TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 4128c2032e7067baded442ef9b24557b9f54d0f0 / . / tests / suites / test_suite_rsa.function
blob: 2d7fb8ef6707741989649ff40c257d2dea3434a2 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
106 valid_mode,
107 sizeof( buf ), buf,
108 buf ) );
109 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
110 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
111 invalid_mode,
112 sizeof( buf ), buf,
113 buf ) );
114 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
115 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
116 valid_mode,
117 sizeof( buf ), NULL,
118 buf ) );
119 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
120 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
121 valid_mode,
122 sizeof( buf ), buf,
123 NULL ) );
124
125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
127 NULL,
128 valid_mode,
129 sizeof( buf ), buf,
130 buf ) );
131 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
132 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
133 NULL,
134 invalid_mode,
135 sizeof( buf ), buf,
136 buf ) );
137 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
138 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
139 NULL,
140 valid_mode,
141 sizeof( buf ), NULL,
142 buf ) );
143 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
144 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
145 NULL,
146 valid_mode,
147 sizeof( buf ), buf,
148 NULL ) );
149
150 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
151 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
152 valid_mode,
153 buf, sizeof( buf ),
154 sizeof( buf ), buf,
155 buf ) );
156 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
157 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
158 invalid_mode,
159 buf, sizeof( buf ),
160 sizeof( buf ), buf,
161 buf ) );
162 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
163 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
164 valid_mode,
165 NULL, sizeof( buf ),
166 sizeof( buf ), buf,
167 buf ) );
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
170 valid_mode,
171 buf, sizeof( buf ),
172 sizeof( buf ), NULL,
173 buf ) );
174 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
175 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
176 valid_mode,
177 buf, sizeof( buf ),
178 sizeof( buf ), buf,
179 NULL ) );
180
181 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
182 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
183 valid_mode, &olen,
184 buf, buf, 42 ) );
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
187 invalid_mode, &olen,
188 buf, buf, 42 ) );
189 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
190 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
191 valid_mode, NULL,
192 buf, buf, 42 ) );
193 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
194 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
195 valid_mode, &olen,
196 NULL, buf, 42 ) );
197 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
198 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
199 valid_mode, &olen,
200 buf, NULL, 42 ) );
201
202 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
203 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
204 NULL,
205 valid_mode, &olen,
206 buf, buf, 42 ) );
207 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
208 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
209 NULL,
210 invalid_mode, &olen,
211 buf, buf, 42 ) );
212 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
213 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
214 NULL,
215 valid_mode, NULL,
216 buf, buf, 42 ) );
217 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
218 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
219 NULL,
220 valid_mode, &olen,
221 NULL, buf, 42 ) );
222 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
223 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
224 NULL,
225 valid_mode, &olen,
226 buf, NULL, 42 ) );
227
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
230 valid_mode,
231 buf, sizeof( buf ),
232 &olen,
233 buf, buf, 42 ) );
234 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
235 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
236 invalid_mode,
237 buf, sizeof( buf ),
238 &olen,
239 buf, buf, 42 ) );
240 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
241 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
242 valid_mode,
243 NULL, sizeof( buf ),
244 NULL,
245 buf, buf, 42 ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
248 valid_mode,
249 buf, sizeof( buf ),
250 &olen,
251 NULL, buf, 42 ) );
252 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
253 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
254 valid_mode,
255 buf, sizeof( buf ),
256 &olen,
257 buf, NULL, 42 ) );
258
259 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
260 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
261 valid_mode,
262 0, sizeof( buf ), buf,
263 buf ) );
264 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
265 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
266 invalid_mode,
267 0, sizeof( buf ), buf,
268 buf ) );
269 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
270 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
271 valid_mode,
272 0, sizeof( buf ), NULL,
273 buf ) );
274 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
275 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
276 valid_mode,
277 0, sizeof( buf ), buf,
278 NULL ) );
279 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
280 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
281 valid_mode,
282 MBEDTLS_MD_SHA1,
283 0, NULL,
284 buf ) );
285
286 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
287 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
288 valid_mode,
289 0, sizeof( buf ), buf,
290 buf ) );
291 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
292 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
293 invalid_mode,
294 0, sizeof( buf ), buf,
295 buf ) );
296 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
297 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
298 valid_mode,
299 0, sizeof( buf ), NULL,
300 buf ) );
301 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
302 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
303 valid_mode,
304 0, sizeof( buf ), buf,
305 NULL ) );
306 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
307 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
308 valid_mode,
309 MBEDTLS_MD_SHA1,
310 0, NULL,
311 buf ) );
312
313 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
314 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
315 valid_mode,
316 0, sizeof( buf ), buf,
317 buf ) );
318 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
319 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
320 invalid_mode,
321 0, sizeof( buf ), buf,
322 buf ) );
323 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
324 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
325 valid_mode,
326 0, sizeof( buf ), NULL,
327 buf ) );
328 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
329 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
330 valid_mode,
331 0, sizeof( buf ), buf,
332 NULL ) );
333 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
334 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
335 valid_mode,
336 MBEDTLS_MD_SHA1,
337 0, NULL,
338 buf ) );
339
340 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]341 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
342 0, sizeof( buf ), buf,
343 MBEDTLS_RSA_SALT_LEN_ANY,
344 buf ) );
345 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
346 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
347 0, sizeof( buf ), NULL,
348 MBEDTLS_RSA_SALT_LEN_ANY,
349 buf ) );
350 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
351 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
352 0, sizeof( buf ), buf,
353 MBEDTLS_RSA_SALT_LEN_ANY,
354 NULL ) );
355 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
356 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
357 MBEDTLS_MD_SHA1,
358 0, NULL,
359 MBEDTLS_RSA_SALT_LEN_ANY,
360 buf ) );
361
362 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]363 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
364 valid_mode,
365 0, sizeof( buf ), buf,
366 buf ) );
367 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
368 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
369 invalid_mode,
370 0, sizeof( buf ), buf,
371 buf ) );
372 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
373 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
374 valid_mode,
375 0, sizeof( buf ), NULL,
376 buf ) );
377 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
378 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
379 valid_mode,
380 0, sizeof( buf ), buf,
381 NULL ) );
382 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
383 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
384 valid_mode,
385 MBEDTLS_MD_SHA1, 0, NULL,
386 buf ) );
387
388 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
389 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
390 NULL,
391 valid_mode,
392 0, sizeof( buf ), buf,
393 buf ) );
394 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
395 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
396 NULL,
397 invalid_mode,
398 0, sizeof( buf ), buf,
399 buf ) );
400 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
401 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
402 NULL,
403 valid_mode,
404 0, sizeof( buf ),
405 NULL, buf ) );
406 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
407 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
408 NULL,
409 valid_mode,
410 0, sizeof( buf ), buf,
411 NULL ) );
412 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
413 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
414 NULL,
415 valid_mode,
416 MBEDTLS_MD_SHA1,
417 0, NULL,
418 buf ) );
419
420 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
421 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
422 valid_mode,
423 0, sizeof( buf ),
424 buf, buf ) );
425 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
426 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
427 invalid_mode,
428 0, sizeof( buf ),
429 buf, buf ) );
430 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
431 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
432 valid_mode,
433 0, sizeof( buf ),
434 NULL, buf ) );
435 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
436 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
437 valid_mode,
438 0, sizeof( buf ),
439 buf, NULL ) );
440 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
441 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
442 valid_mode,
443 MBEDTLS_MD_SHA1,
444 0, NULL,
445 buf ) );
446
447 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
448 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
449 valid_mode,
450 0, sizeof( buf ),
451 buf,
452 0, 0,
453 buf ) );
454 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
455 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
456 invalid_mode,
457 0, sizeof( buf ),
458 buf,
459 0, 0,
460 buf ) );
461 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
462 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
463 valid_mode,
464 0, sizeof( buf ),
465 NULL, 0, 0,
466 buf ) );
467 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
468 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
469 valid_mode,
470 0, sizeof( buf ),
471 buf, 0, 0,
472 NULL ) );
473 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
474 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
475 valid_mode,
476 MBEDTLS_MD_SHA1,
477 0, NULL,
478 0, 0,
479 buf ) );
480
481 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
482 mbedtls_rsa_copy( NULL, &ctx ) );
483 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
484 mbedtls_rsa_copy( &ctx, NULL ) );
485
486exit:
487 return;
488}
489/* END_CASE */
490
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]491/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]492void rsa_init_free( int reinit )
493{
494 mbedtls_rsa_context ctx;
495
496 /* Double free is not explicitly documented to work, but we rely on it
497 * even inside the library so that you can call mbedtls_rsa_free()
498 * unconditionally on an error path without checking whether it has
499 * already been called in the success path. */
500
501 mbedtls_rsa_init( &ctx, 0, 0 );
502 mbedtls_rsa_free( &ctx );
503
504 if( reinit )
505 mbedtls_rsa_init( &ctx, 0, 0 );
506 mbedtls_rsa_free( &ctx );
507
508 /* This test case always succeeds, functionally speaking. A plausible
509 * bug might trigger an invalid pointer dereference or a memory leak. */
510 goto exit;
511}
512/* END_CASE */
513
514/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]515void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]516 int digest, int mod, int radix_P, char * input_P,
517 int radix_Q, char * input_Q, int radix_N,
518 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]519 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]520{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]521 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
522 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]523 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]524 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]525 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]527 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
528 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]529 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]530
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]531 memset( hash_result, 0x00, sizeof( hash_result ) );
532 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]533 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]534
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]535 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
536 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
537 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
538 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]539
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]540 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
541 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]542 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]543 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]544
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]545
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]546 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]547 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]548
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]549 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
550 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
551 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]552 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]553 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]554
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]555 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
556 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]557 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]558
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]559exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]560 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
561 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]562 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]563}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]564/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]565
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]566/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]567void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]568 int digest, int mod, int radix_N,
569 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]570 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]571{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]572 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]573 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]574
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]575 mbedtls_mpi N, E;
576
577 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]578 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]579 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]580
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]581 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
582 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]583 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
584 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]585 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]586
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]587
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]588 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]589 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]590
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]591 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]592
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]593exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]594 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]595 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]596}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]597/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]598
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]599
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]600/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]601void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]602 int padding_mode, int mod, int radix_P,
603 char * input_P, int radix_Q, char * input_Q,
604 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]605 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]606{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]607 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]608 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]609 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]610 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]611
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]612 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]613 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
614 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]615
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]616 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]617 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]618
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]619 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
620 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
621 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
622 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]623
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]624 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
625 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]626 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]628
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]629
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]630 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
631 &rnd_info, MBEDTLS_RSA_PRIVATE,
632 MBEDTLS_MD_NONE, hash_result->len,
633 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]634
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]635
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]636 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
637 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]638
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]639#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]640 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]641 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]642 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]643 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]644 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]645
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]646 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]647 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
648 MBEDTLS_RSA_PRIVATE, hash_result->len,
649 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]650
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]651#if !defined(MBEDTLS_RSA_ALT)
652 TEST_ASSERT( res == 0 );
653#else
654 TEST_ASSERT( ( res == 0 ) ||
655 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
656#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]657
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]658 if( res == 0 )
659 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]660 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]661 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]662 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]663 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]664 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]665#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]666
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]667exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]668 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
669 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
670
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]671 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]672}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]673/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]674
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]675/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]676void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]677 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]678 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]679 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]680{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]681 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]682 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]683
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]684 mbedtls_mpi N, E;
685 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
686
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]687 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]688 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]689
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]690 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
691 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]692
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]693 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
694 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]696
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]697
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]698 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]699
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]700#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]701 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]702 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]703 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]704 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]705 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]706 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]707
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]708 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]710 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]711
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]712#if !defined(MBEDTLS_RSA_ALT)
713 TEST_ASSERT( res == 0 );
714#else
715 TEST_ASSERT( ( res == 0 ) ||
716 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
717#endif
718
719 if( res == 0 )
720 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]721 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]722 if( correct == 0 )
723 TEST_ASSERT( ok == 1 );
724 else
725 TEST_ASSERT( ok == 0 );
726 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]727 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]728#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]729
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]730exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]731 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]732 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]733}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]734/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]735
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]736/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]737void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]738 int mod, int radix_N, char * input_N,
739 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]740 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]741{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]742 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]743 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]744 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]745
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]746 mbedtls_mpi N, E;
747 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
748
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]749 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]750
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]751 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]752 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]753
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]754 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
755 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]756
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]757 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
758 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]759 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]760
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]761
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]762 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
763 &mbedtls_test_rnd_pseudo_rand,
764 &rnd_info, MBEDTLS_RSA_PUBLIC,
765 message_str->len, message_str->x,
766 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]767 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]768 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]769
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]770 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
771 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]772 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]773
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]774exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]775 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]776 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]777}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]778/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]779
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]780/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]781void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]782 int mod, int radix_N, char * input_N,
783 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]784 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]785{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]786 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]787 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]788
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]789 mbedtls_mpi N, E;
790
791 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]792 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]793 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]794
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]795 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
796 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]797
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]798 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
799 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]800 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]801
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]802
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]803 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
804 NULL, MBEDTLS_RSA_PUBLIC,
805 message_str->len, message_str->x,
806 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]807 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]808 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]809
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]810 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
811 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]812 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]813
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]814exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]815 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]816 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]817}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]818/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]819
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]820/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]821void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]822 int mod, int radix_P, char * input_P,
823 int radix_Q, char * input_Q, int radix_N,
824 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]825 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]826 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]827{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]828 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]829 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]830 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]831 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]832 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]833
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]834 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
835 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
836
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]837 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]838
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]839 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]840 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]841
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]842
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]843 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
844 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
845 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
846 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]847
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]848 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
849 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]850 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]851 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]852
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]853 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]854
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]855 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
856 &rnd_info, MBEDTLS_RSA_PRIVATE,
857 &output_len, message_str->x, output,
858 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]859 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]860 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]861
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]862 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]863 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]864 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]865 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]866
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]867exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]868 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
869 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]870 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]871}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]872/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]873
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]874/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]875void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]876 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]877 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]878{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]879 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]880 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]881
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]882 mbedtls_mpi N, E;
883
884 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]885 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
886 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]887 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]888
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]889 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
890 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]891
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]892 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine88ea3e82021-06-09 16:24:35 +0200[diff] [blame]893
894 /* Check test data consistency */
895 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]896 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]897 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]898
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]899 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]900 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]901 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]902
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]903 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
904 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]905 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]906
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]907 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]908 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]909 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]910 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]911
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]912 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]913
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]914 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]915 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]916 if( result == 0 )
917 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]918
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]919 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
920 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]921 }
922
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]923exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]924 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]925 mbedtls_rsa_free( &ctx );
926 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]927}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]928/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]929
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]930/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]931void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]932 char * input_P, int radix_Q, char * input_Q,
933 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]934 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]935 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]936{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]937 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]938 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]939 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]940 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]941 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]942
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]943 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
944 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]945 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
946 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]947
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]948 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]949
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]950 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
951 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
952 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
953 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]954
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]955 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine88ea3e82021-06-09 16:24:35 +0200[diff] [blame]956
957 /* Check test data consistency */
958 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]959 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]960 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]961 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]962
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]963 /* repeat three times to test updating of blinding values */
964 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]965 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]966 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]967 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
968 &rnd_info, message_str->x,
969 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]970 if( result == 0 )
971 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]972
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]973 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]974 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]975 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]976 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]977 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]978
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]979 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]980 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]981 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]982 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]983
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]985
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]986 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]987 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
988 &rnd_info, message_str->x,
989 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]990 if( result == 0 )
991 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]992
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]993 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]994 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]995 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]996 }
997
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]998exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]999 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
1000 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
1001
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1002 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1003}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1004/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1005
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1006/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1007void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]1008{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1009 mbedtls_rsa_context ctx;
1010 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]1011
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1012 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]1013}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1014/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]1015
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1016/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1017void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
1018 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1019{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1021 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1022
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1023 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1025
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1026 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1027 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1029 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1030 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1031 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1032 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1033 }
1034
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1035 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1036 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1037
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1038exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1039 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1040 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1041}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1042/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1043
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1044/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1045void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
1046 int radix_Q, char * input_Q, int radix_N,
1047 char * input_N, int radix_E, char * input_E,
1048 int radix_D, char * input_D, int radix_DP,
1049 char * input_DP, int radix_DQ,
1050 char * input_DQ, int radix_QP,
1051 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1052{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1053 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1054
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1055 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1056
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1057 ctx.len = mod / 8;
1058 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1059 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1060 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1061 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1062 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1063 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1064 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1065 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1066 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1067 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1068 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1069 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1070 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1071 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1072 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1073 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1074 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1075 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1076 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1077 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1078#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1079 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1080 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1081 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1082 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1083 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1084 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1085 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1086 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1087 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1088 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1089 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1090 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1091#else
1092 ((void) radix_DP); ((void) input_DP);
1093 ((void) radix_DQ); ((void) input_DQ);
1094 ((void) radix_QP); ((void) input_QP);
1095#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1096
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1097 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1098
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1099exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1100 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1101}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1102/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1103
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1104/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1105void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1106 int radix_Epub, char * input_Epub, int radix_P,
1107 char * input_P, int radix_Q, char * input_Q,
1108 int radix_N, char * input_N, int radix_E,
1109 char * input_E, int radix_D, char * input_D,
1110 int radix_DP, char * input_DP, int radix_DQ,
1111 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1112 int result )
1113{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1114 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1115
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1116 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1117 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1118
1119 pub.len = mod / 8;
1120 prv.len = mod / 8;
1121
1122 if( strlen( input_Npub ) )
1123 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1124 TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1125 }
1126 if( strlen( input_Epub ) )
1127 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1128 TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1129 }
1130
1131 if( strlen( input_P ) )
1132 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1133 TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1134 }
1135 if( strlen( input_Q ) )
1136 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1137 TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1138 }
1139 if( strlen( input_N ) )
1140 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1141 TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1142 }
1143 if( strlen( input_E ) )
1144 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1145 TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1146 }
1147 if( strlen( input_D ) )
1148 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1149 TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1150 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1151#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1152 if( strlen( input_DP ) )
1153 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1154 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1155 }
1156 if( strlen( input_DQ ) )
1157 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1158 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1159 }
1160 if( strlen( input_QP ) )
1161 {
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1162 TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1163 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1164#else
1165 ((void) radix_DP); ((void) input_DP);
1166 ((void) radix_DQ); ((void) input_DQ);
1167 ((void) radix_QP); ((void) input_QP);
1168#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1169
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1170 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1171
1172exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1173 mbedtls_rsa_free( &pub );
1174 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1175}
1176/* END_CASE */
1177
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1178/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1179void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1180{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1181 mbedtls_rsa_context ctx;
1182 mbedtls_entropy_context entropy;
1183 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1184 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1185
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1186 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1187 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1188 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1189
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1190 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1191 &entropy, (const unsigned char *) pers,
1192 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1193
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1194 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1195 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1196 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1197 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1198 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1199 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1200
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1201exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1202 mbedtls_rsa_free( &ctx );
1203 mbedtls_ctr_drbg_free( &ctr_drbg );
1204 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1205}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1206/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1207
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1208/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1209void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1210 int radix_D, char *input_D,
1211 int radix_E, char *input_E,
1212 int radix_P, char *output_P,
1213 int radix_Q, char *output_Q,
1214 int corrupt, int result )
1215{
1216 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1217
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1218 mbedtls_mpi_init( &N );
1219 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1220 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1221 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1222
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1223 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
1224 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
1225 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
1226 TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
1227 TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1228
1229 if( corrupt )
1230 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1231
1232 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1233 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1234
1235 if( !corrupt )
1236 {
1237 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1238 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1239 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1240 }
1241
1242exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1243 mbedtls_mpi_free( &N );
1244 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1245 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1246 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1247}
1248/* END_CASE */
1249
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1250/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1251void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1252 int radix_Q, char *input_Q,
1253 int radix_E, char *input_E,
1254 int radix_D, char *output_D,
1255 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1256{
1257 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1258
1259 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1260 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1261 mbedtls_mpi_init( &E );
1262 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1263
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1264 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
1265 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
1266 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
1267 TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1268
1269 if( corrupt )
1270 {
1271 /* Make E even */
1272 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1273 }
1274
1275 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1276 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1277 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1278
1279 if( !corrupt )
1280 {
1281 /*
1282 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1283 */
1284
1285 /* Replace P,Q by P-1, Q-1 */
1286 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1287 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1288
1289 /* Check D == Dp modulo P-1 */
1290 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1291 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1292 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1293
1294 /* Check D == Dp modulo Q-1 */
1295 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1296 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1297 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1298 }
1299
1300exit:
1301
1302 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1303 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1304 mbedtls_mpi_free( &E );
1305 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1306}
1307/* END_CASE */
1308
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1309/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1310void mbedtls_rsa_import( int radix_N, char *input_N,
1311 int radix_P, char *input_P,
1312 int radix_Q, char *input_Q,
1313 int radix_D, char *input_D,
1314 int radix_E, char *input_E,
1315 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1316 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1317 int res_check,
1318 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1319{
1320 mbedtls_mpi N, P, Q, D, E;
1321 mbedtls_rsa_context ctx;
1322
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1323 /* Buffers used for encryption-decryption test */
1324 unsigned char *buf_orig = NULL;
1325 unsigned char *buf_enc = NULL;
1326 unsigned char *buf_dec = NULL;
1327
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1328 mbedtls_entropy_context entropy;
1329 mbedtls_ctr_drbg_context ctr_drbg;
1330 const char *pers = "test_suite_rsa";
1331
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1332 const int have_N = ( strlen( input_N ) > 0 );
1333 const int have_P = ( strlen( input_P ) > 0 );
1334 const int have_Q = ( strlen( input_Q ) > 0 );
1335 const int have_D = ( strlen( input_D ) > 0 );
1336 const int have_E = ( strlen( input_E ) > 0 );
1337
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1338 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1339 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1340 mbedtls_rsa_init( &ctx, 0, 0 );
1341
1342 mbedtls_mpi_init( &N );
1343 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1344 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1345
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1346 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1347 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1348
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1349 if( have_N )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1350 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1351
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1352 if( have_P )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1353 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1354
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1355 if( have_Q )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1356 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1357
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1358 if( have_D )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1359 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1360
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1361 if( have_E )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1362 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1363
1364 if( !successive )
1365 {
1366 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1367 have_N ? &N : NULL,
1368 have_P ? &P : NULL,
1369 have_Q ? &Q : NULL,
1370 have_D ? &D : NULL,
1371 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1372 }
1373 else
1374 {
1375 /* Import N, P, Q, D, E separately.
1376 * This should make no functional difference. */
1377
1378 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1379 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1380 NULL, NULL, NULL, NULL ) == 0 );
1381
1382 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1383 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1384 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1385 NULL, NULL, NULL ) == 0 );
1386
1387 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1388 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1389 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1390 NULL, NULL ) == 0 );
1391
1392 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1393 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1394 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1395 NULL ) == 0 );
1396
1397 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1398 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1399 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1400 }
1401
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1402 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1403
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1404 /* On expected success, perform some public and private
1405 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1406 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1407 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1408 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1409 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1410 else
1411 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1412
1413 if( res_check != 0 )
1414 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1415
1416 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1417 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1418 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1419 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1420 goto exit;
1421
1422 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1423 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1424
1425 /* Make sure the number we're generating is smaller than the modulus */
1426 buf_orig[0] = 0x00;
1427
1428 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1429
1430 if( is_priv )
1431 {
1432 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1433 &ctr_drbg, buf_enc,
1434 buf_dec ) == 0 );
1435
1436 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1437 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1438 }
1439 }
1440
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1441exit:
1442
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1443 mbedtls_free( buf_orig );
1444 mbedtls_free( buf_enc );
1445 mbedtls_free( buf_dec );
1446
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1447 mbedtls_rsa_free( &ctx );
1448
1449 mbedtls_ctr_drbg_free( &ctr_drbg );
1450 mbedtls_entropy_free( &entropy );
1451
1452 mbedtls_mpi_free( &N );
1453 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1454 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1455}
1456/* END_CASE */
1457
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1458/* BEGIN_CASE */
1459void mbedtls_rsa_export( int radix_N, char *input_N,
1460 int radix_P, char *input_P,
1461 int radix_Q, char *input_Q,
1462 int radix_D, char *input_D,
1463 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1464 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1465 int successive )
1466{
1467 /* Original MPI's with which we set up the RSA context */
1468 mbedtls_mpi N, P, Q, D, E;
1469
1470 /* Exported MPI's */
1471 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1472
1473 const int have_N = ( strlen( input_N ) > 0 );
1474 const int have_P = ( strlen( input_P ) > 0 );
1475 const int have_Q = ( strlen( input_Q ) > 0 );
1476 const int have_D = ( strlen( input_D ) > 0 );
1477 const int have_E = ( strlen( input_E ) > 0 );
1478
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1479 mbedtls_rsa_context ctx;
1480
1481 mbedtls_rsa_init( &ctx, 0, 0 );
1482
1483 mbedtls_mpi_init( &N );
1484 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1485 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1486
1487 mbedtls_mpi_init( &Ne );
1488 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1489 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1490
1491 /* Setup RSA context */
1492
1493 if( have_N )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1494 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1495
1496 if( have_P )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1497 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1498
1499 if( have_Q )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1500 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1501
1502 if( have_D )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1503 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1504
1505 if( have_E )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1506 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1507
1508 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1509 strlen( input_N ) ? &N : NULL,
1510 strlen( input_P ) ? &P : NULL,
1511 strlen( input_Q ) ? &Q : NULL,
1512 strlen( input_D ) ? &D : NULL,
1513 strlen( input_E ) ? &E : NULL ) == 0 );
1514
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1515 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1516
1517 /*
1518 * Export parameters and compare to original ones.
1519 */
1520
1521 /* N and E must always be present. */
1522 if( !successive )
1523 {
1524 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1525 }
1526 else
1527 {
1528 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1529 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1530 }
1531 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1532 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1533
1534 /* If we were providing enough information to setup a complete private context,
1535 * we expect to be able to export all core parameters. */
1536
1537 if( is_priv )
1538 {
1539 if( !successive )
1540 {
1541 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1542 &De, NULL ) == 0 );
1543 }
1544 else
1545 {
1546 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1547 NULL, NULL ) == 0 );
1548 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1549 NULL, NULL ) == 0 );
1550 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1551 &De, NULL ) == 0 );
1552 }
1553
1554 if( have_P )
1555 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1556
1557 if( have_Q )
1558 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1559
1560 if( have_D )
1561 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1562
1563 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1564 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1565 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1566 }
1567
1568exit:
1569
1570 mbedtls_rsa_free( &ctx );
1571
1572 mbedtls_mpi_free( &N );
1573 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1574 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1575
1576 mbedtls_mpi_free( &Ne );
1577 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1578 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1579}
1580/* END_CASE */
1581
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1582/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1583void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1584 int radix_P, char *input_P,
1585 int radix_Q, char *input_Q,
1586 int radix_D, char *input_D,
1587 int radix_E, char *input_E,
1588 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1589{
1590 /* Original MPI's with which we set up the RSA context */
1591 mbedtls_mpi N, P, Q, D, E;
1592
1593 const int have_N = ( strlen( input_N ) > 0 );
1594 const int have_P = ( strlen( input_P ) > 0 );
1595 const int have_Q = ( strlen( input_Q ) > 0 );
1596 const int have_D = ( strlen( input_D ) > 0 );
1597 const int have_E = ( strlen( input_E ) > 0 );
1598
1599 mbedtls_entropy_context entropy;
1600 mbedtls_ctr_drbg_context ctr_drbg;
1601 const char *pers = "test_suite_rsa";
1602
1603 mbedtls_mpi_init( &N );
1604 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1605 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1606
1607 mbedtls_ctr_drbg_init( &ctr_drbg );
1608 mbedtls_entropy_init( &entropy );
1609 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1610 &entropy, (const unsigned char *) pers,
1611 strlen( pers ) ) == 0 );
1612
1613 if( have_N )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1614 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1615
1616 if( have_P )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1617 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1618
1619 if( have_Q )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1620 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1621
1622 if( have_D )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1623 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1624
1625 if( have_E )
Gilles Peskinea0f4e102021-06-10 23:18:39 +0200[diff] [blame]1626 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1627
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1628 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1629 have_P ? &P : NULL,
1630 have_Q ? &Q : NULL,
1631 have_D ? &D : NULL,
1632 have_E ? &E : NULL,
1633 prng ? mbedtls_ctr_drbg_random : NULL,
1634 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1635exit:
1636
1637 mbedtls_ctr_drbg_free( &ctr_drbg );
1638 mbedtls_entropy_free( &entropy );
1639
1640 mbedtls_mpi_free( &N );
1641 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1642 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1643}
1644/* END_CASE */
1645
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1646/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1647void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1648 data_t *input_Q, data_t *input_D,
1649 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1650 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1651{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1652 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1653 unsigned char bufNe[256];
1654 unsigned char bufPe[128];
1655 unsigned char bufQe[128];
1656 unsigned char bufDe[256];
1657 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1658
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1659 mbedtls_rsa_context ctx;
1660
1661 mbedtls_rsa_init( &ctx, 0, 0 );
1662
1663 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1664 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1665 input_N->len ? input_N->x : NULL, input_N->len,
1666 input_P->len ? input_P->x : NULL, input_P->len,
1667 input_Q->len ? input_Q->x : NULL, input_Q->len,
1668 input_D->len ? input_D->x : NULL, input_D->len,
1669 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1670
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1671 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1672
1673 /*
1674 * Export parameters and compare to original ones.
1675 */
1676
1677 /* N and E must always be present. */
1678 if( !successive )
1679 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1680 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1681 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1682 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1683 }
1684 else
1685 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1686 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1687 NULL, 0, NULL, 0, NULL, 0,
1688 NULL, 0 ) == 0 );
1689 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1690 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1691 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1692 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1693 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1694 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1695
1696 /* If we were providing enough information to setup a complete private context,
1697 * we expect to be able to export all core parameters. */
1698
1699 if( is_priv )
1700 {
1701 if( !successive )
1702 {
1703 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1704 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1705 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1706 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1707 NULL, 0 ) == 0 );
1708 }
1709 else
1710 {
1711 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1712 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1713 NULL, 0, NULL, 0,
1714 NULL, 0 ) == 0 );
1715
1716 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1717 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1718 NULL, 0, NULL, 0 ) == 0 );
1719
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1720 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1721 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1722 NULL, 0 ) == 0 );
1723 }
1724
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1725 if( input_P->len )
1726 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1727
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1728 if( input_Q->len )
1729 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1730
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1731 if( input_D->len )
1732 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1733
1734 }
1735
1736exit:
1737 mbedtls_rsa_free( &ctx );
1738}
1739/* END_CASE */
1740
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1741/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1742void mbedtls_rsa_import_raw( data_t *input_N,
1743 data_t *input_P, data_t *input_Q,
1744 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1745 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1746 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1747 int res_check,
1748 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1749{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1750 /* Buffers used for encryption-decryption test */
1751 unsigned char *buf_orig = NULL;
1752 unsigned char *buf_enc = NULL;
1753 unsigned char *buf_dec = NULL;
1754
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1755 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1756 mbedtls_entropy_context entropy;
1757 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1758
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1759 const char *pers = "test_suite_rsa";
1760
1761 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1762 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1763 mbedtls_rsa_init( &ctx, 0, 0 );
1764
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1765 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1766 &entropy, (const unsigned char *) pers,
1767 strlen( pers ) ) == 0 );
1768
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1769 if( !successive )
1770 {
1771 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1772 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1773 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1774 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1775 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1776 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1777 }
1778 else
1779 {
1780 /* Import N, P, Q, D, E separately.
1781 * This should make no functional difference. */
1782
1783 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1784 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1785 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1786
1787 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1788 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1789 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1790 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1791
1792 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1793 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1794 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1795 NULL, 0, NULL, 0 ) == 0 );
1796
1797 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1798 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1799 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1800 NULL, 0 ) == 0 );
1801
1802 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1803 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1804 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1805 }
1806
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1807 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1808
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1809 /* On expected success, perform some public and private
1810 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1811 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1812 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1813 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1814 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1815 else
1816 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1817
1818 if( res_check != 0 )
1819 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1820
1821 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1822 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1823 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1824 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1825 goto exit;
1826
1827 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1828 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1829
1830 /* Make sure the number we're generating is smaller than the modulus */
1831 buf_orig[0] = 0x00;
1832
1833 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1834
1835 if( is_priv )
1836 {
1837 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1838 &ctr_drbg, buf_enc,
1839 buf_dec ) == 0 );
1840
1841 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1842 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1843 }
1844 }
1845
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1846exit:
1847
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1848 mbedtls_free( buf_orig );
1849 mbedtls_free( buf_enc );
1850 mbedtls_free( buf_dec );
1851
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1852 mbedtls_rsa_free( &ctx );
1853
1854 mbedtls_ctr_drbg_free( &ctr_drbg );
1855 mbedtls_entropy_free( &entropy );
1856
1857}
1858/* END_CASE */
1859
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1860/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1861void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1862{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1863 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1864}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1865/* END_CASE */