Blame - tests/suites/test_suite_pkcs1_v21.function - mirror/mbed-tls

blob: 45750819e4ac44a8c264070b35dbf2046860d6b5 [file] [log] [blame]

Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	1	BEGIN_HEADER
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	2	#include <polarssl/rsa.h>
				3	#include <polarssl/md.h>
				4	#include <polarssl/md2.h>
				5	#include <polarssl/md4.h>
				6	#include <polarssl/md5.h>
				7	#include <polarssl/sha1.h>
				8	#include <polarssl/sha2.h>
				9	#include <polarssl/sha4.h>
				10	END_HEADER
				11
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame^]	12	BEGIN_DEPENDENCIES
				13	depends_on:POLARSSL_PKCS1_V21:POLARSSL_RSA_C:POLARSSL_BIGNUM_C:POLARSSL_SHA1_C:POLARSSL_GENRPIME
				14	END_DEPENDENCIES
				15
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	16	BEGIN_CASE
				17	pkcs1_rsaes_oaep_encrypt:mod:radix_N:input_N:radix_E:input_E:hash:message_hex_string:seed:result_hex_str:result
				18	{
				19	unsigned char message_str[1000];
				20	unsigned char output[1000];
				21	unsigned char output_str[1000];
				22	unsigned char rnd_buf[1000];
				23	rsa_context ctx;
Paul Bakker	f4a3f30	2011-04-24 15:53:29 +0000	[diff] [blame]	24	size_t msg_len;
Paul Bakker	4cce2bb	2011-03-13 16:56:35 +0000	[diff] [blame]	25	rnd_buf_info info;
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	26
				27	info.length = unhexify( rnd_buf, {seed} );
				28	info.buf = rnd_buf;
				29	info.per_call = 1;
				30
				31	rsa_init( &ctx, RSA_PKCS_V21, {hash} );
				32	memset( message_str, 0x00, 1000 );
				33	memset( output, 0x00, 1000 );
				34	memset( output_str, 0x00, 1000 );
				35
				36	ctx.len = {mod} / 8 + ( ( {mod} % 8 ) ? 1 : 0 );
				37	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				38	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				39
				40	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				41
				42	msg_len = unhexify( message_str, {message_hex_string} );
				43
				44	TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
				45	if( {result} == 0 )
				46	{
				47	hexify( output_str, output, ctx.len );
				48
				49	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				50	}
				51	}
				52	END_CASE
				53
				54	BEGIN_CASE
				55	pkcs1_rsaes_oaep_decrypt:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:hash:result_hex_str:seed:message_hex_string:result
				56	{
				57	unsigned char message_str[1000];
				58	unsigned char output[1000];
				59	unsigned char output_str[1000];
				60	rsa_context ctx;
				61	mpi P1, Q1, H, G;
Paul Bakker	f4a3f30	2011-04-24 15:53:29 +0000	[diff] [blame]	62	size_t output_len;
				63	size_t msg_len;
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	64
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	65	mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	66	rsa_init( &ctx, RSA_PKCS_V21, {hash} );
				67
				68	memset( message_str, 0x00, 1000 );
				69	memset( output, 0x00, 1000 );
				70	memset( output_str, 0x00, 1000 );
				71
				72	ctx.len = {mod} / 8 + ( ( {mod} % 8 ) ? 1 : 0 );
				73	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				74	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				75	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				76	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				77
				78	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				79	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				80	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				81	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				82	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				83	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				84	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				85	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				86
				87	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				88
				89	msg_len = unhexify( message_str, {message_hex_string} );
				90
				91	TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == {result} );
				92	if( {result} == 0 )
				93	{
				94	hexify( output_str, output, ctx.len );
				95
				96	TEST_ASSERT( strncasecmp( (char *) output_str, {result_hex_str}, strlen( {result_hex_str} ) ) == 0 );
				97	}
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	98
				99	mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	100	}
				101	END_CASE
				102
				103	BEGIN_CASE
				104	pkcs1_rsassa_pss_sign:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:digest:hash:message_hex_string:salt:result_hex_str:result
				105	{
				106	unsigned char message_str[1000];
				107	unsigned char hash_result[1000];
				108	unsigned char output[1000];
				109	unsigned char output_str[1000];
				110	unsigned char rnd_buf[1000];
				111	rsa_context ctx;
				112	mpi P1, Q1, H, G;
Paul Bakker	f4a3f30	2011-04-24 15:53:29 +0000	[diff] [blame]	113	size_t msg_len;
Paul Bakker	4cce2bb	2011-03-13 16:56:35 +0000	[diff] [blame]	114	rnd_buf_info info;
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	115
				116	info.length = unhexify( rnd_buf, {salt} );
				117	info.buf = rnd_buf;
				118	info.per_call = 1;
				119
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	120	mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	121	rsa_init( &ctx, RSA_PKCS_V21, {hash} );
				122
				123	memset( message_str, 0x00, 1000 );
				124	memset( hash_result, 0x00, 1000 );
				125	memset( output, 0x00, 1000 );
				126	memset( output_str, 0x00, 1000 );
				127
				128	ctx.len = {mod} / 8 + ( ( {mod} % 8 ) ? 1 : 0 );
				129	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				130	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				131	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				132	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				133
				134	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				135	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				136	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				137	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				138	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				139	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				140	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				141	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				142
				143	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				144
				145	msg_len = unhexify( message_str, {message_hex_string} );
				146
				147	switch( {digest} )
				148	{
				149	#ifdef POLARSSL_MD2_C
				150	case SIG_RSA_MD2:
				151	md2( message_str, msg_len, hash_result );
				152	break;
				153	#endif
				154	#ifdef POLARSSL_MD4_C
				155	case SIG_RSA_MD4:
				156	md4( message_str, msg_len, hash_result );
				157	break;
				158	#endif
				159	#ifdef POLARSSL_MD5_C
				160	case SIG_RSA_MD5:
				161	md5( message_str, msg_len, hash_result );
				162	break;
				163	#endif
				164	#ifdef POLARSSL_SHA1_C
				165	case SIG_RSA_SHA1:
				166	sha1( message_str, msg_len, hash_result );
				167	break;
				168	#endif
				169	#ifdef POLARSSL_SHA2_C
				170	case SIG_RSA_SHA224:
				171	sha2( message_str, msg_len, hash_result, 1 );
				172	break;
				173	case SIG_RSA_SHA256:
				174	sha2( message_str, msg_len, hash_result, 0 );
				175	break;
				176	#endif
				177	#ifdef POLARSSL_SHA4_C
				178	case SIG_RSA_SHA384:
				179	sha4( message_str, msg_len, hash_result, 1 );
				180	break;
				181	case SIG_RSA_SHA512:
				182	sha4( message_str, msg_len, hash_result, 0 );
				183	break;
				184	#endif
				185	}
				186
				187	TEST_ASSERT( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, {digest}, 0, hash_result, output ) == {result} );
				188	if( {result} == 0 )
				189	{
				190	hexify( output_str, output, ctx.len);
				191
				192	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				193	}
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	194
				195	mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	196	}
				197	END_CASE
				198
				199	BEGIN_CASE
				200	pkcs1_rsassa_pss_verify:mod:radix_N:input_N:radix_E:input_E:digest:hash:message_hex_string:salt:result_hex_str:result
				201	{
				202	unsigned char message_str[1000];
				203	unsigned char hash_result[1000];
				204	unsigned char result_str[1000];
				205	rsa_context ctx;
Paul Bakker	f4a3f30	2011-04-24 15:53:29 +0000	[diff] [blame]	206	size_t msg_len;
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	207
				208	rsa_init( &ctx, RSA_PKCS_V21, {hash} );
				209	memset( message_str, 0x00, 1000 );
				210	memset( hash_result, 0x00, 1000 );
				211	memset( result_str, 0x00, 1000 );
				212
				213	ctx.len = {mod} / 8 + ( ( {mod} % 8 ) ? 1 : 0 );
				214	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				215	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				216
				217	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				218
				219	msg_len = unhexify( message_str, {message_hex_string} );
				220	unhexify( result_str, {result_hex_str} );
				221
				222	switch( {digest} )
				223	{
				224	#ifdef POLARSSL_MD2_C
				225	case SIG_RSA_MD2:
				226	md2( message_str, msg_len, hash_result );
				227	break;
				228	#endif
				229	#ifdef POLARSSL_MD4_C
				230	case SIG_RSA_MD4:
				231	md4( message_str, msg_len, hash_result );
				232	break;
				233	#endif
				234	#ifdef POLARSSL_MD5_C
				235	case SIG_RSA_MD5:
				236	md5( message_str, msg_len, hash_result );
				237	break;
				238	#endif
				239	#ifdef POLARSSL_SHA1_C
				240	case SIG_RSA_SHA1:
				241	sha1( message_str, msg_len, hash_result );
				242	break;
				243	#endif
				244	#ifdef POLARSSL_SHA2_C
				245	case SIG_RSA_SHA224:
				246	sha2( message_str, msg_len, hash_result, 1 );
				247	break;
				248	case SIG_RSA_SHA256:
				249	sha2( message_str, msg_len, hash_result, 0 );
				250	break;
				251	#endif
				252	#ifdef POLARSSL_SHA4_C
				253	case SIG_RSA_SHA384:
				254	sha4( message_str, msg_len, hash_result, 1 );
				255	break;
				256	case SIG_RSA_SHA512:
				257	sha4( message_str, msg_len, hash_result, 0 );
				258	break;
				259	#endif
				260	}
				261
				262	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, {digest}, 0, hash_result, result_str ) == {result} );
				263	}
				264	END_CASE