TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 351f0eee205f5cc99407ca0b83b88d292a834e32 / . / tests / suites / test_suite_pkcs1_v15.function
blob: 8d2192f461a23bf37caf8d36efcdf5387f53eb01 [file] [log] [blame]
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/rsa.h"
3#include "mbedtls/md.h"
4/* END_HEADER */
5
6/* BEGIN_DEPENDENCIES
7 * depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
8 * END_DEPENDENCIES
9 */
10
11/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]12void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
13 int radix_E, char * input_E, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]14 data_t * message_str, data_t * rnd_buf,
15 data_t * result_hex_str, int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]16{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]17 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]18 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]19 mbedtls_test_rnd_buf_info info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]20 mbedtls_mpi N, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]21
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]22 info.buf = rnd_buf->x;
23 info.length = rnd_buf->len;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]24
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]25 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]26 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]27 memset( output, 0x00, sizeof( output ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]28
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]29 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
30 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
31 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
32 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]33 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
34
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]35 if( message_str->len == 0 )
36 message_str->x = NULL;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]37 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_buffer_rand, &info, MBEDTLS_RSA_PUBLIC, message_str->len, message_str->x, output ) == result );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]38 if( result == 0 )
39 {
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]40 TEST_ASSERT( mbedtls_test_hexcmp( output, result_hex_str->x,
41 ctx.len, result_hex_str->len ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]42 }
43
44exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]45 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]46 mbedtls_rsa_free( &ctx );
47}
48/* END_CASE */
49
50/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]51void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P,
52 int radix_Q, char * input_Q, int radix_N,
53 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]54 int hash, data_t * result_hex_str,
55 char * seed, data_t * message_str,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]56 int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]57{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]58 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]59 mbedtls_rsa_context ctx;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]60 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]61 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]62 mbedtls_mpi N, P, Q, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]63 ((void) seed);
64
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]65 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
66 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]67 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
68
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]69 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]70 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]71
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]72 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
73 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
74 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
75 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]76
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]77 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
78 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]79 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]80 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
81
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]82 if( result_hex_str->len == 0 )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]83 {
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]84 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, NULL, 0 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]85 }
86 else
87 {
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]88 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, 1000 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]89 if( result == 0 )
90 {
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]91 TEST_ASSERT( mbedtls_test_hexcmp( output, result_hex_str->x,
92 output_len,
93 result_hex_str->len) == 0 );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]94 }
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]95 }
96
97exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]98 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
99 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]100 mbedtls_rsa_free( &ctx );
101}
102/* END_CASE */
103
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]104/* BEGIN_CASE */
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]105void pkcs1_v15_decode( int mode,
106 data_t *input,
107 int expected_plaintext_length_arg,
108 int output_size_arg,
109 int expected_result )
110{
111 size_t expected_plaintext_length = expected_plaintext_length_arg;
112 size_t output_size = output_size_arg;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]113 mbedtls_test_rnd_pseudo_info rnd_info;
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]114 mbedtls_mpi Nmpi, Empi, Pmpi, Qmpi;
115 mbedtls_rsa_context ctx;
116 static unsigned char N[128] = {
117 0xc4, 0x79, 0x4c, 0x6d, 0xb2, 0xe9, 0xdf, 0xc5,
118 0xe5, 0xd7, 0x55, 0x4b, 0xfb, 0x6c, 0x2e, 0xec,
119 0x84, 0xd0, 0x88, 0x12, 0xaf, 0xbf, 0xb4, 0xf5,
120 0x47, 0x3c, 0x7e, 0x92, 0x4c, 0x58, 0xc8, 0x73,
121 0xfe, 0x8f, 0x2b, 0x8f, 0x8e, 0xc8, 0x5c, 0xf5,
122 0x05, 0xeb, 0xfb, 0x0d, 0x7b, 0x2a, 0x93, 0xde,
123 0x15, 0x0d, 0xc8, 0x13, 0xcf, 0xd2, 0x6f, 0x0d,
124 0x9d, 0xad, 0x30, 0xe5, 0x70, 0x20, 0x92, 0x9e,
125 0xb3, 0x6b, 0xba, 0x5c, 0x50, 0x0f, 0xc3, 0xb2,
126 0x7e, 0x64, 0x07, 0x94, 0x7e, 0xc9, 0x4e, 0xc1,
127 0x65, 0x04, 0xaf, 0xb3, 0x9f, 0xde, 0xa8, 0x46,
128 0xfa, 0x6c, 0xf3, 0x03, 0xaf, 0x1c, 0x1b, 0xec,
129 0x75, 0x44, 0x66, 0x77, 0xc9, 0xde, 0x51, 0x33,
130 0x64, 0x27, 0xb0, 0xd4, 0x8d, 0x31, 0x6a, 0x11,
131 0x27, 0x3c, 0x99, 0xd4, 0x22, 0xc0, 0x9d, 0x12,
132 0x01, 0xc7, 0x4a, 0x73, 0xac, 0xbf, 0xc2, 0xbb
133 };
134 static unsigned char E[1] = { 0x03 };
135 static unsigned char P[64] = {
136 0xe5, 0x53, 0x1f, 0x88, 0x51, 0xee, 0x59, 0xf8,
137 0xc1, 0xe4, 0xcc, 0x5b, 0xb3, 0x75, 0x8d, 0xc8,
138 0xe8, 0x95, 0x2f, 0xd0, 0xef, 0x37, 0xb4, 0xcd,
139 0xd3, 0x9e, 0x48, 0x8b, 0x81, 0x58, 0x60, 0xb9,
140 0x27, 0x1d, 0xb6, 0x28, 0x92, 0x64, 0xa3, 0xa5,
141 0x64, 0xbd, 0xcc, 0x53, 0x68, 0xdd, 0x3e, 0x55,
142 0xea, 0x9d, 0x5e, 0xcd, 0x1f, 0x96, 0x87, 0xf1,
143 0x29, 0x75, 0x92, 0x70, 0x8f, 0x28, 0xfb, 0x2b
144 };
145 static unsigned char Q[64] = {
146 0xdb, 0x53, 0xef, 0x74, 0x61, 0xb4, 0x20, 0x3b,
147 0x3b, 0x87, 0x76, 0x75, 0x81, 0x56, 0x11, 0x03,
148 0x59, 0x31, 0xe3, 0x38, 0x4b, 0x8c, 0x7a, 0x9c,
149 0x05, 0xd6, 0x7f, 0x1e, 0x5e, 0x60, 0xf0, 0x4e,
150 0x0b, 0xdc, 0x34, 0x54, 0x1c, 0x2e, 0x90, 0x83,
151 0x14, 0xef, 0xc0, 0x96, 0x5c, 0x30, 0x10, 0xcc,
152 0xc1, 0xba, 0xa0, 0x54, 0x3f, 0x96, 0x24, 0xca,
153 0xa3, 0xfb, 0x55, 0xbc, 0x71, 0x29, 0x4e, 0xb1
154 };
155 unsigned char original[128];
156 unsigned char intermediate[128];
157 static unsigned char default_content[128] = {
158 /* A randomly generated pattern. */
159 0x4c, 0x27, 0x54, 0xa0, 0xce, 0x0d, 0x09, 0x4a,
160 0x1c, 0x38, 0x8e, 0x2d, 0xa3, 0xc4, 0xe0, 0x19,
161 0x4c, 0x99, 0xb2, 0xbf, 0xe6, 0x65, 0x7e, 0x58,
162 0xd7, 0xb6, 0x8a, 0x05, 0x2f, 0xa5, 0xec, 0xa4,
163 0x35, 0xad, 0x10, 0x36, 0xff, 0x0d, 0x08, 0x50,
164 0x74, 0x47, 0xc9, 0x9c, 0x4a, 0xe7, 0xfd, 0xfa,
165 0x83, 0x5f, 0x14, 0x5a, 0x1e, 0xe7, 0x35, 0x08,
166 0xad, 0xf7, 0x0d, 0x86, 0xdf, 0xb8, 0xd4, 0xcf,
167 0x32, 0xb9, 0x5c, 0xbe, 0xa3, 0xd2, 0x89, 0x70,
168 0x7b, 0xc6, 0x48, 0x7e, 0x58, 0x4d, 0xf3, 0xef,
169 0x34, 0xb7, 0x57, 0x54, 0x79, 0xc5, 0x8e, 0x0a,
170 0xa3, 0xbf, 0x6d, 0x42, 0x83, 0x25, 0x13, 0xa2,
171 0x95, 0xc0, 0x0d, 0x32, 0xec, 0x77, 0x91, 0x2b,
172 0x68, 0xb6, 0x8c, 0x79, 0x15, 0xfb, 0x94, 0xde,
173 0xb9, 0x2b, 0x94, 0xb3, 0x28, 0x23, 0x86, 0x3d,
174 0x37, 0x00, 0xe6, 0xf1, 0x1f, 0x4e, 0xd4, 0x42
175 };
176 unsigned char final[128];
177 size_t output_length = 0x7EA0;
178
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]179 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]180 mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi );
181 mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi );
182 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
183
184 TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 );
185 TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 );
186 TEST_ASSERT( mbedtls_mpi_read_binary( &Pmpi, P, sizeof( P ) ) == 0 );
187 TEST_ASSERT( mbedtls_mpi_read_binary( &Qmpi, Q, sizeof( Q ) ) == 0 );
188
189 TEST_ASSERT( mbedtls_rsa_import( &ctx, &Nmpi, &Pmpi, &Qmpi,
190 NULL, &Empi ) == 0 );
191 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
192
193 TEST_ASSERT( input->len <= sizeof( N ) );
194 memcpy( original, input->x, input->len );
195 memset( original + input->len, 'd', sizeof( original ) - input->len );
196 if( mode == MBEDTLS_RSA_PRIVATE )
197 TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 );
198 else
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]199 TEST_ASSERT( mbedtls_rsa_private( &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info,
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]200 original, intermediate ) == 0 );
201
202 memcpy( final, default_content, sizeof( final ) );
203 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]204 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]205 mode,
206 &output_length,
207 intermediate,
208 final,
209 output_size ) == expected_result );
210 if( expected_result == 0 )
211 {
212 TEST_ASSERT( output_length == expected_plaintext_length );
213 TEST_ASSERT( memcmp( original + sizeof( N ) - output_length,
214 final,
215 output_length ) == 0 );
216 }
217 else if( expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING ||
218 expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE )
219 {
220 size_t max_payload_length =
221 output_size > sizeof( N ) - 11 ? sizeof( N ) - 11 : output_size;
222 size_t i;
223 size_t count = 0;
224
225#if !defined(MBEDTLS_RSA_ALT)
226 /* Check that the output in invalid cases is what the default
227 * implementation currently does. Alternative implementations
228 * may produce different output, so we only perform these precise
229 * checks when using the default implementation. */
230 TEST_ASSERT( output_length == max_payload_length );
231 for( i = 0; i < max_payload_length; i++ )
232 TEST_ASSERT( final[i] == 0 );
233#endif
234 /* Even in alternative implementations, the outputs must have
235 * changed, otherwise it indicates at least a timing vulnerability
236 * because no write to the outputs is performed in the bad case. */
237 TEST_ASSERT( output_length != 0x7EA0 );
238 for( i = 0; i < max_payload_length; i++ )
239 count += ( final[i] == default_content[i] );
240 /* If more than 16 bytes are unchanged in final, that's evidence
241 * that final wasn't overwritten. */
242 TEST_ASSERT( count < 16 );
243 }
244
245exit:
246 mbedtls_mpi_free( &Nmpi ); mbedtls_mpi_free( &Empi );
247 mbedtls_mpi_free( &Pmpi ); mbedtls_mpi_free( &Qmpi );
248 mbedtls_rsa_free( &ctx );
249}
250/* END_CASE */
251
252/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]253void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
254 char * input_Q, int radix_N, char * input_N,
255 int radix_E, char * input_E, int digest, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]256 data_t * message_str, data_t * rnd_buf,
257 data_t * result_hex_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]258{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]259 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
260 unsigned char output[128];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]261 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]262 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]263 mbedtls_test_rnd_buf_info info;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]264
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]265 info.buf = rnd_buf->x;
266 info.length = rnd_buf->len;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]267
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]268 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
269 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]270 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
271
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]272 memset( hash_result, 0x00, sizeof( hash_result ) );
273 memset( output, 0x00, sizeof( output ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]274
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]275 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
276 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
277 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
278 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]279
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]280 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
281 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]282 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]283 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
284
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]285
286 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]287 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]288
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame^]289 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]290 if( result == 0 )
291 {
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]292
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]293 TEST_ASSERT( mbedtls_test_hexcmp( output, result_hex_str->x,
294 ctx.len, result_hex_str->len ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]295 }
296
297exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]298 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
299 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]300 mbedtls_rsa_free( &ctx );
301}
302/* END_CASE */
303
304/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]305void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
306 int radix_E, char * input_E, int digest,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]307 int hash, data_t * message_str, char * salt,
308 data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]309{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]310 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]311 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]312 mbedtls_mpi N, E;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]313 ((void) salt);
314
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]315 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]316 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]317 memset( hash_result, 0x00, sizeof( hash_result ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]318
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]319 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
320 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
321 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
322 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]323 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
324
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]325
326 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]327 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]328
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]329 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]330
331exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]332 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]333 mbedtls_rsa_free( &ctx );
334}
335/* END_CASE */