TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 2177277ddab7896b295205ed5d5e15180b6aca08 / . / tests / suites / test_suite_rsa.function
blob: c051ed3504a4ef69b3a2bc2feea4089b86cbb3f7 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 sizeof( buf ), NULL,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 sizeof( buf ), buf,
115 NULL ) );
116
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
119 NULL,
120 valid_mode,
121 sizeof( buf ), buf,
122 buf ) );
123 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
124 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
125 NULL,
126 invalid_mode,
127 sizeof( buf ), buf,
128 buf ) );
129 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
130 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
131 NULL,
132 valid_mode,
133 sizeof( buf ), NULL,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
137 NULL,
138 valid_mode,
139 sizeof( buf ), buf,
140 NULL ) );
141
142 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
143 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
144 valid_mode,
145 buf, sizeof( buf ),
146 sizeof( buf ), buf,
147 buf ) );
148 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
149 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
150 invalid_mode,
151 buf, sizeof( buf ),
152 sizeof( buf ), buf,
153 buf ) );
154 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
155 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
156 valid_mode,
157 NULL, sizeof( buf ),
158 sizeof( buf ), buf,
159 buf ) );
160 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
161 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
162 valid_mode,
163 buf, sizeof( buf ),
164 sizeof( buf ), NULL,
165 buf ) );
166 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
167 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
168 valid_mode,
169 buf, sizeof( buf ),
170 sizeof( buf ), buf,
171 NULL ) );
172
173 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
174 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]175 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]176 buf, buf, 42 ) );
177 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
178 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]179 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]180 buf, buf, 42 ) );
181 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
182 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]183 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]184 NULL, buf, 42 ) );
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]187 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]188 buf, NULL, 42 ) );
189
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]192 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]193 buf, buf, 42 ) );
194 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
195 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]196 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]197 buf, buf, 42 ) );
198 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
199 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]200 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]201 NULL, buf, 42 ) );
202 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
203 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]204 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]205 buf, NULL, 42 ) );
206
207 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
208 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]209 buf, sizeof( buf ),
210 &olen,
211 buf, buf, 42 ) );
212 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
213 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]214 NULL, sizeof( buf ),
215 NULL,
216 buf, buf, 42 ) );
217 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
218 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]219 buf, sizeof( buf ),
220 &olen,
221 NULL, buf, 42 ) );
222 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
223 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]224 buf, sizeof( buf ),
225 &olen,
226 buf, NULL, 42 ) );
227
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
230 valid_mode,
231 0, sizeof( buf ), buf,
232 buf ) );
233 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
234 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
235 invalid_mode,
236 0, sizeof( buf ), buf,
237 buf ) );
238 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
239 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
240 valid_mode,
241 0, sizeof( buf ), NULL,
242 buf ) );
243 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
244 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
245 valid_mode,
246 0, sizeof( buf ), buf,
247 NULL ) );
248 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
249 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
250 valid_mode,
251 MBEDTLS_MD_SHA1,
252 0, NULL,
253 buf ) );
254
255 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
256 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
257 valid_mode,
258 0, sizeof( buf ), buf,
259 buf ) );
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
261 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
262 invalid_mode,
263 0, sizeof( buf ), buf,
264 buf ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
267 valid_mode,
268 0, sizeof( buf ), NULL,
269 buf ) );
270 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
271 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
272 valid_mode,
273 0, sizeof( buf ), buf,
274 NULL ) );
275 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
276 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
277 valid_mode,
278 MBEDTLS_MD_SHA1,
279 0, NULL,
280 buf ) );
281
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
283 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
284 valid_mode,
285 0, sizeof( buf ), buf,
286 buf ) );
287 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
288 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
289 invalid_mode,
290 0, sizeof( buf ), buf,
291 buf ) );
292 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
293 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
294 valid_mode,
295 0, sizeof( buf ), NULL,
296 buf ) );
297 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
298 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
299 valid_mode,
300 0, sizeof( buf ), buf,
301 NULL ) );
302 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
303 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
304 valid_mode,
305 MBEDTLS_MD_SHA1,
306 0, NULL,
307 buf ) );
308
309 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]310 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
311 0, sizeof( buf ), buf,
312 MBEDTLS_RSA_SALT_LEN_ANY,
313 buf ) );
314 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
315 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
316 0, sizeof( buf ), NULL,
317 MBEDTLS_RSA_SALT_LEN_ANY,
318 buf ) );
319 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
320 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
321 0, sizeof( buf ), buf,
322 MBEDTLS_RSA_SALT_LEN_ANY,
323 NULL ) );
324 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
325 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
326 MBEDTLS_MD_SHA1,
327 0, NULL,
328 MBEDTLS_RSA_SALT_LEN_ANY,
329 buf ) );
330
331 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]332 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
333 valid_mode,
334 0, sizeof( buf ), buf,
335 buf ) );
336 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
337 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
338 invalid_mode,
339 0, sizeof( buf ), buf,
340 buf ) );
341 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
342 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
343 valid_mode,
344 0, sizeof( buf ), NULL,
345 buf ) );
346 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
347 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
348 valid_mode,
349 0, sizeof( buf ), buf,
350 NULL ) );
351 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
352 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
353 valid_mode,
354 MBEDTLS_MD_SHA1, 0, NULL,
355 buf ) );
356
357 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
358 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
359 NULL,
360 valid_mode,
361 0, sizeof( buf ), buf,
362 buf ) );
363 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
364 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
365 NULL,
366 invalid_mode,
367 0, sizeof( buf ), buf,
368 buf ) );
369 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
370 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
371 NULL,
372 valid_mode,
373 0, sizeof( buf ),
374 NULL, buf ) );
375 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
376 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
377 NULL,
378 valid_mode,
379 0, sizeof( buf ), buf,
380 NULL ) );
381 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
382 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
383 NULL,
384 valid_mode,
385 MBEDTLS_MD_SHA1,
386 0, NULL,
387 buf ) );
388
389 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
390 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
391 valid_mode,
392 0, sizeof( buf ),
393 buf, buf ) );
394 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
395 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
396 invalid_mode,
397 0, sizeof( buf ),
398 buf, buf ) );
399 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
400 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
401 valid_mode,
402 0, sizeof( buf ),
403 NULL, buf ) );
404 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
405 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
406 valid_mode,
407 0, sizeof( buf ),
408 buf, NULL ) );
409 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
410 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
411 valid_mode,
412 MBEDTLS_MD_SHA1,
413 0, NULL,
414 buf ) );
415
416 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
417 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
418 valid_mode,
419 0, sizeof( buf ),
420 buf,
421 0, 0,
422 buf ) );
423 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
424 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
425 invalid_mode,
426 0, sizeof( buf ),
427 buf,
428 0, 0,
429 buf ) );
430 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
431 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
432 valid_mode,
433 0, sizeof( buf ),
434 NULL, 0, 0,
435 buf ) );
436 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
437 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
438 valid_mode,
439 0, sizeof( buf ),
440 buf, 0, 0,
441 NULL ) );
442 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
443 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
444 valid_mode,
445 MBEDTLS_MD_SHA1,
446 0, NULL,
447 0, 0,
448 buf ) );
449
450 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
451 mbedtls_rsa_copy( NULL, &ctx ) );
452 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
453 mbedtls_rsa_copy( &ctx, NULL ) );
454
455exit:
456 return;
457}
458/* END_CASE */
459
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]460/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]461void rsa_init_free( int reinit )
462{
463 mbedtls_rsa_context ctx;
464
465 /* Double free is not explicitly documented to work, but we rely on it
466 * even inside the library so that you can call mbedtls_rsa_free()
467 * unconditionally on an error path without checking whether it has
468 * already been called in the success path. */
469
470 mbedtls_rsa_init( &ctx, 0, 0 );
471 mbedtls_rsa_free( &ctx );
472
473 if( reinit )
474 mbedtls_rsa_init( &ctx, 0, 0 );
475 mbedtls_rsa_free( &ctx );
476
477 /* This test case always succeeds, functionally speaking. A plausible
478 * bug might trigger an invalid pointer dereference or a memory leak. */
479 goto exit;
480}
481/* END_CASE */
482
483/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]484void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]485 int digest, int mod, int radix_P, char * input_P,
486 int radix_Q, char * input_Q, int radix_N,
487 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]488 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]489{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]490 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
491 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]492 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]493 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]494 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]495
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]496 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
497 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]498 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]499
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]500 memset( hash_result, 0x00, sizeof( hash_result ) );
501 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]502 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]504 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
505 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
506 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
507 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]508
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]509 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
510 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]511 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]512 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]513
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]514
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]515 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]516 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]517
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]518 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
519 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
520 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]521 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]522 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]523
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]524 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
525 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]526 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]527
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]528exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]529 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
530 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]531 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]532}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]533/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]534
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]535/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]536void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]537 int digest, int mod, int radix_N,
538 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]539 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]540{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]541 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]542 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]543
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]544 mbedtls_mpi N, E;
545
546 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]547 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]548 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]549
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]550 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
551 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
552 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
553 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]554 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]555
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]556
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]557 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]558 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]559
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]560 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]561
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]562exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]563 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]564 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]565}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]566/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]567
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]568
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]569/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]570void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]571 int padding_mode, int mod, int radix_P,
572 char * input_P, int radix_Q, char * input_Q,
573 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]574 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]575{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]576 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]577 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]578 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]579 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]580
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]581 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]582 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
583 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]585 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]586 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]587
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]588 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
589 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
590 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
591 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]593 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
594 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]595 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]596 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]597
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]598
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]599 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
600 &rnd_info, MBEDTLS_RSA_PRIVATE,
601 MBEDTLS_MD_NONE, hash_result->len,
602 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]603
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]604
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]605 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
606 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]607
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]608#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]609 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]610 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]611 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]612 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]613 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]614
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]615 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]616 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
617 MBEDTLS_RSA_PRIVATE, hash_result->len,
618 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]619
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]620#if !defined(MBEDTLS_RSA_ALT)
621 TEST_ASSERT( res == 0 );
622#else
623 TEST_ASSERT( ( res == 0 ) ||
TRodziewiczb579ccd2021-04-13 14:28:28 +0200[diff] [blame]624 ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]625#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]626
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]627 if( res == 0 )
628 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]629 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]630 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]631 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]632 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]633 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]634#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]635
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]636exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]637 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
638 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
639
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]640 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]641}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]642/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]643
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]644/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]645void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]646 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]647 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]648 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]649{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]650 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]651 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]652
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]653 mbedtls_mpi N, E;
654 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
655
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]656 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]657 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]658
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]659 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
660 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]661
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]662 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
663 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]665
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]666
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]667 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]668
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]669exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]670 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]671 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]672}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]673/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]674
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]675/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]676void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]677 int mod, int radix_N, char * input_N,
678 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]679 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]680{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]681 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]682 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]683 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]684
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]685 mbedtls_mpi N, E;
686 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
687
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]688 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]689
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]690 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]691 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]692
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]693 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
694 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]695
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]696 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
697 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]698 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]699
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]700
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]701 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
702 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame^]703 &rnd_info, message_str->len,
704 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]705 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]706 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]707 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]708
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]709 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
710 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]711 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]712
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]713exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]714 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]716}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]717/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]718
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]719/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]720void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]721 int mod, int radix_N, char * input_N,
722 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]723 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]724{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]725 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]726 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]727
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]728 mbedtls_mpi N, E;
729
730 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]731 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]732 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]733
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]734 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
735 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]736
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]737 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
738 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]739 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]740
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]741
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]742 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame^]743 NULL, message_str->len,
744 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]745 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]746 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]747 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]748
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]749 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
750 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]751 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]752
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]753exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]754 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]755 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]756}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]757/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]758
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]759/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]760void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]761 int mod, int radix_P, char * input_P,
762 int radix_Q, char * input_Q, int radix_N,
763 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]764 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]765 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]766{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]767 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]768 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]769 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]770 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]771 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]772
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]773 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
774 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
775
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]776 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]777
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]778 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]779 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]780
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]781
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]782 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
783 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
784 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
785 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]786
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]787 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
788 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]789 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]790 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]791
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]792 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]793
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]794 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]795 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]796 &output_len, message_str->x, output,
797 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]798 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]799 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]800
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]801 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]802 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]803 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]804 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]805
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]806exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]807 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
808 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]809 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]810}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]811/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]812
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]813/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]814void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]815 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]816 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]817{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]818 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]819 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]820
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]821 mbedtls_mpi N, E;
822
823 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]824 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
825 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]826 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]827
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]828 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
829 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]830
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]831 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
832 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]833 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]834
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]835
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]836 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]837 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]838 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]839
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]840 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
841 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]842 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]843
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]844 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]845 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]846 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]847 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]848
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]849 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]850
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]851 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]852 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]853 if( result == 0 )
854 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]855
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]856 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
857 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]858 }
859
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]860exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]861 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]862 mbedtls_rsa_free( &ctx );
863 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]864}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]865/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]866
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]867/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]868void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]869 char * input_P, int radix_Q, char * input_Q,
870 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]871 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]872 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]873{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]874 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]875 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]876 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]877 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]878 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]879
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]880 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
881 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]882 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
883 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]884
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]885 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]886
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]887 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
888 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
889 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
890 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]891
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]892 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
893 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]894 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]896
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]897
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]898 /* repeat three times to test updating of blinding values */
899 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]901 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]902 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
903 &rnd_info, message_str->x,
904 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]905 if( result == 0 )
906 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]907
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]908 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]909 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]910 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]911 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]912 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]913
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]914 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]915 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]916 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]917 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]918
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]919 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]920
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]921 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]922 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
923 &rnd_info, message_str->x,
924 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]925 if( result == 0 )
926 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]927
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]928 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]929 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]930 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]931 }
932
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]933exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]934 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
935 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
936
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]937 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]938}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]939/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]940
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]941/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]942void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]943{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]944 mbedtls_rsa_context ctx;
945 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]946
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]948}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]949/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]950
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]951/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]952void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
953 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]954{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]956 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]957
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]958 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]960
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]961 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]962 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]963 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]964 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]965 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]966 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]967 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]968 }
969
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]970 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]972
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]973exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]974 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]975 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]976}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]977/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]978
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]979/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]980void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
981 int radix_Q, char * input_Q, int radix_N,
982 char * input_N, int radix_E, char * input_E,
983 int radix_D, char * input_D, int radix_DP,
984 char * input_DP, int radix_DQ,
985 char * input_DQ, int radix_QP,
986 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]987{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]988 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]989
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]990 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]991
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]992 ctx.len = mod / 8;
993 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]994 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]995 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]996 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]997 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]998 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]999 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1000 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1001 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1002 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1004 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1005 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1006 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1007 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1008 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1009 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1010 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1011 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1012 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1013#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1014 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1015 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1016 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1017 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1018 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1019 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1021 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1022 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1023 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1025 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1026#else
1027 ((void) radix_DP); ((void) input_DP);
1028 ((void) radix_DQ); ((void) input_DQ);
1029 ((void) radix_QP); ((void) input_QP);
1030#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1031
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1032 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1033
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1034exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1035 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1036}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1037/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1038
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1039/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1040void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1041 int radix_Epub, char * input_Epub, int radix_P,
1042 char * input_P, int radix_Q, char * input_Q,
1043 int radix_N, char * input_N, int radix_E,
1044 char * input_E, int radix_D, char * input_D,
1045 int radix_DP, char * input_DP, int radix_DQ,
1046 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1047 int result )
1048{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1049 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1050
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1051 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1052 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1053
1054 pub.len = mod / 8;
1055 prv.len = mod / 8;
1056
1057 if( strlen( input_Npub ) )
1058 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1060 }
1061 if( strlen( input_Epub ) )
1062 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1063 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1064 }
1065
1066 if( strlen( input_P ) )
1067 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1068 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1069 }
1070 if( strlen( input_Q ) )
1071 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1072 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1073 }
1074 if( strlen( input_N ) )
1075 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1076 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1077 }
1078 if( strlen( input_E ) )
1079 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1080 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1081 }
1082 if( strlen( input_D ) )
1083 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1084 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1085 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1086#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1087 if( strlen( input_DP ) )
1088 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1089 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1090 }
1091 if( strlen( input_DQ ) )
1092 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1093 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1094 }
1095 if( strlen( input_QP ) )
1096 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1097 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1098 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1099#else
1100 ((void) radix_DP); ((void) input_DP);
1101 ((void) radix_DQ); ((void) input_DQ);
1102 ((void) radix_QP); ((void) input_QP);
1103#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1104
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1105 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1106
1107exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1108 mbedtls_rsa_free( &pub );
1109 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1110}
1111/* END_CASE */
1112
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1113/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1114void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1115{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1116 mbedtls_rsa_context ctx;
1117 mbedtls_entropy_context entropy;
1118 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1119 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1120
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1121 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1122 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1123 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1124
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1125 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1126 &entropy, (const unsigned char *) pers,
1127 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1128
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1129 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1130 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1131 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1132 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1133 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1134 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1135
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1136exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1137 mbedtls_rsa_free( &ctx );
1138 mbedtls_ctr_drbg_free( &ctr_drbg );
1139 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1140}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1141/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1142
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1143/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1144void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1145 int radix_D, char *input_D,
1146 int radix_E, char *input_E,
1147 int radix_P, char *output_P,
1148 int radix_Q, char *output_Q,
1149 int corrupt, int result )
1150{
1151 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1152
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1153 mbedtls_mpi_init( &N );
1154 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1155 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1156 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1157
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1158 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1159 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1160 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1161 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1162 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1163
1164 if( corrupt )
1165 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1166
1167 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1168 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1169
1170 if( !corrupt )
1171 {
1172 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1173 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1174 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1175 }
1176
1177exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1178 mbedtls_mpi_free( &N );
1179 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1180 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1181 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1182}
1183/* END_CASE */
1184
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1185/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1186void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1187 int radix_Q, char *input_Q,
1188 int radix_E, char *input_E,
1189 int radix_D, char *output_D,
1190 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1191{
1192 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1193
1194 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1195 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1196 mbedtls_mpi_init( &E );
1197 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1198
1199 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1200 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1201 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1202 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1203
1204 if( corrupt )
1205 {
1206 /* Make E even */
1207 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1208 }
1209
1210 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1211 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1212 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1213
1214 if( !corrupt )
1215 {
1216 /*
1217 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1218 */
1219
1220 /* Replace P,Q by P-1, Q-1 */
1221 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1222 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1223
1224 /* Check D == Dp modulo P-1 */
1225 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1226 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1227 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1228
1229 /* Check D == Dp modulo Q-1 */
1230 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1231 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1232 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1233 }
1234
1235exit:
1236
1237 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1238 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1239 mbedtls_mpi_free( &E );
1240 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1241}
1242/* END_CASE */
1243
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1244/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1245void mbedtls_rsa_import( int radix_N, char *input_N,
1246 int radix_P, char *input_P,
1247 int radix_Q, char *input_Q,
1248 int radix_D, char *input_D,
1249 int radix_E, char *input_E,
1250 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1251 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1252 int res_check,
1253 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1254{
1255 mbedtls_mpi N, P, Q, D, E;
1256 mbedtls_rsa_context ctx;
1257
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1258 /* Buffers used for encryption-decryption test */
1259 unsigned char *buf_orig = NULL;
1260 unsigned char *buf_enc = NULL;
1261 unsigned char *buf_dec = NULL;
1262
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1263 mbedtls_entropy_context entropy;
1264 mbedtls_ctr_drbg_context ctr_drbg;
1265 const char *pers = "test_suite_rsa";
1266
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1267 const int have_N = ( strlen( input_N ) > 0 );
1268 const int have_P = ( strlen( input_P ) > 0 );
1269 const int have_Q = ( strlen( input_Q ) > 0 );
1270 const int have_D = ( strlen( input_D ) > 0 );
1271 const int have_E = ( strlen( input_E ) > 0 );
1272
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1273 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1274 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1275 mbedtls_rsa_init( &ctx, 0, 0 );
1276
1277 mbedtls_mpi_init( &N );
1278 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1279 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1280
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1281 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1282 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1283
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1284 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1285 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1286
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1287 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1288 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1289
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1290 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1291 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1292
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1293 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1294 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1295
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1296 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1297 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1298
1299 if( !successive )
1300 {
1301 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1302 have_N ? &N : NULL,
1303 have_P ? &P : NULL,
1304 have_Q ? &Q : NULL,
1305 have_D ? &D : NULL,
1306 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1307 }
1308 else
1309 {
1310 /* Import N, P, Q, D, E separately.
1311 * This should make no functional difference. */
1312
1313 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1314 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1315 NULL, NULL, NULL, NULL ) == 0 );
1316
1317 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1318 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1319 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1320 NULL, NULL, NULL ) == 0 );
1321
1322 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1323 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1324 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1325 NULL, NULL ) == 0 );
1326
1327 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1328 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1329 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1330 NULL ) == 0 );
1331
1332 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1333 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1334 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1335 }
1336
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1337 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1338
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1339 /* On expected success, perform some public and private
1340 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1341 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1342 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1343 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1344 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1345 else
1346 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1347
1348 if( res_check != 0 )
1349 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1350
1351 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1352 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1353 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1354 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1355 goto exit;
1356
1357 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1358 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1359
1360 /* Make sure the number we're generating is smaller than the modulus */
1361 buf_orig[0] = 0x00;
1362
1363 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1364
1365 if( is_priv )
1366 {
1367 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1368 &ctr_drbg, buf_enc,
1369 buf_dec ) == 0 );
1370
1371 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1372 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1373 }
1374 }
1375
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1376exit:
1377
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1378 mbedtls_free( buf_orig );
1379 mbedtls_free( buf_enc );
1380 mbedtls_free( buf_dec );
1381
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1382 mbedtls_rsa_free( &ctx );
1383
1384 mbedtls_ctr_drbg_free( &ctr_drbg );
1385 mbedtls_entropy_free( &entropy );
1386
1387 mbedtls_mpi_free( &N );
1388 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1389 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1390}
1391/* END_CASE */
1392
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1393/* BEGIN_CASE */
1394void mbedtls_rsa_export( int radix_N, char *input_N,
1395 int radix_P, char *input_P,
1396 int radix_Q, char *input_Q,
1397 int radix_D, char *input_D,
1398 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1399 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1400 int successive )
1401{
1402 /* Original MPI's with which we set up the RSA context */
1403 mbedtls_mpi N, P, Q, D, E;
1404
1405 /* Exported MPI's */
1406 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1407
1408 const int have_N = ( strlen( input_N ) > 0 );
1409 const int have_P = ( strlen( input_P ) > 0 );
1410 const int have_Q = ( strlen( input_Q ) > 0 );
1411 const int have_D = ( strlen( input_D ) > 0 );
1412 const int have_E = ( strlen( input_E ) > 0 );
1413
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1414 mbedtls_rsa_context ctx;
1415
1416 mbedtls_rsa_init( &ctx, 0, 0 );
1417
1418 mbedtls_mpi_init( &N );
1419 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1420 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1421
1422 mbedtls_mpi_init( &Ne );
1423 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1424 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1425
1426 /* Setup RSA context */
1427
1428 if( have_N )
1429 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1430
1431 if( have_P )
1432 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1433
1434 if( have_Q )
1435 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1436
1437 if( have_D )
1438 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1439
1440 if( have_E )
1441 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1442
1443 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1444 strlen( input_N ) ? &N : NULL,
1445 strlen( input_P ) ? &P : NULL,
1446 strlen( input_Q ) ? &Q : NULL,
1447 strlen( input_D ) ? &D : NULL,
1448 strlen( input_E ) ? &E : NULL ) == 0 );
1449
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1450 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1451
1452 /*
1453 * Export parameters and compare to original ones.
1454 */
1455
1456 /* N and E must always be present. */
1457 if( !successive )
1458 {
1459 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1460 }
1461 else
1462 {
1463 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1464 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1465 }
1466 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1467 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1468
1469 /* If we were providing enough information to setup a complete private context,
1470 * we expect to be able to export all core parameters. */
1471
1472 if( is_priv )
1473 {
1474 if( !successive )
1475 {
1476 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1477 &De, NULL ) == 0 );
1478 }
1479 else
1480 {
1481 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1482 NULL, NULL ) == 0 );
1483 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1484 NULL, NULL ) == 0 );
1485 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1486 &De, NULL ) == 0 );
1487 }
1488
1489 if( have_P )
1490 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1491
1492 if( have_Q )
1493 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1494
1495 if( have_D )
1496 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1497
1498 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1499 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1500 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1501 }
1502
1503exit:
1504
1505 mbedtls_rsa_free( &ctx );
1506
1507 mbedtls_mpi_free( &N );
1508 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1509 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1510
1511 mbedtls_mpi_free( &Ne );
1512 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1513 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1514}
1515/* END_CASE */
1516
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1517/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1518void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1519 int radix_P, char *input_P,
1520 int radix_Q, char *input_Q,
1521 int radix_D, char *input_D,
1522 int radix_E, char *input_E,
1523 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1524{
1525 /* Original MPI's with which we set up the RSA context */
1526 mbedtls_mpi N, P, Q, D, E;
1527
1528 const int have_N = ( strlen( input_N ) > 0 );
1529 const int have_P = ( strlen( input_P ) > 0 );
1530 const int have_Q = ( strlen( input_Q ) > 0 );
1531 const int have_D = ( strlen( input_D ) > 0 );
1532 const int have_E = ( strlen( input_E ) > 0 );
1533
1534 mbedtls_entropy_context entropy;
1535 mbedtls_ctr_drbg_context ctr_drbg;
1536 const char *pers = "test_suite_rsa";
1537
1538 mbedtls_mpi_init( &N );
1539 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1540 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1541
1542 mbedtls_ctr_drbg_init( &ctr_drbg );
1543 mbedtls_entropy_init( &entropy );
1544 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1545 &entropy, (const unsigned char *) pers,
1546 strlen( pers ) ) == 0 );
1547
1548 if( have_N )
1549 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1550
1551 if( have_P )
1552 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1553
1554 if( have_Q )
1555 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1556
1557 if( have_D )
1558 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1559
1560 if( have_E )
1561 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1562
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1563 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1564 have_P ? &P : NULL,
1565 have_Q ? &Q : NULL,
1566 have_D ? &D : NULL,
1567 have_E ? &E : NULL,
1568 prng ? mbedtls_ctr_drbg_random : NULL,
1569 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1570exit:
1571
1572 mbedtls_ctr_drbg_free( &ctr_drbg );
1573 mbedtls_entropy_free( &entropy );
1574
1575 mbedtls_mpi_free( &N );
1576 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1577 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1578}
1579/* END_CASE */
1580
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1581/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1582void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1583 data_t *input_Q, data_t *input_D,
1584 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1585 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1586{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1587 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1588 unsigned char bufNe[256];
1589 unsigned char bufPe[128];
1590 unsigned char bufQe[128];
1591 unsigned char bufDe[256];
1592 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1593
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1594 mbedtls_rsa_context ctx;
1595
1596 mbedtls_rsa_init( &ctx, 0, 0 );
1597
1598 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1599 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1600 input_N->len ? input_N->x : NULL, input_N->len,
1601 input_P->len ? input_P->x : NULL, input_P->len,
1602 input_Q->len ? input_Q->x : NULL, input_Q->len,
1603 input_D->len ? input_D->x : NULL, input_D->len,
1604 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1605
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1606 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1607
1608 /*
1609 * Export parameters and compare to original ones.
1610 */
1611
1612 /* N and E must always be present. */
1613 if( !successive )
1614 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1615 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1616 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1617 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1618 }
1619 else
1620 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1621 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1622 NULL, 0, NULL, 0, NULL, 0,
1623 NULL, 0 ) == 0 );
1624 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1625 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1626 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1627 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1628 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1629 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1630
1631 /* If we were providing enough information to setup a complete private context,
1632 * we expect to be able to export all core parameters. */
1633
1634 if( is_priv )
1635 {
1636 if( !successive )
1637 {
1638 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1639 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1640 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1641 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1642 NULL, 0 ) == 0 );
1643 }
1644 else
1645 {
1646 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1647 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1648 NULL, 0, NULL, 0,
1649 NULL, 0 ) == 0 );
1650
1651 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1652 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1653 NULL, 0, NULL, 0 ) == 0 );
1654
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1655 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1656 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1657 NULL, 0 ) == 0 );
1658 }
1659
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1660 if( input_P->len )
1661 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1662
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1663 if( input_Q->len )
1664 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1665
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1666 if( input_D->len )
1667 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1668
1669 }
1670
1671exit:
1672 mbedtls_rsa_free( &ctx );
1673}
1674/* END_CASE */
1675
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1676/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1677void mbedtls_rsa_import_raw( data_t *input_N,
1678 data_t *input_P, data_t *input_Q,
1679 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1680 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1681 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1682 int res_check,
1683 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1684{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1685 /* Buffers used for encryption-decryption test */
1686 unsigned char *buf_orig = NULL;
1687 unsigned char *buf_enc = NULL;
1688 unsigned char *buf_dec = NULL;
1689
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1690 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1691 mbedtls_entropy_context entropy;
1692 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1693
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1694 const char *pers = "test_suite_rsa";
1695
1696 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1697 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1698 mbedtls_rsa_init( &ctx, 0, 0 );
1699
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1700 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1701 &entropy, (const unsigned char *) pers,
1702 strlen( pers ) ) == 0 );
1703
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1704 if( !successive )
1705 {
1706 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1707 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1708 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1709 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1710 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1711 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1712 }
1713 else
1714 {
1715 /* Import N, P, Q, D, E separately.
1716 * This should make no functional difference. */
1717
1718 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1719 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1720 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1721
1722 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1723 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1724 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1725 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1726
1727 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1728 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1729 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1730 NULL, 0, NULL, 0 ) == 0 );
1731
1732 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1733 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1734 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1735 NULL, 0 ) == 0 );
1736
1737 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1738 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1739 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1740 }
1741
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1742 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1743
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1744 /* On expected success, perform some public and private
1745 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1746 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1747 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1748 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1749 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1750 else
1751 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1752
1753 if( res_check != 0 )
1754 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1755
1756 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1757 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1758 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1759 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1760 goto exit;
1761
1762 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1763 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1764
1765 /* Make sure the number we're generating is smaller than the modulus */
1766 buf_orig[0] = 0x00;
1767
1768 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1769
1770 if( is_priv )
1771 {
1772 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1773 &ctr_drbg, buf_enc,
1774 buf_dec ) == 0 );
1775
1776 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1777 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1778 }
1779 }
1780
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1781exit:
1782
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1783 mbedtls_free( buf_orig );
1784 mbedtls_free( buf_enc );
1785 mbedtls_free( buf_dec );
1786
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1787 mbedtls_rsa_free( &ctx );
1788
1789 mbedtls_ctr_drbg_free( &ctr_drbg );
1790 mbedtls_entropy_free( &entropy );
1791
1792}
1793/* END_CASE */
1794
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1795/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1796void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1797{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1798 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1799}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1800/* END_CASE */