TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 236c4e22f75f293cc60b6061e15560bbf2b3cd9a / . / tests / suites / test_suite_rsa.function
blob: 770a04a435dcddd5109ffb24d20fb4efe5ff8ff0 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md5.h"
5#include "mbedtls/sha1.h"
6#include "mbedtls/sha256.h"
7#include "mbedtls/sha512.h"
8#include "mbedtls/entropy.h"
9#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]10
Manuel Pégourié-Gonnard236c4e22022-07-16 08:35:06 +0200[diff] [blame^]11#include "or_psa_helpers.h"
12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]20/* BEGIN_CASE */
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int invalid_padding = 42;
25 const int invalid_hash_id = 0xff;
26
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]27 mbedtls_rsa_init( &ctx );
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]28
29 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
30 invalid_padding,
31 MBEDTLS_MD_NONE ),
32 MBEDTLS_ERR_RSA_INVALID_PADDING );
33
34 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
35 MBEDTLS_RSA_PKCS_V21,
36 invalid_hash_id ),
37 MBEDTLS_ERR_RSA_INVALID_PADDING );
38
Ronald Cron3a0375f2021-06-08 10:22:28 +0200[diff] [blame]39#if !defined(MBEDTLS_PKCS1_V15)
40 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
41 MBEDTLS_RSA_PKCS_V15,
42 MBEDTLS_MD_NONE ),
43 MBEDTLS_ERR_RSA_INVALID_PADDING );
44#endif
45
46#if !defined(MBEDTLS_PKCS1_V21)
47 TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
48 MBEDTLS_RSA_PKCS_V21,
49 MBEDTLS_MD_NONE ),
50 MBEDTLS_ERR_RSA_INVALID_PADDING );
51#endif
52
Ronald Cronea7631b2021-06-03 18:51:59 +0200[diff] [blame]53exit:
54 mbedtls_rsa_free( &ctx );
55}
56/* END_CASE */
57
58/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]59void rsa_init_free( int reinit )
60{
61 mbedtls_rsa_context ctx;
62
63 /* Double free is not explicitly documented to work, but we rely on it
64 * even inside the library so that you can call mbedtls_rsa_free()
65 * unconditionally on an error path without checking whether it has
66 * already been called in the success path. */
67
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]68 mbedtls_rsa_init( &ctx );
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]69 mbedtls_rsa_free( &ctx );
70
71 if( reinit )
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]72 mbedtls_rsa_init( &ctx );
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]73 mbedtls_rsa_free( &ctx );
74
75 /* This test case always succeeds, functionally speaking. A plausible
76 * bug might trigger an invalid pointer dereference or a memory leak. */
77 goto exit;
78}
79/* END_CASE */
80
Manuel Pégourié-Gonnard236c4e22022-07-16 08:35:06 +0200[diff] [blame^]81/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]82void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]83 int digest, int mod, int radix_P, char * input_P,
84 int radix_Q, char * input_Q, int radix_N,
85 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]86 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]87{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]88 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]89 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]90 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]91 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]92
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]93 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
94 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]95 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]96 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx,padding_mode,
97 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]98
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]99 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]100 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]101
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]102 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
103 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
104 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
105 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]106
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]107 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
108 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]109 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]110 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]111
Gilles Peskine6e3187b2021-06-22 18:39:53 +0200[diff] [blame]112 TEST_ASSERT( mbedtls_rsa_pkcs1_sign(
113 &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info,
Manuel Pégourié-Gonnarda4aa12f2022-07-16 08:20:26 +0200[diff] [blame]114 digest, message_str->len, message_str->x,
Gilles Peskine6e3187b2021-06-22 18:39:53 +0200[diff] [blame]115 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]116 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]117 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]118
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]119 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
120 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]121 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]122
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]123exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]124 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
125 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]126 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]127}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]128/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]129
Manuel Pégourié-Gonnard236c4e22022-07-16 08:35:06 +0200[diff] [blame^]130/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]131void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]132 int digest, int mod, int radix_N,
133 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]134 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]135{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]136 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]137 mbedtls_mpi N, E;
138
139 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]140 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]141 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
142 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]143
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]144 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
145 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]146 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
147 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]148 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]149
Manuel Pégourié-Gonnarda4aa12f2022-07-16 08:20:26 +0200[diff] [blame]150 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, message_str->len, message_str->x, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]151
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]152exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]153 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]154 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]155}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]156/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]157
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]158
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]159/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]160void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]161 int padding_mode, int mod, int radix_P,
162 char * input_P, int radix_Q, char * input_Q,
163 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]164 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]165{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]166 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]167 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]168 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]169 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]170
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]171 mbedtls_rsa_init( &ctx );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]172 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
173 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]174
Paul Elliotte57dd2d2021-06-25 11:13:24 +0100[diff] [blame]175 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
176 MBEDTLS_MD_NONE ) == 0 );
177
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]178 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]179 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]180
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]181 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
182 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
183 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
184 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]185
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]186 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
187 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]188 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]189 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]190
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]191
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]192 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]193 &rnd_info, MBEDTLS_MD_NONE,
194 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]195 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]196
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]197
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]198 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
199 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]200
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]201exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]202 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
203 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
204
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]205 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]206}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]207/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]208
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]209/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]210void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]211 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]212 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]213 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]214{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]215 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]216 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]217
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]218 mbedtls_mpi N, E;
219 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
220
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]221 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]222 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
223 MBEDTLS_MD_NONE ) == 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]224 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]225
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]226 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
227 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]228
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]229 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
230 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]231 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]232
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]233
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]234 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]235
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]236exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]237 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]238 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]239}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]240/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]241
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]242/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]243void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]244 int mod, int radix_N, char * input_N,
245 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]246 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]247{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]248 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]249 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]250 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]251
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]252 mbedtls_mpi N, E;
253 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
254
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]255 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]256
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]257 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]258 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
259 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]260 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]261
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]262 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
263 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]264
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]265 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
266 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]267 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]268
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]269
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]270 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
271 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]272 &rnd_info, message_str->len,
273 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]274 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]275 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]276 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]277
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]278 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
279 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]280 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]281
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]282exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]283 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]284 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]285}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]286/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]287
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]288/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]289void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]290 int mod, int radix_N, char * input_N,
291 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]292 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]293{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]294 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]295 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]296
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]297 mbedtls_mpi N, E;
298
299 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]300 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]301 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
302 MBEDTLS_MD_NONE ) == 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]303 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]304
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]305 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
306 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]307
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]308 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
309 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]310 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]311
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]312
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]313 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]314 NULL, message_str->len,
315 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]316 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]317 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]318 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]319
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]320 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
321 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]322 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]323
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]324exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]325 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]326 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]327}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]328/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]329
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]330/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]331void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]332 int mod, int radix_P, char * input_P,
333 int radix_Q, char * input_Q, int radix_N,
334 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]335 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]336 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]337{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]338 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]339 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]340 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]341 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]342 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]343
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]344 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
345 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
346
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]347 mbedtls_rsa_init( &ctx );
Ronald Cron266b6d22021-06-08 10:03:49 +0200[diff] [blame]348 TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode,
349 MBEDTLS_MD_NONE ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]350
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]351 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]352 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]353
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]354
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]355 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
356 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
357 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
358 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]359
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]360 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
361 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]362 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]363 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]364
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]365 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]366
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]367 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]368 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]369 &output_len, message_str->x, output,
370 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]371 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]372 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]373
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]374 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]375 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]376 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]377 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]378
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]379exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]380 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
381 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]382 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]383}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]384/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]385
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]386/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]387void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]388 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]389 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]390{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]391 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]392 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]393
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]394 mbedtls_mpi N, E;
395
396 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]397 mbedtls_rsa_init( &ctx );
398 mbedtls_rsa_init( &ctx2 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]399 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]400
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]401 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
402 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]403
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]404 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine058d0092021-06-09 16:24:35 +0200[diff] [blame]405
406 /* Check test data consistency */
407 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]408 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]409 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]410
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]411 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]412 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]413 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]414
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]415 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
416 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]417 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]418
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]419 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]420 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]421 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]422 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]423
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]424 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]425
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]426 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]427 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]428 if( result == 0 )
429 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]430
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]431 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
432 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]433 }
434
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]435exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]436 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]437 mbedtls_rsa_free( &ctx );
438 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]439}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]440/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]441
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]442/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]443void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]444 char * input_P, int radix_Q, char * input_Q,
445 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]446 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]447 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]448{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]449 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]450 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]451 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]452 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]453 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]454
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]455 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
456 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]457 mbedtls_rsa_init( &ctx );
458 mbedtls_rsa_init( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]459
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]460 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]461
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]462 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
463 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
464 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
465 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]466
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]467 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine058d0092021-06-09 16:24:35 +0200[diff] [blame]468
469 /* Check test data consistency */
470 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]471 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]472 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]473 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]474
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]475 /* repeat three times to test updating of blinding values */
476 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]477 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]478 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]479 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
480 &rnd_info, message_str->x,
481 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]482 if( result == 0 )
483 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]484
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]485 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]486 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]487 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]488 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]489 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]490
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]491 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]492 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]493 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]494 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]495
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]496 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]497
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]498 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]499 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
500 &rnd_info, message_str->x,
501 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]502 if( result == 0 )
503 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]504
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]505 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]506 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]507 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]508 }
509
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]510exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]511 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
512 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
513
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]514 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]515}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]516/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]517
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]518/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]519void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]520{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]521 mbedtls_rsa_context ctx;
522 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]523
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]525}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]526/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]527
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]528/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]529void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
530 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]532 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]533 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]534
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]535 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]536 mbedtls_rsa_init( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]537
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]538 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]539 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]540 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]541 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]542 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]544 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]545 }
546
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]547 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]548 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]549
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]550exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]551 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]552 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]553}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]554/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]555
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]556/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]557void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
558 int radix_Q, char * input_Q, int radix_N,
559 char * input_N, int radix_E, char * input_E,
560 int radix_D, char * input_D, int radix_DP,
561 char * input_DP, int radix_DQ,
562 char * input_DQ, int radix_QP,
563 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]564{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]565 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]566
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]567 mbedtls_rsa_init( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]568
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]569 ctx.len = mod / 8;
570 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]571 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]572 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]573 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]574 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]575 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]576 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]577 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]578 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]579 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]580 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]581 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]582 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]583 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]584 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]585 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]586 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]587 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]588 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]589 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]590#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]591 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]592 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]593 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]594 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]595 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]596 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]597 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]598 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]599 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]600 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]601 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]602 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]603#else
604 ((void) radix_DP); ((void) input_DP);
605 ((void) radix_DQ); ((void) input_DQ);
606 ((void) radix_QP); ((void) input_QP);
607#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]608
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]609 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]610
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]611exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]612 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]613}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]614/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]615
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]616/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]617void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
618 int radix_Epub, char * input_Epub, int radix_P,
619 char * input_P, int radix_Q, char * input_Q,
620 int radix_N, char * input_N, int radix_E,
621 char * input_E, int radix_D, char * input_D,
622 int radix_DP, char * input_DP, int radix_DQ,
623 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]624 int result )
625{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]626 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]627
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]628 mbedtls_rsa_init( &pub );
629 mbedtls_rsa_init( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]630
631 pub.len = mod / 8;
632 prv.len = mod / 8;
633
634 if( strlen( input_Npub ) )
635 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]636 TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]637 }
638 if( strlen( input_Epub ) )
639 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]640 TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]641 }
642
643 if( strlen( input_P ) )
644 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]645 TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]646 }
647 if( strlen( input_Q ) )
648 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]649 TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]650 }
651 if( strlen( input_N ) )
652 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]653 TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]654 }
655 if( strlen( input_E ) )
656 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]657 TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]658 }
659 if( strlen( input_D ) )
660 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]661 TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]662 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]663#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]664 if( strlen( input_DP ) )
665 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]666 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]667 }
668 if( strlen( input_DQ ) )
669 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]670 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]671 }
672 if( strlen( input_QP ) )
673 {
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]674 TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]675 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]676#else
677 ((void) radix_DP); ((void) input_DP);
678 ((void) radix_DQ); ((void) input_DQ);
679 ((void) radix_QP); ((void) input_QP);
680#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]681
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]682 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]683
684exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 mbedtls_rsa_free( &pub );
686 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]687}
688/* END_CASE */
689
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]690/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]691void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]692{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]693 mbedtls_rsa_context ctx;
694 mbedtls_entropy_context entropy;
695 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]696 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]697
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]698 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]699 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]700 mbedtls_rsa_init ( &ctx );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]701
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]702 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
703 &entropy, (const unsigned char *) pers,
704 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]705
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]706 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]707 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]708 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]710 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]711 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]712
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]713exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]714 mbedtls_rsa_free( &ctx );
715 mbedtls_ctr_drbg_free( &ctr_drbg );
716 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]717}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]718/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]719
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]720/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]721void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]722 int radix_D, char *input_D,
723 int radix_E, char *input_E,
724 int radix_P, char *output_P,
725 int radix_Q, char *output_Q,
726 int corrupt, int result )
727{
728 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
729
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]730 mbedtls_mpi_init( &N );
731 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
732 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
733 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
734
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]735 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
736 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
737 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
738 TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
739 TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]740
741 if( corrupt )
742 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
743
744 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]745 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]746
747 if( !corrupt )
748 {
749 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
750 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
751 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
752 }
753
754exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]755 mbedtls_mpi_free( &N );
756 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
757 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
758 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]759}
760/* END_CASE */
761
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]762/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]763void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
764 int radix_Q, char *input_Q,
765 int radix_E, char *input_E,
766 int radix_D, char *output_D,
767 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]768{
769 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
770
771 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
772 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
773 mbedtls_mpi_init( &E );
774 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
775
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]776 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
777 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
778 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
779 TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]780
781 if( corrupt )
782 {
783 /* Make E even */
784 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
785 }
786
787 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]788 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
789 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]790
791 if( !corrupt )
792 {
793 /*
794 * Check that D and Dp agree modulo LCM(P-1, Q-1).
795 */
796
797 /* Replace P,Q by P-1, Q-1 */
798 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
799 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
800
801 /* Check D == Dp modulo P-1 */
802 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
803 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
804 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
805
806 /* Check D == Dp modulo Q-1 */
807 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
808 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
809 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
810 }
811
812exit:
813
814 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
815 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
816 mbedtls_mpi_free( &E );
817 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
818}
819/* END_CASE */
820
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]821/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]822void mbedtls_rsa_import( int radix_N, char *input_N,
823 int radix_P, char *input_P,
824 int radix_Q, char *input_Q,
825 int radix_D, char *input_D,
826 int radix_E, char *input_E,
827 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]828 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]829 int res_check,
830 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]831{
832 mbedtls_mpi N, P, Q, D, E;
833 mbedtls_rsa_context ctx;
834
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]835 /* Buffers used for encryption-decryption test */
836 unsigned char *buf_orig = NULL;
837 unsigned char *buf_enc = NULL;
838 unsigned char *buf_dec = NULL;
839
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]840 mbedtls_entropy_context entropy;
841 mbedtls_ctr_drbg_context ctr_drbg;
842 const char *pers = "test_suite_rsa";
843
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]844 const int have_N = ( strlen( input_N ) > 0 );
845 const int have_P = ( strlen( input_P ) > 0 );
846 const int have_Q = ( strlen( input_Q ) > 0 );
847 const int have_D = ( strlen( input_D ) > 0 );
848 const int have_E = ( strlen( input_E ) > 0 );
849
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]850 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]851 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]852 mbedtls_rsa_init( &ctx );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]853
854 mbedtls_mpi_init( &N );
855 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
856 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
857
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]858 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
859 (const unsigned char *) pers, strlen( pers ) ) == 0 );
860
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]861 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]862 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]863
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]864 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]865 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]866
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]867 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]868 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]869
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]870 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]871 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]872
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]873 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]874 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]875
876 if( !successive )
877 {
878 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]879 have_N ? &N : NULL,
880 have_P ? &P : NULL,
881 have_Q ? &Q : NULL,
882 have_D ? &D : NULL,
883 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]884 }
885 else
886 {
887 /* Import N, P, Q, D, E separately.
888 * This should make no functional difference. */
889
890 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]891 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]892 NULL, NULL, NULL, NULL ) == 0 );
893
894 TEST_ASSERT( mbedtls_rsa_import( &ctx,
895 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]896 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]897 NULL, NULL, NULL ) == 0 );
898
899 TEST_ASSERT( mbedtls_rsa_import( &ctx,
900 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]901 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]902 NULL, NULL ) == 0 );
903
904 TEST_ASSERT( mbedtls_rsa_import( &ctx,
905 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]906 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]907 NULL ) == 0 );
908
909 TEST_ASSERT( mbedtls_rsa_import( &ctx,
910 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]911 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]912 }
913
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]914 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]915
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]916 /* On expected success, perform some public and private
917 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]918 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]919 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]920 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]921 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
922 else
923 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
924
925 if( res_check != 0 )
926 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]927
928 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
929 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
930 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
931 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
932 goto exit;
933
934 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
935 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
936
937 /* Make sure the number we're generating is smaller than the modulus */
938 buf_orig[0] = 0x00;
939
940 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
941
942 if( is_priv )
943 {
944 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
945 &ctr_drbg, buf_enc,
946 buf_dec ) == 0 );
947
948 TEST_ASSERT( memcmp( buf_orig, buf_dec,
949 mbedtls_rsa_get_len( &ctx ) ) == 0 );
950 }
951 }
952
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]953exit:
954
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]955 mbedtls_free( buf_orig );
956 mbedtls_free( buf_enc );
957 mbedtls_free( buf_dec );
958
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]959 mbedtls_rsa_free( &ctx );
960
961 mbedtls_ctr_drbg_free( &ctr_drbg );
962 mbedtls_entropy_free( &entropy );
963
964 mbedtls_mpi_free( &N );
965 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
966 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
967}
968/* END_CASE */
969
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]970/* BEGIN_CASE */
971void mbedtls_rsa_export( int radix_N, char *input_N,
972 int radix_P, char *input_P,
973 int radix_Q, char *input_Q,
974 int radix_D, char *input_D,
975 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]976 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]977 int successive )
978{
979 /* Original MPI's with which we set up the RSA context */
980 mbedtls_mpi N, P, Q, D, E;
981
982 /* Exported MPI's */
983 mbedtls_mpi Ne, Pe, Qe, De, Ee;
984
985 const int have_N = ( strlen( input_N ) > 0 );
986 const int have_P = ( strlen( input_P ) > 0 );
987 const int have_Q = ( strlen( input_Q ) > 0 );
988 const int have_D = ( strlen( input_D ) > 0 );
989 const int have_E = ( strlen( input_E ) > 0 );
990
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]991 mbedtls_rsa_context ctx;
992
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]993 mbedtls_rsa_init( &ctx );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]994
995 mbedtls_mpi_init( &N );
996 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
997 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
998
999 mbedtls_mpi_init( &Ne );
1000 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1001 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1002
1003 /* Setup RSA context */
1004
1005 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1006 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1007
1008 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1009 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1010
1011 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1012 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1013
1014 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1015 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1016
1017 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1018 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1019
1020 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1021 strlen( input_N ) ? &N : NULL,
1022 strlen( input_P ) ? &P : NULL,
1023 strlen( input_Q ) ? &Q : NULL,
1024 strlen( input_D ) ? &D : NULL,
1025 strlen( input_E ) ? &E : NULL ) == 0 );
1026
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1027 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1028
1029 /*
1030 * Export parameters and compare to original ones.
1031 */
1032
1033 /* N and E must always be present. */
1034 if( !successive )
1035 {
1036 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1037 }
1038 else
1039 {
1040 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1041 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1042 }
1043 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1044 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1045
1046 /* If we were providing enough information to setup a complete private context,
1047 * we expect to be able to export all core parameters. */
1048
1049 if( is_priv )
1050 {
1051 if( !successive )
1052 {
1053 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1054 &De, NULL ) == 0 );
1055 }
1056 else
1057 {
1058 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1059 NULL, NULL ) == 0 );
1060 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1061 NULL, NULL ) == 0 );
1062 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1063 &De, NULL ) == 0 );
1064 }
1065
1066 if( have_P )
1067 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1068
1069 if( have_Q )
1070 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1071
1072 if( have_D )
1073 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1074
1075 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1076 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1077 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1078 }
1079
1080exit:
1081
1082 mbedtls_rsa_free( &ctx );
1083
1084 mbedtls_mpi_free( &N );
1085 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1086 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1087
1088 mbedtls_mpi_free( &Ne );
1089 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1090 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1091}
1092/* END_CASE */
1093
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1094/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1095void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1096 int radix_P, char *input_P,
1097 int radix_Q, char *input_Q,
1098 int radix_D, char *input_D,
1099 int radix_E, char *input_E,
1100 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1101{
1102 /* Original MPI's with which we set up the RSA context */
1103 mbedtls_mpi N, P, Q, D, E;
1104
1105 const int have_N = ( strlen( input_N ) > 0 );
1106 const int have_P = ( strlen( input_P ) > 0 );
1107 const int have_Q = ( strlen( input_Q ) > 0 );
1108 const int have_D = ( strlen( input_D ) > 0 );
1109 const int have_E = ( strlen( input_E ) > 0 );
1110
1111 mbedtls_entropy_context entropy;
1112 mbedtls_ctr_drbg_context ctr_drbg;
1113 const char *pers = "test_suite_rsa";
1114
1115 mbedtls_mpi_init( &N );
1116 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1117 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1118
1119 mbedtls_ctr_drbg_init( &ctr_drbg );
1120 mbedtls_entropy_init( &entropy );
1121 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1122 &entropy, (const unsigned char *) pers,
1123 strlen( pers ) ) == 0 );
1124
1125 if( have_N )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1126 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1127
1128 if( have_P )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1129 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1130
1131 if( have_Q )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1132 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1133
1134 if( have_D )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1135 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1136
1137 if( have_E )
Gilles Peskine20edee72021-06-10 23:18:39 +0200[diff] [blame]1138 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1139
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1140 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1141 have_P ? &P : NULL,
1142 have_Q ? &Q : NULL,
1143 have_D ? &D : NULL,
1144 have_E ? &E : NULL,
1145 prng ? mbedtls_ctr_drbg_random : NULL,
1146 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1147exit:
1148
1149 mbedtls_ctr_drbg_free( &ctr_drbg );
1150 mbedtls_entropy_free( &entropy );
1151
1152 mbedtls_mpi_free( &N );
1153 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1154 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1155}
1156/* END_CASE */
1157
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1158/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1159void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1160 data_t *input_Q, data_t *input_D,
1161 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1162 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1163{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1164 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1165 unsigned char bufNe[256];
1166 unsigned char bufPe[128];
1167 unsigned char bufQe[128];
1168 unsigned char bufDe[256];
1169 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1170
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1171 mbedtls_rsa_context ctx;
1172
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1173 mbedtls_rsa_init( &ctx );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1174
1175 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1176 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1177 input_N->len ? input_N->x : NULL, input_N->len,
1178 input_P->len ? input_P->x : NULL, input_P->len,
1179 input_Q->len ? input_Q->x : NULL, input_Q->len,
1180 input_D->len ? input_D->x : NULL, input_D->len,
1181 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1182
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1183 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1184
1185 /*
1186 * Export parameters and compare to original ones.
1187 */
1188
1189 /* N and E must always be present. */
1190 if( !successive )
1191 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1192 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1193 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1194 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1195 }
1196 else
1197 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1198 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1199 NULL, 0, NULL, 0, NULL, 0,
1200 NULL, 0 ) == 0 );
1201 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1202 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1203 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1204 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1205 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1206 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1207
1208 /* If we were providing enough information to setup a complete private context,
1209 * we expect to be able to export all core parameters. */
1210
1211 if( is_priv )
1212 {
1213 if( !successive )
1214 {
1215 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1216 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1217 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1218 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1219 NULL, 0 ) == 0 );
1220 }
1221 else
1222 {
1223 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1224 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1225 NULL, 0, NULL, 0,
1226 NULL, 0 ) == 0 );
1227
1228 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1229 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1230 NULL, 0, NULL, 0 ) == 0 );
1231
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1232 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1233 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1234 NULL, 0 ) == 0 );
1235 }
1236
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1237 if( input_P->len )
1238 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1239
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1240 if( input_Q->len )
1241 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1242
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1243 if( input_D->len )
1244 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1245
1246 }
1247
1248exit:
1249 mbedtls_rsa_free( &ctx );
1250}
1251/* END_CASE */
1252
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1253/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1254void mbedtls_rsa_import_raw( data_t *input_N,
1255 data_t *input_P, data_t *input_Q,
1256 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1257 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1258 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1259 int res_check,
1260 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1261{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1262 /* Buffers used for encryption-decryption test */
1263 unsigned char *buf_orig = NULL;
1264 unsigned char *buf_enc = NULL;
1265 unsigned char *buf_dec = NULL;
1266
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1267 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1268 mbedtls_entropy_context entropy;
1269 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1270
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1271 const char *pers = "test_suite_rsa";
1272
1273 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1274 mbedtls_entropy_init( &entropy );
Ronald Cronc1905a12021-06-05 11:11:14 +0200[diff] [blame]1275 mbedtls_rsa_init( &ctx );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1276
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1277 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1278 &entropy, (const unsigned char *) pers,
1279 strlen( pers ) ) == 0 );
1280
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1281 if( !successive )
1282 {
1283 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1284 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1285 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1286 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1287 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1288 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1289 }
1290 else
1291 {
1292 /* Import N, P, Q, D, E separately.
1293 * This should make no functional difference. */
1294
1295 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1296 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1297 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1298
1299 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1300 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1301 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1302 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1303
1304 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1305 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1306 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1307 NULL, 0, NULL, 0 ) == 0 );
1308
1309 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1310 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1311 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1312 NULL, 0 ) == 0 );
1313
1314 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1315 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1316 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1317 }
1318
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1319 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1320
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1321 /* On expected success, perform some public and private
1322 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1323 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1324 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1325 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1326 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1327 else
1328 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1329
1330 if( res_check != 0 )
1331 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1332
1333 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1334 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1335 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1336 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1337 goto exit;
1338
1339 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1340 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1341
1342 /* Make sure the number we're generating is smaller than the modulus */
1343 buf_orig[0] = 0x00;
1344
1345 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1346
1347 if( is_priv )
1348 {
1349 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1350 &ctr_drbg, buf_enc,
1351 buf_dec ) == 0 );
1352
1353 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1354 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1355 }
1356 }
1357
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1358exit:
1359
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1360 mbedtls_free( buf_orig );
1361 mbedtls_free( buf_enc );
1362 mbedtls_free( buf_dec );
1363
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1364 mbedtls_rsa_free( &ctx );
1365
1366 mbedtls_ctr_drbg_free( &ctr_drbg );
1367 mbedtls_entropy_free( &entropy );
1368
1369}
1370/* END_CASE */
1371
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1372/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1373void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1374{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1375 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1376}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1377/* END_CASE */