TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 64a43ce48e4885f329eecc0bfd8efa59777bd5a4 / . / tests / suites / test_suite_rsa.function
blob: 46c8bf96e82bcc13a69347449fbc081c15940832 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]20/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]21void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]22 int digest, int mod, int radix_P, char * input_P,
23 int radix_Q, char * input_Q, int radix_N,
24 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]25 data_t * result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]26{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]27 unsigned char hash_result[1000];
28 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]29 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]30 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]31 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]32
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]33 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
34 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]35 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]36
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]37 memset( hash_result, 0x00, 1000 );
38 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]39 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]40
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]41 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
42 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
43 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
44 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]45
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]46 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]47 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
48 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]49 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]50 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]51
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]52
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]53 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]54 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]55
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]56 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
57 MBEDTLS_RSA_PRIVATE, digest, 0,
58 hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]59 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]60 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]61
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]62 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]63 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]64
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]65exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]66 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
67 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]68 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]69}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]70/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]71
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]72/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]73void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]74 int digest, int mod, int radix_N,
75 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]76 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]77{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]78 unsigned char hash_result[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]79 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]80
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]81 mbedtls_mpi N, E;
82
83 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]84 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]85 memset( hash_result, 0x00, 1000 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]86
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]87 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
88 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
89 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]90 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
91 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]92 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]93
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]94
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]95 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]96 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]97
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]98 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]99
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]100exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]101 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]102 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]103}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]104/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]105
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]106
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]107/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]108void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]109 int padding_mode, int mod, int radix_P,
110 char * input_P, int radix_Q, char * input_Q,
111 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]112 char * input_E, data_t * result_hex_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]113{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]114 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]115 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]116 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]117 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]118
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]119 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]120 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
121 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]122
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]123 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]124 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]125
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]126 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
127 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
128 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
129 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]130
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]131 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]132 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
133 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]134 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]135 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]136
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]137
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]138 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
139 MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]140 hash_result->len, hash_result->x,
141 output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]142
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]143
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]144 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]145
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]146#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]147 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]148 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]149 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]150 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]151 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]152
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]153 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]154 &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]155 hash_result->len, hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]156
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]157#if !defined(MBEDTLS_RSA_ALT)
158 TEST_ASSERT( res == 0 );
159#else
160 TEST_ASSERT( ( res == 0 ) ||
161 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
162#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]163
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]164 if( res == 0 )
165 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]166 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]167 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]168 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]169#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]170
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]171exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]172 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
173 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
174
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]175 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]176}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]177/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]178
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]179/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]180void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]181 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]182 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]183 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]184{
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]185 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]186 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]187
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]188 mbedtls_mpi N, E;
189 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
190
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]191 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]192 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]193
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]194 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
195 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]196
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]197 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]198 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
199 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]200 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]201
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]202
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]203 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]204
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]205#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]206 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]207 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]208 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]209 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]210 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]211 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]212
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]213 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]214 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]215 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]216
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]217#if !defined(MBEDTLS_RSA_ALT)
218 TEST_ASSERT( res == 0 );
219#else
220 TEST_ASSERT( ( res == 0 ) ||
221 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
222#endif
223
224 if( res == 0 )
225 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]226 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]227 if( correct == 0 )
228 TEST_ASSERT( ok == 1 );
229 else
230 TEST_ASSERT( ok == 0 );
231 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]232 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]233#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]234
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]235exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]236 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]237 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]238}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]239/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]240
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]241/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]242void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]243 int mod, int radix_N, char * input_N,
244 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]245 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]246{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]247 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]248 mbedtls_rsa_context ctx;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]249 rnd_pseudo_info rnd_info;
250
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]251 mbedtls_mpi N, E;
252 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
253
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]254 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]255
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]256 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]257 memset( output, 0x00, 1000 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]258
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]259 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
260 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]261
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]262 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]263 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
264 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]265 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]266
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]267
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]268 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]269 MBEDTLS_RSA_PUBLIC, message_str->len,
270 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]271 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]272 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]273
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]274 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]275 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]276
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]277exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]278 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]279 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]280}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]281/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]282
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]283/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]284void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]285 int mod, int radix_N, char * input_N,
286 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]287 data_t * result_hex_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]288{
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]289 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]290 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]291
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]292 mbedtls_mpi N, E;
293
294 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]295 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]296 memset( output, 0x00, 1000 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]297
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]298 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
299 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]300
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]301 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]302 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
303 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]304 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]305
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]306
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]307 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]308 MBEDTLS_RSA_PUBLIC, message_str->len,
309 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]310 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]311 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]312
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]313 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]314 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]315
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]316exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]317 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]318 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]319}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]320/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]321
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]322/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]323void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]324 int mod, int radix_P, char * input_P,
325 int radix_Q, char * input_Q, int radix_N,
326 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]327 int max_output, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]328 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]329{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]330 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]331 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]332 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]333 rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]334 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]335
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]336 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
337 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
338
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]339 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]340
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]341 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]342 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]343
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]344
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]345 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
346 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
347 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
348 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]349
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]350 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]351 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
352 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]353 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]354 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]355
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]356 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]357
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]358 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]359 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]360 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]361
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]362 TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]363 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]364
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]365exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]366 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
367 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]368 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]369}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]370/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]371
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]372/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]373void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]374 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]375 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]376{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]377 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]378 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]379
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]380 mbedtls_mpi N, E;
381
382 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]383 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
384 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]385 memset( output, 0x00, 1000 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]386
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]387 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
388 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]389
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]390 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]391 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
392 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]393 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]394
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]395
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]396 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]397 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]398 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]399
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]400 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]401 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]402
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]403 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]404 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]405 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]406 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]407
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]408 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]409
410 memset( output, 0x00, 1000 );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]411 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]412 if( result == 0 )
413 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]414
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]415 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]416 }
417
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]418exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]419 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]420 mbedtls_rsa_free( &ctx );
421 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]422}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]423/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]424
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]425/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]426void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]427 char * input_P, int radix_Q, char * input_Q,
428 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]429 char * input_E, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]430 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]431{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]432 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]433 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]434 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]435 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]436 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]437
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]438 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
439 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]440 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
441 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]442
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]443 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]444
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]445 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
446 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
447 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
448 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]449
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]450 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine1d267092018-01-28 18:13:03 +0100[diff] [blame]451 TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
452 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]453 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]454 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]455
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]456
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]457 /* repeat three times to test updating of blinding values */
458 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]459 {
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]460 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]461 TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]462 message_str->x, output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]463 if( result == 0 )
464 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]465
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]466 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]467 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]468 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]469
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]470 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]471 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]472 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]473 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]474
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]475 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]476
477 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]478 TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]479 message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]480 if( result == 0 )
481 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]482
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]483 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx2.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]484 }
485
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]486exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]487 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
488 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
489
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]490 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]491}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]492/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]493
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]494/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]495void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]496{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]497 mbedtls_rsa_context ctx;
498 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]499
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]500 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]501}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]502/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]503
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]504/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]505void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
506 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]507{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]508 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]509 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]510
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]511 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]512 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]513
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]514 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]515 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]516 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]517 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]518 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]519 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]520 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]521 }
522
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]523 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]525
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]526exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]527 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]528 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]529}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]530/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]532/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]533void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
534 int radix_Q, char * input_Q, int radix_N,
535 char * input_N, int radix_E, char * input_E,
536 int radix_D, char * input_D, int radix_DP,
537 char * input_DP, int radix_DQ,
538 char * input_DQ, int radix_QP,
539 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]540{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]541 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]542
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]543 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]544
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]545 ctx.len = mod / 8;
546 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]547 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]548 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]549 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]550 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]551 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]552 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]553 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]554 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]555 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]556 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]557 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]558 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]559 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]560 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]561 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]562 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]563 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]564 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]565 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]566#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]567 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]568 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]570 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]571 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]572 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]573 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]574 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]575 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]576 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]577 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]578 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]579#else
580 ((void) radix_DP); ((void) input_DP);
581 ((void) radix_DQ); ((void) input_DQ);
582 ((void) radix_QP); ((void) input_QP);
583#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]585 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]586
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]587exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]588 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]589}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]590/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]591
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]592/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]593void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
594 int radix_Epub, char * input_Epub, int radix_P,
595 char * input_P, int radix_Q, char * input_Q,
596 int radix_N, char * input_N, int radix_E,
597 char * input_E, int radix_D, char * input_D,
598 int radix_DP, char * input_DP, int radix_DQ,
599 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]600 int result )
601{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]602 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]603
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
605 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]606
607 pub.len = mod / 8;
608 prv.len = mod / 8;
609
610 if( strlen( input_Npub ) )
611 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]612 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]613 }
614 if( strlen( input_Epub ) )
615 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]616 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]617 }
618
619 if( strlen( input_P ) )
620 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]622 }
623 if( strlen( input_Q ) )
624 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]625 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]626 }
627 if( strlen( input_N ) )
628 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]629 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]630 }
631 if( strlen( input_E ) )
632 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]633 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]634 }
635 if( strlen( input_D ) )
636 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]637 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]638 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]639#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]640 if( strlen( input_DP ) )
641 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]642 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]643 }
644 if( strlen( input_DQ ) )
645 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]646 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]647 }
648 if( strlen( input_QP ) )
649 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]650 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]651 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]652#else
653 ((void) radix_DP); ((void) input_DP);
654 ((void) radix_DQ); ((void) input_DQ);
655 ((void) radix_QP); ((void) input_QP);
656#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]657
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]658 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]659
660exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]661 mbedtls_rsa_free( &pub );
662 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]663}
664/* END_CASE */
665
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]666/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]667void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]668{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]669 mbedtls_rsa_context ctx;
670 mbedtls_entropy_context entropy;
671 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]672 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]673
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]674 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]675 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]676 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]677
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]678 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
679 &entropy, (const unsigned char *) pers,
680 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]681
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]682 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]683 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]684 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]686 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]687 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]688
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]689exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]690 mbedtls_rsa_free( &ctx );
691 mbedtls_ctr_drbg_free( &ctr_drbg );
692 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]693}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]694/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]695
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]696/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]697void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]698 int radix_D, char *input_D,
699 int radix_E, char *input_E,
700 int radix_P, char *output_P,
701 int radix_Q, char *output_Q,
702 int corrupt, int result )
703{
704 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
705
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]706 mbedtls_mpi_init( &N );
707 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
708 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
709 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
710
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]711 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
712 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
713 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
714 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
715 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
716
717 if( corrupt )
718 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
719
720 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]721 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]722
723 if( !corrupt )
724 {
725 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
726 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
727 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
728 }
729
730exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]731 mbedtls_mpi_free( &N );
732 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
733 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
734 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]735}
736/* END_CASE */
737
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]738/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]739void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
740 int radix_Q, char *input_Q,
741 int radix_E, char *input_E,
742 int radix_D, char *output_D,
743 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]744{
745 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
746
747 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
748 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
749 mbedtls_mpi_init( &E );
750 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
751
752 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
753 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
754 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
755 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
756
757 if( corrupt )
758 {
759 /* Make E even */
760 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
761 }
762
763 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]764 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
765 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]766
767 if( !corrupt )
768 {
769 /*
770 * Check that D and Dp agree modulo LCM(P-1, Q-1).
771 */
772
773 /* Replace P,Q by P-1, Q-1 */
774 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
775 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
776
777 /* Check D == Dp modulo P-1 */
778 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
779 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
780 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
781
782 /* Check D == Dp modulo Q-1 */
783 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
784 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
785 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
786 }
787
788exit:
789
790 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
791 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
792 mbedtls_mpi_free( &E );
793 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
794}
795/* END_CASE */
796
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]797/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]798void mbedtls_rsa_import( int radix_N, char *input_N,
799 int radix_P, char *input_P,
800 int radix_Q, char *input_Q,
801 int radix_D, char *input_D,
802 int radix_E, char *input_E,
803 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]804 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]805 int res_check,
806 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]807{
808 mbedtls_mpi N, P, Q, D, E;
809 mbedtls_rsa_context ctx;
810
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]811 /* Buffers used for encryption-decryption test */
812 unsigned char *buf_orig = NULL;
813 unsigned char *buf_enc = NULL;
814 unsigned char *buf_dec = NULL;
815
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]816 mbedtls_entropy_context entropy;
817 mbedtls_ctr_drbg_context ctr_drbg;
818 const char *pers = "test_suite_rsa";
819
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]820 const int have_N = ( strlen( input_N ) > 0 );
821 const int have_P = ( strlen( input_P ) > 0 );
822 const int have_Q = ( strlen( input_Q ) > 0 );
823 const int have_D = ( strlen( input_D ) > 0 );
824 const int have_E = ( strlen( input_E ) > 0 );
825
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]826 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]827 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]828 mbedtls_rsa_init( &ctx, 0, 0 );
829
830 mbedtls_mpi_init( &N );
831 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
832 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
833
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]834 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
835 (const unsigned char *) pers, strlen( pers ) ) == 0 );
836
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]837 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]838 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
839
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]840 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]841 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
842
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]843 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]844 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
845
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]846 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]847 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
848
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]849 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]850 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
851
852 if( !successive )
853 {
854 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]855 have_N ? &N : NULL,
856 have_P ? &P : NULL,
857 have_Q ? &Q : NULL,
858 have_D ? &D : NULL,
859 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]860 }
861 else
862 {
863 /* Import N, P, Q, D, E separately.
864 * This should make no functional difference. */
865
866 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]867 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]868 NULL, NULL, NULL, NULL ) == 0 );
869
870 TEST_ASSERT( mbedtls_rsa_import( &ctx,
871 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]872 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]873 NULL, NULL, NULL ) == 0 );
874
875 TEST_ASSERT( mbedtls_rsa_import( &ctx,
876 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]877 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]878 NULL, NULL ) == 0 );
879
880 TEST_ASSERT( mbedtls_rsa_import( &ctx,
881 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]882 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]883 NULL ) == 0 );
884
885 TEST_ASSERT( mbedtls_rsa_import( &ctx,
886 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]887 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]888 }
889
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]890 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]891
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]892 /* On expected success, perform some public and private
893 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]894 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]895 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]896 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]897 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
898 else
899 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
900
901 if( res_check != 0 )
902 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]903
904 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
905 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
906 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
907 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
908 goto exit;
909
910 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
911 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
912
913 /* Make sure the number we're generating is smaller than the modulus */
914 buf_orig[0] = 0x00;
915
916 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
917
918 if( is_priv )
919 {
920 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
921 &ctr_drbg, buf_enc,
922 buf_dec ) == 0 );
923
924 TEST_ASSERT( memcmp( buf_orig, buf_dec,
925 mbedtls_rsa_get_len( &ctx ) ) == 0 );
926 }
927 }
928
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]929exit:
930
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]931 mbedtls_free( buf_orig );
932 mbedtls_free( buf_enc );
933 mbedtls_free( buf_dec );
934
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]935 mbedtls_rsa_free( &ctx );
936
937 mbedtls_ctr_drbg_free( &ctr_drbg );
938 mbedtls_entropy_free( &entropy );
939
940 mbedtls_mpi_free( &N );
941 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
942 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
943}
944/* END_CASE */
945
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]946/* BEGIN_CASE */
947void mbedtls_rsa_export( int radix_N, char *input_N,
948 int radix_P, char *input_P,
949 int radix_Q, char *input_Q,
950 int radix_D, char *input_D,
951 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]952 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]953 int successive )
954{
955 /* Original MPI's with which we set up the RSA context */
956 mbedtls_mpi N, P, Q, D, E;
957
958 /* Exported MPI's */
959 mbedtls_mpi Ne, Pe, Qe, De, Ee;
960
961 const int have_N = ( strlen( input_N ) > 0 );
962 const int have_P = ( strlen( input_P ) > 0 );
963 const int have_Q = ( strlen( input_Q ) > 0 );
964 const int have_D = ( strlen( input_D ) > 0 );
965 const int have_E = ( strlen( input_E ) > 0 );
966
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]967 mbedtls_rsa_context ctx;
968
969 mbedtls_rsa_init( &ctx, 0, 0 );
970
971 mbedtls_mpi_init( &N );
972 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
973 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
974
975 mbedtls_mpi_init( &Ne );
976 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
977 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
978
979 /* Setup RSA context */
980
981 if( have_N )
982 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
983
984 if( have_P )
985 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
986
987 if( have_Q )
988 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
989
990 if( have_D )
991 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
992
993 if( have_E )
994 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
995
996 TEST_ASSERT( mbedtls_rsa_import( &ctx,
997 strlen( input_N ) ? &N : NULL,
998 strlen( input_P ) ? &P : NULL,
999 strlen( input_Q ) ? &Q : NULL,
1000 strlen( input_D ) ? &D : NULL,
1001 strlen( input_E ) ? &E : NULL ) == 0 );
1002
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1003 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1004
1005 /*
1006 * Export parameters and compare to original ones.
1007 */
1008
1009 /* N and E must always be present. */
1010 if( !successive )
1011 {
1012 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1013 }
1014 else
1015 {
1016 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1017 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1018 }
1019 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1020 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1021
1022 /* If we were providing enough information to setup a complete private context,
1023 * we expect to be able to export all core parameters. */
1024
1025 if( is_priv )
1026 {
1027 if( !successive )
1028 {
1029 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1030 &De, NULL ) == 0 );
1031 }
1032 else
1033 {
1034 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1035 NULL, NULL ) == 0 );
1036 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1037 NULL, NULL ) == 0 );
1038 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1039 &De, NULL ) == 0 );
1040 }
1041
1042 if( have_P )
1043 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1044
1045 if( have_Q )
1046 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1047
1048 if( have_D )
1049 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1050
1051 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1052 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1053 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1054 }
1055
1056exit:
1057
1058 mbedtls_rsa_free( &ctx );
1059
1060 mbedtls_mpi_free( &N );
1061 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1062 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1063
1064 mbedtls_mpi_free( &Ne );
1065 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1066 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1067}
1068/* END_CASE */
1069
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1070/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1071void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1072 int radix_P, char *input_P,
1073 int radix_Q, char *input_Q,
1074 int radix_D, char *input_D,
1075 int radix_E, char *input_E,
1076 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1077{
1078 /* Original MPI's with which we set up the RSA context */
1079 mbedtls_mpi N, P, Q, D, E;
1080
1081 const int have_N = ( strlen( input_N ) > 0 );
1082 const int have_P = ( strlen( input_P ) > 0 );
1083 const int have_Q = ( strlen( input_Q ) > 0 );
1084 const int have_D = ( strlen( input_D ) > 0 );
1085 const int have_E = ( strlen( input_E ) > 0 );
1086
1087 mbedtls_entropy_context entropy;
1088 mbedtls_ctr_drbg_context ctr_drbg;
1089 const char *pers = "test_suite_rsa";
1090
1091 mbedtls_mpi_init( &N );
1092 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1093 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1094
1095 mbedtls_ctr_drbg_init( &ctr_drbg );
1096 mbedtls_entropy_init( &entropy );
1097 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1098 &entropy, (const unsigned char *) pers,
1099 strlen( pers ) ) == 0 );
1100
1101 if( have_N )
1102 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1103
1104 if( have_P )
1105 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1106
1107 if( have_Q )
1108 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1109
1110 if( have_D )
1111 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1112
1113 if( have_E )
1114 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1115
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1116 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1117 have_P ? &P : NULL,
1118 have_Q ? &Q : NULL,
1119 have_D ? &D : NULL,
1120 have_E ? &E : NULL,
1121 prng ? mbedtls_ctr_drbg_random : NULL,
1122 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1123exit:
1124
1125 mbedtls_ctr_drbg_free( &ctr_drbg );
1126 mbedtls_entropy_free( &entropy );
1127
1128 mbedtls_mpi_free( &N );
1129 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1130 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1131}
1132/* END_CASE */
1133
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1134/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1135void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1136 data_t *input_Q, data_t *input_D,
1137 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1138 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1139{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1140 /* Exported buffers */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1141 unsigned char bufNe[1000];
1142 unsigned char bufPe[1000];
1143 unsigned char bufQe[1000];
1144 unsigned char bufDe[1000];
1145 unsigned char bufEe[1000];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1146
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1147 mbedtls_rsa_context ctx;
1148
1149 mbedtls_rsa_init( &ctx, 0, 0 );
1150
1151 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1152 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1153 input_N->len ? input_N->x : NULL, input_N->len,
1154 input_P->len ? input_P->x : NULL, input_P->len,
1155 input_Q->len ? input_Q->x : NULL, input_Q->len,
1156 input_D->len ? input_D->x : NULL, input_D->len,
1157 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1158
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1159 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1160
1161 /*
1162 * Export parameters and compare to original ones.
1163 */
1164
1165 /* N and E must always be present. */
1166 if( !successive )
1167 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1168 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1169 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1170 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1171 }
1172 else
1173 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1174 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1175 NULL, 0, NULL, 0, NULL, 0,
1176 NULL, 0 ) == 0 );
1177 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1178 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1179 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1180 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1181 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1182 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1183
1184 /* If we were providing enough information to setup a complete private context,
1185 * we expect to be able to export all core parameters. */
1186
1187 if( is_priv )
1188 {
1189 if( !successive )
1190 {
1191 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1192 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1193 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1194 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1195 NULL, 0 ) == 0 );
1196 }
1197 else
1198 {
1199 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1200 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1201 NULL, 0, NULL, 0,
1202 NULL, 0 ) == 0 );
1203
1204 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1205 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1206 NULL, 0, NULL, 0 ) == 0 );
1207
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1208 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1209 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1210 NULL, 0 ) == 0 );
1211 }
1212
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1213 if( input_P->len )
1214 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1215
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1216 if( input_Q->len )
1217 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1218
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1219 if( input_D->len )
1220 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1221
1222 }
1223
1224exit:
1225 mbedtls_rsa_free( &ctx );
1226}
1227/* END_CASE */
1228
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1229/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1230void mbedtls_rsa_import_raw( data_t *input_N,
1231 data_t *input_P, data_t *input_Q,
1232 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1233 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1234 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1235 int res_check,
1236 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1237{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1238 /* Buffers used for encryption-decryption test */
1239 unsigned char *buf_orig = NULL;
1240 unsigned char *buf_enc = NULL;
1241 unsigned char *buf_dec = NULL;
1242
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1243 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1244 mbedtls_entropy_context entropy;
1245 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1246
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1247 const char *pers = "test_suite_rsa";
1248
1249 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1250 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1251 mbedtls_rsa_init( &ctx, 0, 0 );
1252
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1253 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1254 &entropy, (const unsigned char *) pers,
1255 strlen( pers ) ) == 0 );
1256
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1257 if( !successive )
1258 {
1259 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1260 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1261 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1262 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1263 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1264 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1265 }
1266 else
1267 {
1268 /* Import N, P, Q, D, E separately.
1269 * This should make no functional difference. */
1270
1271 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1272 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1273 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1274
1275 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1276 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1277 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1278 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1279
1280 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1281 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1282 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1283 NULL, 0, NULL, 0 ) == 0 );
1284
1285 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1286 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1287 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1288 NULL, 0 ) == 0 );
1289
1290 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1291 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1292 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1293 }
1294
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1295 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1296
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1297 /* On expected success, perform some public and private
1298 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1299 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1300 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1301 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1302 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1303 else
1304 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1305
1306 if( res_check != 0 )
1307 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1308
1309 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1310 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1311 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1312 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1313 goto exit;
1314
1315 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1316 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1317
1318 /* Make sure the number we're generating is smaller than the modulus */
1319 buf_orig[0] = 0x00;
1320
1321 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1322
1323 if( is_priv )
1324 {
1325 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1326 &ctr_drbg, buf_enc,
1327 buf_dec ) == 0 );
1328
1329 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1330 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1331 }
1332 }
1333
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1334exit:
1335
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1336 mbedtls_free( buf_orig );
1337 mbedtls_free( buf_enc );
1338 mbedtls_free( buf_dec );
1339
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1340 mbedtls_rsa_free( &ctx );
1341
1342 mbedtls_ctr_drbg_free( &ctr_drbg );
1343 mbedtls_entropy_free( &entropy );
1344
1345}
1346/* END_CASE */
1347
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1348/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1349void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1350{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1351 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1352}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1353/* END_CASE */