TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c32e2b0921dafb07412628ca1460a2a5999608a1 / . / tests / suites / test_suite_rsa.function
blob: 1eca3148a3f5f145c8757b06a5500ac4bc7deef9 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Thomas Daubneyc32e2b02021-05-13 17:03:47 +0100[diff] [blame^]106 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]107 sizeof( buf ), buf,
108 buf ) );
109 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
110 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Thomas Daubneyc32e2b02021-05-13 17:03:47 +0100[diff] [blame^]111 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]112 sizeof( buf ), NULL,
113 buf ) );
114 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
115 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Thomas Daubneyc32e2b02021-05-13 17:03:47 +0100[diff] [blame^]116 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]117 sizeof( buf ), buf,
118 NULL ) );
119
120 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
121 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
122 NULL,
123 valid_mode,
124 sizeof( buf ), buf,
125 buf ) );
126 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
127 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
128 NULL,
129 invalid_mode,
130 sizeof( buf ), buf,
131 buf ) );
132 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
133 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
134 NULL,
135 valid_mode,
136 sizeof( buf ), NULL,
137 buf ) );
138 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
139 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
140 NULL,
141 valid_mode,
142 sizeof( buf ), buf,
143 NULL ) );
144
145 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
146 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
147 valid_mode,
148 buf, sizeof( buf ),
149 sizeof( buf ), buf,
150 buf ) );
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
153 invalid_mode,
154 buf, sizeof( buf ),
155 sizeof( buf ), buf,
156 buf ) );
157 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
158 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
159 valid_mode,
160 NULL, sizeof( buf ),
161 sizeof( buf ), buf,
162 buf ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
165 valid_mode,
166 buf, sizeof( buf ),
167 sizeof( buf ), NULL,
168 buf ) );
169 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
170 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
171 valid_mode,
172 buf, sizeof( buf ),
173 sizeof( buf ), buf,
174 NULL ) );
175
176 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
177 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]178 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]179 buf, buf, 42 ) );
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]182 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 buf, buf, 42 ) );
184 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
185 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]186 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]187 NULL, buf, 42 ) );
188 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
189 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]190 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]191 buf, NULL, 42 ) );
192
193 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
194 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]195 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]196 buf, buf, 42 ) );
197 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
198 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]199 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]200 buf, buf, 42 ) );
201 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
202 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]203 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]204 NULL, buf, 42 ) );
205 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
206 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]207 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]208 buf, NULL, 42 ) );
209
210 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
211 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]212 buf, sizeof( buf ),
213 &olen,
214 buf, buf, 42 ) );
215 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
216 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]217 NULL, sizeof( buf ),
218 NULL,
219 buf, buf, 42 ) );
220 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
221 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]222 buf, sizeof( buf ),
223 &olen,
224 NULL, buf, 42 ) );
225 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
226 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]227 buf, sizeof( buf ),
228 &olen,
229 buf, NULL, 42 ) );
230
231 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
232 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
233 valid_mode,
234 0, sizeof( buf ), buf,
235 buf ) );
236 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
237 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
238 invalid_mode,
239 0, sizeof( buf ), buf,
240 buf ) );
241 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
242 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
243 valid_mode,
244 0, sizeof( buf ), NULL,
245 buf ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
248 valid_mode,
249 0, sizeof( buf ), buf,
250 NULL ) );
251 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
252 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
253 valid_mode,
254 MBEDTLS_MD_SHA1,
255 0, NULL,
256 buf ) );
257
258 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
259 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
260 valid_mode,
261 0, sizeof( buf ), buf,
262 buf ) );
263 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
264 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
265 invalid_mode,
266 0, sizeof( buf ), buf,
267 buf ) );
268 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
269 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
270 valid_mode,
271 0, sizeof( buf ), NULL,
272 buf ) );
273 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
274 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
275 valid_mode,
276 0, sizeof( buf ), buf,
277 NULL ) );
278 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
279 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
280 valid_mode,
281 MBEDTLS_MD_SHA1,
282 0, NULL,
283 buf ) );
284
285 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
286 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
287 valid_mode,
288 0, sizeof( buf ), buf,
289 buf ) );
290 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
291 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
292 invalid_mode,
293 0, sizeof( buf ), buf,
294 buf ) );
295 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
296 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
297 valid_mode,
298 0, sizeof( buf ), NULL,
299 buf ) );
300 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
301 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
302 valid_mode,
303 0, sizeof( buf ), buf,
304 NULL ) );
305 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
306 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
307 valid_mode,
308 MBEDTLS_MD_SHA1,
309 0, NULL,
310 buf ) );
311
312 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]313 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
314 0, sizeof( buf ), buf,
315 MBEDTLS_RSA_SALT_LEN_ANY,
316 buf ) );
317 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
318 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
319 0, sizeof( buf ), NULL,
320 MBEDTLS_RSA_SALT_LEN_ANY,
321 buf ) );
322 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
323 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
324 0, sizeof( buf ), buf,
325 MBEDTLS_RSA_SALT_LEN_ANY,
326 NULL ) );
327 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
328 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
329 MBEDTLS_MD_SHA1,
330 0, NULL,
331 MBEDTLS_RSA_SALT_LEN_ANY,
332 buf ) );
333
334 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]335 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
336 valid_mode,
337 0, sizeof( buf ), buf,
338 buf ) );
339 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
340 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
341 invalid_mode,
342 0, sizeof( buf ), buf,
343 buf ) );
344 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
345 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
346 valid_mode,
347 0, sizeof( buf ), NULL,
348 buf ) );
349 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
350 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
351 valid_mode,
352 0, sizeof( buf ), buf,
353 NULL ) );
354 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
355 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
356 valid_mode,
357 MBEDTLS_MD_SHA1, 0, NULL,
358 buf ) );
359
360 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
361 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
362 NULL,
363 valid_mode,
364 0, sizeof( buf ), buf,
365 buf ) );
366 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
367 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
368 NULL,
369 invalid_mode,
370 0, sizeof( buf ), buf,
371 buf ) );
372 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
373 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
374 NULL,
375 valid_mode,
376 0, sizeof( buf ),
377 NULL, buf ) );
378 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
379 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
380 NULL,
381 valid_mode,
382 0, sizeof( buf ), buf,
383 NULL ) );
384 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
385 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
386 NULL,
387 valid_mode,
388 MBEDTLS_MD_SHA1,
389 0, NULL,
390 buf ) );
391
392 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
393 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
394 valid_mode,
395 0, sizeof( buf ),
396 buf, buf ) );
397 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
398 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
399 invalid_mode,
400 0, sizeof( buf ),
401 buf, buf ) );
402 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
403 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
404 valid_mode,
405 0, sizeof( buf ),
406 NULL, buf ) );
407 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
408 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
409 valid_mode,
410 0, sizeof( buf ),
411 buf, NULL ) );
412 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
413 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
414 valid_mode,
415 MBEDTLS_MD_SHA1,
416 0, NULL,
417 buf ) );
418
419 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
420 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
421 valid_mode,
422 0, sizeof( buf ),
423 buf,
424 0, 0,
425 buf ) );
426 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
427 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
428 invalid_mode,
429 0, sizeof( buf ),
430 buf,
431 0, 0,
432 buf ) );
433 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
434 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
435 valid_mode,
436 0, sizeof( buf ),
437 NULL, 0, 0,
438 buf ) );
439 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
440 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
441 valid_mode,
442 0, sizeof( buf ),
443 buf, 0, 0,
444 NULL ) );
445 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
446 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
447 valid_mode,
448 MBEDTLS_MD_SHA1,
449 0, NULL,
450 0, 0,
451 buf ) );
452
453 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
454 mbedtls_rsa_copy( NULL, &ctx ) );
455 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
456 mbedtls_rsa_copy( &ctx, NULL ) );
457
458exit:
459 return;
460}
461/* END_CASE */
462
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]463/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]464void rsa_init_free( int reinit )
465{
466 mbedtls_rsa_context ctx;
467
468 /* Double free is not explicitly documented to work, but we rely on it
469 * even inside the library so that you can call mbedtls_rsa_free()
470 * unconditionally on an error path without checking whether it has
471 * already been called in the success path. */
472
473 mbedtls_rsa_init( &ctx, 0, 0 );
474 mbedtls_rsa_free( &ctx );
475
476 if( reinit )
477 mbedtls_rsa_init( &ctx, 0, 0 );
478 mbedtls_rsa_free( &ctx );
479
480 /* This test case always succeeds, functionally speaking. A plausible
481 * bug might trigger an invalid pointer dereference or a memory leak. */
482 goto exit;
483}
484/* END_CASE */
485
486/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]487void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]488 int digest, int mod, int radix_P, char * input_P,
489 int radix_Q, char * input_Q, int radix_N,
490 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]491 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]492{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]493 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
494 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]495 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]496 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]497 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]498
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]499 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
500 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]502
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]503 memset( hash_result, 0x00, sizeof( hash_result ) );
504 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]505 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]506
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]507 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
508 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
509 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
510 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]511
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]512 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
513 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]514 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]515 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]516
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]517
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]518 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]519 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]520
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]521 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
522 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
523 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]524 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]525 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]527 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
528 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]529 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]530
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]531exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]532 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
533 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]534 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]535}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]536/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]537
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]538/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]539void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]540 int digest, int mod, int radix_N,
541 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]542 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]543{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]544 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]545 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]546
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]547 mbedtls_mpi N, E;
548
549 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]550 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]551 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]552
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]553 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
554 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
555 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
556 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]557 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]558
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]559
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]560 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]561 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]562
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]563 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]564
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]565exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]566 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]567 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]568}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]569/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]570
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]571
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]572/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]573void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]574 int padding_mode, int mod, int radix_P,
575 char * input_P, int radix_Q, char * input_Q,
576 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]577 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]578{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]579 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]580 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]581 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]582 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]583
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]584 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]585 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
586 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]587
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]588 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]589 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]590
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]591 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
592 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
593 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
594 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]595
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]596 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
597 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]598 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]599 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]600
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]601
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]602 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
603 &rnd_info, MBEDTLS_RSA_PRIVATE,
604 MBEDTLS_MD_NONE, hash_result->len,
605 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]606
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]607
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]608 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
609 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]610
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]611#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]612 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]614 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]615 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]616 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]617
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]618 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]619 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
620 MBEDTLS_RSA_PRIVATE, hash_result->len,
621 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]622
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]623#if !defined(MBEDTLS_RSA_ALT)
624 TEST_ASSERT( res == 0 );
625#else
626 TEST_ASSERT( ( res == 0 ) ||
TRodziewiczb579ccd2021-04-13 14:28:28 +0200[diff] [blame]627 ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]628#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]629
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]630 if( res == 0 )
631 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]632 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]633 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]634 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]635 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]636 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]637#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]638
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]639exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]640 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
641 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
642
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]643 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]644}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]645/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]646
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]647/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]648void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]649 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]650 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]651 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]652{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]653 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]654 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]655
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]656 mbedtls_mpi N, E;
657 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
658
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]659 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]660 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]661
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]662 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
663 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]664
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]665 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
666 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]667 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]668
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]669
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]670 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]671
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]672exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]673 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]674 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]675}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]676/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]677
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]678/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]679void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]680 int mod, int radix_N, char * input_N,
681 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]682 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]683{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]684 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]686 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]687
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]688 mbedtls_mpi N, E;
689 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
690
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]691 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]692
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]693 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]694 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]695
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]696 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
697 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]698
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]699 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
700 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]701 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]702
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]703
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]704 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
705 &mbedtls_test_rnd_pseudo_rand,
706 &rnd_info, MBEDTLS_RSA_PUBLIC,
707 message_str->len, message_str->x,
708 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]709 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]710 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]711
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]712 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
713 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]714 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]715
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]716exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]717 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]718 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]719}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]720/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]721
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]722/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]723void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]724 int mod, int radix_N, char * input_N,
725 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]726 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]727{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]728 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]729 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]730
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]731 mbedtls_mpi N, E;
732
733 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]734 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]735 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]736
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]737 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
738 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]739
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]740 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
741 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]742 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]743
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]744
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]745 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
746 NULL, MBEDTLS_RSA_PUBLIC,
747 message_str->len, message_str->x,
748 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]749 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]750 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]751
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]752 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
753 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]754 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]755
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]756exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]757 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]758 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]759}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]760/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]761
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]762/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]763void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]764 int mod, int radix_P, char * input_P,
765 int radix_Q, char * input_Q, int radix_N,
766 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]767 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]768 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]769{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]770 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]771 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]772 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]773 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]774 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]775
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]776 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
777 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
778
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]779 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]780
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]781 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]782 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]783
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]784
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]785 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
786 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
787 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
788 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]789
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]790 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
791 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]792 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]793 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]794
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]795 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]796
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]797 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]798 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]799 &output_len, message_str->x, output,
800 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]801 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]802 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]803
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]804 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]805 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]806 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]807 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]808
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]809exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]810 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
811 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]812 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]813}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]814/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]815
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]816/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]817void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]818 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]819 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]820{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]821 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]822 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]823
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]824 mbedtls_mpi N, E;
825
826 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]827 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
828 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]829 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]830
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]831 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
832 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]833
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]834 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
835 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]836 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]837
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]838
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]839 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]840 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]841 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]842
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]843 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
844 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]845 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]846
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]847 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]848 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]849 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]850 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]851
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]852 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]853
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]854 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]855 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]856 if( result == 0 )
857 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]858
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]859 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
860 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]861 }
862
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]863exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]864 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]865 mbedtls_rsa_free( &ctx );
866 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]867}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]868/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]869
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]870/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]871void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]872 char * input_P, int radix_Q, char * input_Q,
873 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]874 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]875 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]876{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]877 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]878 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]879 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]880 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]881 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]882
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]883 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
884 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]885 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
886 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]887
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]888 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]889
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]890 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
891 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
892 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
893 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]894
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]895 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
896 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]897 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]898 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]899
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]901 /* repeat three times to test updating of blinding values */
902 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]903 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]904 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]905 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
906 &rnd_info, message_str->x,
907 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]908 if( result == 0 )
909 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]910
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]911 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]912 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]913 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]914 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]915 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]916
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]917 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]918 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]919 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]920 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]921
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]922 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]923
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]924 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]925 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
926 &rnd_info, message_str->x,
927 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]928 if( result == 0 )
929 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]930
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]931 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]932 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]933 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]934 }
935
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]936exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]937 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
938 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
939
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]940 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]941}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]942/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]943
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]944/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]945void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]946{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947 mbedtls_rsa_context ctx;
948 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]949
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]950 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]951}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]952/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]953
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]954/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]955void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
956 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]957{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]958 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]959 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]960
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]961 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]962 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]963
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]964 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]965 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]966 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]967 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]968 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]969 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]970 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]971 }
972
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]973 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]974 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]975
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]976exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]977 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]978 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]979}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]980/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]981
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]982/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]983void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
984 int radix_Q, char * input_Q, int radix_N,
985 char * input_N, int radix_E, char * input_E,
986 int radix_D, char * input_D, int radix_DP,
987 char * input_DP, int radix_DQ,
988 char * input_DQ, int radix_QP,
989 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]990{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]991 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]992
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]993 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]994
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]995 ctx.len = mod / 8;
996 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]997 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]999 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1000 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1001 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1002 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1003 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1004 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1005 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1006 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1007 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1008 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1009 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1010 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1011 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1012 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1013 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1014 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1015 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1016#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1017 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1018 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1019 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1020 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1021 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1022 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1023 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1024 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1025 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1026 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1027 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1028 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1029#else
1030 ((void) radix_DP); ((void) input_DP);
1031 ((void) radix_DQ); ((void) input_DQ);
1032 ((void) radix_QP); ((void) input_QP);
1033#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1034
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1035 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1036
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1037exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1038 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1039}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1040/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1041
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1042/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1043void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1044 int radix_Epub, char * input_Epub, int radix_P,
1045 char * input_P, int radix_Q, char * input_Q,
1046 int radix_N, char * input_N, int radix_E,
1047 char * input_E, int radix_D, char * input_D,
1048 int radix_DP, char * input_DP, int radix_DQ,
1049 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1050 int result )
1051{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1052 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1053
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1054 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1055 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1056
1057 pub.len = mod / 8;
1058 prv.len = mod / 8;
1059
1060 if( strlen( input_Npub ) )
1061 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1062 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1063 }
1064 if( strlen( input_Epub ) )
1065 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1066 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1067 }
1068
1069 if( strlen( input_P ) )
1070 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1071 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1072 }
1073 if( strlen( input_Q ) )
1074 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1075 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1076 }
1077 if( strlen( input_N ) )
1078 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1079 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1080 }
1081 if( strlen( input_E ) )
1082 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1083 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1084 }
1085 if( strlen( input_D ) )
1086 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1087 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1088 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1089#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1090 if( strlen( input_DP ) )
1091 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1092 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1093 }
1094 if( strlen( input_DQ ) )
1095 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1096 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1097 }
1098 if( strlen( input_QP ) )
1099 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1100 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1101 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1102#else
1103 ((void) radix_DP); ((void) input_DP);
1104 ((void) radix_DQ); ((void) input_DQ);
1105 ((void) radix_QP); ((void) input_QP);
1106#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1107
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1108 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1109
1110exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1111 mbedtls_rsa_free( &pub );
1112 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1113}
1114/* END_CASE */
1115
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1116/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1117void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1118{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1119 mbedtls_rsa_context ctx;
1120 mbedtls_entropy_context entropy;
1121 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1122 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1123
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1124 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1125 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1126 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1127
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1128 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1129 &entropy, (const unsigned char *) pers,
1130 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1131
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1132 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1133 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1134 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1135 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1136 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1137 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1138
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1139exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1140 mbedtls_rsa_free( &ctx );
1141 mbedtls_ctr_drbg_free( &ctr_drbg );
1142 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1143}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1144/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1145
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1146/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1147void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1148 int radix_D, char *input_D,
1149 int radix_E, char *input_E,
1150 int radix_P, char *output_P,
1151 int radix_Q, char *output_Q,
1152 int corrupt, int result )
1153{
1154 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1155
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1156 mbedtls_mpi_init( &N );
1157 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1158 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1159 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1160
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1161 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1162 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1163 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1164 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1165 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1166
1167 if( corrupt )
1168 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1169
1170 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1171 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1172
1173 if( !corrupt )
1174 {
1175 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1176 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1177 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1178 }
1179
1180exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1181 mbedtls_mpi_free( &N );
1182 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1183 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1184 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1185}
1186/* END_CASE */
1187
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1188/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1189void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1190 int radix_Q, char *input_Q,
1191 int radix_E, char *input_E,
1192 int radix_D, char *output_D,
1193 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1194{
1195 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1196
1197 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1198 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1199 mbedtls_mpi_init( &E );
1200 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1201
1202 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1203 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1204 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1205 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1206
1207 if( corrupt )
1208 {
1209 /* Make E even */
1210 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1211 }
1212
1213 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1214 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1215 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1216
1217 if( !corrupt )
1218 {
1219 /*
1220 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1221 */
1222
1223 /* Replace P,Q by P-1, Q-1 */
1224 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1225 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1226
1227 /* Check D == Dp modulo P-1 */
1228 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1229 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1230 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1231
1232 /* Check D == Dp modulo Q-1 */
1233 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1234 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1235 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1236 }
1237
1238exit:
1239
1240 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1241 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1242 mbedtls_mpi_free( &E );
1243 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1244}
1245/* END_CASE */
1246
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1247/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1248void mbedtls_rsa_import( int radix_N, char *input_N,
1249 int radix_P, char *input_P,
1250 int radix_Q, char *input_Q,
1251 int radix_D, char *input_D,
1252 int radix_E, char *input_E,
1253 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1254 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1255 int res_check,
1256 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1257{
1258 mbedtls_mpi N, P, Q, D, E;
1259 mbedtls_rsa_context ctx;
1260
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1261 /* Buffers used for encryption-decryption test */
1262 unsigned char *buf_orig = NULL;
1263 unsigned char *buf_enc = NULL;
1264 unsigned char *buf_dec = NULL;
1265
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1266 mbedtls_entropy_context entropy;
1267 mbedtls_ctr_drbg_context ctr_drbg;
1268 const char *pers = "test_suite_rsa";
1269
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1270 const int have_N = ( strlen( input_N ) > 0 );
1271 const int have_P = ( strlen( input_P ) > 0 );
1272 const int have_Q = ( strlen( input_Q ) > 0 );
1273 const int have_D = ( strlen( input_D ) > 0 );
1274 const int have_E = ( strlen( input_E ) > 0 );
1275
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1276 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1277 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1278 mbedtls_rsa_init( &ctx, 0, 0 );
1279
1280 mbedtls_mpi_init( &N );
1281 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1282 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1283
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1284 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1285 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1286
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1287 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1288 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1289
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1290 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1291 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1292
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1293 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1294 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1295
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1296 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1297 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1298
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1299 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1300 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1301
1302 if( !successive )
1303 {
1304 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1305 have_N ? &N : NULL,
1306 have_P ? &P : NULL,
1307 have_Q ? &Q : NULL,
1308 have_D ? &D : NULL,
1309 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1310 }
1311 else
1312 {
1313 /* Import N, P, Q, D, E separately.
1314 * This should make no functional difference. */
1315
1316 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1317 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1318 NULL, NULL, NULL, NULL ) == 0 );
1319
1320 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1321 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1322 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1323 NULL, NULL, NULL ) == 0 );
1324
1325 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1326 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1327 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1328 NULL, NULL ) == 0 );
1329
1330 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1331 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1332 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1333 NULL ) == 0 );
1334
1335 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1336 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1337 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1338 }
1339
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1340 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1341
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1342 /* On expected success, perform some public and private
1343 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1344 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1345 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1346 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1347 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1348 else
1349 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1350
1351 if( res_check != 0 )
1352 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1353
1354 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1355 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1356 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1357 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1358 goto exit;
1359
1360 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1361 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1362
1363 /* Make sure the number we're generating is smaller than the modulus */
1364 buf_orig[0] = 0x00;
1365
1366 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1367
1368 if( is_priv )
1369 {
1370 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1371 &ctr_drbg, buf_enc,
1372 buf_dec ) == 0 );
1373
1374 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1375 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1376 }
1377 }
1378
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1379exit:
1380
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1381 mbedtls_free( buf_orig );
1382 mbedtls_free( buf_enc );
1383 mbedtls_free( buf_dec );
1384
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1385 mbedtls_rsa_free( &ctx );
1386
1387 mbedtls_ctr_drbg_free( &ctr_drbg );
1388 mbedtls_entropy_free( &entropy );
1389
1390 mbedtls_mpi_free( &N );
1391 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1392 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1393}
1394/* END_CASE */
1395
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1396/* BEGIN_CASE */
1397void mbedtls_rsa_export( int radix_N, char *input_N,
1398 int radix_P, char *input_P,
1399 int radix_Q, char *input_Q,
1400 int radix_D, char *input_D,
1401 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1402 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1403 int successive )
1404{
1405 /* Original MPI's with which we set up the RSA context */
1406 mbedtls_mpi N, P, Q, D, E;
1407
1408 /* Exported MPI's */
1409 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1410
1411 const int have_N = ( strlen( input_N ) > 0 );
1412 const int have_P = ( strlen( input_P ) > 0 );
1413 const int have_Q = ( strlen( input_Q ) > 0 );
1414 const int have_D = ( strlen( input_D ) > 0 );
1415 const int have_E = ( strlen( input_E ) > 0 );
1416
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1417 mbedtls_rsa_context ctx;
1418
1419 mbedtls_rsa_init( &ctx, 0, 0 );
1420
1421 mbedtls_mpi_init( &N );
1422 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1423 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1424
1425 mbedtls_mpi_init( &Ne );
1426 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1427 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1428
1429 /* Setup RSA context */
1430
1431 if( have_N )
1432 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1433
1434 if( have_P )
1435 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1436
1437 if( have_Q )
1438 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1439
1440 if( have_D )
1441 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1442
1443 if( have_E )
1444 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1445
1446 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1447 strlen( input_N ) ? &N : NULL,
1448 strlen( input_P ) ? &P : NULL,
1449 strlen( input_Q ) ? &Q : NULL,
1450 strlen( input_D ) ? &D : NULL,
1451 strlen( input_E ) ? &E : NULL ) == 0 );
1452
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1453 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1454
1455 /*
1456 * Export parameters and compare to original ones.
1457 */
1458
1459 /* N and E must always be present. */
1460 if( !successive )
1461 {
1462 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1463 }
1464 else
1465 {
1466 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1467 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1468 }
1469 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1470 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1471
1472 /* If we were providing enough information to setup a complete private context,
1473 * we expect to be able to export all core parameters. */
1474
1475 if( is_priv )
1476 {
1477 if( !successive )
1478 {
1479 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1480 &De, NULL ) == 0 );
1481 }
1482 else
1483 {
1484 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1485 NULL, NULL ) == 0 );
1486 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1487 NULL, NULL ) == 0 );
1488 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1489 &De, NULL ) == 0 );
1490 }
1491
1492 if( have_P )
1493 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1494
1495 if( have_Q )
1496 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1497
1498 if( have_D )
1499 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1500
1501 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1502 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1503 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1504 }
1505
1506exit:
1507
1508 mbedtls_rsa_free( &ctx );
1509
1510 mbedtls_mpi_free( &N );
1511 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1512 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1513
1514 mbedtls_mpi_free( &Ne );
1515 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1516 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1517}
1518/* END_CASE */
1519
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1520/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1521void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1522 int radix_P, char *input_P,
1523 int radix_Q, char *input_Q,
1524 int radix_D, char *input_D,
1525 int radix_E, char *input_E,
1526 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1527{
1528 /* Original MPI's with which we set up the RSA context */
1529 mbedtls_mpi N, P, Q, D, E;
1530
1531 const int have_N = ( strlen( input_N ) > 0 );
1532 const int have_P = ( strlen( input_P ) > 0 );
1533 const int have_Q = ( strlen( input_Q ) > 0 );
1534 const int have_D = ( strlen( input_D ) > 0 );
1535 const int have_E = ( strlen( input_E ) > 0 );
1536
1537 mbedtls_entropy_context entropy;
1538 mbedtls_ctr_drbg_context ctr_drbg;
1539 const char *pers = "test_suite_rsa";
1540
1541 mbedtls_mpi_init( &N );
1542 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1543 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1544
1545 mbedtls_ctr_drbg_init( &ctr_drbg );
1546 mbedtls_entropy_init( &entropy );
1547 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1548 &entropy, (const unsigned char *) pers,
1549 strlen( pers ) ) == 0 );
1550
1551 if( have_N )
1552 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1553
1554 if( have_P )
1555 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1556
1557 if( have_Q )
1558 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1559
1560 if( have_D )
1561 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1562
1563 if( have_E )
1564 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1565
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1566 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1567 have_P ? &P : NULL,
1568 have_Q ? &Q : NULL,
1569 have_D ? &D : NULL,
1570 have_E ? &E : NULL,
1571 prng ? mbedtls_ctr_drbg_random : NULL,
1572 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1573exit:
1574
1575 mbedtls_ctr_drbg_free( &ctr_drbg );
1576 mbedtls_entropy_free( &entropy );
1577
1578 mbedtls_mpi_free( &N );
1579 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1580 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1581}
1582/* END_CASE */
1583
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1584/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1585void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1586 data_t *input_Q, data_t *input_D,
1587 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1588 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1589{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1590 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1591 unsigned char bufNe[256];
1592 unsigned char bufPe[128];
1593 unsigned char bufQe[128];
1594 unsigned char bufDe[256];
1595 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1596
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1597 mbedtls_rsa_context ctx;
1598
1599 mbedtls_rsa_init( &ctx, 0, 0 );
1600
1601 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1602 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1603 input_N->len ? input_N->x : NULL, input_N->len,
1604 input_P->len ? input_P->x : NULL, input_P->len,
1605 input_Q->len ? input_Q->x : NULL, input_Q->len,
1606 input_D->len ? input_D->x : NULL, input_D->len,
1607 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1608
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1609 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1610
1611 /*
1612 * Export parameters and compare to original ones.
1613 */
1614
1615 /* N and E must always be present. */
1616 if( !successive )
1617 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1618 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1619 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1620 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1621 }
1622 else
1623 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1624 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1625 NULL, 0, NULL, 0, NULL, 0,
1626 NULL, 0 ) == 0 );
1627 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1628 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1629 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1630 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1631 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1632 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1633
1634 /* If we were providing enough information to setup a complete private context,
1635 * we expect to be able to export all core parameters. */
1636
1637 if( is_priv )
1638 {
1639 if( !successive )
1640 {
1641 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1642 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1643 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1644 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1645 NULL, 0 ) == 0 );
1646 }
1647 else
1648 {
1649 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1650 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1651 NULL, 0, NULL, 0,
1652 NULL, 0 ) == 0 );
1653
1654 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1655 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1656 NULL, 0, NULL, 0 ) == 0 );
1657
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1658 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1659 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1660 NULL, 0 ) == 0 );
1661 }
1662
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1663 if( input_P->len )
1664 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1665
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1666 if( input_Q->len )
1667 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1668
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1669 if( input_D->len )
1670 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1671
1672 }
1673
1674exit:
1675 mbedtls_rsa_free( &ctx );
1676}
1677/* END_CASE */
1678
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1679/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1680void mbedtls_rsa_import_raw( data_t *input_N,
1681 data_t *input_P, data_t *input_Q,
1682 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1683 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1684 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1685 int res_check,
1686 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1687{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1688 /* Buffers used for encryption-decryption test */
1689 unsigned char *buf_orig = NULL;
1690 unsigned char *buf_enc = NULL;
1691 unsigned char *buf_dec = NULL;
1692
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1693 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1694 mbedtls_entropy_context entropy;
1695 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1696
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1697 const char *pers = "test_suite_rsa";
1698
1699 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1700 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1701 mbedtls_rsa_init( &ctx, 0, 0 );
1702
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1703 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1704 &entropy, (const unsigned char *) pers,
1705 strlen( pers ) ) == 0 );
1706
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1707 if( !successive )
1708 {
1709 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1710 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1711 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1712 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1713 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1714 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1715 }
1716 else
1717 {
1718 /* Import N, P, Q, D, E separately.
1719 * This should make no functional difference. */
1720
1721 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1722 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1723 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1724
1725 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1726 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1727 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1728 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1729
1730 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1731 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1732 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1733 NULL, 0, NULL, 0 ) == 0 );
1734
1735 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1736 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1737 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1738 NULL, 0 ) == 0 );
1739
1740 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1741 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1742 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1743 }
1744
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1745 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1746
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1747 /* On expected success, perform some public and private
1748 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1749 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1750 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1751 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1752 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1753 else
1754 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1755
1756 if( res_check != 0 )
1757 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1758
1759 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1760 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1761 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1762 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1763 goto exit;
1764
1765 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1766 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1767
1768 /* Make sure the number we're generating is smaller than the modulus */
1769 buf_orig[0] = 0x00;
1770
1771 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1772
1773 if( is_priv )
1774 {
1775 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1776 &ctr_drbg, buf_enc,
1777 buf_dec ) == 0 );
1778
1779 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1780 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1781 }
1782 }
1783
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1784exit:
1785
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1786 mbedtls_free( buf_orig );
1787 mbedtls_free( buf_enc );
1788 mbedtls_free( buf_dec );
1789
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1790 mbedtls_rsa_free( &ctx );
1791
1792 mbedtls_ctr_drbg_free( &ctr_drbg );
1793 mbedtls_entropy_free( &entropy );
1794
1795}
1796/* END_CASE */
1797
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1798/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1799void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1800{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1801 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1802}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1803/* END_CASE */