TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 140184d0293bf14e004c78f6cc722d563f9b0079 / . / tests / suites / test_suite_rsa.function
blob: e4f962562affdee24488ae8874629ef89c77e224 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 sizeof( buf ), NULL,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 sizeof( buf ), buf,
115 NULL ) );
116
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]119 NULL, sizeof( buf ),
120 buf, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]121 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
122 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]123 NULL, sizeof( buf ),
124 NULL, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]127 NULL, sizeof( buf ),
128 buf, NULL ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]132 buf, sizeof( buf ),
133 sizeof( buf ), buf,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]137 NULL, sizeof( buf ),
138 sizeof( buf ), buf,
139 buf ) );
140 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
141 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]142 buf, sizeof( buf ),
143 sizeof( buf ), NULL,
144 buf ) );
145 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
146 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]147 buf, sizeof( buf ),
148 sizeof( buf ), buf,
149 NULL ) );
150
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]153 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]154 buf, buf, 42 ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]157 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]158 buf, buf, 42 ) );
159 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
160 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]161 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]162 NULL, buf, 42 ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]165 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]166 buf, NULL, 42 ) );
167
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]170 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]171 buf, buf, 42 ) );
172 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
173 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]174 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]175 buf, buf, 42 ) );
176 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
177 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]178 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]179 NULL, buf, 42 ) );
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]182 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 buf, NULL, 42 ) );
184
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]187 buf, sizeof( buf ),
188 &olen,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, sizeof( buf ),
193 NULL,
194 buf, buf, 42 ) );
195 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
196 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]197 buf, sizeof( buf ),
198 &olen,
199 NULL, buf, 42 ) );
200 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
201 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]202 buf, sizeof( buf ),
203 &olen,
204 buf, NULL, 42 ) );
205
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]208 0, sizeof( buf ), buf,
209 buf ) );
210 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
211 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]212 0, sizeof( buf ), NULL,
213 buf ) );
214 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
215 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]216 0, sizeof( buf ), buf,
217 NULL ) );
218 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
219 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]220 MBEDTLS_MD_SHA1,
221 0, NULL,
222 buf ) );
223
224 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
225 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame]226 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]227 0, sizeof( buf ), buf,
228 buf ) );
229 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
230 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame]231 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]232 0, sizeof( buf ), NULL,
233 buf ) );
234 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
235 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame]236 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]237 0, sizeof( buf ), buf,
238 NULL ) );
239 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
240 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame]241 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]242 MBEDTLS_MD_SHA1,
243 0, NULL,
244 buf ) );
245
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
Thomas Daubney9a66d5c2021-05-18 15:50:21 +0100[diff] [blame]248 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]249 0, sizeof( buf ), buf,
250 buf ) );
251 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
252 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Thomas Daubney9a66d5c2021-05-18 15:50:21 +0100[diff] [blame]253 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]254 0, sizeof( buf ), NULL,
255 buf ) );
256 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
257 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Thomas Daubney9a66d5c2021-05-18 15:50:21 +0100[diff] [blame]258 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]259 0, sizeof( buf ), buf,
260 NULL ) );
261 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
262 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Thomas Daubney9a66d5c2021-05-18 15:50:21 +0100[diff] [blame]263 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]264 MBEDTLS_MD_SHA1,
265 0, NULL,
266 buf ) );
267
268 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]269 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
270 0, sizeof( buf ), buf,
271 MBEDTLS_RSA_SALT_LEN_ANY,
272 buf ) );
273 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
274 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
275 0, sizeof( buf ), NULL,
276 MBEDTLS_RSA_SALT_LEN_ANY,
277 buf ) );
278 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
279 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
280 0, sizeof( buf ), buf,
281 MBEDTLS_RSA_SALT_LEN_ANY,
282 NULL ) );
283 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
284 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
285 MBEDTLS_MD_SHA1,
286 0, NULL,
287 MBEDTLS_RSA_SALT_LEN_ANY,
288 buf ) );
289
290 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]291 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
292 valid_mode,
293 0, sizeof( buf ), buf,
294 buf ) );
295 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
296 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
297 invalid_mode,
298 0, sizeof( buf ), buf,
299 buf ) );
300 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
301 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
302 valid_mode,
303 0, sizeof( buf ), NULL,
304 buf ) );
305 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
306 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
307 valid_mode,
308 0, sizeof( buf ), buf,
309 NULL ) );
310 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
311 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
312 valid_mode,
313 MBEDTLS_MD_SHA1, 0, NULL,
314 buf ) );
315
316 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
317 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
318 NULL,
319 valid_mode,
320 0, sizeof( buf ), buf,
321 buf ) );
322 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
323 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
324 NULL,
325 invalid_mode,
326 0, sizeof( buf ), buf,
327 buf ) );
328 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
329 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
330 NULL,
331 valid_mode,
332 0, sizeof( buf ),
333 NULL, buf ) );
334 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
335 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
336 NULL,
337 valid_mode,
338 0, sizeof( buf ), buf,
339 NULL ) );
340 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
341 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
342 NULL,
343 valid_mode,
344 MBEDTLS_MD_SHA1,
345 0, NULL,
346 buf ) );
347
348 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
349 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
350 valid_mode,
351 0, sizeof( buf ),
352 buf, buf ) );
353 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
354 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
355 invalid_mode,
356 0, sizeof( buf ),
357 buf, buf ) );
358 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
359 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
360 valid_mode,
361 0, sizeof( buf ),
362 NULL, buf ) );
363 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
364 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
365 valid_mode,
366 0, sizeof( buf ),
367 buf, NULL ) );
368 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
369 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
370 valid_mode,
371 MBEDTLS_MD_SHA1,
372 0, NULL,
373 buf ) );
374
375 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
376 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
377 valid_mode,
378 0, sizeof( buf ),
379 buf,
380 0, 0,
381 buf ) );
382 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
383 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
384 invalid_mode,
385 0, sizeof( buf ),
386 buf,
387 0, 0,
388 buf ) );
389 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
390 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
391 valid_mode,
392 0, sizeof( buf ),
393 NULL, 0, 0,
394 buf ) );
395 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
396 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
397 valid_mode,
398 0, sizeof( buf ),
399 buf, 0, 0,
400 NULL ) );
401 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
402 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
403 valid_mode,
404 MBEDTLS_MD_SHA1,
405 0, NULL,
406 0, 0,
407 buf ) );
408
409 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
410 mbedtls_rsa_copy( NULL, &ctx ) );
411 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
412 mbedtls_rsa_copy( &ctx, NULL ) );
413
414exit:
415 return;
416}
417/* END_CASE */
418
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]419/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]420void rsa_init_free( int reinit )
421{
422 mbedtls_rsa_context ctx;
423
424 /* Double free is not explicitly documented to work, but we rely on it
425 * even inside the library so that you can call mbedtls_rsa_free()
426 * unconditionally on an error path without checking whether it has
427 * already been called in the success path. */
428
429 mbedtls_rsa_init( &ctx, 0, 0 );
430 mbedtls_rsa_free( &ctx );
431
432 if( reinit )
433 mbedtls_rsa_init( &ctx, 0, 0 );
434 mbedtls_rsa_free( &ctx );
435
436 /* This test case always succeeds, functionally speaking. A plausible
437 * bug might trigger an invalid pointer dereference or a memory leak. */
438 goto exit;
439}
440/* END_CASE */
441
442/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]443void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]444 int digest, int mod, int radix_P, char * input_P,
445 int radix_Q, char * input_Q, int radix_N,
446 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]447 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]448{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]449 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
450 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]451 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]452 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]453 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]454
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]455 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
456 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]457 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]458
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]459 memset( hash_result, 0x00, sizeof( hash_result ) );
460 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]461 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]462
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]463 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
464 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
465 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
466 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]467
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]468 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
469 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]470 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]471 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]472
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]473
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]474 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]475 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]476
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]477 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame^]478 &rnd_info, digest, 0, hash_result,
479 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]480 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]481 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]482
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]483 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
484 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]485 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]486
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]487exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]488 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
489 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]490 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]491}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]492/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]493
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]494/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]495void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]496 int digest, int mod, int radix_N,
497 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]498 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]499{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]500 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]502
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]503 mbedtls_mpi N, E;
504
505 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]506 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]507 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]508
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]509 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
510 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
511 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
512 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]513 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]514
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]515
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]516 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]517 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]518
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]519 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]520
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]521exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]522 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]523 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]524}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]525/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]527
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]528/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]529void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]530 int padding_mode, int mod, int radix_P,
531 char * input_P, int radix_Q, char * input_Q,
532 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]533 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]534{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]535 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]536 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]537 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]538 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]539
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]541 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
542 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]544 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]545 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]546
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]547 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
548 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
549 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
550 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]551
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]552 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
553 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]554 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]555 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]556
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]557
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]558 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame^]559 &rnd_info, MBEDTLS_MD_NONE,
560 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]561 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]562
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]563
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]564 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
565 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]566
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]567exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]568 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
569 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
570
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]571 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]572}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]573/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]574
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]575/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]576void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]577 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]578 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]579 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]580{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]581 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]582 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]583
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]584 mbedtls_mpi N, E;
585 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
586
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]587 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]588 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]589
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]590 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
591 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]593 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
594 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]595 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]596
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]597
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]598 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]599
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]600exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]601 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]602 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]603}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]604/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]605
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]606/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]607void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]608 int mod, int radix_N, char * input_N,
609 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]610 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]612 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]614 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]615
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]616 mbedtls_mpi N, E;
617 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
618
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]619 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]620
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]622 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]623
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]624 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
625 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]626
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]627 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
628 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]629 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]630
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]631
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]632 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
633 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]634 &rnd_info, message_str->len,
635 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]636 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]637 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]638 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]639
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]640 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
641 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]642 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]643
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]644exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]645 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]646 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]647}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]648/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]649
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]650/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]651void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]652 int mod, int radix_N, char * input_N,
653 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]654 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]655{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]656 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]658
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]659 mbedtls_mpi N, E;
660
661 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]662 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]663 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]664
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]665 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
666 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]667
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]668 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
669 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]670 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]671
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]672
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]673 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]674 NULL, message_str->len,
675 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]676 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]677 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]678 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]679
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]680 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
681 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]682 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]683
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]684exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]685 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]686 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]687}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]688/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]689
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]690/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]691void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]692 int mod, int radix_P, char * input_P,
693 int radix_Q, char * input_Q, int radix_N,
694 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]695 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]696 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]697{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]698 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]699 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]700 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]701 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]702 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]703
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]704 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
705 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
706
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]707 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]708
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]709 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]710 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]711
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]712
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]713 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
714 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
715 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
716 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]717
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]718 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
719 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]720 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]721 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]722
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]723 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]724
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]725 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]726 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]727 &output_len, message_str->x, output,
728 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]729 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]730 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]731
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]732 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]733 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]734 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]735 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]736
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]737exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]738 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
739 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]740 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]741}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]742/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]743
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]744/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]745void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]746 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]747 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]748{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]749 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]750 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]751
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]752 mbedtls_mpi N, E;
753
754 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]755 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
756 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]757 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]758
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]759 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
760 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]761
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]762 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
763 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]764 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]765
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]766
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]767 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]768 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]769 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]770
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]771 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
772 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]773 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]774
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]775 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]776 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]777 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]778 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]779
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]780 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]781
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]782 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]783 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]784 if( result == 0 )
785 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]786
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]787 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
788 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]789 }
790
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]791exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]792 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]793 mbedtls_rsa_free( &ctx );
794 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]795}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]796/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]797
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]798/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]799void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]800 char * input_P, int radix_Q, char * input_Q,
801 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]802 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]803 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]804{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]805 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]806 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]807 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]808 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]809 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]810
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]811 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
812 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]813 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
814 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]815
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]816 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]817
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]818 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
819 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
820 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
821 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]822
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]823 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
824 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]825 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]826 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]827
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]828
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]829 /* repeat three times to test updating of blinding values */
830 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]831 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]832 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]833 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
834 &rnd_info, message_str->x,
835 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]836 if( result == 0 )
837 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]838
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]839 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]840 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]841 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]842 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]843 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]844
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]845 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]846 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]847 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]848 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]849
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]850 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]851
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]852 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]853 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
854 &rnd_info, message_str->x,
855 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]856 if( result == 0 )
857 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]858
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]859 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]860 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]861 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]862 }
863
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]864exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]865 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
866 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
867
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]868 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]869}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]870/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]871
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]872/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]873void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]874{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]875 mbedtls_rsa_context ctx;
876 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]877
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]878 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]879}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]880/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]881
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]882/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]883void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
884 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]885{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]886 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]887 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]888
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]889 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]890 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]891
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]892 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]893 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]894 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]895 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]896 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]897 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]898 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]899 }
900
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]901 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]902 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]903
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]904exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]905 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]906 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]907}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]908/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]909
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]910/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]911void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
912 int radix_Q, char * input_Q, int radix_N,
913 char * input_N, int radix_E, char * input_E,
914 int radix_D, char * input_D, int radix_DP,
915 char * input_DP, int radix_DQ,
916 char * input_DQ, int radix_QP,
917 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]918{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]919 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]920
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]921 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]922
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]923 ctx.len = mod / 8;
924 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]925 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]926 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]927 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]928 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]929 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]930 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]931 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]932 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]933 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]934 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]935 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]936 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]937 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]938 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]939 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]940 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]941 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]942 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]943 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]944#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]945 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]946 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]948 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]949 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]950 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]952 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]953 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]954 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]956 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]957#else
958 ((void) radix_DP); ((void) input_DP);
959 ((void) radix_DQ); ((void) input_DQ);
960 ((void) radix_QP); ((void) input_QP);
961#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]962
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]963 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]964
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]965exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]966 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]967}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]968/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]969
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]970/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]971void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
972 int radix_Epub, char * input_Epub, int radix_P,
973 char * input_P, int radix_Q, char * input_Q,
974 int radix_N, char * input_N, int radix_E,
975 char * input_E, int radix_D, char * input_D,
976 int radix_DP, char * input_DP, int radix_DQ,
977 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]978 int result )
979{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]980 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]981
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]982 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
983 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]984
985 pub.len = mod / 8;
986 prv.len = mod / 8;
987
988 if( strlen( input_Npub ) )
989 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]990 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]991 }
992 if( strlen( input_Epub ) )
993 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]994 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]995 }
996
997 if( strlen( input_P ) )
998 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]999 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1000 }
1001 if( strlen( input_Q ) )
1002 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1004 }
1005 if( strlen( input_N ) )
1006 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1007 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1008 }
1009 if( strlen( input_E ) )
1010 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1011 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1012 }
1013 if( strlen( input_D ) )
1014 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1015 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1016 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1017#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1018 if( strlen( input_DP ) )
1019 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1021 }
1022 if( strlen( input_DQ ) )
1023 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1025 }
1026 if( strlen( input_QP ) )
1027 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1029 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1030#else
1031 ((void) radix_DP); ((void) input_DP);
1032 ((void) radix_DQ); ((void) input_DQ);
1033 ((void) radix_QP); ((void) input_QP);
1034#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1035
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1036 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1037
1038exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1039 mbedtls_rsa_free( &pub );
1040 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1041}
1042/* END_CASE */
1043
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1044/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1045void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1046{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1047 mbedtls_rsa_context ctx;
1048 mbedtls_entropy_context entropy;
1049 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1050 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1051
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1052 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1053 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1054 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1055
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1056 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1057 &entropy, (const unsigned char *) pers,
1058 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1059
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1060 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1061 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1062 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1063 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1064 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1065 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1066
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1067exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1068 mbedtls_rsa_free( &ctx );
1069 mbedtls_ctr_drbg_free( &ctr_drbg );
1070 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1071}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1072/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1073
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1074/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1075void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1076 int radix_D, char *input_D,
1077 int radix_E, char *input_E,
1078 int radix_P, char *output_P,
1079 int radix_Q, char *output_Q,
1080 int corrupt, int result )
1081{
1082 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1083
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1084 mbedtls_mpi_init( &N );
1085 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1086 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1087 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1088
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1089 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1090 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1091 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1092 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1093 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1094
1095 if( corrupt )
1096 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1097
1098 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1099 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1100
1101 if( !corrupt )
1102 {
1103 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1104 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1105 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1106 }
1107
1108exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1109 mbedtls_mpi_free( &N );
1110 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1111 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1112 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1113}
1114/* END_CASE */
1115
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1116/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1117void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1118 int radix_Q, char *input_Q,
1119 int radix_E, char *input_E,
1120 int radix_D, char *output_D,
1121 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1122{
1123 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1124
1125 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1126 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1127 mbedtls_mpi_init( &E );
1128 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1129
1130 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1131 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1132 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1133 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1134
1135 if( corrupt )
1136 {
1137 /* Make E even */
1138 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1139 }
1140
1141 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1142 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1143 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1144
1145 if( !corrupt )
1146 {
1147 /*
1148 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1149 */
1150
1151 /* Replace P,Q by P-1, Q-1 */
1152 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1153 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1154
1155 /* Check D == Dp modulo P-1 */
1156 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1157 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1158 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1159
1160 /* Check D == Dp modulo Q-1 */
1161 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1162 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1163 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1164 }
1165
1166exit:
1167
1168 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1169 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1170 mbedtls_mpi_free( &E );
1171 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1172}
1173/* END_CASE */
1174
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1175/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1176void mbedtls_rsa_import( int radix_N, char *input_N,
1177 int radix_P, char *input_P,
1178 int radix_Q, char *input_Q,
1179 int radix_D, char *input_D,
1180 int radix_E, char *input_E,
1181 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1182 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1183 int res_check,
1184 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1185{
1186 mbedtls_mpi N, P, Q, D, E;
1187 mbedtls_rsa_context ctx;
1188
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1189 /* Buffers used for encryption-decryption test */
1190 unsigned char *buf_orig = NULL;
1191 unsigned char *buf_enc = NULL;
1192 unsigned char *buf_dec = NULL;
1193
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1194 mbedtls_entropy_context entropy;
1195 mbedtls_ctr_drbg_context ctr_drbg;
1196 const char *pers = "test_suite_rsa";
1197
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1198 const int have_N = ( strlen( input_N ) > 0 );
1199 const int have_P = ( strlen( input_P ) > 0 );
1200 const int have_Q = ( strlen( input_Q ) > 0 );
1201 const int have_D = ( strlen( input_D ) > 0 );
1202 const int have_E = ( strlen( input_E ) > 0 );
1203
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1204 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1205 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1206 mbedtls_rsa_init( &ctx, 0, 0 );
1207
1208 mbedtls_mpi_init( &N );
1209 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1210 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1211
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1212 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1213 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1214
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1215 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1216 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1217
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1218 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1219 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1220
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1221 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1222 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1223
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1224 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1225 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1226
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1227 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1228 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1229
1230 if( !successive )
1231 {
1232 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1233 have_N ? &N : NULL,
1234 have_P ? &P : NULL,
1235 have_Q ? &Q : NULL,
1236 have_D ? &D : NULL,
1237 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1238 }
1239 else
1240 {
1241 /* Import N, P, Q, D, E separately.
1242 * This should make no functional difference. */
1243
1244 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1245 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1246 NULL, NULL, NULL, NULL ) == 0 );
1247
1248 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1249 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1250 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1251 NULL, NULL, NULL ) == 0 );
1252
1253 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1254 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1255 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1256 NULL, NULL ) == 0 );
1257
1258 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1259 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1260 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1261 NULL ) == 0 );
1262
1263 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1264 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1265 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1266 }
1267
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1268 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1269
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1270 /* On expected success, perform some public and private
1271 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1272 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1273 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1274 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1275 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1276 else
1277 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1278
1279 if( res_check != 0 )
1280 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1281
1282 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1283 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1284 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1285 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1286 goto exit;
1287
1288 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1289 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1290
1291 /* Make sure the number we're generating is smaller than the modulus */
1292 buf_orig[0] = 0x00;
1293
1294 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1295
1296 if( is_priv )
1297 {
1298 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1299 &ctr_drbg, buf_enc,
1300 buf_dec ) == 0 );
1301
1302 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1303 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1304 }
1305 }
1306
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1307exit:
1308
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1309 mbedtls_free( buf_orig );
1310 mbedtls_free( buf_enc );
1311 mbedtls_free( buf_dec );
1312
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1313 mbedtls_rsa_free( &ctx );
1314
1315 mbedtls_ctr_drbg_free( &ctr_drbg );
1316 mbedtls_entropy_free( &entropy );
1317
1318 mbedtls_mpi_free( &N );
1319 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1320 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1321}
1322/* END_CASE */
1323
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1324/* BEGIN_CASE */
1325void mbedtls_rsa_export( int radix_N, char *input_N,
1326 int radix_P, char *input_P,
1327 int radix_Q, char *input_Q,
1328 int radix_D, char *input_D,
1329 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1330 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1331 int successive )
1332{
1333 /* Original MPI's with which we set up the RSA context */
1334 mbedtls_mpi N, P, Q, D, E;
1335
1336 /* Exported MPI's */
1337 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1338
1339 const int have_N = ( strlen( input_N ) > 0 );
1340 const int have_P = ( strlen( input_P ) > 0 );
1341 const int have_Q = ( strlen( input_Q ) > 0 );
1342 const int have_D = ( strlen( input_D ) > 0 );
1343 const int have_E = ( strlen( input_E ) > 0 );
1344
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1345 mbedtls_rsa_context ctx;
1346
1347 mbedtls_rsa_init( &ctx, 0, 0 );
1348
1349 mbedtls_mpi_init( &N );
1350 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1351 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1352
1353 mbedtls_mpi_init( &Ne );
1354 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1355 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1356
1357 /* Setup RSA context */
1358
1359 if( have_N )
1360 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1361
1362 if( have_P )
1363 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1364
1365 if( have_Q )
1366 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1367
1368 if( have_D )
1369 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1370
1371 if( have_E )
1372 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1373
1374 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1375 strlen( input_N ) ? &N : NULL,
1376 strlen( input_P ) ? &P : NULL,
1377 strlen( input_Q ) ? &Q : NULL,
1378 strlen( input_D ) ? &D : NULL,
1379 strlen( input_E ) ? &E : NULL ) == 0 );
1380
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1381 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1382
1383 /*
1384 * Export parameters and compare to original ones.
1385 */
1386
1387 /* N and E must always be present. */
1388 if( !successive )
1389 {
1390 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1391 }
1392 else
1393 {
1394 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1395 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1396 }
1397 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1398 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1399
1400 /* If we were providing enough information to setup a complete private context,
1401 * we expect to be able to export all core parameters. */
1402
1403 if( is_priv )
1404 {
1405 if( !successive )
1406 {
1407 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1408 &De, NULL ) == 0 );
1409 }
1410 else
1411 {
1412 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1413 NULL, NULL ) == 0 );
1414 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1415 NULL, NULL ) == 0 );
1416 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1417 &De, NULL ) == 0 );
1418 }
1419
1420 if( have_P )
1421 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1422
1423 if( have_Q )
1424 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1425
1426 if( have_D )
1427 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1428
1429 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1430 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1431 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1432 }
1433
1434exit:
1435
1436 mbedtls_rsa_free( &ctx );
1437
1438 mbedtls_mpi_free( &N );
1439 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1440 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1441
1442 mbedtls_mpi_free( &Ne );
1443 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1444 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1445}
1446/* END_CASE */
1447
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1448/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1449void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1450 int radix_P, char *input_P,
1451 int radix_Q, char *input_Q,
1452 int radix_D, char *input_D,
1453 int radix_E, char *input_E,
1454 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1455{
1456 /* Original MPI's with which we set up the RSA context */
1457 mbedtls_mpi N, P, Q, D, E;
1458
1459 const int have_N = ( strlen( input_N ) > 0 );
1460 const int have_P = ( strlen( input_P ) > 0 );
1461 const int have_Q = ( strlen( input_Q ) > 0 );
1462 const int have_D = ( strlen( input_D ) > 0 );
1463 const int have_E = ( strlen( input_E ) > 0 );
1464
1465 mbedtls_entropy_context entropy;
1466 mbedtls_ctr_drbg_context ctr_drbg;
1467 const char *pers = "test_suite_rsa";
1468
1469 mbedtls_mpi_init( &N );
1470 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1471 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1472
1473 mbedtls_ctr_drbg_init( &ctr_drbg );
1474 mbedtls_entropy_init( &entropy );
1475 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1476 &entropy, (const unsigned char *) pers,
1477 strlen( pers ) ) == 0 );
1478
1479 if( have_N )
1480 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1481
1482 if( have_P )
1483 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1484
1485 if( have_Q )
1486 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1487
1488 if( have_D )
1489 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1490
1491 if( have_E )
1492 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1493
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1494 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1495 have_P ? &P : NULL,
1496 have_Q ? &Q : NULL,
1497 have_D ? &D : NULL,
1498 have_E ? &E : NULL,
1499 prng ? mbedtls_ctr_drbg_random : NULL,
1500 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1501exit:
1502
1503 mbedtls_ctr_drbg_free( &ctr_drbg );
1504 mbedtls_entropy_free( &entropy );
1505
1506 mbedtls_mpi_free( &N );
1507 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1508 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1509}
1510/* END_CASE */
1511
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1512/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1513void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1514 data_t *input_Q, data_t *input_D,
1515 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1516 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1517{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1518 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1519 unsigned char bufNe[256];
1520 unsigned char bufPe[128];
1521 unsigned char bufQe[128];
1522 unsigned char bufDe[256];
1523 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1524
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1525 mbedtls_rsa_context ctx;
1526
1527 mbedtls_rsa_init( &ctx, 0, 0 );
1528
1529 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1530 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1531 input_N->len ? input_N->x : NULL, input_N->len,
1532 input_P->len ? input_P->x : NULL, input_P->len,
1533 input_Q->len ? input_Q->x : NULL, input_Q->len,
1534 input_D->len ? input_D->x : NULL, input_D->len,
1535 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1536
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1537 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1538
1539 /*
1540 * Export parameters and compare to original ones.
1541 */
1542
1543 /* N and E must always be present. */
1544 if( !successive )
1545 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1546 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1547 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1548 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1549 }
1550 else
1551 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1552 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1553 NULL, 0, NULL, 0, NULL, 0,
1554 NULL, 0 ) == 0 );
1555 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1556 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1557 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1558 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1559 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1560 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1561
1562 /* If we were providing enough information to setup a complete private context,
1563 * we expect to be able to export all core parameters. */
1564
1565 if( is_priv )
1566 {
1567 if( !successive )
1568 {
1569 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1570 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1571 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1572 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1573 NULL, 0 ) == 0 );
1574 }
1575 else
1576 {
1577 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1578 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1579 NULL, 0, NULL, 0,
1580 NULL, 0 ) == 0 );
1581
1582 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1583 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1584 NULL, 0, NULL, 0 ) == 0 );
1585
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1586 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1587 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1588 NULL, 0 ) == 0 );
1589 }
1590
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1591 if( input_P->len )
1592 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1593
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1594 if( input_Q->len )
1595 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1596
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1597 if( input_D->len )
1598 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1599
1600 }
1601
1602exit:
1603 mbedtls_rsa_free( &ctx );
1604}
1605/* END_CASE */
1606
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1607/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1608void mbedtls_rsa_import_raw( data_t *input_N,
1609 data_t *input_P, data_t *input_Q,
1610 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1611 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1612 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1613 int res_check,
1614 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1615{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1616 /* Buffers used for encryption-decryption test */
1617 unsigned char *buf_orig = NULL;
1618 unsigned char *buf_enc = NULL;
1619 unsigned char *buf_dec = NULL;
1620
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1621 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1622 mbedtls_entropy_context entropy;
1623 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1624
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1625 const char *pers = "test_suite_rsa";
1626
1627 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1628 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1629 mbedtls_rsa_init( &ctx, 0, 0 );
1630
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1631 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1632 &entropy, (const unsigned char *) pers,
1633 strlen( pers ) ) == 0 );
1634
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1635 if( !successive )
1636 {
1637 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1638 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1639 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1640 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1641 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1642 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1643 }
1644 else
1645 {
1646 /* Import N, P, Q, D, E separately.
1647 * This should make no functional difference. */
1648
1649 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1650 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1651 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1652
1653 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1654 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1655 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1656 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1657
1658 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1659 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1660 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1661 NULL, 0, NULL, 0 ) == 0 );
1662
1663 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1664 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1665 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1666 NULL, 0 ) == 0 );
1667
1668 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1669 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1670 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1671 }
1672
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1673 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1674
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1675 /* On expected success, perform some public and private
1676 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1677 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1678 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1679 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1680 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1681 else
1682 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1683
1684 if( res_check != 0 )
1685 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1686
1687 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1688 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1689 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1690 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1691 goto exit;
1692
1693 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1694 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1695
1696 /* Make sure the number we're generating is smaller than the modulus */
1697 buf_orig[0] = 0x00;
1698
1699 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1700
1701 if( is_priv )
1702 {
1703 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1704 &ctr_drbg, buf_enc,
1705 buf_dec ) == 0 );
1706
1707 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1708 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1709 }
1710 }
1711
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1712exit:
1713
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1714 mbedtls_free( buf_orig );
1715 mbedtls_free( buf_enc );
1716 mbedtls_free( buf_dec );
1717
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1718 mbedtls_rsa_free( &ctx );
1719
1720 mbedtls_ctr_drbg_free( &ctr_drbg );
1721 mbedtls_entropy_free( &entropy );
1722
1723}
1724/* END_CASE */
1725
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1726/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1727void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1728{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1729 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1730}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1731/* END_CASE */