q,
992 int radix_N, char * input_N, int radix_E,
993 char * input_E, int radix_D, char * input_D,
994 int radix_DP, char * input_DP, int radix_DQ,
995 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]996 int result )
997{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]999
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1000 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1001 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1002
1003 pub.len = mod / 8;
1004 prv.len = mod / 8;
1005
1006 if( strlen( input_Npub ) )
1007 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1009 }
1010 if( strlen( input_Epub ) )
1011 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1012 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1013 }
1014
1015 if( strlen( input_P ) )
1016 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1017 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1018 }
1019 if( strlen( input_Q ) )
1020 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1021 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1022 }
1023 if( strlen( input_N ) )
1024 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1025 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1026 }
1027 if( strlen( input_E ) )
1028 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1029 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1030 }
1031 if( strlen( input_D ) )
1032 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1033 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1034 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1035#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1036 if( strlen( input_DP ) )
1037 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1038 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1039 }
1040 if( strlen( input_DQ ) )
1041 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1042 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1043 }
1044 if( strlen( input_QP ) )
1045 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1046 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1047 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1048#else
1049 ((void) radix_DP); ((void) input_DP);
1050 ((void) radix_DQ); ((void) input_DQ);
1051 ((void) radix_QP); ((void) input_QP);
1052#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1053
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1054 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1055
1056exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1057 mbedtls_rsa_free( &pub );
1058 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1059}
1060/* END_CASE */
1061
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1062/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1063void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1064{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1065 mbedtls_rsa_context ctx;
1066 mbedtls_entropy_context entropy;
1067 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1068 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1069
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1070 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1071 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1072 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1073
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1074 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1075 &entropy, (const unsigned char *) pers,
1076 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1077
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1078 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1079 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1080 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1081 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1082 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1083 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1084
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1085exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1086 mbedtls_rsa_free( &ctx );
1087 mbedtls_ctr_drbg_free( &ctr_drbg );
1088 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1089}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1090/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1091
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1092/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1093void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1094 int radix_D, char *input_D,
1095 int radix_E, char *input_E,
1096 int radix_P, char *output_P,
1097 int radix_Q, char *output_Q,
1098 int corrupt, int result )
1099{
1100 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1101
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1102 mbedtls_mpi_init( &N );
1103 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1104 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1105 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1106
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1107 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1108 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1109 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1110 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1111 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1112
1113 if( corrupt )
1114 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1115
1116 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1117 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1118
1119 if( !corrupt )
1120 {
1121 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1122 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1123 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1124 }
1125
1126exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1127 mbedtls_mpi_free( &N );
1128 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1129 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1130 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1131}
1132/* END_CASE */
1133
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1134/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1135void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1136 int radix_Q, char *input_Q,
1137 int radix_E, char *input_E,
1138 int radix_D, char *output_D,
1139 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1140{
1141 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1142
1143 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1144 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1145 mbedtls_mpi_init( &E );
1146 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1147
1148 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1149 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1150 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1151 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1152
1153 if( corrupt )
1154 {
1155 /* Make E even */
1156 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1157 }
1158
1159 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1160 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1161 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1162
1163 if( !corrupt )
1164 {
1165 /*
1166 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1167 */
1168
1169 /* Replace P,Q by P-1, Q-1 */
1170 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1171 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1172
1173 /* Check D == Dp modulo P-1 */
1174 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1175 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1176 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1177
1178 /* Check D == Dp modulo Q-1 */
1179 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1180 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1181 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1182 }
1183
1184exit:
1185
1186 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1187 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1188 mbedtls_mpi_free( &E );
1189 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1190}
1191/* END_CASE */
1192
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1193/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1194void mbedtls_rsa_import( int radix_N, char *input_N,
1195 int radix_P, char *input_P,
1196 int radix_Q, char *input_Q,
1197 int radix_D, char *input_D,
1198 int radix_E, char *input_E,
1199 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1200 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1201 int res_check,
1202 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1203{
1204 mbedtls_mpi N, P, Q, D, E;
1205 mbedtls_rsa_context ctx;
1206
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1207 /* Buffers used for encryption-decryption test */
1208 unsigned char *buf_orig = NULL;
1209 unsigned char *buf_enc = NULL;
1210 unsigned char *buf_dec = NULL;
1211
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1212 mbedtls_entropy_context entropy;
1213 mbedtls_ctr_drbg_context ctr_drbg;
1214 const char *pers = "test_suite_rsa";
1215
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1216 const int have_N = ( strlen( input_N ) > 0 );
1217 const int have_P = ( strlen( input_P ) > 0 );
1218 const int have_Q = ( strlen( input_Q ) > 0 );
1219 const int have_D = ( strlen( input_D ) > 0 );
1220 const int have_E = ( strlen( input_E ) > 0 );
1221
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1222 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1223 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1224 mbedtls_rsa_init( &ctx, 0, 0 );
1225
1226 mbedtls_mpi_init( &N );
1227 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1228 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1229
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1230 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1231 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1232
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1233 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1234 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1235
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1236 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1237 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1238
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1239 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1240 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1241
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1242 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1243 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1244
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1245 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1246 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1247
1248 if( !successive )
1249 {
1250 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1251 have_N ? &N : NULL,
1252 have_P ? &P : NULL,
1253 have_Q ? &Q : NULL,
1254 have_D ? &D : NULL,
1255 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1256 }
1257 else
1258 {
1259 /* Import N, P, Q, D, E separately.
1260 * This should make no functional difference. */
1261
1262 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1263 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1264 NULL, NULL, NULL, NULL ) == 0 );
1265
1266 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1267 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1268 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1269 NULL, NULL, NULL ) == 0 );
1270
1271 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1272 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1273 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1274 NULL, NULL ) == 0 );
1275
1276 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1277 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1278 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1279 NULL ) == 0 );
1280
1281 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1282 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1283 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1284 }
1285
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1286 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1287
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1288 /* On expected success, perform some public and private
1289 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1290 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1291 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1292 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1293 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1294 else
1295 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1296
1297 if( res_check != 0 )
1298 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1299
1300 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1301 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1302 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1303 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1304 goto exit;
1305
1306 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1307 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1308
1309 /* Make sure the number we're generating is smaller than the modulus */
1310 buf_orig[0] = 0x00;
1311
1312 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1313
1314 if( is_priv )
1315 {
1316 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1317 &ctr_drbg, buf_enc,
1318 buf_dec ) == 0 );
1319
1320 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1321 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1322 }
1323 }
1324
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1325exit:
1326
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1327 mbedtls_free( buf_orig );
1328 mbedtls_free( buf_enc );
1329 mbedtls_free( buf_dec );
1330
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1331 mbedtls_rsa_free( &ctx );
1332
1333 mbedtls_ctr_drbg_free( &ctr_drbg );
1334 mbedtls_entropy_free( &entropy );
1335
1336 mbedtls_mpi_free( &N );
1337 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1338 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1339}
1340/* END_CASE */
1341
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1342/* BEGIN_CASE */
1343void mbedtls_rsa_export( int radix_N, char *input_N,
1344 int radix_P, char *input_P,
1345 int radix_Q, char *input_Q,
1346 int radix_D, char *input_D,
1347 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1348 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1349 int successive )
1350{
1351 /* Original MPI's with which we set up the RSA context */
1352 mbedtls_mpi N, P, Q, D, E;
1353
1354 /* Exported MPI's */
1355 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1356
1357 const int have_N = ( strlen( input_N ) > 0 );
1358 const int have_P = ( strlen( input_P ) > 0 );
1359 const int have_Q = ( strlen( input_Q ) > 0 );
1360 const int have_D = ( strlen( input_D ) > 0 );
1361 const int have_E = ( strlen( input_E ) > 0 );
1362
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1363 mbedtls_rsa_context ctx;
1364
1365 mbedtls_rsa_init( &ctx, 0, 0 );
1366
1367 mbedtls_mpi_init( &N );
1368 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1369 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1370
1371 mbedtls_mpi_init( &Ne );
1372 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1373 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1374
1375 /* Setup RSA context */
1376
1377 if( have_N )
1378 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1379
1380 if( have_P )
1381 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1382
1383 if( have_Q )
1384 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1385
1386 if( have_D )
1387 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1388
1389 if( have_E )
1390 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1391
1392 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1393 strlen( input_N ) ? &N : NULL,
1394 strlen( input_P ) ? &P : NULL,
1395 strlen( input_Q ) ? &Q : NULL,
1396 strlen( input_D ) ? &D : NULL,
1397 strlen( input_E ) ? &E : NULL ) == 0 );
1398
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1399 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1400
1401 /*
1402 * Export parameters and compare to original ones.
1403 */
1404
1405 /* N and E must always be present. */
1406 if( !successive )
1407 {
1408 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1409 }
1410 else
1411 {
1412 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1413 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1414 }
1415 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1416 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1417
1418 /* If we were providing enough information to setup a complete private context,
1419 * we expect to be able to export all core parameters. */
1420
1421 if( is_priv )
1422 {
1423 if( !successive )
1424 {
1425 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1426 &De, NULL ) == 0 );
1427 }
1428 else
1429 {
1430 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1431 NULL, NULL ) == 0 );
1432 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1433 NULL, NULL ) == 0 );
1434 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1435 &De, NULL ) == 0 );
1436 }
1437
1438 if( have_P )
1439 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1440
1441 if( have_Q )
1442 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1443
1444 if( have_D )
1445 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1446
1447 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1448 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1449 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1450 }
1451
1452exit:
1453
1454 mbedtls_rsa_free( &ctx );
1455
1456 mbedtls_mpi_free( &N );
1457 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1458 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1459
1460 mbedtls_mpi_free( &Ne );
1461 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1462 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1463}
1464/* END_CASE */
1465
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1466/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1467void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1468 int radix_P, char *input_P,
1469 int radix_Q, char *input_Q,
1470 int radix_D, char *input_D,
1471 int radix_E, char *input_E,
1472 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1473{
1474 /* Original MPI's with which we set up the RSA context */
1475 mbedtls_mpi N, P, Q, D, E;
1476
1477 const int have_N = ( strlen( input_N ) > 0 );
1478 const int have_P = ( strlen( input_P ) > 0 );
1479 const int have_Q = ( strlen( input_Q ) > 0 );
1480 const int have_D = ( strlen( input_D ) > 0 );
1481 const int have_E = ( strlen( input_E ) > 0 );
1482
1483 mbedtls_entropy_context entropy;
1484 mbedtls_ctr_drbg_context ctr_drbg;
1485 const char *pers = "test_suite_rsa";
1486
1487 mbedtls_mpi_init( &N );
1488 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1489 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1490
1491 mbedtls_ctr_drbg_init( &ctr_drbg );
1492 mbedtls_entropy_init( &entropy );
1493 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1494 &entropy, (const unsigned char *) pers,
1495 strlen( pers ) ) == 0 );
1496
1497 if( have_N )
1498 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1499
1500 if( have_P )
1501 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1502
1503 if( have_Q )
1504 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1505
1506 if( have_D )
1507 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1508
1509 if( have_E )
1510 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1511
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1512 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1513 have_P ? &P : NULL,
1514 have_Q ? &Q : NULL,
1515 have_D ? &D : NULL,
1516 have_E ? &E : NULL,
1517 prng ? mbedtls_ctr_drbg_random : NULL,
1518 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1519exit:
1520
1521 mbedtls_ctr_drbg_free( &ctr_drbg );
1522 mbedtls_entropy_free( &entropy );
1523
1524 mbedtls_mpi_free( &N );
1525 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1526 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1527}
1528/* END_CASE */
1529
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1530/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1531void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1532 data_t *input_Q, data_t *input_D,
1533 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1534 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1535{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1536 /* Exported buffers */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1537 unsigned char bufNe[1000];
1538 unsigned char bufPe[1000];
1539 unsigned char bufQe[1000];
1540 unsigned char bufDe[1000];
1541 unsigned char bufEe[1000];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1542
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1543 mbedtls_rsa_context ctx;
1544
1545 mbedtls_rsa_init( &ctx, 0, 0 );
1546
1547 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1548 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1549 input_N->len ? input_N->x : NULL, input_N->len,
1550 input_P->len ? input_P->x : NULL, input_P->len,
1551 input_Q->len ? input_Q->x : NULL, input_Q->len,
1552 input_D->len ? input_D->x : NULL, input_D->len,
1553 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1554
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1555 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1556
1557 /*
1558 * Export parameters and compare to original ones.
1559 */
1560
1561 /* N and E must always be present. */
1562 if( !successive )
1563 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1564 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1565 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1566 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1567 }
1568 else
1569 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1570 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1571 NULL, 0, NULL, 0, NULL, 0,
1572 NULL, 0 ) == 0 );
1573 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1574 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1575 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1576 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1577 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1578 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1579
1580 /* If we were providing enough information to setup a complete private context,
1581 * we expect to be able to export all core parameters. */
1582
1583 if( is_priv )
1584 {
1585 if( !successive )
1586 {
1587 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1588 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1589 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1590 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1591 NULL, 0 ) == 0 );
1592 }
1593 else
1594 {
1595 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1596 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1597 NULL, 0, NULL, 0,
1598 NULL, 0 ) == 0 );
1599
1600 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1601 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1602 NULL, 0, NULL, 0 ) == 0 );
1603
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1604 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1605 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1606 NULL, 0 ) == 0 );
1607 }
1608
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1609 if( input_P->len )
1610 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1611
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1612 if( input_Q->len )
1613 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1614
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1615 if( input_D->len )
1616 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1617
1618 }
1619
1620exit:
1621 mbedtls_rsa_free( &ctx );
1622}
1623/* END_CASE */
1624
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1625/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1626void mbedtls_rsa_import_raw( data_t *input_N,
1627 data_t *input_P, data_t *input_Q,
1628 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1629 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1630 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1631 int res_check,
1632 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1633{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1634 /* Buffers used for encryption-decryption test */
1635 unsigned char *buf_orig = NULL;
1636 unsigned char *buf_enc = NULL;
1637 unsigned char *buf_dec = NULL;
1638
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1639 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1640 mbedtls_entropy_context entropy;
1641 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1642
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1643 const char *pers = "test_suite_rsa";
1644
1645 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1646 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1647 mbedtls_rsa_init( &ctx, 0, 0 );
1648
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1649 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1650 &entropy, (const unsigned char *) pers,
1651 strlen( pers ) ) == 0 );
1652
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1653 if( !successive )
1654 {
1655 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1656 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1657 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1658 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1659 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1660 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1661 }
1662 else
1663 {
1664 /* Import N, P, Q, D, E separately.
1665 * This should make no functional difference. */
1666
1667 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1668 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1669 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1670
1671 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1672 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1673 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1674 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1675
1676 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1677 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1678 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1679 NULL, 0, NULL, 0 ) == 0 );
1680
1681 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1682 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1683 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1684 NULL, 0 ) == 0 );
1685
1686 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1687 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1688 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1689 }
1690
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1691 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1692
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1693 /* On expected success, perform some public and private
1694 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1695 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1696 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1697 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1698 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1699 else
1700 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1701
1702 if( res_check != 0 )
1703 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1704
1705 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1706 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1707 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1708 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1709 goto exit;
1710
1711 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1712 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1713
1714 /* Make sure the number we're generating is smaller than the modulus */
1715 buf_orig[0] = 0x00;
1716
1717 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1718
1719 if( is_priv )
1720 {
1721 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1722 &ctr_drbg, buf_enc,
1723 buf_dec ) == 0 );
1724
1725 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1726 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1727 }
1728 }
1729
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1730exit:
1731
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1732 mbedtls_free( buf_orig );
1733 mbedtls_free( buf_enc );
1734 mbedtls_free( buf_dec );
1735
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1736 mbedtls_rsa_free( &ctx );
1737
1738 mbedtls_ctr_drbg_free( &ctr_drbg );
1739 mbedtls_entropy_free( &entropy );
1740
1741}
1742/* END_CASE */
1743
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1744/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1745void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1746{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1747 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1748}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1749/* END_CASE */