TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 9a66d5c1817792e30d39911cd6781c21f8e0cc65 / . / tests / suites / test_suite_rsa.function
blob: 7c7d8f9b69a978ed430402d25e85aac62eee78ff [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 sizeof( buf ), NULL,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 sizeof( buf ), buf,
115 NULL ) );
116
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]119 NULL, sizeof( buf ),
120 buf, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]121 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
122 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]123 NULL, sizeof( buf ),
124 NULL, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]127 NULL, sizeof( buf ),
128 buf, NULL ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]132 buf, sizeof( buf ),
133 sizeof( buf ), buf,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]137 NULL, sizeof( buf ),
138 sizeof( buf ), buf,
139 buf ) );
140 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
141 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]142 buf, sizeof( buf ),
143 sizeof( buf ), NULL,
144 buf ) );
145 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
146 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]147 buf, sizeof( buf ),
148 sizeof( buf ), buf,
149 NULL ) );
150
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]153 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]154 buf, buf, 42 ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]157 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]158 buf, buf, 42 ) );
159 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
160 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]161 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]162 NULL, buf, 42 ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]165 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]166 buf, NULL, 42 ) );
167
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]170 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]171 buf, buf, 42 ) );
172 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
173 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]174 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]175 buf, buf, 42 ) );
176 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
177 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]178 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]179 NULL, buf, 42 ) );
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]182 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 buf, NULL, 42 ) );
184
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]187 buf, sizeof( buf ),
188 &olen,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, sizeof( buf ),
193 NULL,
194 buf, buf, 42 ) );
195 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
196 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]197 buf, sizeof( buf ),
198 &olen,
199 NULL, buf, 42 ) );
200 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
201 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]202 buf, sizeof( buf ),
203 &olen,
204 buf, NULL, 42 ) );
205
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
Thomas Daubney11425342021-05-18 11:57:05 +0100[diff] [blame]208 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]209 0, sizeof( buf ), buf,
210 buf ) );
211 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
212 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Thomas Daubney11425342021-05-18 11:57:05 +0100[diff] [blame]213 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]214 0, sizeof( buf ), NULL,
215 buf ) );
216 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
217 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Thomas Daubney11425342021-05-18 11:57:05 +0100[diff] [blame]218 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]219 0, sizeof( buf ), buf,
220 NULL ) );
221 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
222 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Thomas Daubney11425342021-05-18 11:57:05 +0100[diff] [blame]223 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]224 MBEDTLS_MD_SHA1,
225 0, NULL,
226 buf ) );
227
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame]230 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]231 0, sizeof( buf ), buf,
232 buf ) );
233 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
234 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame]235 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]236 0, sizeof( buf ), NULL,
237 buf ) );
238 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
239 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame]240 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]241 0, sizeof( buf ), buf,
242 NULL ) );
243 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
244 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame]245 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]246 MBEDTLS_MD_SHA1,
247 0, NULL,
248 buf ) );
249
250 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
251 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
Thomas Daubney9a66d5c2021-05-18 15:50:21 +0100[diff] [blame^]252 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]253 0, sizeof( buf ), buf,
254 buf ) );
255 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
256 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Thomas Daubney9a66d5c2021-05-18 15:50:21 +0100[diff] [blame^]257 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]258 0, sizeof( buf ), NULL,
259 buf ) );
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
261 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Thomas Daubney9a66d5c2021-05-18 15:50:21 +0100[diff] [blame^]262 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]263 0, sizeof( buf ), buf,
264 NULL ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Thomas Daubney9a66d5c2021-05-18 15:50:21 +0100[diff] [blame^]267 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]268 MBEDTLS_MD_SHA1,
269 0, NULL,
270 buf ) );
271
272 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]273 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
274 0, sizeof( buf ), buf,
275 MBEDTLS_RSA_SALT_LEN_ANY,
276 buf ) );
277 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
278 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
279 0, sizeof( buf ), NULL,
280 MBEDTLS_RSA_SALT_LEN_ANY,
281 buf ) );
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
283 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
284 0, sizeof( buf ), buf,
285 MBEDTLS_RSA_SALT_LEN_ANY,
286 NULL ) );
287 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
288 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
289 MBEDTLS_MD_SHA1,
290 0, NULL,
291 MBEDTLS_RSA_SALT_LEN_ANY,
292 buf ) );
293
294 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]295 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
296 valid_mode,
297 0, sizeof( buf ), buf,
298 buf ) );
299 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
300 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
301 invalid_mode,
302 0, sizeof( buf ), buf,
303 buf ) );
304 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
305 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
306 valid_mode,
307 0, sizeof( buf ), NULL,
308 buf ) );
309 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
310 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
311 valid_mode,
312 0, sizeof( buf ), buf,
313 NULL ) );
314 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
315 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
316 valid_mode,
317 MBEDTLS_MD_SHA1, 0, NULL,
318 buf ) );
319
320 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
321 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
322 NULL,
323 valid_mode,
324 0, sizeof( buf ), buf,
325 buf ) );
326 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
327 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
328 NULL,
329 invalid_mode,
330 0, sizeof( buf ), buf,
331 buf ) );
332 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
333 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
334 NULL,
335 valid_mode,
336 0, sizeof( buf ),
337 NULL, buf ) );
338 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
339 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
340 NULL,
341 valid_mode,
342 0, sizeof( buf ), buf,
343 NULL ) );
344 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
345 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
346 NULL,
347 valid_mode,
348 MBEDTLS_MD_SHA1,
349 0, NULL,
350 buf ) );
351
352 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
353 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
354 valid_mode,
355 0, sizeof( buf ),
356 buf, buf ) );
357 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
358 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
359 invalid_mode,
360 0, sizeof( buf ),
361 buf, buf ) );
362 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
363 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
364 valid_mode,
365 0, sizeof( buf ),
366 NULL, buf ) );
367 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
368 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
369 valid_mode,
370 0, sizeof( buf ),
371 buf, NULL ) );
372 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
373 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
374 valid_mode,
375 MBEDTLS_MD_SHA1,
376 0, NULL,
377 buf ) );
378
379 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
380 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
381 valid_mode,
382 0, sizeof( buf ),
383 buf,
384 0, 0,
385 buf ) );
386 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
387 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
388 invalid_mode,
389 0, sizeof( buf ),
390 buf,
391 0, 0,
392 buf ) );
393 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
394 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
395 valid_mode,
396 0, sizeof( buf ),
397 NULL, 0, 0,
398 buf ) );
399 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
400 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
401 valid_mode,
402 0, sizeof( buf ),
403 buf, 0, 0,
404 NULL ) );
405 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
406 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
407 valid_mode,
408 MBEDTLS_MD_SHA1,
409 0, NULL,
410 0, 0,
411 buf ) );
412
413 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
414 mbedtls_rsa_copy( NULL, &ctx ) );
415 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
416 mbedtls_rsa_copy( &ctx, NULL ) );
417
418exit:
419 return;
420}
421/* END_CASE */
422
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]423/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]424void rsa_init_free( int reinit )
425{
426 mbedtls_rsa_context ctx;
427
428 /* Double free is not explicitly documented to work, but we rely on it
429 * even inside the library so that you can call mbedtls_rsa_free()
430 * unconditionally on an error path without checking whether it has
431 * already been called in the success path. */
432
433 mbedtls_rsa_init( &ctx, 0, 0 );
434 mbedtls_rsa_free( &ctx );
435
436 if( reinit )
437 mbedtls_rsa_init( &ctx, 0, 0 );
438 mbedtls_rsa_free( &ctx );
439
440 /* This test case always succeeds, functionally speaking. A plausible
441 * bug might trigger an invalid pointer dereference or a memory leak. */
442 goto exit;
443}
444/* END_CASE */
445
446/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]447void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]448 int digest, int mod, int radix_P, char * input_P,
449 int radix_Q, char * input_Q, int radix_N,
450 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]451 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]452{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]453 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
454 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]455 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]456 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]457 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]458
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]459 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
460 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]461 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]462
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]463 memset( hash_result, 0x00, sizeof( hash_result ) );
464 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]465 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]466
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]467 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
468 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
469 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
470 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]471
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]472 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
473 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]474 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]475 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]476
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]477
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]478 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]479 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]480
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]481 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
482 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
483 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]484 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]485 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]486
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]487 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
488 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]489 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]490
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]491exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]492 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
493 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]494 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]495}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]496/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]497
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]498/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]499void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]500 int digest, int mod, int radix_N,
501 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]502 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]504 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]505 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]506
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]507 mbedtls_mpi N, E;
508
509 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]510 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]511 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]512
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]513 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
514 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
515 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
516 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]517 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]518
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]519
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]520 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]521 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]522
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]523 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]524
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]525exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]526 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]527 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]528}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]529/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]530
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]532/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]533void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]534 int padding_mode, int mod, int radix_P,
535 char * input_P, int radix_Q, char * input_Q,
536 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]537 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]538{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]539 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]541 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]542 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]543
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]544 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]545 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
546 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]547
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]548 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]549 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]550
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]551 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
552 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
553 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
554 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]555
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]556 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
557 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]558 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]559 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]560
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]561
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]562 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
563 &rnd_info, MBEDTLS_RSA_PRIVATE,
564 MBEDTLS_MD_NONE, hash_result->len,
565 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]566
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]567
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]568 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
569 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]570
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]571exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]572 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
573 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
574
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]575 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]576}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]577/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]578
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]579/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]580void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]581 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]582 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]583 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]585 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]586 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]587
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]588 mbedtls_mpi N, E;
589 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
590
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]591 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]592 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]593
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]594 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
595 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]596
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]597 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
598 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]599 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]600
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]601
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]602 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]603
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]604exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]605 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]606 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]607}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]608/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]609
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]610/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]611void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]612 int mod, int radix_N, char * input_N,
613 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]614 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]615{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]616 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]617 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]618 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]619
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]620 mbedtls_mpi N, E;
621 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
622
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]623 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]624
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]625 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]626 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]627
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]628 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
629 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]630
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]631 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
632 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]633 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]634
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]635
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]636 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
637 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]638 &rnd_info, message_str->len,
639 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]640 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]641 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]642 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]643
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]644 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
645 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]646 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]647
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]648exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]649 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]650 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]651}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]652/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]653
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]654/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]655void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]656 int mod, int radix_N, char * input_N,
657 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]658 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]659{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]660 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]661 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]662
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]663 mbedtls_mpi N, E;
664
665 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]666 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]667 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]668
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]669 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
670 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]671
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]672 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
673 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]674 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]675
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]676
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]677 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]678 NULL, message_str->len,
679 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]680 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]681 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]682 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]683
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]684 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
685 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]686 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]687
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]688exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]689 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]690 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]691}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]692/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]693
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]694/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]695void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]696 int mod, int radix_P, char * input_P,
697 int radix_Q, char * input_Q, int radix_N,
698 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]699 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]700 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]701{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]702 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]703 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]704 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]705 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]706 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]707
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]708 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
709 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
710
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]711 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]712
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]713 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]714 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]715
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]716
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]717 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
718 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
719 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
720 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]721
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]722 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
723 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]724 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]725 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]726
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]727 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]728
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]729 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]730 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]731 &output_len, message_str->x, output,
732 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]733 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]734 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]735
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]736 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]737 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]738 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]739 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]740
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]741exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]742 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
743 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]744 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]745}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]746/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]747
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]748/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]749void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]750 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]751 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]752{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]753 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]754 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]755
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]756 mbedtls_mpi N, E;
757
758 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]759 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
760 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]761 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]762
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]763 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
764 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]765
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]766 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
767 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]768 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]769
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]770
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]771 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]772 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]773 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]774
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]775 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
776 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]777 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]778
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]779 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]780 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]781 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]782 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]783
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]784 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]785
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]786 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]787 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]788 if( result == 0 )
789 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]790
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]791 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
792 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]793 }
794
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]795exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]796 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]797 mbedtls_rsa_free( &ctx );
798 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]799}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]800/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]801
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]802/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]803void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]804 char * input_P, int radix_Q, char * input_Q,
805 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]806 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]807 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]808{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]809 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]810 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]811 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]812 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]813 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]814
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]815 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
816 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]817 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
818 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]819
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]820 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]821
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]822 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
823 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
824 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
825 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]826
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]827 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
828 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]829 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]830 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]831
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]832
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]833 /* repeat three times to test updating of blinding values */
834 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]835 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]836 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]837 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
838 &rnd_info, message_str->x,
839 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]840 if( result == 0 )
841 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]842
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]843 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]844 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]845 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]846 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]847 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]848
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]849 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]850 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]851 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]852 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]853
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]854 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]855
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]856 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]857 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
858 &rnd_info, message_str->x,
859 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]860 if( result == 0 )
861 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]862
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]863 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]864 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]865 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]866 }
867
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]868exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]869 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
870 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
871
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]872 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]873}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]874/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]875
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]876/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]877void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]878{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]879 mbedtls_rsa_context ctx;
880 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]881
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]882 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]883}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]884/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]885
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]886/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]887void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
888 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]889{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]890 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]891 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]892
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]893 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]894 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]895
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]896 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]897 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]898 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]899 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]900 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]901 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]902 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]903 }
904
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]905 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]906 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]907
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]908exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]909 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]910 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]911}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]912/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]913
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]914/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]915void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
916 int radix_Q, char * input_Q, int radix_N,
917 char * input_N, int radix_E, char * input_E,
918 int radix_D, char * input_D, int radix_DP,
919 char * input_DP, int radix_DQ,
920 char * input_DQ, int radix_QP,
921 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]922{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]923 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]924
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]925 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]926
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]927 ctx.len = mod / 8;
928 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]929 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]930 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]931 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]932 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]933 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]934 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]935 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]936 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]937 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]938 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]939 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]940 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]941 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]942 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]943 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]944 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]945 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]946 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]947 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]948#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]949 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]950 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]952 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]953 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]954 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]956 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]957 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]958 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]960 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]961#else
962 ((void) radix_DP); ((void) input_DP);
963 ((void) radix_DQ); ((void) input_DQ);
964 ((void) radix_QP); ((void) input_QP);
965#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]966
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]967 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]968
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]969exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]970 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]971}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]972/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]973
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]974/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]975void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
976 int radix_Epub, char * input_Epub, int radix_P,
977 char * input_P, int radix_Q, char * input_Q,
978 int radix_N, char * input_N, int radix_E,
979 char * input_E, int radix_D, char * input_D,
980 int radix_DP, char * input_DP, int radix_DQ,
981 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]982 int result )
983{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]985
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]986 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
987 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]988
989 pub.len = mod / 8;
990 prv.len = mod / 8;
991
992 if( strlen( input_Npub ) )
993 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]994 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]995 }
996 if( strlen( input_Epub ) )
997 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]999 }
1000
1001 if( strlen( input_P ) )
1002 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1004 }
1005 if( strlen( input_Q ) )
1006 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1007 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1008 }
1009 if( strlen( input_N ) )
1010 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1011 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1012 }
1013 if( strlen( input_E ) )
1014 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1015 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1016 }
1017 if( strlen( input_D ) )
1018 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1019 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1020 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1021#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1022 if( strlen( input_DP ) )
1023 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1025 }
1026 if( strlen( input_DQ ) )
1027 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1029 }
1030 if( strlen( input_QP ) )
1031 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1032 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1033 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1034#else
1035 ((void) radix_DP); ((void) input_DP);
1036 ((void) radix_DQ); ((void) input_DQ);
1037 ((void) radix_QP); ((void) input_QP);
1038#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1039
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1040 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1041
1042exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043 mbedtls_rsa_free( &pub );
1044 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1045}
1046/* END_CASE */
1047
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1048/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1049void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1050{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1051 mbedtls_rsa_context ctx;
1052 mbedtls_entropy_context entropy;
1053 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1054 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1055
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1056 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1057 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1058 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1059
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1060 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1061 &entropy, (const unsigned char *) pers,
1062 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1063
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1064 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1065 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1066 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1067 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1068 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1069 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1070
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1071exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1072 mbedtls_rsa_free( &ctx );
1073 mbedtls_ctr_drbg_free( &ctr_drbg );
1074 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1075}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1076/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1077
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1078/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1079void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1080 int radix_D, char *input_D,
1081 int radix_E, char *input_E,
1082 int radix_P, char *output_P,
1083 int radix_Q, char *output_Q,
1084 int corrupt, int result )
1085{
1086 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1087
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1088 mbedtls_mpi_init( &N );
1089 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1090 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1091 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1092
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1093 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1094 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1095 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1096 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1097 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1098
1099 if( corrupt )
1100 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1101
1102 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1103 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1104
1105 if( !corrupt )
1106 {
1107 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1108 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1109 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1110 }
1111
1112exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1113 mbedtls_mpi_free( &N );
1114 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1115 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1116 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1117}
1118/* END_CASE */
1119
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1120/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1121void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1122 int radix_Q, char *input_Q,
1123 int radix_E, char *input_E,
1124 int radix_D, char *output_D,
1125 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1126{
1127 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1128
1129 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1130 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1131 mbedtls_mpi_init( &E );
1132 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1133
1134 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1135 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1136 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1137 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1138
1139 if( corrupt )
1140 {
1141 /* Make E even */
1142 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1143 }
1144
1145 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1146 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1147 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1148
1149 if( !corrupt )
1150 {
1151 /*
1152 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1153 */
1154
1155 /* Replace P,Q by P-1, Q-1 */
1156 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1157 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1158
1159 /* Check D == Dp modulo P-1 */
1160 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1161 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1162 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1163
1164 /* Check D == Dp modulo Q-1 */
1165 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1166 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1167 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1168 }
1169
1170exit:
1171
1172 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1173 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1174 mbedtls_mpi_free( &E );
1175 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1176}
1177/* END_CASE */
1178
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1179/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1180void mbedtls_rsa_import( int radix_N, char *input_N,
1181 int radix_P, char *input_P,
1182 int radix_Q, char *input_Q,
1183 int radix_D, char *input_D,
1184 int radix_E, char *input_E,
1185 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1186 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1187 int res_check,
1188 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1189{
1190 mbedtls_mpi N, P, Q, D, E;
1191 mbedtls_rsa_context ctx;
1192
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1193 /* Buffers used for encryption-decryption test */
1194 unsigned char *buf_orig = NULL;
1195 unsigned char *buf_enc = NULL;
1196 unsigned char *buf_dec = NULL;
1197
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1198 mbedtls_entropy_context entropy;
1199 mbedtls_ctr_drbg_context ctr_drbg;
1200 const char *pers = "test_suite_rsa";
1201
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1202 const int have_N = ( strlen( input_N ) > 0 );
1203 const int have_P = ( strlen( input_P ) > 0 );
1204 const int have_Q = ( strlen( input_Q ) > 0 );
1205 const int have_D = ( strlen( input_D ) > 0 );
1206 const int have_E = ( strlen( input_E ) > 0 );
1207
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1208 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1209 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1210 mbedtls_rsa_init( &ctx, 0, 0 );
1211
1212 mbedtls_mpi_init( &N );
1213 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1214 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1215
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1216 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1217 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1218
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1219 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1220 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1221
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1222 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1223 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1224
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1225 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1226 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1227
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1228 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1229 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1230
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1231 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1232 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1233
1234 if( !successive )
1235 {
1236 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1237 have_N ? &N : NULL,
1238 have_P ? &P : NULL,
1239 have_Q ? &Q : NULL,
1240 have_D ? &D : NULL,
1241 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1242 }
1243 else
1244 {
1245 /* Import N, P, Q, D, E separately.
1246 * This should make no functional difference. */
1247
1248 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1249 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1250 NULL, NULL, NULL, NULL ) == 0 );
1251
1252 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1253 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1254 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1255 NULL, NULL, NULL ) == 0 );
1256
1257 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1258 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1259 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1260 NULL, NULL ) == 0 );
1261
1262 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1263 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1264 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1265 NULL ) == 0 );
1266
1267 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1268 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1269 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1270 }
1271
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1272 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1273
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1274 /* On expected success, perform some public and private
1275 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1276 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1277 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1278 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1279 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1280 else
1281 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1282
1283 if( res_check != 0 )
1284 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1285
1286 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1287 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1288 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1289 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1290 goto exit;
1291
1292 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1293 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1294
1295 /* Make sure the number we're generating is smaller than the modulus */
1296 buf_orig[0] = 0x00;
1297
1298 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1299
1300 if( is_priv )
1301 {
1302 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1303 &ctr_drbg, buf_enc,
1304 buf_dec ) == 0 );
1305
1306 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1307 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1308 }
1309 }
1310
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1311exit:
1312
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1313 mbedtls_free( buf_orig );
1314 mbedtls_free( buf_enc );
1315 mbedtls_free( buf_dec );
1316
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1317 mbedtls_rsa_free( &ctx );
1318
1319 mbedtls_ctr_drbg_free( &ctr_drbg );
1320 mbedtls_entropy_free( &entropy );
1321
1322 mbedtls_mpi_free( &N );
1323 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1324 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1325}
1326/* END_CASE */
1327
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1328/* BEGIN_CASE */
1329void mbedtls_rsa_export( int radix_N, char *input_N,
1330 int radix_P, char *input_P,
1331 int radix_Q, char *input_Q,
1332 int radix_D, char *input_D,
1333 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1334 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1335 int successive )
1336{
1337 /* Original MPI's with which we set up the RSA context */
1338 mbedtls_mpi N, P, Q, D, E;
1339
1340 /* Exported MPI's */
1341 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1342
1343 const int have_N = ( strlen( input_N ) > 0 );
1344 const int have_P = ( strlen( input_P ) > 0 );
1345 const int have_Q = ( strlen( input_Q ) > 0 );
1346 const int have_D = ( strlen( input_D ) > 0 );
1347 const int have_E = ( strlen( input_E ) > 0 );
1348
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1349 mbedtls_rsa_context ctx;
1350
1351 mbedtls_rsa_init( &ctx, 0, 0 );
1352
1353 mbedtls_mpi_init( &N );
1354 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1355 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1356
1357 mbedtls_mpi_init( &Ne );
1358 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1359 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1360
1361 /* Setup RSA context */
1362
1363 if( have_N )
1364 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1365
1366 if( have_P )
1367 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1368
1369 if( have_Q )
1370 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1371
1372 if( have_D )
1373 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1374
1375 if( have_E )
1376 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1377
1378 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1379 strlen( input_N ) ? &N : NULL,
1380 strlen( input_P ) ? &P : NULL,
1381 strlen( input_Q ) ? &Q : NULL,
1382 strlen( input_D ) ? &D : NULL,
1383 strlen( input_E ) ? &E : NULL ) == 0 );
1384
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1385 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1386
1387 /*
1388 * Export parameters and compare to original ones.
1389 */
1390
1391 /* N and E must always be present. */
1392 if( !successive )
1393 {
1394 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1395 }
1396 else
1397 {
1398 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1399 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1400 }
1401 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1402 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1403
1404 /* If we were providing enough information to setup a complete private context,
1405 * we expect to be able to export all core parameters. */
1406
1407 if( is_priv )
1408 {
1409 if( !successive )
1410 {
1411 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1412 &De, NULL ) == 0 );
1413 }
1414 else
1415 {
1416 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1417 NULL, NULL ) == 0 );
1418 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1419 NULL, NULL ) == 0 );
1420 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1421 &De, NULL ) == 0 );
1422 }
1423
1424 if( have_P )
1425 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1426
1427 if( have_Q )
1428 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1429
1430 if( have_D )
1431 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1432
1433 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1434 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1435 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1436 }
1437
1438exit:
1439
1440 mbedtls_rsa_free( &ctx );
1441
1442 mbedtls_mpi_free( &N );
1443 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1444 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1445
1446 mbedtls_mpi_free( &Ne );
1447 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1448 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1449}
1450/* END_CASE */
1451
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1452/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1453void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1454 int radix_P, char *input_P,
1455 int radix_Q, char *input_Q,
1456 int radix_D, char *input_D,
1457 int radix_E, char *input_E,
1458 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1459{
1460 /* Original MPI's with which we set up the RSA context */
1461 mbedtls_mpi N, P, Q, D, E;
1462
1463 const int have_N = ( strlen( input_N ) > 0 );
1464 const int have_P = ( strlen( input_P ) > 0 );
1465 const int have_Q = ( strlen( input_Q ) > 0 );
1466 const int have_D = ( strlen( input_D ) > 0 );
1467 const int have_E = ( strlen( input_E ) > 0 );
1468
1469 mbedtls_entropy_context entropy;
1470 mbedtls_ctr_drbg_context ctr_drbg;
1471 const char *pers = "test_suite_rsa";
1472
1473 mbedtls_mpi_init( &N );
1474 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1475 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1476
1477 mbedtls_ctr_drbg_init( &ctr_drbg );
1478 mbedtls_entropy_init( &entropy );
1479 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1480 &entropy, (const unsigned char *) pers,
1481 strlen( pers ) ) == 0 );
1482
1483 if( have_N )
1484 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1485
1486 if( have_P )
1487 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1488
1489 if( have_Q )
1490 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1491
1492 if( have_D )
1493 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1494
1495 if( have_E )
1496 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1497
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1498 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1499 have_P ? &P : NULL,
1500 have_Q ? &Q : NULL,
1501 have_D ? &D : NULL,
1502 have_E ? &E : NULL,
1503 prng ? mbedtls_ctr_drbg_random : NULL,
1504 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1505exit:
1506
1507 mbedtls_ctr_drbg_free( &ctr_drbg );
1508 mbedtls_entropy_free( &entropy );
1509
1510 mbedtls_mpi_free( &N );
1511 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1512 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1513}
1514/* END_CASE */
1515
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1516/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1517void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1518 data_t *input_Q, data_t *input_D,
1519 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1520 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1521{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1522 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1523 unsigned char bufNe[256];
1524 unsigned char bufPe[128];
1525 unsigned char bufQe[128];
1526 unsigned char bufDe[256];
1527 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1528
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1529 mbedtls_rsa_context ctx;
1530
1531 mbedtls_rsa_init( &ctx, 0, 0 );
1532
1533 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1534 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1535 input_N->len ? input_N->x : NULL, input_N->len,
1536 input_P->len ? input_P->x : NULL, input_P->len,
1537 input_Q->len ? input_Q->x : NULL, input_Q->len,
1538 input_D->len ? input_D->x : NULL, input_D->len,
1539 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1540
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1541 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1542
1543 /*
1544 * Export parameters and compare to original ones.
1545 */
1546
1547 /* N and E must always be present. */
1548 if( !successive )
1549 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1550 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1551 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1552 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1553 }
1554 else
1555 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1556 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1557 NULL, 0, NULL, 0, NULL, 0,
1558 NULL, 0 ) == 0 );
1559 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1560 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1561 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1562 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1563 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1564 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1565
1566 /* If we were providing enough information to setup a complete private context,
1567 * we expect to be able to export all core parameters. */
1568
1569 if( is_priv )
1570 {
1571 if( !successive )
1572 {
1573 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1574 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1575 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1576 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1577 NULL, 0 ) == 0 );
1578 }
1579 else
1580 {
1581 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1582 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1583 NULL, 0, NULL, 0,
1584 NULL, 0 ) == 0 );
1585
1586 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1587 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1588 NULL, 0, NULL, 0 ) == 0 );
1589
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1590 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1591 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1592 NULL, 0 ) == 0 );
1593 }
1594
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1595 if( input_P->len )
1596 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1597
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1598 if( input_Q->len )
1599 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1600
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1601 if( input_D->len )
1602 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1603
1604 }
1605
1606exit:
1607 mbedtls_rsa_free( &ctx );
1608}
1609/* END_CASE */
1610
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1611/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1612void mbedtls_rsa_import_raw( data_t *input_N,
1613 data_t *input_P, data_t *input_Q,
1614 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1615 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1616 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1617 int res_check,
1618 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1619{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1620 /* Buffers used for encryption-decryption test */
1621 unsigned char *buf_orig = NULL;
1622 unsigned char *buf_enc = NULL;
1623 unsigned char *buf_dec = NULL;
1624
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1625 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1626 mbedtls_entropy_context entropy;
1627 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1628
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1629 const char *pers = "test_suite_rsa";
1630
1631 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1632 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1633 mbedtls_rsa_init( &ctx, 0, 0 );
1634
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1635 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1636 &entropy, (const unsigned char *) pers,
1637 strlen( pers ) ) == 0 );
1638
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1639 if( !successive )
1640 {
1641 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1642 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1643 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1644 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1645 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1646 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1647 }
1648 else
1649 {
1650 /* Import N, P, Q, D, E separately.
1651 * This should make no functional difference. */
1652
1653 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1654 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1655 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1656
1657 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1658 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1659 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1660 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1661
1662 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1663 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1664 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1665 NULL, 0, NULL, 0 ) == 0 );
1666
1667 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1668 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1669 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1670 NULL, 0 ) == 0 );
1671
1672 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1673 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1674 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1675 }
1676
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1677 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1678
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1679 /* On expected success, perform some public and private
1680 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1681 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1682 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1683 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1684 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1685 else
1686 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1687
1688 if( res_check != 0 )
1689 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1690
1691 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1692 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1693 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1694 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1695 goto exit;
1696
1697 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1698 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1699
1700 /* Make sure the number we're generating is smaller than the modulus */
1701 buf_orig[0] = 0x00;
1702
1703 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1704
1705 if( is_priv )
1706 {
1707 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1708 &ctr_drbg, buf_enc,
1709 buf_dec ) == 0 );
1710
1711 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1712 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1713 }
1714 }
1715
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1716exit:
1717
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1718 mbedtls_free( buf_orig );
1719 mbedtls_free( buf_enc );
1720 mbedtls_free( buf_dec );
1721
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1722 mbedtls_rsa_free( &ctx );
1723
1724 mbedtls_ctr_drbg_free( &ctr_drbg );
1725 mbedtls_entropy_free( &entropy );
1726
1727}
1728/* END_CASE */
1729
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1730/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1731void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1732{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1733 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1734}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1735/* END_CASE */