TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / d21e0b780a178eaca6b2a897595c50c165a8570f / . / tests / suites / test_suite_rsa.function
blob: 95881efb23459e6e98cffd09366e98aca8534084 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
106 valid_mode,
107 sizeof( buf ), buf,
108 buf ) );
109 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
110 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
111 invalid_mode,
112 sizeof( buf ), buf,
113 buf ) );
114 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
115 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
116 valid_mode,
117 sizeof( buf ), NULL,
118 buf ) );
119 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
120 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
121 valid_mode,
122 sizeof( buf ), buf,
123 NULL ) );
124
125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
127 NULL,
128 valid_mode,
129 sizeof( buf ), buf,
130 buf ) );
131 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
132 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
133 NULL,
134 invalid_mode,
135 sizeof( buf ), buf,
136 buf ) );
137 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
138 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
139 NULL,
140 valid_mode,
141 sizeof( buf ), NULL,
142 buf ) );
143 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
144 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
145 NULL,
146 valid_mode,
147 sizeof( buf ), buf,
148 NULL ) );
149
150 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
151 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
152 valid_mode,
153 buf, sizeof( buf ),
154 sizeof( buf ), buf,
155 buf ) );
156 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
157 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
158 invalid_mode,
159 buf, sizeof( buf ),
160 sizeof( buf ), buf,
161 buf ) );
162 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
163 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
164 valid_mode,
165 NULL, sizeof( buf ),
166 sizeof( buf ), buf,
167 buf ) );
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
170 valid_mode,
171 buf, sizeof( buf ),
172 sizeof( buf ), NULL,
173 buf ) );
174 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
175 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
176 valid_mode,
177 buf, sizeof( buf ),
178 sizeof( buf ), buf,
179 NULL ) );
180
181 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
182 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]183 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]184 buf, buf, 42 ) );
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]187 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]188 buf, buf, 42 ) );
189 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
190 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]191 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, buf, 42 ) );
193 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
194 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]195 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]196 buf, NULL, 42 ) );
197
198 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
199 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
200 NULL,
201 valid_mode, &olen,
202 buf, buf, 42 ) );
203 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
204 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
205 NULL,
206 invalid_mode, &olen,
207 buf, buf, 42 ) );
208 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
209 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
210 NULL,
211 valid_mode, NULL,
212 buf, buf, 42 ) );
213 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
214 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
215 NULL,
216 valid_mode, &olen,
217 NULL, buf, 42 ) );
218 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
219 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
220 NULL,
221 valid_mode, &olen,
222 buf, NULL, 42 ) );
223
224 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
225 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]226 buf, sizeof( buf ),
227 &olen,
228 buf, buf, 42 ) );
229 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
230 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]231 NULL, sizeof( buf ),
232 NULL,
233 buf, buf, 42 ) );
234 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
235 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]236 buf, sizeof( buf ),
237 &olen,
238 NULL, buf, 42 ) );
239 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
240 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]241 buf, sizeof( buf ),
242 &olen,
243 buf, NULL, 42 ) );
244
245 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
246 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
247 valid_mode,
248 0, sizeof( buf ), buf,
249 buf ) );
250 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
251 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
252 invalid_mode,
253 0, sizeof( buf ), buf,
254 buf ) );
255 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
256 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
257 valid_mode,
258 0, sizeof( buf ), NULL,
259 buf ) );
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
261 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
262 valid_mode,
263 0, sizeof( buf ), buf,
264 NULL ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
267 valid_mode,
268 MBEDTLS_MD_SHA1,
269 0, NULL,
270 buf ) );
271
272 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
273 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
274 valid_mode,
275 0, sizeof( buf ), buf,
276 buf ) );
277 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
278 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
279 invalid_mode,
280 0, sizeof( buf ), buf,
281 buf ) );
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
283 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
284 valid_mode,
285 0, sizeof( buf ), NULL,
286 buf ) );
287 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
288 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
289 valid_mode,
290 0, sizeof( buf ), buf,
291 NULL ) );
292 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
293 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
294 valid_mode,
295 MBEDTLS_MD_SHA1,
296 0, NULL,
297 buf ) );
298
299 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
300 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
301 valid_mode,
302 0, sizeof( buf ), buf,
303 buf ) );
304 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
305 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
306 invalid_mode,
307 0, sizeof( buf ), buf,
308 buf ) );
309 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
310 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
311 valid_mode,
312 0, sizeof( buf ), NULL,
313 buf ) );
314 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
315 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
316 valid_mode,
317 0, sizeof( buf ), buf,
318 NULL ) );
319 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
320 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
321 valid_mode,
322 MBEDTLS_MD_SHA1,
323 0, NULL,
324 buf ) );
325
326 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]327 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
328 0, sizeof( buf ), buf,
329 MBEDTLS_RSA_SALT_LEN_ANY,
330 buf ) );
331 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
332 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
333 0, sizeof( buf ), NULL,
334 MBEDTLS_RSA_SALT_LEN_ANY,
335 buf ) );
336 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
337 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
338 0, sizeof( buf ), buf,
339 MBEDTLS_RSA_SALT_LEN_ANY,
340 NULL ) );
341 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
342 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
343 MBEDTLS_MD_SHA1,
344 0, NULL,
345 MBEDTLS_RSA_SALT_LEN_ANY,
346 buf ) );
347
348 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]349 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
350 valid_mode,
351 0, sizeof( buf ), buf,
352 buf ) );
353 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
354 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
355 invalid_mode,
356 0, sizeof( buf ), buf,
357 buf ) );
358 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
359 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
360 valid_mode,
361 0, sizeof( buf ), NULL,
362 buf ) );
363 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
364 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
365 valid_mode,
366 0, sizeof( buf ), buf,
367 NULL ) );
368 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
369 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
370 valid_mode,
371 MBEDTLS_MD_SHA1, 0, NULL,
372 buf ) );
373
374 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
375 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
376 NULL,
377 valid_mode,
378 0, sizeof( buf ), buf,
379 buf ) );
380 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
381 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
382 NULL,
383 invalid_mode,
384 0, sizeof( buf ), buf,
385 buf ) );
386 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
387 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
388 NULL,
389 valid_mode,
390 0, sizeof( buf ),
391 NULL, buf ) );
392 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
393 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
394 NULL,
395 valid_mode,
396 0, sizeof( buf ), buf,
397 NULL ) );
398 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
399 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
400 NULL,
401 valid_mode,
402 MBEDTLS_MD_SHA1,
403 0, NULL,
404 buf ) );
405
406 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
407 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
408 valid_mode,
409 0, sizeof( buf ),
410 buf, buf ) );
411 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
412 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
413 invalid_mode,
414 0, sizeof( buf ),
415 buf, buf ) );
416 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
417 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
418 valid_mode,
419 0, sizeof( buf ),
420 NULL, buf ) );
421 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
422 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
423 valid_mode,
424 0, sizeof( buf ),
425 buf, NULL ) );
426 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
427 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
428 valid_mode,
429 MBEDTLS_MD_SHA1,
430 0, NULL,
431 buf ) );
432
433 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
434 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
435 valid_mode,
436 0, sizeof( buf ),
437 buf,
438 0, 0,
439 buf ) );
440 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
441 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
442 invalid_mode,
443 0, sizeof( buf ),
444 buf,
445 0, 0,
446 buf ) );
447 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
448 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
449 valid_mode,
450 0, sizeof( buf ),
451 NULL, 0, 0,
452 buf ) );
453 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
454 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
455 valid_mode,
456 0, sizeof( buf ),
457 buf, 0, 0,
458 NULL ) );
459 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
460 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
461 valid_mode,
462 MBEDTLS_MD_SHA1,
463 0, NULL,
464 0, 0,
465 buf ) );
466
467 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
468 mbedtls_rsa_copy( NULL, &ctx ) );
469 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
470 mbedtls_rsa_copy( &ctx, NULL ) );
471
472exit:
473 return;
474}
475/* END_CASE */
476
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]477/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]478void rsa_init_free( int reinit )
479{
480 mbedtls_rsa_context ctx;
481
482 /* Double free is not explicitly documented to work, but we rely on it
483 * even inside the library so that you can call mbedtls_rsa_free()
484 * unconditionally on an error path without checking whether it has
485 * already been called in the success path. */
486
487 mbedtls_rsa_init( &ctx, 0, 0 );
488 mbedtls_rsa_free( &ctx );
489
490 if( reinit )
491 mbedtls_rsa_init( &ctx, 0, 0 );
492 mbedtls_rsa_free( &ctx );
493
494 /* This test case always succeeds, functionally speaking. A plausible
495 * bug might trigger an invalid pointer dereference or a memory leak. */
496 goto exit;
497}
498/* END_CASE */
499
500/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]501void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]502 int digest, int mod, int radix_P, char * input_P,
503 int radix_Q, char * input_Q, int radix_N,
504 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]505 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]506{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]507 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
508 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]509 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]510 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]511 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]512
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]513 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
514 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]515 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]516
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]517 memset( hash_result, 0x00, sizeof( hash_result ) );
518 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]519 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]520
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]521 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
522 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
523 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
524 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]525
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]526 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
527 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]528 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]529 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]530
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]531
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]532 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]533 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]534
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]535 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
536 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
537 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]538 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]539 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]540
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]541 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
542 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]544
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]545exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]546 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
547 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]548 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]549}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]550/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]551
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]552/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]553void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]554 int digest, int mod, int radix_N,
555 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]556 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]557{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]558 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]559 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]560
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]561 mbedtls_mpi N, E;
562
563 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]564 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]565 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]566
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]567 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
568 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
569 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
570 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]571 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]572
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]573
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]574 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]575 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]576
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]577 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]578
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]579exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]580 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]581 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]582}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]583/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]584
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]585
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]586/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]587void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]588 int padding_mode, int mod, int radix_P,
589 char * input_P, int radix_Q, char * input_Q,
590 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]591 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]592{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]593 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]594 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]595 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]596 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]597
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]598 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]599 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
600 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]601
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]602 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]603 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]604
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]605 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
606 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
607 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
608 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]609
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]610 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
611 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]612 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]614
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]615
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]616 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
617 &rnd_info, MBEDTLS_RSA_PRIVATE,
618 MBEDTLS_MD_NONE, hash_result->len,
619 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]620
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]621
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]622 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
623 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]624
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]625#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]626 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]628 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]629 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]630 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]631
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]632 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]633 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
634 MBEDTLS_RSA_PRIVATE, hash_result->len,
635 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]636
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]637#if !defined(MBEDTLS_RSA_ALT)
638 TEST_ASSERT( res == 0 );
639#else
640 TEST_ASSERT( ( res == 0 ) ||
TRodziewiczb579ccd2021-04-13 14:28:28 +0200[diff] [blame]641 ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]642#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]643
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]644 if( res == 0 )
645 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]646 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]647 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]648 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]649 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]650 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]651#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]652
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]653exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]654 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
655 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
656
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]658}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]659/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]660
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]661/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]662void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]663 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]664 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]665 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]666{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]667 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]668 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]669
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]670 mbedtls_mpi N, E;
671 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
672
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]673 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]674 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]675
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]676 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
677 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]678
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]679 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
680 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]681 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]682
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]683
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]684 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]685
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]686exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]687 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]688 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]689}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]690/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]691
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]692/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]693void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]694 int mod, int radix_N, char * input_N,
695 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]696 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]697{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]698 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]699 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]700 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]701
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]702 mbedtls_mpi N, E;
703 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
704
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]705 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]706
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]707 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]708 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]709
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]710 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
711 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]712
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]713 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
714 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]716
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]717
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]718 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
719 &mbedtls_test_rnd_pseudo_rand,
720 &rnd_info, MBEDTLS_RSA_PUBLIC,
721 message_str->len, message_str->x,
722 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]723 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]724 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]725
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]726 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
727 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]728 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]729
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]730exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]731 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]732 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]733}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]734/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]735
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]736/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]737void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]738 int mod, int radix_N, char * input_N,
739 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]740 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]741{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]742 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]743 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]744
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]745 mbedtls_mpi N, E;
746
747 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]748 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]749 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]750
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]751 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
752 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]753
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]754 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
755 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]756 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]757
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]758
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]759 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
760 NULL, MBEDTLS_RSA_PUBLIC,
761 message_str->len, message_str->x,
762 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]763 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]764 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]765
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]766 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
767 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]768 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]769
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]770exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]771 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]772 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]773}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]774/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]775
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]776/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]777void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]778 int mod, int radix_P, char * input_P,
779 int radix_Q, char * input_Q, int radix_N,
780 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]781 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]782 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]783{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]784 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]785 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]786 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]787 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]788 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]789
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]790 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
791 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
792
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]793 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]794
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]795 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]796 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]797
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]798
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]799 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
800 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
801 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
802 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]803
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]804 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
805 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]806 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]807 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]808
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]809 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]810
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]811 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]812 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]813 &output_len, message_str->x, output,
814 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]815 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]816 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]817
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]818 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]819 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]820 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]821 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]822
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]823exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]824 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
825 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]826 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]827}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]828/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]829
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]830/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]831void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]832 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]833 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]834{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]835 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]836 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]837
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]838 mbedtls_mpi N, E;
839
840 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]841 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
842 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]843 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]844
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]845 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
846 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]847
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]848 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
849 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]850 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]851
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]852
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]853 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]854 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]855 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]856
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]857 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
858 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]859 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]860
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]861 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]862 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]863 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]864 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]865
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]866 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]867
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]868 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]869 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]870 if( result == 0 )
871 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]872
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]873 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
874 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]875 }
876
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]877exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]878 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]879 mbedtls_rsa_free( &ctx );
880 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]881}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]882/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]883
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]884/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]885void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]886 char * input_P, int radix_Q, char * input_Q,
887 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]888 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]889 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]890{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]891 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]892 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]893 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]894 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]895 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]896
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]897 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
898 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]899 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
900 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]901
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]902 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]903
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]904 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
905 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
906 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
907 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]908
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]909 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
910 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]911 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]912 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]913
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]914
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]915 /* repeat three times to test updating of blinding values */
916 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]917 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]918 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]919 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
920 &rnd_info, message_str->x,
921 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]922 if( result == 0 )
923 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]924
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]925 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]926 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]927 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]928 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]929 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]930
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]931 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]932 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]933 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]934 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]935
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]936 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]937
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]938 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]939 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
940 &rnd_info, message_str->x,
941 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]942 if( result == 0 )
943 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]944
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]945 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]946 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]947 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]948 }
949
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]950exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]951 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
952 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
953
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]954 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]955}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]956/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]957
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]958/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]959void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]960{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]961 mbedtls_rsa_context ctx;
962 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]963
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]965}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]966/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]967
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]968/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]969void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
970 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]971{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]973 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]974
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]975 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]977
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]978 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]979 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]980 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]981 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]982 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]983 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]984 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]985 }
986
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]987 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]988 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]989
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]990exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]991 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]992 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]993}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]994/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]995
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]996/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]997void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
998 int radix_Q, char * input_Q, int radix_N,
999 char * input_N, int radix_E, char * input_E,
1000 int radix_D, char * input_D, int radix_DP,
1001 char * input_DP, int radix_DQ,
1002 char * input_DQ, int radix_QP,
1003 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1004{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1005 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1006
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1007 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1008
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1009 ctx.len = mod / 8;
1010 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1011 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1012 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1013 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1014 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1015 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1016 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1017 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1018 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1019 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1021 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1022 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1023 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1025 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1026 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1027 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1029 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1030#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1031 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1032 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1033 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1034 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1035 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1036 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1037 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1038 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1039 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1040 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1041 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1042 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1043#else
1044 ((void) radix_DP); ((void) input_DP);
1045 ((void) radix_DQ); ((void) input_DQ);
1046 ((void) radix_QP); ((void) input_QP);
1047#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1048
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1049 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1050
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1051exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1052 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1053}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1054/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1055
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1056/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1057void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1058 int radix_Epub, char * input_Epub, int radix_P,
1059 char * input_P, int radix_Q, char * input_Q,
1060 int radix_N, char * input_N, int radix_E,
1061 char * input_E, int radix_D, char * input_D,
1062 int radix_DP, char * input_DP, int radix_DQ,
1063 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1064 int result )
1065{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1066 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1067
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1068 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1069 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1070
1071 pub.len = mod / 8;
1072 prv.len = mod / 8;
1073
1074 if( strlen( input_Npub ) )
1075 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1076 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1077 }
1078 if( strlen( input_Epub ) )
1079 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1080 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1081 }
1082
1083 if( strlen( input_P ) )
1084 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1085 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1086 }
1087 if( strlen( input_Q ) )
1088 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1089 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1090 }
1091 if( strlen( input_N ) )
1092 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1093 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1094 }
1095 if( strlen( input_E ) )
1096 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1097 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1098 }
1099 if( strlen( input_D ) )
1100 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1101 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1102 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1103#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1104 if( strlen( input_DP ) )
1105 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1106 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1107 }
1108 if( strlen( input_DQ ) )
1109 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1110 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1111 }
1112 if( strlen( input_QP ) )
1113 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1114 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1115 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1116#else
1117 ((void) radix_DP); ((void) input_DP);
1118 ((void) radix_DQ); ((void) input_DQ);
1119 ((void) radix_QP); ((void) input_QP);
1120#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1121
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1122 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1123
1124exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1125 mbedtls_rsa_free( &pub );
1126 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1127}
1128/* END_CASE */
1129
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1130/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1131void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1132{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1133 mbedtls_rsa_context ctx;
1134 mbedtls_entropy_context entropy;
1135 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1136 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1137
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1138 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1139 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1140 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1141
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1142 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1143 &entropy, (const unsigned char *) pers,
1144 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1145
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1146 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1147 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1148 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1149 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1150 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1151 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1152
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1153exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1154 mbedtls_rsa_free( &ctx );
1155 mbedtls_ctr_drbg_free( &ctr_drbg );
1156 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1157}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1158/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1159
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1160/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1161void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1162 int radix_D, char *input_D,
1163 int radix_E, char *input_E,
1164 int radix_P, char *output_P,
1165 int radix_Q, char *output_Q,
1166 int corrupt, int result )
1167{
1168 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1169
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1170 mbedtls_mpi_init( &N );
1171 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1172 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1173 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1174
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1175 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1176 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1177 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1178 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1179 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1180
1181 if( corrupt )
1182 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1183
1184 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1185 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1186
1187 if( !corrupt )
1188 {
1189 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1190 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1191 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1192 }
1193
1194exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1195 mbedtls_mpi_free( &N );
1196 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1197 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1198 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1199}
1200/* END_CASE */
1201
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1202/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1203void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1204 int radix_Q, char *input_Q,
1205 int radix_E, char *input_E,
1206 int radix_D, char *output_D,
1207 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1208{
1209 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1210
1211 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1212 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1213 mbedtls_mpi_init( &E );
1214 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1215
1216 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1217 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1218 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1219 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1220
1221 if( corrupt )
1222 {
1223 /* Make E even */
1224 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1225 }
1226
1227 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1228 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1229 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1230
1231 if( !corrupt )
1232 {
1233 /*
1234 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1235 */
1236
1237 /* Replace P,Q by P-1, Q-1 */
1238 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1239 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1240
1241 /* Check D == Dp modulo P-1 */
1242 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1243 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1244 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1245
1246 /* Check D == Dp modulo Q-1 */
1247 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1248 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1249 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1250 }
1251
1252exit:
1253
1254 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1255 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1256 mbedtls_mpi_free( &E );
1257 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1258}
1259/* END_CASE */
1260
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1261/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1262void mbedtls_rsa_import( int radix_N, char *input_N,
1263 int radix_P, char *input_P,
1264 int radix_Q, char *input_Q,
1265 int radix_D, char *input_D,
1266 int radix_E, char *input_E,
1267 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1268 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1269 int res_check,
1270 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1271{
1272 mbedtls_mpi N, P, Q, D, E;
1273 mbedtls_rsa_context ctx;
1274
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1275 /* Buffers used for encryption-decryption test */
1276 unsigned char *buf_orig = NULL;
1277 unsigned char *buf_enc = NULL;
1278 unsigned char *buf_dec = NULL;
1279
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1280 mbedtls_entropy_context entropy;
1281 mbedtls_ctr_drbg_context ctr_drbg;
1282 const char *pers = "test_suite_rsa";
1283
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1284 const int have_N = ( strlen( input_N ) > 0 );
1285 const int have_P = ( strlen( input_P ) > 0 );
1286 const int have_Q = ( strlen( input_Q ) > 0 );
1287 const int have_D = ( strlen( input_D ) > 0 );
1288 const int have_E = ( strlen( input_E ) > 0 );
1289
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1290 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1291 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1292 mbedtls_rsa_init( &ctx, 0, 0 );
1293
1294 mbedtls_mpi_init( &N );
1295 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1296 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1297
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1298 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1299 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1300
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1301 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1302 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1303
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1304 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1305 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1306
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1307 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1308 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1309
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1310 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1311 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1312
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1313 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1314 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1315
1316 if( !successive )
1317 {
1318 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1319 have_N ? &N : NULL,
1320 have_P ? &P : NULL,
1321 have_Q ? &Q : NULL,
1322 have_D ? &D : NULL,
1323 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1324 }
1325 else
1326 {
1327 /* Import N, P, Q, D, E separately.
1328 * This should make no functional difference. */
1329
1330 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1331 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1332 NULL, NULL, NULL, NULL ) == 0 );
1333
1334 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1335 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1336 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1337 NULL, NULL, NULL ) == 0 );
1338
1339 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1340 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1341 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1342 NULL, NULL ) == 0 );
1343
1344 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1345 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1346 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1347 NULL ) == 0 );
1348
1349 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1350 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1351 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1352 }
1353
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1354 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1355
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1356 /* On expected success, perform some public and private
1357 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1358 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1359 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1360 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1361 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1362 else
1363 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1364
1365 if( res_check != 0 )
1366 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1367
1368 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1369 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1370 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1371 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1372 goto exit;
1373
1374 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1375 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1376
1377 /* Make sure the number we're generating is smaller than the modulus */
1378 buf_orig[0] = 0x00;
1379
1380 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1381
1382 if( is_priv )
1383 {
1384 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1385 &ctr_drbg, buf_enc,
1386 buf_dec ) == 0 );
1387
1388 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1389 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1390 }
1391 }
1392
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1393exit:
1394
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1395 mbedtls_free( buf_orig );
1396 mbedtls_free( buf_enc );
1397 mbedtls_free( buf_dec );
1398
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1399 mbedtls_rsa_free( &ctx );
1400
1401 mbedtls_ctr_drbg_free( &ctr_drbg );
1402 mbedtls_entropy_free( &entropy );
1403
1404 mbedtls_mpi_free( &N );
1405 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1406 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1407}
1408/* END_CASE */
1409
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1410/* BEGIN_CASE */
1411void mbedtls_rsa_export( int radix_N, char *input_N,
1412 int radix_P, char *input_P,
1413 int radix_Q, char *input_Q,
1414 int radix_D, char *input_D,
1415 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1416 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1417 int successive )
1418{
1419 /* Original MPI's with which we set up the RSA context */
1420 mbedtls_mpi N, P, Q, D, E;
1421
1422 /* Exported MPI's */
1423 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1424
1425 const int have_N = ( strlen( input_N ) > 0 );
1426 const int have_P = ( strlen( input_P ) > 0 );
1427 const int have_Q = ( strlen( input_Q ) > 0 );
1428 const int have_D = ( strlen( input_D ) > 0 );
1429 const int have_E = ( strlen( input_E ) > 0 );
1430
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1431 mbedtls_rsa_context ctx;
1432
1433 mbedtls_rsa_init( &ctx, 0, 0 );
1434
1435 mbedtls_mpi_init( &N );
1436 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1437 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1438
1439 mbedtls_mpi_init( &Ne );
1440 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1441 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1442
1443 /* Setup RSA context */
1444
1445 if( have_N )
1446 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1447
1448 if( have_P )
1449 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1450
1451 if( have_Q )
1452 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1453
1454 if( have_D )
1455 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1456
1457 if( have_E )
1458 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1459
1460 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1461 strlen( input_N ) ? &N : NULL,
1462 strlen( input_P ) ? &P : NULL,
1463 strlen( input_Q ) ? &Q : NULL,
1464 strlen( input_D ) ? &D : NULL,
1465 strlen( input_E ) ? &E : NULL ) == 0 );
1466
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1467 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1468
1469 /*
1470 * Export parameters and compare to original ones.
1471 */
1472
1473 /* N and E must always be present. */
1474 if( !successive )
1475 {
1476 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1477 }
1478 else
1479 {
1480 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1481 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1482 }
1483 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1484 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1485
1486 /* If we were providing enough information to setup a complete private context,
1487 * we expect to be able to export all core parameters. */
1488
1489 if( is_priv )
1490 {
1491 if( !successive )
1492 {
1493 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1494 &De, NULL ) == 0 );
1495 }
1496 else
1497 {
1498 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1499 NULL, NULL ) == 0 );
1500 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1501 NULL, NULL ) == 0 );
1502 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1503 &De, NULL ) == 0 );
1504 }
1505
1506 if( have_P )
1507 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1508
1509 if( have_Q )
1510 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1511
1512 if( have_D )
1513 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1514
1515 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1516 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1517 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1518 }
1519
1520exit:
1521
1522 mbedtls_rsa_free( &ctx );
1523
1524 mbedtls_mpi_free( &N );
1525 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1526 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1527
1528 mbedtls_mpi_free( &Ne );
1529 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1530 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1531}
1532/* END_CASE */
1533
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1534/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1535void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1536 int radix_P, char *input_P,
1537 int radix_Q, char *input_Q,
1538 int radix_D, char *input_D,
1539 int radix_E, char *input_E,
1540 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1541{
1542 /* Original MPI's with which we set up the RSA context */
1543 mbedtls_mpi N, P, Q, D, E;
1544
1545 const int have_N = ( strlen( input_N ) > 0 );
1546 const int have_P = ( strlen( input_P ) > 0 );
1547 const int have_Q = ( strlen( input_Q ) > 0 );
1548 const int have_D = ( strlen( input_D ) > 0 );
1549 const int have_E = ( strlen( input_E ) > 0 );
1550
1551 mbedtls_entropy_context entropy;
1552 mbedtls_ctr_drbg_context ctr_drbg;
1553 const char *pers = "test_suite_rsa";
1554
1555 mbedtls_mpi_init( &N );
1556 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1557 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1558
1559 mbedtls_ctr_drbg_init( &ctr_drbg );
1560 mbedtls_entropy_init( &entropy );
1561 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1562 &entropy, (const unsigned char *) pers,
1563 strlen( pers ) ) == 0 );
1564
1565 if( have_N )
1566 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1567
1568 if( have_P )
1569 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1570
1571 if( have_Q )
1572 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1573
1574 if( have_D )
1575 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1576
1577 if( have_E )
1578 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1579
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1580 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1581 have_P ? &P : NULL,
1582 have_Q ? &Q : NULL,
1583 have_D ? &D : NULL,
1584 have_E ? &E : NULL,
1585 prng ? mbedtls_ctr_drbg_random : NULL,
1586 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1587exit:
1588
1589 mbedtls_ctr_drbg_free( &ctr_drbg );
1590 mbedtls_entropy_free( &entropy );
1591
1592 mbedtls_mpi_free( &N );
1593 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1594 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1595}
1596/* END_CASE */
1597
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1598/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1599void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1600 data_t *input_Q, data_t *input_D,
1601 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1602 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1603{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1604 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1605 unsigned char bufNe[256];
1606 unsigned char bufPe[128];
1607 unsigned char bufQe[128];
1608 unsigned char bufDe[256];
1609 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1610
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1611 mbedtls_rsa_context ctx;
1612
1613 mbedtls_rsa_init( &ctx, 0, 0 );
1614
1615 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1616 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1617 input_N->len ? input_N->x : NULL, input_N->len,
1618 input_P->len ? input_P->x : NULL, input_P->len,
1619 input_Q->len ? input_Q->x : NULL, input_Q->len,
1620 input_D->len ? input_D->x : NULL, input_D->len,
1621 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1622
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1623 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1624
1625 /*
1626 * Export parameters and compare to original ones.
1627 */
1628
1629 /* N and E must always be present. */
1630 if( !successive )
1631 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1632 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1633 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1634 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1635 }
1636 else
1637 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1638 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1639 NULL, 0, NULL, 0, NULL, 0,
1640 NULL, 0 ) == 0 );
1641 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1642 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1643 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1644 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1645 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1646 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1647
1648 /* If we were providing enough information to setup a complete private context,
1649 * we expect to be able to export all core parameters. */
1650
1651 if( is_priv )
1652 {
1653 if( !successive )
1654 {
1655 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1656 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1657 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1658 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1659 NULL, 0 ) == 0 );
1660 }
1661 else
1662 {
1663 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1664 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1665 NULL, 0, NULL, 0,
1666 NULL, 0 ) == 0 );
1667
1668 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1669 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1670 NULL, 0, NULL, 0 ) == 0 );
1671
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1672 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1673 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1674 NULL, 0 ) == 0 );
1675 }
1676
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1677 if( input_P->len )
1678 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1679
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1680 if( input_Q->len )
1681 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1682
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1683 if( input_D->len )
1684 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1685
1686 }
1687
1688exit:
1689 mbedtls_rsa_free( &ctx );
1690}
1691/* END_CASE */
1692
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1693/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1694void mbedtls_rsa_import_raw( data_t *input_N,
1695 data_t *input_P, data_t *input_Q,
1696 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1697 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1698 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1699 int res_check,
1700 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1701{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1702 /* Buffers used for encryption-decryption test */
1703 unsigned char *buf_orig = NULL;
1704 unsigned char *buf_enc = NULL;
1705 unsigned char *buf_dec = NULL;
1706
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1707 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1708 mbedtls_entropy_context entropy;
1709 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1710
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1711 const char *pers = "test_suite_rsa";
1712
1713 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1714 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1715 mbedtls_rsa_init( &ctx, 0, 0 );
1716
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1717 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1718 &entropy, (const unsigned char *) pers,
1719 strlen( pers ) ) == 0 );
1720
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1721 if( !successive )
1722 {
1723 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1724 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1725 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1726 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1727 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1728 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1729 }
1730 else
1731 {
1732 /* Import N, P, Q, D, E separately.
1733 * This should make no functional difference. */
1734
1735 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1736 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1737 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1738
1739 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1740 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1741 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1742 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1743
1744 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1745 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1746 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1747 NULL, 0, NULL, 0 ) == 0 );
1748
1749 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1750 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1751 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1752 NULL, 0 ) == 0 );
1753
1754 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1755 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1756 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1757 }
1758
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1759 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1760
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1761 /* On expected success, perform some public and private
1762 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1763 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1764 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1765 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1766 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1767 else
1768 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1769
1770 if( res_check != 0 )
1771 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1772
1773 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1774 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1775 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1776 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1777 goto exit;
1778
1779 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1780 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1781
1782 /* Make sure the number we're generating is smaller than the modulus */
1783 buf_orig[0] = 0x00;
1784
1785 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1786
1787 if( is_priv )
1788 {
1789 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1790 &ctr_drbg, buf_enc,
1791 buf_dec ) == 0 );
1792
1793 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1794 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1795 }
1796 }
1797
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1798exit:
1799
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1800 mbedtls_free( buf_orig );
1801 mbedtls_free( buf_enc );
1802 mbedtls_free( buf_dec );
1803
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1804 mbedtls_rsa_free( &ctx );
1805
1806 mbedtls_ctr_drbg_free( &ctr_drbg );
1807 mbedtls_entropy_free( &entropy );
1808
1809}
1810/* END_CASE */
1811
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1812/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1813void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1814{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1815 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1816}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1817/* END_CASE */