TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a4aa12f0a168b31c9143c5d32f4445a92ed1ad75 / . / tests / suites / test_suite_rsa.function
blob: 6e678b11a7f266b95d0a8fa92cb1996d235cc0ea [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md5.h"
5#include "mbedtls/sha1.h"
6#include "mbedtls/sha256.h"
7#include "mbedtls/sha512.h"
8#include "mbedtls/entropy.h"
9#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]10
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]11/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]14 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15 * END_DEPENDENCIES
16 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]17
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]18/* BEGIN_CASE */
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]19void rsa_invalid_param( )
20{
21 mbedtls_rsa_context ctx;
22 const int invalid_padding = 42;
23 const int invalid_hash_id = 0xff;
24
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]25 mbedtls_rsa_init( &ctx );
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]26
27 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
28 invalid_padding,
29 MBEDTLS_MD_NONE ),
30 MBEDTLS_ERR_RSA_INVALID_PADDING );
31
32 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
33 MBEDTLS_RSA_PKCS_V21,
34 invalid_hash_id ),
35 MBEDTLS_ERR_RSA_INVALID_PADDING );
36
Ronald Cron3a0375f2021-06-08 10:22:28 +0200[diff] [blame]37#if !defined(MBEDTLS_PKCS1_V15)
38 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
39 MBEDTLS_RSA_PKCS_V15,
40 MBEDTLS_MD_NONE ),
41 MBEDTLS_ERR_RSA_INVALID_PADDING );
42#endif
43
44#if !defined(MBEDTLS_PKCS1_V21)
45 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
46 MBEDTLS_RSA_PKCS_V21,
47 MBEDTLS_MD_NONE ),
48 MBEDTLS_ERR_RSA_INVALID_PADDING );
49#endif
50
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]51exit:
52 mbedtls_rsa_free( &ctx );
53}
54/* END_CASE */
55
56/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]57void rsa_init_free( int reinit )
58{
59 mbedtls_rsa_context ctx;
60
61 /* Double free is not explicitly documented to work, but we rely on it
62 * even inside the library so that you can call mbedtls_rsa_free()
63 * unconditionally on an error path without checking whether it has
64 * already been called in the success path. */
65
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]66 mbedtls_rsa_init( &ctx );
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]67 mbedtls_rsa_free( &ctx );
68
69 if( reinit )
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]70 mbedtls_rsa_init( &ctx );
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]71 mbedtls_rsa_free( &ctx );
72
73 /* This test case always succeeds, functionally speaking. A plausible
74 * bug might trigger an invalid pointer dereference or a memory leak. */
75 goto exit;
76}
77/* END_CASE */
78
Manuel Pégourié-Gonnarde496c622022-07-05 13:11:13 +0200[diff] [blame]79/* BEGIN_CASE depends_on:MBEDTLS_MD_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]80void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]81 int digest, int mod, int radix_P, char * input_P,
82 int radix_Q, char * input_Q, int radix_N,
83 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]84 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]85{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]86 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]87 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]88 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]89 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]90
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]91 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
92 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]93 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]94 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx,padding_mode,
95 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]96
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]97 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]98 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]99
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]100 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
101 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
102 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
103 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]104
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]105 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
106 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]107 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]108 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]109
Gilles Peskine6e3187b2021-06-22 18:39:53 +0200[diff] [blame]110 TEST_ASSERT( mbedtls_rsa_pkcs1_sign(
111 &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info,
Manuel Pégourié-Gonnarda4aa12f2022-07-16 08:20:26 +0200[diff] [blame^]112 digest, message_str->len, message_str->x,
Gilles Peskine6e3187b2021-06-22 18:39:53 +0200[diff] [blame]113 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]114 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]115 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]116
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]117 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
118 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]119 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]120
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]121exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]122 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
123 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]124 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]125}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]126/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]127
Manuel Pégourié-Gonnarde496c622022-07-05 13:11:13 +0200[diff] [blame]128/* BEGIN_CASE depends_on:MBEDTLS_MD_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]129void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]130 int digest, int mod, int radix_N,
131 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]132 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]133{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]134 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]135 mbedtls_mpi N, E;
136
137 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]138 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]139 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
140 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]141
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]142 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
143 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]144 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
145 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]146 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]147
Manuel Pégourié-Gonnarda4aa12f2022-07-16 08:20:26 +0200[diff] [blame^]148 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, message_str->len, message_str->x, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]149
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]150exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]151 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]152 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]153}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]154/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]155
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]156
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]157/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]158void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]159 int padding_mode, int mod, int radix_P,
160 char * input_P, int radix_Q, char * input_Q,
161 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]162 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]163{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]164 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]165 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]166 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]167 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]168
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]169 mbedtls_rsa_init( &ctx );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]170 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
171 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]172
Paul Elliotte57dd2d2021-06-25 11:13:24 +0100[diff] [blame]173 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
174 MBEDTLS_MD_NONE ) == 0 );
175
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]176 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]177 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]178
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]179 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
180 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
181 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
182 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]183
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]184 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
185 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]186 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]187 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]188
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]189
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]190 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]191 &rnd_info, MBEDTLS_MD_NONE,
192 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]193 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]194
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]195
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]196 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
197 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]198
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]199exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]200 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
201 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
202
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]203 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]204}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]205/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]206
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]207/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]208void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]209 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]210 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]211 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]212{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]213 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]214 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]215
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]216 mbedtls_mpi N, E;
217 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
218
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]219 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]220 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
221 MBEDTLS_MD_NONE ) == 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]222 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]223
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]224 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
225 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]226
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]227 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
228 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]229 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]230
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]231
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]232 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]233
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]234exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]235 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]236 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]237}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]238/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]239
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]240/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]241void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]242 int mod, int radix_N, char * input_N,
243 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]244 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]245{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]246 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]247 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]248 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]249
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]250 mbedtls_mpi N, E;
251 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
252
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]253 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]254
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]255 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]256 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
257 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]258 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]259
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]260 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
261 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]262
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]263 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
264 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]265 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]266
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]267
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]268 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
269 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]270 &rnd_info, message_str->len,
271 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]272 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]273 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]274 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]275
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]276 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
277 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]278 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]279
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]280exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]281 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]282 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]283}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]284/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]285
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]286/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]287void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]288 int mod, int radix_N, char * input_N,
289 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]290 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]291{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]292 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]293 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]294
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]295 mbedtls_mpi N, E;
296
297 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]298 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]299 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
300 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]301 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]302
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]303 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
304 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]305
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]306 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
307 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]308 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]309
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]310
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]311 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]312 NULL, message_str->len,
313 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]314 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]315 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]316 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]317
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]318 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
319 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]320 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]321
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]322exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]323 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]324 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]325}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]326/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]327
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]328/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]329void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]330 int mod, int radix_P, char * input_P,
331 int radix_Q, char * input_Q, int radix_N,
332 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]333 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]334 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]335{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]336 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]337 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]338 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]339 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]340 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]341
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]342 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
343 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
344
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]345 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]346 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
347 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]348
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]349 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]350 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]351
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]352
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]353 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
354 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
355 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
356 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]357
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]358 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
359 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]360 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]361 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]362
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]363 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]364
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]365 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]366 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]367 &output_len, message_str->x, output,
368 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]369 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]370 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]371
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]372 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]373 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]374 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]375 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]376
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]377exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]378 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
379 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]380 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]381}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]382/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]383
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]384/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]385void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]386 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]387 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]388{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]389 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]390 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]391
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]392 mbedtls_mpi N, E;
393
394 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]395 mbedtls_rsa_init( &ctx );
396 mbedtls_rsa_init( &ctx2 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]397 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]398
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]399 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
400 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]401
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]402 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine058d0092021-06-09 16:24:35 +0200[diff] [blame]403
404 /* Check test data consistency */
405 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]406 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]407 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]408
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]409 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]410 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]411 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]412
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]413 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
414 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]415 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]416
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]417 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]418 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]419 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]420 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]421
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]422 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]423
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]424 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]425 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]426 if( result == 0 )
427 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]428
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]429 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
430 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]431 }
432
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]433exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]434 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]435 mbedtls_rsa_free( &ctx );
436 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]437}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]438/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]439
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]440/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]441void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]442 char * input_P, int radix_Q, char * input_Q,
443 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]444 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]445 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]446{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]447 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]448 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]449 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]450 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]451 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]452
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]453 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
454 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]455 mbedtls_rsa_init( &ctx );
456 mbedtls_rsa_init( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]457
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]458 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]459
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]460 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
461 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
462 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
463 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]464
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]465 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine058d0092021-06-09 16:24:35 +0200[diff] [blame]466
467 /* Check test data consistency */
468 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]469 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]470 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]471 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]472
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]473 /* repeat three times to test updating of blinding values */
474 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]475 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]476 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]477 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
478 &rnd_info, message_str->x,
479 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]480 if( result == 0 )
481 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]482
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]483 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]484 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]485 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]486 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]487 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]488
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]489 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]490 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]491 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]492 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]493
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]494 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]495
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]496 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]497 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
498 &rnd_info, message_str->x,
499 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]500 if( result == 0 )
501 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]502
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]503 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]504 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]505 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]506 }
507
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]508exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]509 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
510 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
511
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]512 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]513}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]514/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]515
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]516/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]517void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]518{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]519 mbedtls_rsa_context ctx;
520 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]521
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]522 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]523}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]524/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]525
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]526/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]527void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
528 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]529{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]530 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]531 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]532
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]533 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]534 mbedtls_rsa_init( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]535
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]536 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]537 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]538 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]539 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]540 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]541 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]542 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543 }
544
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]545 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]546 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]547
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]548exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]549 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]550 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]551}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]552/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]553
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]554/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]555void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
556 int radix_Q, char * input_Q, int radix_N,
557 char * input_N, int radix_E, char * input_E,
558 int radix_D, char * input_D, int radix_DP,
559 char * input_DP, int radix_DQ,
560 char * input_DQ, int radix_QP,
561 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]562{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]563 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]564
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]565 mbedtls_rsa_init( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]566
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]567 ctx.len = mod / 8;
568 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]569 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]570 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]571 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]572 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]573 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]574 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]575 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]576 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]577 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]578 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]579 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]580 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]581 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]582 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]583 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]584 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]585 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]586 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]587 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]588#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]589 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]590 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]591 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]592 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]593 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]594 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]595 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]596 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]597 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]598 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]599 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]600 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]601#else
602 ((void) radix_DP); ((void) input_DP);
603 ((void) radix_DQ); ((void) input_DQ);
604 ((void) radix_QP); ((void) input_QP);
605#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]606
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]607 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]608
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]609exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]610 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]612/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]613
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]614/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]615void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
616 int radix_Epub, char * input_Epub, int radix_P,
617 char * input_P, int radix_Q, char * input_Q,
618 int radix_N, char * input_N, int radix_E,
619 char * input_E, int radix_D, char * input_D,
620 int radix_DP, char * input_DP, int radix_DQ,
621 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]622 int result )
623{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]624 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]625
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]626 mbedtls_rsa_init( &pub );
627 mbedtls_rsa_init( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]628
629 pub.len = mod / 8;
630 prv.len = mod / 8;
631
632 if( strlen( input_Npub ) )
633 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]634 TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]635 }
636 if( strlen( input_Epub ) )
637 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]638 TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]639 }
640
641 if( strlen( input_P ) )
642 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]643 TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]644 }
645 if( strlen( input_Q ) )
646 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]647 TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]648 }
649 if( strlen( input_N ) )
650 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]651 TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]652 }
653 if( strlen( input_E ) )
654 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]655 TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]656 }
657 if( strlen( input_D ) )
658 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]659 TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]660 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]661#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]662 if( strlen( input_DP ) )
663 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]664 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]665 }
666 if( strlen( input_DQ ) )
667 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]668 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]669 }
670 if( strlen( input_QP ) )
671 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]672 TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]673 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]674#else
675 ((void) radix_DP); ((void) input_DP);
676 ((void) radix_DQ); ((void) input_DQ);
677 ((void) radix_QP); ((void) input_QP);
678#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]679
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]680 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]681
682exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]683 mbedtls_rsa_free( &pub );
684 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]685}
686/* END_CASE */
687
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]688/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]689void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]690{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]691 mbedtls_rsa_context ctx;
692 mbedtls_entropy_context entropy;
693 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]694 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]695
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]696 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]698 mbedtls_rsa_init ( &ctx );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]699
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]700 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
701 &entropy, (const unsigned char *) pers,
702 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]703
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]704 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]705 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]706 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]707 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]708 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]709 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]710
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]711exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]712 mbedtls_rsa_free( &ctx );
713 mbedtls_ctr_drbg_free( &ctr_drbg );
714 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]715}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]716/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]717
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]718/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]719void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]720 int radix_D, char *input_D,
721 int radix_E, char *input_E,
722 int radix_P, char *output_P,
723 int radix_Q, char *output_Q,
724 int corrupt, int result )
725{
726 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
727
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]728 mbedtls_mpi_init( &N );
729 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
730 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
731 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
732
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]733 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
734 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
735 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
736 TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
737 TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]738
739 if( corrupt )
740 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
741
742 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]743 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]744
745 if( !corrupt )
746 {
747 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
748 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
749 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
750 }
751
752exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]753 mbedtls_mpi_free( &N );
754 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
755 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
756 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]757}
758/* END_CASE */
759
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]760/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]761void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
762 int radix_Q, char *input_Q,
763 int radix_E, char *input_E,
764 int radix_D, char *output_D,
765 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]766{
767 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
768
769 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
770 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
771 mbedtls_mpi_init( &E );
772 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
773
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]774 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
775 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
776 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
777 TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]778
779 if( corrupt )
780 {
781 /* Make E even */
782 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
783 }
784
785 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]786 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
787 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]788
789 if( !corrupt )
790 {
791 /*
792 * Check that D and Dp agree modulo LCM(P-1, Q-1).
793 */
794
795 /* Replace P,Q by P-1, Q-1 */
796 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
797 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
798
799 /* Check D == Dp modulo P-1 */
800 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
801 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
802 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
803
804 /* Check D == Dp modulo Q-1 */
805 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
806 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
807 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
808 }
809
810exit:
811
812 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
813 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
814 mbedtls_mpi_free( &E );
815 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
816}
817/* END_CASE */
818
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]819/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]820void mbedtls_rsa_import( int radix_N, char *input_N,
821 int radix_P, char *input_P,
822 int radix_Q, char *input_Q,
823 int radix_D, char *input_D,
824 int radix_E, char *input_E,
825 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]826 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]827 int res_check,
828 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]829{
830 mbedtls_mpi N, P, Q, D, E;
831 mbedtls_rsa_context ctx;
832
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]833 /* Buffers used for encryption-decryption test */
834 unsigned char *buf_orig = NULL;
835 unsigned char *buf_enc = NULL;
836 unsigned char *buf_dec = NULL;
837
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]838 mbedtls_entropy_context entropy;
839 mbedtls_ctr_drbg_context ctr_drbg;
840 const char *pers = "test_suite_rsa";
841
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]842 const int have_N = ( strlen( input_N ) > 0 );
843 const int have_P = ( strlen( input_P ) > 0 );
844 const int have_Q = ( strlen( input_Q ) > 0 );
845 const int have_D = ( strlen( input_D ) > 0 );
846 const int have_E = ( strlen( input_E ) > 0 );
847
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]848 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]849 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]850 mbedtls_rsa_init( &ctx );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]851
852 mbedtls_mpi_init( &N );
853 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
854 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
855
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]856 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
857 (const unsigned char *) pers, strlen( pers ) ) == 0 );
858
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]859 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]860 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]861
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]862 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]863 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]864
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]865 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]866 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]867
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]868 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]869 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]870
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]871 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]872 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]873
874 if( !successive )
875 {
876 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]877 have_N ? &N : NULL,
878 have_P ? &P : NULL,
879 have_Q ? &Q : NULL,
880 have_D ? &D : NULL,
881 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]882 }
883 else
884 {
885 /* Import N, P, Q, D, E separately.
886 * This should make no functional difference. */
887
888 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]889 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]890 NULL, NULL, NULL, NULL ) == 0 );
891
892 TEST_ASSERT( mbedtls_rsa_import( &ctx,
893 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]894 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]895 NULL, NULL, NULL ) == 0 );
896
897 TEST_ASSERT( mbedtls_rsa_import( &ctx,
898 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]899 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]900 NULL, NULL ) == 0 );
901
902 TEST_ASSERT( mbedtls_rsa_import( &ctx,
903 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]904 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]905 NULL ) == 0 );
906
907 TEST_ASSERT( mbedtls_rsa_import( &ctx,
908 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]909 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]910 }
911
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]912 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]913
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]914 /* On expected success, perform some public and private
915 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]916 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]917 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]918 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]919 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
920 else
921 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
922
923 if( res_check != 0 )
924 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]925
926 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
927 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
928 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
929 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
930 goto exit;
931
932 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
933 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
934
935 /* Make sure the number we're generating is smaller than the modulus */
936 buf_orig[0] = 0x00;
937
938 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
939
940 if( is_priv )
941 {
942 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
943 &ctr_drbg, buf_enc,
944 buf_dec ) == 0 );
945
946 TEST_ASSERT( memcmp( buf_orig, buf_dec,
947 mbedtls_rsa_get_len( &ctx ) ) == 0 );
948 }
949 }
950
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]951exit:
952
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]953 mbedtls_free( buf_orig );
954 mbedtls_free( buf_enc );
955 mbedtls_free( buf_dec );
956
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]957 mbedtls_rsa_free( &ctx );
958
959 mbedtls_ctr_drbg_free( &ctr_drbg );
960 mbedtls_entropy_free( &entropy );
961
962 mbedtls_mpi_free( &N );
963 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
964 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
965}
966/* END_CASE */
967
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]968/* BEGIN_CASE */
969void mbedtls_rsa_export( int radix_N, char *input_N,
970 int radix_P, char *input_P,
971 int radix_Q, char *input_Q,
972 int radix_D, char *input_D,
973 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]974 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]975 int successive )
976{
977 /* Original MPI's with which we set up the RSA context */
978 mbedtls_mpi N, P, Q, D, E;
979
980 /* Exported MPI's */
981 mbedtls_mpi Ne, Pe, Qe, De, Ee;
982
983 const int have_N = ( strlen( input_N ) > 0 );
984 const int have_P = ( strlen( input_P ) > 0 );
985 const int have_Q = ( strlen( input_Q ) > 0 );
986 const int have_D = ( strlen( input_D ) > 0 );
987 const int have_E = ( strlen( input_E ) > 0 );
988
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]989 mbedtls_rsa_context ctx;
990
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]991 mbedtls_rsa_init( &ctx );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]992
993 mbedtls_mpi_init( &N );
994 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
995 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
996
997 mbedtls_mpi_init( &Ne );
998 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
999 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1000
1001 /* Setup RSA context */
1002
1003 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1004 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1005
1006 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1007 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1008
1009 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1010 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1011
1012 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1013 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1014
1015 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1016 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1017
1018 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1019 strlen( input_N ) ? &N : NULL,
1020 strlen( input_P ) ? &P : NULL,
1021 strlen( input_Q ) ? &Q : NULL,
1022 strlen( input_D ) ? &D : NULL,
1023 strlen( input_E ) ? &E : NULL ) == 0 );
1024
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1025 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1026
1027 /*
1028 * Export parameters and compare to original ones.
1029 */
1030
1031 /* N and E must always be present. */
1032 if( !successive )
1033 {
1034 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1035 }
1036 else
1037 {
1038 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1039 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1040 }
1041 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1042 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1043
1044 /* If we were providing enough information to setup a complete private context,
1045 * we expect to be able to export all core parameters. */
1046
1047 if( is_priv )
1048 {
1049 if( !successive )
1050 {
1051 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1052 &De, NULL ) == 0 );
1053 }
1054 else
1055 {
1056 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1057 NULL, NULL ) == 0 );
1058 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1059 NULL, NULL ) == 0 );
1060 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1061 &De, NULL ) == 0 );
1062 }
1063
1064 if( have_P )
1065 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1066
1067 if( have_Q )
1068 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1069
1070 if( have_D )
1071 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1072
1073 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1074 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1075 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1076 }
1077
1078exit:
1079
1080 mbedtls_rsa_free( &ctx );
1081
1082 mbedtls_mpi_free( &N );
1083 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1084 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1085
1086 mbedtls_mpi_free( &Ne );
1087 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1088 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1089}
1090/* END_CASE */
1091
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1092/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1093void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1094 int radix_P, char *input_P,
1095 int radix_Q, char *input_Q,
1096 int radix_D, char *input_D,
1097 int radix_E, char *input_E,
1098 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1099{
1100 /* Original MPI's with which we set up the RSA context */
1101 mbedtls_mpi N, P, Q, D, E;
1102
1103 const int have_N = ( strlen( input_N ) > 0 );
1104 const int have_P = ( strlen( input_P ) > 0 );
1105 const int have_Q = ( strlen( input_Q ) > 0 );
1106 const int have_D = ( strlen( input_D ) > 0 );
1107 const int have_E = ( strlen( input_E ) > 0 );
1108
1109 mbedtls_entropy_context entropy;
1110 mbedtls_ctr_drbg_context ctr_drbg;
1111 const char *pers = "test_suite_rsa";
1112
1113 mbedtls_mpi_init( &N );
1114 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1115 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1116
1117 mbedtls_ctr_drbg_init( &ctr_drbg );
1118 mbedtls_entropy_init( &entropy );
1119 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1120 &entropy, (const unsigned char *) pers,
1121 strlen( pers ) ) == 0 );
1122
1123 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1124 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1125
1126 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1127 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1128
1129 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1130 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1131
1132 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1133 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1134
1135 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1136 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1137
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1138 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1139 have_P ? &P : NULL,
1140 have_Q ? &Q : NULL,
1141 have_D ? &D : NULL,
1142 have_E ? &E : NULL,
1143 prng ? mbedtls_ctr_drbg_random : NULL,
1144 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1145exit:
1146
1147 mbedtls_ctr_drbg_free( &ctr_drbg );
1148 mbedtls_entropy_free( &entropy );
1149
1150 mbedtls_mpi_free( &N );
1151 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1152 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1153}
1154/* END_CASE */
1155
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1156/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1157void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1158 data_t *input_Q, data_t *input_D,
1159 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1160 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1161{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1162 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1163 unsigned char bufNe[256];
1164 unsigned char bufPe[128];
1165 unsigned char bufQe[128];
1166 unsigned char bufDe[256];
1167 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1168
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1169 mbedtls_rsa_context ctx;
1170
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1171 mbedtls_rsa_init( &ctx );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1172
1173 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1174 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1175 input_N->len ? input_N->x : NULL, input_N->len,
1176 input_P->len ? input_P->x : NULL, input_P->len,
1177 input_Q->len ? input_Q->x : NULL, input_Q->len,
1178 input_D->len ? input_D->x : NULL, input_D->len,
1179 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1180
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1181 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1182
1183 /*
1184 * Export parameters and compare to original ones.
1185 */
1186
1187 /* N and E must always be present. */
1188 if( !successive )
1189 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1190 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1191 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1192 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1193 }
1194 else
1195 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1196 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1197 NULL, 0, NULL, 0, NULL, 0,
1198 NULL, 0 ) == 0 );
1199 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1200 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1201 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1202 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1203 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1204 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1205
1206 /* If we were providing enough information to setup a complete private context,
1207 * we expect to be able to export all core parameters. */
1208
1209 if( is_priv )
1210 {
1211 if( !successive )
1212 {
1213 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1214 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1215 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1216 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1217 NULL, 0 ) == 0 );
1218 }
1219 else
1220 {
1221 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1222 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1223 NULL, 0, NULL, 0,
1224 NULL, 0 ) == 0 );
1225
1226 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1227 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1228 NULL, 0, NULL, 0 ) == 0 );
1229
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1230 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1231 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1232 NULL, 0 ) == 0 );
1233 }
1234
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1235 if( input_P->len )
1236 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1237
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1238 if( input_Q->len )
1239 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1240
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1241 if( input_D->len )
1242 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1243
1244 }
1245
1246exit:
1247 mbedtls_rsa_free( &ctx );
1248}
1249/* END_CASE */
1250
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1251/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1252void mbedtls_rsa_import_raw( data_t *input_N,
1253 data_t *input_P, data_t *input_Q,
1254 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1255 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1256 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1257 int res_check,
1258 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1259{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1260 /* Buffers used for encryption-decryption test */
1261 unsigned char *buf_orig = NULL;
1262 unsigned char *buf_enc = NULL;
1263 unsigned char *buf_dec = NULL;
1264
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1265 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1266 mbedtls_entropy_context entropy;
1267 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1268
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1269 const char *pers = "test_suite_rsa";
1270
1271 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1272 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1273 mbedtls_rsa_init( &ctx );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1274
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1275 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1276 &entropy, (const unsigned char *) pers,
1277 strlen( pers ) ) == 0 );
1278
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1279 if( !successive )
1280 {
1281 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1282 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1283 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1284 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1285 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1286 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1287 }
1288 else
1289 {
1290 /* Import N, P, Q, D, E separately.
1291 * This should make no functional difference. */
1292
1293 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1294 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1295 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1296
1297 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1298 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1299 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1300 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1301
1302 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1303 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1304 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1305 NULL, 0, NULL, 0 ) == 0 );
1306
1307 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1308 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1309 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1310 NULL, 0 ) == 0 );
1311
1312 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1313 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1314 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1315 }
1316
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1317 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1318
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1319 /* On expected success, perform some public and private
1320 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1321 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1322 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1323 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1324 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1325 else
1326 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1327
1328 if( res_check != 0 )
1329 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1330
1331 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1332 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1333 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1334 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1335 goto exit;
1336
1337 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1338 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1339
1340 /* Make sure the number we're generating is smaller than the modulus */
1341 buf_orig[0] = 0x00;
1342
1343 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1344
1345 if( is_priv )
1346 {
1347 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1348 &ctr_drbg, buf_enc,
1349 buf_dec ) == 0 );
1350
1351 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1352 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1353 }
1354 }
1355
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1356exit:
1357
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1358 mbedtls_free( buf_orig );
1359 mbedtls_free( buf_enc );
1360 mbedtls_free( buf_dec );
1361
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1362 mbedtls_rsa_free( &ctx );
1363
1364 mbedtls_ctr_drbg_free( &ctr_drbg );
1365 mbedtls_entropy_free( &entropy );
1366
1367}
1368/* END_CASE */
1369
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1370/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1371void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1372{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1373 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1374}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1375/* END_CASE */